Richard Felkl | e90ef1c | 2017-12-08 00:13:56 +0100 | [diff] [blame] | 1 | /** |
| 2 | * |
| 3 | * Mirror Docker images |
| 4 | * |
| 5 | * Expected parameters: |
| 6 | * TARGET_REGISTRY_CREDENTIALS_ID Credentials for target Docker Registry |
| 7 | * TARGET_REGISTRY Target Docker Registry name |
| 8 | * REGISTRY_URL Target Docker Registry URL |
| 9 | * IMAGE_TAG Tag to use when pushing images |
azvyagintsev | d162b91 | 2018-07-26 10:52:14 +0200 | [diff] [blame] | 10 | * SOURCE_IMAGE_TAG Tag to use when pulling images(optional,if SOURCE_IMAGE_TAG has been found) |
azvyagintsev | 388a1bd | 2018-09-06 12:39:49 +0300 | [diff] [blame] | 11 | * SET_DEFAULT_ARTIFACTORY_PROPERTIES Add extra props. directly to artifactory, |
Richard Felkl | e90ef1c | 2017-12-08 00:13:56 +0100 | [diff] [blame] | 12 | * IMAGE_LIST List of images to mirror |
azvyagintsev | 388a1bd | 2018-09-06 12:39:49 +0300 | [diff] [blame] | 13 | * Example: docker.elastic.co/elasticsearch/elasticsearch:5.4.1 docker-prod-local.docker.mirantis.net/mirantis/external/docker.elastic.co/elasticsearch |
| 14 | * docker.elastic.co/elasticsearch/elasticsearch:SUBS_SOURCE_IMAGE_TAG docker-prod-local.docker.mirantis.net/mirantis/external/elasticsearch:${IMAGE_TAG}* Will be proceed like: |
| 15 | * docker tag docker.elastic.co/elasticsearch/elasticsearch:5.4.1 docker-prod-local.docker.mirantis.net/mirantis/external/docker.elastic.co/elasticsearch/elasticsearch:5.4.1 |
| 16 | * |
Richard Felkl | e90ef1c | 2017-12-08 00:13:56 +0100 | [diff] [blame] | 17 | * |
| 18 | */ |
azvyagintsev | 388a1bd | 2018-09-06 12:39:49 +0300 | [diff] [blame] | 19 | import java.util.regex.Pattern |
Alexander Evseev | 89b0da4 | 2018-12-10 13:14:04 +0000 | [diff] [blame] | 20 | import groovy.json.JsonSlurper |
Richard Felkl | e90ef1c | 2017-12-08 00:13:56 +0100 | [diff] [blame] | 21 | |
azvyagintsev | 388a1bd | 2018-09-06 12:39:49 +0300 | [diff] [blame] | 22 | common = new com.mirantis.mk.Common() |
| 23 | external = false |
| 24 | externalMarker = '/mirantis/external/' |
Richard Felkl | e90ef1c | 2017-12-08 00:13:56 +0100 | [diff] [blame] | 25 | |
azvyagintsev | 388a1bd | 2018-09-06 12:39:49 +0300 | [diff] [blame] | 26 | slaveNode = env.SLAVE_NODE ?: 'docker' |
| 27 | setDefaultArtifactoryProperties = env.SET_DEFAULT_ARTIFACTORY_PROPERTIES ?: true |
| 28 | |
Richard Felkl | e90ef1c | 2017-12-08 00:13:56 +0100 | [diff] [blame] | 29 | def getImageName(String image) { |
| 30 | def regex = Pattern.compile('(?:.+/)?([^:]+)(?::.+)?') |
| 31 | def matcher = regex.matcher(image) |
azvyagintsev | 388a1bd | 2018-09-06 12:39:49 +0300 | [diff] [blame] | 32 | if (matcher.find()) { |
Richard Felkl | e90ef1c | 2017-12-08 00:13:56 +0100 | [diff] [blame] | 33 | def imageName = matcher.group(1) |
| 34 | return imageName |
azvyagintsev | 388a1bd | 2018-09-06 12:39:49 +0300 | [diff] [blame] | 35 | } else { |
| 36 | error("Wrong format of image name.") |
Richard Felkl | e90ef1c | 2017-12-08 00:13:56 +0100 | [diff] [blame] | 37 | } |
| 38 | } |
azvyagintsev | 388a1bd | 2018-09-06 12:39:49 +0300 | [diff] [blame] | 39 | |
Denis Egorenko | 343a571 | 2018-12-10 19:08:45 +0400 | [diff] [blame] | 40 | def getImageInfo(String imageName) { |
| 41 | String unique_image_id = sh( |
| 42 | script: "docker inspect --format='{{index .RepoDigests 0}}' '${imageName}'", |
| 43 | returnStdout: true, |
| 44 | ).trim() |
| 45 | String imageSha256 = unique_image_id.tokenize(':')[1] |
| 46 | common.infoMsg("Docker ${imageName} image sha256 is ${imageSha256}") |
| 47 | return [ 'id': unique_image_id, 'sha256': imageSha256 ] |
| 48 | } |
| 49 | |
| 50 | def imageURL(String registry, String imageName, String sha256) { |
| 51 | def ret = new URL("https://${registry}/artifactory/api/search/checksum?sha256=${sha256}").getText() |
| 52 | // Most probably, we would get many images, especially for external images. We need to guess |
| 53 | // exactly one, which we pushing now |
| 54 | def tgtGuessImage = imageName.replace(':', '/').replace(registry, '') |
| 55 | ArrayList img_data = new JsonSlurper().parseText(ret)['results'] |
| 56 | def tgtImgUrl = img_data*.uri.find { it.contains(tgtGuessImage) } |
| 57 | if (tgtImgUrl) { |
| 58 | return tgtImgUrl |
| 59 | } else { |
| 60 | error("Can't find image ${imageName} in registry ${registry} with sha256: ${sha256}!") |
| 61 | } |
| 62 | } |
| 63 | |
azvyagintsev | 388a1bd | 2018-09-06 12:39:49 +0300 | [diff] [blame] | 64 | timeout(time: 4, unit: 'HOURS') { |
| 65 | node(slaveNode) { |
Denis Egorenko | 899ee32 | 2018-11-19 17:35:50 +0400 | [diff] [blame] | 66 | def user = '' |
| 67 | wrap([$class: 'BuildUser']) { |
| 68 | user = env.BUILD_USER_ID |
| 69 | } |
| 70 | currentBuild.description = "${user}: [${env.SOURCE_IMAGE_TAG} => ${env.IMAGE_TAG}]\n${env.IMAGE_LIST}" |
Jakub Josef | a63f986 | 2018-01-11 17:58:38 +0100 | [diff] [blame] | 71 | try { |
azvyagintsev | 388a1bd | 2018-09-06 12:39:49 +0300 | [diff] [blame] | 72 | stage("Mirror Docker Images") { |
| 73 | |
Jakub Josef | a63f986 | 2018-01-11 17:58:38 +0100 | [diff] [blame] | 74 | def images = IMAGE_LIST.tokenize('\n') |
azvyagintsev | 388a1bd | 2018-09-06 12:39:49 +0300 | [diff] [blame] | 75 | def imageName, sourceImage, targetRegistryPath, imageArray |
| 76 | for (image in images) { |
| 77 | if (image.trim().indexOf(' ') == -1) { |
| 78 | error("Wrong format of image and target repository input") |
Jakub Josef | a63f986 | 2018-01-11 17:58:38 +0100 | [diff] [blame] | 79 | } |
| 80 | imageArray = image.trim().tokenize(' ') |
azvyagintsev | 388a1bd | 2018-09-06 12:39:49 +0300 | [diff] [blame] | 81 | sourceImage = imageArray[0] |
| 82 | if (sourceImage.contains('SUBS_SOURCE_IMAGE_TAG')) { |
| 83 | common.warningMsg("Replacing SUBS_SOURCE_IMAGE_TAG => ${env.SOURCE_IMAGE_TAG}") |
| 84 | sourceImage = sourceImage.replace('SUBS_SOURCE_IMAGE_TAG', env.SOURCE_IMAGE_TAG) |
