From e3bfdebe5d97938ff245727b15614403e2ffa668 Mon Sep 17 00:00:00 2001 From: Robert Wlodarczyk Date: Sat, 24 Jun 2023 14:31:13 -0700 Subject: [PATCH] chore: move build to the repo rather than the dockerfiles repo. --- .github/FUNDING.yml | 3 ++ .github/workflows/build.yml | 75 +++++++++++++++++++++++++++++++ .pre-commit-config.yaml | 32 +++++++++++++ Dockerfile | 40 +++++++++++++---- README.md | 27 +++++++---- config-samples/config.sample.toml | 1 - 6 files changed, 159 insertions(+), 19 deletions(-) create mode 100644 .github/FUNDING.yml create mode 100644 .github/workflows/build.yml create mode 100644 .pre-commit-config.yaml diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml new file mode 100644 index 0000000..d2b5d24 --- /dev/null +++ b/.github/FUNDING.yml @@ -0,0 +1,3 @@ +github: [SimplicityGuy] +ko_fi: robertwlodarczyk +custom: [paypal.me/RWlodarczyk] diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000..1a02c05 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,75 @@ +--- +name: crontab + +on: + workflow_dispatch: + push: + branches: + - main + pull_request: + branches: + - main + schedule: + - cron: '0 1 * * 6' + +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.actor }}/crontab + +jobs: + build-crontab: + runs-on: ubuntu-latest + + permissions: + contents: read + packages: write + + steps: + - name: Checkout repository. + uses: actions/checkout@v3 + with: + submodules: true + + - name: Log in to the GitHub Container Registry. + if: github.event_name != 'pull_request' + uses: docker/login-action@v2 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GHCR_TOKEN }} + + - name: Extract metadata (tags, labels) for Docker. + id: meta + uses: docker/metadata-action@v4 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + tags: | + type=raw,value=latest,enable={{is_default_branch}} + type=ref,event=branch + type=ref,event=pr + type=schedule,pattern={{date 'YYYYMMDD'}} + + - name: Set up QEMU. + uses: docker/setup-qemu-action@v2 + + - name: Set up Docker Buildx. + uses: docker/setup-buildx-action@v2 + with: + platforms: linux/amd64, linux/arm64 + + - name: Build and push Docker image to GitHub Container Registry. + uses: docker/build-push-action@v4 + with: + context: . + platforms: linux/amd64, linux/arm64 + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + provenance: true + sbom: true + + - name: Send notification to Discord. + uses: sarisia/actions-status-discord@v1.12.0 + if: always() + with: + webhook: ${{ secrets.DISCORD_WEBHOOK }} diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..38e4936 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,32 @@ +--- +repos: + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v4.4.0 + hooks: + - id: check-added-large-files + - id: check-executables-have-shebangs + - id: check-merge-conflict + - id: check-shebang-scripts-are-executable + - id: check-yaml + - id: detect-aws-credentials + - id: detect-private-key + - id: end-of-file-fixer + - id: mixed-line-ending + - id: trailing-whitespace + + - repo: https://github.com/python-jsonschema/check-jsonschema + rev: 0.23.2 + hooks: + - id: check-github-workflows + + - repo: https://github.com/executablebooks/mdformat + rev: 0.7.16 + hooks: + - id: mdformat + additional_dependencies: + - mdformat-gfm + + - repo: https://github.com/hadolint/hadolint + rev: v2.12.1-beta + hooks: + - id: hadolint diff --git a/Dockerfile b/Dockerfile index 899de74..91263d5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,23 +1,44 @@ -FROM alpine:latest as rq-build +#hadolint ignore=DL3007 +FROM alpine:latest as builder + +LABEL org.opencontainers.image.title="crontab builder" \ + org.opencontainers.image.description="crontab builder" \ + org.opencontainers.image.authors="robert@simplicityguy.com" \ + org.opencontainers.image.source="https://github.com/SimplicityGuy/alertmanager-discord/blob/main/Dockerfile" \ + org.opencontainers.image.licenses="MIT" \ + org.opencontainers.image.created="$(date +'%Y-%m-%d')" \ + org.opencontainers.image.base.name="docker.io/library/alpine" ENV RQ_VERSION=1.0.2 WORKDIR /usr/bin/rq/ -RUN apk update && \ - apk upgrade && \ - apk add --no-cache \ +#hadolint ignore=DL3018 +RUN apk update --quiet --no-cache && \ + apk upgrade --quiet --no-cache && \ + apk add --quiet --no-cache \ upx && \ - wget https://github.com/dflemstr/rq/releases/download/v${RQ_VERSION}/rq-v${RQ_VERSION}-x86_64-unknown-linux-musl.tar.gz && \ + rm /var/cache/apk/* && \ + wget --quiet https://github.com/dflemstr/rq/releases/download/v${RQ_VERSION}/rq-v${RQ_VERSION}-x86_64-unknown-linux-musl.tar.gz && \ tar -xvf rq-v${RQ_VERSION}-x86_64-unknown-linux-musl.tar.gz && \ upx --brute rq +#hadolint ignore=DL3007 FROM docker:latest as release +LABEL org.opencontainers.image.title="crontab" \ + org.opencontainers.image.description="A docker job scheduler (aka crontab for docker)." \ + org.opencontainers.image.authors="robert@simplicityguy.com" \ + org.opencontainers.image.source="https://github.com/SimplicityGuy/docker-crontab/blob/main/Dockerfile" \ + org.opencontainers.image.licenses="MIT" \ + org.opencontainers.image.created="$(date +'%Y-%m-%d')" \ + org.opencontainers.image.base.name="docker.io/library/docker" + ENV HOME_DIR=/opt/crontab -RUN apk update && \ - apk upgrade && \ - apk add --no-cache \ +#hadolint ignore=DL3018 +RUN apk update --quiet --no-cache && \ + apk upgrade --quiet --no-cache && \ + apk add --quiet --no-cache \ bash \ coreutils \ curl \ @@ -25,11 +46,12 @@ RUN apk update && \ jq \ tini \ wget && \ + rm /var/cache/apk/* && \ mkdir -p ${HOME_DIR}/jobs && \ rm -rf /etc/periodic /etc/crontabs/root && \ adduser -S docker -D -COPY --from=rq-build /usr/bin/rq/rq /usr/local/bin +COPY --from=builder /usr/bin/rq/rq /usr/local/bin COPY entrypoint.sh / ENTRYPOINT ["/sbin/tini", "--", "/entrypoint.sh"] diff --git a/README.md b/README.md index 5a625ca..7198946 100644 --- a/README.md +++ b/README.md @@ -1,12 +1,16 @@ # crontab +![crontab](https://github.com/SimplicityGuy/adocker-crontab/actions/workflows/build.yml/badge.svg) ![License: MIT](https://img.shields.io/github/license/SimplicityGuy/docker-crontab) [![pre-commit](https://img.shields.io/badge/pre--commit-enabled-brightgreen?logo=pre-commit)](https://github.com/pre-commit/pre-commit) + A simple wrapper over `docker` to all complex cron job to be run in other containers. ## Why? -Yes, I'm aware of [mcuadros/ofelia](https://github.com/mcuadros/ofelia) (>250MB when this was created), it was the main inspiration for this project. + +Yes, I'm aware of [mcuadros/ofelia](https://github.com/mcuadros/ofelia) (>250MB when this was created), it was the main inspiration for this project. A great project, don't get me wrong. It was just missing certain key enterprise features I felt were required to support where docker is heading. ## Features + - Easy to read schedule syntax allowed. - Allows for comments, cause we all need friendly reminders of what `update_script.sh` actually does. - Start an image using `image`. @@ -15,6 +19,7 @@ A great project, don't get me wrong. It was just missing certain key enterprise - Ability to share settings between cron jobs using `~~shared-settings` as a key. ## Config file + The config file can be specified in any of `json`, `toml`, or `yaml`, and can be defined as either an array or mapping (top-level keys will be ignored; can be useful for organizing commands) - `name`: Human readable name that will be used as the job filename. Will be converted into a slug. Optional. @@ -24,7 +29,7 @@ The config file can be specified in any of `json`, `toml`, or `yaml`, and can be - `image`: Docker images name (ex `library/alpine:3.5`). Optional. - `container`: Full container name. Ignored if `image` is included. Optional. - `dockerargs`: Command line docker `run`/`exec` arguments for full control. Defaults to ` `. -- `trigger`: Array of docker-crontab subset objects. Sub-set includes: `image`, `container`, `command`, `dockerargs` +- `trigger`: Array of docker-crontab subset objects. Sub-set includes: `image`, `container`, `command`, `dockerargs` - `onstart`: Run the command on `crontab` container start, set to `true`. Optional, defaults to false. See [`config-samples`](config-samples) for examples. @@ -54,6 +59,7 @@ See [`config-samples`](config-samples) for examples. ## How to use ### Command Line + ```bash docker build -t crontab . docker run -d \ @@ -65,16 +71,18 @@ docker run -d \ ``` ### Use with docker-compose + 1. Figure out which network name used for your docker-compose containers - * use `docker network ls` to see existing networks - * if your `docker-compose.yml` is in `my_dir` directory, you probably has network `my_dir_default` - * otherwise [read the docker-compose docs](https://docs.docker.com/compose/networking/) -2. Add `dockerargs` to your docker-crontab `config.json` - * use `--network NETWORK_NAME` to connect new container into docker-compose network - * use `--name NAME` to use named container - * e.g. `"dockerargs": "--it"` + - use `docker network ls` to see existing networks + - if your `docker-compose.yml` is in `my_dir` directory, you probably has network `my_dir_default` + - otherwise [read the docker-compose docs](https://docs.docker.com/compose/networking/) +1. Add `dockerargs` to your docker-crontab `config.json` + - use `--network NETWORK_NAME` to connect new container into docker-compose network + - use `--name NAME` to use named container + - e.g. `"dockerargs": "--it"` ### Dockerfile + ```Dockerfile FROM registry.gitlab.com/simplicityguy/docker/crontab @@ -82,6 +90,7 @@ COPY config.json ${HOME_DIR}/ ``` ### Logrotate Dockerfile + ```Dockerfile FROM registry.gitlab.com/simplicityguy/docker/crontab diff --git a/config-samples/config.sample.toml b/config-samples/config.sample.toml index 5320c3f..b185048 100644 --- a/config-samples/config.sample.toml +++ b/config-samples/config.sample.toml @@ -47,4 +47,3 @@ onstart = true command = "sh -c '/etc/scripts/make_hpkp ${NGINX_DOMAIN} && /usr/sbin/nginx -t && /usr/sbin/nginx -s reload'" project = "conduit" container = "nginx" -