62 lines
1.5 KiB
Bash
62 lines
1.5 KiB
Bash
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
mkdir -p ci/prod/env
|
|
|
|
# export runtime vars (SSH_HOST etc.) and version info for downstream steps
|
|
set -a
|
|
. ./ci/prod/.env.runtime
|
|
. ./.env.version
|
|
set +a
|
|
|
|
REGISTRY_URL="${REGISTRY_URL:-}"
|
|
MONGO_VERSION="${MONGO_VERSION:-latest}"
|
|
MONGO_ARCH="${MONGO_ARCH:-linux/amd64}"
|
|
APP_V="${APP_V:-}"
|
|
|
|
if [ -z "$REGISTRY_URL" ]; then
|
|
echo "REGISTRY_URL is not set (define in .env.runtime or Woodpecker env)" >&2
|
|
exit 1
|
|
fi
|
|
if [ -z "$APP_V" ]; then
|
|
echo "APP_V is not set (version step must run first)" >&2
|
|
exit 1
|
|
fi
|
|
|
|
for f in secrets/REGISTRY_USER secrets/REGISTRY_PASS; do
|
|
if [ ! -s "$f" ]; then
|
|
echo "missing registry credential: $f" >&2
|
|
exit 1
|
|
fi
|
|
done
|
|
|
|
CREDS="$(cat secrets/REGISTRY_USER):$(cat secrets/REGISTRY_PASS)"
|
|
|
|
SRC_REF="docker://docker.io/library/mongo:${MONGO_VERSION}"
|
|
DEST_REF="docker://${REGISTRY_URL}/mirror/mongo:${APP_V}"
|
|
|
|
OS="${MONGO_ARCH%%/*}"
|
|
ARCH="${MONGO_ARCH##*/}"
|
|
|
|
skopeo copy \
|
|
--override-os "${OS:-linux}" \
|
|
--override-arch "${ARCH:-amd64}" \
|
|
--retry-times 3 \
|
|
"$SRC_REF" \
|
|
"$DEST_REF" \
|
|
--dest-creds "$CREDS"
|
|
|
|
INSPECT="$(skopeo inspect "$DEST_REF" --creds "$CREDS")"
|
|
DIGEST="$(printf '%s' "$INSPECT" | tr -d '\n' | sed -n 's/.*"Digest"[[:space:]]*:[[:space:]]*"\([^"]*\)".*/\1/p')"
|
|
|
|
if [ -z "$DIGEST" ]; then
|
|
echo "failed to parse digest from skopeo inspect output" >&2
|
|
exit 1
|
|
fi
|
|
|
|
cat <<EOF | tee .env.lock ci/prod/env/.env.lock.db
|
|
MONGO_TAG=${APP_V}
|
|
MONGO_DIGEST=${DIGEST}
|
|
MONGO_IMAGE=${REGISTRY_URL}/mirror/mongo:${APP_V}
|
|
EOF
|