From 8334ececf3f9f36d961ef2fe76491953c4f952b9 Mon Sep 17 00:00:00 2001 From: aptalca <541623+aptalca@users.noreply.github.com> Date: Tue, 3 Sep 2024 10:34:32 -0400 Subject: [PATCH] fix sed, switch branch to alpine319 --- .github/CONTRIBUTING.md | 4 +- .github/PULL_REQUEST_TEMPLATE.md | 2 +- .github/workflows/external_trigger.yml | 57 +++++---- .../workflows/external_trigger_scheduler.yml | 24 ++-- .github/workflows/greetings.yml | 2 +- .github/workflows/package_trigger.yml | 32 ++--- .../workflows/package_trigger_scheduler.yml | 18 +-- Dockerfile | 2 +- Dockerfile.aarch64 | 2 +- Jenkinsfile | 110 ++++++++++++------ README.md | 2 +- jenkins-vars.yml | 4 +- 12 files changed, 150 insertions(+), 109 deletions(-) diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index 4f0ac11..5c1f938 100755 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -24,7 +24,7 @@ ## Readme If you would like to change our readme, please __**do not**__ directly edit the readme, as it is auto-generated on each commit. -Instead edit the [readme-vars.yml](https://github.com/linuxserver/docker-python/edit/main/readme-vars.yml). +Instead edit the [readme-vars.yml](https://github.com/linuxserver/docker-python/edit/alpine319/readme-vars.yml). These variables are used in a template for our [Jenkins Builder](https://github.com/linuxserver/docker-jenkins-builder) as part of an ansible play. Most of these variables are also carried over to [docs.linuxserver.io](https://docs.linuxserver.io) @@ -115,7 +115,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64 ## Update the changelog -If you are modifying the Dockerfiles or any of the startup scripts in [root](https://github.com/linuxserver/docker-python/tree/main/root), add an entry to the changelog +If you are modifying the Dockerfiles or any of the startup scripts in [root](https://github.com/linuxserver/docker-python/tree/alpine319/root), add an entry to the changelog ```yml changelogs: diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index ec9fbca..596e9e7 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -21,7 +21,7 @@ ------------------------------ - - [ ] I have read the [contributing](https://github.com/linuxserver/docker-python/blob/main/.github/CONTRIBUTING.md) guideline and understand that I have made the correct modifications + - [ ] I have read the [contributing](https://github.com/linuxserver/docker-python/blob/alpine319/.github/CONTRIBUTING.md) guideline and understand that I have made the correct modifications ------------------------------ diff --git a/.github/workflows/external_trigger.yml b/.github/workflows/external_trigger.yml index 5fd4b51..1b2c9a7 100644 --- a/.github/workflows/external_trigger.yml +++ b/.github/workflows/external_trigger.yml @@ -4,26 +4,29 @@ on: workflow_dispatch: jobs: - external-trigger-main: + external-trigger-alpine319: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4.1.1 - name: External Trigger - if: github.ref == 'refs/heads/main' + if: github.ref == 'refs/heads/alpine319' run: | - if [ -n "${{ secrets.PAUSE_EXTERNAL_TRIGGER_PYTHON_MAIN }}" ]; then - echo "**** Github secret PAUSE_EXTERNAL_TRIGGER_PYTHON_MAIN is set; skipping trigger. ****" - echo "Github secret \`PAUSE_EXTERNAL_TRIGGER_PYTHON_MAIN\` is set; skipping trigger." >> $GITHUB_STEP_SUMMARY + printf "# External trigger for docker-python\n\n" >> $GITHUB_STEP_SUMMARY + if [ -n "${{ secrets.PAUSE_EXTERNAL_TRIGGER_PYTHON_ALPINE319 }}" ]; then + echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY + echo "> Github secret \`PAUSE_EXTERNAL_TRIGGER_PYTHON_ALPINE319\` is set; skipping trigger." >> $GITHUB_STEP_SUMMARY exit 0 fi - echo "**** External trigger running off of main branch. To disable this trigger, set a Github secret named \"PAUSE_EXTERNAL_TRIGGER_PYTHON_MAIN\". ****" - echo "External trigger running off of main branch. To disable this trigger, set a Github secret named \`PAUSE_EXTERNAL_TRIGGER_PYTHON_MAIN\`" >> $GITHUB_STEP_SUMMARY - echo "**** Retrieving external version ****" + echo "> [!NOTE]" >> $GITHUB_STEP_SUMMARY + echo "> External trigger running off of alpine319 branch. To disable this trigger, set a Github secret named \`PAUSE_EXTERNAL_TRIGGER_PYTHON_ALPINE319\`" >> $GITHUB_STEP_SUMMARY + printf "\n## Retrieving external version\n\n" >> $GITHUB_STEP_SUMMARY EXT_RELEASE=$(curl -s "https://endoflife.date/api/python.json" | jq -r '. | .