streamline build process

Signed-off-by: Mario Enrico Ragucci <[email protected]>
ghmer · Mar 29, 2021 · 0998368 · 0998368
1 parent a6b3478
commit 0998368
Show file tree

Hide file tree

Showing 2 changed files with 40 additions and 10 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -1,16 +1,24 @@
 FROM alpine:latest
+LABEL maintainer="[email protected]"
+LABEL description="tinymfa is a time based one time pad (TOTP) solution written in golang. It implements RFC 6238."
 EXPOSE 57687
 
 ARG ARCH=amd64
 ARG USER_ID=57687
 ARG GROUP_ID=57687
 
 USER root
-RUN mkdir -p /opt/go-tiny-mfa/bin && mkdir -p /opt/go-tiny-mfa/secrets && touch /opt/go-tiny-mfa/secrets/.placeholder
-RUN addgroup --gid ${GROUP_ID} tinymfa && adduser --no-create-home --disabled-password --ingroup tinymfa --shell /bin/bash --home /opt/go-tiny-mfa --uid ${USER_ID} tinymfa
-RUN chown -R ${USER_ID}:${GROUP_ID} /opt/go-tiny-mfa
+RUN mkdir -p /opt/go-tiny-mfa/bin && \
+    mkdir -p /opt/go-tiny-mfa/secrets && \
+    addgroup --gid ${GROUP_ID} tinymfa && \
+    adduser \
+        --no-create-home --disabled-password \
+        --ingroup tinymfa --shell /bin/sh \
+        --home /opt/go-tiny-mfa --uid ${USER_ID} tinymfa && \
+    chown -R ${USER_ID}:${GROUP_ID} /opt/go-tiny-mfa
+VOLUME [ "/opt/go-tiny-mfa/secrets" ]
 COPY --chown=${USER_ID}:${GROUP_ID} build/go-tiny-mfa-${ARCH} /opt/go-tiny-mfa/bin/tiny-mfa
 
 USER tinymfa
-HEALTHCHECK --interval=5s --timeout=5s --start-period=30s CMD /opt/go-tiny-mfa/bin/tiny-mfa --healthcheck
+HEALTHCHECK --interval=5s --timeout=5s --start-period=30s CMD ["/opt/go-tiny-mfa/bin/tiny-mfa", "--healthcheck"]
 CMD ["/opt/go-tiny-mfa/bin/tiny-mfa"]
diff --git a/build.sh b/build.sh
@@ -1,14 +1,27 @@
 #!/bin/bash
 
-DOCKER=`which docker`
+DOCKER=$(which docker)
+REVISION=$(git rev-parse --short=12 master)
+
+#sanity checks
+if [ -z ${DOCKER} ]; then
+    echo "docker not found!"
+    exit 99
+fi
+
+if [ -z ${REVISION} ]; then
+    echo "no revision environment variable 'REVISION' set"
+    exit 99
+fi
+
 if [ -z ${VERSION} ]; then
     echo "no version environment variable 'VERSION' set"
-    exit 0
+    exit 99
 fi
 
 if [ -z ${REPOSITORY} ]; then
     echo "no repository variable 'REPOSITORY' set"
-    exit 0
+    exit 99
 fi
 
 #build for linux/amd64
@@ -25,11 +38,20 @@ ${DOCKER} manifest push --purge ${REPOSITORY}/go-tiny-mfa:${VERSION}
 ${DOCKER} system prune --volumes --all -f
 
 #create docker image for linux/amd64
-${DOCKER} buildx build --load -t ${REPOSITORY}/go-tiny-mfa:amd64 --platform=linux/amd64  --build-arg ARCH=amd64 -f Dockerfile .
+${DOCKER} buildx build --load --tag ${REPOSITORY}/go-tiny-mfa:amd64 \
+    --platform=linux/amd64  --build-arg ARCH=amd64 \
+    --label version=${VERSION} --label revision=${REVISION} \
+    --file Dockerfile .
 #create docker image for linux/arm64
-${DOCKER} buildx build --load -t ${REPOSITORY}/go-tiny-mfa:arm64 --platform=linux/arm64  --build-arg ARCH=arm64 -f Dockerfile .
+${DOCKER} buildx build --load --tag ${REPOSITORY}/go-tiny-mfa:arm64 \
+    --platform=linux/arm64  --build-arg ARCH=arm64 \
+    --label version=${VERSION} --label revision=${REVISION} \
+    --file Dockerfile .
 #create docker image for linux/arm
-${DOCKER} buildx build --load -t ${REPOSITORY}/go-tiny-mfa:arm   --platform=linux/arm/v6 --build-arg ARCH=arm   -f Dockerfile .
+${DOCKER} buildx build --load --tag ${REPOSITORY}/go-tiny-mfa:arm   \
+    --platform=linux/arm/v6 --build-arg ARCH=arm   \
+    --label version=${VERSION} --label revision=${REVISION} \
+    --file Dockerfile .
 
 #push images to registry
 ${DOCKER} push ${REPOSITORY}/go-tiny-mfa:arm