mirror of
https://github.com/super-linter/super-linter.git
synced 2024-11-21 08:11:05 -05:00
Validate container image labels (#4926)
* Validate labels and avoid busting the cache * Fix validation * Validate non-empty labels * Add build date back * Don't set build date * Simplify validation script * Enable build cache * Setup buildx * Dynamically set build revision and version * Remove leftover * Disable cache * Add build date back * Add build date back * Fix linting errors * Add checks * Get head SHA * Fix linting errors * Handle merge_group
This commit is contained in:
parent
eb688a090c
commit
9869638131
11 changed files with 141 additions and 1274 deletions
|
@ -1,28 +0,0 @@
|
|||
# .automation
|
||||
|
||||
This folder holds automation scripts to help `deploy` and `cleanup` **DockerHub** images of the **Super-Linter**
|
||||
|
||||
## cleanup-docker.sh
|
||||
|
||||
This script uses **GitHub Actions** so that when a PR is merged and closed, the **GitHub Action** is triggered.
|
||||
It will then search **DockerHub** for the image that was deployed during the development, and remove it.
|
||||
|
||||
## upload-docker.sh
|
||||
|
||||
This script uses **GitHub Actions** so that when a push to the repository is committed, it will complete the following:
|
||||
|
||||
- Checkout the source code
|
||||
- Build the **Docker** container for **Super-Linter** using that source code
|
||||
- Upload the container to **DockerHub**
|
||||
|
||||
When the script is triggered on the main branch, it will push with the tag:**latest** which is used by all scripting for general availability.
|
||||
When the script is triggered in a branch, it will push with the tag:**NameOfBranch** which can be used for:
|
||||
|
||||
- _testing_
|
||||
- _troubleshooting_
|
||||
- _debugging_
|
||||
- **Note:** The branch name will be reduced to alphanumeric for consistency and uploading
|
||||
|
||||
## test
|
||||
|
||||
This folder holds all **Test Cases** to help run the _CI/CT/CD_ process for the **Super-Linter**.
|
|
@ -1,214 +0,0 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
################################################################################
|
||||
############# Clean all code base for additonal testing @admiralawkbar #########
|
||||
################################################################################
|
||||
|
||||
###########
|
||||
# Globals #
|
||||
###########
|
||||
((LOG_TRACE = LOG_DEBUG = LOG_VERBOSE = LOG_NOTICE = LOG_WARN = LOG_ERROR = "true")) # Enable all loging
|
||||
export LOG_TRACE LOG_DEBUG LOG_VERBOSE LOG_NOTICE LOG_WARN LOG_ERROR
|
||||
|
||||
############################
|
||||
# Source additonal scripts #
|
||||
############################
|
||||
# shellcheck source=/dev/null
|
||||
source "${GITHUB_WORKSPACE}/lib/functions/log.sh" # Source the function script(s)
|
||||
|
||||
################################################################################
|
||||
############################ FUNCTIONS BELOW ###################################
|
||||
################################################################################
|
||||
################################################################################
|
||||
#### Function Header ###########################################################
|
||||
Header() {
|
||||
info "-------------------------------------------------------"
|
||||
info "------- GitHub Clean code base of error tests ---------"
|
||||
info "-------------------------------------------------------"
|
||||
}
|
||||
################################################################################
|
||||
#### Function CheckShellErrors #################################################
|
||||
CheckShellErrors() {
|
||||
#######################
|
||||
# Load the error code #
|
||||
#######################
|
||||
ERROR_CODE=$?
|
||||
|
||||
##############################
|
||||
# Check the shell for errors #
|
||||
##############################
|
||||
if [ $ERROR_CODE -ne 0 ]; then
|
||||
error "$1"
|
||||
fatal "$2"
|
||||
fi
|
||||
}
|
||||
################################################################################
|
||||
#### Function CleanTestFiles ###################################################
|
||||
CleanTestFiles() {
|
||||
info "-------------------------------------------------------"
|
||||
info "Finding all tests that are supposed to fail... and removing them..."
|
||||
|
||||
##################
|
||||
# Find the files #
|
||||
##################
|
||||
mapfile -t FIND_CMD < <(
|
||||
cd "${GITHUB_WORKSPACE}" || exit 1
|
||||
find "${GITHUB_WORKSPACE}" -type f -name "*_bad_*" -o -path "*javascript_prettier*" -name "*javascript_good*" 2>&1
|
||||
)
|
||||
|
||||
CheckShellErrors "ERROR! failed to get list of all files!" "ERROR:[${FIND_CMD[*]}]"
|
||||
|
||||
############################################################
|
||||
# Get the directory and validate it came from tests folder #
|
||||
############################################################
|
||||
for FILE in "${FIND_CMD[@]}"; do
|
||||
#####################
|
||||
# Get the directory #
|
||||
#####################
|
||||
FILE_DIR=$(dirname "$FILE" 2>&1)
|
||||
|
||||
##################################
|
||||
# Check if from the tests folder #
|
||||
##################################
|
||||
if [[ $FILE_DIR == **".automation/test"** ]]; then
|
||||
################################
|
||||
# Its a test, we can delete it #
|
||||
################################
|
||||
REMOVE_FILE_CMD=$(
|
||||
cd "${GITHUB_WORKSPACE}" || exit 1
|
||||
sudo rm -f "$FILE" 2>&1
|
||||
)
|
||||
|
||||
CheckShellErrors "ERROR! failed to remove file:[${FILE}]!" "ERROR:[${REMOVE_FILE_CMD[*]}]"
|
||||
fi
|
||||
done
|
||||
}
|
||||
################################################################################
|
||||
#### Function CleanTestDockerFiles #############################################
|
||||
CleanTestDockerFiles() {
|
||||
info "-------------------------------------------------------"
|
||||
info "Finding all tests that are supposed to fail for Docker... and removing them..."
|
||||
|
||||
##################
|
||||
# Find the files #
|
||||
##################
|
||||
mapfile -t FIND_CMD < <(
|
||||
cd "${GITHUB_WORKSPACE}" || exit 1
|
||||
find "${GITHUB_WORKSPACE}" -type f -name "*Dockerfile" -o -name "*.dockerignore" 2>&1
|
||||
)
|
||||
|
||||
CheckShellErrors "ERROR! failed to get list of all file for Docker!" "ERROR:[${FIND_CMD[*]}]"
|
||||
|
||||
############################################################
|
||||
# Get the directory and validate it came from tests folder #
|
||||
############################################################
|
||||
for FILE in "${FIND_CMD[@]}"; do
|
||||
#####################
|
||||
# Get the directory #
|
||||
#####################
|
||||
FILE_DIR=$(dirname "$FILE" 2>&1)
|
||||
|
||||
##################################
|
||||
# Check if from the tests folder #
|
||||
##################################
|
||||
if [[ $FILE_DIR != **".automation/test/docker/good"** ]]; then
|
||||
################################
|
||||
# Its a test, we can delete it #
|
||||
################################
|
||||
REMOVE_FILE_CMD=$(
|
||||
cd "${GITHUB_WORKSPACE}" || exit 1
|
||||
sudo rm -f "$FILE" 2>&1
|
||||
)
|
||||
|
||||
CheckShellErrors "ERROR! failed to remove file:[${FILE}]!" "ERROR:[${REMOVE_FILE_CMD[*]}]"
|
||||
fi
|
||||
done
|
||||
}
|
||||
################################################################################
|
||||
#### Function CleanSHAFolder ###################################################
|
||||
CleanSHAFolder() {
|
||||
info "-------------------------------------------------------"
|
||||
info "Cleaning folder named:[${GITHUB_SHA}] if it exists"
|
||||
|
||||
##################
|
||||
# Find the files #
|
||||
##################
|
||||
REMOVE_CMD=$(
|
||||
cd "${GITHUB_WORKSPACE}" || exit 1
|
||||
sudo rm -rf "${GITHUB_SHA}" 2>&1
|
||||
)
|
||||
|
||||
CheckShellErrors "ERROR! Failed to remove folder:[${GITHUB_SHA}]!" "ERROR:[${REMOVE_CMD}]"
|
||||
}
|
||||
################################################################################
|
||||
#### Function CleanPowershell ##################################################
|
||||
CleanPowershell() {
|
||||
# Need to remove the .psd1 templates as they are formally parsed,
|
||||
# and will fail with missing modules
|
||||
|
||||
info "-------------------------------------------------------"
|
||||
info "Finding powershell template files... and removing them..."
