From 6b8a4f45129ae567d143955663920501964fe56b Mon Sep 17 00:00:00 2001 From: Xe Iaso Date: Mon, 21 Apr 2025 08:39:13 -0400 Subject: docker/xesite: shalock everything Signed-off-by: Xe Iaso --- docker-bake.hcl | 12 ++++++++++++ docker/xesite.Dockerfile | 17 ++++++++++++++--- 2 files changed, 26 insertions(+), 3 deletions(-) diff --git a/docker-bake.hcl b/docker-bake.hcl index e92eb55..1867bf5 100644 --- a/docker-bake.hcl +++ b/docker-bake.hcl @@ -1,8 +1,14 @@ variable "ALPINE_VERSION" { default = "edge" } +variable "DENO_SHA" { default = "6ef38d16cbe99c3d610576b56aaa9ede9d988e8a2e5c1ed9c9d502e3167ef758" } variable "DENO_VERSION" { default = "2.2.11" } variable "DHALL_VERSION" { default = "1.42.2" } variable "DHALL_JSON_VERSION" { default = "1.7.12" } +variable "DHALL_JSON_SHA" { default = "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" } +variable "FONTS_SHA" { default = "2d96002c16d611fe8498a71c0b44362b4a98e18023cce34e7e37f581f34def22" } +variable "FONTS_VERSION" { default = "20250421" } variable "GO_VERSION" { default = "1.24" } +variable "TYPST_SHA" { default = "7d214bfeffc2e585dc422d1a09d2b144969421281e8c7f5d784b65fc69b5673f" } +variable "TYPST_VERSION" { default = "0.13.1" } variable "UBUNTU_VERSION" { default = "24.04" } group "default" { @@ -26,10 +32,16 @@ target "patreon-saasproxy" { target "xesite" { args = { ALPINE_VERSION = null + DENO_SHA = null DENO_VERSION = null DHALL_VERSION = null DHALL_JSON_VERSION = null + DHALL_JSON_SHA = null + FONTS_VERSION = null + FONTS_SHA = null GO_VERSION = null + TYPST_SHA = null + TYPST_VERSION = null UBUNTU_VERSION = "24.04" } context = "." diff --git a/docker/xesite.Dockerfile b/docker/xesite.Dockerfile index 41dbe7c..a2029c0 100644 --- a/docker/xesite.Dockerfile +++ b/docker/xesite.Dockerfile @@ -21,39 +21,50 @@ RUN --mount=type=cache,target=/root/.cache GOOS=${TARGETOS} GOARCH=${TARGETARCH} # Iosevka for the resume FROM --platform=${BUILDPLATFORM} alpine:${ALPINE_VERSION} AS fonts +ARG FONTS_VERSION=20250421 +ARG FONTS_SHA=2d96002c16d611fe8498a71c0b44362b4a98e18023cce34e7e37f581f34def22 WORKDIR /fonts -RUN apk add -U unzip ca-certificates curl \ - && curl -Lo iosevka.zip https://cdn.xeiaso.net/static/pkg/iosevka/ttf.zip \ +RUN set -x \ + && apk add -U unzip ca-certificates curl \ + && curl -Lo iosevka.zip https://files.xeiaso.net/dl/iosevka-${FONTS_VERSION}.zip \ + && echo "${FONTS_SHA} iosevka.zip" | sha256sum -c -s \ && unzip -d /fonts iosevka.zip # dhall-json for configuration building FROM --platform=${BUILDPLATFORM} alpine:${ALPINE_VERSION} AS dhall-json ARG DHALL_VERSION=1.42.2 ARG DHALL_JSON_VERSION=1.7.12 +ARG DHALL_JSON_SHA=acbada5e29ecc9b6a723c3f390beb76b9db26df81546d1f472415a2f387bc457 RUN mkdir -p /app WORKDIR /app -RUN apk add -U curl bzip2 ca-certificates \ +RUN set -x \ + && apk add -U curl bzip2 ca-certificates \ && curl -L -o dhall-linux.tar.bz2 https://github.com/dhall-lang/dhall-haskell/releases/download/${DHALL_VERSION}/dhall-json-${DHALL_JSON_VERSION}-x86_64-linux.tar.bz2 \ + && echo "${DHALL_JSON_SHA} dhall-linux.tar.bz2" | sha256sum -c -s \ && tar -xvjf dhall-linux.tar.bz2 \ && mv bin/dhall-to-json . # deno FROM alpine:${ALPINE_VERSION} AS deno ARG DENO_VERSION=2.2.11 +ARG DENO_SHA=6ef38d16cbe99c3d610576b56aaa9ede9d988e8a2e5c1ed9c9d502e3167ef758 RUN mkdir -p /app WORKDIR /app RUN apk add -U curl unzip ca-certificates \ && curl -sSLo deno.zip https://github.com/denoland/deno/releases/download/v${DENO_VERSION}/deno-$(uname -m)-unknown-linux-gnu.zip \ + && echo "${DENO_SHA} deno.zip" | sha256sum -c -s \ && unzip deno.zip # typst FROM alpine:${ALPINE_VERSION} AS typst ARG TYPST_VERSION=0.13.1 +ARG TYPST_SHA=7d214bfeffc2e585dc422d1a09d2b144969421281e8c7f5d784b65fc69b5673f RUN mkdir -p /app WORKDIR /app RUN set -x \ && apk add -U curl xz ca-certificates \ && curl -sSLo typst.tar.xz https://github.com/typst/typst/releases/download/v${TYPST_VERSION}/typst-$(uname -m)-unknown-linux-musl.tar.xz \ + && echo "${TYPST_SHA} typst.tar.xz" | sha256sum -c -s \ && tar xJf typst.tar.xz -C . \ && mv typst-$(uname -m)-unknown-linux-musl/typst . -- cgit v1.2.3