Compare commits
19 Commits
7c25aea06a
...
latest
| Author | SHA1 | Date | |
|---|---|---|---|
| c8bd49dab9 | |||
| d62075e479 | |||
| 102b924007 | |||
| 682ee53d19 | |||
| 541ecbbd5e | |||
| 3325ffeda0 | |||
| 53c8ff14da | |||
| 9c5bc54452 | |||
| 30a3584a08 | |||
| 894925c5d9 | |||
| e0c4065824 | |||
| e9597802b6 | |||
| 7ac614714c | |||
| 8f1b66e637 | |||
| 9663bb400f | |||
| 24695b1688 | |||
| e39a7494b3 | |||
| 782f2fa7bb | |||
| 4bce6e9731 |
12
.drone.yml
12
.drone.yml
@@ -6,10 +6,10 @@ node_selector:
|
|||||||
physical-node: dev2
|
physical-node: dev2
|
||||||
|
|
||||||
trigger:
|
trigger:
|
||||||
branch:
|
|
||||||
- main
|
|
||||||
event:
|
event:
|
||||||
- push
|
- push
|
||||||
|
- tag
|
||||||
|
|
||||||
workspace:
|
workspace:
|
||||||
path: /drone/src
|
path: /drone/src
|
||||||
|
|
||||||
@@ -30,6 +30,9 @@ steps:
|
|||||||
platforms:
|
platforms:
|
||||||
- linux/amd64
|
- linux/amd64
|
||||||
- linux/arm64
|
- linux/arm64
|
||||||
|
when:
|
||||||
|
event:
|
||||||
|
- push
|
||||||
|
|
||||||
- name: pull image to dockerhub
|
- name: pull image to dockerhub
|
||||||
image: docker.io/owncloudci/drone-docker-buildx:4
|
image: docker.io/owncloudci/drone-docker-buildx:4
|
||||||
@@ -44,4 +47,7 @@ steps:
|
|||||||
from_secret: dockerhub-password
|
from_secret: dockerhub-password
|
||||||
platforms:
|
platforms:
|
||||||
- linux/amd64
|
- linux/amd64
|
||||||
- linux/arm64
|
- linux/arm64
|
||||||
|
when:
|
||||||
|
event:
|
||||||
|
- tag
|
||||||
@@ -344,7 +344,7 @@ create_framework_json() {
|
|||||||
|
|
||||||
ADDITIONAL=""
|
ADDITIONAL=""
|
||||||
ADDITIONAL='"EXTRA": "--label logging=promtail_user --label logging_jobname=containers --restart=always", "PRE_START": [], "DEPEND": [], "CMD": ""'
|
ADDITIONAL='"EXTRA": "--label logging=promtail_user --label logging_jobname=containers --restart=always", "PRE_START": [], "DEPEND": [], "CMD": ""'
|
||||||
ENVS='"ENVS": [{"RUN_FORCE": "'$RUN_FORCE'"}, {"WEBSERVER_PORT": "'$WEBSERVER_PORT'"}],'
|
ENVS='"ENVS": [{"RUN_FORCE": "'$RUN_FORCE'"}, {"DOCKER_REGISTRY_URL": "'$DOCKER_REGISTRY_URL'"}, {"WEBSERVER_PORT": "'$WEBSERVER_PORT'"}],'
|
||||||
echo '{
|
echo '{
|
||||||
"main": {
|
"main": {
|
||||||
"SERVICE_NAME": "framework"
|
"SERVICE_NAME": "framework"
|
||||||
@@ -429,21 +429,19 @@ check_update() {
|
|||||||
|
|
||||||
REPOSITORY_URL=$(echo $IMAGE | cut -d '/' -f1)
|
REPOSITORY_URL=$(echo $IMAGE | cut -d '/' -f1)
|
||||||
|
|
||||||
# Check whether repository url is available
|
# if image repository url doesn't contain dot (safebox)
|
||||||
|
|
||||||
CURL_CHECK="curl -m 5 -s -o /dev/null -w "%{http_code}" https://$REPOSITORY_URL/v2/"
|
|
||||||
CURL_CHECK_CODE=$(eval $CURL_CHECK)
|
|
||||||
|
|
||||||
if [[ "$CURL_CHECK_CODE" == "200" ]] || [[ "$(echo "$REPOSITORY_URL" | grep '\.')" == "" ]]; then
|
|
||||||
debug "$REPOSITORY_URL accessed successful"
|
|
||||||
|
|
||||||
# if repository url is not set
|
|
||||||
if [[ "$(echo "$REPOSITORY_URL" | grep '\.')" == "" ]]; then
|
if [[ "$(echo "$REPOSITORY_URL" | grep '\.')" == "" ]]; then
