|
678 | 678 |
|
679 | 679 | currentStepEnd="$(date +"%Y-%m-%d %H:%M:%S")" |
680 | 680 | finalizeBuildStep "${buildStartTime}" "${buildStartTime}" "${currentStepEnd}" "${NAMESPACE}" "registryLogin" "Container Registry Login" "false" |
681 | | -previousStepEnd=${currentStepEnd} |
682 | | -beginBuildStep "Image Builds" "buildingImages" |
683 | 681 |
|
684 | 682 | ############################################## |
685 | 683 | ### BUILD IMAGES |
@@ -840,6 +838,135 @@ if [[ "$BUILD_TYPE" == "promote" ]]; then |
840 | 838 | echo "No images built for promote environments" |
841 | 839 | fi |
842 | 840 |
|
| 841 | +############################################## |
| 842 | +### PUSH IMAGES TO REGISTRY |
| 843 | +############################################## |
| 844 | + |
| 845 | +# set up image deprecation warnings |
| 846 | +DEPRECATED_IMAGE_WARNINGS="false" |
| 847 | +declare -A DEPRECATED_IMAGE_NAME |
| 848 | +declare -A DEPRECATED_IMAGE_STATUS |
| 849 | +declare -A DEPRECATED_IMAGE_SUGGESTION |
| 850 | + |
| 851 | +# pullrequest/branch start |
| 852 | +if [ "$BUILD_TYPE" == "pullrequest" ] || [ "$BUILD_TYPE" == "branch" ]; then |
| 853 | + # calculate the images required to be pushed to the registry |
| 854 | + for IMAGE_NAME in "${!IMAGES_BUILD[@]}" |
| 855 | + do |
| 856 | + PUSH_IMAGE="${IMAGES_PUSH[${IMAGE_NAME}]}" #extract the push image name from the images to push list |
| 857 | + # Before the push the temporary name is resolved to the future tag with the registry in the image name |
| 858 | + TEMPORARY_IMAGE_NAME="${IMAGES_BUILD[${IMAGE_NAME}]}" |
| 859 | + |
| 860 | + # This will actually not push any images and instead just add them to the file /kubectl-build-deploy/lagoon/push |
| 861 | + # this file is used to perform parallel image pushes next |
| 862 | + docker tag ${TEMPORARY_IMAGE_NAME} ${PUSH_IMAGE} |
| 863 | + echo "docker push ${PUSH_IMAGE}" >> /kubectl-build-deploy/lagoon/push |
| 864 | + |
| 865 | + # check if the built image is deprecated |
| 866 | + DOCKER_IMAGE_OUTPUT=$(docker inspect ${TEMPORARY_IMAGE_NAME}) |
| 867 | + DEPRECATED_STATUS=$(echo "${DOCKER_IMAGE_OUTPUT}" | jq -r '.[] | .Config.Labels."sh.lagoon.image.deprecated.status" // false') |
| 868 | + if [ "${DEPRECATED_STATUS}" != false ]; then |
| 869 | + DEPRECATED_IMAGE_WARNINGS="true" |
| 870 | + DEPRECATED_IMAGE_NAME[${IMAGE_NAME}]=$TEMPORARY_IMAGE_NAME |
| 871 | + DEPRECATED_IMAGE_STATUS[${IMAGE_NAME}]=$DEPRECATED_STATUS |
| 872 | + DEPRECATED_IMAGE_SUGGESTION[${IMAGE_NAME}]=$(echo "${DOCKER_IMAGE_OUTPUT}" | jq -r '.[] | .Config.Labels."sh.lagoon.image.deprecated.suggested" | sub("docker.io\/";"")? // false') |
| 873 | + fi |
| 874 | + done |
| 875 | + |
| 876 | + previousStepEnd=${currentStepEnd} |
| 877 | + beginBuildStep "Pushing Images" "pushingImages" |
| 878 | + # If we have images to push to the registry, let's do so |
| 879 | + if [ -f /kubectl-build-deploy/lagoon/push ]; then |
