goose.art / honkbot-2
Return of honkbot, in Rust. Hopefully it won't die all the time.
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

ci: drop skopeo, push to OCI registry with plain curl

goose.art 60dac64e b5bacce5

+41 -79
+41 -79
.tangled/workflows/build.yaml
··· 10 10 - cargo 11 11 - gcc 12 12 - cacert 13 - - skopeo 14 13 - gnutar 15 14 - gzip 16 15 ··· 29 28 command: | 30 29 set -e 31 30 32 - WORKDIR=$(mktemp -d) 33 - mkdir -p $WORKDIR/rootfs/usr/local/bin 34 - mkdir -p $WORKDIR/rootfs/app/fallback_images 35 - mkdir -p $WORKDIR/rootfs/etc/ssl/certs 36 - 37 - cp target/release/honkbot $WORKDIR/rootfs/usr/local/bin/ 38 - cp -r fallback_images/* $WORKDIR/rootfs/app/fallback_images/ 39 - cp /etc/ssl/certs/* $WORKDIR/rootfs/etc/ssl/certs/ 2>/dev/null || true 40 - 41 - cd $WORKDIR/rootfs 42 - tar czf $WORKDIR/layer.tar.gz . 43 - cd - 44 - 45 - LAYER_DIGEST=$(sha256sum $WORKDIR/layer.tar.gz | cut -d' ' -f1) 46 - LAYER_SIZE=$(stat -c%s $WORKDIR/layer.tar.gz) 31 + REG="https://${IMAGE_REGISTRY}/v2/${IMAGE_USER}/${IMAGE_NAME}" 32 + AUTH=$(echo -n "${IMAGE_USER}:${APP_PASSWORD}" | base64) 33 + H="Authorization: Basic $AUTH" 47 34 48 - OCI=$WORKDIR/oci 49 - mkdir -p $OCI/blobs/sha256 35 + # Build rootfs layer 36 + STAGING=$(mktemp -d) 37 + mkdir -p $STAGING/usr/local/bin $STAGING/app/fallback_images $STAGING/etc/ssl/certs 38 + cp target/release/honkbot $STAGING/usr/local/bin/ 39 + cp -r fallback_images/* $STAGING/app/fallback_images/ 40 + cp /etc/ssl/certs/* $STAGING/etc/ssl/certs/ 2>/dev/null || true 50 41 51 - cp $WORKDIR/layer.tar.gz $OCI/blobs/sha256/$LAYER_DIGEST 52 - 53 - cat > $WORKDIR/config.json <<EOF 54 - { 55 - "architecture": "amd64", 56 - "os": "linux", 57 - "config": { 58 - "Env": ["FALLBACK_IMAGE_DIR=/app/fallback_images", "RUST_LOG=info", "SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt"], 59 - "WorkingDir": "/app", 60 - "Entrypoint": ["/usr/local/bin/honkbot"] 61 - }, 62 - "rootfs": { 63 - "type": "layers", 64 - "diff_ids": ["sha256:$LAYER_DIGEST"] 65 - } 66 - } 67 - EOF 42 + tar -C $STAGING -czf /tmp/layer.tar.gz . 43 + LAYER_SHA=$(sha256sum /tmp/layer.tar.gz | cut -d' ' -f1) 44 + LAYER_SIZE=$(wc -c < /tmp/layer.tar.gz | tr -d ' ') 68 45 69 - CONFIG_DIGEST=$(sha256sum $WORKDIR/config.json | cut -d' ' -f1) 70 - CONFIG_SIZE=$(stat -c%s $WORKDIR/config.json) 71 - cp $WORKDIR/config.json $OCI/blobs/sha256/$CONFIG_DIGEST 46 + echo "Layer: sha256:$LAYER_SHA ($LAYER_SIZE bytes)" 72 47 73 - cat > $WORKDIR/manifest.json <<EOF 74 - { 75 - "schemaVersion": 2, 76 - "mediaType": "application/vnd.oci.image.manifest.v1+json", 77 - "config": { 78 - "mediaType": "application/vnd.oci.image.config.v1+json", 79 - "digest": "sha256:$CONFIG_DIGEST", 80 - "size": $CONFIG_SIZE 81 - }, 82 - "layers": [ 83 - { 84 - "mediaType": "application/vnd.oci.image.layer.v1.tar+gzip", 85 - "digest": "sha256:$LAYER_DIGEST", 86 - "size": $LAYER_SIZE 87 - } 88 - ] 89 - } 90 - EOF 48 + # Upload layer blob 49 + UPLOAD=$(curl -s -D- -o/dev/null -X POST -H "$H" "$REG/blobs/uploads/") 50 + LOC=$(echo "$UPLOAD" | grep -i '^location:' | tr -d '\r' | sed 's/location: *//i') 51 + SEP=$(echo "$LOC" | grep -q '?' && echo '&' || echo '?') 