|
||||||
REPOSITORY_URL="hub.docker.com"
|
REMOTE_URL="registry.hub.docker.com"
|
||||||
TEMP_PATH=$IMAGE
|
TEMP_PATH=$IMAGE
|
||||||
|
TEMP_IMAGE=$(echo $TEMP_PATH | cut -d ':' -f1)
|
||||||
|
TOKEN=$(curl -s "https://auth.docker.io/token?service=registry.docker.io&scope=repository:{$TEMP_IMAGE}:pull" | jq -r .token)
|
||||||
|
TOKEN_HEADER='-H "Authorization: Bearer '$TOKEN'"'
|
||||||
else
|
else
|
||||||
|
REMOTE_URL=""
|
||||||
# -f2- IMAGE can contain subdirectories
|
# -f2- IMAGE can contain subdirectories
|
||||||
TEMP_PATH=$(echo $IMAGE | cut -d '/' -f2-)
|
TEMP_PATH=$(echo $IMAGE | cut -d '/' -f2-)
|
||||||
|
TOKEN=""
|
||||||
|
TOKEN_HEADER=""
|
||||||
fi
|
fi
|
||||||
|
|
||||||
debug "TEMP PATH: $TEMP_PATH"
|
debug "TEMP PATH: $TEMP_PATH"
|
||||||
@@ -453,23 +451,34 @@ check_update() {
|
|||||||
TEMP_VERSION="latest"
|
TEMP_VERSION="latest"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
REMOTE_URL="https://$REPOSITORY_URL/v2/$TEMP_IMAGE/manifests/$TEMP_VERSION"
|
REMOTE_URL="https://$REMOTE_URL/v2/$TEMP_IMAGE/manifests/$TEMP_VERSION"
|
||||||
debug "$REMOTE_URL"
|
debug "REMOTE_URL: $REMOTE_URL"
|
||||||
|
|
||||||
|
# Check whether repository url is available
|
||||||
|
#CURL_CHECK="curl -m 5 -s -o /dev/null -w "%{http_code}" https://$REPOSITORY_URL/v2/"
|
||||||
|
CURL_CHECK='curl -m 5 -s -o /dev/null -I '"$TOKEN_HEADER"' -w "%{http_code}" '"$REMOTE_URL"
|
||||||
|
CURL_CHECK_CODE=$(eval $CURL_CHECK)
|
||||||
|
|
||||||
|
# if valid accessible url
|
||||||
|
if [[ "$CURL_CHECK_CODE" == "200" ]] ; then
|
||||||
|
debug "$REMOTE_URL repository accessed successfully"
|
||||||
|
|
||||||
#digest=$(curl --silent -H "Accept: application/vnd.docker.distribution.manifest.v2+json" "$REMOTE_URL" | jq -r '.config.digest');
|
#digest=$(curl --silent -H "Accept: application/vnd.docker.distribution.manifest.v2+json" "$REMOTE_URL" | jq -r '.config.digest');
|
||||||
# Digest for the whole manifest, which includes all architectures.
|
# Digest for the whole manifest, which includes all architectures.
|
||||||
digest=$(curl -s -I -H "Accept: application/vnd.oci.image.index.v1+json" "$REMOTE_URL" | grep Docker-Content-Digest | cut -d ' ' -f2 | tr -d '\r\n')
|
CURL_DIGEST='curl -s -I '"$TOKEN_HEADER"' -H "Accept: application/vnd.oci.image.index.v1+json" '"$REMOTE_URL"' | grep -i Docker-Content-Digest | cut -d " " -f2 | tr -d "\r\n"'
|
||||||
|
digest=$(eval $CURL_DIGEST)
|
||||||
|
|
||||||
#debug "docker images -q --no-trunc $REPOSITORY_URL/$TEMP_IMAGE:$TEMP_VERSION";
|
#debug "docker images -q --no-trunc $REPOSITORY_URL/$TEMP_IMAGE:$TEMP_VERSION";
|
||||||
#local_digest=$(docker images -q --no-trunc $REPOSITORY_URL/$TEMP_IMAGE:$TEMP_VERSION)
|
#local_digest=$(docker images -q --no-trunc $REPOSITORY_URL/$TEMP_IMAGE:$TEMP_VERSION)
|
||||||
debug "docker image inspect $REPOSITORY_URL/$TEMP_IMAGE:$TEMP_VERSION --format '{{index .RepoDigests 0}}' | cut -d '@' -f2"
|
debug "docker image inspect $IMAGE --format '{{index .RepoDigests 0}}' | cut -d '@' -f2"
