#! /usr/bin/env sh set -e cleanup() { if [ "${CLEAN_EXIT}" = false ]; then echo "something went wrong" echo "continue with the pipeline" exit 0 fi } trap cleanup EXIT CLEAN_EXIT=false if [ -z "${BASE}" ]; then echo "the environment variable BASE is not set" exit 1 fi if [ -z "${TARGET}" ]; then echo "the environment variable TARGET is not set" exit 1 fi if [ -z "${REGISTRY_USERNAME}" ] && [ -n "${DOCKER_USERNAME}" ]; then REGISTRY_USERNAME="${DOCKER_USERNAME}" echo "WARNING: DOCKER_USERNAME is deprecated and will be removed in the next version" echo "you should switch to using REGISTRY_USERNAME" echo "see the documentation for more info https://git.narvas.tech/vista/container-update-checker" fi if [ -z "${REGISTRY_PASSWORD}" ] && [ -n "${DOCKER_PASSWORD}" ]; then REGISTRY_PASSWORD="${DOCKER_PASSWORD}" echo "WARNING: DOCKER_PASSWORD is deprecated and will be removed in the next version" echo "you should switch to using REGISTRY_PASSWORD" echo "see the documentation for more info https://git.narvas.tech/vista/container-update-checker" fi if [ -z "${BASE_REGISTRY_USERNAME}" ] && [ -n "${REGISTRY_USERNAME}" ]; then BASE_REGISTRY_USERNAME="${REPO_USERNAME}" fi if [ -z "${BASE_REGISTRY_PASSWORD}" ] && [ -n "${REGISTRY_PASSWORD}" ]; then BASE_REGISTRY_PASSWORD="${REPO_PASSWORD}" fi if [ -z "${TARGET_REGISTRY_USERNAME}" ] && [ -n "${REGISTRY_USERNAME}" ]; then TARGET_REGISTRY_USERNAME="${REPO_USERNAME}" fi if [ -z "${TARGET_REGISTRY_PASSWORD}" ] && [ -n "${REGISTRY_PASSWORD}" ]; then TARGET_REGISTRY_PASSWORD="${REPO_PASSWORD}" fi if [ -z "${REGISTRY_API}" ]; then REGISTRY_API='docker' fi if [ -z "${BASE_REGISTRY_API}" ]; then BASE_REGISTRY_API="${REGISTRY_API}" fi if [ -z "${TARGET_REGISTRY_API}" ]; then TARGET_REGISTRY_API="${REGISTRY_API}" fi if [ -z "${REGISTRY_URL}" ]; then REGISTRY_URL="https://hub.docker.com" fi if [ -z "${BASE_REGISTRY_URL}" ]; then BASE_REGISTRY_URL="${REGISTRY_URL}" fi if [ -z "${TARGET_REGISTRY_URL}" ]; then TARGET_REGISTRY_URL="${REGISTRY_URL}" fi # remove trailing / BASE_REGISTRY_URL="${BASE_REGISTRY_URL%/}" TARGET_REGISTRY_URL="${TARGET_REGISTRY_URL%/}" # add "library/" if its a "official" docker image (no username is provided) echo "${BASE}" | grep -q "/" || BASE="library/${BASE}" echo "${TARGET}" | grep -q "/" || TARGET="library/${TARGET}" # if no tag is given default to latest echo "${BASE}" | grep -q ":" || BASE="${BASE}:latest" echo "${TARGET}" | grep -q ":" || TARGET="${TARGET}:latest" # split repo into user reponame and tag BASE_REPO_USER=$(echo "$BASE" | cut -d'/' -f1) BASE_REPO_NAME=$(echo "$BASE" | cut -d'/' -f2 | cut -d':' -f1) BASE_REPO_TAG=$(echo "$BASE" | cut -d':' -f2) TARGET_REPO_USER=$(echo "$TARGET" | cut -d'/' -f1) TARGET_REPO_NAME=$(echo "$TARGET" | cut -d'/' -f2 | cut -d':' -f1) TARGET_REPO_TAG=$(echo "$TARGET" | cut -d':' -f2) BASE_HEADER="" if [ "${BASE_REGISTRY_API}" = 'docker' ];then if [ -n "${BASE_REGISTRY_USERNAME}" ] && [ -n "${BASE_REGISTRY_PASSWORD}" ]; then TOKEN=$(curl -s -H "Content-Type: application/json" -X POST -d "{\"username\": \"${BASE_REGISTRY_USERNAME}\", \"password\": \"${BASE_REGISTRY_PASSWORD}\"}" "${BASE_REGISTRY_URL}/users/login/" | jq -r .token) BASE_HEADER="Authorization: JWT ${TOKEN}" fi BASE_URL="${BASE_REGISTRY_URL}/v2/repositories/${BASE_REPO_USER}/${BASE_REPO_NAME}/tags/${BASE_REPO_TAG}" elif [ "${BASE_REGISTRY_API}" = 'gitea' ];then if [ -n "${BASE_REGISTRY_PASSWORD}" ]; then BASE_HEADER="Authorization: token ${BASE_REGISTRY_PASSWORD}" fi BASE_URL="${BASE_REGISTRY_URL}/api/v1/packages/${BASE_REPO_USER}/container/${BASE_REPO_NAME}/${BASE_REPO_TAG}" fi TARGET_HEADER="" if [ "${TARGET_REGISTRY_API}" = 'docker' ];then if [ -n "${TARGET_REGISTRY_USERNAME}" ] && [ -n "${TARGET_REGISTRY_PASSWORD}" ]; then TOKEN=$(curl -s -H "Content-Type: application/json" -X POST -d "{\"username\": \"${TARGET_REGISTRY_USERNAME}\", \"password\": \"${TARGET_REGISTRY_PASSWORD}\"}" "${TARGET_REGISTRY_URL}/users/login/" | jq -r .token) TARGET_HEADER="Authorization: JWT ${TOKEN}" fi TARGET_URL="${TARGET_REGISTRY_URL}/v2/repositories/${TARGET_REPO_USER}/${TARGET_REPO_NAME}/tags/${TARGET_REPO_TAG}" elif [ "${TARGET_REGISTRY_API}" = 'gitea' ];then if [ -n "${TARGET_REGISTRY_PASSWORD}" ]; then TARGET_HEADER="Authorization: token ${TARGET_REGISTRY_PASSWORD}" fi TARGET_URL="${TARGET_REGISTRY_URL}/api/v1/packages/${TARGET_REPO_USER}/container/${TARGET_REPO_NAME}/${TARGET_REPO_TAG}" fi # compare the update time of the BASE and TARGET images if [ "${BASE_REGISTRY_API}" = 'docker' ];then BASE_DATE=$(curl -s -H "${BASE_HEADER}" "${BASE_URL}" | jq -r .last_updated) elif [ "${BASE_REGISTRY_API}" = 'gitea' ];then BASE_DATE=$(curl -s -H "${BASE_HEADER}" "${BASE_URL}" | jq -r .created_at) fi if [ "${TARGET_REGISTRY_API}" = 'docker' ];then TARGET_DATE=$(curl -s -H "${TARGET_HEADER}" "${TARGET_URL}" | jq -r .last_updated) elif [ "${TARGET_REGISTRY_API}" = 'gitea' ];then TARGET_DATE=$(curl -s -H "${TARGET_HEADER}" "${TARGET_URL}" | jq -r .created_at) fi BASE_TIMESTAMP=$(dateconv --format="%s" "${BASE_DATE}") TARGET_TIMESTAMP=$(dateconv --format="%s" "${TARGET_DATE}") CLEAN_EXIT=true if [ "$BASE_TIMESTAMP" -le "$TARGET_TIMESTAMP" ]; then echo "no update needed" exit 1 fi echo "$TARGET needs updating" exit 0