From bf6d959d2c451f9a01a39df77c95418af2369ea8 Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Mon, 15 May 2023 17:37:50 +0300 Subject: [PATCH 01/31] add tftpd-hpa container --- apps/tftpd-hpa/Dockerfile | 65 ++++++++++++++++ apps/tftpd-hpa/READMe.md | 117 ++++++++++++++++++++++++++++ apps/tftpd-hpa/docker-entrypoint.sh | 38 +++++++++ apps/tftpd-hpa/mapfile | 35 +++++++++ 4 files changed, 255 insertions(+) create mode 100644 apps/tftpd-hpa/Dockerfile create mode 100644 apps/tftpd-hpa/READMe.md create mode 100755 apps/tftpd-hpa/docker-entrypoint.sh create mode 100644 apps/tftpd-hpa/mapfile diff --git a/apps/tftpd-hpa/Dockerfile b/apps/tftpd-hpa/Dockerfile new file mode 100644 index 0000000..be57f02 --- /dev/null +++ b/apps/tftpd-hpa/Dockerfile @@ -0,0 +1,65 @@ +FROM alpine:latest +LABEL maintainer="iX Systems " +LABEL description="tftpd-hpa server on alpine linux" + +# set UID/GID for tftp +ENV UID=9069 \ + GID=9069 + +VOLUME /tftpboot +EXPOSE 69/udp + +# add user tftp +RUN addgroup -g $GID -S tftp && \ + adduser --disabled-password \ + --gecos "" \ + --shell /sbin/nologin \ + --home /home/tftp \ + --no-create-home \ + --ingroup tftp \ + --uid $UID tftp + +# add tftp-hpa +RUN apk add --no-cache \ + tftp-hpa \ + runit \ + tzdata && \ + mkdir -p /tftpboot \ + /runit-services \ + /runit-services/tftpd-hpa \ + /runit-services/syslogd && \ + echo -e "#!/bin/sh\nbusybox syslogd -n -O /dev/stdout" > \ + /runit-services/syslogd/run && \ + echo -e "#!/bin/sh\n/usr/sbin/in.tftpd --foreground --address 0.0.0.0:69 \ + --user tftp --verbose --secure /tftpboot" > \ + /runit-services/tftpd-hpa/run && \ + chmod +x /runit-services/syslogd/run \ + /runit-services/tftpd-hpa/run + +# tftpd-hpa environment variables +# (see: https://manpages.debian.org/testing/tftpd-hpa/tftpd.8.en.html) +ENV TZ="UTC" \ + CREATE=0 \ + MAPFILE="" \ + PERMISSIVE=0 \ + PORTRANGE="4096:32760" \ + REFUSE="" \ + RETRANSMIT="" \ + SECURE=1 \ + TIMEOUT="" \ + UMASK="" \ + VERBOSE=1 \ + VERBOSITY=3 + +# add mapfile +# Currently its all empty +COPY mapfile $MAPFILE + +# add docker-entrypoint.sh +COPY ./docker-entrypoint.sh / +RUN ["chmod", "+x", "/docker-entrypoint.sh"] + +ENTRYPOINT ["/docker-entrypoint.sh"] + +HEALTHCHECK --interval=5s --timeout=10s --retries=3 \ + CMD getent services tftp || exit 1 diff --git a/apps/tftpd-hpa/READMe.md b/apps/tftpd-hpa/READMe.md new file mode 100644 index 0000000..2efbaa5 --- /dev/null +++ b/apps/tftpd-hpa/READMe.md @@ -0,0 +1,117 @@ +# tftpd-hpa (tftpd) + +**A lightweight tftp-server (tftpd-hpa)** + +⚠️ This container is used for the TrueNAS SCALE app `tftpd-hpa`. ⚠️ + +⚠️ While it should work, it's not intended to be used as a standalone container. ⚠️ + +`GitHub` - truenas/containers - https://github.com/truenas/containers/tree/master/apps/tftpd-hpa + +## Index + +1. [Usage](#1-usage) + 1.1 [docker run](#11-docker-run) +2. [Environment Variables](#2-environment-variables) +3. [Volumes](#3-volumes) +4. [Ports](#4-ports) + +## 1 Usage + +### 1.1 docker run + +**Example 1 - run without arguments (environment variables will be used):** +**This is the recommended way to use this container !!!** + +```shell +docker run -d \ + --name tftpd-hpa \ + -e TZ="Europe/Berlin" \ + -v /path/of/some/files:/tftpboot \ + -p 69:69/udp \ + truenas/tftpd-hpa:latest +``` + +**Example 2 - run with specified environment variables:** +**CREATE=1: allow uploads, even if file doesn't exist** +**MAPFILE="": do not use the mapfile** + +```shell +docker run -d \ + --name tftpd-hpa \ + -e TZ="Europe/Berlin" \ + -e CREATE=1 \ + -e MAPFILE="" \ + -v /path/of/some/files:/tftpboot \ + -p 69:69/udp \ + truenas/tftpd-hpa:latest +``` + +**Example 3 - run with arguments (environment variables will be ignored):** +**in.tftpd --foreground --address 0.0.0.0:69 --user tftp ** + +```shell +docker run -d \ + --name tftpd-hpa \ + -e TZ="Europe/Berlin" \ + -v /path/of/some/files:/tftpboot \ + -p 69:69/udp \ + truenas/tftpd-hpa:latest \ + --create --secure --verbose /tftpboot +``` + +**Example 4 - run with arguments with optional 'in.tftpd' as first argument:** +**in.tftpd --foreground --address 0.0.0.0:69 --user tftp ** + +```shell +docker run -d \ + --name tftpd-hpa \ + -e TZ="Europe/Berlin" \ + -v /path/of/some/files:/tftpboot \ + -p 69:69/udp \ + truenas/tftpd-hpa:latest \ + in.tftpd --create --secure --verbose /tftpboot +``` + +**Example 5 - run without arguments and custom MAPFILE:** +**you need to VOLUME your MAPFILE** + +```shell +docker run -d \ + --name tftpd-hpa \ + -e TZ="Europe/Berlin" \ + -e MAPFILE=/mapfile \ + -v /path/of/some/files:/tftpboot \ + -v /path/of/your/mapfile:/mapfile \ + -p 69:69/udp \ + truenas/tftpd-hpa:latest +``` + +### 2 Environment Variables + +For more information, see [tftpd-hpa man pages](https://manpages.debian.org/testing/tftpd-hpa/tftpd.8.en.html) + +- `TZ` - Specifies the server timezone - **Default: `UTC`** +- `BLOCKSIZE` - Specifies the maximum permitted block size +- `CREATE` - Allow new files to be created - **Default: `0`** (only upload files, if they already exist) +- `MAPFILE` - Specify the use of filename remapping - **Default: `""`** + (leave empty, if you don't want to use a mapfile) +- `PERMISSIVE` - Perform no additional permissions checks - **Default: `0`** +- `PORTRANGE` - Force the server port number (the Transaction ID) to be in the specified range of port numbers - **Default: `4096:32760`** +- `REFUSE` - Indicate that a specific RFC 2347 TFTP option should never be accepted +- `RETRANSMIT` - Determine the default timeout, in microseconds, before the first packet is retransmitted - **Default: `""`** +- `SECURE` - Change root directory on startup - **Default: `1`** +- `TIMEOUT` - This specifies