|
||||||
# Digest for the whole manifest, which includes all architectures.
|
# Digest for the whole manifest, which includes all architectures.
|
||||||
local_digest=$(docker image inspect $REPOSITORY_URL/$TEMP_IMAGE:$TEMP_VERSION --format '{{index .RepoDigests 0}}' | cut -d '@' -f2)
|
local_digest=$(docker image inspect $IMAGE --format '{{index .RepoDigests 0}}' | cut -d '@' -f2)
|
||||||
|
|
||||||
debug "REMOTE DIGEST: $digest"
|
debug "REMOTE DIGEST: $digest"
|
||||||
debug "LOCAL DIGEST: $local_digest"
|
debug "LOCAL DIGEST: $local_digest"
|
||||||
|
|
||||||
if [ "$digest" != "$local_digest" ]; then
|
if [ "$digest" != "$local_digest" ]; then
|
||||||
echo "Update available. Executing update command..."
|
echo "Update available. You can execute update command..."
|
||||||
UPDATE="1"
|
UPDATE="1"
|
||||||
#DOCKER_PULL="docker pull $REPOSITORY_URL/$TEMP_IMAGE:$TEMP_VERSION"
|
#DOCKER_PULL="docker pull $REPOSITORY_URL/$TEMP_IMAGE:$TEMP_VERSION"
|
||||||
#eval $DOCKER_PULL
|
#eval $DOCKER_PULL
|
||||||
@@ -481,10 +490,11 @@ check_update() {
|
|||||||
# UPDATE="1";
|
# UPDATE="1";
|
||||||
#fi
|
#fi
|
||||||
else
|
else
|
||||||
|
UPDATE="0"
|
||||||
echo "Already up to date. Nothing to do."
|
echo "Already up to date. Nothing to do."
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
debug "$REPOSITORY_URL not accessible, http error code: $CURL_CHECK_CODE"
|
debug "$REMOTE_URL not accessible, http error code: $CURL_CHECK_CODE"
|
||||||
|
|
||||||
echo "Force image pull has started without digest check..."
|
echo "Force image pull has started without digest check..."
|
||||||
DOCKER_PULL="docker pull $IMAGE"
|
DOCKER_PULL="docker pull $IMAGE"
|
||||||
@@ -516,10 +526,29 @@ upgrade_scheduler() {
|
|||||||
--env WEBSERVER_PORT=$WEBSERVER_PORT \
|
--env WEBSERVER_PORT=$WEBSERVER_PORT \
|
||||||
--network $FRAMEWORK_SCHEDULER_NETWORK \
|
--network $FRAMEWORK_SCHEDULER_NETWORK \
|
||||||
--env RUN_FORCE=$RUN_FORCE \
|
--env RUN_FORCE=$RUN_FORCE \
|
||||||
|
--env DOCKER_REGISTRY_URL=$DOCKER_REGISTRY_URL \
|
||||||
$DOCKER_START"
|
$DOCKER_START"
|
||||||
eval "$DOCKER_RUN"
|
eval "$DOCKER_RUN"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
upgrade() {
|
||||||
|
local NAME=$1
|
||||||
|
|
||||||
|
if [ "$NAME" == "web-installer" ]; then
|
||||||
|
|
||||||
|
debug "$service_exec service-framework-scheduler.containers.webserver start info"
|
||||||
|
$service_exec service-framework-scheduler.containers.webserver stop force
|
||||||
|
$service_exec service-framework-scheduler.containers.webserver start info &
|
||||||
|
|
||||||
|
else
|
||||||
|
|
||||||
|
debug "$service_exec service-$NAME.json start info"
|
||||||
|
$service_exec service-$NAME.json stop force
|
||||||
|
$service_exec service-$NAME.json start info &
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
execute_task() {
|
execute_task() {
|
||||||
TASK="$1"
|
TASK="$1"
|
||||||
B64_JSON="$2"
|
B64_JSON="$2"
|
||||||
@@ -649,6 +678,7 @@ execute_task() {
|
|||||||
CONTAINER_NAMES=$(cat $SERVICE | jq -r .containers[].NAME)
|
CONTAINER_NAMES=$(cat $SERVICE | jq -r .containers[].NAME)