[0].latest') + echo "Type is \`custom_json\`" >> $GITHUB_STEP_SUMMARY if [ -z "${EXT_RELEASE}" ] || [ "${EXT_RELEASE}" == "null" ]; then - echo "**** Can't retrieve external version, exiting ****" - FAILURE_REASON="Can't retrieve external version for python branch main" + echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY + echo "> Can't retrieve external version, exiting" >> $GITHUB_STEP_SUMMARY + FAILURE_REASON="Can't retrieve external version for python branch alpine319" GHA_TRIGGER_URL="https://github.com/linuxserver/docker-python/actions/runs/${{ github.run_id }}" curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 16711680, "description": "**Trigger Failed** \n**Reason:** '"${FAILURE_REASON}"' \n**Trigger URL:** '"${GHA_TRIGGER_URL}"' \n"}], @@ -31,9 +34,8 @@ jobs: exit 1 fi EXT_RELEASE=$(echo ${EXT_RELEASE} | sed 's/[~,%@+;:/]//g') - echo "**** External version: ${EXT_RELEASE} ****" - echo "External version: ${EXT_RELEASE}" >> $GITHUB_STEP_SUMMARY - echo "**** Retrieving last pushed version ****" + echo "External version: \`${EXT_RELEASE}\`" >> $GITHUB_STEP_SUMMARY + echo "Retrieving last pushed version" >> $GITHUB_STEP_SUMMARY image="linuxserver/python" tag="alpine319" token=$(curl -sX GET \ @@ -60,37 +62,34 @@ jobs: IMAGE_RELEASE=$(echo ${image_info} | jq -r '.Labels.build_version' | awk '{print $3}') IMAGE_VERSION=$(echo ${IMAGE_RELEASE} | awk -F'-ls' '{print $1}') if [ -z "${IMAGE_VERSION}" ]; then - echo "**** Can't retrieve last pushed version, exiting ****" + echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY + echo "Can't retrieve last pushed version, exiting" >> $GITHUB_STEP_SUMMARY FAILURE_REASON="Can't retrieve last pushed version for python tag alpine319" curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 16711680, "description": "**Trigger Failed** \n**Reason:** '"${FAILURE_REASON}"' \n"}], "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} exit 1 fi - echo "**** Last pushed version: ${IMAGE_VERSION} ****" - echo "Last pushed version: ${IMAGE_VERSION}" >> $GITHUB_STEP_SUMMARY + echo "Last pushed version: \`${IMAGE_VERSION}\`" >> $GITHUB_STEP_SUMMARY if [ "${EXT_RELEASE}" == "${IMAGE_VERSION}" ]; then - echo "**** Version ${EXT_RELEASE} already pushed, exiting ****" - echo "Version ${EXT_RELEASE} already pushed, exiting" >> $GITHUB_STEP_SUMMARY + echo "Version \`${EXT_RELEASE}\` already pushed, exiting" >> $GITHUB_STEP_SUMMARY exit 0 - elif [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-python/job/main/lastBuild/api/json | jq -r '.building') == "true" ]; then - echo "**** New version ${EXT_RELEASE} found; but there already seems to be an active build on Jenkins; exiting ****" - echo "New version ${EXT_RELEASE} found; but there already seems to be an active build on Jenkins; exiting" >> $GITHUB_STEP_SUMMARY + elif [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-python/job/alpine319/lastBuild/api/json | jq -r '.building') == "true" ]; then + echo "New version \`${EXT_RELEASE}\` found; but there already seems to be an active build on Jenkins; exiting" >> $GITHUB_STEP_SUMMARY exit 0 else - echo "**** New version ${EXT_RELEASE} found; old version was ${IMAGE_VERSION}. Triggering new build ****" - echo "New version ${EXT_RELEASE} found; old version was ${IMAGE_VERSION}. Triggering new build" >> $GITHUB_STEP_SUMMARY + printf "\n## Trigger new build\n\n" >> $GITHUB_STEP_SUMMARY + echo "New version \`${EXT_RELEASE}\` found; old version was \`${IMAGE_VERSION}\`. Triggering new build" >> $GITHUB_STEP_SUMMARY