Skip to content

Commit

Permalink
Fix: Add secret MAXMIND_LICENSE_KEY to be able to download GeoLite2…
Browse files Browse the repository at this point in the history 
…-City database
  • Loading branch information
@leojonathanoh
leojonathanoh committed Jul 14, 2020
1 parent b13fabb commit d99174b
Show file tree
Hide file tree
Showing 12 changed files with 285 additions and 84 deletions.
198 changes: 180 additions & 18 deletions .github/workflows/build.yml
View file

Large diffs are not rendered by default.

11 changes: 10 additions & 1 deletion generate/templates/.github/workflows/build.yml.ps1
View file
Expand Up @@ -48,6 +48,7 @@ $( $VARIANTS | % {
- name: Build and push image
env:
DOCKERHUB_REGISTRY_USER: ${{ secrets.DOCKERHUB_REGISTRY_USER }}
MAXMIND_LICENSE_KEY: ${{ secrets.MAXMIND_LICENSE_KEY }}
run: |
set -e
Expand All @@ -57,7 +58,13 @@ $( $VARIANTS | % {
# Get 'ref-name' from 'refs/heads/ref-name'
VARIANT_TAG_WITH_VERSION=$( echo "${GITHUB_REF}" | rev | cut -d '/' -f 1 | rev )
# Start a secrets-server with out secrets
mkdir -p ~/secrets && chmod 750 ~/secrets
touch ~/secrets/MAXMIND_LICENSE_KEY && chmod 600 ~/secrets/MAXMIND_LICENSE_KEY && echo -n "$MAXMIND_LICENSE_KEY" > ~/secrets/MAXMIND_LICENSE_KEY
docker run -d --name=secrets-server --rm --volume ~/secrets:/secrets busybox httpd -f -p 8000 -h /secrets
docker build \
--network=container:secrets-server \
-t "${DOCKERHUB_REGISTRY_USER}/${CI_PROJECT_NAME}:${VARIANT_TAG}" \
-t "${DOCKERHUB_REGISTRY_USER}/${CI_PROJECT_NAME}:${VARIANT_TAG_WITH_VERSION}" \
-t "${DOCKERHUB_REGISTRY_USER}/${CI_PROJECT_NAME}:latest" \
Expand All @@ -66,7 +73,9 @@ $( $VARIANTS | % {
docker push "${DOCKERHUB_REGISTRY_USER}/${CI_PROJECT_NAME}:${VARIANT_TAG_WITH_VERSION}"
docker push "${DOCKERHUB_REGISTRY_USER}/${CI_PROJECT_NAME}:latest"
- name: Clean-up
run: docker logout
run: |
docker logout
rm -rf ~/secrets
if: always()
'@
})
15 changes: 9 additions & 6 deletions generate/templates/Dockerfile/alpine/Dockerfile.header.ps1
View file
Expand Up @@ -40,15 +40,17 @@ RUN apk add --no-cache ca-certificates wget \
$( if ( 'geoip2' -in $VARIANT['components'] ) {
@'
# Download the GeoIP2 binary
RUN apk add --no-cache ca-certificates wget \
# Download the GeoIP2 binary. Maxmind discontinued distributing the GeoLite2 databases publicly, so a license key is needed. See: https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases/
# In order to obtain the secret MAXMIND_LICENSE_KEY, we assume we have a sidecar secrets-server which will serve the secret MAXMIND_LICENSE_KEY at: http://localhost:8000/MAXMIND_LICENSE_KEY
RUN apk add --no-cache ca-certificates curl \
&& cd /app/GeoLiteCity \
&& ls -l; \
\
echo "Downloading a copy of GeoLite2City..."; \
URL="http://geolite.maxmind.com/download/geoip/database/"; \
FILE="GeoLite2-City.tar.gz"; \
wget -N -q "$URL$FILE"; \
URL="https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-City&license_key=$( curl -s http://localhost:8000/MAXMIND_LICENSE_KEY )&suffix=tar.gz"; \
FILE=$( curl -sI "$URL" | grep -i 'content-disposition' | sed 's/.*filename=//i' | tr -d '\r\n' ); \
echo "FILE: $FILE"; \
curl -so "$FILE" "$URL"; \
if [ $? = 0 ]; then \
tar -tvf "$FILE"; \
echo "Uncompressing database"; \
Expand All @@ -66,8 +68,9 @@ RUN apk add --no-cache ca-certificates wget \
rm -rf $FILE; \
ls -l; \
fi; \
apk del curl; \
if [ ! -f GeoLite2-City.mmdb ]; then \
echo "Could not download GeoIP2 db from: $URL$FILE"; \
echo "Could not download GeoIP2 db"; \
exit 1; \
fi;
'@
Expand Down
17 changes: 10 additions & 7 deletions generate/templates/Dockerfile/ubuntu/Dockerfile.header.ps1
View file
Expand Up @@ -43,16 +43,17 @@ RUN apt-get update && apt-get install -y ca-certificates wget \
$( if ( 'geoip2' -in $VARIANT['components'] ) {
@'
# Download the GeoIP2 binary
RUN apt-get update && apt-get install -y ca-certificates wget \
&& rm -rf /var/lib/apt/lists/* \
# Download the GeoIP2 binary. Maxmind discontinued distributing the GeoLite2 databases publicly, so a license key is needed. See: https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases/
# In order to obtain the secret MAXMIND_LICENSE_KEY, we assume we have a sidecar secrets-server which will serve the secret MAXMIND_LICENSE_KEY at: http://localhost:8000/MAXMIND_LICENSE_KEY
RUN apt-get update && apt-get install -y ca-certificates curl \
&& cd /app/GeoLiteCity \
&& ls -l; \
\
echo "Downloading a copy of GeoLite2City..."; \
URL="http://geolite.maxmind.com/download/geoip/database/"; \
FILE="GeoLite2-City.tar.gz"; \
wget -N -q "$URL$FILE"; \
URL="https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-City&license_key=$( curl -s http://localhost:8000/MAXMIND_LICENSE_KEY )&suffix=tar.gz"; \
FILE=$( curl -sI "$URL" | grep -i 'content-disposition' | sed 's/.*filename=//i' | tr -d '\r\n' ); \
echo "FILE: $FILE"; \
curl -so "$FILE" "$URL"; \
if [ $? = 0 ]; then \
tar -tvf "$FILE"; \
echo "Uncompressing database"; \
Expand All @@ -70,8 +71,10 @@ RUN apt-get update && apt-get install -y ca-certificates wget \
rm -rf $FILE; \
ls -l; \
fi; \
apt-get purge --auto-remove -y curl \
&& rm -rf /var/lib/apt/lists/*; \
if [ ! -f GeoLite2-City.mmdb ]; then \
echo "Could not download GeoIP2 db from: $URL$FILE"; \
echo "Could not download GeoIP2 db"; \
exit 1; \
fi;
'@
Expand Down
15 changes: 9 additions & 6 deletions variants/alpine/cron-geoip-geoip2-emailsender/Dockerfile
View file
Expand Up @@ -23,15 +23,17 @@ RUN apk add --no-cache ca-certificates wget \
&& chmod 666 GeoLiteCity.dat \
&& ls -l