| 880 | + parallel --retries 4 < /kubectl-build-deploy/lagoon/push |
| 881 | + fi |
| 882 | + |
| 883 | + # load the image hashes for just pushed images |
| 884 | + for IMAGE_NAME in "${!IMAGES_BUILD[@]}" |
| 885 | + do |
| 886 | + PUSH_IMAGE="${IMAGES_PUSH[${IMAGE_NAME}]}" #extract the push image name from the images to push list |
| 887 | + JQ_QUERY=(jq -r ".[]|select(test(\"${REGISTRY}/${PROJECT}/${ENVIRONMENT}/${IMAGE_NAME}@\"))") |
| 888 | + IMAGE_HASHES[${IMAGE_NAME}]=$(docker inspect ${PUSH_IMAGE} --format '{{json .RepoDigests}}' | "${JQ_QUERY[@]}") |
| 889 | + done |
| 890 | + currentStepEnd="$(date +"%Y-%m-%d %H:%M:%S")" |
| 891 | + finalizeBuildStep "${buildStartTime}" "${previousStepEnd}" "${currentStepEnd}" "${NAMESPACE}" "pushingImagesComplete" "Pushing Images" "false" |
| 892 | + |
| 893 | + # All images that should be pulled are copied to the harbor registry |
| 894 | + for IMAGE_NAME in "${!IMAGES_PULL[@]}" |
| 895 | + do |
| 896 | + PULL_IMAGE="${IMAGES_PULL[${IMAGE_NAME}]}" #extract the pull image name from the images to pull list |
| 897 | + PUSH_IMAGE="${IMAGES_PUSH[${IMAGE_NAME}]}" #extract the push image name from the images to push list |
| 898 | + |
| 899 | + # Try to handle private registries first |
| 900 | + previousStepEnd=${currentStepEnd} |
| 901 | + beginBuildStep "Pushing Pulled Image ${IMAGE_NAME}" "pushingImage${IMAGE_NAME}" |
| 902 | + # the external pull image name is all calculated in the build-deploy tool now, it knows how to calculate it |
| 903 | + # from being a promote image, or an image from an imagecache or from some other registry entirely |
| 904 | + skopeo copy --retry-times 5 --dest-tls-verify=false docker://${PULL_IMAGE} docker://${PUSH_IMAGE} |
| 905 | + |
| 906 | + # store the resulting image hash |
| 907 | + SKOPEO_INSPECT=$(skopeo inspect --retry-times 5 docker://${PUSH_IMAGE} --tls-verify=false) |
| 908 | + IMAGE_HASHES[${IMAGE_NAME}]=$(echo "${SKOPEO_INSPECT}" | jq ".Name + \"@\" + .Digest" -r) |
| 909 | + |
| 910 | + # check if the pull through image is deprecated |
| 911 | + DEPRECATED_STATUS=$(echo "${SKOPEO_INSPECT}" | jq -r '.Labels."sh.lagoon.image.deprecated.status" // false') |
| 912 | + if [ "${DEPRECATED_STATUS}" != false ]; then |
| 913 | + DEPRECATED_IMAGE_WARNINGS="true" |
| 914 | + DEPRECATED_IMAGE_NAME[${IMAGE_NAME}]=${PULL_IMAGE#$IMAGECACHE_REGISTRY} |
| 915 | + DEPRECATED_IMAGE_STATUS[${IMAGE_NAME}]=$DEPRECATED_STATUS |
| 916 | + DEPRECATED_IMAGE_SUGGESTION[${IMAGE_NAME}]=$(echo "${SKOPEO_INSPECT}" | jq -r '.Labels."sh.lagoon.image.deprecated.suggested" | sub("docker.io\/";"")? // false') |
| 917 | + fi |
| 918 | + currentStepEnd="$(date +"%Y-%m-%d %H:%M:%S")" |
| 919 | + finalizeBuildStep "${buildStartTime}" "${previousStepEnd}" "${currentStepEnd}" "${NAMESPACE}" "pushingImage${IMAGE_NAME}Complete" "Pushing Pulled Image ${IMAGE_NAME}" "false" |
| 920 | + done |
| 921 | + |
| 922 | +# pullrequest/branch end |
