Add builder scripts to the container

- Add the build script
- Add the cleanup script
This commit is contained in:
Nikolai Rodionov 2023-05-27 23:07:58 +02:00
parent 7d9add5c1f
commit 113fe6ff03
No known key found for this signature in database
GPG Key ID: 19DB54039EBF8F10
6 changed files with 191 additions and 8 deletions

1
.containerignore Normal file
View File

@ -0,0 +1 @@
build

View File

@ -1,15 +1,15 @@
--- ---
# ---------------------------------------------- # ----------------------------------------------
# -- Build the site and push it to the registry # -- Build an image and push it to the registry
# ---------------------------------------------- # ----------------------------------------------
kind: pipeline kind: pipeline
type: docker type: docker
name: Build badhouseplants.net name: Build the builder
trigger: trigger:
event: event:
- push - push
steps: steps:
- name: Prepare the builder image - name: Prepare the builder image
image: alpine image: alpine
@ -19,9 +19,13 @@ steps:
from_secret: GITEA_TOKEN from_secret: GITEA_TOKEN
BUILDAH_REG: git.badhouseplants.net/badhouseplants/badhouseplants-builder BUILDAH_REG: git.badhouseplants.net/badhouseplants/badhouseplants-builder
commands: commands:
- apk update - ./build
- apk add buildah cni-plugins iptables ip6tables fuse-overlayfs
- buildah login -u allanger -p $GITEA_TOKEN git.badhouseplants.net
- buildah build -t $BUILDAH_REG:$DRONE_COMMIT_SHA .
- buildah push $BUILDAH_REG:$DRONE_COMMIT_SHA
- name: Cleanup
image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:latest
environment:
GITEA_TOKEN:
from_secret: GITEA_TOKEN
BUILDAH_REG: git.badhouseplants.net/badhouseplants/badhouseplants-builder
commands:
- cleanup

View File

@ -13,3 +13,4 @@ RUN apk update --no-cache&&\
buildah cni-plugins iptables ip6tables fuse-overlayfs --no-cache buildah cni-plugins iptables ip6tables fuse-overlayfs --no-cache
COPY --from=rclone /out/rclone /usr/bin/rclone COPY --from=rclone /out/rclone /usr/bin/rclone
COPY --from=argocd /out/argocd /usr/bin/argocd COPY --from=argocd /out/argocd /usr/bin/argocd
COPY ./scripts/ /usr/bin/

33
build Executable file
View File

@ -0,0 +1,33 @@
# ------------------------------------------------------------------------
# -- Copyright 2023 Nikolai Rodionov (allanger)
# ------------------------------------------------------------------------
# -- Permission is hereby granted, without written agreement and without
# -- license or royalty fees, to use, copy, modify, and distribute this
# -- software and its documentation for any purpose, provided that the
# -- above copyright notice and the following two paragraphs appear in
# -- all copies of this software.
# --
# -- IN NO EVENT SHALL THE COPYRIGHT HOLDER BE LIABLE TO ANY PARTY FOR
# -- DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES
# -- ARISING OUT OF THE USE OF THIS SOFTWARE AND ITS DOCUMENTATION, EVEN
# -- IF THE COPYRIGHT HOLDER HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
# -- DAMAGE.
# --
# -- THE COPYRIGHT HOLDER SPECIFICALLY DISCLAIMS ANY WARRANTIES, INCLUDING,
# -- BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
# -- FITNESS FOR A PARTICULAR PURPOSE. THE SOFTWARE PROVIDED HEREUNDER IS
# -- ON AN "AS IS" BASIS, AND THE COPYRIGHT HOLDER HAS NO OBLIGATION TO
# -- PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.
# ---------------------------------------------------------------------------
#! /bin/sh
apk update
apk add buildah cni-plugins iptables ip6tables fuse-overlayfs
buildah login -u allanger -p $GITEA_TOKEN git.badhouseplants.net
buildah build -t $BUILDAH_REG:$DRONE_COMMIT_SHA .
buildah tag $BUILDAH_REG:$DRONE_COMMIT_SHA $BUILDAH_REG:latest
if [ -z ${BUILD_DEBUG+x} ]; then
buildah push $BUILDAH_REG:$DRONE_COMMIT_SHA;
buildah push $BUILDAH_REG:latest;
fi

