Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • containers/eic_container
  • wdconinc/eic_container
  • tooba/eic_container
3 results
Show changes
Commits on Source (5)
Hide whitespace changes
Inline Side-by-side
.gitlab-ci.yml
View file @ a84f6d05
......@@ -2,9 +2,7 @@ image: alpine
variables:
## External images
# FIXME:
#DOCKER_IMAGE: docker.io/docker:24.0.5
DOCKER_IMAGE: eicweb.phy.anl.gov:4567/containers/image_recipes/ubuntu_dind:latest
DOCKER_IMAGE: docker.io/docker:24.0.5
SINGULARITY_IMAGE: quay.io/singularity/singularity:v3.11.4
## Application versions used for the main release
......@@ -29,7 +27,7 @@ variables:
DOCKER_WAIT_TIME: 5
## Number of jobs to start during container builds
JOBS: 128
JOBS: 32
## is this nightly or not?
NIGHTLY: ""
......@@ -133,23 +131,19 @@ version:
## base job settings for all docker interactions
.docker:
image: ${DOCKER_IMAGE}
services:
- docker:dind
before_script:
- # Login to registries
if [[ -n "${EXPORT_TAG}" ]] ; then
if [[ -n "${DH_REGISTRY}" ]] ; then
./gitlab-ci/docker_login.sh -u ${DH_REGISTRY_USER} -p ${DH_EICWEB_TOKEN}
-n ${DOCKER_NTRIES} -t ${DOCKER_WAIT_TIME}
${DH_REGISTRY} ;
docker login -u ${DH_REGISTRY_USER} -p ${DH_EICWEB_TOKEN} ${DH_REGISTRY} ;
fi ;
if [[ -n "${GH_REGISTRY}" ]] ; then
./gitlab-ci/docker_login.sh -u ${GITHUB_REGISTRY_USER} -p ${GITHUB_REGISTRY_TOKEN}
-n ${DOCKER_NTRIES} -t ${DOCKER_WAIT_TIME}
${GH_REGISTRY} ;
docker login -u ${GITHUB_REGISTRY_USER} -p ${GITHUB_REGISTRY_TOKEN} ${GH_REGISTRY} ;
fi ;
if [[ -n "${CI_REGISTRY}" ]] ; then
./gitlab-ci/docker_login.sh -u ${CI_REGISTRY_USER} -p ${CI_REGISTRY_PASSWORD}
-n ${DOCKER_NTRIES} -t ${DOCKER_WAIT_TIME}
${CI_REGISTRY} ;
docker login -u ${CI_REGISTRY_USER} -p ${CI_REGISTRY_PASSWORD} ${CI_REGISTRY} ;
fi ;
fi
after_script:
......@@ -171,7 +165,6 @@ version:
extends: .docker
rules:
- when: on_success
resource_group: ${CI_COMMIT_REF_NAME}-${VERSION}
tags:
- docker-new
before_script:
......@@ -273,11 +266,12 @@ jug_dev:
script:
- if [ "${BUILD_TYPE}" == "nightly" ] ; then IF_BUILD_NIGHTLY=1 ; fi
- if [ "${BUILD_TYPE}" == "default" ] ; then IF_BUILD_DEFAULT=1 ; fi
- apk add envsubst git
- source spack.sh ;
source eic-spack.sh ;
export SPACK_VERSION ;
cat mirrors.yaml.in | envsubst > mirrors.yaml ;
docker buildx build --push ${BUILD_OPTIONS}
cat mirrors.yaml.in | envsubst > mirrors.yaml
- docker buildx build --push ${BUILD_OPTIONS}
--tag ${CI_REGISTRY}/${CI_PROJECT_PATH}/${BUILD_IMAGE}${ENV}:${INTERNAL_TAG}-${BUILD_TYPE}
${EXPORT_TAG:+
${CI_PUSH:+--tag ${CI_REGISTRY}/${CI_PROJECT_PATH}/${BUILD_IMAGE}${ENV}:${EXPORT_TAG}-${BUILD_TYPE}}
......@@ -334,6 +328,7 @@ jug_xl:default:
- version
- jug_dev
script:
- apk add git
- docker buildx build --push ${BUILD_OPTIONS}
--tag ${CI_REGISTRY}/${CI_PROJECT_PATH}/${BUILD_IMAGE}:${INTERNAL_TAG}-default
${EXPORT_TAG:+
......@@ -377,6 +372,7 @@ jug_xl:nightly:
