diff --git a/.github/workflows/lint-dockerfiles.yml b/.github/workflows/lint-dockerfiles.yml new file mode 100644 index 00000000..1eea156c --- /dev/null +++ b/.github/workflows/lint-dockerfiles.yml @@ -0,0 +1,27 @@ +name: Dockerfile Lint + +on: + push: + branches: + - master + pull_request: + +jobs: + hadolint: + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + dockerfile: + - docker/nginx/Dockerfile + - docker/sia/Dockerfile + - packages/dashboard/Dockerfile + - packages/dnslink-api/Dockerfile + - packages/handshake-api/Dockerfile + - packages/health-check/Dockerfile + - packages/website/Dockerfile + steps: + - uses: actions/checkout@v3 + - uses: hadolint/hadolint-action@v2.0.0 + with: + dockerfile: ${{ matrix.dockerfile }} diff --git a/docker/nginx/Dockerfile b/docker/nginx/Dockerfile index 2093872c..eca1e3d8 100644 --- a/docker/nginx/Dockerfile +++ b/docker/nginx/Dockerfile @@ -1,5 +1,7 @@ FROM openresty/openresty:1.19.9.1-focal +WORKDIR / + RUN luarocks install lua-resty-http && \ luarocks install hasher && \ openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 \ diff --git a/docker/sia/Dockerfile b/docker/sia/Dockerfile index 887b92e9..953dd27c 100644 --- a/docker/sia/Dockerfile +++ b/docker/sia/Dockerfile @@ -5,12 +5,12 @@ ENV GOARCH amd64 ARG branch=portal-latest -RUN git clone https://gitlab.com/SkynetLabs/skyd.git Sia --single-branch --branch ${branch} -RUN make release --directory Sia +RUN git clone https://gitlab.com/SkynetLabs/skyd.git Sia --single-branch --branch ${branch} && \ + make release --directory Sia -FROM nebulouslabs/sia:latest +FROM nebulouslabs/sia:1.5.6 COPY --from=sia-builder /go/bin/ /usr/bin/ -RUN mv /usr/bin/skyd /usr/bin/siad || true && \ - mv /usr/bin/skyc /usr/bin/siac || true +RUN if [ -f "/usr/bin/skyd" ]; then mv /usr/bin/skyd /usr/bin/siad; fi && \ + if [ -f "/usr/bin/skyc" ]; then mv /usr/bin/skyc /usr/bin/siac; fi diff --git a/packages/dnslink-api/Dockerfile b/packages/dnslink-api/Dockerfile index ca6295a7..be1f9452 100644 --- a/packages/dnslink-api/Dockerfile +++ b/packages/dnslink-api/Dockerfile @@ -9,4 +9,4 @@ RUN yarn --frozen-lockfile COPY src/* src/ EXPOSE 3100 -CMD node src/index.js +CMD ["node", "src/index.js"] diff --git a/packages/handshake-api/Dockerfile b/packages/handshake-api/Dockerfile index 06dbb253..92f30b36 100644 --- a/packages/handshake-api/Dockerfile +++ b/packages/handshake-api/Dockerfile @@ -15,4 +15,4 @@ ENV HSD_API_KEY="foo" EXPOSE 3100 ENV NODE_ENV production -CMD node src/index.js +CMD ["node", "src/index.js"] diff --git a/packages/health-check/Dockerfile b/packages/health-check/Dockerfile index 9480902c..e9d15a77 100644 --- a/packages/health-check/Dockerfile +++ b/packages/health-check/Dockerfile @@ -1,16 +1,15 @@ FROM node:16.14.2-alpine -RUN apk update && apk add dnsmasq +RUN apk add --no-cache dnsmasq=2.86-r0 WORKDIR /usr/app ENV PATH="/usr/app/bin:${PATH}" # schedule critical checks to run every 5 minutes (any failures will disable server) -RUN echo '*/5 * * * * source /etc/environment ; /usr/app/bin/cli run critical >> /proc/1/fd/1' >> /etc/crontabs/root - # schedule extended checks to run on every hour (optional checks, report only) -RUN echo '0 * * * * source /etc/environment ; /usr/app/bin/cli run extended >> /proc/1/fd/1' >> /etc/crontabs/root +RUN echo '*/5 * * * * source /etc/environment ; /usr/app/bin/cli run critical >> /proc/1/fd/1' >> /etc/crontabs/root && \ + echo '0 * * * * source /etc/environment ; /usr/app/bin/cli run extended >> /proc/1/fd/1' >> /etc/crontabs/root COPY package.json yarn.lock ./ diff --git a/packages/website/Dockerfile b/packages/website/Dockerfile index b5a9828c..3a9fa9a1 100644 --- a/packages/website/Dockerfile +++ b/packages/website/Dockerfile @@ -1,6 +1,6 @@ FROM node:16.14.2-alpine -RUN apk update && apk add autoconf automake build-base libtool nasm pkgconfig +RUN apk add --no-cache autoconf=2.71-r0 automake=1.16.4-r1 build-base=0.5-r2 libtool=2.4.6-r7 nasm=2.15.05-r0 pkgconf=1.8.0-r0 WORKDIR /usr/app