diff --git a/.gitea/workflows/alpine-dockerio.yaml b/.gitea/workflows/alpine-dockerio.yaml index 2ed68d7..c389e2e 100644 --- a/.gitea/workflows/alpine-dockerio.yaml +++ b/.gitea/workflows/alpine-dockerio.yaml @@ -6,7 +6,7 @@ on: jobs: build: - name: Build and push image + name: Build and push image (root user) runs-on: ubuntu-latest container: image: ghcr.io/catthehacker/ubuntu:act-latest @@ -65,3 +65,63 @@ jobs: aprimediet/nodejs:20-alpine aprimediet/nodejs:latest-alpine aprimediet/nodejs:alpine + build-rootless: + name: Build and push image (rootless) + runs-on: ubuntu-latest + container: + image: ghcr.io/catthehacker/ubuntu:act-latest + steps: + - name: Check out repository code + uses: actions/checkout@v3 + - name: Login to docker.io Registry + uses: docker/login-action@v3 + with: + registry: docker.io + username: aprimediet + password: ${{ secrets.DOCKER_TOKEN }} + - name: Build and push 14.21.3 + uses: docker/build-push-action@v5 + with: + context: . + file: Dockerfile.alpine + build-args: | + REGISTRY_URL=aprimediet + ALPINE_VERSION=3.14 + push: true + tags: | + aprimediet/nodejs:14-rootless-alpine + - name: Build and push 16.20.2 + uses: docker/build-push-action@v5 + with: + context: . + file: Dockerfile.alpine + build-args: | + REGISTRY_URL=aprimediet + ALPINE_VERSION=3.16 + push: true + tags: | + aprimediet/nodejs:16-rootless-alpine + - name: Build and push 18.19.1 + uses: docker/build-push-action@v5 + with: + context: . + file: Dockerfile.alpine + build-args: | + REGISTRY_URL=aprimediet + ALPINE_VERSION=3.18 + push: true + tags: | + aprimediet/nodejs:18-rootless-alpine + - name: Build and push 20.15.1 + uses: docker/build-push-action@v5 + with: + context: . + file: Dockerfile.alpine + build-args: | + REGISTRY_URL=aprimediet + ALPINE_VERSION=3.20 + push: true + tags: | + aprimediet/nodejs:20-rootless-alpine + aprimediet/nodejs:latest-rootless-alpine + aprimediet/nodejs:rootless-alpine diff --git a/.gitea/workflows/alpine-winter.yaml b/.gitea/workflows/alpine-winter.yaml index 32f44bd..2a58ec5 100644 --- a/.gitea/workflows/alpine-winter.yaml +++ b/.gitea/workflows/alpine-winter.yaml @@ -6,7 +6,7 @@ on: jobs: build: - name: Build and push image + name: Build and push image (Root User) runs-on: ubuntu-latest container: image: ghcr.io/catthehacker/ubuntu:act-latest @@ -61,3 +61,59 @@ jobs: git.winteraccess.id/${{ gitea.repository }}:20-alpine git.winteraccess.id/${{ gitea.repository }}:latest-alpine git.winteraccess.id/${{ gitea.repository }}:alpine + build-rootless: + name: Build and push image (rootless) + runs-on: ubuntu-latest + container: + image: ghcr.io/catthehacker/ubuntu:act-latest + steps: + - name: Check out repository code + uses: actions/checkout@v3 + - name: Login to Docker Winter Access Git Registry + uses: docker/login-action@v3 + with: + registry: git.winteraccess.id + username: aditya.prima + password: ${{ secrets.PATOKEN }} + - name: Build and push 14.21.3 + uses: docker/build-push-action@v5 + with: + context: . + file: Dockerfile.alpine-rootless + build-args: | + ALPINE_VERSION=3.14 + push: true + tags: | + git.winteraccess.id/${{ gitea.repository }}:14-rootless-alpine + - name: Build and push 16.20.2 + uses: docker/build-push-action@v5 + with: + context: . + file: Dockerfile.alpine + build-args: | + ALPINE_VERSION=3.16 + push: true + tags: | + git.winteraccess.id/${{ gitea.repository }}:16-rootless-alpine + - name: Build and push 18.19.1 + uses: docker/build-push-action@v5 + with: + context: . + file: Dockerfile.alpine + build-args: | + ALPINE_VERSION=3.18 + push: true + tags: | + git.winteraccess.id/${{ gitea.repository }}:18-rootless-alpine + - name: Build and push 20.15.1 + uses: docker/build-push-action@v5 + with: + context: . + file: Dockerfile.alpine + build-args: | + ALPINE_VERSION=3.20 + push: true + tags: | + git.winteraccess.id/${{ gitea.repository }}:20-rootless-alpine + git.winteraccess.id/${{ gitea.repository }}:latest-rootless-alpine + git.winteraccess.id/${{ gitea.repository }}:rootless-alpine diff --git a/.gitea/workflows/ubuntu-dockerio.yaml b/.gitea/workflows/ubuntu-dockerio.yaml index 5a2db94..7319268 100644 --- a/.gitea/workflows/ubuntu-dockerio.yaml +++ b/.gitea/workflows/ubuntu-dockerio.yaml @@ -6,7 +6,7 @@ on: jobs: build: - name: Build and push image + name: Build and push image (root user) runs-on: ubuntu-latest container: image: ghcr.io/catthehacker/ubuntu:act-latest @@ -73,3 +73,71 @@ jobs: aprimediet/nodejs:20 aprimediet/nodejs:latest-ubuntu aprimediet/nodejs:latest + build-rootless: + name: Build and push image (rootless) + runs-on: ubuntu-latest + container: + image: ghcr.io/catthehacker/ubuntu:act-latest + steps: + - name: Check out repository code + uses: actions/checkout@v3 + - name: Login to docker.io Registry + uses: docker/login-action@v3 + with: + registry: docker.io + username: aprimediet + password: ${{ secrets.DOCKER_TOKEN }} + - name: Build and push 14.21.3 + uses: docker/build-push-action@v5 + with: + context: . + file: Dockerfile.ubuntu-rootless + build-args: | + REGISTRY_URL=aprimediet + UBUNTU_VERSION=noble + NODE_VERSION=14.21.3 + push: true + tags: | + aprimediet/nodejs:14-rootless-ubuntu + aprimediet/nodejs:14-rootless + - name: Build and push 16.20.2 + uses: docker/build-push-action@v5 + with: + context: . + file: Dockerfile.ubuntu-rootless + build-args: | + REGISTRY_URL=aprimediet + UBUNTU_VERSION=noble + NODE_VERSION=16.20.2 + push: true + tags: | + aprimediet/nodejs:16-rootless-ubuntu + aprimediet/nodejs:16-rootless + - name: Build and push 18.19.1 + uses: docker/build-push-action@v5 + with: + context: . + file: Dockerfile.ubuntu + build-args: | + REGISTRY_URL=aprimediet + UBUNTU_VERSION=noble + NODE_VERSION=18.19.1 + push: true + tags: | + aprimediet/nodejs:18-rootless-ubuntu + aprimediet/nodejs:18-rootless + - name: Build and push 20.11.1 + uses: docker/build-push-action@v5 + with: + context: . + file: Dockerfile.ubuntu + build-args: | + REGISTRY_URL=aprimediet + UBUNTU_VERSION=noble + NODE_VERSION=20.15.1 + push: true + tags: | + aprimediet/nodejs:20-rootless-ubuntu + aprimediet/nodejs:20-rootless + aprimediet/nodejs:latest-rootless-ubuntu + aprimediet/nodejs:latest-rootless diff --git a/.gitea/workflows/ubuntu-winter.yaml b/.gitea/workflows/ubuntu-winter.yaml index 6972453..b87642d 100644 --- a/.gitea/workflows/ubuntu-winter.yaml +++ b/.gitea/workflows/ubuntu-winter.yaml @@ -6,7 +6,7 @@ on: jobs: build: - name: Build and push image + name: Build and push image (root user) runs-on: ubuntu-latest container: image: ghcr.io/catthehacker/ubuntu:act-latest @@ -69,3 +69,67 @@ jobs: git.winteraccess.id/${{ gitea.repository }}:20 git.winteraccess.id/${{ gitea.repository }}:latest-ubuntu git.winteraccess.id/${{ gitea.repository }}:latest + build-rootless: + name: Build and push image (rootless) + runs-on: ubuntu-latest + container: + image: ghcr.io/catthehacker/ubuntu:act-latest + steps: + - name: Check out repository code + uses: actions/checkout@v3 + - name: Login to Docker Winter Access Git Registry + uses: docker/login-action@v3 + with: + registry: git.winteraccess.id + username: aditya.prima + password: ${{ secrets.PATOKEN }} + - name: Build and push 14.21.3 + uses: docker/build-push-action@v5 + with: + context: . + file: Dockerfile.ubuntu-rootless + build-args: | + UBUNTU_VERSION=noble + NODE_VERSION=14.21.3 + push: true + tags: | + git.winteraccess.id/${{ gitea.repository }}:14-rootless-ubuntu + git.winteraccess.id/${{ gitea.repository }}:14-rootless + - name: Build and push 16.20.2 + uses: docker/build-push-action@v5 + with: + context: . + file: Dockerfile.ubuntu-rootless + build-args: | + UBUNTU_VERSION=noble + NODE_VERSION=16.20.2 + push: true + tags: | + git.winteraccess.id/${{ gitea.repository }}:16-rootless-ubuntu + git.winteraccess.id/${{ gitea.repository }}:16-rootless + - name: Build and push 18.19.1 + uses: docker/build-push-action@v5 + with: + context: . + file: Dockerfile.ubuntu + build-args: | + UBUNTU_VERSION=noble + NODE_VERSION=18.19.1 + push: true + tags: | + git.winteraccess.id/${{ gitea.repository }}:18-rootless-ubuntu + git.winteraccess.id/${{ gitea.repository }}:18-rootless + - name: Build and push 20.15.1 + uses: docker/build-push-action@v5 + with: + context: . + file: Dockerfile.ubuntu + build-args: | + UBUNTU_VERSION=noble + NODE_VERSION=20.15.1 + push: true + tags: | + git.winteraccess.id/${{ gitea.repository }}:20-rootless-ubuntu + git.winteraccess.id/${{ gitea.repository }}:20-rootless + git.winteraccess.id/${{ gitea.repository }}:latest-rootless-ubuntu + git.winteraccess.id/${{ gitea.repository }}:latest-rootless diff --git a/Dockerfile.alpine b/Dockerfile.alpine index 4f717d5..2fe28a4 100644 --- a/Dockerfile.alpine +++ b/Dockerfile.alpine @@ -4,7 +4,7 @@ # 20.11.1 = 3.19 # 20.15.1 = 3.20 ARG REGISTRY_URL=git.winteraccess.id/docker -ARG ALPINE_VERSION=3.19 +ARG ALPINE_VERSION=3.20 FROM ${REGISTRY_URL}/alpine:${ALPINE_VERSION} LABEL maintainer=" aprimediet@gmail.com" @@ -12,9 +12,9 @@ LABEL maintainer=" aprimediet@gmail.com" WORKDIR / # SET CACHE DIR -ENV NODE_DIR /usr/local/share/nodejs -ENV NPM_CACHE_DIR ${NODE_DIR}/.npm-cache -ENV YARN_CACHE_DIR ${NODE_DIR}/.yarn-cache +ENV NODE_DIR=/usr/local/share/nodejs +ENV NPM_CACHE_DIR=${NODE_DIR}/.npm-cache +ENV YARN_CACHE_DIR=${NODE_DIR}/.yarn-cache # INSTALL WGET AND REQUIRED BUILD TOOLS RUN --mount=type=cache,target=/var/cache/apk \ @@ -36,6 +36,7 @@ RUN mkdir -p ${YARN_CACHE_DIR} RUN yarn config set cache-folder ${YARN_CACHE_DIR} # CLEAR CACHE -RUN rm -rf /var/cache/apk/* && \ +RUN apk del curl && \ + rm -rf /var/cache/apk/* && \ npm cache clean --force && \ npm -g cache clean --force \ No newline at end of file diff --git a/Dockerfile.alpine-rootless b/Dockerfile.alpine-rootless new file mode 100644 index 0000000..f29de98 --- /dev/null +++ b/Dockerfile.alpine-rootless @@ -0,0 +1,49 @@ +# 14.21.3 = 3.14 +# 16.20.2 = 3.16 +# 18.19.1 = 3.18 +# 20.11.1 = 3.19 +# 20.15.1 = 3.20 +ARG REGISTRY_URL=git.winteraccess.id/docker +ARG ALPINE_VERSION=3.20 + +FROM ${REGISTRY_URL}/alpine:${ALPINE_VERSION} +LABEL maintainer=" aprimediet@gmail.com" + +WORKDIR / + +# ADD USER +RUN addgroup -g 1001 node && adduser -D -u 1001 -G node -s /bin/bash -h /app node + +# SET CACHE DIR +ENV NODE_DIR=/usr/local/share/nodejs +ENV NPM_CACHE_DIR=${NODE_DIR}/.npm-cache +ENV YARN_CACHE_DIR=${NODE_DIR}/.yarn-cache + +# INSTALL WGET AND REQUIRED BUILD TOOLS +RUN --mount=type=cache,target=/var/cache/apk \ + apk update && apk upgrade && apk add \ + nodejs nodejs-dev npm + +# SET NPM GLOBAL CACHE +RUN npm -g config set cache ${NPM_CACHE_DIR} && \ + npm config set cache ${NPM_CACHE_DIR} + +# INSTALL YARN +RUN --mount=type=cache,target=${NPM_CACHE_DIR} \ + npm i -g yarn + +# CREATE YARN CACHE DIR +RUN mkdir -p ${YARN_CACHE_DIR} + +# SET YARN CACHE DIR +RUN yarn config set cache-folder ${YARN_CACHE_DIR} + +# CLEAR CACHE +RUN apk del curl && \ + rm -rf /var/cache/apk/* && \ + npm cache clean --force && \ + npm -g cache clean --force + +# SET AS USER NODE +WORKDIR /app +USER node \ No newline at end of file diff --git a/Dockerfile.ubuntu b/Dockerfile.ubuntu index 29c174a..d350b7a 100644 --- a/Dockerfile.ubuntu +++ b/Dockerfile.ubuntu @@ -1,5 +1,5 @@ ARG REGISTRY_URL=git.winteraccess.id/docker -ARG UBUNTU_VERSION=jammy +ARG UBUNTU_VERSION=noble FROM ${REGISTRY_URL}/ubuntu:${UBUNTU_VERSION} LABEL maintainer=" aprimediet@gmail.com" @@ -10,9 +10,9 @@ ARG NODE_VERSION=20.11.1 WORKDIR / # CREATE NVM_DIR -ENV NVM_DIR /usr/local/share/nvm -ENV NPM_CACHE_DIR ${NVM_DIR}/.npm-cache -ENV YARN_CACHE_DIR ${NVM_DIR}/.yarn-cache +ENV NVM_DIR=/usr/local/share/nvm +ENV NPM_CACHE_DIR=${NVM_DIR}/.npm-cache +ENV YARN_CACHE_DIR=${NVM_DIR}/.yarn-cache RUN mkdir -p ${NVM_DIR} # UPGRADE PACKAGES FIRST @@ -29,8 +29,8 @@ RUN bash /tmp/install.sh && \ nvm alias default v${NODE_VERSION} && \ nvm use default -ENV NODE_PATH $NVM_DIR/versions/node/v${NODE_VERSION}/lib/node_modules -ENV PATH $PATH:$NVM_DIR/versions/node/v${NODE_VERSION}/bin +ENV NODE_PATH=$NVM_DIR/versions/node/v${NODE_VERSION}/lib/node_modules +ENV PATH=$PATH:$NVM_DIR/versions/node/v${NODE_VERSION}/bin # SET NPM GLOBAL CACHE RUN npm -g config set cache ${NPM_CACHE_DIR} && \ @@ -47,5 +47,6 @@ RUN mkdir -p ${YARN_CACHE_DIR} RUN yarn config set cache-folder ${YARN_CACHE_DIR} # CLEAR APT CACHE -RUN apt -y clean && rm -rf /tmp/* && \ +RUN apt -y remove curl && apt -y autoremove && \ + apt -y clean && rm -rf /tmp/* && \ npm cache clean --force && npm -g cache clean --force diff --git a/Dockerfile.ubuntu-rootless b/Dockerfile.ubuntu-rootless new file mode 100644 index 0000000..72d8bc5 --- /dev/null +++ b/Dockerfile.ubuntu-rootless @@ -0,0 +1,59 @@ +ARG REGISTRY_URL=git.winteraccess.id/docker +ARG UBUNTU_VERSION=noble + +FROM ${REGISTRY_URL}/ubuntu:${UBUNTU_VERSION} +LABEL maintainer=" aprimediet@gmail.com" + +ARG NVM_VERSION=0.39.7 +ARG NODE_VERSION=20.15.1 + +WORKDIR / + +# ADDUSER +RUN groupadd -g 1001 node && useradd -u 1001 -s /bin/bash -m -d /app -g node node + +# CREATE NVM_DIR +ENV NVM_DIR=/usr/local/share/nvm +ENV NPM_CACHE_DIR=${NVM_DIR}/.npm-cache +ENV YARN_CACHE_DIR=${NVM_DIR}/.yarn-cache +RUN mkdir -p ${NVM_DIR} + +# UPGRADE PACKAGES FIRST +RUN --mount=type=cache,target=/var/cache/apt/archives \ + apt -y update && apt -y upgrade + +# GET LATEST NVM +ADD https://raw.githubusercontent.com/nvm-sh/nvm/v${NVM_VERSION}/install.sh /tmp + +# INSTALL NVM AND DESIGNATED NODE VERSION +RUN bash /tmp/install.sh && \ + . $NVM_DIR/nvm.sh && \ + nvm install v${NODE_VERSION} && \ + nvm alias default v${NODE_VERSION} && \ + nvm use default + +ENV NODE_PATH=$NVM_DIR/versions/node/v${NODE_VERSION}/lib/node_modules +ENV PATH=$PATH:$NVM_DIR/versions/node/v${NODE_VERSION}/bin + +# SET NPM GLOBAL CACHE +RUN npm -g config set cache ${NPM_CACHE_DIR} && \ + npm config set cache ${NPM_CACHE_DIR} + +# INSTALL YARN +RUN --mount=type=cache,target=${NPM_CACHE_DIR} \ + npm i -g yarn + +# CREATE YARN CACHE DIR +RUN mkdir -p ${YARN_CACHE_DIR} + +# SET YARN CACHE DIR +RUN yarn config set cache-folder ${YARN_CACHE_DIR} + +# CLEAR APT CACHE +RUN apt -y remove curl && apt -y autoremove && \ + apt -y clean && rm -rf /tmp/* && \ + npm cache clean --force && npm -g cache clean --force + +# SET AS USER node +WORKDIR /app +USER node