[Buildkite] Fix issues with releases in CD pipeline (#617)

* [Buildkite] Fix changelog output for github releases

Fetch is required to grab the latest tag, this will ensure the correct data is generated

* [Buildkite] Only clean tags on pushes to master

Also ensure that master tag is not removed on github API failures.

* [Buildkite] Fix tag publishing for releases

* [Buildkite] Minor tweaks to github changelog output
This commit is contained in:
Amir Zarrinkafsh 2020-02-05 23:24:19 +11:00 committed by GitHub
parent 9b99420ca0
commit 27b8a1b0fe
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 28 additions and 27 deletions

View File

@ -25,15 +25,15 @@ if [[ $BUILDKITE_LABEL == ":docker: Deploy Manifests" ]] && [[ $BUILDKITE_PULL_R
fi fi
fi fi
if [[ $BUILDKITE_LABEL == ":docker: Deploy Manifests" ]] && [[ $BUILDKITE_BRANCH == "master" ]] || [[ $BUILDKITE_BRANCH =~ ^v.* ]] && [[ $BUILDKITE_PULL_REQUEST == "false" ]]; then if [[ $BUILDKITE_LABEL == ":docker: Deploy Manifests" ]] && [[ $BUILDKITE_BRANCH == "master" ]] && [[ $BUILDKITE_PULL_REQUEST == "false" ]]; then
echo "--- :docker: Removing tags for deleted branches" echo "--- :docker: Removing tags for deleted branches"
for BRANCH_TAG in $(dockerbranchtags=$(anontoken=$(curl -fsL --retry 3 'https://auth.docker.io/token?service=registry.docker.io&scope=repository:authelia/authelia:pull' | jq -r .token) && \ anontoken=$(curl -fsL --retry 3 'https://auth.docker.io/token?service=registry.docker.io&scope=repository:authelia/authelia:pull' | jq -r .token)
curl -fsL --retry 3 -H "Authorization: Bearer ${anontoken}" https://registry-1.docker.io/v2/authelia/authelia/tags/list | jq -r '.tags[] | select(startswith("PR") | not)' | \ authtoken=$(curl -fs --retry 3 -H "Content-Type: application/json" -X "POST" -d '{"username": "'${DOCKER_USERNAME}'", "password": "'${DOCKER_PASSWORD}'"}' https://hub.docker.com/v2/users/login/ | jq -r .token)
sed -r '/^(latest|develop|v.*|([[:digit:]]+)\.?([[:digit:]]+)?\.?([[:digit:]]+)?)/d' | sort) && \ for BRANCH_TAG in $(dockerbranchtags=$(curl -fsL --retry 3 -H "Authorization: Bearer ${anontoken}" https://registry-1.docker.io/v2/authelia/authelia/tags/list | jq -r '.tags[] | select(startswith("PR") | not)' | \
sed -r '/^(latest|master|develop|v.*|([[:digit:]]+)\.?([[:digit:]]+)?\.?([[:digit:]]+)?)/d' | sort) && \
githubbranches=$(curl -fs --retry 3 https://api.github.com/repos/authelia/authelia/branches | jq -r '.[].name' | sort) && \ githubbranches=$(curl -fs --retry 3 https://api.github.com/repos/authelia/authelia/branches | jq -r '.[].name' | sort) && \
comm -23 <(echo "${dockerbranchtags}") <(echo "${githubbranches}")); do comm -23 <(echo "${dockerbranchtags}") <(echo "${githubbranches}")); do
echo "Removing tag ${BRANCH_TAG}" echo "Removing tag ${BRANCH_TAG}"
authtoken=$(curl -fs --retry 3 -H "Content-Type: application/json" -X "POST" -d '{"username": "'${DOCKER_USERNAME}'", "password": "'${DOCKER_PASSWORD}'"}' https://hub.docker.com/v2/users/login/ | jq -r .token) && \
curl -fsL --retry 3 -o /dev/null -X "DELETE" -H "Authorization: JWT ${authtoken}" https://hub.docker.com/v2/repositories/authelia/authelia/tags/${BRANCH_TAG}/ curl -fsL --retry 3 -o /dev/null -X "DELETE" -H "Authorization: JWT ${authtoken}" https://hub.docker.com/v2/repositories/authelia/authelia/tags/${BRANCH_TAG}/
done done
echo "--- :docker: Removing tags for merged or closed pull requests" echo "--- :docker: Removing tags for merged or closed pull requests"

