Add docker image #192
Add docker image #192
Conversation
|
I have tested it locally but not sure if github action script is correct ... Not sure how to test it. |
davideicardi
force-pushed
the
feature/docker-image
branch
from
4f3f7f1
to
9f22a50
Compare
|
And you have to set |
Signed-off-by: Davide Icardi <davide.icardi@gmail.com>
davideicardi
force-pushed
the
feature/docker-image
branch
from
9f22a50
to
70b9536
Compare
|
really nice guessing once this is approved owner can create https://hub.docker.com/r/cyclonedx/cyclonedx-node to match https://hub.docker.com/r/cyclonedx/cyclonedx-python |
|
would perhaps add a "docker-release" command to the scripts but that's just me being lazy for the project i maintain something like "scripts": {
...
"docker-release": "docker build . -t cyclonedx/cyclonedx-node:`node bin/cyclonedx-bom --version` -t cyclonedx/cyclonedx-node:latest && docker push cyclonedx/cyclonedx-node:`node bin/cyclonedx-bom --version` && docker push cyclonedx/cyclonedx-node:latest"
} |
Signed-off-by: Davide Icardi <davide.icardi@gmail.com>
davideicardi
force-pushed
the
feature/docker-image
branch
from
22c68c8
to
f85f0fe
Compare
|
Thank you @Anthony-Mckale. Just added |
|
News? It is possible to publish the official docker image? Thank you! |
|
@coderpatros @stevespringett your attention is needed |
Signed-off-by: Davide Icardi <davide.icardi@gmail.com>
| run: | | ||
| echo Version level: ${{ github.event.inputs.versionLevel }} | ||
| npm ci | ||
| npm run build --if-present | ||
| npm version ${{ github.event.inputs.versionLevel }} --message "${{ github.event.inputs.commitMessage }}" | ||
| VERSION=$(npm version ${{ github.event.inputs.versionLevel }} --message "${{ github.event.inputs.commitMessage }}") | ||
| VERSION=${VERSION:1} # remove 'v' prefix |
There was a problem hiding this comment.
dont modify the version.
as far as i know we like to have all versions the same - the node package and the docker.
if one has a v prefix, then all have it.
are there any needs to change this? does a leading v in docker tags break a workflow or are considered "bad habbit" ? please let me know.
There was a problem hiding this comment.
I think it is just a convention, usually docker tags doesn't have the v prefix. Also other CycloneDx images follow the same rules (https://hub.docker.com/r/cyclonedx/cyclonedx-python/tags, https://hub.docker.com/r/cyclonedx/cyclonedx-dotnet/tags, ...). Personally I prefer to remove the v.
But I understand your point so we can do whatever you prefer ;-).
Please let me know if I should leave the v prefix or not.
| COPY . /usr/src/cyclonedx-bom | ||
|
|
||
| ENTRYPOINT ["/usr/src/cyclonedx-bom/bin/cyclonedx-bom"] | ||
| CMD ["-h"] |
There was a problem hiding this comment.
why add a default command?
cyclonedx-bom can run without any arguments/options/switches.
having this default option -h would force the user to add at least one arguments/options/switches
am i wrong?
There was a problem hiding this comment.
Yes, right now if you do not add any arguments it will just show the help.
In my opinion is a good practice to avoid unexpected behavior and it is the same logic used by cyclonedx-dotnet.
But also in this case it is not a strong opinion, as you prefer.
|
thanks again, @davideicardi I've added some remarks in the files, that you need to consider. |
Signed-off-by: Davide Icardi <davide.icardi@gmail.com>
Signed-off-by: Davide Icardi <davide.icardi@gmail.com>
|
@jkowalleck Thank you for your feedbacks. I have added dependabot and fixed or answered to your points. Happy to contribute to cyclonedx ecosystem! |
|
Big thanks for this PR and for all the feedback. Much appreciated. |
Fix #191