Lint and build hadolint and trivy moved from Dockerfile to separate w…

…orkflows CI/CD Github Actions main.yml
XOwlPost · Mar 17, 2024 · bac742b · bac742b · vercel · Mar 17, 2024
1 parent 94e6895
commit bac742b
Show file tree

Hide file tree

Showing 2 changed files with 54 additions and 84 deletions.
diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile
@@ -1,104 +1,34 @@
-
 # Use Miniconda base image
 FROM continuumio/miniconda3
 
-# Install Node.js version 20.9.0 (correcting the command)
+# Install Node.js and Yarn
 RUN conda install -c conda-forge nodejs=20.9.0
-
-# Install Yarn (using npm, which comes with Node.js)
 RUN npm install -g yarn
 
-# Copy both the environment.yml for Conda and package.json (and yarn.lock if available) for Yarn
+# Copy environment specification and JS dependencies definition
 COPY environment.yml /tmp/environment.yml
 COPY package.json yarn.lock* /tmp/
 
-# Use the environment.yml to create the Conda environment
+# Create Conda environment
 RUN conda env create -f /tmp/environment.yml
 
-# Make RUN commands use the new environment
-SHELL ["conda", "run", "-n", "pre-commit-env", "/bin/bash", "-c"]
-
-RUN pip install checkov terrascan
-
-SHELL ["docker run --rm -i hadolint/hadolint < Dockerfile"]
-
-SHELL ["docker run --rm -v /var/run/docker.sock:/var/run/docker.sock -v $HOME/Library/Caches:/root/.cache/ aquasec/trivy image [my-frontend-app] " ]
-
-# Install JavaScript dependencies with Yarn
-RUN cd /tmp && yarn install
-
-# Copy the installed JavaScript dependencies (and other necessary files) into the working directory
-COPY . /app
-WORKDIR /app
-
-# The code below ensures that the environment is activated on startup
+# Activate the Conda environment in bashrc for interactive sessions
 RUN echo "conda activate pre-commit-env" >> ~/.bashrc
 
-# (Optional) Install JupyterLab in the Conda environment if you need it
-RUN conda run -n pre-commit-env pip install jupyterlab
-
-# Set the default command for the container. Adjust as needed.
-CMD ["conda", "run", "-n", "pre-commit-env", "your-command-here"]
-
-name: Lint and Build
-
-on:
-  push:
-    branches:
-      - main
-      - feature/**
-  pull_request:
-
-jobs:
-  lint-dockerfiles:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
+# Install dependencies within the environment
+RUN conda run -n pre-commit-env pip install checkov terrascan jupyterlab
 
-      # Lint Dockerfile in root directory
-      - name: Lint Root Dockerfile
-        uses: hadolint/hadolint-action@v1.5.0
-        with:
-          dockerfile: ./Dockerfile
-
-      # Lint Dockerfile in .devcontainer directory
-      - name: Lint Devcontainer Dockerfile
-        uses: hadolint/hadolint-action@v1.5.0
-        with:
-          dockerfile: ./.devcontainer/Dockerfile
-
-  build:
-    needs: lint-dockerfiles
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-
-      - name: Build Docker Image from Root
-        run: |
-          docker build -t my-app:latest .
-
-      - name: Build Docker Image from .devcontainer
-        run: |
-          docker build -f ./.devcontainer/Dockerfile -t my-devcontainer:latest .
-
-# Use Miniconda base image
-FROM continuumio/miniconda3
-
-# Install dependencies, etc.
-
-# Copy your application's source code and the entrypoint script
+# Install JavaScript dependencies
 COPY . /app
-COPY entrypoint.sh /usr/local/bin/entrypoint.sh
-
-# Set the working directory
 WORKDIR /app
+RUN cd /tmp && yarn install
 
-# Make the entrypoint script executable
-RUN chmod +x /usr/local/bin/entrypoint.sh
-
-# Set the entrypoint to run your script
-ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
+# Copy the rest of your application's source code
+COPY . /app
 
+# Set the default command for the container
+CMD ["conda", "run", "-n", "pre-commit-env", "your-start-command-here"]
 
-# Expose any ports your application uses (e.g., for a web server)
+# Expose any necessary ports
 EXPOSE 8888
+
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -0,0 +1,40 @@
+# name: Lint and Build
+
+on:
+  push:
+    branches:
+      - main
+      - feature/**
+  pull_request:
+
+jobs:
+  lint-dockerfiles:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+
+      # Lint Dockerfile in root directory
+      - name: Lint Root Dockerfile
+        uses: hadolint/hadolint-action@v1.5.0
+        with:
+          dockerfile: ./Dockerfile
+
+      # Lint Dockerfile in .devcontainer directory
+      - name: Lint Devcontainer Dockerfile
+        uses: hadolint/hadolint-action@v1.5.0
+        with:
+          dockerfile: ./.devcontainer/Dockerfile
+
+  build:
+    needs: lint-dockerfiles
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Build Docker Image from Root
+        run: |
+          docker build -t my-app:latest .
+
+      - name: Build Docker Image from .devcontainer
+        run: |
+          docker build -f ./.devcontainer/Dockerfile -t my-devcontainer:latest .