how long, in seconds, to wait for a second connection before terminating the server - **Default: `""`** +- `UMASK` - Sets the umask for newly created files +- `VERBOSE` - Increase the logging verbosity of tftpd - **Default: `1`** +- `VERBOSITY` - Set the verbosity value from 0 to 4 - **Default: `3`** + +### 3 Volumes + +- `/tftpboot` - tftp root directory -> + **your directory needs to be at least 0555 (dr-xr-xr-x), owned by root or uid=9069, gid=9069** or **0757** when `CREATE=1` +- `/mapfile` - mapfile for tftpd-hpa -> your mapfile needs to be at least 0444 (-r--r--r--), owned by root or uid=9069, gid=9069 + +### 4 Ports + +- `69/udp` - TFTP Port diff --git a/apps/tftpd-hpa/docker-entrypoint.sh b/apps/tftpd-hpa/docker-entrypoint.sh new file mode 100755 index 0000000..5d9352c --- /dev/null +++ b/apps/tftpd-hpa/docker-entrypoint.sh @@ -0,0 +1,38 @@ +#!/bin/sh +set -e +# set timezone +ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone +# if started without args, exec in.tftpd +if [ "$#" = "0" ]; then + param="" + if [ "$BLOCKSIZE" != "" ]; then param="${param} --blocksize $BLOCKSIZE"; fi + if [ "$CREATE" = "1" ]; then param="${param} --create"; fi + if [ "$PORTRANGE" != "" ]; then param="${param} --port-range $PORTRANGE"; fi + if [ "$MAPFILE" != "" ]; then param="${param} --map-file $MAPFILE"; fi + if [ "$PERMISSIVE" = "1" ]; then param="${param} --permissive"; fi + if [ "$REFUSE" != "" ]; then param="${param} --refuse $REFUSE"; fi + if [ "$RETRANSMIT" != "" ]; then param="${param} --retransmit $RETRANSMIT"; fi + if [ "$SECURE" = "1" ]; then param="${param} --secure"; fi + if [ "$TIMEOUT" != "" ]; then param="${param} --timeout $TIMEOUT"; fi + if [ "$UMASK" != "" ]; then param="${param} --umask $UMASK"; fi + if [ "$VERBOSE" = "1" ]; then param="${param} --verbose"; fi + if [ "$VERBOSITY" != "" ]; then param="${param} --verbosity $VERBOSITY"; fi + param="--foreground --address 0.0.0.0:69 --user tftp ${param} /tftpboot" + echo -e "\nINFO: /usr/sbin/in.tftpd ${param}\n" + echo -e "#!/bin/sh\n/usr/sbin/in.tftpd ${param}" > /runit-services/tftpd-hpa/run +else + # if first arg looks like a flag, assume we want to run in.tftpd + if [ "$( echo "$1" | cut -c1 )" = "-" ]; then + echo -e "\nINFO: /usr/sbin/in.tftpd --foreground --address 0.0.0.0:69 --user tftp $@\n" + echo -e "#!/bin/sh\n/usr/sbin/in.tftpd --foreground --address 0.0.0.0:69 --user tftp $@" > /runit-services/tftpd-hpa/run + # if the first arg is "in.tftpd" ... + elif [ "$1" = "in.tftpd" ]; then + echo -e "\nINFO: /usr/sbin/in.tftpd --foreground --address 0.0.0.0:69 --user tftp $@\n" + echo -e "#!/bin/sh\n/usr/sbin/in.tftpd --foreground --address 0.0.0.0:69 --user tftp ${@:9}" > /runit-services/tftpd-hpa/run + # if first arg doesn't looks like a flag + else + printf "\nINFO: $@\n\n" + echo -e "#!/bin/sh\n$@" > /runit-services/tftpd-hpa/run + fi +fi +exec runsvdir /runit-services diff --git a/apps/tftpd-hpa/mapfile b/apps/tftpd-hpa/mapfile new file mode 100644 index 0000000..cbe530a --- /dev/null +++ b/apps/tftpd-hpa/mapfile @@ -0,0 +1,35 @@ +# Rule file for the -m (remapping option) +# +# This file has three fields: operation, regex, remapping +# +# The operation is a combination of the following letters: +# +# r - rewrite the matched string with the remapping pattern +# i - case-insensitive matching +# g - repeat until no match (used with "r") +# e - exit (with success) if we match this pattern, do not process +# subsequent rules +# s - start over from the first rule if we match this pattern +# a - abort (refuse the request) if we match this rule +# G - this rule applies to TFTP GET requests only +# P - this rule applies to TFTP PUT requests only +# +# The regex is a regular expression in the style of egrep(1). +# +# The remapping is a pattern, all characters are verbatim except \ +# \0 copies the full string that matched the regex +# \1..\9 copies the 9 first (..) expressions in the regex +# \\ is an escaped \ +# See http://linux.die.net/man/8/tftpd for more info. +# +# "#" begins a comment, unless \-escaped +# + +# ri ^[a-z]: # Remove "drive letters" +# rg \\ / # Convert backslashes to slashes +# rg ([A-Z]) \L\1 # Convert uppercase to lowercase +# rg \# @ # Convert hash marks to @ signs +# rg /../ /..no../ # Convert /../ to /..no../ +# e ^ok/ # These are always ok +# r ^[^/] /\0 # Convert non-absolute files +# a \.pvt$ # Reject requests for private files From 3c688000a020212882a876807994387f6a37924f Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Mon, 15 May 2023 19:48:00 +0300 Subject: [PATCH 02/31] add publish workflow --- .github/workflows/publish.yaml | 70 ++++++++++++++++++++++++++++++++++ 1 file changed, 70 insertions(+) create mode 100644 .github/workflows/publish.yaml diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml new file mode 100644 index 0000000..d1fab38 --- /dev/null +++ b/.github/workflows/publish.yaml @@ -0,0 +1,70 @@ +name: Publish Docker image + +on: + workflow_dispatch: + push: + branches: + - master + paths: + - apps/** + pull_request: + paths: + - apps/** + +jobs: + build: + permissions: + packages: write + contents: read + name: Build + runs-on: ubuntu-22.04 + strategy: + matrix: + containers: + - app: tftp-hpa + steps: + - name: Checkout + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 + + - name: Prepare + id: prepare + shell: bash + run: | + VERSION=$(cat ./apps/${{ matrix.containers.app }}/VERSION ) + OUT_VERSION="$VERSION" + + if [[ $GITHUB_EVENT_NAME = "pull_request" ]]; then + $OUT_VERSION="$VERSION-pr${{ github.event.number }}" + fi + + # Get the token + TOKEN=$(curl https://ghcr.io/token\?scope\="repository:truenas/${{ matrix.containers.app }}:pull" | jq '.token' --raw-output) + + # Check