diff options
| author | Elizabeth Alexander Hunt <me@liz.coffee> | 2025-05-10 21:26:53 -0700 |
|---|---|---|
| committer | Elizabeth Alexander Hunt <me@liz.coffee> | 2025-05-10 21:35:10 -0700 |
| commit | 8e14c8eff79047d5b2671b979d2e632e8b1b1718 (patch) | |
| tree | 1c9f0c2d52bcf7cfc993598ce0be46edd4103e02 | |
| parent | 2c0d7236c6455adf6a14a0430e4a7ae59bb26261 (diff) | |
| download | ci-8e14c8eff79047d5b2671b979d2e632e8b1b1718.tar.gz ci-8e14c8eff79047d5b2671b979d2e632e8b1b1718.zip | |
Optimize worker dockerfile a bit
| -rw-r--r-- | hooks/Dockerfile | 2 | ||||
| -rw-r--r-- | hooks/mod.ts | 2 | ||||
| -rw-r--r-- | worker/Dockerfile | 31 | ||||
| -rw-r--r-- | worker/scripts/build_image | 2 |
4 files changed, 20 insertions, 17 deletions
diff --git a/hooks/Dockerfile b/hooks/Dockerfile index 4dce8b9..e34988b 100644 --- a/hooks/Dockerfile +++ b/hooks/Dockerfile @@ -1,4 +1,4 @@ FROM oci.liz.coffee/img/liz-ci:release AS hooks ENTRYPOINT [] -CMD [ "deno", "run", "--allow-env", "--allow-net", "/app/hooks/mod.ts" ] +CMD [ "/app/hooks/mod.ts" ] diff --git a/hooks/mod.ts b/hooks/mod.ts index 767720a..ef44d25 100644 --- a/hooks/mod.ts +++ b/hooks/mod.ts @@ -1,4 +1,4 @@ -#!/usr/bin/env -S deno run --allow-env --allow-net +#!/usr/bin/env -S deno run --allow-env --allow-net --allow-run import { getRequiredEnv, getStdout, validateIdentifier } from "@liz-ci/utils"; diff --git a/worker/Dockerfile b/worker/Dockerfile index 563908b..fbb8e7b 100644 --- a/worker/Dockerfile +++ b/worker/Dockerfile @@ -1,22 +1,25 @@ +# Builder stage for Bitwarden CLI +FROM debian:stable-slim AS bw-builder +RUN apt-get update && apt-get install -yqq unzip curl +RUN curl -L -o /tmp/bw-linux.zip https://github.com/bitwarden/clients/releases/download/cli-v2025.4.0/bw-linux-2025.4.0.zip \ + && unzip /tmp/bw-linux.zip -d /tmp \ + && chmod +x /tmp/bw + +# Final image FROM oci.liz.coffee/img/liz-ci:release AS worker # Image building / publishing jobs -RUN apt-get install -yqq ca-certificates curl -RUN curl "https://get.docker.com/builds/`uname -s`/`uname -m`/docker-latest.tgz" > docker.tgz &&\ - tar -xvzf docker.tgz &&\ - mv docker/* /usr/local/bin &&\ - rm -rf docke* - -RUN groupadd docker -RUN useradd --system --home-dir /var/lib/laminar \ +RUN apt-get update && apt-get install -yqq ca-certificates curl \ + && curl "https://get.docker.com/builds/`uname -s`/`uname -m`/docker-latest.tgz" > docker.tgz \ + && tar -xvzf docker.tgz \ + && mv docker/* /usr/local/bin \ + && rm -rf docke* \ + && groupadd docker \ + && useradd --system --home-dir /var/lib/laminar \ --no-user-group --groups users,docker --uid 100 laminar -# Secret retrieval -RUN apt install -yqq unzip -ADD https://github.com/bitwarden/clients/releases/download/cli-v2025.4.0/bw-linux-2025.4.0.zip /tmp/bw-linux.zip -RUN unzip /tmp/bw-linux.zip -RUN mv bw /usr/local/bin -RUN rm /tmp/bw-linux.zip +# Copy Bitwarden from builder stage +COPY --from=bw-builder /tmp/bw /usr/local/bin/ USER laminar WORKDIR /var/lib/laminar diff --git a/worker/scripts/build_image b/worker/scripts/build_image index ba1ec8f..7107224 100644 --- a/worker/scripts/build_image +++ b/worker/scripts/build_image @@ -1,4 +1,4 @@ -#!/usr/bin/env -S deno run --allow-env --allow-net +#!/usr/bin/env -S deno run --allow-env --allow-net --allow-run import type { BuildDockerImageJobProps } from "@liz-ci/model"; import { |