Add apache2-utils to Dockerfile and implement htpasswd file creation in entrypoint script
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
gyurix
@@ -14,7 +14,7 @@ FROM alpine:latest
|
|||||||
# COPY --from=redis-source /usr/src/redis/src/redis-cli /usr/bin/redis-cli
|
# COPY --from=redis-source /usr/src/redis/src/redis-cli /usr/bin/redis-cli
|
||||||
# RUN chmod +x /usr/bin/redis-cli
|
# RUN chmod +x /usr/bin/redis-cli
|
||||||
|
|
||||||
RUN apk add --update --no-cache docker-cli wget curl dos2unix jq openssl git coreutils inotify-tools acl
|
RUN apk add --update --no-cache docker-cli wget curl dos2unix jq openssl git coreutils inotify-tools acl apache2-utils
|
||||||
|
|
||||||
COPY scripts/scheduler/*.sh /scripts/
|
COPY scripts/scheduler/*.sh /scripts/
|
||||||
RUN find ./scripts -name "*.sh" | xargs dos2unix
|
RUN find ./scripts -name "*.sh" | xargs dos2unix
|
||||||
|
|||||||
@@ -30,6 +30,7 @@ REDIS_VERSION=${REDIS_VERSION:-latest}
|
|||||||
|
|
||||||
SOURCE=${SOURCE:-user-config}
|
SOURCE=${SOURCE:-user-config}
|
||||||
SMARTHOST_PROXY_PATH=$SMARTHOST_PROXY_PATH
|
SMARTHOST_PROXY_PATH=$SMARTHOST_PROXY_PATH
|
||||||
|
HTPASSWD_FILE=${HTPASSWD_FILE:-/etc/system/config/smarthost-proxy/nginx/htpasswd}
|
||||||
|
|
||||||
GIT_URL=${GIT_URL:-git.format.hu}
|
GIT_URL=${GIT_URL:-git.format.hu}
|
||||||
REPO=$REPO
|
REPO=$REPO
|
||||||
@@ -99,6 +100,19 @@ if [ -d /etc/user/config/services ]; then
|
|||||||
done
|
done
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
create_htpasswd_file() {
|
||||||
|
|
||||||
|
local USER="$1"
|
||||||
|
local PASSWD="$2"
|
||||||
|
|
||||||
|
if [ ! -f "$HTPASSWD_FILE" ]; then
|
||||||
|
install -m 664 -g 65534 /dev/null $HTPASSWD_FILE
|
||||||
|
htpasswd -cb $HTPASSWD_FILE $USER $PASSWD
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
install -m 664 -g 65534 /dev/null
|
||||||
|
|
||||||
deploy_additionals() {
|
deploy_additionals() {
|
||||||
|
|
||||||
local DIR="$1"
|
local DIR="$1"
|
||||||
@@ -429,30 +443,30 @@ check_update() {
|
|||||||
|
|
||||||
REPOSITORY_URL=$(echo $IMAGE | cut -d '/' -f1)
|
REPOSITORY_URL=$(echo $IMAGE | cut -d '/' -f1)
|
||||||
|
|
||||||
# if image repository url doesn't contain dot (safebox)
|
# if image repository url doesn't contain dot (safebox)
|
||||||
if [[ "$(echo "$REPOSITORY_URL" | grep '\.')" == "" ]]; then
|
if [[ "$(echo "$REPOSITORY_URL" | grep '\.')" == "" ]]; then
|
||||||
REMOTE_URL="registry.hub.docker.com"
|
REMOTE_URL="registry.hub.docker.com"
|
||||||
TEMP_PATH=$IMAGE
|
TEMP_PATH=$IMAGE
|
||||||
TEMP_IMAGE=$(echo $TEMP_PATH | cut -d ':' -f1)
|
|
||||||
TOKEN=$(curl -s "https://auth.docker.io/token?service=registry.docker.io&scope=repository:{$TEMP_IMAGE}:pull" | jq -r .token)
|
|
||||||
TOKEN_HEADER='-H "Authorization: Bearer '$TOKEN'"'
|
|
||||||
else
|
|
||||||
REMOTE_URL=""
|
|
||||||
# -f2- IMAGE can contain subdirectories
|
|
||||||
TEMP_PATH=$(echo $IMAGE | cut -d '/' -f2-)
|
|
||||||
TOKEN=""
|
|
||||||
TOKEN_HEADER=""
|
|
||||||
fi
|
|
||||||
|
|
||||||
debug "TEMP PATH: $TEMP_PATH"
|
|
||||||
TEMP_IMAGE=$(echo $TEMP_PATH | cut -d ':' -f1)
|
TEMP_IMAGE=$(echo $TEMP_PATH | cut -d ':' -f1)
|
||||||
TEMP_VERSION=$(echo $TEMP_PATH | cut -d ':' -f2)
|
TOKEN=$(curl -s "https://auth.docker.io/token?service=registry.docker.io&scope=repository:{$TEMP_IMAGE}:pull" | jq -r .token)
|
||||||
if [ "$TEMP_VERSION" == "$TEMP_IMAGE" ]; then # version is not set
|
TOKEN_HEADER='-H "Authorization: Bearer '$TOKEN'"'
|
||||||
TEMP_VERSION="latest"
|
else
|
||||||
fi
|
REMOTE_URL=""
|
||||||
|
# -f2- IMAGE can contain subdirectories
|
||||||
|
TEMP_PATH=$(echo $IMAGE | cut -d '/' -f2-)
|
||||||
|
TOKEN=""
|
||||||
|
TOKEN_HEADER=""
|
||||||
|
fi
|
||||||
|
|
||||||
REMOTE_URL="https://$REMOTE_URL/v2/$TEMP_IMAGE/manifests/$TEMP_VERSION"
|
debug "TEMP PATH: $TEMP_PATH"
|
||||||
debug "REMOTE_URL: $REMOTE_URL"
|
TEMP_IMAGE=$(echo $TEMP_PATH | cut -d ':' -f1)
|
||||||
|
TEMP_VERSION=$(echo $TEMP_PATH | cut -d ':' -f2)
