diff --git a/.github/workflows/dockerfile-validation.yml b/.github/workflows/dockerfile-validation.yml new file mode 100644 index 0000000..5f8d3ac --- /dev/null +++ b/.github/workflows/dockerfile-validation.yml @@ -0,0 +1,40 @@ +name: Dockerfile Validation + +on: + push: + branches: [ main ] + paths: + - 'Dockerfile' + - '.github/workflows/dockerfile-validation.yml' + pull_request: + branches: [ main ] + paths: + - 'Dockerfile' + - '.github/workflows/dockerfile-validation.yml' + +jobs: + validate-dockerfile: + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Lint Dockerfile + uses: hadolint/hadolint-action@v3.1.0 + with: + dockerfile: Dockerfile + failure-threshold: warning + + - name: Build Docker image + uses: docker/build-push-action@v5 + with: + context: . + file: ./Dockerfile + push: false + tags: test-build:latest + cache-from: type=gha + cache-to: type=gha,mode=max \ No newline at end of file diff --git a/.hadolint.yaml b/.hadolint.yaml new file mode 100644 index 0000000..fb37a90 --- /dev/null +++ b/.hadolint.yaml @@ -0,0 +1,28 @@ +# Hadolint configuration for Dockerfile linting +# See: https://github.com/hadolint/hadolint + +# Rules to ignore +ignored: + # DL3008: Pin versions in apt get install + - DL3008 + # DL3009: Delete the apt-get lists after installing something + - DL3009 + # DL3015: Avoid additional packages by specifying `--no-install-recommends` + - DL3015 + +# Rules to treat as warnings instead of errors +warning: + # DL3018: Pin versions in apk add + - DL3018 + +# Trusted registries for base images +trustedRegistries: + - docker.io + - ghcr.io + +# Override specific rules +override: + error: [] + warning: [] + info: [] + style: [] diff --git a/Dockerfile b/Dockerfile index f10f709..6341674 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,9 +1,10 @@ -FROM ghcr.io/okteto/okteto:master as okteto +FROM ghcr.io/okteto/okteto:master AS okteto -FROM golang:1.24 as message-builder +FROM golang:1.24 AS message-builder RUN curl -L https://github.com/jqlang/jq/releases/download/jq-1.7.1/jq-linux64 > /usr/bin/jq && \ chmod +x /usr/bin/jq +WORKDIR /app COPY go.mod . COPY message.go . RUN go build -o /message . @@ -11,10 +12,10 @@ RUN go build -o /message . FROM ruby:3-slim-buster -RUN gem install octokit faraday-retry +RUN gem install octokit:10.0.0 faraday-retry:2.3.2 COPY notify-pr.sh /notify-pr.sh -RUN chmod +x notify-pr.sh +RUN chmod +x /notify-pr.sh COPY --from=message-builder /usr/bin/jq /usr/bin/jq COPY entrypoint.sh /entrypoint.sh COPY --from=message-builder /message /message diff --git a/README.md b/README.md index 13d867d..e06a02c 100644 --- a/README.md +++ b/README.md @@ -113,3 +113,22 @@ jobs: name: dev-previews timeout: 15m ``` + +## Development + +### Dockerfile Validation + +This repository includes automated validation for the Dockerfile to ensure it always builds successfully: + +- **GitHub Action**: The `.github/workflows/dockerfile-validation.yml` workflow automatically runs on every push and pull request that modifies the Dockerfile +- **Local Validation**: Use the `validate-dockerfile.sh` script to test the Dockerfile locally before pushing: + ```bash + ./validate-dockerfile.sh + ``` + +The validation includes: +- Dockerfile linting with [hadolint](https://github.com/hadolint/hadolint) +- Building the Docker image +- Testing that the container runs successfully +- Verifying that required binaries are present +- Checking that the entrypoint is executable diff --git a/validate-dockerfile.sh b/validate-dockerfile.sh new file mode 100755 index 0000000..b3eeb94 --- /dev/null +++ b/validate-dockerfile.sh @@ -0,0 +1,66 @@ +#!/bin/bash + +# Script to validate Dockerfile locally +# This script can be run locally to test the Dockerfile before pushing + +set -e + +echo "๐Ÿ” Validating Dockerfile..." + +# Check if Docker is available +if ! command -v docker &> /dev/null; then + echo "โŒ Docker is not installed or not in PATH" + exit 1 +fi + +# Check if Dockerfile exists +if [ ! -f "Dockerfile" ]; then + echo "โŒ Dockerfile not found in current directory" + exit 1 +fi + +echo "โœ… Docker is available" +echo "โœ… Dockerfile found" + +# Build the Docker image +echo "๐Ÿ—๏ธ Building Docker image..." +if docker build -t dockerfile-test:latest .; then + echo "โœ… Docker image built successfully" +else + echo "โŒ Docker build failed" + exit 1 +fi + +# Test basic functionality +echo "๐Ÿงช Testing Docker image..." + +# Test that the image runs +if docker run --rm dockerfile-test:latest /bin/sh -c "echo 'Container started successfully'"; then + echo "โœ… Container runs successfully" +else + echo "โŒ Container failed to run" + exit 1 +fi + +# Test that required binaries are present +echo "๐Ÿ” Checking required binaries..." +if docker run --rm dockerfile-test:latest /bin/sh -c "which okteto && which jq && which ruby"; then + echo "โœ… All required binaries are present" +else + echo "โŒ Some required binaries are missing" + exit 1 +fi + +# Test that entrypoint is executable +if docker run --rm dockerfile-test:latest /bin/sh -c "test -x /entrypoint.sh"; then + echo "โœ… Entrypoint is executable" +else + echo "โŒ Entrypoint is not executable" + exit 1 +fi + +# Clean up +echo "๐Ÿงน Cleaning up..." +docker rmi dockerfile-test:latest + +echo "๐ŸŽ‰ All tests passed! Dockerfile is valid." \ No newline at end of file