-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
27 changed files
with
1,926 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,311 @@ | ||
name: Docker publish | ||
|
||
on: | ||
workflow_dispatch: | ||
inputs: | ||
version: | ||
description: 'Version (optional)' | ||
required: false | ||
push: | ||
branches: | ||
- 'main' | ||
|
||
jobs: | ||
docker-base-image: | ||
runs-on: ubuntu-latest | ||
permissions: | ||
contents: read | ||
packages: write | ||
strategy: | ||
fail-fast: false | ||
matrix: | ||
component: | ||
- trivy-adapter | ||
- core | ||
- db | ||
- exporter | ||
- jobservice | ||
- log | ||
- nginx | ||
- portal | ||
- prepare | ||
- redis | ||
- registry | ||
- registryctl | ||
|
||
defaults: | ||
run: | ||
working-directory: ./ | ||
|
||
steps: | ||
- uses: actions/checkout@v4 | ||
with: | ||
submodules: true | ||
|
||
- uses: docker/setup-qemu-action@v3 | ||
|
||
- uses: docker/setup-buildx-action@v3 | ||
with: | ||
driver: docker-container | ||
driver-opts: network=host | ||
|
||
- uses: docker/login-action@v3 | ||
with: | ||
registry: ghcr.io | ||
username: ${{ github.actor }} | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
- run: make patch | ||
|
||
- id: prepare | ||
run: echo "tag=$(cat ./version)" >> $GITHUB_ENV | ||
|
||
- name: Compare Versions | ||
id: compare | ||
run: | | ||
version1="${{ env.tag }}" | ||
version2="v2.9.0" | ||
compareVersions() { | ||
local v1="$(awk '{ gsub(/^v/, ""); print }' <<< "$1")" | ||
local v2="$(awk '{ gsub(/^v/, ""); print }' <<< "$2")" | ||
awk -v n1="$v1" -v n2="$v2" 'BEGIN { if (n1 < n2) print "ver_check=true"; else print "ver_check=false" }' | ||
} | ||
echo $(compareVersions "$version1" "$version2") >> $GITHUB_ENV | ||
echo $(compareVersions "$version1" "$version2") | ||
- name: Check if component is db | ||
if: ${{ (matrix.component == 'db') && (env.ver_check == 'true') }} | ||
run: | | ||
bash ./scripts/convert.sh ./harbor/make/photon/${{ matrix.component }}/Dockerfile.base | ||
cat ./harbor/make/photon/${{ matrix.component }}/Dockerfile.base | ||
- name: Build base image | ||
uses: docker/build-push-action@v5 | ||
with: | ||
context: ./harbor | ||
file: ./harbor/make/photon/${{ matrix.component }}/Dockerfile.base | ||
platforms: linux/amd64,linux/arm64 | ||
labels: | | ||
org.opencontainers.image.source=https://github.com/${{ github.repository }} | ||
org.opencontainers.image.revision=${{ env.tag }} | ||
push: ${{ github.event_name != 'pull_request' }} | ||
tags: ghcr.io/${{ github.repository }}/harbor-${{ matrix.component }}-base:${{ env.tag }} | ||
|
||
docker-image: | ||
needs: | ||
- docker-base-image | ||
|
||
runs-on: ubuntu-latest | ||
permissions: | ||
contents: read | ||
packages: write | ||
strategy: | ||
fail-fast: false | ||
matrix: | ||
component: | ||
- prepare | ||
- db | ||
- portal | ||
- core | ||
- jobservice | ||
- log | ||
- nginx | ||
- registryctl | ||
- trivy_adapter | ||
- redis | ||
- standalone_db_migrator | ||
- exporter | ||
|
||
defaults: | ||
run: | ||
working-directory: ./ | ||
|
||
steps: | ||
- uses: actions/checkout@v4 | ||
with: | ||
submodules: true | ||
|
||
- uses: actions/setup-go@v5 | ||
with: | ||
go-version: '^1.20.x' | ||
|
||
- uses: docker/setup-qemu-action@v3 | ||
- uses: docker/setup-buildx-action@v3 | ||
with: | ||
driver: docker-container | ||
driver-opts: network=host | ||
|
||
- run: make patch | ||
|
||
- uses: docker/login-action@v3 | ||
with: | ||
