From 65fc7d0eafbde9f88eb652dd8fb2cb00bd1e26b1 Mon Sep 17 00:00:00 2001 From: Dave Henderson Date: Wed, 11 Oct 2023 19:11:23 -0400 Subject: [PATCH] more automation Signed-off-by: Dave Henderson --- Dockerfile.builder.tmpl | 12 +++--- Dockerfile.tmpl | 12 +++--- Dockerfile.windows-builder.tmpl | 2 +- Dockerfile.windows.tmpl | 2 +- Makefile | 1 + README.md | 12 ++++++ fileCommit.sh | 2 +- getChecksums.sh | 69 +++++++++++++++++++++++++++++++++ render-dockerfiles.tmpl | 4 +- stackbrew-config.yaml | 16 -------- 10 files changed, 100 insertions(+), 32 deletions(-) create mode 100755 getChecksums.sh diff --git a/Dockerfile.builder.tmpl b/Dockerfile.builder.tmpl index c403252..e59c5f0 100644 --- a/Dockerfile.builder.tmpl +++ b/Dockerfile.builder.tmpl @@ -16,12 +16,12 @@ ENV XCADDY_SETCAP 1 RUN set -eux; \ apkArch="$(apk --print-arch)"; \ case "$apkArch" in \ - x86_64) binArch='amd64'; checksum='{{ .xcaddy_config.checksums.amd64 }}' ;; \ - armhf) binArch='armv6'; checksum='{{ .xcaddy_config.checksums.arm32v6 }}' ;; \ - armv7) binArch='armv7'; checksum='{{ .xcaddy_config.checksums.arm32v7 }}' ;; \ - aarch64) binArch='arm64'; checksum='{{ .xcaddy_config.checksums.arm64v8 }}' ;; \ - ppc64el|ppc64le) binArch='ppc64le'; checksum='{{ .xcaddy_config.checksums.ppc64le }}' ;; \ - s390x) binArch='s390x'; checksum='{{ .xcaddy_config.checksums.s390x }}' ;; \ + x86_64) binArch='amd64'; checksum='{{ .xcaddy_checksums.amd64 }}' ;; \ + armhf) binArch='armv6'; checksum='{{ .xcaddy_checksums.arm32v6 }}' ;; \ + armv7) binArch='armv7'; checksum='{{ .xcaddy_checksums.arm32v7 }}' ;; \ + aarch64) binArch='arm64'; checksum='{{ .xcaddy_checksums.arm64v8 }}' ;; \ + ppc64el|ppc64le) binArch='ppc64le'; checksum='{{ .xcaddy_checksums.ppc64le }}' ;; \ + s390x) binArch='s390x'; checksum='{{ .xcaddy_checksums.s390x }}' ;; \ *) echo >&2 "error: unsupported architecture ($apkArch)"; exit 1 ;;\ esac; \ wget -O /tmp/xcaddy.tar.gz "https://github.com/caddyserver/xcaddy/releases/download/v{{ .xcaddy_config.version }}/xcaddy_{{ .xcaddy_config.version }}_linux_${binArch}.tar.gz"; \ diff --git a/Dockerfile.tmpl b/Dockerfile.tmpl index 777b39a..2448bb2 100644 --- a/Dockerfile.tmpl +++ b/Dockerfile.tmpl @@ -21,12 +21,12 @@ ENV CADDY_VERSION v{{ .config.caddy_version }} RUN set -eux; \ apkArch="$(apk --print-arch)"; \ case "$apkArch" in \ - x86_64) binArch='amd64'; checksum='{{ .config.checksums.amd64 }}' ;; \ - armhf) binArch='armv6'; checksum='{{ .config.checksums.arm32v6 }}' ;; \ - armv7) binArch='armv7'; checksum='{{ .config.checksums.arm32v7 }}' ;; \ - aarch64) binArch='arm64'; checksum='{{ .config.checksums.arm64v8 }}' ;; \ - ppc64el|ppc64le) binArch='ppc64le'; checksum='{{ .config.checksums.ppc64le }}' ;; \ - s390x) binArch='s390x'; checksum='{{ .config.checksums.s390x }}' ;; \ + x86_64) binArch='amd64'; checksum='{{ .checksums.amd64 }}' ;; \ + armhf) binArch='armv6'; checksum='{{ .checksums.arm32v6 }}' ;; \ + armv7) binArch='armv7'; checksum='{{ .checksums.arm32v7 }}' ;; \ + aarch64) binArch='arm64'; checksum='{{ .checksums.arm64v8 }}' ;; \ + ppc64el|ppc64le) binArch='ppc64le'; checksum='{{ .checksums.ppc64le }}' ;; \ + s390x) binArch='s390x'; checksum='{{ .checksums.s390x }}' ;; \ *) echo >&2 "error: unsupported architecture ($apkArch)"; exit 1 ;;\ esac; \ wget -O /tmp/caddy.tar.gz "https://github.com/caddyserver/caddy/releases/download/v{{ .config.caddy_version }}/caddy_{{ .config.caddy_version }}_linux_${binArch}.tar.gz"; \ diff --git a/Dockerfile.windows-builder.tmpl b/Dockerfile.windows-builder.tmpl index 4c0d727..89d2ac8 100644 --- a/Dockerfile.windows-builder.tmpl +++ b/Dockerfile.windows-builder.tmpl @@ -11,7 +11,7 @@ ENV XCADDY_SKIP_CLEANUP 1 RUN Invoke-WebRequest \ -Uri "https://github.com/caddyserver/xcaddy/releases/download/v{{ .xcaddy_config.version }}/xcaddy_{{ .xcaddy_config.version }}_windows_amd64.zip" \ -OutFile "/xcaddy.zip"; \ - if (!(Get-FileHash -Path /xcaddy.zip -Algorithm SHA512).Hash.ToLower().Equals('{{ .xcaddy_config.checksums.windows_amd64 }}')) { exit 1; }; \ + if (!(Get-FileHash -Path /xcaddy.zip -Algorithm SHA512).Hash.ToLower().Equals('{{ .xcaddy_checksums.windows_amd64 }}')) { exit 1; }; \ Expand-Archive -Path "/xcaddy.zip" -DestinationPath "/" -Force; \ Remove-Item "/xcaddy.zip" -Force diff --git a/Dockerfile.windows.tmpl b/Dockerfile.windows.tmpl index c48bf66..eb0e3a3 100644 --- a/Dockerfile.windows.tmpl +++ b/Dockerfile.windows.tmpl @@ -19,7 +19,7 @@ ENV CADDY_VERSION v{{ .config.caddy_version }} RUN Invoke-WebRequest \ -Uri "https://github.com/caddyserver/caddy/releases/download/v{{ .config.caddy_version }}/caddy_{{ .config.caddy_version }}_windows_amd64.zip" \ -OutFile "/caddy.zip"; \ - if (!(Get-FileHash -Path /caddy.zip -Algorithm SHA512).Hash.ToLower().Equals('{{ .config.checksums.windows_amd64 }}')) { exit 1; }; \ + if (!(Get-FileHash -Path /caddy.zip -Algorithm SHA512).Hash.ToLower().Equals('{{ .checksums.windows_amd64 }}')) { exit 1; }; \ Expand-Archive -Path "/caddy.zip" -DestinationPath "/" -Force; \ Remove-Item "/caddy.zip" -Force diff --git a/Makefile b/Makefile index a0130b5..ffa1560 100644 --- a/Makefile +++ b/Makefile @@ -2,6 +2,7 @@ all: gen-dockerfiles library/caddy .github/dependabot.yml gen-dockerfiles: render-dockerfiles.tmpl Dockerfile.tmpl Dockerfile.builder.tmpl Dockerfile.windows.tmpl Dockerfile.windows-builder.tmpl */*/Dockerfile.base @gomplate \ + --plugin getChecksums=./getChecksums.sh \ -t dockerfile=Dockerfile.tmpl \ -t builder-dockerfile=Dockerfile.builder.tmpl \ -t windows-dockerfile=Dockerfile.windows.tmpl \ diff --git a/README.md b/README.md index 476f304..c886342 100644 --- a/README.md +++ b/README.md @@ -11,6 +11,18 @@ If you have an issue or suggestion for the Docker image, please [open an issue]( If you'd like to suggest updates to the [image documentation](https://hub.docker.com/_/caddy), see https://github.com/docker-library/docs/tree/master/caddy. +## Release instructions (for maintainers) + +The release process is currently semi-automated, held together with shell scripts and gomplate (and duct tape). + +1. update the `stackbrew-config.yaml` file (update `caddy_version`) and save +2. run `make` (note that you'll need [`gomplate`](https://github.com/hairyhenderson/gomplate) on