Rename docker-image.yml to build-release-alpine-nodejs.yml

.github/workflows/build-release-alpine-nodejs.yml

@@ -1,34 +1,38 @@
 name: Build Alpine Node.js
 permissions:
   contents: write
-  
 
 on:
   workflow_dispatch:
     inputs:
       NodeVersion:
         required: true
-        description: 'Node.js version to build (ex: v12.4.0)'
-      PythonVersion:
-        required: true
-        description: 'Node.js v12 needs python2 and Node.js v16 needs python3'
+        description: 'Node.js version to build (ex: v12.22.7, v16.12.0)'
 
 jobs:
   build:
     name: Build node.js ${{github.event.inputs.NodeVersion}}
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
     - name: Build the Docker image
       run: |
-         docker build --file Dockerfile --tag alpine_nodejs:${{github.event.inputs.NodeVersion}} --build-arg NodeVersion=${{github.event.inputs.NodeVersion}} --build-arg PythonVersion=${{github.event.inputs.PythonVersion}} .
+         NodeVersion="${{github.event.inputs.NodeVersion}}"
+         PythonVersion="python3"
+         if [[ $NodeVersion = v12* ]]
+         then
+           PythonVersion="python2"
+         fi
+         echo node.js version $NodeVersion
+         echo python version $PythonVersion
+         docker build --file Dockerfile --tag alpine_nodejs:${{github.event.inputs.NodeVersion}} --build-arg NodeVersion=${{github.event.inputs.NodeVersion}} --build-arg PythonVersion=$PythonVersion .
     - name: Copy alpine node.js out
       run: |
          mkdir $RUNNER_TEMP/alpine_node
          docker run --rm -v $RUNNER_TEMP/alpine_node:/node_output alpine_nodejs:${{github.event.inputs.NodeVersion}}
          ls -l -R $RUNNER_TEMP/alpine_node
     - name: Upload alpine node.js
-      uses: actions/upload-artifact@v2
+      uses: actions/upload-artifact@v3
       with:
         name: alpine_nodejs_${{github.event.inputs.NodeVersion}}
         path:  ${{runner.temp}}/alpine_node/node-${{github.event.inputs.NodeVersion}}-alpine-x64.tar.gz
@@ -40,7 +44,7 @@ jobs:
     container: alpine
     steps:
     - name: Download alpine node.js
-      uses: actions/download-artifact@v2
+      uses: actions/download-artifact@v3
       with:
         name: alpine_nodejs_${{github.event.inputs.NodeVersion}}
     - run: |
@@ -58,7 +62,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Download alpine node.js
-      uses: actions/download-artifact@v2
+      uses: actions/download-artifact@v3
       with:
         name: alpine_nodejs_${{github.event.inputs.NodeVersion}}
     # Create GitHub release

CODEOWNERS

@@ -0,0 +1 @@
+* @actions/actions-runtime

CODE_OF_CONDUCT.md

@@ -0,0 +1,74 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+In the interest of fostering an open and welcoming environment, we as
+contributors and maintainers pledge to making participation in our project and
+our community a harassment-free experience for everyone, regardless of age, body
+size, disability, ethnicity, gender identity and expression, level of experience,
+nationality, personal appearance, race, religion, or sexual identity and
+orientation.
+
+## Our Standards
+
+Examples of behavior that contributes to creating a positive environment
+include:
+
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery and unwelcome sexual attention or
+advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic
+  address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Our Responsibilities
+
+Project maintainers are responsible for clarifying the standards of acceptable
+behavior and are expected to take appropriate and fair corrective action in
+response to any instances of unacceptable behavior.
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+## Scope
+
+This Code of Conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community. Examples of
+representing a project or community include using an official project e-mail
+address, posting via an official social media account, or acting as an appointed
+representative at an online or offline event. Representation of a project may be
+further defined and clarified by project maintainers.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting the project team at opensource@github.com. All
+complaints will be reviewed and investigated and will result in a response that
+is deemed necessary and appropriate to the circumstances. The project team is
+obligated to maintain confidentiality with regard to the reporter of an incident.
+Further details of specific enforcement policies may be posted separately.
+
+Project maintainers who do not follow or enforce the Code of Conduct in good
+faith may face temporary or permanent repercussions as determined by other
+members of the project's leadership.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
+available at [http://contributor-covenant.org/version/1/4][version]
+
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/4/

