pre-commit
hooks
|
||
---|---|---|
.dockerignore | ||
.editorconfig | ||
.markdown-style.rb | ||
.mdlrc | ||
.pre-commit-config.yaml | ||
.prettierrc.yaml | ||
.woodpecker.yaml | ||
Dockerfile | ||
get_pkg_versions.sh | ||
README.md | ||
renovate.json |
verdigado pre-commit container
A container image to include all dependencies (and a warmed up cache) used in our pre-commit
hooks/CI steps to speed up execution.
If you see any pre-commit CI jobs installing dependencies:
- Make sure to execute
pre-commit
using this container - Add the hook to this repo's
.pre-commit-config.yaml
- Optionally install dependencies in the
Dockerfile
with the versions set up forRenovate
Usage
In your .woodpecker.yaml
, adapt and add the following block:
steps:
check-pre-commit:
image: git.verdigado.com/verdigado-images/container-pre-commit:latest
environment:
- SKIP=no-commit-to-branch # Ignore "don't commit to protected branch" check
commands:
- pre-commit run --all-files
If renovate is set up for your repo, it'll add and update the pinned digest/hash of the image.
Development
Generally you should have Docker
or something alike installed.
If you need to copy files into the container, don't forget to add exclusions to the general exclude all in .dockerignore
.
To update the base image (like 3.12.4-alpine3.20
to a newer Alpine version), manual work is still required, but supported by a little script. Renovate might not create a PR for newer image tags.
-
In the
Dockerfile
, update the Alpine version for the image and the renovate comments (# renovate: datasource=repology depName=alpine_3_20/gcc versioning=loose
).- FROM python:3-alpine3.19@sha256:00c0ffeeacab... + FROM python:3-alpine3.20 # You can omit the sha256 digest, the script prints it out # ... - # renovate: datasource=repology depName=alpine_3_19/build-base versioning=loose + # renovate: datasource=repology depName=alpine_3_20/build-base versioning=loose ENV BUILD_BASE_VERSION="0.8.15" # ...
-
Now run
./get_pkg_versions.sh
. It pulls the alpine image from the Dockerfile, prints it's digest and the latest packages it could find viaapk
inside that container and prints out the names and versions.Example output of
./get_pkg_versions.sh
for a new image, which is not yet pulled:Unable to find image 'python:3.12.3-alpine3.18' locally 3.12.3-alpine3.18: Pulling from library/python 619be1103602: Pull complete [...] 0eb61f1af52e: Pull complete Digest: sha256:24680ddf8422899b24756d62b31eb5de782fbb42e9c2bb1c70f1f55fcf891721 Status: Downloaded newer image for python:3.12.3-alpine3.18 [Script output starts here] Checking 5/5 latest package versions on python:3.12.3-alpine3.18 Image digest found: sha256:24680ddf8422899b24756d62b31eb5de782fbb42e9c2bb1c70f1f55fcf891721 --- build-base-0.5-r3 gcc-12.2.1_git20220924-r10 git-2.40.1-r0 openssh-keygen-9.3_p2-r1 ruby-3.2.4-r0
-
Copy the package versions and update the respective
ENV
with it manually in theDockerfile
. You also might add the digest to the base image. -
Test building the image and you can commit it.