Skip to content

Commit

Permalink
Improve Dockerfiles with hadolint
Browse files Browse the repository at this point in the history
  • Loading branch information
@mjanez
mjanez committed Sep 28, 2023
1 parent ce7f950 commit b3ea1d2
Show file tree
Hide file tree
Showing 3 changed files with 62 additions and 41 deletions.
47 changes: 25 additions & 22 deletions ckan/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,11 +2,14 @@ FROM ghcr.io/mjanez/ckan-base-spatial:ckan-2.9.9
LABEL maintainer="[email protected]"

# Set up environment variables
ENV APP_DIR=/srv/app \
TZ=UTC
ENV APP_DIR=/srv/app
ENV TZ=UTC

# Set working directory
WORKDIR ${APP_DIR}

# requirements.txt files fixed until next releases
COPY req_fixes ${APP_DIR}/req_fixes
COPY req_fixes req_fixes

# Extensions
### XLoader - 1.0.1 ###
Expand All @@ -24,40 +27,40 @@ RUN echo ${TZ} > /etc/timezone && \
if ! [ /usr/share/zoneinfo/${TZ} -ef /etc/localtime ]; then cp /usr/share/zoneinfo/${TZ} /etc/localtime ; fi && \
# Install CKAN extensions
echo "ckan/ckanext-xloader" && \
pip3 install -e git+https://github.com/ckan/[email protected]#egg=ckanext-xloader && \
pip3 install -r ${APP_DIR}/src/ckanext-xloader/requirements.txt && \
pip3 install -U requests[security] && \
pip3 install --no-cache-dir -e git+https://github.com/ckan/[email protected]#egg=ckanext-xloader && \
pip3 install --no-cache-dir -r ${APP_DIR}/src/ckanext-xloader/requirements.txt && \
pip3 install --no-cache-dir -U requests[security] && \
echo "ckan/ckanext-harvest" && \
pip3 install -e git+https://github.com/ckan/[email protected]#egg=ckanext-harvest && \
pip3 install -r ${APP_DIR}/src/ckanext-harvest/pip-requirements.txt && \
pip3 install --no-cache-dir -e git+https://github.com/ckan/[email protected]#egg=ckanext-harvest && \
pip3 install --no-cache-dir -r ${APP_DIR}/src/ckanext-harvest/pip-requirements.txt && \
echo "ckan/ckanext-geoview" && \
pip3 install -e git+https://github.com/ckan/[email protected]#egg=ckanext-geoview && \
pip3 install --no-cache-dir -e git+https://github.com/ckan/[email protected]#egg=ckanext-geoview && \
echo "ckan/ckanext-spatial" && \
pip3 install -e git+https://github.com/ckan/[email protected]#egg=ckanext-spatial && \
pip3 install -r ${APP_DIR}/req_fixes/ckanext-spatial_requirements.txt && \
pip3 install --no-cache-dir -e git+https://github.com/ckan/[email protected]#egg=ckanext-spatial && \
pip3 install --no-cache-dir -r ${APP_DIR}/req_fixes/ckanext-spatial_requirements.txt && \
echo "mjanez/ckanext-dcat (GeoDCAT-AP extended version)" && \
pip3 install -e git+https://github.com/mjanez/[email protected]#egg=ckanext-dcat && \
pip3 install -r ${APP_DIR}/src/ckanext-dcat/requirements.txt && \
pip3 install --no-cache-dir -e git+https://github.com/mjanez/[email protected]#egg=ckanext-dcat && \
pip3 install --no-cache-dir -r ${APP_DIR}/src/ckanext-dcat/requirements.txt && \
echo "ckan/ckanext-scheming" && \
pip3 install -e git+https://github.com/ckan/[email protected]#egg=ckanext-scheming && \
pip3 install --no-cache-dir -e git+https://github.com/ckan/[email protected]#egg=ckanext-scheming && \
echo "mjanez/ckanext-resourcedictionary" && \
pip3 install -e git+https://github.com/mjanez/[email protected]#egg=ckanext-resourcedictionary && \
pip3 install --no-cache-dir -e git+https://github.com/mjanez/[email protected]#egg=ckanext-resourcedictionary && \
echo "ckan/ckanext-pages" && \
pip3 install -e git+https://github.com/ckan/[email protected]#egg=ckanext-pages && \
pip3 install --no-cache-dir -e git+https://github.com/ckan/[email protected]#egg=ckanext-pages && \
echo "ckan/ckanext-pdfview" && \
pip3 install -e git+https://github.com/ckan/[email protected]#egg=ckanext-pdfview && \
pip3 install --no-cache-dir -e git+https://github.com/ckan/[email protected]#egg=ckanext-pdfview && \
echo "mjanez/ckanext-scheming_dcat" && \
pip3 install -e git+https://github.com/mjanez/[email protected]#egg=ckanext_scheming_dcat && \
pip3 install -r https://raw.githubusercontent.com/mjanez/ckanext-scheming_dcat/v2.0.0/requirements.txt
pip3 install --no-cache-dir -e git+https://github.com/mjanez/[email protected]#egg=ckanext_scheming_dcat && \
pip3 install --no-cache-dir -r https://raw.githubusercontent.com/mjanez/ckanext-scheming_dcat/v2.0.0/requirements.txt