registry: ghcr.io | ||
username: ${{ github.actor }} | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
- id: prepare | ||
run: echo "tag=$(cat ./version)" >> $GITHUB_ENV | ||
|
||
- name: Compare Versions | ||
id: compare | ||
run: | | ||
version1="${{ env.tag }}" | ||
version2="v2.9.0" | ||
compareVersions() { | ||
local v1="$(awk '{ gsub(/^v/, ""); print }' <<< "$1")" | ||
local v2="$(awk '{ gsub(/^v/, ""); print }' <<< "$2")" | ||
awk -v n1="$v1" -v n2="$v2" 'BEGIN { if (n1 < n2) print "ver_check=true"; else print "ver_check=false" }' | ||
} | ||
echo $(compareVersions "$version1" "$version2") >> $GITHUB_ENV | ||
echo $(compareVersions "$version1" "$version2") | ||
- name: Check if component is db | ||
if: ${{ (matrix.component == 'db') && (env.ver_check == 'true') }} | ||
run: | | ||
bash ./scripts/convert.sh ./harbor/make/photon/${{ matrix.component }}/Dockerfile.base | ||
cat ./harbor/make/photon/${{ matrix.component }}/Dockerfile.base | ||
- name: Build & Publish images | ||
env: | ||
IMAGENAMESPACE: ghcr.io/${{ github.repository }} | ||
BASEIMAGENAMESPACE: ghcr.io/${{ github.repository }} | ||
IMAGELABELS: org.opencontainers.image.source=https://github.com/${{ github.repository }} | ||
MULTIARCH: true | ||
TRIVYFLAG: true | ||
CHARTFLAG: true | ||
NOTARYFLAG: true | ||
run: | | ||
cd ./harbor; | ||
set -eux; | ||
CTX="BUILDBIN=true VERSIONTAG=${{ env.tag }} BASEIMAGETAG=${{ env.tag }} MULTIARCH=${MULTIARCH} " | ||
CTX+="IMAGENAMESPACE=${IMAGENAMESPACE} BASEIMAGENAMESPACE=${BASEIMAGENAMESPACE} TRIVYFLAG=${TRIVYFLAG} " | ||
CTX+="CHARTFLAG=${CHARTFLAG} NOTARYFLAG=${CHARTFLAG} IMAGELABELS=${IMAGELABELS}" | ||
make versions_prepare ${CTX}; | ||
case ${{ matrix.component }} in | ||
core) make compile_core ${CTX} ;; | ||
jobservice) make compile_jobservice ${CTX};; | ||
registryctl) make compile_registryctl ${CTX};; | ||
standalone_db_migrator) make compile_standalone_db_migrator ${CTX} ;; | ||
esac; | ||
case ${{ matrix.component }} in | ||
exporter) make build BUILDTARGET="_compile_and_build_exporter" ${CTX} ;; | ||
registryctl) make build BUILDTARGET="_build_registry _build_registryctl" ${CTX} ;; | ||
*) make build BUILDTARGET="_build_${{ matrix.component }}" ${CTX} ;; | ||
esac; | ||
harbor-building: | ||
needs: | ||
- 'docker-image' | ||
|
||
runs-on: ubuntu-latest | ||
permissions: | ||
contents: read | ||
packages: write | ||
strategy: | ||
fail-fast: false | ||
|
||
defaults: | ||
run: | ||
working-directory: ./ | ||
|
||
steps: | ||
- uses: actions/checkout@v4 | ||
with: | ||
submodules: true | ||
|
||
- uses: actions/setup-go@v5 | ||
with: | ||
go-version: '^1.20.x' | ||
|
||
- uses: docker/setup-qemu-action@v3 | ||
|
||
- uses: docker/setup-buildx-action@v3 | ||
with: | ||
driver: docker-container | ||
driver-opts: network=host | ||
|
||
- run: make patch | ||
|
||
- uses: docker/login-action@v3 | ||
with: | ||
registry: ghcr.io | ||
username: ${{ github.actor }} | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
- id: prepare | ||
run: echo "tag=$(cat ./version)" >> $GITHUB_ENV | ||
|
||
- name: Load remote Docker images | ||
run: | | ||
load_remote_image() { | ||
image_name="$1" | ||
docker pull --platform=linux/arm64 "ghcr.io/${{ github.repository }}/$image_name:${{ env.tag }}" | ||
} | ||
images=( | ||
"harbor-log" | ||
"harbor-exporter" | ||
"harbor-db" | ||
"harbor-jobservice" | ||
"harbor-registryctl" | ||
"harbor-portal" | ||
"harbor-core" | ||
"nginx-photon" | ||
