Set default to rootless but provide seperate root image

2025-03-16 12:21:40 +01:00 · 2025-03-16 12:21:40 +01:00 · 25b3e875b0
commit 25b3e875b0
parent 40754698e0
3 changed files with 49 additions and 8 deletions
--- a/.woodpecker.yaml
+++ b/.woodpecker.yaml
@ -18,6 +18,28 @@ steps:
  when:
    - branch: main
      event: [push, manual]
+
+- name: docker-root
+  image: woodpeckerci/plugin-docker-buildx
+  privileged: true
+  settings:
+    dockerfile: Dockerfile-root
+    registry: git.ar21.de
+    username:
+      from_secret: REGISTRY_USER
+    password:
+      from_secret: REGISTRY_PASS
+    repo: git.ar21.de/aaron/ansible-lint
+    tags:
+      - root
+      - root-${CI_PIPELINE_NUMBER}
+    platforms:
+      - linux/arm64
+      - linux/amd64
+  when:
+    - branch: main
+      event: [push, manual]
+
 - name: docker-build
  image: woodpeckerci/plugin-docker-buildx
  privileged: true
--- a/16
+++ b/16
@ -1,17 +1,17 @@
 FROM python:3.13.2-slim-bookworm
 RUN apt-get update -qq && apt-get install -qq git --no-install-recommends && rm -rf /var/lib/apt/lists/*
 WORKDIR ./
-# ARG PUID=1000
-# ENV GROUP dockergroup
-# ENV USER docker
-# ENV HOMEDIR "/home/${USER}"
-# ENV PATH ${HOMEDIR}/.local/bin:$PATH
+ARG PUID=1000
+ENV GROUP dockergroup
+ENV USER docker
+ENV HOMEDIR "/home/${USER}"
+ENV PATH ${HOMEDIR}/.local/bin:$PATH
 ENV PLUGIN_PROFILE production
-# RUN useradd -u "${PUID}" -m "${USER}"
+RUN useradd -u "${PUID}" -m "${USER}"
 COPY script.sh /bin/
 RUN chmod +x /bin/script.sh
-# USER ${USER}
-# WORKDIR ${HOMEDIR}
+USER ${USER}
+WORKDIR ${HOMEDIR}
 COPY requirements.txt .
 RUN pip install --no-cache-dir -r requirements.txt
 RUN rm requirements.txt
--- a/19
+++ b/19
@ -0,0 +1,19 @@
+FROM python:3.13.2-slim-bookworm
+RUN apt-get update -qq && apt-get install -qq git --no-install-recommends && rm -rf /var/lib/apt/lists/*
+WORKDIR ./
+# ARG PUID=1000
+# ENV GROUP dockergroup
+# ENV USER docker
+# ENV HOMEDIR "/home/${USER}"
+# ENV PATH ${HOMEDIR}/.local/bin:$PATH
+ENV PLUGIN_PROFILE production
+# RUN useradd -u "${PUID}" -m "${USER}"
+COPY script.sh /bin/
+RUN chmod +x /bin/script.sh
+# USER ${USER}
+# WORKDIR ${HOMEDIR}
+COPY requirements.txt .
+RUN pip install --no-cache-dir -r requirements.txt
+RUN rm requirements.txt
+
+ENTRYPOINT [ "script.sh" ]