From 938262d78f56d99cd1c0b424c384599a68a5aff7 Mon Sep 17 00:00:00 2001 From: "Jeffrey C. Ollie" Date: Tue, 29 Aug 2023 08:54:46 -0500 Subject: [PATCH] update build and clean up --- .drone.yml | 2 +- .github/workflows/build.yaml | 31 +------ flake.nix | 96 ++++++++++---------- push-container.nu | 89 +++++++++++------- regctl-push-container.nu | 170 ----------------------------------- 5 files changed, 105 insertions(+), 283 deletions(-) delete mode 100644 regctl-push-container.nu diff --git a/.drone.yml b/.drone.yml index d68a3fd..488f7cd 100644 --- a/.drone.yml +++ b/.drone.yml @@ -23,7 +23,7 @@ steps: # - nix run .#login # - echo -n "$${PLUGIN_PASSWORD}" | podman login --username $${PLUGIN_USERNAME} --password-stdin $${PLUGIN_REGISTRY} - nix build .#nixos-runner - - nix run .#regctl-push-container -- result + - nix run .#push-container -- result # - podman load --input result | sed -n -e "s/Loaded image:.\\(.*\\)/\\1/p" > loaded-image # - cat loaded-image # - podman images diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index fead6fd..4840577 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -5,37 +5,8 @@ jobs: build: runs-on: ubuntu-latest container: docker.io/jcollie/nixos-runner:latest - env: - REGISTRY: ghcr.io - REPOSITORY: jcollie/nixos-runner steps: - uses: actions/checkout@v3 - run: set - run: nix build -L .#nixos-runner - - uses: redhat-actions/podman-login@v1 - with: - registry: ghcr.io/${{ github.repository_owner }} - username: ${{ github.actor }} - password: ${{ github.token }} - # - run: echo -n "${PASSWORD}" | podman login --username ${USERNAME} --password-stdin ${REPOSITORY} - # env: - # REPOSITORY: ghcr.io/${{ github.repository_owner }} - # USERNAME: ${{ github.actor }} - # PASSWORD: ${{ github.token }} - - run: podman load --input result | sed -n -e "s/Loaded image:.\\(.*\\)/loaded-image=\\1/p" >> $GITHUB_OUTPUT - id: podman-load-image - - run: podman images - - run: podman tag "${IMAGE}" "${REGISTRY}/${REPOSITORY}:${GITHUB_RUN_NUMBER}-${GITHUB_SHA:0:8}" - env: - IMAGE: ${{ steps.podman-load-image.outputs.loaded-image }} - - run: podman tag "${IMAGE}" "${REGISTRY}/${REPOSITORY}:latest" - env: - IMAGE: ${{ steps.podman-load-image.outputs.loaded-image }} - - run: podman images - - run: podman push "${REGISTRY}/${REPOSITORY}:${GITHUB_RUN_NUMBER}-${GITHUB_SHA:0:8}" - - run: podman push "${REGISTRY}/${REPOSITORY}:latest" - - run: podman logout "${REGISTRY}" - - # - run: nix run .#push-container -- result --registry ghcr.io --repository jcollie/nixos-runner - # env: - # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + - run: nix run .#push-container -- result --repository jcollie/nixos-runner diff --git a/flake.nix b/flake.nix index 04edbd6..f7d4079 100644 --- a/flake.nix +++ b/flake.nix @@ -83,9 +83,9 @@ docker-client - self.packages.${system}.podman-push-container - self.packages.${system}.docker-push-container - self.packages.${system}.regctl-push-container + # self.packages.${system}.podman-push-container + # self.packages.${system}.docker-push-container + self.packages.${system}.push-container ]; flake-registry = null; @@ -412,66 +412,64 @@ ]; }; }; - podman-push-container = pkgs.writeTextFile { - name = "podman-push-container"; - destination = "/bin/podman-push-container"; - text = builtins.replaceStrings - [ - "@nushell@" - "@client@" - ] - [ - "${pkgs.nushell}/bin/nu" - "${pkgs.podman}/bin/podman" - ] - (builtins.readFile ./push-container.nu); - executable = true; - }; - docker-push-container = pkgs.writeTextFile { - name = "docker-push-container"; - destination = "/bin/docker-push-container"; - text = builtins.replaceStrings - [ - "@nushell@" - "@client@" - ] - [ - "${pkgs.nushell}/bin/nu" - "${docker-client}/bin/docker" - ] - (builtins.readFile ./push-container.nu); - executable = true; - }; - regctl-push-container = pkgs.writeTextFile { - name = "regctl-push-container"; - destination = "/bin/regctl-push-container"; + # podman-push-container = pkgs.writeTextFile { + # name = "podman-push-container"; + # destination = "/bin/podman-push-container"; + # text = builtins.replaceStrings + # [ + # "@nushell@" + # "@client@" + # ] + # [ + # "${pkgs.nushell}/bin/nu" + # "${pkgs.podman}/bin/podman" + # ] + # (builtins.readFile ./push-container.nu); + # executable = true; + # }; + # docker-push-container = pkgs.writeTextFile { + # name = "docker-push-container"; + # destination = "/bin/docker-push-container"; + # text = builtins.replaceStrings + # [ + # "@nushell@" + # "@client@" + # ] + # [ + # "${pkgs.nushell}/bin/nu" + # "${docker-client}/bin/docker" + # ] + # (builtins.readFile ./push-container.nu); + # executable = true; + # }; + push-container = pkgs.writeTextFile { + name = "push-container"; + destination = "/bin/push-container"; text = builtins.replaceStrings [ "@nushell@" "@regctl@" - "@gzip@" ] [ "${pkgs.nushell}/bin/nu" "${pkgs.regctl}/bin/regctl" - "${pkgs.gzip}/bin/gzip" ] - (builtins.readFile ./regctl-push-container.nu); + (builtins.readFile ./push-container.nu); executable = true; }; }; apps = { - podman-push-container = { + # podman-push-container = { + # type = "app"; + # program = "${self.packages.${system}.podman-push-container}/bin/podman-push-container"; + # }; + # docker-push-container = { + # type = "app"; + # program = "${self.packages.${system}.docker-push-container}/bin/docker-push-container"; + # }; + push-container = { type = "app"; - program = "${self.packages.${system}.podman-push-container}/bin/podman-push-container"; - }; - docker-push-container = { - type = "app"; - program = "${self.packages.${system}.docker-push-container}/bin/docker-push-container"; - }; - regctl-push-container = { - type = "app"; - program = "${self.packages.${system}.regctl-push-container}/bin/regctl-push-container"; + program = "${self.packages.${system}.push-container}/bin/push-container"; }; }; } diff --git a/push-container.nu b/push-container.nu index 01122fe..9994e23 100644 --- a/push-container.nu +++ b/push-container.nu @@ -2,6 +2,8 @@ def main [ input: string # tar.gz file containing container image to be pushed to repository ...tags: string # Tags to be added to pushed container image + --username: string = "" # username + --password: string = "" # password --registry: string = "" # container registry --repository: string = "" # container repository --no-latest-tag # Don't add "latest" tag to list of tags @@ -19,12 +21,6 @@ def main [ $tags } - let tags = if (not $no_latest_tag) { - $tags | append "latest" - } else { - $tags - } - let tags = if ( (not $no_github_tag) and @@ -49,10 +45,19 @@ def main [ $tags } + let tags = if (not $no_latest_tag) { + $tags | append "latest" + } else { + $tags + } + let auth = {username: null, password: null} let auth = ( - if ( + if not ($username | is-empty) and ($password | is-empty) { + print "Got username and password from command line" + {username: $username, password: $password} + } else if ( (not ($env | get -i USERNAME | is-empty)) and (not ($env | get -i PASSWORD | is-empty)) @@ -98,7 +103,7 @@ def main [ } else { $registry } - ) + ) | parse --regex "(?:https?://)?(?P.