# Download the GeoIP2 binary
RUN apk add --no-cache ca-certificates wget \
# Download the GeoIP2 binary. Maxmind discontinued distributing the GeoLite2 databases publicly, so a license key is needed. See: https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases/
# In order to obtain the secret MAXMIND_LICENSE_KEY, we assume we have a sidecar secrets-server which will serve the secret MAXMIND_LICENSE_KEY at: http://localhost:8000/MAXMIND_LICENSE_KEY
RUN apk add --no-cache ca-certificates curl \
&& cd /app/GeoLiteCity \
&& ls -l; \
\
echo "Downloading a copy of GeoLite2City..."; \
URL="http://geolite.maxmind.com/download/geoip/database/"; \
FILE="GeoLite2-City.tar.gz"; \
wget -N -q "$URL$FILE"; \
URL="https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-City&license_key=$( curl -s http://localhost:8000/MAXMIND_LICENSE_KEY )&suffix=tar.gz"; \
FILE=$( curl -sI "$URL" | grep -i 'content-disposition' | sed 's/.*filename=//i' | tr -d '\r\n' ); \
echo "FILE: $FILE"; \
curl -so "$FILE" "$URL"; \
if [ $? = 0 ]; then \
tar -tvf "$FILE"; \
echo "Uncompressing database"; \
Expand All @@ -49,8 +51,9 @@ RUN apk add --no-cache ca-certificates wget \
rm -rf $FILE; \
ls -l; \
fi; \
apk del curl; \
if [ ! -f GeoLite2-City.mmdb ]; then \
echo "Could not download GeoIP2 db from: $URL$FILE"; \
echo "Could not download GeoIP2 db"; \
exit 1; \
fi;