# Used to configure the container environment by setting environment variables, creating users, running initialization scripts, .etc
COPY docker-entrypoint.d/* /docker-entrypoint.d/

# Update who.ini with PROXY_CKAN_LOCATION
COPY setup/who.ini ${APP_DIR}/
COPY setup/who.ini ./

# Apply any patches needed to CKAN core
COPY patches ${APP_DIR}/patches
COPY patches patches

RUN for d in $APP_DIR/patches/*; do \

Check warning on line 65 in ckan/Dockerfile

View workflow job for this annotation

GitHub Actions / runner/test-docker-pr:ckan-2.9.9 

Use WORKDIR to switch to a directory

Check warning on line 65 in ckan/Dockerfile

View workflow job for this annotation

GitHub Actions / runner/test-docker-pr:ckan-2.9.9 

Set the SHELL option -o pipefail before RUN with a pipe in it. If you are using /bin/sh in an alpine image or if your shell is symlinked to busybox then consider explicitly setting your SHELL to /bin/ash, or disable this check
if [ -d $d ]; then \
Expand All @@ -67,4 +70,4 @@ RUN for d in $APP_DIR/patches/*; do \
fi ; \
done

CMD $APP_DIR/start_ckan.sh
CMD ["/bin/sh", "-c", "$APP_DIR/start_ckan.sh"]
38 changes: 26 additions & 12 deletions ckan/Dockerfile.dev
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,13 @@
FROM ghcr.io/mjanez/ckan-base-spatial:ckan-2.9.9-dev
LABEL maintainer="[email protected]"

# Set up environment variables
ENV APP_DIR=/srv/app \
TZ=UTC \
SRC_EXTENSIONS_DIR=/srv/app/src_extensions
ENV APP_DIR=/srv/app
ENV TZ=UTC
ENV SRC_EXTENSIONS_DIR=/srv/app/src_extensions

# Set working directory
WORKDIR ${APP_DIR}

RUN echo ${TZ} > /etc/timezone && \
set -ex && apk --no-cache add sudo && \
Expand Down Expand Up @@ -47,23 +51,33 @@ RUN echo ${TZ} > /etc/timezone && \
# to get them mounted in this image at runtime

# Used to configure the container environment by setting environment variables, creating users, running initialization scripts, .etc
COPY docker-entrypoint.d/* /docker-entrypoint.d/
COPY docker-entrypoint.d/* docker-entrypoint.d/