if [ "$CI_COMMIT_BRANCH" == "master" ]; then
PUSH_NIGHTLY_WITH_DATE="1"
fi
- apk add git
- docker buildx build --push ${BUILD_OPTIONS}
--tag ${CI_REGISTRY}/${CI_PROJECT_PATH}/${BUILD_IMAGE}:${INTERNAL_TAG}-nightly
${EXPORT_TAG:+
......@@ -503,93 +499,82 @@ benchmarks:physics:nightly:
strategy: depend
allow_failure: false
clean:
extends: .docker
clean_internal_tag:
image: alpine/curl
stage: finalize
dependencies:
- version
tags:
- docker-new
when: always
script:
## remove the pipeline specific export from eicweb if needed
- echo "Cleaning up pipeline specific docker tags if needed"
- ./gitlab-ci/cleanup_registry.sh -i debian_base -r 66 ${INTERNAL_TAG}
- ./gitlab-ci/cleanup_registry.sh -i ubuntu_base -r 80 ${INTERNAL_TAG}
- ./gitlab-ci/cleanup_registry.sh -i debian_testing_base -r 83 ${INTERNAL_TAG}
- ./gitlab-ci/cleanup_registry.sh -i debian_stable_base -r 92 ${INTERNAL_TAG}
- ./gitlab-ci/cleanup_registry.sh -i jug_prod -r 91 ${INTERNAL_TAG}
- ./gitlab-ci/cleanup_registry.sh -i jug_dev -r 68 ${INTERNAL_TAG}
- ./gitlab-ci/cleanup_registry.sh -i jug_dev -r 68 ${INTERNAL_TAG}-nightly
- ./gitlab-ci/cleanup_registry.sh -i jug_xl -r 69 ${INTERNAL_TAG}
- ./gitlab-ci/cleanup_registry.sh -i jug_xl -r 69 ${INTERNAL_TAG}-nightly
- |
if [ "$CI_PIPELINE_SOURCE" == "merge_request_event" ]; then
./gitlab-ci/cleanup_registry.sh -i jug_xl -r 69 ${NIGHTLY_TAG}
fi
for id in 66 68 69 80 83 91 92 ; do
for tag in ${INTERNAL_TAG} ${INTERNAL_TAG}-default ${INTERNAL_TAG}-nightly ; do
curl --request DELETE --header "PRIVATE-TOKEN: ${REG_CLEANUP_TOKEN}" ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/registry/repositories/${id}/tags/${tag} ;
done ;
done
clean_unstable_mr:
extends: .docker
stage: finalize
dependencies:
- clean
- version
tags:
- docker-new
when: always
variables:
API: "https://eicweb.phy.anl.gov/api/v4"
script:
- apt update -q
- apt install -yq jq
- apk add curl jq
- for registry in
eicweb
eicweb.phy.anl.gov:4567/eic/juggler
eicweb.phy.anl.gov:4567/containers/eic_container
; do
docker images
--filter=reference=${registry}/*:unstable-mr*
--format "{{.ID}} {{.Repository}} {{.Tag}}" ;
done | while read id repository tag ; do
if [[ ${tag} =~ ^unstable-mr-([0-9]+)-([0-9]+)(-nightly){0,1}$ ]] ; then
project_id=${BASH_REMATCH[1]} ;
merge_request_iid=${BASH_REMATCH[2]} ;
if [[ $(curl --silent -L
"${API}/projects/${project_id}/merge_requests?scope=all&state=merged&per_page=100"
"${API}/projects/${project_id}/merge_requests?scope=all&state=closed&per_page=100"
| jq -r ".[]|select(.iid == ${merge_request_iid})|.state") =~ ^(merged|closed)$ ]] ; then
docker rmi $repository:$tag ;
else
echo "Image $repository:$tag still in use (project ${project_id}, idd ${merge_request_iid})." ;
fi ;
fi ;
if [[ ${tag} =~ ^unstable-mr-([0-9]+)(-nightly){0,1}$ ]] ; then
merge_request_id=${BASH_REMATCH[1]} ;
suffix=${BASH_REMATCH[2]} ;
