Closed OmegaVVeapon closed 4 years ago
Thanks for this @OmegaVVeapon! Though in its current form, the pipeline will always trigger a push, even if the push just contains changes to documentation, refactoring, etc. In actuality, we really only want to push a new image when the repository is tagged.
I know this can be hard to test, since you ultimately need credentials, so I don't mind setting up the pipeline component.
That's 100% correct.
It was just added there as a placeholder but I expected you'd want to make some changes to that action. 👍
Also, I just realized we might be missing a few things to make that image usable... currently testing.
I can use what you have now for the action as a starting place, but I wouldn't want to merge it in until it's good to go. That said, I would just have this PR include the Dockerfile.
Once we get that squared away, I can immediately just push a v0.12.0
image so you can pull it, and then followup with a pipeline PR.
Made some changes, the image works now.
Here's a sample docker-compose.yaml
using the locally built image.
---
version: '3.7'
services:
sinker:
image: sinker:latest
container_name: sinker
entrypoint: ""
volumes:
- type: bind
source: /var/run/docker.sock
target: /var/run/docker.sock
- type: bind
source: ./testing-simple.yaml
target: /tmp/testing-simple.yaml
command: >
sh -c "docker login --username=omegavveapon --password=MY_PASSWORD &&
sinker push -m /tmp/testing-simple.yaml"
where testing-simple.yaml
is:
---
target:
repository: omegavveapon
sources:
- repository: hello-world
tag: latest
- repository: nginx
tag: latest
Unfortunately, the fact that Sinker needs a Docker daemon (access to the /var/run/docker.sock file) in order to be able to run will limit its usefulness for many users in CI pipelines.
It also means that the image cannot run as non-root since the /var/run/docker.sock
file is owned by root
in most cases...
In the Docker image that we've been using for our pipelines that use Sinker (as well as some other tools), we've also included the Docker CLI so there's no need to mount the host docker.sock
. It's not ideal either way, and the dependency really should be dropped. I just haven't had a strong need to do so as it works in our workflow.
If this image works for you, I'm going to go ahead and merge it in! We can build upon this and figure out next steps. Thanks again for your contribution 👍
Resolves #29