Expand Down
15 changes: 9 additions & 6 deletions variants/alpine/cron-geoip-geoip2/Dockerfile
View file
Expand Up @@ -23,15 +23,17 @@ RUN apk add --no-cache ca-certificates wget \
&& chmod 666 GeoLiteCity.dat \
&& ls -l

# Download the GeoIP2 binary
RUN apk add --no-cache ca-certificates wget \
# Download the GeoIP2 binary. Maxmind discontinued distributing the GeoLite2 databases publicly, so a license key is needed. See: https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases/
# In order to obtain the secret MAXMIND_LICENSE_KEY, we assume we have a sidecar secrets-server which will serve the secret MAXMIND_LICENSE_KEY at: http://localhost:8000/MAXMIND_LICENSE_KEY
RUN apk add --no-cache ca-certificates curl \
&& cd /app/GeoLiteCity \
&& ls -l; \
\
echo "Downloading a copy of GeoLite2City..."; \
URL="http://geolite.maxmind.com/download/geoip/database/"; \
FILE="GeoLite2-City.tar.gz"; \
wget -N -q "$URL$FILE"; \
URL="https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-City&license_key=$( curl -s http://localhost:8000/MAXMIND_LICENSE_KEY )&suffix=tar.gz"; \
FILE=$( curl -sI "$URL" | grep -i 'content-disposition' | sed 's/.*filename=//i' | tr -d '\r\n' ); \
echo "FILE: $FILE"; \
curl -so "$FILE" "$URL"; \
if [ $? = 0 ]; then \
tar -tvf "$FILE"; \
echo "Uncompressing database"; \
Expand All @@ -49,8 +51,9 @@ RUN apk add --no-cache ca-certificates wget \
rm -rf $FILE; \
ls -l; \
fi; \
apk del curl; \
if [ ! -f GeoLite2-City.mmdb ]; then \
echo "Could not download GeoIP2 db from: $URL$FILE"; \
echo "Could not download GeoIP2 db"; \
exit 1; \
fi;

Expand Down
15 changes: 9 additions & 6 deletions variants/alpine/geoip-geoip2-emailsender/Dockerfile
View file
Expand Up @@ -23,15 +23,17 @@ RUN apk add --no-cache ca-certificates wget \
&& chmod 666 GeoLiteCity.dat \
&& ls -l

