From 72ed0001baee026a7319108ebc0919e61507291a Mon Sep 17 00:00:00 2001 From: ngn Date: Tue, 28 Jan 2025 08:38:02 +0300 Subject: [PATCH 1/3] new: docker image workflow Signed-off-by: ngn --- .gitea/workflows/docker.yml | 28 ++++++++++++++++++++++++++++ Dockerfile | 15 +++++++++++---- 2 files changed, 39 insertions(+), 4 deletions(-) create mode 100644 .gitea/workflows/docker.yml diff --git a/.gitea/workflows/docker.yml b/.gitea/workflows/docker.yml new file mode 100644 index 0000000..cdd601d --- /dev/null +++ b/.gitea/workflows/docker.yml @@ -0,0 +1,28 @@ +name: Build docker image + +on: + push: + branches: ["main"] + +env: + REGISTRY: git.matterlinux.xyz + IMAGE: ${{gitea.repository}} + +jobs: + build: + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: "https://github.com/actions/checkout@v4" + + - name: Login to container repo + uses: "https://github.com/docker/login-action@v1" + with: + registry: ${{env.REGISTRY}} + username: ${{gitea.actor}} + password: ${{secrets.PACKAGES_TOKEN}} + + - name: Build image + run: | + docker build --tag ${{env.REGISTRY}}/${{env.IMAGE}}:latest . + docker push ${{env.REGISTRY}}/${{env.IMAGE}}:latest diff --git a/Dockerfile b/Dockerfile index 78d3a74..b419e42 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,16 +2,23 @@ FROM golang:1.23.2 WORKDIR /app -COPY *.go ./ -COPY *.mod ./ -COPY *.sum ./ +RUN useradd runner -r -u 1001 -d /app +RUN chown -R runner:runner /app +USER runner +COPY *.mod ./ +COPY *.sum ./ + +RUN go mod download + +COPY *.go ./ +COPY Makefile ./ COPY lib ./lib COPY log ./log COPY public ./public COPY routes ./routes COPY templates ./templates -RUN go build +RUN make ENTRYPOINT ["/app/security"] From 90571076f0bd90a147a45cdecf57d2b1ebe393b4 Mon Sep 17 00:00:00 2001 From: ngn Date: Tue, 28 Jan 2025 08:40:41 +0300 Subject: [PATCH 2/3] [skip ci] update: readme deployment instructions Signed-off-by: ngn --- README.md | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 1749b64..4f94e90 100644 --- a/README.md +++ b/README.md @@ -3,23 +3,19 @@ Soruce code of MatterLinux's security tracker, located at [security.matterlinux.xyz](https://security.matterlinux.xyz) ### Deployment -Web server can be built and deployed with docker compose, here is an -example configuration: +Web server can be deployed with docker compose, here is an example configuration: ```yaml -version: "3" - services: security: - image: mattersecurity - restart: unless-stopped - build: - context: ./ + container_name: mattersecurity + image: git.matterlinux.xyz/matter/security ports: - "127.0.0.1:9876:9876" volumes: - "./db:/app/db" + restart: unless-stopped ``` -After saving the configuration file, you can build and run the docker container: +After saving the configuration file, you can run the docker container: ```bash docker-compose up -d ``` From 5c882b036d81479527f4eecbe4ff7be6b6103c09 Mon Sep 17 00:00:00 2001 From: ngn Date: Tue, 28 Jan 2025 09:59:46 +0300 Subject: [PATCH 3/3] [skip ci] udpate: README workflow badge Signed-off-by: ngn --- README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README.md b/README.md index 4f94e90..01f031c 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,7 @@ # security | MatterLinux security tracker + +![](https://git.matterlinux.xyz/matter/security/actions/workflows/docker.yml/badge.svg) + Soruce code of MatterLinux's security tracker, located at [security.matterlinux.xyz](https://security.matterlinux.xyz)