Image guard
This commit is contained in:
Xoconoch
33
.github/scripts/ensure_compose_image.py
vendored
Normal file → Executable file
33
.github/scripts/ensure_compose_image.py
vendored
Normal file → Executable file
@@ -4,9 +4,9 @@ from pathlib import Path
|
|||||||
|
|
||||||
try:
|
try:
|
||||||
import yaml
|
import yaml
|
||||||
except Exception as e:
|
except Exception:
|
||||||
sys.stderr.write("PyYAML is required to run this hook.\n")
|
sys.stderr.write("PyYAML is required to run this check.\n")
|
||||||
raise
|
sys.exit(2)
|
||||||
|
|
||||||
EXPECTED_IMAGE = "cooldockerizer93/spotizerr"
|
EXPECTED_IMAGE = "cooldockerizer93/spotizerr"
|
||||||
|
|
||||||
@@ -23,28 +23,15 @@ def validate_compose_image(path: Path) -> int:
|
|||||||
sys.stderr.write(f"Failed to parse YAML from {path}: {e}\n")
|
sys.stderr.write(f"Failed to parse YAML from {path}: {e}\n")
|
||||||
return 1
|
return 1
|
||||||
|
|
||||||
image = (
|
image = (data or {}).get("services", {}).get("spotizerr", {}).get("image")
|
||||||
(data or {})
|
|
||||||
.get("services", {})
|
|
||||||
.get("spotizerr", {})
|
|
||||||
.get("image")
|
|
||||||
)
|
|
||||||
|
|
||||||
errors = []
|
if image != EXPECTED_IMAGE:
|
||||||
if not isinstance(image, str):
|
sys.stderr.write(
|
||||||
errors.append("services.spotizerr.image is missing or not a string")
|
f"services.spotizerr.image must be '{EXPECTED_IMAGE}' (found '{image}')\n"
|
||||||
else:
|
)
|
||||||
if image != EXPECTED_IMAGE:
|
|
||||||
errors.append(
|
|
||||||
f"services.spotizerr.image must be '{EXPECTED_IMAGE}' (found '{image}')"
|
|
||||||
)
|
|
||||||
|
|
||||||
if errors:
|
|
||||||
sys.stderr.write("docker-compose.yaml validation failed:\n")
|
|
||||||
for err in errors:
|
|
||||||
sys.stderr.write(f" - {err}\n")
|
|
||||||
return 1
|
return 1
|
||||||
|
|
||||||
|
print(f"OK: docker-compose image is '{EXPECTED_IMAGE}'")
|
||||||
return 0
|
return 0
|
||||||
|
|
||||||
|
|
||||||
@@ -54,4 +41,4 @@ def main(argv: list[str]) -> int:
|
|||||||
|
|
||||||
|
|
||||||
if __name__ == "__main__":
|
if __name__ == "__main__":
|
||||||
sys.exit(main(sys.argv))
|
sys.exit(main(sys.argv))
|
||||||
|
|||||||
36
.github/workflows/compose-image-guard.yml
vendored
Normal file
36
.github/workflows/compose-image-guard.yml
vendored
Normal file
@@ -0,0 +1,36 @@
|
|||||||
|
name: Compose Image Guard
|
||||||
|
|
||||||
|
on:
|
||||||
|
push:
|
||||||
|
branches: [ dev, main, master ]
|
||||||
|
paths:
|
||||||
|
- 'docker-compose.yaml'
|
||||||
|
- '.github/workflows/compose-image-guard.yml'
|
||||||
|
- '.github/scripts/ensure_compose_image.py'
|
||||||
|
pull_request:
|
||||||
|
branches: [ dev, main, master ]
|
||||||
|
paths:
|
||||||
|
- 'docker-compose.yaml'
|
||||||
|
- '.github/workflows/compose-image-guard.yml'
|
||||||
|
- '.github/scripts/ensure_compose_image.py'
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
validate-compose-image:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- name: Checkout
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
|
- name: Set up Python
|
||||||
|
uses: actions/setup-python@v5
|
||||||
|
with:
|
||||||
|
python-version: '3.x'
|
||||||
|
|
||||||
|
- name: Install dependencies
|
||||||
|
run: |
|
||||||
|
python -m pip install --upgrade pip
|
||||||
|
pip install pyyaml
|
||||||
|
|
||||||
|
- name: Validate docker-compose image
|
||||||
|
run: |
|
||||||
|
python .github/scripts/ensure_compose_image.py docker-compose.yaml
|
||||||
@@ -52,4 +52,4 @@ repos:
|
|||||||
args: [--no-strict-optional, --ignore-missing-imports]
|
args: [--no-strict-optional, --ignore-missing-imports]
|
||||||
exclude: ^spotizerr-ui/
|
exclude: ^spotizerr-ui/
|
||||||
# NOTE: you might need to add some deps here:
|
# NOTE: you might need to add some deps here:
|
||||||
additional_dependencies: [waitress==3.0.2, types-waitress, types-requests]
|
additional_dependencies: [waitress==3.0.2, types-waitress, types-requests, types-PyYAML]
|
||||||
|
|||||||
Reference in New Issue
Block a user