mirror of
https://github.com/super-linter/super-linter.git
synced 2024-11-21 21:50:59 -05:00
Validate container image labels (#4926)
* Validate labels and avoid busting the cache * Fix validation * Validate non-empty labels * Add build date back * Don't set build date * Simplify validation script * Enable build cache * Setup buildx * Dynamically set build revision and version * Remove leftover * Disable cache * Add build date back * Add build date back * Fix linting errors * Add checks * Get head SHA * Fix linting errors * Handle merge_group
This commit is contained in:
parent
eb688a090c
commit
9869638131
11 changed files with 141 additions and 1274 deletions
|
@ -1,28 +0,0 @@
|
||||||
# .automation
|
|
||||||
|
|
||||||
This folder holds automation scripts to help `deploy` and `cleanup` **DockerHub** images of the **Super-Linter**
|
|
||||||
|
|
||||||
## cleanup-docker.sh
|
|
||||||
|
|
||||||
This script uses **GitHub Actions** so that when a PR is merged and closed, the **GitHub Action** is triggered.
|
|
||||||
It will then search **DockerHub** for the image that was deployed during the development, and remove it.
|
|
||||||
|
|
||||||
## upload-docker.sh
|
|
||||||
|
|
||||||
This script uses **GitHub Actions** so that when a push to the repository is committed, it will complete the following:
|
|
||||||
|
|
||||||
- Checkout the source code
|
|
||||||
- Build the **Docker** container for **Super-Linter** using that source code
|
|
||||||
- Upload the container to **DockerHub**
|
|
||||||
|
|
||||||
When the script is triggered on the main branch, it will push with the tag:**latest** which is used by all scripting for general availability.
|
|
||||||
When the script is triggered in a branch, it will push with the tag:**NameOfBranch** which can be used for:
|
|
||||||
|
|
||||||
- _testing_
|
|
||||||
- _troubleshooting_
|
|
||||||
- _debugging_
|
|
||||||
- **Note:** The branch name will be reduced to alphanumeric for consistency and uploading
|
|
||||||
|
|
||||||
## test
|
|
||||||
|
|
||||||
This folder holds all **Test Cases** to help run the _CI/CT/CD_ process for the **Super-Linter**.
|
|
|
@ -1,214 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
|
|
||||||
################################################################################
|
|
||||||
############# Clean all code base for additonal testing @admiralawkbar #########
|
|
||||||
################################################################################
|
|
||||||
|
|
||||||
###########
|
|
||||||
# Globals #
|
|
||||||
###########
|
|
||||||
((LOG_TRACE = LOG_DEBUG = LOG_VERBOSE = LOG_NOTICE = LOG_WARN = LOG_ERROR = "true")) # Enable all loging
|
|
||||||
export LOG_TRACE LOG_DEBUG LOG_VERBOSE LOG_NOTICE LOG_WARN LOG_ERROR
|
|
||||||
|
|
||||||
############################
|
|
||||||
# Source additonal scripts #
|
|
||||||
############################
|
|
||||||
# shellcheck source=/dev/null
|
|
||||||
source "${GITHUB_WORKSPACE}/lib/functions/log.sh" # Source the function script(s)
|
|
||||||
|
|
||||||
################################################################################
|
|
||||||
############################ FUNCTIONS BELOW ###################################
|
|
||||||
################################################################################
|
|
||||||
################################################################################
|
|
||||||
#### Function Header ###########################################################
|
|
||||||
Header() {
|
|
||||||
info "-------------------------------------------------------"
|
|
||||||
info "------- GitHub Clean code base of error tests ---------"
|
|
||||||
info "-------------------------------------------------------"
|
|
||||||
}
|
|
||||||
################################################################################
|
|
||||||
#### Function CheckShellErrors #################################################
|
|
||||||
CheckShellErrors() {
|
|
||||||
#######################
|
|
||||||
# Load the error code #
|
|
||||||
#######################
|
|
||||||
ERROR_CODE=$?
|
|
||||||
|
|
||||||
##############################
|
|
||||||
# Check the shell for errors #
|
|
||||||
##############################
|
|
||||||
if [ $ERROR_CODE -ne 0 ]; then
|
|
||||||
error "$1"
|
|
||||||
fatal "$2"
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
################################################################################
|
|
||||||
#### Function CleanTestFiles ###################################################
|
|
||||||
CleanTestFiles() {
|
|
||||||
info "-------------------------------------------------------"
|
|
||||||
info "Finding all tests that are supposed to fail... and removing them..."
|
|
||||||
|
|
||||||
##################
|
|
||||||
# Find the files #
|
|
||||||
##################
|
|
||||||
mapfile -t FIND_CMD < <(
|
|
||||||
cd "${GITHUB_WORKSPACE}" || exit 1
|
|
||||||
find "${GITHUB_WORKSPACE}" -type f -name "*_bad_*" -o -path "*javascript_prettier*" -name "*javascript_good*" 2>&1
|
|
||||||
)
|
|
||||||
|
|
||||||
CheckShellErrors "ERROR! failed to get list of all files!" "ERROR:[${FIND_CMD[*]}]"
|
|
||||||
|
|
||||||
############################################################
|
|
||||||
# Get the directory and validate it came from tests folder #
|
|
||||||
############################################################
|
|
||||||
for FILE in "${FIND_CMD[@]}"; do
|
|
||||||
#####################
|
|
||||||
# Get the directory #
|
|
||||||
#####################
|
|
||||||
FILE_DIR=$(dirname "$FILE" 2>&1)
|
|
||||||
|
|
||||||
##################################
|
|
||||||
# Check if from the tests folder #
|
|
||||||
##################################
|
|
||||||
if [[ $FILE_DIR == **".automation/test"** ]]; then
|
|
||||||
################################
|
|
||||||
# Its a test, we can delete it #
|
|
||||||
################################
|
|
||||||
REMOVE_FILE_CMD=$(
|
|
||||||
cd "${GITHUB_WORKSPACE}" || exit 1
|
|
||||||
sudo rm -f "$FILE" 2>&1
|
|
||||||
)
|
|
||||||
|
|
||||||
CheckShellErrors "ERROR! failed to remove file:[${FILE}]!" "ERROR:[${REMOVE_FILE_CMD[*]}]"
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
}
|
|
||||||
################################################################################
|
|
||||||
#### Function CleanTestDockerFiles #############################################
|
|
||||||
CleanTestDockerFiles() {
|
|
||||||
info "-------------------------------------------------------"
|
|
||||||
info "Finding all tests that are supposed to fail for Docker... and removing them..."
|
|
||||||
|
|
||||||
##################
|
|
||||||
# Find the files #
|
|
||||||
##################
|
|
||||||
mapfile -t FIND_CMD < <(
|
|
||||||
cd "${GITHUB_WORKSPACE}" || exit 1
|
|
||||||
find "${GITHUB_WORKSPACE}" -type f -name "*Dockerfile" -o -name "*.dockerignore" 2>&1
|
|
||||||
)
|
|
||||||
|
|
||||||
CheckShellErrors "ERROR! failed to get list of all file for Docker!" "ERROR:[${FIND_CMD[*]}]"
|
|
||||||
|
|
||||||
############################################################
|
|
||||||
# Get the directory and validate it came from tests folder #
|
|
||||||
############################################################
|
|
||||||
for FILE in "${FIND_CMD[@]}"; do
|
|
||||||
#####################
|
|
||||||
# Get the directory #
|
|
||||||
#####################
|
|
||||||
FILE_DIR=$(dirname "$FILE" 2>&1)
|
|
||||||
|
|
||||||
##################################
|
|
||||||
# Check if from the tests folder #
|
|
||||||
##################################
|
|
||||||
if [[ $FILE_DIR != **".automation/test/docker/good"** ]]; then
|
|
||||||
################################
|
|
||||||
# Its a test, we can delete it #
|
|
||||||
################################
|
|
||||||
REMOVE_FILE_CMD=$(
|
|
||||||
cd "${GITHUB_WORKSPACE}" || exit 1
|
|
||||||
sudo rm -f "$FILE" 2>&1
|
|
||||||
)
|
|
||||||
|
|
||||||
CheckShellErrors "ERROR! failed to remove file:[${FILE}]!" "ERROR:[${REMOVE_FILE_CMD[*]}]"
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
}
|
|
||||||
################################################################################
|
|
||||||
#### Function CleanSHAFolder ###################################################
|
|
||||||
CleanSHAFolder() {
|
|
||||||
info "-------------------------------------------------------"
|
|
||||||
info "Cleaning folder named:[${GITHUB_SHA}] if it exists"
|
|
||||||
|
|
||||||
##################
|
|
||||||
# Find the files #
|
|
||||||
##################
|
|
||||||
REMOVE_CMD=$(
|
|
||||||
cd "${GITHUB_WORKSPACE}" || exit 1
|
|
||||||
sudo rm -rf "${GITHUB_SHA}" 2>&1
|
|
||||||
)
|
|
||||||
|
|
||||||
CheckShellErrors "ERROR! Failed to remove folder:[${GITHUB_SHA}]!" "ERROR:[${REMOVE_CMD}]"
|
|
||||||
}
|
|
||||||
################################################################################
|
|
||||||
#### Function CleanPowershell ##################################################
|
|
||||||
CleanPowershell() {
|
|
||||||
# Need to remove the .psd1 templates as they are formally parsed,
|
|
||||||
# and will fail with missing modules
|
|
||||||
|
|
||||||
info "-------------------------------------------------------"
|
|
||||||
info "Finding powershell template files... and removing them..."
