Skip to content

Commit

Permalink
Add git commit SHA to Docker images
Browse files Browse the repository at this point in the history
Add the full git commit SHA to the generated Docker images using the
`org.opencontainers.image.revision` metadata label.

Fixes jenkinsci#865
Closes jenkinsci#892
  • Loading branch information
shaneog committed Oct 24, 2021
1 parent f5b283c commit 2898530
Show file tree
Hide file tree
Showing 18 changed files with 63 additions and 1 deletion.
1 change: 1 addition & 0 deletions .ci/publish.sh
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,7 @@ publish() {
export JENKINS_SHA=$sha
export LATEST_WEEKLY=$latest_weekly
export LATEST_LTS=$latest_lts
export COMMIT_SHA=$(git rev-parse HEAD)
set -x
docker buildx bake --file docker-bake.hcl \
"${build_opts[@]+"${build_opts[@]}"}" linux
Expand Down
2 changes: 2 additions & 0 deletions 11/almalinux/almalinux8/hotspot/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ FROM almalinux:8.4
ENV LANG C.UTF-8

ARG TARGETARCH
ARG COMMIT_SHA

RUN dnf --setopt=install_weak_deps=0 --setopt=tsflags=nodocs install -y \
fontconfig \
Expand Down Expand Up @@ -118,4 +119,5 @@ LABEL \
org.opencontainers.image.version="${JENKINS_VERSION}" \
org.opencontainers.image.url="https://www.jenkins.io/" \
org.opencontainers.image.source="https://github.com/jenkinsci/docker" \
org.opencontainers.image.revision="${COMMIT_SHA}" \
org.opencontainers.image.licenses="MIT"
2 changes: 2 additions & 0 deletions 11/alpine/hotspot/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ RUN apk add --no-cache \
ENV LANG C.UTF-8

ARG TARGETARCH
ARG COMMIT_SHA
ARG GIT_LFS_VERSION=3.0.1

# required for multi-arch support, revert to package cloud after:
Expand Down Expand Up @@ -166,4 +167,5 @@ LABEL \
org.opencontainers.image.version="${JENKINS_VERSION}" \
org.opencontainers.image.url="https://www.jenkins.io/" \
org.opencontainers.image.source="https://github.com/jenkinsci/docker" \
org.opencontainers.image.revision="${COMMIT_SHA}" \
org.opencontainers.image.licenses="MIT"
3 changes: 3 additions & 0 deletions 11/centos/centos7/hotspot/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -14,11 +14,13 @@ FROM centos:centos7.9.2009
ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8'

ARG TARGETARCH
ARG COMMIT_SHA

RUN yum install -y git curl freetype fontconfig unzip which && \
yum clean all

ARG TARGETARCH
ARG COMMIT_SHA
ARG GIT_LFS_VERSION=3.0.1

# required for multi-arch support, revert to package cloud after:
Expand Down Expand Up @@ -131,4 +133,5 @@ LABEL \
org.opencontainers.image.version="${JENKINS_VERSION}" \
org.opencontainers.image.url="https://www.jenkins.io/" \
org.opencontainers.image.source="https://github.com/jenkinsci/docker" \
org.opencontainers.image.revision="${COMMIT_SHA}" \
org.opencontainers.image.licenses="MIT"
2 changes: 2 additions & 0 deletions 11/debian/bullseye-slim/hotspot/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ RUN apt-get update && \
ENV LANG C.UTF-8

ARG TARGETARCH
ARG COMMIT_SHA
ARG GIT_LFS_VERSION=3.0.1

# required for multi-arch support, revert to package cloud after:
Expand Down Expand Up @@ -129,4 +130,5 @@ LABEL \
org.opencontainers.image.version="${JENKINS_VERSION}" \
org.opencontainers.image.url="https://www.jenkins.io/" \
org.opencontainers.image.source="https://github.com/jenkinsci/docker" \
org.opencontainers.image.revision="${COMMIT_SHA}" \
org.opencontainers.image.licenses="MIT"
2 changes: 2 additions & 0 deletions 11/debian/bullseye/hotspot/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ RUN apt-get update && \
ENV LANG C.UTF-8

ARG TARGETARCH
ARG COMMIT_SHA
ARG GIT_LFS_VERSION=3.0.1

# required for multi-arch support, revert to package cloud after:
Expand Down Expand Up @@ -127,4 +128,5 @@ LABEL \
org.opencontainers.image.version="${JENKINS_VERSION}" \
org.opencontainers.image.url="https://www.jenkins.io/" \
org.opencontainers.image.source="https://github.com/jenkinsci/docker" \
org.opencontainers.image.revision="${COMMIT_SHA}" \
org.opencontainers.image.licenses="MIT"
2 changes: 2 additions & 0 deletions 11/rhel/ubi8/hotspot/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ FROM registry.access.redhat.com/ubi8/ubi:8.4-211
ENV LANG C.UTF-8

