|
|
|
@@ -19,9 +19,10 @@ jobs:
|
|
|
|
sudo apt-get clean || true
|
|
|
|
sudo apt-get clean || true
|
|
|
|
docker system prune -af --volumes || true
|
|
|
|
docker system prune -af --volumes || true
|
|
|
|
df -h
|
|
|
|
df -h
|
|
|
|
|
|
|
|
|
|
|
|
- name: Build (develop) / Promote (main)
|
|
|
|
- name: Build (develop) / Promote (main)
|
|
|
|
env:
|
|
|
|
env:
|
|
|
|
REGISTRY: harbor.jurunense.com
|
|
|
|
REGISTRY: 172.35.0.216
|
|
|
|
DEV_PROJECT: vendaweb-dev
|
|
|
|
DEV_PROJECT: vendaweb-dev
|
|
|
|
PROD_PROJECT: vendaweb-prod
|
|
|
|
PROD_PROJECT: vendaweb-prod
|
|
|
|
IMAGE_REPO: vendaweb-api
|
|
|
|
IMAGE_REPO: vendaweb-api
|
|
|
|
@@ -53,7 +54,8 @@ jobs:
|
|
|
|
LEGACY_USER="${HARBOR_LEGACY_USERNAME:-$PROD_USER}"
|
|
|
|
LEGACY_USER="${HARBOR_LEGACY_USERNAME:-$PROD_USER}"
|
|
|
|
LEGACY_PASS="${HARBOR_LEGACY_PASSWORD:-$PROD_PASS}"
|
|
|
|
LEGACY_PASS="${HARBOR_LEGACY_PASSWORD:-$PROD_PASS}"
|
|
|
|
|
|
|
|
|
|
|
|
if [ "$BRANCH" = "develop" ]; then
|
|
|
|
# --- Lógica para DEVELOP / HOMOLOG (Build) ---
|
|
|
|
|
|
|
|
if [ "$BRANCH" = "develop" ] || [ "$BRANCH" = "homolog" ]; then
|
|
|
|
TAG=$(echo ${{ gitea.sha }} | cut -c1-7)
|
|
|
|
TAG=$(echo ${{ gitea.sha }} | cut -c1-7)
|
|
|
|
|
|
|
|
|
|
|
|
echo "$DEV_PASS" | docker login "$REGISTRY" -u "$DEV_USER" --password-stdin
|
|
|
|
echo "$DEV_PASS" | docker login "$REGISTRY" -u "$DEV_USER" --password-stdin
|
|
|
|
@@ -64,49 +66,45 @@ jobs:
|
|
|
|
exit 0
|
|
|
|
exit 0
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# --- Lógica para MAIN (Promoção via Skopeo) ---
|
|
|
|
if [ "$BRANCH" = "main" ]; then
|
|
|
|
if [ "$BRANCH" = "main" ]; then
|
|
|
|
sudo apt-get update -y
|
|
|
|
sudo apt-get update -y
|
|
|
|
sudo apt-get install -y skopeo
|
|
|
|
sudo apt-get install -y skopeo
|
|
|
|
|
|
|
|
|
|
|
|
if [ -z "${DEV_USER:-}" ] || [ -z "${DEV_PASS:-}" ]; then
|
|
|
|
if [ -z "${DEV_USER:-}" ] || [ -z "${DEV_PASS:-}" ]; then
|
|
|
|
echo "Missing Harbor DEV credentials (HARBOR_DEV_USERNAME/HARBOR_DEV_PASSWORD or HARBOR_USERNAME/HARBOR_PASSWORD)." >&2
|
|
|
|
echo "Missing Harbor DEV credentials." >&2
|
|
|
|
exit 1
|
|
|
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [ -z "${PROD_USER:-}" ] || [ -z "${PROD_PASS:-}" ]; then
|
|
|
|
|
|
|
|
echo "Missing Harbor PROD credentials (HARBOR_PROD_USERNAME/HARBOR_PROD_PASSWORD or HARBOR_USERNAME/HARBOR_PASSWORD)." >&2