your path) +3. commit all changed Dockerfiles and `stackbrew-config.yaml` and issue a PR + - note: revert the `library/caddy` file if it's changed +4. once the CI passes and the PR is merged, pull and run `make` again - this should update the `library/caddy` file +5. commit the updated `library/caddy` file and push directly to `master` +6. Finally, issue a PR to https://github.com/docker-library/official-images containing the updated `library/caddy` file (copied into `official-images/library/caddy`) + ## License View [license information](https://github.com/caddyserver/caddy/blob/master/LICENSE) for the software contained in this image. diff --git a/fileCommit.sh b/fileCommit.sh index ddf7076..c33ac7c 100755 --- a/fileCommit.sh +++ b/fileCommit.sh @@ -1,4 +1,4 @@ -#!/usr/bin/env sh +#!/usr/bin/env bash set -Eeuo pipefail # get the most recent commit which modified any of "$@" diff --git a/getChecksums.sh b/getChecksums.sh new file mode 100755 index 0000000..ec1c175 --- /dev/null +++ b/getChecksums.sh @@ -0,0 +1,69 @@ +#!/usr/bin/env bash +# +# A script that outputs a mapping of arch to checksum for a given release. +# +# Usage: +# ./getChecksums.sh repo version +# +# Example: +# ./getChecksums.sh caddy 2.7.5 +# +# repo can be either caddy or xcaddy, and version should be the raw semver, +# without a leading 'v' +# + +REPO=$1 +VERSION=$2 +# Parse semver +SEMVER_RE='[^0-9]*\([0-9]*\)[.]\([0-9]*\)[.]\([0-9]*\)\([0-9A-Za-z\.-]*\)' +VERSION_MAJOR=`echo ${VERSION} | sed -e "s#$SEMVER_RE#\1#"` +VERSION_MINOR=`echo ${VERSION} | sed -e "s#$SEMVER_RE#\2#"` +VERSION_PATCH=`echo ${VERSION} | sed -e "s#$SEMVER_RE#\3#"` +VERSION_SPECIAL=`echo ${VERSION} | sed -e "s#$SEMVER_RE#\4#"` + +# Get the checksums file from the tagged release +curl -sSL -o checksums.txt https://github.com/caddyserver/${REPO}/releases/download/v${VERSION}/${REPO}_${VERSION}_checksums.txt + +# architecture keys +arches=( + amd64 + arm32v6 + arm32v7 + arm64v8 + ppc64le + s390x + windows_amd64 +) + +# archives suffixes as they appear in the checksums file +archive_names=( + linux_amd64.tar.gz + linux_armv6.tar.gz + linux_armv7.tar.gz + linux_arm64.tar.gz + linux_ppc64le.tar.gz + linux_s390x.tar.gz + windows_amd64.zip +) + +# Get the last index for the loop +last=$(expr "${#arches[@]}" - 1) + +echo "{" +for i in $(seq 0 $last); do + # Grab the current arch from the list + arch="${arches[i]}" + + # Get the checksum of the archive for this arch + checksum=$(awk "/${archive_names[i]}/{print \$1}" checksums.txt) + + # Skip if we don't have the checksum + [ -z "${checksum}" ] && continue + + if [ $i -lt $last ]; then + echo " \"${arch}\": \"${checksum}\"," + else + echo " \"${arch}\": \"${checksum}\"" + fi +done +echo "}" diff --git a/render-dockerfiles.tmpl b/render-dockerfiles.tmpl index 65e468a..575f959 100644 --- a/render-dockerfiles.tmpl +++ b/render-dockerfiles.tmpl @@ -1,5 +1,7 @@ {{- range $version := .config.versions }} {{- $minor := $version.caddy_version | regexp.Replace `([0-9]+\.[0-9]+).