From 113fe6ff034c6663a457056803cb5c715cdbbc5c Mon Sep 17 00:00:00 2001 From: Nikolai Rodionov Date: Sat, 27 May 2023 23:07:58 +0200 Subject: [PATCH] Add builder scripts to the container - Add the build script - Add the cleanup script --- .containerignore | 1 + .drone.yml | 20 +++++---- Containerfile | 1 + build | 33 +++++++++++++++ scripts/build-container | 55 +++++++++++++++++++++++++ scripts/cleanup | 89 +++++++++++++++++++++++++++++++++++++++++ 6 files changed, 191 insertions(+), 8 deletions(-) create mode 100644 .containerignore create mode 100755 build create mode 100755 scripts/build-container create mode 100755 scripts/cleanup diff --git a/.containerignore b/.containerignore new file mode 100644 index 0000000..c795b05 --- /dev/null +++ b/.containerignore @@ -0,0 +1 @@ +build \ No newline at end of file diff --git a/.drone.yml b/.drone.yml index 8079fff..9db2b5f 100644 --- a/.drone.yml +++ b/.drone.yml @@ -1,15 +1,15 @@ --- # ---------------------------------------------- -# -- Build the site and push it to the registry +# -- Build an image and push it to the registry # ---------------------------------------------- kind: pipeline type: docker -name: Build badhouseplants.net +name: Build the builder trigger: event: - push - + steps: - name: Prepare the builder image image: alpine @@ -19,9 +19,13 @@ steps: from_secret: GITEA_TOKEN BUILDAH_REG: git.badhouseplants.net/badhouseplants/badhouseplants-builder commands: - - apk update - - apk add buildah cni-plugins iptables ip6tables fuse-overlayfs - - buildah login -u allanger -p $GITEA_TOKEN git.badhouseplants.net - - buildah build -t $BUILDAH_REG:$DRONE_COMMIT_SHA . - - buildah push $BUILDAH_REG:$DRONE_COMMIT_SHA + - ./build + - name: Cleanup + image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:latest + environment: + GITEA_TOKEN: + from_secret: GITEA_TOKEN + BUILDAH_REG: git.badhouseplants.net/badhouseplants/badhouseplants-builder + commands: + - cleanup diff --git a/Containerfile b/Containerfile index d4b590b..f6d9bb4 100644 --- a/Containerfile +++ b/Containerfile @@ -13,3 +13,4 @@ RUN apk update --no-cache&&\ buildah cni-plugins iptables ip6tables fuse-overlayfs --no-cache COPY --from=rclone /out/rclone /usr/bin/rclone COPY --from=argocd /out/argocd /usr/bin/argocd +COPY ./scripts/ /usr/bin/ diff --git a/build b/build new file mode 100755 index 0000000..4b3ef34 --- /dev/null +++ b/build @@ -0,0 +1,33 @@ +# ------------------------------------------------------------------------ +# -- Copyright 2023 Nikolai Rodionov (allanger) +# ------------------------------------------------------------------------ +# -- Permission is hereby granted, without written agreement and without +# -- license or royalty fees, to use, copy, modify, and distribute this +# -- software and its documentation for any purpose, provided that the +# -- above copyright notice and the following two paragraphs appear in +# -- all copies of this software. +# -- +# -- IN NO EVENT SHALL THE COPYRIGHT HOLDER BE LIABLE TO ANY PARTY FOR +# -- DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES +# -- ARISING OUT OF THE USE OF THIS SOFTWARE AND ITS DOCUMENTATION, EVEN +# -- IF THE COPYRIGHT HOLDER HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH +# -- DAMAGE. +# -- +# -- THE COPYRIGHT HOLDER SPECIFICALLY DISCLAIMS ANY WARRANTIES, INCLUDING, +# -- BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND +# -- FITNESS FOR A PARTICULAR PURPOSE. THE SOFTWARE PROVIDED HEREUNDER IS +# -- ON AN "AS IS" BASIS, AND THE COPYRIGHT HOLDER HAS NO OBLIGATION TO +# -- PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS. +# --------------------------------------------------------------------------- +#! /bin/sh + +apk update +apk add buildah cni-plugins iptables ip6tables fuse-overlayfs + +buildah login -u allanger -p $GITEA_TOKEN git.badhouseplants.net +buildah build -t $BUILDAH_REG:$DRONE_COMMIT_SHA . +buildah tag $BUILDAH_REG:$DRONE_COMMIT_SHA $BUILDAH_REG:latest +if [ -z ${BUILD_DEBUG+x} ]; then + buildah push $BUILDAH_REG:$DRONE_COMMIT_SHA; + buildah push $BUILDAH_REG:latest; +fi diff --git a/scripts/build-container b/scripts/build-container new file mode 100755 index 0000000..122d469 --- /dev/null +++ b/scripts/build-container @@ -0,0 +1,55 @@ +#!