|
|
||||||
|
|
||||||
##################
|
|
||||||
# Find the files #
|
|
||||||
##################
|
|
||||||
mapfile -t FIND_CMD < <(
|
|
||||||
cd "${GITHUB_WORKSPACE}" || exit 1
|
|
||||||
find "${GITHUB_WORKSPACE}" -type f -name "*.psd1" 2>&1
|
|
||||||
)
|
|
||||||
|
|
||||||
CheckShellErrors "ERROR! failed to get list of all file for *.psd1!" "ERROR:[${FIND_CMD[*]}]"
|
|
||||||
|
|
||||||
############################################################
|
|
||||||
# Get the directory and validate it came from tests folder #
|
|
||||||
############################################################
|
|
||||||
for FILE in "${FIND_CMD[@]}"; do
|
|
||||||
#####################
|
|
||||||
# Get the directory #
|
|
||||||
#####################
|
|
||||||
FILE_DIR=$(dirname "$FILE" 2>&1)
|
|
||||||
|
|
||||||
##################################
|
|
||||||
# Check if from the tests folder #
|
|
||||||
##################################
|
|
||||||
if [[ $FILE_DIR == **"TEMPLATES"** ]]; then
|
|
||||||
################################
|
|
||||||
# Its a test, we can delete it #
|
|
||||||
################################
|
|
||||||
REMOVE_FILE_CMD=$(
|
|
||||||
cd "${GITHUB_WORKSPACE}" || exit 1
|
|
||||||
sudo rm -f "$FILE" 2>&1
|
|
||||||
)
|
|
||||||
|
|
||||||
CheckShellErrors "ERROR! failed to remove file:[${FILE}]!" "ERROR:[${REMOVE_FILE_CMD[*]}]"
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
}
|
|
||||||
################################################################################
|
|
||||||
################################## MAIN ########################################
|
|
||||||
################################################################################
|
|
||||||
|
|
||||||
##########
|
|
||||||
# Header #
|
|
||||||
##########
|
|
||||||
Header
|
|
||||||
|
|
||||||
####################
|
|
||||||
# Clean test files #
|
|
||||||
####################
|
|
||||||
CleanTestFiles
|
|
||||||
|
|
||||||
###############################
|
|
||||||
# Clean the test docker files #
|
|
||||||
###############################
|
|
||||||
CleanTestDockerFiles
|
|
||||||
|
|
||||||
###############################
|
|
||||||
# Remove sha folder if exists #
|
|
||||||
###############################
|
|
||||||
CleanSHAFolder
|
|
||||||
|
|
||||||
##############################
|
|
||||||
# Clean Powershell templates #
|
|
||||||
##############################
|
|
||||||
CleanPowershell
|
|
|
@ -1,248 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
|
|
||||||
################################################################################
|
|
||||||
############# Cleanup Image on DockerHub @admiralawkbar ########################
|
|
||||||
################################################################################
|
|
||||||
|
|
||||||
# NOTES: This script is used to remove a tagged image on DockerHub
|
|
||||||
# Its based on being built from a GitHub Action, but could be easily updated
|
|
||||||
# To be ran in a different medium.
|
|
||||||
#
|
|
||||||
# PRE-Requirements:
|
|
||||||
# - Dockerfile
|
|
||||||
# - System with Docker installed
|
|
||||||
# - Global variables met
|
|
||||||
|
|
||||||
###########
|
|
||||||
# Globals #
|
|
||||||
###########
|
|
||||||
((LOG_TRACE = LOG_DEBUG = LOG_VERBOSE = LOG_NOTICE = LOG_WARN = LOG_ERROR = "true")) # Enable all loging
|
|
||||||
export LOG_TRACE LOG_DEBUG LOG_VERBOSE LOG_NOTICE LOG_WARN LOG_ERROR
|
|
||||||
|
|
||||||
#########################
|
|
||||||
# Source Function Files #
|
|
||||||
#########################
|
|
||||||
# shellcheck source=/dev/null
|
|
||||||
source "${GITHUB_WORKSPACE}/lib/functions/log.sh" # Source the function script(s)
|
|
||||||
|
|
||||||
################################################################################
|
|
||||||
############################ FUNCTIONS BELOW ###################################
|
|
||||||
################################################################################
|
|
||||||
################################################################################
|
|
||||||
#### Function Header ###########################################################
|
|
||||||
Header() {
|
|
||||||
info "-------------------------------------------------------"
|
|
||||||
info "----- GitHub Actions remove image from DockerHub ------"
|
|
||||||
info "-------------------------------------------------------"
|
|
||||||
}
|
|
||||||
################################################################################
|
|
||||||
#### Function ValidateInput ####################################################
|
|
||||||
ValidateInput() {
|
|
||||||
# Need to validate we have the basic variables
|
|
||||||
################
|
|
||||||
# Print header #
|
|
||||||
################
|
|
||||||
info "----------------------------------------------"
|
|
||||||
info "Gathering variables..."
|
|
||||||
info "----------------------------------------------"
|
|
||||||
|
|
||||||
############################
|
|
||||||
# Validate GITHUB_WORKSPACE #
|
|
||||||
############################
|
|
||||||
if [ -z "${GITHUB_WORKSPACE}" ]; then
|
|
||||||
error "Failed to get [GITHUB_WORKSPACE]!"
|
|
||||||
fatal "[${GITHUB_WORKSPACE}]"
|
|
||||||
else
|
|
||||||
info "Successfully found:[GITHUB_WORKSPACE], value:[${GITHUB_WORKSPACE}]"
|
|
||||||
fi
|
|
||||||
|
|
||||||
#######################
|
|
||||||
# Validate IMAGE_REPO #
|
|
||||||
#######################
|
|
||||||
if [ -z "${IMAGE_REPO}" ]; then
|
|
||||||
# No repo was pulled
|
|
||||||
error "Failed to get [IMAGE_REPO]!"
|
|
||||||
fatal "[${IMAGE_REPO}]"
|
|
||||||
elif [[ ${IMAGE_REPO} == "super-linter/super-linter" ]]; then
|
|
||||||
# Found our main repo
|
|
||||||
info "Successfully found:[IMAGE_REPO], value:[${IMAGE_REPO}]"
|
|
||||||
else
|
|
||||||
# This is a fork and we cant pull vars or any info
|
|
||||||
warn "No image to cleanup as this is a forked branch, and not being built with current automation!"
|
|
||||||
exit 0
|
|
||||||
fi
|
|
||||||
|
|
||||||
##########################
|
|
||||||
# Validate IMAGE_VERSION #
|
|
||||||
##########################
|
|
||||||
if [ -z "${IMAGE_VERSION}" ]; then
|
|
||||||
error "Failed to get [IMAGE_VERSION]!"
|
|
||||||
fatal "[${IMAGE_VERSION}]"
|
|
||||||
else
|
|
||||||
info "Successfully found:[IMAGE_VERSION], value:[${IMAGE_VERSION}]"
|
|
||||||
fi
|
|
||||||
|
|
||||||
############################
|
|
||||||
# Validate DOCKER_USERNAME #
|
|
||||||
############################
|
|
||||||
if [ -z "${DOCKER_USERNAME}" ]; then
|
|
||||||
error "Failed to get [DOCKER_USERNAME]!"
|
|
||||||
fatal "[${DOCKER_USERNAME}]"
|
|
||||||
else
|
|
||||||
info "Successfully found:[DOCKER_USERNAME], value:[${DOCKER_USERNAME}]"
|
|
||||||
fi
|
|
||||||
|
|
||||||
############################
|
|
||||||
# Validate DOCKER_PASSWORD #
|
|
||||||
############################
|
|
||||||
if [ -z "${DOCKER_PASSWORD}" ]; then
|
|
||||||
error "Failed to get [DOCKER_PASSWORD]!"
|
|
||||||
fatal "[${DOCKER_PASSWORD}]"
|
|
||||||
else
|
|
||||||
info "Successfully found:[DOCKER_PASSWORD], value:[********]"
|
|
||||||
fi
|
|
||||||
|
|
||||||
##################################################
|
|
||||||
# Check if we need to get the name of the branch #
|
|
||||||
##################################################
|
|
||||||
if [[ ${IMAGE_VERSION} != "latest" ]]; then
|
|
||||||
##################################
|
|
||||||
# Remove non alpha-numeric chars #
|
|
||||||
##################################
|
|
||||||
IMAGE_VERSION=$(echo "${IMAGE_VERSION}" | tr -cd '[:alnum:]')
|
|
||||||
else
|
|
||||||
#############################################
|
|
||||||
# Image is 'latest' and we will not destroy #
|
|
||||||
#############################################
|
|
||||||
error "Image Tag is set to:[latest]..."
|
|
||||||
error "We will never destroy latest..."
|
|
||||||
fatal "Bye!"
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
################################################################################
|
|
||||||
#### Function LoginToDocker ####################################################
|
|
||||||
LoginToDocker() {
|
|
||||||
################
|
|
||||||
# Print header #
|
|
||||||
################
|
|
||||||
info "----------------------------------------------"
|
|
||||||
info "Login to DockerHub..."
|
|
||||||
info "----------------------------------------------"
|
|
||||||
|
|
||||||
######################
|
|
||||||
# Login to DockerHub #
|
|
||||||
######################
|
|
||||||
LOGIN_CMD=$(docker login --username "${DOCKER_USERNAME}" --password "${DOCKER_PASSWORD}" 2>&1)
|
|
||||||
|
|
||||||
#######################
|
|
||||||
# Load the error code #
|
|
||||||
#######################
|
|
||||||
ERROR_CODE=$?
|
|
||||||
|
|
||||||
##############################
|
|
||||||
# Check the shell for errors #
|
|
||||||
##############################
|
|
||||||
if [ ${ERROR_CODE} -ne 0 ]; then
|
|
||||||
# ERROR
|
|
||||||
error "Failed to authenticate to DockerHub!"
|
|
||||||
fatal "[${LOGIN_CMD}]"
|
|
||||||
else
|
|
||||||
# SUCCESS
|
|
||||||
info "Successfully authenticated to DockerHub!"
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
################################################################################
|
|
||||||
#### Function RemoveImage ######################################################
|
|
||||||
RemoveImage() {
|
|
||||||
################
|
|
||||||
# Print header #
|
|
||||||
################
|
|
||||||
info "----------------------------------------------"
|
|
||||||
info "Removing the DockerFile image:[${IMAGE_REPO}:${IMAGE_VERSION}]"
|
|
||||||
info "----------------------------------------------"
|
|
||||||
|
|
||||||
#####################################
|
|
||||||
# Create Token to auth to DockerHub #
|
|
||||||
#####################################
|
|
||||||
TOKEN=$(curl -s -k \
|
|
||||||
-H "Content-Type: application/json" \
|
|
||||||
-X POST \
|
|
||||||
-d "{\"username\": \"${DOCKER_USERNAME}\", \"password\": \"${DOCKER_PASSWORD}\"}" \
|
|
||||||
"https://hub.docker.com/v2/users/login/" | jq -r .token 2>&1)
|
|
||||||
|
|
||||||
#######################
|
|
||||||
# Load the ERROR_CODE #
|
|
||||||
#######################
|
|
||||||
ERROR_CODE=$?
|
|
||||||
|
|
||||||
##############################
|
|
||||||
# Check the shell for errors #
|
|
||||||
##############################
|
|
||||||
if [ ${ERROR_CODE} -ne 0 ]; then
|
|
||||||
# ERROR
|
|
||||||
error "Failed to gain token from DockerHub!"
|
|
||||||
fatal "[${TOKEN}]"
|
|
||||||
else
|
|
||||||
# SUCCESS
|
|
||||||
info "Successfully gained auth token from DockerHub!"
|
|
||||||
fi
|
|
||||||
|
|
||||||
#################################
|
|
||||||
# Remove the tag from DockerHub #
|
|
||||||
#################################
|
|
||||||
REMOVE_CMD=$(curl "https://hub.docker.com/v2/repositories/${IMAGE_REPO}/tags/${IMAGE_VERSION}/" \
|
|
||||||
-X DELETE \
|
|
||||||
-H "Authorization: JWT ${TOKEN}" 2>&1)
|
|
||||||
|
|
||||||
#######################
|
|
||||||
# Load the ERROR_CODE #
|
|
||||||
#######################
|
|
||||||
ERROR_CODE=$?
|
|
||||||
|
|
||||||
##############################
|
|
||||||
# Check the shell for errors #
|
|
||||||
##############################
|
|
||||||
if [ ${ERROR_CODE} -ne 0 ]; then
|
|
||||||
# ERROR
|
|
||||||
error "Failed to remove tag from DockerHub!"
|
|
||||||
fatal "[${REMOVE_CMD}]"
|
|
||||||
else
|
|
||||||
# SUCCESS
|
|
||||||
info "Successfully [removed] Docker image tag:[${IMAGE_VERSION}] from DockerHub!"
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
################################################################################
|
|
||||||
#### Function Footer ###########################################################
|
|
||||||
Footer() {
|
|
||||||
info "-------------------------------------------------------"
|
|
||||||
info "The step has completed"
|
|
||||||
info "-------------------------------------------------------"
|
|
||||||
}
|
|
||||||
################################################################################
|
|
||||||
################################## MAIN ########################################
|
|
||||||
################################################################################
|
|
||||||
|
|
||||||
##########
|
|
||||||
# Header #
|
|
||||||
##########
|
|
||||||
Header
|
|
||||||
|
|
||||||
##################
|
|
||||||
# Validate Input #
|
|
||||||
##################
|
|
||||||
ValidateInput
|
|
||||||
|
|
||||||
######################
|
|
||||||
# Login to DockerHub #
|
|
||||||
######################
|
|
||||||
LoginToDocker
|
|
||||||
|
|
||||||
####################
|
|
||||||
# Remove the image #
|
|
||||||
####################
|
|
||||||
RemoveImage
|
|
||||||
|
|
||||||
##########
|
|
||||||
# Footer #
|
|
||||||
##########
|
|
||||||
Footer
|
|
|
@ -1,643 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
|
|
||||||
################################################################################
|
|
||||||
############# Deploy Container to DockerHub @admiralawkbar #####################
|
|
||||||
################################################################################
|
|
||||||
|
|
||||||
# NOTES: This script is used to upload a Dockerfile to DockerHub
|
|
||||||
# under the GitHub organization
|
|
||||||
# Its based on being built from a GitHub Action, but could be easily updated
|
|
||||||
# To be ran in a different medium.
|
|
||||||
#
|
|
||||||
# PRE-Requirements:
|
|
||||||
# - Dockerfile
|
|
||||||
# - System with Docker installed
|
|
||||||
# - Global variables met
|
|
||||||
|
|
||||||
###########
|
|
||||||
# Globals #
|
|
||||||
###########
|
|
||||||
# GITHUB_WORKSPACE="${GITHUB_WORKSPACE}" # GitHub Workspace
|
|
||||||
# GITHUB_REPOSITORY="${GITHUB_REPOSITORY}" # GitHub Org/Repo passed from system
|
|
||||||
# DOCKER_USERNAME="${DOCKER_USERNAME}" # Username to login to DockerHub
|
|
||||||
# DOCKER_PASSWORD="${DOCKER_PASSWORD}" # Password to login to DockerHub
|
|
||||||
# GCR_USERNAME="${GCR_USERNAME}" # Username to login to GitHub package registry
|
|
||||||
# GCR_TOKEN="${GCR_TOKEN}" # Password to login to GitHub package registry
|
|
||||||
# REGISTRY="${REGISTRY}" # What registry to upload | <GCR> or <Docker>
|
|
||||||
# IMAGE_REPO="${IMAGE_REPO}" # Image repo to upload the image
|
|
||||||
# IMAGE_VERSION="${IMAGE_VERSION}" # Version to tag the image
|
|
||||||
# DOCKERFILE_PATH="${DOCKERFILE_PATH}" # Path to the Dockerfile to be uploaded
|
|
||||||
MAJOR_TAG='' # Major tag version if we need to update it
|
|
||||||
UPDATE_MAJOR_TAG=0 # Flag to deploy the major tag version as well
|
|
||||||
GCR_URL='ghcr.io' # URL to Github Container Registry
|
|
||||||
DOCKER_IMAGE_REPO='' # Docker tag for the image when created
|
|
||||||
GCR_IMAGE_REPO='' # Docker tag for the image when created
|
|
||||||
FOUND_IMAGE=0 # Flag for if the image has already been built
|
|
||||||
CONTAINER_URL='' # Final URL to upload
|
|
||||||
|
|
||||||
###########################################################
|
|
||||||
# Dynamic build variables to pass to container when built #
|
|
||||||
###########################################################
|
|
||||||
BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ') # Current build date EX> "2017-08-28T09:24:41Z"
|
|
||||||
BUILD_REVISION=$(git rev-parse --short HEAD) # Current git commit EX> "e89faa7"
|
|
||||||
BUILD_VERSION='' # Current version of the container being built
|
|
||||||
((LOG_TRACE = LOG_DEBUG = LOG_VERBOSE = LOG_NOTICE = LOG_WARN = LOG_ERROR = "true")) # Enable all loging
|
|
||||||
export LOG_TRACE LOG_DEBUG LOG_VERBOSE LOG_NOTICE LOG_WARN LOG_ERROR
|
|
||||||
|
|
||||||
#########################
|
|
||||||
# Source Function Files #
|
|
||||||
#########################
|
|
||||||
# shellcheck source=/dev/null
|
|
||||||
source "${GITHUB_WORKSPACE}/lib/functions/log.sh" # Source the function script(s)
|
|
||||||
|
|
||||||
################################################################################
|
|
||||||
############################ FUNCTIONS BELOW ###################################
|
|
||||||
################################################################################
|
|
||||||
################################################################################
|
|
||||||
#### Function Header ###########################################################
|
|
||||||
Header() {
|
|
||||||
info "-------------------------------------------------------"
|
|
||||||
info "---- GitHub Actions Upload image to [${REGISTRY}] ----"
|
|
||||||
info "-------------------------------------------------------"
|
|
||||||
}
|
|
||||||
################################################################################
|
|
||||||
#### Function ValidateInput ####################################################
|
|
||||||
ValidateInput() {
|
|
||||||
# Need to validate we have the basic variables
|
|
||||||
################
|
|
||||||
# Print header #
|
|
||||||
################
|
|
||||||
info "----------------------------------------------"
|
|
||||||
info "Gathering variables..."
|
|
||||||
info "----------------------------------------------"
|
|
||||||
|
|
||||||
#############################
|
|
||||||
# Validate GITHUB_WORKSPACE #
|
|
||||||
#############################
|
|
||||||
if [ -z "${GITHUB_WORKSPACE}" ]; then
|
|
||||||
error "Failed to get [GITHUB_WORKSPACE]!"
|
|
||||||
fatal "[${GITHUB_WORKSPACE}]"
|
|
||||||
else
|
|
||||||
info "Successfully found:${F[W]}[GITHUB_WORKSPACE]${F[B]}, value:${F[W]}[${GITHUB_WORKSPACE}]"
|
|
||||||
fi
|
|
||||||
|
|
||||||
#####################
|
|
||||||
# Validate REGISTRY #
|
|
||||||
#####################
|
|
||||||
if [ -z "${REGISTRY}" ]; then
|
|
||||||
error "Failed to get [REGISTRY]!"
