From 7497df28fbef2382fb2eb0ebd3c57323c8439a72 Mon Sep 17 00:00:00 2001 From: Maik Hummel Date: Sat, 13 Feb 2021 13:02:24 +0100 Subject: [PATCH 1/4] Update image --- .github/workflows/docker.yml | 68 ++++++++++++++++++++++++++++++++++++ .travis.yml | 8 ----- Dockerfile | 18 +++++----- LICENSE | 2 +- README.md | 14 +++++--- 5 files changed, 88 insertions(+), 22 deletions(-) create mode 100644 .github/workflows/docker.yml delete mode 100644 .travis.yml diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml new file mode 100644 index 0000000..af35668 --- /dev/null +++ b/.github/workflows/docker.yml @@ -0,0 +1,68 @@ +name: Docker Image + +on: + schedule: + - cron: "0 14 * * *" # everyday at 2pm + push: + branches: ["**"] + tags: ["v*.*.*"] + +env: + platforms: linux/amd64 + +jobs: + main: + runs-on: ubuntu-20.04 + timeout-minutes: 20 + steps: + - name: Check out the repo + uses: actions/checkout@v2 + - name: Set imageName based on the repository name + id: step_one + run: | + imageName="${GITHUB_REPOSITORY/docker-/}" + echo $imageName + echo "imageName=$imageName" >> $GITHUB_ENV + - name: Docker meta + id: docker_meta + uses: crazy-max/ghaction-docker-meta@v1 + with: + images: ${{ env.imageName }} + - name: Set up QEMU + uses: docker/setup-qemu-action@v1 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + - name: Login to Harbor + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Buildx cache + uses: actions/cache@v1 + with: + path: ${{ github.workspace }}/cache + key: ${{ runner.os }}-docker-${{ hashfiles('cache/**') }} + restore-keys: | + ${{ runner.os }}-docker + - name: Build and push + id: docker_build + uses: docker/build-push-action@v2 + with: + platforms: ${{ env.platforms }} + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.docker_meta.outputs.tags }} + labels: ${{ steps.docker_meta.outputs.labels }} + cache-from: type=local,src=${{ github.workspace }}/cache + cache-to: type=local,dest=${{ github.workspace }}/cache + # temporarily disabled until https://github.com/aquasecurity/trivy-action/issues/22 is resolved + # - name: Run Trivy vulnerability scanner + # uses: aquasecurity/trivy-action@master + # with: + # image-ref: ${{ env.imageName }}:${{ steps.docker_meta.outputs.version }} + # format: "template" + # template: "@/contrib/sarif.tpl" + # output: "trivy-results.sarif" + # - name: Upload Trivy scan results to GitHub Security tab + # uses: github/codeql-action/upload-sarif@v1 + # with: + # sarif_file: "trivy-results.sarif" diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 3702a25..0000000 --- a/.travis.yml +++ /dev/null @@ -1,8 +0,0 @@ -sudo: required - -services: - - docker - -script: - - docker build -t bee . - - docker run bee /bin/sh -c "android list && node -v && npm -v" diff --git a/Dockerfile b/Dockerfile index 3fb3b10..ebfd752 100644 --- a/Dockerfile +++ b/Dockerfile @@ -25,12 +25,12 @@ LABEL maintainer="Maik Hummel " \ org.opencontainers.image.source="https://github.com/beevelop/docker-android-nodejs.git" # Source of the following lines (all rights belong to the Node.js contributors) -# https://github.com/nodejs/docker-node/blob/master/12/stretch-slim/Dockerfile +# https://github.com/nodejs/docker-node/blob/master/14/buster-slim/Dockerfile # LICENSE: MIT (see https://github.com/nodejs/docker-node/blob/master/LICENSE) RUN groupadd --gid 1000 node \ && useradd --uid 1000 --gid node --shell /bin/bash --create-home node -ENV NODE_VERSION 12.16.1 +ENV NODE_VERSION 14.15.5 RUN ARCH= && dpkgArch="$(dpkg --print-architecture)" \ && case "${dpkgArch##*-}" in \ @@ -47,16 +47,16 @@ RUN