diff options
| author | おさむのひと <46447427+samunohito@users.noreply.github.com> | 2025-12-22 16:51:38 +0900 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-12-22 16:51:38 +0900 |
| commit | 5c5e9651519b944740944c32046e1a0c7bdafba8 (patch) | |
| tree | a69771550e2c39ecef2e147ad3bf4ec3844ade59 /.github/workflows | |
| parent | [skip ci] Update CHANGELOG.md (prepend template) (diff) | |
| download | misskey-5c5e9651519b944740944c32046e1a0c7bdafba8.tar.gz misskey-5c5e9651519b944740944c32046e1a0c7bdafba8.tar.bz2 misskey-5c5e9651519b944740944c32046e1a0c7bdafba8.zip | |
fix(ci): dockleのciをより安定して動かせるようにする (#16987)
Diffstat (limited to '.github/workflows')
| -rw-r--r-- | .github/workflows/dockle.yml | 39 |
1 files changed, 22 insertions, 17 deletions
diff --git a/.github/workflows/dockle.yml b/.github/workflows/dockle.yml index 45b8d23dda..ec7073c9fd 100644 --- a/.github/workflows/dockle.yml +++ b/.github/workflows/dockle.yml @@ -11,6 +11,7 @@ on: jobs: dockle: runs-on: ubuntu-latest + env: DOCKER_CONTENT_TRUST: 1 DOCKLE_VERSION: 0.4.15 @@ -20,29 +21,33 @@ jobs: - name: Download and install dockle v${{ env.DOCKLE_VERSION }} run: | + set -eux curl -L -o dockle.deb "https://github.com/goodwithtech/dockle/releases/download/v${DOCKLE_VERSION}/dockle_${DOCKLE_VERSION}_Linux-64bit.deb" sudo dpkg -i dockle.deb - - run: | - cp .config/docker_example.env .config/docker.env - cp ./compose_example.yml ./compose.yml - - - run: | - docker compose up -d web - IMAGE_ID=$(docker compose images --format json web | jq -r '.[0].ID') - docker tag "${IMAGE_ID}" misskey-web:latest - - - name: Prune docker junk (optional but recommended) + - name: Build web image (docker build) run: | - docker system prune -af - docker volume prune -f + set -eux + docker build -t "misskey-web:ci" . + docker image ls - - name: Save image for Dockle + - name: Mount tmpfs for Dockle tar + env: + TMPFS_SIZE: 8G run: | - docker save misskey-web:latest -o ./misskey-web.tar - ls -lh ./misskey-web.tar + set -eux + sudo mkdir -p /mnt/dockle-tmp + sudo mount -t tmpfs -o size=${{ env.TMPFS_SIZE }} tmpfs /mnt/dockle-tmp + free -h + df -h - - name: Run Dockle with tar input + - name: Save image tar into tmpfs run: | - dockle --exit-code 1 --input ./misskey-web.tar + set -eux + docker save misskey-web:ci -o /mnt/dockle-tmp/misskey-web.tar + ls -lh /mnt/dockle-tmp/misskey-web.tar + - name: Run Dockle Scan (tar input) + run: | + set -eux + dockle --exit-code 1 --input /mnt/dockle-tmp/misskey-web.tar |