|
||||
|
||||
##################
|
||||
# Find the files #
|
||||
##################
|
||||
mapfile -t FIND_CMD < <(
|
||||
cd "${GITHUB_WORKSPACE}" || exit 1
|
||||
find "${GITHUB_WORKSPACE}" -type f -name "*.psd1" 2>&1
|
||||
)
|
||||
|
||||
CheckShellErrors "ERROR! failed to get list of all file for *.psd1!" "ERROR:[${FIND_CMD[*]}]"
|
||||
|
||||
############################################################
|
||||
# Get the directory and validate it came from tests folder #
|
||||
############################################################
|
||||
for FILE in "${FIND_CMD[@]}"; do
|
||||
#####################
|
||||
# Get the directory #
|
||||
#####################
|
||||
FILE_DIR=$(dirname "$FILE" 2>&1)
|
||||
|
||||
##################################
|
||||
# Check if from the tests folder #
|
||||
##################################
|
||||
if [[ $FILE_DIR == **"TEMPLATES"** ]]; then
|
||||
################################
|
||||
# Its a test, we can delete it #
|
||||
################################
|
||||
REMOVE_FILE_CMD=$(
|
||||
cd "${GITHUB_WORKSPACE}" || exit 1
|
||||
sudo rm -f "$FILE" 2>&1
|
||||
)
|
||||
|
||||
CheckShellErrors "ERROR! failed to remove file:[${FILE}]!" "ERROR:[${REMOVE_FILE_CMD[*]}]"
|
||||
fi
|
||||
done
|
||||
}
|
||||
################################################################################
|
||||
################################## MAIN ########################################
|
||||
################################################################################
|
||||
|
||||
##########
|
||||
# Header #
|
||||
##########
|
||||
Header
|
||||
|
||||
####################
|
||||
# Clean test files #
|
||||
####################
|
||||
CleanTestFiles
|
||||
|
||||
###############################
|
||||
# Clean the test docker files #
|
||||
###############################
|
||||
CleanTestDockerFiles
|
||||
|
||||
###############################
|
||||
# Remove sha folder if exists #
|
||||
###############################
|
||||
CleanSHAFolder
|
||||
|
||||
##############################
|
||||
# Clean Powershell templates #
|
||||
##############################
|
||||
CleanPowershell
|
|
@ -1,248 +0,0 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
################################################################################
|
||||
############# Cleanup Image on DockerHub @admiralawkbar ########################
|
||||
################################################################################
|
||||
|
||||
# NOTES: This script is used to remove a tagged image on DockerHub
|
||||
# Its based on being built from a GitHub Action, but could be easily updated
|
||||
# To be ran in a different medium.
|
||||
#
|
||||
# PRE-Requirements:
|
||||
# - Dockerfile
|
||||
# - System with Docker installed
|
||||
# - Global variables met
|
||||
|
||||
###########
|
||||
# Globals #
|
||||
###########
|
||||
((LOG_TRACE = LOG_DEBUG = LOG_VERBOSE = LOG_NOTICE = LOG_WARN = LOG_ERROR = "true")) # Enable all loging
|
||||
export LOG_TRACE LOG_DEBUG LOG_VERBOSE LOG_NOTICE LOG_WARN LOG_ERROR
|
||||
|
||||
#########################
|
||||
# Source Function Files #
|
||||
#########################
|
||||
# shellcheck source=/dev/null
|
||||
source "${GITHUB_WORKSPACE}/lib/functions/log.sh" # Source the function script(s)
|
||||
|
||||
################################################################################
|
||||
############################ FUNCTIONS BELOW ###################################
|
||||
################################################################################
|
||||
################################################################################
|
||||
#### Function Header ###########################################################
|
||||
Header() {
|
||||
info "-------------------------------------------------------"
|
||||
info "----- GitHub Actions remove image from DockerHub ------"
|
||||
info "-------------------------------------------------------"
|
||||
}
|
||||
################################################################################
|
||||
#### Function ValidateInput ####################################################
|
||||
ValidateInput() {
|
||||
# Need to validate we have the basic variables
|
||||
################
|
||||
# Print header #
|
||||
################
|
||||
info "----------------------------------------------"
|
||||
info "Gathering variables..."
|
||||
info "----------------------------------------------"
|
||||
|
||||
############################
|
||||
# Validate GITHUB_WORKSPACE #
|
||||
############################
|
||||
if [ -z "${GITHUB_WORKSPACE}" ]; then
|
||||
error "Failed to get [GITHUB_WORKSPACE]!"
|
||||
fatal "[${GITHUB_WORKSPACE}]"
|
||||
else
|
||||
info "Successfully found:[GITHUB_WORKSPACE], value:[${GITHUB_WORKSPACE}]"
|
||||
fi
|
||||
|
||||
#######################
|
||||
# Validate IMAGE_REPO #
|
||||
#######################
|
||||
if [ -z "${IMAGE_REPO}" ]; then
|
||||
# No repo was pulled
|
||||
error "Failed to get [IMAGE_REPO]!"
|
||||
fatal "[${IMAGE_REPO}]"
|
||||
elif [[ ${IMAGE_REPO} == "super-linter/super-linter" ]]; then
|
||||
# Found our main repo
|
||||
info "Successfully found:[IMAGE_REPO], value:[${IMAGE_REPO}]"
|
||||
else
|
||||
# This is a fork and we cant pull vars or any info
|
||||
warn "No image to cleanup as this is a forked branch, and not being built with current automation!"
|
||||
exit 0
|
||||
fi
|
||||
|
||||
##########################
|
||||
# Validate IMAGE_VERSION #
|
||||
##########################
|
||||
if [ -z "${IMAGE_VERSION}" ]; then
|
||||
error "Failed to get [IMAGE_VERSION]!"
|
||||
fatal "[${IMAGE_VERSION}]"
|
||||
else
|
||||
info "Successfully found:[IMAGE_VERSION], value:[${IMAGE_VERSION}]"
|
||||
fi
|
||||
|
||||
############################
|
||||
# Validate DOCKER_USERNAME #
|
||||
############################
|
||||
if [ -z "${DOCKER_USERNAME}" ]; then
|
||||
error "Failed to get [DOCKER_USERNAME]!"
|
||||
fatal "[${DOCKER_USERNAME}]"
|
||||
else
|
||||
info "Successfully found:[DOCKER_USERNAME], value:[${DOCKER_USERNAME}]"
|
||||
fi
|
||||
|
||||
############################
|
||||
# Validate DOCKER_PASSWORD #
|
||||
############################
|
||||
if [ -z "${DOCKER_PASSWORD}" ]; then
|
||||
error "Failed to get [DOCKER_PASSWORD]!"
|
||||
fatal "[${DOCKER_PASSWORD}]"
|
||||
else
|
||||
info "Successfully found:[DOCKER_PASSWORD], value:[********]"
|
||||
fi
|
||||
|
||||
##################################################
|
||||
# Check if we need to get the name of the branch #
|
||||
##################################################
|
||||
if [[ ${IMAGE_VERSION} != "latest" ]]; then
|
||||
##################################
|
||||
# Remove non alpha-numeric chars #
|
||||
##################################
|
||||
IMAGE_VERSION=$(echo "${IMAGE_VERSION}" | tr -cd '[:alnum:]')
|
||||
else
|
||||
#############################################
|
||||
# Image is 'latest' and we will not destroy #
|
||||
#############################################
|
||||
error "Image Tag is set to:[latest]..."
|
||||
error "We will never destroy latest..."
|
||||
fatal "Bye!"
|
||||
fi
|
||||
}
|
||||
################################################################################
|
||||
#### Function LoginToDocker ####################################################
|
||||
LoginToDocker() {
|
||||
################
|
||||
# Print header #
|
||||
################
|
||||
info "----------------------------------------------"
|
||||
info "Login to DockerHub..."
|
||||
info "----------------------------------------------"
|
||||
|
||||
######################
|
||||
# Login to DockerHub #
|
||||
######################
|
||||
LOGIN_CMD=$(docker login --username "${DOCKER_USERNAME}" --password "${DOCKER_PASSWORD}" 2>&1)
|
||||
|
||||
#######################
|
||||
# Load the error code #
|
||||
#######################
|
||||
ERROR_CODE=$?