if [[ $(curl --silent -L
"${API}/projects/290/merge_requests?scope=all&state=merged&per_page=100"
"${API}/projects/369/merge_requests?scope=all&state=merged&per_page=100"
"${API}/projects/290/merge_requests?scope=all&state=closed&per_page=100"
"${API}/projects/369/merge_requests?scope=all&state=closed&per_page=100"
| jq -r ".[]|select(.id == ${merge_request_id})|.state") =~ ^(merged|closed)$ ]] ; then
docker rmi $repository:$tag ;
else
project_id=$(curl --silent -L
"${API}/projects/290/merge_requests?scope=all&state=opened&per_page=100"
"${API}/projects/369/merge_requests?scope=all&state=opened&per_page=100"
| jq -r ".[]|select(.id == ${merge_request_id})|.project_id") ;
merge_request_iid=$(curl --silent -L
"${API}/projects/290/merge_requests?scope=all&state=opened&per_page=100"
"${API}/projects/369/merge_requests?scope=all&state=opened&per_page=100"
| jq -r ".[]|select(.id == ${merge_request_id})|.iid") ;
echo "Image $repository:$tag still in use (project ${project_id}, idd ${merge_request_iid})." ;
if [[ ${project_id} == "" || ${merge_request_iid} == "" ]] ; then
echo "$tag not found" ;
else
docker tag $repository:$tag $repository:unstable-mr-${project_id}-${merge_request_iid}${suffix} ;
docker rmi $repository:$tag ;
fi ;
fi ;
fi ;
done
| sed -n -E 's/unstable-mr-([0-9]+)-([0-9]+)(-nightly|-default){0,1}$/& \1 \2/p'
| while read id repository tag project_id merge_request_iid ; do
state=$(curl --silent -L
"${CI_API_V4_URL}/projects/${project_id}/merge_requests?scope=all&state=opened&per_page=100"
"${CI_API_V4_URL}/projects/${project_id}/merge_requests?scope=all&state=merged&per_page=100"
"${CI_API_V4_URL}/projects/${project_id}/merge_requests?scope=all&state=closed&per_page=100"
| jq -r ".[]|select(.iid == ${merge_request_iid})|.state") ;
echo "Image $repository:$tag is ${state:-undetermined} (project ${project_id}, iid ${merge_request_iid})." ;
if [ "$state" == "merged" ] ; then docker rmi $repository:$tag ; fi ;
if [ "$state" == "closed" ] ; then docker rmi $repository:$tag ; fi ;
done
- docker system prune --filter until=24h --force
- docker system df
- docker images
clean_pipeline:
extends: .docker
stage: finalize
dependencies:
- version
- clean_internal_tag
tags:
- docker-new
when: always
script:
- apk add curl jq
- for registry in
eicweb
eicweb.phy.anl.gov:4567/containers/eic_container
; do
docker images
--filter=reference=${registry}/*:pipeline-*
--format "{{.ID}} {{.Repository}} {{.Tag}}" ;
done
| sed -n -E 's/pipeline-([0-9]+)(-.*){0,1}$/& \1/p'
| while read id repository tag pipeline_id ; do
status=$(curl --silent -L
"${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/pipelines/${pipeline_id}"
| jq -r ".status") ;
echo "Image $repository:$tag is ${status:-undetermined} (pipeline ${pipeline_id})." ;
if [ "$status" == "success" ] ; then docker rmi $repository:$tag ; fi ;
