forked from mozilla-releng/balrog
-
Notifications
You must be signed in to change notification settings - Fork 5
/
push-dockerimage.sh
executable file
·54 lines (44 loc) · 1.86 KB
/
push-dockerimage.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
#!/bin/bash
set -e
DOCKERFILE="$1"
shift
tags=( $@ )
password_url="taskcluster/secrets/v1/secret/repo:github.com/mozilla/balrog:dockerhub"
artifact_url="taskcluster/queue/v1/task/${TASK_ID}/runs/${RUN_ID}/artifacts/public/docker-image-shasum256.txt"
artifact_expiry=$(date -d "+1 year" -u +%FT%TZ)
dockerhub_email=release+balrog@mozilla.com
dockerhub_username=mozillabalrog
dockerhub_password=$(curl ${password_url} | python -c 'import json, sys; a = json.load(sys.stdin); print a["secret"]["dockerhub_password"]')
if [ -z $dockerhub_password ]; then
echo "Dockerhub password not set, can't continue!"
exit 1
fi
if [ ${#tags[*]} -eq 0 ]; then
echo "Must pass at least one tag"
exit 2
fi
commit=$(git rev-parse HEAD)
version=$(cat version.txt)
cat > version.json <<EOF
{
"commit": "${commit}",
"version": "${version}",
"source": "https://github.com/mozilla/balrog",
"build": "https://tools.taskcluster.net/task-inspector/#${TASK_ID}"
}
EOF
echo "Building Docker image"
docker build -f $DOCKERFILE -t buildtemp .
echo "Logging into Dockerhub"
docker login -e $dockerhub_email -u $dockerhub_username -p $dockerhub_password
for tag in ${tags[*]}; do
echo "Tagging Docker image with ${tag}"
docker tag buildtemp "mozilla/balrog:${tag}"
echo "Pushing Docker image tagged with ${tag}"
docker push mozilla/balrog:${tag}
done
sha256=$(docker images --no-trunc mozilla/balrog | grep "${tags[0]}" | awk '/^mozilla/ {print $3}')
echo "SHA256 is ${sha256}, creating artifact for it"
put_url=$(curl --retry 5 --retry-delay 5 --data "{\"storageType\": \"s3\", \"contentType\": \"text/plain\", \"expires\": \"${artifact_expiry}\"}" ${artifact_url} | python -c 'import json; import sys; print json.load(sys.stdin)["putUrl"]')
curl --retry 5 --retry-delay 5 -X PUT -H "Content-Type: text/plain" --data "${sha256}" "${put_url}"
echo 'Artifact created, all done!'