mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-11-27 04:43:59 +01:00
633a61809e
(cherry picked from commitc2a7aaeee8
) (cherry picked from commit6b6007fbce
) (cherry picked from commit63608a221e
) (cherry picked from commit5cfe60baa7
) (cherry picked from commit2af4c73d12
) (cherry picked from commit1985959bfe
) (cherry picked from commit880424c77e
) (cherry picked from commitc78a861d1b
) (cherry picked from commit25c1227011
) (cherry picked from commit7195e894ee
) (cherry picked from commitcf15153873
) (cherry picked from commit9bee773c95
) (cherry picked from commit581c3060da
) (cherry picked from commitbf550f9b2c
) (cherry picked from commitb570eca0b9
) [CI] implementation: Woodpecker based CI (squash) Upgrade xgo to Go v1.20 for building binaries (cherry picked from commit6308c776b6
) [CI] v1.20: switch PR check from Woodpecker CI to Forgejo Actions The PR checks for v1.19 still rely on Woodpecker CI. Keeping .woodpecker in v1.20 while both Woodpecker CI & Forgejo Actions are enabled would dupicate the checks. The release process in releases remains Woodpecker CI. (cherry picked from commit93e42f3f53
) (cherry picked from commit599c5162ad
) (cherry picked from commit6f8b723a55
) (cherry picked from commite238d7d72f
) (cherry picked from commit2258fb575b
) (cherry picked from commit52195d9456
)
122 lines
3 KiB
Bash
Executable file
122 lines
3 KiB
Bash
Executable file
#!/bin/sh
|
|
|
|
set -ex
|
|
|
|
: ${DOCKER_HOST:=unix:///var/run/docker.sock}
|
|
: ${ARCHS:=amd64 arm64}
|
|
: ${PULL_USER:=forgejo-integration}
|
|
if test "$CI_REPO" = "forgejo/release" ; then
|
|
: ${PUSH_USER:=forgejo}
|
|
else
|
|
: ${PUSH_USER:=forgejo-experimental}
|
|
fi
|
|
: ${INTEGRATION_IMAGE:=codeberg.org/$PULL_USER/forgejo}
|
|
: ${TAG:=${CI_COMMIT_TAG##v}}
|
|
: ${SHORT_TAG=${TAG%.*-*}}
|
|
: ${DOMAIN:=codeberg.org}
|
|
: ${TOKEN_HEADER:=/tmp/token$$}
|
|
trap "rm -f ${TOKEN_HEADER}" EXIT
|
|
|
|
: ${VERIFY:=true}
|
|
VERIFY_COMMAND='gitea --version'
|
|
VERIFY_STRING='built with'
|
|
|
|
publish() {
|
|
for suffix in '' '-rootless' ; do
|
|
images=""
|
|
for arch in $ARCHS ; do
|
|
#
|
|
# Get the image from the integration user
|
|
#
|
|
image=$(image_name $PULL_USER $suffix)
|
|
docker pull --platform linux/$arch $image
|
|
#
|
|
# Verify it is usable
|
|
#
|
|
if $VERIFY ; then
|
|
docker run --platform linux/$arch --rm $image $VERIFY_COMMAND | grep "$VERIFY_STRING"
|
|
fi
|
|
#
|
|
# Push the image with a tag reflecting the architecture to the repo owner
|
|
#
|
|
arch_image=$(arch_image_name $PUSH_USER $arch $suffix)
|
|
docker tag $image $arch_image
|
|
docker push $arch_image
|
|
images="$images $arch_image"
|
|
done
|
|
|
|
#
|
|
# Push a manifest with all the architectures to the repo owner
|
|
#
|
|
manifest=$(image_name $PUSH_USER $suffix)
|
|
docker manifest rm $manifest || true
|
|
docker manifest create $manifest $images
|
|
image_put $PUSH_USER $(image_tag $suffix) $manifest
|
|
image_put $PUSH_USER $(short_image_tag $suffix) $manifest
|
|
#
|
|
# Sanity check to ensure the manifest that are published can actualy
|
|
# be used.
|
|
#
|
|
for arch in $ARCHS ; do
|
|
docker pull --platform linux/$arch $(image_name $PUSH_USER $suffix)
|
|
docker pull --platform linux/$arch $(short_image_name $PUSH_USER $suffix)
|
|
done
|
|
done
|
|
}
|
|
|
|
boot() {
|
|
if docker version ; then
|
|
return
|
|
fi
|
|
apk --update --no-cache add coredns jq curl
|
|
( echo ".:53 {" ; echo " forward . /etc/resolv.conf"; echo "}" ) > /etc/coredns/Corefile
|
|
coredns -conf /etc/coredns/Corefile &
|
|
/usr/local/bin/dockerd --data-root /var/lib/docker --host=$DOCKER_HOST --dns 172.17.0.3 &
|
|
for i in $(seq 60) ; do
|
|
docker version && break
|
|
sleep 1
|
|
done
|
|
docker version || exit 1
|
|
}
|
|
|
|
authenticate() {
|
|
echo "$RELEASETEAMTOKEN" | docker login --password-stdin --username "$RELEASETEAMUSER" $DOMAIN
|
|
curl -u$RELEASETEAMUSER:$RELEASETEAMTOKEN -sS https://$DOMAIN/v2/token | jq --raw-output '"Authorization: token \(.token)"' > $TOKEN_HEADER
|
|
}
|
|
|
|
image_put() {
|
|
docker manifest inspect $3 > /tmp/manifest.json
|
|
curl -sS -H @$TOKEN_HEADER -X PUT --data-binary @/tmp/manifest.json https://$DOMAIN/v2/$1/forgejo/manifests/$2
|
|
}
|
|
|
|
main() {
|
|
boot
|
|
authenticate
|
|
publish
|
|
}
|
|
|
|
image_name() {
|
|
echo $DOMAIN/$1/forgejo:$(image_tag $2)
|
|
}
|
|
|
|
image_tag() {
|
|
echo $TAG$1
|
|
}
|
|
|
|
short_image_name() {
|
|
echo $DOMAIN/$1/forgejo:$(short_image_tag $2)
|
|
}
|
|
|
|
short_image_tag() {
|
|
echo $SHORT_TAG$1
|
|
}
|
|
|
|
arch_image_name() {
|
|
echo $DOMAIN/$1/forgejo:$(arch_image_tag $2 $3)
|
|
}
|
|
|
|
arch_image_tag() {
|
|
echo $TAG-$1$2
|
|
}
|
|
|
|
${@:-main}
|