[WIP] Hadolint recommendations #41
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
TokisanGames
commented
Mar 19, 2020
|
|
||
| CMD mkdir -p /root/xcode && \ | ||
| clang -O3 -llzma -lxar -I /usr/local/include pbzx.c -o pbzx && \ | ||
| mkdir -p /root/xcode && \ |
There was a problem hiding this comment.
Merge into run command. Separate CMD w/ json format
TokisanGames
commented
Mar 19, 2020
Dockerfile.ubuntu-32
Outdated
| ln -sf /usr/bin/g++-8 /usr/bin/g++ && \ | ||
| apt-get clean && \ | ||
| rm -rf /var/lib/apt/lists/ && \ | ||
| rm ./*.deb |
There was a problem hiding this comment.
clean up files on the layer that installs them
TokisanGames
commented
Mar 19, 2020
| @@ -33,11 +38,8 @@ RUN cp -a /root/files/${mono_version} /root && \ | |||
| wget https://download.mono-project.com/repo/ubuntu/pool/main/c/core-setup/msbuild-libhostfxr_3.0.0.2019.04.16.02.13-0xamarin3+ubuntu1604b1_i386.deb && \ | |||
| wget https://download.mono-project.com/repo/ubuntu/pool/main/m/msbuild/msbuild-sdkresolver_16.3+xamarinxplat.2019.08.08.00.55-0xamarin2+ubuntu1604b1_all.deb && \ | |||
| wget https://download.mono-project.com/repo/ubuntu/pool/main/n/nuget/nuget_5.2.0.6090.bin-0xamarin1+ubuntu1604b1_all.deb && \ | |||
| dpkg -i --force-all *.deb && \ | |||
| dpkg -i --force-all ./*.deb && \ | |||
There was a problem hiding this comment.
avoid files that begin with - from being interpreted as an option
TokisanGames
commented
Mar 19, 2020
| @@ -3,7 +3,9 @@ FROM godot-mono:${img_version} | |||
|
|
|||
| ARG mono_version | |||
|
|
|||
| RUN if [ -z "${mono_version}" ]; then echo -e "\n\nargument mono-version is mandatory!\n\n"; exit 1; fi && \ | |||
| SHELL ["/bin/bash", "-o", "pipefail", "-c"] | |||
There was a problem hiding this comment.
script stops if either side of a pipe fail
Merged
|
In spite of what hadolint says, Making this one WIP while I figure it out. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I ran http://github.com/hadolint/hadolint per calinou. This resulted in 45 best practices warnings. I fixed all except for using WORKDIR instead of cd, and pinning apt-get installs (and dnf) to specific versions).
Key takeaways:
|should haveSHELL ["/bin/bash", "-o", "pipefail", "-c"]before RUN so it will fail if either side of the pipe fails.*.debshould begin with./*.debin case a file begins with a hyphen so it's not interpreted as an option.-eonechois not a POSIX standard and printf is recommended.CMDis a json list, so should be formatted asCMD ["/bin/bash"]