From 6a01a3379dfdd1220ec2aeef183fb5da728a96ce Mon Sep 17 00:00:00 2001 From: Tobias Genannt Date: Thu, 22 Feb 2018 14:49:38 +0100 Subject: [PATCH 1/5] Add django_ldap_auth In the ldap.Dockerfile the django_ldap_auth module is installed to enable authentication againt LDAP servers. --- Dockerfile.ldap | 7 +++++ README.md | 4 +++ build-branches.sh | 5 ++++ build-latest.sh | 5 ++++ build.sh | 23 ++++++++++++++- configuration/ldap_config.py | 55 ++++++++++++++++++++++++++++++++++++ docker/ldap_config.docker.py | 10 +++++++ 7 files changed, 108 insertions(+), 1 deletion(-) create mode 100644 Dockerfile.ldap create mode 100644 configuration/ldap_config.py create mode 100644 docker/ldap_config.docker.py diff --git a/Dockerfile.ldap b/Dockerfile.ldap new file mode 100644 index 0000000..78fc332 --- /dev/null +++ b/Dockerfile.ldap @@ -0,0 +1,7 @@ +ARG FROM_TAG=latest +FROM ninech/netbox:$FROM_TAG + +RUN pip install django_auth_ldap + +COPY docker/ldap_config.docker.py /opt/netbox/netbox/netbox/ldap_config.py +COPY configuration/ldap_config.py /etc/netbox/ldap_config.py diff --git a/README.md b/README.md index e82c110..d92099d 100644 --- a/README.md +++ b/README.md @@ -136,6 +136,10 @@ COPY startup_scripts/ /opt/netbox/startup_scripts/ COPY initializers/ /opt/netbox/initializers/ ``` +#### LDAP enabled variant + +In the images tagged with "-ldap" you can authenticate netbox against an LDAP / AD server. The included ldap_config.py is configured to use an AD domain controller. The custom values can be injected with environment variables like those in the main configuration file. + ### Production The default settings are optimized for (local) development environments. diff --git a/build-branches.sh b/build-branches.sh index 0b32ae9..421125a 100755 --- a/build-branches.sh +++ b/build-branches.sh @@ -9,6 +9,11 @@ CURL="curl ${CURL_OPTS}" BRANCHES=$($CURL "${URL_RELEASES}" | jq -r 'map(.name) | .[] | scan("^[^v].+")') +VARIANTS=( "ldap" ) + for BRANCH in $BRANCHES; do ./build.sh "${BRANCH}" $@ + for var in "${VARIANTS[@]}" ; do + VARIANT=$var ./build.sh "${BRANCH}" $@ + done done diff --git a/build-latest.sh b/build-latest.sh index 97782f5..49dff9e 100755 --- a/build-latest.sh +++ b/build-latest.sh @@ -38,8 +38,13 @@ URL_DOCKERHUB_TAG="https://registry.hub.docker.com/v2/${DOCKERHUB_REPO}/tags/lis AUTHORIZATION_HEADER="Authorization: Bearer ${BEARER_TOKEN}" ALREADY_BUILT="$($CURL -H "${AUTHORIZATION_HEADER}" "${URL_DOCKERHUB_TAG}" | jq -e ".tags | any(.