Merge branch 'main' of https://github.com/CUBETIQ/calpine-node into main

Upgrade node to 16.15.0 and yarn 1.22.18 and add node git
Create snyk-container.yml
2022-05-06 10:37:41 +07:00 · 2022-05-06 10:37:14 +07:00 · 2022-03-26 09:37:32 +07:00 · 2022-03-26 09:37:09 +07:00
6 changed files with 140 additions and 7 deletions
--- a/.github/workflows/codacy.yml
+++ b/.github/workflows/codacy.yml
@ -0,0 +1,60 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+
+# This workflow checks out code, performs a Codacy security scan
+# and integrates the results with the
+# GitHub Advanced Security code scanning feature.  For more information on
+# the Codacy security scan action usage and parameters, see
+# https://github.com/codacy/codacy-analysis-cli-action.
+# For more information on Codacy Analysis CLI in general, see
+# https://github.com/codacy/codacy-analysis-cli.
+
+name: Codacy Security Scan
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ main ]
+  schedule:
+    - cron: '44 1 * * 2'
+
+permissions:
+  contents: read
+
+jobs:
+  codacy-security-scan:
+    permissions:
+      contents: read # for actions/checkout to fetch code
+      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
+    name: Codacy Security Scan
+    runs-on: ubuntu-latest
+    steps:
+      # Checkout the repository to the GitHub Actions runner
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
+      - name: Run Codacy Analysis CLI
+        uses: codacy/codacy-analysis-cli-action@d840f886c4bd4edc059706d09c6a1586111c540b
+        with:
+          # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository
+          # You can also omit the token and run the tools that support default configurations
+          project-token: ${{ secrets.CODACY_PROJECT_TOKEN }}
+          verbose: true
+          output: results.sarif
+          format: sarif
+          # Adjust severity of non-security issues
+          gh-code-scanning-compat: true
+          # Force 0 exit code to allow SARIF file generation
+          # This will handover control about PR rejection to the GitHub side
+          max-allowed-issues: 2147483647
+
+      # Upload the SARIF file generated in the previous step
+      - name: Upload SARIF results file
+        uses: github/codeql-action/upload-sarif@v1
+        with:
+          sarif_file: results.sarif
--- a/.github/workflows/snyk-container.yml
+++ b/.github/workflows/snyk-container.yml
@ -0,0 +1,48 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+
+# A sample workflow which checks out the code, builds a container
+# image using Docker and scans that image for vulnerabilities using
+# Snyk. The results are then uploaded to GitHub Security Code Scanning
+#
+# For more examples, including how to limit scans to only high-severity
+# issues, monitor images for newly disclosed vulnerabilities in Snyk and
+# fail PR checks for new vulnerabilities, see https://github.com/snyk/actions/
+
+name: Snyk Container
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ main ]
+  schedule:
+    - cron: '19 16 * * 0'
+
+jobs:
+  snyk:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+    - name: Build a Docker image
+      run: docker build -t your/image-to-test .
+    - name: Run Snyk to check Docker image for vulnerabilities
+      # Snyk can be used to break the build when it detects vulnerabilities.
+      # In this case we want to upload the issues to GitHub Code Scanning
+      continue-on-error: true
+      uses: snyk/actions/docker@14818c4695ecc4045f33c9cee9e795a788711ca4
+      env:
+        # In order to use the Snyk Action you will need to have a Snyk API token.
+        # More details in https://github.com/snyk/actions#getting-your-snyk-token
+        # or you can signup for free at https://snyk.io/login
+        SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+      with:
+        image: your/image-to-test
+        args: --file=Dockerfile
+    - name: Upload result to GitHub Code Scanning
+      uses: github/codeql-action/upload-sarif@v1
+      with:
+        sarif_file: snyk.sarif
--- a/6
+++ b/6
@ -4,8 +4,8 @@ LABEL maintainer="sombochea@cubetiqs.com"
 # Build with root access
 USER root