|
||||
|
||||
##############################
|
||||
# Check the shell for errors #
|
||||
##############################
|
||||
if [ ${ERROR_CODE} -ne 0 ]; then
|
||||
# ERROR
|
||||
error "Failed to authenticate to DockerHub!"
|
||||
fatal "[${LOGIN_CMD}]"
|
||||
else
|
||||
# SUCCESS
|
||||
info "Successfully authenticated to DockerHub!"
|
||||
fi
|
||||
}
|
||||
################################################################################
|
||||
#### Function RemoveImage ######################################################
|
||||
RemoveImage() {
|
||||
################
|
||||
# Print header #
|
||||
################
|
||||
info "----------------------------------------------"
|
||||
info "Removing the DockerFile image:[${IMAGE_REPO}:${IMAGE_VERSION}]"
|
||||
info "----------------------------------------------"
|
||||
|
||||
#####################################
|
||||
# Create Token to auth to DockerHub #
|
||||
#####################################
|
||||
TOKEN=$(curl -s -k \
|
||||
-H "Content-Type: application/json" \
|
||||
-X POST \
|
||||
-d "{\"username\": \"${DOCKER_USERNAME}\", \"password\": \"${DOCKER_PASSWORD}\"}" \
|
||||
"https://hub.docker.com/v2/users/login/" | jq -r .token 2>&1)
|
||||
|
||||
#######################
|
||||
# Load the ERROR_CODE #
|
||||
#######################
|
||||
ERROR_CODE=$?
|
||||
|
||||
##############################
|
||||
# Check the shell for errors #
|
||||
##############################
|
||||
if [ ${ERROR_CODE} -ne 0 ]; then
|
||||
# ERROR
|
||||
error "Failed to gain token from DockerHub!"
|
||||
fatal "[${TOKEN}]"
|
||||
else
|
||||
# SUCCESS
|
||||
info "Successfully gained auth token from DockerHub!"
|
||||
fi
|
||||
|
||||
#################################
|
||||
# Remove the tag from DockerHub #
|
||||
#################################
|
||||
REMOVE_CMD=$(curl "https://hub.docker.com/v2/repositories/${IMAGE_REPO}/tags/${IMAGE_VERSION}/" \
|
||||
-X DELETE \
|
||||
-H "Authorization: JWT ${TOKEN}" 2>&1)
|
||||
|
||||
#######################
|
||||
# Load the ERROR_CODE #
|
||||
#######################
|
||||
ERROR_CODE=$?
|
||||
|
||||
##############################
|
||||
# Check the shell for errors #
|
||||
##############################
|
||||
if [ ${ERROR_CODE} -ne 0 ]; then
|
||||
# ERROR
|
||||
error "Failed to remove tag from DockerHub!"
|
||||
fatal "[${REMOVE_CMD}]"
|
||||
else
|
||||
# SUCCESS
|
||||
info "Successfully [removed] Docker image tag:[${IMAGE_VERSION}] from DockerHub!"
|
||||
fi
|
||||
}
|
||||
################################################################################
|
||||
#### Function Footer ###########################################################
|
||||
Footer() {
|
||||
info "-------------------------------------------------------"
|
||||
info "The step has completed"
|
||||
info "-------------------------------------------------------"
|
||||
}
|
||||
################################################################################
|
||||
################################## MAIN ########################################
|
||||
################################################################################
|
||||
|
||||
##########
|
||||
# Header #
|
||||
##########
|
||||
Header
|
||||
|
||||
##################
|
||||
# Validate Input #
|
||||
##################
|
||||
ValidateInput
|
||||
|
||||
######################
|
||||
# Login to DockerHub #
|
||||
######################
|
||||
LoginToDocker
|
||||
|
||||
####################
|
||||
# Remove the image #
|
||||
####################
|
||||
RemoveImage
|
||||
|
||||
##########
|
||||
# Footer #
|
||||
##########
|
||||
Footer
|
|
@ -1,643 +0,0 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
################################################################################
|
||||
############# Deploy Container to DockerHub @admiralawkbar #####################
|
||||
################################################################################
|
||||
|
||||
# NOTES: This script is used to upload a Dockerfile to DockerHub
|
||||
# under the GitHub organization
|
||||
# Its based on being built from a GitHub Action, but could be easily updated
|
||||
# To be ran in a different medium.
|
||||
#
|
||||
# PRE-Requirements:
|
||||
# - Dockerfile
|
||||
# - System with Docker installed
|
||||
# - Global variables met
|
||||
|
||||
###########
|
||||
# Globals #
|
||||
###########
|
||||
# GITHUB_WORKSPACE="${GITHUB_WORKSPACE}" # GitHub Workspace
|
||||
# GITHUB_REPOSITORY="${GITHUB_REPOSITORY}" # GitHub Org/Repo passed from system
|
||||
# DOCKER_USERNAME="${DOCKER_USERNAME}" # Username to login to DockerHub
|
||||
# DOCKER_PASSWORD="${DOCKER_PASSWORD}" # Password to login to DockerHub
|
||||
# GCR_USERNAME="${GCR_USERNAME}" # Username to login to GitHub package registry
|
||||
# GCR_TOKEN="${GCR_TOKEN}" # Password to login to GitHub package registry
|
||||
# REGISTRY="${REGISTRY}" # What registry to upload | <GCR> or <Docker>
|
||||
# IMAGE_REPO="${IMAGE_REPO}" # Image repo to upload the image
|
||||
# IMAGE_VERSION="${IMAGE_VERSION}" # Version to tag the image
|
||||
# DOCKERFILE_PATH="${DOCKERFILE_PATH}" # Path to the Dockerfile to be uploaded
|
||||
MAJOR_TAG='' # Major tag version if we need to update it
|
||||
UPDATE_MAJOR_TAG=0 # Flag to deploy the major tag version as well
|
||||
GCR_URL='ghcr.io' # URL to Github Container Registry
|
||||
DOCKER_IMAGE_REPO='' # Docker tag for the image when created
|
||||
GCR_IMAGE_REPO='' # Docker tag for the image when created
|
||||
FOUND_IMAGE=0 # Flag for if the image has already been built
|
||||
CONTAINER_URL='' # Final URL to upload
|
||||
|
||||
###########################################################
|
||||
# Dynamic build variables to pass to container when built #
|
||||
###########################################################
|
||||
BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ') # Current build date EX> "2017-08-28T09:24:41Z"
|
||||
BUILD_REVISION=$(git rev-parse --short HEAD) # Current git commit EX> "e89faa7"
|
||||
BUILD_VERSION='' # Current version of the container being built
|
||||
((LOG_TRACE = LOG_DEBUG = LOG_VERBOSE = LOG_NOTICE = LOG_WARN = LOG_ERROR = "true")) # Enable all loging
|
||||
export LOG_TRACE LOG_DEBUG LOG_VERBOSE LOG_NOTICE LOG_WARN LOG_ERROR
|
||||
|
||||
#########################
|
||||
# Source Function Files #
|
||||
#########################
|
||||
# shellcheck source=/dev/null
|
||||
source "${GITHUB_WORKSPACE}/lib/functions/log.sh" # Source the function script(s)
|
||||
|
||||
################################################################################
|
||||
############################ FUNCTIONS BELOW ###################################
|
||||
################################################################################
|
||||
################################################################################
|
||||
#### Function Header ###########################################################
|
||||
Header() {
|
||||
info "-------------------------------------------------------"
|
||||
info "---- GitHub Actions Upload image to [${REGISTRY}] ----"
|
||||
info "-------------------------------------------------------"
|
||||
}
|
||||
################################################################################
|
||||
#### Function ValidateInput ####################################################
|
||||
ValidateInput() {
|
||||
# Need to validate we have the basic variables
|
||||
################
|
||||
# Print header #
|
||||
################
|
||||
info "----------------------------------------------"
|
||||
info "Gathering variables..."
|
||||
info "----------------------------------------------"
|
||||
|
||||
#############################
|
||||
# Validate GITHUB_WORKSPACE #
|
||||
#############################
|
||||
if [ -z "${GITHUB_WORKSPACE}" ]; then
|
||||
error "Failed to get [GITHUB_WORKSPACE]!"
