From 9711bc096c0a225d3269ce7f5f0a32f3268e1c0c Mon Sep 17 00:00:00 2001 From: Karol Wypchlo Date: Thu, 31 Mar 2022 11:49:42 +0200 Subject: [PATCH 01/13] lint dockerfiles with hadolint --- .github/workflows/lint-dockerfiles.yml | 27 ++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 .github/workflows/lint-dockerfiles.yml diff --git a/.github/workflows/lint-dockerfiles.yml b/.github/workflows/lint-dockerfiles.yml new file mode 100644 index 00000000..7a28d146 --- /dev/null +++ b/.github/workflows/lint-dockerfiles.yml @@ -0,0 +1,27 @@ +name: Dockerfile Lint + +on: + push: + branches: + - main + pull_request: + +jobs: + hadolint: + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + dockerfile: + - docker/nginx/Dockerfile + - docker/sia/Dockerfile + - packages/dashboard/Dockerfile + - packages/dnslink-api/Dockerfile + - packages/handshake-api/Dockerfile + - packages/health-check/Dockerfile + - packages/website/Dockerfile + steps: + - uses: actions/checkout@v3 + - uses: hadolint/hadolint-action@v2.0.0 + with: + dockerfile: ${{ matrix.dockerfile }} From a8d046ad568948c9d15ae7b7d8428104fdf36ce9 Mon Sep 17 00:00:00 2001 From: Karol Wypchlo Date: Thu, 31 Mar 2022 11:57:33 +0200 Subject: [PATCH 02/13] fix hadolint reported issues --- packages/health-check/Dockerfile | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/packages/health-check/Dockerfile b/packages/health-check/Dockerfile index 9480902c..d0c6bfc2 100644 --- a/packages/health-check/Dockerfile +++ b/packages/health-check/Dockerfile @@ -1,16 +1,15 @@ FROM node:16.14.2-alpine -RUN apk update && apk add dnsmasq +RUN apk --no-cache add dnsmasq=2.86-r0 && rm -rf /var/cache/apk/* WORKDIR /usr/app ENV PATH="/usr/app/bin:${PATH}" # schedule critical checks to run every 5 minutes (any failures will disable server) -RUN echo '*/5 * * * * source /etc/environment ; /usr/app/bin/cli run critical >> /proc/1/fd/1' >> /etc/crontabs/root - # schedule extended checks to run on every hour (optional checks, report only) -RUN echo '0 * * * * source /etc/environment ; /usr/app/bin/cli run extended >> /proc/1/fd/1' >> /etc/crontabs/root +RUN echo '*/5 * * * * source /etc/environment ; /usr/app/bin/cli run critical >> /proc/1/fd/1' >> /etc/crontabs/root && \ + echo '0 * * * * source /etc/environment ; /usr/app/bin/cli run extended >> /proc/1/fd/1' >> /etc/crontabs/root COPY package.json yarn.lock ./ From c7db33c91033fd848fa19ea484f06135a5c2cd39 Mon Sep 17 00:00:00 2001 From: Karol Wypchlo Date: Thu, 31 Mar 2022 11:59:30 +0200 Subject: [PATCH 03/13] fix hadolint reported issues --- packages/handshake-api/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/handshake-api/Dockerfile b/packages/handshake-api/Dockerfile index 06dbb253..92f30b36 100644 --- a/packages/handshake-api/Dockerfile +++ b/packages/handshake-api/Dockerfile @@ -15,4 +15,4 @@ ENV HSD_API_KEY="foo" EXPOSE 3100 ENV NODE_ENV production -CMD node src/index.js +CMD ["node", "src/index.js"] From 460ff626c62e536c8aa4e39698219fed4c9f37a2 Mon Sep 17 00:00:00 2001 From: Karol Wypchlo Date: Thu, 31 Mar 2022 12:00:35 +0200 Subject: [PATCH 04/13] fix hadolint reported issues --- packages/dnslink-api/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/dnslink-api/Dockerfile b/packages/dnslink-api/Dockerfile index ca6295a7..be1f9452 100644 --- a/packages/dnslink-api/Dockerfile +++ b/packages/dnslink-api/Dockerfile @@ -9,4 +9,4 @@ RUN yarn --frozen-lockfile COPY src/* src/ EXPOSE 