Skip to content

Commit 3a633e6

Browse files
hummeltechhummeltech
authored
Dockerfile cleaning (openstreetmap#458)
* Add `Dockerfile` linting with `hadolint` * Fix minor `Dockerfile` issues found by `hadolint`
1 parent 41b882e commit 3a633e6

File tree

12 files changed

+143
-94
lines changed

12 files changed

+143
-94
lines changed

.github/workflows/docker-image-build.yml

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -9,9 +9,24 @@ on:
99
- ".github/workflows/docker-image-build.yml"
1010

1111
jobs:
12+
dockerfile-lint:
13+
name: Lint Dockerfiles
14+
runs-on: ubuntu-latest
15+
steps:
16+
- name: Checkout repository
17+
uses: actions/checkout@v4
18+
19+
- name: Lint with hadolint
20+
uses: hadolint/[email protected]
21+
with:
22+
dockerfile: Dockerfile*
23+
failure-threshold: warning
24+
recursive: true
25+
1226
docker-image-build:
1327
continue-on-error: ${{ matrix.experimental || false }}
1428
name: Build & Test (${{ matrix.service-name }})
29+
needs: dockerfile-lint
1530
runs-on: ubuntu-latest
1631
strategy:
1732
matrix:

docker/archlinux/Dockerfile

Lines changed: 14 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,17 @@
1+
# hadolint global ignore=DL3025,DL3059
12
# Arguments
3+
ARG archlinux_version=latest
24
ARG runner_additional_packages
35

46
# Builder
5-
FROM archlinux:latest as builder
7+
FROM archlinux:${archlinux_version} AS builder
8+
9+
## Arguments
10+
ARG archlinux_version
611

712
## Install builder dependencies
8-
RUN --mount=id=archlinux:latest-/var/cache/pacman/pkg,sharing=locked,target=/var/cache/pacman/pkg,type=cache \
9-
--mount=id=archlinux:latest-/var/lib/pacman/sync,sharing=locked,target=/var/lib/pacman/sync,type=cache \
13+
RUN --mount=type=cache,sharing=locked,id=archlinux:${archlinux_version}-/var/cache/pacman/pkg,target=/var/cache/pacman/pkg \
14+
--mount=type=cache,sharing=locked,id=archlinux:${archlinux_version}-/var/lib/pacman/sync,target=/var/lib/pacman/sync \
1015
pacman --sync --refresh --sysupgrade --noconfirm \
1116
apache \
1217
apr \
@@ -29,7 +34,7 @@ RUN --mount=id=archlinux:latest-/var/cache/pacman/pkg,sharing=locked,target=/var
2934
## Build, Test & Install `mod_tile`
3035
COPY . /tmp/mod_tile_src
3136
WORKDIR /tmp/mod_tile_build
32-
RUN export CMAKE_BUILD_PARALLEL_LEVEL=$(nproc) && \
37+
RUN CMAKE_BUILD_PARALLEL_LEVEL="$(nproc)" && export CMAKE_BUILD_PARALLEL_LEVEL && \
3338
cmake -B . -S /tmp/mod_tile_src \
3439
-DCMAKE_BUILD_TYPE:STRING=Release \
3540
-DCMAKE_CXX_STANDARD:STRING=17 \
@@ -39,20 +44,21 @@ RUN export CMAKE_BUILD_PARALLEL_LEVEL=$(nproc) && \
3944
-DCMAKE_INSTALL_SYSCONFDIR:PATH=/etc \
4045
-DENABLE_TESTS:BOOL=ON && \
4146
cmake --build .
42-
RUN export CTEST_PARALLEL_LEVEL=$(nproc) && \
47+
RUN CTEST_PARALLEL_LEVEL="$(nproc)" && export CTEST_PARALLEL_LEVEL && \
4348
ctest --output-on-failure
4449
RUN export DESTDIR=/tmp/mod_tile && \
4550
cmake --install . --strip
4651

4752
# Runner
48-
FROM archlinux:latest as runner
53+
FROM archlinux:${archlinux_version} AS runner
4954

5055
## Arguments
56+
ARG archlinux_version
5157
ARG runner_additional_packages
5258

