Merge pull request #28 from voxpupuli/alpine

switch to alpine

.github/workflows/ci.yaml

@@ -65,21 +65,22 @@ jobs:
         with:
           sarif_file: 'trivy-results-${{ matrix.rubygem_puppet }}.sarif'
 
-      # - name: Run Trivy in GitHub SBOM mode and submit results to Dependency Graph
-      #   uses: aquasecurity/trivy-action@master
-      #   with:
-      #     scan-type: 'image'
-      #     format: 'github'
-      #     output: 'dependency-results.sbom.json'
-      #     image-ref: 'ci/voxbox-${{ matrix.rubygem_puppet }}:${{ github.sha }}'
-      #     github-pat: ${{ secrets.GITHUB_TOKEN }}
+      - name: Clone voxpupuli/puppet-example repository
+        uses: actions/checkout@v4
+        with:
+          repository: voxpupuli/puppet-example
 
-      # - name: Upload trivy report as a Github artifact
-      #   uses: actions/upload-artifact@v4
-      #   with:
-      #     name: trivy-sbom-report
-      #     path: '${{ github.workspace }}/dependency-results.sbom.json'
-      #     retention-days: 20 # 90 is the default
+      - name: Test container
+        run: |
+          docker run --rm  -v $(pwd):/repo ci/voxbox-${{ matrix.rubygem_puppet }}:${{ github.sha }} -f /Rakefile -T
+          docker run --rm  -v $(pwd):/repo ci/voxbox-${{ matrix.rubygem_puppet }}:${{ github.sha }} -f /Rakefile lint
+          docker run --rm  -v $(pwd):/repo ci/voxbox-${{ matrix.rubygem_puppet }}:${{ github.sha }} -f /Rakefile metadata_lint
+          docker run --rm  -v $(pwd):/repo ci/voxbox-${{ matrix.rubygem_puppet }}:${{ github.sha }} -f /Rakefile strings:validate:reference
+          docker run --rm  -v $(pwd):/repo ci/voxbox-${{ matrix.rubygem_puppet }}:${{ github.sha }} -f /Rakefile rubocop
+          docker run --rm  -v $(pwd):/repo ci/voxbox-${{ matrix.rubygem_puppet }}:${{ github.sha }} -f /Rakefile syntax
+          docker run --rm  -v $(pwd):/repo ci/voxbox-${{ matrix.rubygem_puppet }}:${{ github.sha }} -f /Rakefile spec
+          docker run --rm  -v $(pwd):/repo ci/voxbox-${{ matrix.rubygem_puppet }}:${{ github.sha }} -f /Rakefile r10k:syntax
+          docker run --rm  -v $(pwd):/repo ci/voxbox-${{ matrix.rubygem_puppet }}:${{ github.sha }} -f /Rakefile r10k:dependencies
 
   tests:
     needs:

Dockerfile

@@ -1,4 +1,4 @@
-ARG BASE_IMAGE=docker.io/ruby:3.2.5-bookworm
+ARG BASE_IMAGE=docker.io/ruby:3.2.5-alpine3.20
 
 FROM $BASE_IMAGE
 
@@ -45,16 +45,13 @@ COPY voxbox/Gemfile /
 COPY voxbox/Rakefile /
 COPY Dockerfile /
 
-RUN apt-get update \
-    && apt-get upgrade -y \
-    && apt-get install -y yamllint \
-    && apt-get autoremove -y \
-    && apt-get clean \
+RUN apk update \
+    && apk upgrade \
+    && apk add --no-cache --update alpine-sdk \
+    && apk add --no-cache --update yamllint \
     && bundle config set path.system true \
     && bundle config set jobs $(nproc) \
     && bundle install --gemfile=/Gemfile \
-    && apt-get purge -y "libaom*" linux-libc-dev "libmagick*" "imagemagick-*" \
-    && rm -rf /var/lib/apt/lists/* \
     && rm -rf /usr/local/lib/ruby/gems/*/cache/* \
     && rm -rf /usr/local/lib/ruby/gems/2.7.0/gems/cgi-0.1.0.2 \
     && rm -rf /usr/local/lib/ruby/gems/2.7.0/specifications/default/cgi-0.1.0.2.gemspec \

build_versions.json

@@ -2,7 +2,7 @@
   "include": [
     {
       "puppet_release": 7,
-      "base_image": "ghcr.io/betadots/ruby:2.7.8-focal",
+      "base_image": "docker.io/ruby:2.7.8-alpine3.16",
       "rubygem_puppet": "7.32.1",
       "rubygem_facter": "4.8.0",
       "rubygem_voxpupuli_test": "9.0.0",
@@ -17,7 +17,7 @@
     },
     {
       "puppet_release": 8,
-      "base_image": "docker.io/ruby:3.2.5-bookworm",
+      "base_image": "docker.io/ruby:3.2.5-alpine3.20",
       "rubygem_puppet": "8.8.1",
       "rubygem_facter": "4.8.0",
       "rubygem_voxpupuli_test": "9.0.0",