if [ "$status" == "failed" ] ; then docker rmi $repository:$tag ; fi ;
if [ "$status" == "canceled" ] ; then docker rmi $repository:$tag ; fi ;
done
- docker system prune --filter until=24h --force
- docker system df
- docker images
containers.yaml deleted 100644 → 0
View file @ 427fc2c8
base:
debian:
develop: amd64/debian:testing-20211220-slim
runtime: amd64/debian:testing-20211220-slim
Dockerfile: containers/base/Dockerfile.in
oneapi:
develop: intel/oneapi-hpckit:2022.1.2-devel-ubuntu18.04
runtime: intel/oneapi-runtime:2022.1.2-devel-ubuntu18.04
Dockerfile: containers/base/Dockerfile.in
cuda:
develop: nvidia/cuda:11.6.0-devel-ubuntu18.04
runtime: nvidia/cuda:11.6.0-runtime-ubuntu18.04
Dockerfile: containers/base/Dockerfile.in
jug:
jug_dev:
Dockerfile: containers/jug/dev.Dockerfile
jug_xl:
Dockerfile: containers/jug/xl.Dockerfile
containers/dind/Dockerfile deleted 100644 → 0
View file @ 427fc2c8
FROM ubuntu:22.04
LABEL maintainer="Whitney Armstrong <warmstrong@anl.gov>" \
name="ubuntu_dind" \
group="ubuntu_dind" \
march="native" \
base="ubuntu" \
version="22.04"
RUN apt-get update && \
DEBIAN_FRONTEND=noninteractive apt-get install -y \
apt-transport-https \
binfmt-support \
build-essential \
ca-certificates \
cryptsetup \
curl \
gettext \
git \
iptables \
libglib2.0-dev \
libgpgme11-dev \
libseccomp-dev \
libssl-dev \
lxc \
make \
pkg-config \
qemu \
qemu-user-static \
uuid-dev \
squashfs-tools \
wget
# Install Go
ARG GO_OS=linux
ARG GO_ARCH=amd64
ARG GO_VERSION=1.20.5
ARG GO_URL=https://dl.google.com/go/go${GO_VERSION}.${GO_OS}-${GO_ARCH}.tar.gz
RUN curl -L ${GO_URL} | tar -C /usr/local -xzvf -
# Install Singularity CE
ARG SINGULARITY_VERSION=3.11.4
ARG SINGULARITY_URL=https://github.com/sylabs/singularity/releases/download/v${SINGULARITY_VERSION}/singularity-ce-${SINGULARITY_VERSION}.tar.gz
RUN curl -L ${SINGULARITY_URL} | tar -C /tmp -xzf - \
&& cd /tmp/singularity-ce-${SINGULARITY_VERSION} \
&& export PATH=/usr/local/go/bin:$PATH \
&& ./mconfig \
&& make -C builddir \
&& make -C builddir install \
&& rm -rf /tmp/singularity-ce-${SINGULARITY_VERSION}
# Install Docker
ARG DOCKER_VERSION=24
ADD https://get.docker.com/ /tmp/get-docker.sh
RUN bash /tmp/get-docker.sh --version ${DOCKER_VERSION}
# Install the magic wrapper.
ADD --chmod=0755 wrapdocker /usr/local/bin/wrapdocker
# Define additional metadata for our image.
VOLUME /var/lib/docker
CMD ["wrapdocker"]
containers/dind/wrapdocker deleted 100644 → 0
View file @ 427fc2c8
#!/bin/bash
# Ensure that all nodes in /dev/mapper correspond to mapped devices currently loaded by the device-mapper kernel driver
dmsetup mknodes
# First, make sure that cgroups are mounted correctly.
CGROUP=/sys/fs/cgroup
: {LOG:=stdio}
[ -d $CGROUP ] ||
mkdir $CGROUP
mountpoint -q $CGROUP ||
mount -n -t tmpfs -o uid=0,gid=0,mode=0755 cgroup $CGROUP || {
echo "Could not make a tmpfs mount. Did you use --privileged?"
