diff --git a/.drone.yml b/.drone.yml new file mode 100644 index 0000000..bc316f2 --- /dev/null +++ b/.drone.yml @@ -0,0 +1,56 @@ +kind: pipeline +name: build + +clone: + depth: 1 + +steps: + - name: build + image: docker.0k.io/0k-mirror-freezer + volumes: + - {name: docker, path: /var/run/docker.sock} + settings: + ## This key/known host are for git mirrors repos, and parent + ## odoo_base repository. + ssh_private_key: {from_secret: SSH_PRIVATE_KEY} + ssh_known_hosts: {from_secret: SSH_KNOWN_HOSTS} + ## This docker json should contain both mirror access and official + ## final build docker repository access. + docker_config_json: {from_secret: DOCKER_CONFIG_JSON} + commands: + - | + mkdir -p /root/.ssh + cat < /root/.ssh/config + Host git.0k.io + User mirror + Port 10022 + EOF + ## Warning: without 'ssh://', the port doesn't see to be used and it tries to + ## connect to git.0k.io:22 (ssh fingerprint allows to infer this). + - DEBUG=1 freeze docker.0k.io git.0k.io:/var/git/mirror + - docker push "$(cat image)" ## this will push the new onbuild image + - (cd odoo && docker build . -t docker.0k.io/mirror/$(cat ../release)) + - docker push "docker.0k.io/mirror/$(cat release)" + - | + release=$(cat release) + git checkout -b "tmp" + git commit -am "chg: pkg: release freezing in $release" + git tag "$release" + git push "${DRONE_GIT_SSH_URL}" "$release" + +volumes: + - name: docker + host: + path: /var/run/docker.sock + +## Need to configure secret 'dockerconfigjson' in drone secrets to +## hold a valid config.json file content. These secrets here allow +## to access 'docker.0k.io/*' images. +image_pull_secrets: + - dockerconfigjson + +trigger: + branch: + - test/* + - rc/* + - build/* diff --git a/README.md b/README.md index 5f7cca6..5e8c08d 100644 --- a/README.md +++ b/README.md @@ -4,19 +4,128 @@ [![AGPL-3.0-or-later license](https://img.shields.io/badge/license-AGPL--3.0--or--later-success})](LICENSE) [![pre-commit](https://img.shields.io/badge/pre--commit-enabled-brightgreen?logo=pre-commit&logoColor=white)](https://pre-commit.com/) -# myproject-odoo - a Doodba deployment +[Read the docs.](https://github.com/Tecnativa/doodba#scaffolding) -This project is a Doodba scaffolding. Check upstream docs on the matter: +# Myceliandre freezing -- [General Doodba docs](https://github.com/Tecnativa/doodba). -- [Doodba copier template docs](https://github.com/Tecnativa/doodba-copier-template) -- [Doodba QA docs](https://github.com/Tecnativa/doodba-qa) +There are a number of floating target that needs to be replaced to ensure as much as +possible a rebuildable fixed target image. -# Credits +## How do we freeze -This project is maintained by: +The fixing process will be conducted by an external script that will go through all +moving targets to replace them with a fixed version. -[![Tecnativa](https://www.tecnativa.com/r/H3p)](https://www.tecnativa.com/r/bb4) +The fixing process could have involved running a docker build, and using the resulting +image to fix and freeze things by modifying files in `odoo_base`. -Also, special thanks to -[our dear community contributors](https://github.com/Tecnativa/doodba-copier-template/graphs/contributors). +But, because some cleaning processes (removing of `.git` dir) are conducted, we choose +to do part of it before (inspecting git sources, and fixing `repos.yaml` before hand). +Other part of this process still are more simply done on the resulting image built by +`pip` or `apt` because the full version dep graph is more easily queryiable on a +resulting installation that buildable by inference. + +## What is freezed + +This modify files everywhere and this will be pushed as a commit automatically with a +tag -. The corresponding image should be easily found in +`docker.0k.io` repository with same tag. + +When possible, the version will also be saved locally. + +### original docker base + +Check if `FROM` is local (from docker.0k.io), otherwise we need to tag it and push it to +`docker.0k.io`. + +tecnativa/doodba:12.0-onbuild + +once caught, execute a `docker pull MOVING_REF`, then tag and push on docker.0k.io, +modify file in odoodba + +### full git-aggregators + +track any refs that are branches. If repository has a branch, is not cloned in gittea, +then clone it, create tag with current global tag (-), replace +source URL, target in yaml file by tag. Keep in comments the actual original source and +original targets. + +Needs to be checked on the checked image, on the repositories. + +### Pip package + +A `pip freeze` need to be run to get all versions, and for easy diff, output a file that +would be: + +``` +package1==version +... + + +## Unspecified deps +packageA==version +``` + +### apt packages + +Same here + +``` +## gives all packages installed and their version +dpkg-query -l | grep ^ii | awk '{print $2 "\t" $3}' + + +``` + +# We need to produce a meaningfull report of differences between versions + +The best would be to be able to use `git diff`. + +# Additional possibility for committing a new release + +we could flatten git history, and docker resulting incremental image (diffing exports of +docker files). + +# Process + +## freezing a completely new version + +``` +bin/freeze +``` + +That will be run on gitea automatically and pushed as a tagged version. + +But this is also doable from the dev computer. + +## Making modification + +git co master # (unfreezed version) + +OR git clone -b BRANCH release/candidate/YYYMMDD-HHMMSS + +Make modif, commit. Gitea will automatically create a new: + +- release/candidate/YYYMMDD-HHMMSS branch + +## Checking possible updates (optional) + +Identify locked entries, and go fetch update, allow to update. + +## Updating + +Ask to update one of the links + +## Troubleshooting + +``` +docker run -ti \ + --env PLUGIN_SSH_KNOWN_HOSTS="$(ssh-keyscan -H -p 10022 git.0k.io 2>/dev/null)" \ + --env PLUGIN_SSH_PRIVATE_KEY="$(cat ~/.ssh/ssh_myceliandre_mirror)" \ + --env PLUGIN_DOCKER_CONFIG_JSON='{"auths": {"docker.0k.io": {"auth": "bWlycm9yOkh1bnZNSlpJMW9ra3VoSWs="}}}' \ + -v /var/run/docker.sock:/var/run/docker.sock \ + -v /home/vaab/dev/docker/odoo_base:/tmp/odoo_base \ + -w /tmp/odoo_base \ + -v /home/vaab/dev/sh/0k-docker/src/bin/dupd:/usr/local/bin/dupd \ + docker.0k.io/0k-mirror-freezer /bin/bash +```