ARG TARGETARCH
ARG COMMIT_SHA

RUN dnf install --disableplugin=subscription-manager --setopt=install_weak_deps=0 --setopt=tsflags=nodocs -y \
git \
Expand Down Expand Up @@ -121,4 +122,5 @@ LABEL \
org.opencontainers.image.version="${JENKINS_VERSION}" \
org.opencontainers.image.url="https://www.jenkins.io/" \
org.opencontainers.image.source="https://github.com/jenkinsci/docker" \
org.opencontainers.image.revision="${COMMIT_SHA}" \
org.opencontainers.image.licenses="MIT"
3 changes: 3 additions & 0 deletions 11/windows/windowsservercore-2019/hotspot/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@ ARG http_port=8080
ARG agent_port=50000
ARG JENKINS_HOME=C:/ProgramData/Jenkins/JenkinsHome

ARG COMMIT_SHA

ENV JENKINS_HOME $JENKINS_HOME
ENV JENKINS_AGENT_PORT ${agent_port}

Expand Down Expand Up @@ -79,4 +81,5 @@ LABEL `
org.opencontainers.image.version="${JENKINS_VERSION}" `
org.opencontainers.image.url="https://www.jenkins.io/" `
org.opencontainers.image.source="https://github.com/jenkinsci/docker" `
org.opencontainers.image.revision="${COMMIT_SHA}" `
org.opencontainers.image.licenses="MIT"
2 changes: 2 additions & 0 deletions 17/debian/bullseye/hotspot/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ RUN apt-get update && \
ENV LANG C.UTF-8

ARG TARGETARCH
ARG COMMIT_SHA
ARG GIT_LFS_VERSION=3.0.1

# required for multi-arch support, revert to package cloud after:
Expand Down Expand Up @@ -128,4 +129,5 @@ LABEL \
org.opencontainers.image.version="${JENKINS_VERSION}" \
org.opencontainers.image.url="https://www.jenkins.io/" \
org.opencontainers.image.source="https://github.com/jenkinsci/docker" \
org.opencontainers.image.revision="${COMMIT_SHA}" \
org.opencontainers.image.licenses="MIT"
2 changes: 2 additions & 0 deletions 8/alpine/hotspot/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ RUN apk add --no-cache \
ENV LANG C.UTF-8

ARG TARGETARCH
ARG COMMIT_SHA
ARG GIT_LFS_VERSION=3.0.1

# required for multi-arch support, revert to package cloud after:
Expand Down Expand Up @@ -116,4 +117,5 @@ LABEL \
org.opencontainers.image.version="${JENKINS_VERSION}" \
org.opencontainers.image.url="https://www.jenkins.io/" \
org.opencontainers.image.source="https://github.com/jenkinsci/docker" \
org.opencontainers.image.revision="${COMMIT_SHA}" \
org.opencontainers.image.licenses="MIT"
3 changes: 3 additions & 0 deletions 8/centos/centos7/hotspot/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ FROM centos:centos7.9.2009
ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8'

ARG TARGETARCH
ARG COMMIT_SHA

RUN echo -e '[AdoptOpenJDK]\n\
name=AdoptOpenJDK\n\
Expand All @@ -14,6 +15,7 @@ gpgkey=https://adoptopenjdk.jfrog.io/adoptopenjdk/api/gpg/key/public' > /etc/yum
yum clean all

ARG TARGETARCH
ARG COMMIT_SHA
ARG GIT_LFS_VERSION=3.0.1

# required for multi-arch support, revert to package cloud after:
Expand Down Expand Up @@ -122,4 +124,5 @@ LABEL \
org.opencontainers.image.version="${JENKINS_VERSION}" \
org.opencontainers.image.url="https://www.jenkins.io/" \
org.opencontainers.image.source="https://github.com/jenkinsci/docker" \
org.opencontainers.image.revision="${COMMIT_SHA}" \
org.opencontainers.image.licenses="MIT"
2 changes: 2 additions & 0 deletions 8/debian/bullseye-slim/hotspot/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ RUN apt-get update && \
ENV LANG C.UTF-8

ARG TARGETARCH
ARG COMMIT_SHA
ARG GIT_LFS_VERSION=3.0.1

# required for multi-arch support, revert to package cloud after:
Expand Down Expand Up @@ -121,4 +122,5 @@ LABEL \
org.opencontainers.image.version="${JENKINS_VERSION}" \
org.opencontainers.image.url="https://www.jenkins.io/" \
org.opencontainers.image.source="https://github.com/jenkinsci/docker" \
org.opencontainers.image.revision="${COMMIT_SHA}" \
org.opencontainers.image.licenses="MIT"
2 changes: 2 additions & 0 deletions 8/debian/bullseye/hotspot/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ RUN apt-get update && \
ENV LANG C.UTF-8

