158 lines
5.3 KiB
Bash
158 lines
5.3 KiB
Bash
#! /usr/bin/env sh
|
|
|
|
set -e
|
|
|
|
cleanup() {
|
|
if [ "${CLEAN_EXIT}" = false ]; then
|
|
echo "something went wrong"
|
|
echo "continue with the pipeline"
|
|
exit 0
|
|
fi
|
|
}
|
|
|
|
trap cleanup EXIT
|
|
CLEAN_EXIT=false
|
|
|
|
if [ -z "${BASE}" ]; then
|
|
echo "the environment variable BASE is not set"
|
|
exit 1
|
|
fi
|
|
|
|
if [ -z "${TARGET}" ]; then
|
|
echo "the environment variable TARGET is not set"
|
|
exit 1
|
|
fi
|
|
|
|
if [ -z "${REGISTRY_USERNAME}" ] && [ -n "${DOCKER_USERNAME}" ]; then
|
|
REGISTRY_USERNAME="${DOCKER_USERNAME}"
|
|
echo "WARNING: DOCKER_USERNAME is deprecated and will be removed in the next version"
|
|
echo "you should switch to using REGISTRY_USERNAME"
|
|
echo "see the documentation for more info https://git.narvas.tech/vista/container-update-checker"
|
|
fi
|
|
|
|
if [ -z "${REGISTRY_PASSWORD}" ] && [ -n "${DOCKER_PASSWORD}" ]; then
|
|
REGISTRY_PASSWORD="${DOCKER_PASSWORD}"
|
|
echo "WARNING: DOCKER_PASSWORD is deprecated and will be removed in the next version"
|
|
echo "you should switch to using REGISTRY_PASSWORD"
|
|
echo "see the documentation for more info https://git.narvas.tech/vista/container-update-checker"
|
|
fi
|
|
|
|
if [ -z "${BASE_REGISTRY_USERNAME}" ] && [ -n "${REGISTRY_USERNAME}" ]; then
|
|
BASE_REGISTRY_USERNAME="${REPO_USERNAME}"
|
|
fi
|
|
|
|
if [ -z "${BASE_REGISTRY_PASSWORD}" ] && [ -n "${REGISTRY_PASSWORD}" ]; then
|
|
BASE_REGISTRY_PASSWORD="${REPO_PASSWORD}"
|
|
fi
|
|
|
|
if [ -z "${TARGET_REGISTRY_USERNAME}" ] && [ -n "${REGISTRY_USERNAME}" ]; then
|
|
TARGET_REGISTRY_USERNAME="${REPO_USERNAME}"
|
|
fi
|
|
|
|
if [ -z "${TARGET_REGISTRY_PASSWORD}" ] && [ -n "${REGISTRY_PASSWORD}" ]; then
|
|
TARGET_REGISTRY_PASSWORD="${REPO_PASSWORD}"
|
|
fi
|
|
|
|
if [ -z "${REGISTRY_API}" ]; then
|
|
REGISTRY_API='docker'
|
|
fi
|
|
|
|
if [ -z "${BASE_REGISTRY_API}" ]; then
|
|
BASE_REGISTRY_API="${REGISTRY_API}"
|
|
fi
|
|
|
|
if [ -z "${TARGET_REGISTRY_API}" ]; then
|
|
TARGET_REGISTRY_API="${REGISTRY_API}"
|
|
fi
|
|
|
|
if [ -z "${REGISTRY_URL}" ]; then
|
|
REGISTRY_URL="https://hub.docker.com"
|
|
fi
|
|
|
|
if [ -z "${BASE_REGISTRY_URL}" ]; then
|
|
BASE_REGISTRY_URL="${REGISTRY_URL}"
|
|
fi
|
|
|
|
if [ -z "${TARGET_REGISTRY_URL}" ]; then
|
|
TARGET_REGISTRY_URL="${REGISTRY_URL}"
|
|
fi
|
|
|
|
# remove trailing /
|
|
BASE_REGISTRY_URL="${BASE_REGISTRY_URL%/}"
|
|
TARGET_REGISTRY_URL="${TARGET_REGISTRY_URL%/}"
|
|
|
|
# add "library/" if its a "official" docker image (no username is provided)
|
|
echo "${BASE}" | grep -q "/" || BASE="library/${BASE}"
|
|
echo "${TARGET}" | grep -q "/" || TARGET="library/${TARGET}"
|
|
|
|
# if no tag is given default to latest
|
|
echo "${BASE}" | grep -q ":" || BASE="${BASE}:latest"
|
|
echo "${TARGET}" | grep -q ":" || TARGET="${TARGET}:latest"
|
|
|
|
# split repo into user reponame and tag
|
|
BASE_REPO_USER=$(echo "$BASE" | cut -d'/' -f1)