|
||||||
UPDATE_CONTAINERS=""
|
UPDATE_CONTAINERS=""
|
||||||
UPTODATE_CONTAINERS=""
|
UPTODATE_CONTAINERS=""
|
||||||
|
ERROR_CONTAINERS=""
|
||||||
for CONTAINER_NAME in $CONTAINER_NAMES; do
|
for CONTAINER_NAME in $CONTAINER_NAMES; do
|
||||||
#IMAGE=$(cat $SERVICE | jq -rc '.containers[] | select(.NAME=="'$CONTAINER_NAME'") | .IMAGE');
|
#IMAGE=$(cat $SERVICE | jq -rc '.containers[] | select(.NAME=="'$CONTAINER_NAME'") | .IMAGE');
|
||||||
IMAGE=$(cat $SERVICE | jq -rc --arg NAME "$CONTAINER_NAME" '.containers[] | select(.NAME==$NAME) | .IMAGE')
|
IMAGE=$(cat $SERVICE | jq -rc --arg NAME "$CONTAINER_NAME" '.containers[] | select(.NAME==$NAME) | .IMAGE')
|
||||||
@@ -657,13 +687,15 @@ execute_task() {
|
|||||||
check_update "$IMAGE"
|
check_update "$IMAGE"
|
||||||
if [ "$UPDATE" == "1" ]; then
|
if [ "$UPDATE" == "1" ]; then
|
||||||
UPDATE_CONTAINERS="$UPDATE_CONTAINERS $CONTAINER_NAME"
|
UPDATE_CONTAINERS="$UPDATE_CONTAINERS $CONTAINER_NAME"
|
||||||
else
|
elif [ "$UPDATE" == "0" ]; then
|
||||||
UPTODATE_CONTAINERS="$UPTODATE_CONTAINERS $CONTAINER_NAME"
|
UPTODATE_CONTAINERS="$UPTODATE_CONTAINERS $CONTAINER_NAME"
|
||||||
|
else
|
||||||
|
ERROR_CONTAINERS="$UPTODATE_CONTAINERS $CONTAINER_NAME"
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
#RESULT=$(echo "$CONTAINERS" | base64 -w0);
|
#RESULT=$(echo "$CONTAINERS" | base64 -w0);
|
||||||
SERVICES=$SERVICES$SEP'"'$SERVICE_NAME'": {"uptodate": "'$UPTODATE_CONTAINERS'", "update": "'$UPDATE_CONTAINERS'"}'
|
SERVICES=$SERVICES$SEP'"'$SERVICE_NAME'": {"uptodate": "'$UPTODATE_CONTAINERS'", "update": "'$UPDATE_CONTAINERS'", "error": "'$ERROR_CONTAINERS'"}'
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
|
|
||||||
@@ -845,7 +877,14 @@ execute_task() {
|
|||||||
RESULT=$(echo "$CONTAINERS" | base64 -w0)
|
RESULT=$(echo "$CONTAINERS" | base64 -w0)
|
||||||
JSON_TARGET=$(echo '{ "DATE": "'$DATE'", "RESULT": "'$RESULT'" }' | jq -r . | base64 -w0)
|
JSON_TARGET=$(echo '{ "DATE": "'$DATE'", "RESULT": "'$RESULT'" }' | jq -r . | base64 -w0)
|
||||||
elif [ "$TASK_NAME" == "upgrade" ]; then
|
elif [ "$TASK_NAME" == "upgrade" ]; then
|
||||||
upgrade_scheduler &
|
JSON="$(echo $B64_JSON | base64 -d)"
|
||||||
|
NAME=$(echo "$JSON" | jq -r .NAME | awk '{print tolower($0)}')
|
||||||
|
if [ "$NAME" == "framework" ]; then
|
||||||
|
upgrade_scheduler
|
||||||
|
upgrade "web-installer"
|
||||||
|
else
|
||||||
|
upgrade "$NAME"
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
debug "JSON_TARGET: $JSON_TARGET"
|
debug "JSON_TARGET: $JSON_TARGET"
|
||||||
@@ -944,6 +983,7 @@ start_framework_scheduler() {
|
|||||||
--env WEBSERVER_PORT=$WEBSERVER_PORT \
|
--env WEBSERVER_PORT=$WEBSERVER_PORT \
|
||||||
--network $FRAMEWORK_SCHEDULER_NETWORK \
|
--network $FRAMEWORK_SCHEDULER_NETWORK \
|
||||||
--env RUN_FORCE=$RUN_FORCE \
|
--env RUN_FORCE=$RUN_FORCE \
|
||||||
|
--env DOCKER_REGISTRY_URL=$DOCKER_REGISTRY_URL \
|
||||||
$DOCKER_START"
|
$DOCKER_START"
|
||||||
eval "$DOCKER_RUN"
|
eval "$DOCKER_RUN"
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user