==\"${VERSION}\")")" +VARIANTS=( "ldap" ) + if [ "$ALREADY_BUILT" == "false" ]; then ./build.sh "${VERSION}" $@ + for var in "${VARIANTS[@]}" ; do + VARIANT=$var ./build.sh "${VERSION}" $@ + done else echo "✅ ${VERSION} already exists on https://hub.docker.com/r/${DOCKERHUB_REPO}" fi diff --git a/build.sh b/build.sh index e8443bc..84544a1 100755 --- a/build.sh +++ b/build.sh @@ -35,6 +35,15 @@ if [ "${1}x" == "x" ] || [ "${1}" == "--help" ] || [ "${1}" == "-h" ]; then echo " URL Where to fetch the package from." echo " Must be a tar.gz file of the source code." echo " Default: https://github.com///archive/\$BRANCH.tar.gz" + echo " VARIANT The variant to build." + echo " When set the value will be used as a TAG suffix and for Dockerfile selection." + echo " The TAG being build must exist for the base variant and the variant Dockerfile" + echo " must start with the following two lines:" + echo " ARG FROM_TAG=latest" + echo " FROM ninech/netbox:$FROM_TAG" + echo " Example: VARIANT=ldap will result in the tag 'latest-ldap' and the Dockerfile" + echo " 'Dockerfile.ldap' being used." + echo " Default: empty" if [ "${1}x" == "x" ]; then exit 1 @@ -62,6 +71,18 @@ case "${BRANCH}" in esac DOCKER_TAG="${DOCKER_TAG-${DOCKER_ORG}/${DOCKER_REPO}:${TAG}}" +# Checking which VARIANT to build +if [ -z "$VARIANT" ]; then + DOCKERFILE="Dockerfile" +else + DOCKERFILE="Dockerfile.${VARIANT}" + DOCKER_TAG="${DOCKER_TAG}-${VARIANT}" + if [ ! -f ${DOCKERFILE} ]; then + echo "The Dockerfile ${DOCKERFILE} for variant '${VARIANT}' doesn't exist. Exiting" + exit 1 + fi +fi + # caching is only ok for version tags case "${TAG}" in v*) @@ -74,7 +95,7 @@ esac DOCKER_OPTS="${DOCKER_OPTS-$CACHE}" echo "🐳 Building the Docker image '${DOCKER_TAG}' from the url '${URL}'." -docker build -t "${DOCKER_TAG}" --build-arg "BRANCH=${BRANCH}" --build-arg "URL=${URL}" --pull ${DOCKER_OPTS} . +docker build -t "${DOCKER_TAG}" --build-arg "FROM_TAG=${TAG}" --build-arg "BRANCH=${BRANCH}" --build-arg "URL=${URL}" --pull ${DOCKER_OPTS} -f ${DOCKERFILE} . echo "✅ Finished building the Docker images '${DOCKER_TAG}'" if [ "${2}" == "--push" ] ; then diff --git a/configuration/ldap_config.py b/configuration/ldap_config.py new file mode 100644 index 0000000..3ab1bf9 --- /dev/null +++ b/configuration/ldap_config.py @@ -0,0 +1,55 @@ +import ldap +import os + +from django_auth_ldap.config import LDAPSearch, GroupOfNamesType + +# Server URI +AUTH_LDAP_SERVER_URI = os.environ.get('AUTH_LDAP_SERVER_URI', '') + +# The following may be needed if you are binding to Active Directory. +AUTH_LDAP_CONNECTION_OPTIONS = { + ldap.OPT_REFERRALS: 0 +} + +# Set the DN and password for the NetBox service account. +AUTH_LDAP_BIND_DN = os.environ.get('AUTH_LDAP_BIND_DN', '') +AUTH_LDAP_BIND_PASSWORD = os.environ.get('AUTH_LDAP_BIND_PASSWORD', '') + +# Include this setting if you want to ignore certificate errors. This might be needed to accept a self-signed cert. +# Note that this is a NetBox-specific setting which sets: +# ldap.set_option(ldap.OPT_X_TLS_REQUIRE_CERT, ldap.OPT_X_TLS_NEVER) +LDAP_IGNORE_CERT_ERRORS = True + +AUTH_LDAP_USER_SEARCH = LDAPSearch(os.environ.get('AUTH_LDAP_USER_SEARCH_BASEDN', ''), + ldap.SCOPE_SUBTREE, + "(sAMAccountName=%(user)s)") + +# This search ought to return all groups