Skip to content

Commit

Permalink
run image without root, optimize image size, fix comparison bug & gen…
Browse files Browse the repository at this point in the history
…eral cleanup
  • Loading branch information
oscrx committed Nov 27, 2023
1 parent 297eec4 commit e546b6f
Show file tree
Hide file tree
Showing 7 changed files with 51 additions and 73 deletions.
8 changes: 6 additions & 2 deletions .github/workflows/bump.yml
Original file line number Diff line number Diff line change
@@ -1,19 +1,23 @@
name: Bump version

on:
push:
branches:
- main

jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
with:
fetch-depth: '0'

- name: Bump version and push tag
uses: anothrNick/github-tag-action@v1
env:
GITHUB_TOKEN: ${{ secrets.MY_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
WITH_V: true
DEFAULT_BUMP: patch
54 changes: 0 additions & 54 deletions .github/workflows/codeql-analysis.yml

This file was deleted.

36 changes: 28 additions & 8 deletions .github/workflows/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,18 +4,22 @@ on:
push:
tags:
- 'v*'
branches:
- "main"

jobs:
docker:
build:
runs-on: ubuntu-latest
permissions:
packages: write
steps:
-
name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@v4
-
name: Generate Docker metadata
id: meta
uses: docker/metadata-action@v4
uses: docker/metadata-action@v5
with:
images: |
ghcr.io/${{ github.repository }}
Expand All @@ -29,23 +33,39 @@ jobs:
latest=true
-
name: Set up QEMU
uses: docker/setup-qemu-action@v2
uses: docker/setup-qemu-action@v3
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
uses: docker/setup-buildx-action@v3
-
name: Login to GitHub Package Registry
uses: docker/login-action@v2
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
-
name: Build and push
uses: docker/build-push-action@v4
uses: docker/build-push-action@v5
with:
context: .
push: ${{ github.event_name != 'pull_request' }}
push: ${{ github.event_name == 'create' && startsWith(github.ref, 'refs/tags/v') }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
platforms: linux/amd64,linux/arm64,linux/arm/v6,linux/arm/v7
bump:
needs: build
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- uses: actions/checkout@v4
with:
fetch-depth: '0'

- name: Bump version and push tag
uses: anothrNick/github-tag-action@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
WITH_V: true
DEFAULT_BUMP: patch
16 changes: 11 additions & 5 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,11 +1,16 @@
FROM python:alpine

WORKDIR /usr/src/app
FROM python:alpine AS build-image

RUN apk add --no-cache --update curl-dev libressl-dev musl-dev gcc
RUN apk add --no-cache --update curl-dev musl-dev gcc
COPY requirements.txt ./

RUN python -m venv /opt/venv
ENV PATH="/opt/venv/bin:$PATH"
RUN pip install --no-cache-dir -r requirements.txt

FROM python:alpine
RUN apk add --no-cache --update curl
ENV PATH="/opt/venv/bin:$PATH"
COPY --from=build-image /opt/venv /opt/venv
COPY auto-dns.py ./

ENV TIMEOUT 5
Expand All @@ -14,4 +19,5 @@ ENV REGEX_DOMAIN "k8s-[0-9]+\.oscarr\.nl"
ENV KUBERNETES_DOMAIN "kubernetes.oscarr.nl"
ENV TEST_DOMAIN "ninoo.nl"

CMD [ "python", "./auto-dns.py" ]
USER nobody
CMD [ "python", "auto-dns.py" ]
4 changes: 2 additions & 2 deletions LICENSE.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
MIT License
# MIT License

Copyright (c) [2022] [Bierteam]
Copyright (c) [2023] [Bierteam]

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
Expand Down
4 changes: 3 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
# Readme
# README

This container will monitor the available nodes in our kubernetes cluster and will update the dns records accordingly.
This only supports the cloudflare API
Expand All @@ -8,6 +8,7 @@ Then it tries to connect to each of the found records and checks if there is a v
If there is a succesful connection the ip of the node will be added to the pool (KUBERNETES_DOMAIN) (ipv4 and ipv6)

Env variables:

```bash
TIMEOUT=5
MAIN_DOMAIN="oscarr.nl"
Expand All @@ -16,4 +17,5 @@ KUBERNETES_DOMAIN="kubernetes.oscarr.nl"
TEST_DOMAIN="ninoo.nl"
CLOUDFLARE_API_TOKEN="SECRET"
```

https://dash.cloudflare.com/profile/api-tokens
2 changes: 1 addition & 1 deletion auto-dns.py
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@
kubernetesPool = {}
# find all regexDomain records
for record in records:
if record['type'] == "A" or "AAAA":
if record['type'] == "A" or record['type'] == "AAAA":
if re.search(regexDomain, record['name']):
nodes.append({"name": record['name'], "type": record['type'], "ip": record['content']})
if record['name'] == kubernetesDomain:
Expand Down

0 comments on commit e546b6f

Please sign in to comment.