-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy path.justfile
64 lines (48 loc) · 2.19 KB
/
.justfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
# For use with the just command runner, https://just.systems/
default:
@just --list
vhs:
vhs etc/recording.tape
# Build a Podman/Docker container image for PGmacs
#
# Needs the package qemu-user-static installed to cross-build the various architectures.
container:
podman manifest create pgmacs
buildah build -f etc/Containerfile --platform linux/amd64 --tag pgmacs-linux-amd64 --manifest pgmacs .
buildah build -f etc/Containerfile --platform linux/arm64 --tag pgmacs-linux-aarch64 --manifest pgmacs .
buildah build -f etc/Containerfile --platform linux/arm/v7 --tag pgmacs-linux-armv7 --manifest pgmacs .
buildah build -f etc/Containerfile --platform linux/riscv64 --tag pgmacs-linux-riscv64 --manifest pgmacs .
@echo Now say "podman login ghcr.io"
@echo Then say podman manifest push --all localhost/pgmacs ghcr.io/emarsden/pgmacs
export INSTALL_EL := '''
(message "Executing emacs-init")
(unless (package-installed-p 'pg)
(package-vc-install "https://github.com/emarsden/pg-el" nil nil 'pg))
(unless (package-installed-p 'pgmacs)
(package-vc-install "https://github.com/emarsden/pgmacs" nil nil 'pgmacs))
(require 'pgmacs)
'''
tmpdir := `mktemp -d`
init-el := tmpdir / "init.el"
# Check whether our package-vc-install instructions work on a pristine install.
installability:
printf '%s' "$INSTALL_EL" > {{ init-el }}
ls -l {{ init-el }}
cat {{ init-el }}
podman run --rm -ti -v {{ tmpdir }}:/tmp \
-e TERM=xterm-256color \
--network=host \
docker.io/silex/emacs:29.4-ci \
${EMACS:-emacs} -l /tmp/init.el
list-docker-platforms:
podman run --rm docker.io/mplatform/mquery ghcr.io/emarsden/pgmacs:latest
# Run a trivy vulnerability scan of our container image
# https://github.com/aquasecurity/trivy
trivy-container:
podman run --rm --pull=newer docker.io/aquasec/trivy image ghcr.io/emarsden/pgmacs:latest
trivy-repository:
podman run --rm --pull=newer -v $PWD:/myapp docker.io/aquasec/trivy fs --scanners vuln,secret,misconfig .
# Run a grype vulnerability scan of our container image
# https://github.com/anchore/grype
grype-container:
podman run --rm --pull=newer -it docker.io/anchore/grype ghcr.io/emarsden/pgmacs:latest