From ff3cc77d83bf987a93e3a5ea29e52108454bbd9e Mon Sep 17 00:00:00 2001
From: Dmitriy Safronov <zimniy@cyberbrain.pw>
Date: Sun, 18 Feb 2024 08:13:30 +0400
Subject: [PATCH 1/3] test CI_SERVER_HOST

Signed-off-by: Dmitriy Safronov <zimniy@cyberbrain.pw>
---
 entrypoint.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/entrypoint.sh b/entrypoint.sh
index 959afa4..e31eb17 100644
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -10,6 +10,7 @@ die() {
 }
 ##########################################################################################################################
 
+test -z "${CI_SERVER_HOST}" && die "CI_SERVER_HOST is missing"
 test -z "${CI_REGISTRY}" && die "CI_REGISTRY is missing"
 test -z "${CI_REGISTRY_USER}" && die "CI_REGISTRY_USER is missing"
 test -z "${CI_REGISTRY_PASSWORD}" && die "CI_REGISTRY_PASSWORD is missing"
-- 
GitLab


From 3e1a0804c4db1195daae32f629332d0c6f905770 Mon Sep 17 00:00:00 2001
From: Dmitriy Safronov <zimniy@cyberbrain.pw>
Date: Sun, 18 Feb 2024 09:09:03 +0400
Subject: [PATCH 2/3] test

Signed-off-by: Dmitriy Safronov <zimniy@cyberbrain.pw>
---
 entrypoint.sh | 64 +++++++++++++++++++++++++++++++++++++--------------
 1 file changed, 47 insertions(+), 17 deletions(-)

diff --git a/entrypoint.sh b/entrypoint.sh
index e31eb17..03ea566 100644
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -1,42 +1,72 @@
 #!/bin/sh
 
 # To/Die/For =)
-unset TO_DIE
+unset SHOULD_DIE
+should_die() {
+    RED='\033[0;31m'
+    NC='\033[0m' # No Color
+    echo -e "${RED}$1${NC}"
+    SHOULD_DIE=1
+}
 die() {
     RED='\033[0;31m'
     NC='\033[0m' # No Color
     echo -e "${RED}$1${NC}"
-    TO_DIE=1
+    test -z "${RETAG_DEBUG}" || exit 1
 }
+
 ##########################################################################################################################
 
-test -z "${CI_SERVER_HOST}" && die "CI_SERVER_HOST is missing"
-test -z "${CI_REGISTRY}" && die "CI_REGISTRY is missing"
-test -z "${CI_REGISTRY_USER}" && die "CI_REGISTRY_USER is missing"
-test -z "${CI_REGISTRY_PASSWORD}" && die "CI_REGISTRY_PASSWORD is missing"
-test -z "${CI_PROJECT_PATH}" && die "CI_PROJECT_PATH is missing"
-test -z "${REGISTRY_TAG_OLD}" && die "REGISTRY_TAG_OLD is missing"
+test -z "${CI_SERVER_HOST}" && should_die "CI_SERVER_HOST is missing"
+test -z "${CI_REGISTRY}" && should_die "CI_REGISTRY is missing"
+test -z "${CI_REGISTRY_USER}" && should_die "CI_REGISTRY_USER is missing"
+test -z "${CI_REGISTRY_PASSWORD}" && should_die "CI_REGISTRY_PASSWORD is missing"
+test -z "${CI_PROJECT_PATH}" && should_die "CI_PROJECT_PATH is missing"
+test -z "${REGISTRY_TAG_OLD}" && should_die "REGISTRY_TAG_OLD is missing"
 
 test -z "${CUSTOM_IMAGENAME}" && IMAGE_PATH="${CI_PROJECT_PATH}" || IMAGE_PATH="${CI_PROJECT_PATH}/${CUSTOM_IMAGENAME}"
 test -z "${REGISTRY_TAG_NEW}" && REGISTRY_TAG_NEW=latest
 
 ##########################################################################################################################
-test -n "${TO_DIE}" && exit 1
+test -n "${SHOULD_DIE}" && die "Incomplete config!"
 ##########################################################################################################################
 
-TEMPFILE="$(mktemp)"
-CONTENT_TYPE="application/vnd.docker.distribution.manifest.v2+json"
+# Set content type
+CONTENT_TYPE="Content-Type: application/vnd.docker.distribution.manifest.v2+json"
+# Set manifest root url
+MANIFEST_URL=${REGISTRY_SCHEMA:-https}://${CI_REGISTRY}/v2/${IMAGE_PATH}/manifests
+
+##########################################################################################################################
+TEMPFILE=$(mktemp)
+##########################################################################################################################
 
-TOKEN="$(curl --user \"${CI_REGISTRY_USER}:${CI_REGISTRY_PASSWORD}\" \"${SERVER_HOST_SCHEMA:-https}://${CI_SERVER_HOST}/jwt/auth?offline_token=true&service=container_registry&scope=repository:${CI_PROJECT_PATH}:push,pull\" 2> \"${TEMPFILE}\" | jq -r .token)"
-test -z "${TOKEN}" && ( cat "${TEMPFILE}"; ( test -z "${RETAG_DEBUG}" || die "Couldn't get token" ) )
+# Fetch JWT token
+TOKEN=$(curl -s \
+    --user ${CI_REGISTRY_USER}:${CI_REGISTRY_PASSWORD} \
+    -G ${GITLAB_SCHEMA:-https}://${CI_SERVER_HOST}/jwt/auth \
+    -d service=container_registry \
+    -d scope="repository:${IMAGE_PATH}:push,pull,delete" \
+    | jq -r '.token')
+test -n "${TOKEN}" || die "Couldn't get token"
 test -z "${RETAG_DEBUG}" || echo "Token: [${TOKEN}]"
+BEARER="Authorization:Bearer $TOKEN"
 
