From 2f3f02ae5ae34e7f8d8810b9367f16a01f80bfea Mon Sep 17 00:00:00 2001
From: "Guillaume B.B. Van Hemmen" <GuillaumeHemmen@noreply.git.van-hemmen.com>
Date: Mon, 19 May 2025 20:19:02 +0200
Subject: [PATCH] Add CI workflows and update Dockerfile dependencies

Introduce GitHub Actions workflows for building and pushing Docker images on master branch pushes and tag pushes. Update Dockerfile base image to Node.js 22 and upgrade Sonar Scanner CLI to version 7.1.0 for improved compatibility and features.
---
 .forgejo/workflows/docker-master.yaml | 23 +++++++++++++++++++++++
 .forgejo/workflows/docker-tag.yaml    | 23 +++++++++++++++++++++++
 Dockerfile                            |  8 ++++----
 3 files changed, 50 insertions(+), 4 deletions(-)
 create mode 100644 .forgejo/workflows/docker-master.yaml
 create mode 100644 .forgejo/workflows/docker-tag.yaml

diff --git a/.forgejo/workflows/docker-master.yaml b/.forgejo/workflows/docker-master.yaml
new file mode 100644
index 0000000..f731b84
--- /dev/null
+++ b/.forgejo/workflows/docker-master.yaml
@@ -0,0 +1,23 @@
+on:
+  push:
+    branches:
+      - 'master'
+jobs:
+  docker-master:
+    runs-on: docker
+    container:
+      image: git.van-hemmen.com/actions/kaniko:25.21.1
+    steps:
+      - name: Build & push with Kaniko
+        run: /bin/build.sh
+        env:
+          # --- mandatory --------------------------------------------------------
+          KANIKO_CONTEXT: git://git.van-hemmen.com/GuillaumeHemmen/sonar-scanner.git
+          GIT_REF_NAME:    ${{ github.ref_name }}
+          GIT_USERNAME:    ${{ secrets.docker_username }}
+          GIT_PASSWORD:    ${{ secrets.access_token }}
+
+          # --- optional (only needed when you plan to push) ---------------------
+          REGISTRY_USER:   ${{ secrets.docker_username }}
+          REGISTRY_PASS:   ${{ secrets.access_token }}
+          KANIKO_DESTINATION: git.van-hemmen.com/guillaumehemmen/sonar-scanner:${GITHUB_SHA},git.van-hemmen.com/guillaumehemmen/sonar-scanner:latest
diff --git a/.forgejo/workflows/docker-tag.yaml b/.forgejo/workflows/docker-tag.yaml
new file mode 100644
index 0000000..dadf1db
--- /dev/null
+++ b/.forgejo/workflows/docker-tag.yaml
@@ -0,0 +1,23 @@
+on:
+  push:
+    tags:
+      - '*'
+jobs:
+  docker-tag:
+    runs-on: docker
+    container:
+      image: git.van-hemmen.com/actions/kaniko:25.21.1
+    steps:
+      - name: Build & push with Kaniko
+        run: /bin/build.sh
+        env:
+          # --- mandatory --------------------------------------------------------
+          KANIKO_CONTEXT: git://git.van-hemmen.com/GuillaumeHemmen/sonar-scanner.git
+          GIT_REF_NAME:    ${{ github.ref_name }}
+          GIT_USERNAME:    ${{ secrets.docker_username }}
+          GIT_PASSWORD:    ${{ secrets.access_token }}
+
+          # --- optional (only needed when you plan to push) ---------------------
+          REGISTRY_USER:   ${{ secrets.docker_username }}
+          REGISTRY_PASS:   ${{ secrets.access_token }}
+          KANIKO_DESTINATION: git.van-hemmen.com/guillaumehemmen/sonar-scanner:${GITHUB_REF_NAME},git.van-hemmen.com/guillaumehemmen/sonar-scanner:latest
diff --git a/Dockerfile b/Dockerfile
index 747805a..b13a88b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,11 +1,11 @@
-FROM node:18
+FROM node:22
 
 LABEL maintainer="guillaume@van-hemmen.com"
 
 RUN apt-get update && \
     apt-get -y install wget unzip && \
     cd /root/ && \
-    wget https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-5.0.1.3006-linux.zip && \
-    unzip sonar-scanner-cli-5.0.1.3006-linux.zip && \
-    ln -sf /root/sonar-scanner-5.0.1.3006-linux/bin/sonar-scanner /usr/local/bin/sonar-scanner && \
+    wget https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-7.1.0.4889-linux-x64.zip && \
+    unzip sonar-scanner-cli-7.1.0.4889-linux-x64.zip && \
+    ln -sf /root/sonar-scanner-cli-7.1.0.4889-linux-x64/bin/sonar-scanner /usr/local/bin/sonar-scanner && \
     /usr/local/bin/sonar-scanner --version