Skip to content

Commit

Permalink
Migrate to new image repositories (#250)
Browse files Browse the repository at this point in the history
  • Loading branch information
spikymonkey authored Jul 19, 2024
1 parent 13d6761 commit 976fbe7
Show file tree
Hide file tree
Showing 9 changed files with 131 additions and 19 deletions.
44 changes: 34 additions & 10 deletions ci/pipeline.yml
Original file line number Diff line number Diff line change
Expand Up @@ -20,11 +20,27 @@ jobs:
plan:
- get: ci-images-git-repo
trigger: true
- task: generate-docker-credentials
file: ci-images-git-repo/ci/tasks/generate-docker-credentials.yml
input_mapping:
git-repo: ci-images-git-repo
vars:
registry: ((spring-credhub-dev-docker-registry))
registry-username: ((broadcom-jfrog-artifactory-robot-account.username))
registry-password: ((broadcom-jfrog-artifactory-robot-account.password))
- task: build-image
privileged: true
file: ci-images-git-repo/ci/tasks/build-oci-image.yml
input_mapping:
git-repo: ci-images-git-repo
params:
CONTEXT: git-repo/ci/images/spring-credhub-ci
- put: spring-credhub-ci-image
inputs: detect
params:
build: ci-images-git-repo/ci/images/spring-credhub-ci
get_params:
skip_download: "true"
image: image/image.tar
no_get: true
on_failure: *slack-failure-notification

- name: build
serial: true
Expand Down Expand Up @@ -172,13 +188,17 @@ resource_types:
- name: artifactory-resource
type: registry-image
source:
repository: ((dockerhub-mirror-registry))/springio/artifactory-resource
repository: ((spring-credhub-virtual-docker-registry))/springio/artifactory-resource
username: ((broadcom-jfrog-artifactory-robot-account.username))
password: ((broadcom-jfrog-artifactory-robot-account.password))
tag: 0.0.14

- name: slack-notification
type: registry-image
source:
repository: ((dockerhub-mirror-registry))/cfcommunity/slack-notification-resource
repository: ((spring-credhub-virtual-docker-registry))/cfcommunity/slack-notification-resource
username: ((broadcom-jfrog-artifactory-robot-account.username))
password: ((broadcom-jfrog-artifactory-robot-account.password))
tag: latest

resources:
Expand All @@ -197,14 +217,18 @@ resources:
source:
uri: ((github-repo))
branch: ((branch))
paths: ["ci/images/*"]
paths:
- ci/images/*
- ci/scripts/generate-docker-credentials.sh
- ci/tasks/build-oci-image.yml
- ci/tasks/generate-docker-credentials.yml

- name: spring-credhub-ci-image
type: docker-image
type: registry-image
source:
repository: ((corporate-harbor-registry))/((dockerhub-organization))/spring-credhub-ci
username: ((corporate-harbor-robot-account.username))
password: ((corporate-harbor-robot-account.password))
repository: ((spring-credhub-dev-docker-registry))/ci/spring-credhub-ci
username: ((broadcom-jfrog-artifactory-robot-account.username))
password: ((broadcom-jfrog-artifactory-robot-account.password))
tag: ((ci-image-tag))

- name: artifactory-repo
Expand Down
20 changes: 19 additions & 1 deletion ci/scripts/build-project.sh
Original file line number Diff line number Diff line change
Expand Up @@ -2,15 +2,33 @@

set -euo pipefail

readonly DOCKERHUB_MIRROR_REGISTRY="${DOCKERHUB_MIRROR_REGISTRY:?must be set}"
readonly DOCKERHUB_MIRROR_REGISTRY_USERNAME="${DOCKERHUB_MIRROR_REGISTRY_USERNAME:?must be set}"
readonly DOCKERHUB_MIRROR_REGISTRY_PASSWORD="${DOCKERHUB_MIRROR_REGISTRY_PASSWORD:?must be set}"

# shellcheck source=common.sh
source "$(dirname "$0")/common.sh"
repository=$(pwd)/distribution-repository

start_docker() {
pushd credhub-server >/dev/null
echo '{"registry-mirrors": ["https://harbor-mirror.spring.vmware.com"]}' > /etc/docker/daemon.json
echo "{\"registry-mirrors\": [\"https://$DOCKERHUB_MIRROR_REGISTRY\"]}" > /etc/docker/daemon.json
service cgroupfs-mount start
service docker start

# Work around https://github.com/moby/moby/issues/30880
cat >> /etc/hosts << EOF
127.0.0.1 index.docker.io
127.0.0.1 registry-1.docker.io
127.0.0.1 docker.io
EOF
mkdir -p "$HOME/.docker"
jq --arg username "$DOCKERHUB_MIRROR_REGISTRY_USERNAME" \
--arg password "$DOCKERHUB_MIRROR_REGISTRY_PASSWORD" \
'reduce .[] as $registry ({"auths": {}}; .auths += {($registry): {"auth": [$username, $password] | join(":") | @base64}})' \
<<< "[\"index.docker.io\", \"$DOCKERHUB_MIRROR_REGISTRY\"]" \
> "$HOME/.docker/config.json"
docker-compose up --detach
trap "stop_docker" EXIT
popd >/dev/null
Expand Down
10 changes: 10 additions & 0 deletions ci/scripts/generate-docker-credentials.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
#!/bin/sh

