-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathtasks
executable file
·111 lines (104 loc) · 4.37 KB
/
tasks
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
#!/bin/bash
set -Eeuo pipefail
RELEASER_VERSION="2.1.0"
DOCKER_OPS_VERSION="2.0.0"
SECRET_OPS_VERSION="0.8.0"
SECRET_OPS_FILE="ops/secret-ops"
SECRET_OPS_TAR_FILE="ops/secret-ops-${SECRET_OPS_VERSION}.tar.gz"
RELEASER_FILE="ops/releaser-${RELEASER_VERSION}"
DOCKER_OPS_FILE="ops/docker-ops-${DOCKER_OPS_VERSION}"
mkdir -p ops
if [[ ! -f $RELEASER_FILE ]];then
wget --quiet -O $RELEASER_FILE https://github.com/kudulab/releaser/releases/download/${RELEASER_VERSION}/releaser
fi
source $RELEASER_FILE
if [[ ! -f $DOCKER_OPS_FILE ]];then
wget --quiet -O $DOCKER_OPS_FILE https://github.com/kudulab/docker-ops/releases/download/${DOCKER_OPS_VERSION}/docker-ops
fi
source $DOCKER_OPS_FILE
if [[ ! -f $SECRET_OPS_TAR_FILE ]];then
wget --quiet -O $SECRET_OPS_TAR_FILE https://github.com/kudulab/secret-ops/releases/download/${SECRET_OPS_VERSION}/secret-ops.tar.gz
tar -xf $SECRET_OPS_TAR_FILE -C ops
fi
source $SECRET_OPS_FILE
image_name="kudulab/ansible-dojo"
image_registry="dockerhub"
image_dir="./image"
imagerc_filename="imagerc"
function docker_login {
if [ -n "$DOCKERHUB_TOKEN" ]; then
echo "$DOCKERHUB_TOKEN" | docker login -u "$DOCKERHUB_USERNAME" --password-stdin
return
fi
echo "Warning: docker environment variables not found: falling back to Vault for authentication." >&2
vault_user_path=$USER
if [ $vault_user_path == "go" ]; then
vault_user_path="gocd"
fi
dockerhub_user=$(vault read -field=user secret/$vault_user_path/dockerhub)
vault read -field=password secret/$vault_user_path/dockerhub | docker login --username $dockerhub_user --password-stdin
}
command="$1"
set +u
case "${command}" in
set_version)
set +u
releaser::bump_changelog_version "$2" "$3"
;;
verify_version)
releaser::verify_release_ready
;;
build_local)
image_tag=$(git rev-parse HEAD)
# build image and push to a test registry
docker_ops::docker_build "${image_dir}" "${imagerc_filename}" "${image_name}" "${image_tag}" "${image_registry}"
;;
build)
docker_login
./tasks build_local
docker_ops::push "${image_dir}" "${imagerc_filename}"
;;
itest)
docker_ops::ensure_pulled_image "${image_dir}" "${imagerc_filename}"
echo "Testing image: ${KUDU_DOCKER_IMAGE_URL}"
echo "DOJO_DOCKER_IMAGE=\"${KUDU_DOCKER_IMAGE_URL}\"" > ./Dojofile.to_be_tested
echo "DOJO_IDENTITY_OUTER=\"$(pwd)/test/integration/identities/full\"" >> ./Dojofile.to_be_tested
echo "DOJO_WORK_OUTER=$(pwd)/test/integration/test_dojo_work" >> ./Dojofile.to_be_tested
# needed for docker daemon
echo "DOJO_DOCKER_OPTIONS=--privileged" >> ./Dojofile.to_be_tested
time bats "$(pwd)/test/integration/end_user/bats"
;;
example)
docker_ops::ensure_pulled_image "${image_dir}" "${imagerc_filename}"
echo "Testing image: ${KUDU_DOCKER_IMAGE_URL}"
echo "DOJO_DOCKER_IMAGE=\"${KUDU_DOCKER_IMAGE_URL}\"" > ./Dojofile.example
echo "DOJO_IDENTITY_OUTER=\"$(pwd)/test/integration/identities/full\"" >> ./Dojofile.example
echo "DOJO_WORK_OUTER=$(pwd)/test/integration/test_dojo_work" >> ./Dojofile.example
# in order to test the Ansible module: docker_container, we need this line
# below, but it leads to permissions errors when cleaning the docker-volume-test dir
# echo "DOJO_DOCKER_OPTIONS=--privileged -v ${PWD}/docker-volume-test dir:/var/lib/docker" >> ./Dojofile.example
# We can, however, just test the docker_image module using just this:
echo "DOJO_DOCKER_OPTIONS=--privileged" >> ./Dojofile.example
dojo -c ./Dojofile.example
;;
release)
./tasks verify_version
releaser::git_tag_from_changelog
;;
publish)
docker_login
version=$(releaser::get_last_version_from_whole_changelog "${changelog_file}")
docker_ops::ensure_pulled_image "${image_dir}" "${imagerc_filename}"
docker_ops::retag_push "${image_dir}" "${imagerc_filename}" "${image_name}" "${version}" "${image_registry}"
;;
generate_vault_token)
vault_token=$(vault token create -orphan -ttl=48h -policy=gocd -field token -metadata gocd_renew=true)
secured_token_gocd=$(secret_ops::encrypt_with_gocd_top "${vault_token}")
echo "Generated token: ${vault_token} and encrypted by GoCD server"
secret_ops::insert_vault_token_gocd_yaml "${secured_token_gocd}"
;;
*)
echo "Invalid command: '${command}'"
exit 1
;;
esac