# Download the GeoIP2 binary
RUN apk add --no-cache ca-certificates wget \
# Download the GeoIP2 binary. Maxmind discontinued distributing the GeoLite2 databases publicly, so a license key is needed. See: https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases/
# In order to obtain the secret MAXMIND_LICENSE_KEY, we assume we have a sidecar secrets-server which will serve the secret MAXMIND_LICENSE_KEY at: http://localhost:8000/MAXMIND_LICENSE_KEY
RUN apk add --no-cache ca-certificates curl \
&& cd /app/GeoLiteCity \
&& ls -l; \
\
echo "Downloading a copy of GeoLite2City..."; \
URL="http://geolite.maxmind.com/download/geoip/database/"; \
FILE="GeoLite2-City.tar.gz"; \
wget -N -q "$URL$FILE"; \
URL="https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-City&license_key=$( curl -s http://localhost:8000/MAXMIND_LICENSE_KEY )&suffix=tar.gz"; \
FILE=$( curl -sI "$URL" | grep -i 'content-disposition' | sed 's/.*filename=//i' | tr -d '\r\n' ); \
echo "FILE: $FILE"; \
curl -so "$FILE" "$URL"; \
if [ $? = 0 ]; then \
tar -tvf "$FILE"; \
echo "Uncompressing database"; \
Expand All @@ -49,8 +51,9 @@ RUN apk add --no-cache ca-certificates wget \
rm -rf $FILE; \
ls -l; \
fi; \
apk del curl; \
if [ ! -f GeoLite2-City.mmdb ]; then \
echo "Could not download GeoIP2 db from: $URL$FILE"; \
echo "Could not download GeoIP2 db"; \
exit 1; \
fi;

Expand Down
15 changes: 9 additions & 6 deletions variants/alpine/geoip-geoip2/Dockerfile
View file
Expand Up @@ -23,15 +23,17 @@ RUN apk add --no-cache ca-certificates wget \
&& chmod 666 GeoLiteCity.dat \
&& ls -l

# Download the GeoIP2 binary
RUN apk add --no-cache ca-certificates wget \
# Download the GeoIP2 binary. Maxmind discontinued distributing the GeoLite2 databases publicly, so a license key is needed. See: https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases/
# In order to obtain the secret MAXMIND_LICENSE_KEY, we assume we have a sidecar secrets-server which will serve the secret MAXMIND_LICENSE_KEY at: http://localhost:8000/MAXMIND_LICENSE_KEY
RUN apk add --no-cache ca-certificates curl \
&& cd /app/GeoLiteCity \
&& ls -l; \
\
echo "Downloading a copy of GeoLite2City..."; \
URL="http://geolite.maxmind.com/download/geoip/database/"; \
FILE="GeoLite2-City.tar.gz"; \
wget -N -q "$URL$FILE"; \
URL="https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-City&license_key=$( curl -s http://localhost:8000/MAXMIND_LICENSE_KEY )&suffix=tar.gz"; \
FILE=$( curl -sI "$URL" | grep -i 'content-disposition' | sed 's/.*filename=//i' | tr -d '\r\n' ); \
echo "FILE: $FILE"; \
curl -so "$FILE" "$URL"; \
if [ $? = 0 ]; then \
tar -tvf "$FILE"; \
echo "Uncompressing database"; \
Expand All @@ -49,8 +51,9 @@ RUN apk add --no-cache ca-certificates wget \
rm -rf $FILE; \
ls -l; \
fi; \
apk del curl; \
if [ ! -f GeoLite2-City.mmdb ]; then \
echo "Could not download GeoIP2 db from: $URL$FILE"; \
echo "Could not download GeoIP2 db"; \
exit 1; \
fi;

Expand Down
17 changes: 10 additions & 7 deletions variants/ubuntu/cron-geoip-geoip2-emailsender/Dockerfile
View file
Expand Up @@ -24,16 +24,17 @@ RUN apt-get update && apt-get install -y ca-certificates wget \
&& chmod 666 GeoLiteCity.dat \
&& ls -l

