1
0
mirror of https://github.com/bpatrik/pigallery2.git synced 2024-12-21 01:22:08 +02:00

Removed VOLUME see issue 777. Added dockerfile linting

This commit is contained in:
Chris 2024-10-25 23:38:08 +02:00
parent 9810ea036a
commit 210a0d3b83
8 changed files with 63 additions and 20 deletions

View File

@ -0,0 +1,30 @@
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# GitHub recommends pinning actions to a commit SHA.
# To get a newer version, you will need to update the SHA.
# You can also reference a tag or branch, but the action may change without warning.
name: Lint Dockerfile
on:
push:
branches:
- '**'
jobs:
dockerfile_linting:
name: Dockerfile linting
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: hadolint/hadolint-action@v3.1.0
with:
dockerfile: |
./docker/alpine/Dockerfile.build
./docker/debian-bookworm/Dockerfile.build
./docker/debian-bullseye/Dockerfile.build
./docker/debian-buster/Dockerfile.build
./docker/debian-buster/selfcontained/Dockerfile
config: ./docker/.config/hadolint.yml

View File

@ -0,0 +1,3 @@
ignored:
- DL3008
- DL3018

18
docker/CONTRIBUTING.md Normal file
View File

@ -0,0 +1,18 @@
# PiGallery2 Docker Contribution guide (draft)
Remember to update all the Dockerfiles.
## Linting
To quality check your dockerfile changes you can use hadolint:
1. Start the docker daemon if it's not already started: `sudo dockerd`
2. Change dir to the docker folder.
3. Run hadolint on the alpine dockerfile: `docker run --rm -i -v ./.config/hadolint.yml:/.config/hadolint.yaml hadolint/hadolint < ./alpine/Dockerfile.build`
4. Run hadolint on the debian-bookworm dockerfile: `docker run --rm -i -v ./.config/hadolint.yml:/.config/hadolint.yaml hadolint/hadolint < ./debian-bookworm/Dockerfile.build`
5. Run hadolint on the debian-bullseye dockerfile: `docker run --rm -i -v ./.config/hadolint.yml:/.config/hadolint.yaml hadolint/hadolint < ./debian-bullseye/Dockerfile.build`
6. Run hadolint on the debian-buster dockerfile: `docker run --rm -i -v ./.config/hadolint.yml:/.config/hadolint.yaml hadolint/hadolint < ./debian-buster/Dockerfile.build`
7. Run hadolint on the debian-buster selfcontained dockerfile: `docker run --rm -i -v ./.config/hadolint.yml:/.config/hadolint.yaml hadolint/hadolint < ./debian-buster/selfcontained/Dockerfile`
8. Fix errors and warnings or add them to ignore list of the [hadolint configuration file](./.config/hadolint.yml) if there is a good reason for that. Read more [here](https://github.com/hadolint/hadolint).
### Building the docker image locally
TBD

View File

@ -1,8 +1,9 @@
#-----------------BUILDER-----------------
#-----------------------------------------
FROM node:18-alpine3.17 AS builder
RUN apk add --update-cache --repository https://alpine.global.ssl.fastly.net/alpine/v3.17/community/ \
python3 build-base sqlite-dev sqlite-libs vips-dev vips-heif fftw-dev gcc g++ make libc6-compat && ln -snf /usr/bin/python3 /usr/bin/python
RUN apk add --no-cache --repository https://alpine.global.ssl.fastly.net/alpine/v3.17/community/ \
python3 build-base sqlite-dev sqlite-libs vips-dev vips-heif fftw-dev gcc g++ make libc6-compat && ln -snf /usr/bin/python3 /usr/bin/python && \
rm /var/cache/apk/*
COPY pigallery2-release /app
WORKDIR /app
RUN npm install --unsafe-perm --fetch-timeout=90000
@ -26,10 +27,10 @@ ENV NODE_ENV=production \
PI_DOCKER=true
EXPOSE 80
RUN apk add --update-cache --repository https://alpine.global.ssl.fastly.net/alpine/v3.17/community/ \
vips vips-cpp vips-heif ffmpeg
RUN apk add --no-cache --repository https://alpine.global.ssl.fastly.net/alpine/v3.17/community/ \
vips vips-cpp vips-heif ffmpeg && \
rm /var/cache/apk/*
COPY --from=builder /app /app
VOLUME ["/app/data/config", "/app/data/db", "/app/data/images", "/app/data/tmp"]
# Run build time diagnostics to make sure the app would work after build is finished
RUN ["node", "./src/backend/index", "--expose-gc", "--run-diagnostics", "--config-path=/app/diagnostics-config.json"]
@ -40,4 +41,3 @@ HEALTHCHECK --interval=40s --timeout=30s --retries=3 --start-period=60s \
# after a extensive job (like video converting), pigallery calls gc, to clean up everthing as fast as possible
# Exec form entrypoint is need otherwise (using shell form) ENV variables are not properly passed down to the app
ENTRYPOINT ["node", "./src/backend/index", "--expose-gc", "--config-path=/app/data/config/config.json"]

