fix: use harbor domain instead of ip to fix ssl error
Some checks failed
Build (develop) / Promote (main) / build-and-push-deploy (push) Failing after 20s
Some checks failed
Build (develop) / Promote (main) / build-and-push-deploy (push) Failing after 20s
This commit is contained in:
@@ -19,6 +19,7 @@ jobs:
|
|||||||
sudo apt-get clean || true
|
sudo apt-get clean || true
|
||||||
docker system prune -af --volumes || true
|
docker system prune -af --volumes || true
|
||||||
df -h
|
df -h
|
||||||
|
|
||||||
- name: Build (develop) / Promote (main)
|
- name: Build (develop) / Promote (main)
|
||||||
env:
|
env:
|
||||||
REGISTRY: 172.35.0.216
|
REGISTRY: 172.35.0.216
|
||||||
@@ -53,6 +54,7 @@ jobs:
|
|||||||
LEGACY_USER="${HARBOR_LEGACY_USERNAME:-$PROD_USER}"
|
LEGACY_USER="${HARBOR_LEGACY_USERNAME:-$PROD_USER}"
|
||||||
LEGACY_PASS="${HARBOR_LEGACY_PASSWORD:-$PROD_PASS}"
|
LEGACY_PASS="${HARBOR_LEGACY_PASSWORD:-$PROD_PASS}"
|
||||||
|
|
||||||
|
# --- Lógica para DEVELOP / HOMOLOG (Build) ---
|
||||||
if [ "$BRANCH" = "develop" ] || [ "$BRANCH" = "homolog" ]; then
|
if [ "$BRANCH" = "develop" ] || [ "$BRANCH" = "homolog" ]; then
|
||||||
TAG=$(echo ${{ gitea.sha }} | cut -c1-7)
|
TAG=$(echo ${{ gitea.sha }} | cut -c1-7)
|
||||||
|
|
||||||
@@ -64,49 +66,45 @@ jobs:
|
|||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# --- Lógica para MAIN (Promoção via Skopeo) ---
|
||||||
if [ "$BRANCH" = "main" ]; then
|
if [ "$BRANCH" = "main" ]; then
|
||||||
sudo apt-get update -y
|
sudo apt-get update -y
|
||||||
sudo apt-get install -y skopeo
|
sudo apt-get install -y skopeo
|
||||||
|
|
||||||
if [ -z "${DEV_USER:-}" ] || [ -z "${DEV_PASS:-}" ]; then
|
if [ -z "${DEV_USER:-}" ] || [ -z "${DEV_PASS:-}" ]; then
|
||||||
echo "Missing Harbor DEV credentials (HARBOR_DEV_USERNAME/HARBOR_DEV_PASSWORD or HARBOR_USERNAME/HARBOR_PASSWORD)." >&2
|
echo "Missing Harbor DEV credentials." >&2
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
if [ -z "${PROD_USER:-}" ] || [ -z "${PROD_PASS:-}" ]; then
|
|
||||||
echo "Missing Harbor PROD credentials (HARBOR_PROD_USERNAME/HARBOR_PROD_PASSWORD or HARBOR_USERNAME/HARBOR_PASSWORD)." >&2
|
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Merge commit: HEAD has 2 parents; HEAD^2 is the merged branch tip.
|
|
||||||
PARENTS="$(git rev-list --parents -n 1 HEAD)"
|
PARENTS="$(git rev-list --parents -n 1 HEAD)"
|
||||||
set -- $PARENTS
|
set -- $PARENTS
|
||||||
SOURCE_SHA="${3:-${1:-}}"
|
SOURCE_SHA="${3:-${1:-}}"
|
||||||
if [ -z "$SOURCE_SHA" ]; then
|
|
||||||
SOURCE_SHA="${{ gitea.sha }}"
|
|
||||||
fi
|
|
||||||
TAG="$(echo "$SOURCE_SHA" | cut -c1-7)"
|
TAG="$(echo "$SOURCE_SHA" | cut -c1-7)"
|
||||||
|
|
||||||
# Promote the exact artifact built on develop into prod (no rebuild).
|
# Inspecionar imagem na origem (DEV) ignorando TLS
|
||||||
skopeo inspect --creds "$DEV_USER:$DEV_PASS" "docker://$DEV_IMAGE:$TAG" >/dev/null
|
skopeo inspect --src-tls-verify=false --creds "$DEV_USER:$DEV_PASS" "docker://$DEV_IMAGE:$TAG" >/dev/null
|
||||||
|
|
||||||
# Validate destination repository exists and auth works.
|
# Listar tags no destino (PROD) ignorando TLS
|
||||||
# Using list-tags avoids assuming a specific tag exists.
|
skopeo list-tags --tls-verify=false --creds "$PROD_USER:$PROD_PASS" "docker://$PROD_IMAGE" >/dev/null
|
||||||
skopeo list-tags --creds "$PROD_USER:$PROD_PASS" "docker://$PROD_IMAGE" >/dev/null
|
|
||||||
|
|
||||||
|
# Copiar imagem de DEV para PROD (Promoção) ignorando TLS em ambos
|
||||||
skopeo copy --all \
|
skopeo copy --all \
|
||||||
|
--src-tls-verify=false \
|
||||||
|
--dest-tls-verify=false \
|
||||||
--src-creds "$DEV_USER:$DEV_PASS" \
|
--src-creds "$DEV_USER:$DEV_PASS" \
|
||||||
--dest-creds "$PROD_USER:$PROD_PASS" \
|
--dest-creds "$PROD_USER:$PROD_PASS" \
|
||||||
"docker://$DEV_IMAGE:$TAG" \
|
"docker://$DEV_IMAGE:$TAG" \
|
||||||
"docker://$PROD_IMAGE:$TAG"
|
"docker://$PROD_IMAGE:$TAG"
|
||||||
|
|
||||||
# Optional: keep legacy tags working during migration.
|
# Promoção para Legacy (se ativado)
|
||||||
if [ "${PROMOTE_LEGACY:-false}" = "true" ]; then
|
if [ "${PROMOTE_LEGACY:-false}" = "true" ]; then
|
||||||
skopeo copy --all \
|
skopeo copy --all --src-tls-verify=false --dest-tls-verify=false \
|
||||||
--src-creds "$DEV_USER:$DEV_PASS" \
|
--src-creds "$DEV_USER:$DEV_PASS" \
|
||||||
--dest-creds "$LEGACY_USER:$LEGACY_PASS" \
|
--dest-creds "$LEGACY_USER:$LEGACY_PASS" \
|
||||||
"docker://$DEV_IMAGE:$TAG" \
|
"docker://$DEV_IMAGE:$TAG" \
|
||||||
"docker://$LEGACY_IMAGE:$TAG"
|
"docker://$LEGACY_IMAGE:$TAG"
|
||||||
skopeo copy --all \
|
|
||||||
|
skopeo copy --all --src-tls-verify=false --dest-tls-verify=false \
|
||||||
--src-creds "$DEV_USER:$DEV_PASS" \
|
--src-creds "$DEV_USER:$DEV_PASS" \
|
||||||
--dest-creds "$LEGACY_USER:$LEGACY_PASS" \
|
--dest-creds "$LEGACY_USER:$LEGACY_PASS" \
|
||||||
"docker://$DEV_IMAGE:$TAG" \
|
"docker://$DEV_IMAGE:$TAG" \
|
||||||
|
|||||||
Reference in New Issue
Block a user