120 lines
3.7 KiB
Python
120 lines
3.7 KiB
Python
#! /usr/bin/env python
|
|
|
|
# Author: Abhilash Raj
|
|
#
|
|
# This is the primary deployment script for the docker-mailman repo. It does
|
|
# deployment for stable and rolling releases both. It should be *always* invoked
|
|
# and it will make the deployment decision based on the environment variables
|
|
# that it sees.
|
|
#
|
|
# There are two kinds of deploymnets primarily:
|
|
# 1. Rolling tags, which are built from each commit. These are typically run
|
|
# in CI every day as well. These always update the "rolling" tag in the
|
|
# docker registry.
|
|
# 2. Stable tags, which are built from git tags with "va.b.c" tags. We don't
|
|
# do the tag verification because for now, Circle CI does this for us. We
|
|
# will tag and release a stable version whenever the right ENV var is set.
|
|
#
|
|
# Publishing:
|
|
# We are typically publishing all the images to three repositories:
|
|
# 1. Docker Hub: This is now rate-limited and might cause issues for people
|
|
# pulling too frequently.
|
|
# 2. Quay: This is an old registry that we started publishing too, so let's
|
|
# continue publishing here too.
|
|
# 3. Github Registry: This is the newest one in the mix and supports free
|
|
# uploads and downloads (without very strict rate limits like Dockerhub.)
|
|
|
|
import os
|
|
import subprocess
|
|
|
|
#: Default user, which owns the repositories.
|
|
USER = 'maxking'
|
|
|
|
TAG_VAR = 'CIRCLE_TAG'
|
|
BRANCH_VAR = 'CIRCLE_BRANCH'
|
|
PRIMARY_BRANCH = 'main'
|
|
|
|
|
|
def tag(original, final):
|
|
"""Tag the source image with final tag."""
|
|
try:
|
|
print('Tagging {0} to {1}'.format(original, final))
|
|
subprocess.run(
|
|
['docker', 'tag', original, final],
|
|
check=True,
|
|
)
|
|
except subprocess.CalledProcessError:
|
|
print('Failed to tag {0}'.format(original))
|
|
|
|
|
|
def login(url):
|
|
"""Login to the registry."""
|
|
if 'quay' in url.lower():
|
|
password = os.environ['QUAY_PASSWORD']
|
|
elif 'docker' in url.lower():
|
|
password = os.environ['DOCKER_PASSWORD']
|
|
elif 'ghcr' in url.lower():
|
|
password = os.environ['GITHUB_PASSWORD']
|
|
else:
|
|
print('Password not found for {0}'.format(url))
|
|
return None
|
|
print('Logging in to {0}'.format(url))
|
|
subprocess.run(
|
|
['docker', 'login', '-u', USER, '-p', password, url],
|
|
check=True
|
|
)
|
|
print('Logged in to {0}'.format(url))
|
|
|
|
|
|
def push(image):
|
|
"""Push all the images."""
|
|
print('Pushing {}'.format(image))
|
|
subprocess.run(['docker', 'push', image], check=True)
|
|
|
|
|
|
def tag_and_push(image_names, url, img_tag):
|
|
"""Given the URL to repository, tag and push the images."""
|
|
# Tag recently built images.
|
|
source, final = image_names
|
|
tag(source, final)
|
|
# Finall, push all the images.
|
|
push(final)
|
|
|
|
|
|
def main():
|
|
"""Primary entrypoint to this script."""
|
|
|
|
if os.environ.get(TAG_VAR) not in (None, ''):
|
|
img_tag = os.environ.get(TAG_VAR)
|
|
elif os.environ.get(BRANCH_VAR) == PRIMARY_BRANCH:
|
|
img_tag = 'rolling'
|
|
else:
|
|
print(f'Not running on {PRIMARY_BRANCH} branch or Git tag so not publishing...')
|
|
exit(0)
|
|
|
|
for url in ('quay.io', 'docker.io', 'ghcr.io'):
|
|
|
|
core = ('maxking/mailman-core:rolling',
|
|
'{0}/maxking/mailman-core:{1}'.format(url, img_tag))
|
|
web = ('maxking/mailman-web:rolling',
|
|
'{0}/maxking/mailman-web:{1}'.format(url, img_tag))
|
|
postorius = ('maxking/postorius:rolling',
|
|
'{0}/maxking/postorius:{1}'.format(url, img_tag))
|
|
|
|
try:
|
|
login(url)
|
|
except subprocess.CalledProcessError:
|
|
print('Failed to login to {}'.format(url))
|
|
continue
|
|
|
|
tag_and_push(core, url, img_tag)
|
|
tag_and_push(web, url, img_tag)
|
|
tag_and_push(postorius, url, img_tag)
|
|
|
|
|
|
if __name__ == '__main__':
|
|
|
|
main()
|
|
|
|
|