git-cliff/Dockerfile

# syntax=docker/dockerfile:1.4.3-labs
FROM lukemathwalker/cargo-chef:0.1.62-rust-1.72-buster AS chef
WORKDIR app

FROM chef AS planner
COPY . .
RUN cargo chef prepare --recipe-path recipe.json

FROM chef AS builder
COPY --from=planner /app/recipe.json recipe.json
ENV CARGO_NET_GIT_FETCH_WITH_CLI=true
RUN cargo chef cook --release --recipe-path recipe.json
COPY . .
RUN cargo build --release --locked --no-default-features
RUN rm -f target/release/deps/git_cliff*

FROM debian:buster-slim as runner

# Everything inside this container will be explicitly mounted by the end user,
# so we can sidestep some Git security restrictions. This app recommends
# mounting data to /app, but this *can* be changed externally and *will* be
# changed when run by GitHub Actions, so we need to cover our bases.
RUN echo '[safe]\n\tdirectory = *' > /etc/gitconfig

COPY --from=builder /app/target/release/git-cliff /usr/local/bin
WORKDIR app

# Even if the repository as marked as safe, GitHub Actions and some other
# environments insist on running the entrypoint as root inside the container
# even when being run by a non privileged user on their own files. Here we
# check the ownership of the workdir (which may or may not be /app) and change
# our effective user/group ID to match.
RUN cat <<'EOF' > /usr/local/bin/entrypoint.sh
#!/bin/sh
if [ "$(id -u)" -ne "$(stat -c '%u' .)" ]; then
  eids="$(stat -c '--euid %u --egid %g' .)"
fi
exec ${eids:+setpriv --clear-groups $eids} git-cliff $@
EOF
ENTRYPOINT ["sh", "/usr/local/bin/entrypoint.sh"]
fix(docker): configure git safe.directory for Docker image (#108) 2022-09-20 18:53:30 +03:00			`# syntax=docker/dockerfile:1.4.3-labs`
chore(docker): update versions in Dockerfile 2023-08-30 18:02:58 +03:00			`FROM lukemathwalker/cargo-chef:0.1.62-rust-1.72-buster AS chef`
chore(docker): add Dockerfile 2021-06-11 21:41:03 +03:00			`WORKDIR app`
refactor(docker): improve cargo-chef caching in Dockerfile 2022-10-06 17:43:56 +03:00
			`FROM chef AS planner`
chore(docker): add Dockerfile 2021-06-11 21:41:03 +03:00			`COPY . .`
			`RUN cargo chef prepare --recipe-path recipe.json`

refactor(docker): improve cargo-chef caching in Dockerfile 2022-10-06 17:43:56 +03:00			`FROM chef AS builder`
chore(docker): add Dockerfile 2021-06-11 21:41:03 +03:00			`COPY --from=planner /app/recipe.json recipe.json`
fix(docker): use an alternative method to fetch registry 2022-11-20 16:18:49 +03:00			`ENV CARGO_NET_GIT_FETCH_WITH_CLI=true`
chore(docker): add Dockerfile 2021-06-11 21:41:03 +03:00			`RUN cargo chef cook --release --recipe-path recipe.json`
			`COPY . .`
chore(docker): disable default features for the Docker image 2022-04-24 14:13:47 +03:00			`RUN cargo build --release --locked --no-default-features`
chore(docker): add Dockerfile 2021-06-11 21:41:03 +03:00			`RUN rm -f target/release/deps/git_cliff*`

			`FROM debian:buster-slim as runner`
refactor(docker): avoid copying volume inside container (#142) * refactor(docker): avoid copying volume inside container * docs(readme): Fix Docker tips to mount project, not just repository Otherwise any project configs have no chance of being read... 2023-05-18 21:45:32 +03:00
			`# Everything inside this container will be explicitly mounted by the end user,`
			`# so we can sidestep some Git security restrictions. This app recommends`
			`# mounting data to /app, but this can be changed externally and will be`
			`# changed when run by GitHub Actions, so we need to cover our bases.`
			`RUN echo '[safe]\n\tdirectory = *' > /etc/gitconfig`

chore(docker): add Dockerfile 2021-06-11 21:41:03 +03:00			`COPY --from=builder /app/target/release/git-cliff /usr/local/bin`
refactor(docker): avoid copying volume inside container (#142) * refactor(docker): avoid copying volume inside container * docs(readme): Fix Docker tips to mount project, not just repository Otherwise any project configs have no chance of being read... 2023-05-18 21:45:32 +03:00			`WORKDIR app`

			`# Even if the repository as marked as safe, GitHub Actions and some other`
			`# environments insist on running the entrypoint as root inside the container`
feat(ci): add 'typos' check (#317) * docs(docker): fix typos * docs(readme): fix typos * docs(template): fix typos * ci(typos): add 'typos' check resolves #311 * ci(typos): 'typos' moved to its own job --------- Co-authored-by: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> 2023-10-19 16:34:17 +03:00			`# even when being run by a non privileged user on their own files. Here we`
refactor(docker): avoid copying volume inside container (#142) * refactor(docker): avoid copying volume inside container * docs(readme): Fix Docker tips to mount project, not just repository Otherwise any project configs have no chance of being read... 2023-05-18 21:45:32 +03:00			`# check the ownership of the workdir (which may or may not be /app) and change`
			`# our effective user/group ID to match.`
			`RUN cat <<'EOF' > /usr/local/bin/entrypoint.sh`
fix(docker): configure git safe.directory for Docker image (#108) 2022-09-20 18:53:30 +03:00			`#!/bin/sh`
refactor(docker): avoid copying volume inside container (#142) * refactor(docker): avoid copying volume inside container * docs(readme): Fix Docker tips to mount project, not just repository Otherwise any project configs have no chance of being read... 2023-05-18 21:45:32 +03:00			`if [ "$(id -u)" -ne "$(stat -c '%u' .)" ]; then`
			`eids="$(stat -c '--euid %u --egid %g' .)"`
			`fi`
			`exec ${eids:+setpriv --clear-groups $eids} git-cliff $@`
fix(docker): configure git safe.directory for Docker image (#108) 2022-09-20 18:53:30 +03:00			`EOF`
refactor(docker): avoid copying volume inside container (#142) * refactor(docker): avoid copying volume inside container * docs(readme): Fix Docker tips to mount project, not just repository Otherwise any project configs have no chance of being read... 2023-05-18 21:45:32 +03:00			`ENTRYPOINT ["sh", "/usr/local/bin/entrypoint.sh"]`