Browse Source

new: pkg: added drone to freeze branch

rc/16.0-MYC-INIT
Valentin Lab 6 years ago
committed by default
parent
commit
ca698bbfe0
  1. 56
      .drone.yml
  2. 129
      README.md

56
.drone.yml

@ -0,0 +1,56 @@
kind: pipeline
name: build
clone:
depth: 1
steps:
- name: build
image: docker.0k.io/0k-mirror-freezer
volumes:
- {name: docker, path: /var/run/docker.sock}
settings:
## This key/known host are for git mirrors repos, and parent
## odoo_base repository.
ssh_private_key: {from_secret: SSH_PRIVATE_KEY}
ssh_known_hosts: {from_secret: SSH_KNOWN_HOSTS}
## This docker json should contain both mirror access and official
## final build docker repository access.
docker_config_json: {from_secret: DOCKER_CONFIG_JSON}
commands:
- |
mkdir -p /root/.ssh
cat <<EOF > /root/.ssh/config
Host git.0k.io
User mirror
Port 10022
EOF
## Warning: without 'ssh://', the port doesn't see to be used and it tries to
## connect to git.0k.io:22 (ssh fingerprint allows to infer this).
- DEBUG=1 freeze docker.0k.io git.0k.io:/var/git/mirror
- docker push "$(cat image)" ## this will push the new onbuild image
- (cd odoo && docker build . -t docker.0k.io/mirror/$(cat ../release))
- docker push "docker.0k.io/mirror/$(cat release)"
- |
release=$(cat release)
git checkout -b "tmp"
git commit -am "chg: pkg: release freezing in $release"
git tag "$release"
git push "${DRONE_GIT_SSH_URL}" "$release"
volumes:
- name: docker
host:
path: /var/run/docker.sock
## Need to configure secret 'dockerconfigjson' in drone secrets to
## hold a valid config.json file content. These secrets here allow
## to access 'docker.0k.io/*' images.
image_pull_secrets:
- dockerconfigjson
trigger:
branch:
- test/*
- rc/*
- build/*

129
README.md

@ -4,19 +4,128 @@
[![AGPL-3.0-or-later license](https://img.shields.io/badge/license-AGPL--3.0--or--later-success})](LICENSE)
[![pre-commit](https://img.shields.io/badge/pre--commit-enabled-brightgreen?logo=pre-commit&logoColor=white)](https://pre-commit.com/)
# myproject-odoo - a Doodba deployment
[Read the docs.](https://github.com/Tecnativa/doodba#scaffolding)
This project is a Doodba scaffolding. Check upstream docs on the matter:
# Myceliandre freezing
- [General Doodba docs](https://github.com/Tecnativa/doodba).
- [Doodba copier template docs](https://github.com/Tecnativa/doodba-copier-template)
- [Doodba QA docs](https://github.com/Tecnativa/doodba-qa)
There are a number of floating target that needs to be replaced to ensure as much as
possible a rebuildable fixed target image.
# Credits
## How do we freeze
This project is maintained by:
The fixing process will be conducted by an external script that will go through all
moving targets to replace them with a fixed version.
[![Tecnativa](https://www.tecnativa.com/r/H3p)](https://www.tecnativa.com/r/bb4)
The fixing process could have involved running a docker build, and using the resulting
image to fix and freeze things by modifying files in `odoo_base`.
Also, special thanks to
[our dear community contributors](https://github.com/Tecnativa/doodba-copier-template/graphs/contributors).
But, because some cleaning processes (removing of `.git` dir) are conducted, we choose
to do part of it before (inspecting git sources, and fixing `repos.yaml` before hand).
Other part of this process still are more simply done on the resulting image built by
`pip` or `apt` because the full version dep graph is more easily queryiable on a
resulting installation that buildable by inference.
## What is freezed
This modify files everywhere and this will be pushed as a commit automatically with a
tag <version>-<timestamp>. The corresponding image should be easily found in
`docker.0k.io` repository with same tag.
When possible, the version will also be saved locally.
### original docker base
Check if `FROM` is local (from docker.0k.io), otherwise we need to tag it and push it to
`docker.0k.io`.
tecnativa/doodba:12.0-onbuild
once caught, execute a `docker pull MOVING_REF`, then tag and push on docker.0k.io,
modify file in odoodba
### full git-aggregators
track any refs that are branches. If repository has a branch, is not cloned in gittea,
then clone it, create tag with current global tag (<version>-<timestamp>), replace
source URL, target in yaml file by tag. Keep in comments the actual original source and
original targets.
Needs to be checked on the checked image, on the repositories.
### Pip package
A `pip freeze` need to be run to get all versions, and for easy diff, output a file that
would be:
```
package1==version
...
## Unspecified deps
packageA==version
```
### apt packages
Same here
```
## gives all packages installed and their version
dpkg-query -l | grep ^ii | awk '{print $2 "\t" $3}'
```
# We need to produce a meaningfull report of differences between versions
The best would be to be able to use `git diff`.
# Additional possibility for committing a new release
we could flatten git history, and docker resulting incremental image (diffing exports of
docker files).
# Process
## freezing a completely new version
```
bin/freeze
```
That will be run on gitea automatically and pushed as a tagged version.
But this is also doable from the dev computer.
## Making modification
git co master # (unfreezed version)
OR git clone -b BRANCH release/candidate/YYYMMDD-HHMMSS
Make modif, commit. Gitea will automatically create a new:
- release/candidate/YYYMMDD-HHMMSS branch
## Checking possible updates (optional)
Identify locked entries, and go fetch update, allow to update.
## Updating
Ask to update one of the links
## Troubleshooting
```
docker run -ti \
--env PLUGIN_SSH_KNOWN_HOSTS="$(ssh-keyscan -H -p 10022 git.0k.io 2>/dev/null)" \
--env PLUGIN_SSH_PRIVATE_KEY="$(cat ~/.ssh/ssh_myceliandre_mirror)" \
--env PLUGIN_DOCKER_CONFIG_JSON='{"auths": {"docker.0k.io": {"auth": "bWlycm9yOkh1bnZNSlpJMW9ra3VoSWs="}}}' \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /home/vaab/dev/docker/odoo_base:/tmp/odoo_base \
-w /tmp/odoo_base \
-v /home/vaab/dev/sh/0k-docker/src/bin/dupd:/usr/local/bin/dupd \
docker.0k.io/0k-mirror-freezer /bin/bash
```
Loading…
Cancel
Save