Compare commits
21 Commits
a3296361d6
...
latest
| Author | SHA1 | Date | |
|---|---|---|---|
| c8bd49dab9 | |||
| d62075e479 | |||
| 102b924007 | |||
| 682ee53d19 | |||
| 541ecbbd5e | |||
| 3325ffeda0 | |||
| 53c8ff14da | |||
| 9c5bc54452 | |||
| 30a3584a08 | |||
| 894925c5d9 | |||
| e0c4065824 | |||
| e9597802b6 | |||
| 7ac614714c | |||
| 8f1b66e637 | |||
| 9663bb400f | |||
| 24695b1688 | |||
| e39a7494b3 | |||
| 782f2fa7bb | |||
| 4bce6e9731 | |||
|
7c25aea06a | ||
|
|
5a2ead04cc |
10
.drone.yml
10
.drone.yml
@@ -6,10 +6,10 @@ node_selector:
|
||||
physical-node: dev2
|
||||
|
||||
trigger:
|
||||
branch:
|
||||
- main
|
||||
event:
|
||||
- push
|
||||
- tag
|
||||
|
||||
workspace:
|
||||
path: /drone/src
|
||||
|
||||
@@ -30,6 +30,9 @@ steps:
|
||||
platforms:
|
||||
- linux/amd64
|
||||
- linux/arm64
|
||||
when:
|
||||
event:
|
||||
- push
|
||||
|
||||
- name: pull image to dockerhub
|
||||
image: docker.io/owncloudci/drone-docker-buildx:4
|
||||
@@ -45,3 +48,6 @@ steps:
|
||||
platforms:
|
||||
- linux/amd64
|
||||
- linux/arm64
|
||||
when:
|
||||
event:
|
||||
- tag
|
||||
@@ -344,7 +344,7 @@ create_framework_json() {
|
||||
|
||||
ADDITIONAL=""
|
||||
ADDITIONAL='"EXTRA": "--label logging=promtail_user --label logging_jobname=containers --restart=always", "PRE_START": [], "DEPEND": [], "CMD": ""'
|
||||
ENVS='"ENVS": [{"RUN_FORCE": "'$RUN_FORCE'"}, {"WEBSERVER_PORT": "'$WEBSERVER_PORT'"}],'
|
||||
ENVS='"ENVS": [{"RUN_FORCE": "'$RUN_FORCE'"}, {"DOCKER_REGISTRY_URL": "'$DOCKER_REGISTRY_URL'"}, {"WEBSERVER_PORT": "'$WEBSERVER_PORT'"}],'
|
||||
echo '{
|
||||
"main": {
|
||||
"SERVICE_NAME": "framework"
|
||||
@@ -429,21 +429,19 @@ check_update() {
|
||||
|
||||
REPOSITORY_URL=$(echo $IMAGE | cut -d '/' -f1)
|
||||
|
||||
# Check whether repository url is available
|
||||
|
||||
CURL_CHECK="curl -m 5 -s -o /dev/null -w "%{http_code}" https://$REPOSITORY_URL/v2/"
|
||||
CURL_CHECK_CODE=$(eval $CURL_CHECK)
|
||||
|
||||
if [[ "$CURL_CHECK_CODE" == "200" ]] || [[ "$(echo "$REPOSITORY_URL" | grep '\.')" == "" ]]; then
|
||||
debug "$REPOSITORY_URL accessed successful"
|
||||
|
||||
# if repository url is not set
|
||||
# if image repository url doesn't contain dot (safebox)
|
||||
if [[ "$(echo "$REPOSITORY_URL" | grep '\.')" == "" ]]; then
|
||||
REPOSITORY_URL="hub.docker.com"
|
||||
REMOTE_URL="registry.hub.docker.com"
|
||||
TEMP_PATH=$IMAGE
|
||||
TEMP_IMAGE=$(echo $TEMP_PATH | cut -d ':' -f1)
|
||||
TOKEN=$(curl -s "https://auth.docker.io/token?service=registry.docker.io&scope=repository:{$TEMP_IMAGE}:pull" | jq -r .token)
|
||||
TOKEN_HEADER='-H "Authorization: Bearer '$TOKEN'"'
|
||||
else
|
||||
REMOTE_URL=""
|
||||
# -f2- IMAGE can contain subdirectories
|
||||
TEMP_PATH=$(echo $IMAGE | cut -d '/' -f2-)
|
||||
TOKEN=""
|
||||
TOKEN_HEADER=""
|
||||
fi
|
||||
|
||||
debug "TEMP PATH: $TEMP_PATH"
|
||||