if the version already exists + RESULT=$(curl -H "Authorization: Bearer $TOKEN" https://ghcr.io/v2/truenas/${{ matrix.containers.app }}/tags/list \ + | jq --arg version "$OUT_VERSION" '.tags | index($version) != null') + + # If the version already exists, skip the build + if [[ $RESULT == "true" ]]; then + echo "Version $OUT_VERSION already exists, skipping build" + exit 1 + fi + + # Set the output + echo "APP_VERSION=$OUT_VERSION" >> $GITHUB_OUTPUT + + - name: Log in to the Container registry + if: steps.prepare.outputs.APP_VERSION != '' + uses: docker/login-action@40891eba8c2bcd1309b07ba8b11232f313e86779 + with: + registry: ghcr.io + username: truenas + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push Docker images + if: steps.prepare.outputs.APP_VERSION != '' + uses: docker/build-push-action@91df6b874e498451163feb47610c87c4a218c1ee + with: + context: apps/${{ matrix.containers.app }}/ + push: true + tags: ghcr.io/truenas/${{ matrix.containers.app }}:${{ steps.prepare.outputs.APP_VERSION }} From 09f48658c97b19af548a0a8bdd782651f377f960 Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Mon, 15 May 2023 19:49:02 +0300 Subject: [PATCH 03/31] add versiion --- apps/tftpd-hpa/VERSION | 1 + 1 file changed, 1 insertion(+) create mode 100644 apps/tftpd-hpa/VERSION diff --git a/apps/tftpd-hpa/VERSION b/apps/tftpd-hpa/VERSION new file mode 100644 index 0000000..3eefcb9 --- /dev/null +++ b/apps/tftpd-hpa/VERSION @@ -0,0 +1 @@ +1.0.0 From d7e811ad6b3d85c52f567acadc1e7ebf1b04d1f9 Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Mon, 15 May 2023 19:49:45 +0300 Subject: [PATCH 04/31] typo --- .github/workflows/publish.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index d1fab38..06e9973 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -21,7 +21,7 @@ jobs: strategy: matrix: containers: - - app: tftp-hpa + - app: tftpd-hpa steps: - name: Checkout uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 From 4b906c988b09852ce921b9dcd52effed7b134247 Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Mon, 15 May 2023 19:51:00 +0300 Subject: [PATCH 05/31] fix variables --- .github/workflows/publish.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index 06e9973..b623b88 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -31,10 +31,13 @@ jobs: shell: bash run: | VERSION=$(cat ./apps/${{ matrix.containers.app }}/VERSION ) + + # Initialize the output OUT_VERSION="$VERSION" + # If this is a pull request, append the PR number if [[ $GITHUB_EVENT_NAME = "pull_request" ]]; then - $OUT_VERSION="$VERSION-pr${{ github.event.number }}" + OUT_VERSION="$VERSION-pr${{ github.event.number }}" fi # Get the token From 78e2914655ee48228ccd4f51a3bac76e64e196fe Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Mon, 15 May 2023 19:52:12 +0300 Subject: [PATCH 06/31] check if overwrites tag --- .github/workflows/publish.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index b623b88..67995ee 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -30,6 +30,7 @@ jobs: id: prepare shell: bash run: | + # Grab the version from the VERSION file VERSION=$(cat ./apps/${{ matrix.containers.app }}/VERSION ) # Initialize the output From c622021e61d0e6b205d13cbddce6cd06647ccad6 Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Mon, 15 May 2023 19:53:50 +0300 Subject: [PATCH 07/31] overwrite PR builds --- .github/workflows/publish.yaml | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index 67995ee..fd1a0cf 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -41,12 +41,16 @@ jobs: OUT_VERSION="$VERSION-pr${{ github.event.number }}" fi - # Get the token - TOKEN=$(curl https://ghcr.io/token\?scope\="repository:truenas/${{ matrix.containers.app }}:pull" | jq '.token' --raw-output) + if [[ $GITHUB_EVENT_NAME = "pull_request" ]]; then + RESULT="true" + elif + # Get the token + TOKEN=$(curl https://ghcr.io/token\?scope\="repository:truenas/${{ matrix.containers.app }}:pull" | jq '.token' --raw-output) - # Check if the version already exists - RESULT=$(curl -H "Authorization: Bearer $TOKEN" https://ghcr.io/v2/truenas/${{ matrix.containers.app }}/tags/list \ + # Check if the version already exists + RESULT=$(curl -H "Authorization: Bearer $TOKEN" https://ghcr.io/v2/truenas/${{ matrix.containers.app }}/tags/list \ | jq --arg version "$OUT_VERSION" '.tags | index($version) != null') + fi # If the version already exists, skip the build if [[ $RESULT == "true" ]]; then From b634c6fae5f9dc9a5824ff05e2c5135b4747d960 Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Mon, 15 May 2023 19:54:57 +0300 Subject: [PATCH 08/31] typo --- .github/workflows/publish.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index fd1a0cf..dd2a023 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -43,7 +43,7 @@ jobs: if [[ $GITHUB_EVENT_NAME = "pull_request" ]]; then RESULT="true" - elif + else # Get the token TOKEN=$(curl https://ghcr.io/token\?scope\="repository:truenas/${{ matrix.containers.app }}:pull" | jq '.token' --raw-output) From f08bee8e0b1dac6a0aa6b503ea2a2e2a61ba9d2a Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Mon, 15 May 2023 19:59:01 +0300 Subject: [PATCH 09/31] equal typo --- .github/workflows/publish.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index dd2a023..7d5f883 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -37,11 +37,11 @@ jobs: OUT_VERSION="$VERSION" # If this is a pull request, append the PR number - if [[ $GITHUB_EVENT_NAME = "pull_request" ]]; then + if [[ $GITHUB_EVENT_NAME == "pull_request" ]]; then OUT_VERSION="$VERSION-pr${{ github.event.number }}" fi - if [[ $GITHUB_EVENT_NAME = "pull_request" ]]; then + if [[ $GITHUB_EVENT_NAME == "pull_request" ]]; then RESULT="true" else # Get the token From f488c034db72e83e6c52d6bba2ce561b31e2709a Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Mon, 15 May 2023 20:02:17 +0300 Subject: [PATCH 10/31] hmm --- .github/workflows/publish.