3100 -CMD node src/index.js +CMD ["node", "src/index.js"] From aa03f62bc76c85bfd99d12e956090f6007c928a5 Mon Sep 17 00:00:00 2001 From: Karol Wypchlo Date: Thu, 31 Mar 2022 12:02:31 +0200 Subject: [PATCH 05/13] fix hadolint reported issues --- docker/nginx/Dockerfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docker/nginx/Dockerfile b/docker/nginx/Dockerfile index 2093872c..eca1e3d8 100644 --- a/docker/nginx/Dockerfile +++ b/docker/nginx/Dockerfile @@ -1,5 +1,7 @@ FROM openresty/openresty:1.19.9.1-focal +WORKDIR / + RUN luarocks install lua-resty-http && \ luarocks install hasher && \ openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 \ From 2d52aa3b75d94a61e3da927707c8c9edc155fa75 Mon Sep 17 00:00:00 2001 From: Karol Wypchlo Date: Thu, 31 Mar 2022 12:05:08 +0200 Subject: [PATCH 06/13] fix hadolint reported issues --- docker/sia/Dockerfile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docker/sia/Dockerfile b/docker/sia/Dockerfile index 887b92e9..ed1690db 100644 --- a/docker/sia/Dockerfile +++ b/docker/sia/Dockerfile @@ -5,10 +5,10 @@ ENV GOARCH amd64 ARG branch=portal-latest -RUN git clone https://gitlab.com/SkynetLabs/skyd.git Sia --single-branch --branch ${branch} -RUN make release --directory Sia +RUN git clone https://gitlab.com/SkynetLabs/skyd.git Sia --single-branch --branch ${branch} && \ + make release --directory Sia -FROM nebulouslabs/sia:latest +FROM nebulouslabs/sia:1.5.6 COPY --from=sia-builder /go/bin/ /usr/bin/ From 6f1c1af34209873f9bed63848bc21156df86e064 Mon Sep 17 00:00:00 2001 From: Karol Wypchlo Date: Thu, 31 Mar 2022 12:10:00 +0200 Subject: [PATCH 07/13] fix hadolint reported issues --- packages/health-check/Dockerfile | 3 ++- packages/website/Dockerfile | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/packages/health-check/Dockerfile b/packages/health-check/Dockerfile index d0c6bfc2..a05d822b 100644 --- a/packages/health-check/Dockerfile +++ b/packages/health-check/Dockerfile @@ -1,6 +1,7 @@ FROM node:16.14.2-alpine -RUN apk --no-cache add dnsmasq=2.86-r0 && rm -rf /var/cache/apk/* +RUN apk add --no-cache dnsmasq=2.86-r0 && \ + rm -rf /var/cache/apk/* WORKDIR /usr/app diff --git a/packages/website/Dockerfile b/packages/website/Dockerfile index b5a9828c..68d0f191 100644 --- a/packages/website/Dockerfile +++ b/packages/website/Dockerfile @@ -1,6 +1,7 @@ FROM node:16.14.2-alpine -RUN apk update && apk add autoconf automake build-base libtool nasm pkgconfig +RUN apk add --no-cache autoconf=2.71-r0 automake=1.16.4-r1 build-base=0.5-r2 libtool=2.4.6-r7 nasm=2.15.05-r0 pkgconfig=1.8.0-r0 && \ + rm -rf /var/cache/apk/* WORKDIR /usr/app From fbdd689669d1d3191891cc1a7bca5216f9ed9127 Mon Sep 17 00:00:00 2001 From: Karol Wypchlo Date: Thu, 31 Mar 2022 12:18:26 +0200 Subject: [PATCH 08/13] fix hadolint reported issues --- docker/sia/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docker/sia/Dockerfile b/docker/sia/Dockerfile index ed1690db..4032168f 100644 --- a/docker/sia/Dockerfile +++ b/docker/sia/Dockerfile @@ -12,5 +12,5 @@ FROM nebulouslabs/sia:1.5.6 COPY --from=sia-builder /go/bin/ /usr/bin/ -RUN mv /usr/bin/skyd /usr/bin/siad || true && \ - mv /usr/bin/skyc /usr/bin/siac || true +RUN if [[ -f "/usr/bin/skyd" ]]; then mv /usr/bin/skyd /usr/bin/siad; fi && \ + if [[ -f "/usr/bin/skyc" ]]; then mv /usr/bin/skyc /usr/bin/siac; fi From cfdfc52e6ae84ace20db2666d11872fecdf9947b Mon Sep 17 00:00:00 2001 From: Karol Wypchlo Date: Thu, 31 Mar 2022 12:23:16 +0200 Subject: [PATCH 09/13] fix hadolint reported issues --- docker/sia/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docker/sia/Dockerfile b/docker/sia/Dockerfile index 4032168f..953dd27c 100644 --- a/docker/sia/Dockerfile +++ b/docker/sia/Dockerfile @@ -12,5 +12,5 @@ FROM nebulouslabs/sia:1.5.6 COPY --from=sia-builder /go/bin/ /usr/bin/ -RUN if [[ -f "/usr/bin/skyd" ]]; then mv /usr/bin/skyd /usr/bin/siad; fi && \ - if [[ -f "/usr/bin/skyc" ]]; then mv /usr/bin/skyc /usr/bin/siac; fi +RUN if [ -f "/usr/bin/skyd" ]; then mv /usr/bin/skyd /usr/bin/siad; fi && \ + if [ -f "/usr/bin/skyc" ]; then mv /usr/bin/skyc /usr/bin/siac; fi From f9b151eb9242814d10d42ac249437803b784eed8 Mon Sep 17 00:00:00 2001 From: Karol Wypchlo Date: Thu, 31 Mar 2022 12:27:31 +0200 Subject: [PATCH 10/13] fix hadolint reported issues --- packages/website/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/website/Dockerfile b/packages/website/Dockerfile index 68d0f191..9bd5823c 100644 --- a/packages/website/Dockerfile +++ b/packages/website/Dockerfile @@ -1,6 +1,6 @@ FROM node:16.14.2-alpine -RUN apk add --no-cache autoconf=2.71-r0 automake=1.16.4-r1 build-base=0.5-r2 libtool=2.4.6-r7 nasm=2.15.05-r0 pkgconfig=1.8.0-r0 && \ +RUN apk add --no-cache autoconf=2.71-r0 automake=1.16.4-r1 build-base=0.5-r2 libtool=2.4.6-r7 nasm=2.15.05-r0 pkgconf=1.8.0-r0 && \ rm -rf /var/cache/apk/* WORKDIR /usr/app From 59c6b84d01f18ceca78f304f23a31c6bc2586128 Mon Sep 17 00:00:00 2001 From: Karol Wypchlo Date: Thu, 31 Mar 2022 12:33:54 +0200 Subject: [PATCH 11/13] fix hadolint reported issues --- .github/workflows/lint-dockerfiles.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-dockerfiles.yml b/.github/workflows/lint-dockerfiles.yml index 7a28d146..1eea156c 100644 --- a/.github/workflows/lint-dockerfiles.yml +++ b/.github/workflows/lint-dockerfiles.yml @@ -3,7 +3,7 @@ name: Dockerfile Lint on: push: branches: - - main + - master pull_request: jobs: From 4f5b59c53a21ee9989495d22553e1311f9f30873 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karol=20Wypch=C5=82o?= Date: Thu, 31 Mar 2022 15:15:26 +0200 Subject: [PATCH 12/13] don't need to remove apk cache --- packages/health-check/Dockerfile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/packages/health-check/Dockerfile b/packages/health-check/Dockerfile index a05d822b..e9d15a77 100644 --- a/packages/health-check/Dockerfile +++ b/packages/health-check/Dockerfile @@ -1,7 +1,6 @@ FROM node:16.14.2-alpine -RUN apk add --no-cache dnsmasq=2.86-r0 && \ - rm -rf /var/cache/apk/* +RUN apk add --no-cache dnsmasq=2.86-r0 WORKDIR /usr/app From dd51ece41be806cce7d9825a77b3ac1b76369cca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karol=20Wypch=C5=82o?= Date: Thu, 31 Mar 2022 15:15:38 +0200 Subject: [PATCH 13/13] don't need to remove apk cache --- packages/website/Dockerfile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/packages/website/Dockerfile b/packages/website/Dockerfile index 9bd5823c..3a9fa9a1 100644 --- a/packages/website/Dockerfile +++ b/packages/website/Dockerfile @@ -1,7 +1,6 @@ FROM node:16.14.2-alpine -RUN apk add --no-cache autoconf=2.71-r0 automake=1.16.4-r1 build-base=0.5-r2 libtool=2.4.6-r7 nasm=2.15.05-r0 pkgconf=1.8.0-r0 && \ - rm -rf /var/cache/apk/* +RUN apk add --no-cache autoconf=2.71-r0 automake=1.16.4-r1 build-base=0.5-r2 libtool=2.4.6-r7 nasm=2.15.05-r0 pkgconf=1.8.0-r0 WORKDIR /usr/app