55
scripts/build-container Executable file
View File

@ -0,0 +1,55 @@
#!/usr/bin/perl
# ------------------------------------------------------------------------
# -- Copyright 2023 Nikolai Rodionov (allanger)
# ------------------------------------------------------------------------
# -- Permission is hereby granted, without written agreement and without
# -- license or royalty fees, to use, copy, modify, and distribute this
# -- software and its documentation for any purpose, provided that the
# -- above copyright notice and the following two paragraphs appear in
# -- all copies of this software.
# --
# -- IN NO EVENT SHALL THE COPYRIGHT HOLDER BE LIABLE TO ANY PARTY FOR
# -- DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES
# -- ARISING OUT OF THE USE OF THIS SOFTWARE AND ITS DOCUMENTATION, EVEN
# -- IF THE COPYRIGHT HOLDER HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
# -- DAMAGE.
# --
# -- THE COPYRIGHT HOLDER SPECIFICALLY DISCLAIMS ANY WARRANTIES, INCLUDING,
# -- BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
# -- FITNESS FOR A PARTICULAR PURPOSE. THE SOFTWARE PROVIDED HEREUNDER IS
# -- ON AN "AS IS" BASIS, AND THE COPYRIGHT HOLDER HAS NO OBLIGATION TO
# -- PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.
# ---------------------------------------------------------------------------
use strict;
use warnings;
# ---------------------------------------------------------------------------
# -- Setup Git variables
# -- by default main branch should be "main"
# ---------------------------------------------------------------------------
my $git_branch = `git rev-parse --abbrev-ref HEAD`;
my $git_commit_sha = `git rev-parse HEAD`;
my $main_branch = $ENV{'GIT_MAIN_BRANCH'} || 'main';
chomp($git_branch);
chomp($git_commit_sha);
# ---------------------------------------------------------------------------
# -- Build the image with SHA tag
# -- my main build system is DRONE, so I'm using DRONE variables a lot
# ---------------------------------------------------------------------------
my $container_registry = $ENV{'CONTAINER_REGISTRY'} || 'git.badhouseplants.net';
my $image_name = $ENV{'DRONE_REPO'} || "badhouseplants/badhouseplants-net";
my $tag = "$container_registry/$image_name:$git_commit_sha";
my $username = $ENV{'DRONE_USERNAME'} || "allanger";
my $password = $ENV{'GITEA_TOKEN'} || "YOU NOT AUTHORIZED, PAL";
0 == system ("buildah login --username $username --password $password $container_registry") or die $!;
0 == system ("buildah build -t $tag .") or die $!;
0 == system ("buildah push $tag") or die $!;
# ---------------------------------------------------------------------------
# -- Push the latest if the branch is main
# ---------------------------------------------------------------------------
if ( $git_branch eq $main_branch) {
my $latest_tag = "$container_registry/$image_name:latest";
0 == system ("buildah tag $tag $latest_tag") or die $!;
0 == system ("buildah push $latest_tag") or die $!;
}
print "Thanks!\n";

