1675e1740SVladimir Kotal#!/bin/bash 2675e1740SVladimir Kotal 3675e1740SVladimir Kotal# 43e788c1bSVladimir Kotal# Build and optionally push new image to Docker hub. 5675e1740SVladimir Kotal# 6ec9556c1SVladimir Kotal# When pushing, this script uses the following secure variables: 7675e1740SVladimir Kotal# - DOCKER_USERNAME 8675e1740SVladimir Kotal# - DOCKER_PASSWORD 9675e1740SVladimir Kotal# 1012897179SVladimir Kotal# These are set via https://github.com/oracle/opengrok/settings/secrets 11675e1740SVladimir Kotal# 12675e1740SVladimir Kotal 13675e1740SVladimir Kotalset -e 14675e1740SVladimir Kotal 15*6e3afe81SVladimir Kotal# Update README file in Docker hub. 16*6e3afe81SVladimir Kotalpush_readme() { 17*6e3afe81SVladimir Kotal declare -r image="${1}" 18*6e3afe81SVladimir Kotal declare -r token="${2}" 19*6e3afe81SVladimir Kotal declare -r input_file="${3}" 20*6e3afe81SVladimir Kotal 21*6e3afe81SVladimir Kotal if [[ ! -r $input_file ]]; then 22*6e3afe81SVladimir Kotal echo "file $input_file is not readable" 23*6e3afe81SVladimir Kotal exit 1 24*6e3afe81SVladimir Kotal fi 25*6e3afe81SVladimir Kotal 26*6e3afe81SVladimir Kotal local code=$(curl -s -o /dev/null -L -w "%{http_code}" \ 27*6e3afe81SVladimir Kotal -X PATCH --data-urlencode \ 28*6e3afe81SVladimir Kotal full_description@${input_file} \ 29*6e3afe81SVladimir Kotal -H "Authorization: JWT ${token}" \ 30*6e3afe81SVladimir Kotal ${API_URL}/repositories/"${image}"/) 31*6e3afe81SVladimir Kotal 32*6e3afe81SVladimir Kotal if [[ "${code}" = "200" ]]; then 33*6e3afe81SVladimir Kotal echo "Successfully pushed README to Docker Hub" 34*6e3afe81SVladimir Kotal else 35*6e3afe81SVladimir Kotal printf "Unable to push README to Docker Hub, response code: %s\n" "${code}" 36*6e3afe81SVladimir Kotal exit 1 37*6e3afe81SVladimir Kotal fi 38*6e3afe81SVladimir Kotal} 39*6e3afe81SVladimir Kotal 401ca9c879SAdam Hornacekecho "Running linter" 411ca9c879SAdam Hornacekdocker run --rm -i hadolint/hadolint:2.6.0 < Dockerfile || exit 1 421ca9c879SAdam Hornacek 43e8ba77c1SVladimir KotalAPI_URL="https://hub.docker.com/v2" 4489259090SVladimir KotalIMAGE="opengrok/docker" 4589259090SVladimir Kotal 469e106a9aSVladimir Kotalif [[ -n $OPENGROK_REF && $OPENGROK_REF == refs/tags/* ]]; then 479e106a9aSVladimir Kotal OPENGROK_TAG=${OPENGROK_REF#"refs/tags/"} 489e106a9aSVladimir Kotalfi 499e106a9aSVladimir Kotal 509e106a9aSVladimir Kotalif [[ -n $OPENGROK_TAG ]]; then 519e106a9aSVladimir Kotal VERSION="$OPENGROK_TAG" 52573d2ad6SVladimir Kotal VERSION_SHORT=$( echo $VERSION | cut -d. -f1,2 ) 53573d2ad6SVladimir Kotal 54573d2ad6SVladimir Kotal if [[ -z $VERSION ]]; then 55573d2ad6SVladimir Kotal echo "empty VERSION" 56573d2ad6SVladimir Kotal exit 1 57573d2ad6SVladimir Kotal fi 58573d2ad6SVladimir Kotal 59573d2ad6SVladimir Kotal if [[ -z $VERSION_SHORT ]]; then 60573d2ad6SVladimir Kotal echo "empty VERSION_SHORT" 61573d2ad6SVladimir Kotal exit 1 62573d2ad6SVladimir Kotal fi 63f9bac693SVladimir Kotal 64014d6520SVladimir Kotal echo "Version: $VERSION" 65014d6520SVladimir Kotal echo "Short version: $VERSION_SHORT" 66014d6520SVladimir Kotal 67628efbb5SVladimir Kotal TAGS="$VERSION $VERSION_SHORT latest" 68628efbb5SVladimir Kotal 69628efbb5SVladimir Kotal echo "Building docker image for release ($TAGS)" 70573d2ad6SVladimir Kotal docker build \ 7189259090SVladimir Kotal -t $IMAGE:$VERSION \ 7289259090SVladimir Kotal -t $IMAGE:$VERSION_SHORT \ 7389259090SVladimir Kotal -t $IMAGE:latest . 