xref: /OpenGrok/dev/docker.sh (revision 6e3afe818174682ffcd009ec88bb92151f297ed6)
1675e1740SVladimir Kotal#!/bin/bash
2675e1740SVladimir Kotal
3675e1740SVladimir Kotal#
43e788c1bSVladimir Kotal# Build and optionally push new image to Docker hub.
5675e1740SVladimir Kotal#
6ec9556c1SVladimir Kotal# When pushing, this script uses the following secure variables:
7675e1740SVladimir Kotal#  - DOCKER_USERNAME
8675e1740SVladimir Kotal#  - DOCKER_PASSWORD
9675e1740SVladimir Kotal#
1012897179SVladimir Kotal# These are set via https://github.com/oracle/opengrok/settings/secrets
11675e1740SVladimir Kotal#
12675e1740SVladimir Kotal
13675e1740SVladimir Kotalset -e
14675e1740SVladimir Kotal
15*6e3afe81SVladimir Kotal# Update README file in Docker hub.
16*6e3afe81SVladimir Kotalpush_readme() {
17*6e3afe81SVladimir Kotal	declare -r image="${1}"
18*6e3afe81SVladimir Kotal	declare -r token="${2}"
19*6e3afe81SVladimir Kotal	declare -r input_file="${3}"
20*6e3afe81SVladimir Kotal
21*6e3afe81SVladimir Kotal	if [[ ! -r $input_file ]]; then
22*6e3afe81SVladimir Kotal		echo "file $input_file is not readable"
23*6e3afe81SVladimir Kotal		exit 1
24*6e3afe81SVladimir Kotal	fi
25*6e3afe81SVladimir Kotal
26*6e3afe81SVladimir Kotal	local code=$(curl -s -o /dev/null -L -w "%{http_code}" \
27*6e3afe81SVladimir Kotal	           -X PATCH --data-urlencode \
28*6e3afe81SVladimir Kotal		   full_description@${input_file} \
29*6e3afe81SVladimir Kotal	           -H "Authorization: JWT ${token}" \
30*6e3afe81SVladimir Kotal	           ${API_URL}/repositories/"${image}"/)
31*6e3afe81SVladimir Kotal
32*6e3afe81SVladimir Kotal	if [[ "${code}" = "200" ]]; then
33*6e3afe81SVladimir Kotal		echo "Successfully pushed README to Docker Hub"
34*6e3afe81SVladimir Kotal	else
35*6e3afe81SVladimir Kotal		printf "Unable to push README to Docker Hub, response code: %s\n" "${code}"
36*6e3afe81SVladimir Kotal		exit 1
37*6e3afe81SVladimir Kotal	fi
38*6e3afe81SVladimir Kotal}
39*6e3afe81SVladimir Kotal
401ca9c879SAdam Hornacekecho "Running linter"
411ca9c879SAdam Hornacekdocker run --rm -i hadolint/hadolint:2.6.0 < Dockerfile || exit 1
421ca9c879SAdam Hornacek
43e8ba77c1SVladimir KotalAPI_URL="https://hub.docker.com/v2"
4489259090SVladimir KotalIMAGE="opengrok/docker"
4589259090SVladimir Kotal
469e106a9aSVladimir Kotalif [[ -n $OPENGROK_REF && $OPENGROK_REF == refs/tags/* ]]; then
479e106a9aSVladimir Kotal	OPENGROK_TAG=${OPENGROK_REF#"refs/tags/"}
489e106a9aSVladimir Kotalfi
499e106a9aSVladimir Kotal
509e106a9aSVladimir Kotalif [[ -n $OPENGROK_TAG ]]; then
519e106a9aSVladimir Kotal	VERSION="$OPENGROK_TAG"
52573d2ad6SVladimir Kotal	VERSION_SHORT=$( echo $VERSION | cut -d. -f1,2 )
53573d2ad6SVladimir Kotal
54573d2ad6SVladimir Kotal	if [[ -z $VERSION ]]; then
55573d2ad6SVladimir Kotal		echo "empty VERSION"
56573d2ad6SVladimir Kotal		exit 1
57573d2ad6SVladimir Kotal	fi
58573d2ad6SVladimir Kotal
59573d2ad6SVladimir Kotal	if [[ -z $VERSION_SHORT ]]; then
60573d2ad6SVladimir Kotal		echo "empty VERSION_SHORT"
61573d2ad6SVladimir Kotal		exit 1
62573d2ad6SVladimir Kotal	fi
63f9bac693SVladimir Kotal
64014d6520SVladimir Kotal	echo "Version: $VERSION"
65014d6520SVladimir Kotal	echo "Short version: $VERSION_SHORT"
66014d6520SVladimir Kotal
67628efbb5SVladimir Kotal	TAGS="$VERSION $VERSION_SHORT latest"
68628efbb5SVladimir Kotal
69628efbb5SVladimir Kotal	echo "Building docker image for release ($TAGS)"
70573d2ad6SVladimir Kotal	docker build \
7189259090SVladimir Kotal	    -t $IMAGE:$VERSION \
7289259090SVladimir Kotal	    -t $IMAGE:$VERSION_SHORT \
7389259090SVladimir Kotal	    -t $IMAGE:latest .
