diff --git a/.dockerignore b/.dockerignore index 2f8ee75..e69de29 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,7 +0,0 @@ -.github -.gitignore -.drone.yml -LICENSE -README.md -*/fixtures* -*.go diff --git a/.drone.yml b/.drone.yml deleted file mode 100644 index 78677bf..0000000 --- a/.drone.yml +++ /dev/null @@ -1,168 +0,0 @@ ---- -kind: pipeline -type: vm -name: linux-amd64 - -platform: - os: linux - arch: amd64 - -pool: - use: ubuntu - -steps: - - name: build - image: golang:1.10 - commands: - - cd posix - - tar -xf fixtures.tar -C / - - go test -v - - - name: publish - image: plugins/docker:18 - settings: - dockerfile: docker/Dockerfile.linux.amd64 - repo: drone/git - auto_tag: "true" - auto_tag_suffix: linux-amd64 - username: - from_secret: docker_username - password: - from_secret: docker_password - when: - event: - - push - - tag - ---- -kind: pipeline -type: vm -name: linux-arm64 - -platform: - os: linux - arch: arm64 - -pool: - use: ubuntu_arm64 - -steps: - - name: build - image: golang:1.10 - commands: - - cd posix - - tar -xf fixtures.tar -C / - - go test -v - - - name: publish - image: plugins/docker:18 - settings: - dockerfile: docker/Dockerfile.linux.arm64 - repo: drone/git - auto_tag: "true" - auto_tag_suffix: linux-arm64 - username: - from_secret: docker_username - password: - from_secret: docker_password - when: - event: - - push - - tag - ---- -kind: pipeline -type: vm -name: windows-1809 - -platform: - os: windows - arch: amd64 - -pool: - use: windows - -steps: - - name: docker - image: plugins/docker - settings: - dockerfile: docker/Dockerfile.windows.1809 - repo: drone/git - username: - from_secret: docker_username - password: - from_secret: docker_password - auto_tag: true - auto_tag_suffix: windows-1809-amd64 - daemon_off: true - purge: false - -trigger: - event: - - push - ---- -kind: pipeline -type: vm -name: windows-ltsc2022 - -platform: - os: windows - arch: amd64 - -pool: - use: windows-2022 - -steps: - - name: docker - image: plugins/docker - settings: - dockerfile: docker/Dockerfile.windows.ltsc2022 - repo: drone/git - username: - from_secret: docker_username - password: - from_secret: docker_password - auto_tag: true - auto_tag_suffix: windows-ltsc2022-amd64 - daemon_off: true - purge: false - -trigger: - event: - - push - ---- -kind: pipeline -type: vm -name: manifest - -platform: - os: linux - arch: amd64 - -pool: - use: ubuntu - -steps: - - name: manifest - image: plugins/manifest - settings: - auto_tag: "true" - ignore_missing: "true" - spec: docker/manifest.tmpl - username: - from_secret: docker_username - password: - from_secret: docker_password - -trigger: - event: - - push - - tag - -depends_on: - - linux-amd64 - - linux-arm64 - - windows-1809 - - windows-ltsc2022 diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 0000000..b53e68c --- /dev/null +++ b/.editorconfig @@ -0,0 +1,12 @@ +root = true + +[*] +indent_style = space +indent_size = 2 +end_of_line = lf +charset = utf-8 +trim_trailing_whitespace = true +insert_final_newline = false + +[Makefile] +indent_style = tab \ No newline at end of file diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..dcd9d00 --- /dev/null +++ b/.gitattributes @@ -0,0 +1 @@ +Makefile eol=lf \ No newline at end of file diff --git a/.github/issue_template.md b/.github/issue_template.md deleted file mode 100644 index 3f95605..0000000 --- a/.github/issue_template.md +++ /dev/null @@ -1,9 +0,0 @@ - diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md deleted file mode 100644 index e69de29..0000000 diff --git a/CHANGELOG.md b/CHANGELOG.md deleted file mode 100644 index 56fe357..0000000 --- a/CHANGELOG.md +++ /dev/null @@ -1,21 +0,0 @@ -# Changelog -All notable changes to this project will be documented in this file. - -The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), -and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). - -## [Unreleased] -### Added - -## [1.1.0] -### Added - -- Ability to clone tags for promotion events from [@josmo](https://github.com/josme) -- Support for git lfs in base images from [@carlwgeorge](https://github.com/carlwgeorge) -- Support for windows 1803 from [@donny-dont](https://github.com/donny-dont) -- Support for windows 1809 from [@donny-dont](https://github.com/donny-dont) - -### Fixed - -- Fixed error merging when missing email from [@bradrydzewski](https://github.com/bradrydzewski) -- Fixed empty ref on windows from [@drpebcak](https://github.com/drpebcak) diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..0c057e9 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,20 @@ +FROM docker.io/library/alpine:3.18.4 +RUN apk add --no-cache \ + aws-cli \ + bash \ + ca-certificates \ + curl \ + git \ + git-lfs \ + openssh \ + perl \ + sudo + +ADD rootfs / + +# RUN adduser -g Drone -s /bin/sh -D -u 1000 drone +# RUN echo 'drone ALL=(ALL) NOPASSWD:ALL' > /etc/sudoers.d/drone +# USER drone:drone +# RUN chmod -R 777 /home/drone + +ENTRYPOINT ["/usr/local/bin/clone"] \ No newline at end of file diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..e239aeb --- /dev/null +++ b/Makefile @@ -0,0 +1,47 @@ +# CONTAINER_RUNTIME +# The CONTAINER_RUNTIME variable will be used to specified the path to a +# container runtime. This is needed to start and run a container image. +CONTAINER_RUNTIME?=$(shell which podman) + +# GIT_IMAGE_REGISTRY_NAME +# Defines the name of the new container to be built using several variables. +GIT_IMAGE_REGISTRY_NAME:=git.cryptic.systems +GIT_IMAGE_REGISTRY_USER:=volker.raschek + +GIT_IMAGE_NAMESPACE?=${GIT_IMAGE_REGISTRY_USER} +GIT_IMAGE_NAME:=git +GIT_IMAGE_VERSION?=latest +GIT_IMAGE_FULLY_QUALIFIED=${GIT_IMAGE_REGISTRY_NAME}/${GIT_IMAGE_NAMESPACE}/${GIT_IMAGE_NAME}:${GIT_IMAGE_VERSION} +GIT_IMAGE_UNQUALIFIED=${GIT_IMAGE_NAMESPACE}/${GIT_IMAGE_NAME}:${GIT_IMAGE_VERSION} + +# BUILD CONTAINER IMAGE +# ============================================================================== +PHONY:=container-image/build +container-image/build: + ${CONTAINER_RUNTIME} build \ + --file Dockerfile \ + --no-cache \ + --pull \ + --tag ${GIT_IMAGE_FULLY_QUALIFIED} \ + --tag ${GIT_IMAGE_UNQUALIFIED} \ + . + +# DELETE CONTAINER IMAGE +# ============================================================================== +PHONY:=container-image/delete +container-image/delete: + - ${CONTAINER_RUNTIME} image rm ${GIT_IMAGE_FULLY_QUALIFIED} ${GIT_IMAGE_UNQUALIFIED} + - ${CONTAINER_RUNTIME} image rm ${BASE_IMAGE_FULL} + +# PUSH CONTAINER IMAGE +# ============================================================================== +PHONY+=container-image/push +container-image/push: + echo ${GIT_IMAGE_REGISTRY_PASSWORD} | ${CONTAINER_RUNTIME} login ${GIT_IMAGE_REGISTRY_NAME} --username ${GIT_IMAGE_REGISTRY_USER} --password-stdin + ${CONTAINER_RUNTIME} push ${GIT_IMAGE_FULLY_QUALIFIED} + +# PHONY +# ============================================================================== +# Declare the contents of the PHONY variable as phony. We keep that information +# in a variable so we can use it in if_changed. +.PHONY: ${PHONY} \ No newline at end of file diff --git a/README.md b/README.md index f834c5e..435e626 100644 --- a/README.md +++ b/README.md @@ -1,25 +1,34 @@ -# drone-git +# git-docker -Drone plugin to clone `git` repositories. +This is a fork of the official project to clone git repositories from a SCM +control system like github, gitlab, gitea, gogs and so on. The difference +between the origin and this fork is that this project supports ARM and the shell +scripts are tested against shellchecker. + +Among other things, the project experiences more extensive support, as the +project receives continuous updates thanks to renovate. ## Build -Build the Docker image with the following commands: +The container image can be build with via `make` and requires `docker` or +`podman`. -``` -docker build --rm -f docker/Dockerfile.linux.amd64 -t drone/git . +```bash +make container-image/build CONTAINER_RUNTIME=docker # or +make container-image/build CONTAINER_RUNTIME=podman ``` ## Usage Clone a commit: -``` -docker run --rm \ - -e DRONE_WORKSPACE=/drone \ - -e DRONE_REMOTE_URL=https://github.com/drone/envsubst.git \ - -e DRONE_BUILD_EVENT=push \ - -e DRONE_COMMIT_SHA=15e3f9b7e16332eee3bbdff9ef31f95d23c5da2c \ - -e DRONE_COMMIT_BRANCH=master \ - drone/git +```bash +podman run \ + --rm \ + --env DRONE_BUILD_EVENT=push \ + --env DRONE_COMMIT_SHA=39d233b3d9eccc68e66508a06a725a2567f33143 \ + --env DRONE_REMOTE_URL=https://git.cryptic.systems/volker.raschek/git-docker.git \ + --env DRONE_WORKSPACE=/workspace \ + --volume /tmp/workspace:/workspace \ + volker.raschek/git:latest ``` diff --git a/docker/Dockerfile.linux.amd64 b/docker/Dockerfile.linux.amd64 deleted file mode 100644 index 76d96ad..0000000 --- a/docker/Dockerfile.linux.amd64 +++ /dev/null @@ -1,11 +0,0 @@ -FROM alpine:3.12 -RUN apk add --no-cache ca-certificates git git-lfs openssh curl perl aws-cli sudo - -ADD posix/* /usr/local/bin/ - -# RUN adduser -g Drone -s /bin/sh -D -u 1000 drone -# RUN echo 'drone ALL=(ALL) NOPASSWD:ALL' > /etc/sudoers.d/drone -# USER drone:drone -# RUN chmod -R 777 /home/drone - -ENTRYPOINT ["/usr/local/bin/clone"] \ No newline at end of file diff --git a/docker/Dockerfile.linux.arm64 b/docker/Dockerfile.linux.arm64 deleted file mode 100644 index 73c2616..0000000 --- a/docker/Dockerfile.linux.arm64 +++ /dev/null @@ -1,11 +0,0 @@ -FROM arm64v8/alpine:3.12 -RUN apk add --no-cache ca-certificates git git-lfs openssh curl perl aws-cli sudo - -ADD posix/* /usr/local/bin/ - -# RUN adduser -g Drone -s /bin/sh -D -u 1000 drone -# RUN echo 'drone ALL=(ALL) NOPASSWD:ALL' > /etc/sudoers.d/drone -# USER drone:drone -# RUN chmod -R 777 /home/drone - -ENTRYPOINT ["/usr/local/bin/clone"] diff --git a/docker/Dockerfile.windows.1809 b/docker/Dockerfile.windows.1809 deleted file mode 100644 index 936400d..0000000 --- a/docker/Dockerfile.windows.1809 +++ /dev/null @@ -1,20 +0,0 @@ -# escape=` - -FROM mcr.microsoft.com/windows/servercore:1809 AS git -SHELL ["powershell.exe", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] - -RUN [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 ; ` - Invoke-WebRequest -UseBasicParsing https://github.com/git-for-windows/git/releases/download/v2.21.0.windows.1/MinGit-2.21.0-64-bit.zip -OutFile git.zip; ` - Expand-Archive git.zip -DestinationPath C:\git; - -FROM mcr.microsoft.com/powershell:nanoserver-1809 -COPY --from=git /git /git - -ADD windows/* /bin/ - -# https://github.com/PowerShell/PowerShell/issues/6211#issuecomment-367477137 -USER ContainerAdministrator -RUN setx /M PATH "%PATH%;C:\Program Files\PowerShell" - -SHELL ["pwsh", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] -CMD [ "pwsh", "C:\\bin\\clone.ps1" ] diff --git a/docker/Dockerfile.windows.ltsc2022 b/docker/Dockerfile.windows.ltsc2022 deleted file mode 100644 index 5fd86a0..0000000 --- a/docker/Dockerfile.windows.ltsc2022 +++ /dev/null @@ -1,20 +0,0 @@ -# escape=` - -FROM mcr.microsoft.com/windows/servercore:ltsc2022 AS git -SHELL ["powershell.exe", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] - -RUN [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 ; ` - Invoke-WebRequest -UseBasicParsing https://github.com/git-for-windows/git/releases/download/v2.21.0.windows.1/MinGit-2.21.0-64-bit.zip -OutFile git.zip; ` - Expand-Archive git.zip -DestinationPath C:\git; - -FROM mcr.microsoft.com/powershell:nanoserver-ltsc2022 -COPY --from=git /git /git - -ADD windows/* /bin/ - -# https://github.com/PowerShell/PowerShell/issues/6211#issuecomment-367477137 -USER ContainerAdministrator -RUN setx /M PATH "%PATH%;C:\Program Files\PowerShell" - -SHELL ["pwsh", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] -CMD [ "pwsh", "C:\\bin\\clone.ps1" ] diff --git a/docker/manifest.tmpl b/docker/manifest.tmpl deleted file mode 100644 index cc2e3cb..0000000 --- a/docker/manifest.tmpl +++ /dev/null @@ -1,31 +0,0 @@ -image: drone/git:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}} -{{#if build.tags}} -tags: -{{#each build.tags}} - - {{this}} -{{/each}} -{{/if}} -manifests: - - - image: drone/git:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-amd64 - platform: - architecture: amd64 - os: linux - - - image: drone/git:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm64 - platform: - variant: v8 - architecture: arm64 - os: linux - - - image: drone/git:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}windows-1809-amd64 - platform: - architecture: amd64 - os: windows - version: 1809 - - - image: drone/git:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}windows-ltsc2022-amd64 - platform: - architecture: amd64 - os: windows - version: ltsc2022 \ No newline at end of file diff --git a/drone.yml b/drone.yml new file mode 100644 index 0000000..754d04f --- /dev/null +++ b/drone.yml @@ -0,0 +1,862 @@ +--- +kind: pipeline +type: kubernetes +name: linter + +clone: + disable: true + +platform: + os: linux + +steps: +- name: clone + image: git.cryptic.systems/volker.raschek/git:1.3.0 + +- name: markdown lint + commands: + - markdownlint *.md + image: git.cryptic.systems/volker.raschek/markdownlint:0.36.0 + resources: + limits: + cpu: 150 + memory: 150M + +- name: email-notification + environment: + SMTP_FROM_ADDRESS: + from_secret: smtp_from_address + SMTP_FROM_NAME: + from_secret: smtp_from_name + SMTP_HOST: + from_secret: smtp_host + SMTP_USERNAME: + from_secret: smtp_username + SMTP_PASSWORD: + from_secret: smtp_password + image: git.cryptic.systems/volker.raschek/drone-email:0.1.2 + resources: + limits: + cpu: 150 + memory: 150M + when: + status: + - changed + - failure + +trigger: + event: + exclude: + - tag + +--- +kind: pipeline +type: docker +name: dry-run-amd64 + +clone: + disable: true + +depends_on: +- linter + +platform: + os: linux + arch: amd64 + +steps: +- name: clone + image: git.cryptic.systems/volker.raschek/git:1.3.0 + +- name: build + image: docker.io/plugins/docker:20.10.9 + settings: + auto_tag: false + dockerfile: Dockerfile + dry_run: true + force_tag: true + no_cache: true + purge: true + mirror: + from_secret: docker_io_mirror + registry: git.cryptic.systems + repo: git.cryptic.systems/volker.raschek/git + tags: latest-amd64 + username: + from_secret: git_cryptic_systems_container_registry_user + password: + from_secret: git_cryptic_systems_container_registry_password + +- name: email-notification + environment: + SMTP_FROM_ADDRESS: + from_secret: smtp_from_address + SMTP_FROM_NAME: + from_secret: smtp_from_name + SMTP_HOST: + from_secret: smtp_host + SMTP_USERNAME: + from_secret: smtp_username + SMTP_PASSWORD: + from_secret: smtp_password + image: git.cryptic.systems/volker.raschek/drone-email:0.1.2 + when: + status: + - changed + - failure + +trigger: + branch: + exclude: + - master + event: + - pull_request + - push + repo: + - volker.raschek/git-docker + +--- +kind: pipeline +type: docker +name: dry-run-arm-v7 + +clone: + disable: true + +depends_on: +- linter + +platform: + os: linux + arch: arm + +steps: +- name: clone + image: git.cryptic.systems/volker.raschek/git:1.3.0 + +- name: build + image: docker.io/plugins/docker:20.10.9 + settings: + auto_tag: false + dockerfile: Dockerfile + dry_run: true + force_tag: true + no_cache: true + purge: true + mirror: + from_secret: docker_io_mirror + registry: git.cryptic.systems + repo: git.cryptic.systems/volker.raschek/git + tags: latest-arm-v7 + username: + from_secret: git_cryptic_systems_container_registry_user + password: + from_secret: git_cryptic_systems_container_registry_password + +- name: email-notification + environment: + SMTP_FROM_ADDRESS: + from_secret: smtp_from_address + SMTP_FROM_NAME: + from_secret: smtp_from_name + SMTP_HOST: + from_secret: smtp_host + SMTP_USERNAME: + from_secret: smtp_username + SMTP_PASSWORD: + from_secret: smtp_password + image: git.cryptic.systems/volker.raschek/drone-email:0.1.2 + when: + status: + - changed + - failure + +trigger: + branch: + exclude: + - master + event: + - pull_request + - push + repo: + - volker.raschek/git-docker + +--- +kind: pipeline +type: docker +name: dry-run-arm64-v8 + +clone: + disable: true + +depends_on: +- linter + +platform: + os: linux + arch: arm64 + +steps: +- name: clone + image: git.cryptic.systems/volker.raschek/git:1.3.0 + +- name: build + image: docker.io/plugins/docker:20.10.9 + settings: + auto_tag: false + dockerfile: Dockerfile + dry_run: true + force_tag: true + no_cache: true + purge: true + mirror: + from_secret: docker_io_mirror + registry: git.cryptic.systems + repo: git.cryptic.systems/volker.raschek/git + tags: latest-arm64-v8 + username: + from_secret: git_cryptic_systems_container_registry_user + password: + from_secret: git_cryptic_systems_container_registry_password + +- name: email-notification + environment: + SMTP_FROM_ADDRESS: + from_secret: smtp_from_address + SMTP_FROM_NAME: + from_secret: smtp_from_name + SMTP_HOST: + from_secret: smtp_host + SMTP_USERNAME: + from_secret: smtp_username + SMTP_PASSWORD: + from_secret: smtp_password + image: git.cryptic.systems/volker.raschek/drone-email:0.1.2 + when: + status: + - changed + - failure + +trigger: + branch: + exclude: + - master + event: + - pull_request + - push + repo: + - volker.raschek/git-docker + +--- +kind: pipeline +type: docker +name: latest-amd64 + +clone: + disable: true + +depends_on: +- linter + +platform: + os: linux + arch: amd64 + +steps: +- name: clone + image: git.cryptic.systems/volker.raschek/git:1.3.0 + +- name: build + image: docker.io/plugins/docker:20.10.9 + settings: + auto_tag: false + dockerfile: Dockerfile + force_tag: true + no_cache: true + purge: true + mirror: + from_secret: docker_io_mirror + registry: git.cryptic.systems + repo: git.cryptic.systems/volker.raschek/git + tags: latest-amd64 + username: + from_secret: git_cryptic_systems_container_registry_user + password: + from_secret: git_cryptic_systems_container_registry_password + +- name: email-notification + environment: + SMTP_FROM_ADDRESS: + from_secret: smtp_from_address + SMTP_FROM_NAME: + from_secret: smtp_from_name + SMTP_HOST: + from_secret: smtp_host + SMTP_USERNAME: + from_secret: smtp_username + SMTP_PASSWORD: + from_secret: smtp_password + image: git.cryptic.systems/volker.raschek/drone-email:0.1.2 + when: + status: + - changed + - failure + +trigger: + branch: + - master + event: + - cron + - push + repo: + - volker.raschek/git-docker + +--- +kind: pipeline +type: docker +name: latest-arm-v7 + +clone: + disable: true + +depends_on: +- linter + +platform: + os: linux + arch: arm + +steps: +- name: clone + image: git.cryptic.systems/volker.raschek/git:1.3.0 + +- name: build + image: docker.io/plugins/docker:20.10.9 + settings: + auto_tag: false + dockerfile: Dockerfile + force_tag: true + no_cache: true + purge: true + mirror: + from_secret: docker_io_mirror + registry: git.cryptic.systems + repo: git.cryptic.systems/volker.raschek/git + tags: latest-arm-v7 + username: + from_secret: git_cryptic_systems_container_registry_user + password: + from_secret: git_cryptic_systems_container_registry_password + +- name: email-notification + environment: + SMTP_FROM_ADDRESS: + from_secret: smtp_from_address + SMTP_FROM_NAME: + from_secret: smtp_from_name + SMTP_HOST: + from_secret: smtp_host + SMTP_USERNAME: + from_secret: smtp_username + SMTP_PASSWORD: + from_secret: smtp_password + image: git.cryptic.systems/volker.raschek/drone-email:0.1.2 + when: + status: + - changed + - failure + +trigger: + branch: + - master + event: + - cron + - push + repo: + - volker.raschek/git-docker + +--- +kind: pipeline +type: docker +name: latest-arm64-v8 + +clone: + disable: true + +depends_on: +- linter + +platform: + os: linux + arch: arm64 + +steps: +- name: clone + image: git.cryptic.systems/volker.raschek/git:1.3.0 + +- name: build + image: docker.io/plugins/docker:20.10.9 + settings: + auto_tag: false + dockerfile: Dockerfile + force_tag: true + no_cache: true + purge: true + mirror: + from_secret: docker_io_mirror + registry: git.cryptic.systems + repo: git.cryptic.systems/volker.raschek/git + tags: latest-arm64-v8 + username: + from_secret: git_cryptic_systems_container_registry_user + password: + from_secret: git_cryptic_systems_container_registry_password + +- name: email-notification + environment: + SMTP_FROM_ADDRESS: + from_secret: smtp_from_address + SMTP_FROM_NAME: + from_secret: smtp_from_name + SMTP_HOST: + from_secret: smtp_host + SMTP_USERNAME: + from_secret: smtp_username + SMTP_PASSWORD: + from_secret: smtp_password + image: git.cryptic.systems/volker.raschek/drone-email:0.1.2 + when: + status: + - changed + - failure + +trigger: + branch: + - master + event: + - cron + - push + repo: + - volker.raschek/git-docker + +--- +kind: pipeline +type: kubernetes +name: latest-manifest + +clone: + disable: true + +depends_on: +- latest-amd64 +- latest-arm-v7 +- latest-arm64-v8 + +# docker.io/plugins/manifest only for amd64 architectures available +node_selector: + kubernetes.io/os: linux + kubernetes.io/arch: amd64 + +steps: +- name: clone + image: git.cryptic.systems/volker.raschek/git:1.3.0 + +- name: build-manifest + image: docker.io/plugins/manifest:1.4.0 + settings: + auto_tag: false + ignore_missing: true + spec: manifest.tmpl + username: + from_secret: git_cryptic_systems_container_registry_user + password: + from_secret: git_cryptic_systems_container_registry_password + +- name: email-notification + environment: + SMTP_FROM_ADDRESS: + from_secret: smtp_from_address + SMTP_FROM_NAME: + from_secret: smtp_from_name + SMTP_HOST: + from_secret: smtp_host + SMTP_USERNAME: + from_secret: smtp_username + SMTP_PASSWORD: + from_secret: smtp_password + image: git.cryptic.systems/volker.raschek/drone-email:0.1.2 + resources: + limits: + cpu: 150 + memory: 150M + when: + status: + - changed + - failure + +trigger: + branch: + - master + event: + - cron + - push + repo: + - volker.raschek/git-docker + +--- +kind: pipeline +type: kubernetes +name: latest-sync + +clone: + disable: true + +depends_on: +- latest-manifest + +steps: +- name: clone + image: git.cryptic.systems/volker.raschek/git:1.3.0 + +- name: latest-sync + commands: + - skopeo sync --all --src=docker --src-creds=$SRC_CRED_USERNAME:$SRC_CRED_PASSWORD --dest=docker --dest-creds=$DEST_CRED_USERNAME:$DEST_CRED_PASSWORD git.cryptic.systems/volker.raschek/git docker.io/volkerraschek + environment: + SRC_CRED_USERNAME: + from_secret: git_cryptic_systems_container_registry_user + SRC_CRED_PASSWORD: + from_secret: git_cryptic_systems_container_registry_password + DEST_CRED_USERNAME: + from_secret: container_image_registry_user + DEST_CRED_PASSWORD: + from_secret: container_image_registry_password + image: quay.io/skopeo/stable:v1.13.2 + +- name: email-notification + environment: + SMTP_FROM_ADDRESS: + from_secret: smtp_from_address + SMTP_FROM_NAME: + from_secret: smtp_from_name + SMTP_HOST: + from_secret: smtp_host + SMTP_USERNAME: + from_secret: smtp_username + SMTP_PASSWORD: + from_secret: smtp_password + image: git.cryptic.systems/volker.raschek/drone-email:0.1.2 + resources: + limits: + cpu: 150 + memory: 150M + when: + status: + - changed + - failure + +trigger: + branch: + - master + event: + - cron + - push + repo: + - volker.raschek/git-docker + +--- +kind: pipeline +type: docker +name: tagged-amd64 + +clone: + disable: true + +platform: + os: linux + arch: amd64 + +steps: +- name: clone + image: git.cryptic.systems/volker.raschek/git:1.3.0 + +- name: build + image: docker.io/plugins/docker:20.10.9 + settings: + auto_tag: true + auto_tag_suffix: amd64 + dockerfile: Dockerfile + force_tag: true + no_cache: true + purge: true + mirror: + from_secret: docker_io_mirror + registry: git.cryptic.systems + repo: git.cryptic.systems/volker.raschek/git + username: + from_secret: git_cryptic_systems_container_registry_user + password: + from_secret: git_cryptic_systems_container_registry_password + build_args: + - GOSEC_VERSION=${DRONE_TAG} + +- name: email-notification + environment: + SMTP_FROM_ADDRESS: + from_secret: smtp_from_address + SMTP_FROM_NAME: + from_secret: smtp_from_name + SMTP_HOST: + from_secret: smtp_host + SMTP_USERNAME: + from_secret: smtp_username + SMTP_PASSWORD: + from_secret: smtp_password + image: git.cryptic.systems/volker.raschek/drone-email:0.1.2 + when: + status: + - changed + - failure + +trigger: + event: + - tag + repo: + - volker.raschek/git-docker + +--- +kind: pipeline +type: docker +name: tagged-arm-v7 + +clone: + disable: true + +platform: + os: linux + arch: arm + +steps: +- name: clone + image: git.cryptic.systems/volker.raschek/git:1.3.0 + +- name: build + image: docker.io/plugins/docker:20.10.9 + settings: + auto_tag: true + auto_tag_suffix: arm-v7 + dockerfile: Dockerfile + force_tag: true + no_cache: true + purge: true + mirror: + from_secret: docker_io_mirror + registry: git.cryptic.systems + repo: git.cryptic.systems/volker.raschek/git + username: + from_secret: git_cryptic_systems_container_registry_user + password: + from_secret: git_cryptic_systems_container_registry_password + build_args: + - GOSEC_VERSION=${DRONE_TAG} + +- name: email-notification + environment: + SMTP_FROM_ADDRESS: + from_secret: smtp_from_address + SMTP_FROM_NAME: + from_secret: smtp_from_name + SMTP_HOST: + from_secret: smtp_host + SMTP_USERNAME: + from_secret: smtp_username + SMTP_PASSWORD: + from_secret: smtp_password + image: git.cryptic.systems/volker.raschek/drone-email:0.1.2 + when: + status: + - changed + - failure + +trigger: + event: + - tag + repo: + - volker.raschek/git-docker + +--- +kind: pipeline +type: docker +name: tagged-arm64-v8 + +clone: + disable: true + +platform: + os: linux + arch: arm64 + +steps: +- name: clone + image: git.cryptic.systems/volker.raschek/git:1.3.0 + +- name: build + image: docker.io/plugins/docker:20.10.9 + settings: + auto_tag: true + auto_tag_suffix: arm64-v8 + dockerfile: Dockerfile + force_tag: true + no_cache: true + purge: true + mirror: + from_secret: docker_io_mirror + registry: git.cryptic.systems + repo: git.cryptic.systems/volker.raschek/git + username: + from_secret: git_cryptic_systems_container_registry_user + password: + from_secret: git_cryptic_systems_container_registry_password + build_args: + - GOSEC_VERSION=${DRONE_TAG} + +- name: email-notification + environment: + SMTP_FROM_ADDRESS: + from_secret: smtp_from_address + SMTP_FROM_NAME: + from_secret: smtp_from_name + SMTP_HOST: + from_secret: smtp_host + SMTP_USERNAME: + from_secret: smtp_username + SMTP_PASSWORD: + from_secret: smtp_password + image: git.cryptic.systems/volker.raschek/drone-email:0.1.2 + when: + status: + - changed + - failure + +trigger: + event: + - tag + repo: + - volker.raschek/git-docker + +--- +kind: pipeline +type: kubernetes +name: tagged-manifest + +clone: + disable: true + +depends_on: +- tagged-amd64 +- tagged-arm-v7 +- tagged-arm64-v8 + +# docker.io/plugins/manifest only for amd64 architectures available +node_selector: + kubernetes.io/os: linux + kubernetes.io/arch: amd64 + +steps: +- name: clone + image: git.cryptic.systems/volker.raschek/git:1.3.0 + +- name: build-manifest + image: docker.io/plugins/manifest:1.4.0 + settings: + auto_tag: true + ignore_missing: true + spec: manifest.tmpl + username: + from_secret: git_cryptic_systems_container_registry_user + password: + from_secret: git_cryptic_systems_container_registry_password + +- name: email-notification + environment: + SMTP_FROM_ADDRESS: + from_secret: smtp_from_address + SMTP_FROM_NAME: + from_secret: smtp_from_name + SMTP_HOST: + from_secret: smtp_host + SMTP_USERNAME: + from_secret: smtp_username + SMTP_PASSWORD: + from_secret: smtp_password + image: git.cryptic.systems/volker.raschek/drone-email:0.1.2 + resources: + limits: + cpu: 150 + memory: 150M + when: + status: + - changed + - failure + +trigger: + event: + - tag + repo: + - volker.raschek/git-docker + +--- +kind: pipeline +type: kubernetes +name: tagged-sync + +clone: + disable: true + +depends_on: +- tagged-manifest + +steps: +- name: clone + image: git.cryptic.systems/volker.raschek/git:1.3.0 + +- name: tagged-sync + commands: + - skopeo sync --all --src=docker --src-creds=$SRC_CRED_USERNAME:$SRC_CRED_PASSWORD --dest=docker --dest-creds=$DEST_CRED_USERNAME:$DEST_CRED_PASSWORD git.cryptic.systems/volker.raschek/git docker.io/volkerraschek + environment: + SRC_CRED_USERNAME: + from_secret: git_cryptic_systems_container_registry_user + SRC_CRED_PASSWORD: + from_secret: git_cryptic_systems_container_registry_password + DEST_CRED_USERNAME: + from_secret: container_image_registry_user + DEST_CRED_PASSWORD: + from_secret: container_image_registry_password + image: quay.io/skopeo/stable:v1.13.2 + +- name: email-notification + environment: + SMTP_FROM_ADDRESS: + from_secret: smtp_from_address + SMTP_FROM_NAME: + from_secret: smtp_from_name + SMTP_HOST: + from_secret: smtp_host + SMTP_USERNAME: + from_secret: smtp_username + SMTP_PASSWORD: + from_secret: smtp_password + image: git.cryptic.systems/volker.raschek/drone-email:0.1.2 + resources: + limits: + cpu: 150 + memory: 150M + when: + status: + - changed + - failure + +trigger: + event: + - tag + repo: + - volker.raschek/git-docker diff --git a/manifest.tmpl b/manifest.tmpl new file mode 100644 index 0000000..fbec146 --- /dev/null +++ b/manifest.tmpl @@ -0,0 +1,26 @@ +image: git.cryptic.systems/volker.raschek/git:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}} +{{#if build.tags}} +tags: +{{#each build.tags}} + - {{this}} +{{/each}} + - "latest" +{{/if}} +manifests: + - + image: git.cryptic.systems/volker.raschek/git:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}-amd64 + platform: + architecture: amd64 + os: linux + - + image: git.cryptic.systems/volker.raschek/git:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}-arm-v7 + platform: + architecture: arm + os: linux + variant: v7 + - + image: git.cryptic.systems/volker.raschek/git:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}-arm64-v8 + platform: + architecture: arm64 + os: linux + variant: v8 diff --git a/posix/clone-pull-request b/posix/clone-pull-request deleted file mode 100755 index e73352a..0000000 --- a/posix/clone-pull-request +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/sh - -FLAGS="" -if [[ ! -z "${PLUGIN_DEPTH}" ]]; then - FLAGS="--depth=${PLUGIN_DEPTH}" -fi - -if [ ! -d .git ]; then - git init - git remote add origin ${DRONE_REMOTE_URL} -fi - -set -e -set -x - -git fetch ${FLAGS} origin +refs/heads/${DRONE_COMMIT_BRANCH}: -git checkout ${DRONE_COMMIT_BRANCH} - -git fetch origin ${DRONE_COMMIT_REF}: -git merge ${DRONE_COMMIT_SHA} diff --git a/posix/clone-tag b/posix/clone-tag deleted file mode 100755 index d02378c..0000000 --- a/posix/clone-tag +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/sh - -FLAGS="" -if [[ ! -z "${PLUGIN_DEPTH}" ]]; then - FLAGS="--depth=${PLUGIN_DEPTH}" -fi - -if [ ! -d .git ]; then - git init - git remote add origin ${DRONE_REMOTE_URL} -fi - -set -e -set -x - -git fetch ${FLAGS} origin +refs/tags/${DRONE_TAG}: -git checkout -qf FETCH_HEAD diff --git a/posix/fixtures.sh b/posix/fixtures.sh deleted file mode 100755 index f3ef1aa..0000000 --- a/posix/fixtures.sh +++ /dev/null @@ -1,40 +0,0 @@ -#!/bin/sh - -# This script creates a git repository and seeds with -# commit history. Used by unit tests. - -set -e -set -x - -rm -rf /tmp/remote/greeting -mkdir -p /tmp/remote/greeting -pushd /tmp/remote/greeting - -git init - -echo "hi world" > hello.txt -git add hello.txt -git commit -m "say hi" -git tag v1.0.0 - -echo "hello world" > hello.txt -git add hello.txt -git commit -m "say hello" -git tag v1.1.0 - -git checkout -b fr - -echo "salut monde" > hello.txt -git add hello.txt -git commit -m "say hello in french" -git tag v2.0.0 - -echo "bonjour monde" > hello.txt -git add hello.txt -git commit -m "say hello en francais" -git tag v2.1.0 - -git checkout master - -popd -tar -cvf fixtures.tar /tmp/remote/greeting diff --git a/posix/fixtures.tar b/posix/fixtures.tar deleted file mode 100644 index c263356..0000000 Binary files a/posix/fixtures.tar and /dev/null differ diff --git a/posix/posix.go b/posix/posix.go deleted file mode 100644 index d6c30a2..0000000 --- a/posix/posix.go +++ /dev/null @@ -1,3 +0,0 @@ -package posix - -//go:generate go run ../scripts/includetext.go --input=clone --input=clone-commit --input=clone-pull-request --input=clone-tag --package=posix --output=posix_gen.go diff --git a/posix/posix_gen.go b/posix/posix_gen.go deleted file mode 100644 index 790fe48..0000000 --- a/posix/posix_gen.go +++ /dev/null @@ -1,138 +0,0 @@ -package posix - -// DO NOT EDIT. This file is automatically generated. - -// Contents of clone -const Clone = `#!/bin/sh - -if [[ ! -z "${DRONE_WORKSPACE}" ]]; then - cd ${DRONE_WORKSPACE} -fi - -# if the netrc enviornment variables exist, write -# the netrc file. - -if [[ ! -z "${DRONE_NETRC_MACHINE}" ]]; then - cat < /root/.netrc -machine ${DRONE_NETRC_MACHINE} -login ${DRONE_NETRC_USERNAME} -password ${DRONE_NETRC_PASSWORD} -EOF -fi - -# if the ssh_key environment variable exists, write -# the ssh key and add the netrc machine to the -# known hosts file. - -if [[ ! -z "${SSH_KEY}" ]]; then - mkdir /root/.ssh - echo -n "$SSH_KEY" > /root/.ssh/id_rsa - chmod 600 /root/.ssh/id_rsa - - touch /root/.ssh/known_hosts - chmod 600 /root/.ssh/known_hosts - ssh-keyscan -H ${DRONE_NETRC_MACHINE} > /etc/ssh/ssh_known_hosts 2> /dev/null -fi - -# configure git global behavior and parameters via the -# following environment variables: - - -if [[ -z "${DRONE_COMMIT_AUTHOR_NAME}" ]]; then - export DRONE_COMMIT_AUTHOR_NAME=drone -fi - -if [[ -z "${DRONE_COMMIT_AUTHOR_EMAIL}" ]]; then - export DRONE_COMMIT_AUTHOR_EMAIL=drone@localhost -fi - -export GIT_AUTHOR_NAME=${DRONE_COMMIT_AUTHOR_NAME} -export GIT_AUTHOR_EMAIL=${DRONE_COMMIT_AUTHOR_EMAIL} -export GIT_COMMITTER_NAME=${DRONE_COMMIT_AUTHOR_NAME} -export GIT_COMMITTER_EMAIL=${DRONE_COMMIT_AUTHOR_EMAIL} - -# invoke the sub-script based on the drone event type. -# TODO we should ultimately look at the ref, since -# we need something compatible with deployment events. - -CLONE_TYPE=$DRONE_BUILD_EVENT -case $DRONE_COMMIT_REF in - refs/tags/* ) CLONE_TYPE=tag ;; -esac - -case $CLONE_TYPE in -pull_request) - clone-pull-request - ;; -tag) - clone-tag - ;; -*) - clone-commit - ;; -esac -` - -// Contents of clone-commit -const CloneCommit = `#!/bin/sh - -FLAGS="" -if [[ ! -z "${PLUGIN_DEPTH}" ]]; then - FLAGS="--depth=${PLUGIN_DEPTH}" -fi - -if [ ! -d .git ]; then - git init - git remote add origin ${DRONE_REMOTE_URL} -fi - -set -e -set -x - -git fetch ${FLAGS} origin +refs/heads/${DRONE_COMMIT_BRANCH}: -git checkout ${DRONE_COMMIT_SHA} -b ${DRONE_COMMIT_BRANCH} -` - -// Contents of clone-pull-request -const ClonePullRequest = `#!/bin/sh - -FLAGS="" -if [[ ! -z "${PLUGIN_DEPTH}" ]]; then - FLAGS="--depth=${PLUGIN_DEPTH}" -fi - -if [ ! -d .git ]; then - git init - git remote add origin ${DRONE_REMOTE_URL} -fi - -set -e -set -x - -git fetch ${FLAGS} origin +refs/heads/${DRONE_COMMIT_BRANCH}: -git checkout ${DRONE_COMMIT_BRANCH} - -git fetch origin ${DRONE_COMMIT_REF}: -git merge ${DRONE_COMMIT_SHA} -` - -// Contents of clone-tag -const CloneTag = `#!