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index 7d5f883..c9abac3 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -37,11 +37,11 @@ jobs: OUT_VERSION="$VERSION" # If this is a pull request, append the PR number - if [[ $GITHUB_EVENT_NAME == "pull_request" ]]; then + if [[ ${{ github.event_name }} == "pull_request" ]]; then OUT_VERSION="$VERSION-pr${{ github.event.number }}" fi - if [[ $GITHUB_EVENT_NAME == "pull_request" ]]; then + if [[ ${{ github.event_name }} == "pull_request" ]]; then RESULT="true" else # Get the token From 87ef2661b8f2451392cc8b1a110558c5e50150c5 Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Mon, 15 May 2023 20:04:41 +0300 Subject: [PATCH 11/31] false -.- --- .github/workflows/publish.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index c9abac3..48885a8 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -37,23 +37,23 @@ jobs: OUT_VERSION="$VERSION" # If this is a pull request, append the PR number - if [[ ${{ github.event_name }} == "pull_request" ]]; then + if [[ "${{ github.event_name }}" == "pull_request" ]]; then OUT_VERSION="$VERSION-pr${{ github.event.number }}" fi - if [[ ${{ github.event_name }} == "pull_request" ]]; then - RESULT="true" + if [[ "${{ github.event_name }}" == "pull_request" ]]; then + EXISTS="false" else # Get the token TOKEN=$(curl https://ghcr.io/token\?scope\="repository:truenas/${{ matrix.containers.app }}:pull" | jq '.token' --raw-output) # Check if the version already exists - RESULT=$(curl -H "Authorization: Bearer $TOKEN" https://ghcr.io/v2/truenas/${{ matrix.containers.app }}/tags/list \ + EXISTS=$(curl -H "Authorization: Bearer $TOKEN" https://ghcr.io/v2/truenas/${{ matrix.containers.app }}/tags/list \ | jq --arg version "$OUT_VERSION" '.tags | index($version) != null') fi # If the version already exists, skip the build - if [[ $RESULT == "true" ]]; then + if [[ $EXISTS == "true" ]]; then echo "Version $OUT_VERSION already exists, skipping build" exit 1 fi From 1d7b4d178473a2758fcc512573081fd81eee57cb Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Mon, 15 May 2023 20:09:27 +0300 Subject: [PATCH 12/31] add a visual failed step when version exists --- .github/workflows/publish.yaml | 27 ++++++++++++++++++++------- 1 file changed, 20 insertions(+), 7 deletions(-) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index 48885a8..1de3f32 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -41,15 +41,21 @@ jobs: OUT_VERSION="$VERSION-pr${{ github.event.number }}" fi + # Get the token + TOKEN=$(curl https://ghcr.io/token\?scope\="repository:truenas/${{ matrix.containers.app }}:pull" | jq '.token' --raw-output) + + # Check if the version already exists + EXISTS=$(curl -H "Authorization: Bearer $TOKEN" https://ghcr.io/v2/truenas/${{ matrix.containers.app }}/tags/list \ + | jq --arg version "$OUT_VERSION" '.tags | index($version) != null') + + if [[ $EXISTS == "true" ]]; then + # Set this output so we can trigger "failed" status + # on another step, to remind us to bump the version + echo "EXISTS=true" >> $GITHUB_OUTPUT + fi + if [[ "${{ github.event_name }}" == "pull_request" ]]; then EXISTS="false" - else - # Get the token - TOKEN=$(curl https://ghcr.io/token\?scope\="repository:truenas/${{ matrix.containers.app }}:pull" | jq '.token' --raw-output) - - # Check if the version already exists - EXISTS=$(curl -H "Authorization: Bearer $TOKEN" https://ghcr.io/v2/truenas/${{ matrix.containers.app }}/tags/list \ - | jq --arg version "$OUT_VERSION" '.tags | index($version) != null') fi # If the version already exists, skip the build @@ -76,3 +82,10 @@ jobs: context: apps/${{ matrix.containers.app }}/ push: true tags: ghcr.io/truenas/${{ matrix.containers.app }}:${{ steps.prepare.outputs.APP_VERSION }} + + - name: Set failed status if version exists + if: steps.prepare.outputs.EXISTS == 'true' + shell: bash + run: | + echo "Version ${{ steps.prepare.outputs.APP_VERSION }} already exists, please bump the version" + exit 1 From 2b62474d840ab8f6fa78041f3f4bdf452f95a8e0 Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Mon, 15 May 2023 20:19:28 +0300 Subject: [PATCH 13/31] make it a bit better --- .github/workflows/publish.yaml | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index 1de3f32..4b44901 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -33,39 +33,42 @@ jobs: # Grab the version from the VERSION file VERSION=$(cat ./apps/${{ matrix.containers.app }}/VERSION ) + echo "OUTPUT_PROD_VERSION=$VERSION" >> $GITHUB_OUTPUT + # Initialize the output - OUT_VERSION="$VERSION" + OUTPUT_VERSION="$VERSION" # If this is a pull request, append the PR number if [[ "${{ github.event_name }}" == "pull_request" ]]; then - OUT_VERSION="$VERSION-pr${{ github.event.number }}" + OUTPUT_VERSION="$VERSION-pr${{ github.event.number }}" fi # Get the token TOKEN=$(curl https://ghcr.io/token\?scope\="repository:truenas/${{ matrix.containers.app }}:pull" | jq '.token' --raw-output) - # Check if the version already exists + # Check if the "production" version already exists EXISTS=$(curl -H "Authorization: Bearer $TOKEN" https://ghcr.io/v2/truenas/${{ matrix.containers.app }}/tags/list \ - | jq --arg version "$OUT_VERSION" '.tags | index($version) != null') + | jq --arg version "$VERSION" '.tags | index($version) != null') if [[ $EXISTS == "true" ]]; then # Set this output so we can trigger "failed" status # on another step, to remind us to bump the version - echo "EXISTS=true" >> $GITHUB_OUTPUT + echo "OUTPUT_EXISTS=true" >> $GITHUB_OUTPUT fi if [[ "${{ github.event_name }}" == "pull_request" ]]; then + # Pretend the version doesn't exist, so we can build the PR tag EXISTS="false" fi - # If the version already exists, skip the build + # If the version already exists, skip the build (When not a PR) if [[ $EXISTS == "true" ]]; then - echo "Version $OUT_VERSION already exists, skipping build" + echo "Version $OUTPUT_VERSION already exists, skipping build" exit 1 fi # Set the output - echo "APP_VERSION=$OUT_VERSION" >> $GITHUB_OUTPUT + echo "APP_VERSION=$OUTPUT_VERSION" >> $GITHUB_OUTPUT - name: Log in to the Container registry if: steps.prepare.outputs.APP_VERSION != '' @@ -84,8 +87,8 @@ jobs: tags: ghcr.io/truenas/${{ matrix.containers.app }}:${{ steps.prepare.outputs.APP_VERSION }} - name: Set failed status if version exists - if: steps.prepare.outputs.EXISTS == 'true' + if: steps.prepare.outputs.OUTPUT_EXISTS == 'true' shell: bash run: | - echo "Version ${{ steps.prepare.outputs.APP_VERSION }} already exists, please bump the version" + echo "Version ${{ steps.prepare.outputs.OUTPUT_PROD_VERSION }} already exists, please bump the version" exit 1 From 04b3933181f1658adc219f20ca9abde37670e25d Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Mon, 15 May 2023 20:24:17 +0300 Subject: [PATCH 14/31] add a comment --- .github/workflows/publish.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index 4b44901..55e3e41 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -50,6 +50,7 @@ jobs: EXISTS=$(curl -H "Authorization: Bearer $TOKEN" https://ghcr.io/v2/truenas/${{ matrix.containers.app }}/tags/list \ | jq --arg version "$VERSION" '.tags | index($version) != null') + # If "production" version exists... if [[ $EXISTS == "true" ]]; then # Set this output so we can trigger "failed" status # on another step, to remind us to bump the version From ace7a9852d265f95812a54f4c62f95a9969a9b49 Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Mon, 15 May 2023 20:34:53 +0300 Subject: [PATCH 15/31] add dockerhub and add todo --- .github/workflows/publish.yaml | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index 55e3e41..130c905 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -50,6 +50,8 @@ jobs: EXISTS=$(curl -H "Authorization: Bearer $TOKEN" https://ghcr.io/v2/truenas/${{ matrix.containers.app }}/tags/list \ | jq --arg version "$VERSION" '.tags | index($version) != null') + # TODO: Check if Production version exists on DockerHub + # If "production" version exists... if [[ $EXISTS == "true" ]]; then # Set this output so we can trigger "failed" status @@ -71,7 +73,7 @@ jobs: # Set the output echo "APP_VERSION=$OUTPUT_VERSION" >> $GITHUB_OUTPUT - - name: Log in to the Container registry + - name: Login to Github Container registry if: steps.prepare.outputs.APP_VERSION != '' uses: docker/login-action@40891eba8c2bcd1309b07ba8b11232f313e86779 with: @@ -79,13 +81,22 @@ jobs: username: truenas password: ${{ secrets.GITHUB_TOKEN }} + - name: Login to DockerHub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_TOKEN }} + - name: Build and push Docker images if: steps.prepare.outputs.APP_VERSION != '' uses: docker/build-push-action@91df6b874e498451163feb47610c87c4a218c1ee with: context: apps/${{ matrix.containers.app }}/ push: true - tags: ghcr.io/truenas/${{ matrix.containers.app }}:${{ steps.prepare.outputs.APP_VERSION }} + # We can push to multiple registries + tags: | + ghcr.io/truenas/${{ matrix.containers.app }}:${{ steps.prepare.outputs.APP_VERSION }} + ixsystems/${{ matrix.containers.app }}:${{ steps.prepare.outputs.APP_VERSION }} - name: Set failed status if version exists if: steps.prepare.outputs.OUTPUT_EXISTS == 'true' From 4ecebeb344e71a4996e39e2ee8f16222b7ede8e0 Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Mon, 15 May 2023 20:59:00 +0300 Subject: [PATCH 16/31] only push to dockerhub --- .github/workflows/publish.yaml | 18 +++--------------- 1 file changed, 3 insertions(+), 15 deletions(-) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index 130c905..314556c 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -44,13 +44,11 @@ jobs: fi # Get the token - TOKEN=$(curl https://ghcr.io/token\?scope\="repository:truenas/${{ matrix.containers.app }}:pull" | jq '.token' --raw-output) + TOKEN=$(curl "https://auth.docker.io/token?service=registry.docker.io&scope=repository:ixsystems/${{ matrix.containers.app }}:pull" | jq '.token' --raw-output) # Check if the "production" version already exists - EXISTS=$(curl -H "Authorization: Bearer $TOKEN" https://ghcr.io/v2/truenas/${{ matrix.containers.app }}/tags/list \ - | jq --arg version "$VERSION" '.tags | index($version) != null') - - # TODO: Check if Production version exists on DockerHub + EXISTS=$(curl -H "Authorization: Bearer $TOKEN" "https://index.docker.io/v2/ixsystems/${{ matrix.containers.app }}/tags/list" \ + | jq --arg version "$VERSION" '.tags | index($version) != null') # If "production" version exists... if [[ $EXISTS == "true" ]]; then @@ -73,14 +71,6 @@ jobs: # Set the output echo "APP_VERSION=$OUTPUT_VERSION" >> $GITHUB_OUTPUT - - name: Login to Github Container registry - if: steps.prepare.outputs.APP_VERSION != '' - uses: docker/login-action@40891eba8c2bcd1309b07ba8b11232f313e86779 - with: - registry: ghcr.io - username: truenas - password: ${{ secrets.GITHUB_TOKEN }} - - name: Login to DockerHub uses: docker/login-action@v2 with: @@ -93,9 +83,7 @@ jobs: with: context: apps/${{ matrix.containers.app }}/ push: true - # We can push to multiple registries tags: | - ghcr.io/truenas/${{ matrix.containers.app }}:${{ steps.prepare.outputs.APP_VERSION }} ixsystems/${{ matrix.containers.app }}:${{ steps.prepare.outputs.APP_VERSION }} - name: Set failed