response=$(curl -iX POST \ - https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-python/job/main/buildWithParameters?PACKAGE_CHECK=false \ + https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-python/job/alpine319/buildWithParameters?PACKAGE_CHECK=false \ --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|") - echo "**** Jenkins job queue url: ${response%$'\r'} ****" - echo "**** Sleeping 10 seconds until job starts ****" + echo "Jenkins [job queue url](${response%$'\r'})" >> $GITHUB_STEP_SUMMARY + echo "Sleeping 10 seconds until job starts" >> $GITHUB_STEP_SUMMARY sleep 10 buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url') buildurl="${buildurl%$'\r'}" - echo "**** Jenkins job build url: ${buildurl} ****" - echo "Jenkins job build url: ${buildurl}" >> $GITHUB_STEP_SUMMARY - echo "**** Attempting to change the Jenkins job description ****" + echo "Jenkins job [build url](${buildurl})" >> $GITHUB_STEP_SUMMARY + echo "Attempting to change the Jenkins job description" >> $GITHUB_STEP_SUMMARY curl -iX POST \ "${buildurl}submitDescription" \ --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} \ diff --git a/.github/workflows/external_trigger_scheduler.yml b/.github/workflows/external_trigger_scheduler.yml index 3db9453..00a8266 100644 --- a/.github/workflows/external_trigger_scheduler.yml +++ b/.github/workflows/external_trigger_scheduler.yml @@ -15,31 +15,31 @@ jobs: - name: External Trigger Scheduler run: | - echo "**** Branches found: ****" - git for-each-ref --format='%(refname:short)' refs/remotes - for br in $(git for-each-ref --format='%(refname:short)' refs/remotes) + printf "# External trigger scheduler for docker-python\n\n" >> $GITHUB_STEP_SUMMARY + printf "Found the branches:\n\n%s\n" "$(git for-each-ref --format='- %(refname:lstrip=3)' refs/remotes)" >> $GITHUB_STEP_SUMMARY + for br in $(git for-each-ref --format='%(refname:lstrip=3)' refs/remotes) do - br=$(echo "$br" | sed 's|origin/||g') - echo "**** Evaluating branch ${br} ****" + if [[ "${br}" == "HEAD" ]]; then + printf "\nSkipping %s.\n" ${br} >> $GITHUB_STEP_SUMMARY + continue + fi + printf "\n## Evaluating \`%s\`\n\n" ${br} >> $GITHUB_STEP_SUMMARY ls_jenkins_vars=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-python/${br}/jenkins-vars.yml) ls_branch=$(echo "${ls_jenkins_vars}" | yq -r '.ls_branch') ls_trigger=$(echo "${ls_jenkins_vars}" | yq -r '.external_type') if [[ "${br}" == "${ls_branch}" ]] && [[ "${ls_trigger}" != "os" ]]; then - echo "**** Branch ${br} appears to be live and trigger is not os; checking workflow. ****" + echo "Branch appears to be live and trigger is not os; checking workflow." >> $GITHUB_STEP_SUMMARY if curl -sfX GET https://raw.githubusercontent.com/linuxserver/docker-python/${br}/.github/workflows/external_trigger.yml > /dev/null 2>&1; then - echo "**** Workflow exists. Triggering external trigger workflow for branch ${br} ****." - echo "Triggering external trigger workflow for branch ${br}" >> $GITHUB_STEP_SUMMARY + echo "Triggering external trigger workflow for branch." >> $GITHUB_STEP_SUMMARY curl -iX POST \ -H "Authorization: token ${{ secrets.CR_PAT }}" \ -H "Accept: application/vnd.github.v3+json" \ -d "{\"ref\":\"refs/heads/${br}\"}" \ https://github.com/repos/linuxserver/docker-python/actions/workflows/external_trigger.yml/dispatches else - echo "**** Workflow doesn't exist; skipping trigger. ****" - echo "Skipping branch ${br} due to no external trigger workflow present." >> $GITHUB_STEP_SUMMARY + echo "Skipping branch due to no external trigger workflow present." >> $GITHUB_STEP_SUMMARY fi else - echo "**** ${br} is either a dev branch, or has no external version; skipping trigger. ****" - echo "Skipping branch ${br} due to being detected as dev branch or having no external version." >> $GITHUB_STEP_SUMMARY + echo "Skipping branch due to being detected as dev branch or having no external version." >> $GITHUB_STEP_SUMMARY