/usr/bin/perl +# ------------------------------------------------------------------------ +# -- Copyright 2023 Nikolai Rodionov (allanger) +# ------------------------------------------------------------------------ +# -- Permission is hereby granted, without written agreement and without +# -- license or royalty fees, to use, copy, modify, and distribute this +# -- software and its documentation for any purpose, provided that the +# -- above copyright notice and the following two paragraphs appear in +# -- all copies of this software. +# -- +# -- IN NO EVENT SHALL THE COPYRIGHT HOLDER BE LIABLE TO ANY PARTY FOR +# -- DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES +# -- ARISING OUT OF THE USE OF THIS SOFTWARE AND ITS DOCUMENTATION, EVEN +# -- IF THE COPYRIGHT HOLDER HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH +# -- DAMAGE. +# -- +# -- THE COPYRIGHT HOLDER SPECIFICALLY DISCLAIMS ANY WARRANTIES, INCLUDING, +# -- BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND +# -- FITNESS FOR A PARTICULAR PURPOSE. THE SOFTWARE PROVIDED HEREUNDER IS +# -- ON AN "AS IS" BASIS, AND THE COPYRIGHT HOLDER HAS NO OBLIGATION TO +# -- PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS. +# --------------------------------------------------------------------------- +use strict; +use warnings; +# --------------------------------------------------------------------------- +# -- Setup Git variables +# -- by default main branch should be "main" +# --------------------------------------------------------------------------- +my $git_branch = `git rev-parse --abbrev-ref HEAD`; +my $git_commit_sha = `git rev-parse HEAD`; +my $main_branch = $ENV{'GIT_MAIN_BRANCH'} || 'main'; +chomp($git_branch); +chomp($git_commit_sha); +# --------------------------------------------------------------------------- +# -- Build the image with SHA tag +# -- my main build system is DRONE, so I'm using DRONE variables a lot +# --------------------------------------------------------------------------- +my $container_registry = $ENV{'CONTAINER_REGISTRY'} || 'git.badhouseplants.net'; +my $image_name = $ENV{'DRONE_REPO'} || "badhouseplants/badhouseplants-net"; +my $tag = "$container_registry/$image_name:$git_commit_sha"; +my $username = $ENV{'DRONE_USERNAME'} || "allanger"; +my $password = $ENV{'GITEA_TOKEN'} || "YOU NOT AUTHORIZED, PAL"; +0 == system ("buildah login --username $username --password $password $container_registry") or die $!; +0 == system ("buildah build -t $tag .") or die $!; +0 == system ("buildah push $tag") or die $!; +# --------------------------------------------------------------------------- +# -- Push the latest if the branch is main +# --------------------------------------------------------------------------- +if ( $git_branch eq $main_branch) { + my $latest_tag = "$container_registry/$image_name:latest"; + 0 == system ("buildah tag $tag $latest_tag") or die $!; + 0 == system ("buildah push $latest_tag") or die $!; +} + +print "Thanks!\n"; diff --git a/scripts/cleanup b/scripts/cleanup new file mode 100755 index 0000000..0e6580b --- /dev/null +++ b/scripts/cleanup @@ -0,0 +1,89 @@ +#!