drone-docker/docker.go

479 lines
13 KiB
Go

package docker
import (
"fmt"
"io/ioutil"
"os"
"os/exec"
"path/filepath"
"runtime"
"strings"
"time"
)
type (
// Daemon defines Docker daemon parameters.
Daemon struct {
Registry string // Docker registry
Mirror string // Docker registry mirror
Insecure bool // Docker daemon enable insecure registries
StorageDriver string // Docker daemon storage driver
StoragePath string // Docker daemon storage path
Disabled bool // DOcker daemon is disabled (already running)
Debug bool // Docker daemon started in debug mode
Bip string // Docker daemon network bridge IP address
DNS []string // Docker daemon dns server
DNSSearch []string // Docker daemon dns search domain
MTU string // Docker daemon mtu setting
IPv6 bool // Docker daemon IPv6 networking
Experimental bool // Docker daemon enable experimental mode
}
// Login defines Docker login parameters.
Login struct {
Registry string // Docker registry address
Username string // Docker registry username
Password string // Docker registry password
Email string // Docker registry email
Config string // Docker Auth Config
}
// Build defines Docker build parameters.
Build struct {
Remote string // Git remote URL
Name string // Docker build using default named tag
Dockerfile string // Docker build Dockerfile
Context string // Docker build context
Tags []string // Docker build tags
Args []string // Docker build args
ArgsEnv []string // Docker build args from env
Target string // Docker build target
Squash bool // Docker build squash
Pull bool // Docker build pull
CacheFrom []string // Docker build cache-from
Compress bool // Docker build compress
Repo string // Docker build repository
LabelSchema []string // label-schema Label map
AutoLabel bool // auto-label bool
Labels []string // Label map
Link string // Git repo link
NoCache bool // Docker build no-cache
Secret string // secret keypair
AddHost []string // Docker build add-host
Quiet bool // Docker build quiet
}
// Plugin defines the Docker plugin parameters.
Plugin struct {
Login Login // Docker login configuration
Build Build // Docker build configuration
Daemon Daemon // Docker daemon configuration
Dryrun bool // Docker push is skipped
Cleanup bool // Docker purge is enabled
CardPath string // Card path to write file to
}
Card []struct {
ID string `json:"Id"`
RepoTags []string `json:"RepoTags"`
ParsedRepoTags []TagStruct `json:"ParsedRepoTags"`
RepoDigests []interface{} `json:"RepoDigests"`
Parent string `json:"Parent"`
Comment string `json:"Comment"`
Created time.Time `json:"Created"`
Container string `json:"Container"`
DockerVersion string `json:"DockerVersion"`
Author string `json:"Author"`
Architecture string `json:"Architecture"`
Os string `json:"Os"`
Size int `json:"Size"`
VirtualSize int `json:"VirtualSize"`
Metadata struct {
LastTagTime time.Time `json:"LastTagTime"`
} `json:"Metadata"`
SizeString string
VirtualSizeString string
Time string
URL string `json:"URL"`
}
TagStruct struct {
Tag string `json:"Tag"`
}
)
// Exec executes the plugin step
func (p Plugin) Exec() error {
// start the Docker daemon server
if !p.Daemon.Disabled {
p.startDaemon()
}
// poll the docker daemon until it is started. This ensures the daemon is
// ready to accept connections before we proceed.
for i := 0; ; i++ {
cmd := commandInfo()
err := cmd.Run()
if err == nil {
break
}
if i == 15 {
fmt.Println("Unable to reach Docker Daemon after 15 attempts.")
break
}
time.Sleep(time.Second * 1)
}
// for debugging purposes, log the type of authentication
// credentials that have been provided.
switch {
case p.Login.Password != "" && p.Login.Config != "":
fmt.Println("Detected registry credentials and registry credentials file")
case p.Login.Password != "":
fmt.Println("Detected registry credentials")
case p.Login.Config != "":
fmt.Println("Detected registry credentials file")
default:
fmt.Println("Registry credentials or Docker config not provided. Guest mode enabled.")
