Compare commits
11 Commits
e9b9e37d5c
...
master
| Author | SHA1 | Date | |
|---|---|---|---|
| 3bb1e17b81 | |||
| d544c05fa9 | |||
| 521b206994 | |||
| 551f2762b0 | |||
| 3356bd6f14 | |||
| f58a2d44f7 | |||
| 436f686e56 | |||
| 9b2d406942 | |||
| 33538d5a98 | |||
| e2cabfdcf9 | |||
| 0b49b64f36 |
@ -1,23 +1,50 @@
|
||||
on: push
|
||||
name: Build Docker Image
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
# Renovate will push updates as commits
|
||||
paths:
|
||||
- "Dockerfile"
|
||||
|
||||
jobs:
|
||||
build-docker:
|
||||
runs-on: ubuntu-latest
|
||||
container:
|
||||
image: catthehacker/ubuntu:act-latest
|
||||
|
||||
steps:
|
||||
# 1. Checkout repository
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@v5
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
||||
# 2. Set up Docker Buildx
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
||||
- name: Login to DockerHub
|
||||
# 3. Login to your registry
|
||||
- name: Login to Docker registry
|
||||
uses: docker/login-action@v3
|
||||
with:
|
||||
registry: git.comprofix.com
|
||||
username: ${{ secrets.REGISTRY_USERNAME }}
|
||||
password: ${{ secrets.REGISTRY_TOKEN }}
|
||||
|
||||
- name: Build and push
|
||||
# 4. Define timestamp tag
|
||||
- name: Set Docker image tags
|
||||
id: docker_tags
|
||||
run: |
|
||||
TIMESTAMP=$(date +'%Y.%m.%d-%H%M%S')
|
||||
echo "tags=git.comprofix.com/mmckinnon/debian-latest:latest,git.comprofix.com/mmckinnon/debian-latest:$TIMESTAMP" >> $GITHUB_ENV
|
||||
|
||||
# 5. Build & push Docker image
|
||||
- name: Build and push Docker image
|
||||
uses: docker/build-push-action@v6
|
||||
with:
|
||||
context: .
|
||||
file: ./Dockerfile
|
||||
push: true
|
||||
tags: git.comprofix.com/mmckinnon/debian-runner:latest
|
||||
tags: ${{ env.tags }}
|
||||
|
||||
63
Dockerfile
63
Dockerfile
@ -1,41 +1,68 @@
|
||||
# Base image
|
||||
FROM debian:trixie-slim
|
||||
# =========================
|
||||
# Stage 1: Builder
|
||||
# =========================
|
||||
FROM debian:trixie-slim@sha256:1caf1c703c8f7e15dcf2e7769b35000c764e6f50e4d7401c355fb0248f3ddfdb AS builder
|
||||
|
||||
# Set environment variables
|
||||
ENV DEBIAN_FRONTEND=noninteractive \
|
||||
LANG=C.UTF-8 \
|
||||
PATH=/usr/local/bundle/bin:$PATH
|
||||
LANG=C.UTF-8
|
||||
|
||||
# Install dependencies
|
||||
# Install build dependencies
|
||||
RUN apt-get update && apt-get install -y --no-install-recommends \
|
||||
curl \
|
||||
git \
|
||||
bash \
|
||||
openssh-client \
|
||||
ca-certificates \
|
||||
procps \
|
||||
iproute2 \
|
||||
netcat-traditional \
|
||||
unzip \
|
||||
iputils-ping \
|
||||
python3 \
|
||||
python3-pip \
|
||||
python3-venv \
|
||||
build-essential \
|
||||
zlib1g-dev \
|
||||
libffi-dev \
|
||||
libssl-dev \
|
||||
ca-certificates \
|
||||
ruby-full \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
# Install Node.js 22
|
||||
RUN curl -fsSL https://deb.nodesource.com/setup_22.x | bash - \
|
||||
&& apt-get install -y nodejs \
|
||||
&& npm install -g npm
|
||||
|
||||
# Install Ansible via pip
|
||||
RUN pip3 install --no-cache-dir ansible
|
||||
|
||||
# Install Ruby and Jekyll
|
||||
RUN apt-get update && apt-get install -y --no-install-recommends \
|
||||
ruby-full \
|
||||
&& gem install bundler jekyll \
|
||||
&& npm install -g npm \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
# Create workspace
|
||||
# Create Python virtual environment for Ansible
|
||||
RUN python3 -m venv /opt/venv \
|
||||
&& /opt/venv/bin/pip install --no-cache-dir --upgrade pip ansible
|
||||
|
||||
# =========================
|
||||
# Stage 2: Final runtime image
|
||||
# =========================
|
||||
FROM debian:trixie-slim@sha256:1caf1c703c8f7e15dcf2e7769b35000c764e6f50e4d7401c355fb0248f3ddfdb
|
||||
|
||||
ENV DEBIAN_FRONTEND=noninteractive \
|
||||
LANG=C.UTF-8 \
|
||||
PATH=/opt/venv/bin:$PATH
|
||||
|
||||
# Install runtime dependencies only
|
||||
RUN apt-get update && apt-get install -y --no-install-recommends \
|
||||
bash \
|
||||
openssh-client \
|
||||
ca-certificates \
|
||||
iputils-ping \
|
||||
python3 \
|
||||
python3-venv \
|
||||
ruby-full \
|
||||
nodejs \
|
||||
git \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
# Copy built Python venv from builder
|
||||
COPY --from=builder /opt/venv /opt/venv
|
||||
|
||||
# Set working directory
|
||||
WORKDIR /workspace
|
||||
|
||||
# Default shell
|
||||
|
||||
19
renovate.json
Normal file
19
renovate.json
Normal file
@ -0,0 +1,19 @@
|
||||
{
|
||||
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
|
||||
"extends": [
|
||||
"config:recommended",
|
||||
"renovatebot/renovate-config",
|
||||
":semanticCommitTypeAll(chore)"
|
||||
],
|
||||
"automerge": true,
|
||||
"automergeType": "branch",
|
||||
"automergeStrategy": "rebase",
|
||||
"commitBodyTable": true,
|
||||
"ignoreTests": true,
|
||||
"major": {
|
||||
"automerge": false,
|
||||
"dependencyDashboardApproval": true,
|
||||
"commitMessagePrefix": "chore(deps-major): ",
|
||||
"labels": ["dependencies", "breaking"]
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user