|
||||||
|
if [ "$TEMP_VERSION" == "$TEMP_IMAGE" ]; then # version is not set
|
||||||
|
TEMP_VERSION="latest"
|
||||||
|
fi
|
||||||
|
|
||||||
|
REMOTE_URL="https://$REMOTE_URL/v2/$TEMP_IMAGE/manifests/$TEMP_VERSION"
|
||||||
|
debug "REMOTE_URL: $REMOTE_URL"
|
||||||
|
|
||||||
# Check whether repository url is available
|
# Check whether repository url is available
|
||||||
#CURL_CHECK="curl -m 5 -s -o /dev/null -w "%{http_code}" https://$REPOSITORY_URL/v2/"
|
#CURL_CHECK="curl -m 5 -s -o /dev/null -w "%{http_code}" https://$REPOSITORY_URL/v2/"
|
||||||
@@ -460,12 +474,12 @@ check_update() {
|
|||||||
CURL_CHECK_CODE=$(eval $CURL_CHECK)
|
CURL_CHECK_CODE=$(eval $CURL_CHECK)
|
||||||
|
|
||||||
# if valid accessible url
|
# if valid accessible url
|
||||||
if [[ "$CURL_CHECK_CODE" == "200" ]] ; then
|
if [[ "$CURL_CHECK_CODE" == "200" ]]; then
|
||||||
debug "$REMOTE_URL repository accessed successfully"
|
debug "$REMOTE_URL repository accessed successfully"
|
||||||
|
|
||||||
#digest=$(curl --silent -H "Accept: application/vnd.docker.distribution.manifest.v2+json" "$REMOTE_URL" | jq -r '.config.digest');
|
#digest=$(curl --silent -H "Accept: application/vnd.docker.distribution.manifest.v2+json" "$REMOTE_URL" | jq -r '.config.digest');
|
||||||
# Digest for the whole manifest, which includes all architectures.
|
# Digest for the whole manifest, which includes all architectures.
|
||||||
CURL_DIGEST='curl -s -I '"$TOKEN_HEADER"' -H "Accept: application/vnd.oci.image.index.v1+json" '"$REMOTE_URL"' | grep -i Docker-Content-Digest | cut -d " " -f2 | tr -d "\r\n"'
|
CURL_DIGEST='curl -s -I '"$TOKEN_HEADER"' -H "Accept: application/vnd.oci.image.index.v1+json" '"$REMOTE_URL"' | grep -i Docker-Content-Digest | cut -d " " -f2 | tr -d "\r\n"'
|
||||||
digest=$(eval $CURL_DIGEST)
|
digest=$(eval $CURL_DIGEST)
|
||||||
|
|
||||||
#debug "docker images -q --no-trunc $REPOSITORY_URL/$TEMP_IMAGE:$TEMP_VERSION";
|
#debug "docker images -q --no-trunc $REPOSITORY_URL/$TEMP_IMAGE:$TEMP_VERSION";
|
||||||
@@ -532,23 +546,22 @@ upgrade_scheduler() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
upgrade() {
|
upgrade() {
|
||||||
local NAME=$1
|
local NAME=$1
|
||||||
|
|
||||||
if [ "$NAME" == "web-installer" ]; then
|
if [ "$NAME" == "web-installer" ]; then
|
||||||
|
|
||||||
debug "$service_exec service-framework-scheduler.containers.webserver start info"
|
debug "$service_exec service-framework-scheduler.containers.webserver start info"
|
||||||
$service_exec service-framework-scheduler.containers.webserver stop force
|
$service_exec service-framework-scheduler.containers.webserver stop force
|
||||||
$service_exec service-framework-scheduler.containers.webserver start info &
|
$service_exec service-framework-scheduler.containers.webserver start info &
|
||||||
|
|
||||||
else
|
else
|
||||||
|
|
||||||
debug "$service_exec $NAME.json start info"
|
debug "$service_exec $NAME.json start info"
|
||||||
$service_exec $NAME.json stop force
|
$service_exec $NAME.json stop force
|
||||||
$service_exec $NAME.json start info &
|
$service_exec $NAME.json start info &
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
execute_task() {
|
execute_task() {
|
||||||
TASK="$1"
|
TASK="$1"
|
||||||
B64_JSON="$2"
|
B64_JSON="$2"
|
||||||
@@ -880,11 +893,11 @@ execute_task() {
|
|||||||
JSON="$(echo $B64_JSON | base64 -d)"
|
JSON="$(echo $B64_JSON | base64 -d)"
|
||||||
NAME=$(echo "$JSON" | jq -r .NAME | awk '{print tolower($0)}')
|
NAME=$(echo "$JSON" | jq -r .NAME | awk '{print tolower($0)}')
|
||||||
if [ "$NAME" == "framework" ]; then
|
if [ "$NAME" == "framework" ]; then
|
||||||
upgrade_scheduler
|
upgrade_scheduler
|
||||||
upgrade "web-installer"
|
upgrade "web-installer"
|
||||||
else
|
else
|
||||||
upgrade "$NAME"
|
upgrade "$NAME"
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
debug "JSON_TARGET: $JSON_TARGET"
|
debug "JSON_TARGET: $JSON_TARGET"
|
||||||
|
|||||||
Reference in New Issue
Block a user