LICENSE.txt

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright GitHub
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -1 +1,22 @@
-# alpine_nodejs
+# alpine_nodejs
+
+[GitHub Actions Runner](https://github.com/actions/runner/blob/main/src/Misc/externals.sh) download alpine node.js from https://vstsagenttools.blob.core.windows.net/tools/nodejs
+
+The [workflow](https://github.com/TingluoHuang/alpine_nodejs/actions/workflows/docker-image.yml) in this repository can compile a partial-static node.js for alpine and create a [GitHub release](https://github.com/TingluoHuang/alpine_nodejs/releases) for it.
+
+- Queue workflow using `workflow_dispatch` trigger and set the `node` version you want to compile as input, ex: `v12.22.7`
+![queue workflow](./res/queueWorkflow.png)
+
+- Wait for the run to complete
+![succeed run](./res/succeedRun.png)
+
+- There should be a newly created release that matches the version you want for `node`, and it is able to run on alpine.
+![new release](./res/createdRelease.png)
+
+- Once we get [approval](https://github.com/github/open-source-releases/issues/205) to change the current repository from `private` to `public`, then we can consume the release assets directly. In the meantime, you will need to follow [instructions](https://dev.azure.com/mseng/AzureDevOps/_wiki/wikis/AzureDevOps.wiki/4037/How-to-upload-resource-to-vstsagenttools.blob.core.windows.net) to check-in the compiled alpine node.js from the release assets as a `Git-LFS` files to https://dev.azure.com/mseng/AzureDevOps/_git/CIPlat.Externals and get it mirror into https://vstsagenttools.blob.core.windows.net/tools/nodejs
+> Tips for working with `CIPlat.Externals` repository:  
+> - The repository is huge right now, you don't want to waste your time and disk space to get those unrelated files.
+>   - Ignore LFS files during initial `git clone` the repo with `GIT_LFS_SKIP_SMUDGE=1 git clone https://mseng@dev.azure.com/mseng/AzureDevOps/_git/CIPlat.Externals`
+>   - Ignore LFS files during any `git checkout` or `git fetch` operation with `GIT_LFS_SKIP_SMUDGE=1`.
+>   - You do want the LFS smudge filter to run during `git add` and `git push`, make sure you don't have `GIT_LFS_SKIP_SMUDGE=1` when you run `git add` and `git push`.
+> - More `Git-LFS` doc is at https://github.com/git-lfs/git-lfs/tree/main/docs

SECURITY.md

@@ -0,0 +1,31 @@
+Thanks for helping make GitHub safe for everyone.
+
+## Security
+
+GitHub takes the security of our software products and services seriously, including all of the open source code repositories managed through our GitHub organizations, such as [GitHub](https://github.com/GitHub).
+
+Even though [open source repositories are outside of the scope of our bug bounty program](https://bounty.github.com/index.html#scope) and therefore not eligible for bounty rewards, we will ensure that your finding gets passed along to the appropriate maintainers for remediation. 
+
+## Reporting Security Issues
+
+If you believe you have found a security vulnerability in any GitHub-owned repository, please report it to us through coordinated disclosure.
+
+**Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.**
+
+Instead, please send an email to opensource-security[@]github.com.
+
+Please include as much of the information listed below as you can to help us better understand and resolve the issue:
+
+  * The type of issue (e.g., buffer overflow, SQL injection, or cross-site scripting)
+  * Full paths of source file(s) related to the manifestation of the issue
+  * The location of the affected source code (tag/branch/commit or direct URL)
+  * Any special configuration required to reproduce the issue
+  * Step-by-step instructions to reproduce the issue
+  * Proof-of-concept or exploit code (if possible)
+  * Impact of the issue, including how an attacker might exploit the issue
+
+This information will help us triage your report more quickly.
+
+## Policy
+
+See [GitHub's Safe Harbor Policy](https://docs.github.com/en/github/site-policy/github-bug-bounty-program-legal-safe-harbor#1-safe-harbor-terms)