status if version exists From 7323cd71600b6511a6253b77301b066b0749eaf9 Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Mon, 15 May 2023 21:12:19 +0300 Subject: [PATCH 17/31] simplify and fail fast --- .github/workflows/publish.yaml | 43 ++++++++++------------------------ 1 file changed, 12 insertions(+), 31 deletions(-) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index 314556c..dd8c437 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -33,39 +33,27 @@ jobs: # Grab the version from the VERSION file VERSION=$(cat ./apps/${{ matrix.containers.app }}/VERSION ) - echo "OUTPUT_PROD_VERSION=$VERSION" >> $GITHUB_OUTPUT - - # Initialize the output - OUTPUT_VERSION="$VERSION" - - # If this is a pull request, append the PR number - if [[ "${{ github.event_name }}" == "pull_request" ]]; then - OUTPUT_VERSION="$VERSION-pr${{ github.event.number }}" - fi - - # Get the token + # Get the dockerhub token TOKEN=$(curl "https://auth.docker.io/token?service=registry.docker.io&scope=repository:ixsystems/${{ matrix.containers.app }}:pull" | jq '.token' --raw-output) - # Check if the "production" version already exists + # Check if the "production" version already exists in dokerhub + # FIXME: if auhtorization fails, this will think the tag does not exist EXISTS=$(curl -H "Authorization: Bearer $TOKEN" "https://index.docker.io/v2/ixsystems/${{ matrix.containers.app }}/tags/list" \ | jq --arg version "$VERSION" '.tags | index($version) != null') - # If "production" version exists... + # If the version already exists, fail fast if [[ $EXISTS == "true" ]]; then - # Set this output so we can trigger "failed" status - # on another step, to remind us to bump the version - echo "OUTPUT_EXISTS=true" >> $GITHUB_OUTPUT + echo "Version $VERSION already exists, please bump the version in the VERSION file." + # If the "production" version already exists, fail fast + exit 1 fi - if [[ "${{ github.event_name }}" == "pull_request" ]]; then - # Pretend the version doesn't exist, so we can build the PR tag - EXISTS="false" - fi + # Initialize the output + OUTPUT_VERSION="$VERSION" - # If the version already exists, skip the build (When not a PR) - if [[ $EXISTS == "true" ]]; then - echo "Version $OUTPUT_VERSION already exists, skipping build" - exit 1 + # If this is a pull request, append the PR number + if [[ "${{ github.event_name }}" == "pull_request" ]]; then + OUTPUT_VERSION="$VERSION-pr${{ github.event.number }}" fi # Set the output @@ -85,10 +73,3 @@ jobs: push: true tags: | ixsystems/${{ matrix.containers.app }}:${{ steps.prepare.outputs.APP_VERSION }} - - - name: Set failed status if version exists - if: steps.prepare.outputs.OUTPUT_EXISTS == 'true' - shell: bash - run: | - echo "Version ${{ steps.prepare.outputs.OUTPUT_PROD_VERSION }} already exists, please bump the version" - exit 1 From 7ba3b863731bdd94023fee56f30a95bb4d7d1dbc Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Mon, 15 May 2023 21:25:17 +0300 Subject: [PATCH 18/31] check if tags was fetched --- .github/workflows/publish.yaml | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index dd8c437..8af958d 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -37,9 +37,15 @@ jobs: TOKEN=$(curl "https://auth.docker.io/token?service=registry.docker.io&scope=repository:ixsystems/${{ matrix.containers.app }}:pull" | jq '.token' --raw-output) # Check if the "production" version already exists in dokerhub - # FIXME: if auhtorization fails, this will think the tag does not exist - EXISTS=$(curl -H "Authorization: Bearer $TOKEN" "https://index.docker.io/v2/ixsystems/${{ matrix.containers.app }}/tags/list" \ - | jq --arg version "$VERSION" '.tags | index($version) != null') + TAGS=$(curl -H "Authorization: Bearer $TOKEN" "https://index.docker.io/v2/ixsystems/${{ matrix.containers.app }}/tags/list" + + if echo "$TAGS" | grep -q "errors"; then + echo "Failed to get tags from dockerhub" + echo "$TAGS" + exit 1 + fi + + EXISTS=$(echo "$TAGS" | jq --arg version "$VERSION" '.tags | index($version) != null') # If the version already exists, fail fast if [[ $EXISTS == "true" ]]; then From 8a2056f300b41ee02a1313ec4118bcf3281477a2 Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Mon, 15 May 2023 21:25:53 +0300 Subject: [PATCH 19/31] adjust spelling --- apps/tftpd-hpa/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/tftpd-hpa/Dockerfile b/apps/tftpd-hpa/Dockerfile index be57f02..f9f9337 100644 --- a/apps/tftpd-hpa/Dockerfile +++ b/apps/tftpd-hpa/Dockerfile @@ -1,5 +1,5 @@ FROM alpine:latest -LABEL maintainer="iX Systems " +LABEL maintainer="iXsystems " LABEL description="tftpd-hpa server on alpine linux" # set UID/GID for tftp From fa6a8297a3e60e938cb892e6f8b7b7279623d4de Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Mon, 15 May 2023 21:26:49 +0300 Subject: [PATCH 20/31] close parenthesis --- .github/workflows/publish.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index 8af958d..78efcc0 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -37,7 +37,7 @@ jobs: TOKEN=$(curl "https://auth.docker.io/token?service=registry.docker.io&scope=repository:ixsystems/${{ matrix.containers.app }}:pull" | jq '.token' --raw-output) # Check if the "production" version already exists in dokerhub - TAGS=$(curl -H "Authorization: Bearer $TOKEN" "https://index.docker.io/v2/ixsystems/${{ matrix.containers.app }}/tags/list" + TAGS=$(curl -H "Authorization: Bearer $TOKEN" "https://index.docker.io/v2/ixsystems/${{ matrix.containers.app }}/tags/list") if echo "$TAGS" | grep -q "errors"; then echo "Failed to get tags from dockerhub" From d30f200a117a95156ace0e46762f9a56a1b39a82 Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Mon, 15 May 2023 21:28:19 +0300 Subject: [PATCH 21/31] add comments --- .github/workflows/publish.