-
-
Notifications
You must be signed in to change notification settings - Fork 128
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: mueller-ma <[email protected]>
- Loading branch information
1 parent
bf50d43
commit d31035d
Showing
3 changed files
with
21 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -21,6 +21,11 @@ jobs: | |
- name: Checkout | ||
uses: actions/checkout@v3 | ||
|
||
- name: Lint Dockerfile | ||
uses: hadolint/[email protected] | ||
with: | ||
dockerfile: ${{ matrix.distribution }}/Dockerfile | ||
|
||
- name: Set up Docker Buildx | ||
uses: docker/setup-buildx-action@v2 | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -36,7 +36,11 @@ LABEL org.opencontainers.image.created=$BUILD_DATE \ | |
org.opencontainers.image.source="https://github.com/openhab/openhab-docker.git" \ | ||
org.opencontainers.image.authors="openHAB <[email protected]>" | ||
|
||
# Install basepackages | ||
# https://github.com/hadolint/hadolint/wiki/DL4006 | ||
SHELL ["/bin/ash", "-eo", "pipefail", "-c"] | ||
|
||
# Install basepackages. Versions are "pinned" by using a pinned base image. | ||
# hadolint ignore=DL3018 | ||
RUN apk update --no-cache && \ | ||
apk add --no-cache \ | ||
arping \ | ||
|
@@ -60,11 +64,13 @@ RUN apk update --no-cache && \ | |
rm -rf /var/cache/apk/* | ||
|
||
# Limit JDK crypto policy by default to comply with local laws which may prohibit use of unlimited strength cryptography | ||
RUN JAVA_HOME=$(ls -d /usr/lib/jvm/*jdk*) && \ | ||
RUN JAVA_HOME=$(find /usr/lib/jvm/ -maxdepth 1 -name "*jdk*" -type d) && \ | ||
sed -i 's/^crypto.policy=unlimited/crypto.policy=limited/' "${JAVA_HOME}/conf/security/java.security" | ||
|
||
# Install openHAB | ||
# Set permissions for openHAB. Export TERM variable. See issue #30 for details! | ||
# Single quotes are used on purpose, so $TERM is expanded when running the container. | ||
# hadolint ignore=SC2016 | ||
RUN version="$(echo $OPENHAB_VERSION | sed 's/snapshot/SNAPSHOT/g')" && \ | ||
if [ $(echo $version | grep -E '^.+\.(M|RC).+$') ]; then url="https://openhab.jfrog.io/openhab/libs-milestone-local/org/openhab/distro/openhab/${version}/openhab-${version}.zip"; \ | ||
elif [ $(echo $version | grep -E '^4\..+-SNAPSHOT$') ]; then url="https://ci.openhab.org/job/openHAB-Distribution/lastSuccessfulBuild/artifact/distributions/openhab/target/openhab-${version}.zip"; \ | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -36,7 +36,11 @@ LABEL org.opencontainers.image.created=$BUILD_DATE \ | |
org.opencontainers.image.source="https://github.com/openhab/openhab-docker.git" \ | ||
org.opencontainers.image.authors="openHAB <[email protected]>" | ||
|
||
# Install basepackages | ||
# https://github.com/hadolint/hadolint/wiki/DL4006 | ||
SHELL ["/bin/bash", "-o", "pipefail", "-c"] | ||
|
||
# Install basepackages. Versions are "pinned" by using a pinned base image. | ||
# hadolint ignore=DL3008 | ||
RUN apt-get update && \ | ||
DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y \ | ||
arping \ | ||
|
@@ -62,11 +66,13 @@ RUN apt-get update && \ | |
rm -rf /var/lib/apt/lists/* | ||
|
||
# Limit JDK crypto policy by default to comply with local laws which may prohibit use of unlimited strength cryptography | ||
RUN JAVA_HOME=$(ls -d /usr/lib/jvm/*jdk* | tail -n 1) && \ | ||
RUN JAVA_HOME=$(find /usr/lib/jvm/ -maxdepth 1 -name "*jdk*" -type d) && \ | ||
sed -i 's/^crypto.policy=unlimited/crypto.policy=limited/' "${JAVA_HOME}/conf/security/java.security" | ||
|
||
# Install openHAB | ||
# Set permissions for openHAB. Export TERM variable. See issue #30 for details! | ||
# Single quotes are used on purpose, so $TERM is expanded when running the container. | ||
# hadolint ignore=SC2016 | ||
RUN version="$(echo $OPENHAB_VERSION | sed 's/snapshot/SNAPSHOT/g')" && \ | ||
if [ $(echo $version | grep -E '^.+\.(M|RC).+$') ]; then url="https://openhab.jfrog.io/openhab/libs-milestone-local/org/openhab/distro/openhab/${version}/openhab-${version}.zip"; \ | ||
elif [ $(echo $version | grep -E '^4\..+-SNAPSHOT$') ]; then url="https://ci.openhab.org/job/openHAB-Distribution/lastSuccessfulBuild/artifact/distributions/openhab/target/openhab-${version}.zip"; \ | ||
|