ARCH= && dpkgArch="$(dpkg --print-architecture)" \ && apt-get update && apt-get install -y ca-certificates curl wget gnupg dirmngr xz-utils libatomic1 --no-install-recommends \ && rm -rf /var/lib/apt/lists/* \ && for key in \ + 4ED778F539E3634C779C87C6D7062848A1AB005C \ 94AE36675C464D64BAFA68DD7434390BDBE9B9C5 \ - FD3A5288F042B6850C66B31F09FE44734EB7990E \ + 74F12602B6F1C4E913FAA37AD3A89613643B6201 \ 71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 \ - DD8F2338BAE7501E3DD5AC78C273792F7D83545D \ - C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \ - B9AE9905FFD7803F25714661B63B535A4C206CA9 \ - 77984A986EBC2AA786BC0F66B01FBB92821C587A \ 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \ - 4ED778F539E3634C779C87C6D7062848A1AB005C \ + C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \ + C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C \ + DD8F2338BAE7501E3DD5AC78C273792F7D83545D \ A48C2BEE680E841632CD4E44F07496B3EB3C1762 \ + 108F52B48DB57BB0CC439B2997B01419BD92F80A \ B9E2F5981AA6E0CD28160D9FF13993A75599653C \ ; do \ gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$key" || \ @@ -83,7 +83,7 @@ RUN ARCH= && dpkgArch="$(dpkg --print-architecture)" \ && node --version \ && npm --version -ENV YARN_VERSION 1.22.0 +ENV YARN_VERSION 1.22.5 RUN set -ex \ && savedAptMark="$(apt-mark showmanual)" \ diff --git a/LICENSE b/LICENSE index b61913b..5038ddf 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ The MIT License (MIT) -Copyright (c) 2016-2020 Maik Hummel (beevelop) +Copyright (c) 2016-2021 Maik Hummel (beevelop) Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/README.md b/README.md index 50e43ac..c857601 100644 --- a/README.md +++ b/README.md @@ -1,33 +1,39 @@ -[![Travis](https://shields.beevelop.com/travis/beevelop/docker-nodejs.svg?style=flat-square)](https://travis-ci.org/beevelop/docker-nodejs) [![Pulls](https://shields.beevelop.com/docker/pulls/beevelop/nodejs.svg?style=flat-square)](https://links.beevelop.com/d-nodejs) [![Size](https://shields.beevelop.com/docker/image/size/beevelop/nodejs/latest.svg?style=flat-square)](https://links.beevelop.com/d-nodejs) [![Layers](https://shields.beevelop.com/docker/image/layers/beevelop/nodejs/latest.svg?style=flat-square)](https://links.beevelop.com/d-nodejs) ![Badges](https://shields.beevelop.com/badge/badges-7-brightgreen.svg?style=flat-square) [![Beevelop](https://links.beevelop.com/honey-badge)](https://beevelop.com) -# Android Q (10) with Node.js `v12` and npm / yarn +# Android 11 with Node.js `v14` and npm / yarn + ### based on [beevelop/android](https://github.com/beevelop/docker-android) ----- + +--- + ### Pull from Docker Hub + ``` docker pull beevelop/android-nodejs:latest ``` ### Build from GitHub + ``` docker build -t beevelop/android-nodejs github.com/beevelop/docker-android-nodejs ``` ### Run image + ``` docker run -it beevelop/android-nodejs bash ``` ### Use as base image + ```Dockerfile FROM beevelop/android-nodejs:latest ``` ----- +--- ![One does not simply use latest](https://i.imgflip.com/1fgwxr.jpg) From 5837378bc99ee58cfd9cd25bb85022a414dc298f Mon Sep 17 00:00:00 2001 From: Maik Hummel Date: Sat, 13 Feb 2021 13:24:59 +0100 Subject: [PATCH 2/4] Use Nodesource installation routine --- Dockerfile | 105 +++++++---------------------------------------------- 1 file changed, 13 insertions(+), 92 deletions(-) diff --git a/Dockerfile b/Dockerfile index ebfd752..8a976bd 100644 --- a/Dockerfile +++ b/Dockerfile @@ -24,95 +24,16 @@ LABEL maintainer="Maik Hummel " \ org.opencontainers.image.documentation="https://github.com/beevelop/docker-android-nodejs/blob/master/README.md" \ org.opencontainers.image.source="https://github.com/beevelop/docker-android-nodejs.git" -# Source of the following lines (all rights belong to the Node.js contributors) -# https://github.com/nodejs/docker-node/blob/master/14/buster-slim/Dockerfile -# LICENSE: MIT (see https://github.com/nodejs/docker-node/blob/master/LICENSE) -RUN groupadd --gid 1000 node \ - && useradd --uid 1000 --gid node --shell /bin/bash --create-home node - -ENV NODE_VERSION 14.15.5 - -RUN ARCH= && dpkgArch="$(dpkg --print-architecture)" \ - && case "${dpkgArch##*-}" in \ - amd64) ARCH='x64';; \ - ppc64el) ARCH='ppc64le';; \ - s390x) ARCH='s390x';; \ - arm64) ARCH='arm64';; \ - armhf) ARCH='armv7l';; \ - i386) ARCH='x86';; \ - *) echo "unsupported architecture"; exit 1 ;; \ - esac \ - && set -ex \ - # libatomic1 for arm - && apt-get update && apt-get install -y ca-certificates curl wget gnupg dirmngr xz-utils libatomic1 --no-install-recommends \ - && rm -rf /var/lib/apt/lists/* \ - && for key in \ - 4ED778F539E3634C779C87C6D7062848A1AB005C \ - 94AE36675C464D64BAFA68DD7434390BDBE9B9C5 \ - 74F12602B6F1C4E913FAA37AD3A89613643B6201 \ - 71DCFD284A79C3B38668286BC97EC7A07EDE3FC1 \ - 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 \ - C4F0DFFF4E8C1A8236409D08E73BC641CC11F4C8 \ - C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C \ - DD8F2338BAE7501E3DD5AC78C273792F7D83545D \ - A48C2BEE680E841632CD4E44F07496B3EB3C1762 \ - 108F52B48DB57BB0CC439B2997B01419BD92F80A \ - B9E2F5981AA6E0CD28160D9FF13993A75599653C \ - ; do \ - gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$key" || \ - gpg --batch --keyserver hkp://ipv4.pool.sks-keyservers.net --recv-keys "$key" || \ - gpg --batch --keyserver hkp://pgp.mit.edu:80 --recv-keys "$key" ; \ - done \ - && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH.tar.xz" \ - && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" \ - && gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc \ - && grep " node-v$NODE_VERSION-linux-$ARCH.tar.xz\$" SHASUMS256.txt | sha256sum -c - \ - && tar -xJf "node-v$NODE_VERSION-linux-$ARCH.tar.xz" -C /usr/local --strip-components=1 --no-same-owner \ - && rm "node-v$NODE_VERSION-linux-$ARCH.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt \ - && apt-mark auto '.*' > /dev/null \ - && find /usr/local -type f -executable -exec ldd '{}' ';' \ - | awk '/=>/ { print $(NF-1) }' \ - | sort -u \ - | xargs -r dpkg-query --search \ - | cut -d: -f1 \ - | sort -u \ - | xargs -r apt-mark manual \ - && apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false \ - && ln -s /usr/local/bin/node /usr/local/bin/nodejs \ - # smoke tests - && node --version \ - && npm --version - -ENV YARN_VERSION 1.22.5 - -RUN set -ex \ - && savedAptMark="$(apt-mark showmanual)" \ - && apt-get update && apt-get install -y ca-certificates curl wget gnupg dirmngr --no-install-recommends \ - && rm -rf /var/lib/apt/lists/* \ - && for key in \ - 6A010C5166006599AA17F08146C2130DFD2497F5 \ - ; do \ - gpg --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys "$key" || \ - gpg --batch --keyserver hkp://ipv4.pool.sks-keyservers.net --recv-keys "$key" || \ - gpg --batch --keyserver hkp://pgp.mit.edu:80 --recv-keys "$key" ; \ - done \ - && curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz" \ - && curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz.asc" \ - && gpg --batch --verify yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz \ - && mkdir -p /opt \ - && tar -xzf yarn-v$YARN_VERSION.tar.gz -C /opt/ \ - && ln -s /opt/yarn-v$YARN_VERSION/bin/yarn /usr/local/bin/yarn \ - && ln -s /opt/yarn-v$YARN_VERSION/bin/yarnpkg /usr/local/bin/yarnpkg \ - && rm yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz \ - && apt-mark auto '.