|
|
||||||
fatal "[${REGISTRY}]"
|
|
||||||
else
|
|
||||||
info "Successfully found:${F[W]}[REGISTRY]${F[B]}, value:${F[W]}[${REGISTRY}]"
|
|
||||||
fi
|
|
||||||
|
|
||||||
#####################################################
|
|
||||||
# See if we need values for GitHub package Registry #
|
|
||||||
#####################################################
|
|
||||||
if [[ ${REGISTRY} == "GCR" ]]; then
|
|
||||||
#########################
|
|
||||||
# Validate GCR_USERNAME #
|
|
||||||
#########################
|
|
||||||
if [ -z "${GCR_USERNAME}" ]; then
|
|
||||||
error "Failed to get [GCR_USERNAME]!"
|
|
||||||
fatal "[${GCR_USERNAME}]"
|
|
||||||
else
|
|
||||||
info "Successfully found:${F[W]}[GCR_USERNAME]${F[B]}, value:${F[W]}[${GCR_USERNAME}]"
|
|
||||||
fi
|
|
||||||
|
|
||||||
######################
|
|
||||||
# Validate GCR_TOKEN #
|
|
||||||
######################
|
|
||||||
if [ -z "${GCR_TOKEN}" ]; then
|
|
||||||
error "Failed to get [GCR_TOKEN]!"
|
|
||||||
fatal "[${GCR_TOKEN}]"
|
|
||||||
else
|
|
||||||
info "Successfully found:${F[W]}[GCR_TOKEN]${F[B]}, value:${F[W]}[********]"
|
|
||||||
fi
|
|
||||||
########################################
|
|
||||||
# See if we need values for Ducker hub #
|
|
||||||
########################################
|
|
||||||
elif [[ ${REGISTRY} == "Docker" ]]; then
|
|
||||||
############################
|
|
||||||
# Validate DOCKER_USERNAME #
|
|
||||||
############################
|
|
||||||
if [ -z "${DOCKER_USERNAME}" ]; then
|
|
||||||
error "Failed to get [DOCKER_USERNAME]!"
|
|
||||||
fatal "[${DOCKER_USERNAME}]"
|
|
||||||
else
|
|
||||||
info "Successfully found:${F[W]}[DOCKER_USERNAME]${F[B]}, value:${F[W]}[${DOCKER_USERNAME}]"
|
|
||||||
fi
|
|
||||||
|
|
||||||
############################
|
|
||||||
# Validate DOCKER_PASSWORD #
|
|
||||||
############################
|
|
||||||
if [ -z "${DOCKER_PASSWORD}" ]; then
|
|
||||||
error "Failed to get [DOCKER_PASSWORD]!"
|
|
||||||
fatal "[${DOCKER_PASSWORD}]"
|
|
||||||
else
|
|
||||||
info "Successfully found:${F[W]}[DOCKER_PASSWORD]${F[B]}, value:${F[B]}[********]"
|
|
||||||
fi
|
|
||||||
###########################################
|
|
||||||
# We were not passed a registry to update #
|
|
||||||
###########################################
|
|
||||||
else
|
|
||||||
error "Failed to find a valid registry!"
|
|
||||||
fatal "Registry:[${REGISTRY}]"
|
|
||||||
fi
|
|
||||||
|
|
||||||
#######################
|
|
||||||
# Validate IMAGE_REPO #
|
|
||||||
#######################
|
|
||||||
if [ -z "${IMAGE_REPO}" ]; then
|
|
||||||
error "Failed to get [IMAGE_REPO]!"
|
|
||||||
fatal "[${IMAGE_REPO}]"
|
|
||||||
else
|
|
||||||
info "Successfully found:${F[W]}[IMAGE_REPO]${F[B]}, value:${F[W]}[${IMAGE_REPO}]"
|
|
||||||
# Set the docker Image repo and GCR image repo
|
|
||||||
DOCKER_IMAGE_REPO="${IMAGE_REPO}"
|
|
||||||
GCR_IMAGE_REPO="${GCR_URL}/${IMAGE_REPO}"
|
|
||||||
#########################
|
|
||||||
# Set the container URL #
|
|
||||||
#########################
|
|
||||||
if [[ ${REGISTRY} == "Docker" ]]; then
|
|
||||||
CONTAINER_URL="${DOCKER_IMAGE_REPO}"
|
|
||||||
elif [[ ${REGISTRY} == "GCR" ]]; then
|
|
||||||
CONTAINER_URL="${GCR_IMAGE_REPO}"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
##########################
|
|
||||||
# Validate IMAGE_VERSION #
|
|
||||||
##########################
|
|
||||||
if [ -z "${IMAGE_VERSION}" ]; then
|
|
||||||
warn "Failed to get [IMAGE_VERSION]!"
|
|
||||||
info "Pulling from Branch Name..."
|
|
||||||
##############################
|
|
||||||
# Get the name of the branch #
|
|
||||||
##############################
|
|
||||||
BRANCH_NAME=$(git -C "${GITHUB_WORKSPACE}" branch --contains "${GITHUB_SHA}" | awk '{print $2}' 2>&1)
|
|
||||||
|
|
||||||
#######################
|
|
||||||
# Load the error code #
|
|
||||||
#######################
|
|
||||||
ERROR_CODE=$?
|
|
||||||
|
|
||||||
##############################
|
|
||||||
# Check the shell for errors #
|
|
||||||
##############################
|
|
||||||
if [ ${ERROR_CODE} -ne 0 ]; then
|
|
||||||
error "Failed to get branch name!"
|
|
||||||
fatal "[${BRANCH_NAME}]"
|
|
||||||
fi
|
|
||||||
|
|
||||||
##################################
|
|
||||||
# Remove non alpha-numeric chars #
|
|
||||||
##################################
|
|
||||||
BRANCH_NAME=$(echo "${BRANCH_NAME}" | tr -cd '[:alnum:]')
|
|
||||||
|
|
||||||
############################################
|
|
||||||
# Set the IMAGE_VERSION to the BRANCH_NAME #
|
|
||||||
############################################
|
|
||||||
IMAGE_VERSION="${BRANCH_NAME}"
|
|
||||||
BUILD_VERSION="${IMAGE_VERSION}"
|
|
||||||
info "Tag:[${IMAGE_VERSION}]"
|
|
||||||
else
|
|
||||||
info "Successfully found:${F[W]}[IMAGE_VERSION]${F[B]}, value:${F[W]}[${IMAGE_VERSION}]"
|
|
||||||
#########################
|
|
||||||
# Set the build version #
|
|
||||||
#########################
|
|
||||||
BUILD_VERSION="${IMAGE_VERSION}"
|
|
||||||
fi
|
|
||||||
|
|
||||||
##################################
|
|
||||||
# Set regex for getting tag info #
|
|
||||||
##################################
|
|
||||||
REGEX='(v[0-9]+\.[0-9]+\.[0-9]+)' # Matches 'v1.2.3'
|
|
||||||
|
|
||||||
######################################################################
|
|
||||||
# Check if this is a latest to a versioned release at create new tag #
|
|
||||||
######################################################################
|
|
||||||
if [[ ${IMAGE_VERSION} =~ ${REGEX} ]]; then
|
|
||||||
# Need to get the major version, and set flag to update
|
|
||||||
|
|
||||||
#####################
|
|
||||||
# Set the major tag #
|
|
||||||
#####################
|
|
||||||
MAJOR_TAG=$(echo "${IMAGE_VERSION}" | cut -d '.' -f1)
|
|
||||||
|
|
||||||
###################################
|
|
||||||
# Set flag for updating major tag #
|
|
||||||
###################################
|
|
||||||
UPDATE_MAJOR_TAG=1
|
|
||||||
|
|
||||||
info "- Also deploying a major tag of:[${MAJOR_TAG}]"
|
|
||||||
fi
|
|
||||||
|
|
||||||
############################
|
|
||||||
# Validate DOCKERFILE_PATH #
|
|
||||||
############################
|
|
||||||
if [ -z "${DOCKERFILE_PATH}" ]; then
|
|
||||||
error "Failed to get [DOCKERFILE_PATH]!"
|
|
||||||
fatal "[${DOCKERFILE_PATH}]"
|
|
||||||
else
|
|
||||||
info "Successfully found:${F[W]}[DOCKERFILE_PATH]${F[B]}, value:${F[W]}[${DOCKERFILE_PATH}]"
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
################################################################################
|
|
||||||
#### Function Authenticate #####################################################
|
|
||||||
Authenticate() {
|
|
||||||
################
|
|
||||||
# Pull in Vars #
|
|
||||||
################
|
|
||||||
USERNAME="${1}" # Name to auth with
|
|
||||||
PASSWORD="${2}" # Password to auth with
|
|
||||||
URL="${3}" # Url to auth towards
|
|
||||||
NAME="${4}" # name of the service
|
|
||||||
|
|
||||||
################
|
|
||||||
# Print header #
|
|
||||||
################
|
|
||||||
info "----------------------------------------------"
|
|
||||||
info "Login to ${NAME}..."
|
|
||||||
info "----------------------------------------------"
|
|
||||||
|
|
||||||
###################
|
|
||||||
# Auth to service #
|
|
||||||
###################
|
|
||||||
LOGIN_CMD=$(docker login "${URL}" --username "${USERNAME}" --password "${PASSWORD}" 2>&1)
|
|
||||||
|
|
||||||
#######################
|
|
||||||
# Load the error code #
|
|
||||||
#######################
|
|
||||||
ERROR_CODE=$?
|
|
||||||
|
|
||||||
##############################
|
|
||||||
# Check the shell for errors #
|
|
||||||
##############################
|
|
||||||
if [ ${ERROR_CODE} -ne 0 ]; then
|
|
||||||
# ERROR
|
|
||||||
error "Failed to authenticate to ${NAME}!"
|
|
||||||
fatal "[${LOGIN_CMD}]"
|
|
||||||
else
|
|
||||||
# SUCCESS
|
|
||||||
info "Successfully authenticated to ${F[C]}${NAME}${F[B]}!"