/bin/sh - -FLAGS="" -if [[ ! -z "${PLUGIN_DEPTH}" ]]; then - FLAGS="--depth=${PLUGIN_DEPTH}" -fi - -if [ ! -d .git ]; then - git init - git remote add origin ${DRONE_REMOTE_URL} -fi - -set -e -set -x - -git fetch ${FLAGS} origin +refs/tags/${DRONE_TAG}: -git checkout -qf FETCH_HEAD -` - diff --git a/posix/posix_test.go b/posix/posix_test.go deleted file mode 100644 index a70f214..0000000 --- a/posix/posix_test.go +++ /dev/null @@ -1,259 +0,0 @@ -package posix - -import ( - "fmt" - "io/ioutil" - "os" - "os/exec" - "path/filepath" - "strings" - "testing" -) - -func TestCommits(t *testing.T) { - remote := "/tmp/remote/greeting" - - base, err := ioutil.TempDir("", "test") - if err != nil { - t.Error(err) - return - } - defer os.Remove(base) - - for i, test := range tests { - local := filepath.Join(base, fmt.Sprint(i)) - err = os.MkdirAll(local, 0777) - if err != nil { - t.Error(err) - return - } - - bin, err := filepath.Abs("clone-commit") - if err != nil { - t.Error(err) - return - } - - cmd := exec.Command(bin) - cmd.Dir = local - cmd.Env = []string{ - fmt.Sprintf("DRONE_COMMIT_BRANCH=%s", test.branch), - fmt.Sprintf("DRONE_COMMIT_SHA=%s", test.commit), - fmt.Sprintf("DRONE_WORKSPACE=%s", local), - fmt.Sprintf("DRONE_REMOTE_URL=%s", remote), - } - - out, err := cmd.CombinedOutput() - if err != nil { - t.Error(err) - t.Log(string(out)) - return - } - - commit, err := getCommit(local) - if err != nil { - t.Error(err) - return - } - - branch, err := getBranch(local) - if err != nil { - t.Error(err) - return - } - - if want, got := test.commit, commit; got != want { - t.Errorf("Want commit %s, got %s", want, got) - } - - if want, got := test.branch, branch; got != want { - t.Errorf("Want branch %s, got %s", want, got) - } - - file := filepath.Join(local, test.file) - out, err = ioutil.ReadFile(file) - if err != nil { - t.Error(err) - return - } - - if want, got := test.text, string(out); want != got { - t.Errorf("Want file content %q, got %q", want, got) - } - } -} - -func TestTags(t *testing.T) { - remote := "/tmp/remote/greeting" - - base, err := ioutil.TempDir("", "test") - if err != nil { - t.Error(err) - return - } - defer os.Remove(base) - - for i, test := range tests { - local := filepath.Join(base, fmt.Sprint(i)) - err = os.MkdirAll(local, 0777) - if err != nil { - t.Error(err) - return - } - - bin, err := filepath.Abs("clone-tag") - if err != nil { - t.Error(err) - return - } - - cmd := exec.Command(bin) - cmd.Dir = local - cmd.Env = []string{ - fmt.Sprintf("DRONE_TAG=%s", test.tag), - fmt.Sprintf("DRONE_COMMIT_SHA=%s", test.commit), - fmt.Sprintf("DRONE_WORKSPACE=%s", local), - fmt.Sprintf("DRONE_REMOTE_URL=%s", remote), - } - - out, err := cmd.CombinedOutput() - if err != nil { - t.Error(err) - t.Log(string(out)) - return - } - - commit, err := getCommit(local) - if err != nil { - t.Error(err) - return - } - - if want, got := test.commit, commit; got != want { - t.Errorf("Want commit %s, got %s", want, got) - } - - file := filepath.Join(local, test.file) - out, err = ioutil.ReadFile(file) - if err != nil { - t.Error(err) - return - } - - if want, got := test.text, string(out); want != got { - t.Errorf("Want file content %q, got %q", want, got) - } - } -} - -func TestPullRequest(t *testing.T) { - remote := "https://github.com/octocat/Spoon-Knife.git" - - local, err := ioutil.TempDir("", "test") - if err != nil { - t.Error(err) - return - } - defer os.Remove(local) - - bin, err := filepath.Abs("clone-pull-request") - if err != nil { - t.Error(err) - return - } - - cmd := exec.Command(bin) - cmd.Dir = local - cmd.Env = []string{ - fmt.Sprintf("DRONE_COMMIT_REF=%s", "refs/pull/14596/head"), - fmt.Sprintf("DRONE_COMMIT_BRANCH=%s", "main"), - fmt.Sprintf("DRONE_COMMIT_SHA=%s", "26923a8f37933ccc23943de0d4ebd53908268582"), - fmt.Sprintf("DRONE_WORKSPACE=%s", local), - fmt.Sprintf("DRONE_REMOTE_URL=%s", remote), - } - - out, err := cmd.CombinedOutput() - if err != nil { - t.Error(err) - t.Log(string(out)) - return - } - - commit, err := getCommit(local) - if err != nil { - t.Error(err) - return - } - - branch, err := getBranch(local) - if err != nil { - t.Error(err) - return - } - - if want, got := "26923a8f37933ccc23943de0d4ebd53908268582", commit; got != want { - t.Errorf("Want commit %s, got %s", want, got) - } - - if want, got := "main", branch; got != want { - t.Errorf("Want branch %s, got %s", want, got) - } - - file := filepath.Join(local, "directory/file.txt") - out, err = ioutil.ReadFile(file) - if err != nil { - t.Error(err) - return - } -} - -func getBranch(path string) (string, error) { - cmd := exec.Command("git", "rev-parse", "--abbrev-ref", "HEAD") - cmd.Dir = path - out, err := cmd.CombinedOutput() - return strings.TrimSpace(string(out)), err -} - -func getCommit(path string) (string, error) { - cmd := exec.Command("git", "rev-parse", "HEAD") - cmd.Dir = path - out, err := cmd.CombinedOutput() - return strings.TrimSpace(string(out)), err -} - -var tests = []struct { - branch string - commit string - tag string - file string - text string -}{ - { - commit: "9cd29dca0a98f76df94d66493ee54788a18190a0", - branch: "master", - tag: "v1.0.0", - file: "hello.txt", - text: "hi world\n", - }, - { - commit: "bbdf5d4028a6066431f59fcd8d83afff610a55ae", - branch: "master", - tag: "v1.1.0", - file: "hello.txt", - text: "hello world\n", - }, - { - commit: "553af1ca53c9ad54b096d7ff1416f6c4d1e5049f", - branch: "fr", - tag: "v2.0.0", - file: "hello.txt", - text: "salut monde\n", - }, - { - commit: "94b4a1710d1581b8b00c5f7b077026eae3c07646", - branch: "fr", - tag: "v2.1.0", - file: "hello.txt", - text: "bonjour monde\n", - }, -} diff --git a/renovate.json b/renovate.json new file mode 100644 index 0000000..2249406 --- /dev/null +++ b/renovate.json @@ -0,0 +1,37 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "assignees": [ "volker.raschek" ], + "automergeStrategy": "merge-commit", + "automergeType": "pr", + "labels": [ "renovate" ], + "packageRules": [ + { + "addLabels": [ "renovate/droneci", "renovate/automerge" ], + "automerge": true, + "excludePackagePatterns": [ "plugins/docker" ], + "matchManagers": "droneci", + "matchUpdateTypes": [ "minor", "patch"] + }, + { + "description": "Automatically update patch version of used container images in docker files", + "addLabels": [ "renovate/container-image", "renovate/automerge" ], + "automerge": true, + "matchBaseBranches": [ "master" ], + "matchManagers": [ "dockerfile" ], + "matchUpdateTypes": [ "patch" ] + } + ], + "rebaseLabel": "renovate/rebase", + "rebaseWhen": "behind-base-branch", + "regexManagers": [ + { + "description": "Update version", + "fileMatch": [ + "^Makefile$" + ], + "matchStrings": [ + "GOSEC_VERSION\\?=(?.*) # renovate: datasource=(?.*) depName=(?.*)( lookupName=(?.*))?( versioning=(?.*))?" + ] + } + ] +} diff --git a/posix/clone b/rootfs/usr/local/bin/clone similarity index 70% rename from posix/clone rename to rootfs/usr/local/bin/clone index 0248a26..d59aa36 100755 --- a/posix/clone +++ b/rootfs/usr/local/bin/clone @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash if [[ -n "${DRONE_WORKSPACE}" ]]; then # ensure the unprivileged drone user can write @@ -11,7 +11,7 @@ if [[ -n "${DRONE_WORKSPACE}" ]]; then # ensure the workspace is the current working # directory. This should already be the case, # but we cd just to be safe. - cd ${DRONE_WORKSPACE} + cd "${DRONE_WORKSPACE}" || exit 1 fi # force the home directory path. @@ -24,8 +24,8 @@ fi # if the netrc enviornment variables exist, write # the netrc file. -if [[ ! -z "${DRONE_NETRC_MACHINE}" ]]; then - cat < ${HOME}/.netrc +if [[ -n "${DRONE_NETRC_MACHINE}" ]]; then + cat < "${HOME}/.netrc" machine ${DRONE_NETRC_MACHINE} login ${DRONE_NETRC_USERNAME} password ${DRONE_NETRC_PASSWORD} @@ -35,24 +35,23 @@ fi # if the ssh_key environment variable exists, write # the ssh key and add the netrc machine to the # known hosts file. +if [[ -n "${DRONE_SSH_KEY}" ]]; then + mkdir "${HOME}/.ssh" + echo -n "${DRONE_SSH_KEY}" > "${HOME}/.ssh/id_rsa" + chmod 600 "${HOME}/.ssh/id_rsa" -if [[ ! -z "${DRONE_SSH_KEY}" ]]; then - mkdir ${HOME}/.ssh - echo -n "$DRONE_SSH_KEY" > ${HOME}/.ssh/id_rsa - chmod 600 ${HOME}/.ssh/id_rsa - - touch ${HOME}/.ssh/known_hosts - chmod 600 ${HOME}/.ssh/known_hosts - ssh-keyscan -H ${DRONE_NETRC_MACHINE} > /etc/ssh/ssh_known_hosts 2> /dev/null + touch "${HOME}/.ssh/known_hosts" + chmod 600 "${HOME}/.ssh/known_hosts" + ssh-keyscan -H "${DRONE_NETRC_MACHINE}" > /etc/ssh/ssh_known_hosts 2> /dev/null fi # AWS codecommit support using AWS access key & secret key # Refer: https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-https-unixes.html -if [[ ! -z "$DRONE_AWS_ACCESS_KEY" ]]; then - aws configure set aws_access_key_id $DRONE_AWS_ACCESS_KEY - aws configure set aws_secret_access_key $DRONE_AWS_SECRET_KEY - aws configure set default.region $DRONE_AWS_REGION +if [[ -n "${DRONE_AWS_ACCESS_KEY}" ]]; then + aws configure set aws_access_key_id "${DRONE_AWS_ACCESS_KEY}" + aws configure set aws_secret_access_key "${DRONE_AWS_SECRET_KEY}" + aws configure set default.region "${DRONE_AWS_REGION}" git config --global credential.helper '!aws codecommit credential-helper $@' git config --global credential.UseHttpPath true @@ -79,12 +78,20 @@ export GIT_COMMITTER_EMAIL=${DRONE_COMMIT_AUTHOR_EMAIL} # TODO we should ultimately look at the ref, since # we need something compatible with deployment events. -CLONE_TYPE=$DRONE_BUILD_EVENT -case $DRONE_COMMIT_REF in - refs/tags/* ) CLONE_TYPE=tag ;; - refs/pull/* ) CLONE_TYPE=pull_request ;; - refs/pull-request/* ) CLONE_TYPE=pull_request ;; - refs/merge-requests/* ) CLONE_TYPE=pull_request ;; +CLONE_TYPE=${DRONE_BUILD_EVENT} +case ${DRONE_COMMIT_REF} in + refs/tags/*) + CLONE_TYPE=tag + ;; + refs/pull/*) + CLONE_TYPE=pull_request + ;; + refs/pull-request/*) + CLONE_TYPE=pull_request + ;; + refs/merge-requests/*) + CLONE_TYPE=pull_request + ;; esac git_clone_retry(){ @@ -100,11 +107,11 @@ git_clone_retry(){ $1 && return n=$((n+1)) done - + exit 1 } -case $CLONE_TYPE in +case ${CLONE_TYPE} in pull_request) git_clone_retry clone-pull-request ;; diff --git a/posix/clone-commit b/rootfs/usr/local/bin/clone-commit similarity index 59% rename from posix/clone-commit rename to rootfs/usr/local/bin/clone-commit index 1dedc41..be3f696 100755 --- a/posix/clone-commit +++ b/rootfs/usr/local/bin/clone-commit @@ -1,13 +1,15 @@ -#!/bin/sh +#!/bin/bash + +set -x FLAGS="" -if [[ ! -z "${PLUGIN_DEPTH}" ]]; then +if [[ -n "${PLUGIN_DEPTH}" ]]; then FLAGS="--depth=${PLUGIN_DEPTH}" fi if [ ! -d .git ]; then git init - git remote add origin ${DRONE_REMOTE_URL} + git remote add origin "${DRONE_REMOTE_URL}" fi # the branch may be empty for certain event types, @@ -19,7 +21,7 @@ if [[ -z "${DRONE_COMMIT_BRANCH}" ]]; then set -e set -x git fetch origin - git checkout -qf ${DRONE_COMMIT_SHA} + git checkout --quiet --force "${DRONE_COMMIT_SHA}" exit 0 fi @@ -29,13 +31,13 @@ fi if [[ -z "${DRONE_COMMIT_SHA}" ]]; then set -e set -x - git fetch ${FLAGS} origin +refs/heads/${DRONE_COMMIT_BRANCH}: - git checkout -b ${DRONE_COMMIT_BRANCH} origin/${DRONE_COMMIT_BRANCH} + git fetch "${FLAGS}" origin "+refs/heads/${DRONE_COMMIT_BRANCH}:" + git checkout -b "${DRONE_COMMIT_BRANCH}" "origin/${DRONE_COMMIT_BRANCH}" exit 0 fi set -e set -x -git fetch ${FLAGS} origin +refs/heads/${DRONE_COMMIT_BRANCH}: -git checkout ${DRONE_COMMIT_SHA} -b ${DRONE_COMMIT_BRANCH} +git fetch "${FLAGS}" origin "+refs/heads/${DRONE_COMMIT_BRANCH}:" +git checkout "${DRONE_COMMIT_SHA}" -b "${DRONE_COMMIT_BRANCH}" diff --git a/rootfs/usr/local/bin/clone-pull-request b/rootfs/usr/local/bin/clone-pull-request new file mode 100755 index 0000000..f8f8557 --- /dev/null +++ b/rootfs/usr/local/bin/clone-pull-request @@ -0,0 +1,20 @@ +#!/bin/bash + +FLAGS="" +if [[ -n "${PLUGIN_DEPTH}" ]]; then + FLAGS="--depth=${PLUGIN_DEPTH}" +fi + +if [ ! -d .git ]; then + git init + git remote add origin "${DRONE_REMOTE_URL}" +fi + +set -e +set -x + +git fetch "${FLAGS}" origin "+refs/heads/${DRONE_COMMIT_BRANCH}:" +git checkout "${DRONE_COMMIT_BRANCH}" + +git fetch origin "${DRONE_COMMIT_REF}:" +git merge "${DRONE_COMMIT_SHA}" diff --git a/rootfs/usr/local/bin/clone-tag b/rootfs/usr/local/bin/clone-tag new file mode 100755 index 0000000..45e3f82 --- /dev/null +++ b/rootfs/usr/local/bin/clone-tag @@ -0,0 +1,17 @@ +#!/bin/bash + +FLAGS="" +if [[ -n "${PLUGIN_DEPTH}" ]]; then + FLAGS="--depth=${PLUGIN_DEPTH}" +fi + +if [ ! -d .git ]; then + git init + git remote add origin "${DRONE_REMOTE_URL}" +fi + +set -e +set -x + +git fetch "${FLAGS}" origin "+refs/tags/${DRONE_TAG}:" +git checkout --quiet --force FETCH_HEAD diff --git a/rootfs/usr/share/licenses/LICENSE b/rootfs/usr/share/licenses/LICENSE new file mode 120000 index 0000000..1477615 --- /dev/null +++ b/rootfs/usr/share/licenses/LICENSE @@ -0,0 +1 @@ +../../../../LICENSE \ No newline at end of file diff --git a/scripts/includetext.go b/scripts/includetext.go deleted file mode 100644 index 086ce20..0000000 --- a/scripts/includetext.go +++ /dev/null @@ -1,87 +0,0 @@ -// +build ignore - -package main - -import ( - "bytes" - "flag" - "io/ioutil" - "log" - "path/filepath" - "strings" - "text/template" -) - -var ( - input stringSlice - output string - name string -) - -func main() { - flag.Var(&input, "input", "input files") - flag.StringVar(&output, "output", "", "output file") - flag.StringVar(&name, "package", "", "package name") - flag.Parse() - - var files []File - for _, file := range input { - out, err := ioutil.ReadFile(file) - if err != nil { - log.Fatalln(err) - } - files = append(files, File{ - Name: file, - Slug: slugify(file), - Data: string(out), - }) - } - - data := map[string]interface{}{ - "Files": files, - "Package": name, - } - buf := new(bytes.Buffer) - err := tmpl.Execute(buf, data) - if err != nil { - log.Fatalln(err) - } - - ioutil.WriteFile(output, buf.Bytes(), 0644) -} - -func slugify(s string) string { - ext := filepath.Ext(s) - s = strings.TrimSuffix(s, ext) - s = strings.Title(s) - s = strings.ReplaceAll(s, "-", "") - s = strings.ReplaceAll(s, "_", "") - return s -} - -type stringSlice []string - -func (s *stringSlice) String() string { - return strings.Join(*s, ",") -} - -func (s *stringSlice) Set(value string) error { - *s = append(*s, value) - return nil -} - -type File struct { - Name string - Data string - Slug string -} - -var tmpl = template.Must(template.New("_").Parse(`package {{ .Package }} - -// DO NOT EDIT. This file is automatically generated. - -{{ range .Files -}} -// Contents of {{ .Name }} -const {{ .Slug }} = ` + "`{{ .Data }}`" + ` - -{{ end -}}`)) diff --git a/windows/clone-commit.ps1 b/windows/clone-commit.ps1 deleted file mode 100644 index 43566c5..0000000 --- a/windows/clone-commit.ps1 +++ /dev/null @@ -1,17 +0,0 @@ - -Set-Variable -Name "FLAGS" -Value "" -if ($Env:PLUGIN_DEPTH) { - Set-Variable -Name "FLAGS" -Value "--depth=$Env:PLUGIN_DEPTH" -} - -if (!