|
|
|
|
|
|
|
|
exit 1
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
|
|
# Merge commit: HEAD has 2 parents; HEAD^2 is the merged branch tip.
|
|
|
|
|
|
|
|
PARENTS="$(git rev-list --parents -n 1 HEAD)"
|
|
|
|
PARENTS="$(git rev-list --parents -n 1 HEAD)"
|
|
|
|
set -- $PARENTS
|
|
|
|
set -- $PARENTS
|
|
|
|
SOURCE_SHA="${3:-${1:-}}"
|
|
|
|
SOURCE_SHA="${3:-${1:-}}"
|
|
|
|
if [ -z "$SOURCE_SHA" ]; then
|
|
|
|
|
|
|
|
SOURCE_SHA="${{ gitea.sha }}"
|
|
|
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
TAG="$(echo "$SOURCE_SHA" | cut -c1-7)"
|
|
|
|
TAG="$(echo "$SOURCE_SHA" | cut -c1-7)"
|
|
|
|
|
|
|
|
|
|
|
|
# Promote the exact artifact built on develop into prod (no rebuild).
|
|
|
|
# Inspecionar imagem na origem (DEV) ignorando TLS
|
|
|
|
skopeo inspect --creds "$DEV_USER:$DEV_PASS" "docker://$DEV_IMAGE:$TAG" >/dev/null
|
|
|
|
skopeo inspect --src-tls-verify=false --creds "$DEV_USER:$DEV_PASS" "docker://$DEV_IMAGE:$TAG" >/dev/null
|
|
|
|
|
|
|
|
|
|
|
|
# Validate destination repository exists and auth works.
|
|
|
|
# Listar tags no destino (PROD) ignorando TLS
|
|
|
|
# Using list-tags avoids assuming a specific tag exists.
|
|
|
|
skopeo list-tags --tls-verify=false --creds "$PROD_USER:$PROD_PASS" "docker://$PROD_IMAGE" >/dev/null
|
|
|
|
skopeo list-tags --creds "$PROD_USER:$PROD_PASS" "docker://$PROD_IMAGE" >/dev/null
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Copiar imagem de DEV para PROD (Promoção) ignorando TLS em ambos
|
|
|
|
skopeo copy --all \
|
|
|
|
skopeo copy --all \
|
|
|
|
|
|
|
|
--src-tls-verify=false \
|
|
|
|
|
|
|
|
--dest-tls-verify=false \
|
|
|
|
--src-creds "$DEV_USER:$DEV_PASS" \
|
|
|
|
--src-creds "$DEV_USER:$DEV_PASS" \
|
|
|
|
--dest-creds "$PROD_USER:$PROD_PASS" \
|
|
|
|
--dest-creds "$PROD_USER:$PROD_PASS" \
|
|
|
|
"docker://$DEV_IMAGE:$TAG" \
|
|
|
|
"docker://$DEV_IMAGE:$TAG" \
|
|
|
|
"docker://$PROD_IMAGE:$TAG"
|
|
|
|
"docker://$PROD_IMAGE:$TAG"
|
|
|
|
|
|
|
|
|
|
|
|
# Optional: keep legacy tags working during migration.
|
|
|
|
# Promoção para Legacy (se ativado)
|
|
|
|
if [ "${PROMOTE_LEGACY:-false}" = "true" ]; then
|
|
|
|
if [ "${PROMOTE_LEGACY:-false}" = "true" ]; then
|
|
|
|
skopeo copy --all \
|
|
|
|
skopeo copy --all --src-tls-verify=false --dest-tls-verify=false \
|
|
|
|
--src-creds "$DEV_USER:$DEV_PASS" \
|
|
|
|
--src-creds "$DEV_USER:$DEV_PASS" \
|
|
|
|
--dest-creds "$LEGACY_USER:$LEGACY_PASS" \
|
|
|
|
--dest-creds "$LEGACY_USER:$LEGACY_PASS" \
|
|
|
|
"docker://$DEV_IMAGE:$TAG" \
|
|
|
|
"docker://$DEV_IMAGE:$TAG" \
|
|
|
|
"docker://$LEGACY_IMAGE:$TAG"
|
|
|
|
"docker://$LEGACY_IMAGE:$TAG"
|
|
|
|
skopeo copy --all \
|
|
|
|
|
|
|
|
|
|
|
|
skopeo copy --all --src-tls-verify=false --dest-tls-verify=false \
|
|
|
|
--src-creds "$DEV_USER:$DEV_PASS" \
|
|
|
|
--src-creds "$DEV_USER:$DEV_PASS" \
|
|
|
|
--dest-creds "$LEGACY_USER:$LEGACY_PASS" \
|
|
|
|
--dest-creds "$LEGACY_USER:$LEGACY_PASS" \
|
|
|
|
"docker://$DEV_IMAGE:$TAG" \
|
|
|
|
"docker://$DEV_IMAGE:$TAG" \
|
|
|
|
|
