ci: add a dagger ci to publish to the store
This commit is contained in:
parent
a6fa19ca53
commit
f62e7ac15b
3 changed files with 169 additions and 0 deletions
107
ci/main.go
Normal file
107
ci/main.go
Normal file
|
@ -0,0 +1,107 @@
|
||||||
|
package main
|
||||||
|
|
||||||
|
import (
|
||||||
|
"context"
|
||||||
|
"encoding/xml"
|
||||||
|
"fmt"
|
||||||
|
"os"
|
||||||
|
"path"
|
||||||
|
"time"
|
||||||
|
|
||||||
|
"dagger.io/dagger"
|
||||||
|
)
|
||||||
|
|
||||||
|
type info struct {
|
||||||
|
Version string `xml:"version"`
|
||||||
|
}
|
||||||
|
|
||||||
|
func main() {
|
||||||
|
ctx := context.Background()
|
||||||
|
|
||||||
|
// initialize Dagger client
|
||||||
|
client, err := dagger.Connect(ctx, dagger.WithLogOutput(os.Stderr))
|
||||||
|
if err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
defer client.Close()
|
||||||
|
|
||||||
|
keySecret := loadSecret(client, "scimserviceprovider.key")
|
||||||
|
certSecret := loadSecret(client, "scimserviceprovider.crt")
|
||||||
|
s3Secret := client.SetSecret("s3", fmt.Sprintf("https://%s:%s@hot-objects.liiib.re", os.Getenv("S3_ACCESSKEY"), os.Getenv("S3_SECRETKEY")))
|
||||||
|
ncSecret := client.SetSecret("nc", os.Getenv("NC_STORE_TOKEN"))
|
||||||
|
|
||||||
|
i := loadInfo()
|
||||||
|
|
||||||
|
archiveName := fmt.Sprintf("scimserviceprovider-v%s.tar.gz", i.Version)
|
||||||
|
|
||||||
|
fmt.Println("cc", i.Version)
|
||||||
|
|
||||||
|
// execute
|
||||||
|
vendor := client.Container().From("docker.io/composer:2.6").
|
||||||
|
WithFile("composer.json", client.Host().File("composer.json")).
|
||||||
|
WithFile("composer.lock", client.Host().File("composer.lock")).
|
||||||
|
WithExec([]string{"i", "--no-dev", "--ignore-platform-reqs"}).
|
||||||
|
Directory("vendor")
|
||||||
|
|
||||||
|
output := client.Container().From("docker.io/nextcloud:26").
|
||||||
|
WithWorkdir("/scimserviceprovider").
|
||||||
|
WithDirectory("vendor", vendor).
|
||||||
|
WithDirectory(".", client.Host().Directory(".", dagger.HostDirectoryOpts{
|
||||||
|
Include: []string{"appinfo", "lib", "LICENSE"},
|
||||||
|
})).
|
||||||
|
WithMountedSecret("/scimserviceprovider.crt", certSecret).
|
||||||
|
WithMountedSecret("/scimserviceprovider.key", keySecret).
|
||||||
|
WithExec([]string{"php", "/usr/src/nextcloud/occ", "integrity:sign-app", "--path=/scimserviceprovider", "--privateKey=/scimserviceprovider.key", "--certificate=/scimserviceprovider.crt"}).
|
||||||
|
WithExec([]string{"mkdir", "/output"}).
|
||||||
|
WithExec([]string{"tar", "czf", path.Join("/output", archiveName), "/scimserviceprovider"}).
|
||||||
|
WithExec([]string{"bash", "-c", "openssl dgst -sha512 -sign /scimserviceprovider.key " + path.Join("/output", archiveName) + " | openssl base64 > " + path.Join("/output", archiveName+".sign")}).
|
||||||
|
Directory("/output")
|
||||||
|
|
||||||
|
_, err = client.Container().From("docker.io/minio/mc").
|
||||||
|
WithSecretVariable("MC_HOST_repo", s3Secret).
|
||||||
|
WithDirectory("/output", output).
|
||||||
|
WithExec([]string{"cp", "-r", "/output/", "repo/artifacts/"}).
|
||||||
|
Sync(ctx)
|
||||||
|
if err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
|
||||||
|
_, err = client.Container().From("docker.io/alpine").
|
||||||
|
WithExec([]string{"apk", "add", "--no-cache", "curl"}).
|
||||||
|
WithWorkdir("/output").
|
||||||
|
WithDirectory("/output", output).
|
||||||
|
WithEnvVariable("ARCHIVE_NAME", archiveName).
|
||||||
|
WithSecretVariable("TOKEN", ncSecret).
|
||||||
|
WithEnvVariable("CACHEBUSTER", time.Now().String()).
|
||||||
|
WithExec([]string{"sh", "-c",
|
||||||
|
`printf '{"download":"https://hot-objects.liiib.re/artifacts/%s", "signature": "%s"}' "$ARCHIVE_NAME" "$(cat ${ARCHIVE_NAME}.sign)" | curl --fail-with-body -s -X POST https://apps.nextcloud.com/api/v1/apps/releases -H "Authorization: Token ${TOKEN}" -H "Content-Type: application/json" -d @-`}).
