This addition refactors the current GitHub Action image builder to add the following:
[x] Multi-platform image building - we now build both amd64 as well as arm64 images. ARMv7 was excluded due to the large build time
[x] Docker standardized image tagging and labeling of images
[x] Dockle Dockerfile best practices scanning, blocking if severe violations
[x] Trivy vulnerability scanning, with uploads to GitHub Security for further remediation
[x] Conditional image push for testing a passing Docker image build
Updates to Dockerfiles:
[x] addon-jacket
a. Updated dockerignore for eslint files, Dockerfile, and README file.
b. Update Dockerfile to add a new user and run container as new user, add basic health check for pm2.
[x] addon
a. Updated dockerignore for eslint files and Dockerfile
b. Update Dockerfile to add a new user and run container as new user, add basic health check for pm2.
[x] consumer
a. Updated dockerignore for eslint files and Dockerfile
b. Update Dockerfile to add a new user and run container as new user, add basic health check for node, and set uid files as non-executable by non-root users.
[x] producer
a. Update Dockerfile to add a new user and run container as new user, add basic health check for node, and add fixes for multi-platform image builds.
GitHub Actions Image Builder Refactor
This addition refactors the current GitHub Action image builder to add the following:
Updates to Dockerfiles:
[x] addon-jacket a. Updated dockerignore for eslint files, Dockerfile, and README file. b. Update Dockerfile to add a new user and run container as new user, add basic health check for pm2.
[x] addon a. Updated dockerignore for eslint files and Dockerfile b. Update Dockerfile to add a new user and run container as new user, add basic health check for pm2.
[x] consumer a. Updated dockerignore for eslint files and Dockerfile b. Update Dockerfile to add a new user and run container as new user, add basic health check for node, and set uid files as non-executable by non-root users.
[x] producer a. Update Dockerfile to add a new user and run container as new user, add basic health check for node, and add fixes for multi-platform image builds.