Ben Vincent
81024ecc22
All checks were successful
Build / build (pull_request) Successful in 15m30s
Replace date-based Docker tags with git commit SHA and version from version file. This improves traceability by linking images to specific commits and versions.
82 lines
2.0 KiB
HCL
82 lines
2.0 KiB
HCL
build {
|
|
name = local.build_name
|
|
sources = [
|
|
"source.docker.os",
|
|
]
|
|
|
|
# pre-file-copy scripts
|
|
provisioner "shell" {
|
|
inline = var.scripts_pre_file_copy
|
|
}
|
|
|
|
# Deploy files from the image directory -> root of machine
|
|
provisioner "file" {
|
|
source = var.deploy_files_from_image ? "./files/" : ""
|
|
destination = "/"
|
|
}
|
|
|
|
# Deploy files from the common directory -> root of machine
|
|
provisioner "file" {
|
|
source = var.deploy_files_from_common ? "../../../../files/${var.os_name}/${var.os_image}/" : ""
|
|
destination = "/"
|
|
}
|
|
|
|
# manage deploying incus client certficates
|
|
# this isnt super-secure, as the key ends up baked into the docker image
|
|
provisioner "shell" {
|
|
inline = [
|
|
"if [ ${var.include_incus_client_certs} = true ]; then",
|
|
" mkdir -p /root/.config/incus",
|
|
" echo '${replace(local.incus_crt, "'", "'\\''")}' > /root/.config/incus/client.crt",
|
|
" echo '${replace(local.incus_key, "'", "'\\''")}' > /root/.config/incus/client.key",
|
|
"fi"
|
|
]
|
|
}
|
|
|
|
# post-file-copy scripts
|
|
provisioner "shell" {
|
|
inline = var.scripts_post_file_copy
|
|
}
|
|
|
|
# pre-packages scripts
|
|
provisioner "shell" {
|
|
inline = var.scripts_pre_packages
|
|
}
|
|
|
|
# manage dnf/packages
|
|
provisioner "shell" {
|
|
inline = [
|
|
"dnf install -y ${join(" ", var.packages)}"
|
|
]
|
|
}
|
|
|
|
# post-packages scripts
|
|
provisioner "shell" {
|
|
inline = var.scripts_post_packages
|
|
}
|
|
|
|
# final scripts
|
|
provisioner "shell" {
|
|
inline = var.scripts_final
|
|
}
|
|
|
|
|
|
post-processors {
|
|
post-processor "docker-tag" {
|
|
repository = "${var.docker_server}/unkin/${var.os_name}${var.os_version_major}-${var.os_image}"
|
|
tags = ["latest", var.git_commit, var.version]
|
|
}
|
|
|
|
dynamic "post-processor" {
|
|
for_each = local.is_master ? [1] : []
|
|
labels = ["docker-push"]
|
|
content {
|
|
login = true
|
|
login_server = var.docker_server
|
|
login_username = var.docker_username
|
|
login_password = var.docker_password
|
|
}
|
|
}
|
|
}
|
|
}
|