diff --git a/.gitea/workflows/jekyll.yaml b/.gitea/workflows/jekyll.yaml new file mode 100644 index 0000000..36053cc --- /dev/null +++ b/.gitea/workflows/jekyll.yaml @@ -0,0 +1,45 @@ +name: Jekyll +on: + push: + branches: + - main + pull_request: + +env: + _UID: 1000 + _GID: 1000 +jobs: + jekyll: + runs-on: ubuntu-22.04 + steps: + - name: Check out repository + id: checkout + uses: actions/checkout@v4 + - name: Change file ownership + id: file_ownership + run: | + chown -R ${_UID}:${_GID} . + - name: Install docker + id: install_docker + run: | + apt-get -q update + apt-get -q install -y docker-compose + apt-get -q clean + - name: Verify docker + id: verify_docker + run: | + docker run --rm hello-world:latest > /dev/null + docker rmi hello-world:latest > /dev/null + docker version + docker-compose version + docker volume ls + - name: Build Jekyll image + id: build_image + run: | + # The environment variables _UID and _GID can impact this image + docker-compose build jekyll + - name: Build Jekyll site + id: build_site + run: | + docker-compose run --rm -v "${JOB_CONTAINER_NAME}:/site" -w /site \ + jekyll build --verbose diff --git a/docker-compose.yml b/docker-compose.yml index 65a78d5..4b2b349 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -5,17 +5,18 @@ services: context: docker/jekyll args: uid: "${_UID:-1000}" + user: "${_USER:-appuser}" gid: "${_GID:-1000}" + group: "${_GROUP:-appgroup}" volumes: - - .:/home/jekyll/workspace - working_dir: /home/jekyll/workspace + - .:/appdata + working_dir: /appdata ports: - "4000:4000" stdin_open: true tty: true hostname: jekyll.local container_name: jekyll.local - command: bash networks: - bridge deploy: diff --git a/docker/jekyll/Dockerfile b/docker/jekyll/Dockerfile index e2b25e0..044cd62 100644 --- a/docker/jekyll/Dockerfile +++ b/docker/jekyll/Dockerfile @@ -10,14 +10,15 @@ RUN INSTALL_PKGS="gcc g++ libyaml-dev make nodejs" && \ # Parameters for default user:group ARG uid=1000 -ARG user=ubuntu +ARG user=appuser ARG gid=1000 -ARG group=ubuntu +ARG group=appgroup -# Add or modify user and group for build and runtime (convenient) -#RUN id ${user} > /dev/null 2>&1 && \ -# { groupmod -g "${gid}" "${group}" && usermod -md /home/${user} -s /bin/bash -g "${group}" -u "${uid}" "${user}"; } || \ -# { groupadd -g "${gid}" "${group}" && useradd -md /home/${user} -s /bin/bash -g "${group}" -u "${uid}" "${user}"; } +# Ensure desired user and group for build and runtime (convenient) +RUN userdel --force --remove $(getent passwd ${uid} | cut -d: -f1) || true; \ + groupdel $(getent group ${gid} | cut -d: -f1) || true; \ + groupadd -g "${gid}" "${group}" && \ + useradd -md /home/${user} -s /bin/bash -g "${group}" -u "${uid}" "${user}"; # Copy requirements in non-root user home directory COPY Gemfile Gemfile.lock "/home/${user}/" @@ -25,17 +26,18 @@ RUN chown "${user}:${group}" "/home/${user}/Gemfile"* # Switch to non-root user USER ${user} -WORKDIR /home/${user} +WORKDIR /appdata # Install required gems RUN echo "gem: --no-document --user-install --bindir /home/${user}/bin" >> /home/${user}/.gemrc && \ - echo "gempath: /home/${user}/.gem/ruby:/home/${user}/.bundle/gems/ruby/3.3.0" >> .gemrc && \ - gem install bundler --version `sed -n -r -e '/BUNDLED WITH/,$ { s/\s+([.0-9]+)/\1/ p }' Gemfile.lock` && \ + echo "gempath: /home/${user}/.gem/ruby:/home/${user}/.bundle/gems/ruby/3.3.0" >> /home/${user}/.gemrc && \ + gem install bundler --version `sed -n -r -e '/BUNDLED WITH/,$ { s/\s+([.0-9]+)/\1/ p }' /home/${user}/Gemfile.lock` && \ bundle config --global path /home/${user}/.bundle/gems && \ bundle config --global bin /home/${user}/bin && \ - bundle install && \ + bundle install --gemfile=/home/${user}/Gemfile && \ rm -rf /home/${user}/.bundle/cache ENV PATH=/home/${user}/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin -CMD [ 'jekyll', 's', 'source', './src', '--verbose', '--host 0.0.0.0', '--incremental' ] +ENTRYPOINT ["jekyll"] +CMD ["server", "--verbose", "--host", "0.0.0.0", "--incremental"]