-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
03dd281
commit c8ae346
Showing
5 changed files
with
159 additions
and
34 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,90 @@ | ||
| name: docker | ||
|
|
||
| on: | ||
| workflow_dispatch: | ||
| schedule: | ||
| - cron: '0 0 * * 0' | ||
| push: | ||
| paths: | ||
| - 'Dockerfile' | ||
| - '.github/workflows/docker.yaml' | ||
|
|
||
| jobs: | ||
| hadolint: | ||
| name: hadolint | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v3 | ||
| - uses: hadolint/[email protected] | ||
| with: | ||
| dockerfile: Dockerfile | ||
| verbose: true | ||
| - name: Update Pull Request | ||
| uses: actions/github-script@v6 | ||
| if: github.event_name == 'pull_request' | ||
| with: | ||
| script: | | ||
| const output = ` | ||
| #### Hadolint: \`${{ steps.hadolint.outcome }}\` | ||
| \`\`\` | ||
| ${process.env.HADOLINT_RESULTS} | ||
| \`\`\` | ||
| `; | ||
| github.rest.issues.createComment({ | ||
| issue_number: context.issue.number, | ||
| owner: context.repo.owner, | ||
| repo: context.repo.repo, | ||
| body: output | ||
| }) | ||
| upstream: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Check out the repo | ||
| uses: actions/checkout@v3 | ||
| - name: Set up Docker Buildx | ||
| id: buildx | ||
| uses: docker/setup-buildx-action@v2 | ||
| - name: Login to Github Container Registry | ||
| uses: docker/login-action@v2 | ||
| with: | ||
| registry: ghcr.io | ||
| username: ${{ github.repository_owner }} | ||
| password: ${{ secrets.GITHUB_TOKEN }} | ||
| - name: Build and push | ||
| uses: docker/build-push-action@v4 | ||
| with: | ||
| context: . | ||
| file: Dockerfile | ||
| push: true | ||
| target: upstream | ||
| tags: ghcr.io/griswaldbrooks/filter:upstream | ||
| cache-from: type=gha | ||
| cache-to: type=gha,mode=max | ||
| development: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Check out the repo | ||
| uses: actions/checkout@v3 | ||
| - name: Set up Docker Buildx | ||
| id: buildx | ||
| uses: docker/setup-buildx-action@v2 | ||
| - name: Login to Github Container Registry | ||
| uses: docker/login-action@v2 | ||
| with: | ||
| registry: ghcr.io | ||
| username: ${{ github.repository_owner }} | ||
| password: ${{ secrets.GITHUB_TOKEN }} | ||
| - name: Build and push | ||
| uses: docker/build-push-action@v4 | ||
| with: | ||
| context: . | ||
| file: Dockerfile | ||
| push: true | ||
| target: development | ||
| build-args: | | ||
| USER=ci-user | ||
| UID=1000 | ||
| GID=1000 | ||
| tags: ghcr.io/griswaldbrooks/filter:ci-user-development | ||
| cache-from: type=gha | ||
| cache-to: type=gha,mode=max |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| ignored: | ||
| - DL3007 | ||
| - DL3008 | ||
| - SC1091 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,34 +1,66 @@ | ||
| # syntax=docker/dockerfile:1 | ||
| FROM ubuntu:20.04 | ||
| ARG UIDGID | ||
| FROM ubuntu:22.04 as upstream | ||
|
|
||
| # Prevent the interactive wizards from stopping the build | ||
| ARG DEBIAN_FRONTEND=noninteractive | ||
|
|
||
| # Get the basics | ||
| # hadolint ignore=DL3008 | ||
| RUN --mount=type=cache,target=/var/cache/apt,id=apt \ | ||