View File

@ -1,7 +1,7 @@
#-----------------BUILDER-----------------
#-----------------------------------------
FROM node:18.19-bookworm AS builder
RUN apt update && apt install -y --no-install-recommends libvips-dev python3
RUN apt-get update && apt-get install -y --no-install-recommends libvips-dev python3
COPY pigallery2-release /app
WORKDIR /app
RUN npm install --unsafe-perm --fetch-timeout=90000
@ -30,7 +30,6 @@ RUN apt-get update \
&& apt-get clean -q -y \
&& rm -rf /var/lib/apt/lists/*
COPY --from=builder /app /app
VOLUME ["/app/data/config", "/app/data/db", "/app/data/images", "/app/data/tmp"]
# Run build time diagnostics to make sure the app would work after build is finished
RUN ["node", "./src/backend/index", "--expose-gc", "--run-diagnostics", "--config-path=/app/diagnostics-config.json"]
@ -41,4 +40,3 @@ HEALTHCHECK --interval=40s --timeout=30s --retries=3 --start-period=60s \
# after a extensive job (like video converting), pigallery calls gc, to clean up everthing as fast as possible
# Exec form entrypoint is need otherwise (using shell form) ENV variables are not properly passed down to the app
ENTRYPOINT ["node", "./src/backend/index", "--expose-gc", "--config-path=/app/data/config/config.json"]

View File

@ -1,7 +1,7 @@
#-----------------BUILDER-----------------
#-----------------------------------------
FROM node:18.19-bullseye AS builder
RUN apt update && apt install -y --no-install-recommends libvips-dev python3
RUN apt-get update && apt-get install -y --no-install-recommends libvips-dev python3
COPY pigallery2-release /app
WORKDIR /app
RUN npm install --unsafe-perm --fetch-timeout=90000
@ -30,7 +30,6 @@ RUN apt-get update \
&& apt-get clean -q -y \
&& rm -rf /var/lib/apt/lists/*
COPY --from=builder /app /app
VOLUME ["/app/data/config", "/app/data/db", "/app/data/images", "/app/data/tmp"]
# Run build time diagnostics to make sure the app would work after build is finished
RUN ["node", "./src/backend/index", "--expose-gc", "--run-diagnostics", "--config-path=/app/diagnostics-config.json"]
@ -41,4 +40,3 @@ HEALTHCHECK --interval=40s --timeout=30s --retries=3 --start-period=60s \
# after a extensive job (like video converting), pigallery calls gc, to clean up everthing as fast as possible
# Exec form entrypoint is need otherwise (using shell form) ENV variables are not properly passed down to the app
ENTRYPOINT ["node", "./src/backend/index", "--expose-gc", "--config-path=/app/data/config/config.json"]

View File

@ -1,7 +1,7 @@
#-----------------BUILDER-----------------
#-----------------------------------------
FROM node:18.19-buster AS builder
RUN apt update && apt install -y --no-install-recommends libvips-dev python3
RUN apt-get update && apt-get install -y --no-install-recommends libvips-dev python3
COPY pigallery2-release /app
WORKDIR /app
RUN npm install --unsafe-perm --fetch-timeout=90000
@ -30,7 +30,6 @@ RUN apt-get update \
&& apt-get clean -q -y \
&& rm -rf /var/lib/apt/lists/*
COPY --from=builder /app /app
VOLUME ["/app/data/config", "/app/data/db", "/app/data/images", "/app/data/tmp"]
# Run build time diagnostics to make sure the app would work after build is finished
RUN ["node", "./src/backend/index", "--expose-gc", "--run-diagnostics", "--config-path=/app/diagnostics-config.json"]
@ -41,4 +40,3 @@ HEALTHCHECK --interval=40s --timeout=30s --retries=3 --start-period=60s \
# after a extensive job (like video converting), pigallery calls gc, to clean up everthing as fast as possible
# Exec form entrypoint is need otherwise (using shell form) ENV variables are not properly passed down to the app
ENTRYPOINT ["node", "./src/backend/index", "--expose-gc", "--config-path=/app/data/config/config.json"]

View File

@ -10,9 +10,9 @@ RUN npm install --unsafe-perm \
&& mkdir -p /build/release/data/db \
&& mkdir -p /build/release/data/images \
&& mkdir -p /build/release/data/tmp \
&& npm run create-release \
&& cd /build/release \
&& npm install --unsafe-perm
&& npm run create-release
WORKDIR /build/release
RUN npm install --unsafe-perm
#-----------------MAIN--------------------
#-----------------------------------------
@ -33,7 +33,6 @@ RUN apt-get update \
&& apt-get clean -q -y \
&& rm -rf /var/lib/apt/lists/*
COPY --from=builder /build/release /app
VOLUME ["/app/data/config", "/app/data/db", "/app/data/images", "/app/data/tmp"]
# Run build time diagnostics to make sure the app would work after build is finished
RUN ["node", "./src/backend/index", "--expose-gc", "--run-diagnostics", "--config-path=/app/diagnostics-config.json"]
@ -44,4 +43,3 @@ HEALTHCHECK --interval=40s --timeout=30s --retries=3 --start-period=60s \
# after a extensive job (like video converting), pigallery calls gc, to clean up everthing as fast as possible
# Exec form entrypoint is need otherwise (using shell form) ENV variables are not properly passed down to the app
ENTRYPOINT ["node", "./src/backend/index", "--expose-gc", "--config-path=/app/data/config/config.json"]