5359
## Install runner dependencies
54-
RUN --mount=id=archlinux:latest-/var/cache/pacman/pkg,sharing=locked,target=/var/cache/pacman/pkg,type=cache \
55-
--mount=id=archlinux:latest-/var/lib/pacman/sync,sharing=locked,target=/var/lib/pacman/sync,type=cache \
60+
RUN --mount=type=cache,sharing=locked,id=archlinux:${archlinux_version}-/var/cache/pacman/pkg,target=/var/cache/pacman/pkg \
61+
--mount=type=cache,sharing=locked,id=archlinux:${archlinux_version}-/var/lib/pacman/sync,target=/var/lib/pacman/sync \
5662
pacman --sync --refresh --sysupgrade --noconfirm ${runner_additional_packages} \
5763
apache \
5864
cairo \

docker/centos/stream/Dockerfile

Lines changed: 13 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -1,18 +1,19 @@
1+
# hadolint global ignore=DL3025,DL3040,DL3041,DL3059
12
# Arguments
23
ARG centos_stream_version=9
34
ARG extra_repository=crb
45
ARG mapnik_version=4.0.0
56

67
# Mapnik Builder
7-
FROM quay.io/centos/centos:stream${centos_stream_version} as mapnik-builder
8+
FROM quay.io/centos/centos:stream${centos_stream_version} AS mapnik-builder
89

910
## Arguments
1011
ARG centos_stream_version
1112
ARG extra_repository
1213
ARG mapnik_version
1314

1415
## Install mapnik-builder dependencies
15-
RUN --mount=id=centos:stream${centos_stream_version}-/var/cache/dnf,target=/var/cache/dnf,type=cache,sharing=locked \
16+
RUN --mount=type=cache,sharing=locked,id=centos:stream${centos_stream_version}-/var/cache/dnf,target=/var/cache/dnf \
1617
echo "install_weak_deps=False" >> /etc/dnf/dnf.conf && \
1718
echo "keepcache=True" >> /etc/dnf/dnf.conf && \
1819
dnf --assumeyes install "dnf-command(config-manager)" && \
@@ -43,14 +44,14 @@ RUN --mount=id=centos:stream${centos_stream_version}-/var/cache/dnf,target=/var/
4344

4445
## Download, Build & Install `Mapnik`
4546
WORKDIR /tmp/mapnik_src
46-
RUN --mount=id=centos:stream${centos_stream_version}-mapnik-src:${mapnik_version},target=/tmp/mapnik_src,type=cache \
47+
RUN --mount=type=cache,id=centos:stream${centos_stream_version}-mapnik-src:${mapnik_version},target=/tmp/mapnik_src \
4748
if [ ! -f CMakeLists.txt ]; then \
4849
git clone --branch v${mapnik_version} --depth 1 --jobs 8 --recurse-submodules https://github.com/mapnik/mapnik.git /tmp/mapnik_src; \
4950
fi
5051
WORKDIR /tmp/mapnik_build
51-
RUN --mount=id=centos:stream${centos_stream_version}-mapnik-src:${mapnik_version},target=/tmp/mapnik_src,type=cache \
52-
--mount=id=centos:stream${centos_stream_version}-mapnik-build:${mapnik_version},target=/tmp/mapnik_build,type=cache \
53-
export CMAKE_BUILD_PARALLEL_LEVEL=$(nproc) && \
52+
RUN --mount=type=cache,id=centos:stream${centos_stream_version}-mapnik-src:${mapnik_version},target=/tmp/mapnik_src \
53+
--mount=type=cache,id=centos:stream${centos_stream_version}-mapnik-build:${mapnik_version},target=/tmp/mapnik_build \
54+
CMAKE_BUILD_PARALLEL_LEVEL="$(nproc)" && export CMAKE_BUILD_PARALLEL_LEVEL && \
5455
export DESTDIR=/tmp/mapnik && \
5556
cmake -B . -S /tmp/mapnik_src \
5657
-DBUILD_BENCHMARK:BOOL=OFF \
@@ -70,14 +71,14 @@ RUN --mount=id=centos:stream${centos_stream_version}-mapnik-src:${mapnik_version
7071
cmake --install . --strip
7172

