Merge branch 'main' into renovate/golang-1.x

2025-01-28 10:23:04 +03:00 · 2025-01-28 10:23:04 +03:00 · 82f78ebb24
commit 82f78ebb24
parent 0894c420fa 5c882b036d
3 changed files with 47 additions and 13 deletions
--- a/.gitea/workflows/docker.yml
+++ b/.gitea/workflows/docker.yml
@ -0,0 +1,28 @@
+name: Build docker image
+
+on:
+  push:
+    branches: ["main"]
+
+env:
+  REGISTRY: git.matterlinux.xyz
+  IMAGE: ${{gitea.repository}}
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: "https://github.com/actions/checkout@v4"
+
+      - name: Login to container repo
+        uses: "https://github.com/docker/login-action@v1"
+        with:
+          registry: ${{env.REGISTRY}}
+          username: ${{gitea.actor}}
+          password: ${{secrets.PACKAGES_TOKEN}}
+
+      - name: Build image
+        run: |
+          docker build --tag ${{env.REGISTRY}}/${{env.IMAGE}}:latest .
+          docker push ${{env.REGISTRY}}/${{env.IMAGE}}:latest
--- a/11
+++ b/11
@ -2,16 +2,23 @@ FROM golang:1.23.5

 WORKDIR /app

-COPY *.go  ./
+RUN useradd runner -r -u 1001 -d /app
+RUN chown -R runner:runner /app
+USER runner
+
 COPY *.mod    ./
 COPY *.sum    ./

+RUN go mod download
+
+COPY *.go      ./
+COPY Makefile  ./
 COPY lib       ./lib
 COPY log       ./log
 COPY public    ./public
 COPY routes    ./routes
 COPY templates ./templates

-RUN go build
+RUN make

 ENTRYPOINT ["/app/security"]
--- a/README.md
+++ b/README.md
@ -1,25 +1,24 @@
 # security | MatterLinux security tracker
+
+![](https://git.matterlinux.xyz/matter/security/actions/workflows/docker.yml/badge.svg)
+
 Soruce code of MatterLinux's security tracker, located at
 [security.matterlinux.xyz](https://security.matterlinux.xyz)

 ### Deployment
-Web server can be built and deployed with docker compose, here is an
-example configuration:
+Web server can be deployed with docker compose, here is an example configuration:
 ```yaml
-version: "3"
-
 services:
  security:
-    image: mattersecurity
-    restart: unless-stopped
-    build:
-      context: ./
+    container_name: mattersecurity
+    image: git.matterlinux.xyz/matter/security
    ports:
      - "127.0.0.1:9876:9876"
    volumes:
      - "./db:/app/db"
+    restart: unless-stopped
 ```
-After saving the configuration file, you can build and run the docker container:
+After saving the configuration file, you can run the docker container:
 ```bash
 docker-compose up -d
 ```