This repository has been archived by the owner on Jun 15, 2022. It is now read-only.
-
-
Notifications
You must be signed in to change notification settings - Fork 7
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
501f672
commit 68e6e85
Showing
4 changed files
with
223 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,92 @@ | ||
name: External Trigger Main | ||
|
||
on: | ||
workflow_dispatch: | ||
|
||
jobs: | ||
external-trigger-master: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/[email protected] | ||
|
||
- name: External Trigger | ||
if: github.ref == 'refs/heads/master' | ||
run: | | ||
if [ -n "${{ secrets.PAUSE_EXTERNAL_TRIGGER_SCRUTINY_MASTER }}" ]; then | ||
echo "**** Github secret PAUSE_EXTERNAL_TRIGGER_SCRUTINY_MASTER is set; skipping trigger. ****" | ||
exit 0 | ||
fi | ||
echo "**** External trigger running off of master branch. To disable this trigger, set a Github secret named \"PAUSE_EXTERNAL_TRIGGER_SCRUTINY_MASTER\". ****" | ||
echo "**** Retrieving external version ****" | ||
EXT_RELEASE=$(curl -u "${{ secrets.CR_USER }}:${{ secrets.CR_PAT }}" -sX GET "https://api.github.com/repos/AnalogJ/scrutiny/commits/master" | jq -r '. | .sha' | cut -c1-8) | ||
if [ -z "${EXT_RELEASE}" ] || [ "${EXT_RELEASE}" == "null" ]; then | ||
echo "**** Can't retrieve external version, exiting ****" | ||
FAILURE_REASON="Can't retrieve external version for scrutiny branch master" | ||
GHA_TRIGGER_URL="https://github.com/linuxserver/docker-scrutiny/actions/runs/${{ github.run_id }}" | ||
curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 16711680, | ||
"description": "**Trigger Failed** \n**Reason:** '"${FAILURE_REASON}"' \n**Trigger URL:** '"${GHA_TRIGGER_URL}"' \n"}], | ||
"username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} | ||
exit 1 | ||
fi | ||
EXT_RELEASE=$(echo ${EXT_RELEASE} | sed 's/[~,%@+;:/]//g') | ||
echo "**** External version: ${EXT_RELEASE} ****" | ||
echo "**** Retrieving last pushed version ****" | ||
image="linuxserver/scrutiny" | ||
tag="latest" | ||
token=$(curl -sX GET \ | ||
"https://ghcr.io/token?scope=repository%3Alinuxserver%2Fscrutiny%3Apull" \ | ||
| jq -r '.token') | ||
multidigest=$(curl -s \ | ||
--header "Accept: application/vnd.docker.distribution.manifest.v2+json" \ | ||
--header "Authorization: Bearer ${token}" \ | ||
"https://ghcr.io/v2/${image}/manifests/${tag}" \ | ||
| jq -r 'first(.manifests[].digest)') | ||
digest=$(curl -s \ | ||
--header "Accept: application/vnd.docker.distribution.manifest.v2+json" \ | ||
--header "Authorization: Bearer ${token}" \ | ||
"https://ghcr.io/v2/${image}/manifests/${multidigest}" \ | ||
| jq -r '.config.digest') | ||
image_info=$(curl -sL \ | ||
--header "Authorization: Bearer ${token}" \ | ||
"https://ghcr.io/v2/${image}/blobs/${digest}" \ | ||
| jq -r '.container_config') | ||
IMAGE_RELEASE=$(echo ${image_info} | jq -r '.Labels.build_version' | awk '{print $3}') | ||
IMAGE_VERSION=$(echo ${IMAGE_RELEASE} | awk -F'-ls' '{print $1}') | ||
if [ -z "${IMAGE_VERSION}" ]; then | ||
echo "**** Can't retrieve last pushed version, exiting ****" | ||
FAILURE_REASON="Can't retrieve last pushed version for scrutiny tag latest" | ||
curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 16711680, | ||
"description": "**Trigger Failed** \n**Reason:** '"${FAILURE_REASON}"' \n"}], | ||
"username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} | ||
exit 1 | ||
fi | ||
echo "**** Last pushed version: ${IMAGE_VERSION} ****" | ||
if [ "${EXT_RELEASE}" == "${IMAGE_VERSION}" ]; then | ||
echo "**** Version ${EXT_RELEASE} already pushed, exiting ****" | ||
exit 0 | ||
elif [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-scrutiny/job/master/lastBuild/api/json | jq -r '.building') == "true" ]; then | ||