7273
# Builder
73-
FROM quay.io/centos/centos:stream${centos_stream_version} as builder
74+
FROM quay.io/centos/centos:stream${centos_stream_version} AS builder
7475

7576
## Arguments
7677
ARG centos_stream_version
7778
ARG extra_repository
7879

7980
## Install builder dependencies
80-
RUN --mount=id=centos:stream${centos_stream_version}-/var/cache/dnf,target=/var/cache/dnf,type=cache,sharing=locked \
81+
RUN --mount=type=cache,sharing=locked,id=centos:stream${centos_stream_version}-/var/cache/dnf,target=/var/cache/dnf \
8182
echo "install_weak_deps=False" >> /etc/dnf/dnf.conf && \
8283
echo "keepcache=True" >> /etc/dnf/dnf.conf && \
8384
dnf --assumeyes install "dnf-command(config-manager)" && \
@@ -117,7 +118,7 @@ COPY --from=mapnik-builder /tmp/mapnik /
117118
## Build, Test & Install `mod_tile`
118119
COPY . /tmp/mod_tile_src
119120
WORKDIR /tmp/mod_tile_build
120-
RUN export CMAKE_BUILD_PARALLEL_LEVEL=$(nproc) && \
121+
RUN CMAKE_BUILD_PARALLEL_LEVEL="$(nproc)" && export CMAKE_BUILD_PARALLEL_LEVEL && \
121122
cmake -B . -S /tmp/mod_tile_src \
122123
-DCMAKE_BUILD_TYPE:STRING=Release \
123124
-DCMAKE_INSTALL_LOCALSTATEDIR:PATH=/var \
@@ -126,20 +127,20 @@ RUN export CMAKE_BUILD_PARALLEL_LEVEL=$(nproc) && \
126127
-DCMAKE_INSTALL_SYSCONFDIR:PATH=/etc \
127128
-DENABLE_TESTS:BOOL=ON && \
128129
cmake --build .
129-
RUN export CTEST_PARALLEL_LEVEL=$(nproc) && \
130+
RUN CTEST_PARALLEL_LEVEL="$(nproc)" && export CTEST_PARALLEL_LEVEL && \
130131
ctest --output-on-failure
131132
RUN export DESTDIR=/tmp/mod_tile && \
132133
cmake --install . --strip
133134

134135
# Runner
135-
FROM quay.io/centos/centos:stream${centos_stream_version} as runner
136+
FROM quay.io/centos/centos:stream${centos_stream_version} AS runner
136137

137138
## Arguments
138139
ARG centos_stream_version
139140
ARG extra_repository
140141

141142
## Install runner dependencies
142-
RUN --mount=id=centos:stream${centos_stream_version}-/var/cache/dnf,target=/var/cache/dnf,type=cache,sharing=locked \
143+
RUN --mount=type=cache,sharing=locked,id=centos:stream${centos_stream_version}-/var/cache/dnf,target=/var/cache/dnf \
143144
echo "install_weak_deps=False" >> /etc/dnf/dnf.conf && \
144145
echo "keepcache=True" >> /etc/dnf/dnf.conf && \
145146
dnf --assumeyes install "dnf-command(config-manager)" && \

docker/centos/stream/Dockerfile.autotools

Lines changed: 14 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -1,18 +1,19 @@
1+
# hadolint global ignore=DL3025,DL3040,DL3041,DL3059
12
# Arguments
23
ARG centos_stream_version=9
34
ARG extra_repository=crb
45
ARG mapnik_version=4.0.0
56

67
# Mapnik Builder
7-
FROM quay.io/centos/centos:stream${centos_stream_version} as mapnik-builder
8+
FROM quay.io/centos/centos:stream${centos_stream_version} AS mapnik-builder
89

910
## Arguments
1011
ARG centos_stream_version
1112
ARG extra_repository
1213
ARG mapnik_version
1314