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index 78efcc0..088e291 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -39,12 +39,14 @@ jobs: # Check if the "production" version already exists in dokerhub TAGS=$(curl -H "Authorization: Bearer $TOKEN" "https://index.docker.io/v2/ixsystems/${{ matrix.containers.app }}/tags/list") + # If we failed to get the tags, fail fast if echo "$TAGS" | grep -q "errors"; then echo "Failed to get tags from dockerhub" echo "$TAGS" exit 1 fi + # Check if the version already exists EXISTS=$(echo "$TAGS" | jq --arg version "$VERSION" '.tags | index($version) != null') # If the version already exists, fail fast From 14de9ab647af63f428dd508efe54f5cc2a0b0d65 Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Wed, 17 May 2023 20:38:53 +0300 Subject: [PATCH 22/31] update script --- .github/workflows/publish.yaml | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index 088e291..e0951bf 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -39,13 +39,19 @@ jobs: # Check if the "production" version already exists in dokerhub TAGS=$(curl -H "Authorization: Bearer $TOKEN" "https://index.docker.io/v2/ixsystems/${{ matrix.containers.app }}/tags/list") - # If we failed to get the tags, fail fast - if echo "$TAGS" | grep -q "errors"; then - echo "Failed to get tags from dockerhub" - echo "$TAGS" + # If we get UNAUTHORIZED, either the repo is not public or repo does not exist + if echo "$TAGS" | grep -q "UNAUTHORIZED"; then + echo "Either the repo is not public or repo does not exist" exit 1 fi + # If we get NAME_UNKNOWN, most likely there are no tags for this repo + if echo "$TAGS" | grep -q "NAME_UNKNOWN"; then + echo "Looks like there are no tags for this repo in dockerhub" + echo "$TAGS" + echo "Continuing..." + fi + # Check if the version already exists EXISTS=$(echo "$TAGS" | jq --arg version "$VERSION" '.tags | index($version) != null') From 9c3fd27e8022fbe8d7db6f5efbce58c32a0b692d Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Thu, 18 May 2023 14:13:20 +0300 Subject: [PATCH 23/31] test with docker command --- .github/workflows/publish.yaml | 43 ++++++++++------------------------ 1 file changed, 12 insertions(+), 31 deletions(-) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index e0951bf..e29ed68 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -11,6 +11,9 @@ on: paths: - apps/** +env: + REPOSITORY: ixsystems + jobs: build: permissions: @@ -26,6 +29,12 @@ jobs: - name: Checkout uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 + - name: Login to DockerHub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_TOKEN }} + - name: Prepare id: prepare shell: bash @@ -33,30 +42,8 @@ jobs: # Grab the version from the VERSION file VERSION=$(cat ./apps/${{ matrix.containers.app }}/VERSION ) - # Get the dockerhub token - TOKEN=$(curl "https://auth.docker.io/token?service=registry.docker.io&scope=repository:ixsystems/${{ matrix.containers.app }}:pull" | jq '.token' --raw-output) - - # Check if the "production" version already exists in dokerhub - TAGS=$(curl -H "Authorization: Bearer $TOKEN" "https://index.docker.io/v2/ixsystems/${{ matrix.containers.app }}/tags/list") - - # If we get UNAUTHORIZED, either the repo is not public or repo does not exist - if echo "$TAGS" | grep -q "UNAUTHORIZED"; then - echo "Either the repo is not public or repo does not exist" - exit 1 - fi - - # If we get NAME_UNKNOWN, most likely there are no tags for this repo - if echo "$TAGS" | grep -q "NAME_UNKNOWN"; then - echo "Looks like there are no tags for this repo in dockerhub" - echo "$TAGS" - echo "Continuing..." - fi - - # Check if the version already exists - EXISTS=$(echo "$TAGS" | jq --arg version "$VERSION" '.tags | index($version) != null') - - # If the version already exists, fail fast - if [[ $EXISTS == "true" ]]; then + docker manifest inspect "${{ env.REPOSITORY }}/${{ matrix.containers.app }}:$VERSION" + if [[ $? -eq 0 ]]; then echo "Version $VERSION already exists, please bump the version in the VERSION file." # If the "production" version already exists, fail fast exit 1 @@ -73,12 +60,6 @@ jobs: # Set the output echo "APP_VERSION=$OUTPUT_VERSION" >> $GITHUB_OUTPUT - - name: Login to DockerHub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_TOKEN }} - - name: Build and push Docker images if: steps.prepare.outputs.APP_VERSION != '' uses: docker/build-push-action@91df6b874e498451163feb47610c87c4a218c1ee @@ -86,4 +67,4 @@ jobs: context: apps/${{ matrix.containers.app }}/ push: true tags: | - ixsystems/${{ matrix.containers.app }}:${{ steps.prepare.outputs.APP_VERSION }} + ${{ env.REPOSITORY }}/${{ matrix.containers.app }}:${{ steps.prepare.outputs.APP_VERSION }} From 1591d390eba8cf7531473a5feb357b04748fdd2a Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Thu, 18 May 2023 14:17:27 +0300 Subject: [PATCH 24/31] dont fail step when tag is not found --- .github/workflows/publish.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index e29ed68..68cd9a8 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -42,8 +42,8 @@ jobs: # Grab the version from the VERSION file VERSION=$(cat ./apps/${{ matrix.containers.app }}/VERSION ) - docker manifest inspect "${{ env.REPOSITORY }}/${{ matrix.containers.app }}:$VERSION" - if [[ $? -eq 0 ]]; then + result=$(docker manifest inspect "${{ env.REPOSITORY }}/${{ matrix.containers.app }}:$VERSION") + if [[ $result -eq 0 ]]; then echo "Version $VERSION already exists, please bump the version in the VERSION file." # If the "production" version already exists, fail fast exit 1 From a8af9e52df5d205e169e1ce66bb6dcbcb73180c9 Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Thu, 18 May 2023 14:18:53 +0300 Subject: [PATCH 25/31] echo --- .github/workflows/publish.