diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index c978933..270df1a 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -9,11 +9,11 @@ on: #schedule: # - cron: '35 11 * * *' push: - branches: [ main ] + branches: [ main, container-tag-slim ] # Publish semver tags as releases. tags: [ 'v*.*.*' ] pull_request: - branches: [ main ] + branches: [ main, container-tag-slim ] env: # Use docker.io for Docker Hub if empty diff --git a/Dockerfile b/Dockerfile index 8a61a6d..a79c5f6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,65 +1,19 @@ -FROM node:24.0.2-slim +FROM alpine:3.22 -ENV DEBIAN_FRONTEND noninteractive -ENV PNPM_VERSION 10.11.0 -ENV TURBO_VERSION 2.5.3 -ENV TSX_VERSION 4.19.4 -ENV TS_NODE 10.9.2 -ENV SWC_CORE 1.11.24 -ENV AWS_CLI 2.27.19 -ENV BUILDKIT_VERSION 0.21.1 +ENV AWS_CLI=2.27.25-r0 -RUN apt-get update -y \ - && apt-get install -y --no-install-recommends \ - software-properties-common \ +RUN apk update \ + && apk add --no-cache \ ca-certificates \ - build-essential \ + build-base \ + bash \ wget \ jq \ patch \ - python3 \ curl \ unzip \ - git \ - && apt-get clean + aws-cli=${AWS_CLI} \ + # docker cli tool + skopeo -# install awscli v2. see https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html -RUN curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64-${AWS_CLI}.zip" -o /tmp/awscliv2.zip \ - && unzip /tmp/awscliv2.zip -d /tmp/ \ - && /tmp/aws/install \ - && rm /tmp/awscliv2.zip \ - && rm -rf /tmp/aws - -# install node packages -RUN npm i -g pnpm@${PNPM_VERSION} turbo@${TURBO_VERSION} tsx@${TSX_VERSION} ts-node@${TS_NODE} @swc/core@${SWC_CORE} - -RUN curl -L "https://github.com/moby/buildkit/releases/download/v${BUILDKIT_VERSION}/buildkit-v${BUILDKIT_VERSION}.linux-amd64.tar.gz" -o /tmp/buildkit.tar.gz \ - && mkdir -p /tmp/buildkit \ - && tar -C /tmp/buildkit -xzf /tmp/buildkit.tar.gz \ - && mv /tmp/buildkit/bin/buildctl /usr/bin/buildctl \ - && chmod a+x /usr/bin/buildctl \ - && rm -rf /tmp/buildkit \ - && rm /tmp/buildkit.tar.gz - -# install kubectl -RUN curl -L "https://dl.k8s.io/release/v1.30.13/bin/linux/amd64/kubectl" -o "/usr/bin/kubectl-v1.30" \ - && curl -L "https://dl.k8s.io/release/v1.31.9/bin/linux/amd64/kubectl" -o "/usr/bin/kubectl-v1.31" \ - && curl -L "https://dl.k8s.io/release/v1.32.5/bin/linux/amd64/kubectl" -o "/usr/bin/kubectl-v1.32" \ - && chmod a+x /usr/bin/kubectl* - -RUN ln -s /usr/bin/kubectl-v1.32 /usr/bin/kubectl - -# install golang -COPY --from=golang:1.22.0 /usr/local/go/ /usr/local/go/ -ENV GOPATH /go -ENV PATH $GOPATH/bin:/usr/local/go/bin:/usr/bin:${PATH} - -# install amazon-ecr-credential-helper -RUN curl -L "https://amazon-ecr-credential-helper-releases.s3.us-east-2.amazonaws.com/0.9.1/linux-amd64/docker-credential-ecr-login" -o "/usr/bin/docker-credential-ecr-login" \ - && chmod a+x /usr/bin/docker-credential-ecr-login - -RUN mkdir -p "$GOPATH/src" "$GOPATH/bin" && chmod -R 777 "$GOPATH" - -# install uv -# https://docs.astral.sh/uv/reference/installer/#unmanaged-installations -RUN curl -LsSf https://astral.sh/uv/install.sh | env UV_UNMANAGED_INSTALL="/usr/bin" sh \ No newline at end of file +COPY script /script diff --git a/script/add-container-tag b/script/add-container-tag new file mode 100755 index 0000000..bc121b3 --- /dev/null +++ b/script/add-container-tag @@ -0,0 +1,92 @@ +#!/bin/bash -e + +add_docker_tag() { + local IMAGE_PATH="$1" + local NEW_TAG="$2" + local USERNAME="$3" + local PASSWORD="$4" + + local REGISTRY_URL=$(echo $IMAGE_PATH | cut -d'/' -f1) + local REPO_PATH=$(echo $IMAGE_PATH | cut -d'/' -f2- | cut -d':' -f1) + local CURRENT_TAG=$(echo $IMAGE_PATH | cut -d':' -f2) + + # 붙일 태그가 없으면 에러 + if [[ -z "$CURRENT_TAG" ]]; then + echo "Error: Current tag not found in image path '$IMAGE_PATH'" + return 1 + fi + + if [[ -z "$NEW_TAG" ]]; then + echo "Error: New tag is empty" + return 1 + fi + + echo "Start tagging: $REGISTRY_URL/$REPO_PATH, $CURRENT_TAG -> $NEW_TAG" + + local SOURCE_IMAGE="docker://$REGISTRY_URL/$REPO_PATH:$CURRENT_TAG" + local DEST_IMAGE="docker://$REGISTRY_URL/$REPO_PATH:$NEW_TAG" + + local AUTH_OPTS="" + if [[ -n "$USERNAME" && -n "$PASSWORD" ]]; then + echo "Using provided credentials for authentication: user=$USERNAME password=$PASSWORD" + AUTH_OPTS="--src-creds $USERNAME:$PASSWORD --dest-creds $USERNAME:$PASSWORD" + fi + + echo "Adding new tag '$NEW_TAG'..." + + if skopeo copy $AUTH_OPTS "$SOURCE_IMAGE" "$DEST_IMAGE"; then + echo "Successfully added tag '$NEW_TAG' to $IMAGE_PATH" + return 0 + else + echo "Error: Failed to add tag '$NEW_TAG'" + return 1 + fi +} + + +TAG_TO_ADD=$1 +DOCKER_REGISTRY=$2 +TOKEN=$3 + +if [ -z "$TAG_TO_ADD" ] || [ -z "$DOCKER_REGISTRY" ]; then + echo "Usage: echo -e 'image1\\nimage2\\nimage3' | $0 [token]" + exit 1 +fi + +# if ECR +if [[ "$DOCKER_REGISTRY" == *".dkr.ecr."* ]]; then + USERNAME="AWS" + PASSWORD=$(aws ecr get-login-password --region us-east-1) +else + USERNAME=$(echo "$TOKEN" | base64 -d | cut -d: -f1) + PASSWORD=$(echo "$TOKEN" | base64 -d | cut -d: -f2) +fi + +if [[ -z "$PASSWORD" && "$DOCKER_REGISTRY" == *".dkr.ecr."* ]]; then + echo "Error: ECR token is required for ECR registry" + exit 1 +fi + +if [[ -z "$TOKEN" ]]; then + echo "Error: Token is required for non-ECR registry" + exit 1 +fi + +# stdin에서 이미지 목록을 배열로 읽기 +mapfile -t IMAGES +if [ ${#IMAGES[@]} -eq 0 ]; then + echo "Error: No images found" + exit 1 +fi + +for IMAGE in "${IMAGES[@]}"; do + if [[ $IMAGE != *"$DOCKER_REGISTRY"* ]]; then + echo "Skipping: $IMAGE (not from $DOCKER_REGISTRY)" + continue + fi + + echo "add_docker_tag $IMAGE $TAG_TO_ADD $USERNAME" + add_docker_tag "$IMAGE" "$TAG_TO_ADD" "$USERNAME" "$PASSWORD" & +done +wait +