Update Dockerfiles version and add linter (#91)

lucacome · Jun 20, 2024 · cb747cb · cb747cb
1 parent 9505273
commit cb747cb
Show file tree

Hide file tree

Showing 5 changed files with 78 additions and 47 deletions.
diff --git a/.markdownlint-cli2.yaml b/.markdownlint-cli2.yaml
@@ -0,0 +1,20 @@
+# Rule configuration.
+# For rule descriptions and how to fix: https://github.com/DavidAnson/markdownlint/tree/main#rules--aliases
+config:
+  ul-style:
+    style: dash
+  no-hard-tabs: false
+  no-multiple-blanks: false
+  line-length: false
+  blanks-around-headers: false
+  no-duplicate-heading:
+    siblings_only: true
+  no-inline-html: false
+  no-bare-urls: false
+  no-emphasis-as-heading: false
+  first-line-h1: false
+  code-block-style: false
+
+# Define glob expressions to ignore
+ignores:
+  - ".github/"
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -15,3 +15,13 @@ repos:
     rev: v2.3.0
     hooks:
     -   id: codespell
+
+- repo: https://github.com/gitleaks/gitleaks
+  rev: v8.18.4
+  hooks:
+    - id: gitleaks
+
+- repo: https://github.com/DavidAnson/markdownlint-cli2
+  rev: v0.13.0
+  hooks:
+    - id: markdownlint-cli2
diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,4 @@
-# syntax=docker/dockerfile:1.6
+# syntax=docker/dockerfile:1.8
 FROM nginx:1.27.0 as nginx
 
 FROM redhat/ubi9:9.4 as rpm-build
@@ -9,24 +9,24 @@ ENV NJS_VERSION ${NJS}
 
 
 RUN rpm --import https://nginx.org/keys/nginx_signing.key \
-    && printf "%s\n" "[nginx]" "name=nginx src repo" \
-    "baseurl=https://nginx.org/packages/mainline/centos/9/SRPMS" \
-    "gpgcheck=1" "enabled=1" "module_hotfixes=true" >> /etc/yum.repos.d/nginx.repo \
-    && dnf install rpm-build gcc make dnf-plugins-core which -y \
-    && dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm
+	&& printf "%s\n" "[nginx]" "name=nginx src repo" \
+	"baseurl=https://nginx.org/packages/mainline/centos/9/SRPMS" \
+	"gpgcheck=1" "enabled=1" "module_hotfixes=true" >> /etc/yum.repos.d/nginx.repo \
+	&& dnf install rpm-build gcc make dnf-plugins-core which -y \
+	&& dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm
 
 RUN nginxPackages=" \
-    nginx-${NGINX_VERSION} \
-    nginx-module-xslt-${NGINX_VERSION} \
-    nginx-module-image-filter-${NGINX_VERSION} \
-    nginx-module-njs-${NGINX_VERSION}+${NJS_VERSION} \
-    " \
-    && dnf config-manager --set-enabled ubi-9-codeready-builder \
-    && dnf download --source ${nginxPackages} \
-    && dnf builddep -y --srpm nginx*.rpm \
-    && rpmbuild --rebuild --nodebuginfo nginx*.rpm \
-    && mkdir -p /nginx/ \
-    && cp /root/rpmbuild/RPMS/$(arch)/* /nginx/
+	nginx-${NGINX_VERSION} \
+	nginx-module-xslt-${NGINX_VERSION} \
+	nginx-module-image-filter-${NGINX_VERSION} \
+	nginx-module-njs-${NGINX_VERSION}+${NJS_VERSION} \
+	" \
+	&& dnf config-manager --set-enabled ubi-9-codeready-builder \
+	&& dnf download --source ${nginxPackages} \
+	&& dnf builddep -y --srpm nginx*.rpm \
+	&& rpmbuild --rebuild --nodebuginfo nginx*.rpm \
+	&& mkdir -p /nginx/ \
+	&& cp /root/rpmbuild/RPMS/$(arch)/* /nginx/
 
 
 FROM redhat/ubi9-minimal:9.4 as final
@@ -36,13 +36,13 @@ ENV NGINX_VERSION ${NGINX}
 ENV NJS_VERSION ${NJS}
 