(Test-Path .git)) { - Write-Host 'git init'; - git init - Write-Host "git remote add origin $Env:DRONE_REMOTE_URL" - git remote add origin $Env:DRONE_REMOTE_URL -} - -Write-Host "git fetch $FLAGS origin +refs/heads/${Env:DRONE_COMMIT_BRANCH}:"; -git fetch $FLAGS origin "+refs/heads/${Env:DRONE_COMMIT_BRANCH}:"; -Write-Host "git checkout $Env:DRONE_COMMIT_SHA -f $Env:DRONE_COMMIT_BRANCH"; -git checkout $Env:DRONE_COMMIT_SHA -b $Env:DRONE_COMMIT_BRANCH; diff --git a/windows/clone-pull-request.ps1 b/windows/clone-pull-request.ps1 deleted file mode 100644 index 3cebaaf..0000000 --- a/windows/clone-pull-request.ps1 +++ /dev/null @@ -1,16 +0,0 @@ - -Set-Variable -Name "FLAGS" -Value "" -if ($Env:PLUGIN_DEPTH) { - Set-Variable -Name "FLAGS" -Value "--depth=$Env:PLUGIN_DEPTH" -} - -if (!(Test-Path .git)) { - git init - git remote add origin $Env:DRONE_REMOTE_URL -} - -git fetch $FLAGS origin "+refs/heads/${Env:DRONE_COMMIT_BRANCH}:" -git checkout $Env:DRONE_COMMIT_BRANCH - -git fetch origin "${Env:DRONE_COMMIT_REF}:" -git merge $Env:DRONE_COMMIT_SHA diff --git a/windows/clone-tag.ps1 b/windows/clone-tag.ps1 deleted file mode 100644 index a37a3f1..0000000 --- a/windows/clone-tag.ps1 +++ /dev/null @@ -1,13 +0,0 @@ - -Set-Variable -Name "FLAGS" -Value "" -if ($Env:PLUGIN_DEPTH) { - Set-Variable -Name "FLAGS" -Value "--depth=$Env:PLUGIN_DEPTH" -} - -if (!(Test-Path .git)) { - git init - git remote add origin $Env:DRONE_REMOTE_URL -} - -git fetch $FLAGS origin "+refs/tags/${Env:DRONE_TAG}:" -git checkout -qf FETCH_HEAD diff --git a/windows/clone.ps1 b/windows/clone.ps1 deleted file mode 100644 index 4be8cc4..0000000 --- a/windows/clone.ps1 +++ /dev/null @@ -1,64 +0,0 @@ -$ErrorActionPreference = 'Stop'; - -# HACK: no clue how to set the PATH inside the Dockerfile, -# so am setting it here instead. This is not idea. -$Env:PATH += ';C:\git\cmd;C:\git\mingw64\bin;C:\git\usr\bin' - -# if the workspace is set we should make sure -# it is the current working directory. - -if ($Env:DRONE_WORKSPACE) { - cd $Env:DRONE_WORKSPACE -} - -# if the netrc enviornment variables exist, write -# the netrc file. - -if ($Env:DRONE_NETRC_MACHINE) { -@" -machine $Env:DRONE_NETRC_MACHINE -login $Env:DRONE_NETRC_USERNAME -password $Env:DRONE_NETRC_PASSWORD -"@ > (Join-Path $Env:USERPROFILE '_netrc'); -} - -# configure git global behavior and parameters via the -# following environment variables: - -if ($Env:PLUGIN_SKIP_VERIFY) { - $Env:GIT_SSL_NO_VERIFY = "true" -} - -if ($Env:DRONE_COMMIT_AUTHOR_NAME -eq '' -or $Env:DRONE_COMMIT_AUTHOR_NAME -eq $null) { - $Env:GIT_AUTHOR_NAME = "drone" -} else { - $Env:GIT_AUTHOR_NAME = $Env:DRONE_COMMIT_AUTHOR_NAME -} - -if ($Env:DRONE_COMMIT_AUTHOR_EMAIL -eq '' -or $Env:DRONE_COMMIT_AUTHOR_EMAIL -eq $null) { - $Env:GIT_AUTHOR_EMAIL = 'drone@localhost' -} else { - $Env:GIT_AUTHOR_EMAIL = $Env:DRONE_COMMIT_AUTHOR_EMAIL -} - -$Env:GIT_COMMITTER_NAME = $Env:GIT_AUTHOR_NAME -$Env:GIT_COMMITTER_EMAIL = $Env:GIT_AUTHOR_EMAIL - -# invoke the sub-script based on the drone event type. -# TODO we should ultimately look at the ref, since -# we need something compatible with deployment events. - -switch ($Env:DRONE_BUILD_EVENT) { - "pull_request" { - Invoke-Expression "${PSScriptRoot}\clone-pull-request.ps1" - break - } - "tag" { - Invoke-Expression "${PSScriptRoot}\clone-tag.ps1" - break - } - default { - Invoke-Expression "${PSScriptRoot}\clone-commit.ps1" - break - } -} diff --git a/windows/windows.go b/windows/windows.go deleted file mode 100644 index 326fd5e..0000000 --- a/windows/windows.go +++ /dev/null @@ -1,3 +0,0 @@ -package windows - -//go:generate go run ../scripts/includetext.go --input=clone.ps1 --input=clone-commit.ps1 --input=clone-pull-request.ps1 --input=clone-tag.ps1 --package=windows --output=windows_gen.go diff --git a/windows/windows_gen.go b/windows/windows_gen.go deleted file mode 100644 index 3f4027a..0000000 --- a/windows/windows_gen.go +++ /dev/null @@ -1,126 +0,0 @@ -package windows - -// DO NOT EDIT. This file is automatically generated. - -// Contents of clone.ps1 -const Clone = `$ErrorActionPreference = 'Stop'; - -# HACK: no clue how to set the PATH inside the Dockerfile, -# so am setting it here instead. This is not idea. -$Env:PATH += ';C:\git\cmd;C:\git\mingw64\bin;C:\git\usr\bin' - -# if the workspace is set we should make sure -# it is the current working directory. - -if ($Env:DRONE_WORKSPACE) { - cd $Env:DRONE_WORKSPACE -} - -# if the netrc enviornment variables exist, write -# the netrc file. - -if ($Env:DRONE_NETRC_MACHINE) { -@" -machine $Env:DRONE_NETRC_MACHINE -login $Env:DRONE_NETRC_USERNAME -password $Env:DRONE_NETRC_PASSWORD -"@ > (Join-Path $Env:USERPROFILE '_netrc'); -} - -# configure git global behavior and parameters via the -# following environment variables: - -if ($Env:PLUGIN_SKIP_VERIFY) { - $Env:GIT_SSL_NO_VERIFY = "true" -} - -if ($Env:DRONE_COMMIT_AUTHOR_NAME -eq '' -or $Env:DRONE_COMMIT_AUTHOR_NAME -eq $null) { - $Env:GIT_AUTHOR_NAME = "drone" -} else { - $Env:GIT_AUTHOR_NAME = $Env:DRONE_COMMIT_AUTHOR_NAME -} - -if ($Env:DRONE_COMMIT_AUTHOR_EMAIL -eq '' -or $Env:DRONE_COMMIT_AUTHOR_EMAIL -eq $null) { - $Env:GIT_AUTHOR_EMAIL = 'drone@localhost' -} else { - $Env:GIT_AUTHOR_EMAIL = $Env:DRONE_COMMIT_AUTHOR_EMAIL -} - -$Env:GIT_COMMITTER_NAME = $Env:GIT_AUTHOR_NAME -$Env:GIT_COMMITTER_EMAIL = $Env:GIT_AUTHOR_EMAIL - -# invoke the sub-script based on the drone event type. -# TODO we should ultimately look at the ref, since -# we need something compatible with deployment events. - -switch ($Env:DRONE_BUILD_EVENT) { - "pull_request" { - Invoke-Expression "${PSScriptRoot}\clone-pull-request.ps1" - break - } - "tag" { - Invoke-Expression "${PSScriptRoot}\clone-tag.ps1" - break - } - default { - Invoke-Expression "${PSScriptRoot}\clone-commit.ps1" - break - } -} -` - -// Contents of clone-commit.ps1 -const CloneCommit = ` -Set-Variable -Name "FLAGS" -Value "" -if ($Env:PLUGIN_DEPTH) { - Set-Variable -Name "FLAGS" -Value "--depth=$Env:PLUGIN_DEPTH" -} - -if (!(Test-Path .git)) { - Write-Host 'git init'; - git init - Write-Host "git remote add origin $Env:DRONE_REMOTE_URL" - git remote add origin $Env:DRONE_REMOTE_URL -} - -Write-Host "git fetch $FLAGS origin +refs/heads/${Env:DRONE_COMMIT_BRANCH}:"; -git fetch $FLAGS origin "+refs/heads/${Env:DRONE_COMMIT_BRANCH}:"; -Write-Host "git checkout $Env:DRONE_COMMIT_SHA -f $Env:DRONE_COMMIT_BRANCH"; -git checkout $Env:DRONE_COMMIT_SHA -b $Env:DRONE_COMMIT_BRANCH; -` - -// Contents of clone-pull-request.ps1 -const ClonePullRequest = ` -Set-Variable -Name "FLAGS" -Value "" -if ($Env:PLUGIN_DEPTH) { - Set-Variable -Name "FLAGS" -Value "--depth=$Env:PLUGIN_DEPTH" -} - -if (!(Test-Path .git)) { - git init - git remote add origin $Env:DRONE_REMOTE_URL -} - -git fetch $FLAGS origin "+refs/heads/${Env:DRONE_COMMIT_BRANCH}:" -git checkout $Env:DRONE_COMMIT_BRANCH - -git fetch origin "${Env:DRONE_COMMIT_REF}:" -git merge $Env:DRONE_COMMIT_SHA -` - -// Contents of clone-tag.ps1 -const CloneTag = ` -Set-Variable -Name "FLAGS" -Value "" -if ($Env:PLUGIN_DEPTH) { - Set-Variable -Name "FLAGS" -Value "--depth=$Env:PLUGIN_DEPTH" -} - -if (!(Test-Path .git)) { - git init - git remote add origin $Env:DRONE_REMOTE_URL -} - -git fetch $FLAGS origin "+refs/tags/${Env:DRONE_TAG}:" -git checkout -qf FETCH_HEAD -` -