Add container image

.gitignore

@@ -98,3 +98,8 @@ ENV/
 # IDE
 
 .idea/
+
+
+# docker/helm
+docker/certificates/**/*
+rules.py

README.md

@@ -6,11 +6,14 @@
 
 <!-- toc -->
 
+- [Artifactory cleanup](#artifactory-cleanup)
+- [Tables of Contents](#tables-of-contents)
 - [Installation](#installation)
 - [Usage](#usage)
-  * [Commands](#commands)
-  * [Available Rules](#available-rules)
-  * [Artifact cleanup policies](#artifactory-cleanup-policies)
+  - [Commands](#commands)
+  - [Available Rules](#available-rules)
+  - [Artifact cleanup policies](#artifact-cleanup-policies)
+  - [Docker Container Usage](#docker-container-usage)
 
 <!-- tocstop -->
 
@@ -110,3 +113,41 @@ RULES = [
     ),
 ]
 ```
+
+## Docker Container Usage ##
+The below command assumes you to have your rules configuration file `rules.py` in the current working directory.
+
+To run the container use the following command:
+
+```bash
+# Dry mode - log artifacts that will be removed
+docker run \
+    --mount type=bind,source=./rules.py,target=/tmp/rules.py \
+    -e ARTIFACTORY_USER=<username> \
+    -e ARTIFACTORY_PASSWORD=<password> \
+    -e ARTIFACTORY_URL=<artifactory url> \
+    -e ARTIFACTORY_RULES_CONFIG=/tmp/rules.py \
+    artifactory-cleanup:latest
+
+# Destroy mode - remove artifacts
+docker run \
+    --mount type=bind,source=./rules.py,target=/tmp/rules.py \
+    -e ARTIFACTORY_USER=<username> \
+    -e ARTIFACTORY_PASSWORD=<password> \
+    -e ARTIFACTORY_URL=<artifactory url> \
+    -e ARTIFACTORY_RULES_CONFIG=/tmp/rules.py \
+    -e ARTIFACTORY_DESTROY_MODE_ENABLED="true" \
+    artifactory-cleanup:latest
+```
+
+The environment variables specify the necessary `artifactory-cleanup` arguments.    
+
+In case you have setup your Artifactory self-signed certificates, place all certificates of the chain of trust into the `docker/certificates/` folder and add an additional argument `--mount type=bind,source=./certificates/,target=/mnt/self-signed-certs/` to a command.
+
+To build the container image locally run the following command in the folder of the `Dockerfile`.
+
+
+```bash
+docker build . --tag artifactory-cleanup:latest
+```
+

docker/Dockerfile

@@ -0,0 +1,18 @@
+FROM python:3.9.12-slim-buster
+ARG VERSION
+
+WORKDIR /app
+
+COPY run.sh .
+
+# set CERT paths for python libraries, necessary for self-signed certificates
+#  - Requests Library
+#  -> https://docs.python-requests.org/en/master/user/advanced/#ssl-cert-verification
+ENV REQUESTS_CA_BUNDLE /etc/ssl/certs/ca-certificates.crt 
+#  - openssl
+#  -> https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_default_verify_paths.html
+ENV SSL_CERT_FILE /etc/ssl/certs/ca-certificates.crt
+
+RUN pip install artifactory-cleanup==${VERSION}
+
+CMD ["bash", "run.sh"]

docker/run.sh

@@ -0,0 +1,42 @@
+#!/bin/bash
+
+if [[ -z "$ARTIFACTORY_USER" ]];then
+    echo "mandatory ARTIFACTORY_USER environment variable not set!"
+    exit 3
+fi
+if [[ -z "$ARTIFACTORY_URL" ]];then
+    echo "mandatory ARTIFACTORY_URL environment variable not set!"
+    exit 3
+fi
+if [[ -z "$ARTIFACTORY_PASSWORD" ]];then
+    echo "mandatory ARTIFACTORY_PASSWORD environment variable not set!"
+    exit 3
+fi
+if [[ -z "$ARTIFACTORY_RULES_CONFIG" ]];then
+    echo "mandatory ARTIFACTORY_RULES_CONFIG environment variable not set!"
+    exit 3
+fi
+
+# check if /tmp/rules.py exists
+[ ! -f "$ARTIFACTORY_RULES_CONFIG" ] && echo "$ARTIFACTORY_RULES_CONFIG not found" && exit 3
+
+# install/trust self-signed certificates for Artifactory instances
+# with self-signed CA
+# further reading: https://askubuntu.com/a/649463
+self_signed_certificates=$(shopt -s nullglob dotglob; echo /mnt/self-signed-certs/*)
+if (( ${#self_signed_certificates} )); then
+    cp /mnt/self-signed-certs/*.crt /usr/local/share/ca-certificates/
+    update-ca-certificates
+fi
+
+# move to rules config parent directory
+cd $( dirname $ARTIFACTORY_RULES_CONFIG)
+
+DESTROY=""
+if [[ -v "$ARTIFACTORY_DESTROY_MODE_ENABLED" ]]; then
+    DESTROY="--destroy"
+fi
+
+# execute artifactory cleanup
+echo "artifactory-cleanup $DESTROY --user $ARTIFACTORY_USER --password $ARTIFACTORY_PASSWORD --artifactory-server $ARTIFACTORY_URL --config $( basename $ARTIFACTORY_RULES_CONFIG)"
+artifactory-cleanup $DESTROY --user $ARTIFACTORY_USER --password $ARTIFACTORY_PASSWORD --artifactory-server $ARTIFACTORY_URL --config $( basename $ARTIFACTORY_RULES_CONFIG)