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
################################################################################
|
|
||||||
#### Function BuildImage #######################################################
|
|
||||||
BuildImage() {
|
|
||||||
################
|
|
||||||
# Print header #
|
|
||||||
################
|
|
||||||
info "----------------------------------------------"
|
|
||||||
info "Building the Dockerfile image..."
|
|
||||||
info "----------------------------------------------"
|
|
||||||
|
|
||||||
################################
|
|
||||||
# Validate the DOCKERFILE_PATH #
|
|
||||||
################################
|
|
||||||
if [ ! -f "${DOCKERFILE_PATH}" ]; then
|
|
||||||
# No file found
|
|
||||||
error "failed to find Dockerfile at:[${DOCKERFILE_PATH}]"
|
|
||||||
error "Please make sure you give full path!"
|
|
||||||
fatal "Example:[/configs/Dockerfile] or [Dockerfile] if at root directory"
|
|
||||||
fi
|
|
||||||
|
|
||||||
###################
|
|
||||||
# Build the image #
|
|
||||||
###################
|
|
||||||
docker build --no-cache --build-arg "BUILD_DATE=${BUILD_DATE}" --build-arg "BUILD_REVISION=${BUILD_REVISION}" --build-arg "BUILD_VERSION=${BUILD_VERSION}" -t "${CONTAINER_URL}:${IMAGE_VERSION}" -f "${DOCKERFILE_PATH}" . 2>&1
|
|
||||||
|
|
||||||
#######################
|
|
||||||
# Load the error code #
|
|
||||||
#######################
|
|
||||||
ERROR_CODE=$?
|
|
||||||
|
|
||||||
##############################
|
|
||||||
# Check the shell for errors #
|
|
||||||
##############################
|
|
||||||
if [ ${ERROR_CODE} -ne 0 ]; then
|
|
||||||
# ERROR
|
|
||||||
fatal "failed to [build] Dockerfile!"
|
|
||||||
else
|
|
||||||
# SUCCESS
|
|
||||||
info "Successfully Built image!"
|
|
||||||
fi
|
|
||||||
|
|
||||||
########################################################
|
|
||||||
# Need to see if we need to tag a major update as well #
|
|
||||||
########################################################
|
|
||||||
if [ ${UPDATE_MAJOR_TAG} -eq 1 ]; then
|
|
||||||
# Tag the image with the major tag as well
|
|
||||||
docker build --build-arg "BUILD_DATE=${BUILD_DATE}" --build-arg "BUILD_REVISION=${BUILD_REVISION}" --build-arg "BUILD_VERSION=${MAJOR_TAG}" -t "${CONTAINER_URL}:${MAJOR_TAG}" -f "${DOCKERFILE_PATH}" . 2>&1
|
|
||||||
|
|
||||||
#######################
|
|
||||||
# Load the error code #
|
|
||||||
#######################
|
|
||||||
ERROR_CODE=$?
|
|
||||||
|
|
||||||
##############################
|
|
||||||
# Check the shell for errors #
|
|
||||||
##############################
|
|
||||||
if [ ${ERROR_CODE} -ne 0 ]; then
|
|
||||||
# ERROR
|
|
||||||
fatal "failed to [tag] Dockerfile!"
|
|
||||||
else
|
|
||||||
# SUCCESS
|
|
||||||
info "Successfully tagged image!"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
|
|
||||||
#########################
|
|
||||||
# Set var to be updated #
|
|
||||||
#########################
|
|
||||||
ADDITONAL_URL=''
|
|
||||||
|
|
||||||
####################################
|
|
||||||
# Set the additional container URL #
|
|
||||||
####################################
|
|
||||||
if [[ ${REGISTRY} == "Docker" ]]; then
|
|
||||||
ADDITONAL_URL="${GCR_IMAGE_REPO}"
|
|
||||||
elif [[ ${REGISTRY} == "GCR" ]]; then
|
|
||||||
ADDITONAL_URL="${DOCKER_IMAGE_REPO}"
|
|
||||||
fi
|
|
||||||
|
|
||||||
###################
|
|
||||||
# Build the image #
|
|
||||||
###################
|
|
||||||
docker build --build-arg "BUILD_DATE=${BUILD_DATE}" --build-arg "BUILD_REVISION=${BUILD_REVISION}" --build-arg "BUILD_VERSION=${BUILD_VERSION}" -t "${ADDITONAL_URL}:${IMAGE_VERSION}" -f "${DOCKERFILE_PATH}" . 2>&1
|
|
||||||
|
|
||||||
#######################
|
|
||||||
# Load the error code #
|
|
||||||
#######################
|
|
||||||
ERROR_CODE=$?
|
|
||||||
|
|
||||||
##############################
|
|
||||||
# Check the shell for errors #
|
|
||||||
##############################
|
|
||||||
if [ ${ERROR_CODE} -ne 0 ]; then
|
|
||||||
# ERROR
|
|
||||||
fatal "failed to [tag] Version:[${IMAGE_VERSION}] Additonal location Dockerfile!"
|
|
||||||
else
|
|
||||||
# SUCCESS
|
|
||||||
info "Successfull [tag] Version:[${IMAGE_VERSION}] of additonal image!"
|
|
||||||
fi
|
|
||||||
|
|
||||||
########################################################
|
|
||||||
# Need to see if we need to tag a major update as well #
|
|
||||||
########################################################
|
|
||||||
if [ ${UPDATE_MAJOR_TAG} -eq 1 ]; then
|
|
||||||
###################
|
|
||||||
# Build the image #
|
|
||||||
###################
|
|
||||||
docker build --build-arg "BUILD_DATE=${BUILD_DATE}" --build-arg "BUILD_REVISION=${BUILD_REVISION}" --build-arg "BUILD_VERSION=${MAJOR_TAG}" -t "${ADDITONAL_URL}:${MAJOR_TAG}" -f "${DOCKERFILE_PATH}" . 2>&1
|
|
||||||
|
|
||||||
#######################
|
|
||||||
# Load the error code #
|
|
||||||
#######################
|
|
||||||
ERROR_CODE=$?
|
|
||||||
|
|
||||||
##############################
|
|
||||||
# Check the shell for errors #
|
|
||||||
##############################
|
|
||||||
if [ ${ERROR_CODE} -ne 0 ]; then
|
|
||||||
# ERROR
|
|
||||||
fatal "failed to [tag] Version:[${MAJOR_TAG}]Additonal location Dockerfile!"
|
|
||||||
else
|
|
||||||
# SUCCESS
|
|
||||||
info "Successfull [tag] Version:[${MAJOR_TAG}] of additonal image!"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
################################################################################
|
|
||||||
#### Function UploadImage ######################################################
|
|
||||||
UploadImage() {
|
|
||||||
################
|
|
||||||
# Print header #
|
|
||||||
################
|
|
||||||
info "----------------------------------------------"
|
|
||||||
info "Uploading the DockerFile image to ${REGISTRY}..."
|
|
||||||
info "----------------------------------------------"
|
|
||||||
|
|
||||||
############################################
|
|
||||||
# Upload the docker image that was created #
|
|
||||||
############################################
|
|
||||||
docker push "${CONTAINER_URL}:${IMAGE_VERSION}" 2>&1
|
|
||||||
|
|
||||||
#######################
|
|
||||||
# Load the error code #
|
|
||||||
#######################
|
|
||||||
ERROR_CODE=$?
|
|
||||||
|
|
||||||
##############################
|
|
||||||
# Check the shell for errors #
|
|
||||||
##############################
|
|
||||||
if [ ${ERROR_CODE} -ne 0 ]; then
|
|
||||||
# ERROR
|
|
||||||
fatal "failed to [upload] Dockerfile!"
|
|
||||||
else
|
|
||||||
# SUCCESS
|
|
||||||
info "Successfully Uploaded Docker image:${F[W]}[${IMAGE_VERSION}]${F[B]} to ${F[C]}${REGISTRY}${F[B]}!"
|
|
||||||
fi
|
|
||||||
|
|
||||||
#########################
|
|
||||||
# Get Image information #
|
|
||||||
#########################
|
|
||||||
IFS=$'\n' # Set the delimit to newline
|
|
||||||
GET_INFO_CMD=$(docker images | grep "${CONTAINER_URL}" | grep "${IMAGE_VERSION}" 2>&1)
|
|
||||||
|
|
||||||
#######################
|
|
||||||
# Load the error code #
|
|
||||||
#######################
|
|
||||||
ERROR_CODE=$?
|
|
||||||
|
|
||||||
##############################
|
|
||||||
# Check the shell for errors #
|
|
||||||
##############################
|
|
||||||
if [ ${ERROR_CODE} -ne 0 ]; then
|
|
||||||
# ERROR
|
|
||||||
error "Failed to get information about built Image!"
|
|
||||||
fatal "[${GET_INFO_CMD}]"
|
|
||||||
else
|
|
||||||
################
|
|
||||||
# Get the data #
|
|
||||||
################
|
|
||||||
REPO=$(echo "${GET_INFO_CMD}" | awk '{print $1}')
|
|
||||||
TAG=$(echo "${GET_INFO_CMD}" | awk '{print $2}')
|
|
||||||
IMAGE_ID=$(echo "${GET_INFO_CMD}" | awk '{print $3}')
|
|
||||||
SIZE="${GET_INFO_CMD##* }"
|
|
||||||
|
|
||||||
###################
|
|
||||||
# Print the goods #
|
|
||||||
###################
|
|
||||||
info "----------------------------------------------"
|
|
||||||
info "Docker Image Details:"
|
|
||||||
info "Repository:[${REPO}]"
|
|
||||||
info "Tag:[${TAG}]"
|
|
||||||
info "Image_ID:[${IMAGE_ID}]"
|
|
||||||
info "Size:[${SIZE}]"
|
|
||||||
info "----------------------------------------------"
|
|
||||||
fi
|
|
||||||
|
|
||||||
###############################################################
|
|
||||||
# Check if we need to upload the major tagged version as well #
|
|
||||||
###############################################################
|
|
||||||
if [ ${UPDATE_MAJOR_TAG} -eq 1 ]; then
|
|
||||||
############################################
|
|
||||||
# Upload the docker image that was created #
|
|
||||||
############################################
|
|
||||||
docker push "${CONTAINER_URL}:${MAJOR_TAG}" 2>&1
|
|
||||||
|
|
||||||
#######################
|
|
||||||
# Load the error code #
|
|
||||||
#######################
|
|
||||||
ERROR_CODE=$?