*$` `$1` }} + {{- $checksums := getChecksums "caddy" $version.caddy_version | json }} + {{- $xcaddy_checksums := getChecksums "xcaddy" $.config.xcaddy_config.version | json }} {{- range $variant := $.config.variants }} {{- $dir := filepath.Join $minor $variant.dir }} @@ -15,7 +17,7 @@ {{ $template = "windows-dockerfile" -}} {{ end -}} {{- $base := file.Read (filepath.Join $dir "Dockerfile.base") }} - {{- $ctx := dict "base" $base "config" $version "xcaddy_config" $.config.xcaddy_config }} + {{- $ctx := dict "base" $base "config" $version "xcaddy_config" $.config.xcaddy_config "checksums" $checksums "xcaddy_checksums" $xcaddy_checksums}} {{- $outPath := filepath.Join $dir "Dockerfile" -}} Rendering {{ $outPath }} with template {{ $template }}...{{ "\n" -}} {{- tmpl.Exec $template $ctx | file.Write $outPath -}} diff --git a/stackbrew-config.yaml b/stackbrew-config.yaml index bd78d54..6ce16fb 100644 --- a/stackbrew-config.yaml +++ b/stackbrew-config.yaml @@ -3,24 +3,8 @@ versions: is_major: true is_latest: true dist_commit: 0c7fa00a87c65a6ef47ed36d841cd223682a2a2c - checksums: - amd64: 4afdf50ccf3a8f32344dbac46006ca2b5d90c2ef656c53e8617f1c3b81c5f9e44bd3a9e0b62975f73c85451c354d3d9b5292f5247d18a62d95ab19c8b0a5dba7 - arm32v6: 5f47b4ff5d290799bba1b9183c6ddfe7fee69c8086375337a7498717ce09fc627845f6cb466840daf539c763979ab60fe229b9ddeaf7f92fad800742d4ad5b3a - arm32v7: bdd120779427cf288a383ecf9d63fa6b61e2118f189e02263ad45989bae507ce1db84ced60de3b33653e9729166e4ca436785503558955b9934be69138184055 - arm64v8: a857cbe25bcc5402e9c4fa2a6c36338f91b7e23962beedccd32e10b3aa34dda084ae742c79085d6e7581acfe33f7c9cf161224b1e56cdb661ebfb6f7424b8d0a - ppc64le: 72c66d44cfc8f8d248e04f08903866d62a0e11c36b51c49c08c73c833a3f4322a780405543e721dcf375b71dee06e90230c64141efb2a9614f551e2134f120a9 - s390x: 5fb95fb495da282330f34b7f23fff3e664638397dcde2c33a3c7450e448154425b2514573604be3cac03d30b37444c4866170f232f14a33e50bff0d1e1abf126 - windows_amd64: 3201e91a00d8c49acf6165753df34fccfb9c0eacb610b0dad5e5c465cdaced761b061f0c7fc200ce4e87f4acfbd6421e9b3e0121ba293532f4afdf7c9c9c96a0 xcaddy_config: version: '0.3.5' - checksums: - amd64: 9e87261a4ca4144bf25105e0cb3b3eb0fb0b8564fe4fa5c126e25a926baea2d16868cb4e88cafc419dc69db3e692894bc7ebcb25434c0bbb74362c2f3a696db5 - arm32v6: e327445263f3c4ceacae92f88417ef9d2f559bd01ea53230c38529295f2c29da45a0f9c436a71dafc85009a4ead7acdde832971479fccde7839228f0fc2153f1 - arm32v7: c46e12f1750ea1c99a80cf0ab2115541957f2791257176df2dbf2b25869c552b3108ff7c9d6854081dcf843548e6ec3b1e5451944bd7b6b9527dfe63f849f01b - arm64v8: a4b1caf438326e0dcb58830701993d514b11fd86b4880c9c013c230031dfa68efa339be186662f586ce848d5a2841a2e6513f41ada9a05c04a297433df3f2a52 - ppc64le: b9c79ec1ddd1f7606d7f1263cf4ebad8c03154e78e301db27cb1554723b1f12ae886dd4be682a9decd3dbc189d6e90c51879ae160696db00e0d32dced2df8991 - s390x: 658f3d85e751e3e43906e55b9f915c35c1e87c6cdeb606263147804520fe4cf3afdf295882c7bab2e9c932a7c12d1759275fa1c0b611d5b770c940e9ec13ec43 - windows_amd64: e7a7b91439669b96bd3dbe347d9fcc84767c02c68ed451b7b80c8d3063c9e4ae2531d4bba0ee51d7d78be29371d36bac56412e39144b92e781e253f265a3883c # configuration for the stackbrew.tmpl template variants: - dir: alpine