[feature] add socket-proxy

Author: 11notes

.github/workflows/socket-proxy.yml

@@ -0,0 +1,37 @@
+name: tags
+on:
+  push:
+    tags:
+      - 'socket-proxy'
+jobs:
+  socket-proxy:
+    runs-on: ubuntu-latest
+    steps:   
+      - name: init / base64 nested json
+        uses: actions/github-script@62c3794a3eb6788d9a2a72b219504732c0c9a298
+        with:
+          script: |
+            const { Buffer } = require('node:buffer');
+            (async()=>{
+              try{
+                const master = await fetch('https://raw.githubusercontent.com/11notes/docker-socket-proxy/refs/heads/master/.json');
+                const dot = await master.json();
+                const etc = {
+                  dockerfile:"socket-proxy.dockerfile",
+                  tag:"socket-proxy",
+                  version:dot.semver.version,
+                  uid:0,
+                  gid:0,
+                };
+                core.exportVariable('WORKFLOW_BASE64JSON', Buffer.from(JSON.stringify(etc)).toString('base64'));
+              }catch(e){
+                core.setFailed(`workflow failed: ${e}`);
+              }
+            })();
+
+      - name: build docker image
+        uses: the-actions-org/workflow-dispatch@3133c5d135c7dbe4be4f9793872b6ef331b53bc7
+        with:
+          workflow: docker.yml
+          token: "${{ secrets.REPOSITORY_TOKEN }}"
+          inputs: '{ "release":"false", "readme":"false", "run-name":"socket-proxy", "etc":"${{ env.WORKFLOW_BASE64JSON }}" }'

project.md

@@ -1,16 +1,20 @@
 ${{ content_synopsis }} This image and its different layers can be used to build a distroless boiler plate for your application. Simply add the base layer and any additional layers (tags) with the stuff you need to run your application. All binaries are statically compiled and do not depend on any OS libraries or clib. The base layer contains Root CA certificates as well as time zone data and the user configuration for root and docker. Additional layers (tags) with statically compiled binaries are:
 
-* [11notes/distroless:curl](https://github.com/11notes/docker-distroless/blob/master/curl.dockerfile) - curl (for healthchecks)
-* [11notes/distroless:dnslookup](https://github.com/11notes/docker-distroless/blob/master/dnslookup.dockerfile) - dnslookup (for healthchecks)
-* [11notes/distroless:lego](https://github.com/11notes/docker-distroless/blob/master/lego.dockerfile) - lego (ACME client)
+* [11notes/distroless:curl](https://github.com/11notes/docker-distroless/blob/master/curl.dockerfile) - curl
+* [11notes/distroless:dnslookup](https://github.com/11notes/docker-distroless/blob/master/dnslookup.dockerfile) - dnslookup
+* [11notes/distroless:lego](https://github.com/11notes/docker-distroless/blob/master/lego.dockerfile) - lego
 * [11notes/distroless:node](https://github.com/11notes/docker-node) - node
 * [11notes/distroless:adguard](https://github.com/11notes/docker-adguard) - adguard
+* [11notes/distroless:adguard-sync](https://github.com/11notes/docker-adguard-sync) - adguard-sync
 * [11notes/distroless:nginx](https://github.com/11notes/docker-nginx) - nginx
 * [11notes/distroless:traefik](https://github.com/11notes/docker-traefik) - traefik
 * [11notes/distroless:tini-pm](https://github.com/11notes/go-tini-pm) - tini-pm
 * [11notes/distroless:cmd-socket](https://github.com/11notes/go-cmd-socket) - cmd-socket
+* [11notes/distroless:socket-proxy](https://github.com/11notes/docker-socket-proxy) - socket-proxy
 
-Each tag has sub tags like latest, stable or semver, check the tags available for each binary. If you need more binaries, open a PR or feature request.
+Each tag has sub tags like latest, stable or semver, check the tags available for each binary. If you need more binaries, open a PR or feature request. Some of the images have their own dedicated container images to run the applications within, simply check the link for the source and explanation on how to use them.
+
+These images are meant as direct competition to very popular images which come with almost no security in mind!
 
 ${{ content_build }}
 

socket-proxy.dockerfile

@@ -0,0 +1,16 @@
+ARG APP_VERSION=stable
+ARG APP_UID=0
+ARG APP_GID=0
+
+# :: Distroless
+  FROM 11notes/distroless AS distroless
+  FROM 11notes/socket-proxy:${APP_VERSION} AS socket-proxy
+  FROM scratch
+  ARG APP_UID
+  ARG APP_GID
+  COPY --from=distroless --chown=${APP_UID}:${APP_GID} / /
+  COPY --from=socket-proxy --chown=${APP_UID}:${APP_GID} /usr/local/bin/socket-proxy /usr/local/bin/socket-proxy
+
+# :: Start
+  USER ${APP_UID}:${APP_GID}
+  ENTRYPOINT ["/usr/local/bin/socket-proxy"]