diff --git a/.buildkite/hooks/post-command b/.buildkite/hooks/post-command index 85e963d27..566118f97 100755 --- a/.buildkite/hooks/post-command +++ b/.buildkite/hooks/post-command @@ -14,24 +14,33 @@ if [[ $BUILDKITE_LABEL =~ ":docker: Deploy" ]]; then docker logout fi -if [[ $BUILDKITE_BRANCH == "master" ]] || [[ $BUILDKITE_BRANCH =~ ^v.* ]] && [[ $BUILDKITE_PULL_REQUEST == "false" ]]; then - if [[ $BUILDKITE_LABEL == ":docker: Deploy Manifests" ]]; then - echo "--- :docker: Removing tags for deleted branches" - for BRANCH_TAG in $(dockerbranchtags=$(anontoken=$(curl -fsL --retry 3 'https://auth.docker.io/token?service=registry.docker.io&scope=repository:authelia/authelia:pull' | jq -r .token) && \ - curl -fsL --retry 3 -H "Authorization: Bearer ${anontoken}" https://registry-1.docker.io/v2/authelia/authelia/tags/list | jq -r '.tags[] | select(startswith("PR") | not)' | \ - sed -r '/^(latest|develop|v.*|([[:digit:]]+)\.?([[:digit:]]+)?\.?([[:digit:]]+)?)/d' | sort) && \ - githubbranches=$(curl -fs --retry 3 https://api.github.com/repos/authelia/authelia/branches | jq -r '.[].name' | sort) && \ - comm -23 <(echo "${dockerbranchtags}") <(echo "${githubbranches}")); do - echo "Removing tag ${BRANCH_TAG}" - authtoken=$(curl -fs --retry 3 -H "Content-Type: application/json" -X "POST" -d '{"username": "'${DOCKER_USERNAME}'", "password": "'${DOCKER_PASSWORD}'"}' https://hub.docker.com/v2/users/login/ | jq -r .token) && \ - curl -fsL --retry 3 -o /dev/null -X "DELETE" -H "Authorization: JWT ${authtoken}" https://hub.docker.com/v2/repositories/authelia/authelia/tags/${BRANCH_TAG}/ - done - echo "--- :docker: Removing tags for merged or closed pull requests" - for PR_TAG in $(dockerprtags=$(curl -fsL --retry 3 -H "Authorization: Bearer ${anontoken}" https://registry-1.docker.io/v2/authelia/authelia/tags/list | jq -r '.tags[] | select(startswith("PR"))' | sort) && \ - githubprs=$(curl -fs --retry 3 https://api.github.com/repos/authelia/authelia/pulls | jq -r '.[].number' | sed -e 's/^/PR/' | sort) && \ - comm -23 <(echo "${dockerprtags}") <(echo "${githubprs}")); do - echo "Removing tag ${PR_TAG}" - curl -fsL --retry 3 -o /dev/null -X "DELETE" -H "Authorization: JWT ${authtoken}" https://hub.docker.com/v2/repositories/authelia/authelia/tags/${PR_TAG}/ - done +if [[ $BUILDKITE_LABEL == ":docker: Deploy Manifests" ]] && [[ $BUILDKITE_PULL_REQUEST != "false" ]]; then + if [[ ! $(curl -fs --retry 3 "https://api.github.com/repos/authelia/authelia/issues/${BUILDKITE_PULL_REQUEST}/comments" | jq '.[].user.login') =~ autheliabot ]]; then + echo "--- :github: Add deployment commentary" + if [[ $BUILDKITE_PULL_REQUEST_REPO == "git://github.com/authelia/authelia.git" ]]; then + curl -fs --retry 3 -H "Authorization: token ${GITHUB_COMMENT_TOKEN}" -X "POST" -d "{\"body\": \"# Docker Container\nThese changes are published for testing at the following location:\n* \`docker pull authelia/authelia:${BUILDKITE_BRANCH}\`\"}" "https://api.github.com/repos/authelia/authelia/issues/${BUILDKITE_PULL_REQUEST}/comments" + else + curl -fs --retry 3 -H "Authorization: token ${GITHUB_COMMENT_TOKEN}" -X "POST" -d "{\"body\": \"# Docker Container\nThese changes are published for testing at the following location:\n* \`docker pull authelia/authelia:PR${BUILDKITE_PULL_REQUEST}\`\"}" "https://api.github.com/repos/authelia/authelia/issues/${BUILDKITE_PULL_REQUEST}/comments" + fi fi -fi \ No newline at end of file +fi + +if [[ $BUILDKITE_LABEL == ":docker: Deploy Manifests" ]] && [[ $BUILDKITE_BRANCH == "master" ]] || [[ $BUILDKITE_BRANCH =~ ^v.