*)" | get 0.rest let repository = ( if ($repository | is-empty) { @@ -115,33 +120,51 @@ def main [ } ) - alias client = ^@client@ --log-level debug + alias regctl = ^@regctl@ --verbosity warning + alias gzip = ^@gzip@ - $auth.password | client login --username $auth.username --password-stdin $registry + regctl version + regctl registry login $registry --user $auth.username --pass $auth.password - let load_result = (do { client load --input $input } | complete) - if $load_result.exit_code != 0 { - print $load_result.stderr - exit 1 + # print "decompressing image: start" + + # open $input | gzip --decompress | save --force --progress $"($input).tar" + + # print "decompressing image: stop" + + # let load_result = (do { regctl load --input $input } | complete) + # if $load_result.exit_code != 0 { + # print $load_result.stderr + # exit 1 + # } + + # let old_image = ($load_result.stdout | str trim | parse "Loaded image: {image}" | get 0.image) + + $tags | enumerate | each { + |item| + if $item.index == 0 { + let new_image = $"($registry)/($repository):($item.item)" + print $"Pushing ($new_image)" + regctl image import $new_image $input + # let tag_result = (do { regctl image import $new_image $"($input).tar" } | complete) + # if $tag_result.exit_code != 0 { + # print $tag_result.stderr + # exit 1 + # } + print $"Pushed ($new_image)" + } else { + let old_image = $"($registry)/($repository):($tags | get 0)" + let new_image = $"($registry)/($repository):($item.item)" + print $"Copying ($old_image) ($new_image)" + regctl image copy $old_image $new_image + # let tag_result = (do { regctl image copy $old_image $new_image } | complete) + # if $tag_result.exit_code != 0 { + # print $tag_result.stderr + # exit 1 + # } + print $"Copied ($old_image) ($new_image)" + } } - let old_image = ($load_result.stdout | str trim | parse "Loaded image: {image}" | get 0.image) - - $tags | each { - |tag| - let new_image = $"($registry)/($repository):($tag)" - let tag_result = (do { client tag $old_image $new_image } | complete) - if $tag_result.exit_code != 0 { - print $tag_result.stderr - exit 1 - } - let push_result = (do { client push $new_image } | complete) - if $push_result.exit_code != 0 { - print $push_result.stderr - exit 1 - } - print $"Pushed ($new_image)" - } - - client logout $registry + regctl registry logout $registry } diff --git a/regctl-push-container.nu b/regctl-push-container.nu deleted file mode 100644 index 9994e23..0000000 --- a/regctl-push-container.nu +++ /dev/null @@ -1,170 +0,0 @@ -#!@nushell@ -def main [ - input: string # tar.gz file containing container image to be pushed to repository - ...tags: string # Tags to be added to pushed container image - --username: string = "" # username - --password: string = "" # password - --registry: string = "" # container registry - --repository: string = "" # container repository - --no-latest-tag # Don't add "latest" tag to list of tags - --no-drone-tag # Don't add tag calculated from DRONE_BUILD_NUMBER and DRONE_COMMIT_SHA - --no-github-tag # Don't add tag calculated from GITHUB_RUN_NUMBER and GITHUB_SHA -] { - if not ($input | path exists) { - print $"($input) does not exist!" - exit 1 - } - - let tags = if not ($env | get -i PLUGIN_TAGS | is-empty) { - $tags | append ($env.PLUGIN_TAGS | split row ',' | str trim) - } else { - $tags - } - - let tags = if ( - (not $no_github_tag) - and - (not ($env | get -i GITHUB_RUN_NUMBER | is-empty)) - and - (not ($env | get -i GITHUB_SHA | is-empty)) - ) { - $tags | append $"($env.GITHUB_RUN_NUMBER)-($env.GITHUB_SHA | str substring 0..8)" - } else { - $tags - } - - let tags = if ( - (not $no_drone_tag) - and - (not ($env | get -i DRONE_BUILD_NUMBER | is-empty)) - and - (not ($env | get -i DRONE_COMMIT_SHA | is-empty)) - ) { - $tags | append $"($env.DRONE_BUILD_NUMBER)-($env.DRONE_COMMIT_SHA | str substring 0..8)" - } else { - $tags - } - - let tags = if (not $no_latest_tag) { - $tags | append "latest" - } else { - $tags - } - - let auth = {username: null, password: null} - - let auth = ( - if not ($username | is-empty) and ($password | is-empty) { - print "Got username and password from command line" - {username: $username, password: $password} - } else if ( - (not ($env | get -i USERNAME | is-empty)) - and - (not ($env | get -i PASSWORD | is-empty)) - ) { - print "Got username and password from USERNAME and PASSWORD" - {username: $env.USERNAME, password: $env.PASSWORD} - } else if ( - (not ($env | get -i PLUGIN_USERNAME | is-empty)) - and - (not ($env | get -i PLUGIN_PASSWORD | is-empty)) - ) { - print "Got username and password from PLUGIN_USERNAME and PLUGIN_PASSWORD" - {username: $env.PLUGIN_USERNAME, password: $env.PLUGIN_PASSWORD} - } else if ( - (not ($env | get -i GITHUB_ACTOR | is-empty)) - and - (not ($env | get -i GITHUB_TOKEN | is-empty)) - ) { - print "Got username and password from GITHUB_ACTOR and GITHUB_TOKEN" - {username: $env.GITHUB_ACTOR, password: $env.GITHUB_TOKEN} - } else { - print "Unable to determine authentication parameters!" - exit 1 - } - ) - - let registry = ( - if ($registry | is-empty) { - if not ($env | get -i PLUGIN_REGISTRY | is-empty) { - $env.PLUGIN_REGISTRY - } else if not ($env | get -i REGISTRY | is-empty) { - $env.REGISTRY - } else if ( - (not ($env | get -i GITHUB_SERVER_URL | is-empty)) - and - (not ($env | get -i GITHUB_ACTOR | is-empty)) - ) { - $"($env.GITHUB_SERVER_URL)/($env.GITHUB_ACTOR)" - } else { - print "No registry specified!" - exit 1 - } - } else { - $registry - } - ) | parse --regex "(?:https?://)?(?P.*)" | get 0.rest - - let repository = ( - if ($repository | is-empty) { - if not ($env | get -i PLUGIN_REPOSITORY | is-empty) { - $env.PLUGIN_REPOSITORY - } else if not ($env | get -i REPOSITORY | is-empty) { - $env.REPOSITORY - } else { - print "No repository specified!" - exit 1 - } - } else { - $repository - } - ) - - alias regctl = ^@regctl@ --verbosity warning - alias gzip = ^@gzip@ - - regctl version - regctl registry login $registry --user $auth.username --pass $auth.password - - # print "decompressing image: start" - - # open $input | gzip --decompress | save --force --progress $"($input).tar" - - # print "decompressing image: stop" - - # let load_result = (do { regctl load --input $input } | complete) - # if $load_result.exit_code != 0 { - # print $load_result.stderr - # exit 1 - # } - - # let old_image = ($load_result.stdout | str trim | parse "Loaded image: {image}" | get 0.image) - - $tags | enumerate | each { - |item| - if $item.index == 0 { - let new_image = $"($registry)/($repository):($item.item)" - print $"Pushing ($new_image)" - regctl image import $new_image $input - # let tag_result = (do { regctl image import $new_image $"($input).tar" } | complete) - # if $tag_result.exit_code != 0 { - # print $tag_result.stderr - # exit 1 - # } - print $"Pushed ($new_image)" - } else { - let old_image = $"($registry)/($repository):($tags | get 0)" - let new_image = $"($registry)/($repository):($item.item)" - print $"Copying ($old_image) ($new_image)" - regctl image copy $old_image $new_image - # let tag_result = (do { regctl image copy $old_image $new_image } | complete) - # if $tag_result.exit_code != 0 { - # print $tag_result.stderr - # exit 1 - # } - print $"Copied ($old_image) ($new_image)" - } - } - - regctl registry logout $registry -}