diff --git a/.renovaterc b/.renovaterc new file mode 100644 index 0000000..b4a9f5f --- /dev/null +++ b/.renovaterc @@ -0,0 +1,44 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": [ + "config:recommended", + ":combinePatchMinorReleases", + ":enableVulnerabilityAlerts", + ":rebaseStalePrs" + ], + "prConcurrentLimit": 10, + "branchPrefix": "renovate/", + "customManagers": [ + { + "customType": "regex", + "description": "Update _VERSION variables in Dockerfiles", + "fileMatch": [ + "(^|/|\\.)Dockerfile$", + "(^|/)Dockerfile\\.[^/]*$" + ], + "matchStrings": [ + "# renovate: datasource=(?[a-z-]+?)(?: depName=(?.+?))? packageName=(?.+?)(?: versioning=(?[a-z-]+?))?\\s(?:ENV|ARG) .+?_VERSION=(?.+?)\\s" + ] + } + ], + "packageRules": [ + { + "matchDatasources": [ + "github-release" + ], + "matchPackageNames": [ + "llvm/llvm-project" + ], + "extractVersion": "^llvmorg-(?\\d+)\\.\\d+\\.\\d+$" + }, + { + "matchPackageNames": [ + "nodejs/node", "nodejs" + ], + "matchDatasources": [ + "docker" + ], + "versioning": "node" + } + ] +} diff --git a/images/fava/Dockerfile b/images/fava/Dockerfile index 4e2c60c..b8e38f1 100644 --- a/images/fava/Dockerfile +++ b/images/fava/Dockerfile @@ -1,52 +1,48 @@ +# renovate: datasource=github-tags depName=beancount packageName=beancount/beancount ARG BEANCOUNT_VERSION=2.3.6 +# renovate: datasource=github-tags depName=fava packageName=beancount/fava ARG FAVA_VERSION=1.27.3 -FROM node:lts-slim as node_build_env +FROM node:20.11.0-slim AS node_build_env ARG FAVA_VERSION RUN set -eux; \ apt-get update; \ apt-get install -y python3-babel git make; -RUN git clone --depth 1 --branch v${FAVA_VERSION} https://github.com/beancount/fava /tmp/build/fava +RUN git clone --depth 1 --branch v${FAVA_VERSION} https://github.com/beancount/fava /tmp/build/fava; WORKDIR /tmp/build/fava RUN set -eux; \ make -j $(nproc); \ rm -rf .*cache .eggs .tox build dist frontend/node_modules; \ find . -type f -name '*.py[c0]' -delete; \ - find . -type d -name "__pycache__" -delete + find . -type d -name "__pycache__" -delete; -FROM python:3.12.3-slim as build_env +FROM python:3.12.3-slim AS build_env ARG BEANCOUNT_VERSION +ENV PATH "/app/bin:$PATH" RUN set -eux; \ apt-get update; \ - apt-get install -y build-essential libxml2-dev libxslt-dev curl git; + apt-get install -y build-essential libxml2-dev libxslt-dev curl git; \ + python -mvenv /app; -ENV PATH "/app/bin:$PATH" -RUN python -mvenv /app COPY --from=node_build_env /tmp/build/fava /tmp/build/fava -RUN git clone --depth 1 --branch ${BEANCOUNT_VERSION} https://github.com/beancount/beancount /tmp/build/beancount +RUN git clone --depth 1 --branch ${BEANCOUNT_VERSION} https://github.com/beancount/beancount /tmp/build/beancount; WORKDIR /tmp/build/beancount + +COPY requirements.txt ./ + RUN set -eux; \ CFLAGS=-s pip3 install -U /tmp/build/beancount; \ pip3 install -U /tmp/build/fava; \ - pip3 install \ - beancount-reds-plugins \ - git+https://github.com/andreasgerstmayr/fava-dashboards.git \ - git+https://github.com/beancount/beangrow.git \ - git+https://github.com/redstreet/fava_investor.git \ - git+https://github.com/daniel-wells/beancount_checkclosed.git \ - git+https://github.com/PhracturedBlue/fava-portfolio-summary.git \ - git+https://github.com/polarmutex/fava-envelope.git \ - git+https://github.com/scauligi/refried.git \ - git+https://github.com/beancount/beanprice.git@41576e2ac889e4825e4985b6f6c56aa71de28304 \ - ; \ + pip3 install -r requirements.txt; \ pip3 