|
|
BASE_REPO_NAME=$(echo "$BASE" | cut -d'/' -f2 | cut -d':' -f1)
|
|
BASE_REPO_TAG=$(echo "$BASE" | cut -d':' -f2)
|
|
|
|
TARGET_REPO_USER=$(echo "$TARGET" | cut -d'/' -f1)
|
|
TARGET_REPO_NAME=$(echo "$TARGET" | cut -d'/' -f2 | cut -d':' -f1)
|
|
TARGET_REPO_TAG=$(echo "$TARGET" | cut -d':' -f2)
|
|
|
|
BASE_HEADER=""
|
|
if [ "${BASE_REGISTRY_API}" = 'docker' ];then
|
|
if [ -n "${BASE_REGISTRY_USERNAME}" ] && [ -n "${BASE_REGISTRY_PASSWORD}" ]; then
|
|
TOKEN=$(curl -s -H "Content-Type: application/json" -X POST -d "{\"username\": \"${BASE_REGISTRY_USERNAME}\", \"password\": \"${BASE_REGISTRY_PASSWORD}\"}" "${BASE_REGISTRY_URL}/users/login/" | jq -r .token)
|
|
BASE_HEADER="Authorization: JWT ${TOKEN}"
|
|
fi
|
|
BASE_URL="${BASE_REGISTRY_URL}/v2/repositories/${BASE_REPO_USER}/${BASE_REPO_NAME}/tags/${BASE_REPO_TAG}"
|
|
|
|
elif [ "${BASE_REGISTRY_API}" = 'gitea' ];then
|
|
if [ -n "${BASE_REGISTRY_PASSWORD}" ]; then
|
|
BASE_HEADER="Authorization: token ${BASE_REGISTRY_PASSWORD}"
|
|
fi
|
|
BASE_URL="${BASE_REGISTRY_URL}/api/v1/packages/${BASE_REPO_USER}/container/${BASE_REPO_NAME}/${BASE_REPO_TAG}"
|
|
fi
|
|
|
|
|
|
TARGET_HEADER=""
|
|
if [ "${TARGET_REGISTRY_API}" = 'docker' ];then
|
|
if [ -n "${TARGET_REGISTRY_USERNAME}" ] && [ -n "${TARGET_REGISTRY_PASSWORD}" ]; then
|
|
TOKEN=$(curl -s -H "Content-Type: application/json" -X POST -d "{\"username\": \"${TARGET_REGISTRY_USERNAME}\", \"password\": \"${TARGET_REGISTRY_PASSWORD}\"}" "${TARGET_REGISTRY_URL}/users/login/" | jq -r .token)
|
|
TARGET_HEADER="Authorization: JWT ${TOKEN}"
|
|
fi
|
|
TARGET_URL="${TARGET_REGISTRY_URL}/v2/repositories/${TARGET_REPO_USER}/${TARGET_REPO_NAME}/tags/${TARGET_REPO_TAG}"
|
|
|
|
elif [ "${TARGET_REGISTRY_API}" = 'gitea' ];then
|
|
if [ -n "${TARGET_REGISTRY_PASSWORD}" ]; then
|
|
TARGET_HEADER="Authorization: token ${TARGET_REGISTRY_PASSWORD}"
|
|
fi
|
|
TARGET_URL="${TARGET_REGISTRY_URL}/api/v1/packages/${TARGET_REPO_USER}/container/${TARGET_REPO_NAME}/${TARGET_REPO_TAG}"
|
|
fi
|
|
|
|
|
|
# compare the update time of the BASE and TARGET images
|
|
if [ "${BASE_REGISTRY_API}" = 'docker' ];then
|
|
BASE_DATE=$(curl -s -H "${BASE_HEADER}" "${BASE_URL}" | jq -r .last_updated)
|
|
elif [ "${BASE_REGISTRY_API}" = 'gitea' ];then
|
|
BASE_DATE=$(curl -s -H "${BASE_HEADER}" "${BASE_URL}" | jq -r .created_at)
|
|
fi
|
|
|
|
if [ "${TARGET_REGISTRY_API}" = 'docker' ];then
|
|
TARGET_DATE=$(curl -s -H "${TARGET_HEADER}" "${TARGET_URL}" | jq -r .last_updated)
|
|
elif [ "${TARGET_REGISTRY_API}" = 'gitea' ];then
|
|
TARGET_DATE=$(curl -s -H "${TARGET_HEADER}" "${TARGET_URL}" | jq -r .created_at)
|
|
fi
|
|
|
|
BASE_TIMESTAMP=$(dateconv --format="%s" "${BASE_DATE}")
|
|
TARGET_TIMESTAMP=$(dateconv --format="%s" "${TARGET_DATE}")
|
|
|
|
CLEAN_EXIT=true
|
|
|
|
if [ "$BASE_TIMESTAMP" -le "$TARGET_TIMESTAMP" ]; then
|
|
echo "no update needed"
|
|
exit 1
|
|
fi
|
|
|
|
echo "$TARGET needs updating"
|
|
exit 0
|