echo "**** New version ${EXT_RELEASE} found; but there already seems to be an active build on Jenkins; exiting ****" | ||
exit 0 | ||
else | ||
echo "**** New version ${EXT_RELEASE} found; old version was ${IMAGE_VERSION}. Triggering new build ****" | ||
response=$(curl -iX POST \ | ||
https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-scrutiny/job/master/buildWithParameters?PACKAGE_CHECK=false \ | ||
--user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|") | ||
echo "**** Jenkins job queue url: ${response%$'\r'} ****" | ||
echo "**** Sleeping 10 seconds until job starts ****" | ||
sleep 10 | ||
buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url') | ||
buildurl="${buildurl%$'\r'}" | ||
echo "**** Jenkins job build url: ${buildurl} ****" | ||
echo "**** Attempting to change the Jenkins job description ****" | ||
curl -iX POST \ | ||
"${buildurl}submitDescription" \ | ||
--user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} \ | ||
--data-urlencode "description=GHA external trigger https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" \ | ||
--data-urlencode "Submit=Submit" | ||
echo "**** Notifying Discord ****" | ||
TRIGGER_REASON="A version change was detected for scrutiny tag latest. Old version:${IMAGE_VERSION} New version:${EXT_RELEASE}" | ||
curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903, | ||
"description": "**Build Triggered** \n**Reason:** '"${TRIGGER_REASON}"' \n**Build URL:** '"${buildurl}display/redirect"' \n"}], | ||
"username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} | ||
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
name: External Trigger Scheduler | ||
|
||
on: | ||
schedule: | ||
- cron: '31 * * * *' | ||
workflow_dispatch: | ||
|
||
jobs: | ||
external-trigger-scheduler: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/[email protected] | ||
with: | ||
fetch-depth: '0' | ||
|
||
- name: External Trigger Scheduler | ||
run: | | ||
echo "**** Branches found: ****" | ||
git for-each-ref --format='%(refname:short)' refs/remotes | ||
echo "**** Pulling the yq docker image ****" | ||
docker pull ghcr.io/linuxserver/yq | ||
for br in $(git for-each-ref --format='%(refname:short)' refs/remotes) | ||
do | ||
br=$(echo "$br" | sed 's|origin/||g') | ||
echo "**** Evaluating branch ${br} ****" | ||
ls_branch=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-scrutiny/${br}/jenkins-vars.yml \ | ||
| docker run --rm -i --entrypoint yq ghcr.io/linuxserver/yq -r .ls_branch) | ||
if [ "$br" == "$ls_branch" ]; then | ||
echo "**** Branch ${br} appears to be live; checking workflow. ****" | ||
if curl -sfX GET https://raw.githubusercontent.com/linuxserver/docker-scrutiny/${br}/.github/workflows/external_trigger.yml > /dev/null 2>&1; then | ||
echo "**** Workflow exists. Triggering external trigger workflow for branch ${br} ****." | ||
curl -iX POST \ | ||
-H "Authorization: token ${{ secrets.CR_PAT }}" \ | ||
-H "Accept: application/vnd.github.v3+json" \ | ||
-d "{\"ref\":\"refs/heads/${br}\"}" \ | ||
https://api.github.com/repos/linuxserver/docker-scrutiny/actions/workflows/external_trigger.yml/dispatches | ||
else | ||
echo "**** Workflow doesn't exist; skipping trigger. ****" | ||
fi | ||
else | ||
echo "**** ${br} appears to be a dev branch; skipping trigger. ****" | ||
fi | ||
done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
name: Package Trigger Main | ||
|
||
on: | ||
workflow_dispatch: | ||
|
||
jobs: | ||
package-trigger-master: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/[email protected] | ||
|
||
- name: Package Trigger | ||
if: github.ref == 'refs/heads/master' | ||
run: | | ||
if [ -n "${{ secrets.PAUSE_PACKAGE_TRIGGER_SCRUTINY_MASTER }}" ]; then | ||