* ]] && [[ $BUILDKITE_PULL_REQUEST == "false" ]]; then + echo "--- :docker: Removing tags for deleted branches" + for BRANCH_TAG in $(dockerbranchtags=$(anontoken=$(curl -fsL --retry 3 'https://auth.docker.io/token?service=registry.docker.io&scope=repository:authelia/authelia:pull' | jq -r .token) && \ + curl -fsL --retry 3 -H "Authorization: Bearer ${anontoken}" https://registry-1.docker.io/v2/authelia/authelia/tags/list | jq -r '.tags[] | select(startswith("PR") | not)' | \ + sed -r '/^(latest|develop|v.*|([[:digit:]]+)\.?([[:digit:]]+)?\.?([[:digit:]]+)?)/d' | sort) && \ + githubbranches=$(curl -fs --retry 3 https://api.github.com/repos/authelia/authelia/branches | jq -r '.[].name' | sort) && \ + comm -23 <(echo "${dockerbranchtags}") <(echo "${githubbranches}")); do + echo "Removing tag ${BRANCH_TAG}" + authtoken=$(curl -fs --retry 3 -H "Content-Type: application/json" -X "POST" -d '{"username": "'${DOCKER_USERNAME}'", "password": "'${DOCKER_PASSWORD}'"}' https://hub.docker.com/v2/users/login/ | jq -r .token) && \ + curl -fsL --retry 3 -o /dev/null -X "DELETE" -H "Authorization: JWT ${authtoken}" https://hub.docker.com/v2/repositories/authelia/authelia/tags/${BRANCH_TAG}/ + done + echo "--- :docker: Removing tags for merged or closed pull requests" + for PR_TAG in $(dockerprtags=$(curl -fsL --retry 3 -H "Authorization: Bearer ${anontoken}" https://registry-1.docker.io/v2/authelia/authelia/tags/list | jq -r '.tags[] | select(startswith("PR"))' | sort) && \ + githubprs=$(curl -fs --retry 3 https://api.github.com/repos/authelia/authelia/pulls | jq -r '.[].number' | sed -e 's/^/PR/' | sort) && \ + comm -23 <(echo "${dockerprtags}") <(echo "${githubprs}")); do + echo "Removing tag ${PR_TAG}" + curl -fsL --retry 3 -o /dev/null -X "DELETE" -H "Authorization: JWT ${authtoken}" https://hub.docker.com/v2/repositories/authelia/authelia/tags/${PR_TAG}/ + done +fi diff --git a/.github/workflows/comment.yml b/.github/workflows/comment.yml deleted file mode 100644 index 48f33e26e..000000000 --- a/.github/workflows/comment.yml +++ /dev/null @@ -1,31 +0,0 @@ -name: Docker Image CD -on: - pull_request: - types: [opened] - -jobs: - example_comment_pr: - runs-on: ubuntu-latest - name: Commentary - steps: - - name: Checkout - uses: authelia/checkout@v1 - - - name: Comment PR - uses: authelia/actions-comment-pull-request@master - with: - message: '# Containers - - These changes are published as containers for testing at one of the following locations: - - #### Local Branch - - * `docker pull authelia/authelia:${{ github.head_ref }}` - - #### Pull Request - - * `docker pull authelia/authelia:PR${{ github.event.pull_request.number }}` - - - Pull Requests require approval from an Authelia team member to deploy.' - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}