[CI] split container-images-pull-verify-push in two

2022-12-19 19:35:42 +01:00 · 2022-12-19 19:35:42 +01:00 · 1b76c1ea6a
parent b4872716da
commit 1b76c1ea6a
4 changed files with 81 additions and 73 deletions
--- a/.woodpecker/docker-release-version.yml
+++ b/.woodpecker/docker-release-version.yml
@ -12,10 +12,13 @@ variables:
 - &buildx_image 'woodpeckerci/plugin-docker-buildx:2.0.0'
 - &integration_image 'codeberg.org/forgejo-integration/forgejo'
 - &dockerfile_root 'Dockerfile'
+# for testing purposes
 # - &dockerfile_root 'releases/Dockerfile'
 - &dockerfile_rootless 'Dockerfile.rootless'
+# for testing purposes
 # - &dockerfile_rootless 'releases/Dockerfile-rootless'
 - &verify 'true'
+# for testing purposes
 # - &verify 'false'
 - &archs 'amd64 arm64'

@ -27,7 +30,7 @@ pipeline:
     - git config --add safe.directory '*'
     - git fetch --tags --force

-  publish-root:
+  build-root:
    image: *buildx_image
    group: integration
    pull: true
@ -45,7 +48,7 @@ pipeline:
      username:
        from_secret: releaseteamuser

-  publish-rootless:
+  build-rootless:
    image: *buildx_image
    group: integration
    pull: true
--- a/.woodpecker/releases-helper.yml
+++ b/.woodpecker/releases-helper.yml
@ -16,8 +16,8 @@ pipeline:
 # arm64 would require qemu-user-static which is not available on alpline
 # the test coverage does not change much and running the tests test locally
 # is possible if there is a doubt
-      - ARCHS=amd64 ./releases/container-images-pull-verify-push.sh test
-      - ./releases/container-images-pull-verify-push.sh test_teardown
+      - ARCHS=amd64 ./releases/container-images-pull-verify-push-test.sh test
+      - ./releases/container-images-pull-verify-push-test.sh test_teardown
    secrets:
      - releaseteamuser
      - releaseteamtoken
--- a/releases/container-images-pull-verify-push-test.sh
+++ b/releases/container-images-pull-verify-push-test.sh
@ -0,0 +1,74 @@
+#!/bin/sh
+
+#
+# Tests are run when on a wip-ci-* branch, see .woodpecker/releases-helper.yml
+# It should be changed to run it every time this file is changed when 1.18 is used because 1.17 does not have
+# webhooks with the information for that filtering.
+#
+
+set -ex
+
+image_delete() {
+    curl -sS  -H "Authorization: token $token" -X DELETE https://$DOMAIN/v2/$1/forgejo/manifests/$2
+}
+
+#
+# Create the same set of images that buildx would
+#
+test_setup() {
+    dir=$(dirname $0)
+
+    for suffix in '' '-rootless' ; do
+	(
+	    cd $dir
+	    manifests=""
+	    for arch in $ARCHS ; do
+		image=$(arch_image_name $INTEGRATION_USER $arch $suffix)
+		docker build -f Dockerfile$suffix --platform linux/$arch -t $image .
+		docker push $image
+		images="$images $image"
+	    done
+	    manifest=$(image_name $INTEGRATION_USER $suffix)
+	    docker manifest rm $manifest || true
+	    docker manifest create $manifest $images
+	    image_put $INTEGRATION_USER $(image_tag $suffix) $manifest
+	)
+    done
+}
+
+test_teardown() {
+    authenticate
+    for suffix in '' '-rootless' ; do
+	image_delete $INTEGRATION_USER $(image_tag $suffix)
+	image_delete $CI_REPO_OWNER $(image_tag $suffix)
+	image_delete $CI_REPO_OWNER $(short_image_tag $suffix)
+	for arch in $ARCHS ; do
+	    image_delete $INTEGRATION_USER $(arch_image_tag $arch $suffix)
+	    image_delete $CI_REPO_OWNER $(arch_image_tag $arch $suffix)
+	done
+    done
+}
+
+#
+# Running the test locally instead of withing Woodpecker
+#
+# 1. Setup: obtain a token at https://codeberg.org/user/settings/applications
+# 2. Run: RELEASETEAMUSER=<username> RELEASETEAMTOKEn=<apptoken> container-images-pull-verify-push.sh test
+# 3. Verify: (optional) manual verification at https://codeberg.org/<username>/-/packages/container/forgejo/versions
+# 4. Cleanup: RELEASETEAMUSER=<username> RELEASETEAMTOKEn=<apptoken> container-images-pull-verify-push.sh test_teardown
+#
+test() {
+    boot
+    test_teardown
+    test_setup
+    VERIFY_STRING=something
+    VERIFY_COMMAND="echo $VERIFY_STRING"
+    echo "================================ TEST BEGIN"
+    main
+    echo "================================ TEST END"
+}
+
+: ${CI_REPO_OWNER:=dachary}
+: ${CI_COMMIT_TAG:=v17.1.42-2}
+
+. $(dirname $0)/container-images-pull-verify-push.sh
--- a/releases/container-images-pull-verify-push.sh
+++ b/releases/container-images-pull-verify-push.sh
@ -1,22 +1,13 @@
 #!/bin/sh

