mirror of
https://github.com/bpatrik/pigallery2.git
synced 2024-12-21 01:22:08 +02:00
Removed VOLUME see issue 777. Added dockerfile linting
This commit is contained in:
parent
9810ea036a
commit
210a0d3b83
30
.github/workflows/dockerfile-hadolint.yml
vendored
Normal file
30
.github/workflows/dockerfile-hadolint.yml
vendored
Normal file
@ -0,0 +1,30 @@
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
|
||||
# GitHub recommends pinning actions to a commit SHA.
|
||||
# To get a newer version, you will need to update the SHA.
|
||||
# You can also reference a tag or branch, but the action may change without warning.
|
||||
|
||||
name: Lint Dockerfile
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- '**'
|
||||
jobs:
|
||||
dockerfile_linting:
|
||||
name: Dockerfile linting
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- uses: hadolint/hadolint-action@v3.1.0
|
||||
with:
|
||||
dockerfile: |
|
||||
./docker/alpine/Dockerfile.build
|
||||
./docker/debian-bookworm/Dockerfile.build
|
||||
./docker/debian-bullseye/Dockerfile.build
|
||||
./docker/debian-buster/Dockerfile.build
|
||||
./docker/debian-buster/selfcontained/Dockerfile
|
||||
config: ./docker/.config/hadolint.yml
|
3
docker/.config/hadolint.yml
Normal file
3
docker/.config/hadolint.yml
Normal file
@ -0,0 +1,3 @@
|
||||
ignored:
|
||||
- DL3008
|
||||
- DL3018
|
18
docker/CONTRIBUTING.md
Normal file
18
docker/CONTRIBUTING.md
Normal file
@ -0,0 +1,18 @@
|
||||
# PiGallery2 Docker Contribution guide (draft)
|
||||
|
||||
Remember to update all the Dockerfiles.
|
||||
|
||||
## Linting
|
||||
To quality check your dockerfile changes you can use hadolint:
|
||||
|
||||
1. Start the docker daemon if it's not already started: `sudo dockerd`
|
||||
2. Change dir to the docker folder.
|
||||
3. Run hadolint on the alpine dockerfile: `docker run --rm -i -v ./.config/hadolint.yml:/.config/hadolint.yaml hadolint/hadolint < ./alpine/Dockerfile.build`
|
||||
4. Run hadolint on the debian-bookworm dockerfile: `docker run --rm -i -v ./.config/hadolint.yml:/.config/hadolint.yaml hadolint/hadolint < ./debian-bookworm/Dockerfile.build`
|
||||
5. Run hadolint on the debian-bullseye dockerfile: `docker run --rm -i -v ./.config/hadolint.yml:/.config/hadolint.yaml hadolint/hadolint < ./debian-bullseye/Dockerfile.build`
|
||||
6. Run hadolint on the debian-buster dockerfile: `docker run --rm -i -v ./.config/hadolint.yml:/.config/hadolint.yaml hadolint/hadolint < ./debian-buster/Dockerfile.build`
|
||||
7. Run hadolint on the debian-buster selfcontained dockerfile: `docker run --rm -i -v ./.config/hadolint.yml:/.config/hadolint.yaml hadolint/hadolint < ./debian-buster/selfcontained/Dockerfile`
|
||||
8. Fix errors and warnings or add them to ignore list of the [hadolint configuration file](./.config/hadolint.yml) if there is a good reason for that. Read more [here](https://github.com/hadolint/hadolint).