azvyagintsev | d162b91 | 2018-07-26 10:52:14 +0200 | [diff] [blame] | 85 | } |
azvyagintsev | 388a1bd | 2018-09-06 12:39:49 +0300 | [diff] [blame] | 86 | targetRegistryPath = imageArray[1] |
| 87 | targetRegistry = imageArray[1].split('/')[0] |
| 88 | imageName = getImageName(sourceImage) |
| 89 | targetImageFull = "${targetRegistryPath}/${imageName}:${env.IMAGE_TAG}" |
Denis Egorenko | 2ee651c | 2018-11-23 17:41:38 +0400 | [diff] [blame] | 90 | |
| 91 | def mcp_artifactory = new com.mirantis.mcp.MCPArtifactory() |
| 92 | if (targetImageFull.contains(externalMarker)) { |
| 93 | external = true |
| 94 | // check if images exists - raise error, as we don't want to rewrite existing one |
| 95 | def imageRepo = targetRegistryPath - targetRegistry |
Denis Egorenko | 1b207d1 | 2018-11-26 15:35:21 +0400 | [diff] [blame] | 96 | if (mcp_artifactory.imageExists(env.REGISTRY_URL, "${imageRepo}/${imageName}", env.IMAGE_TAG)) { |
Denis Egorenko | 2ee651c | 2018-11-23 17:41:38 +0400 | [diff] [blame] | 97 | error("Image ${targetImageFull} already exists!") |
| 98 | } |
| 99 | } |
| 100 | |
azvyagintsev | 388a1bd | 2018-09-06 12:39:49 +0300 | [diff] [blame] | 101 | srcImage = docker.image(sourceImage) |
azvyagintsev | 86ba4a0 | 2018-10-03 19:21:28 +0300 | [diff] [blame] | 102 | common.retry(3, 5) { |
| 103 | srcImage.pull() |
| 104 | } |
Denis Egorenko | 343a571 | 2018-12-10 19:08:45 +0400 | [diff] [blame] | 105 | source_image_sha256 = getImageInfo(sourceImage)['sha256'] |
azvyagintsev | 388a1bd | 2018-09-06 12:39:49 +0300 | [diff] [blame] | 106 | // Use sh-docker call for tag, due magic code in plugin: |
| 107 | // https://github.com/jenkinsci/docker-workflow-plugin/blob/docker-workflow-1.17/src/main/resources/org/jenkinsci/plugins/docker/workflow/Docker.groovy#L168-L170 |
| 108 | sh("docker tag ${srcImage.id} ${targetImageFull}") |
| 109 | common.infoMsg("Attempt to push docker image into remote registry: ${env.REGISTRY_URL}") |
azvyagintsev | 86ba4a0 | 2018-10-03 19:21:28 +0300 | [diff] [blame] | 110 | common.retry(3, 5) { |
| 111 | docker.withRegistry(env.REGISTRY_URL, env.TARGET_REGISTRY_CREDENTIALS_ID) { |
Alexander Evseev | 3a37d08 | 2018-12-10 12:46:39 +0000 | [diff] [blame] | 112 | sh("docker push ${targetImageFull}") |
azvyagintsev | 86ba4a0 | 2018-10-03 19:21:28 +0300 | [diff] [blame] | 113 | } |
Alexander Evseev | d70ef00 | 2018-10-02 13:01:27 +0200 | [diff] [blame] | 114 | } |
Denis Egorenko | a0f1b2f | 2018-11-23 17:24:35 +0000 | [diff] [blame] | 115 | def buildTime = new Date().format("yyyyMMdd-HH:mm:ss.SSS", TimeZone.getTimeZone('UTC')) |
azvyagintsev | 388a1bd | 2018-09-06 12:39:49 +0300 | [diff] [blame] | 116 | |
| 117 | if (setDefaultArtifactoryProperties) { |
| 118 | common.infoMsg("Processing artifactory props for : ${targetImageFull}") |
| 119 | LinkedHashMap artifactoryProperties = [:] |
Denis Egorenko | 343a571 | 2018-12-10 19:08:45 +0400 | [diff] [blame] | 120 | def tgtImageInfo = getImageInfo(targetImageFull) |