-#
-# Tests are run when on a wip-ci-* branch, see .woodpecker/releases-helper.yml
-# It should be changed to run it every time this file is changed when 1.18 is used because 1.17 does not have
-# webhooks with the information for that filtering.
-#
-
 set -ex

 : ${DOCKER_HOST:=unix:///var/run/docker.sock}
 : ${ARCHS:=amd64 arm64}
 : ${INTEGRATION_USER:=forgejo-integration}
 : ${INTEGRATION_IMAGE:=codeberg.org/$INTEGRATION_USER/forgejo}
-: ${CI_REPO_OWNER:=dachary}
-: ${CI_COMMIT_TAG:=v17.1.42-2}
 : ${TAG:=${CI_COMMIT_TAG##v}}
 : ${SHORT_TAG=${TAG%.*-*}}
-: ${CI_REPO_LINK:=https://codeberg.org/dachary/forgejo}
 : ${DOMAIN:=codeberg.org}

 : ${VERIFY:=true}
@ -86,10 +77,6 @@ authenticate() {
    token=$(curl -u$RELEASETEAMUSER:$RELEASETEAMTOKEN -sS https://$DOMAIN/v2/token | jq --raw-output .token)
 }

-image_delete() {
-    curl -sS  -H "Authorization: token $token" -X DELETE https://$DOMAIN/v2/$1/forgejo/manifests/$2
-}
-
 image_put() {
    docker manifest inspect $3 > /tmp/manifest.json
    curl -sS  -H "Authorization: token $token" -X PUT --data-binary @/tmp/manifest.json https://$DOMAIN/v2/$1/forgejo/manifests/$2
@ -125,60 +112,4 @@ arch_image_tag() {
    echo $TAG-$1$2
 }

-#
-# Create the same set of images that buildx would
-#
-test_setup() {
-    dir=$(dirname $0)
-
-    for suffix in '' '-rootless' ; do
-	(
-	    cd $dir
-	    manifests=""
-	    for arch in $ARCHS ; do
-		image=$(arch_image_name $INTEGRATION_USER $arch $suffix)
-		docker build -f Dockerfile$suffix --platform linux/$arch -t $image .
-		docker push $image
-		images="$images $image"
-	    done
-	    manifest=$(image_name $INTEGRATION_USER $suffix)
-	    docker manifest rm $manifest || true
-	    docker manifest create $manifest $images
-	    image_put $INTEGRATION_USER $(image_tag $suffix) $manifest
-	)
-    done
-}
-
-test_teardown() {
-    authenticate
-    for suffix in '' '-rootless' ; do
-	image_delete $INTEGRATION_USER $(image_tag $suffix)
-	image_delete $CI_REPO_OWNER $(image_tag $suffix)
-	image_delete $CI_REPO_OWNER $(short_image_tag $suffix)
-	for arch in $ARCHS ; do
-	    image_delete $INTEGRATION_USER $(arch_image_tag $arch $suffix)
-	    image_delete $CI_REPO_OWNER $(arch_image_tag $arch $suffix)
-	done
-    done
-}
-
-#
-# Running the test locally instead of withing Woodpecker
-#
-# 1. Setup: obtain a token at https://codeberg.org/user/settings/applications
-# 2. Run: RELEASETEAMUSER=<username> RELEASETEAMTOKEn=<apptoken> container-images-pull-verify-push.sh test
-# 3. Verify: (optional) manual verification at https://codeberg.org/<username>/-/packages/container/forgejo/versions
-# 4. Cleanup: RELEASETEAMUSER=<username> RELEASETEAMTOKEn=<apptoken> container-images-pull-verify-push.sh test_teardown
-#
-test() {
-    boot
-    test_teardown
-    test_setup
-    VERIFY_STRING=something
-    VERIFY_COMMAND="echo $VERIFY_STRING"
-    echo "================================ TEST BEGIN"
-    main
-    echo "================================ TEST END"
-}
-
 ${@:-main}