|
||||
fatal "[${GITHUB_WORKSPACE}]"
|
||||
else
|
||||
info "Successfully found:${F[W]}[GITHUB_WORKSPACE]${F[B]}, value:${F[W]}[${GITHUB_WORKSPACE}]"
|
||||
fi
|
||||
|
||||
#####################
|
||||
# Validate REGISTRY #
|
||||
#####################
|
||||
if [ -z "${REGISTRY}" ]; then
|
||||
error "Failed to get [REGISTRY]!"
|
||||
fatal "[${REGISTRY}]"
|
||||
else
|
||||
info "Successfully found:${F[W]}[REGISTRY]${F[B]}, value:${F[W]}[${REGISTRY}]"
|
||||
fi
|
||||
|
||||
#####################################################
|
||||
# See if we need values for GitHub package Registry #
|
||||
#####################################################
|
||||
if [[ ${REGISTRY} == "GCR" ]]; then
|
||||
#########################
|
||||
# Validate GCR_USERNAME #
|
||||
#########################
|
||||
if [ -z "${GCR_USERNAME}" ]; then
|
||||
error "Failed to get [GCR_USERNAME]!"
|
||||
fatal "[${GCR_USERNAME}]"
|
||||
else
|
||||
info "Successfully found:${F[W]}[GCR_USERNAME]${F[B]}, value:${F[W]}[${GCR_USERNAME}]"
|
||||
fi
|
||||
|
||||
######################
|
||||
# Validate GCR_TOKEN #
|
||||
######################
|
||||
if [ -z "${GCR_TOKEN}" ]; then
|
||||
error "Failed to get [GCR_TOKEN]!"
|
||||
fatal "[${GCR_TOKEN}]"
|
||||
else
|
||||
info "Successfully found:${F[W]}[GCR_TOKEN]${F[B]}, value:${F[W]}[********]"
|
||||
fi
|
||||
########################################
|
||||
# See if we need values for Ducker hub #
|
||||
########################################
|
||||
elif [[ ${REGISTRY} == "Docker" ]]; then
|
||||
############################
|
||||
# Validate DOCKER_USERNAME #
|
||||
############################
|
||||
if [ -z "${DOCKER_USERNAME}" ]; then
|
||||
error "Failed to get [DOCKER_USERNAME]!"
|
||||
fatal "[${DOCKER_USERNAME}]"
|
||||
else
|
||||
info "Successfully found:${F[W]}[DOCKER_USERNAME]${F[B]}, value:${F[W]}[${DOCKER_USERNAME}]"
|
||||
fi
|
||||
|
||||
############################
|
||||
# Validate DOCKER_PASSWORD #
|
||||
############################
|
||||
if [ -z "${DOCKER_PASSWORD}" ]; then
|
||||
error "Failed to get [DOCKER_PASSWORD]!"
|
||||
fatal "[${DOCKER_PASSWORD}]"
|
||||
else
|
||||
info "Successfully found:${F[W]}[DOCKER_PASSWORD]${F[B]}, value:${F[B]}[********]"
|
||||
fi
|
||||
###########################################
|
||||
# We were not passed a registry to update #
|
||||
###########################################
|
||||
else
|
||||
error "Failed to find a valid registry!"
|
||||
fatal "Registry:[${REGISTRY}]"
|
||||
fi
|
||||
|
||||
#######################
|
||||
# Validate IMAGE_REPO #
|
||||
#######################
|
||||
if [ -z "${IMAGE_REPO}" ]; then
|
||||
error "Failed to get [IMAGE_REPO]!"
|
||||
fatal "[${IMAGE_REPO}]"
|
||||
else
|
||||
info "Successfully found:${F[W]}[IMAGE_REPO]${F[B]}, value:${F[W]}[${IMAGE_REPO}]"
|
||||
# Set the docker Image repo and GCR image repo
|
||||
DOCKER_IMAGE_REPO="${IMAGE_REPO}"
|
||||
GCR_IMAGE_REPO="${GCR_URL}/${IMAGE_REPO}"
|
||||
#########################
|
||||
# Set the container URL #
|
||||
#########################
|
||||
if [[ ${REGISTRY} == "Docker" ]]; then
|
||||
CONTAINER_URL="${DOCKER_IMAGE_REPO}"
|
||||
elif [[ ${REGISTRY} == "GCR" ]]; then
|
||||
CONTAINER_URL="${GCR_IMAGE_REPO}"
|
||||
fi
|
||||
fi
|
||||
|
||||
##########################
|
||||
# Validate IMAGE_VERSION #
|
||||
##########################
|
||||
if [ -z "${IMAGE_VERSION}" ]; then
|
||||
warn "Failed to get [IMAGE_VERSION]!"
|
||||
info "Pulling from Branch Name..."
|
||||
##############################
|
||||
# Get the name of the branch #
|
||||
##############################
|
||||
BRANCH_NAME=$(git -C "${GITHUB_WORKSPACE}" branch --contains "${GITHUB_SHA}" | awk '{print $2}' 2>&1)
|
||||
|
||||
#######################
|
||||
# Load the error code #
|
||||
#######################
|
||||
ERROR_CODE=$?
|
||||
|
||||
##############################
|
||||
# Check the shell for errors #
|
||||
##############################
|
||||
if [ ${ERROR_CODE} -ne 0 ]; then
|
||||
error "Failed to get branch name!"
|
||||
fatal "[${BRANCH_NAME}]"
|
||||
fi
|
||||
|
||||
##################################
|
||||
# Remove non alpha-numeric chars #
|
||||
##################################
|
||||
BRANCH_NAME=$(echo "${BRANCH_NAME}" | tr -cd '[:alnum:]')
|
||||
|
||||
############################################
|
||||
# Set the IMAGE_VERSION to the BRANCH_NAME #
|
||||
############################################
|
||||
IMAGE_VERSION="${BRANCH_NAME}"
|
||||
BUILD_VERSION="${IMAGE_VERSION}"
|
||||
info "Tag:[${IMAGE_VERSION}]"
|
||||
else
|
||||
info "Successfully found:${F[W]}[IMAGE_VERSION]${F[B]}, value:${F[W]}[${IMAGE_VERSION}]"
|
||||
#########################
|
||||
# Set the build version #
|
||||
#########################
|
||||
BUILD_VERSION="${IMAGE_VERSION}"
|
||||
fi
|
||||
|
||||
##################################
|
||||
# Set regex for getting tag info #
|
||||
##################################
|
||||
REGEX='(v[0-9]+\.[0-9]+\.[0-9]+)' # Matches 'v1.2.3'
|
||||
|
||||
######################################################################
|
||||
# Check if this is a latest to a versioned release at create new tag #
|
||||
######################################################################
|
||||
if [[ ${IMAGE_VERSION} =~ ${REGEX} ]]; then
|
||||
# Need to get the major version, and set flag to update
|
||||
|
||||
#####################
|
||||
# Set the major tag #
|
||||
#####################
|
||||
MAJOR_TAG=$(echo "${IMAGE_VERSION}" | cut -d '.' -f1)
|
||||
|
||||
###################################
|
||||
# Set flag for updating major tag #
|
||||
###################################
|
||||
UPDATE_MAJOR_TAG=1
|
||||
|
||||
info "- Also deploying a major tag of:[${MAJOR_TAG}]"
|
||||
fi
|
||||
|
||||
############################
|
||||
# Validate DOCKERFILE_PATH #
|
||||
############################
|
||||
if [ -z "${DOCKERFILE_PATH}" ]; then
|
||||
error "Failed to get [DOCKERFILE_PATH]!"
|
||||
fatal "[${DOCKERFILE_PATH}]"
|
||||
else
|
||||
info "Successfully found:${F[W]}[DOCKERFILE_PATH]${F[B]}, value:${F[W]}[${DOCKERFILE_PATH}]"
|
||||
fi
|
||||
}
|
||||
################################################################################
|
||||
#### Function Authenticate #####################################################
|
||||
Authenticate() {
|
||||
################
|
||||
# Pull in Vars #
|
||||
################
|
||||
USERNAME="${1}" # Name to auth with
|
||||
PASSWORD="${2}" # Password to auth with
|
||||
URL="${3}" # Url to auth towards
|
||||
NAME="${4}" # name of the service
|
||||
|
||||
################
|
||||
# Print header #
|
||||
################
|
||||
info "----------------------------------------------"
|
||||
info "Login to ${NAME}..."