-MANIFEST="$(curl -H \"Content-Type: ${CONTENT_TYPE}\" -H \"Authorization: Bearer ${TOKEN}\" \"${REGISTRY_SCHEMA:-https}://${CI_REGISTRY}/v2/${IMAGE_PATH}/manifests/${REGISTRY_TAG_OLD}\" 2> \"${TEMPFILE}\")"
-test -z "${MANIFEST}" && ( cat "${TEMPFILE}"; ( test -z "${RETAG_DEBUG}" || die "Couldn't get manifest" ) )
+# Fetch image manifest
+MANIFEST=$(curl -s \
+    -H "${BEARER}" \
+    -H "${CONTENT_TYPE}" \
+    -G ${MANIFEST_URL}/${REGISTRY_TAG_OLD})
+test -n "${MANIFEST}" || die "Couldn't get manifest"
 test -z "${RETAG_DEBUG}" || echo "Manifest: [${MANIFEST}]"
 
-RESPONCE="$(curl -H \"Content-Type: ${CONTENT_TYPE}\" -H \"Authorization: Bearer ${TOKEN}\" \"${REGISTRY_SCHEMA:-https}://${CI_REGISTRY}/v2/${IMAGE_PATH}/manifests/${REGISTRY_TAG_NEW}\" -X PUT -d \"${MANIFEST}\"  2> \"${TEMPFILE}\")"
-test "$?" -gt 0 && ( cat "${TEMPFILE}"; ( test -z "${RETAG_DEBUG}" || die "Couldn't retag image" ) )
+# Push image manifest
+RESPONCE=$(curl -s \
+    -H "${BEARER}" \
+    -H "${CONTENT_TYPE}" \
+    -G ${MANIFEST_URL}/${REGISTRY_TAG_NEW} \
+    -X PUT \
+    -d "$MANIFEST")
+test -z "${RESPONCE}" || die "Couldn't get responce"
 test -z "${RETAG_DEBUG}" || echo "Responce: [${RESPONCE}]"
 
 echo "Image tag: ${CI_REGISTRY}/${IMAGE_PATH}:${REGISTRY_TAG_NEW}"
-- 
GitLab


From 7914e85cbbd8a8b5c038f9b6b99f8c9245aba351 Mon Sep 17 00:00:00 2001
From: Dmitriy Safronov <zimniy@cyberbrain.pw>
Date: Sun, 18 Feb 2024 09:48:19 +0400
Subject: [PATCH 3/3] update logic

Signed-off-by: Dmitriy Safronov <zimniy@cyberbrain.pw>
---
 entrypoint.sh | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/entrypoint.sh b/entrypoint.sh
index 03ea566..2bb04a0 100644
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -17,14 +17,22 @@ die() {
 
 ##########################################################################################################################
 
+# Check if env vars were set
 test -z "${CI_SERVER_HOST}" && should_die "CI_SERVER_HOST is missing"
 test -z "${CI_REGISTRY}" && should_die "CI_REGISTRY is missing"
 test -z "${CI_REGISTRY_USER}" && should_die "CI_REGISTRY_USER is missing"
 test -z "${CI_REGISTRY_PASSWORD}" && should_die "CI_REGISTRY_PASSWORD is missing"
 test -z "${CI_PROJECT_PATH}" && should_die "CI_PROJECT_PATH is missing"
-test -z "${REGISTRY_TAG_OLD}" && should_die "REGISTRY_TAG_OLD is missing"
+test -z "${CI_COMMIT_SHA}" && should_die "CI_COMMIT_SHA is missing"
 
+# Define default custom image name
+test -z "${CUSTOM_IMAGENAME}" && test -z "${CI_COMMIT_TAG}" && CUSTOM_IMAGENAME="${CI_COMMIT_REF_SLUG}"
 test -z "${CUSTOM_IMAGENAME}" && IMAGE_PATH="${CI_PROJECT_PATH}" || IMAGE_PATH="${CI_PROJECT_PATH}/${CUSTOM_IMAGENAME}"
+
+# Define default image old tag
+test -z "${REGISTRY_TAG_OLD}" && test -z "${CI_COMMIT_TAG}" && REGISTRY_TAG_OLD="${CI_COMMIT_SHA}" || REGISTRY_TAG_OLD="${CI_COMMIT_TAG}"
+
+# Define default image new tag
 test -z "${REGISTRY_TAG_NEW}" && REGISTRY_TAG_NEW=latest
 
 ##########################################################################################################################
@@ -40,6 +48,9 @@ MANIFEST_URL=${REGISTRY_SCHEMA:-https}://${CI_REGISTRY}/v2/${IMAGE_PATH}/manifes
 TEMPFILE=$(mktemp)
 ##########################################################################################################################
 
+# DEBUG
+test -z "${RETAG_DEBUG}" || echo "Old image: ${CI_REGISTRY}/${IMAGE_PATH}:${REGISTRY_TAG_OLD}"
+
 # Fetch JWT token
 TOKEN=$(curl -s \
     --user ${CI_REGISTRY_USER}:${CI_REGISTRY_PASSWORD} \
-- 
GitLab