1415
## Install mapnik-builder dependencies
15-
RUN --mount=id=centos:stream${centos_stream_version}-/var/cache/dnf,target=/var/cache/dnf,type=cache,sharing=locked \
16+
RUN --mount=type=cache,sharing=locked,id=centos:stream${centos_stream_version}-/var/cache/dnf,target=/var/cache/dnf \
1617
echo "install_weak_deps=False" >> /etc/dnf/dnf.conf && \
1718
echo "keepcache=True" >> /etc/dnf/dnf.conf && \
1819
dnf --assumeyes install "dnf-command(config-manager)" && \
@@ -43,14 +44,14 @@ RUN --mount=id=centos:stream${centos_stream_version}-/var/cache/dnf,target=/var/
4344

4445
## Download, Build & Install `Mapnik`
4546
WORKDIR /tmp/mapnik_src
46-
RUN --mount=id=centos:stream${centos_stream_version}-mapnik-src:${mapnik_version},target=/tmp/mapnik_src,type=cache \
47+
RUN --mount=type=cache,id=centos:stream${centos_stream_version}-mapnik-src:${mapnik_version},target=/tmp/mapnik_src \
4748
if [ ! -f CMakeLists.txt ]; then \
4849
git clone --branch v${mapnik_version} --depth 1 --jobs 8 --recurse-submodules https://github.com/mapnik/mapnik.git /tmp/mapnik_src; \
4950
fi
5051
WORKDIR /tmp/mapnik_build
51-
RUN --mount=id=centos:stream${centos_stream_version}-mapnik-src:${mapnik_version},target=/tmp/mapnik_src,type=cache \
52-
--mount=id=centos:stream${centos_stream_version}-mapnik-build:${mapnik_version},target=/tmp/mapnik_build,type=cache \
53-
export CMAKE_BUILD_PARALLEL_LEVEL=$(nproc) && \
52+
RUN --mount=type=cache,id=centos:stream${centos_stream_version}-mapnik-src:${mapnik_version},target=/tmp/mapnik_src \
53+
--mount=type=cache,id=centos:stream${centos_stream_version}-mapnik-build:${mapnik_version},target=/tmp/mapnik_build \
54+
CMAKE_BUILD_PARALLEL_LEVEL="$(nproc)" && export CMAKE_BUILD_PARALLEL_LEVEL && \
5455
export DESTDIR=/tmp/mapnik && \
5556
cmake -B . -S /tmp/mapnik_src \
5657
-DBUILD_BENCHMARK:BOOL=OFF \
@@ -70,14 +71,14 @@ RUN --mount=id=centos:stream${centos_stream_version}-mapnik-src:${mapnik_version
7071
cmake --install . --strip
7172

7273
# Builder
73-
FROM quay.io/centos/centos:stream${centos_stream_version} as builder
74+
FROM quay.io/centos/centos:stream${centos_stream_version} AS builder
7475

7576
## Arguments
7677
ARG centos_stream_version
7778
ARG extra_repository
7879

7980
## Install builder dependencies
80-
RUN --mount=id=centos:stream${centos_stream_version}-/var/cache/dnf,target=/var/cache/dnf,type=cache,sharing=locked \
81+
RUN --mount=type=cache,sharing=locked,id=centos:stream${centos_stream_version}-/var/cache/dnf,target=/var/cache/dnf \
8182
echo "install_weak_deps=False" >> /etc/dnf/dnf.conf && \
8283
echo "keepcache=True" >> /etc/dnf/dnf.conf && \
8384
dnf --assumeyes install "dnf-command(config-manager)" && \
@@ -121,14 +122,14 @@ RUN export DESTDIR=/tmp/mod_tile && \
121122
RUN make test
122123

123124
# Runner
124-
FROM quay.io/centos/centos:stream${centos_stream_version} as runner
125+
FROM quay.io/centos/centos:stream${centos_stream_version} AS runner
125126

126127
## Arguments
127128
ARG centos_stream_version
128129
ARG extra_repository
129130

130131
## Install runner dependencies
131-
RUN --mount=id=centos:stream${centos_stream_version}-/var/cache/dnf,target=/var/cache/dnf,type=cache,sharing=locked \
132+
RUN --mount=type=cache,sharing=locked,id=centos:stream${centos_stream_version}-/var/cache/dnf,target=/var/cache/dnf \
132133
echo "install_weak_deps=False" >> /etc/dnf/dnf.conf && \
133134
echo "keepcache=True" >> /etc/dnf/dnf.conf && \
134135
dnf --assumeyes install "dnf-command(config-manager)" && \
@@ -162,13 +163,15 @@ COPY --from=builder \
162163
/etc/httpd/conf.d/renderd-example-map.conf
163164