"redis-photon" | ||
"trivy-adapter-photon" | ||
"registry-photon" | ||
"prepare" | ||
) | ||
for image in "${images[@]}"; do | ||
load_remote_image "$image" | ||
done | ||
- name: Retag Docker images | ||
run: | | ||
retag_image() { | ||
image_name="$1" | ||
docker tag "ghcr.io/${{ github.repository }}/$image_name:${{ env.tag }} goharbor/$image_name:${{ env.tag }}" | ||
} | ||
images=( | ||
"harbor-log" | ||
"harbor-exporter" | ||
"harbor-db" | ||
"harbor-jobservice" | ||
"harbor-registryctl" | ||
"harbor-portal" | ||
"harbor-core" | ||
"nginx-photon" | ||
"redis-photon" | ||
"trivy-adapter-photon" | ||
"registry-photon" | ||
"prepare" | ||
) | ||
for image in "${images[@]}"; do | ||
retag_image "$image" | ||
done | ||
- name: Docker packaging Offline installer | ||
run: | | ||
# Run the 'package_offline' command in ./harbor/Makefile | ||
cd ./harbor | ||
sed -i 's/package_offline: update_prepare_version compile build/package_offline: update_prepare_version/' Makefile | ||
sed -i 's/TRIVYFLAG=false/TRIVYFLAG=true/' Makefile | ||
sed -i 's/NOTARYFLAG=false/NOTARYFLAG=true/' Makefile | ||
sed -i 's/CHARTFLAG=false/CHARTFLAG=true/' Makefile | ||
sed -i '0,/VERSIONTAG=dev/s//VERSIONTAG=v2.7.4/' Makefile | ||
make package_offline | ||
- run: ls -al | grep harbor-offline-installer | ||
- run: ls -al ./harbor | grep harbor-offline-installer |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
.history/ | ||
.vscode/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
export VERSION = $(shell cat version) | ||
# V1 := $(shell echo "$(VERSION)" | awk '{ gsub(/^v/, ""); print }') | ||
# V2 := "2.7.0" | ||
# V3 := "2.8.0" | ||
# CHK_VERSION := $(shell awk -v n1="$(V1)" -v n2="$(V2)" -v n3="$(V3)" 'BEGIN { if (n1 >= n2 && n1 < n3) print "v"$(V2); else print "$(VERSION)" }') | ||
|
||
all: dep patch | ||
|
||
dep: | ||
git submodule update --init --recursive | ||
git submodule update --force --remote | ||
git submodule foreach -q --recursive 'git reset --hard && git checkout ${VERSION}' | ||
|
||
patch: | ||
bash -c "git clone --branch $(VERSION) https://github.com/goharbor/harbor.git" | ||
bash -c "cp -r template/harbor/v2.7.4/Makefile harbor/Makefile" | ||
bash -c "cp -r template/harbor/v2.7.4/make/photon/* harbor/make/photon/" | ||
# cd harbor && sh -c "curl https://github.com/goharbor/harbor/compare/$(VERSION)...morlay:patch-$(CHK_VERSION).patch | git apply -v" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
#!/bin/bash | ||
|
||
## ===== [ Sub Functions] ===== | ||
function convert() { | ||
local con_path="$1" | ||
local temp_1="$(awk '/RUN tdnf/{exit} 1' "${con_path}")" | ||
local temp_2="$(awk '/RUN tdnf/,0' "${con_path}")" | ||
local result="" | ||
|
||
result+="${temp_1}"$'\n\n' | ||
result+="RUN tdnf install -y shadow >> /dev/null \\"$'\n' | ||
result+=" && groupadd -r postgres --gid=999 \\"$'\n' | ||
result+=" && useradd -m -r -g postgres --uid=999 postgres"$'\n\n' | ||
result+="$(sed -e "s/shadow //g" -e '/groupadd/d' -e '/useradd/d' -e '/ln -s/d' -e 's/share\/postgresql\.conf\.sample/share\/postgresql\/postgresql\.conf\.sample/g' <<< "${temp_2}")" | ||
|
||
|
||
|
||
echo "${result}" > "${con_path}" | ||
} | ||
|
||
## Main | ||
main() { | ||
## ===== [ includes ] ===== | ||
|
||
## ===== [ Constants and Variables ] ===== | ||
local path="$1" | ||
|
||
## ===== [ run functions ] ===== | ||
|
||
convert "${path}" | ||
} | ||
|
||
main "${@}" |
Oops, something went wrong.