|
||||
info "----------------------------------------------"
|
||||
|
||||
###################
|
||||
# Auth to service #
|
||||
###################
|
||||
LOGIN_CMD=$(docker login "${URL}" --username "${USERNAME}" --password "${PASSWORD}" 2>&1)
|
||||
|
||||
#######################
|
||||
# Load the error code #
|
||||
#######################
|
||||
ERROR_CODE=$?
|
||||
|
||||
##############################
|
||||
# Check the shell for errors #
|
||||
##############################
|
||||
if [ ${ERROR_CODE} -ne 0 ]; then
|
||||
# ERROR
|
||||
error "Failed to authenticate to ${NAME}!"
|
||||
fatal "[${LOGIN_CMD}]"
|
||||
else
|
||||
# SUCCESS
|
||||
info "Successfully authenticated to ${F[C]}${NAME}${F[B]}!"
|
||||
fi
|
||||
}
|
||||
################################################################################
|
||||
#### Function BuildImage #######################################################
|
||||
BuildImage() {
|
||||
################
|
||||
# Print header #
|
||||
################
|
||||
info "----------------------------------------------"
|
||||
info "Building the Dockerfile image..."
|
||||
info "----------------------------------------------"
|
||||
|
||||
################################
|
||||
# Validate the DOCKERFILE_PATH #
|
||||
################################
|
||||
if [ ! -f "${DOCKERFILE_PATH}" ]; then
|
||||
# No file found
|
||||
error "failed to find Dockerfile at:[${DOCKERFILE_PATH}]"
|
||||
error "Please make sure you give full path!"
|
||||
fatal "Example:[/configs/Dockerfile] or [Dockerfile] if at root directory"
|
||||
fi
|
||||
|
||||
###################
|
||||
# Build the image #
|
||||
###################
|
||||
docker build --no-cache --build-arg "BUILD_DATE=${BUILD_DATE}" --build-arg "BUILD_REVISION=${BUILD_REVISION}" --build-arg "BUILD_VERSION=${BUILD_VERSION}" -t "${CONTAINER_URL}:${IMAGE_VERSION}" -f "${DOCKERFILE_PATH}" . 2>&1
|
||||
|
||||
#######################
|
||||
# Load the error code #
|
||||
#######################
|
||||
ERROR_CODE=$?
|
||||
|
||||
##############################
|
||||
# Check the shell for errors #
|
||||
##############################
|
||||
if [ ${ERROR_CODE} -ne 0 ]; then
|
||||
# ERROR
|
||||
fatal "failed to [build] Dockerfile!"
|
||||
else
|
||||
# SUCCESS
|
||||
info "Successfully Built image!"
|
||||
fi
|
||||
|
||||
########################################################
|
||||
# Need to see if we need to tag a major update as well #
|
||||
########################################################
|
||||
if [ ${UPDATE_MAJOR_TAG} -eq 1 ]; then
|
||||
# Tag the image with the major tag as well
|
||||
docker build --build-arg "BUILD_DATE=${BUILD_DATE}" --build-arg "BUILD_REVISION=${BUILD_REVISION}" --build-arg "BUILD_VERSION=${MAJOR_TAG}" -t "${CONTAINER_URL}:${MAJOR_TAG}" -f "${DOCKERFILE_PATH}" . 2>&1
|
||||
|
||||
#######################
|
||||
# Load the error code #
|
||||
#######################
|
||||
ERROR_CODE=$?
|
||||
|
||||
##############################
|
||||
# Check the shell for errors #
|
||||
##############################
|
||||
if [ ${ERROR_CODE} -ne 0 ]; then
|
||||
# ERROR
|
||||
fatal "failed to [tag] Dockerfile!"
|
||||
else
|
||||
# SUCCESS
|
||||
info "Successfully tagged image!"
|
||||
fi
|
||||
fi
|
||||
|
||||
#########################
|
||||
# Set var to be updated #
|
||||
#########################
|
||||
ADDITONAL_URL=''
|
||||
|
||||
####################################
|
||||
# Set the additional container URL #
|
||||
####################################
|
||||
if [[ ${REGISTRY} == "Docker" ]]; then
|
||||
ADDITONAL_URL="${GCR_IMAGE_REPO}"
|
||||
elif [[ ${REGISTRY} == "GCR" ]]; then
|
||||
ADDITONAL_URL="${DOCKER_IMAGE_REPO}"
|
||||
fi
|
||||
|
||||
###################
|
||||
# Build the image #
|
||||
###################
|
||||
docker build --build-arg "BUILD_DATE=${BUILD_DATE}" --build-arg "BUILD_REVISION=${BUILD_REVISION}" --build-arg "BUILD_VERSION=${BUILD_VERSION}" -t "${ADDITONAL_URL}:${IMAGE_VERSION}" -f "${DOCKERFILE_PATH}" . 2>&1
|
||||
|
||||
#######################
|
||||
# Load the error code #
|
||||
#######################
|
||||
ERROR_CODE=$?
|
||||
|
||||
##############################
|
||||
# Check the shell for errors #
|
||||
##############################
|
||||
if [ ${ERROR_CODE} -ne 0 ]; then
|
||||
# ERROR
|
||||
fatal "failed to [tag] Version:[${IMAGE_VERSION}] Additonal location Dockerfile!"
|
||||
else
|
||||
# SUCCESS
|
||||
info "Successfull [tag] Version:[${IMAGE_VERSION}] of additonal image!"
|
||||
fi
|
||||
|
||||
########################################################
|
||||
# Need to see if we need to tag a major update as well #
|
||||
########################################################
|
||||
if [ ${UPDATE_MAJOR_TAG} -eq 1 ]; then
|
||||
###################
|
||||
# Build the image #
|
||||
###################
|
||||
docker build --build-arg "BUILD_DATE=${BUILD_DATE}" --build-arg "BUILD_REVISION=${BUILD_REVISION}" --build-arg "BUILD_VERSION=${MAJOR_TAG}" -t "${ADDITONAL_URL}:${MAJOR_TAG}" -f "${DOCKERFILE_PATH}" . 2>&1
|
||||
|
||||
#######################
|
||||
# Load the error code #
|
||||
#######################
|
||||
ERROR_CODE=$?
|
||||
|
||||
##############################
|
||||
# Check the shell for errors #
|
||||
##############################
|
||||
if [ ${ERROR_CODE} -ne 0 ]; then
|
||||
# ERROR
|
||||
fatal "failed to [tag] Version:[${MAJOR_TAG}]Additonal location Dockerfile!"
|
||||
else
|
||||
# SUCCESS
|
||||
info "Successfull [tag] Version:[${MAJOR_TAG}] of additonal image!"
|
||||
fi
|
||||
fi
|
||||
}
|
||||
################################################################################
|
||||
#### Function UploadImage ######################################################
|
||||
UploadImage() {
|
||||
################
|
||||
# Print header #
|
||||
################
|
||||
info "----------------------------------------------"
|
||||
info "Uploading the DockerFile image to ${REGISTRY}..."
|
||||
info "----------------------------------------------"
|
||||
|
||||
############################################
|
||||
# Upload the docker image that was created #
|
||||
############################################
|
||||
docker push "${CONTAINER_URL}:${IMAGE_VERSION}" 2>&1
|
||||
|
||||
#######################
|
||||
# Load the error code #
|
||||
#######################
|
||||
ERROR_CODE=$?
|
||||
|
||||
##############################
|
||||
# Check the shell for errors #
|
||||
##############################
|
||||
if [ ${ERROR_CODE} -ne 0 ]; then
|
||||
# ERROR
|
||||
fatal "failed to [upload] Dockerfile!"
|
||||
else
|
||||
# SUCCESS
|
||||
info "Successfully Uploaded Docker image:${F[W]}[${IMAGE_VERSION}]${F[B]} to ${F[C]}${REGISTRY}${F[B]}!"
|
||||
fi
|
||||
|
||||
#########################
|
||||
# Get Image information #
|
||||
#########################
|
||||
IFS=$'\n' # Set the delimit to newline
|
||||
GET_INFO_CMD=$(docker images | grep "${CONTAINER_URL}" | grep "${IMAGE_VERSION}" 2>&1)
|
||||
|
||||
#######################
|
||||
# Load the error code #
|
||||
#######################
|
||||
ERROR_CODE=$?