164165
## Fix mapnik directories
166+
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
165167
RUN sed \
166168
--expression "s#/usr/lib/mapnik/3.1/input#$(find /usr -mindepth 1 -type d -name input | grep mapnik)#g" \
167169
--expression "s#/usr/share/fonts/truetype#/usr/share/fonts#g" \
168170
/usr/local/etc/renderd.conf > /etc/renderd.conf
171+
SHELL ["/bin/sh", "-c"]
169172

170173
## Add configuration
171-
RUN printf "LoadModule tile_module $(find /usr -name mod_tile.so)\n" > /etc/httpd/conf.modules.d/11-tile.conf
174+
RUN printf "LoadModule tile_module %s\n" "$(find /usr -name mod_tile.so)" > /etc/httpd/conf.modules.d/11-tile.conf
172175
RUN printf '\n[example-map]\nMAXZOOM=20\nMINZOOM=0\nURI=/tiles/renderd-example\nXML=/usr/share/renderd/example-map/mapnik.xml\n' >> /etc/renderd.conf
173176
RUN printf '\n[example-map-jpg]\nMAXZOOM=20\nMINZOOM=0\nTYPE=jpg image/jpeg jpeg\nURI=/tiles/renderd-example-jpg\nXML=/usr/share/renderd/example-map/mapnik.xml\n' >> /etc/renderd.conf
174177
RUN printf '\n[example-map-png256]\nMAXZOOM=20\nMINZOOM=0\nTYPE=png image/png png256\nURI=/tiles/renderd-example-png256\nXML=/usr/share/renderd/example-map/mapnik.xml\n' >> /etc/renderd.conf

docker/centos/stream/Dockerfile.mapnik-latest

Lines changed: 13 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -1,16 +1,17 @@
1+
# hadolint global ignore=DL3025,DL3040,DL3041,DL3059
12
# Arguments
23
ARG centos_stream_version=9
34
ARG extra_repository=crb
45

56
# Mapnik Builder
6-
FROM quay.io/centos/centos:stream${centos_stream_version} as mapnik-builder
7+
FROM quay.io/centos/centos:stream${centos_stream_version} AS mapnik-builder
78

89
## Arguments
910
ARG centos_stream_version
1011
ARG extra_repository
1112

1213
## Install mapnik-builder dependencies
13-
RUN --mount=id=centos:stream${centos_stream_version}-/var/cache/dnf,target=/var/cache/dnf,type=cache,sharing=locked \
14+
RUN --mount=type=cache,sharing=locked,id=centos:stream${centos_stream_version}-/var/cache/dnf,target=/var/cache/dnf \
1415
echo "install_weak_deps=False" >> /etc/dnf/dnf.conf && \
1516
echo "keepcache=True" >> /etc/dnf/dnf.conf && \
1617
dnf --assumeyes install "dnf-command(config-manager)" && \
@@ -41,14 +42,14 @@ RUN --mount=id=centos:stream${centos_stream_version}-/var/cache/dnf,target=/var/
4142

