diff --git a/.circleci/config.yml b/.circleci/config.yml index fe4e951..566923c 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -8,9 +8,9 @@ workflows: requires: - test filters: - branches: - only: - - master + branches: + only: + - master - build_children: context: circle-api requires: @@ -30,9 +30,9 @@ workflows: requires: - test filters: - branches: - only: - - master + branches: + only: + - master - build_children: context: circle-api requires: @@ -80,8 +80,7 @@ jobs: destination: docker-lancachenet-ubuntu.tar - persist_to_workspace: root: workspace - paths: - lancachenet-ubuntu.tar + paths: lancachenet-ubuntu.tar publish_latest: executor: testbuild-executor steps: @@ -100,7 +99,7 @@ jobs: - run: name: "Request API to build children" command: | - for child in {"ubuntu-nginx","lancache-dns"}; do - echo "Asking API to trigger build for $child" - curl -X POST --header "Content-Type: application/json" -d '{"branch":"master"}' https://circleci.com/api/v1.1/project/github/lancachenet/$child/build?circle-token=${CIRCLE_API_USER_TOKEN} - done + for child in {"ubuntu-nginx","lancache-dns"}; do + echo "Asking API to trigger build for $child" + curl -X POST --header "Content-Type: application/json" -d '{"branch":"master"}' https://circleci.com/api/v1.1/project/github/lancachenet/$child/build?circle-token=${CIRCLE_API_USER_TOKEN} + done diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 0000000..8183e6b --- /dev/null +++ b/.editorconfig @@ -0,0 +1,18 @@ +root = true + +[*] +indent_style = space +indent_size = 2 +trim_trailing_whitespace = true +end_of_line = lf +insert_final_newline = true + +[*.md] +indent_size = 0 + +[*.sh] +indent_style = tab + +[00_asciilogo.sh] +indent_style = space +indent_size = unset diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml new file mode 100644 index 0000000..ebecca6 --- /dev/null +++ b/.github/workflows/mega-linter.yml @@ -0,0 +1,55 @@ +# MegaLinter GitHub Action configuration file +# More info at https://megalinter.io +--- +name: MegaLinter + +on: + pull_request: + branches: + - master + +env: + GITHUB_STATUS_REPORTER: true + +concurrency: + group: ${{ github.ref }}-${{ github.workflow }} + cancel-in-progress: true + +jobs: + megalinter: + name: MegaLinter + runs-on: ubuntu-latest + + permissions: + contents: write + issues: write + pull-requests: write + + steps: + - name: Checkout Code + uses: actions/checkout@v4 + with: + token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }} + fetch-depth: 0 + + - name: MegaLinter + uses: oxsecurity/megalinter@v8 + id: ml + env: + VALIDATE_ALL_CODEBASE: >- + ${{ + github.event_name == 'push' && + github.ref == 'refs/heads/master' + }} + + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Archive production artifacts + uses: actions/upload-artifact@v4 + if: success() || failure() + with: + name: MegaLinter reports + include-hidden-files: "true" + path: | + megalinter-reports + mega-linter.log diff --git a/.gitignore b/.gitignore index 27a3afb..4dbb08b 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ reports +megalinter-reports diff --git a/.lefthook.yml b/.lefthook.yml new file mode 100644 index 0000000..15efcff --- /dev/null +++ b/.lefthook.yml @@ -0,0 +1,6 @@ +pre-commit: + parallel: true + jobs: + - name: megalinter + run: docker run --rm -e USER=$(id -u) -e GROUP=$(id -g) -v "$PWD:/tmp/lint" oxsecurity/megalinter:v8 + stage_fixed: true diff --git a/.mega-linter.yml b/.mega-linter.yml new file mode 100644 index 0000000..0687c88 --- /dev/null +++ b/.mega-linter.yml @@ -0,0 +1,28 @@ +# Configuration file for MegaLinter +# +# See all available variables at https://megalinter.io/latest/config-file/ and in +# linters documentation + +APPLY_FIXES: all +FLAVOR_SUGGESTIONS: false +PRINT_ALPACA: false +SHOW_ELAPSED_TIME: true + +ENABLE: + - ACTION + - BASH + - DOCKERFILE + - EDITORCONFIG + - MARKDOWN + - YAML + +DISABLE_LINTERS: + - MARKDOWN_MARKDOWNLINT + - YAML_V8R + +BASH_SHELLCHECK_ARGUMENTS: "-f gcc" +EDITORCONFIG_EDITORCONFIG_CHECKER_ARGUMENTS: "-f gcc" + +POST_COMMANDS: + - command: find . -user root -group root -exec chown ${USER}:${GROUP} {} \; + cwd: workspace diff --git a/Dockerfile b/Dockerfile index 7d58fce..9970064 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,24 +1,29 @@ FROM ubuntu:24.04 -LABEL maintainer="LanCache.Net Team " + +LABEL org.opencontainers.image.authors="LanCache.Net Team " + ARG DEBIAN_FRONTEND=noninteractive -RUN \ - apt-get -y update && apt-get -y upgrade && \ - apt-get -y install supervisor curl wget bzip2 locales tzdata --no-install-recommends && \ - locale-gen en_GB.utf8 && \ - update-locale LANG=en_GB.utf8 && \ - apt-get -y clean && \ - rm -rf /var/lib/apt/lists/* +# hadolint ignore=DL3008 +RUN < /dev/null || true - -entrypoint_pre=$(ls /hooks/entrypoint-pre.d/* 2>/dev/null | sort -n ) -if [ "$entrypoint_pre" != "" ]; then - for hook in $entrypoint_pre; do - echo "Executing hook ${hook}" - /bin/bash -c "${hook}" - if [ "$?" != "0" ]; then - die "hook ${hook}} returned a non-zero exit status '$?'" - fi - done -fi - -[[ -f "/hooks/entrypoint-pre" ]] && echo "The /hooks/entrypoint-pre hook has been replaced with /hooks/entrypoint-pre.d/*" && exit 1 - -[[ -f "/init/setup" ]] && /init/setup - -eval ${SETUP:-} - -case ${1} in - run) - check_depending_env - [[ -f "/hooks/entrypoint-run" ]] && /hooks/entrypoint-run - if [[ -e /init/supervisord && -d /etc/supervisor ]]; then - # Use exec so we replace our current process so signals can get through - exec /bin/bash /init/supervisord - else - exec /bin/bash - fi - ;; - *) - [[ -f "/hooks/entrypoint-exec" ]] && /hooks/entrypoint-exec - exec $* - ;; -esac diff --git a/overlay/init/entrypoint.sh b/overlay/init/entrypoint.sh new file mode 100755 index 0000000..f354090 --- /dev/null +++ b/overlay/init/entrypoint.sh @@ -0,0 +1,67 @@ +#!/usr/bin/env bash + +die() { + echo "ERROR: ${1}" + exit 1 +} + +check_depending_env() { + if [ -n "${DEPENDING_ENVIRONMENT_VARS}" ]; then + MISSING_ENVIRONMENT_VARS=() + echo -n "* Checking depending environment variables " + for e in ${DEPENDING_ENVIRONMENT_VARS}; do + if [ ! -v "${e}" ]; then + MISSING_ENVIRONMENT_VARS+=("${e}") + fi + done + if [ ${#MISSING_ENVIRONMENT_VARS[@]} -gt 0 ]; then + echo "[missing variables]" + for missing in "${MISSING_ENVIRONMENT_VARS[@]}"; do + echo " * ${missing}" + done + echo + die "Missing environment variables" + fi + echo -n "[done]" + echo + fi +} + +[[ ${DOCKER_DEBUG} ]] && set -x + +# Set exec-bit automatic. When adding hooks in a Dockerfile, we shoulnt also haveto think about setting +x +# in the Dockerfile for the same file. If you want to disable a hook, rename it. +chmod +x /init/setup /hooks/{entrypoint-pre.d/*,entrypoint-run,entrypoint-exec,supervisord-pre.d/*,supervisord-ready} 2>/dev/null || true + +entrypoint_pre=$(find /hooks/entrypoint-pre.d/ -maxdepth 1 -type f 2>/dev/null | sort -n) +if [ "$entrypoint_pre" != "" ]; then + for hook in $entrypoint_pre; do + echo "Executing hook ${hook}" + if ! /bin/bash -c "${hook}"; then + die "hook ${hook} returned a non-zero exit status '$?'" + fi + done +fi + +[[ -f "/hooks/entrypoint-pre" ]] && echo "The /hooks/entrypoint-pre hook has been replaced with /hooks/entrypoint-pre.d/*" && exit 1 + +[[ -f "/init/setup" ]] && /init/setup + +eval "${SETUP:-}" + +case ${1} in +run) + check_depending_env + [[ -f "/hooks/entrypoint-run" ]] && /hooks/entrypoint-run + if [[ -e /init/supervisord && -d /etc/supervisor ]]; then + # Use exec so we replace our current process so signals can get through + exec /bin/bash /init/supervisord + else + exec /bin/bash + fi + ;; +*) + [[ -f "/hooks/entrypoint-exec" ]] && /hooks/entrypoint-exec + exec "$@" + ;; +esac diff --git a/overlay/init/supervisord b/overlay/init/supervisord.sh similarity index 55% rename from overlay/init/supervisord rename to overlay/init/supervisord.sh index 5509a39..453afc6 100755 --- a/overlay/init/supervisord +++ b/overlay/init/supervisord.sh @@ -1,26 +1,26 @@ #!/bin/bash -[ ${DOCKER_DEBUG} ] && set -x +[ "${DOCKER_DEBUG}" ] && set -x -die () { - echo "ERROR: ${1}" - exit 1 +die() { + echo "ERROR: ${1}" + exit 1 } # PID, trap, wait; all belongs to 'docker stop' signal handeling. # This is the same logic as the parent docker container, but rather this, # than creating a one-time process in supervisord to handle this logic. -PID=; trap '[[ ${PID} ]] && kill ${PID}; exit 0' SIGTERM +PID= +trap '[[ ${PID} ]] && kill ${PID}; exit 0' SIGTERM -supervisord_pre=$(ls /hooks/supervisord-pre.d/* 2>/dev/null | sort -n ) +supervisord_pre=$(find /hooks/supervisord-pre.d/ -maxdepth 1 -type f ! -name .gitkeep 2>/dev/null | sort -n) if [ "$supervisord_pre" != "" ]; then - for hook in $supervisord_pre; do - echo "Executing hook ${hook}" - /bin/bash -c "${hook}" - if [ "$?" != "0" ]; then - die "hook ${hook}} returned a non-zero exit status '$?'" - fi - done + for hook in $supervisord_pre; do + echo "Executing hook ${hook}" + if ! /bin/bash -c "${hook}"; then + die "hook ${hook} returned a non-zero exit status '$?'" + fi + done fi [[ -f "/hooks/supervisord-pre" ]] && echo "The /hooks/supervisord-pre hook has been replaced with /hooks/supervisord-pre.d/*" && exit 1 @@ -28,4 +28,4 @@ fi echo "Starting Supervisord" -exec /usr/bin/supervisord -n -c /etc/supervisor/supervisord.conf -e ${SUPERVISORD_LOGLEVEL:-error} +exec /usr/bin/supervisord -n -c /etc/supervisor/supervisord.conf -e "${SUPERVISORD_LOGLEVEL:-error}" diff --git a/run-tests.sh b/run-tests.sh index beffdf4..47e3035 100755 --- a/run-tests.sh +++ b/run-tests.sh @@ -1,9 +1,9 @@ #!/bin/bash -if [[ "$@" == *" -- "* ]]; then - SD_LOGLEVEL="-e SUPERVISORD_LOGLEVEL=INFO" -else - SD_LOGLEVEL="-- -e SUPERVISORD_LOGLEVEL=INFO" -fi +SD_LOGLEVEL=(-- -e SUPERVISORD_LOGLEVEL=INFO) -curl -fsSL https://raw.githubusercontent.com/lancachenet/test-suite/master/dgoss-tests.sh | bash -s -- --imagename="lancachenet/ubuntu:goss-test" $@ $SD_LOGLEVEL +for arg in "$@"; do + [[ "${arg}" == "--" ]] && SD_LOGLEVEL=(-e SUPERVISORD_LOGLEVEL=INFO) && break +done + +curl -fsSL https://raw.githubusercontent.com/lancachenet/test-suite/master/dgoss-tests.sh | bash -s -- --imagename="lancachenet/ubuntu:goss-test" "$@" "${SD_LOGLEVEL[@]}"