}
// create Auth Config File
if p.Login.Config != "" {
os.MkdirAll(dockerHome, 0600)
path := filepath.Join(dockerHome, "config.json")
err := ioutil.WriteFile(path, []byte(p.Login.Config), 0600)
if err != nil {
return fmt.Errorf("Error writing config.json: %s", err)
}
}
// login to the Docker registry
if p.Login.Password != "" {
cmd := commandLogin(p.Login)
raw, err := cmd.CombinedOutput()
if err != nil {
out := string(raw)
out = strings.Replace(out, "WARNING! Using --password via the CLI is insecure. Use --password-stdin.", "", -1)
fmt.Println(out)
return fmt.Errorf("Error authenticating: exit status 1")
}
}
if p.Build.Squash && !p.Daemon.Experimental {
fmt.Println("Squash build flag is only available when Docker deamon is started with experimental flag. Ignoring...")
p.Build.Squash = false
}
// add proxy build args
addProxyBuildArgs(&p.Build)
var cmds []*exec.Cmd
cmds = append(cmds, commandVersion()) // docker version
cmds = append(cmds, commandInfo()) // docker info
// pre-pull cache images
for _, img := range p.Build.CacheFrom {
cmds = append(cmds, commandPull(img))
}
cmds = append(cmds, commandBuild(p.Build)) // docker build
for _, tag := range p.Build.Tags {
cmds = append(cmds, commandTag(p.Build, tag)) // docker tag
if !p.Dryrun {
cmds = append(cmds, commandPush(p.Build, tag)) // docker push
}
}
// execute all commands in batch mode.
for _, cmd := range cmds {
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
trace(cmd)
err := cmd.Run()
if err != nil && isCommandPull(cmd.Args) {
fmt.Printf("Could not pull cache-from image %s. Ignoring...\n", cmd.Args[2])
} else if err != nil && isCommandPrune(cmd.Args) {
fmt.Printf("Could not prune system containers. Ignoring...\n")
} else if err != nil && isCommandRmi(cmd.Args) {
fmt.Printf("Could not remove image %s. Ignoring...\n", cmd.Args[2])
} else if err != nil {
return err
}
}
// output the adaptive card
if err := p.writeCard(); err != nil {
fmt.Printf("Could not create adaptive card. %s\n", err)
}
// execute cleanup routines in batch mode
if p.Cleanup {
// clear the slice
cmds = nil
cmds = append(cmds, commandRmi(p.Build.Name)) // docker rmi
cmds = append(cmds, commandPrune()) // docker system prune -f
for _, cmd := range cmds {
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
trace(cmd)
}
}
return nil
}
// helper function to create the docker login command.
func commandLogin(login Login) *exec.Cmd {
if login.Email != "" {
return commandLoginEmail(login)
}
return exec.Command(
dockerExe, "login",
"-u", login.Username,
"-p", login.Password,
login.Registry,
)
}
// helper to check if args match "docker pull <image>"
func isCommandPull(args []string) bool {
return len(args) > 2 && args[1] == "pull"
}
func commandPull(repo string) *exec.Cmd {
return exec.Command(dockerExe, "pull", repo)
}
func commandLoginEmail(login Login) *exec.Cmd {
return exec.Command(
dockerExe, "login",
"-u", login.Username,
"-p", login.Password,
"-e", login.Email,
login.Registry,
)
}
// helper function to create the docker info command.
func commandVersion() *exec.Cmd {
return exec.Command(dockerExe, "version")
}
// helper function to create the docker info command.
func commandInfo() *exec.Cmd {
return exec.Command(dockerExe, "info")
}
// helper function to create the docker build command.
func commandBuild(build Build) *exec.Cmd {
args := []string{
"build",
"--rm=true",
"-f", build.Dockerfile,
"-t", build.Name,
}
args = append(args, build.Context)
if build.Squash {
args = append(args, "--squash")
}
if build.Compress {
args = append(args, "--compress")
}
if build.Pull {
args = append(args, "--pull=true")
}
if build.NoCache {
args = append(args, "--no-cache")
}
for _, arg := range build.CacheFrom {
args = append(args, "--cache-from", arg)
}
for _, arg := range build.ArgsEnv {
addProxyValue(&build, arg)
}
for _, arg := range build.Args {
args = append(args, "--build-arg", arg)
}
for _, host := range build.AddHost {
args = append(args, "--add-host", host)
}
if build.Secret != "" {
args = append(args, "--secret", build.Secret)
}
if build.Target != "" {
args = append(args, "--target", build.Target)
}
if build.Quiet {
args = append(args, "--quiet")
}
if build.AutoLabel {
labelSchema := []string{
fmt.Sprintf("created=%s", time.Now().Format(time.RFC3339)),
fmt.Sprintf("revision=%s", build.Name),
fmt.Sprintf("source=%s", build.Remote),
fmt.Sprintf("url=%s", build.Link),
}
labelPrefix := "org.opencontainers.image"
if len(build.LabelSchema) > 0 {
labelSchema = append(labelSchema, build.LabelSchema...)