|
||||
|
||||
##############################
|
||||
# Check the shell for errors #
|
||||
##############################
|
||||
if [ ${ERROR_CODE} -ne 0 ]; then
|
||||
# ERROR
|
||||
error "Failed to get information about built Image!"
|
||||
fatal "[${GET_INFO_CMD}]"
|
||||
else
|
||||
################
|
||||
# Get the data #
|
||||
################
|
||||
REPO=$(echo "${GET_INFO_CMD}" | awk '{print $1}')
|
||||
TAG=$(echo "${GET_INFO_CMD}" | awk '{print $2}')
|
||||
IMAGE_ID=$(echo "${GET_INFO_CMD}" | awk '{print $3}')
|
||||
SIZE="${GET_INFO_CMD##* }"
|
||||
|
||||
###################
|
||||
# Print the goods #
|
||||
###################
|
||||
info "----------------------------------------------"
|
||||
info "Docker Image Details:"
|
||||
info "Repository:[${REPO}]"
|
||||
info "Tag:[${TAG}]"
|
||||
info "Image_ID:[${IMAGE_ID}]"
|
||||
info "Size:[${SIZE}]"
|
||||
info "----------------------------------------------"
|
||||
fi
|
||||
|
||||
###############################################################
|
||||
# Check if we need to upload the major tagged version as well #
|
||||
###############################################################
|
||||
if [ ${UPDATE_MAJOR_TAG} -eq 1 ]; then
|
||||
############################################
|
||||
# Upload the docker image that was created #
|
||||
############################################
|
||||
docker push "${CONTAINER_URL}:${MAJOR_TAG}" 2>&1
|
||||
|
||||
#######################
|
||||
# Load the error code #
|
||||
#######################
|
||||
ERROR_CODE=$?
|
||||
|
||||
##############################
|
||||
# Check the shell for errors #
|
||||
##############################
|
||||
if [ ${ERROR_CODE} -ne 0 ]; then
|
||||
# ERROR
|
||||
fatal "failed to [upload] MAJOR_TAG:[${MAJOR_TAG}] Dockerfile!"
|
||||
else
|
||||
# SUCCESS
|
||||
info "Successfully Uploaded TAG:${F[W]}[${MAJOR_TAG}]${F[B]} of Docker image to ${F[C]}${REGISTRY}${F[B]}!"
|
||||
fi
|
||||
fi
|
||||
}
|
||||
################################################################################
|
||||
#### Function FindBuiltImage ###################################################
|
||||
FindBuiltImage() {
|
||||
# Check the local system to see if an image has already been built
|
||||
# if so, we only need to update tags and push
|
||||
# Set FOUND_IMAGE=1 when found
|
||||
|
||||
##############
|
||||
# Local vars #
|
||||
##############
|
||||
CHECK_IMAGE_REPO='' # Repo to look for
|
||||
|
||||
####################################
|
||||
# Set the additional container URL #
|
||||
####################################
|
||||
if [[ ${REGISTRY} == "GCR" ]]; then
|
||||
CHECK_IMAGE_REPO="${GCR_IMAGE_REPO}"
|
||||
elif [[ ${REGISTRY} == "Docker" ]]; then
|
||||
CHECK_IMAGE_REPO="${DOCKER_IMAGE_REPO}"
|
||||
fi
|
||||
|
||||
#######################################
|
||||
# Look for Release image in DockerHub #
|
||||
#######################################
|
||||
FIND_VERSION_CMD=$(docker images | grep "${CHECK_IMAGE_REPO}" | grep "${IMAGE_VERSION}" 2>&1)
|
||||
|
||||
#######################
|
||||
# Load the error code #
|
||||
#######################
|
||||
ERROR_CODE=$?
|
||||
|
||||
##############################
|
||||
# Check the shell for errors #
|
||||
##############################
|
||||
if [ $ERROR_CODE -ne 0 ]; then
|
||||
info "Found ${REGISTRY} image:[${CHECK_IMAGE_REPO}:${IMAGE_VERSION}] already built on instance"
|
||||
# Increment flag
|
||||
FOUND_RELASE=1
|
||||
else
|
||||
info "Failed to find locally created Docker image:[${CHECK_IMAGE_REPO}]"
|
||||
info "${FIND_VERSION_CMD}"
|
||||
fi
|
||||
|
||||
#####################################
|
||||
# Look for Major image in DockerHub #
|
||||
#####################################
|
||||
FIND_MAJOR_CMD=$(docker images | grep "${CHECK_IMAGE_REPO}" | grep "${MAJOR_TAG}" 2>&1)
|
||||
|
||||
#######################
|
||||
# Load the error code #
|
||||
#######################
|
||||
ERROR_CODE=$?
|
||||
|
||||
##############################
|
||||
# Check the shell for errors #
|
||||
##############################
|
||||
if [ $ERROR_CODE -ne 0 ]; then
|
||||
info "Found ${REGISTRY} image:[${CHECK_IMAGE_REPO}:${MAJOR_TAG}] already built on instance"
|
||||
# Increment flag
|
||||
FOUND_MAJOR=1
|
||||
else
|
||||
info "Failed to find locally created Docker image:[${FIND_MAJOR_CMD}]"
|
||||
info "${FIND_MAJOR_CMD}"
|
||||
fi
|
||||
|
||||
###############################
|
||||
# Check if we found the image #
|
||||
###############################
|
||||
if [ "${FOUND_MAJOR}" -eq 1 ] && [ "${FOUND_RELASE}" -eq 1 ]; then
|
||||
FOUND_IMAGE=1
|
||||
fi
|
||||
}
|
||||
################################################################################
|
||||
#### Function Footer ###########################################################
|
||||
Footer() {
|
||||
info "-------------------------------------------------------"
|
||||
info "The step has completed"
|
||||
info "-------------------------------------------------------"
|
||||
}
|
||||
################################################################################
|
||||
################################## MAIN ########################################
|
||||
################################################################################
|
||||
|
||||
##########
|
||||
# Header #
|
||||
##########
|
||||
Header
|
||||
|
||||
##################
|
||||
# Validate Input #
|
||||
##################
|
||||
ValidateInput
|
||||
|
||||
###############################
|
||||
# Find Image if already built #
|
||||
###############################
|
||||
FindBuiltImage
|
||||
|
||||
###################
|
||||
# Build the image #
|
||||
###################
|
||||
if [ "$FOUND_IMAGE" -ne 0 ]; then
|
||||
BuildImage
|
||||
fi
|
||||
|
||||
######################
|
||||
# Login to DockerHub #
|
||||
######################
|
||||
if [[ ${REGISTRY} == "Docker" ]]; then
|
||||
# Authenticate "Username" "Password" "Url" "Name"
|
||||
Authenticate "${DOCKER_USERNAME}" "${DOCKER_PASSWORD}" "" "Dockerhub"
|
||||
|
||||
######################################
|
||||
# Login to GitHub Container Registry #
|
||||
######################################
|
||||
elif [[ ${REGISTRY} == "GCR" ]]; then
|
||||
# Authenticate "Username" "Password" "Url" "Name"
|
||||
Authenticate "${GCR_USERNAME}" "${GCR_TOKEN}" "https://${GCR_URL}" "GitHub Container Registry"
|
||||
|
||||
else
|
||||
#########
|
||||
# ERROR #
|
||||
#########
|
||||
error "Registry not set correctly!"