74628efbb5SVladimir Kotalelse 75628efbb5SVladimir Kotal TAGS="master" 76628efbb5SVladimir Kotal 77628efbb5SVladimir Kotal echo "Building docker image for master" 78628efbb5SVladimir Kotal docker build -t $IMAGE:master . 79628efbb5SVladimir Kotalfi 80573d2ad6SVladimir Kotal 81c0e56161SVladimir Kotal# 82628efbb5SVladimir Kotal# Run the image in a container. This is not strictly needed however 83c0e56161SVladimir Kotal# serves as additional test in automatic builds. 84c0e56161SVladimir Kotal# 85014d6520SVladimir Kotalecho "Running the image in container" 8689259090SVladimir Kotaldocker run -d $IMAGE 87675e1740SVladimir Kotaldocker ps -a 88675e1740SVladimir Kotal 895cda9bedSVladimir Kotal# This can only work on home repository since it needs encrypted variables. 905cda9bedSVladimir Kotalif [[ -n "$OPENGROK_PULL_REQUEST" ]]; then 9189259090SVladimir Kotal echo "Not pushing Docker image for pull requests" 923e788c1bSVladimir Kotal exit 0 933e788c1bSVladimir Kotalfi 943e788c1bSVladimir Kotal 953e788c1bSVladimir Kotal# The push only works on the main repository. 965cda9bedSVladimir Kotalif [[ "$OPENGROK_REPO_SLUG" != "oracle/opengrok" ]]; then 9789259090SVladimir Kotal echo "Not pushing Docker image for non main repository" 983e788c1bSVladimir Kotal exit 0 993e788c1bSVladimir Kotalfi 1003e788c1bSVladimir Kotal 1013e788c1bSVladimir Kotalif [[ -z $DOCKER_USERNAME ]]; then 1023e788c1bSVladimir Kotal echo "DOCKER_USERNAME is empty" 1033e788c1bSVladimir Kotal exit 1 1043e788c1bSVladimir Kotalfi 1053e788c1bSVladimir Kotal 1063e788c1bSVladimir Kotalif [[ -z $DOCKER_PASSWORD ]]; then 1073e788c1bSVladimir Kotal echo "DOCKER_PASSWORD is empty" 1083e788c1bSVladimir Kotal exit 1 1093e788c1bSVladimir Kotalfi 1103e788c1bSVladimir Kotal 111675e1740SVladimir Kotal# Publish the image to Docker hub. 112628efbb5SVladimir Kotalif [ -n "$DOCKER_PASSWORD" -a -n "$DOCKER_USERNAME" -a -n "$TAGS" ]; then 11389259090SVladimir Kotal echo "Logging into Docker Hub" 114675e1740SVladimir Kotal echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin 115c0e56161SVladimir Kotal 116c0e56161SVladimir Kotal # All the tags need to be pushed individually: 117628efbb5SVladimir Kotal for tag in $TAGS; do 11889259090SVladimir Kotal echo "Pushing Docker image for tag $tag" 11989259090SVladimir Kotal docker push $IMAGE:$tag 120573d2ad6SVladimir Kotal done 121675e1740SVladimir Kotalfi 12289259090SVladimir Kotal 123628efbb5SVladimir Kotal# Update README and badge only for release builds. 124628efbb5SVladimir Kotalif [[ -n $OPENGROK_TAG ]]; then 12589259090SVladimir Kotal TOKEN=$(curl -s -H "Content-Type: application/json" -X POST \ 12689259090SVladimir Kotal -d '{"username": "'${DOCKER_USERNAME}'", "password": "'${DOCKER_PASSWORD}'"}' \ 127e8ba77c1SVladimir Kotal ${API_URL}/users/login/ | jq -r .token) 12889259090SVladimir Kotal if [[ -z $TOKEN ]]; then 12989259090SVladimir Kotal echo "Cannot get auth token to publish the README file" 13089259090SVladimir Kotal exit 1 13189259090SVladimir Kotal fi 13289259090SVladimir Kotal 13389259090SVladimir Kotal push_readme "${IMAGE}" "${TOKEN}" "docker/README.md" 134628efbb5SVladimir Kotalfi 135