Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add some hardening to the build script #1644

Open
wants to merge 1 commit into
base: development
Choose a base branch
from
Open

Add some hardening to the build script #1644

wants to merge 1 commit into from

Conversation

PromoFaux
Copy link
Member

What does this PR aim to accomplish?:

Drawing inspiration from: #1643 (comment)

And also from a comment where a user mentioned they could not run the build script due to missing buildx on their system. (I cannot find the comment...)

By submitting this pull request, I confirm the following:

  1. I have read and understood the contributors guide, as well as this entire template. I understand which branch to base my commits and Pull Requests against.
  2. I have commented my proposed changes within the code and I have tested my changes.
  3. I am willing to help maintain this change if there are issues with it later.
  4. It is compatible with the EUPL 1.2 license
  5. I have squashed any insignificant commits. (git rebase)
  • I have read the above and my PR is ready for review. Check this box to confirm

What does this PR aim to accomplish?:

By submitting this pull request, I confirm the following:

  1. I have read and understood the contributors guide, as well as this entire template. I understand which branch to base my commits and Pull Requests against.
  2. I have commented my proposed changes within the code and I have tested my changes.
  3. I am willing to help maintain this change if there are issues with it later.
  4. It is compatible with the EUPL 1.2 license
  5. I have squashed any insignificant commits. (git rebase)
  • I have read the above and my PR is ready for review. Check this box to confirm

@PromoFaux PromoFaux requested a review from a team September 11, 2024 21:39
@PromoFaux
Copy link
Member Author 

adam@adam-pc:~/repos/docker-pi-hole$ ./build.sh -f kjansdkajnsd
Error: FTL binary not found for branch 'kjansdkajnsd'. Exiting.
adam@adam-pc:~/repos/docker-pi-hole$ ./build.sh -c kjansdkajnsd
Error: Core branch 'kjansdkajnsd' not found. Exiting.
adam@adam-pc:~/repos/docker-pi-hole$ ./build.sh -p kjansdkajnsd
Error: PADD branch 'kjansdkajnsd' not found. Exiting.
adam@adam-pc:~/repos/docker-pi-hole$ ./build.sh -w kjansdkajnsd
Error: Web branch 'kjansdkajnsd' not found. Exiting.

And from my synology, which does not have buildx...

adam@fappotron:/volume1/copy$ ./build.sh
Error: Docker buildx is required to build this image. For installation instructions, see:
       https://github.com/docker/buildx#installing

And back to the main machine to prove it still works:

adam@adam-pc:~/repos/docker-pi-hole$ ./build.sh -c development -f development -w development -p development
Executing command: docker buildx build src/. --tag pihole:local --load --no-cache --build-arg CORE_BRANCH=development --build-arg FTL_BRANCH=development --build-arg WEB_BRANCH=development --build-arg PADD_BRANCH=development
[+] Building 5.4s (19/19) FINISHED                                             docker:default
 => [internal] load build definition from Dockerfile                                     0.0s
 => => transferring dockerfile: 4.04kB                                                   0.0s
 => resolve image config for docker-image://docker.io/docker/dockerfile:1                0.7s
 => CACHED docker-image://docker.io/docker/dockerfile:1@sha256:865e5dd094beca432e8c0a1d  0.0s
 => [internal] load metadata for docker.io/library/alpine:3.20                           0.6s
 => [internal] load .dockerignore                                                        0.0s
 => => transferring context: 82B                                                         0.0s
 => CACHED [base 1/9] FROM docker.io/library/alpine:3.20@sha256:beefdbd8a1da6d2915566fd  0.0s
 => CACHED [base 5/9] ADD --chmod=0755 https://raw.githubusercontent.com/pi-hole/PADD/d  0.2s
 => CACHED [base 3/9] ADD https://ftl.pi-hole.net/macvendor.db /macvendor.db             0.0s
 => [internal] load build context                                                        0.0s
 => => transferring context: 98B                                                         0.0s
 => [base 2/9] RUN apk add --no-cache     bash     bind-tools     binutils     coreutil  1.2s
 => [base 3/9] ADD https://ftl.pi-hole.net/macvendor.db /macvendor.db                    0.0s
 => [base 4/9] COPY crontab.txt /crontab.txt                                             0.0s
 => [base 5/9] ADD --chmod=0755 https://raw.githubusercontent.com/pi-hole/PADD/developm  0.0s
 => [base 6/9] RUN git clone --depth 1 --single-branch --branch development https://git  1.2s
 => [base 7/9] RUN cd /etc/.pihole &&     install -Dm755 -d /opt/pihole &&     install   0.4s
 => [base 8/9] COPY --chmod=0755 bash_functions.sh /usr/bin/bash_functions.sh            0.0s
 => [base 9/9] COPY --chmod=0755 start.sh /usr/bin/start.sh                              0.0s
 => [remote-ftl-install 1/1] RUN if   [ "linux/amd64" = "linux/amd64" ];    then FTLARC  0.9s
 => exporting to image                                                                   0.2s
 => => exporting layers                                                                  0.2s
 => => writing image sha256:d6d29ec346804c6153ad3794d552e502f020e7a043f76c9e81c90f005a4  0.0s
 => => naming to docker.io/library/pihole:local                                          0.0s

Successfully built Docker image with tag 'pihole:local'
REPOSITORY   TAG       IMAGE ID       CREATED                  SIZE
pihole       local     d6d29ec34680   Less than a second ago   89.9MB

@PromoFaux PromoFaux force-pushed the sanity-check-downloaded-FTL branch 2 times, most recently from c710042 to 1b0c41d Compare September 11, 2024 21:52
rdwebdesign
rdwebdesign reviewed Sep 11, 2024
View reviewed changes
build.sh Show resolved Hide resolved
yubiuser
yubiuser requested changes Sep 12, 2024
View reviewed changes
build.sh Show resolved Hide resolved
rdwebdesign
rdwebdesign requested changes Sep 12, 2024
View reviewed changes
build.sh Outdated Show resolved Hide resolved
@PromoFaux
Add some hardening to the build script. Check if system has docker bu…
5631794 
…ildx installed. When using custom branches, check they actuall exist before proceeding with the build

Signed-off-by: Adam Warner <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@DL6ER DL6ER DL6ER left review comments

@rdwebdesign rdwebdesign rdwebdesign approved these changes

@yubiuser yubiuser yubiuser approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@PromoFaux @rdwebdesign @DL6ER @yubiuser