diff --git a/.github/workflows/_push.json b/.github/workflows/_push.json index e0ddd56..21e9324 100644 --- a/.github/workflows/_push.json +++ b/.github/workflows/_push.json @@ -12,7 +12,7 @@ }, "jobs": { "push": { - "name": "push: ${{matrix.distro}}", + "name": "push: ${{matrix.distro}}/${{matrix.arch}}", "runs-on": "ubuntu-latest", "strategy": { "fail-fast": true, @@ -20,6 +20,10 @@ "distro": [ "alpine", "distroless" + ], + "arch": [ + "amd64", + "arm64" ] } }, @@ -50,7 +54,7 @@ "pull": true, "no-cache": true, "tags": "${{env.tag_f}},${{env.tag_d}}${{matrix.distro == 'distroless' && format(',{0},{1}', env.tag_v, env.tag_l) || ''}}", - "platforms": "linux/amd64", + "platforms": "linux/${{matrix.arch}}", "context": "{{defaultContext}}:./src", "file": "${{matrix.distro}}.dockerfile", "build-args": "DENO_VERSION=${{inputs.deno_version}}" diff --git a/.github/workflows/_push.yaml b/.github/workflows/_push.yaml index 53a06b9..f6b87a7 100644 --- a/.github/workflows/_push.yaml +++ b/.github/workflows/_push.yaml @@ -7,7 +7,7 @@ on: required: true jobs: push: - name: 'push: ${{matrix.distro}}' + name: 'push: ${{matrix.distro}}/${{matrix.arch}}' runs-on: ubuntu-latest strategy: fail-fast: true @@ -15,6 +15,9 @@ jobs: distro: - alpine - distroless + arch: + - amd64 + - arm64 env: tag_f: dojyorin/deno:${{matrix.distro}}-${{inputs.deno_version}} tag_d: dojyorin/deno:${{matrix.distro}} @@ -37,7 +40,7 @@ jobs: pull: true no-cache: true tags: ${{env.tag_f}},${{env.tag_d}}${{matrix.distro == 'distroless' && format(',{0},{1}', env.tag_v, env.tag_l) || ''}} - platforms: linux/amd64 + platforms: linux/${{matrix.arch}} context: '{{defaultContext}}:./src' file: ${{matrix.distro}}.dockerfile build-args: DENO_VERSION=${{inputs.deno_version}} \ No newline at end of file diff --git a/.github/workflows/_test.json b/.github/workflows/_test.json index 651b440..23b821e 100644 --- a/.github/workflows/_test.json +++ b/.github/workflows/_test.json @@ -12,7 +12,7 @@ }, "jobs": { "test": { - "name": "test: ${{matrix.distro}}", + "name": "test: ${{matrix.distro}}/${{matrix.arch}}", "runs-on": "ubuntu-latest", "strategy": { "fail-fast": true, @@ -20,6 +20,10 @@ "distro": [ "alpine", "distroless" + ], + "arch": [ + "amd64", + "arm64" ] } }, @@ -36,14 +40,14 @@ "pull": true, "no-cache": true, "tags": "${{github.sha}}", - "platforms": "linux/amd64", + "platforms": "linux/${{matrix.arch}}", "context": "{{defaultContext}}:./src", "file": "${{matrix.distro}}.dockerfile", "build-args": "DENO_VERSION=${{inputs.deno_version}}" } }, { "name": "test image", - "run": "docker run --rm --init ${{github.sha}} eval -p 'new Date()'" + "run": "docker run --rm --init --platform linux/${{matrix.arch}} ${{github.sha}} eval -p 'new Date()'" }] } } diff --git a/.github/workflows/_test.yaml b/.github/workflows/_test.yaml index d0ed8cd..9d77f51 100644 --- a/.github/workflows/_test.yaml +++ b/.github/workflows/_test.yaml @@ -7,7 +7,7 @@ on: required: true jobs: test: - name: 'test: ${{matrix.distro}}' + name: 'test: ${{matrix.distro}}/${{matrix.arch}}' runs-on: ubuntu-latest strategy: fail-fast: true @@ -15,6 +15,9 @@ jobs: distro: - alpine - distroless + arch: + - amd64 + - arm64 steps: - name: clone repository uses: actions/checkout@v4 @@ -26,9 +29,9 @@ jobs: pull: true no-cache: true tags: ${{github.sha}} - platforms: linux/amd64 + platforms: linux/${{matrix.arch}} context: '{{defaultContext}}:./src' file: ${{matrix.distro}}.dockerfile build-args: DENO_VERSION=${{inputs.deno_version}} - name: test image - run: docker run --rm --init ${{github.sha}} eval -p 'new Date()' \ No newline at end of file + run: docker run --rm --init --platform linux/${{matrix.arch}} ${{github.sha}} eval -p 'new Date()' \ No newline at end of file diff --git a/.github/workflows/cron.json b/.github/workflows/cron.json index c26297f..69be630 100644 --- a/.github/workflows/cron.json +++ b/.github/workflows/cron.json @@ -2,7 +2,7 @@ "name": "cron", "on": { "schedule": [{ - "cron": "0 6 * * *" + "cron": "0 0 * * *" }] }, "jobs": { @@ -17,11 +17,11 @@ ], "steps": [{ "name": "compare dockerhub tag and deno latest version", - "run": "echo deno_latest=$(! curl -Ls https://registry.hub.docker.com/v2/repositories/dojyorin/deno/tags?page_size=100 | yq '.results[].name' | grep -q ${{needs.fetch.outputs.deno_version}}; echo ${?}) >> ${GITHUB_OUTPUT}" + "run": "echo deno_latest=$(curl -Ls https://registry.hub.docker.com/v2/repositories/dojyorin/deno/tags?page_size=100 | yq '.results[].name' | grep -q ${{needs.fetch.outputs.deno_version}}; echo ${?}) >> ${{github.output}}" }] }, "test": { - "if": "${{needs.compare.outputs.deno_latest == '1'}}", + "if": "${{needs.compare.outputs.deno_latest == 1}}", "uses": "./.github/workflows/_test.yaml", "with": { "deno_version": "${{needs.fetch.outputs.deno_version}}" diff --git a/.github/workflows/cron.yaml b/.github/workflows/cron.yaml index 4e92900..b9e5425 100644 --- a/.github/workflows/cron.yaml +++ b/.github/workflows/cron.yaml @@ -1,7 +1,7 @@ name: cron on: schedule: - - cron: 0 6 * * * + - cron: 0 0 * * * jobs: fetch: uses: ./.github/workflows/_fetch.yaml @@ -12,9 +12,9 @@ jobs: - fetch steps: - name: compare dockerhub tag and deno latest version - run: echo deno_latest=$(! curl -Ls https://registry.hub.docker.com/v2/repositories/dojyorin/deno/tags?page_size=100 | yq '.results[].name' | grep -q ${{needs.fetch.outputs.deno_version}}; echo ${?}) >> ${GITHUB_OUTPUT} + run: echo deno_latest=$(curl -Ls https://registry.hub.docker.com/v2/repositories/dojyorin/deno/tags?page_size=100 | yq '.results[].name' | grep -q ${{needs.fetch.outputs.deno_version}}; echo ${?}) >> ${{github.output}} test: - if: ${{needs.compare.outputs.deno_latest == '1'}} + if: ${{needs.compare.outputs.deno_latest == 1}} uses: ./.github/workflows/_test.yaml with: deno_version: ${{needs.fetch.outputs.deno_version}} diff --git a/README.md b/README.md index c38663e..7ce358e 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ The simple and small deno docker image. -This image is published on DockerHub and synchronized with latest version of [denoland/deno](https://github.com/denoland/deno) every day at `06:00` UTC. +This image is published on DockerHub and synchronized with latest version of [denoland/deno](https://github.com/denoland/deno) every day at `00:00` UTC. Now, let's start using it! @@ -15,15 +15,15 @@ Now, let's start using it! # Tags -|OS|Tags|Arch| +|OS|Tag|Arch| |:--|:--|:--| -|Distroless (default)|`latest` `vX.Y.Z` `distroless` `distroless-vX.Y.Z`|`amd64`| -|Alpine|`alpine` `alpine-vX.Y.Z`|`amd64`| +|[distroless](https://github.com/googlecontainertools/distroless) (default)|`latest` `vX.Y.Z` `distroless` `distroless-vX.Y.Z`|`amd64` `arm64`| +|[alpine](https://github.com/alpinelinux/docker-alpine)|`alpine` `alpine-vX.Y.Z`|`amd64` `arm64`| # How to use Easy to introduce in your project. -**⚠ Notes ⚠** +**⚠ Note ⚠** - When starting container, be sure to add `--init` flag (`docker run`) or `init: true` property (`docker-compose.yml`) to avoid [PID1 problem](https://www.docker.com/blog/keep-nodejs-rockin-in-docker#:~:text=PID%201%20Problem). - For security reasons, default runtime user is `nonroot` in distroless and `nobody` in other distributions. @@ -33,7 +33,7 @@ Easy to introduce in your project. docker run --rm --init -it dojyorin/deno:latest # Run script. -docker run --rm --init --restart always -p 0.0.0.0:1993:8000 -v ./src:/data:ro dojyorin/deno:latest run /data/main.ts +docker run --rm --init --restart always -p 0.0.0.0:5000:8000 -v $(pwd)/src:/data:ro dojyorin/deno:latest run /data/main.ts ``` **As compose** @@ -44,7 +44,7 @@ services: init: true restart: always ports: - - 0.0.0.0:1993:8000 + - 0.0.0.0:5000:8000 volumes: - ./src:/data:ro command: diff --git a/src/alpine.dockerfile b/src/alpine.dockerfile index d22c346..406c63d 100644 --- a/src/alpine.dockerfile +++ b/src/alpine.dockerfile @@ -9,10 +9,10 @@ FROM gcr.io/distroless/cc-debian12:latest AS cc FROM alpine:latest AS sym -COPY --from=cc /lib/*-linux-gnu/ld-linux-* /usr/local/lib/ +COPY --from=cc --chown=root:root --chmod=755 /lib/*-linux-gnu/ld-linux-* /usr/local/lib/ -RUN mkdir /lib64 -RUN ln -s /usr/local/lib/ld-linux-* /lib64/ +RUN mkdir -p /tmp/lib +RUN ln -s /usr/local/lib/ld-linux-* /tmp/lib/ FROM alpine:latest @@ -20,7 +20,8 @@ ENV LD_LIBRARY_PATH="/usr/local/lib" COPY --from=deno --chown=root:root --chmod=755 /tmp/deno /usr/local/bin/ COPY --from=cc --chown=root:root --chmod=755 /lib/*-linux-gnu/* /usr/local/lib/ -COPY --from=sym --chown=root:root --chmod=755 /lib64 /lib64 +COPY --from=sym --chown=root:root --chmod=755 /tmp/lib /lib +COPY --from=sym --chown=root:root --chmod=755 /tmp/lib /lib64 RUN sed -i -e 's|nobody:/|nobody:/home|' /etc/passwd && chown nobody:nobody /home diff --git a/src/distroless.dockerfile b/src/distroless.dockerfile index a188871..70e068b 100644 --- a/src/distroless.dockerfile +++ b/src/distroless.dockerfile @@ -9,10 +9,10 @@ FROM gcr.io/distroless/cc-debian12:latest AS cc FROM alpine:latest AS sym -COPY --from=cc /lib/*-linux-gnu/ld-linux-* /usr/local/lib/ +COPY --from=cc --chown=root:root --chmod=755 /lib/*-linux-gnu/ld-linux-* /usr/local/lib/ -RUN mkdir /lib64 -RUN ln -s /usr/local/lib/ld-linux-* /lib64/ +RUN mkdir -p /tmp/lib +RUN ln -s /usr/local/lib/ld-linux-* /tmp/lib/ FROM gcr.io/distroless/static-debian12:latest @@ -20,7 +20,8 @@ ENV LD_LIBRARY_PATH="/usr/local/lib" COPY --from=deno --chown=root:root --chmod=755 /tmp/deno /usr/local/bin/ COPY --from=cc --chown=root:root --chmod=755 /lib/*-linux-gnu/* /usr/local/lib/ -COPY --from=sym --chown=root:root --chmod=755 /lib64 /lib64 +COPY --from=sym --chown=root:root --chmod=755 /tmp/lib /lib +COPY --from=sym --chown=root:root --chmod=755 /tmp/lib /lib64 USER nonroot ENTRYPOINT ["/usr/local/bin/deno"] \ No newline at end of file