set -eu

export TERM="xterm-256color"

readonly DOCKER_CONFIG_OUTPUT="${DOCKER_CONFIG_OUTPUT:?must be set}"

printf "%s" "$REGISTRY_PASSWORD" | docker login "$REGISTRY" --username "$REGISTRY_USERNAME" --password-stdin
cp -v ~/.docker/config.json "$DOCKER_CONFIG_OUTPUT/"
25 changes: 25 additions & 0 deletions ci/tasks/build-oci-image.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
---
platform: linux

image_resource:
type: registry-image
source:
repository: ((spring-credhub-virtual-docker-registry))/concourse/oci-build-task
tag: 0.11.1
username: ((broadcom-jfrog-artifactory-robot-account.username))
password: ((broadcom-jfrog-artifactory-robot-account.password))

inputs:
- name: git-repo
- name: docker-config

outputs:
- name: image

run:
path: build

params:
CONTEXT:
DEBUG: true
DOCKER_CONFIG: docker-config
12 changes: 9 additions & 3 deletions ci/tasks/build-project.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,9 @@ platform: linux
image_resource:
type: registry-image
source:
repository: ((corporate-harbor-registry))/((dockerhub-organization))/spring-credhub-ci
username: ((corporate-harbor-robot-account.username))
password: ((corporate-harbor-robot-account.password))
repository: ((spring-credhub-dev-docker-registry))/ci/spring-credhub-ci
username: ((broadcom-jfrog-artifactory-robot-account.username))
password: ((broadcom-jfrog-artifactory-robot-account.password))
tag: ((ci-image-tag))
inputs:
- name: git-repo
Expand All @@ -19,3 +19,9 @@ run:
params:
ARTIFACTORY_USERNAME: ((artifactory-username))
ARTIFACTORY_PASSWORD: ((artifactory-password))
DOCKERHUB_MIRROR_REGISTRY: ((spring-credhub-virtual-docker-registry))
DOCKERHUB_MIRROR_REGISTRY_USERNAME: ((broadcom-jfrog-artifactory-robot-account.username))
DOCKERHUB_MIRROR_REGISTRY_PASSWORD: ((broadcom-jfrog-artifactory-robot-account.password))
GRADLE_ENTERPRISE_CACHE_USERNAME: ((gradle-enterprise-cache-user))
GRADLE_ENTERPRISE_CACHE_PASSWORD: ((gradle-enterprise-cache-password))
GRADLE_ENTERPRISE_ACCESS_KEY: ((gradle-enterprise-secret-access-key))
25 changes: 25 additions & 0 deletions ci/tasks/generate-docker-credentials.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
platform: linux

image_resource:
type: registry-image
source:
repository: ((spring-credhub-virtual-docker-registry))/docker
tag: 26-cli
username: ((broadcom-jfrog-artifactory-robot-account.username))
password: ((broadcom-jfrog-artifactory-robot-account.password))

inputs:
- name: git-repo

outputs:
- name: docker-config

run:
path: ci/scripts/generate-docker-credentials.sh
dir: git-repo

params:
DOCKER_CONFIG_OUTPUT: ../docker-config
REGISTRY: ((registry))
REGISTRY_USERNAME: ((registry-username))
REGISTRY_PASSWORD: ((registry-password))
4 changes: 3 additions & 1 deletion ci/tasks/promote.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,9 @@ platform: linux
image_resource:
type: registry-image
source:
repository: ((dockerhub-mirror-registry))/springio/concourse-release-scripts
repository: ((spring-credhub-virtual-docker-registry))/springio/concourse-release-scripts
username: ((broadcom-jfrog-artifactory-robot-account.username))
password: ((broadcom-jfrog-artifactory-robot-account.password))
tag: '0.3.4'
inputs:
- name: git-repo
Expand Down
6 changes: 3 additions & 3 deletions ci/tasks/stage.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,9 @@ platform: linux
image_resource:
type: registry-image
source:
repository: ((corporate-harbor-registry))/((dockerhub-organization))/spring-credhub-ci
username: ((corporate-harbor-robot-account.username))
password: ((corporate-harbor-robot-account.password))
repository: ((spring-credhub-dev-docker-registry))/ci/spring-credhub-ci
username: ((broadcom-jfrog-artifactory-robot-account.username))
password: ((broadcom-jfrog-artifactory-robot-account.password))
tag: ((ci-image-tag))
inputs:
- name: git-repo
Expand Down
4 changes: 3 additions & 1 deletion ci/tasks/sync-to-maven-central.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,9 @@ platform: linux
image_resource:
type: registry-image
source:
repository: ((dockerhub-mirror-registry))/springio/concourse-release-scripts
repository: ((spring-credhub-virtual-docker-registry))/springio/concourse-release-scripts
username: ((broadcom-jfrog-artifactory-robot-account.username))
password: ((broadcom-jfrog-artifactory-robot-account.password))
tag: '0.3.4'
inputs:
- name: git-repo
Expand Down

0 comments on commit 976fbe7

Please sign in to comment.