}
for _, label := range labelSchema {
args = append(args, "--label", fmt.Sprintf("%s.%s", labelPrefix, label))
}
}
if len(build.Labels) > 0 {
for _, label := range build.Labels {
args = append(args, "--label", label)
}
}
// we need to enable buildkit, for secret support
if build.Secret != "" {
os.Setenv("DOCKER_BUILDKIT", "1")
}
return exec.Command(dockerExe, args...)
}
// helper function to add proxy values from the environment
func addProxyBuildArgs(build *Build) {
addProxyValue(build, "http_proxy")
addProxyValue(build, "https_proxy")
addProxyValue(build, "no_proxy")
}
// helper function to add the upper and lower case version of a proxy value.
func addProxyValue(build *Build, key string) {
value := getProxyValue(key)
if len(value) > 0 && !hasProxyBuildArg(build, key) {
build.Args = append(build.Args, fmt.Sprintf("%s=%s", key, value))
build.Args = append(build.Args, fmt.Sprintf("%s=%s", strings.ToUpper(key), value))
}
}
// helper function to get a proxy value from the environment.
//
// assumes that the upper and lower case versions of are the same.
func getProxyValue(key string) string {
value := os.Getenv(key)
if len(value) > 0 {
return value
}
return os.Getenv(strings.ToUpper(key))
}
// helper function that looks to see if a proxy value was set in the build args.
func hasProxyBuildArg(build *Build, key string) bool {
keyUpper := strings.ToUpper(key)
for _, s := range build.Args {
if strings.HasPrefix(s, key) || strings.HasPrefix(s, keyUpper) {
return true
}
}
return false
}
// helper function to create the docker tag command.
func commandTag(build Build, tag string) *exec.Cmd {
var (
source = build.Name
target = fmt.Sprintf("%s:%s", build.Repo, tag)
)
return exec.Command(
dockerExe, "tag", source, target,
)
}
// helper function to create the docker push command.
func commandPush(build Build, tag string) *exec.Cmd {
target := fmt.Sprintf("%s:%s", build.Repo, tag)
return exec.Command(dockerExe, "push", target)
}
// helper function to create the docker daemon command.
func commandDaemon(daemon Daemon) *exec.Cmd {
args := []string{
"--data-root", daemon.StoragePath,
"--host=unix:///var/run/docker.sock",
}
if _, err := os.Stat("/etc/docker/default.json"); err == nil {
args = append(args, "--seccomp-profile=/etc/docker/default.json")
}
if daemon.StorageDriver != "" {
args = append(args, "-s", daemon.StorageDriver)
}
if daemon.Insecure && daemon.Registry != "" {
args = append(args, "--insecure-registry", daemon.Registry)
}
if daemon.IPv6 {
args = append(args, "--ipv6")
}
if len(daemon.Mirror) != 0 {
args = append(args, "--registry-mirror", daemon.Mirror)
}
if len(daemon.Bip) != 0 {
args = append(args, "--bip", daemon.Bip)
}
for _, dns := range daemon.DNS {
args = append(args, "--dns", dns)
}
for _, dnsSearch := range daemon.DNSSearch {
args = append(args, "--dns-search", dnsSearch)
}
if len(daemon.MTU) != 0 {
args = append(args, "--mtu", daemon.MTU)
}
if daemon.Experimental {
args = append(args, "--experimental")
}
return exec.Command(dockerdExe, args...)
}
// helper to check if args match "docker prune"
func isCommandPrune(args []string) bool {
return len(args) > 3 && args[2] == "prune"
}
func commandPrune() *exec.Cmd {
return exec.Command(dockerExe, "system", "prune", "-f")
}
// helper to check if args match "docker rmi"
func isCommandRmi(args []string) bool {
return len(args) > 2 && args[1] == "rmi"
}
func commandRmi(tag string) *exec.Cmd {
return exec.Command(dockerExe, "rmi", tag)
}
// trace writes each command to stdout with the command wrapped in an xml
// tag so that it can be extracted and displayed in the logs.
func trace(cmd *exec.Cmd) {
fmt.Fprintf(os.Stdout, "+ %s\n", strings.Join(cmd.Args, " "))
}
func GetDroneDockerExecCmd() string {
if runtime.GOOS == "windows" {
return "C:/bin/drone-docker.exe"
}
return "drone-docker"
}