KollectTools/Docker-Images
18
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

build: cache docker layers, configurable engine, bump owasp/pnpm

Browse Source 
- CI workflow uses BuildKit inline cache + --cache-from previous :latest;
  NVD_REFRESH build-arg busts the OWASP layer on schedule/dispatch so
  weekly rebuilds still refresh NVD while push builds reuse cached layers.
- build-and-push.ps1 reads CONTAINER_ENGINE from .env (docker default,
  podman supported); add .env.example.
- Bump OWASP Dependency-Check 12.2.1 -> 12.2.2 and pnpm 11.0.6 -> 11.1.1.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Fadhli Azhari
2026-05-14 09:43:21 +08:00
parent f257a1b039
commit 8376250940
4 changed files with 62 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.env.example
+16
View File
@@ -0,0 +1,16 @@
# Copy this file to .env and fill in the values.
# .env is gitignored — never commit real credentials.
# ── Container engine (docker | podman) ──
CONTAINER_ENGINE=docker
# ── Docker Registry ──
REGISTRY=kcr.kollect.biz
REGISTRY_USER='robot$kollect-tools+ci-builder'
REGISTRY_PASS=harbor-robot-password
IMAGE_TAG=latest
# ── OWASP Dependency-Check ──
# Get an API key at https://nvd.nist.gov/developers/request-an-api-key
# Optional but strongly recommended — without it NVD rate-limits to 5 req / 30s.
NVD_API_KEY=<nvd-api-key>