-
Notifications
You must be signed in to change notification settings - Fork 6
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
docker_scout_recommendation function
- Loading branch information
1 parent
63f0fd2
commit fd8c3f6
Showing
18 changed files
with
310 additions
and
6 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
use flake |
36 changes: 36 additions & 0 deletions
36
prompts/functions/docker_scout_tag_recommendation/Dockerfile
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
|
||
# syntax = docker/dockerfile:1.4 | ||
FROM nixos/nix:2.21.1@sha256:3f6c77ee4d2c82e472e64e6cd7087241dc391421a0b42c22e6849c586d5398d9 AS builder | ||
|
||
WORKDIR /tmp/build | ||
RUN mkdir /tmp/nix-store-closure | ||
|
||
# ignore SC2046 because the output of nix-store -qR will never have spaces - this is safe here | ||
# hadolint ignore=SC2046 | ||
RUN --mount=type=cache,target=/nix,from=nixos/nix:2.21.1,source=/nix \ | ||
--mount=type=cache,target=/root/.cache \ | ||
--mount=type=bind,target=/tmp/build \ | ||
<<EOF | ||
nix \ | ||
--extra-experimental-features "nix-command flakes" \ | ||
--option filter-syscalls false \ | ||
--extra-trusted-substituters "https://cache.iog.io" \ | ||
--extra-trusted-public-keys "hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ=" \ | ||
--show-trace \ | ||
--log-format raw \ | ||
build . --out-link /tmp/output/result | ||
cp -R $(nix-store -qR /tmp/output/result) /tmp/nix-store-closure | ||
## compute SBOM for the entire runtime graph | ||
#nix \ | ||
#--extra-experimental-features "nix-command flakes" \ | ||
#run github:tiiuae/sbomnix#sbomnix -- /tmp/output/result --spdx /tmp/sbom.spdx.json | ||
EOF | ||
|
||
FROM scratch | ||
|
||
WORKDIR /app | ||
|
||
COPY --from=builder /tmp/nix-store-closure /nix/store | ||
COPY --from=builder /tmp/output/ /app/ | ||
|
||
ENTRYPOINT ["/app/result/bin/entrypoint"] |
35 changes: 35 additions & 0 deletions
35
prompts/functions/docker_scout_tag_recommendation/README.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
# Function | ||
|
||
In the functions section include the following definition: | ||
|
||
```yaml | ||
functions: | ||
- name: write_files | ||
description: Write a set of files to my project | ||
parameters: | ||
type: object | ||
properties: | ||
files: | ||
type: array | ||
items: | ||
type: object | ||
properties: | ||
path: | ||
type: string | ||
description: the relative path to the file that should be written | ||
content: | ||
type: string | ||
description: the content that should be written to a file | ||
executable: | ||
type: boolean | ||
description: whether to make the file executable | ||
container: | ||
image: vonwig/function_write_files:latest | ||
``` | ||
The container above will run with a `rw` mount which gives it access | ||
to the root of the project. | ||
|
||
* the `path` parameter is a relative path from the project root | ||
* the content is intended to replace what is already in the file | ||
* the executable flag should be used to set the executable bit on the file |
116 changes: 116 additions & 0 deletions
116
prompts/functions/docker_scout_tag_recommendation/flake.lock
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
61 changes: 61 additions & 0 deletions
61
prompts/functions/docker_scout_tag_recommendation/flake.nix
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,61 @@ | ||
{ | ||
description = "docker_scout_tag_recommendation function"; | ||
|
||
inputs = { | ||
nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11"; | ||
# can't update graal right now - this is from Aug '23 | ||
flake-utils.url = "github:numtide/flake-utils"; | ||
devshell = { | ||
url = "github:numtide/devshell"; | ||
inputs.nixpkgs.follows = "nixpkgs"; | ||
}; | ||
}; | ||
|
||
outputs = { self, nixpkgs, flake-utils, devshell, ...}@inputs: | ||
|
||
flake-utils.lib.eachDefaultSystem | ||
(system: | ||
let | ||
overlays = [ | ||
devshell.overlays.default | ||
]; | ||
# don't treat pkgs as meaning nixpkgs - treat it as all packages! | ||
pkgs = import nixpkgs { | ||
inherit overlays system; | ||
}; | ||
|
||
in rec | ||
{ | ||
scripts = pkgs.stdenv.mkDerivation { | ||
name = "scripts"; | ||
src = ./.; | ||
installPhase = '' | ||
mkdir -p $out/resources | ||
cp -R . $out | ||
cp init.clj $out | ||
''; | ||
}; | ||
entrypoint = pkgs.writeShellScriptBin "entrypoint" '' | ||
OLD_PWD="$PWD" | ||
cd ${scripts} | ||
${pkgs.babashka}/bin/bb init.clj $OLD_PWD "$@" | ||
''; | ||
packages = rec { | ||
default = pkgs.buildEnv { | ||
name = "install"; | ||
paths = [ | ||
pkgs.coreutils | ||
entrypoint | ||
]; | ||
}; | ||
}; | ||
|
||
devShells.default = pkgs.devshell.mkShell { | ||
name = "devshell"; | ||
packages = with pkgs; [ babashka clojure ]; | ||
|
||
commands = [ | ||
]; | ||
}; | ||
}); | ||
} |
26 changes: 26 additions & 0 deletions
26
prompts/functions/docker_scout_tag_recommendation/init.clj
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
(ns init | ||
(:require | ||
[babashka.fs :as fs] | ||
[babashka.process :as process] | ||
[cheshire.core :as json] | ||
[clojure.string :as string])) | ||
|
||
(defn -command [& args] | ||
(try | ||
(let [repository (:repository (json/parse-string (second args) true))] | ||
(println "22-slim")) | ||
(catch Throwable t | ||
(binding [*out* *err*] | ||
(println t)) | ||
(System/exit 1)))) | ||
|
||
(defn -main [] | ||
(apply -command *command-line-args*)) | ||
|
||
(comment | ||
(let [args ["/Users/slim/project" | ||
(json/generate-string {:repository "alpine"})]] | ||
(apply -command args))) | ||
|
||
(-main) | ||
|
27 changes: 27 additions & 0 deletions
27
prompts/functions/docker_scout_tag_recommendation/runbook.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
# Background | ||
|
||
The `docker_scout_tag_recommendation` function has one parameters. | ||
|
||
* `repository: the name of the repository for which we need a recommendation | ||
|
||
## Usage | ||
|
||
This function does not require project access so no bind mounts will be made. | ||
|
||
```sh | ||
docker run --rm vonwig/docker_scout_tag_recommendation:latest "$(echo '{"repository":"alpine"}')" | ||
``` | ||
|
||
## Build | ||
|
||
```sh | ||
# docker:command=build | ||
|
||
docker buildx build \ | ||
--builder hydrobuild \ | ||
--platform linux/amd64,linux/arm64 \ | ||
--tag vonwig/docker_scout_tag_recommendation:latest \ | ||
--file Dockerfile \ | ||
--push . | ||
docker pull vonwig/docker_scout_tag_recommendation:latest | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters