diff --git a/.codecov.yml b/.codecov.yml new file mode 100644 index 0000000..0a852e8 --- /dev/null +++ b/.codecov.yml @@ -0,0 +1,11 @@ +coverage: + range: 50..80 + round: down + precision: 2 + +ignore: + - "*_test.go" + - "vendor" + +fixes: + - "github.com/xmidt-org/themis/::" diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..d366855 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,3 @@ +vendor +themis +conf diff --git a/.github/workflows/docker-release.yml b/.github/workflows/docker-release.yml new file mode 100644 index 0000000..6bc28fd --- /dev/null +++ b/.github/workflows/docker-release.yml @@ -0,0 +1,58 @@ +name: docker-release + +on: + push: + tags: + # Push events to matching v#.#.#*, ex: v1.2.3, v.2.4.6-beta + - 'v[0-9]+.[0-9]+.[0-9]+*' + +jobs: + push_to_registry: + name: Push Docker image to Docker Hub + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + - name: Prepare + id: prep + run: | + DOCKER_IMAGE=xmidt/${PWD##*/} + VERSION=edge + if [[ $GITHUB_REF == refs/tags/* ]]; then + VERSION=${GITHUB_REF#refs/tags/} + elif [[ $GITHUB_REF == refs/heads/* ]]; then + VERSION=$(echo ${GITHUB_REF#refs/heads/} | sed -r 's#/+#-#g') + elif [[ $GITHUB_REF == refs/pull/* ]]; then + VERSION=pr-${{ github.event.number }} + fi + TAGS="${DOCKER_IMAGE}:${VERSION}" + if [ "${{ github.event_name }}" = "push" ]; then + TAGS="$TAGS,${DOCKER_IMAGE}:sha-${GITHUB_SHA::8}" + fi + LATEST_TAG=$(git describe --tags `git rev-list --tags --max-count=1` | tail -1) + if [ "${LATEST_TAG}" == "${VERSION}" ]; then + TAGS="$TAGS,${DOCKER_IMAGE}:latest" + fi + echo ::set-output name=version::${VERSION} + echo ::set-output name=tags::${TAGS} + echo ::set-output name=created::$(date -u +'%Y-%m-%dT%H:%M:%SZ') + - name: Set up QEMU + uses: docker/setup-qemu-action@v1 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + - name: Login to DockerHub + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Build and push + uses: docker/build-push-action@v2 + with: + context: . + file: ./Dockerfile + push: true + tags: ${{ steps.prep.outputs.tags }} + labels: | + org.opencontainers.image.source=${{ github.event.repository.html_url }} + org.opencontainers.image.created=${{ steps.prep.outputs.created }} + org.opencontainers.image.revision=${{ github.sha }} \ No newline at end of file diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml new file mode 100644 index 0000000..6b2edef --- /dev/null +++ b/.github/workflows/push.yml @@ -0,0 +1,84 @@ +name: CI + +on: + create: + pull_request: + push: + branches: + - main + +jobs: + test: + name: Unit Tests + runs-on: [ ubuntu-latest ] + steps: + # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it + - uses: actions/checkout@v2 + + # Setup Go + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: '1.15.x' # The Go version to download (if necessary) and use. + + # Run build of the application + - name: Run build + run: go build ./... + + # Run gofmt on the code + - name: Run gofmt + run: gofmt -d + + # Run testing on the code + - name: Run testing + run: | + go test -v -race -coverprofile=coverage.txt ./... + go test -race -json ./... > report.json + curl -s https://codecov.io/bash | bash + echo "codecov done" + + lint: + strategy: + matrix: + go-version: [ 1.15.x ] + os: [ ubuntu-latest ] + name: Lint + runs-on: ${{ matrix.os }} + steps: + - uses: actions/checkout@v2 + - name: golangci-lint + uses: golangci/golangci-lint-action@v2 + with: + # Required: the version of golangci-lint is required and must be specified without patch version: we always use the latest patch version. + version: v1.33 + # Optional: working directory, useful for monorepos + # working-directory: somedir + + # Optional: golangci-lint command line arguments. + # args: -v + + # Optional: show only new issues if it's a pull request. The default value is `false`. + only-new-issues: true + + goreportcard: + runs-on: ubuntu-latest + if: github.event_name == 'push' + steps: + - name: Go report card + uses: creekorful/goreportcard-action@v1.0 + + sonarcloud: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + with: + # Disabling shallow clone is recommended for improving relevancy of reporting + fetch-depth: 0 + - name: SonarCloud Scan + uses: sonarsource/sonarcloud-github-action@master + with: + args: > + -Dproject.settings=./.sonar-project.properties + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..5cba792 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,34 @@ +name: release + +on: + push: + tags: + # Push events to matching v#.#.#*, ex: v1.2.3, v.2.4.6-beta + - 'v[0-9]+.[0-9]+.[0-9]+*' + +jobs: + release: + runs-on: [ ubuntu-latest ] + steps: + - uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Prepare Release Body + id: prep + run: | + export VERSION=${GITHUB_REF#refs/tags/} + export NOTES=$(cat CHANGELOG.md | perl -0777 -ne 'print "$1\n" if /.*## \[${VERSION}\]\s(.*?)\s+## \[(v\d+.\d+.\d+)\].*/s') + export TODAY=`date +'%m/%d/%Y'` + echo ::set-output name=rname::$(echo ${VERSION} ${TODAY}) + echo ::set-output name=body::${NOTES} + - name: create release + id: create_release + uses: actions/create-release@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token + with: + tag_name: ${{ github.ref }} + draft: false + prerelease: false + release_name: ${{ steps.prep.outputs.rname }} + body: ${{ steps.prep.outputs.body }} diff --git a/.github/workflows/tag.yml b/.github/workflows/tag.yml new file mode 100644 index 0000000..641cfcc --- /dev/null +++ b/.github/workflows/tag.yml @@ -0,0 +1,28 @@ +name: tag + +on: + push: + paths: + - "CHANGELOG.md" # only try to tag if the CHANGELOG has been updated. + branches: + - main + +jobs: + build: + runs-on: [ ubuntu-latest ] + steps: + - uses: actions/checkout@v2 + with: + token: '${{ secrets.PERSONAL_ACCESS_TOKEN }}' + fetch-depth: 0 + - name: set up bot + run: | + git config --global user.name "xmidt-bot" + git config --global user.email "$BOT_EMAIL" + - name: export variables and tag commit + run: | + export OLD_VERSION=$(git describe --tags `git rev-list --tags --max-count=1` | tail -1) + export TAG=$(cat CHANGELOG.md | perl -0777 -ne 'print "$1" if /.*## \[Unreleased\]\s+## \[(v\d+.\d+.\d+)\].*/s') + export TODAY=`date +'%m/%d/%Y'` + export NOTES=$(cat CHANGELOG.md | perl -0777 -ne 'print "$ENV{TODAY}\n\n$1\n" if /.*## \[$ENV{TAG}\]\s(.*?)\s+## \[(v\d+.\d+.\d+)\].*/s') + if [[ "$TAG" != "" && "$TAG" != "$OLD_VERSION" ]]; then git tag -a "$TAG" -m "$NOTES"; git push origin --tags; echo $?; fi diff --git a/.golangci.yaml b/.golangci.yaml new file mode 100644 index 0000000..425fa96 --- /dev/null +++ b/.golangci.yaml @@ -0,0 +1,19 @@ +--- +linters-settings: + misspell: + locale: US + +linters: + enable: + - bodyclose + - dupl + - errorlint + - funlen + - goconst + - gosec + - misspell + - unconvert + - prealloc + disable: + - errcheck + - ineffassign \ No newline at end of file diff --git a/.sonar-project.properties b/.sonar-project.properties index 646a50a..c1dabf0 100644 --- a/.sonar-project.properties +++ b/.sonar-project.properties @@ -6,6 +6,7 @@ # Standard properties # ===================================================== +sonar.organization=xmidt-org sonar.projectKey=xmidt-org_themis sonar.projectName=themis @@ -21,7 +22,7 @@ sonar.test.exclusions=**/vendor/** # ===================================================== sonar.links.homepage=https://github.com/xmidt-org/themis -sonar.links.ci=https://travis-ci.org/xmidt-org/themis +sonar.links.ci=https://github.com/xmidt-org/themis/actions sonar.links.scm=https://github.com/xmidt-org/themis sonar.links.issue=https://github.com/xmidt-org/themis/issues diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 8360b92..0000000 --- a/.travis.yml +++ /dev/null @@ -1,80 +0,0 @@ -language: go - -go: - - 1.14.x - - tip - -os: - - linux - -services: - - docker - -branches: - only: - - main - - /^v[0-9]+\.[0-9]+\.[0-9]+$/ - -addons: - sonarcloud: - organization: "xmidt-org" - token: - secure: "ntDM9wWDwMDnPpm14b0MxqCrI88QHB+b4NhCzK5AXaO/mKRixD0ukQ/TUyqTn5dYA9U5knD4k3/YrlBHg31ywb8x+Wfg1nMMhj8tvHS3c7gvO7C148cVkudOnmWMGMQDmbXoWIhmWo4k2vKe+dQbTg+sDmDmufyM1Z+jko4Qpjbifws2mqTkmeqmteTHnht7aZorVVanSr3JC7mE9dhFChYTeV++hXvHhgIge1euodDpmOKfbpfnOQtM4z2g6PT2IPAQY1kskFqUc/CJ6CIG0YDfEbBMeL8Tf8dPL4IvVMtm9+G2REpi0sOwk1H0zRkUC3ONDUmFEJ2uRykQwNZzD2aCvay2yRht9OS+GQXHg98f9caCTi1jHieBadnHw99Ylj5bnP68wbEKME6k4NRfBvUJrbKsYMx8lS50YEs6zwgspRv8jRPohlKtKDu2k98r+1EwDtP+U6HG0tRiGev+hYPUR0mlYM93igygHT3xfnMqgW8dIpxT3NzPmffolDuZtw82SEr4HCJGsW4bOZW1A53mybdF9HPI64XlK8qN7xVdDF1SMuz+RrOPOvsmApQeBHkV5mMzLRkxC0EhfeOl5QDYi3fD0nfNCqclhOYk9R05k2trIL2htyhsqqi17OZmzN28o2WGlDXzPT7aHwg21I6egypIoSgOi8jEEf6XpcI=" - - -script: - - make style codecov - -after_success: - - sonar-scanner -Dproject.settings=./.sonar-project.properties - -jobs: - fast_finish: true - allow_failures: - - go: tip - include: - # - stage: integration - # name: "Integration Tests" - # if: branch = main - # script: - # - make it - - stage: tag - name: "Tag For Release" - if: branch = main && type = push - before_script: - - echo -e "machine github.com\n login $GH_TOKEN" > ~/.netrc - script: - - export OLD_VERSION=$(make version) - - git config --global user.name "xmidt-bot" - - git config --global user.email "$BOT_EMAIL" - - export TAG=$(cat CHANGELOG.md | perl -0777 -ne 'print "$1" if /.*## \[Unreleased\]\s+## \[(v\d+.\d+.\d+)\].*/s') - - export TODAY=`date +'%m/%d/%Y'` - - export NOTES=$(cat CHANGELOG.md | perl -0777 -ne 'print "$ENV{TODAY}\n\n$1\n" if /.*## \[$ENV{TAG}\]\s(.*?)\s+## \[(v\d+.\d+.\d+)\].*/s') - - if [[ "$TAG" != "" && "$TAG" != "$OLD_VERSION" ]]; then git tag -a "$TAG" -m "$NOTES"; git push origin --tags; echo $?; fi - after_success: skip - - - stage: release - name: "Make a Release" - if: branch != main - script: skip - before_deploy: - - make release-artifacts - deploy: - on: - all_branches: true - tags: true - provider: releases - api_key: "$GH_TOKEN" - file_glob: true - file: ./.ignore/* - skip_cleanup: true - - stage: docker-release - name: "Make Docker Release" - if: branch != main - script: skip - deploy: - - provider: script - script: bash deploy/docker_push - on: - all_branches: true - tags: true diff --git a/.whitesource b/.whitesource new file mode 100644 index 0000000..55b922e --- /dev/null +++ b/.whitesource @@ -0,0 +1,12 @@ +{ + "scanSettings": { + "baseBranches": [] + }, + "checkRunSettings": { + "vulnerableCheckRunConclusionLevel": "failure", + "displayMode": "diff" + }, + "issueSettings": { + "minSeverityLevel": "LOW" + } +} \ No newline at end of file diff --git a/CHANGELOG.md b/CHANGELOG.md index c3a7a09..e66edb5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html). ## [Unreleased] +- Migrate to github actions, normalize analysis tools, Dockerfiles and Makefiles. [#67](https://github.com/xmidt-org/themis/pull/67) ## [v0.4.6] diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..4c7b8ef --- /dev/null +++ b/Dockerfile @@ -0,0 +1,42 @@ +FROM docker.io/library/golang:1.15-alpine as builder + +MAINTAINER Jack Murdock + +WORKDIR /src + +ARG VERSION +ARG GITCOMMIT +ARG BUILDTIME + + +RUN apk add --no-cache --no-progress \ + ca-certificates \ + make \ + git \ + openssh \ + gcc \ + libc-dev \ + upx + +RUN go get github.com/geofffranks/spruce/cmd/spruce && chmod +x /go/bin/spruce +COPY . . +RUN make test release + +FROM alpine:3.12.1 + +COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ +COPY --from=builder /src/themis /src/themis.yaml /src/deploy/packaging/entrypoint.sh /go/bin/spruce /src/Dockerfile /src/NOTICE /src/LICENSE /src/CHANGELOG.md / +COPY --from=builder /src/deploy/packaging/themis.yaml /tmp/themis.yaml + +RUN mkdir /etc/themis/ && touch /etc/themis/themis.yaml && chmod 666 /etc/themis/themis.yaml + +USER nobody + +ENTRYPOINT ["/entrypoint.sh"] + +EXPOSE 6500 +EXPOSE 6501 +EXPOSE 6502 +EXPOSE 6503 + +CMD ["/themis"] diff --git a/Makefile b/Makefile index 53e8f3f..0f50933 100644 --- a/Makefile +++ b/Makefile @@ -1,91 +1,54 @@ -DEFAULT: build +.PHONY: default build test style docker binaries clean + +DOCKER ?= docker GO ?= go GOFMT ?= $(GO)fmt APP := themis DOCKER_ORG := xmidt -FIRST_GOPATH := $(firstword $(subst :, ,$(shell $(GO) env GOPATH))) -BINARY := $(FIRST_GOPATH)/bin/$(APP) VERSION ?= $(shell git describe --tag --always --dirty) -PROGVER = $(shell git describe --tags `git rev-list --tags --max-count=1` | tail -1 | sed 's/v\(.*\)/\1/') -BUILDTIME = $(shell date -u '+%Y-%m-%d %H:%M:%S') +PROGVER ?= $(shell git describe --tags `git rev-list --tags --max-count=1` | tail -1 | sed 's/v\(.*\)/\1/') +BUILDTIME = $(shell date -u '+%c') GITCOMMIT = $(shell git rev-parse --short HEAD) GOBUILDFLAGS = -a -ldflags "-w -s -X 'main.BuildTime=$(BUILDTIME)' -X main.GitCommit=$(GITCOMMIT) -X main.Version=$(VERSION)" -o $(APP) -.PHONY: vendor -vendor: - $(GO) mod vendor - -.PHONY: build -build: vendor - CGO_ENABLED=0 $(GO) build $(GOBUILDFLAGS) +default: build -.PHONY: version -version: - @echo $(PROGVER) +generate: + $(GO) generate ./... + $(GO) install ./... -# If the first argument is "update-version"... -ifeq (update-version,$(firstword $(MAKECMDGOALS))) - # use the rest as arguments for "update-version" - RUN_ARGS := $(wordlist 2,$(words $(MAKECMDGOALS)),$(MAKECMDGOALS)) - # ...and turn them into do-nothing targets - $(eval $(RUN_ARGS):;@:) -endif +test: + $(GO) test -v -race -coverprofile=coverage.txt ./... + $(GO) test -v -race -json ./... > report.json -.PHONY: update-version -update-version: - @echo "Update Version $(PROGVER) to $(RUN_ARGS)" - git tag v$(RUN_ARGS) +style: + ! $(GOFMT) -d $$(find . -path ./vendor -prune -o -name '*.go' -print) | grep '^' +check: + golangci-lint run -n | tee errors.txt -.PHONY: install -install: vendor - $(GO) install -ldflags "-w -s -X 'main.BuildTime=$(BUILDTIME)' -X main.GitCommit=$(GITCOMMIT) -X main.Version=$(PROGVER)" +build: + CGO_ENABLED=0 $(GO) build $(GOBUILDFLAGS) -.PHONY: release-artifacts -release-artifacts: vendor - mkdir -p ./.ignore - GOOS=darwin GOARCH=amd64 $(GO) build -o ./.ignore/$(APP)-$(PROGVER).darwin-amd64 -ldflags "-X 'main.BuildTime=$(BUILDTIME)' -X main.GitCommit=$(GITCOMMIT) -X main.Version=$(PROGVER)" - GOOS=linux GOARCH=amd64 $(GO) build -o ./.ignore/$(APP)-$(PROGVER).linux-amd64 -ldflags "-X 'main.BuildTime=$(BUILDTIME)' -X main.GitCommit=$(GITCOMMIT) -X main.Version=$(PROGVER)" +release: build + upx $(APP) -.PHONY: docker docker: - docker build \ - --build-arg VERSION=$(VERSION) \ - --build-arg GITCOMMIT=$(GITCOMMIT) \ - --build-arg BUILDTIME='$(BUILDTIME)' \ - -f ./deploy/Dockerfile -t $(DOCKER_ORG)/$(APP):$(PROGVER) . - -.PHONY: local-docker -local-docker: - docker build \ - --build-arg VERSION=$(VERSION) \ - --build-arg GITCOMMIT=$(GITCOMMIT) \ - --build-arg BUILDTIME='$(BUILDTIME)' \ - -f ./deploy/Dockerfile -t $(DOCKER_ORG)/$(APP):local . - -.PHONY: style -style: - ! $(GOFMT) -d $$(find . -path ./vendor -prune -o -name '*.go' -print) | grep '^' + -$(DOCKER) rmi "$(APP):$(VERSION)" + -$(DOCKER) rmi "$(APP):latest" + $(DOCKER) build -t "$(APP):$(VERSION)" -t "$(APP):latest" . -.PHONY: test -test: vendor - GO111MODULE=on $(GO) test -v -race -coverprofile=coverage.txt ./... - GO111MODULE=on $(GO) test -v -race -json ./... > report.json +binaries: generate + mkdir -p ./.ignore + CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 $(GO) build -o ./.ignore/$(APP)-$(PROGVER).darwin-amd64 -ldflags "-X 'main.BuildTime=$(BUILDTIME)' -X main.GitCommit=$(GITCOMMIT) -X main.Version=$(VERSION)" + CGO_ENABLED=0 GOOS=linux GOARCH=amd64 $(GO) build -o ./.ignore/$(APP)-$(PROGVER).linux-amd64 -ldflags "-X 'main.BuildTime=$(BUILDTIME)' -X main.GitCommit=$(GITCOMMIT) -X main.Version=$(VERSION)" -.PHONY: test-cover -test-cover: test - $(GO) tool cover -html=coverage.txt + upx ./.ignore/$(APP)-$(PROGVER).darwin-amd64 + upx ./.ignore/$(APP)-$(PROGVER).linux-amd64 -.PHONY: codecov -codecov: test - curl -s https://codecov.io/bash | bash +clean: + -rm -r .ignore/ $(APP) errors.txt report.json coverage.txt -.PHONEY: it -it: - ./it.sh -.PHONY: clean -clean: - rm -rf ./$(APP) ./.ignore ./coverage.txt ./vendor report.json diff --git a/README.md b/README.md index 2214e24..72cbd8d 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,7 @@ # Themis -[![Build Status](https://travis-ci.com/xmidt-org/themis.svg?branch=main)](https://travis-ci.com/xmidt-org/themis) +[![Build Status](https://github.com/xmidt-org/themis/workflows/CI/badge.svg)](https://github.com/xmidt-org/themis/actions) [![codecov.io](http://codecov.io/github/xmidt-org/themis/coverage.svg?branch=main)](http://codecov.io/github/xmidt-org/themis?branch=main) -[![Code Climate](https://codeclimate.com/github/xmidt-org/themis/badges/gpa.svg)](https://codeclimate.com/github/xmidt-org/themis) -[![Issue Count](https://codeclimate.com/github/xmidt-org/themis/badges/issue_count.svg)](https://codeclimate.com/github/xmidt-org/themis) [![Go Report Card](https://goreportcard.com/badge/github.com/xmidt-org/themis)](https://goreportcard.com/report/github.com/xmidt-org/themis) [![Apache V2 License](http://img.shields.io/badge/license-Apache%20V2-blue.svg)](https://github.com/xmidt-org/themis/blob/main/LICENSE) [![GitHub release](https://img.shields.io/github/v/release/xmidt-org/themis?include_prereleases)](CHANGELOG.md) diff --git a/deploy/Dockerfile b/deploy/Dockerfile deleted file mode 100644 index fa4f2ce..0000000 --- a/deploy/Dockerfile +++ /dev/null @@ -1,49 +0,0 @@ -FROM docker.io/library/golang:1.14-alpine as builder - -MAINTAINER Jack Murdock - -WORKDIR /go/src/github.com/xmidt-org/themis - -ARG VERSION=unknown -ARG GITCOMMIT=unknown -ARG BUILDTIME=unknown - -ADD https://github.com/geofffranks/spruce/releases/download/v1.25.2/spruce-linux-amd64 /usr/local/bin/spruce -RUN chmod +x /usr/local/bin/spruce - -RUN apk add --no-cache --no-progress \ - ca-certificates \ - make \ - git \ - openssh \ - gcc \ - libc-dev \ - upx - -COPY . . -RUN make build - -FROM alpine:latest - -COPY --from=builder /etc/passwd /etc/passwd -COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ -COPY --from=builder /go/src/github.com/xmidt-org/themis/themis.yaml /_themis.yaml -COPY --from=builder /go/src/github.com/xmidt-org/themis/themis /themis -COPY --from=builder /go/src/github.com/xmidt-org/themis/deploy/Dockerfile /go/src/github.com/xmidt-org/themis/NOTICE /go/src/github.com/xmidt-org/themis/LICENSE /go/src/github.com/xmidt-org/themis/CHANGELOG.md / -COPY --from=builder /go/src/github.com/xmidt-org/themis/deploy/packaging/entrypoint.sh /entrypoint.sh -COPY --from=builder /go/src/github.com/xmidt-org/themis/deploy/packaging/themis_spruce.yaml /tmp/themis_spruce.yaml -COPY --from=builder /usr/local/bin/spruce /spruce - -RUN mkdir /etc/themis/ && touch /etc/themis/themis.yaml && chmod 666 /etc/themis/themis.yaml - -USER nobody - -ENTRYPOINT ["/entrypoint.sh"] - -EXPOSE 6500 -EXPOSE 6501 -EXPOSE 6502 -EXPOSE 6503 -EXPOSE 6504 - -CMD ["/themis"] \ No newline at end of file diff --git a/deploy/docker_push b/deploy/docker_push deleted file mode 100755 index b57f19b..0000000 --- a/deploy/docker_push +++ /dev/null @@ -1,16 +0,0 @@ -#!/usr/bin/env sh - -# upload docker as $TRAVIS_TAG or latest -echo "$DOCKER_TOKEN" | docker login -u "$DOCKER_USERNAME" --password-stdin - -LATEST_TAG=$(git describe --tags `git rev-list --tags --max-count=1` | tail -1 | sed 's/v\(.*\)/\1/') -VERSION_TAG=$(echo "$TRAVIS_TAG" | sed 's/v\(.*\)/\1/') - -docker build --build-arg VERSION="$VERSION_TAG" --build-arg GITCOMMIT="`git rev-parse --short HEAD`" --build-arg BUILDTIME="`date -u '+%Y-%m-%d %H:%M:%S'`" -f ./deploy/Dockerfile -t xmidt/themis:$VERSION_TAG . - -docker push xmidt/themis:$VERSION_TAG - -if [[ "$VERSION_TAG" == "$LATEST_TAG" ]]; then - docker tag xmidt/themis:$VERSION_TAG xmidt/themis:latest - docker push xmidt/themis:latest -fi \ No newline at end of file