echo "**** Github secret PAUSE_PACKAGE_TRIGGER_SCRUTINY_MASTER is set; skipping trigger. ****" | ||
exit 0 | ||
fi | ||
if [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-scrutiny/job/master/lastBuild/api/json | jq -r '.building') == "true" ]; then | ||
echo "**** There already seems to be an active build on Jenkins; skipping package trigger ****" | ||
exit 0 | ||
fi | ||
echo "**** Package trigger running off of master branch. To disable, set a Github secret named \"PAUSE_PACKAGE_TRIGGER_SCRUTINY_MASTER\". ****" | ||
response=$(curl -iX POST \ | ||
https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-scrutiny/job/master/buildWithParameters?PACKAGE_CHECK=true \ | ||
--user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|") | ||
echo "**** Jenkins job queue url: ${response%$'\r'} ****" | ||
echo "**** Sleeping 10 seconds until job starts ****" | ||
sleep 10 | ||
buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url') | ||
buildurl="${buildurl%$'\r'}" | ||
echo "**** Jenkins job build url: ${buildurl} ****" | ||
echo "**** Attempting to change the Jenkins job description ****" | ||
curl -iX POST \ | ||
"${buildurl}submitDescription" \ | ||
--user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} \ | ||
--data-urlencode "description=GHA package trigger https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" \ | ||
--data-urlencode "Submit=Submit" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,50 @@ | ||
name: Package Trigger Scheduler | ||
|
||
on: | ||
schedule: | ||
- cron: '25 0 * * 4' | ||
workflow_dispatch: | ||
|
||
jobs: | ||
package-trigger-scheduler: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/[email protected] | ||
with: | ||
fetch-depth: '0' | ||
|
||
- name: Package Trigger Scheduler | ||
run: | | ||
echo "**** Branches found: ****" | ||
git for-each-ref --format='%(refname:short)' refs/remotes | ||
echo "**** Pulling the yq docker image ****" | ||
docker pull ghcr.io/linuxserver/yq | ||
for br in $(git for-each-ref --format='%(refname:short)' refs/remotes) | ||
do | ||
br=$(echo "$br" | sed 's|origin/||g') | ||
echo "**** Evaluating branch ${br} ****" | ||
ls_branch=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-scrutiny/${br}/jenkins-vars.yml \ | ||
| docker run --rm -i --entrypoint yq ghcr.io/linuxserver/yq -r .ls_branch) | ||
if [ "${br}" == "${ls_branch}" ]; then | ||
echo "**** Branch ${br} appears to be live; checking workflow. ****" | ||
if curl -sfX GET https://raw.githubusercontent.com/linuxserver/docker-scrutiny/${br}/.github/workflows/package_trigger.yml > /dev/null 2>&1; then | ||
echo "**** Workflow exists. Triggering package trigger workflow for branch ${br}. ****" | ||
triggered_branches="${triggered_branches}${br} " | ||
curl -iX POST \ | ||
-H "Authorization: token ${{ secrets.CR_PAT }}" \ | ||
-H "Accept: application/vnd.github.v3+json" \ | ||
-d "{\"ref\":\"refs/heads/${br}\"}" \ | ||
https://api.github.com/repos/linuxserver/docker-scrutiny/actions/workflows/package_trigger.yml/dispatches | ||
sleep 30 | ||
else | ||
echo "**** Workflow doesn't exist; skipping trigger. ****" | ||
fi | ||
else | ||
echo "**** ${br} appears to be a dev branch; skipping trigger. ****" | ||
fi | ||
done | ||
echo "**** Package check build(s) triggered for branch(es): ${triggered_branches} ****" | ||
echo "**** Notifying Discord ****" | ||
curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903, | ||
"description": "**Package Check Build(s) Triggered for scrutiny** \n**Branch(es):** '"${triggered_branches}"' \n**Build URL:** '"https://ci.linuxserver.io/blue/organizations/jenkins/Docker-Pipeline-Builders%2Fdocker-scrutiny/activity/"' \n"}], | ||
"username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} |