From cefca971df1a1ae43957ae305c729b4d9785c24d Mon Sep 17 00:00:00 2001 From: ClementTsang Date: Thu, 2 Jun 2022 01:00:08 -0400 Subject: [PATCH] create --- .github/workflows/test.yml | 33 +++++++++++++++++++++++++++++++++ README.md | 23 ++++++++++++++++++++++- action.yml | 23 +++++++++++++++++++++++ check.sh | 6 ++++++ 4 files changed, 84 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/test.yml create mode 100644 action.yml create mode 100755 check.sh diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 0000000..282b637 --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,33 @@ +# A simple test to test the functionality the action. + +name: Test +on: + pull_request: + workflow_dispatch: + push: + branches: [master] + +jobs: + test-always-true: + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Run + uses: ./ + with: + base-image: docker://rust:slim-buster + derived-image: docker://rust:slim-buster + + test-always-false: + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Run + uses: ./ + with: + base-image: docker://ghcr.io/clementtsang/cargo-deb-arm + derived-image: docker://rust:slim-buster diff --git a/README.md b/README.md index 6dac8f7..695d7a7 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,26 @@ # docker-check-base-image-diff -A Github Action that checks for Docker base image updates. Leverages skopeo and jq. +A Github Action that checks whether a derived image does not consist of a base image. Leverages +[`skopeo`](https://github.com/containers/skopeo) and [`jq`](https://stedolan.github.io/jq/). Based on [lucacome's docker-image-update-checker](https://github.com/lucacome/docker-image-update-checker). + +## Usage + +Note that this action _assumes_ that `skopeo` is installed; this appears to be true for GitHub's Ubuntu runners. + +### Inputs + +#### `base-image` + +A required argument, this represents the "base" image you want to check against. + +As this is based on `skopeo`, it expects a string representing a container, and following a certain format +(e.g. `docker://rust:slim-buster`). For more information, see [the `skopeo` README](https://github.com/containers/skopeo#skopeo-). + +### Outputs + +A required argument, this represents the "derived" image you want to check. + +As this is based on `skopeo`, it expects a string representing a container, and following a certain format +(e.g. `docker://rust:slim-buster`). For more information, see [the `skopeo` README](https://github.com/containers/skopeo#skopeo-). diff --git a/action.yml b/action.yml new file mode 100644 index 0000000..daddafe --- /dev/null +++ b/action.yml @@ -0,0 +1,23 @@ +name: "Docker Check Base Image Diff" +description: "A Github Action that checks whether a derived image does not consist of a base image." +author: Clement Tsang + +inputs: + base-image: + description: "Base Docker image - follows skopeo format (e.g. docker://rust:slim-buster)" + required: true + derived-image: + description: "Derived Docker image - follows skopeo format (e.g. docker://rust:slim-buster)" + required: true +outputs: + differs: + description: "True or false" + value: ${{ steps.check.outputs.result }} +runs: + using: "composite" + steps: + - id: check + shell: bash + run: | + result=$(${{ github.action_path }}/check.sh ${{ inputs.base-image }} ${{ inputs.derived-image }}) + echo "::set-output name=result::${result}" diff --git a/check.sh b/check.sh new file mode 100755 index 0000000..a54d6cb --- /dev/null +++ b/check.sh @@ -0,0 +1,6 @@ +#!/bin/bash + +BASE_LAYERS="$(skopeo inspect $1 | jq '.Layers')" +DERIVED_LAYERS="$(skopeo inspect $2 | jq '.Layers')" + +jq '.base - .derived | .!=[]' <<< "{\"base\": $BASE_LAYERS, \"derived\": $DERIVED_LAYERS}" \ No newline at end of file