# Download the GeoIP2 binary
RUN apt-get update && apt-get install -y ca-certificates wget \
&& rm -rf /var/lib/apt/lists/* \
# Download the GeoIP2 binary. Maxmind discontinued distributing the GeoLite2 databases publicly, so a license key is needed. See: https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases/
# In order to obtain the secret MAXMIND_LICENSE_KEY, we assume we have a sidecar secrets-server which will serve the secret MAXMIND_LICENSE_KEY at: http://localhost:8000/MAXMIND_LICENSE_KEY
RUN apt-get update && apt-get install -y ca-certificates curl \
&& cd /app/GeoLiteCity \
&& ls -l; \
\
echo "Downloading a copy of GeoLite2City..."; \
URL="http://geolite.maxmind.com/download/geoip/database/"; \
FILE="GeoLite2-City.tar.gz"; \
wget -N -q "$URL$FILE"; \
URL="https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-City&license_key=$( curl -s http://localhost:8000/MAXMIND_LICENSE_KEY )&suffix=tar.gz"; \
FILE=$( curl -sI "$URL" | grep -i 'content-disposition' | sed 's/.*filename=//i' | tr -d '\r\n' ); \
echo "FILE: $FILE"; \
curl -so "$FILE" "$URL"; \
if [ $? = 0 ]; then \
tar -tvf "$FILE"; \
echo "Uncompressing database"; \
Expand All @@ -51,8 +52,10 @@ RUN apt-get update && apt-get install -y ca-certificates wget \
rm -rf $FILE; \
ls -l; \
fi; \
apt-get purge --auto-remove -y curl \
&& rm -rf /var/lib/apt/lists/*; \
if [ ! -f GeoLite2-City.mmdb ]; then \
echo "Could not download GeoIP2 db from: $URL$FILE"; \
echo "Could not download GeoIP2 db"; \
exit 1; \
fi;

Expand Down
17 changes: 10 additions & 7 deletions variants/ubuntu/cron-geoip-geoip2/Dockerfile
View file
Expand Up @@ -24,16 +24,17 @@ RUN apt-get update && apt-get install -y ca-certificates wget \
&& chmod 666 GeoLiteCity.dat \
&& ls -l

# Download the GeoIP2 binary
RUN apt-get update && apt-get install -y ca-certificates wget \
&& rm -rf /var/lib/apt/lists/* \
# Download the GeoIP2 binary. Maxmind discontinued distributing the GeoLite2 databases publicly, so a license key is needed. See: https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases/
# In order to obtain the secret MAXMIND_LICENSE_KEY, we assume we have a sidecar secrets-server which will serve the secret MAXMIND_LICENSE_KEY at: http://localhost:8000/MAXMIND_LICENSE_KEY
RUN apt-get update && apt-get install -y ca-certificates curl \
&& cd /app/GeoLiteCity \
&& ls -l; \
\
echo "Downloading a copy of GeoLite2City..."; \
URL="http://geolite.maxmind.com/download/geoip/database/"; \
FILE="GeoLite2-City.tar.gz"; \
wget -N -q "$URL$FILE"; \
URL="https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-City&license_key=$( curl -s http://localhost:8000/MAXMIND_LICENSE_KEY )&suffix=tar.gz"; \
FILE=$( curl -sI "$URL" | grep -i 'content-disposition' | sed 's/.*filename=//i' | tr -d '\r\n' ); \
echo "FILE: $FILE"; \
curl -so "$FILE" "$URL"; \
if [ $? = 0 ]; then \
tar -tvf "$FILE"; \
echo "Uncompressing database"; \
Expand All @@ -51,8 +52,10 @@ RUN apt-get update && apt-get install -y ca-certificates wget \
rm -rf $FILE; \
ls -l; \
fi; \
apt-get purge --auto-remove -y curl \
&& rm -rf /var/lib/apt/lists/*; \
if [ ! -f GeoLite2-City.mmdb ]; then \
echo "Could not download GeoIP2 db from: $URL$FILE"; \
echo "Could not download GeoIP2 db"; \
exit 1; \
fi;

Expand Down
17 changes: 10 additions & 7 deletions variants/ubuntu/geoip-geoip2-emailsender/Dockerfile
View file
Expand Up @@ -24,16 +24,17 @@ RUN apt-get update && apt-get install -y ca-certificates wget \
&& chmod 666 GeoLiteCity.dat \
&& ls -l

# Download the GeoIP2 binary
RUN apt-get update && apt-get install -y ca-certificates wget \
&& rm -rf /var/lib/apt/lists/* \
# Download the GeoIP2 binary. Maxmind discontinued distributing the GeoLite2 databases publicly, so a license key is needed. See: https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases/
# In order to obtain the secret MAXMIND_LICENSE_KEY, we assume we have a sidecar secrets-server which will serve the secret MAXMIND_LICENSE_KEY at: http://localhost:8000/MAXMIND_LICENSE_KEY
RUN apt-get update && apt-get install -y ca-certificates curl \
&& cd /app/GeoLiteCity \
&& ls -l; \
\
echo "Downloading a copy of GeoLite2City..."; \
URL="http://geolite.maxmind.com/download/geoip/database/"; \
FILE="GeoLite2-City.tar.gz"; \
wget -N -q "$URL$FILE"; \
URL="https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-City&license_key=$( curl -s http://localhost:8000/MAXMIND_LICENSE_KEY )&suffix=tar.gz"; \
FILE=$( curl -sI "$URL" | grep -i 'content-disposition' | sed 's/.*filename=//i' | tr -d '\r\n' ); \
echo "FILE: $FILE"; \
curl -so "$FILE" "$URL"; \
if [ $? = 0 ]; then \
tar -tvf "$FILE"; \
echo "Uncompressing database"; \
Expand All @@ -51,8 +52,10 @@ RUN apt-get update && apt-get install -y ca-certificates wget \
rm -rf $FILE; \
ls -l; \
fi; \
apt-get purge --auto-remove -y curl \
&& rm -rf /var/lib/apt/lists/*; \
if [ ! -f GeoLite2-City.mmdb ]; then \
echo "Could not download GeoIP2 db from: $URL$FILE"; \
echo "Could not download GeoIP2 db"; \
exit 1; \
fi;

Expand Down
17 changes: 10 additions & 7 deletions variants/ubuntu/geoip-geoip2/Dockerfile
View file
Expand Up @@ -24,16 +24,17 @@ RUN apt-get update && apt-get install -y ca-certificates wget \
&& chmod 666 GeoLiteCity.dat \
&& ls -l

# Download the GeoIP2 binary
RUN apt-get update && apt-get install -y ca-certificates wget \
&& rm -rf /var/lib/apt/lists/* \
# Download the GeoIP2 binary. Maxmind discontinued distributing the GeoLite2 databases publicly, so a license key is needed. See: https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases/
# In order to obtain the secret MAXMIND_LICENSE_KEY, we assume we have a sidecar secrets-server which will serve the secret MAXMIND_LICENSE_KEY at: http://localhost:8000/MAXMIND_LICENSE_KEY
RUN apt-get update && apt-get install -y ca-certificates curl \
&& cd /app/GeoLiteCity \
&& ls -l; \
\
echo "Downloading a copy of GeoLite2City..."; \
URL="http://geolite.maxmind.com/download/geoip/database/"; \
FILE="GeoLite2-City.tar.gz"; \
wget -N -q "$URL$FILE"; \
URL="https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-City&license_key=$( curl -s http://localhost:8000/MAXMIND_LICENSE_KEY )&suffix=tar.gz"; \
FILE=$( curl -sI "$URL" | grep -i 'content-disposition' | sed 's/.*filename=//i' | tr -d '\r\n' ); \
echo "FILE: $FILE"; \
curl -so "$FILE" "$URL"; \
if [ $? = 0 ]; then \
tar -tvf "$FILE"; \
echo "Uncompressing database"; \
Expand All @@ -51,8 +52,10 @@ RUN apt-get update && apt-get install -y ca-certificates wget \
rm -rf $FILE; \
ls -l; \
fi; \
apt-get purge --auto-remove -y curl \
&& rm -rf /var/lib/apt/lists/*; \
if [ ! -f GeoLite2-City.mmdb ]; then \
echo "Could not download GeoIP2 db from: $URL$FILE"; \
echo "Could not download GeoIP2 db"; \
exit 1; \
fi;

Expand Down

0 comments on commit d99174b

Please sign in to comment.