/usr/bin/perl +# ------------------------------------------------------------------------ +# -- Copyright 2023 Nikolai Rodionov (allanger) +# ------------------------------------------------------------------------ +# -- Permission is hereby granted, without written agreement and without +# -- license or royalty fees, to use, copy, modify, and distribute this +# -- software and its documentation for any purpose, provided that the +# -- above copyright notice and the following two paragraphs appear in +# -- all copies of this software. +# -- +# -- IN NO EVENT SHALL THE COPYRIGHT HOLDER BE LIABLE TO ANY PARTY FOR +# -- DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES +# -- ARISING OUT OF THE USE OF THIS SOFTWARE AND ITS DOCUMENTATION, EVEN +# -- IF THE COPYRIGHT HOLDER HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH +# -- DAMAGE. +# -- +# -- THE COPYRIGHT HOLDER SPECIFICALLY DISCLAIMS ANY WARRANTIES, INCLUDING, +# -- BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND +# -- FITNESS FOR A PARTICULAR PURPOSE. THE SOFTWARE PROVIDED HEREUNDER IS +# -- ON AN "AS IS" BASIS, AND THE COPYRIGHT HOLDER HAS NO OBLIGATION TO +# -- PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS. +# --------------------------------------------------------------------------- +use strict; +use warnings; +# -------------------------------------- +# -- Gitea variables +# -------------------------------------- +my $gitea_url=$ENV{'GITEA_URL'} || 'https://git.badhouseplants.net/api/v1'; +my $gitea_org=$ENV{'DRONE_REPO_NAMESPACE'} || 'badhouseplants'; +my $gitea_package=$ENV{'DRONE_REPO_NAME'} || 'badhouseplants-net'; +my $image_name = $ENV{'DRONE_REPO'} || "badhouseplants/badhouseplants-net"; +my $gitea_api="$gitea_url/packages/$gitea_org/container/$gitea_package"; +my $gitea_list_api="$gitea_url/packages/$gitea_org?page=1&type=container&q=badhouseplants-net"; +my $gitea_token=$ENV{'GITEA_TOKEN'}; +my $gitea_user=$ENV{'GITEA_USER'} || $ENV{'DRONE_COMMIT_AUTHOR'}; +# --------------------------------------- +# -- Get tags from Gitea +# --------------------------------------- +my $builds = "curl -X 'GET' \"$gitea_list_api\" -H 'accept: application/json' -H \"Authorization: token $gitea_token\" | jq -r '.[].version'"; +my @builds_out = `$builds`; +chomp @builds_out; +# --------------------------------------- +# -- Get a list of all commits + 'latest' +# --------------------------------------- +my $commits = ""; +if (defined $ENV{CLEANUP_ARGO}) { + $commits = "argocd app list -o yaml -l application=badhouseplants | yq '.[].metadata.labels.commit_sha'"; +} else { + $commits = "git fetch && git log --format=format:%H --all"; +} +my @commits_out = `$commits`; +chomp @commits_out; +push @commits_out, 'latest'; +# -------------------------------------- +# -- Rclone variables +# ------------------------------------- +my $dirs = "rclone lsf badhouseplants-minio:/badhouseplants-net"; +my @dirs_out = `$dirs`; +chomp @dirs_out; +# --------------------------------------- +# -- Compare builds to commits +# -- And remove obsolete imgages from +# -- registry +# --------------------------------------- +print "Cleaning up the container registry\n"; +foreach my $line (@builds_out) +{ + print "Checking if $line is in @commits_out\n\n"; + if ( ! grep( /^$line$/, @commits_out ) ) { + my $cmd = "curl -X 'DELETE' -s \"$gitea_api/$line\" -H 'accept: application/json' -H \"Authorization: token $gitea_token\" || true"; + print "Removing ${line}\n\n"; + my $output = `$cmd`; + print "$output \n"; + } +} +if (defined $ENV{CLEANUP_MINIO}) { + print "Cleaning up Minio\n"; + foreach my $line (@dirs_out) + { + print "Checking if $line is in @commits_out\n\n"; + chop($line); + if ( ! grep( /^$line$/, @commits_out ) ) { + my $cmd = "rclone purge badhouseplants-minio:/badhouseplants-net/$line"; + print "Removing ${line}\n\n"; + my $output = `$cmd`; + print "$output \n"; + } + } +} \ No newline at end of file