Bumped version to 2.15.1

Signed-off-by: Nicholas Wilde <ncwilde43@gmail.com>

.github/workflows/ci.yaml

@@ -19,14 +19,27 @@ on:
         # Friendly description to be shown in the UI instead of 'name'
         description: 'Version'
         # Default value if no value is explicitly provided
-        default: '2.14-ls1'
+        default: '2.15.1'
         # Input has to be provided for the workflow to run
         required: true
+      ls:
+        description: 'ls'
+        default: 'ls2'
+        required: true
 
 jobs:
   main:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     steps:
+      -
+        name: Get tag
+        run: echo "tag=${{ github.event.inputs.version }}-${{ github.event.inputs.ls }}" >> $GITHUB_ENV
+      -
+        name: Remove docker from the repo name
+        run: echo "repo_name=$(echo "${{ github.event.repository.name }}" | sed 's/[^-]*-//')" >> $GITHUB_ENV
+      -
+        name: Get current date
+        run: echo "date=$(date -u +%Y-%m-%dT%H%M%SZ)" >> $GITHUB_ENV
       -
         name: Checkout
         uses: actions/checkout@v2
@@ -68,16 +81,31 @@ jobs:
           password: ${{ secrets.QUAY_TOKEN }}
       -
         name: Build and push
-        uses: docker/build-push-action@v2.3.0
+        uses: docker/build-push-action@v2.4.0
         with:
           context: .
           file: ./Dockerfile
           platforms: linux/amd64,linux/arm/v7,linux/arm64
           push: true
+          build-args: |
+            BUILD_DATE=${{ env.date }}
+            VERSION=${{ github.event.inputs.version }}
           tags: |
-            nicholaswilde/fossil:latest
-            nicholaswilde/fossil:${{ github.event.inputs.version }}
-            ghcr.io/nicholaswilde/fossil:latest
-            ghcr.io/nicholaswilde/fossil:${{ github.event.inputs.version }}
-            quay.io/nicholaswilde/fossil:latest
-            quay.io/nicholaswilde/fossil:${{ github.event.inputs.version }}
+            ${{ github.repository_owner }}/${{ env.repo_name }}:latest
+            ${{ github.repository_owner }}/${{ env.repo_name }}:${{ env.tag }}
+            ghcr.io/${{ github.repository_owner }}/${{ env.repo_name }}:latest
+            ghcr.io/${{ github.repository_owner }}/${{ env.repo_name }}:${{ env.tag }}
+            quay.io/${{ github.repository_owner }}/${{ env.repo_name }}:latest
+            quay.io/${{ github.repository_owner }}/${{ env.repo_name }}:${{ env.tag }}
+      -
+        name: Create Release
+        id: create_release
+        uses: actions/create-release@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token
+        with:
+          tag_name: ${{ env.tag }}
+          release_name: ${{ env.tag }}
+          draft: false
+          prerelease: false
+

.taskfiles/build.yaml

@@ -0,0 +1,23 @@
+---
+version: '3'
+
+tasks:
+  all:
+    desc: Build all platforms
+    cmds:
+      - "{{ .BUILD }} {{ .TAG_VERSION }} {{ .PLATFORMS }} -f Dockerfile ."
+    deps:
+      - build-deps
+
+  latest:
+    desc: Build the latest Docker image
+    cmds:
+      - "{{ .BUILD }} {{ .TAG_LATEST }} -f Dockerfile ."
+    deps:
+      - build-deps
+
+  build-deps:
+    preconditions:
+      - sh: "docker buildx version"
+        msg: "buildx is not installed"
+    silent: true

.taskfiles/builder.yaml

@@ -0,0 +1,34 @@
+---
+version: '3'
+
+vars:
+  BUILDER: "mybuilder"
+  BUILDER_NAME: "buildx_buildkit_{{ .BUILDER }}0"
+  BUILDER_PATH: "~/.docker/buildx/instances/{{ .BUILDER }}"
+
+tasks:
+  install:
+    desc: Install buildx builder, {{ .BUILDER }}
+    cmds:
+      - "docker run --rm --privileged multiarch/qemu-user-static --reset -p yes"
+    status:
+      - "test -f {{ .BUILDER_PATH }}"
+
+  create:
+    desc: Create buildx builder, {{ .BUILDER }}
+    cmds:
+      - task: install
+      - "export DOCKER_BUILDKIT=1"
+      - "docker buildx create --use --name {{ .BUILDER }}"
+      - "docker buildx use {{ .BUILDER }}"
+      - "docker buildx inspect --bootstrap"
+      - "docker buildx install"
+    status:
+      - "test -f {{ .BUILDER }}"
+
+  restart:
+    desc: Restart the builder container
+    cmds:
+      - "docker restart {{ .BUILDER_NAME }}"
+    preconditions:
+      - test -f {{ .BUILDER }}