-ENV NODE_VERSION 16.13.1
-ENV NODE_SHA256 3b4c47e5554fa466651a767691fc76c09b6a514b49d79bbd0061e549614adedf
+ENV NODE_VERSION 16.15.0
+ENV NODE_SHA256 4db62cabc0647fc18f537ed10b5573f3c23ffb4d4434e40713e7e472f1ed4e55
 ENV USER_UID 1001

 RUN addgroup -g ${USER_UID} node \
@ -80,7 +80,7 @@ RUN addgroup -g ${USER_UID} node \
  && node --version \
  && npm --version

-ENV YARN_VERSION 1.22.17
+ENV YARN_VERSION 1.22.18

 RUN apk add --no-cache --virtual .build-deps-yarn curl gnupg tar \
  && for key in \
--- a/Dockerfile.git
+++ b/Dockerfile.git
@ -0,0 +1,12 @@
+FROM cubetiq/calpine-node:latest
+LABEL maintainer="sombochea@cubetiqs.com"
+
+RUN apk update && apk add --no-cache git
+
+COPY entrypoint.sh /usr/local/bin/
+
+RUN chmod +x /usr/local/bin/entrypoint.sh
+
+ENTRYPOINT ["entrypoint.sh"]
+
+CMD [ "node" ]
--- a/7
+++ b/7
@ -1,4 +1,5 @@
 DOCKER_IMAGE=cubetiq/calpine-node
+DOCKER_IMAGE_GIT=cubetiq/calpine-node-git
 DOCKER_IMAGE_NAME=${DOCKER_IMAGE}:16

 build:
@ -10,4 +11,10 @@ build:
 	docker push ${DOCKER_IMAGE}
 	docker push ${DOCKER_IMAGE_NAME}

+	@echo 'Starting docker build with git'
+	docker build -f Dockfile.git . -t ${DOCKER_IMAGE}
+
+	@echo 'Starting docker push with git'
+	docker push ${DOCKER_IMAGE_GIT}
+
 .PHONY:build
--- a/README.md
+++ b/README.md
@ -1,22 +1,26 @@
 # CUBETIQ Alpine OS Linux with Nodejs 16
+
 ![Docker Image Size (latest by date)](https://img.shields.io/docker/image-size/cubetiq/calpine-node)
 ![Docker Pulls](https://img.shields.io/docker/pulls/cubetiq/calpine-node)

- CUBETIQ Alpine OS Linux (3.13.3)
- Nodejs 16 (16.13.1)
- Yarn 1.22.17
+- CUBETIQ Alpine OS Linux
+- Nodejs 16 (16.15.0)
+- Yarn 1.22.18

 # [Docker Hub](https://hub.docker.com/r/cubetiq/calpine-node)
+
 ```shell
 docker push cubetiq/calpine-node:latest
 ```

 # Usage
+
 ```shell
 docker run --rm -it cubetiq/calpine-node:latest /bin/sh
 ```

 # Example
+
 ```Dockerfile
 FROM cubetiq/calpine-node:latest
 LABEL maintainer="sombochea@cubetiqs.com"
@ -31,9 +35,11 @@ CMD [ "node" , "index.js"]
 ```

 # Contributors
+
 - Sambo Chea <sombochea@cubetiqs.com>

 # License
+
 ```text
 MIT License

@ -55,4 +61,4 @@ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECT
-```
+```
Author	SHA1	Message	Date
Sambo Chea	213a15cb3f	Merge branch 'main' of https://github.com/CUBETIQ/calpine-node into main	2022-05-06 10:37:41 +07:00
Sambo Chea	cb5d8ace85	Upgrade node to 16.15.0 and yarn 1.22.18 and add node git	2022-05-06 10:37:14 +07:00
Sambo Chea	d3f391d0d3	Create snyk-container.yml	2022-03-26 09:37:32 +07:00
Sambo Chea	4184035a4a	Create codacy.yml	2022-03-26 09:37:09 +07:00