| 923 | +# promote start |
| 924 | +elif [ "$BUILD_TYPE" == "promote" ]; then |
| 925 | + |
| 926 | + for IMAGE_NAME in "${IMAGES[@]}" |
| 927 | + do |
| 928 | + previousStepEnd=${currentStepEnd} |
| 929 | + beginBuildStep "Pushing Pulled Promote Image ${IMAGE_NAME}" "pushingImage${IMAGE_NAME}" |
| 930 | + PUSH_IMAGE="${IMAGES_PUSH[${IMAGE_NAME}]}" #extract the push image name from the images to push list |
| 931 | + PROMOTE_IMAGE="${IMAGES_PROMOTE[${IMAGE_NAME}]}" #extract the push image name from the images to push list |
| 932 | + skopeo copy --retry-times 5 --src-tls-verify=false --dest-tls-verify=false docker://${PROMOTE_IMAGE} docker://${PUSH_IMAGE} |
| 933 | + |
| 934 | + IMAGE_HASHES[${IMAGE_NAME}]=$(skopeo inspect --retry-times 5 docker://${PUSH_IMAGE} --tls-verify=false | jq ".Name + \"@\" + .Digest" -r) |
| 935 | + currentStepEnd="$(date +"%Y-%m-%d %H:%M:%S")" |
| 936 | + finalizeBuildStep "${buildStartTime}" "${previousStepEnd}" "${currentStepEnd}" "${NAMESPACE}" "pushingImage${IMAGE_NAME}Complete" "Pushing Pulled Promote Image ${IMAGE_NAME}" "false" |
| 937 | + done |
| 938 | +# promote end |
| 939 | +fi |
| 940 | + |
| 941 | +############################################## |
| 942 | +### Check for deprecated images |
| 943 | +############################################## |
| 944 | + |
| 945 | +if [ "${DEPRECATED_IMAGE_WARNINGS}" == "true" ]; then |
| 946 | + previousStepEnd=${currentStepEnd} |
| 947 | + beginBuildStep "Deprecated Image Warnings" "deprecatedImages" |
| 948 | + ((++BUILD_WARNING_COUNT)) |
| 949 | + echo ">> Lagoon detected deprecated images during the build" |
| 950 | + echo " This indicates that an image you're using in the build has been flagged as deprecated." |
| 951 | + echo " You should stop using these images as soon as possible." |
| 952 | + echo " If the deprecated image has a suggested replacement, it will be mentioned in the warning." |
| 953 | + echo " Please visit ${LAGOON_FEATURE_FLAG_DEFAULT_DOCUMENTATION_URL}/deprecated-images for more information." |
| 954 | + echo "" |
| 955 | + for IMAGE_NAME in "${!DEPRECATED_IMAGE_NAME[@]}" |
| 956 | + do |
| 957 | + echo ">> The image (or an image used in the build for) ${DEPRECATED_IMAGE_NAME[${IMAGE_NAME}]} has been deprecated, marked ${DEPRECATED_IMAGE_STATUS[${IMAGE_NAME}]}" |
| 958 | + if [ "${DEPRECATED_IMAGE_SUGGESTION[${IMAGE_NAME}]}" != "false" ]; then |
| 959 | + echo " A suggested replacement image is ${DEPRECATED_IMAGE_SUGGESTION[${IMAGE_NAME}]}" |
| 960 | + else |
| 961 | + echo " No replacement image has been suggested" |
| 962 | + fi |
| 963 | + echo "" |
| 964 | + done |
| 965 | + |
| 966 | + currentStepEnd="$(date +"%Y-%m-%d %H:%M:%S")" |
| 967 | + finalizeBuildStep "${buildStartTime}" "${previousStepEnd}" "${currentStepEnd}" "${NAMESPACE}" "deprecatedImagesComplete" "Deprecated Image Warnings" "true" |
| 968 | +fi |
| 969 | + |
843 | 970 | previousStepEnd=${currentStepEnd} |