exit 1
}
if [ -d /sys/kernel/security ] && ! mountpoint -q /sys/kernel/security
then
mount -t securityfs none /sys/kernel/security || {
echo "Could not mount /sys/kernel/security."
echo "AppArmor detection and --privileged mode might break."
}
fi
# Mount the cgroup hierarchies exactly as they are in the parent system.
for SUBSYS in $(cut -d: -f2 /proc/1/cgroup)
do
[ -d $CGROUP/$SUBSYS ] || mkdir $CGROUP/$SUBSYS
mountpoint -q $CGROUP/$SUBSYS ||
mount -n -t cgroup -o $SUBSYS cgroup $CGROUP/$SUBSYS
# The two following sections address a bug which manifests itself
# by a cryptic "lxc-start: no ns_cgroup option specified" when
# trying to start containers withina container.
# The bug seems to appear when the cgroup hierarchies are not
# mounted on the exact same directories in the host, and in the
# container.
# Named, control-less cgroups are mounted with "-o name=foo"
# (and appear as such under /proc/<pid>/cgroup) but are usually
# mounted on a directory named "foo" (without the "name=" prefix).
# Systemd and OpenRC (and possibly others) both create such a
# cgroup. To avoid the aforementioned bug, we symlink "foo" to
# "name=foo". This shouldn't have any adverse effect.
echo $SUBSYS | grep -q ^name= && {
NAME=$(echo $SUBSYS | sed s/^name=//)
ln -s $SUBSYS $CGROUP/$NAME
}
# Likewise, on at least one system, it has been reported that
# systemd would mount the CPU and CPU accounting controllers
# (respectively "cpu" and "cpuacct") with "-o cpuacct,cpu"
# but on a directory called "cpu,cpuacct" (note the inversion
# in the order of the groups). This tries to work around it.
[ $SUBSYS = cpuacct,cpu ] && ln -s $SUBSYS $CGROUP/cpu,cpuacct
done
# Note: as I write those lines, the LXC userland tools cannot setup
# a "sub-container" properly if the "devices" cgroup is not in its
# own hierarchy. Let's detect this and issue a warning.
grep -q :devices: /proc/1/cgroup ||
echo "WARNING: the 'devices' cgroup should be in its own hierarchy."
grep -qw devices /proc/1/cgroup ||
echo "WARNING: it looks like the 'devices' cgroup is not mounted."
# Now, close extraneous file descriptors.
pushd /proc/self/fd >/dev/null
for FD in *
do
case "$FD" in
# Keep stdin/stdout/stderr
[012])
;;
# Nuke everything else
*)
eval exec "$FD>&-"
;;