fi done diff --git a/.github/workflows/greetings.yml b/.github/workflows/greetings.yml index b617b06..cb4b1bb 100644 --- a/.github/workflows/greetings.yml +++ b/.github/workflows/greetings.yml @@ -9,5 +9,5 @@ jobs: - uses: actions/first-interaction@v1 with: issue-message: 'Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.' - pr-message: 'Thanks for opening this pull request! Be sure to follow the [pull request template](https://github.com/linuxserver/docker-python/blob/main/.github/PULL_REQUEST_TEMPLATE.md)!' + pr-message: 'Thanks for opening this pull request! Be sure to follow the [pull request template](https://github.com/linuxserver/docker-python/blob/alpine319/.github/PULL_REQUEST_TEMPLATE.md)!' repo-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/package_trigger.yml b/.github/workflows/package_trigger.yml index 9654fe9..e30f7b9 100644 --- a/.github/workflows/package_trigger.yml +++ b/.github/workflows/package_trigger.yml @@ -4,37 +4,37 @@ on: workflow_dispatch: jobs: - package-trigger-main: + package-trigger-alpine319: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4.1.1 - name: Package Trigger - if: github.ref == 'refs/heads/main' + if: github.ref == 'refs/heads/alpine319' run: | - if [ -n "${{ secrets.PAUSE_PACKAGE_TRIGGER_PYTHON_MAIN }}" ]; then - echo "**** Github secret PAUSE_PACKAGE_TRIGGER_PYTHON_MAIN is set; skipping trigger. ****" - echo "Github secret \`PAUSE_PACKAGE_TRIGGER_PYTHON_MAIN\` is set; skipping trigger." >> $GITHUB_STEP_SUMMARY + printf "# Package trigger for docker-python\n\n" >> $GITHUB_STEP_SUMMARY + if [ -n "${{ secrets.PAUSE_PACKAGE_TRIGGER_PYTHON_ALPINE319 }}" ]; then + echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY + echo "> Github secret \`PAUSE_PACKAGE_TRIGGER_PYTHON_ALPINE319\` is set; skipping trigger." >> $GITHUB_STEP_SUMMARY exit 0 fi - if [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-python/job/main/lastBuild/api/json | jq -r '.building') == "true" ]; then - echo "**** There already seems to be an active build on Jenkins; skipping package trigger ****" - echo "There already seems to be an active build on Jenkins; skipping package trigger" >> $GITHUB_STEP_SUMMARY + if [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-python/job/alpine319/lastBuild/api/json | jq -r '.building') == "true" ]; then + echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY + echo "> There already seems to be an active build on Jenkins; skipping package trigger" >> $GITHUB_STEP_SUMMARY exit 0 fi - echo "**** Package trigger running off of main branch. To disable, set a Github secret named \"PAUSE_PACKAGE_TRIGGER_PYTHON_MAIN\". ****" - echo "Package trigger running off of main branch. To disable, set a Github secret named \`PAUSE_PACKAGE_TRIGGER_PYTHON_MAIN\`" >> $GITHUB_STEP_SUMMARY + echo "> [!NOTE]" >> $GITHUB_STEP_SUMMARY + echo "> Package trigger running off of alpine319 branch. To disable, set a Github secret named \`PAUSE_PACKAGE_TRIGGER_PYTHON_ALPINE319\`" >> $GITHUB_STEP_SUMMARY response=$(curl -iX POST \ - https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-python/job/main/buildWithParameters?PACKAGE_CHECK=true \ + https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-python/job/alpine319/buildWithParameters?PACKAGE_CHECK=true \ --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|") - echo "**** Jenkins job queue url: ${response%$'\r'} ****" - echo "**** Sleeping 10 seconds until job starts ****" + echo "Jenkins [job queue url](${response%$'\r'})" >> $GITHUB_STEP_SUMMARY + echo "Sleeping 10 seconds until job starts" >> $GITHUB_STEP_SUMMARY sleep 10 buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url') buildurl="${buildurl%$'\r'}" - echo "**** Jenkins job build url: ${buildurl} ****" - echo "Jenkins job build url: ${buildurl}" >> $GITHUB_STEP_SUMMARY - echo "**** Attempting to change the Jenkins job description ****" + echo "Jenkins job [build url](${buildurl})" >> $GITHUB_STEP_SUMMARY + echo "Attempting to change the Jenkins job description" >> $GITHUB_STEP_SUMMARY curl -iX POST \ "${buildurl}submitDescription" \ --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} \ diff --git a/.github/workflows/package_trigger_scheduler.yml b/.github/workflows/package_trigger_scheduler.yml index cbb518d..7924544 100644 --- a/.github/workflows/package_trigger_scheduler.yml +++ b/.github/workflows/package_trigger_scheduler.yml @@ -15,17 +15,19 @@ jobs: - name: Package Trigger Scheduler run: | - echo "**** Branches found: ****" - git for-each-ref --format='%(refname:short)' refs/remotes - for br in $(git for-each-ref --format='%(refname:short)' refs/remotes) + printf "# Package trigger scheduler for docker-python\n\n" >> $GITHUB_STEP_SUMMARY + printf "Found the branches:\n\n%s\n" "$(git for-each-ref --format='- %(refname:lstrip=3)' refs/remotes)" >> $GITHUB_STEP_SUMMARY + for br in $(git for-each-ref --format='%(refname:lstrip=3)' refs/remotes) do - br=$(echo "$br" | sed 's|origin/||g') - echo "**** Evaluating branch ${br} ****" + if [[ "${br}" == "HEAD" ]]; then + printf "\nSkipping %s.\n" ${br} >> $GITHUB_STEP_SUMMARY + continue + fi + printf "\n## Evaluating \`%s\`\n\n" ${br} >> $GITHUB_STEP_SUMMARY ls_branch=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-python/${br}/jenkins-vars.yml | yq -r '.ls_branch') if [ "${br}" == "${ls_branch}" ]; then - echo "**** Branch ${br} appears to be live; checking workflow. ****" + echo "Branch appears to be live; checking workflow." >> $GITHUB_STEP_SUMMARY if curl -sfX GET https://raw.githubusercontent.com/linuxserver/docker-python/${br}/.github/workflows/package_trigger.yml > /dev/null 2>&1; then - echo "**** Workflow exists. Triggering package trigger workflow for branch ${br}. ****" echo "Triggering package trigger workflow for branch ${br}" >> $GITHUB_STEP_SUMMARY triggered_branches="${triggered_branches}${br} " curl -iX POST \ @@ -35,11 +37,9 @@ jobs: https://github.com/repos/linuxserver/docker-python/actions/workflows/package_trigger.yml/dispatches sleep 30 else - echo "**** Workflow doesn't exist; skipping trigger. ****" echo "Skipping branch ${br} due to no package trigger workflow present." >> $GITHUB_STEP_SUMMARY fi else - echo "**** ${br} appears to be a dev branch; skipping trigger. ****" echo "Skipping branch ${br} due to being detected as dev branch." >> $GITHUB_STEP_SUMMARY fi done diff --git a/Dockerfile b/Dockerfile index 12327d6..5a0fd41 100644 --- a/Dockerfile +++ b/Dockerfile @@ -96,7 +96,7 @@ RUN \ \( \ -type d -a \( -name test -o -name tests \) \ \) -exec rm -rf '{}' + && \ - sed -i 's|pythoncompiled|usr/local|' /pythoncompiled/bin/pip /pythoncompiled/bin/pip* /pythoncompiled/bin/wheel && \ + find /pythoncompiled/bin -type f -not \( -name 'python*' \) -exec sed -i 's|pythoncompiled|usr/local|' '{}' '+' && \ echo "**** cleanup ****" && \ apk del --purge \ build-dependencies && \ diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64 index 7603e3b..f4bf205 100644 --- a/Dockerfile.aarch64 +++ b/Dockerfile.aarch64 @@ -96,7 +96,7 @@ RUN \ \( \ -type d -a \( -name test -o -name tests \) \ \) -exec rm -rf '{}' + && \ - sed -i 's|pythoncompiled|usr/local|' /pythoncompiled/bin/pip /pythoncompiled/bin/pip* /pythoncompiled/bin/wheel && \ + find /pythoncompiled/bin -type f -not \( -name 'python*' \) -exec sed -i 's|pythoncompiled|usr/local|' '{}' '+' && \ echo "**** cleanup ****" && \ apk del --purge \ build-dependencies && \ diff --git a/Jenkinsfile b/Jenkinsfile index 7da2dc3..d767673 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -17,6 +17,8 @@ pipeline { GITLAB_TOKEN=credentials('b6f0f1dd-6952-4cf6-95d1-9c06380283f0') GITLAB_NAMESPACE=credentials('gitlab-namespace-id') DOCKERHUB_TOKEN=credentials('docker-hub-ci-pat') + QUAYIO_API_TOKEN=credentials('quayio-repo-api-token') + GIT_SIGNING_KEY=credentials('484fbca6-9a4f-455e-b9e3-97ac98785f5f') JSON_URL = 'https://endoflife.date/api/python.json' JSON_PATH = '.