844 | 971 | beginBuildStep "Service Configuration Phase" "serviceConfigurationPhase" |
845 | 972 |
|
@@ -1342,135 +1469,6 @@ LAGOONPLATFORMENV_SHA=$(kubectl --insecure-skip-tls-verify -n ${NAMESPACE} get s |
1342 | 1469 | CONFIG_MAP_SHA=$(echo $LAGOONENV_SHA$LAGOONPLATFORMENV_SHA | sha256sum | awk '{print $1}') |
1343 | 1470 | export CONFIG_MAP_SHA |
1344 | 1471 |
|
1345 | | -############################################## |
1346 | | -### PUSH IMAGES TO REGISTRY |
1347 | | -############################################## |
1348 | | - |
1349 | | -# set up image deprecation warnings |
1350 | | -DEPRECATED_IMAGE_WARNINGS="false" |
1351 | | -declare -A DEPRECATED_IMAGE_NAME |
1352 | | -declare -A DEPRECATED_IMAGE_STATUS |
1353 | | -declare -A DEPRECATED_IMAGE_SUGGESTION |
1354 | | - |
1355 | | -# pullrequest/branch start |
1356 | | -if [ "$BUILD_TYPE" == "pullrequest" ] || [ "$BUILD_TYPE" == "branch" ]; then |
1357 | | - # calculate the images required to be pushed to the registry |
1358 | | - for IMAGE_NAME in "${!IMAGES_BUILD[@]}" |
1359 | | - do |
1360 | | - PUSH_IMAGE="${IMAGES_PUSH[${IMAGE_NAME}]}" #extract the push image name from the images to push list |
1361 | | - # Before the push the temporary name is resolved to the future tag with the registry in the image name |
1362 | | - TEMPORARY_IMAGE_NAME="${IMAGES_BUILD[${IMAGE_NAME}]}" |
1363 | | - |
1364 | | - # This will actually not push any images and instead just add them to the file /kubectl-build-deploy/lagoon/push |
1365 | | - # this file is used to perform parallel image pushes next |
1366 | | - docker tag ${TEMPORARY_IMAGE_NAME} ${PUSH_IMAGE} |
1367 | | - echo "docker push ${PUSH_IMAGE}" >> /kubectl-build-deploy/lagoon/push |
1368 | | - |
1369 | | - # check if the built image is deprecated |
1370 | | - DOCKER_IMAGE_OUTPUT=$(docker inspect ${TEMPORARY_IMAGE_NAME}) |
1371 | | - DEPRECATED_STATUS=$(echo "${DOCKER_IMAGE_OUTPUT}" | jq -r '.[] | .Config.Labels."sh.lagoon.image.deprecated.status" // false') |
1372 | | - if [ "${DEPRECATED_STATUS}" != false ]; then |
1373 | | - DEPRECATED_IMAGE_WARNINGS="true" |
1374 | | - DEPRECATED_IMAGE_NAME[${IMAGE_NAME}]=$TEMPORARY_IMAGE_NAME |
1375 | | - DEPRECATED_IMAGE_STATUS[${IMAGE_NAME}]=$DEPRECATED_STATUS |
1376 | | - DEPRECATED_IMAGE_SUGGESTION[${IMAGE_NAME}]=$(echo "${DOCKER_IMAGE_OUTPUT}" | jq -r '.[] | .Config.Labels."sh.lagoon.image.deprecated.suggested" | sub("docker.io\/";"")? // false') |
1377 | | - fi |
1378 | | - done |
1379 | | - |
1380 | | - previousStepEnd=${currentStepEnd} |
1381 | | - beginBuildStep "Pushing Images" "pushingImages" |
1382 | | - # If we have images to push to the registry, let's do so |
1383 | | - if [ -f /kubectl-build-deploy/lagoon/push ]; then |
1384 | | - parallel --retries 4 < /kubectl-build-deploy/lagoon/push |
1385 | | - fi |
1386 | | - |
1387 | | - # load the image hashes for just pushed images |
1388 | | - for IMAGE_NAME in "${!IMAGES_BUILD[@]}" |