@@ -453,23 +451,34 @@ check_update() {
|
||||
TEMP_VERSION="latest"
|
||||
fi
|
||||
|
||||
REMOTE_URL="https://$REPOSITORY_URL/v2/$TEMP_IMAGE/manifests/$TEMP_VERSION"
|
||||
debug "$REMOTE_URL"
|
||||
REMOTE_URL="https://$REMOTE_URL/v2/$TEMP_IMAGE/manifests/$TEMP_VERSION"
|
||||
debug "REMOTE_URL: $REMOTE_URL"
|
||||
|
||||
# Check whether repository url is available
|
||||
#CURL_CHECK="curl -m 5 -s -o /dev/null -w "%{http_code}" https://$REPOSITORY_URL/v2/"
|
||||
CURL_CHECK='curl -m 5 -s -o /dev/null -I '"$TOKEN_HEADER"' -w "%{http_code}" '"$REMOTE_URL"
|
||||
CURL_CHECK_CODE=$(eval $CURL_CHECK)
|
||||
|
||||
# if valid accessible url
|
||||
if [[ "$CURL_CHECK_CODE" == "200" ]] ; then
|
||||
debug "$REMOTE_URL repository accessed successfully"
|
||||
|
||||
#digest=$(curl --silent -H "Accept: application/vnd.docker.distribution.manifest.v2+json" "$REMOTE_URL" | jq -r '.config.digest');
|
||||
# Digest for the whole manifest, which includes all architectures.
|
||||
digest=$(curl -s -I -H "Accept: application/vnd.oci.image.index.v1+json" "$REMOTE_URL" | grep Docker-Content-Digest | cut -d ' ' -f2 | tr -d '\r\n')
|
||||
CURL_DIGEST='curl -s -I '"$TOKEN_HEADER"' -H "Accept: application/vnd.oci.image.index.v1+json" '"$REMOTE_URL"' | grep -i Docker-Content-Digest | cut -d " " -f2 | tr -d "\r\n"'
|
||||
digest=$(eval $CURL_DIGEST)
|
||||
|
||||
#debug "docker images -q --no-trunc $REPOSITORY_URL/$TEMP_IMAGE:$TEMP_VERSION";
|
||||
#local_digest=$(docker images -q --no-trunc $REPOSITORY_URL/$TEMP_IMAGE:$TEMP_VERSION)
|
||||
debug "docker image inspect $REPOSITORY_URL/$TEMP_IMAGE:$TEMP_VERSION --format '{{index .RepoDigests 0}}' | cut -d '@' -f2"
|
||||
debug "docker image inspect $IMAGE --format '{{index .RepoDigests 0}}' | cut -d '@' -f2"
|
||||
# Digest for the whole manifest, which includes all architectures.
|
||||
local_digest=$(docker image inspect $REPOSITORY_URL/$TEMP_IMAGE:$TEMP_VERSION --format '{{index .RepoDigests 0}}' | cut -d '@' -f2)
|
||||
local_digest=$(docker image inspect $IMAGE --format '{{index .RepoDigests 0}}' | cut -d '@' -f2)
|
||||
|
||||
debug "REMOTE DIGEST: $digest"
|
||||
debug "LOCAL DIGEST: $local_digest"
|
||||
|
||||
if [ "$digest" != "$local_digest" ]; then
|
||||
echo "Update available. Executing update command..."
|
||||
echo "Update available. You can execute update command..."
|
||||
UPDATE="1"
|
||||
#DOCKER_PULL="docker pull $REPOSITORY_URL/$TEMP_IMAGE:$TEMP_VERSION"
|
||||
#eval $DOCKER_PULL
|
||||
@@ -481,10 +490,11 @@ check_update() {
|
||||
# UPDATE="1";
|
||||
#fi
|
||||
else
|
||||
UPDATE="0"
|
||||
echo "Already up to date. Nothing to do."
|
||||
fi
|
||||
else
|
||||
debug "$REPOSITORY_URL not accessible, http error code: $CURL_CHECK_CODE"
|
||||
debug "$REMOTE_URL not accessible, http error code: $CURL_CHECK_CODE"
|
||||
|
||||
echo "Force image pull has started without digest check..."