|
||||
fatal "Registry:[${REGISTRY}]"
|
||||
fi
|
||||
|
||||
####################
|
||||
# Upload the image #
|
||||
####################
|
||||
UploadImage
|
||||
|
||||
##########
|
||||
# Footer #
|
||||
##########
|
||||
Footer
|
|
@ -1,114 +0,0 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
################################################################################
|
||||
############# Clean all code base for additonal testing @admiralawkbar #########
|
||||
################################################################################
|
||||
|
||||
###########
|
||||
# Globals #
|
||||
###########
|
||||
IMAGE="${1}" # Image of the super-linter we build
|
||||
BUILD_REVISION="${GITHUB_SHA}" # GitHub Sha
|
||||
BUILD_VERSION="${GITHUB_SHA}" # Version of the container
|
||||
ORG_REPO="super-linter/super-linter" # Org/repo
|
||||
REGISTRY='ghcr.io' # Docker Registry
|
||||
((LOG_TRACE = LOG_DEBUG = LOG_VERBOSE = LOG_NOTICE = LOG_WARN = LOG_ERROR = "true")) # Enable all loging
|
||||
ERROR=0 # Error count
|
||||
export LOG_TRACE LOG_DEBUG LOG_VERBOSE LOG_NOTICE LOG_WARN LOG_ERROR
|
||||
|
||||
#########################
|
||||
# Source Function Files #
|
||||
#########################
|
||||
# shellcheck source=/dev/null
|
||||
source "${GITHUB_WORKSPACE}/lib/functions/log.sh" # Source the function script(s)
|
||||
|
||||
################################################################################
|
||||
############################ FUNCTIONS BELOW ###################################
|
||||
################################################################################
|
||||
################################################################################
|
||||
#### Function Header ###########################################################
|
||||
Header() {
|
||||
info "--------------------------------------------------"
|
||||
info "----- GitHub Actions validate docker labels ------"
|
||||
info "--------------------------------------------------"
|
||||
|
||||
##################################
|
||||
# Print info on local containers #
|
||||
##################################
|
||||
info "--------------------------------------------------"
|
||||
info "Containers found locally:"
|
||||
docker images
|
||||
info "--------------------------------------------------"
|
||||
|
||||
}
|
||||
################################################################################
|
||||
#### Function ValidateLabel ####################################################
|
||||
ValidateLabel() {
|
||||
##############
|
||||
# Grab input #
|
||||
##############
|
||||
CONTAINER_KEY="$1" # Example: org.opencontainers.image.created
|
||||
CONTAINER_VALUE="$2" # Example: 1985-04-12T23:20:50.52Z
|
||||
|
||||
########################
|
||||
# Get the docker label #
|
||||
########################
|
||||
LABEL=''
|
||||
if [[ "${IMAGE}" == "slim" ]]; then
|
||||
LABEL=$(docker inspect --format "{{ index .Config.Labels \"${CONTAINER_KEY}\" }}" "${REGISTRY}/${ORG_REPO}:slim-${GITHUB_SHA}")
|
||||
else
|
||||
LABEL=$(docker inspect --format "{{ index .Config.Labels \"${CONTAINER_KEY}\" }}" "${REGISTRY}/${ORG_REPO}:${GITHUB_SHA}")
|
||||
fi
|
||||
|
||||
###################
|
||||
# Check the value #
|
||||
###################
|
||||
if [[ ${LABEL} != "${CONTAINER_VALUE}" ]]; then
|
||||
error "Assert failed [${CONTAINER_KEY} - '${LABEL}' != '${CONTAINER_VALUE}']"
|
||||
ERROR=1
|
||||
else
|
||||
info "Assert passed [${CONTAINER_KEY}]"
|
||||
fi
|
||||
}
|
||||
################################################################################
|
||||
#### Function Footer ###########################################################
|
||||
Footer() {
|
||||
#####################################
|
||||
# Check if any errors were reported #
|
||||
#####################################
|
||||
if [[ ${ERROR} -gt 0 ]]; then
|
||||
fatal "There were some failed assertions. See above"
|
||||
else
|
||||
info "-------------------------------------------------------"
|
||||
info "The step has completed"
|
||||
info "-------------------------------------------------------"
|
||||
fi
|
||||
}
|
||||
################################################################################
|
||||
################################## MAIN ########################################
|
||||
################################################################################
|
||||
|
||||
##########
|
||||
# Header #
|
||||
##########
|
||||
Header
|
||||
|
||||
####################
|
||||
# Validate created #
|
||||
####################
|
||||
ValidateLabel "org.opencontainers.image.created" "${BUILD_DATE}"
|
||||
|
||||
#####################
|
||||
# Validate revision #
|
||||
#####################
|
||||
ValidateLabel "org.opencontainers.image.revision" "${BUILD_REVISION}"
|
||||
|
||||
####################
|
||||
# Validate version #
|
||||
####################
|
||||
ValidateLabel "org.opencontainers.image.version" "${BUILD_VERSION}"
|
||||
|
||||
#################
|
||||
# Report status #
|
||||
#################
|
||||
Footer
|
47
.github/workflows/cd.yml
vendored
47
.github/workflows/cd.yml
vendored
|
@ -32,17 +32,46 @@ jobs:
|
|||
CONTAINER_IMAGE_ID: "ghcr.io/super-linter/super-linter:${{ matrix.images.prefix }}latest"
|
||||
CONTAINER_IMAGE_TARGET: "${{ matrix.images.target }}"
|
||||
steps:
|
||||
- name: Checkout Code
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Set build metadata
|
||||
run: |
|
||||
if [[ ${{ github.event_name }} == 'push' ]] || [[ ${{ github.event_name }} == 'merge_group' ]]; then
|
||||
BUILD_REVISION=${{ github.sha }}
|
||||
BUILD_VERSION=${{ github.sha }}
|
||||
elif [[ ${{ github.event_name }} == 'pull_request' ]]; then
|
||||
BUILD_REVISION=${{ github.event.pull_request.head.sha }}
|
||||
BUILD_VERSION=${{ github.event.pull_request.head.sha }}
|
||||
else
|
||||
echo "[ERROR] Event not supported when setting build revision and build version"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ -z "${BUILD_REVISION}" ]; then
|
||||
echo "[ERROR] BUILD_REVISION is empty"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ -z "${BUILD_VERSION}" ]; then
|
||||
echo "[ERROR] BUILD_VERSION is empty"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
{
|
||||
echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')"
|
||||
echo "BUILD_REVISION=${BUILD_REVISION}"
|
||||
echo "BUILD_VERSION=${BUILD_VERSION}"
|
||||
} >> "${GITHUB_ENV}"
|
||||
|
||||
- name: Free Disk space
|
||||
shell: bash
|
||||
run: |
|
||||
sudo rm -rf /usr/local/lib/android
|
||||
sudo rm -rf /usr/share/dotnet
|
||||
|
||||
- name: Checkout Code
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Retrieve Datetime
|
||||
run: echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> "${GITHUB_ENV}"
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
||||
- name: Build Image
|
||||
uses: docker/build-push-action@v5
|
||||
|
@ -51,8 +80,8 @@ jobs:
|
|||
file: ./Dockerfile
|
||||
build-args: |
|
||||
BUILD_DATE=${{ env.BUILD_DATE }}
|
||||
BUILD_REVISION=${{ github.sha }}
|
||||
BUILD_VERSION=${{ github.sha }}
|
||||
BUILD_REVISION=${{ env.BUILD_REVISION }}
|
||||
BUILD_VERSION=${{ env.BUILD_VERSION }}
|
||||
load: true
|
||||
push: false
|
||||
secrets: |
|
||||
|
@ -110,8 +139,8 @@ jobs:
|
|||
file: ./Dockerfile
|
||||
build-args: |
|
||||
BUILD_DATE=${{ env.BUILD_DATE }}
|
||||
BUILD_REVISION=${{ github.sha }}
|
||||
BUILD_VERSION=${{ github.sha }}
|
||||
BUILD_REVISION=${{ env.BUILD_REVISION }}
|
||||
BUILD_VERSION=${{ env.BUILD_VERSION }}
|
||||
load: false
|
||||
push: true
|
||||
secrets: |
|
||||
|
|
49
.github/workflows/ci.yml
vendored
49
.github/workflows/ci.yml
vendored
|
@ -27,12 +27,6 @@ jobs:
|
|||
CONTAINER_IMAGE_ID: "ghcr.io/super-linter/super-linter:${{ matrix.images.prefix }}latest"
|
||||
CONTAINER_IMAGE_TARGET: "${{ matrix.images.target }}"
|
||||
steps:
|
||||
- name: Free Disk space
|
||||
shell: bash
|
||||
run: |
|
||||
sudo rm -rf /usr/local/lib/android
|
||||
sudo rm -rf /usr/share/dotnet
|
||||
|
||||
- name: Checkout Code
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
|
@ -45,8 +39,43 @@ jobs:
|
|||
echo "Action file contents:"
|
||||
cat action.yml
|
||||
|
||||
- name: Retrieve Datetime
|
||||
run: echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> "${GITHUB_ENV}"
|
||||
- name: Set build metadata
|
||||
run: |
|
||||
if [[ ${{ github.event_name }} == 'push' ]] || [[ ${{ github.event_name }} == 'merge_group' ]]; then
|
||||
BUILD_REVISION=${{ github.sha }}
|
||||
BUILD_VERSION=${{ github.sha }}
|
||||
elif [[ ${{ github.event_name }} == 'pull_request' ]]; then
|
||||
BUILD_REVISION=${{ github.event.pull_request.head.sha }}
|
||||
BUILD_VERSION=${{ github.event.pull_request.head.sha }}
|
||||
else
|
||||
echo "[ERROR] Event not supported when setting build revision and build version"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ -z "${BUILD_REVISION}" ]; then
|
||||
echo "[ERROR] BUILD_REVISION is empty"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ -z "${BUILD_VERSION}" ]; then
|
||||
echo "[ERROR] BUILD_VERSION is empty"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
{
|
||||
echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')"
|
||||
echo "BUILD_REVISION=${BUILD_REVISION}"
|
||||
echo "BUILD_VERSION=${BUILD_VERSION}"
|
||||
} >> "${GITHUB_ENV}"
|
||||
|
||||
- name: Free Disk space
|
||||
shell: bash
|
||||
run: |
|
||||
sudo rm -rf /usr/local/lib/android
|
||||
sudo rm -rf /usr/share/dotnet
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
||||
- name: Build Image
|
||||
uses: docker/build-push-action@v5
|
||||
|
@ -55,8 +84,8 @@ jobs:
|
|||
file: ./Dockerfile
|
||||
build-args: |
|
||||
BUILD_DATE=${{ env.BUILD_DATE }}
|
||||
BUILD_REVISION=${{ github.sha }}
|
||||
BUILD_VERSION=${{ github.sha }}
|
||||
BUILD_REVISION=${{ env.BUILD_REVISION }}
|
||||
BUILD_VERSION=${{ env.BUILD_VERSION }}
|
||||
load: true
|
||||
push: false
|
||||
secrets: |
|
||||
|
|
28
Makefile
28
Makefile
|
@ -4,7 +4,7 @@
|
|||
all: info docker test ## Run all targets.