# Update who.ini with PROXY_CKAN_LOCATION
COPY setup/who.ini ${APP_DIR}/
COPY setup/who.ini ./

# Override start_ckan.sh with DEV sh
COPY setup/start_ckan_development.sh.override ${APP_DIR}/start_ckan_development.sh
RUN chmod +x ${APP_DIR}/start_ckan_development.sh
COPY setup/start_ckan_development.sh.override start_ckan_development.sh
RUN chmod +x start_ckan_development.sh

# Apply any patches needed to CKAN core or any of the built extensions (not the
# runtime mounted ones)
COPY patches ${APP_DIR}/patches
COPY patches patches

# Apply any patches needed to CKAN core or any of the built extensions (not the
# runtime mounted ones!)
COPY patches patches

RUN for d in $APP_DIR/patches/*; do \
if [ -d $d ]; then \
for f in `ls $d/*.patch | sort -g`; do \
cd $SRC_DIR/`basename "$d"` && echo "$0: Applying patch $f to $SRC_DIR/`basename $d`"; patch -p1 < "$f" ; \
done ; \
for f in `ls $d/*.patch | sort -g`; do \
if [ -d $SRC_EXTENSIONS_DIR/`basename "$d"` ]; then \
cd $SRC_EXTENSIONS_DIR/`basename "$d"` && \
echo "$0: Applying patch $f to $SRC_EXTENSIONS_DIR/`basename $d`" && \
patch -p1 < "$f" ; \
else \
echo "$0: Skipping patch $f because directory $SRC_EXTENSIONS_DIR/`basename $d` does not exist. Built the extension: `basename $d`" ; \
fi \
done ; \
fi ; \
done
done
18 changes: 11 additions & 7 deletions ckan/Dockerfile.ghcr
View file
Original file line number Diff line number Diff line change
@@ -1,23 +1,27 @@
FROM ghcr.io/mjanez/ckan-spatial:ckan-2.9.9
LABEL maintainer="[email protected]"

# Set up environment variables
ENV APP_DIR=/srv/app
ENV TZ=UTC
RUN echo ${TZ} > /etc/timezone

# Set working directory
WORKDIR ${APP_DIR}

# Make sure both files are not exactly the same
RUN if ! [ /usr/share/zoneinfo/${TZ} -ef /etc/localtime ]; then \
cp /usr/share/zoneinfo/${TZ} /etc/localtime ;\
RUN echo ${TZ} > /etc/timezone && \
if ! [ /usr/share/zoneinfo/${TZ} -ef /etc/localtime ]; then \
cp /usr/share/zoneinfo/${TZ} /etc/localtime ; \
fi ;

# Used to configure the container environment by setting environment variables, creating users, running initialization scripts, .etc
COPY docker-entrypoint.d/* /docker-entrypoint.d/
COPY docker-entrypoint.d/* docker-entrypoint.d/

# Update who.ini with PROXY_CKAN_LOCATION
COPY setup/who.ini ${APP_DIR}/
COPY setup/who.ini ./

# Apply any patches needed to CKAN core
COPY patches ${APP_DIR}/patches
COPY patches patches

# Updated version of the Dockerfile RUN command that skips applying a patch if a reversed or previously applied patch is detected
RUN for d in $APP_DIR/patches/*; do \

Check warning on line 27 in ckan/Dockerfile.ghcr

View workflow job for this annotation

GitHub Actions / runner/test-docker-pr:ckan-2.9.9 

Use WORKDIR to switch to a directory

Check warning on line 27 in ckan/Dockerfile.ghcr

View workflow job for this annotation

GitHub Actions / runner/test-docker-pr:ckan-2.9.9 

Set the SHELL option -o pipefail before RUN with a pipe in it. If you are using /bin/sh in an alpine image or if your shell is symlinked to busybox then consider explicitly setting your SHELL to /bin/ash, or disable this check
Expand All @@ -34,4 +38,4 @@ RUN for d in $APP_DIR/patches/*; do \
fi ; \
done

CMD $APP_DIR/start_ckan.sh
CMD ["/bin/sh", "-c", "$APP_DIR/start_ckan.sh"]

0 comments on commit b3ea1d2

Please sign in to comment.