esac
done
popd >/dev/null
# If a pidfile is still around (for example after a container restart),
# delete it so that docker can start.
rm -rf /var/run/docker.pid
# If we were given a PORT environment variable, start as a simple daemon;
# otherwise, spawn a shell as well
if [ "$PORT" ]
then
exec dockerd -H 0.0.0.0:$PORT -H unix:///var/run/docker.sock \
$DOCKER_DAEMON_ARGS
else
if [ "$LOG" == "file" ]
then
dockerd $DOCKER_DAEMON_ARGS &>/var/log/docker.log &
else
dockerd $DOCKER_DAEMON_ARGS &
fi
(( timeout = 60 + SECONDS ))
until docker info >/dev/null 2>&1
do
if (( SECONDS >= timeout )); then
echo 'Timed out trying to connect to internal docker host.' >&2
break
fi
sleep 1
done
[[ $1 ]] && exec "$@"
exec bash --login
fi
containers/jug/dev.Dockerfile
View file @ a84f6d05
......@@ -54,7 +54,7 @@ RUN declare -A target=( \
&& spack config blame packages \
&& spack config --scope user add "config:suppress_gpg_warnings:true" \
&& spack config --scope user add "config:build_jobs:${jobs}" \
&& spack config --scope user add "config:db_lock_timeout:${jobs}0" \
&& spack config --scope user add "config:db_lock_timeout:${jobs}00" \
&& spack config --scope user add "config:source_cache:/var/cache/spack" \
&& spack config --scope user add "config:install_tree:root:/opt/software" \
&& spack config --scope user add "config:ccache:true" \
......@@ -106,7 +106,9 @@ FROM spack as builder
COPY --from=spack-environment . /opt/spack-environment/
ARG ENV=dev
ARG JUGGLER_VERSION="main"
ADD https://eicweb.phy.anl.gov/api/v4/projects/EIC%2Fjuggler/repository/tree?ref=${JUGGLER_VERSION} /tmp/juggler.json
ARG EICRECON_VERSION="main"
ADD https://api.github.com/repos/eic/eicrecon/commits/${EICRECON_VERSION} /tmp/eicrecon.json
ENV SPACK_ENV=/opt/spack-environment/${ENV}
RUN --mount=type=cache,target=/ccache,id=${TARGETPLATFORM} \
--mount=type=cache,target=/var/cache/spack \
......
gitlab-ci/cleanup_registry.sh deleted 100755 → 0
View file @ 427fc2c8
#!/bin/bash
## Remove a specific docker tag from the eicweb registry
function print_the_help {
echo "USAGE: -i image -r reg_id tag "
echo "ARGUMENTS:"
echo " -i,--image Registry image name"
echo " -r,--reg-id Registry image ID (integer number)"
echo " -h,--help Print this message"
echo " positional Tag to remove from registry"
echo ""
echo " Remove a specific docker tag from the eicweb registry, if present on the
registry."
echo ""
echo "EXAMPLE: ./cleanup_registry -i debian_base -r 66 unstable"
exit
}
IMAGE=
REG_ID=
TAG=
while [ $# -gt 0 ]; do
key=$1
case $key in
-i|--image)
IMAGE=$2
shift
shift
;;
-r|--reg-id)
REG_ID=$2
shift
shift
;;
-h|--help)
print_the_help
exit 0
;;
-*)
echo "ERROR: unknown flag: $key"
echo "use --help for more info"
exit 1
;;
*)
if [ ! -z ${TAG} ]; then
echo "ERROR: multiple positional arguments specified"
echo "use --help for more info"
exit 1
fi
TAG=$1
shift
;;
esac
done
if [ -z $IMAGE ]; then
echo "ERROR: no image name given, please use -i <IMAGE>"
print_the_help
exit 1
fi
if [ -z $REG_ID ]; then
echo "ERROR: no image id given, please use -r <REG_ID>"
print_the_help
exit 1
fi
if [ -z $TAG ]; then
echo "ERROR: no tag given, please specify a single tag (positional argument)"
print_the_help
exit 1
fi
echo "Cleaning up eicweb registry for ${IMAGE}:${TAG}"
IMAGE_EXISTS=
docker manifest inspect \
eicweb.phy.anl.gov:4567/containers/eic_container/${IMAGE}:${TAG} \
> /dev/null \
&& IMAGE_EXISTS=1 \
|| echo "Image not found, no cleanup needed"
if [ ! -z ${IMAGE_EXISTS} ]; then
curl --request DELETE --header "PRIVATE-TOKEN: ${REG_CLEANUP_TOKEN}" \
${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/registry/repositories/${REG_ID}/tags/${TAG} \
&& echo "Image removed" \
|| echo "Error trying to remove image"
fi
gitlab-ci/docker_login.sh deleted 100755 → 0
View file @ 427fc2c8
#!/bin/bash
## Resilient docker login with multiple progressive retries in case of TLS issues
function print_the_help {
echo "USAGE: -u user -p -password [...] [registry]"
echo "ARGUMENTS:"
echo " -u,--user Registry user"
echo " -p,--password Registry password"
echo " --ci Login to internal CI registry; -u, -p and positional are ignored"
echo " -t,--time Time interval (in seconds) between attempts"
echo " (doubled each time), default: 5"
echo " -n,--n-attempts Number of attempts, default: 5"
echo " -h,--help Print this message"
echo " positional Registry name (will use dockerhub if none given)"
echo ""
echo " Login to registry."