[0].latest' BUILD_VERSION_ARG = 'PYTHON_VERSION' @@ -38,9 +40,23 @@ pipeline { CI_WEBPATH='' } stages { + stage("Set git config"){ + steps{ + sh '''#!/bin/bash + cat ${GIT_SIGNING_KEY} > /config/.ssh/id_sign + chmod 600 /config/.ssh/id_sign + ssh-keygen -y -f /config/.ssh/id_sign > /config/.ssh/id_sign.pub + echo "Using $(ssh-keygen -lf /config/.ssh/id_sign) to sign commits" + git config --global gpg.format ssh + git config --global user.signingkey /config/.ssh/id_sign + git config --global commit.gpgsign true + ''' + } + } // Setup all the basic environment variables needed for the build stage("Set ENV Variables base"){ steps{ + echo "Running on node: ${NODE_NAME}" sh '''#! /bin/bash containers=$(docker ps -aq) if [[ -n "${containers}" ]]; then @@ -157,10 +173,10 @@ pipeline { } } } - // If this is a main build use live docker endpoints + // If this is a alpine319 build use live docker endpoints stage("Set ENV live build"){ when { - branch "main" + branch "alpine319" environment name: 'CHANGE_ID', value: '' } steps { @@ -183,7 +199,7 @@ pipeline { // If this is a dev build use dev docker endpoints stage("Set ENV dev build"){ when { - not {branch "main"} + not {branch "alpine319"} environment name: 'CHANGE_ID', value: '' } steps { @@ -259,7 +275,7 @@ pipeline { // Use helper containers to render templated files stage('Update-Templates') { when { - branch "main" + branch "alpine319" environment name: 'CHANGE_ID', value: '' expression { env.CONTAINER_NAME != null @@ -271,24 +287,24 @@ pipeline { TEMPDIR=$(mktemp -d) docker pull ghcr.io/linuxserver/jenkins-builder:latest # Cloned repo paths for templating: - # ${TEMPDIR}/docker-${CONTAINER_NAME}: Cloned branch main of ${LS_USER}/${LS_REPO} for running the jenkins builder on - # ${TEMPDIR}/repo/${LS_REPO}: Cloned branch main of ${LS_USER}/${LS_REPO} for commiting various templated file changes and pushing back to Github + # ${TEMPDIR}/docker-${CONTAINER_NAME}: Cloned branch alpine319 of ${LS_USER}/${LS_REPO} for running the jenkins builder on + # ${TEMPDIR}/repo/${LS_REPO}: Cloned branch alpine319 of ${LS_USER}/${LS_REPO} for commiting various templated file changes and pushing back to Github # ${TEMPDIR}/docs/docker-documentation: Cloned docs repo for pushing docs updates to Github # ${TEMPDIR}/unraid/docker-templates: Cloned docker-templates repo to check for logos # ${TEMPDIR}/unraid/templates: Cloned templates repo for commiting unraid template changes and pushing back to Github - git clone --branch main --depth 1 https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/docker-${CONTAINER_NAME} + git clone --branch alpine319 --depth 1 https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/docker-${CONTAINER_NAME} docker run --rm -v ${TEMPDIR}/docker-${CONTAINER_NAME}:/tmp -e LOCAL=true -e PUID=$(id -u) -e PGID=$(id -g) ghcr.io/linuxserver/jenkins-builder:latest echo "Starting Stage 1 - Jenkinsfile update" if [[ "$(md5sum Jenkinsfile | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/Jenkinsfile | awk '{ print $1 }')" ]]; then mkdir -p ${TEMPDIR}/repo git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO} cd ${TEMPDIR}/repo/${LS_REPO} - git checkout -f main + git checkout -f alpine319 cp ${TEMPDIR}/docker-${CONTAINER_NAME}/Jenkinsfile ${TEMPDIR}/repo/${LS_REPO}/ git add Jenkinsfile git commit -m 'Bot Updating Templated Files' - git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git main - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git main + git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git alpine319 + git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git alpine319 echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} echo "Updating Jenkinsfile and exiting build, new one will trigger based on commit" rm -Rf ${TEMPDIR} @@ -307,13 +323,13 @@ pipeline { mkdir -p ${TEMPDIR}/repo git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO} cd ${TEMPDIR}/repo/${LS_REPO} - git checkout -f main + git checkout -f alpine319 for i in ${TEMPLATES_TO_DELETE}; do git rm "${i}" done git commit -m 'Bot Updating Templated Files' - git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git main - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git main + git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git alpine319 + git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git alpine319 echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} echo "Deleting old/deprecated templates and exiting build, new one will trigger based on commit" rm -Rf ${TEMPDIR} @@ -329,7 +345,7 @@ pipeline { mkdir -p ${TEMPDIR}/repo git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO} cd ${TEMPDIR}/repo/${LS_REPO} - git checkout -f main + git checkout -f alpine319 cd ${TEMPDIR}/docker-${CONTAINER_NAME} mkdir -p ${TEMPDIR}/repo/${LS_REPO}/.github/workflows mkdir -p ${TEMPDIR}/repo/${LS_REPO}/.github/ISSUE_TEMPLATE @@ -342,8 +358,8 @@ pipeline { fi git add readme-vars.yml ${TEMPLATED_FILES} git commit -m 'Bot Updating Templated Files' - git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git main - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git main + git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git alpine319 + git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git alpine319 echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} echo "Updating templates and exiting build, new one will trigger based on commit" rm -Rf ${TEMPDIR} @@ -410,7 +426,7 @@ pipeline { // Exit the build if the Templated files were just updated stage('Template-exit') { when { - branch "main" + branch "alpine319" environment name: 'CHANGE_ID', value: '' environment name: 'FILES_UPDATED', value: 'true' expression { @@ -423,10 +439,10 @@ pipeline { } } } - // If this is a main build check the S6 service file perms + // If this is a alpine319 build check the S6 service file perms stage("Check S6 Service file Permissions"){ when { - branch "main" + branch "alpine319" environment name: 'CHANGE_ID', value: '' environment name: 'EXIT_STATUS', value: '' } @@ -444,10 +460,10 @@ pipeline { } } /* ####################### - GitLab Mirroring + GitLab Mirroring and Quay.io Repo Visibility ####################### */ - // Ping into Gitlab to mirror this repo and have a registry endpoint - stage("GitLab Mirror"){ + // Ping into Gitlab to mirror this repo and have a registry endpoint & mark this repo on Quay.io as public + stage("GitLab Mirror and Quay.io Visibility"){ when { environment name: 'EXIT_STATUS', value: '' } @@ -463,6 +479,8 @@ pipeline { "visibility":"public"}' ''' sh '''curl -H "Private-Token: ${GITLAB_TOKEN}" -X PUT "https://gitlab.com/api/v4/projects/Linuxserver.io%2F${LS_REPO}" \ -d "mirror=true&import_url=https://github.com/linuxserver/${LS_REPO}.git" ''' + sh '''curl -H "Content-Type: application/json" -H "Authorization: Bearer ${QUAYIO_API_TOKEN}" -X POST "https://quay.io/api/v1/repository${QUAYIMAGE/quay.io/}/changevisibility" \ + -d '{"visibility":"public"}' ||: ''' } } /* ############### @@ -556,7 +574,7 @@ pipeline { --provenance=false --sbom=false \ --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ." sh "docker tag ${IMAGE}:arm64v8-${META_TAG} ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}" - retry(5) { + retry_backoff(5,5) { sh "docker push ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}" } sh '''#! /bin/bash @@ -633,7 +651,7 @@ pipeline { passwordVariable: 'QUAYPASS' ] ]) { - retry(5) { + retry_backoff(5,5) { sh '''#! /bin/bash set -e echo $DOCKERHUB_TOKEN | docker login -u linuxserverci --password-stdin @@ -651,7 +669,7 @@ pipeline { docker push ${PUSHIMAGE}:${META_TAG} docker push ${PUSHIMAGE}:${EXT_RELEASE_TAG} if [ -n "${SEMVER}" ]; then - docker push ${PUSHIMAGE}:${SEMVER} + docker push ${PUSHIMAGE}:${SEMVER} fi done ''' @@ -674,7 +692,7 @@ pipeline { passwordVariable: 'QUAYPASS' ] ]) { - retry(5) { + retry_backoff(5,5) { sh '''#! /bin/bash set -e echo $DOCKERHUB_TOKEN | docker login -u linuxserverci --password-stdin @@ -723,7 +741,7 @@ pipeline { // If this is a public release tag it in the LS Github stage('Github-Tag-Push-Release') { when { - branch "main" + branch "alpine319" expression { env.LS_RELEASE != env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER } @@ -735,17 +753,17 @@ pipeline { sh '''curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://github.com/repos/${LS_USER}/${LS_REPO}/git/tags \ -d '{"tag":"'${META_TAG}'",\ "object": "'${COMMIT_SHA}'",\ - "message": "Tagging Release '${EXT_RELEASE_CLEAN}'-ls'${LS_TAG_NUMBER}' to main",\ + "message": "Tagging Release '${EXT_RELEASE_CLEAN}'-ls'${LS_TAG_NUMBER}' to alpine319",\ "type": "commit",\ - "tagger": {"name": "LinuxServer Jenkins","email": "jenkins@linuxserver.io","date": "'${GITHUB_DATE}'"}}' ''' + "tagger": {"name": "LinuxServer-CI","email": "ci@linuxserver.io","date": "'${GITHUB_DATE}'"}}' ''' echo "Pushing New release for Tag" sh '''#! /bin/bash echo "Data change at JSON endpoint ${JSON_URL}" > releasebody.json echo '{"tag_name":"'${META_TAG}'",\ - "target_commitish": "main",\ + "target_commitish": "alpine319",\ "name": "'${META_TAG}'",\ "body": "**LinuxServer Changes:**\\n\\n'${LS_RELEASE_NOTES}'\\n\\n**Remote Changes:**\\n\\n' > start - printf '","draft": false,"prerelease": false}' >> releasebody.json + printf '","draft": false,"prerelease": true}' >> releasebody.json paste -d'\\0' start releasebody.json > releasebody.json.done curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://github.com/repos/${LS_USER}/${LS_REPO}/releases -d @releasebody.json.done''' } @@ -753,14 +771,14 @@ pipeline { // Add protection to the release branch stage('Github-Release-Branch-Protection') { when { - branch "main" + branch "alpine319" environment name: 'CHANGE_ID', value: '' environment name: 'EXIT_STATUS', value: '' } steps { - echo "Setting up protection for release branch main" + echo "Setting up protection for release branch alpine319" sh '''#! /bin/bash - curl -H "Authorization: token ${GITHUB_TOKEN}" -X PUT https://github.com/repos/${LS_USER}/${LS_REPO}/branches/main/protection \ + curl -H "Authorization: token ${GITHUB_TOKEN}" -X PUT https://github.com/repos/${LS_USER}/${LS_REPO}/branches/alpine319/protection \ -d $(jq -c . << EOF { "required_status_checks": null, @@ -869,6 +887,13 @@ EOF ###################### */ post { always { + sh '''#!/bin/bash + rm -rf /config/.ssh/id_sign + rm -rf /config/.ssh/id_sign.pub + git config --global --unset gpg.format + git config --global --unset user.signingkey + git config --global --unset commit.gpgsign + ''' script{ if (env.EXIT_STATUS == "ABORTED"){ sh 'echo "build aborted"' @@ -898,3 +923,20 @@ EOF } } } + +def retry_backoff(int max_attempts, int power_base, Closure c) { + int n = 0 + while (n < max_attempts) { + try { + c() + return + } catch (err) { + if ((n + 1) >= max_attempts) { + throw err + } + sleep(power_base ** n) + n++ + } + } + return +} diff --git a/README.md b/README.md index 29bc4a2..73c035e 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ - + [![linuxserver.io](https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/linuxserver_medium.png)](https://linuxserver.io) [![Blog](https://img.shields.io/static/v1.svg?color=94398d&labelColor=555555&logoColor=ffffff&style=for-the-badge&label=linuxserver.io&message=Blog)](https://blog.linuxserver.io "all the things you can do with our containers including How-To guides, opinions and much more!") diff --git a/jenkins-vars.yml b/jenkins-vars.yml index bf01af6..771c886 100644 --- a/jenkins-vars.yml +++ b/jenkins-vars.yml @@ -3,9 +3,9 @@ # jenkins variables project_name: docker-python external_type: custom_json -release_type: stable +release_type: prerelease release_tag: alpine319 -ls_branch: main +ls_branch: alpine319 skip_package_check: true unraid_template_sync: false unraid_template: false