|
|
||||||
|
|
||||||
##############################
|
|
||||||
# Check the shell for errors #
|
|
||||||
##############################
|
|
||||||
if [ ${ERROR_CODE} -ne 0 ]; then
|
|
||||||
# ERROR
|
|
||||||
fatal "failed to [upload] MAJOR_TAG:[${MAJOR_TAG}] Dockerfile!"
|
|
||||||
else
|
|
||||||
# SUCCESS
|
|
||||||
info "Successfully Uploaded TAG:${F[W]}[${MAJOR_TAG}]${F[B]} of Docker image to ${F[C]}${REGISTRY}${F[B]}!"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
################################################################################
|
|
||||||
#### Function FindBuiltImage ###################################################
|
|
||||||
FindBuiltImage() {
|
|
||||||
# Check the local system to see if an image has already been built
|
|
||||||
# if so, we only need to update tags and push
|
|
||||||
# Set FOUND_IMAGE=1 when found
|
|
||||||
|
|
||||||
##############
|
|
||||||
# Local vars #
|
|
||||||
##############
|
|
||||||
CHECK_IMAGE_REPO='' # Repo to look for
|
|
||||||
|
|
||||||
####################################
|
|
||||||
# Set the additional container URL #
|
|
||||||
####################################
|
|
||||||
if [[ ${REGISTRY} == "GCR" ]]; then
|
|
||||||
CHECK_IMAGE_REPO="${GCR_IMAGE_REPO}"
|
|
||||||
elif [[ ${REGISTRY} == "Docker" ]]; then
|
|
||||||
CHECK_IMAGE_REPO="${DOCKER_IMAGE_REPO}"
|
|
||||||
fi
|
|
||||||
|
|
||||||
#######################################
|
|
||||||
# Look for Release image in DockerHub #
|
|
||||||
#######################################
|
|
||||||
FIND_VERSION_CMD=$(docker images | grep "${CHECK_IMAGE_REPO}" | grep "${IMAGE_VERSION}" 2>&1)
|
|
||||||
|
|
||||||
#######################
|
|
||||||
# Load the error code #
|
|
||||||
#######################
|
|
||||||
ERROR_CODE=$?
|
|
||||||
|
|
||||||
##############################
|
|
||||||
# Check the shell for errors #
|
|
||||||
##############################
|
|
||||||
if [ $ERROR_CODE -ne 0 ]; then
|
|
||||||
info "Found ${REGISTRY} image:[${CHECK_IMAGE_REPO}:${IMAGE_VERSION}] already built on instance"
|
|
||||||
# Increment flag
|
|
||||||
FOUND_RELASE=1
|
|
||||||
else
|
|
||||||
info "Failed to find locally created Docker image:[${CHECK_IMAGE_REPO}]"
|
|
||||||
info "${FIND_VERSION_CMD}"
|
|
||||||
fi
|
|
||||||
|
|
||||||
#####################################
|
|
||||||
# Look for Major image in DockerHub #
|
|
||||||
#####################################
|
|
||||||
FIND_MAJOR_CMD=$(docker images | grep "${CHECK_IMAGE_REPO}" | grep "${MAJOR_TAG}" 2>&1)
|
|
||||||
|
|
||||||
#######################
|
|
||||||
# Load the error code #
|
|
||||||
#######################
|
|
||||||
ERROR_CODE=$?
|
|
||||||
|
|
||||||
##############################
|
|
||||||
# Check the shell for errors #
|
|
||||||
##############################
|
|
||||||
if [ $ERROR_CODE -ne 0 ]; then
|
|
||||||
info "Found ${REGISTRY} image:[${CHECK_IMAGE_REPO}:${MAJOR_TAG}] already built on instance"
|
|
||||||
# Increment flag
|
|
||||||
FOUND_MAJOR=1
|
|
||||||
else
|
|
||||||
info "Failed to find locally created Docker image:[${FIND_MAJOR_CMD}]"
|
|
||||||
info "${FIND_MAJOR_CMD}"
|
|
||||||
fi
|
|
||||||
|
|
||||||
###############################
|
|
||||||
# Check if we found the image #
|
|
||||||
###############################
|
|
||||||
if [ "${FOUND_MAJOR}" -eq 1 ] && [ "${FOUND_RELASE}" -eq 1 ]; then
|
|
||||||
FOUND_IMAGE=1
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
################################################################################
|
|
||||||
#### Function Footer ###########################################################
|
|
||||||
Footer() {
|
|
||||||
info "-------------------------------------------------------"
|
|
||||||
info "The step has completed"
|
|
||||||
info "-------------------------------------------------------"
|
|
||||||
}
|
|
||||||
################################################################################
|
|
||||||
################################## MAIN ########################################
|
|
||||||
################################################################################
|
|
||||||
|
|
||||||
##########
|
|
||||||
# Header #
|
|
||||||
##########
|
|
||||||
Header
|
|
||||||
|
|
||||||
##################
|
|
||||||
# Validate Input #
|
|
||||||
##################
|
|
||||||
ValidateInput
|
|
||||||
|
|
||||||
###############################
|
|
||||||
# Find Image if already built #
|
|
||||||
###############################
|
|
||||||
FindBuiltImage
|
|
||||||
|
|
||||||
###################
|
|
||||||
# Build the image #
|
|
||||||
###################
|
|
||||||
if [ "$FOUND_IMAGE" -ne 0 ]; then
|
|
||||||
BuildImage
|
|
||||||
fi
|
|
||||||
|
|
||||||
######################
|
|
||||||
# Login to DockerHub #
|
|
||||||
######################
|
|
||||||
if [[ ${REGISTRY} == "Docker" ]]; then
|
|
||||||
# Authenticate "Username" "Password" "Url" "Name"
|
|
||||||
Authenticate "${DOCKER_USERNAME}" "${DOCKER_PASSWORD}" "" "Dockerhub"
|
|
||||||
|
|
||||||
######################################
|
|
||||||
# Login to GitHub Container Registry #
|
|
||||||
######################################
|
|
||||||
elif [[ ${REGISTRY} == "GCR" ]]; then
|
|
||||||
# Authenticate "Username" "Password" "Url" "Name"
|
|
||||||
Authenticate "${GCR_USERNAME}" "${GCR_TOKEN}" "https://${GCR_URL}" "GitHub Container Registry"
|
|
||||||
|
|
||||||
else
|
|
||||||
#########
|
|
||||||
# ERROR #
|
|
||||||
#########
|
|
||||||
error "Registry not set correctly!"
