crypt/certbot
1
0
Fork 0
mirror of https://github.com/certbot/certbot.git synced 2026-01-26 07:41:33 +03:00
Code Activity
Files
1bb09da2705323f4a790657d8f80e4d1db3cf103
certbot/tools/docker/deploy.sh
Brad Warren 09af133af3 Add 2.0 release logic (#9467) 
This PR:

* Deletes the 2.0 pre-release pipeline
* Causes 1.x releases to be released to Docker Hub without updating the latest tag, PyPI, and the candidate and stable channels of the snap store
* Causes 2.x releases to be released to Docker Hub, PyPI, the beta channel of the snap store, and our Windows installer
We could potentially look into how to continue to do 1.x Windows installer releases through GitHub releases and tech ops tooling, but I personally don't think it's worth it right now.

This PR DOES NOT do anything about progressive snap releases. I think we can revisit this when/if we decide (how) to do them.
2022-11-16 15:29:53 -08:00

78 lines
3.3 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
set -euxo pipefail
IFS=$'\n\t'
# This script deploys new versions of Certbot and Certbot plugin docker images.
# Usage: ./deploy.sh [TAG] [all|amd64|arm32v6|arm64v8]
# with the [TAG] value corresponding the base of the tag to give the Docker
# images and the 2nd value being the architecture to build snaps for.
# Values should be something like `v0.34.0` or `nightly`. The given value is
# only the base of the tag because the things like the CPU architecture are
# also added to the full tag.
WORK_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )"
TAG_BASE="$1" # Eg. v0.35.0 or nightly
if [ -z "$TAG_BASE" ]; then
echo "We cannot tag Docker images with an empty string!" >&2
exit 1
fi
source "$WORK_DIR/lib/common"
ParseRequestedArch "${2}"
# Creates and pushes all Docker images aliases for the requested architectures
# set in the environment variable ALL_REQUESTED_ARCH. If the value of the
# global variable TAG_BASE is a 2.0.0 or greater version tag such as v2.1.0,
# the "latest" tag is also updated. Tags without the architecture part are also
# created for the default architecture.
# As an example, for amd64 (the default architecture) and the tag v0.35.0, the
# following tags would be created:
# - certbot/certbot:v0.35.0
# - certbot/certbot:latest
# - certbot/certbot:amd64-latest
# For the architecture arm32v6 and the tag v0.35.0, only the following tag
# would be created:
# - certbot/certbot:arm32v6-latest
# For other tags such as "nightly", aliases are only created for the default
# architecture where the tag "nightly" would be used without an architecture
# part.
# Usage: TagAndPushForAllRequestedArch [IMAGE NAME]
# where [IMAGE NAME] is the name of the Docker image in the Docker repository
# such as "certbot" or "dns-cloudflare".
# Read globals:
# * TAG_BASE
# * ALL_REQUESTED_ARCH
TagAndPushForAllRequestedArch() {
DOCKER_REPO="${DOCKER_HUB_ORG}/${1}"
for TARGET_ARCH in "${ALL_REQUESTED_ARCH[@]}"; do
# NOTE: In early 2022, we were experiencing regular "docker push"
# timeouts, so we added these "--debug" flags to learn more. Since we
# added them, we haven't had another timeout, so until we experience
# another timeout & can get the deubg logs, we're leaving them in.
docker --debug push "${DOCKER_REPO}:${TARGET_ARCH}-${TAG_BASE}"
# If TAG_BASE is a valid tag for version 2.0.0 or greater
if [[ "${TAG_BASE}" =~ ^v([2-9]|[1-9][0-9]+)\.[0-9]+\.[0-9]+$ ]]; then
docker tag "${DOCKER_REPO}:${TARGET_ARCH}-${TAG_BASE}" "${DOCKER_REPO}:${TARGET_ARCH}-latest"
docker --debug push "${DOCKER_REPO}:${TARGET_ARCH}-latest"
if [ "${TARGET_ARCH}" == "${DEFAULT_ARCH}" ]; then
docker tag "${DOCKER_REPO}:${TARGET_ARCH}-${TAG_BASE}" "${DOCKER_REPO}:latest"
docker --debug push "${DOCKER_REPO}:latest"
fi
fi
if [ "${TARGET_ARCH}" == "${DEFAULT_ARCH}" ]; then
docker tag "${DOCKER_REPO}:${TARGET_ARCH}-${TAG_BASE}" "${DOCKER_REPO}:${TAG_BASE}"
docker --debug push "${DOCKER_REPO}:${TAG_BASE}"
fi
done
}
# Step 1: Certbot core Docker
TagAndPushForAllRequestedArch "certbot"
# Step 2: Certbot DNS plugins Docker images
for plugin in "${CERTBOT_PLUGINS[@]}"; do
TagAndPushForAllRequestedArch "${plugin}"
done
View Git Blame Copy Permalink