2020-04-02 13:03:15 +02:00
#!/usr/bin/env bash
#
2023-06-23 11:49:49 +02:00
# SPDX-FileCopyrightText: © Vegard IT GmbH (https://vegardit.com)
# SPDX-FileContributor: Sebastian Thomschke
2020-04-02 13:03:15 +02:00
# SPDX-License-Identifier: Apache-2.0
2023-06-23 11:49:49 +02:00
# SPDX-ArtifactOfProjectHomePage: https://github.com/vegardit/docker-openldap
2020-08-24 20:11:52 +02:00
2023-06-23 13:43:42 +02:00
function curl( ) {
command curl -sSfL --connect-timeout 10 --max-time 30 --retry 3 --retry-all-errors " $@ "
}
2021-07-24 20:52:56 +02:00
shared_lib = " $( dirname $0 ) /.shared "
2023-06-23 13:43:42 +02:00
[ -e " $shared_lib " ] || curl https://raw.githubusercontent.com/vegardit/docker-shared/v1/download.sh?_= $( date +%s) | bash -s v1 " $shared_lib " || exit 1
2021-07-24 20:52:56 +02:00
source " $shared_lib /lib/build-image-init.sh "
2020-08-24 20:11:52 +02:00
2020-12-05 21:58:04 +01:00
#################################################
2023-06-23 13:43:42 +02:00
# specify target repo and image name
2020-12-05 21:58:04 +01:00
#################################################
image_repo = ${ DOCKER_IMAGE_REPO :- vegardit /openldap }
2023-06-02 11:59:36 +02:00
base_image_name = ${ DOCKER_BASE_IMAGE :- debian : bullseye -slim }
2021-04-13 15:30:53 +02:00
base_image_tag = ${ base_image_name #* : }
2021-07-24 20:52:56 +02:00
image_name = $image_repo :latest
2020-12-05 21:58:04 +01:00
#################################################
2020-08-24 20:11:52 +02:00
# build the image
2020-12-05 21:58:04 +01:00
#################################################
2023-06-23 13:43:42 +02:00
log INFO " Building docker image [ $image_name ]... "
2020-12-05 21:58:04 +01:00
if [ [ $OSTYPE = = "cygwin" || $OSTYPE = = "msys" ] ] ; then
2023-06-23 13:43:42 +02:00
project_root = $( cygpath -w " $project_root " )
2020-12-05 21:58:04 +01:00
fi
2023-06-23 13:43:42 +02:00
set -x
2021-07-24 20:52:56 +02:00
docker pull $base_image_name
DOCKER_BUILDKIT = 1 docker build " $project_root " \
2023-06-23 13:43:42 +02:00
--file "image/Dockerfile" \
--progress= plain \
--build-arg INSTALL_SUPPORT_TOOLS = ${ INSTALL_SUPPORT_TOOLS :- 0 } \
` # using the current date as value for BASE_LAYER_CACHE_KEY, i.e. the base layer cache (that holds system packages with security updates) will be invalidate once per day` \
--build-arg BASE_LAYER_CACHE_KEY = $base_layer_cache_key \
--build-arg BASE_IMAGE = $base_image_name \
--build-arg BUILD_DATE = $( date -u +"%Y-%m-%dT%H:%M:%SZ" ) \
--build-arg GIT_BRANCH = " ${ GIT_BRANCH :- $( git rev-parse --abbrev-ref HEAD) } " \
--build-arg GIT_COMMIT_DATE = " $( date -d @$( git log -1 --format= '%at' ) --utc +'%Y-%m-%d %H:%M:%S UTC' ) " \
--build-arg GIT_COMMIT_HASH = " $( git rev-parse --short HEAD) " \
--build-arg GIT_REPO_URL = " $( git config --get remote.origin.url) " \
-t $image_name \
" $@ "
set +x
2020-04-02 13:03:15 +02:00
2020-08-24 20:11:52 +02:00
2020-12-05 21:58:04 +01:00
#################################################
2021-07-24 20:52:56 +02:00
# determine effective OpenLDAP version
2020-12-05 21:58:04 +01:00
#################################################
2020-08-24 20:11:52 +02:00
# LC_ALL=en_US.utf8 -> workaround for "grep: -P supports only unibyte and UTF-8 locales"
2021-07-24 20:52:56 +02:00
ldap_version = $( docker run --rm $image_name dpkg -s slapd | LC_ALL = en_US.utf8 grep -oP 'Version: \K\d+\.\d+\.\d+' )
echo " ldap_version= $ldap_version "
2020-04-02 13:03:15 +02:00
2020-08-24 20:11:52 +02:00
2020-12-05 21:58:04 +01:00
#################################################
2021-07-24 20:52:56 +02:00
# apply tags
2020-12-05 21:58:04 +01:00
#################################################
2023-06-02 11:59:36 +02:00
declare -a tags = ( )
2021-07-24 20:52:56 +02:00
tags += ( $image_name ) # :latest
tags += ( $image_repo :${ ldap_version } ) # :2.4.47
tags += ( $image_repo :${ ldap_version %.* } .x) # :2.4.x
tags += ( $image_repo :${ ldap_version %%.* } .x) # :2.x
2020-12-05 21:58:04 +01:00
2021-07-24 20:52:56 +02:00
for tag in ${ tags [@] } ; do
2023-06-23 13:43:42 +02:00
docker image tag $image_name $tag
if [ [ " ${ DOCKER_PUSH :- } " = = "true" ] ] ; then
docker image tag $image_name ghcr.io/$tag
fi
2021-07-24 20:52:56 +02:00
done
2020-08-24 20:11:52 +02:00
2020-12-05 21:58:04 +01:00
#################################################
2021-07-24 20:52:56 +02:00
# perform security audit
2020-12-05 21:58:04 +01:00
#################################################
2023-06-23 13:43:42 +02:00
if [ [ " ${ DOCKER_AUDIT_IMAGE :- 1 } " = = 1 ] ] ; then
bash " $shared_lib /cmd/audit-image.sh " $image_name
fi
2020-08-24 20:11:52 +02:00
2020-12-05 21:58:04 +01:00
#################################################
2021-07-24 20:52:56 +02:00
# push image with tags to remote docker image registry
2020-12-05 21:58:04 +01:00
#################################################
2023-06-23 13:43:42 +02:00
if [ [ " ${ DOCKER_PUSH :- } " = = "true" ] ] ; then
for tag in ${ tags [@] } ; do
set -x
docker push $tag
docker push ghcr.io/$tag
set +x
done
2021-07-24 20:52:56 +02:00
fi
