From 7df424cbf1ff0ed3c88bc4f9da4dab8046cad58f Mon Sep 17 00:00:00 2001 From: appleboy Date: Sun, 24 Dec 2023 20:09:36 +0800 Subject: [PATCH] chore: update Dockerfile and add .hadolint.yaml - Add a new file `.hadolint.yaml` - Ignore the `DL3018` and `DL3008` rules in `.hadolint.yaml` - Update the base image in `docker/Dockerfile` from `alpine:3.17` to `alpine:3.19` - Remove the labels `org.label-schema.name`, `org.label-schema.vendor`, and `org.label-schema.schema-version` in `docker/Dockerfile` - Update the package installation command in `docker/Dockerfile` to remove the specific version of `ca-certificates` - Add a new user and group `deploy` with UID and GID `1000` in `docker/Dockerfile` - Create a directory `/home/deploy` and change its ownership to `deploy:deploy` in `docker/Dockerfile` - Set the user and group to `deploy:deploy` with UID and GID `1000` in `docker/Dockerfile` - Copy the `drone-scp` binary to `/bin/` in `docker/Dockerfile` Signed-off-by: appleboy --- .hadolint.yaml | 3 +++ docker/Dockerfile | 26 ++++++++++++++++++++------ 2 files changed, 23 insertions(+), 6 deletions(-) create mode 100644 .hadolint.yaml diff --git a/.hadolint.yaml b/.hadolint.yaml new file mode 100644 index 0000000..502b578 --- /dev/null +++ b/.hadolint.yaml @@ -0,0 +1,3 @@ +ignored: + - DL3018 + - DL3008 diff --git a/docker/Dockerfile b/docker/Dockerfile index a6fda7d..13cba49 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,20 +1,34 @@ -FROM alpine:3.17 +FROM alpine:3.19 ARG TARGETOS ARG TARGETARCH -LABEL maintainer="Bo-Yi Wu " \ - org.label-schema.name="SCP Plugin" \ - org.label-schema.vendor="Bo-Yi Wu" \ - org.label-schema.schema-version="1.0" +LABEL maintainer="Bo-Yi Wu " LABEL org.opencontainers.image.source=https://github.com/appleboy/drone-scp LABEL org.opencontainers.image.description="Copy files and artifacts via SSH" LABEL org.opencontainers.image.licenses=MIT -RUN apk add --no-cache ca-certificates=20220614-r4 && \ +RUN apk add --no-cache ca-certificates && \ rm -rf /var/cache/apk/* +RUN addgroup \ + -S -g 1000 \ + deploy && \ + adduser \ + -S -H -D \ + -h /home/deploy \ + -s /bin/sh \ + -u 1000 \ + -G deploy \ + deploy + +RUN mkdir -p /home/deploy +RUN chown deploy:deploy /home/deploy + +# deploy:deploy +USER 1000:1000 + COPY release/${TARGETOS}/${TARGETARCH}/drone-scp /bin/ ENTRYPOINT ["/bin/drone-scp"]