mirror of
https://github.com/dani-garcia/bw_web_builds.git
synced 2025-01-12 04:37:19 +03:00
Use checkout and build scripts in docker
This commit is contained in:
parent
26c122f20a
commit
08c92e2732
3 changed files with 23 additions and 36 deletions
49
Dockerfile
49
Dockerfile
|
@ -18,48 +18,28 @@
|
|||
FROM node:18-bookworm as build
|
||||
RUN node --version && npm --version
|
||||
|
||||
# Prepare the folder to enable non-root, otherwise npm will refuse to run the postinstall
|
||||
RUN mkdir /vault
|
||||
RUN chown node:node /vault
|
||||
USER node
|
||||
|
||||
# Can be a tag, release, but prefer a commit hash because it's not changeable
|
||||
# https://github.com/bitwarden/clients/commit/${VAULT_VERSION}
|
||||
#
|
||||
# Using https://github.com/bitwarden/clients/releases/tag/web-v2024.5.1
|
||||
ARG VAULT_VERSION=9823f69c9d17e2d94de1cc005e01202dd95f0647
|
||||
ENV VAULT_VERSION=$VAULT_VERSION
|
||||
ENV VAULT_FOLDER=bw_clients
|
||||
ENV CHECKOUT_TAGS=false
|
||||
|
||||
WORKDIR /vault
|
||||
RUN git -c init.defaultBranch=main init && \
|
||||
git remote add origin https://github.com/bitwarden/clients.git && \
|
||||
git fetch --depth 1 origin "${VAULT_VERSION}" && \
|
||||
git -c advice.detachedHead=false checkout FETCH_HEAD
|
||||
RUN mkdir /bw_web_builds
|
||||
WORKDIR /bw_web_builds
|
||||
|
||||
COPY --chown=node:node patches /patches
|
||||
COPY --chown=node:node resources /resources
|
||||
COPY --chown=node:node scripts/apply_patches.sh /apply_patches.sh
|
||||
COPY patches ./patches
|
||||
COPY resources ./resources
|
||||
COPY scripts ./scripts
|
||||
|
||||
RUN bash /apply_patches.sh
|
||||
RUN ./scripts/checkout_web_vault.sh
|
||||
RUN ./scripts/patch_web_vault.sh
|
||||
RUN ./scripts/build_web_vault.sh
|
||||
RUN mv "${VAULT_FOLDER}/apps/web/build" ./web-vault
|
||||
|
||||
# Build
|
||||
RUN npm ci
|
||||
|
||||
# Switch to the web apps folder
|
||||
WORKDIR /vault/apps/web
|
||||
|
||||
RUN npm run dist:oss:selfhost
|
||||
|
||||
RUN printf '{"version":"%s"}' \
|
||||
$(git -c 'versionsort.suffix=-' ls-remote --tags --refs --sort='v:refname' https://github.com/dani-garcia/bw_web_builds.git 'v*' | tail -n1 | grep -Eo '[^\/v]*$') \
|
||||
> build/vw-version.json
|
||||
|
||||
# Delete debugging map files, optional
|
||||
# RUN find build -name "*.map" -delete
|
||||
|
||||
# Prepare the final archives
|
||||
RUN mv build web-vault
|
||||
RUN tar -czvf "bw_web_vault.tar.gz" web-vault --owner=0 --group=0
|
||||
|
||||
# Output the sha256sum here so people are able to match the sha256sum from the CI with the assets and the downloaded version if needed
|
||||
RUN echo "sha256sum: $(sha256sum "bw_web_vault.tar.gz")"
|
||||
|
||||
|
@ -67,7 +47,8 @@ RUN echo "sha256sum: $(sha256sum "bw_web_vault.tar.gz")"
|
|||
# The result is included both uncompressed and as a tar.gz, to be able to use it in the docker images and the github releases directly
|
||||
FROM scratch
|
||||
# hadolint ignore=DL3010
|
||||
COPY --from=build /vault/apps/web/bw_web_vault.tar.gz /bw_web_vault.tar.gz
|
||||
COPY --from=build /vault/apps/web/web-vault /web-vault
|
||||
COPY --from=build /bw_web_builds/bw_web_vault.tar.gz /bw_web_vault.tar.gz
|
||||
COPY --from=build /bw_web_builds/web-vault /web-vault
|
||||
|
||||
# Added so docker create works, can't actually run a scratch image
|
||||
CMD [""]
|
||||
|
|
|
@ -2,7 +2,8 @@
|
|||
# shellcheck disable=SC2034
|
||||
set -o pipefail -o errexit
|
||||
|
||||
VAULT_FOLDER=web-vault
|
||||
VAULT_FOLDER=${VAULT_FOLDER:=web-vault}
|
||||
CHECKOUT_TAGS=${CHECKOUT_TAGS:=true}
|
||||
OUTPUT_FOLDER=builds
|
||||
|
||||
function get_web_vault_version {
|
||||
|
|
|
@ -26,6 +26,7 @@ if [[ "${VAULT_VERSION}" =~ ^20[0-9]{2}\.[0-9]{1,2}.[0-9]{1} ]]; then
|
|||
elif [[ "${VAULT_VERSION}" =~ ^v20[0-9]{2}\.[0-9]{1,2}.[0-9]{1} ]]; then
|
||||
VAULT_VERSION="web-${VAULT_VERSION}"
|
||||
fi
|
||||
|
||||
echo "Using: '${VAULT_VERSION}' to checkout bitwarden/client."
|
||||
|
||||
if [ ! -d "${VAULT_FOLDER}" ]; then
|
||||
|
@ -47,10 +48,14 @@ else
|
|||
popd
|
||||
fi
|
||||
|
||||
if [[ "$CHECKOUT_TAGS" == "true" ]]; then
|
||||
CHECKOUT_ARGS="${CHECKOUT_ARGS:-} --tags"
|
||||
fi
|
||||
|
||||
# Checkout the request
|
||||
pushd "${VAULT_FOLDER}"
|
||||
# Update branch and tag metadata
|
||||
git fetch --tags --depth 1 origin "${VAULT_VERSION}"
|
||||
git fetch --depth 1 ${CHECKOUT_ARGS:-} origin "${VAULT_VERSION}"
|
||||
# Checkout the branch we want
|
||||
git -c advice.detachedHead=false checkout FETCH_HEAD
|
||||
popd
|
||||
|
|
Loading…
Reference in a new issue