marco-lancini · marco-lancini · May 28, 2022 · May 28, 2022 · May 28, 2022 · May 28, 2022
@@ -91,7 +91,7 @@ jobs:
 
             *Pusher: @${{ github.actor }}, Action: \`${{ github.event_name }}\`*`;
 
-            github.issues.createComment({
+            github.rest.issues.createComment({
               issue_number: context.issue.number,
               owner: context.repo.owner,
               repo: context.repo.repo,

@@ -93,7 +93,7 @@ jobs:
 
             *Pusher: @${{ github.actor }}, Action: \`${{ github.event_name }}\`*`;
 
-            github.issues.createComment({
+            github.rest.issues.createComment({
               issue_number: context.issue.number,
               owner: context.repo.owner,
               repo: context.repo.repo,

@@ -91,7 +91,7 @@ jobs:
 
             *Pusher: @${{ github.actor }}, Action: \`${{ github.event_name }}\`*`;
 
-            github.issues.createComment({
+            github.rest.issues.createComment({
               issue_number: context.issue.number,
               owner: context.repo.owner,
               repo: context.repo.repo,

@@ -91,7 +91,7 @@ jobs:
 
             *Pusher: @${{ github.actor }}, Action: \`${{ github.event_name }}\`*`;
 
-            github.issues.createComment({
+            github.rest.issues.createComment({
               issue_number: context.issue.number,
               owner: context.repo.owner,
               repo: context.repo.repo,

@@ -91,7 +91,7 @@ jobs:
 
             *Pusher: @${{ github.actor }}, Action: \`${{ github.event_name }}\`*`;
 
-            github.issues.createComment({
+            github.rest.issues.createComment({
               issue_number: context.issue.number,
               owner: context.repo.owner,
               repo: context.repo.repo,

