mirror of
https://github.com/docker/build-push-action.git
synced 2026-07-04 14:05:38 +00:00
Compare commits
14 Commits
9265074727
...
05c3b060b6
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
05c3b060b6 | ||
|
|
0565240e2d | ||
|
|
3ab07f8801 | ||
|
|
b9e7e4daec | ||
|
|
04d1a3b049 | ||
|
|
1a4d1a13fb | ||
|
|
675965c0e1 | ||
|
|
58ee34cb6b | ||
|
|
c97c4060bd | ||
|
|
47d5369e0b | ||
|
|
8895c7468f | ||
|
|
59ba712c53 | ||
|
|
0c20fff10d | ||
|
|
df45ce9a13 |
3
.eslintignore
Normal file
3
.eslintignore
Normal file
@ -0,0 +1,3 @@
|
||||
/dist/**
|
||||
/coverage/**
|
||||
/node_modules/**
|
||||
@ -1,11 +1,12 @@
|
||||
{
|
||||
"env": {
|
||||
"node": true,
|
||||
"es2021": true,
|
||||
"es6": true,
|
||||
"jest": true
|
||||
},
|
||||
"extends": [
|
||||
"eslint:recommended",
|
||||
"plugin:@typescript-eslint/eslint-recommended",
|
||||
"plugin:@typescript-eslint/recommended",
|
||||
"plugin:jest/recommended",
|
||||
"plugin:prettier/recommended"
|
||||
|
||||
66
SSH
Normal file
66
SSH
Normal file
@ -0,0 +1,66 @@
|
||||
|
||||
How To Install Private Git Hosted Dependencies Inside Docker Image Using SSH
|
||||
#
|
||||
docker
|
||||
#
|
||||
devops
|
||||
#
|
||||
security
|
||||
#
|
||||
python
|
||||
Introduction
|
||||
This quick guide will show you how to mount a ssh key inside a container in build time, to allow you to install private dependencies, that won't be persisted in the final image. It uses python but could work with any language/package manager that uses git + ssh.
|
||||
|
||||
Dockerfile
|
||||
First you need to set Dockerfile syntax to docker/dockerfile:1.2. Put this in the beggining of the file:
|
||||
|
||||
# syntax = docker/dockerfile:1.2
|
||||
Now install git and openssh, and setup ssh folders:
|
||||
|
||||
RUN apt update && \
|
||||
apt install -y git openssh-client && \
|
||||
mkdir -p /root/.ssh && \
|
||||
ssh-keyscan github.com >> /root/.ssh/known_hosts
|
||||
May vary depending on the base image you're using, just change with the package manager you use.
|
||||
|
||||
Make sure to change github.com with your git host.
|
||||
|
||||
Now you have to mount the ssh key in the step that installs the dependency:
|
||||
|
||||
RUN --mount=type=secret,id=id_rsa,dst=/root/.ssh/id_rsa \
|
||||
pip install git+ssh://git@github.com/username/repository.git@version
|
||||
This will mount secret identified by id_rsa on /root/.ssh/id_rsa.
|
||||
|
||||
Building
|
||||
When building you need to specify your ssh key as id_rsa secret:
|
||||
|
||||
docker build . \
|
||||
-f Dockerfile \
|
||||
--secret id=id_rsa,src=/home/user/.ssh/id_rsa
|
||||
Or using docker compose:
|
||||
|
||||
version: '3.7'
|
||||
services:
|
||||
your_service:
|
||||
build:
|
||||
context: .
|
||||
dockerfile: Dockerfile
|
||||
secrets:
|
||||
- id_rsa
|
||||
secrets:
|
||||
id_rsa:
|
||||
file: /home/user/.ssh/id_rsa
|
||||
Final file
|
||||
# syntax = docker/dockerfile:1.2
|
||||
|
||||
FROM python:3.11
|
||||
|
||||
RUN apt update && \
|
||||
apt install -y git openssh-client && \
|
||||
mkdir -p /root/.ssh && \
|
||||
ssh-keyscan github.com >> /root/.ssh/known_hosts
|
||||
|
||||
RUN --mount=type=secret,id=id_rsa,dst=/root/.ssh/id_rsa \
|
||||
pip install git+ssh://git@github.com/username
|
||||
example
|
||||
pip install git+ssh://git@github.com/sammyfilly
|
||||
@ -112,6 +112,6 @@ outputs:
|
||||
description: 'Build result metadata'
|
||||
|
||||
runs:
|
||||
using: 'node16'
|
||||
using: 'node20'
|
||||
main: 'dist/index.js'
|
||||
post: 'dist/index.js'
|
||||
|
||||
@ -1,8 +1,6 @@
|
||||
# syntax=docker/dockerfile:1
|
||||
|
||||
ARG NODE_VERSION=16
|
||||
ARG DOCKER_VERSION=20.10.13
|
||||
ARG BUILDX_VERSION=0.8.0
|
||||
ARG NODE_VERSION=20
|
||||
|
||||
FROM node:${NODE_VERSION}-alpine AS base