.taskfiles/chk.yaml

@@ -0,0 +1,32 @@
+---
+version: '3'
+
+tasks:
+  _release:
+    cmds:
+      - task: _dl
+        vars:
+          URL: "https://github.com/{{ .SOURCE_ORG }}/{{ .SOURCE_REPO }}/releases/download/{{ .VERSION }}/{{ .FILENAME }}"
+    status:
+      - test {{ .TYPE }} != "release"
+
+  _source:
+    cmds:
+      - task: _dl
+        vars:
+          URL: "https://www.fossil-scm.org/home/uv/fossil-src-{{ .VERSION }}.tar.gz"
+    status:
+      - test {{ .TYPE }} != "source"
+      - test {{ .TYPE }} != "commit"
+
+  _varcheck:
+    cmds:
+      - cmd: >
+          (test {{ .TYPE }} = "source" ||
+          test {{ .TYPE }} = "release" ||
+          test {{ .TYPE }} = "commit") ||
+          (echo "TYPE is not 'source','commit', or 'release'"; exit 1)
+    silent: true
+
+  _dl:
+    cmds: ["wget {{ .URL }} -O- | sha256sum"]

.taskfiles/date.yaml

@@ -0,0 +1,8 @@
+---
+version: '3'
+
+tasks:
+  exec:
+    desc: Get the date of the container
+    cmds:
+      - "{{ .EXEC }} date"

.taskfiles/deps.yaml

@@ -0,0 +1,109 @@
+---
+version: '3'
+
+vars:
+  URL_SNYK: "https://github.com/snyk/snyk/releases/download/v1.458.0/snyk-linux"
+  URL_HADOLINT: "https://github.com/hadolint/hadolint/releases/download/v1.22.1/hadolint-Linux-x86_64"
+  URL_GOREPLACE: 'https://github.com/webdevops/go-replace/releases/download/1.1.2/gr-{{ ARCH | replace "amd" "" }}-linux'
+  GIT_ROOT:
+    sh: "git rev-parse --show-toplevel"
+
+tasks:
+  install:
+    desc: Install all developer dependencies
+    deps:
+      - _distrib-reqs
+      - pre-commit
+      - snyk
+      - yamllint
+      - hadolint
+      - go-replace
+    silent: true
+
+  yamllint:
+    desc: Install a precommit pip package
+    cmds:
+      - echo "Installing yamllint"
+      - python3 -m pip install --user yamllint
+    status:
+      - type yamllint
+    deps:
+      - _distrib-reqs
+    silent: true
+
+  pre-commit:
+    desc: Install a pre-commit pip package
+    cmds:
+      - echo "Installing pre-commit"
+      - python3 -m pip install --user pre-commit
+    status:
+      - type pre-commit
+    deps:
+      - _distrib-reqs
+    silent: true
+
+  snyk:
+    desc: Install snyk
+    cmds:
+      - echo "Installing snyk"
+      - mkdir -p ".bin"
+      - "wget -q {{ .URL_SNYK }} -O .bin/snyk"
+      - "chmod +x .bin/snyk"
+      - task: _path-notify
+    status:
+      - test -e .bin/snyk
+    deps:
+      - _distrib-reqs
+    silent: true
+
+  hadolint:
+    desc: Install hadolint
+    cmds:
+      - echo "Installing hadolint"
+      - mkdir -p ".bin"
+      - "wget -q {{ .URL_HADOLINT }} -O .bin/hadolint"
+      - "chmod +x .bin/hadolint"
+      - task: _path-notify
+    status:
+      - test -e .bin/hadolint
+    deps:
+      - _distrib-reqs
+    silent: true
+
+  go-replace:
+    desc: Install go-replace
+    cmds:
+      - echo "Installing go-replace"
+      - mkdir -p ".bin"
+      - echo "{{ .URL_GOREPLACE }}"
+      - wget -q {{ .URL_GOREPLACE }} -O .bin/go-replace
+      - chmod +x .bin/go-replace
+      - task: _path-notify
+    status:
+      - test -e .bin/go-replace
+    deps:
+      - _distrib-reqs
+    silent: true
+
+  _path-notify:
+    cmds:
+      - echo "Be sure to update your PATH, PATH=\$PATH:\$PWD/.bin"
+    silent: true
+
+  _distrib-reqs:
+    cmds:
+      - task deps:_need BIN=wget
+      - task deps:_need BIN=python3
+      - task deps:_need BIN=docker
+    silent: true
+
+  _secrets-reqs:
+    cmds:
+      - task deps:_need BIN=pass
+      - task deps:_need BIN=gh
+    silent: true
+
+  _need:
+    cmds:
+      - type {{ .BIN }} 2>&1 >/dev/null || (echo "Please install {{ .BIN }}"; exit 1)
+    silent: true

