Hugo v0.111.0 (and Alpine v3.17)

This commit fixes a failure scenario caused when the UID of the user within the hugo-extended container does not match the UID or GID of the respective user and group ownership assigned to the files and directories in the volume mounted to /src.
The failure occurs when a git operation triggers recently added safe directory checks to alert the user when there is a UID or GID mismatch. Because the ENTRYPOINT of the hugo-extended container is a call to `hugo`, there is no ability for the end user of the container to tell git to trust the /src directory before hugo is started. It is possible to override the UID and GID when using the container, but this causes permission errors and does not seem like a user-friendly path forward. After this change, the hugo-extended container will contain a global git configuration to trust the /src directory. This may have security implications that have not been considered, but since only the project directory is mounted to /src, this approach seems to respect the intent of git safe directory checks.
2025-06-30 20:56:38 -04:00 · 2023-03-02 10:43:40 -05:00 · 2023-03-02 10:36:36 -05:00 · 2023-01-17 10:44:12 -05:00 · 2023-01-17 10:44:09 -05:00 · 2022-12-23 09:59:58 -05:00
2 changed files with 13 additions and 11 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -14,7 +14,7 @@ jobs:
    if: "!contains(github.event.head_commit.message, '[skip ci]')"
    steps:
      - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3

      - name: Prepare tags
        id: tag
@ -34,16 +34,16 @@ jobs:
          echo ::set-output name=tags::${TAGS}

      - name: Set up QEMU
-        uses: docker/setup-qemu-action@master
+        uses: docker/setup-qemu-action@v2
        with:
-          platforms: all
+          platforms: linux/amd64,linux/arm64

      - name: Set up Docker Buildx
        id: buildx
-        uses: docker/setup-buildx-action@master
+        uses: docker/setup-buildx-action@v2

      - name: Cache Docker layers
-        uses: actions/cache@v2
+        uses: actions/cache@v3
        with:
          path: /tmp/.buildx-cache
          key: ${{ runner.os }}-buildx-${{ github.sha }}
@ -52,14 +52,14 @@ jobs:

      - name: Login to DockerHub
        if: github.event_name != 'pull_request'
-        uses: docker/login-action@v1
+        uses: docker/login-action@v2
        with:
          username: jakejarvis
          password: ${{ secrets.DOCKER_HUB_TOKEN }}

      - name: Login to GitHub Container Registry
        if: github.event_name != 'pull_request'
-        uses: docker/login-action@v1
+        uses: docker/login-action@v2
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
@ -67,7 +67,7 @@ jobs:

      - name: Build and push
        id: build
-        uses: docker/build-push-action@v2
+        uses: docker/build-push-action@v3
        with:
          builder: ${{ steps.buildx.outputs.name }}
          context: ./
--- a/8
+++ b/8
@ -1,11 +1,11 @@
 # the following version can be overridden at image build time with --build-arg
-ARG HUGO_VERSION=0.108.0
+ARG HUGO_VERSION=0.111.0
 # remove/comment the following line completely to compile vanilla Hugo:
 ARG HUGO_BUILD_TAGS=extended

 # Hugo >= v0.81.0 requires Go 1.16+ to build
 ARG GO_VERSION=1.19
-ARG ALPINE_VERSION=3.16
+ARG ALPINE_VERSION=3.17

 # ---

@ -55,7 +55,7 @@ ARG HUGO_VERSION
 # https://github.com/jgm/pandoc/releases
 ARG PANDOC_VERSION=2.19.2
 # https://github.com/sass/dart-sass-embedded/releases
-ARG DART_SASS_VERSION=1.56.1
+ARG DART_SASS_VERSION=1.58.3

 LABEL version="${HUGO_VERSION}"
 LABEL repository="https://github.com/jakejarvis/hugo-docker"
@ -122,6 +122,8 @@ RUN set -euo pipefail && \
    fi && \
    # clean up some junk
    rm -rf /tmp/* /var/tmp/* /var/cache/apk/* && \
+    # tell git to trust /src
+    git config --global --add safe.directory /src && \
    # make super duper sure that everything went OK, exit otherwise
    hugo env && \
    go version && \
Author	SHA1	Message	Date
Jake Jarvis	4a98dad700	Hugo v0.111.0 (and Alpine v3.17)	2023-03-02 10:43:40 -05:00
Greg Baker	e91bc2ed98	This commit fixes a failure scenario caused when the UID of the user within the hugo-extended container does not match the UID or GID of the respective user and group ownership assigned to the files and directories in the volume mounted to /src. The failure occurs when a git operation triggers recently added safe directory checks to alert the user when there is a UID or GID mismatch. Because the ENTRYPOINT of the hugo-extended container is a call to `hugo`, there is no ability for the end user of the container to tell git to trust the /src directory before hugo is started. It is possible to override the UID and GID when using the container, but this causes permission errors and does not seem like a user-friendly path forward. After this change, the hugo-extended container will contain a global git configuration to trust the /src directory. This may have security implications that have not been considered, but since only the project directory is mounted to /src, this approach seems to respect the intent of git safe directory checks.	2023-03-02 10:36:36 -05:00
Jake Jarvis	048f5d17f2	Hugo v0.110.0	2023-01-17 10:44:12 -05:00
Jake Jarvis	5c457e33fe	bump GH actions	2023-01-17 10:44:09 -05:00
Jake Jarvis	0a8ca90615	Hugo v0.109.0	2022-12-23 09:59:58 -05:00