-
-
Notifications
You must be signed in to change notification settings - Fork 37
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add docker image #192
Add docker image #192
Conversation
I have tested it locally but not sure if github action script is correct ... Not sure how to test it. |
4f3f7f1
to
9f22a50
Compare
And you have to set |
Signed-off-by: Davide Icardi <davide.icardi@gmail.com>
9f22a50
to
70b9536
Compare
really nice guessing once this is approved owner can create https://hub.docker.com/r/cyclonedx/cyclonedx-node to match https://hub.docker.com/r/cyclonedx/cyclonedx-python |
would perhaps add a "docker-release" command to the scripts but that's just me being lazy for the project i maintain something like "scripts": {
...
"docker-release": "docker build . -t cyclonedx/cyclonedx-node:`node bin/cyclonedx-bom --version` -t cyclonedx/cyclonedx-node:latest && docker push cyclonedx/cyclonedx-node:`node bin/cyclonedx-bom --version` && docker push cyclonedx/cyclonedx-node:latest"
} |
Signed-off-by: Davide Icardi <davide.icardi@gmail.com>
22c68c8
to
f85f0fe
Compare
Thank you @Anthony-Mckale. Just added |
News? It is possible to publish the official docker image? Thank you! |
@coderpatros @stevespringett your attention is needed |
Signed-off-by: Davide Icardi <davide.icardi@gmail.com>
run: | | ||
echo Version level: ${{ github.event.inputs.versionLevel }} | ||
npm ci | ||
npm run build --if-present | ||
npm version ${{ github.event.inputs.versionLevel }} --message "${{ github.event.inputs.commitMessage }}" | ||
VERSION=$(npm version ${{ github.event.inputs.versionLevel }} --message "${{ github.event.inputs.commitMessage }}") | ||
VERSION=${VERSION:1} # remove 'v' prefix |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
dont modify the version.
as far as i know we like to have all versions the same - the node package and the docker.
if one has a v
prefix, then all have it.
are there any needs to change this? does a leading v
in docker tags break a workflow or are considered "bad habbit" ? please let me know.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it is just a convention, usually docker tags doesn't have the v
prefix. Also other CycloneDx images follow the same rules (https://hub.docker.com/r/cyclonedx/cyclonedx-python/tags, https://hub.docker.com/r/cyclonedx/cyclonedx-dotnet/tags, ...). Personally I prefer to remove the v
.
But I understand your point so we can do whatever you prefer ;-).
Please let me know if I should leave the v
prefix or not.
COPY . /usr/src/cyclonedx-bom | ||
|
||
ENTRYPOINT ["/usr/src/cyclonedx-bom/bin/cyclonedx-bom"] | ||
CMD ["-h"] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why add a default command?
cyclonedx-bom
can run without any arguments/options/switches.
having this default option -h
would force the user to add at least one arguments/options/switches
am i wrong?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, right now if you do not add any arguments it will just show the help.
In my opinion is a good practice to avoid unexpected behavior and it is the same logic used by cyclonedx-dotnet.
But also in this case it is not a strong opinion, as you prefer.
thanks again, @davideicardi I've added some remarks in the files, that you need to consider. |
Signed-off-by: Davide Icardi <davide.icardi@gmail.com>
Signed-off-by: Davide Icardi <davide.icardi@gmail.com>
@jkowalleck Thank you for your feedbacks. I have added dependabot and fixed or answered to your points. Happy to contribute to cyclonedx ecosystem! |
Big thanks for this PR and for all the feedback. Much appreciated. |
Fix #191