uninstall -y pip; \ - find /app -name __pycache__ -exec rm -rf -v {} + + find /app -name __pycache__ -exec rm -rf -v {} + \;; \ + rm -r /app/share; FROM python:3.12.3-slim COPY --from=build_env /app /app diff --git a/images/fava/requirements.txt b/images/fava/requirements.txt new file mode 100644 index 0000000..b697a65 --- /dev/null +++ b/images/fava/requirements.txt @@ -0,0 +1,9 @@ +beancount-reds-plugins==0.3.0 +beanprice==1.2.0 +fava_envelope==0.5.8 +fava-investor==0.7.0 +git+https://github.com/andreasgerstmayr/fava-dashboards.git@df40f4e2ccc6b4ec479e5146d8e62c327e44e6f9 +git+https://github.com/beancount/beangrow.git@7dd642b10a66c10ec807d9eb50fd58dc26635ba2 +git+https://github.com/daniel-wells/beancount_checkclosed.git@5abc380703105c12b518144f83a5c4fe25cc8f39 +git+https://github.com/PhracturedBlue/fava-portfolio-summary.git@fb31e371c9808a8a99ea02a60e3712271925d379 +git+https://github.com/scauligi/refried.git@b1b2a1fe1efd321142163ecc1796a38b71bb48b0 diff --git a/images/fluentd/Dockerfile b/images/fluentd/Dockerfile index a217761..1e05089 100644 --- a/images/fluentd/Dockerfile +++ b/images/fluentd/Dockerfile @@ -1,4 +1,4 @@ -FROM fluent/fluentd:v1.16.1 +FROM fluent/fluentd:v1.16.2-1.1 USER root diff --git a/images/frp/Dockerfile b/images/frp/Dockerfile index 47df792..7881993 100644 --- a/images/frp/Dockerfile +++ b/images/frp/Dockerfile @@ -1,3 +1,4 @@ +# renovate: datasource=github-releases depName=frp packageName=fatedier/frp ARG FRP_VERSION=0.60.0 FROM scratch AS src diff --git a/images/lua-clib/Dockerfile b/images/lua-clib/Dockerfile index 347ee26..0b695cb 100644 --- a/images/lua-clib/Dockerfile +++ b/images/lua-clib/Dockerfile @@ -2,8 +2,11 @@ ARG LUA_5_1_VERSION=5.1.5 ARG LUA_5_2_VERSION=5.2.4 ARG LUA_5_3_VERSION=5.3.6 ARG LUA_5_4_VERSION=5.4.4 +# renovate: datasource=github-tags depName=luarocks packageName=luarocks/luarocks ARG LUAROCKS_VERSION=3.10.0 +# renovate: datasource=github-releases depName=dart-sass packageName=sass/dart-sass ARG DART_SASS_VERSION=1.71.1 +# renovate: datasource=github-tags depName=node packageName=nodejs/node versioning=node ARG NODE_VERSION=20.11.1 FROM debian:bookworm-slim AS builder @@ -84,7 +87,7 @@ RUN set -e; \ make -j $(nproc); \ make install; -FROM builder AS dart +FROM builder AS sass ARG DART_SASS_VERSION ADD https://github.com/sass/dart-sass/releases/download/${DART_SASS_VERSION}/dart-sass-${DART_SASS_VERSION}-linux-x64.tar.gz /build/sass.tar.gz @@ -140,7 +143,7 @@ COPY --from=lua52 /usr/local /usr/local COPY --from=lua53 /usr/local /usr/local COPY --from=lua54 /usr/local /usr/local COPY --from=node /usr/local /usr/local -COPY --from=dart /usr/local /usr/local +COPY --from=sass /usr/local /usr/local RUN --mount=type=cache,target=/var/cache/luarocks \ set -e; \ diff --git a/images/nextcloud/Dockerfile b/images/nextcloud/Dockerfile index 6b54255..97969b9 100644 --- a/images/nextcloud/Dockerfile +++ b/images/nextcloud/Dockerfile @@ -1,27 +1,29 @@ FROM nextcloud:28.0.6-apache +# renovate: datasource=github-releases depName=yt-dlp packageName=yt-dlp/yt-dlp versioning=loose ARG YTDLP_VERSION=2024.05.27 # Debian ships node.js v18, make sure that the pageres version supports that +# renovate: datasource=npm packageName=pageres-cli ARG PAGERES_VERSION=8.0.0 RUN set -ex; \ apt-get update; \ apt-get install -y --no-install-recommends --no-install-suggests \ - aria2 \ - cifs-utils \ - clamav \ - ffmpeg \ - libnss3 \ - libbz2-dev \ - nodejs \ - npm \ - smbclient \ - p7zip \ - p7zip-full \ - python3-pip \ - unzip \ - wget \ - ; \ + aria2 \ + cifs-utils \ + clamav \ + ffmpeg \ + libnss3 \ + libbz2-dev \ + nodejs \ + npm \ + smbclient \ + p7zip \ + p7zip-full \ + python3-pip \ + unzip \ + wget \ + ; \ docker-php-ext-install bz2; \ npm install --global pageres-cli@${PAGERES_VERSION} puppeteer; \ npx puppeteer browsers install chrome; \ diff --git a/images/node-script/Dockerfile b/images/node-script/Dockerfile index 86d00cb..29a29c7 100644 --- a/images/node-script/Dockerfile +++ b/images/node-script/Dockerfile @@ -1,4 +1,19 @@ -FROM node:20.17.0-slim +FROM node:20.11.0-slim + +# renovate: datasource=npm packageName=npm versioning=npm +ARG NPM_VERSION=10.5.0 +# renovate: datasource=npm packageName=bluebird versioning=npm +ARG BLUEBIRD_VERSION=3.7.2 +# renovate: datasource=npm packageName=lodash versioning=npm +ARG LODASH_VERSION=4.17.21 +# renovate: datasource=npm packageName=moment versioning=npm +ARG MOMENT_VERSION=2.30.1 +# renovate: datasource=npm packageName=shelljs versioning=npm +ARG SHELLJS_VERSION=0.8.5 +# renovate: datasource=npm packageName=js-yaml versioning=npm +ARG JS_YAML_VERSION=4.1.0 +# renovate: datasource=npm packageName=got versioning=npm +ARG GOT_VERSION=14.4.2 # No need for root access for a script runner RUN useradd -m -d /home/runner -s /bin/bash runner; @@ -11,13 +26,13 @@ ENV PATH=/home/runner/.npm-global/bin:$PATH RUN set -e; \ npm install --global --audit=false \ - npm@10.5.0 \ - bluebird \ - lodash \ - moment \ - shelljs \ - js-yaml \ - got \ + npm@${NPM_VERSION} \ + bluebird@${BLUEBIRD_VERSION} \ + lodash@${LODASH_VERSION} \ + moment@${MOMENT_VERSION} \ + shelljs@${SHELLJS_VERSION} \ + js-yaml@${JS_YAML_VERSION} \ + got@${GOT_VERSION} \ ; \ rm -r \ /home/runner/.npm/_cacache \ diff --git a/images/python-script/Dockerfile b/images/python-script/Dockerfile index 8466be4..522236d 100644 --- a/images/python-script/Dockerfile +++ b/images/python-script/Dockerfile @@ -1,7 +1,5 @@ FROM python:3.12.5-slim-bookworm -LABEL version=1.1.0 - RUN set -e; \ apt-get update -q; \ apt-get install -qy --no-install-recommends --no-install-suggests \ @@ -30,7 +28,8 @@ USER runner ENV PATH=/home/runner/.local/bin:$PATH +COPY requirements.txt ./ + RUN set -e; \ - pip install --upgrade pip; \ - pip install --user numpy httpie giteapy docker xq yp spotify requests; \ + pip install --user -r requirements.txt; \ rm -r /home/runner/.cache; diff --git a/images/python-script/requirements.txt b/images/python-script/requirements.txt new file mode 100644 index 0000000..bdd3284 --- /dev/null +++ b/images/python-script/requirements.txt @@ -0,0 +1,8 @@ +pip==24.2 +numpy==2.1.0 +httpie==3.2.1 +pyforgejo==1.0.2 +requests==2.32.1 +spotify==0.10.2 +xq==0.0.4 +docker==7.0.1 diff --git a/images/rust-xwin/Dockerfile b/images/rust-xwin/Dockerfile index aadd9d6..2164875 100644 --- a/images/rust-xwin/Dockerfile +++ b/images/rust-xwin/Dockerfile @@ -2,6 +2,7 @@ FROM debian:bullseye-slim AS xwin-download ARG MANIFEST_VERSION=16 +# renovate: datasource=github-releases depName=xwin packageName=Jake-Shadle/xwin ARG XWIN_VERSION=0.6.5 ARG XWIN_PREFIX="xwin-$XWIN_VERSION-x86_64-unknown-linux-musl" ADD https://github.com/Jake-Shadle/xwin/releases/download/$XWIN_VERSION/$XWIN_PREFIX.tar.gz /root/$XWIN_PREFIX.tar.gz @@ -27,6 +28,7 @@ RUN set -eux; \ FROM rust:slim-bullseye AS rust-xwin +# renovate: datasource=github-releases depName=llvm packageName=llvm/llvm-project ARG LLVM_VERSION=18 ENV KEYRINGS=/usr/local/share/keyrings