|
||||
DOCKER_PULL="docker pull $IMAGE"
|
||||
@@ -513,14 +523,32 @@ upgrade_scheduler() {
|
||||
-v USER_CONFIG:/etc/user/config \
|
||||
-v USER_SECRET:/etc/user/secret \
|
||||
--restart=always \
|
||||
--name $FRAMEWORK_SCHEDULER_NAME \
|
||||
--env WEBSERVER_PORT=$WEBSERVER_PORT \
|
||||
--network $FRAMEWORK_SCHEDULER_NETWORK \
|
||||
--env RUN_FORCE=$RUN_FORCE \
|
||||
--env DOCKER_REGISTRY_URL=$DOCKER_REGISTRY_URL \
|
||||
$DOCKER_START"
|
||||
eval "$DOCKER_RUN"
|
||||
}
|
||||
|
||||
upgrade() {
|
||||
local NAME=$1
|
||||
|
||||
if [ "$NAME" == "web-installer" ]; then
|
||||
|
||||
debug "$service_exec service-framework-scheduler.containers.webserver start info"
|
||||
$service_exec service-framework-scheduler.containers.webserver stop force
|
||||
$service_exec service-framework-scheduler.containers.webserver start info &
|
||||
|
||||
else
|
||||
|
||||
debug "$service_exec service-$NAME.json start info"
|
||||
$service_exec service-$NAME.json stop force
|
||||
$service_exec service-$NAME.json start info &
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
execute_task() {
|
||||
TASK="$1"
|
||||
B64_JSON="$2"
|
||||
@@ -650,6 +678,7 @@ execute_task() {
|
||||
CONTAINER_NAMES=$(cat $SERVICE | jq -r .containers[].NAME)
|
||||
UPDATE_CONTAINERS=""
|
||||
UPTODATE_CONTAINERS=""
|
||||
ERROR_CONTAINERS=""
|
||||
for CONTAINER_NAME in $CONTAINER_NAMES; do
|
||||
#IMAGE=$(cat $SERVICE | jq -rc '.containers[] | select(.NAME=="'$CONTAINER_NAME'") | .IMAGE');
|
||||
IMAGE=$(cat $SERVICE | jq -rc --arg NAME "$CONTAINER_NAME" '.containers[] | select(.NAME==$NAME) | .IMAGE')
|
||||
@@ -658,13 +687,15 @@ execute_task() {
|
||||
check_update "$IMAGE"
|
||||
if [ "$UPDATE" == "1" ]; then
|
||||
UPDATE_CONTAINERS="$UPDATE_CONTAINERS $CONTAINER_NAME"
|
||||
else
|
||||
elif [ "$UPDATE" == "0" ]; then
|
||||
UPTODATE_CONTAINERS="$UPTODATE_CONTAINERS $CONTAINER_NAME"
|
||||
else
|
||||
ERROR_CONTAINERS="$UPTODATE_CONTAINERS $CONTAINER_NAME"
|
||||
fi
|
||||
fi
|
||||
done
|
||||
#RESULT=$(echo "$CONTAINERS" | base64 -w0);
|
||||
SERVICES=$SERVICES$SEP'"'$SERVICE_NAME'": {"uptodate": "'$UPTODATE_CONTAINERS'", "update": "'$UPDATE_CONTAINERS'"}'
|
||||
SERVICES=$SERVICES$SEP'"'$SERVICE_NAME'": {"uptodate": "'$UPTODATE_CONTAINERS'", "update": "'$UPDATE_CONTAINERS'", "error": "'$ERROR_CONTAINERS'"}'
|
||||
fi
|
||||
done
|
||||
|
||||
@@ -846,7 +877,14 @@ execute_task() {
|
||||
RESULT=$(echo "$CONTAINERS" | base64 -w0)
|
||||
JSON_TARGET=$(echo '{ "DATE": "'$DATE'", "RESULT": "'$RESULT'" }' | jq -r . | base64 -w0)
|
||||
elif [ "$TASK_NAME" == "upgrade" ]; then
|
||||
upgrade_scheduler &
|
||||
JSON="$(echo $B64_JSON | base64 -d)"
|
||||
NAME=$(echo "$JSON" | jq -r .NAME | awk '{print tolower($0)}')
|
||||
if [ "$NAME" == "framework" ]; then
|
||||
upgrade_scheduler
|
||||
upgrade "web-installer"
|
||||
else
|
||||
upgrade "$NAME"
|
||||
fi
|
||||
fi
|
||||
|
||||
debug "JSON_TARGET: $JSON_TARGET"
|
||||
@@ -945,6 +983,7 @@ start_framework_scheduler() {
|
||||
--env WEBSERVER_PORT=$WEBSERVER_PORT \
|
||||
--network $FRAMEWORK_SCHEDULER_NETWORK \
|
||||
--env RUN_FORCE=$RUN_FORCE \
|
||||
--env DOCKER_REGISTRY_URL=$DOCKER_REGISTRY_URL \
|
||||
$DOCKER_START"
|
||||
eval "$DOCKER_RUN"
|
||||
|
||||
|
||||
Reference in New Issue
Block a user