52 + curl -s -X PUT -H "$H" -H "Content-Type: application/octet-stream" \ 53 + --data-binary @/tmp/layer.tar.gz \ 54 + "${LOC}${SEP}digest=sha256:${LAYER_SHA}" 55 + echo "Layer uploaded" 91 56 92 - MANIFEST_DIGEST=$(sha256sum $WORKDIR/manifest.json | cut -d' ' -f1) 93 - MANIFEST_SIZE=$(stat -c%s $WORKDIR/manifest.json) 94 - cp $WORKDIR/manifest.json $OCI/blobs/sha256/$MANIFEST_DIGEST 57 + # Build and upload config blob 58 + CONFIG="{\"architecture\":\"amd64\",\"os\":\"linux\",\"config\":{\"Env\":[\"FALLBACK_IMAGE_DIR=/app/fallback_images\",\"RUST_LOG=info\",\"SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt\"],\"WorkingDir\":\"/app\",\"Entrypoint\":[\"/usr/local/bin/honkbot\"]},\"rootfs\":{\"type\":\"layers\",\"diff_ids\":[\"sha256:${LAYER_SHA}\"]}}" 59 + echo -n "$CONFIG" > /tmp/config.json 60 + CONFIG_SHA=$(sha256sum /tmp/config.json | cut -d' ' -f1) 61 + CONFIG_SIZE=$(wc -c < /tmp/config.json | tr -d ' ') 95 62 96 - cat > $OCI/index.json <<EOF 97 - { 98 - "schemaVersion": 2, 99 - "manifests": [ 100 - { 101 - "mediaType": "application/vnd.oci.image.manifest.v1+json", 102 - "digest": "sha256:$MANIFEST_DIGEST", 103 - "size": $MANIFEST_SIZE 104 - } 105 - ] 106 - } 107 - EOF 63 + UPLOAD=$(curl -s -D- -o/dev/null -X POST -H "$H" "$REG/blobs/uploads/") 64 + LOC=$(echo "$UPLOAD" | grep -i '^location:' | tr -d '\r' | sed 's/location: *//i') 65 + SEP=$(echo "$LOC" | grep -q '?' && echo '&' || echo '?') 66 + curl -s -X PUT -H "$H" -H "Content-Type: application/octet-stream" \ 67 + --data-binary @/tmp/config.json \ 68 + "${LOC}${SEP}digest=sha256:${CONFIG_SHA}" 69 + echo "Config uploaded" 108 70 109 - echo '{"imageLayoutVersion": "1.0.0"}' > $OCI/oci-layout 71 + # Push manifest 72 + MANIFEST="{\"schemaVersion\":2,\"mediaType\":\"application/vnd.oci.image.manifest.v1+json\",\"config\":{\"mediaType\":\"application/vnd.oci.image.config.v1+json\",\"digest\":\"sha256:${CONFIG_SHA}\",\"size\":${CONFIG_SIZE}},\"layers\":[{\"mediaType\":\"application/vnd.oci.image.layer.v1.tar+gzip\",\"digest\":\"sha256:${LAYER_SHA}\",\"size\":${LAYER_SIZE}}]}" 110 73 111 - echo "${APP_PASSWORD}" | skopeo login \ 112 - -u "${IMAGE_USER}" \ 113 - --password-stdin \ 114 - ${IMAGE_REGISTRY} 74 + RESULT=$(curl -s -w "%{http_code}" -X PUT -H "$H" \ 75 + -H "Content-Type: application/vnd.oci.image.manifest.v1+json" \ 76 + -d "$MANIFEST" \ 77 + "$REG/manifests/latest") 115 78 116 - skopeo copy \ 117 - oci:$OCI \ 118 - docker://${IMAGE_REGISTRY}/${IMAGE_USER}/${IMAGE_NAME}:latest 79 + echo "Push result: $RESULT" 80 + echo "Done: ${IMAGE_REGISTRY}/${IMAGE_USER}/${IMAGE_NAME}:latest"