| I'm running a similar setup, whereby I run most applications (even the browser I'm using to type this reply) in docker or podman containers, opportunely created. Judging from the Git repo containing my dockerfiles, I've been doing so since ~mid June 2018. I've since automated: * checking new versions of Git repos, alpine versions, and short crawlers for tools (i.e. I run "perl latest.pl" and a bunch of stuff happens and eventually some dockerfiles might get updated) * auto-committing any change made from the above step (i.e. ./autocommit.sh) with a meaningful message based on the directory the dockerfile resides, as well as which environment variable containing the version changed * I use https://github.com/crazy-max/diun/ running on my dokku server to keep up with base images updates (i.e. I get an email in the morning stating alpine:3.12 has been updated or debian:buster-slim or whatever); when a base image changes I have to manually "dp alpine:3.12" to "docker pull" and "podman pull" it; after that, I "make base-images" and my local base images (each coming with a short line to enable a local apt-cache-ng proxy) to also get updated; then a simple "make" makes all of them (docker build -t .... and podman build -t ...) * Quite a lot of (mostly small) bash scripts to run those images. As an example, the Dockerfile I use to build hadolint: FROM local/mfontani/base:latest AS fetcher
LABEL com.darkpan.github-check github.com/hadolint/hadolint HADOLINT_VERSION
ENV HADOLINT_VERSION v1.19.0
RUN curl -sSL "https://github.com/hadolint/hadolint/releases/download/$HADOLINT_VERSION/hadolint-Linux-x86_64" -o /usr/bin/hadolint
RUN chmod +x /usr/bin/hadolint && \
/usr/bin/hadolint --version
FROM scratch
COPY --from=fetcher /usr/bin/hadolint /usr/bin/hadolint
ENTRYPOINT ["/usr/bin/hadolint"]
... and the shell script I use to run it: #!/bin/bash
DOCKER_FLAGS=()
[[ -t 0 ]] && DOCKER_FLAGS+=(-t)
podman run --rm --init -i "${DOCKER_FLAGS[@]}" \
--network none \
-v "${PWD}:/usr/src:ro" \
--workdir /usr/src \
localhost/mfontani/hadolint "$@"
It's not that speedy doing this, but it's... okay: $ hadolint curl/Dockerfile
Took: 0.837s (837ms)
|