 RUN --mount=type=bind,from=rpm-build,source=/nginx,target=/tmp/ \
-    rpm -qa --queryformat "%{NAME}\n" | sort > installed \
-    && microdnf --nodocs --setopt=install_weak_deps=0 install -y shadow-utils diffutils dnf \
-    && rpm -qa --queryformat "%{NAME}\n" | sort > new \
-    && groupadd --system --gid 101 nginx \
-    && useradd --system --gid nginx --no-create-home --home-dir /nonexistent --comment "nginx user" --shell /bin/false --uid 101 nginx \
-    && dnf install -y /tmp/*.rpm \
-    && dnf -q repoquery --resolve --requires --recursive --whatrequires nginx --queryformat "%{NAME}" > nginx \
-    && dnf --setopt=protected_packages= remove -y $(comm -13 installed new | comm -13 nginx -) \
-    && microdnf -y clean all \
-    && rm installed new nginx
+	rpm -qa --queryformat "%{NAME}\n" | sort > installed \
+	&& microdnf --nodocs --setopt=install_weak_deps=0 install -y shadow-utils diffutils dnf \
+	&& rpm -qa --queryformat "%{NAME}\n" | sort > new \
+	&& groupadd --system --gid 101 nginx \
+	&& useradd --system --gid nginx --no-create-home --home-dir /nonexistent --comment "nginx user" --shell /bin/false --uid 101 nginx \
+	&& dnf install -y /tmp/*.rpm \
+	&& dnf -q repoquery --resolve --requires --recursive --whatrequires nginx --queryformat "%{NAME}" > nginx \
+	&& dnf --setopt=protected_packages= remove -y $(comm -13 installed new | comm -13 nginx -) \
+	&& microdnf -y clean all \
+	&& rm installed new nginx
diff --git a/Dockerfile.prebuilt b/Dockerfile.prebuilt
@@ -1,27 +1,27 @@
-# syntax=docker/dockerfile:1.6
+# syntax=docker/dockerfile:1.8
 FROM redhat/ubi9-minimal:9.4 as final
 ARG NGINX
 ARG NJS
 ENV NGINX_VERSION ${NGINX}
 ENV NJS_VERSION ${NJS}
 
 RUN  rpm -qa --queryformat "%{NAME}\n" | sort > installed \
-    && microdnf --nodocs install -y shadow-utils diffutils \
-    && groupadd --system --gid 101 nginx \
-    && useradd --system --gid nginx --no-create-home --home-dir /nonexistent --comment "nginx user" --shell /bin/false --uid 101 nginx \
-    && rpm -qa --queryformat "%{NAME}\n" | sort > new \
-    && microdnf remove -y $(comm -13 installed new) \
-    # prebuilt nginx rpm
-    && rpm --import https://nginx.org/keys/nginx_signing.key \
-    &&  printf "%s\n" "[nginx]" "name=nginx repo" \
-    "baseurl=https://nginx.org/packages/mainline/centos/9/\$basearch/" \
-    "gpgcheck=1" "enabled=1" "module_hotfixes=true" > /etc/yum.repos.d/nginx.repo \
-    && nginxPackages=" \
-    nginx-${NGINX_VERSION} \
-    nginx-module-xslt-${NGINX_VERSION} \
-    nginx-module-image-filter-${NGINX_VERSION} \
-    nginx-module-njs-${NGINX_VERSION}+${NJS_VERSION} \
-    " \
-    && microdnf install -y ${nginxPackages} \
-    && rm /etc/yum.repos.d/nginx.repo \
-    && microdnf clean all
+	&& microdnf --nodocs install -y shadow-utils diffutils \
+	&& groupadd --system --gid 101 nginx \
+	&& useradd --system --gid nginx --no-create-home --home-dir /nonexistent --comment "nginx user" --shell /bin/false --uid 101 nginx \
+	&& rpm -qa --queryformat "%{NAME}\n" | sort > new \
+	&& microdnf remove -y $(comm -13 installed new) \
+	# prebuilt nginx rpm
+	&& rpm --import https://nginx.org/keys/nginx_signing.key \
+	&&  printf "%s\n" "[nginx]" "name=nginx repo" \
+	"baseurl=https://nginx.org/packages/mainline/centos/9/\$basearch/" \
+	"gpgcheck=1" "enabled=1" "module_hotfixes=true" > /etc/yum.repos.d/nginx.repo \
+	&& nginxPackages=" \
+	nginx-${NGINX_VERSION} \
+	nginx-module-xslt-${NGINX_VERSION} \
+	nginx-module-image-filter-${NGINX_VERSION} \
+	nginx-module-njs-${NGINX_VERSION}+${NJS_VERSION} \
+	" \
+	&& microdnf install -y ${nginxPackages} \
+	&& rm /etc/yum.repos.d/nginx.repo \
+	&& microdnf clean all
diff --git a/README.md b/README.md
@@ -1,4 +1,5 @@
 # UBI based Docker image for NGINX
+
 <p align="left">
 <a href="https://hub.docker.com/r/nginxcontrib/nginx-ubi"><img alt="Docker Pulls" src="https://img.shields.io/docker/pulls/nginxcontrib/nginx-ubi?style=flat-square"></a>
 <a href="https://hub.docker.com/r/nginxcontrib/nginx-ubi/tags?page=1&ordering=last_updated"><img alt="Docker Image Size (tag)" src="https://img.shields.io/docker/image-size/nginxcontrib/nginx-ubi/latest?style=flat-square">