Comments (2)
IIRC I asked you when you refactored the Dockerfile whether you could do the same for the GCHR Dockerfile and your responded that you lacked time.
Don't know who's actually using the GCHR file and I can't recall atm the circumstances why it is like it is. Maybe @jauderho was involved.
If you believe it should be changed, you're welcome to make a proposal. It would be great to keep it short and concise.
from testssl.sh.
It would be great to keep it short and concise.
I am open to contributing a PR to revise your Github Actions with the docker image workflows. It may not be "short and concise", but well intentioned and beneficial for maintenance. The technical reasoning is below.
I propose:
- A separate scheduled workflow file in your default branch (currently 3.2) which is required for this to actually work for scheduled builds of
3.0
(or any other branch that isn't the default). This workflow would have separate jobs defined to build the different versions (release branches) you want to support (similar to this example, although it's jobs are for a different purpose). - As noted by the example reference, the jobs will reference a reusable workflow.
- Those likewise use the default branch, but should explicitly reference it with
@
to work the way you'd expect. - You could have each job reference the specific branch instead, and maintain variants of the reusable workflow called, but I don't think you'd need this and it'd be better to keep it consistent to the same reference branch (you could keep that in sync with your default branch, or have a separate dedicated branch for this). The only real change needed is to provide an input (the release branch), this will be easier to maintain and reason about.
- Those likewise use the default branch, but should explicitly reference it with
- The reusable workflow will handle the build + publish process. It will be similar to what you have already, but I'd like to revise it a little for your benefit.
- Unfortunately your tags don't use proper semver, and your current process is to override the
3.0
/3.2
tag without support for specific releases (which could be supported). - Instead, the tags will match your current workflow by using the branch name as the tag.
- I can additionally include a default
:latest
tag that points to your current default branch (3.2 presently, but you tend to adjust this as the version changes rather than anedge
or similar unreleased branch (typicallymain
/master
ordevelop
)). It will adapt to your default branch changes implicitly, meeting the expectations of your users when no tag is specified?
- Unfortunately your tags don't use proper semver, and your current process is to override the
- I would suggest having both GHCR and DockerHub published this way for consistency. Disabling your existing DockerHub integration in favour of this workflow, centralizes your management of it. This has been discussed in the past, but you seemed a bit reluctant towards it.
- While I can provide you with a single reusable workflow, I am fond of splitting the responsibility of build and publishing to separate workflow files.
- For example, should you decide to run tests via the container in CI, you can easily reuse the build workflow this way without any publishing concerns involved until tests pass.
- The reusable workflow will already be leveraged between your branches being updated and the scheduled jobs, where both scenarios are building and publishing the image (at least for GHCR, your DockerHub builds won't benefit unless you're willing to publish from Github Actions).
The above would drop the Dockerfile.git
as I don't think it serves any real value for you to have and maintain. Users should just clone the repo + branch of interest and build the Dockerfile
.
from testssl.sh.
Related Issues (20)
- OpenSSL 1.0.2-bad (1.0.2k-dev) HOT 2
- Creation of tempdir assumes certain umasks HOT 1
- [BUG / possible BUG] ./testssl.sh: line 8757: 2+: syntax error: operand expected (error token is "+") HOT 2
- [BUG / possible BUG] Fatal error: URI comes last HOT 2
- Censys changing their ToS. Links affected? HOT 1
- [Feature] HTML report add option to report like on terminal (dark) HOT 3
- question of cert_chain_of_trust HOT 1
- [BUG] HSTS header parsing does not accept spaces between directives
- [BUG] MongoDB identification HOT 2
- [BUG] Secure client initiated renegotiation timing bug HOT 3
- Anybody know github.com/testssl ? HOT 1
- Your account github.com/testssl
- [Feature request] query + show HTTPS DNS record (RFC 9460) HOT 4
- [Feature request] DNS CAA records: support checking for Extensions for Account URI and ACME Method Binding (RFC 8657) HOT 2
- [Feature request] Test Ciphers against Curvces
- [Feature request] Change DH_groups finding delimiter
- [Feature request] Verify support for long CilentHello messages HOT 4
- Issue Severity List HOT 1
- Why is RSA+SHA1 in the "TLS 1.2 sig.algs offered" list HOT 3
- Warnings cannot be turned off for batch testing HOT 8
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from testssl.sh.