74628efbb5SVladimir Kotalelse
75628efbb5SVladimir Kotal	TAGS="master"
76628efbb5SVladimir Kotal
77628efbb5SVladimir Kotal	echo "Building docker image for master"
78628efbb5SVladimir Kotal	docker build -t $IMAGE:master .
79628efbb5SVladimir Kotalfi
80573d2ad6SVladimir Kotal
81c0e56161SVladimir Kotal#
82628efbb5SVladimir Kotal# Run the image in a container. This is not strictly needed however
83c0e56161SVladimir Kotal# serves as additional test in automatic builds.
84c0e56161SVladimir Kotal#
85014d6520SVladimir Kotalecho "Running the image in container"
8689259090SVladimir Kotaldocker run -d $IMAGE
87675e1740SVladimir Kotaldocker ps -a
88675e1740SVladimir Kotal
895cda9bedSVladimir Kotal# This can only work on home repository since it needs encrypted variables.
905cda9bedSVladimir Kotalif [[ -n "$OPENGROK_PULL_REQUEST" ]]; then
9189259090SVladimir Kotal	echo "Not pushing Docker image for pull requests"
923e788c1bSVladimir Kotal	exit 0
933e788c1bSVladimir Kotalfi
943e788c1bSVladimir Kotal
953e788c1bSVladimir Kotal# The push only works on the main repository.
965cda9bedSVladimir Kotalif [[ "$OPENGROK_REPO_SLUG" != "oracle/opengrok" ]]; then
9789259090SVladimir Kotal	echo "Not pushing Docker image for non main repository"
983e788c1bSVladimir Kotal	exit 0
993e788c1bSVladimir Kotalfi
1003e788c1bSVladimir Kotal
1013e788c1bSVladimir Kotalif [[ -z $DOCKER_USERNAME ]]; then
1023e788c1bSVladimir Kotal	echo "DOCKER_USERNAME is empty"
1033e788c1bSVladimir Kotal	exit 1
1043e788c1bSVladimir Kotalfi
1053e788c1bSVladimir Kotal
1063e788c1bSVladimir Kotalif [[ -z $DOCKER_PASSWORD ]]; then
1073e788c1bSVladimir Kotal	echo "DOCKER_PASSWORD is empty"
1083e788c1bSVladimir Kotal	exit 1
1093e788c1bSVladimir Kotalfi
1103e788c1bSVladimir Kotal
111675e1740SVladimir Kotal# Publish the image to Docker hub.
112628efbb5SVladimir Kotalif [ -n "$DOCKER_PASSWORD" -a -n "$DOCKER_USERNAME" -a -n "$TAGS" ]; then
11389259090SVladimir Kotal	echo "Logging into Docker Hub"
114675e1740SVladimir Kotal	echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin
115c0e56161SVladimir Kotal
116c0e56161SVladimir Kotal	# All the tags need to be pushed individually:
117628efbb5SVladimir Kotal	for tag in $TAGS; do
11889259090SVladimir Kotal		echo "Pushing Docker image for tag $tag"
11989259090SVladimir Kotal		docker push $IMAGE:$tag
120573d2ad6SVladimir Kotal	done
121675e1740SVladimir Kotalfi
12289259090SVladimir Kotal
123628efbb5SVladimir Kotal# Update README and badge only for release builds.
124628efbb5SVladimir Kotalif [[ -n $OPENGROK_TAG ]]; then
12589259090SVladimir Kotal	TOKEN=$(curl -s -H "Content-Type: application/json" -X POST \
12689259090SVladimir Kotal	    -d '{"username": "'${DOCKER_USERNAME}'", "password": "'${DOCKER_PASSWORD}'"}' \
127e8ba77c1SVladimir Kotal	    ${API_URL}/users/login/ | jq -r .token)
12889259090SVladimir Kotal	if [[ -z $TOKEN ]]; then
12989259090SVladimir Kotal		echo "Cannot get auth token to publish the README file"
13089259090SVladimir Kotal		exit 1
13189259090SVladimir Kotal	fi
13289259090SVladimir Kotal
13389259090SVladimir Kotal	push_readme "${IMAGE}" "${TOKEN}" "docker/README.md"
134628efbb5SVladimir Kotalfi
135