From b18bac7c0715851ab19a24fcb9321130815798ba Mon Sep 17 00:00:00 2001 From: swapnasagar pradhan Date: Thu, 7 Nov 2024 01:15:59 +0000 Subject: [PATCH] handled some edge cases --- .github/workflows/docker-publish.yml | 12 +++++++----- Dockerfile | 11 +++++++---- scripts/patch.sh | 13 +++++++++++-- 3 files changed, 25 insertions(+), 11 deletions(-) diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index 3df4cdf..30d33f2 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -11,10 +11,10 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - name: Checkout code + uses: actions/checkout@v4 - name: Login to Docker Hub - if: github.event_name != 'pull_request' uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} @@ -24,7 +24,9 @@ jobs: uses: docker/build-push-action@v5 with: context: . - push: ${{ github.event_name != 'pull_request' }} + build-args: | + BUILD_ENV=ci + push: true tags: | - pradhans0906/dockerized-copa:latest - pradhans0906/dockerized-copa:0.9.0 + ${{ secrets.DOCKERHUB_USERNAME }}/dockerized-copa:latest + ${{ secrets.DOCKERHUB_USERNAME }}/dockerized-copa:0.9.0 diff --git a/Dockerfile b/Dockerfile index dce8470..333e189 100644 --- a/Dockerfile +++ b/Dockerfile @@ -15,6 +15,7 @@ RUN apt-get update && \ jq \ lsb-release \ --no-install-recommends && \ + # Set up Docker repository mkdir -p /etc/apt/keyrings && \ curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg && \ echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null && \ @@ -31,13 +32,15 @@ RUN curl --retry 5 -fsSL -o copa.tar.gz https://github.com/project-copacetic/cop chmod +x /usr/local/bin/copa && \ rm copa.tar.gz -# Create credentials config -RUN mkdir -p /root/.docker && \ - echo '{"credsStore":""}' > /root/.docker/config.json +# Create directory for docker config +RUN mkdir -p /root/.docker -# Create entrypoint script properly +# Create entrypoint script with dynamic credentials handling RUN echo '#!/bin/bash' > /entrypoint.sh && \ echo 'set -e' >> /entrypoint.sh && \ + echo 'if [[ "$(uname)" == "Darwin" ]] || [[ -n "$FORCE_CREDS_CONFIG" ]]; then' >> /entrypoint.sh && \ + echo ' echo "{\"credsStore\":\"\"}" > /root/.docker/config.json' >> /entrypoint.sh && \ + echo 'fi' >> /entrypoint.sh && \ echo 'docker pull "$1"' >> /entrypoint.sh && \ echo 'copa patch --scanner docker-scout -i "$1" -t "${2:-patched}" --debug' >> /entrypoint.sh && \ chmod +x /entrypoint.sh diff --git a/scripts/patch.sh b/scripts/patch.sh index 9a424ae..5acce60 100755 --- a/scripts/patch.sh +++ b/scripts/patch.sh @@ -13,19 +13,28 @@ fi IMAGE="$1" TAG_SUFFIX="${2:-patched}" # Default to 'patched' if no suffix provided +# Detect if running on macOS and set environment variable +if [[ "$(uname)" == "Darwin" ]]; then + EXTRA_ENV="-e FORCE_CREDS_CONFIG=1" +else + EXTRA_ENV="" +fi + # Run COPA with tag argument only if custom suffix is provided if [ "$TAG_SUFFIX" != "patched" ]; then docker run --rm --privileged \ -v /var/run/docker.sock:/var/run/docker.sock \ -e DOCKER_CONFIG=/root/.docker \ - copa-local:0.9.0 \ + ${EXTRA_ENV} \ + yourusername/dockerized-copa:latest \ "$IMAGE" \ "$TAG_SUFFIX" else docker run --rm --privileged \ -v /var/run/docker.sock:/var/run/docker.sock \ -e DOCKER_CONFIG=/root/.docker \ - copa-local:0.9.0 \ + ${EXTRA_ENV} \ + yourusername/dockerized-copa:latest \ "$IMAGE" fi