|
||||||
|
Sync(ctx)
|
||||||
|
if err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func loadSecret(client *dagger.Client, name string) *dagger.Secret {
|
||||||
|
home, err := os.UserHomeDir()
|
||||||
|
if err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
data, err := os.ReadFile(path.Join(home, ".nextcloud/certificates/", name))
|
||||||
|
if err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
return client.SetSecret(name, string(data))
|
||||||
|
}
|
||||||
|
|
||||||
|
func loadInfo() info {
|
||||||
|
data, err := os.ReadFile("appinfo/info.xml")
|
||||||
|
if err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
i := info{}
|
||||||
|
err = xml.Unmarshal(data, &i)
|
||||||
|
if err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
return i
|
||||||
|
}
|
16
go.mod
Normal file
16
go.mod
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
module nextcloud-scim
|
||||||
|
|
||||||
|
go 1.21
|
||||||
|
|
||||||
|
require dagger.io/dagger v0.9.3
|
||||||
|
|
||||||
|
require (
|
||||||
|
github.com/99designs/gqlgen v0.17.31 // indirect
|
||||||
|
github.com/Khan/genqlient v0.6.0 // indirect
|
||||||
|
github.com/adrg/xdg v0.4.0 // indirect
|
||||||
|
github.com/mitchellh/go-homedir v1.1.0 // indirect
|
||||||
|
github.com/vektah/gqlparser/v2 v2.5.6 // indirect
|
||||||
|
golang.org/x/exp v0.0.0-20231006140011-7918f672742d // indirect
|
||||||
|
golang.org/x/sync v0.4.0 // indirect
|
||||||
|
golang.org/x/sys v0.13.0 // indirect
|
||||||
|
)
|
46
go.sum
Normal file
46
go.sum
Normal file
|
@ -0,0 +1,46 @@
|
||||||
|
dagger.io/dagger v0.9.3 h1:igFU1d6R933Jn6741k5HI/TjAlkpb2/wiBTypNbE0Pw=
|
||||||
|
dagger.io/dagger v0.9.3/go.mod h1:1iiFzqKOri9kJxUDYUibthMpkfzaWP25B2kx7F/AXIk=
|
||||||
|
github.com/99designs/gqlgen v0.17.31 h1:VncSQ82VxieHkea8tz11p7h/zSbvHSxSDZfywqWt158=
|
||||||
|
github.com/99designs/gqlgen v0.17.31/go.mod h1:i4rEatMrzzu6RXaHydq1nmEPZkb3bKQsnxNRHS4DQB4=
|
||||||
|
github.com/Khan/genqlient v0.6.0 h1:Bwb1170ekuNIVIwTJEqvO8y7RxBxXu639VJOkKSrwAk=
|
||||||
|
github.com/Khan/genqlient v0.6.0/go.mod h1:rvChwWVTqXhiapdhLDV4bp9tz/Xvtewwkon4DpWWCRM=
|
||||||
|
github.com/adrg/xdg v0.4.0 h1:RzRqFcjH4nE5C6oTAxhBtoE2IRyjBSa62SCbyPidvls=
|
||||||
|
github.com/adrg/xdg v0.4.0/go.mod h1:N6ag73EX4wyxeaoeHctc1mas01KZgsj5tYiAIwqJE/E=
|
||||||
|
github.com/agnivade/levenshtein v1.1.1/go.mod h1:veldBMzWxcCG2ZvUTKD2kJNRdCk5hVbJomOvKkmgYbo=
|
||||||
|
github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883 h1:bvNMNQO63//z+xNgfBlViaCIJKLlCJ6/fmUseuG0wVQ=
|
||||||
|
github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8=
|
||||||
|
github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0/go.mod h1:t2tdKJDJF9BV14lnkjHmOQgcvEKgtqs5a1N3LNdJhGE=
|
||||||
|
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||||
|
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
|
||||||
|
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||||
|
github.com/dgryski/trifles v0.0.0-20200323201526-dd97f9abfb48/go.mod h1:if7Fbed8SFyPtHLHbg49SI7NAdJiC5WIA09pe59rfAA=
|
||||||
|
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
|
||||||
|
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
|
||||||
|
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
|
||||||
|
github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y=
|
||||||
|
github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
|
||||||
|
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
|
||||||
|
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
||||||
|
github.com/sergi/go-diff v1.3.1 h1:xkr+Oxo4BOQKmkn/B9eMK0g5Kg/983T9DqqPHwYqD+8=
|
||||||
|
github.com/sergi/go-diff v1.3.1/go.mod h1:aMJSSKb2lpPvRNec0+w3fl7LP9IOFzdc9Pa4NFbPK1I=
|
||||||
|
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
||||||
|
github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
|
||||||
|
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
|
||||||
|
github.com/stretchr/testify v1.8.3 h1:RP3t2pwF7cMEbC1dqtB6poj3niw/9gnV4Cjg5oW5gtY=
|
||||||
|
github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
|
||||||
|
github.com/vektah/gqlparser/v2 v2.5.6 h1:Ou14T0N1s191eRMZ1gARVqohcbe1e8FrcONScsq8cRU=
|
||||||
|
github.com/vektah/gqlparser/v2 v2.5.6/go.mod h1:z8xXUff237NntSuH8mLFijZ+1tjV1swDbpDqjJmk6ME=
|
||||||
|
golang.org/x/exp v0.0.0-20231006140011-7918f672742d h1:jtJma62tbqLibJ5sFQz8bKtEM8rJBtfilJ2qTU199MI=
|
||||||
|
golang.org/x/exp v0.0.0-20231006140011-7918f672742d/go.mod h1:ldy0pHrwJyGW56pPQzzkH36rKxoZW1tw7ZJpeKx+hdo=
|
||||||
|
golang.org/x/sync v0.4.0 h1:zxkM55ReGkDlKSM+Fu41A+zmbZuaPVbGMzvvdUPznYQ=
|
||||||
|
golang.org/x/sync v0.4.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y=
|
||||||
|
golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
|
golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE=
|
||||||
|
golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||||
|
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||||
|
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||||
|
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||||
|
gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
|
||||||
|
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||||
|
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
|
||||||
|
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
Loading…
Reference in a new issue