Bump VERSION

Update debian Docker tag to v12

.github/renovate.json

@@ -5,5 +5,17 @@
   ],
   "dependencyDashboard": true,
   "dependencyDashboardTitle": "Renovate Dashboard",
-  "labels": ["renovatebot"]
+  "labels": ["renovatebot"],
+  "packageRules": [
+    {
+      "managers": ["github-actions"],
+      "matchUpdateTypes": ["patch"],
+      "automerge": true,
+      "automergeType": "pr",
+      "platformAutomerge": true
+    }
+  ],
+  "docker-compose": {
+    "ignorePaths": ["docker-compose-dev.yml"]
+  }
 }

.github/trivy.yaml

@@ -0,0 +1,5 @@
+format: table
+severity:
+  - CRITICAL
+vulnerability:
+  ignore-unfixed: true

.github/workflows/main.yml

@@ -13,9 +13,25 @@ env:
   REPO: docker-webdav-nginx
 
 jobs:
-  ubuntu_ci:
+  lint:
+    name: Lint
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Check out the codebase
+      uses: actions/checkout@v3
+
+    - name: Lint Dockerfile with Hadolint
+      uses: hadolint/hadolint-action@v3.1.0
+      with:
+        failure-threshold: error
+        ignore: DL3008,DL3018
+
+  ci:
     name: Build and test
 
+    needs: lint
     runs-on: ubuntu-latest
 
     steps:
@@ -31,7 +47,7 @@ jobs:
       uses: docker/setup-buildx-action@v2
 
     - name: Build Docker Image
-      uses: docker/build-push-action@v3
+      uses: docker/build-push-action@v4
       with:
         push: false
         context: .
@@ -47,17 +63,26 @@ jobs:
         docker run --name test-container --detach --env WEBDAV_USER=user --env WEBDAV_PASS=password1 --volume 'webdav:/var/www/webdav' ${USER}/${REPO}:${VERSION}
         docker ps -a
 
-    - name: Container scan
-      uses: azure/container-scan@v0
+    - name: Container scan with Dockle
+      uses: goodwithtech/dockle-action@0.1.0
       with:
-        image-name: ${{ env.USER }}/${{ env.REPO }}:${{ env.VERSION }}
-        severity-threshold: CRITICAL
-        run-quality-checks: true
+        image: '${{ env.USER }}/${{ env.REPO }}:${{ env.VERSION }}'
+        format: 'list'
+        exit-code: '1'
+        exit-level: 'warn'
+        ignore: 'CIS-DI-0001'
 
-  ubuntu_cd:
+    - name: Container scan with Trivy
+      uses: aquasecurity/trivy-action@0.11.2
+      with:
+        scan-type: 'image'
+        image-ref: '${{ env.USER }}/${{ env.REPO }}:${{ env.VERSION }}'
+        trivy-config: ./github/trivy.yaml
+
+  cd:
     name: Deploy
 
-    needs: ubuntu_ci
+    needs: ci
     runs-on: ubuntu-latest
 
     steps:
@@ -83,7 +108,7 @@ jobs:
         logout: true
 
     - name: Build Docker Image
-      uses: docker/build-push-action@v3
+      uses: docker/build-push-action@v4
       with:
         push: true
         context: .

Dockerfile

@@ -1,4 +1,4 @@
-FROM ubuntu:jammy
+FROM debian:12-slim
 
 ARG BUILD_DATE
 
@@ -11,9 +11,9 @@ LABEL \
 
 ARG DEBIAN_FRONTEND=noninteractive
 
-RUN apt-get update && apt-get install -y --no-install-recommends \
+RUN apt-get update && apt-get -y install --no-install-recommends \
     apache2-utils \
-    netcat \
+    netcat-openbsd \
     nginx-extras && \
     rm -rf /var/lib/apt/lists/* && \
     mkdir -p "/var/www/webdav/restricted" && \
@@ -25,7 +25,9 @@ EXPOSE 80
 
 VOLUME [ "/var/www/webdav" ]
 
-COPY password.sh password.sh
+COPY password.sh /
+
+COPY VERSION /
 
 COPY webdav.conf /etc/nginx/sites-enabled/webdav
 

README.md

@@ -6,7 +6,7 @@
 Runs a Nginx WebDav server in Docker
   - Source code: [GitHub](https://github.com/loganmarchione/docker-webdav-nginx)
   - Docker container: [Docker Hub](https://hub.docker.com/r/loganmarchione/docker-webdav-nginx)
-  - Image base: [Ubuntu](https://hub.docker.com/_/ubuntu)
+  - Image base: [Debian](https://hub.docker.com/_/debian)
   - Init system: N/A
   - Application: [Nginx](https://nginx.org/)
   - Architecture: `linux/amd64,linux/arm64,linux/arm/v7`
@@ -51,7 +51,7 @@ Below is an example docker-compose.yml file.
 version: '3'
 services:
   webdav:
-    container_name: webdav
+    container_name: docker-webdav-nginx
     restart: unless-stopped
     environment:
       - WEBDAV_USER=user
@@ -72,4 +72,16 @@ volumes:
     driver: local
 ```
 
+Below is an example of running locally (used to edit/test/debug).
+```
+# Build the Dockerfile
+docker compose -f docker-compose-dev.yml up -d
+
+# View logs
+docker compose -f docker-compose-dev.yml logs -f
+
+# Destroy when done
+docker compose -f docker-compose-dev.yml down
+```
+
 ## TODO

VERSION

@@ -1 +1 @@
-0.1.0
+0.3.0

docker-compose-dev.yml

@@ -0,0 +1,24 @@
+version: '3'
+services:
+  webdav:
+    container_name: docker-webdav-nginx
+    restart: unless-stopped
+    build:
+      context: .
+      dockerfile: Dockerfile
+    environment:
+      - WEBDAV_USER=user
+      - WEBDAV_PASS=password1
+    networks:
+      - webdav
+    ports:
+      - '8888:80'
+    volumes:
+      - 'webdav:/var/www/webdav'
+
+networks:
+  webdav:
+
+volumes:
+  webdav:
+    driver: local