89
scripts/cleanup Executable file
View File

@ -0,0 +1,89 @@
#!/usr/bin/perl
# ------------------------------------------------------------------------
# -- Copyright 2023 Nikolai Rodionov (allanger)
# ------------------------------------------------------------------------
# -- Permission is hereby granted, without written agreement and without
# -- license or royalty fees, to use, copy, modify, and distribute this
# -- software and its documentation for any purpose, provided that the
# -- above copyright notice and the following two paragraphs appear in
# -- all copies of this software.
# --
# -- IN NO EVENT SHALL THE COPYRIGHT HOLDER BE LIABLE TO ANY PARTY FOR
# -- DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES
# -- ARISING OUT OF THE USE OF THIS SOFTWARE AND ITS DOCUMENTATION, EVEN
# -- IF THE COPYRIGHT HOLDER HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
# -- DAMAGE.
# --
# -- THE COPYRIGHT HOLDER SPECIFICALLY DISCLAIMS ANY WARRANTIES, INCLUDING,
# -- BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
# -- FITNESS FOR A PARTICULAR PURPOSE. THE SOFTWARE PROVIDED HEREUNDER IS
# -- ON AN "AS IS" BASIS, AND THE COPYRIGHT HOLDER HAS NO OBLIGATION TO
# -- PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.
# ---------------------------------------------------------------------------
use strict;
use warnings;
# --------------------------------------
# -- Gitea variables
# --------------------------------------
my $gitea_url=$ENV{'GITEA_URL'} || 'https://git.badhouseplants.net/api/v1';
my $gitea_org=$ENV{'DRONE_REPO_NAMESPACE'} || 'badhouseplants';
my $gitea_package=$ENV{'DRONE_REPO_NAME'} || 'badhouseplants-net';
my $image_name = $ENV{'DRONE_REPO'} || "badhouseplants/badhouseplants-net";
my $gitea_api="$gitea_url/packages/$gitea_org/container/$gitea_package";
my $gitea_list_api="$gitea_url/packages/$gitea_org?page=1&type=container&q=badhouseplants-net";
my $gitea_token=$ENV{'GITEA_TOKEN'};
my $gitea_user=$ENV{'GITEA_USER'} || $ENV{'DRONE_COMMIT_AUTHOR'};
# ---------------------------------------
# -- Get tags from Gitea
# ---------------------------------------
my $builds = "curl -X 'GET' \"$gitea_list_api\" -H 'accept: application/json' -H \"Authorization: token $gitea_token\" | jq -r '.[].version'";
my @builds_out = `$builds`;
chomp @builds_out;
# ---------------------------------------
# -- Get a list of all commits + 'latest'
# ---------------------------------------
my $commits = "";
if (defined $ENV{CLEANUP_ARGO}) {
$commits = "argocd app list -o yaml -l application=badhouseplants | yq '.[].metadata.labels.commit_sha'";
} else {
$commits = "git fetch && git log --format=format:%H --all";
}
my @commits_out = `$commits`;
chomp @commits_out;
push @commits_out, 'latest';
# --------------------------------------
# -- Rclone variables
# -------------------------------------
my $dirs = "rclone lsf badhouseplants-minio:/badhouseplants-net";
my @dirs_out = `$dirs`;
chomp @dirs_out;
# ---------------------------------------
# -- Compare builds to commits
# -- And remove obsolete imgages from
# -- registry
# ---------------------------------------
print "Cleaning up the container registry\n";
foreach my $line (@builds_out)
{
print "Checking if $line is in @commits_out\n\n";
if ( ! grep( /^$line$/, @commits_out ) ) {
my $cmd = "curl -X 'DELETE' -s \"$gitea_api/$line\" -H 'accept: application/json' -H \"Authorization: token $gitea_token\" || true";
print "Removing ${line}\n\n";
my $output = `$cmd`;
print "$output \n";
}
}
if (defined $ENV{CLEANUP_MINIO}) {
print "Cleaning up Minio\n";
foreach my $line (@dirs_out)
{
print "Checking if $line is in @commits_out\n\n";
chop($line);
if ( ! grep( /^$line$/, @commits_out ) ) {
my $cmd = "rclone purge badhouseplants-minio:/badhouseplants-net/$line";
print "Removing ${line}\n\n";
my $output = `$cmd`;
print "$output \n";
}
}
}