From 4292bbccbb16880c7f82c751dd5fd4e9d0aa4f7b Mon Sep 17 00:00:00 2001 From: Vanessa Sochat Date: Tue, 8 Jan 2019 18:44:48 -0500 Subject: [PATCH 01/13] adding README and Dockerfile for Github actions, will test with my branch --- actions/Dockerfile | 44 ++++++++++++++++++++++++++ actions/README.md | 79 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 123 insertions(+) create mode 100644 actions/Dockerfile create mode 100644 actions/README.md diff --git a/actions/Dockerfile b/actions/Dockerfile new file mode 100644 index 00000000..e6b6fcdc --- /dev/null +++ b/actions/Dockerfile @@ -0,0 +1,44 @@ +FROM golang:1.11.3-stretch + +# docker build -f actions/Dockerfile -t googlecontainertools/container-diff . + +RUN apt-get update && \ + apt-get install -y automake \ + libffi-dev \ + libxml2 \ + libxml2-dev \ + libxslt-dev \ + libxslt1-dev \ + git \ + gcc g++ \ + wget \ + locales + +RUN sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen && \ + locale-gen +ENV LANG en_US.UTF-8 +ENV LANGUAGE en_US:en +ENV LC_ALL en_US.UTF-8 + +LABEL "com.github.actions.name"="container-diff GitHub Action" +LABEL "com.github.actions.description"="use Container-Diff in Github Actions Workflows" +LABEL "com.github.actions.icon"="cloud" +LABEL "com.github.actions.color"="blue" + +LABEL "repository"="https://www.github.com/GoogleContainerTools/container-diff" +LABEL "homepage"="https://www.github.com/GoogleContainerTools/container-diff" +LABEL "maintainer"="Google Inc." + +# Install container-diff from master +RUN go get github.com/GoogleContainerTools/container-diff && \ + cd ${GOPATH}/src/github.com/GoogleContainerTools/container-diff && \ + go get && \ + make && \ + go install && \ + mkdir -p /code && \ + apt-get autoremove + +RUN mkdir -p /root/.docker && \ + echo {} > /root/.docker/config.json + +ENTRYPOINT ["container-diff"] diff --git a/actions/README.md b/actions/README.md new file mode 100644 index 00000000..717937b5 --- /dev/null +++ b/actions/README.md @@ -0,0 +1,79 @@ +# Container Diff for Github Actions + +This is a Github Action to allow you to run Container Diff in a +[Github Actions](https://help.github.com/articles/about-github-actions/#about-github-actions) +workflow. The intended use case is to build a Docker container from the repository, +push it to Docker Hub, and then use container-diff to extract metadata for it that +you can use in other workflows (such as deploying to Github pages). In +the example below, we will show you how to build a container, push +to Docker Hub, and then container diff. Here is the entire workflow: + +## Example 1: Run Container Diff + +Given an existing container on Docker Hub, we can run container diff +without doing any kind of build. + +``` +workflow "Run container-diff" { + on = "push" + resolves = ["list"] +} + +action "Run container-diff" { + args = ["analyze", "vanessa/salad", "--type=pip", "type=apt", "--type=history", --output "/github/workspace/data.json", "--type=file", "--json", "--quiet", "--verbosity=panic" ] +} + +action "list" { + needs = ["Run container-diff"] + uses = "actions/bin/sh@master" + runs = "ls" + args = ["/github/workspace"] +} +``` + +In the above, we run container-diff to output apt and pip packages, history, +and the filesystem for the container "vanessa/salad" that already exists on +Docker Hub. We save the result to a data.json output