container-pre-commit/README.md
Henrik Hüttemann 9354a361a3
All checks were successful
ci/woodpecker/push/build Pipeline was successful
ci/woodpecker/push/test Pipeline was successful
Add package version script
2024-06-25 16:18:57 +02:00

73 lines
3 KiB
Markdown

# verdigado pre-commit container
A container image to include all dependencies (and a warmed up cache) used in our [`pre-commit`](https://pre-commit.com/) hooks/CI steps to speed up execution.
If you see any pre-commit CI jobs installing dependencies:
- Make sure to execute `pre-commit` using this container
- Add the hook to this repo's `.pre-commit-config.yaml`
- Optionally install dependencies in the `Dockerfile` with the versions set up for `Renovate`
## Usage
In your `.woodpecker.yaml`, adapt and add the following block:
```yaml
steps:
check-pre-commit:
image: git.verdigado.com/verdigado-images/container-pre-commit:latest
environment:
- SKIP=no-commit-to-branch # Ignore "don't commit to protected branch" check
commands:
- pre-commit run --all-files
```
If renovate is set up for your repo, it'll add and update the pinned digest/hash of the image.
## Development
Generally you should have `Docker` or something alike installed.
If you need to copy files into the container, don't forget to add exclusions to the general _exclude all_ in `.dockerignore`.
To **update the base image** (like `3.12.4-alpine3.20` to a newer Alpine version), manual work is still required, but supported by a little script. **Renovate might not create a PR for newer image tags.**
1. In the `Dockerfile`, update the Alpine version for the image and the renovate comments (`# renovate: datasource=repology depName=alpine_3_20/gcc versioning=loose`).
```diff
- FROM python:3-alpine3.19@sha256:00c0ffeeacab...
+ FROM python:3-alpine3.20 # You can omit the sha256 digest, the script prints it out
# ...
- # renovate: datasource=repology depName=alpine_3_19/build-base versioning=loose
+ # renovate: datasource=repology depName=alpine_3_20/build-base versioning=loose
ENV BUILD_BASE_VERSION="0.8.15"
# ...
```
1. Now run `./get_pkg_versions.sh`. It pulls the alpine image from the Dockerfile, prints it's digest and the latest packages it could find via `apk` inside that container and prints out the names and versions.
Example output of `./get_pkg_versions.sh` for a new image, which is not yet pulled:
```plain
Unable to find image 'python:3.12.3-alpine3.18' locally
3.12.3-alpine3.18: Pulling from library/python
619be1103602: Pull complete
[...]
0eb61f1af52e: Pull complete
Digest: sha256:24680ddf8422899b24756d62b31eb5de782fbb42e9c2bb1c70f1f55fcf891721
Status: Downloaded newer image for python:3.12.3-alpine3.18
[Script output starts here]
Checking 5/5 latest package versions on python:3.12.3-alpine3.18
Image digest found: sha256:24680ddf8422899b24756d62b31eb5de782fbb42e9c2bb1c70f1f55fcf891721
---
build-base-0.5-r3
gcc-12.2.1_git20220924-r10
git-2.40.1-r0
openssh-keygen-9.3_p2-r1
ruby-3.2.4-r0
```
1. Copy the package versions and update the respective `ENV` with it manually in the `Dockerfile`. You also might add the digest to the base image.
1. Test building the image and you can commit it.