echo ""
echo "EXAMPLE: ./docker_login.sh -u \$CI_REGISTRY_USER -p \$CI_REGISTRY_PASSWORD \$CI_REGISTRY"
exit
}
REGISTRY=
REG_USER=
REG_PASSWORD=
NTRIES=5
TIME=5
CI=
while [ $# -gt 0 ]; do
key=$1
case $key in
-u|--user)
REG_USER=$2
shift
shift
;;
-p|--password)
REG_PASSWORD=$2
shift
shift
;;
--ci)
CI=1
shift
;;
-t|--time)
TIME=$2
shift
shift
;;
-n|--n-attempts)
NTRIES=$2
shift
shift
;;
-h|--help)
print_the_help
exit 0
;;
-*)
echo "ERROR: unknown flag: $key"
echo "use --help for more info"
exit 1
;;
*)
REGISTRY+="$1"
shift
;;
esac
done
## only sanizize input if not in CI registry mode
if [ -z $CI ]; then
if [ -z $REG_USER ]; then
echo "ERROR: no username given, please use -u <USER>"
print_the_help
exit 1
fi
if [ -z $REG_PASSWORD ]; then
echo "ERROR: no password given, please use -p <PASSWORD>"
print_the_help
exit 1
fi
else
REGISTRY=$CI_REGISTRY
REG_USER=$CI_REGISTRY_USER
fi
while [ $NTRIES != 0 ]; do
if [ -z $CI ]; then
echo $REG_PASSWORD | docker login -u $REG_USER \
--password-stdin $REGISTRY \
&& break \
|| echo "Login failed, retrying in $TIME seconds..."
else
echo $CI_REGISTRY_PASSWORD | docker login -u $REG_USER \
--password-stdin $REGISTRY \
&& break \
|| echo "Login failed, retrying in $TIME seconds..."
fi
sleep ${TIME}s
TIME=$((TIME * 2))
NTRIES=$((NTRIES - 1))
done
if [ $NTRIES = 0 ]; then
echo "Failed to login to registry $REGISTRY"
exit 1
fi
echo "Docker login to $REGISTRY successful"
gitlab-ci/docker_push.sh deleted 100755 → 0
View file @ 427fc2c8
#!/bin/bash
## Generic script to execute docker push from the input tag to all export tags
## on both dockerhub and eicweb if set
function print_the_help {
echo "USAGE: -i image -l input_tag export_tag [export_tag2 ...]"