@@ -0,0 +1,108 @@
+name: '[DOCKER IMAGE] Pandoc'
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - main
+    paths:
+      - 'docker/pandoc/Dockerfile'
+      - 'docker/pandoc/VERSION'
+  pull_request:
+    branches:
+      - main
+    paths:
+      - 'docker/pandoc/Dockerfile'
+      - 'docker/pandoc/VERSION'
+
+jobs:
+  build:
+    runs-on: ubuntu-20.04
+
+    env:
+      FOLDER: ${{ github.workspace }}/docker/pandoc
+      REGISTRY: ghcr.io
+      VERSION_FILE: VERSION
+      IMAGE_NAME: pandoc
+
+    steps:
+      - name: 📂 Checkout repository
+        uses: actions/checkout@v3
+
+      - name: 🎫 Login to GitHub Container Registry
+        uses: docker/login-action@v2
+        id: login
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          # Create a PAT with `read:packages` and `write:packages` scopes and save it as an Actions secret `GHCR_TOKEN`
+          password: ${{ secrets.GHCR_TOKEN }}
+
+      #
+      # Build Image
+      #
+      - name: 🔨 Build the image
+        id: docker_build
+        uses: ./.github/actions/docker-build
+        with:
+          folder: ${{ env.FOLDER }}
+          image_build: ${{ env.IMAGE_NAME }}:build
+          image_latest: ${{ env.REGISTRY }}/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:latest
+
+      #
+      # Run Trivy
+      #
+      - name: 🛡 Run Trivy vulnerability scanner
+        if: github.event_name == 'pull_request'
+        id: docker_trivy
+        uses: ./.github/actions/docker-trivy
+        with:
+          image_name: ${{ env.IMAGE_NAME }}:build
+
+      #
+      # PR Output
+      #
+      - name: 📄 Show Build Output
+        if: github.event_name == 'pull_request'
+        uses: actions/github-script@v6
+        env:
+          BUILD: ${{ steps.docker_build.outputs.build_output }}
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          script: |
+            const output = `#### Image: 📋 \`${process.env.IMAGE_NAME}\`
+
+            |     | Step        | Result                                       |
+            | --- | ----------  | -------------------------------------------- |
+            | 🎫  | **Login**   | \`${{ steps.login.outcome }}\`               |
+            | 📖  | **Build**   | \`${{ steps.docker_build.outcome }}\`               |
+            | 🛡  | **Trivy**   | \`${{ steps.docker_trivy.outcome }}\`               |
+
+            ### Build:
+
+            \`\`\`${process.env.BUILD}
+            \`\`\`
+
+            ---
+
+            *Pusher: @${{ github.actor }}, Action: \`${{ github.event_name }}\`*`;
+
+            github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: output
+            })
+
+      #
+      # Push image to GCR
+      #
+      - name: 🚀 Push image to GitHub Container Registry
+        if: github.ref == 'refs/heads/main' && github.event_name == 'push'
+        id: docker_push
+        uses: ./.github/actions/docker-push-gcr
+        with:
+          image_local: ${{ env.IMAGE_NAME }}:build
+          image_remote: ${{ env.IMAGE_NAME }}
+          registry: ${{ env.REGISTRY }}/${{ github.repository_owner }}
+          version_file: ${{ env.FOLDER }}/${{ env.VERSION_FILE }}
@@ -15,5 +15,6 @@ All these images are pushed to [Github Container Registry](https://github.com/ma
 | [latex](latex/)                                           | Alpine with texlive preinstalled                                                                                                                                                                                                                    | `ghcr.io/marco-lancini/latex:latest`                      | ![[DOCKER IMAGE] Latex](https://github.com/marco-lancini/utils/workflows/%5BDOCKER%20IMAGE%5D%20Latex/badge.svg)                      |
 | [markserv](markserv/)                                     | Image for [Markserv](https://github.com/markserv/markserv)                                                                                                                                                                                          | `ghcr.io/marco-lancini/markserv:latest`                   | ![[DOCKER IMAGE] Markserv](https://github.com/marco-lancini/utils/workflows/%5BDOCKER%20IMAGE%5D%20Markserv/badge.svg)                |
 | [nomad](nomad/)                                           | Image for HashiCorp Nomad                                                                                                                                                                                                                           | `ghcr.io/marco-lancini/nomad:latest`                      | ![[DOCKER IMAGE] Nomad](https://github.com/marco-lancini/utils/workflows/%5BDOCKER%20IMAGE%5D%20Nomad/badge.svg)                      |
+| [pandoc](pandoc/)                                         | Alpine with pandoc/latex preinstalled                                                                                                                                                                                                               | `ghcr.io/marco-lancini/pandoc:latest`                     | ![[DOCKER IMAGE] Pandoc](https://github.com/marco-lancini/utils/workflows/%5BDOCKER%20IMAGE%5D%20Pandoc/badge.svg)                    |
 | [python-github-backup](python-github-backup/)             | Image for a customised version of the [python-github-backup](https://github.com/josegonzalez/python-github-backup) repo, as described in [Automated Github Backups with ECS and S3](https://www.marcolancini.it/2021/blog-github-backups-with-ecs/) | N/A                                                       |
 | [rclone-gdrive-backup](rclone-gdrive-backup/)             | Image for backing up GDrive via rclone, as described in [Automated GDrive Backups with ECS and S3](https://www.marcolancini.it/2021/blog-gdrive-backups-with-ecs)                                                                                   | N/A                                                       |
@@ -0,0 +1,12 @@
+FROM pandoc/latex:2.18.0
+
+# Install Latex packages
+RUN tlmgr install adjustbox babel-german background bidi collectbox csquotes everypage filehook footmisc footnotebackref framed fvextra letltxmacro ly1 mdframed mweights needspace pagecolor sourcecodepro sourcesanspro titling ucharcat ulem unicode-math upquote xecjk xurl zref koma-script
+
+# Create low-privileged user
+RUN addgroup --gid 11111 -S app
+RUN adduser -s /bin/false -u 11111 -G app -S app
+
+WORKDIR /src
+RUN chown -R app:app /src
+USER app
@@ -0,0 +1,10 @@
+# Pandoc
+
+Docker image for running Pandoc.
+
+
+## Usage
+```bash
+$ docker run --rm -v $(pwd):/src                \
+            ghcr.io/marco-lancini/pandoc:latest
+```
@@ -0,0 +1 @@
+1