|
||||
|
||||
.PHONY: test
|
||||
test: info inspec ## Run tests
|
||||
test: info validate-container-image-labels inspec ## Run tests
|
||||
|
||||
# if this session isn't interactive, then we don't want to allocate a
|
||||
# TTY, which would fail, but if it is interactive, we do want to attach
|
||||
|
@ -51,6 +51,18 @@ ifeq ($(SUPER_LINTER_TEST_CONTAINER_URL),)
|
|||
SUPER_LINTER_TEST_CONTAINER_URL := "ghcr.io/super-linter/super-linter:latest"
|
||||
endif
|
||||
|
||||
ifeq ($(BUILD_DATE),)
|
||||
BUILD_DATE := $(shell date -u +'%Y-%m-%dT%H:%M:%SZ')
|
||||
endif
|
||||
|
||||
ifeq ($(BUILD_REVISION),)
|
||||
BUILD_REVISION := $(shell git rev-parse HEAD)
|
||||
endif
|
||||
|
||||
ifeq ($(BUILD_VERSION),)
|
||||
BUILD_VERSION := $(shell git rev-parse HEAD)
|
||||
endif
|
||||
|
||||
.PHONY: inspec
|
||||
inspec: inspec-check ## Run InSpec tests
|
||||
DOCKER_CONTAINER_STATE="$$(docker inspect --format "{{.State.Running}}" $(SUPER_LINTER_TEST_CONTAINER_NAME) 2>/dev/null || echo "")"; \
|
||||
|
@ -75,12 +87,20 @@ inspec: inspec-check ## Run InSpec tests
|
|||
docker: ## Build the container image
|
||||
@if [ -z "${GITHUB_TOKEN}" ]; then echo "GITHUB_TOKEN environment variable not set. Please set your GitHub Personal Access Token."; exit 1; fi
|
||||
DOCKER_BUILDKIT=1 docker buildx build --load \
|
||||
--build-arg BUILD_DATE=$(shell date -u +'%Y-%m-%dT%H:%M:%SZ') \
|
||||
--build-arg BUILD_REVISION=$(shell git rev-parse --short HEAD) \
|
||||
--build-arg BUILD_VERSION=$(shell git rev-parse --short HEAD) \
|
||||
--build-arg BUILD_DATE=$(BUILD_DATE) \
|
||||
--build-arg BUILD_REVISION=$(BUILD_REVISION) \
|
||||
--build-arg BUILD_VERSION=$(BUILD_VERSION) \
|
||||
--secret id=GITHUB_TOKEN,env=GITHUB_TOKEN \
|
||||
-t $(SUPER_LINTER_TEST_CONTAINER_URL) .
|
||||
|
||||
.phony: docker-pull
|
||||
docker-pull: ## Pull the container image from registry
|
||||
docker pull $(SUPER_LINTER_TEST_CONTAINER_URL)
|
||||
|
||||
.phony: validate-container-image-labels
|
||||
validate-container-image-labels: ## Validate container image labels
|
||||
$(CURDIR)/test/validate-docker-labels.sh \
|
||||
$(SUPER_LINTER_TEST_CONTAINER_URL) \
|
||||
$(BUILD_DATE) \
|
||||
$(BUILD_REVISION) \
|
||||
$(BUILD_VERSION)
|
||||
|
|
|
@ -127,15 +127,21 @@ a container that is an instance of that container image.
|
|||
|
||||
You can run the test suite against an arbitrary super-linter container image.
|
||||
|
||||
Here is an example that runs the test suite against the `standard` flavor of the
|
||||
`v5.4.3` image.
|
||||
Here is an example that runs the test suite against the `v5.4.3` container
|
||||
image version.
|
||||
|
||||
```shell
|
||||
CONTAINER_IMAGE_ID="ghcr.io/super-linter/super-linter:v5.4.3" \
|
||||
CONTAINER_IMAGE_TARGET="standard" \
|
||||
BUILD_DATE="2023-10-17T16:19:11Z" \
|
||||
BUILD_REVISION=b0d1acee1f8050d1684a28ddbf8315f81d084fe9 \
|
||||
BUILD_VERSION=b0d1acee1f8050d1684a28ddbf8315f81d084fe9 \
|
||||
make docker-pull test
|
||||
```
|
||||
|
||||
Initialize the `BUILD_DATE`, `BUILD_REVISION`, and `BUILD_VERSION` variables
|
||||
with the values for that specific container image version. You can get these
|
||||
values from the build log for that version.
|
||||
|
||||
## Troubleshooting
|
||||
|
||||
### Run container and gain access to the command-line
|
||||
|
|
|
@ -1 +0,0 @@
|
|||
#!/usr/bin/env sh
|
31
test/validate-docker-labels.sh
Executable file
31
test/validate-docker-labels.sh
Executable file
|
@ -0,0 +1,31 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
set -o errexit
|
||||
set -o nounset
|
||||
|
||||
CONTAINER_IMAGE_ID="${1}"
|
||||
shift
|
||||
BUILD_DATE="${1}"
|
||||
shift
|
||||
BUILD_REVISION="${1}"
|
||||
shift
|
||||
BUILD_VERSION="${1}"
|
||||
shift
|
||||
|
||||
ValidateLabel() {
|
||||
local LABEL_KEY="$1"
|
||||
local CONTAINER_VALUE="$2"
|
||||
|
||||
LABEL="$(docker inspect --format "{{ index .Config.Labels \"${LABEL_KEY}\" }}" "${CONTAINER_IMAGE_ID}")"
|
||||
|
||||
if [[ "${LABEL}" != "${CONTAINER_VALUE}" ]]; then
|
||||
echo "[ERROR] Invalid container image label: ${LABEL_KEY}: ${LABEL}. Expected: ${CONTAINER_VALUE}"
|
||||
exit 1
|
||||
else
|
||||
echo "${LABEL_KEY} is valid: ${LABEL}. Expected: ${CONTAINER_VALUE}"
|
||||
fi
|
||||
}
|
||||
|
||||
ValidateLabel "org.opencontainers.image.created" "${BUILD_DATE}"
|
||||
ValidateLabel "org.opencontainers.image.revision" "${BUILD_REVISION}"
|
||||
ValidateLabel "org.opencontainers.image.version" "${BUILD_VERSION}"
|
Loading…
Reference in a new issue