feat(ci): Add version as tag, when publishing on Docker Hub #306
Conversation
* master: (64 commits) chore(release): 1.30.6 [skip ci] fix(ui): Resizing the page should not scroll to the top (#303) chore(release): 1.30.5 [skip ci] fix(tests): Migrate acceptance tests from Webdriver to Cypress (#301) chore(release): 1.30.4 [skip ci] fix(tests): create dummy posts from cypress tests instead of from initdb_testing (#304) chore(release): 1.30.3 [skip ci] fix(tests): Reset database between each Cypress tests (#302) chore(release): 1.30.2 [skip ci] fix(ui): Display correct track error message when using electron app (#294) chore(release): 1.30.1 [skip ci] fix(error): 404 redirect when clicking load more on account stream (#296) test(#295): add non-regression test for pagination (#299) chore(release): 1.30.0 [skip ci] feat(ci): separate ci tasks for each type of tests (#298) chore(release): 1.29.0 [skip ci] feat(ci): enable TypeScript in Cypress tests (#297) remove browser cache hack preventing css from displaying correct logo (#293) chore(release): 1.28.2 [skip ci] fix(ui): never-ending loading animation on empty search (#260) ... # Conflicts: # .github/workflows/nodejs.yml
adrienjoly
changed the title
|
👋 hi ! |
|
Regarsing secrets, I need to have a deeper look into the code. I'll let you know today when I have time for this. Cheers |
|
Yo @Djiit, thank you so much for the reply, and for the offer to help! I'm not experienced with publishing docker images publicly (and probably not as experienced as you with Docker), so I'd love to feel more confident about not leaking secrets over there ^^ First things that come to mind, if that's any help about where to look first:
Do you think you could have a look? |
|
Hey, I didnt find any secrets after a quick search. Algolia Key is public anyway so it's ok to share it in the code; but you could remove it to be more strict. The secrets suggested by your link are stored into the docker container in charge of build your docker (sic) image. No worries ! |
|
What you can do is a quick tour of the built image env. build this image locally, then run sh on it ( And you will be good to go ! |
|
Thanks for your reply and suggestions, @Djiit, that's very reassuring and helping for me! 😌 I'll do a quick tour, as you suggested, and hope to merge this before the end of the weekend! 💪 Au plaisir, Julien ! |
Before applying improvements recommended in [Docker and Node.js Best Practices from Bret Fisher at DockerCon - YouTube](https://www.youtube.com/watch?v=Zgx0o8QjJk4), let's prevent regressions on our Docker image by regularly running our tests against it. => GitHub Actions should run a "Docker" workflow on every pull request. Proposed next step: merge PR #306, to see the history of releases in Docker Hub.
|
I found no secrets while exploring the image using Next step: try to reduce the size of the published images. (#309) Thanks again for your help, Julien! EDIT: Souvenir of what our docker hub profile looks like before merging this PR:
|
# [1.33.0](v1.32.0...v1.33.0) (2020-03-28) ### Features * **ci:** add version as tag, when publishing on Docker Hub ([#306](#306)) ([dca5597](dca5597))
Follow up for PR #306, based on suggestions from jerray/publish-docker-action#11 (comment)
## [1.34.1](v1.34.0...v1.34.1) (2020-04-05) ### Bug Fixes * **release:** attempt to publish tags on docker hub ([#320](#320)) ([bc64ec0](bc64ec0)), closes [#306](#306) [/github.com/jerray/publish-docker-action/issues/11#issuecomment-607077257](https://github.com//github.com/jerray/publish-docker-action/issues/11/issues/issuecomment-607077257)
So far, we've been publishing images to Docker Hub systematically with the
latesttag. This means that we overwrite the previous version of the image everytime, instead of allowing users to download a specific version of the Openwhyd docker image.This PR should create a dedicated tag for each version.
Tests / open questions
Before doing so, can anyone make sure that we're not leaking anythink that we may regret later? (e.g. secrets)