-
Notifications
You must be signed in to change notification settings - Fork 1
/
tasks
executable file
·141 lines (131 loc) · 5 KB
/
tasks
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
#!/bin/bash
set -Eeuo pipefail
RELEASER_VERSION="2.1.3"
DOCKER_OPS_VERSION="2.0.1"
SECRET_OPS_VERSION="0.8.0"
SECRET_OPS_FILE="ops/secret-ops"
SECRET_OPS_TAR_FILE="ops/secret-ops-${SECRET_OPS_VERSION}.tar.gz"
RELEASER_FILE="ops/releaser-${RELEASER_VERSION}"
DOCKER_OPS_FILE="ops/docker-ops-${DOCKER_OPS_VERSION}"
mkdir -p ops
if [[ ! -f $RELEASER_FILE ]];then
wget --quiet -O $RELEASER_FILE https://github.com/kudulab/releaser/releases/download/${RELEASER_VERSION}/releaser
fi
source $RELEASER_FILE
if [[ ! -f $DOCKER_OPS_FILE ]];then
wget --quiet -O $DOCKER_OPS_FILE https://github.com/kudulab/docker-ops/releases/download/${DOCKER_OPS_VERSION}/docker-ops
fi
source $DOCKER_OPS_FILE
if [[ ! -f $SECRET_OPS_TAR_FILE ]];then
wget --quiet -O $SECRET_OPS_TAR_FILE https://github.com/kudulab/secret-ops/releases/download/${SECRET_OPS_VERSION}/secret-ops.tar.gz
tar -xf $SECRET_OPS_TAR_FILE -C ops
fi
source $SECRET_OPS_FILE
image_name="kudulab/inception-dojo"
image_registry="dockerhub"
image_dir="./image"
function docker_login {
if [ -n "$DOCKERHUB_TOKEN" ]; then
echo "$DOCKERHUB_TOKEN" | docker login -u "$DOCKERHUB_USERNAME" --password-stdin
return
fi
echo "Warning: docker environment variables not found: falling back to Vault for authentication." >&2
vault_user_path=$USER
if [ $vault_user_path == "go" ]; then
vault_user_path="gocd"
fi
dockerhub_user=$(vault read -field=user secret/$vault_user_path/dockerhub)
vault read -field=password secret/$vault_user_path/dockerhub | docker login --username $dockerhub_user --password-stdin
}
function check_flavor {
if [ -z "$1" ]; then
echo "Must specify flavor: alpine or ubuntu"
exit 2
fi
}
function setup_github_credentials {
if [ -z "$GITHUB_CREDENTIALS" ]; then
echo "Error: GITHUB_CREDENTIALS not set" >&2
exit 1
fi
# GITHUB_CREDENTIALS should be in format of account-name:api-key
# example HTTPS URL: https://github.com/user/repo.git
# example SSH URL: git@github.com:user/repo.git
OLD_URL=$(git remote get-url origin)
NEW_URL=$(echo $OLD_URL | sed "s|git@github.com:|https://$GITHUB_CREDENTIALS@github.com/|g")
git remote set-url origin $NEW_URL
echo "GitHub new remote was set"
}
command="$1"
set +u
case "${command}" in
set_version)
set +u
releaser::bump_changelog_version "$2" "$3"
;;
verify_version)
releaser::verify_release_ready
;;
build)
check_flavor $2
docker_build_options="-f Dockerfile.$2"
image_tag="$2-$(git rev-parse HEAD)"
imagerc_filename="$2.imagerc"
# build image and push to a test registry
docker_ops::docker_build "${image_dir}" "${imagerc_filename}" "${image_name}" "${image_tag}" "${image_registry}"
;;
push)
check_flavor $2
docker_login
imagerc_filename="$2.imagerc"
docker_ops::push "${image_dir}" "${imagerc_filename}"
;;
itest)
check_flavor $2
imagerc_filename="$2.imagerc"
mkdir -p test/integration/test_dojo_work test/integration/identities/full
docker_ops::ensure_pulled_image "${image_dir}" "${imagerc_filename}"
echo "Testing image: ${KUDU_DOCKER_IMAGE_URL}"
echo "DOJO_DOCKER_IMAGE=\"${KUDU_DOCKER_IMAGE_URL}\"" > ./Dojofile.sut
echo "DOJO_IDENTITY_OUTER=\"$(pwd)/test/integration/identities/full\"" >> ./Dojofile.sut
echo "DOJO_WORK_OUTER=$(pwd)/test/integration/test_dojo_work" >> ./Dojofile.sut
echo "DOJO_DOCKER_OPTIONS=--privileged" >> ./Dojofile.sut
rm -rf test/integration/test_dojo_work/my_venv/
dojo -c ./Dojofile.sut "pytest . --verbose"
;;
example)
check_flavor $2
imagerc_filename="$2.imagerc"
docker_ops::ensure_pulled_image "${image_dir}" "${imagerc_filename}"
echo "Testing image: ${KUDU_DOCKER_IMAGE_URL}"
echo "DOJO_DOCKER_IMAGE=\"${KUDU_DOCKER_IMAGE_URL}\"" > ./Dojofile.example
echo "DOJO_IDENTITY_OUTER=\"$(pwd)/test/integration/identities/full\"" >> ./Dojofile.example
echo "DOJO_WORK_OUTER=$(pwd)/test/integration/test_dojo_work" >> ./Dojofile.example
echo "DOJO_DOCKER_OPTIONS=--privileged" >> ./Dojofile.example
dojo -c ./Dojofile.example
;;
release)
./tasks verify_version
releaser::git_tag_from_changelog
;;
publish)
check_flavor $2
imagerc_filename="$2.imagerc"
docker_login
version=$(releaser::get_last_version_from_whole_changelog "${changelog_file}")
image_tag="$2-${version}"
docker_ops::ensure_pulled_image "${image_dir}" "${imagerc_filename}"
docker_ops::retag_push "${image_dir}" "${imagerc_filename}" "${image_name}" "${image_tag}" "${image_registry}"
;;
generate_vault_token)
vault_token=$(vault token create -ttl=48h -policy=gocd -field token -metadata gocd_renew=true)
secured_token_gocd=$(secret_ops::encrypt_with_gocd_top "${vault_token}")
echo "Generated token: ${vault_token} and encrypted by GoCD server"
secret_ops::insert_vault_token_gocd_yaml "${secured_token_gocd}"
;;
*)
echo "Invalid command: '${command}'"
exit 1
;;
esac
set +e