|
|
||||||
fatal "Registry:[${REGISTRY}]"
|
|
||||||
fi
|
|
||||||
|
|
||||||
####################
|
|
||||||
# Upload the image #
|
|
||||||
####################
|
|
||||||
UploadImage
|
|
||||||
|
|
||||||
##########
|
|
||||||
# Footer #
|
|
||||||
##########
|
|
||||||
Footer
|
|
|
@ -1,114 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
|
|
||||||
################################################################################
|
|
||||||
############# Clean all code base for additonal testing @admiralawkbar #########
|
|
||||||
################################################################################
|
|
||||||
|
|
||||||
###########
|
|
||||||
# Globals #
|
|
||||||
###########
|
|
||||||
IMAGE="${1}" # Image of the super-linter we build
|
|
||||||
BUILD_REVISION="${GITHUB_SHA}" # GitHub Sha
|
|
||||||
BUILD_VERSION="${GITHUB_SHA}" # Version of the container
|
|
||||||
ORG_REPO="super-linter/super-linter" # Org/repo
|
|
||||||
REGISTRY='ghcr.io' # Docker Registry
|
|
||||||
((LOG_TRACE = LOG_DEBUG = LOG_VERBOSE = LOG_NOTICE = LOG_WARN = LOG_ERROR = "true")) # Enable all loging
|
|
||||||
ERROR=0 # Error count
|
|
||||||
export LOG_TRACE LOG_DEBUG LOG_VERBOSE LOG_NOTICE LOG_WARN LOG_ERROR
|
|
||||||
|
|
||||||
#########################
|
|
||||||
# Source Function Files #
|
|
||||||
#########################
|
|
||||||
# shellcheck source=/dev/null
|
|
||||||
source "${GITHUB_WORKSPACE}/lib/functions/log.sh" # Source the function script(s)
|
|
||||||
|
|
||||||
################################################################################
|
|
||||||
############################ FUNCTIONS BELOW ###################################
|
|
||||||
################################################################################
|
|
||||||
################################################################################
|
|
||||||
#### Function Header ###########################################################
|
|
||||||
Header() {
|
|
||||||
info "--------------------------------------------------"
|
|
||||||
info "----- GitHub Actions validate docker labels ------"
|
|
||||||
info "--------------------------------------------------"
|
|
||||||
|
|
||||||
##################################
|
|
||||||
# Print info on local containers #
|
|
||||||
##################################
|
|
||||||
info "--------------------------------------------------"
|
|
||||||
info "Containers found locally:"
|
|
||||||
docker images
|
|
||||||
info "--------------------------------------------------"
|
|
||||||
|
|
||||||
}
|
|
||||||
################################################################################
|
|
||||||
#### Function ValidateLabel ####################################################
|
|
||||||
ValidateLabel() {
|
|
||||||
##############
|
|
||||||
# Grab input #
|
|
||||||
##############
|
|
||||||
CONTAINER_KEY="$1" # Example: org.opencontainers.image.created
|
|
||||||
CONTAINER_VALUE="$2" # Example: 1985-04-12T23:20:50.52Z
|
|
||||||
|
|
||||||
########################
|
|
||||||
# Get the docker label #
|
|
||||||
########################
|
|
||||||
LABEL=''
|
|
||||||
if [[ "${IMAGE}" == "slim" ]]; then
|
|
||||||
LABEL=$(docker inspect --format "{{ index .Config.Labels \"${CONTAINER_KEY}\" }}" "${REGISTRY}/${ORG_REPO}:slim-${GITHUB_SHA}")
|
|
||||||
else
|
|
||||||
LABEL=$(docker inspect --format "{{ index .Config.Labels \"${CONTAINER_KEY}\" }}" "${REGISTRY}/${ORG_REPO}:${GITHUB_SHA}")
|
|
||||||
fi
|
|
||||||
|
|
||||||
###################
|
|
||||||
# Check the value #
|
|
||||||
###################
|
|
||||||
if [[ ${LABEL} != "${CONTAINER_VALUE}" ]]; then
|
|
||||||
error "Assert failed [${CONTAINER_KEY} - '${LABEL}' != '${CONTAINER_VALUE}']"
|
|
||||||
ERROR=1
|
|
||||||
else
|
|
||||||
info "Assert passed [${CONTAINER_KEY}]"
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
################################################################################
|
|
||||||
#### Function Footer ###########################################################
|
|
||||||
Footer() {
|
|
||||||
#####################################
|
|
||||||
# Check if any errors were reported #
|
|
||||||
#####################################
|
|
||||||
if [[ ${ERROR} -gt 0 ]]; then
|
|
||||||
fatal "There were some failed assertions. See above"
|
|
||||||
else
|
|
||||||
info "-------------------------------------------------------"
|
|
||||||
info "The step has completed"
|
|
||||||
info "-------------------------------------------------------"
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
################################################################################
|
|
||||||
################################## MAIN ########################################
|
|
||||||
################################################################################
|
|
||||||
|
|
||||||
##########
|
|
||||||
# Header #
|
|
||||||
##########
|
|
||||||
Header
|
|
||||||
|
|
||||||
####################
|
|
||||||
# Validate created #
|
|
||||||
####################
|
|
||||||
ValidateLabel "org.opencontainers.image.created" "${BUILD_DATE}"
|
|
||||||
|
|
||||||
#####################
|
|
||||||
# Validate revision #
|
|
||||||
#####################
|
|
||||||
ValidateLabel "org.opencontainers.image.revision" "${BUILD_REVISION}"
|
|
||||||
|
|
||||||
####################
|
|
||||||
# Validate version #
|
|
||||||
####################
|
|
||||||
ValidateLabel "org.opencontainers.image.version" "${BUILD_VERSION}"
|
|
||||||
|
|
||||||
#################
|
|
||||||
# Report status #
|
|
||||||
#################
|
|
||||||
Footer
|
|
47
.github/workflows/cd.yml
vendored
47
.github/workflows/cd.yml
vendored
|
@ -32,17 +32,46 @@ jobs:
|
||||||
CONTAINER_IMAGE_ID: "ghcr.io/super-linter/super-linter:${{ matrix.images.prefix }}latest"
|
CONTAINER_IMAGE_ID: "ghcr.io/super-linter/super-linter:${{ matrix.images.prefix }}latest"
|
||||||
CONTAINER_IMAGE_TARGET: "${{ matrix.images.target }}"
|
CONTAINER_IMAGE_TARGET: "${{ matrix.images.target }}"
|
||||||
steps:
|
steps:
|
||||||
|
- name: Checkout Code
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
|
||||||
|
- name: Set build metadata
|
||||||
|
run: |
|
||||||
|
if [[ ${{ github.event_name }} == 'push' ]] || [[ ${{ github.event_name }} == 'merge_group' ]]; then
|
||||||
|
BUILD_REVISION=${{ github.sha }}
|
||||||
|
BUILD_VERSION=${{ github.sha }}
|
||||||
|
elif [[ ${{ github.event_name }} == 'pull_request' ]]; then
|
||||||
|
BUILD_REVISION=${{ github.event.pull_request.head.sha }}
|
||||||
|
BUILD_VERSION=${{ github.event.pull_request.head.sha }}
|
||||||
|
else
|
||||||
|
echo "[ERROR] Event not supported when setting build revision and build version"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -z "${BUILD_REVISION}" ]; then
|
||||||
|
echo "[ERROR] BUILD_REVISION is empty"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -z "${BUILD_VERSION}" ]; then
|
||||||
|
echo "[ERROR] BUILD_VERSION is empty"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
{
|
||||||
|
echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')"
|
||||||
|
echo "BUILD_REVISION=${BUILD_REVISION}"
|
||||||
|
echo "BUILD_VERSION=${BUILD_VERSION}"
|
||||||
|
} >> "${GITHUB_ENV}"
|
||||||
|
|
||||||
- name: Free Disk space
|
- name: Free Disk space
|
||||||
shell: bash
|
shell: bash
|
||||||
run: |
|
run: |
|
||||||
sudo rm -rf /usr/local/lib/android
|
sudo rm -rf /usr/local/lib/android
|
||||||
sudo rm -rf /usr/share/dotnet
|
sudo rm -rf /usr/share/dotnet
|
||||||
|
|
||||||
- name: Checkout Code
|
- name: Set up Docker Buildx
|
||||||
uses: actions/checkout@v4
|
uses: docker/setup-buildx-action@v3
|
||||||
|
|
||||||
- name: Retrieve Datetime
|
|
||||||
run: echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> "${GITHUB_ENV}"
|
|
||||||
|
|
||||||
- name: Build Image
|
- name: Build Image
|
||||||
uses: docker/build-push-action@v5
|
uses: docker/build-push-action@v5
|
||||||
|
@ -51,8 +80,8 @@ jobs:
|
||||||
file: ./Dockerfile
|
file: ./Dockerfile
|
||||||
build-args: |
|
build-args: |
|
||||||
BUILD_DATE=${{ env.BUILD_DATE }}
|
BUILD_DATE=${{ env.BUILD_DATE }}
|
||||||
BUILD_REVISION=${{ github.sha }}
|
BUILD_REVISION=${{ env.BUILD_REVISION }}
|
||||||
BUILD_VERSION=${{ github.sha }}
|
BUILD_VERSION=${{ env.BUILD_VERSION }}
|
||||||
load: true
|
load: true
|
||||||
push: false
|
push: false
|
||||||
secrets: |
|
secrets: |
|
||||||
|
@ -110,8 +139,8 @@ jobs:
|
||||||
file: ./Dockerfile
|
file: ./Dockerfile
|
||||||
build-args: |
|
build-args: |
|
||||||
BUILD_DATE=${{ env.BUILD_DATE }}
|
BUILD_DATE=${{ env.BUILD_DATE }}
|
||||||
BUILD_REVISION=${{ github.sha }}
|
BUILD_REVISION=${{ env.BUILD_REVISION }}
|
||||||
BUILD_VERSION=${{ github.sha }}
|
BUILD_VERSION=${{ env.BUILD_VERSION }}
|
||||||
load: false
|
load: false
|
||||||
push: true
|
push: true
|
||||||
secrets: |
|
secrets: |
|
||||||
|
|
49
.github/workflows/ci.yml
vendored
49
.github/workflows/ci.yml
vendored
|
@ -27,12 +27,6 @@ jobs:
|
||||||
CONTAINER_IMAGE_ID: "ghcr.io/super-linter/super-linter:${{ matrix.images.prefix }}latest"
|
CONTAINER_IMAGE_ID: "ghcr.io/super-linter/super-linter:${{ matrix.images.prefix }}latest"
|
||||||
CONTAINER_IMAGE_TARGET: "${{ matrix.images.target }}"
|
CONTAINER_IMAGE_TARGET: "${{ matrix.images.target }}"
|
||||||
steps:
|
steps:
|
||||||
- name: Free Disk space
|
|
||||||
shell: bash
|
|
||||||
run: |
|
|
||||||
sudo rm -rf /usr/local/lib/android
|
|
||||||
sudo rm -rf /usr/share/dotnet
|
|
||||||
|
|
||||||
- name: Checkout Code
|
- name: Checkout Code
|
||||||
uses: actions/checkout@v4
|
uses: actions/checkout@v4
|
||||||
with:
|
with:
|
||||||
|
@ -45,8 +39,43 @@ jobs:
|
||||||
echo "Action file contents:"
|
echo "Action file contents:"
|
||||||
cat action.yml
|
cat action.yml
|
||||||
|
|
||||||
- name: Retrieve Datetime
|
- name: Set build metadata
|
||||||
run: echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> "${GITHUB_ENV}"
|
run: |
|
||||||
|
if [[ ${{ github.event_name }} == 'push' ]] || [[ ${{ github.event_name }} == 'merge_group' ]]; then
|
||||||
|
BUILD_REVISION=${{ github.sha }}
|
||||||
|
BUILD_VERSION=${{ github.sha }}
|
||||||
|
elif [[ ${{ github.event_name }} == 'pull_request' ]]; then
|
||||||
|
BUILD_REVISION=${{ github.event.pull_request.head.sha }}
|
||||||
|
BUILD_VERSION=${{ github.event.pull_request.head.sha }}
|
||||||
|
else
|
||||||
|
echo "[ERROR] Event not supported when setting build revision and build version"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -z "${BUILD_REVISION}" ]; then
|
||||||
|
echo "[ERROR] BUILD_REVISION is empty"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -z "${BUILD_VERSION}" ]; then
|
||||||
|
echo "[ERROR] BUILD_VERSION is empty"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
{
|
||||||
|
echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')"
|
||||||
|
echo "BUILD_REVISION=${BUILD_REVISION}"
|
||||||
|
echo "BUILD_VERSION=${BUILD_VERSION}"
|
||||||
|
} >> "${GITHUB_ENV}"
|
||||||
|
|
||||||
|
- name: Free Disk space
|
||||||
|
shell: bash
|
||||||
|
run: |
|
||||||
|
sudo rm -rf /usr/local/lib/android
|
||||||
|
sudo rm -rf /usr/share/dotnet
|
||||||
|
|
||||||
|
- name: Set up Docker Buildx
|
||||||
|
uses: docker/setup-buildx-action@v3
|
||||||
|
|
||||||
- name: Build Image
|
- name: Build Image
|
||||||
uses: docker/build-push-action@v5
|
uses: docker/build-push-action@v5
|
||||||
|
@ -55,8 +84,8 @@ jobs:
|
||||||
file: ./Dockerfile
|
file: ./Dockerfile
|
||||||
build-args: |
|
build-args: |
|
||||||
BUILD_DATE=${{ env.BUILD_DATE }}
|
BUILD_DATE=${{ env.BUILD_DATE }}
|
||||||
BUILD_REVISION=${{ github.sha }}
|
BUILD_REVISION=${{ env.BUILD_REVISION }}
|
||||||
BUILD_VERSION=${{ github.sha }}
|
BUILD_VERSION=${{ env.BUILD_VERSION }}
|
||||||
load: true
|
load: true
|
||||||
push: false
|
push: false
|
||||||
secrets: |
|
secrets: |
|
||||||
|
|
28
Makefile
28
Makefile
|
@ -4,7 +4,7 @@
|
||||||
all: info docker test ## Run all targets.
