diff --git a/.github/workflows/diff.yml b/.github/workflows/diff.yml new file mode 100644 index 00000000..a62afc0c --- /dev/null +++ b/.github/workflows/diff.yml @@ -0,0 +1,21 @@ +name: Diff + +on: + pull_request: + +jobs: + diff: + name: Diff + runs-on: ubuntu-24.04 + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Diff stable + run: | + make CHANNEL=stable diff + + - name: Diff test + run: | + make CHANNEL=test diff + diff --git a/Makefile b/Makefile index 9ce23f0d..9b0884af 100644 --- a/Makefile +++ b/Makefile @@ -8,26 +8,83 @@ SHELLCHECK=docker run --rm $(VOLUME_MOUNTS) -w /v koalaman/shellcheck:stable $(S ENVSUBST_VARS=LOAD_SCRIPT_COMMIT_SHA +# Define the channels we want to build for +CHANNELS=test stable + +FILES=build/test/install.sh build/stable/install.sh build/stable/rootless-install.sh + .PHONY: build -build: build/install.sh +build: $(FILES) -build/install.sh: install.sh +build/%/install.sh: install.sh mkdir -p $(@D) - LOAD_SCRIPT_COMMIT_SHA='$(shell git rev-parse HEAD)' envsubst '$(addprefix $$,$(ENVSUBST_VARS))' < $< > $@ + sed 's/DEFAULT_CHANNEL_VALUE="stable"/DEFAULT_CHANNEL_VALUE="$*"/' $< | \ + LOAD_SCRIPT_COMMIT_SHA='$(shell git rev-parse HEAD)' envsubst '$(addprefix $$,$(ENVSUBST_VARS))' > $@ + +build/%/rootless-install.sh: rootless-install.sh + mkdir -p $(@D) + sed 's/DEFAULT_CHANNEL_VALUE="stable"/DEFAULT_CHANNEL_VALUE="$*"/' $< | \ + LOAD_SCRIPT_COMMIT_SHA='$(shell git rev-parse HEAD)' envsubst '$(addprefix $$,$(ENVSUBST_VARS))' > $@ .PHONY: shellcheck -shellcheck: build/install.sh - $(SHELLCHECK) $< +shellcheck: $(FILES) + $(SHELLCHECK) $^ .PHONY: test -test: build/install.sh - docker run --rm -i \ - $(VOLUME_MOUNTS) \ - -w /v \ - -e VERSION \ - -e CHANNEL \ - $(TEST_IMAGE) \ - sh "$<" +test: $(foreach channel,$(CHANNELS),build/$(channel)/install.sh) + for file in $^; do \ + (set -x; docker run --rm -it \ + $(VOLUME_MOUNTS) \ + --privileged \ + -e HOME=/tmp \ + -v /var/lib/docker \ + -w /v \ + -e VERSION \ + -e CHANNEL \ + $(TEST_IMAGE) \ + sh $$file) | tail -n 30; \ + done + +AWS?=docker run \ + -v ./build:/build \ + -e AWS_ACCESS_KEY_ID \ + -e AWS_SECRET_ACCESS_KEY \ + -e AWS_SESSION_TOKEN \ + --rm -it amazon/aws-cli + +.PHONY: deploy +deploy: build/$(CHANNEL)/install.sh build/$(CHANNEL)/rootless-install.sh +ifeq ($(S3_BUCKET),) + $(error S3_BUCKET is empty.) +endif +ifeq ($(CF_DISTRIBUTION_ID),) + $(error CF_DISTRIBUTION_ID is empty.) +endif +ifeq ($(CHANNEL),) + $(error CHANNEL is empty.) +endif + $(AWS) s3 cp --acl public-read --content-type 'text/plain' /build/$(CHANNEL)/install.sh s3://$(S3_BUCKET)/index +ifeq ($(CHANNEL),stable) + $(AWS) s3 cp --acl public-read --content-type 'text/plain' /build/$(CHANNEL)/rootless-install.sh s3://$(S3_BUCKET)/rootless +endif + + $(AWS) cloudfront create-invalidation --distribution-id $(CF_DISTRIBUTION_ID) --paths '/*' + +.PHONY: diff +diff: TMP_DIR=/tmp +diff: CHANNEL=stable +diff: SUBDOMAIN=$(if $(filter test,$(CHANNEL)),test,$(if $(filter stable,$(CHANNEL)),get,$(error Invalid CHANNEL: $(CHANNEL)))) +diff: build/$(CHANNEL)/install.sh build/$(CHANNEL)/rootless-install.sh + curl -sfSL https://$(SUBDOMAIN).docker.com -o $(TMP_DIR)/install.sh + + echo "# Diff $(CHANNEL) install.sh" + diff --color=always -u build/$(CHANNEL)/install.sh $(TMP_DIR)/install.sh || true + +ifeq ($(CHANNEL),stable) + curl -sfSL https://$(SUBDOMAIN).docker.com/rootless -o $(TMP_DIR)/rootless-install.sh + echo "# Diff $(CHANNEL) rootless-install.sh" + diff --color=always -u build/$(CHANNEL)/rootless-install.sh $(TMP_DIR)/rootless-install.sh || true +endif .PHONY: clean clean: diff --git a/rootless-install.sh b/rootless-install.sh index c224c98e..f7960eee 100755 --- a/rootless-install.sh +++ b/rootless-install.sh @@ -16,7 +16,7 @@ set -e # # Git commit from https://github.com/docker/docker-install when # the script was uploaded (Should only be modified by upload job): -SCRIPT_COMMIT_SHA=UNKNOWN +SCRIPT_COMMIT_SHA="$LOAD_SCRIPT_COMMIT_SHA" # This script should be run with an unprivileged user and install/setup Docker under $HOME/bin/.