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index 68cd9a8..edbc192 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -42,7 +42,7 @@ jobs: # Grab the version from the VERSION file VERSION=$(cat ./apps/${{ matrix.containers.app }}/VERSION ) - result=$(docker manifest inspect "${{ env.REPOSITORY }}/${{ matrix.containers.app }}:$VERSION") + result=$(docker manifest inspect "${{ env.REPOSITORY }}/${{ matrix.containers.app }}:$VERSION" || echo 1) if [[ $result -eq 0 ]]; then echo "Version $VERSION already exists, please bump the version in the VERSION file." # If the "production" version already exists, fail fast From 31cbb1391fe19311773384ef19eacd15fc57cf99 Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Thu, 18 May 2023 14:20:07 +0300 Subject: [PATCH 26/31] test --- .github/workflows/publish.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index edbc192..e2b87f1 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -42,13 +42,15 @@ jobs: # Grab the version from the VERSION file VERSION=$(cat ./apps/${{ matrix.containers.app }}/VERSION ) - result=$(docker manifest inspect "${{ env.REPOSITORY }}/${{ matrix.containers.app }}:$VERSION" || echo 1) + result=$(docker manifest inspect "${{ env.REPOSITORY }}/${{ matrix.containers.app }}:$VERSION-pr1" || echo 1) if [[ $result -eq 0 ]]; then echo "Version $VERSION already exists, please bump the version in the VERSION file." # If the "production" version already exists, fail fast exit 1 fi + echo "Version $VERSION does not exist, proceeding with build." + # Initialize the output OUTPUT_VERSION="$VERSION" From e52b08d9240c6d5f4819f50cfc11a19ad24a351b Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Thu, 18 May 2023 14:22:57 +0300 Subject: [PATCH 27/31] fix --- .github/workflows/publish.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index e2b87f1..fd5caca 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -43,7 +43,7 @@ jobs: VERSION=$(cat ./apps/${{ matrix.containers.app }}/VERSION ) result=$(docker manifest inspect "${{ env.REPOSITORY }}/${{ matrix.containers.app }}:$VERSION-pr1" || echo 1) - if [[ $result -eq 0 ]]; then + if [[ "$result" == 0 ]]; then echo "Version $VERSION already exists, please bump the version in the VERSION file." # If the "production" version already exists, fail fast exit 1 From 0008dbca5e29d3b4efd401ca36470b944c568a6a Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Thu, 18 May 2023 14:25:25 +0300 Subject: [PATCH 28/31] hm --- .github/workflows/publish.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index fd5caca..4235a23 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -43,7 +43,9 @@ jobs: VERSION=$(cat ./apps/${{ matrix.containers.app }}/VERSION ) result=$(docker manifest inspect "${{ env.REPOSITORY }}/${{ matrix.containers.app }}:$VERSION-pr1" || echo 1) - if [[ "$result" == 0 ]]; then + echo "Result: $result" + + if [[ "$result" != 1 ]]; then echo "Version $VERSION already exists, please bump the version in the VERSION file." # If the "production" version already exists, fail fast exit 1 From f055dede061c297f163b00638c46c19d4c3c05f1 Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Thu, 18 May 2023 14:26:08 +0300 Subject: [PATCH 29/31] test --- .github/workflows/publish.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index 4235a23..4bb4216 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -42,7 +42,7 @@ jobs: # Grab the version from the VERSION file VERSION=$(cat ./apps/${{ matrix.containers.app }}/VERSION ) - result=$(docker manifest inspect "${{ env.REPOSITORY }}/${{ matrix.containers.app }}:$VERSION-pr1" || echo 1) + result=$(docker manifest inspect "${{ env.REPOSITORY }}/${{ matrix.containers.app }}:$VERSION" || echo 1) echo "Result: $result" if [[ "$result" != 1 ]]; then From 20f8c576636dfa1f9f703d9ffbf499f7d6555f8a Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Thu, 18 May 2023 14:29:27 +0300 Subject: [PATCH 30/31] add some coments --- .github/workflows/publish.yaml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index 4bb4216..08e1438 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -29,6 +29,8 @@ jobs: - name: Checkout uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3 + # Login first so we can pull the manifest + # even if the repository is private - name: Login to DockerHub uses: docker/login-action@v2 with: @@ -43,16 +45,16 @@ jobs: VERSION=$(cat ./apps/${{ matrix.containers.app }}/VERSION ) result=$(docker manifest inspect "${{ env.REPOSITORY }}/${{ matrix.containers.app }}:$VERSION" || echo 1) - echo "Result: $result" + # Result contains 1 if the tag does not exist or a JSON object if it does. + # If the result is not 1, means the "production" tag exists. + # We should fail the build and ask for a version bump. if [[ "$result" != 1 ]]; then echo "Version $VERSION already exists, please bump the version in the VERSION file." - # If the "production" version already exists, fail fast exit 1 fi echo "Version $VERSION does not exist, proceeding with build." - # Initialize the output OUTPUT_VERSION="$VERSION" From f9596fc0d9ee1b176374da4aa761e63825996a5f Mon Sep 17 00:00:00 2001 From: Stavros kois Date: Mon, 22 May 2023 13:45:00 +0300 Subject: [PATCH 31/31] rename PR tag --- .github/workflows/publish.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index 08e1438..f64b5fe 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -60,7 +60,7 @@ jobs: # If this is a pull request, append the PR number if [[ "${{ github.event_name }}" == "pull_request" ]]; then - OUTPUT_VERSION="$VERSION-pr${{ github.event.number }}" + OUTPUT_VERSION="unstable" fi # Set the output