to which the user belongs. django_auth_ldap uses this to determine group +# heirarchy. +AUTH_LDAP_GROUP_SEARCH = LDAPSearch(os.environ.get('AUTH_LDAP_GROUP_SEARCH_BASEDN', ''), ldap.SCOPE_SUBTREE, + "(objectClass=group)") +AUTH_LDAP_GROUP_TYPE = GroupOfNamesType() + +# Define a group required to login. +AUTH_LDAP_REQUIRE_GROUP = os.environ.get('AUTH_LDAP_REQUIRE_GROUP_DN', '') + +# Define special user types using groups. Exercise great caution when assigning superuser status. +AUTH_LDAP_USER_FLAGS_BY_GROUP = { + "is_active": os.environ.get('AUTH_LDAP_REQUIRE_GROUP_DN', ''), + "is_staff": os.environ.get('AUTH_LDAP_IS_ADMIN_DN', ''), + "is_superuser": os.environ.get('AUTH_LDAP_IS_SUPERUSER_DN', '') +} + +# For more granular permissions, we can map LDAP groups to Django groups. +AUTH_LDAP_FIND_GROUP_PERMS = True + +# Cache groups for one hour to reduce LDAP traffic +AUTH_LDAP_CACHE_GROUPS = True +AUTH_LDAP_GROUP_CACHE_TIMEOUT = 3600 + +# Populate the Django user from the LDAP directory. +AUTH_LDAP_USER_ATTR_MAP = { + "first_name": os.environ.get('AUTH_LDAP_ATTR_FIRSTNAME', 'givenName'), + "last_name": os.environ.get('AUTH_LDAP_ATTR_LASTNAME', 'sn'), + "email": os.environ.get('AUTH_LDAP_ATTR_MAIL', 'mail') +} diff --git a/docker/ldap_config.docker.py b/docker/ldap_config.docker.py new file mode 100644 index 0000000..50e999e --- /dev/null +++ b/docker/ldap_config.docker.py @@ -0,0 +1,10 @@ +import importlib.util +import sys + +try: + spec = importlib.util.spec_from_file_location('ldap_config', '/etc/netbox/ldap_config.py') + module = importlib.util.module_from_spec(spec) + spec.loader.exec_module(module) + sys.modules['netbox.ldap_config'] = module +except: + raise ImportError('') From 8f001adef4857eb42692ef6d471c1db5814982bc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Mon, 5 Mar 2018 14:29:24 +0100 Subject: [PATCH 2/5] =?UTF-8?q?=F0=9F=92=84=20Cleanup=20and=20hide=20warni?= =?UTF-8?q?ngs?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- build-branches.sh | 5 +++-- build-latest.sh | 13 +++++++++---- build.sh | 40 +++++++++++++++++++++++++++++----------- 3 files changed, 41 insertions(+), 17 deletions(-) diff --git a/build-branches.sh b/build-branches.sh index 421125a..647b517 100755 --- a/build-branches.sh +++ b/build-branches.sh @@ -1,17 +1,18 @@ #!/bin/bash +# Builds all published branches ORIGINAL_GITHUB_REPO="digitalocean/netbox" GITHUB_REPO="${GITHUB_REPO-$ORIGINAL_GITHUB_REPO}" URL_RELEASES="https://api.github.com/repos/${GITHUB_REPO}/branches" -CURL_OPTS="-s" -CURL="curl ${CURL_OPTS}" +CURL="curl -sS" BRANCHES=$($CURL "${URL_RELEASES}" | jq -r 'map(.name) | .[] | scan("^[^v].+")') VARIANTS=( "ldap" ) for BRANCH in $BRANCHES; do + # shellcheck disable=SC2068 ./build.sh "${BRANCH}" $@ for var in "${VARIANTS[@]}" ; do VARIANT=$var ./build.sh "${BRANCH}" $@ diff --git a/build-latest.sh b/build-latest.sh index 49dff9e..8d9121a 100755 --- a/build-latest.sh +++ b/build-latest.sh @@ -1,4 +1,5 @@ #!