From 10026c6f387a96a3b6f32c1a7c9812c868c5787c Mon Sep 17 00:00:00 2001 From: edu1982 Date: Mon, 14 Jul 2025 15:49:09 +0100 Subject: [PATCH 1/9] # slim pod --- .github/workflows/release_slim.yaml | 94 +++++++++++++++++++++++++++++ Slim/Dockerfile | 47 +++++++++++++++ 2 files changed, 141 insertions(+) create mode 100644 .github/workflows/release_slim.yaml create mode 100644 Slim/Dockerfile diff --git a/.github/workflows/release_slim.yaml b/.github/workflows/release_slim.yaml new file mode 100644 index 0000000..8338ec2 --- /dev/null +++ b/.github/workflows/release_slim.yaml @@ -0,0 +1,94 @@ +name: release_slim + +on: + push: + branches: + - master + paths: + - 'Slim/**' + pull_request: + branches: + - master + paths: + - 'Slim/**' + workflow_dispatch: +env: + # Use docker.io for Docker Hub if empty + REGISTRY: ghcr.io + # github.repository as / + IMAGE_NAME: ${{ github.repository }}-slim + +jobs: + build: + + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + # This is used to complete the identity challenge + # with sigstore/fulcio when running outside of PRs. + id-token: write + defaults: + run: + working-directory: ./Slim + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + # Install the cosign tool except on PR + # https://github.com/sigstore/cosign-installer + - name: Install cosign + if: github.event_name != 'pull_request' + uses: sigstore/cosign-installer@v3.3.0 + with: + cosign-release: 'v2.2.2' # optional + + # Workaround: https://github.com/docker/build-push-action/issues/461 + - name: Setup Docker buildx + uses: docker/setup-buildx-action@79abd3f86f79a9d68a23c75a09a9a85889262adf + + # Login against a Docker registry except on PR + # https://github.com/docker/login-action + - name: Log into registry ${{ env.REGISTRY }} + if: github.event_name != 'pull_request' + uses: docker/login-action@28218f9b04b4f3f62068d7b6ce6ca5b26e35336c + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + # Extract metadata (tags, labels) for Docker + # https://github.com/docker/metadata-action + - name: Extract Docker metadata + id: meta + uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + + # Build and push Docker image with Buildx (don't push on PR) + # https://github.com/docker/build-push-action + - name: Build and push Docker image + id: build-and-push + uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a + with: + context: . + platforms: linux/amd64,linux/arm64 + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max + + + # Sign the resulting Docker image digest except on PRs. + # This will only write to the public Rekor transparency log when the Docker + # repository is public to avoid leaking data. If you would like to publish + # transparency data even for private images, pass --force to cosign below. + # https://github.com/sigstore/cosign + - name: Sign the published Docker image + if: ${{ github.event_name != 'pull_request' }} + env: + COSIGN_EXPERIMENTAL: "true" + # This step uses the identity token to provision an ephemeral certificate + # against the sigstore community Fulcio instance. + run: echo "${{ steps.meta.outputs.tags }}" | xargs -I {} cosign sign --yes {}@${{ steps.build-and-push.outputs.digest }} diff --git a/Slim/Dockerfile b/Slim/Dockerfile new file mode 100644 index 0000000..63d31a7 --- /dev/null +++ b/Slim/Dockerfile @@ -0,0 +1,47 @@ +FROM debian:12-slim + +LABEL maintainer="Slim Debug Pod" + +# Instalar ferramentas essenciais de debug de rede +RUN export DEBIAN_FRONTEND=noninteractive && \ + apt-get update && \ + apt-get install -y --no-install-recommends \ + # Ferramentas de rede básicas + curl \ + wget \ + netcat-openbsd \ + telnet \ + iputils-ping \ + traceroute \ + dnsutils \ + iperf3 \ + socat \ + httping \ + jq \ + tracepath \ + openssl \ + dnsutils \ + atop \ + htop \ + # Ferramentas de análise + tcpdump \ + net-tools \ + iproute2 \ + ss \ + lsof \ + # Utilitários básicos + vim \ + nano \ + bash \ + procps && \ + # Limpeza para reduzir tamanho + apt-get clean && \ + rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* +# add httpstat script +RUN curl -s https://raw.githubusercontent.com/b4b4r07/httpstat/master/httpstat.sh >/usr/bin/httpstat && chmod a+x /usr/bin/httpstat + +# Definir bash como shell padrão +SHELL ["/bin/bash", "-c"] + +# Manter container rodando para debug +CMD ["tail", "-f", "/dev/null"] \ No newline at end of file From 5b0dd844567fd967919c703da54114422457c204 Mon Sep 17 00:00:00 2001 From: edu1982 Date: Wed, 16 Jul 2025 10:06:52 +0100 Subject: [PATCH 2/9] edited workflow release_slim --- .github/workflows/release_slim.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release_slim.yaml b/.github/workflows/release_slim.yaml index 8338ec2..e5d869a 100644 --- a/.github/workflows/release_slim.yaml +++ b/.github/workflows/release_slim.yaml @@ -71,7 +71,8 @@ jobs: id: build-and-push uses: docker/build-push-action@ac9327eae2b366085ac7f6a2d02df8aa8ead720a with: - context: . + context: ./Slim + file: ./Slim/Dockerfile platforms: linux/amd64,linux/arm64 push: ${{ github.event_name != 'pull_request' }} tags: ${{ steps.meta.outputs.tags }} From fa8ce81a419a9f5a2ffe9ef042b2a274a216c9eb Mon Sep 17 00:00:00 2001 From: edu1982 Date: Wed, 16 Jul 2025 10:51:27 +0100 Subject: [PATCH 3/9] removed some pack in Dockerfile --- Slim/Dockerfile | 6 ------ 1 file changed, 6 deletions(-) diff --git a/Slim/Dockerfile b/Slim/Dockerfile index 63d31a7..5527d9c 100644 --- a/Slim/Dockerfile +++ b/Slim/Dockerfile @@ -16,18 +16,12 @@ RUN export DEBIAN_FRONTEND=noninteractive && \ dnsutils \ iperf3 \ socat \ - httping \ jq \ - tracepath \ openssl \ - dnsutils \ - atop \ - htop \ # Ferramentas de análise tcpdump \ net-tools \ iproute2 \ - ss \ lsof \ # Utilitários básicos vim \ From 62d4d581467355fa4918f68ba42698e1b3f463ab Mon Sep 17 00:00:00 2001 From: edu1982 Date: Wed, 16 Jul 2025 11:19:45 +0100 Subject: [PATCH 4/9] removed httpstat for dockerfile --- Slim/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Slim/Dockerfile b/Slim/Dockerfile index 5527d9c..5f36f8d 100644 --- a/Slim/Dockerfile +++ b/Slim/Dockerfile @@ -32,7 +32,7 @@ RUN export DEBIAN_FRONTEND=noninteractive && \ apt-get clean && \ rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* # add httpstat script -RUN curl -s https://raw.githubusercontent.com/b4b4r07/httpstat/master/httpstat.sh >/usr/bin/httpstat && chmod a+x /usr/bin/httpstat +#RUN curl -s https://raw.githubusercontent.com/b4b4r07/httpstat/master/httpstat.sh >/usr/bin/httpstat && chmod a+x /usr/bin/httpstat # Definir bash como shell padrão SHELL ["/bin/bash", "-c"] From b8f4b9bdfe439867e1ad3b145eb1dda05ae39f4d Mon Sep 17 00:00:00 2001 From: edu1982 Date: Wed, 16 Jul 2025 11:29:04 +0100 Subject: [PATCH 5/9] removed PR form slim workflow --- .github/workflows/release_slim.yaml | 5 ----- Slim/Dockerfile | 2 -- 2 files changed, 7 deletions(-) diff --git a/.github/workflows/release_slim.yaml b/.github/workflows/release_slim.yaml index e5d869a..a098f14 100644 --- a/.github/workflows/release_slim.yaml +++ b/.github/workflows/release_slim.yaml @@ -6,11 +6,6 @@ on: - master paths: - 'Slim/**' - pull_request: - branches: - - master - paths: - - 'Slim/**' workflow_dispatch: env: # Use docker.io for Docker Hub if empty diff --git a/Slim/Dockerfile b/Slim/Dockerfile index 5f36f8d..79b810e 100644 --- a/Slim/Dockerfile +++ b/Slim/Dockerfile @@ -31,8 +31,6 @@ RUN export DEBIAN_FRONTEND=noninteractive && \ # Limpeza para reduzir tamanho apt-get clean && \ rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* -# add httpstat script -#RUN curl -s https://raw.githubusercontent.com/b4b4r07/httpstat/master/httpstat.sh >/usr/bin/httpstat && chmod a+x /usr/bin/httpstat # Definir bash como shell padrão SHELL ["/bin/bash", "-c"] From 9c19e3ac5b49d6851dae8b676e47d5861d2a3c91 Mon Sep 17 00:00:00 2001 From: edu1982 Date: Wed, 16 Jul 2025 11:39:08 +0100 Subject: [PATCH 6/9] edited test workflow --- .github/workflows/test.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 38097ea..e986919 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -1,6 +1,9 @@ name: test -on: [pull_request] +on: + pull_request: + paths-ignore: + - 'Slim/**' jobs: test: From 22d3709b11f8970f3e54aa64222f296d3ff4b6df Mon Sep 17 00:00:00 2001 From: Eduardo Martins Date: Wed, 16 Jul 2025 11:49:21 +0100 Subject: [PATCH 7/9] Update Slim/Dockerfile Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Signed-off-by: Eduardo Martins --- Slim/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Slim/Dockerfile b/Slim/Dockerfile index 79b810e..ae359a7 100644 --- a/Slim/Dockerfile +++ b/Slim/Dockerfile @@ -2,11 +2,11 @@ FROM debian:12-slim LABEL maintainer="Slim Debug Pod" -# Instalar ferramentas essenciais de debug de rede +# Install essential network debugging tools RUN export DEBIAN_FRONTEND=noninteractive && \ apt-get update && \ apt-get install -y --no-install-recommends \ - # Ferramentas de rede básicas + # Basic network tools curl \ wget \ netcat-openbsd \ From bfce0d97e3eeafb74328ca761e33713f8597362f Mon Sep 17 00:00:00 2001 From: Eduardo Martins Date: Thu, 17 Jul 2025 12:13:21 +0100 Subject: [PATCH 8/9] Update Slim/Dockerfile Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Signed-off-by: Eduardo Martins --- Slim/Dockerfile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Slim/Dockerfile b/Slim/Dockerfile index ae359a7..cf578a1 100644 --- a/Slim/Dockerfile +++ b/Slim/Dockerfile @@ -18,22 +18,22 @@ RUN export DEBIAN_FRONTEND=noninteractive && \ socat \ jq \ openssl \ - # Ferramentas de análise + # Analysis tools tcpdump \ net-tools \ iproute2 \ lsof \ - # Utilitários básicos + # Basic utilities vim \ nano \ bash \ procps && \ - # Limpeza para reduzir tamanho + # Cleanup to reduce size apt-get clean && \ rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* # Definir bash como shell padrão SHELL ["/bin/bash", "-c"] -# Manter container rodando para debug +# Keep container running for debugging CMD ["tail", "-f", "/dev/null"] \ No newline at end of file From 40ce11c0305a7e3affec92f8fe4a08b4da2c7633 Mon Sep 17 00:00:00 2001 From: Eduardo Martins Date: Thu, 17 Jul 2025 12:13:45 +0100 Subject: [PATCH 9/9] Update .github/workflows/release_slim.yaml Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Signed-off-by: Eduardo Martins --- .github/workflows/release_slim.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release_slim.yaml b/.github/workflows/release_slim.yaml index a098f14..9dcf124 100644 --- a/.github/workflows/release_slim.yaml +++ b/.github/workflows/release_slim.yaml @@ -28,7 +28,7 @@ jobs: working-directory: ./Slim steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 # Install the cosign tool except on PR # https://github.com/sigstore/cosign-installer