file. The final step in +the workflow (list) is a courtesy to show that the data.json file is generated. + +## Example 2: Build, Deploy, Run Container Diff + +This next example is slightly more complicated in that it will run container-diff +after a container is built and deployed from a Dockerfile present in the repository. + +``` +workflow "Run container-diff after deploy" { + on = "push" + resolves = ["Run container-diff"] +} + +action "build" { + uses = "actions/docker/cli@master" + args = "build -t vanessa/salad ." +} + +action "login" { + uses = "actions/docker/login@master" + secrets = ["DOCKER_USERNAME", "DOCKER_PASSWORD"] +} + +action "push" { + uses = "actions/docker/cli@master" + args = "push vanessa/salad" +} + +action "Run container-diff" { + needs = ["build", "login", "push"] + args = ["analyze", "vanessa/salad", "--type=pip", "type=apt", "--type=history", --output "/github/workspace/data.json", "--type=file", "--json", "--quiet", "--verbosity=panic" ] +} + +action "list" { + needs = ["Run container-diff"] + uses = "actions/bin/sh@master" + runs = "ls" + args = ["/github/workspace"] +} +``` + +The intended use case of the above would be to, whenever you update your +container, deploy its metadata to Github pages (or elsewhere). From f4798771aebe0795b46e0c7ca00998fc4e6af76f Mon Sep 17 00:00:00 2001 From: Vanessa Sochat Date: Wed, 9 Jan 2019 07:10:30 -0500 Subject: [PATCH 02/13] adding missing uses arg to blocks --- actions/README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/actions/README.md b/actions/README.md index 717937b5..e4b6c6af 100644 --- a/actions/README.md +++ b/actions/README.md @@ -20,6 +20,7 @@ workflow "Run container-diff" { } action "Run container-diff" { + uses = "GoogleContainerTools/container-diff/actions@master" args = ["analyze", "vanessa/salad", "--type=pip", "type=apt", "--type=history", --output "/github/workspace/data.json", "--type=file", "--json", "--quiet", "--verbosity=panic" ] } @@ -63,6 +64,7 @@ action "push" { } action "Run container-diff" { + uses = "GoogleContainerTools/container-diff/actions@master" needs = ["build", "login", "push"] args = ["analyze", "vanessa/salad", "--type=pip", "type=apt", "--type=history", --output "/github/workspace/data.json", "--type=file", "--json", "--quiet", "--verbosity=panic" ] } From 7a3297a58d06b4fbc2a8b9826e81f999cf3a9db8 Mon Sep 17 00:00:00 2001 From: Vanessa Sochat Date: Wed, 9 Jan 2019 07:19:48 -0500 Subject: [PATCH 03/13] fixing bug in readme --- actions/README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/actions/README.md b/actions/README.md index e4b6c6af..d3fc0278 100644 --- a/actions/README.md +++ b/actions/README.md @@ -14,14 +14,14 @@ Given an existing container on Docker Hub, we can run container diff without doing any kind of build. ``` -workflow "Run container-diff" { +workflow "Run container-diff isolated" { on = "push" resolves = ["list"] } action "Run container-diff" { uses = "GoogleContainerTools/container-diff/actions@master" - args = ["analyze", "vanessa/salad", "--type=pip", "type=apt", "--type=history", --output "/github/workspace/data.json", "--type=file", "--json", "--quiet", "--verbosity=panic" ] + args = ["analyze", "vanessa/salad", "--type=pip", "type=apt", "--type=history", "--output", "/github/workspace/data.json", "--type=file", "--json", "--quiet", "--verbosity=panic" ] } action "list" { @@ -66,7 +66,7 @@ action "push" { action "Run container-diff" { uses = "GoogleContainerTools/container-diff/actions@master" needs = ["build", "login", "push"] - args = ["analyze", "vanessa/salad", "--type=pip", "type=apt", "--type=history", --output "/github/workspace/data.json", "--type=file", "--json", "--quiet", "--verbosity=panic" ] + args = ["analyze", "vanessa/salad", "--type=pip", "type=apt", "--type=history", "--output", "/github/workspace/data.json", "--type=file", "--json", "--quiet", "--verbosity=panic" ] } action "list" { From 20e313afd465b8f98d53148a3c206bd7fcbaaf4b Mon Sep 17 00:00:00 2001 From: Vanessa Sochat Date: Wed, 9 Jan 2019 07:27:00 -0500 Subject: [PATCH 04/13] trying adding entrypoint --- actions/Dockerfile | 7 +++++-- actions/README.md | 2 +- actions/entrypoint.sh | 3 +++ 3 files changed, 9 insertions(+), 3 deletions(-) create mode 100644 actions/entrypoint.sh diff --git a/actions/Dockerfile b/actions/Dockerfile index e6b6fcdc..d12d7f9a 100644 --- a/actions/Dockerfile +++ b/actions/Dockerfile @@ -38,7 +38,10 @@ RUN go get github.com/GoogleContainerTools/container-diff && \ mkdir -p /code && \ apt-get autoremove +ADD entrypoint.sh /entrypoint.sh + RUN mkdir -p /root/.docker && \ - echo {} > /root/.docker/config.json + echo {} > /root/.docker/config.json && \ + chmod u+x /entrypoint.sh -ENTRYPOINT ["container-diff"] +ENTRYPOINT ["/entrypoint.sh"] diff --git a/actions/README.md b/actions/README.md index d3fc0278..ab85181d 100644 --- a/actions/README.md +++ b/actions/README.md @@ -64,8 +64,8 @@ action "push" { } action "Run container-diff" { - uses = "GoogleContainerTools/container-diff/actions@master" needs = ["build", "login", "push"] + uses = "GoogleContainerTools/container-diff/actions@master" args = ["analyze", "vanessa/salad", "--type=pip", "type=apt", "--type=history", "--output", "/github/workspace/data.json", "--type=file", "--json", "--quiet", "--verbosity=panic" ] } diff --git a/actions/entrypoint.sh b/actions/entrypoint.sh new file mode 100644 index 00000000..a3aab660 --- /dev/null +++ b/actions/entrypoint.sh @@ -0,0 +1,3 @@ +#!/bin/sh -l + +sh -c "container-diff $*" From c1a4e4f68548f976ccb4f6f10425ba2b138128fd Mon Sep 17 00:00:00 2001 From: Vanessa Sochat Date: Wed, 9 Jan 2019 07:33:49 -0500 Subject: [PATCH 05/13] trying different entrypoint --- actions/entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/actions/entrypoint.sh b/actions/entrypoint.sh index a3aab660..08a0efd0 100644 --- a/actions/entrypoint.sh +++ b/actions/entrypoint.sh @@ -1,3 +1,3 @@ #!/bin/sh -l -sh -c "container-diff $*" +sh -c "exec /go/bin/container-diff $*" From d547699b073f4f659516fa93286dff392715d153 Mon Sep 17 00:00:00 2001 From: Vanessa Sochat Date: Wed, 9 Jan 2019 10:07:18 -0500 Subject: [PATCH 06/13] adding print for debug --- actions/entrypoint.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/actions/entrypoint.sh b/actions/entrypoint.sh index 08a0efd0..a8ab88ac 100644 --- a/actions/entrypoint.sh +++ b/actions/entrypoint.sh @@ -1,3 +1,4 @@ #!