/bin/bash +# Builds the latest released version ORIGINAL_GITHUB_REPO="digitalocean/netbox" GITHUB_REPO="${GITHUB_REPO-$ORIGINAL_GITHUB_REPO}" @@ -6,25 +7,28 @@ URL_RELEASES="https://api.github.com/repos/${GITHUB_REPO}/releases" JQ_LATEST="group_by(.prerelease) | .[] | sort_by(.published_at) | reverse | .[0] | select(.prerelease==${PRERELEASE-false}) | .tag_name" -CURL_OPTS="-s" -CURL="curl ${CURL_OPTS}" +CURL="curl -sS" VERSION=$($CURL "${URL_RELEASES}" | jq -r "${JQ_LATEST}") # Check if the prerelease version is actually higher than stable version if [ "${PRERELEASE}" == "true" ]; then JQ_STABLE="group_by(.prerelease) | .[] | sort_by(.published_at) | reverse | .[0] | select(.prerelease==false) | .tag_name" - STABLE_VERSION=$(curl $CURL_OPTS "${URL_RELEASES}" | jq -r "${JQ_STABLE}") + STABLE_VERSION=$($CURL "${URL_RELEASES}" | jq -r "${JQ_STABLE}") + # shellcheck disable=SC2003 MAJOR_STABLE=$(expr match "${STABLE_VERSION}" 'v\([0-9]\+\)') + # shellcheck disable=SC2003 MINOR_STABLE=$(expr match "${STABLE_VERSION}" 'v[0-9]\+\.\([0-9]\+\)') + # shellcheck disable=SC2003 MAJOR_UNSTABLE=$(expr match "${VERSION}" 'v\([0-9]\+\)') + # shellcheck disable=SC2003 MINOR_UNSTABLE=$(expr match "${VERSION}" 'v[0-9]\+\.\([0-9]\+\)') if ( [ "$MAJOR_STABLE" -eq "$MAJOR_UNSTABLE" ] && [ "$MINOR_STABLE" -ge "$MINOR_UNSTABLE" ] ) \ || [ "$MAJOR_STABLE" -gt "$MAJOR_UNSTABLE" ]; then - echo "Latest unstable version ('$VERSION') is not higher than the latest stable version ('$STABLE_VERSION')." exit 0 + echo "❎ Latest unstable version ('$VERSION') is not higher than the latest stable version ('$STABLE_VERSION')." fi fi @@ -41,6 +45,7 @@ ALREADY_BUILT="$($CURL -H "${AUTHORIZATION_HEADER}" "${URL_DOCKERHUB_TAG}" | jq VARIANTS=( "ldap" ) if [ "$ALREADY_BUILT" == "false" ]; then + # shellcheck disable=SC2068 ./build.sh "${VERSION}" $@ for var in "${VARIANTS[@]}" ; do VARIANT=$var ./build.sh "${VERSION}" $@ diff --git a/build.sh b/build.sh index 84544a1..2853417 100755 --- a/build.sh +++ b/build.sh @@ -1,4 +1,5 @@ #!/bin/bash +# Builds the Dockerfile[.variant] and injects tgz'ed Netbox code from Github set -e @@ -71,6 +72,14 @@ case "${BRANCH}" in esac DOCKER_TAG="${DOCKER_TAG-${DOCKER_ORG}/${DOCKER_REPO}:${TAG}}" +# caching is only ok for version tags +case "${TAG}" in + v*) + CACHE="${CACHE-}";; + *) + CACHE="${CACHE---no-cache}";; +esac + # Checking which VARIANT to build if [ -z "$VARIANT" ]; then DOCKERFILE="Dockerfile" @@ -83,23 +92,32 @@ else fi fi -# caching is only ok for version tags -case "${TAG}" in - v*) - CACHE="${CACHE-}";; - *) - CACHE="${CACHE---no-cache}";; -esac - # Docker options -DOCKER_OPTS="${DOCKER_OPTS-$CACHE}" +DOCKER_OPTS=( + "$CACHE" + --pull +) + +# Build args +DOCKER_BUILD_ARGS=( + --build-arg "FROM_TAG=${TAG}" + --build-arg "BRANCH=${BRANCH}" + --build-arg "URL=${URL}" +) + +if [ -z "$DRY_RUN" ]; then + DOCKER_CMD="docker" +else + echo "⚠️ DRY_RUN MODE ON ⚠️" + DOCKER_CMD="echo docker" +fi echo "🐳 Building the Docker image '${DOCKER_TAG}' from the url '${URL}'." -docker build -t "${DOCKER_TAG}" --build-arg "FROM_TAG=${TAG}" --build-arg "BRANCH=${BRANCH}" --build-arg "URL=${URL}" --pull ${DOCKER_OPTS} -f ${DOCKERFILE} . +$DOCKER_CMD build -t "${DOCKER_TAG}" "${DOCKER_BUILD_ARGS[@]}" "${DOCKER_OPTS[@]}" -f "${DOCKERFILE}" . echo "✅ Finished building the Docker images '${DOCKER_TAG}'" if [ "${2}" == "--push" ] ; then echo "⏫ Pushing '${DOCKER_TAG}" - docker push "${DOCKER_TAG}" + $DOCKER_CMD push "${DOCKER_TAG}" echo "✅ Finished pushing the Docker image '${DOCKER_TAG}'." fi From 30a37511e298847801866de9b4e54c9e658114c5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Mon, 5 Mar 2018 14:30:30 +0100 Subject: [PATCH 3/5] =?UTF-8?q?=E2=9D=87=EF=B8=8F=20Adds=20DEBUG=20option?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- build-latest.sh | 6 +++++- build.sh | 15 ++++++++++++--- 2 files changed, 17 insertions(+), 4 deletions(-) diff --git a/build-latest.sh b/build-latest.sh index 8d9121a..3a82577 100755 --- a/build-latest.sh +++ b/build-latest.sh @@ -27,8 +27,12 @@ if [ "${PRERELEASE}" == "true" ]; then if ( [ "$MAJOR_STABLE" -eq "$MAJOR_UNSTABLE" ] && [ "$MINOR_STABLE" -ge "$MINOR_UNSTABLE" ] ) \ || [ "$MAJOR_STABLE" -gt "$MAJOR_UNSTABLE" ]; then - exit 0 echo "❎ Latest unstable version ('$VERSION') is not higher than the latest stable version ('$STABLE_VERSION')." + if [ -z "$DEBUG" ]; then + exit 0 + else + echo "⚠️ Would exit here with code '0', but DEBUG is enabled." + fi fi fi diff --git a/build.sh b/build.sh index 2853417..43df0b6 100755 --- a/build.sh +++ b/build.sh @@ -9,6 +9,8 @@ if [ "${1}x" == "x" ] || [ "${1}" == "--help" ] || [ "${1}" == "-h" ]; then echo " --push Pushes built Docker image to docker hub." echo "" echo "You can use the following ENV variables to customize the build:" + echo " DEBUG If defined, the script does not stop when certain checks are unsatisfied." + echo " DRY_RUN Prints all build statements instead of running them." echo " DOCKER_OPTS Add parameters to Docker." echo " Default:" echo " When starts with 'v': \"\"" @@ -86,9 +88,16 @@ if [ -z "$VARIANT" ]; then else DOCKERFILE="Dockerfile.${VARIANT}" DOCKER_TAG="${DOCKER_TAG}-${VARIANT}" - if [ ! -f ${DOCKERFILE} ]; then - echo "The Dockerfile ${DOCKERFILE} for variant '${VARIANT}' doesn't exist. Exiting" - exit 1 + + # Fail fast + if [ ! -f "${DOCKERFILE}" ]; then + echo "🚨 The Dockerfile ${DOCKERFILE} for variant '${VARIANT}' doesn't exist." + + if [ -z "$DEBUG" ]; then + exit 1 + else + echo "⚠️ Would exit here with code '1', but DEBUG is enabled." + fi fi fi From e3120a715e204bc3cb83b4d8410742bdfc47f8ea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Mon, 5 Mar 2018 14:35:11 +0100 Subject: [PATCH 4/5] =?UTF-8?q?=F0=9F=90=B3=20Allow=20variants=20from=20ot?= =?UTF-8?q?her=20source=20images?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Dockerfile.ldap | 4 +++- build.sh | 16 ++++++++++------ 2 files changed, 13 insertions(+), 7 deletions(-) diff --git a/Dockerfile.ldap b/Dockerfile.ldap index 78fc332..5402eb7 100644 --- a/Dockerfile.ldap +++ b/Dockerfile.ldap @@ -1,5 +1,7 @@ +ARG DOCKER_ORG=ninech +ARG DOCKER_REPO=netbox ARG FROM_TAG=latest -FROM ninech/netbox:$FROM_TAG +FROM $DOCKER_ORG/$DOCKER_REPO:$FROM_TAG RUN pip install django_auth_ldap diff --git a/build.sh b/build.sh index 43df0b6..9133d19 100755 --- a/build.sh +++ b/build.sh @@ -39,13 +39,15 @@ if [ "${1}x" == "x" ] || [ "${1}" == "--help" ] || [ "${1}" == "-h" ]; then echo " Must be a tar.gz file of the source code." echo " Default: https://github.com///archive/\$BRANCH.tar.gz" echo " VARIANT The variant to build." - echo " When set the value will be used as a TAG suffix and for Dockerfile selection." - echo " The TAG being build must exist for the base variant and the variant Dockerfile" - echo " must start with the following two lines:" + echo " The value will be used as a suffix to the \$TAG and for the Dockerfile" + echo " selection. The TAG being build must exist for the base variant and" + echo " corresponding Dockerfile must start with the following lines:" + echo " ARG DOCKER_ORG=ninech" + echo " ARG DOCKER_REPOT=netbox" echo " ARG FROM_TAG=latest" - echo " FROM ninech/netbox:$FROM_TAG" - echo " Example: VARIANT=ldap will result in the tag 'latest-ldap' and the Dockerfile" - echo " 'Dockerfile.ldap' being used." + echo " FROM \$DOCKER_ORG/\$DOCKER_REPO:\$FROM_TAG" + echo " Example: VARIANT=ldap will result in the tag 'latest-ldap' and the" + echo " Dockerfile 'Dockerfile.ldap' being used." echo " Default: empty" if [ "${1}x" == "x" ]; then @@ -112,6 +114,8 @@ DOCKER_BUILD_ARGS=( --build-arg "FROM_TAG=${TAG}" --build-arg "BRANCH=${BRANCH}" --build-arg "URL=${URL}" + --build-arg "DOCKER_ORG=${DOCKER_ORG}" + --build-arg "DOCKER_REPO=${DOCKER_REPO}" ) if [ -z "$DRY_RUN" ]; then From 36f79b3ffe0d2ff759eeee224996b9937f65c8a2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Ma=CC=88der?= Date: Mon, 5 Mar 2018 14:36:24 +0100 Subject: [PATCH 5/5] =?UTF-8?q?=E2=9A=99=EF=B8=8F=20Compact=20Variants=20L?= =?UTF-8?q?ogic=20into=20build-all.sh?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .travis.yml | 7 +----- build-all.sh | 60 +++++++++++++++++++++++++++++++++++++++++++++++ build-branches.sh | 5 ---- build-latest.sh | 5 ---- 4 files changed, 61 insertions(+), 16 deletions(-) create mode 100755 build-all.sh diff --git a/.travis.yml b/.travis.yml index b7d537e..484a947 100644 --- a/.travis.yml +++ b/.travis.yml @@ -19,12 +19,7 @@ after_script: after_success: - docker login -u="$DOCKER_USERNAME" -p="$DOCKER_PASSWORD" - - if [ "$TRAVIS_BRANCH" = "master" -a "$TRAVIS_PULL_REQUEST" = "false" ]; then - ./build-branches.sh --push; - ./build-latest.sh --push; - PRERELEASE=true ./build-latest.sh --push; - SRC_ORG=lampwins TAG=webhooks-backend ./build.sh "feature/webhooks-backend" --push; - fi + - ./build-all.sh --push notifications: slack: diff --git a/build-all.sh b/build-all.sh new file mode 100755 index 0000000..54e2711 --- /dev/null +++ b/build-all.sh @@ -0,0 +1,60 @@ +#!/bin/bash +# Builds all Docker images this project provides + +VARIANTS=("" "ldap") + +if [ ! -z "${DEBUG}" ]; then + export DEBUG +fi + +ERROR=0 + +# Don't build if not on `master` and don't build if on a pull request, +# but build when DEBUG is not empty +if [ ! -z "${DEBUG}" ] || \ + ( [ "$TRAVIS_BRANCH" = "master" ] && [ "$TRAVIS_PULL_REQUEST" = "false" ] ); then + for VARIANT in "${VARIANTS[@]}"; do + export VARIANT + + # Checking which VARIANT to build + if [ -z "$VARIANT" ]; then + DOCKERFILE="Dockerfile" + else + DOCKERFILE="Dockerfile.${VARIANT}" + + # Fail fast + if [ ! -f "${DOCKERFILE}" ]; then + echo "🚨 The Dockerfile '${DOCKERFILE}' for variant '${VARIANT}' doesn't exist." + ERROR=1 + + if [ -z "$DEBUG" ]; then + continue + else + echo "⚠️ Would skip this, but DEBUG is enabled." + fi + fi + fi + + echo "🛠 Building '$DOCKERFILE'" + + # build the latest release + # shellcheck disable=SC2068 + ./build-latest.sh $@ + + # build the latest pre-release + # shellcheck disable=SC2068 + PRERELEASE=true ./build-latest.sh $@ + + # build all branches + # shellcheck disable=SC2068 + ./build-branches.sh $@ + + # special build + # shellcheck disable=SC2068 + SRC_ORG=lampwins TAG=webhooks-backend ./build.sh "feature/webhooks-backend" $@ + done +else + echo "❎ Not building anything." +fi + +exit $ERROR diff --git a/build-branches.sh b/build-branches.sh index 647b517..bbd07f2 100755 --- a/build-branches.sh +++ b/build-branches.sh @@ -9,12 +9,7 @@ CURL="curl -sS" BRANCHES=$($CURL "${URL_RELEASES}" | jq -r 'map(.name) | .[] | scan("^[^v].+")') -VARIANTS=( "ldap" ) - for BRANCH in $BRANCHES; do # shellcheck disable=SC2068 ./build.sh "${BRANCH}" $@ - for var in "${VARIANTS[@]}" ; do - VARIANT=$var ./build.sh "${BRANCH}" $@ - done done diff --git a/build-latest.sh b/build-latest.sh index 3a82577..d5728b6 100755 --- a/build-latest.sh +++ b/build-latest.sh @@ -46,14 +46,9 @@ URL_DOCKERHUB_TAG="https://registry.hub.docker.com/v2/${DOCKERHUB_REPO}/tags/lis AUTHORIZATION_HEADER="Authorization: Bearer ${BEARER_TOKEN}" ALREADY_BUILT="$($CURL -H "${AUTHORIZATION_HEADER}" "${URL_DOCKERHUB_TAG}" | jq -e ".tags | any(.==\"${VERSION}\")")" -VARIANTS=( "ldap" ) - if [ "$ALREADY_BUILT" == "false" ]; then # shellcheck disable=SC2068 ./build.sh "${VERSION}" $@ - for var in "${VARIANTS[@]}" ; do - VARIANT=$var ./build.sh "${VERSION}" $@ - done else echo "✅ ${VERSION} already exists on https://hub.docker.com/r/${DOCKERHUB_REPO}" fi