1389 | | - do |
1390 | | - PUSH_IMAGE="${IMAGES_PUSH[${IMAGE_NAME}]}" #extract the push image name from the images to push list |
1391 | | - JQ_QUERY=(jq -r ".[]|select(test(\"${REGISTRY}/${PROJECT}/${ENVIRONMENT}/${IMAGE_NAME}@\"))") |
1392 | | - IMAGE_HASHES[${IMAGE_NAME}]=$(docker inspect ${PUSH_IMAGE} --format '{{json .RepoDigests}}' | "${JQ_QUERY[@]}") |
1393 | | - done |
1394 | | - currentStepEnd="$(date +"%Y-%m-%d %H:%M:%S")" |
1395 | | - finalizeBuildStep "${buildStartTime}" "${previousStepEnd}" "${currentStepEnd}" "${NAMESPACE}" "pushingImagesComplete" "Pushing Images" "false" |
1396 | | - |
1397 | | - # All images that should be pulled are copied to the harbor registry |
1398 | | - for IMAGE_NAME in "${!IMAGES_PULL[@]}" |
1399 | | - do |
1400 | | - PULL_IMAGE="${IMAGES_PULL[${IMAGE_NAME}]}" #extract the pull image name from the images to pull list |
1401 | | - PUSH_IMAGE="${IMAGES_PUSH[${IMAGE_NAME}]}" #extract the push image name from the images to push list |
1402 | | - |
1403 | | - # Try to handle private registries first |
1404 | | - previousStepEnd=${currentStepEnd} |
1405 | | - beginBuildStep "Pushing Pulled Image ${IMAGE_NAME}" "pushingImage${IMAGE_NAME}" |
1406 | | - # the external pull image name is all calculated in the build-deploy tool now, it knows how to calculate it |
1407 | | - # from being a promote image, or an image from an imagecache or from some other registry entirely |
1408 | | - skopeo copy --retry-times 5 --dest-tls-verify=false docker://${PULL_IMAGE} docker://${PUSH_IMAGE} |
1409 | | - |
1410 | | - # store the resulting image hash |
1411 | | - SKOPEO_INSPECT=$(skopeo inspect --retry-times 5 docker://${PUSH_IMAGE} --tls-verify=false) |
1412 | | - IMAGE_HASHES[${IMAGE_NAME}]=$(echo "${SKOPEO_INSPECT}" | jq ".Name + \"@\" + .Digest" -r) |
1413 | | - |
1414 | | - # check if the pull through image is deprecated |
1415 | | - DEPRECATED_STATUS=$(echo "${SKOPEO_INSPECT}" | jq -r '.Labels."sh.lagoon.image.deprecated.status" // false') |
1416 | | - if [ "${DEPRECATED_STATUS}" != false ]; then |
1417 | | - DEPRECATED_IMAGE_WARNINGS="true" |
1418 | | - DEPRECATED_IMAGE_NAME[${IMAGE_NAME}]=${PULL_IMAGE#$IMAGECACHE_REGISTRY} |
1419 | | - DEPRECATED_IMAGE_STATUS[${IMAGE_NAME}]=$DEPRECATED_STATUS |
1420 | | - DEPRECATED_IMAGE_SUGGESTION[${IMAGE_NAME}]=$(echo "${SKOPEO_INSPECT}" | jq -r '.Labels."sh.lagoon.image.deprecated.suggested" | sub("docker.io\/";"")? // false') |
1421 | | - fi |
1422 | | - currentStepEnd="$(date +"%Y-%m-%d %H:%M:%S")" |
1423 | | - finalizeBuildStep "${buildStartTime}" "${previousStepEnd}" "${currentStepEnd}" "${NAMESPACE}" "pushingImage${IMAGE_NAME}Complete" "Pushing Pulled Image ${IMAGE_NAME}" "false" |
1424 | | - done |
1425 | | - |
1426 | | -# pullrequest/branch end |
1427 | | -# promote start |
1428 | | -elif [ "$BUILD_TYPE" == "promote" ]; then |
1429 | | - |
1430 | | - for IMAGE_NAME in "${IMAGES[@]}" |
1431 | | - do |