ARG TARGETARCH
ARG COMMIT_SHA
ARG GIT_LFS_VERSION=3.0.1

# required for multi-arch support, revert to package cloud after:
Expand Down Expand Up @@ -121,4 +122,5 @@ LABEL \
org.opencontainers.image.version="${JENKINS_VERSION}" \
org.opencontainers.image.url="https://www.jenkins.io/" \
org.opencontainers.image.source="https://github.com/jenkinsci/docker" \
org.opencontainers.image.revision="${COMMIT_SHA}" \
org.opencontainers.image.licenses="MIT"
3 changes: 2 additions & 1 deletion Makefile
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
ROOT_DIR="$(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))/"
COMMIT_SHA=$(shell git rev-parse HEAD)

## For Docker <=20.04
export DOCKER_BUILDKIT=1
Expand All @@ -25,7 +26,7 @@ check_cli = type "$(1)" >/dev/null 2>&1 || { echo "Error: command '$(1)' require
## Check if a given image exists in the current manifest docker-bake.hcl
check_image = make --silent list | grep -w '$(1)' >/dev/null 2>&1 || { echo "Error: the image '$(1)' does not exist in manifest for the platform 'linux/$(ARCH)'. Please check the output of 'make list'. Exiting." ; exit 1 ; }
## Base "docker buildx base" command to be reused everywhere
bake_base_cli := docker buildx bake -f docker-bake.hcl --load
bake_base_cli := COMMIT_SHA=$(COMMIT_SHA) docker buildx bake -f docker-bake.hcl --load

check-reqs:
## Build requirements
Expand Down
15 changes: 15 additions & 0 deletions docker-bake.hcl
Original file line number Diff line number Diff line change
Expand Up @@ -65,12 +65,17 @@ variable "PLUGIN_CLI_VERSION" {
default = "2.11.0"
}

variable "COMMIT_SHA" {
default = ""
}

target "almalinux_jdk11" {
dockerfile = "11/almalinux/almalinux8/hotspot/Dockerfile"
context = "."
args = {
JENKINS_VERSION = JENKINS_VERSION
JENKINS_SHA = JENKINS_SHA
COMMIT_SHA = COMMIT_SHA
}
tags = [
"${REGISTRY}/${JENKINS_REPO}:${JENKINS_VERSION}-almalinux",
Expand All @@ -86,6 +91,7 @@ target "alpine_jdk8" {
args = {
JENKINS_VERSION = JENKINS_VERSION
JENKINS_SHA = JENKINS_SHA
COMMIT_SHA = COMMIT_SHA
GIT_LFS_VERSION = GIT_LFS_VERSION
PLUGIN_CLI_VERSION = PLUGIN_CLI_VERSION
}
Expand All @@ -103,6 +109,7 @@ target "alpine_jdk11" {
args = {
JENKINS_VERSION = JENKINS_VERSION
JENKINS_SHA = JENKINS_SHA
COMMIT_SHA = COMMIT_SHA
GIT_LFS_VERSION = GIT_LFS_VERSION
PLUGIN_CLI_VERSION = PLUGIN_CLI_VERSION
}
Expand All @@ -123,6 +130,7 @@ target "centos7_jdk8" {
args = {
JENKINS_VERSION = JENKINS_VERSION
JENKINS_SHA = JENKINS_SHA
COMMIT_SHA = COMMIT_SHA
GIT_LFS_VERSION = GIT_LFS_VERSION
PLUGIN_CLI_VERSION = PLUGIN_CLI_VERSION
}
Expand All @@ -140,6 +148,7 @@ target "centos7_jdk11" {
args = {
JENKINS_VERSION = JENKINS_VERSION
JENKINS_SHA = JENKINS_SHA
COMMIT_SHA = COMMIT_SHA
GIT_LFS_VERSION = GIT_LFS_VERSION
PLUGIN_CLI_VERSION = PLUGIN_CLI_VERSION
}
Expand All @@ -160,6 +169,7 @@ target "debian_jdk8" {
args = {
JENKINS_VERSION = JENKINS_VERSION
JENKINS_SHA = JENKINS_SHA
COMMIT_SHA = COMMIT_SHA
GIT_LFS_VERSION = GIT_LFS_VERSION
PLUGIN_CLI_VERSION = PLUGIN_CLI_VERSION
}
Expand All @@ -177,6 +187,7 @@ target "debian_jdk11" {
args = {
JENKINS_VERSION = JENKINS_VERSION
JENKINS_SHA = JENKINS_SHA
COMMIT_SHA = COMMIT_SHA
GIT_LFS_VERSION = GIT_LFS_VERSION
PLUGIN_CLI_VERSION = PLUGIN_CLI_VERSION
}
Expand All @@ -200,6 +211,7 @@ target "debian_slim_jdk8" {
args = {
JENKINS_VERSION = JENKINS_VERSION
JENKINS_SHA = JENKINS_SHA
COMMIT_SHA = COMMIT_SHA
GIT_LFS_VERSION = GIT_LFS_VERSION
PLUGIN_CLI_VERSION = PLUGIN_CLI_VERSION
}
Expand All @@ -217,6 +229,7 @@ target "debian_slim_jdk11" {
args = {
JENKINS_VERSION = JENKINS_VERSION
JENKINS_SHA = JENKINS_SHA
COMMIT_SHA = COMMIT_SHA
GIT_LFS_VERSION = GIT_LFS_VERSION
PLUGIN_CLI_VERSION = PLUGIN_CLI_VERSION
}
Expand All @@ -237,6 +250,7 @@ target "rhel_ubi8_jdk11" {
args = {
JENKINS_VERSION = JENKINS_VERSION
JENKINS_SHA = JENKINS_SHA
COMMIT_SHA = COMMIT_SHA
PLUGIN_CLI_VERSION = PLUGIN_CLI_VERSION
}
tags = [
Expand All @@ -253,6 +267,7 @@ target "debian_jdk17" {
args = {
JENKINS_VERSION = JENKINS_VERSION
JENKINS_SHA = JENKINS_SHA
COMMIT_SHA = COMMIT_SHA
GIT_LFS_VERSION = GIT_LFS_VERSION
PLUGIN_CLI_VERSION = PLUGIN_CLI_VERSION
}
Expand Down
7 changes: 7 additions & 0 deletions tests/runtime.Tests.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@ Describe "[$TEST_TAG] test jenkins arguments" {
BeforeEach {
$folder = Get-EnvOrDefault 'FOLDER' ''
$version=Get-Content $(Join-Path $folder 'Dockerfile') | Select-String -Pattern 'ENV JENKINS_VERSION.*' | %{$_ -replace '.*:-(.*)}','$1'} | Select-Object -First 1
$revision=Get-Content $(Join-Path $folder 'Dockerfile') | Select-String -Pattern 'ENV COMMIT_SHA.*' | %{$_ -replace '.*:-(.*)}','$1'} | Select-Object -First 1
}