| apt-get update -y && apt-get install -q -y --no-install-recommends \ | ||
| build-essential \ | ||
| cmake \ | ||
| lsb-core \ | ||
| wget \ | ||
| && rm -rf /var/lib/apt/lists/* | ||
|
|
||
| FROM upstream AS development | ||
|
|
||
| ARG UID | ||
| ARG GID | ||
| ARG USER | ||
|
|
||
| # fail build if args are missing | ||
| RUN if [ -z "$UIDGID" ]; then echo '\nERROR: UIDGID not set. Run \n\n \texport UIDGID=$(id -u):$(id -g) \n\n on host before building Dockerfile.\n'; exit 1; fi | ||
| # hadolint ignore=SC2028 | ||
| RUN if [ -z "$UID" ]; then echo '\nERROR: UID not set. Run \n\n \texport UID=$(id -u) \n\n on host before building Dockerfile.\n'; exit 1; fi | ||
| # hadolint ignore=SC2028 | ||
| RUN if [ -z "$GID" ]; then echo '\nERROR: GID not set. Run \n\n \texport GID=$(id -g) \n\n on host before building Dockerfile.\n'; exit 1; fi | ||
| # hadolint ignore=SC2028 | ||
| RUN if [ -z "$USER" ]; then echo '\nERROR: USER not set. Run \n\n \texport USER=$(whoami) \n\n on host before building Dockerfile.\n'; exit 1; fi | ||
| # hadolint ignore=DL3008 | ||
| RUN --mount=type=cache,target=/var/cache/apt,id=apt \ | ||
| apt-get update && apt-get upgrade -y \ | ||
| && apt-get install -q -y --no-install-recommends \ | ||
| git \ | ||
| python3 \ | ||
| python3-pip \ | ||
| sudo \ | ||
| ssh \ | ||
| vim \ | ||
| wget \ | ||
| && rm -rf /var/lib/apt/lists/* | ||
|
|
||
| # Prevent the interactive wizards from stopping the build | ||
| ARG DEBIAN_FRONTEND=noninteractive | ||
| # install developer tools | ||
| RUN python3 -m pip install --no-cache-dir \ | ||
| pre-commit==3.0.4 | ||
|
|
||
| # Get the basics | ||
| RUN apt update -y && apt install -y \ | ||
| build-essential \ | ||
| cmake \ | ||
| git \ | ||
| lsb-core \ | ||
| python3 \ | ||
| python3-pip \ | ||
| sudo \ | ||
| wget | ||
|
|
||
| # Build gtest and gmock | ||
| RUN apt install -y libgtest-dev && \ | ||
| cmake /usr/src/googletest/CMakeLists.txt && \ | ||
| ls /usr/src/googletest && \ | ||
| (cd /usr/src/googletest && make) && \ | ||
| cp -r /usr/src/googletest/googlemock/include/* /usr/include && \ | ||
| cp -r /usr/src/googletest/googletest/include/* /usr/include && \ | ||
| cp -r /usr/src/googletest/lib/* /usr/lib | ||
|
|
||
| # chown working directory to user | ||
| RUN mkdir -p /home/${USER}/ws && chown -R ${UIDGID} /home/${USER} | ||
| # install hadolint | ||
| RUN wget -q -O /bin/hadolint https://github.com/hadolint/hadolint/releases/download/v2.12.0/hadolint-Linux-x86_64 \ | ||
| && chmod +x /bin/hadolint | ||
|
|
||
| # Setup user home directory | ||
| # --no-log-init helps with excessively long UIDs | ||
| RUN groupadd --gid $GID $USER \ | ||
| && useradd --no-log-init --uid $GID --gid $UID -m $USER --groups sudo \ | ||
| && echo $USER ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USER \ | ||
| && chmod 0440 /etc/sudoers.d/$USER \ | ||
| && echo "source /opt/ros/${ROS_DISTRO}/setup.bash" >> /home/${USER}/.profile \ | ||
| && touch /home/${USER}/.bashrc \ | ||
| && chown -R ${GID}:${UID} /home/${USER} | ||
|
|
||
| USER $USER | ||
| ENV SHELL /bin/bash | ||
| ENTRYPOINT [] | ||
|
|
||
| # Setup mixin | ||
| WORKDIR /home/${USER}/ws |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters