Commit 59fd3d46 authored by Kevin Daudt's avatar Kevin Daudt 💻

docker: switch to go secdb implementation

Build the go secdb application and adopt generate_secdb.sh to run it.
parent 83c37f5c
FROM alpinelinux/mqtt-exec
FROM alpinelinux/golang as build
ENV NQDIR=/tmp
COPY --chown=build:build src /home/build/src
WORKDIR /home/build/src
RUN go build -v secdb
RUN apk --no-cache add lua5.3 lua5.3-lyaml lua5.3-optarg lua5.3-cjson nq git
FROM alpinelinux/mqtt-exec
RUN apk --no-cache add nq git
COPY --from=build /home/build/src/secdb /usr/local/bin/secdb
COPY scripts /usr/local/bin
ENV NQDIR=/tmp
CMD [ "/usr/bin/nq", "-c", "generate_secdb.sh" ]
......@@ -6,7 +6,8 @@ REPOS="main community"
BRANCH=${1##*/}
case $BRANCH in
master|commits) exit 0 ;;
commits) exit 0 ;;
master) RELEASE=edge;;
*-stable) RELEASE=v${BRANCH/-stable/} ;;
*) echo "unknown branch: \"$BRANCH\"" ; exit 1 ;;
esac
......@@ -26,15 +27,17 @@ for REPO in $REPOS; do
fi
echo "Generating secdb for $RELEASE/$REPO"
TMPFILE=$(mktemp)
secfixes.lua \
secdb \
--repo "$REPO" --release "$RELEASE" \
"$HOME"/aports/"$REPO"/*/APKBUILD > "$TMPFILE"
if cmp -s "$TMPFILE" /var/www/html/"$RELEASE"/"$REPO".yaml; then
-outYaml "$TMPFILE".yaml \
-outJson "$TMPFILE".json \
"$HOME"/aports/"$REPO"/*/APKBUILD
if cmp -s "$TMPFILE".yaml /var/www/html/"$RELEASE"/"$REPO".yaml; then
echo "No changes found yml secfixes, skipping."
else
secfixes.lua --verify "$TMPFILE"
install -D "$TMPFILE" /var/www/html/"$RELEASE"/"$REPO".yaml
yaml2json.lua "$TMPFILE" > /var/www/html/"$RELEASE"/"$REPO".json
for ext in yaml json; do
install -D "$TMPFILE.$ext" /var/www/html/"$RELEASE/$REPO.$ext"
done
fi
rm -f "$TMPFILE"
rm -f "$TMPFILE.yaml" "$TMPFILE.json"
done
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment