From 4a753280d37be9fefea2175d70e0e602de37628c Mon Sep 17 00:00:00 2001 From: Dmytro Bondar Date: Sat, 9 Nov 2024 18:13:21 +0100 Subject: [PATCH] chore: workflow updates (#17) - Pin base image digest - Replace wget by curl - Publish new image on each push to `main` branch - Remove release workflow - Update README --- .github/renovate.json | 22 +++++----------------- .github/workflows/docker.yaml | 8 +++----- .github/workflows/release.yaml | 27 --------------------------- Dockerfile | 8 ++++---- README.md | 9 +++++---- version | 1 - 6 files changed, 17 insertions(+), 58 deletions(-) delete mode 100644 .github/workflows/release.yaml delete mode 100644 version diff --git a/.github/renovate.json b/.github/renovate.json index 014e767..9245e3c 100644 --- a/.github/renovate.json +++ b/.github/renovate.json @@ -1,29 +1,17 @@ { "$schema": "https://docs.renovatebot.com/renovate-schema.json", - "extends": [ - "config:recommended", - ":disableDependencyDashboard" - ], + "extends": ["config:recommended", ":disableDependencyDashboard"], "automerge": true, "automergeStrategy": "squash", - "enabledManagers": [ - "dockerfile", - "github-actions", - "custom.regex" - ], + "enabledManagers": ["custom.regex", "dockerfile", "github-actions"], "customManagers": [ { "customType": "regex", - "description": "Update sqlcmd version", + "description": ["Update sqlcmd version"], "datasourceTemplate": "github-releases", "depNameTemplate": "microsoft/go-sqlcmd", - "fileMatch": [ - "^Dockerfile$", - "^version$" - ], - "matchStrings": [ - "(?:ARG )?SQLCMD_VERSION=(?.+?)\\s" - ] + "fileMatch": ["^Dockerfile$"], + "matchStrings": ["ARG SQLCMD_VERSION=(?.+?)\\s"] } ] } diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml index 58dfbdd..f7554a3 100644 --- a/.github/workflows/docker.yaml +++ b/.github/workflows/docker.yaml @@ -7,8 +7,8 @@ name: Docker on: pull_request: branches: [main] - release: - types: [published] + push: + branches: [main] permissions: packages: write @@ -22,14 +22,12 @@ jobs: - uses: docker/setup-buildx-action@v3 - name: Login to Docker Hub - if: ${{ github.event_name == 'release' }} uses: docker/login-action@v3 with: username: ${{ github.repository_owner }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Login to GitHub Container Registry - if: ${{ github.event_name == 'release' }} uses: docker/login-action@v3 with: registry: ghcr.io @@ -51,4 +49,4 @@ jobs: tags: ${{ steps.meta.outputs.tags }} platforms: linux/amd64,linux/arm64,linux/s390x provenance: false - push: ${{ github.event_name == 'release' }} + push: ${{ github.event_name == 'push' }} diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml deleted file mode 100644 index e5d5813..0000000 --- a/.github/workflows/release.yaml +++ /dev/null @@ -1,27 +0,0 @@ -# The workflow is used to publish new release on every "version" file change. -name: Release - -on: - push: - branches: [main] - paths: [version] - -jobs: - update: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - uses: actions/create-github-app-token@v1 - id: app - with: - app-id: ${{ vars.GH_APP_ID }} - private-key: ${{ secrets.GH_APP_PRIVATE_KEY }} - - - name: Create release - env: - GH_TOKEN: ${{ steps.app.outputs.token }} - run: | - set -u - . version - echo "Creating release for ${SQLCMD_VERSION}" - gh release create ${SQLCMD_VERSION} --latest diff --git a/Dockerfile b/Dockerfile index 9006d4b..148e276 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,12 +1,12 @@ FROM --platform=${BUILDPLATFORM} alpine:3 AS tools ARG SQLCMD_VERSION=v1.8.0 ARG TARGETARCH -RUN apk add jq --no-cache && \ - wget -c -O - $(wget -q -O - https://api.github.com/repos/microsoft/go-sqlcmd/releases/tags/${SQLCMD_VERSION} \ - | jq -r --arg arch "${TARGETARCH}" '.assets[] | select(.name | test(".*linux.*" + $arch + ".*")).browser_download_url' ) \ +RUN apk add --update-cache --no-cache curl jq xz && \ + curl -sSL $(curl -sSL "https://api.github.com/repos/microsoft/go-sqlcmd/releases/tags/${SQLCMD_VERSION}" | \ + jq -r --arg arch "${TARGETARCH}" '.assets[] | select(.name | test(".*linux.*" + $arch + ".*")).browser_download_url') \ | tar -xj -FROM gcr.io/distroless/static:nonroot +FROM gcr.io/distroless/static:nonroot@sha256:3a03fc0826340c7deb82d4755ca391bef5adcedb8892e58412e1a6008199fa91 COPY --from=tools /sqlcmd /sqlcmd USER nonroot:nonroot ENTRYPOINT ["/sqlcmd"] diff --git a/README.md b/README.md index 429bce5..ba53f37 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,10 @@ # [go-sqlcmd](https://github.com/microsoft/go-sqlcmd) docker image -[![Docker](https://github.com/bonddim/go-sqlcmd/actions/workflows/docker.yaml/badge.svg?event=release)](https://github.com/bonddim/go-sqlcmd/actions/workflows/docker.yaml) -![Docker Image Size](https://img.shields.io/docker/image-size/bonddim/go-sqlcmd) -[![Docker Pulls](https://img.shields.io/docker/pulls/bonddim/go-sqlcmd)](https://hub.docker.com/r/bonddim/go-sqlcmd) -[![GitHub Release](https://img.shields.io/github/v/release/bonddim/go-sqlcmd)](https://github.com/bonddim/go-sqlcmd/releases/latest) +[docker-hub]: https://hub.docker.com/r/bonddim/go-sqlcmd +[![Docker](https://github.com/bonddim/go-sqlcmd/actions/workflows/docker.yaml/badge.svg)](https://github.com/bonddim/go-sqlcmd/actions/workflows/docker.yaml) +[![Docker Image Version](https://img.shields.io/docker/v/bonddim/go-sqlcmd)][docker-hub] +[![Docker Image Size](https://img.shields.io/docker/image-size/bonddim/go-sqlcmd)][docker-hub] +[![Docker Pulls](https://img.shields.io/docker/pulls/bonddim/go-sqlcmd)][docker-hub] [![GitHub License](https://img.shields.io/github/license/bonddim/go-sqlcmd)](https://github.com/bonddim/go-sqlcmd?tab=MIT-1-ov-file) ## About diff --git a/version b/version deleted file mode 100644 index 9a4c98a..0000000 --- a/version +++ /dev/null @@ -1 +0,0 @@ -SQLCMD_VERSION=v1.8.0