echo "ARGUMENTS:"
echo " -i,--image Input image name (e.g., eic_base)"
echo " -l,--label Input tag (eg., v3.0.0)"
echo " -t,--time Time interval (in seconds) between attempts"
echo " (doubled each time), default: 5"
echo " -n,--n-attempts Number of attempts, default: 5"
echo " -h,--help Print this message"
echo " --ghcr Publish to ghcr.io only"
echo " --eicweb Publish to $CI_REGISTRY only"
echo " --dockerhub Publish to DH only"
echo " positional At least one export tag (e.g., v3.0-stable)"
echo ""
echo " Execute docker push from image:label to REGISTRY/image:export_tag for"
echo " all export tags. Will push to $CI_REGISTRY, and optionally also to"
echo " Dockerhub if the DH_PUSH environment variable is set"
echo ""
echo "EXAMPLE: ./docker_push.sh -i eic_base -l 3.0.0 3.0.0 3.0-stable"
exit
}
IMAGE=
INPUT_TAG=
EXPORT_TAGS=()
NTRIES=5
TIME=5
DO_DH=${DH_PUSH}
DO_GH=${GH_PUSH}
DO_EICWEB=1
while [ $# -gt 0 ]; do
key=$1
case $key in
-i|--image)
IMAGE=$2
shift
shift
;;
-l|--label)
INPUT_TAG=$2
shift
shift
;;
-t|--time)
TIME=$2
shift
shift
;;
-n|--n-attempts)
NTRIES=$2
shift
shift
;;
--ghcr)
DO_EICWEB=-
DO_DH=0
DO_GH=1
shift
;;
--eicweb)
DO_EICWEB=1
DO_DH=0
DO_GH=0
shift
;;
--dockerhub)
DO_EICWEB=0
DO_DH=1
DO_GH=0
shift
;;
-h|--help)
print_the_help
exit 0
;;
-*)
echo "ERROR: unknown flag: $key"
echo "use --help for more info"
exit 1
;;
*)
EXPORT_TAGS+=("$1")
shift
;;
esac
done
if [ -z $IMAGE ]; then
echo "ERROR: no image name given, please use -i <IMAGE>"
print_the_help
exit 1
fi
if [ -z $INPUT_TAG ]; then
echo "ERROR: no input_tag given, please use -l <INPUT_TAG>"
print_the_help
exit 1
fi
if [ ${#EXPORT_TAGS[@]} -eq 0 ]; then
echo "ERROR: need at least one export tag (positional argument)"
print_the_help
exit 1
fi
function retry_push () {
INPUT=$1
DESTINATION=$2
time=$TIME
ntries=$NTRIES
echo "Pushing ${INPUT} to ${DESTINATION}"
if [ ${INPUT} != ${DESTINATION} ]; then
echo docker tag ${INPUT} ${DESTINATION}
docker tag ${INPUT} ${DESTINATION}
fi
while [ $ntries != 0 ]; do
echo docker push ${DESTINATION}
docker push ${DESTINATION} && break \
|| echo "Docker push failed, retrying in $time seconds..."
sleep ${time}s
time=$((time * 2))
ntries=$((ntries - 1))
done
if [ ${INPUT} != ${DESTINATION} ]; then
echo docker rmi ${DESTINATION}
docker rmi ${DESTINATION}
fi
if [ $ntries = 0 ]; then
echo "Failed to push $INPUT to $DESTINATION"
exit 1
fi
}
#echo "IMAGE: ${IMAGE}"
#echo "INPUT_TAG: ${INPUT_TAG}"
#echo "EXPORT_TAGS: ${EXPORT_TAGS}"
#echo "DH_PUSH: ${DH_PUSH}"
#echo "DO_DH: ${DO_DH}"
#echo "DO_GH: ${DO_GH}"
#echo "DO_EICWEB: ${DO_EICWEB}"
export INPUT=$CI_REGISTRY_IMAGE/${IMAGE}:${INPUT_TAG}
for TAG in ${EXPORT_TAGS[@]}; do
if [ ${DO_EICWEB} != 0 ]; then
retry_push $INPUT ${CI_REGISTRY_IMAGE}/${IMAGE}:${TAG}
fi
if [ ${DO_DH} != 0 ]; then
retry_push $INPUT ${DH_REGISTRY_USER}/${IMAGE}:${TAG}
fi
if [ ${DO_GH} != 0 ]; then
retry_push $INPUT ${GH_REGISTRY}/eic/${IMAGE}:${TAG}
fi
done