It 'running --help --version should return the version, not the help' {
Expand All @@ -54,6 +55,12 @@ Describe "[$TEST_TAG] test jenkins arguments" {
$exitCode | Should -Be 0
$stdout.Trim() | Should -Match $version
}

It 'commit SHA in docker metadata' {
$exitCode, $stdout, $stderr = Run-Program 'docker.exe' "inspect -f `"{{index .Config.Labels \`"org.opencontainers.image.revision\`"}}`" $SUT_IMAGE"
$exitCode | Should -Be 0
$stdout.Trim() | Should -Match $revision
}
}

Describe "[$TEST_TAG] create test container" {
Expand Down
5 changes: 5 additions & 0 deletions tests/runtime.bats
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,11 @@ SUT_DESCRIPTION="${IMAGE}-runtime"
assert "${version}" docker inspect --format '{{ index .Config.Labels "org.opencontainers.image.version"}}' $SUT_IMAGE
}

@test "[${SUT_DESCRIPTION}] test commit SHA in docker metadata" {
local revision=$(get_commit_sha)
assert "${revision}" docker inspect --format '{{ index .Config.Labels "org.opencontainers.image.revision"}}' $SUT_IMAGE
}

@test "[${SUT_DESCRIPTION}] test multiple JENKINS_OPTS" {
local container_name version
# running --help --version should return the version, not the help
Expand Down
6 changes: 6 additions & 0 deletions tests/test_helpers.bash
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,12 @@ function get_jenkins_version() {
make --silent show | jq -r ".target.${IMAGE}.args.JENKINS_VERSION"
}

function get_commit_sha() {
test -n "${IMAGE:?"[sut_image] Please set the variable 'IMAGE' to the name of the image to test in 'docker-bake.hcl'."}"

make --silent show | jq -r ".target.${IMAGE}.args.COMMIT_SHA"
}

function get_test_image {
test -n "${BATS_TEST_NUMBER:?"[get_test_image] Please set the variable BATS_TEST_NUMBER."}"
test -n "${SUT_DESCRIPTION:?"[get_test_image] Please set the variable SUT_DESCRIPTION."}"
Expand Down

0 comments on commit 2898530

Please sign in to comment.