Compare commits

...

14 Commits

Author SHA1 Message Date
Sammy filly
05c3b060b6
Merge df45ce9a13 into 0565240e2d 2023-09-12 09:55:47 +02:00
CrazyMax
0565240e2d
Merge pull request #959 from docker/dependabot/npm_and_yarn/actions/core-1.10.1
chore(deps): Bump @actions/core from 1.10.0 to 1.10.1
2023-09-12 08:59:19 +02:00
CrazyMax
3ab07f8801
chore: update generated content
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-09-12 08:53:09 +02:00
dependabot[bot]
b9e7e4daec
chore(deps): Bump @actions/core from 1.10.0 to 1.10.1
Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 1.10.0 to 1.10.1.
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

---
updated-dependencies:
- dependency-name: "@actions/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-12 06:30:14 +00:00
CrazyMax
04d1a3b049
Merge pull request #954 from crazy-max/update-node20
chore: node 20 as default runtime
2023-09-12 08:22:50 +02:00
CrazyMax
1a4d1a13fb
chore: node 20 as default runtime
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-09-09 18:09:30 +02:00
CrazyMax
675965c0e1
chore: update generated content
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-09-09 18:09:30 +02:00
CrazyMax
58ee34cb6b
chore: fix author in package.json
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-09-09 18:08:44 +02:00
CrazyMax
c97c4060bd
fix ProxyConfig type when checking length
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-09-09 18:08:43 +02:00
CrazyMax
47d5369e0b
vendor: bump @docker/actions-toolkit from 0.8.0 to 0.12.0
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-09-09 18:08:43 +02:00
CrazyMax
8895c7468f
chore: update dev dependencies
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-09-09 18:08:43 +02:00
CrazyMax
59ba712c53
dev: remove unneeded binaries
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-09-09 18:08:43 +02:00
CrazyMax
0c20fff10d
chore: update to node 20
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-09-09 18:08:43 +02:00
Sammy filly
df45ce9a13
Create SSH
Signed-off-by: Sammy filly  <136061549+sammyfilly@users.noreply.github.com>
2023-09-03 07:20:25 +01:00
10 changed files with 907 additions and 595 deletions

3
.eslintignore Normal file
View File

@ -0,0 +1,3 @@
/dist/**
/coverage/**
/node_modules/**

View File

@ -1,11 +1,12 @@
{
"env": {
"node": true,
"es2021": true,
"es6": true,
"jest": true
},
"extends": [
"eslint:recommended",
"plugin:@typescript-eslint/eslint-recommended",
"plugin:@typescript-eslint/recommended",
"plugin:jest/recommended",
"plugin:prettier/recommended"

66
SSH Normal file
View File

@ -0,0 +1,66 @@
How To Install Private Git Hosted Dependencies Inside Docker Image Using SSH
#
docker
#
devops
#
security
#
python
Introduction
This quick guide will show you how to mount a ssh key inside a container in build time, to allow you to install private dependencies, that won't be persisted in the final image. It uses python but could work with any language/package manager that uses git + ssh.
Dockerfile
First you need to set Dockerfile syntax to docker/dockerfile:1.2. Put this in the beggining of the file:
# syntax = docker/dockerfile:1.2
Now install git and openssh, and setup ssh folders:
RUN apt update && \
apt install -y git openssh-client && \
mkdir -p /root/.ssh && \
ssh-keyscan github.com >> /root/.ssh/known_hosts
May vary depending on the base image you're using, just change with the package manager you use.
Make sure to change github.com with your git host.
Now you have to mount the ssh key in the step that installs the dependency:
RUN --mount=type=secret,id=id_rsa,dst=/root/.ssh/id_rsa \
pip install git+ssh://git@github.com/username/repository.git@version
This will mount secret identified by id_rsa on /root/.ssh/id_rsa.
Building
When building you need to specify your ssh key as id_rsa secret:
docker build . \
-f Dockerfile \
--secret id=id_rsa,src=/home/user/.ssh/id_rsa
Or using docker compose:
version: '3.7'
services:
your_service:
build:
context: .
dockerfile: Dockerfile
secrets:
- id_rsa
secrets:
id_rsa:
file: /home/user/.ssh/id_rsa
Final file
# syntax = docker/dockerfile:1.2
FROM python:3.11
RUN apt update && \
apt install -y git openssh-client && \
mkdir -p /root/.ssh && \
ssh-keyscan github.com >> /root/.ssh/known_hosts
RUN --mount=type=secret,id=id_rsa,dst=/root/.ssh/id_rsa \
pip install git+ssh://git@github.com/username
example
pip install git+ssh://git@github.com/sammyfilly

