-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathDockerfile
47 lines (38 loc) · 2.36 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
# kics-scan disable=fd54f200-402c-4333-a5a4-36ef6709af2f
# checkov:skip=CKV_DOCKER_3: Ensure that a user for the container has been created
# checkov:skip=CKV2_DOCKER_1: Ensure that sudo isn't used
FROM alpine:3.21@sha256:56fa17d2a7e7f168a043a2712e63aed1f8543aeafdcee47c58dcffe38ed51099
LABEL maintainer="Petr Ruzicka <[email protected]>"
LABEL repository="https://github.com/ruzickap/action-my-broken-link-checker"
LABEL homepage="https://github.com/ruzickap/action-my-broken-link-checker"
LABEL "com.github.actions.name"="My Broken Link Checker"
LABEL "com.github.actions.description"="Check broken links on web pages stored locally or remotely"
LABEL "com.github.actions.icon"="list"
LABEL "com.github.actions.color"="blue"
# renovate: datasource=github-tags depName=raviqqe/muffet
ENV MUFFET_VERSION="2.10.7"
# renovate: datasource=github-tags depName=caddyserver/caddy
ENV CADDY_VERSION="2.9.1"
SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
# set up nsswitch.conf for Go's "netgo" implementation (which Docker explicitly uses)
# - https://github.com/docker/docker-ce/blob/v17.09.0-ce/components/engine/hack/make.sh#L149
# - https://github.com/golang/go/blob/go1.9.1/src/net/conf.go#L194-L275
# - docker run --rm debian:stretch grep '^hosts:' /etc/nsswitch.conf
RUN set -eux && \
test -e /etc/nsswitch.conf || echo 'hosts: files dns' > /etc/nsswitch.conf && \
apk add --no-cache bash ca-certificates sudo wget && \
if [ "${MUFFET_VERSION}" = "latest" ]; then \
MUFFET_URL=$(wget -qO- https://api.github.com/repos/raviqqe/muffet/releases/latest | grep "browser_download_url.*/muffet_linux_amd64.tar.gz" | cut -d \" -f 4) ; \
else \
MUFFET_URL="https://github.com/raviqqe/muffet/releases/download/v${MUFFET_VERSION}/muffet_linux_amd64.tar.gz" ; \
fi && \
wget -qO- "${MUFFET_URL}" | tar xzf - -C /usr/local/bin/ muffet && \
if [ "${CADDY_VERSION}" = "latest" ]; then \
CADDY_URL=$(wget --quiet https://api.github.com/repos/caddyserver/caddy/releases/latest -O - | grep "browser_download_url.*caddy_.*_linux_amd64.tar.gz" | cut -d \" -f 4) ; \
else \
CADDY_URL="https://github.com/caddyserver/caddy/releases/download/v${CADDY_VERSION}/caddy_${CADDY_VERSION}_linux_amd64.tar.gz" ; \
fi && \
wget --quiet "${CADDY_URL}" -O - | tar xzf - -C /usr/local/bin/ caddy
COPY entrypoint.sh /entrypoint.sh
HEALTHCHECK NONE
ENTRYPOINT [ "/entrypoint.sh" ]