/bin/sh -l -sh -c "exec /go/bin/container-diff $*" +echo "$@" +sh -c "exec /go/bin/container-diff ${@}" From ad08028d3f9b2a8691abf27c2f8fc5b151bdd124 Mon Sep 17 00:00:00 2001 From: Vanessa Sochat Date: Wed, 9 Jan 2019 10:19:13 -0500 Subject: [PATCH 07/13] break rules and use bash --- actions/Dockerfile | 2 +- actions/README.md | 2 +- actions/entrypoint.sh | 5 ++--- 3 files changed, 4 insertions(+), 5 deletions(-) diff --git a/actions/Dockerfile b/actions/Dockerfile index d12d7f9a..8822e764 100644 --- a/actions/Dockerfile +++ b/actions/Dockerfile @@ -44,4 +44,4 @@ RUN mkdir -p /root/.docker && \ echo {} > /root/.docker/config.json && \ chmod u+x /entrypoint.sh -ENTRYPOINT ["/entrypoint.sh"] +ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] diff --git a/actions/README.md b/actions/README.md index ab85181d..b88751e3 100644 --- a/actions/README.md +++ b/actions/README.md @@ -66,7 +66,7 @@ action "push" { action "Run container-diff" { needs = ["build", "login", "push"] uses = "GoogleContainerTools/container-diff/actions@master" - args = ["analyze", "vanessa/salad", "--type=pip", "type=apt", "--type=history", "--output", "/github/workspace/data.json", "--type=file", "--json", "--quiet", "--verbosity=panic" ] + args = ["analyze", "daemon://vanessa/salad", "--type=pip", "type=apt", "--type=history", "--output=/github/workspace/data.json", "--type=file", "--json", "--quiet", "--verbosity=panic" ] } action "list" { diff --git a/actions/entrypoint.sh b/actions/entrypoint.sh index a8ab88ac..cd89af15 100644 --- a/actions/entrypoint.sh +++ b/actions/entrypoint.sh @@ -1,4 +1,3 @@ -#!/bin/sh -l +#!/bin/bash -echo "$@" -sh -c "exec /go/bin/container-diff ${@}" +exec /go/bin/container-diff "${@}" From 672dafe9c88870f8225f298ae534ca268e49f62a Mon Sep 17 00:00:00 2001 From: Vanessa Sochat Date: Wed, 9 Jan 2019 10:24:01 -0500 Subject: [PATCH 08/13] try removing entrypoint --- actions/Dockerfile | 2 -- 1 file changed, 2 deletions(-) diff --git a/actions/Dockerfile b/actions/Dockerfile index 8822e764..6b419c3d 100644 --- a/actions/Dockerfile +++ b/actions/Dockerfile @@ -43,5 +43,3 @@ ADD entrypoint.sh /entrypoint.sh RUN mkdir -p /root/.docker && \ echo {} > /root/.docker/config.json && \ chmod u+x /entrypoint.sh - -ENTRYPOINT ["/bin/bash", "/entrypoint.sh"] From 49f61599fbdf51e274d72a2345307bca06ac0525 Mon Sep 17 00:00:00 2001 From: Vanessa Sochat Date: Wed, 9 Jan 2019 10:35:40 -0500 Subject: [PATCH 09/13] got it working! readding entrypoint --- actions/Dockerfile | 2 ++ actions/README.md | 4 ++-- actions/entrypoint.sh | 4 ++-- 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/actions/Dockerfile b/actions/Dockerfile index 6b419c3d..d12d7f9a 100644 --- a/actions/Dockerfile +++ b/actions/Dockerfile @@ -43,3 +43,5 @@ ADD entrypoint.sh /entrypoint.sh RUN mkdir -p /root/.docker && \ echo {} > /root/.docker/config.json && \ chmod u+x /entrypoint.sh + +ENTRYPOINT ["/entrypoint.sh"] diff --git a/actions/README.md b/actions/README.md index b88751e3..3d1828d2 100644 --- a/actions/README.md +++ b/actions/README.md @@ -21,7 +21,7 @@ workflow "Run container-diff isolated" { action "Run container-diff" { uses = "GoogleContainerTools/container-diff/actions@master" - args = ["analyze", "vanessa/salad", "--type=pip", "type=apt", "--type=history", "--output", "/github/workspace/data.json", "--type=file", "--json", "--quiet", "--verbosity=panic" ] + args = "analyze remote://vanessa/salad --type=pip type=apt --type=history --output /github/workspace/data.json --type=file --json --quiet --verbosity=panic" } action "list" { @@ -66,7 +66,7 @@ action "push" { action "Run container-diff" { needs = ["build", "login", "push"] uses = "GoogleContainerTools/container-diff/actions@master" - args = ["analyze", "daemon://vanessa/salad", "--type=pip", "type=apt", "--type=history", "--output=/github/workspace/data.json", "--type=file", "--json", "--quiet", "--verbosity=panic" ] + args = "analyze vanessa/salad --type=pip type=apt --type=history --output /github/workspace/data.json --type=file --json --quiet --verbosity=panic" } action "list" { diff --git a/actions/entrypoint.sh b/actions/entrypoint.sh index cd89af15..e10b3fe5 100644 --- a/actions/entrypoint.sh +++ b/actions/entrypoint.sh @@ -1,3 +1,3 @@ -#!/bin/bash +#!/bin/bash -l -exec /go/bin/container-diff "${@}" +sh -c "exec /go/bin/container-diff ${@}" From 68ba7f7663b5a4d62b215bb595f8b62e807e0c58 Mon Sep 17 00:00:00 2001 From: Vanessa Sochat Date: Wed, 9 Jan 2019 10:50:34 -0500 Subject: [PATCH 10/13] not working agian... --- actions/entrypoint.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/actions/entrypoint.sh b/actions/entrypoint.sh index e10b3fe5..283b72e9 100644 --- a/actions/entrypoint.sh +++ b/actions/entrypoint.sh @@ -1,3 +1,4 @@ -#!/bin/bash -l +#!/bin/bash -sh -c "exec /go/bin/container-diff ${@}" +echo "$@" +/go/bin/container-diff "${@}" From bb35e863e3a2827336f323b81ea59003a3898807 Mon Sep 17 00:00:00 2001 From: Vanessa Sochat Date: Wed, 9 Jan 2019 10:53:44 -0500 Subject: [PATCH 11/13] remove extra quotes --- actions/entrypoint.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/actions/entrypoint.sh b/actions/entrypoint.sh index 283b72e9..e7b50a45 100644 --- a/actions/entrypoint.sh +++ b/actions/entrypoint.sh @@ -1,4 +1,4 @@ #!/bin/bash echo "$@" -/go/bin/container-diff "${@}" +/go/bin/container-diff ${@} From 417de2425b112fc24f78764e02764d10673e6ba6 Mon Sep 17 00:00:00 2001 From: Vanessa Sochat Date: Wed, 9 Jan 2019 10:58:27 -0500 Subject: [PATCH 12/13] last tweak for working args! --- actions/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/actions/README.md b/actions/README.md index 3d1828d2..29ed114d 100644 --- a/actions/README.md +++ b/actions/README.md @@ -21,7 +21,7 @@ workflow "Run container-diff isolated" { action "Run container-diff" { uses = "GoogleContainerTools/container-diff/actions@master" - args = "analyze remote://vanessa/salad --type=pip type=apt --type=history --output /github/workspace/data.json --type=file --json --quiet --verbosity=panic" + args = ["analyze vanessa/salad --type=file --output=/github/workspace/data.json --json"] } action "list" { @@ -66,7 +66,7 @@ action "push" { action "Run container-diff" { needs = ["build", "login", "push"] uses = "GoogleContainerTools/container-diff/actions@master" - args = "analyze vanessa/salad --type=pip type=apt --type=history --output /github/workspace/data.json --type=file --json --quiet --verbosity=panic" + args = ["analyze vanessa/salad --type=file --output=/github/workspace/data.json --json"] } action "list" { From e6424424e250c19177ae8e1400f97100252d45cc Mon Sep 17 00:00:00 2001 From: Vanessa Sochat Date: Wed, 9 Jan 2019 11:08:57 -0500 Subject: [PATCH 13/13] try adding to ignore in test.sh --- test.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test.sh b/test.sh index dd3d27cd..c1914803 100755 --- a/test.sh +++ b/test.sh @@ -35,7 +35,7 @@ fi # Ignore these paths in the following tests. -ignore="vendor\|out" +ignore="vendor\|out\|actions" # Check boilerplate echo "Checking boilerplate..."