4243
## Download, Build & Install `Mapnik`
4344
WORKDIR /tmp/mapnik_src
44-
RUN --mount=id=centos:stream${centos_stream_version}-mapnik-src:latest,target=/tmp/mapnik_src,type=cache \
45+
RUN --mount=type=cache,id=centos:stream${centos_stream_version}-mapnik-src:latest,target=/tmp/mapnik_src \
4546
if [ ! -f CMakeLists.txt ]; then \
4647
git clone --depth 1 --jobs 8 --recurse-submodules https://github.com/mapnik/mapnik.git /tmp/mapnik_src; \
4748
fi
4849
WORKDIR /tmp/mapnik_build
49-
RUN --mount=id=centos:stream${centos_stream_version}-mapnik-src:latest,target=/tmp/mapnik_src,type=cache \
50-
--mount=id=centos:stream${centos_stream_version}-mapnik-build:latest,target=/tmp/mapnik_build,type=cache \
51-
export CMAKE_BUILD_PARALLEL_LEVEL=$(nproc) && \
50+
RUN --mount=type=cache,id=centos:stream${centos_stream_version}-mapnik-src:latest,target=/tmp/mapnik_src \
51+
--mount=type=cache,id=centos:stream${centos_stream_version}-mapnik-build:latest,target=/tmp/mapnik_build \
52+
CMAKE_BUILD_PARALLEL_LEVEL="$(nproc)" && export CMAKE_BUILD_PARALLEL_LEVEL && \
5253
export DESTDIR=/tmp/mapnik && \
5354
cmake -B . -S /tmp/mapnik_src \
5455
-DBUILD_BENCHMARK:BOOL=OFF \
@@ -68,14 +69,14 @@ RUN --mount=id=centos:stream${centos_stream_version}-mapnik-src:latest,target=/t
6869
cmake --install . --strip
6970

7071
# Builder
71-
FROM quay.io/centos/centos:stream${centos_stream_version} as builder
72+
FROM quay.io/centos/centos:stream${centos_stream_version} AS builder
7273

7374
## Arguments
7475
ARG centos_stream_version
7576
ARG extra_repository
7677

7778
## Install builder dependencies
78-
RUN --mount=id=centos:stream${centos_stream_version}-/var/cache/dnf,target=/var/cache/dnf,type=cache,sharing=locked \
79+
RUN --mount=type=cache,sharing=locked,id=centos:stream${centos_stream_version}-/var/cache/dnf,target=/var/cache/dnf \
7980
echo "install_weak_deps=False" >> /etc/dnf/dnf.conf && \
8081
echo "keepcache=True" >> /etc/dnf/dnf.conf && \
8182
dnf --assumeyes install "dnf-command(config-manager)" && \
@@ -115,7 +116,7 @@ COPY --from=mapnik-builder /tmp/mapnik /
115116
## Build & Install `mod_tile`
116117
COPY . /tmp/mod_tile_src
117118
WORKDIR /tmp/mod_tile_build
118-
RUN export CMAKE_BUILD_PARALLEL_LEVEL=$(nproc) && \
119+
RUN CMAKE_BUILD_PARALLEL_LEVEL="$(nproc)" && export CMAKE_BUILD_PARALLEL_LEVEL && \
119120
cmake -B . -S /tmp/mod_tile_src \
120121
-DCMAKE_BUILD_TYPE:STRING=Release \
121122
-DCMAKE_INSTALL_LOCALSTATEDIR:PATH=/var \
@@ -124,20 +125,20 @@ RUN export CMAKE_BUILD_PARALLEL_LEVEL=$(nproc) && \
124125
-DCMAKE_INSTALL_SYSCONFDIR:PATH=/etc \
125126
-DENABLE_TESTS:BOOL=ON && \
126127
cmake --build .
127-
RUN export CTEST_PARALLEL_LEVEL=$(nproc) && \
128+
RUN CTEST_PARALLEL_LEVEL="$(nproc)" && export CTEST_PARALLEL_LEVEL && \
128129
ctest --output-on-failure
129130
RUN export DESTDIR=/tmp/mod_tile && \
130131
cmake --install . --strip
131132

132133
# Runner
133-
FROM quay.io/centos/centos:stream${centos_stream_version} as runner
134+
FROM quay.io/centos/centos:stream${centos_stream_version} AS runner
134135

135136
## Arguments
136137
ARG centos_stream_version
137138
ARG extra_repository
138139

139140
## Install runner dependencies
140-
RUN --mount=id=centos:stream${centos_stream_version}-/var/cache/dnf,target=/var/cache/dnf,type=cache,sharing=locked \
141+
RUN --mount=type=cache,sharing=locked,id=centos:stream${centos_stream_version}-/var/cache/dnf,target=/var/cache/dnf \
141142
echo "install_weak_deps=False" >> /etc/dnf/dnf.conf && \
142143
echo "keepcache=True" >> /etc/dnf/dnf.conf && \
143144
dnf --assumeyes install "dnf-command(config-manager)" && \

0 commit comments

Comments
 (0)