View File

@ -12,4 +12,5 @@ do
done done
echo "--- :github: Deploy artifacts for release: ${BUILDKITE_TAG}" echo "--- :github: Deploy artifacts for release: ${BUILDKITE_TAG}"
hub release create "${artifacts[@]}" -m "${BUILDKITE_TAG}\n\n## Changelog\n$(git log --oneline --pretty='* %h %s' $(git describe --abbrev=0 --tags $(git rev-list --tags --skip=1 --max-count=1))...$(git describe --abbrev=0 --tags))\n\n## Docker images\n* docker pull authelia/authelia:${BUILDKITE_TAG//v}" "${BUILDKITE_TAG}" git fetch
hub release create "${artifacts[@]}" -m $(echo -e "${BUILDKITE_TAG}\n\n## Changelog\n$(git log --oneline --pretty='* %h %s' $(git describe --abbrev=0 --tags $(git rev-list --tags --skip=1 --max-count=1))...$(git describe --abbrev=0 --tags))\n\n## Docker Container\n* \`docker pull authelia/authelia:${BUILDKITE_TAG//v}\`") "${BUILDKITE_TAG}"

View File

@ -198,16 +198,7 @@ func deployManifest(docker *Docker, tag string, amd64tag string, arm32v7tag stri
func publishDockerImage(arch string) { func publishDockerImage(arch string) {
docker := &Docker{} docker := &Docker{}
if ciBranch != "master" && !publicRepo.MatchString(ciBranch) { if ciTag != "" {
login(docker)
deploy(docker, ciBranch+"-"+arch)
} else if ciBranch != "master" && publicRepo.MatchString(ciBranch) {
login(docker)
deploy(docker, "PR"+ciPullRequest+"-"+arch)
} else if ciBranch == "master" && ciPullRequest == "false" {
login(docker)
deploy(docker, "master-"+arch)
} else if ciTag != "" {
if len(tags) == 4 { if len(tags) == 4 {
log.Infof("Detected tags: '%s' | '%s' | '%s'", tags[1], tags[2], tags[3]) log.Infof("Detected tags: '%s' | '%s' | '%s'", tags[1], tags[2], tags[3])
@ -221,6 +212,15 @@ func publishDockerImage(arch string) {
} else { } else {
log.Fatal("Docker image will not be published, the specified tag does not conform to the standard") log.Fatal("Docker image will not be published, the specified tag does not conform to the standard")
} }
} else if ciBranch != "master" && !publicRepo.MatchString(ciBranch) {
login(docker)
deploy(docker, ciBranch+"-"+arch)
} else if ciBranch != "master" && publicRepo.MatchString(ciBranch) {
login(docker)
deploy(docker, "PR"+ciPullRequest+"-"+arch)
} else if ciBranch == "master" && ciPullRequest == "false" {
login(docker)
deploy(docker, "master-"+arch)
} else { } else {
log.Info("Docker image will not be published") log.Info("Docker image will not be published")
} }
@ -229,17 +229,7 @@ func publishDockerImage(arch string) {
func publishDockerManifest() { func publishDockerManifest() {
docker := &Docker{} docker := &Docker{}
if ciBranch != "master" && !publicRepo.MatchString(ciBranch) { if ciTag != "" {
login(docker)
deployManifest(docker, ciBranch, ciBranch+"-amd64", ciBranch+"-arm32v7", ciBranch+"-arm64v8")
} else if ciBranch != "master" && publicRepo.MatchString(ciBranch) {
login(docker)
deployManifest(docker, "PR"+ciPullRequest, "PR"+ciPullRequest+"-amd64", "PR"+ciPullRequest+"-arm32v7", "PR"+ciPullRequest+"-arm64v8")
} else if ciBranch == "master" && ciPullRequest == "false" {
login(docker)
deployManifest(docker, "master", "master-amd64", "master-arm32v7", "master-arm64v8")
publishDockerReadme(docker)
} else if ciTag != "" {
if len(tags) == 4 { if len(tags) == 4 {
log.Infof("Detected tags: '%s' | '%s' | '%s'", tags[1], tags[2], tags[3]) log.Infof("Detected tags: '%s' | '%s' | '%s'", tags[1], tags[2], tags[3])
@ -257,6 +247,16 @@ func publishDockerManifest() {
} else { } else {
log.Fatal("Docker manifest will not be published, the specified tag does not conform to the standard") log.Fatal("Docker manifest will not be published, the specified tag does not conform to the standard")
} }
} else if ciBranch != "master" && !publicRepo.MatchString(ciBranch) {
login(docker)
deployManifest(docker, ciBranch, ciBranch+"-amd64", ciBranch+"-arm32v7", ciBranch+"-arm64v8")
} else if ciBranch != "master" && publicRepo.MatchString(ciBranch) {
login(docker)
deployManifest(docker, "PR"+ciPullRequest, "PR"+ciPullRequest+"-amd64", "PR"+ciPullRequest+"-arm32v7", "PR"+ciPullRequest+"-arm64v8")
} else if ciBranch == "master" && ciPullRequest == "false" {
login(docker)
deployManifest(docker, "master", "master-amd64", "master-arm32v7", "master-arm64v8")
publishDockerReadme(docker)
} else { } else {
log.Info("Docker manifest will not be published") log.Info("Docker manifest will not be published")
} }