1432 | | - previousStepEnd=${currentStepEnd} |
1433 | | - beginBuildStep "Pushing Pulled Promote Image ${IMAGE_NAME}" "pushingImage${IMAGE_NAME}" |
1434 | | - PUSH_IMAGE="${IMAGES_PUSH[${IMAGE_NAME}]}" #extract the push image name from the images to push list |
1435 | | - PROMOTE_IMAGE="${IMAGES_PROMOTE[${IMAGE_NAME}]}" #extract the push image name from the images to push list |
1436 | | - skopeo copy --retry-times 5 --src-tls-verify=false --dest-tls-verify=false docker://${PROMOTE_IMAGE} docker://${PUSH_IMAGE} |
1437 | | - |
1438 | | - IMAGE_HASHES[${IMAGE_NAME}]=$(skopeo inspect --retry-times 5 docker://${PUSH_IMAGE} --tls-verify=false | jq ".Name + \"@\" + .Digest" -r) |
1439 | | - currentStepEnd="$(date +"%Y-%m-%d %H:%M:%S")" |
1440 | | - finalizeBuildStep "${buildStartTime}" "${previousStepEnd}" "${currentStepEnd}" "${NAMESPACE}" "pushingImage${IMAGE_NAME}Complete" "Pushing Pulled Promote Image ${IMAGE_NAME}" "false" |
1441 | | - done |
1442 | | -# promote end |
1443 | | -fi |
1444 | | - |
1445 | | -############################################## |
1446 | | -### Check for deprecated images |
1447 | | -############################################## |
1448 | | - |
1449 | | -if [ "${DEPRECATED_IMAGE_WARNINGS}" == "true" ]; then |
1450 | | - previousStepEnd=${currentStepEnd} |
1451 | | - beginBuildStep "Deprecated Image Warnings" "deprecatedImages" |
1452 | | - ((++BUILD_WARNING_COUNT)) |
1453 | | - echo ">> Lagoon detected deprecated images during the build" |
1454 | | - echo " This indicates that an image you're using in the build has been flagged as deprecated." |
1455 | | - echo " You should stop using these images as soon as possible." |
1456 | | - echo " If the deprecated image has a suggested replacement, it will be mentioned in the warning." |
1457 | | - echo " Please visit ${LAGOON_FEATURE_FLAG_DEFAULT_DOCUMENTATION_URL}/deprecated-images for more information." |
1458 | | - echo "" |
1459 | | - for IMAGE_NAME in "${!DEPRECATED_IMAGE_NAME[@]}" |
1460 | | - do |
1461 | | - echo ">> The image (or an image used in the build for) ${DEPRECATED_IMAGE_NAME[${IMAGE_NAME}]} has been deprecated, marked ${DEPRECATED_IMAGE_STATUS[${IMAGE_NAME}]}" |
1462 | | - if [ "${DEPRECATED_IMAGE_SUGGESTION[${IMAGE_NAME}]}" != "false" ]; then |
1463 | | - echo " A suggested replacement image is ${DEPRECATED_IMAGE_SUGGESTION[${IMAGE_NAME}]}" |
1464 | | - else |
1465 | | - echo " No replacement image has been suggested" |
1466 | | - fi |
1467 | | - echo "" |
1468 | | - done |
1469 | | - |
1470 | | - currentStepEnd="$(date +"%Y-%m-%d %H:%M:%S")" |
1471 | | - finalizeBuildStep "${buildStartTime}" "${previousStepEnd}" "${currentStepEnd}" "${NAMESPACE}" "deprecatedImagesComplete" "Deprecated Image Warnings" "true" |
1472 | | -fi |
1473 | | - |
1474 | 1472 | previousStepEnd=${currentStepEnd} |
1475 | 1473 | beginBuildStep "Backup Configuration" "configuringBackups" |
1476 | 1474 |
|
|
0 commit comments