|
||||
|
||||
### Building the docker image locally
|
||||
TBD
|
@ -1,8 +1,9 @@
|
||||
#-----------------BUILDER-----------------
|
||||
#-----------------------------------------
|
||||
FROM node:18-alpine3.17 AS builder
|
||||
RUN apk add --update-cache --repository https://alpine.global.ssl.fastly.net/alpine/v3.17/community/ \
|
||||
python3 build-base sqlite-dev sqlite-libs vips-dev vips-heif fftw-dev gcc g++ make libc6-compat && ln -snf /usr/bin/python3 /usr/bin/python
|
||||
RUN apk add --no-cache --repository https://alpine.global.ssl.fastly.net/alpine/v3.17/community/ \
|
||||
python3 build-base sqlite-dev sqlite-libs vips-dev vips-heif fftw-dev gcc g++ make libc6-compat && ln -snf /usr/bin/python3 /usr/bin/python && \
|
||||
rm /var/cache/apk/*
|
||||
COPY pigallery2-release /app
|
||||
WORKDIR /app
|
||||
RUN npm install --unsafe-perm --fetch-timeout=90000
|
||||
@ -26,10 +27,10 @@ ENV NODE_ENV=production \
|
||||
PI_DOCKER=true
|
||||
|
||||
EXPOSE 80
|
||||
RUN apk add --update-cache --repository https://alpine.global.ssl.fastly.net/alpine/v3.17/community/ \
|
||||
vips vips-cpp vips-heif ffmpeg
|
||||
RUN apk add --no-cache --repository https://alpine.global.ssl.fastly.net/alpine/v3.17/community/ \
|
||||
vips vips-cpp vips-heif ffmpeg && \
|
||||
rm /var/cache/apk/*
|
||||
COPY --from=builder /app /app
|
||||
VOLUME ["/app/data/config", "/app/data/db", "/app/data/images", "/app/data/tmp"]
|
||||
|
||||
# Run build time diagnostics to make sure the app would work after build is finished
|
||||
RUN ["node", "./src/backend/index", "--expose-gc", "--run-diagnostics", "--config-path=/app/diagnostics-config.json"]
|
||||
@ -40,4 +41,3 @@ HEALTHCHECK --interval=40s --timeout=30s --retries=3 --start-period=60s \
|
||||
# after a extensive job (like video converting), pigallery calls gc, to clean up everthing as fast as possible
|
||||
# Exec form entrypoint is need otherwise (using shell form) ENV variables are not properly passed down to the app
|
||||
ENTRYPOINT ["node", "./src/backend/index", "--expose-gc", "--config-path=/app/data/config/config.json"]
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
#-----------------BUILDER-----------------
|
||||
#-----------------------------------------
|
||||
FROM node:18.19-bookworm AS builder
|
||||
RUN apt update && apt install -y --no-install-recommends libvips-dev python3
|
||||
RUN apt-get update && apt-get install -y --no-install-recommends libvips-dev python3
|
||||
COPY pigallery2-release /app
|
||||
WORKDIR /app
|
||||
RUN npm install --unsafe-perm --fetch-timeout=90000
|
||||
@ -30,7 +30,6 @@ RUN apt-get update \
|
||||
&& apt-get clean -q -y \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
COPY --from=builder /app /app
|
||||
VOLUME ["/app/data/config", "/app/data/db", "/app/data/images", "/app/data/tmp"]
|
||||
|
||||
# Run build time diagnostics to make sure the app would work after build is finished
|
||||
RUN ["node", "./src/backend/index", "--expose-gc", "--run-diagnostics", "--config-path=/app/diagnostics-config.json"]
|
||||
@ -41,4 +40,3 @@ HEALTHCHECK --interval=40s --timeout=30s --retries=3 --start-period=60s \
|
||||
# after a extensive job (like video converting), pigallery calls gc, to clean up everthing as fast as possible
|
||||
# Exec form entrypoint is need otherwise (using shell form) ENV variables are not properly passed down to the app
|
||||
ENTRYPOINT ["node", "./src/backend/index", "--expose-gc", "--config-path=/app/data/config/config.json"]
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
#-----------------BUILDER-----------------
|
||||
#-----------------------------------------
|
||||
FROM node:18.19-bullseye AS builder
|
||||
RUN apt update && apt install -y --no-install-recommends libvips-dev python3
|
||||
RUN apt-get update && apt-get install -y --no-install-recommends libvips-dev python3
|
||||
COPY pigallery2-release /app