*' > /dev/null \ - && { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark > /dev/null; } \ - && find /usr/local -type f -executable -exec ldd '{}' ';' \ - | awk '/=>/ { print $(NF-1) }' \ - | sort -u \ - | xargs -r dpkg-query --search \ - | cut -d: -f1 \ - | sort -u \ - | xargs -r apt-mark manual \ - && apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false \ - # smoke test - && yarn --version +RUN apt-get update && apt-get install -y curl gnupg2 lsb-release && \ + curl -fsSL https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add - && \ + apt-key fingerprint 1655A0AB68576280 && \ + export VERSION=node_14.x && \ + export DISTRO="$(lsb_release -s -c)" && \ + echo "deb https://deb.nodesource.com/$VERSION $DISTRO main" | tee /etc/apt/sources.list.d/nodesource.list && \ + echo "deb-src https://deb.nodesource.com/$VERSION $DISTRO main" | tee -a /etc/apt/sources.list.d/nodesource.list && \ + apt-get update && apt-get install -y nodejs && \ + node -v && npm -v && \ + npm install -g yarn && \ + yarn -v && \ + apt-get clean && \ + rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* \ No newline at end of file From e6112a1662650076d20e2bbc35bfd98d8274bdf4 Mon Sep 17 00:00:00 2001 From: Maik Hummel Date: Sat, 13 Feb 2021 13:32:35 +0100 Subject: [PATCH 3/4] Remove labels --- Dockerfile | 24 ------------------------ 1 file changed, 24 deletions(-) diff --git a/Dockerfile b/Dockerfile index 8a976bd..208d9aa 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,29 +1,5 @@ FROM beevelop/android -ARG BUILD_DATE -ARG BUILD_VERSION -ARG VCS_REF - -LABEL maintainer="Maik Hummel " \ - org.label-schema.build-date=$BUILD_DATE \ - org.label-schema.version=$BUILD_VERSION \ - org.label-schema.vcs-ref=$VCS_REF \ - org.label-schema.schema-version="1.0" \ - org.label-schema.vcs-url="https://github.com/beevelop/docker-android-nodejs.git" \ - org.label-schema.name="beevelop/android-nodejs" \ - org.label-schema.vendor="Maik Hummel (beevelop)" \ - org.label-schema.description="Android with Node.js inside a container" \ - org.label-schema.url="https://beevelop.com/" \ - org.label-schema.license="MIT" \ - org.opencontainers.image.title="beevelop/android-nodejs" \ - org.opencontainers.image.description="Android with Node.js inside a container" \ - org.opencontainers.image.licenses="MIT" \ - org.opencontainers.image.authors="Maik Hummel (beevelop)" \ - org.opencontainers.image.vendor="Maik Hummel (beevelop)" \ - org.opencontainers.image.url="https://github.com/beevelop/docker-android-nodejs" \ - org.opencontainers.image.documentation="https://github.com/beevelop/docker-android-nodejs/blob/master/README.md" \ - org.opencontainers.image.source="https://github.com/beevelop/docker-android-nodejs.git" - RUN apt-get update && apt-get install -y curl gnupg2 lsb-release && \ curl -fsSL https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add - && \ apt-key fingerprint 1655A0AB68576280 && \ From 192c4b3e78dbeb4a10df792ab5a4060852cac1ba Mon Sep 17 00:00:00 2001 From: Maik Hummel Date: Sat, 13 Feb 2021 13:35:44 +0100 Subject: [PATCH 4/4] Increase timeout to 30min --- .github/workflows/docker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index af35668..34aac41 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -13,7 +13,7 @@ env: jobs: main: runs-on: ubuntu-20.04 - timeout-minutes: 20 + timeout-minutes: 30 steps: - name: Check out the repo uses: actions/checkout@v2