.taskfiles/image.yaml

@@ -0,0 +1,16 @@
+---
+version: '3'
+
+tasks:
+  create:
+    desc: "Create a new Docker image"
+    cmds:
+      - ./.bin/go-replace -s '${CHARTNAME}' -r "{{ .IMAGE }}" --path={{.GIT_ROOT}}/charts/{{.CHART}} --path-pattern='*.*'
+    deps:
+      - check-image
+    silent: true
+
+  _check-image:
+    cmds:
+      - test ! -z "{{ .IMAGE }}" || (echo "Please define IMAGE parameter"; exit 1)
+    silent: true

.taskfiles/load.yaml

@@ -0,0 +1,8 @@
+---
+version: '3'
+
+tasks:
+  latest:
+    desc: Load the release image
+    cmds:
+      - "{{ .BUILD }} {{ .TAG_LATEST }} -f Dockerfile . --load"

.taskfiles/pkgs.yaml

@@ -0,0 +1,18 @@
+---
+version: '3'
+
+tasks:
+  alpine:
+    desc: Check package versions for alpine based images
+    cmds:
+      - "{{ .RUN }} {{ .BASE }} /bin/sh -c 'apk update && apk policy {{ .PACKAGES }}'"
+
+  debian:
+    desc: Check package versions for debian based images
+    cmds:
+      - "{{ .RUN }} {{ .BASE }} /bin/sh -c 'apt-get update && apt-cache policy {{ .PACKAGES }}'"
+
+  pip:
+    desc: Show the installed pip package versions
+    cmds:
+      - "{{ .RUN }} {{ .BASE }} /bin/sh -c 'pip install {{ .PIP }} && pip show {{ .PIP }}'"

.taskfiles/run.yaml

@@ -0,0 +1,8 @@
+---
+version: '3'
+
+tasks:
+  latest:
+    desc: Run the latest image
+    cmds:
+      - "{{ .RUN }} {{ .TAG_LATEST }}"

.taskfiles/shell.yaml

@@ -0,0 +1,8 @@
+---
+version: '3'
+
+tasks:
+  exec:
+    desc: Get a shell of a running container
+    cmds:
+      - "{{ .EXEC }} /bin/sh"

.taskfiles/snyk.yaml

@@ -0,0 +1,25 @@
+---
+version: '3'
+
+tasks:
+  test:
+    desc: Test local project for vulnerabilities
+    cmds:
+      - "snyk container test {{ .TAG_VERSION }} --file=Dockerfile"
+    deps:
+      - :load
+      - _snyk-deps
+
+  monitor:
+    desc: Monitor the image with snyk
+    cmds:
+      - "snyk container monitor {{ .TAG_VERSION }}"
+    deps:
+      - :load
+      - _snyk-deps
+
+  _snyk-deps:
+    preconditions:
+      - sh: "snyk version"
+        msg: "snyk is not installed"
+    silient: true

.yamllint

@@ -7,7 +7,7 @@ ignore: |
 
 rules:
   line-length:
-    max: 120
+    max: 140
     level: warning
   truthy:
     allowed-values: ['true', 'false', 'yes', 'no']