| 121 | def tgt_image_sha256 = tgtImageInfo['sha256'] |
| 122 | def unique_image_id = tgtImageInfo['id'] |
| 123 | def tgtImgUrl = imageURL(targetRegistry, targetImageFull, tgt_image_sha256) - '/manifest.json' |
Denis Egorenko | a0f1b2f | 2018-11-23 17:24:35 +0000 | [diff] [blame] | 124 | artifactoryProperties = [ |
| 125 | 'com.mirantis.targetTag' : env.IMAGE_TAG, |
| 126 | 'com.mirantis.uniqueImageId': unique_image_id, |
| 127 | ] |
| 128 | if (external) { |
| 129 | artifactoryProperties << ['com.mirantis.externalImage': external] |
| 130 | } |
Denis Egorenko | 5b1ab7f | 2018-12-10 15:21:35 +0400 | [diff] [blame] | 131 | def sourceRegistry = sourceImage.split('/')[0] |
Denis Egorenko | 343a571 | 2018-12-10 19:08:45 +0400 | [diff] [blame] | 132 | def sourceImgUrl = imageURL(sourceRegistry, sourceImage, source_image_sha256) - '/manifest.json' |
Denis Egorenko | 0191839 | 2018-12-10 12:28:46 +0400 | [diff] [blame] | 133 | def existingProps = mcp_artifactory.getPropertiesForArtifact(sourceImgUrl) |
Denis Egorenko | a0f1b2f | 2018-11-23 17:24:35 +0000 | [diff] [blame] | 134 | def historyProperties = [] |
Denis Egorenko | 0191839 | 2018-12-10 12:28:46 +0400 | [diff] [blame] | 135 | // check does the source image have already history props |
Denis Egorenko | a0f1b2f | 2018-11-23 17:24:35 +0000 | [diff] [blame] | 136 | if (existingProps) { |
| 137 | historyProperties = existingProps.get('com.mirantis.versionHistory', []) |
| 138 | } |
| 139 | // %5C - backslash symbol is needed |
| 140 | historyProperties.add("${buildTime}%5C=${sourceImage}") |
Denis Egorenko | 5b1ab7f | 2018-12-10 15:21:35 +0400 | [diff] [blame] | 141 | artifactoryProperties << [ 'com.mirantis.versionHistory': historyProperties.join(',') ] |
Denis Egorenko | a0f1b2f | 2018-11-23 17:24:35 +0000 | [diff] [blame] | 142 | common.infoMsg("artifactoryProperties=> ${artifactoryProperties}") |
| 143 | common.retry(3, 5) { |
Denis Egorenko | 0191839 | 2018-12-10 12:28:46 +0400 | [diff] [blame] | 144 | mcp_artifactory.setProperties(tgtImgUrl, artifactoryProperties) |
azvyagintsev | 388a1bd | 2018-09-06 12:39:49 +0300 | [diff] [blame] | 145 | } |
| 146 | } |
Richard Felkl | 7c920d0 | 2017-12-11 15:28:18 +0100 | [diff] [blame] | 147 | } |
Richard Felkl | e90ef1c | 2017-12-08 00:13:56 +0100 | [diff] [blame] | 148 | } |
Jakub Josef | a63f986 | 2018-01-11 17:58:38 +0100 | [diff] [blame] | 149 | } catch (Throwable e) { |
azvyagintsev | 388a1bd | 2018-09-06 12:39:49 +0300 | [diff] [blame] | 150 | // Stub for future processing |
Jakub Josef | a63f986 | 2018-01-11 17:58:38 +0100 | [diff] [blame] | 151 | currentBuild.result = "FAILURE" |
| 152 | throw e |
Richard Felkl | e90ef1c | 2017-12-08 00:13:56 +0100 | [diff] [blame] | 153 | } |
Richard Felkl | e90ef1c | 2017-12-08 00:13:56 +0100 | [diff] [blame] | 154 | } |
azvyagintsev | d162b91 | 2018-07-26 10:52:14 +0200 | [diff] [blame] | 155 | } |