Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature Request: Use chainguard/busybox as the base image to support use as a GitHub Action #438

Closed
wants to merge 0 commits into from
Closed

Feature Request: Use chainguard/busybox as the base image to support use as a GitHub Action #438

wants to merge 0 commits into from

Conversation

pauldoomgov
Copy link
Contributor

We would like the option of running AllStar as a GitHub Action. The current container image uses cgr.dev/chainguard/static which is an excellent minimal base with very little surface area. Unfortunately, GitHub Actions requires tail to be available for use as a container:

/usr/bin/docker create --name ... --label ... --workdir /__w/.allstar/.allstar --network ...  -e "HOME=/github/home" -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work":"/__w" -v "/home/runner/runners/2.306.0/externals":"/__e":ro -v "/home/runner/work/_temp":"/__w/_temp" -v "/home/runner/work/_actions":"/__w/_actions" -v "/opt/hostedtoolcache":"/__t" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" --entrypoint "tail" ghcr.io/ossf/allstar:v3.0 "-f" "/dev/null"

This PR switches the base image to cgr.dev/chainguard/busybox which adds busybox on top of static. This allong with the -once flag makes it possible to run AllStar in GitHub Actions.

If you can not accept this PR due to the additional surface area an alternate tack would be to build a second image for users who wish to run allstar as an action, while keeping the original pristine image as the default.

@jeffmendoza
Copy link
Member

Hi Paul, happy to add this. I'm thinking a separate image called "allstar-busybox" would be great for those that need it, and keep the "allstar" static-binary-only image for those that don't. How does that sound?

Also, remember to commit with "git -s" for DCO (https://wiki.linuxfoundation.org/dco), Thanks!

@pauldoomgov
Copy link
Contributor Author

Hi Paul, happy to add this. I'm thinking a separate image called "allstar-busybox" would be great for those that need it, and keep the "allstar" static-binary-only image for those that don't. How does that sound?

Also, remember to commit with "git -s" for DCO (https://wiki.linuxfoundation.org/dco), Thanks!

Excellent! I will update the PR to add the second image and make sure to include a DCO sign off.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@pauldoomgov @jeffmendoza