|
||||
WORKDIR /app
|
||||
RUN npm install --unsafe-perm --fetch-timeout=90000
|
||||
@ -30,7 +30,6 @@ RUN apt-get update \
|
||||
&& apt-get clean -q -y \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
COPY --from=builder /app /app
|
||||
VOLUME ["/app/data/config", "/app/data/db", "/app/data/images", "/app/data/tmp"]
|
||||
|
||||
# Run build time diagnostics to make sure the app would work after build is finished
|
||||
RUN ["node", "./src/backend/index", "--expose-gc", "--run-diagnostics", "--config-path=/app/diagnostics-config.json"]
|
||||
@ -41,4 +40,3 @@ HEALTHCHECK --interval=40s --timeout=30s --retries=3 --start-period=60s \
|
||||
# after a extensive job (like video converting), pigallery calls gc, to clean up everthing as fast as possible
|
||||
# Exec form entrypoint is need otherwise (using shell form) ENV variables are not properly passed down to the app
|
||||
ENTRYPOINT ["node", "./src/backend/index", "--expose-gc", "--config-path=/app/data/config/config.json"]
|
||||
|
||||
|
@ -1,7 +1,7 @@
|
||||
#-----------------BUILDER-----------------
|
||||
#-----------------------------------------
|
||||
FROM node:18.19-buster AS builder
|
||||
RUN apt update && apt install -y --no-install-recommends libvips-dev python3
|
||||
RUN apt-get update && apt-get install -y --no-install-recommends libvips-dev python3
|
||||
COPY pigallery2-release /app
|
||||
WORKDIR /app
|
||||
RUN npm install --unsafe-perm --fetch-timeout=90000
|
||||
@ -30,7 +30,6 @@ RUN apt-get update \
|
||||
&& apt-get clean -q -y \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
COPY --from=builder /app /app
|
||||
VOLUME ["/app/data/config", "/app/data/db", "/app/data/images", "/app/data/tmp"]
|
||||
|
||||
# Run build time diagnostics to make sure the app would work after build is finished
|
||||
RUN ["node", "./src/backend/index", "--expose-gc", "--run-diagnostics", "--config-path=/app/diagnostics-config.json"]
|
||||
@ -41,4 +40,3 @@ HEALTHCHECK --interval=40s --timeout=30s --retries=3 --start-period=60s \
|
||||
# after a extensive job (like video converting), pigallery calls gc, to clean up everthing as fast as possible
|
||||
# Exec form entrypoint is need otherwise (using shell form) ENV variables are not properly passed down to the app
|
||||
ENTRYPOINT ["node", "./src/backend/index", "--expose-gc", "--config-path=/app/data/config/config.json"]
|
||||
|
||||
|
@ -10,9 +10,9 @@ RUN npm install --unsafe-perm \
|
||||
&& mkdir -p /build/release/data/db \
|
||||
&& mkdir -p /build/release/data/images \
|
||||
&& mkdir -p /build/release/data/tmp \
|
||||
&& npm run create-release \
|
||||
&& cd /build/release \
|
||||
&& npm install --unsafe-perm
|
||||
&& npm run create-release
|
||||
WORKDIR /build/release
|
||||
RUN npm install --unsafe-perm
|
||||
|
||||
#-----------------MAIN--------------------
|
||||
#-----------------------------------------
|
||||
@ -33,7 +33,6 @@ RUN apt-get update \
|
||||
&& apt-get clean -q -y \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
COPY --from=builder /build/release /app
|
||||
VOLUME ["/app/data/config", "/app/data/db", "/app/data/images", "/app/data/tmp"]
|
||||
|
||||
# Run build time diagnostics to make sure the app would work after build is finished
|
||||
RUN ["node", "./src/backend/index", "--expose-gc", "--run-diagnostics", "--config-path=/app/diagnostics-config.json"]
|
||||
@ -44,4 +43,3 @@ HEALTHCHECK --interval=40s --timeout=30s --retries=3 --start-period=60s \
|
||||
# after a extensive job (like video converting), pigallery calls gc, to clean up everthing as fast as possible
|
||||
# Exec form entrypoint is need otherwise (using shell form) ENV variables are not properly passed down to the app
|
||||
ENTRYPOINT ["node", "./src/backend/index", "--expose-gc", "--config-path=/app/data/config/config.json"]
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user