From a575a7d0ef3ad2eef713544d253584830ab73528 Mon Sep 17 00:00:00 2001 From: Ricky Heijnen Date: Fri, 15 Aug 2025 08:41:00 +0200 Subject: [PATCH 1/3] =?UTF-8?q?=F0=9F=91=B7=20Add=20lint=20and=20buid-chec?= =?UTF-8?q?k=20workflow?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/build-check.yml | 34 ++++++++++++++++++++++++++++ .github/workflows/code-lint.yml | 28 +++++++++++++++++++++++ .github/workflows/docker-publish.yml | 4 ++++ 3 files changed, 66 insertions(+) create mode 100644 .github/workflows/build-check.yml create mode 100644 .github/workflows/code-lint.yml diff --git a/.github/workflows/build-check.yml b/.github/workflows/build-check.yml new file mode 100644 index 0000000..87a71d9 --- /dev/null +++ b/.github/workflows/build-check.yml @@ -0,0 +1,34 @@ +name: Build Check + +on: + pull_request: + branches: [main] + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +jobs: + build-check: + name: Build Check + runs-on: ubuntu-latest + permissions: + contents: read + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Build image (validation only) + uses: docker/build-push-action@v6.15.0 + with: + context: . + push: false + tags: ghcr.io/${{ github.repository }}:pr-check + cache-from: type=gha,scope=image + cache-to: type=gha,mode=max,scope=image + + diff --git a/.github/workflows/code-lint.yml b/.github/workflows/code-lint.yml new file mode 100644 index 0000000..4427187 --- /dev/null +++ b/.github/workflows/code-lint.yml @@ -0,0 +1,28 @@ +name: Code Lint + +on: + pull_request: + branches: [main] + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +jobs: + lint-dockerfile: + name: Lint Dockerfile + runs-on: ubuntu-latest + permissions: + contents: read + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Lint Dockerfile with hadolint + uses: hadolint/hadolint-action@v3.1.0 + with: + dockerfile: ./Dockerfile + config: .hadolint.yaml + + diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index 1f3a8ad..e915638 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -4,6 +4,10 @@ on: push: branches: [main] +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + jobs: build-and-push: runs-on: ubuntu-latest From cdd5e02ec1f3c094d37c77bddf5d43ad42a92533 Mon Sep 17 00:00:00 2001 From: Ricky Heijnen Date: Fri, 15 Aug 2025 08:41:13 +0200 Subject: [PATCH 2/3] =?UTF-8?q?=F0=9F=9A=A8=20Fix=20lint=20errors?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Dockerfile | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 2114137..d0f3404 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,10 +2,13 @@ FROM ghcr.io/actions/actions-runner:latest USER root +# Set shell with pipefail for better error handling +SHELL ["/bin/bash", "-o", "pipefail", "-c"] + # Update and install base dependencies RUN curl -fsSL https://deb.nodesource.com/setup_22.x | bash - \ - && apt update \ - && apt install -y --no-install-recommends \ + && apt-get update \ + && apt-get install -y --no-install-recommends \ # System build tools autoconf \ automake \ @@ -37,7 +40,7 @@ RUN curl -fsSL https://deb.nodesource.com/setup_22.x | bash - \ zip \ # Linters/Formatters yamllint \ - && apt clean \ + && apt-get clean \ && rm -rf /var/lib/apt/lists/* # Install AWS CLI From 6118b7728242ec1453d3d0eab79a0df45da19702 Mon Sep 17 00:00:00 2001 From: Ricky Heijnen Date: Fri, 15 Aug 2025 08:41:29 +0200 Subject: [PATCH 3/3] =?UTF-8?q?=F0=9F=94=A7=20Add=20.hadolint=20to=20ignor?= =?UTF-8?q?e=20rules?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .hadolint.yaml | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 .hadolint.yaml diff --git a/.hadolint.yaml b/.hadolint.yaml new file mode 100644 index 0000000..558cce5 --- /dev/null +++ b/.hadolint.yaml @@ -0,0 +1,6 @@ +# .hadolint.yaml +ignored: + - DL3007 # Using latest is prone to errors if the image will ever update + - DL3008 # Pin versions in apt get install + - DL3013 # Pin versions in pip install + - DL3016 # Pin versions in npm install