Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add container image #41

Merged
merged 4 commits into from
May 18, 2022
Merged

Add container image #41

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
7fe154e
added Dockerfile
May 5, 2022
f87f89a
added Dockerfile + README.md doc section
May 9, 2022
9294337
Implemented feedback
May 17, 2022
bf99351
Move specific part about self-signed certificates
allburov May 18, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -98,3 +98,8 @@ ENV/
# IDE

.idea/


# docker/helm
docker/certificates/**/*
rules.py
38 changes: 35 additions & 3 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,11 +6,14 @@

<!-- toc -->

- [Artifactory cleanup](#artifactory-cleanup)
- [Tables of Contents](#tables-of-contents)
- [Installation](#installation)
- [Usage](#usage)
* [Commands](#commands)
* [Available Rules](#available-rules)
* [Artifact cleanup policies](#artifactory-cleanup-policies)
- [Commands](#commands)
- [Available Rules](#available-rules)
- [Artifact cleanup policies](#artifact-cleanup-policies)
- [Container Usage](#container-usage)

<!-- tocstop -->

Expand Down Expand Up @@ -110,3 +113,32 @@ RULES = [
),
]
```

## Container Usage ##
allburov marked this conversation as resolved.
Show resolved Hide resolved

To use the container image you first have to build it.
This assumes you have `docker` installed on your system.
In case you have setup your Artifactory with self-signed certificates, place all certificates of the chain of trust into the `container/certificates/` folder.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Any details should be placed after "common usage" section, the first thing people want to see - a bash command how to run the docker.
Let's move self-signed certificated info to the bottom of this section

container/certificates/ shouldn't it be docker/certificates?

It there a way how to add these certificates in docker run command not in build? It'd be better

They will then be copied to the container's truststore.
To build the container image run the following command in the folder of the `Dockerfile`:

```bash
docker build --build-arg VERSION=0.3 . --tag artifactory-cleanup:latest
```

`VERSION` represents the artifactory-cleanup version you want to have installed in the container.
To run the container use the following command:

```bash
docker run \
--mount type=bind,source=./rules.py,target=/tmp/rules.py \
-e ARTIFACTORY_USER=<username> \
-e ARTIFACTORY_PASSWORD=<password> \
-e ARTIFACTORY_URL=<artifactory url> \
-e ARTIFACTORY_RULES_CONFIG=/tmp/rules.py \
artifactory-cleanup:latest
```

The environment variables specify the necessary `artifactory-cleanup` arguments.
Set the `ARTIFACTORY_DESTROY_ARTEFACTS` environment variable to deactivate the dry-run mode.
allburov marked this conversation as resolved.
Show resolved Hide resolved
The above command assumes you to have your rules configuration file (`rules.py`!) in the same folder you run the command from.
22 changes: 22 additions & 0 deletions docker/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
FROM python:3.9.12-slim-buster
ARG VERSION

WORKDIR /app

COPY run.sh .

# https://askubuntu.com/a/649463
allburov marked this conversation as resolved.
Show resolved Hide resolved
COPY certificates/*.crt /usr/local/share/ca-certificates/
RUN update-ca-certificates

# set CERT paths for python libraries, necessary for self-signed certificates
# - Requests Library
# -> https://docs.python-requests.org/en/master/user/advanced/#ssl-cert-verification
ENV REQUESTS_CA_BUNDLE /etc/ssl/certs/ca-certificates.crt
# - openssl
# -> https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_default_verify_paths.html
ENV SSL_CERT_FILE /etc/ssl/certs/ca-certificates.crt

RUN pip install artifactory-cleanup==${VERSION}

CMD ["bash", "run.sh"]
33 changes: 33 additions & 0 deletions docker/run.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
#!/bin/bash

if [[ -z "$ARTIFACTORY_USER" ]];then
echo "mandatory ARTIFACTORY_USER environment variable not set!"
exit 3
fi
if [[ -z "$ARTIFACTORY_URL" ]];then
echo "mandatory ARTIFACTORY_URL environment variable not set!"
exit 3
fi
if [[ -z "$ARTIFACTORY_PASSWORD" ]];then
echo "mandatory ARTIFACTORY_PASSWORD environment variable not set!"
exit 3
fi
if [[ -z "$ARTIFACTORY_RULES_CONFIG" ]];then
echo "mandatory ARTIFACTORY_RULES_CONFIG environment variable not set!"
exit 3
fi

# check if /tmp/rules.py exists
[ ! -f "$ARTIFACTORY_RULES_CONFIG" ] && echo "$ARTIFACTORY_RULES_CONFIG not found" && exit 3

# move to rules config parent directory
cd $( dirname $ARTIFACTORY_RULES_CONFIG)

DESTROY=""
if [[ -v "$ARTIFACTORY_DESTROY_ARTEFACTS" ]]; then
allburov marked this conversation as resolved.
Show resolved Hide resolved
DESTROY="--destroy"
fi

# execute artifactory cleanup
echo "artifactory-cleanup $DESTROY --user $ARTIFACTORY_USER --password $ARTIFACTORY_PASSWORD --artifactory-server $ARTIFACTORY_URL --config $( basename $ARTIFACTORY_RULES_CONFIG)"
artifactory-cleanup $DESTROY --user $ARTIFACTORY_USER --password $ARTIFACTORY_PASSWORD --artifactory-server $ARTIFACTORY_URL --config $( basename $ARTIFACTORY_RULES_CONFIG)