Merge branch 'development' into 'main'

# Find a suitable commit for determining changed files

#

#

# Copyright 2022 Dom Sekotill <dom.sekotill@kodo.org.uk>

#

# Licensed under the Apache License, Version 2.0 (the "License");

# you may not use this file except in compliance with the License.

# You may obtain a copy of the License at

#

#     http://www.apache.org/licenses/LICENSE-2.0

#

# Unless required by applicable law or agreed to in writing, software

# distributed under the License is distributed on an "AS IS" BASIS,

# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

# See the License for the specific language governing permissions and

# limitations under the License.

pre_commit_run() (

	set -eu

	declare -a PRE_COMMIT_ARGS

	find_lca() {

		local repo=$CI_REPOSITORY_URL

		local current_branch=$1 other_branch=$2

		# See https://stackoverflow.com/questions/63878612/git-fatal-error-in-object-unshallow-sha-1

		# and https://stackoverflow.com/questions/4698759/converting-git-repository-to-shallow/53245223#53245223

		# for background on what `git repack -d` is doing here.

		git repack -qd

		git fetch -q $repo --shallow-exclude=$other_branch $current_branch

		git fetch -q $repo --deepen=1 $current_branch

		FROM_REF=$(git rev-parse -q --revs-only --verify shallow) || unset FROM_REF

	}

	fetch_ref() {

		git fetch -q $CI_REPOSITORY_URL --depth=1 $1

		FROM_REF=$1

	}

	if [[ -v CI_COMMIT_BEFORE_SHA ]] && [[ ! $CI_COMMIT_BEFORE_SHA =~ ^0{40}$ ]]; then

		fetch_ref $CI_COMMIT_BEFORE_SHA

	elif [[ -v CI_MERGE_REQUEST_TARGET_BRANCH_NAME ]]; then

		find_lca $CI_MERGE_REQUEST_SOURCE_BRANCH_NAME $CI_MERGE_REQUEST_TARGET_BRANCH_NAME

	elif [[ $CI_COMMIT_BRANCH != $CI_DEFAULT_BRANCH ]]; then

		find_lca $CI_COMMIT_BRANCH $CI_DEFAULT_BRANCH

	fi

	if [[ -v FROM_REF ]]; then

		PRE_COMMIT_ARGS=( --from-ref=$FROM_REF --to-ref=$CI_COMMIT_SHA )

	else

		PRE_COMMIT_ARGS=( --all-files )

	fi

	pre-commit run "$@" "${PRE_COMMIT_ARGS[@]}"

)

Checks:

  stage: check

  image: docker.kodo.org.uk/ci-images/pre-commit:2.15.0-1

  rules:

  - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH

    variables:

      FROM_REF: $CI_COMMIT_BEFORE_SHA

  - if: $CI_PIPELINE_SOURCE == "push"

    variables:

      FETCH: $CI_DEFAULT_BRANCH

      FROM_REF: $CI_DEFAULT_BRANCH

  - if: $CI_PIPELINE_SOURCE == "merge_request_event"

    variables:

      FROM_REF: $CI_MERGE_REQUEST_TARGET_BRANCH_SHA

  needs: []

  variables:

    PRE_COMMIT_HOME: $CI_PROJECT_DIR/pre-commit

    PRE_COMMIT_HOME: $CI_PROJECT_DIR/cache/pre-commit

  cache:

    key: $CI_JOB_NAME

    paths: [pre-commit]

    key: $CI_JOB_IMAGE

    paths: [cache]

  script:

  - test -n "${FETCH-}" && git fetch origin $FETCH:$FETCH -f

  - pre-commit run

    --hook-stage=commit

    --from-ref=$FROM_REF

    --to-ref=$CI_COMMIT_SHA

  - source .gitlab-ci.pre-commit-run.bash

  - pre_commit_run --hook-stage=commit

  - pre_commit_run --hook-stage=push

.build:

FROM alpine as buildctl

ENV DOCKER_CONFIG=/etc/docker

RUN mkdir -p $DOCKER_CONFIG

RUN mkdir -p $DOCKER_CONFIG && apk add --no-cache jq

COPY --from=go /src/buildctl /bin/

COPY entrypoint.buildctl.bash /bin/entrypoint

COPY entrypoint.buildctl.sh /bin/entrypoint

COPY add-auth.sh /bin/add-auth

ENTRYPOINT ["/bin/entrypoint"]

USER 1000

VOLUME /run/buildkit

EXPOSE 8372/tcp

ENTRYPOINT ["/bin/entrypoint"]

#!/bin/sh

set -eu

die() { echo "$USAGE"; echo "Fatal: $*"; exit 1; }

USAGE="$0 REPOSITORY USERNAME

REPOSITORY  The image repository to authenticate against

USERNAME    The username to authenticate with

The password to authenticate with will be read from STDIN

"

CONFIG=$DOCKER_CONFIG/config.json || die "DOCKER_CONFIG must be set in the environment"

REPOSITORY=$1 || die "REPOSITORY is missing"

USERNAME=$2 || die "USERNAME is missing"

read -p "Enter password: " PASSWORD

test -e "$CONFIG" || touch "$CONFIG"

jq <"$CONFIG" >"$CONFIG.tmp" \

	--slurp \

	--arg repo "$REPOSITORY" \

	--arg user "$USERNAME" \

	--arg pass "$PASSWORD" \

	'(if . == [] then {} else .[0] end)

	* {"auths": {($repo): {"username": ($user), "password": ($pass)}}}'

mv "$CONFIG.tmp" "$CONFIG"

esac

if [ -n "${CI_REGISTRY-}" ]; then

	tee >$DOCKER_CONFIG/config.json <<-END_JSON

		{

		  "auths": {

		    "$CI_REGISTRY": {

		      "username": "$CI_REGISTRY_USER",

		      "password": "$CI_REGISTRY_PASSWORD"

		    }

		  }

		}

	END_JSON

	echo "$CI_REGISTRY_PASSWORD" |

	/bin/add-auth "$CI_REGISTRY" "$CI_REGISTRY_USER"

fi

exec "$@"