|
all: info docker test ## Run all targets.
|
||||||
|
|
||||||
.PHONY: test
|
.PHONY: test
|
||||||
test: info inspec ## Run tests
|
test: info validate-container-image-labels inspec ## Run tests
|
||||||
|
|
||||||
# if this session isn't interactive, then we don't want to allocate a
|
# if this session isn't interactive, then we don't want to allocate a
|
||||||
# TTY, which would fail, but if it is interactive, we do want to attach
|
# TTY, which would fail, but if it is interactive, we do want to attach
|
||||||
|
@ -51,6 +51,18 @@ ifeq ($(SUPER_LINTER_TEST_CONTAINER_URL),)
|
||||||
SUPER_LINTER_TEST_CONTAINER_URL := "ghcr.io/super-linter/super-linter:latest"
|
SUPER_LINTER_TEST_CONTAINER_URL := "ghcr.io/super-linter/super-linter:latest"
|
||||||
endif
|
endif
|
||||||
|
|
||||||
|
ifeq ($(BUILD_DATE),)
|
||||||
|
BUILD_DATE := $(shell date -u +'%Y-%m-%dT%H:%M:%SZ')
|
||||||
|
endif
|
||||||
|
|
||||||
|
ifeq ($(BUILD_REVISION),)
|
||||||
|
BUILD_REVISION := $(shell git rev-parse HEAD)
|
||||||
|
endif
|
||||||
|
|
||||||
|
ifeq ($(BUILD_VERSION),)
|
||||||
|
BUILD_VERSION := $(shell git rev-parse HEAD)
|
||||||
|
endif
|
||||||
|
|
||||||
.PHONY: inspec
|
.PHONY: inspec
|
||||||
inspec: inspec-check ## Run InSpec tests
|
inspec: inspec-check ## Run InSpec tests
|
||||||
DOCKER_CONTAINER_STATE="$$(docker inspect --format "{{.State.Running}}" $(SUPER_LINTER_TEST_CONTAINER_NAME) 2>/dev/null || echo "")"; \
|
DOCKER_CONTAINER_STATE="$$(docker inspect --format "{{.State.Running}}" $(SUPER_LINTER_TEST_CONTAINER_NAME) 2>/dev/null || echo "")"; \
|
||||||
|
@ -75,12 +87,20 @@ inspec: inspec-check ## Run InSpec tests
|
||||||
docker: ## Build the container image
|
docker: ## Build the container image
|
||||||
@if [ -z "${GITHUB_TOKEN}" ]; then echo "GITHUB_TOKEN environment variable not set. Please set your GitHub Personal Access Token."; exit 1; fi
|
@if [ -z "${GITHUB_TOKEN}" ]; then echo "GITHUB_TOKEN environment variable not set. Please set your GitHub Personal Access Token."; exit 1; fi
|
||||||
DOCKER_BUILDKIT=1 docker buildx build --load \
|
DOCKER_BUILDKIT=1 docker buildx build --load \
|
||||||
--build-arg BUILD_DATE=$(shell date -u +'%Y-%m-%dT%H:%M:%SZ') \
|
--build-arg BUILD_DATE=$(BUILD_DATE) \
|
||||||
--build-arg BUILD_REVISION=$(shell git rev-parse --short HEAD) \
|
--build-arg BUILD_REVISION=$(BUILD_REVISION) \
|
||||||
--build-arg BUILD_VERSION=$(shell git rev-parse --short HEAD) \
|
--build-arg BUILD_VERSION=$(BUILD_VERSION) \
|
||||||
--secret id=GITHUB_TOKEN,env=GITHUB_TOKEN \
|
--secret id=GITHUB_TOKEN,env=GITHUB_TOKEN \
|
||||||
-t $(SUPER_LINTER_TEST_CONTAINER_URL) .
|
-t $(SUPER_LINTER_TEST_CONTAINER_URL) .
|
||||||
|
|
||||||
.phony: docker-pull
|
.phony: docker-pull
|
||||||
docker-pull: ## Pull the container image from registry
|
docker-pull: ## Pull the container image from registry
|
||||||
docker pull $(SUPER_LINTER_TEST_CONTAINER_URL)
|
docker pull $(SUPER_LINTER_TEST_CONTAINER_URL)
|
||||||
|
|
||||||
|
.phony: validate-container-image-labels
|
||||||
|
validate-container-image-labels: ## Validate container image labels
|
||||||
|
$(CURDIR)/test/validate-docker-labels.sh \
|
||||||
|
$(SUPER_LINTER_TEST_CONTAINER_URL) \
|
||||||
|
$(BUILD_DATE) \
|
||||||
|
$(BUILD_REVISION) \
|
||||||
|
$(BUILD_VERSION)
|
||||||
|
|
|
@ -127,15 +127,21 @@ a container that is an instance of that container image.
|
||||||
|
|
||||||
You can run the test suite against an arbitrary super-linter container image.
|
You can run the test suite against an arbitrary super-linter container image.
|
||||||
|
|
||||||
Here is an example that runs the test suite against the `standard` flavor of the
|
Here is an example that runs the test suite against the `v5.4.3` container
|
||||||
`v5.4.3` image.
|
image version.
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
CONTAINER_IMAGE_ID="ghcr.io/super-linter/super-linter:v5.4.3" \
|
CONTAINER_IMAGE_ID="ghcr.io/super-linter/super-linter:v5.4.3" \
|
||||||
CONTAINER_IMAGE_TARGET="standard" \
|
BUILD_DATE="2023-10-17T16:19:11Z" \
|
||||||
|
BUILD_REVISION=b0d1acee1f8050d1684a28ddbf8315f81d084fe9 \
|
||||||
|
BUILD_VERSION=b0d1acee1f8050d1684a28ddbf8315f81d084fe9 \
|
||||||
make docker-pull test
|
make docker-pull test
|
||||||
```
|
```
|
||||||
|
|
||||||
|
Initialize the `BUILD_DATE`, `BUILD_REVISION`, and `BUILD_VERSION` variables
|
||||||
|
with the values for that specific container image version. You can get these
|
||||||
|
values from the build log for that version.
|
||||||
|
|
||||||
## Troubleshooting
|
## Troubleshooting
|
||||||
|
|
||||||
### Run container and gain access to the command-line
|
### Run container and gain access to the command-line
|
||||||
|
|
|
@ -1 +0,0 @@
|
||||||
#!/usr/bin/env sh
|
|
31
test/validate-docker-labels.sh
Executable file
31
test/validate-docker-labels.sh
Executable file
|
@ -0,0 +1,31 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
set -o errexit
|
||||||
|
set -o nounset
|
||||||
|
|
||||||
|
CONTAINER_IMAGE_ID="${1}"
|
||||||
|
shift
|
||||||
|
BUILD_DATE="${1}"
|
||||||
|
shift
|
||||||
|
BUILD_REVISION="${1}"
|
||||||
|
shift
|
||||||
|
BUILD_VERSION="${1}"
|
||||||
|
shift
|
||||||
|
|
||||||
|
ValidateLabel() {
|
||||||
|
local LABEL_KEY="$1"
|
||||||
|
local CONTAINER_VALUE="$2"
|
||||||
|
|
||||||
|
LABEL="$(docker inspect --format "{{ index .Config.Labels \"${LABEL_KEY}\" }}" "${CONTAINER_IMAGE_ID}")"
|
||||||
|
|
||||||
|
if [[ "${LABEL}" != "${CONTAINER_VALUE}" ]]; then
|
||||||
|
echo "[ERROR] Invalid container image label: ${LABEL_KEY}: ${LABEL}. Expected: ${CONTAINER_VALUE}"
|
||||||
|
exit 1
|
||||||
|
else
|
||||||
|
echo "${LABEL_KEY} is valid: ${LABEL}. Expected: ${CONTAINER_VALUE}"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
ValidateLabel "org.opencontainers.image.created" "${BUILD_DATE}"
|
||||||
|
ValidateLabel "org.opencontainers.image.revision" "${BUILD_REVISION}"
|
||||||
|
ValidateLabel "org.opencontainers.image.version" "${BUILD_VERSION}"
|
Loading…
Reference in a new issue