|
||||
RUN apk add --no-cache cpio findutils git
|
||||
@ -62,15 +60,10 @@ RUN --mount=type=bind,target=.,rw \
|
||||
--mount=type=cache,target=/src/node_modules \
|
||||
yarn run lint
|
||||
|
||||
FROM docker:${DOCKER_VERSION} as docker
|
||||
FROM docker/buildx-bin:${BUILDX_VERSION} as buildx
|
||||
|
||||
FROM deps AS test
|
||||
RUN --mount=type=bind,target=.,rw \
|
||||
--mount=type=cache,target=/src/node_modules \
|
||||
--mount=type=bind,from=docker,source=/usr/local/bin/docker,target=/usr/bin/docker \
|
||||
--mount=type=bind,from=buildx,source=/buildx,target=/usr/libexec/docker/cli-plugins/docker-buildx \
|
||||
yarn run test --coverageDirectory=/tmp/coverage
|
||||
yarn run test --coverage --coverageDirectory=/tmp/coverage
|
||||
|
||||
FROM scratch AS test-coverage
|
||||
COPY --from=test /tmp/coverage /
|
||||
|
||||
6
dist/index.js
generated
vendored
6
dist/index.js
generated
vendored
File diff suppressed because one or more lines are too long
2
dist/index.js.map
generated
vendored
2
dist/index.js.map
generated
vendored
File diff suppressed because one or more lines are too long
46
package.json
46
package.json
@ -4,9 +4,13 @@
|
||||
"main": "lib/main.js",
|
||||
"scripts": {
|
||||
"build": "ncc build src/main.ts --source-map --minify --license licenses.txt",
|
||||
"lint": "eslint src/**/*.ts __tests__/**/*.ts",
|
||||
"format": "eslint --fix src/**/*.ts __tests__/**/*.ts",
|
||||
"test": "jest --coverage",
|
||||
"lint": "yarn run prettier && yarn run eslint",
|
||||
"format": "yarn run prettier:fix && yarn run eslint:fix",
|
||||
"eslint": "eslint --max-warnings=0 .",
|
||||
"eslint:fix": "eslint --fix .",
|
||||
"prettier": "prettier --check \"./**/*.ts\"",
|
||||
"prettier:fix": "prettier --write \"./**/*.ts\"",
|
||||
"test": "jest",
|
||||
"all": "yarn run build && yarn run format && yarn test"
|
||||
},
|
||||
"repository": {
|
||||
@ -19,33 +23,27 @@
|
||||
"build",
|
||||
"push"
|
||||
],
|
||||
"author": "Docker",
|
||||
"contributors": [
|
||||
{
|
||||
"name": "CrazyMax",
|
||||
"url": "https://crazymax.dev"
|
||||
}
|
||||
],
|
||||
"author": "Docker Inc.",
|
||||
"license": "Apache-2.0",
|
||||
"dependencies": {
|
||||
"@actions/core": "^1.10.0",
|
||||
"@docker/actions-toolkit": "^0.8.0",
|
||||
"@actions/core": "^1.10.1",
|
||||
"@docker/actions-toolkit": "^0.12.0",
|
||||
"handlebars": "^4.7.7"
|
||||
},
|
||||
"devDependencies": {
|
||||
"@types/csv-parse": "^1.2.2",
|
||||
"@types/node": "^16.18.21",
|
||||
"@typescript-eslint/eslint-plugin": "^5.56.0",
|
||||
"@typescript-eslint/parser": "^5.56.0",
|
||||
"@vercel/ncc": "^0.36.1",
|
||||
"eslint": "^8.36.0",
|
||||
"eslint-config-prettier": "^8.8.0",
|
||||
"eslint-plugin-jest": "^27.2.1",
|
||||
"eslint-plugin-prettier": "^4.2.1",
|
||||
"jest": "^29.5.0",
|
||||
"prettier": "^2.8.7",
|
||||
"ts-jest": "^29.0.5",
|
||||
"@types/node": "^20.5.9",
|
||||
"@typescript-eslint/eslint-plugin": "^6.6.0",
|
||||
"@typescript-eslint/parser": "^6.6.0",
|
||||
"@vercel/ncc": "^0.38.0",
|
||||
"eslint": "^8.48.0",
|
||||
"eslint-config-prettier": "^9.0.0",
|
||||
"eslint-plugin-jest": "^27.2.3",
|
||||
"eslint-plugin-prettier": "^5.0.0",
|
||||
"jest": "^29.6.4",
|
||||
"prettier": "^3.0.3",
|
||||
"ts-jest": "^29.1.1",
|
||||
"ts-node": "^10.9.1",
|
||||
"typescript": "^4.9.5"
|
||||
"typescript": "^5.2.2"
|
||||
}
|
||||
}
|
||||
|
||||
@ -48,7 +48,7 @@ actionsToolkit.run(
|
||||
if (dockerConfig && dockerConfig.proxies) {
|
||||
for (const host in dockerConfig.proxies) {
|
||||
let prefix = '';
|
||||
if (dockerConfig.proxies.length > 1) {
|
||||
if (Object.keys(dockerConfig.proxies).length > 1) {
|
||||
prefix = ' ';
|
||||
core.info(host);
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user