View File

@ -112,6 +112,6 @@ outputs:
description: 'Build result metadata'
runs:
using: 'node16'
using: 'node20'
main: 'dist/index.js'
post: 'dist/index.js'

View File

@ -1,8 +1,6 @@
# syntax=docker/dockerfile:1
ARG NODE_VERSION=16
ARG DOCKER_VERSION=20.10.13
ARG BUILDX_VERSION=0.8.0
ARG NODE_VERSION=20
FROM node:${NODE_VERSION}-alpine AS base
RUN apk add --no-cache cpio findutils git
@ -62,15 +60,10 @@ RUN --mount=type=bind,target=.,rw \
--mount=type=cache,target=/src/node_modules \
yarn run lint
FROM docker:${DOCKER_VERSION} as docker
FROM docker/buildx-bin:${BUILDX_VERSION} as buildx
FROM deps AS test
RUN --mount=type=bind,target=.,rw \
--mount=type=cache,target=/src/node_modules \
--mount=type=bind,from=docker,source=/usr/local/bin/docker,target=/usr/bin/docker \
--mount=type=bind,from=buildx,source=/buildx,target=/usr/libexec/docker/cli-plugins/docker-buildx \
yarn run test --coverageDirectory=/tmp/coverage
yarn run test --coverage --coverageDirectory=/tmp/coverage
FROM scratch AS test-coverage
COPY --from=test /tmp/coverage /

6
dist/index.js generated vendored

File diff suppressed because one or more lines are too long

2
dist/index.js.map generated vendored

File diff suppressed because one or more lines are too long

View File

@ -4,9 +4,13 @@
"main": "lib/main.js",
"scripts": {
"build": "ncc build src/main.ts --source-map --minify --license licenses.txt",
"lint": "eslint src/**/*.ts __tests__/**/*.ts",
"format": "eslint --fix src/**/*.ts __tests__/**/*.ts",
"test": "jest --coverage",
"lint": "yarn run prettier && yarn run eslint",
"format": "yarn run prettier:fix && yarn run eslint:fix",
"eslint": "eslint --max-warnings=0 .",
"eslint:fix": "eslint --fix .",
"prettier": "prettier --check \"./**/*.ts\"",
"prettier:fix": "prettier --write \"./**/*.ts\"",
"test": "jest",
"all": "yarn run build && yarn run format && yarn test"
},
"repository": {
@ -19,33 +23,27 @@
"build",
"push"
],
"author": "Docker",
"contributors": [
{
"name": "CrazyMax",
"url": "https://crazymax.dev"
}
],
"author": "Docker Inc.",
"license": "Apache-2.0",
"dependencies": {
"@actions/core": "^1.10.0",
"@docker/actions-toolkit": "^0.8.0",
"@actions/core": "^1.10.1",
"@docker/actions-toolkit": "^0.12.0",
"handlebars": "^4.7.7"
},
"devDependencies": {
"@types/csv-parse": "^1.2.2",
"@types/node": "^16.18.21",
"@typescript-eslint/eslint-plugin": "^5.56.0",
"@typescript-eslint/parser": "^5.56.0",
"@vercel/ncc": "^0.36.1",
"eslint": "^8.36.0",
"eslint-config-prettier": "^8.8.0",
"eslint-plugin-jest": "^27.2.1",
"eslint-plugin-prettier": "^4.2.1",
"jest": "^29.5.0",
"prettier": "^2.8.7",
"ts-jest": "^29.0.5",
"@types/node": "^20.5.9",
"@typescript-eslint/eslint-plugin": "^6.6.0",
"@typescript-eslint/parser": "^6.6.0",
"@vercel/ncc": "^0.38.0",
"eslint": "^8.48.0",
"eslint-config-prettier": "^9.0.0",
"eslint-plugin-jest": "^27.2.3",
"eslint-plugin-prettier": "^5.0.0",
"jest": "^29.6.4",
"prettier": "^3.0.3",
"ts-jest": "^29.1.1",
"ts-node": "^10.9.1",
"typescript": "^4.9.5"
"typescript": "^5.2.2"
}
}

View File

@ -48,7 +48,7 @@ actionsToolkit.run(
if (dockerConfig && dockerConfig.proxies) {
for (const host in dockerConfig.proxies) {
let prefix = '';
if (dockerConfig.proxies.length > 1) {
if (Object.keys(dockerConfig.proxies).length > 1) {
prefix = ' ';
core.info(host);
}

1361
yarn.lock

File diff suppressed because it is too large Load Diff