refactoring and versioning fix
continuous-integration/drone/push Build is failing
Details
continuous-integration/drone/push Build is failing
Details
This commit is contained in:
parent
5a7b6255c7
commit
aac70254e2
158
.drone.jsonnet
158
.drone.jsonnet
|
@ -1,44 +1,43 @@
|
||||||
local PipelineBuild(os='linux', arch='amd64') = {
|
local PipelineBuild(arch='amd64') = {
|
||||||
local tag = os + '-' + arch,
|
kind: 'pipeline',
|
||||||
local version_tag = os + '-' + arch,
|
name: 'build-' + arch,
|
||||||
local file_suffix = std.strReplace(version_tag, '-', '.'),
|
|
||||||
kind: "pipeline",
|
|
||||||
name: version_tag,
|
|
||||||
platform: {
|
platform: {
|
||||||
os: os,
|
os: 'linux',
|
||||||
arch: arch,
|
arch: arch,
|
||||||
},
|
},
|
||||||
steps: [
|
steps: [
|
||||||
{
|
{
|
||||||
name: 'dryrun',
|
name: 'dryrun',
|
||||||
image: 'plugins/docker:' + tag,
|
image: 'plugins/docker',
|
||||||
pull: 'always',
|
|
||||||
settings: {
|
settings: {
|
||||||
dry_run: true,
|
dry_run: true,
|
||||||
tags: version_tag,
|
dockerfile: 'Dockerfile',
|
||||||
dockerfile: './Dockerfile.' + file_suffix,
|
|
||||||
repo: 'xoxys/freshrss',
|
repo: 'xoxys/freshrss',
|
||||||
username: { from_secret: "docker_username" },
|
username: { from_secret: 'docker_username' },
|
||||||
password: { from_secret: "docker_password" },
|
password: { from_secret: 'docker_password' },
|
||||||
build_args: {
|
build_args: [
|
||||||
FRESHRSS_VERSION: "${DRONE_TAG%-*}",
|
'FRESHRSS_VERSION=${DRONE_TAG%-*}',
|
||||||
},
|
],
|
||||||
|
},
|
||||||
|
when: {
|
||||||
|
ref: [
|
||||||
|
'refs/pull/**',
|
||||||
|
],
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
name: 'publish',
|
name: 'publish',
|
||||||
image: 'plugins/docker:' + tag,
|
image: 'plugins/docker',
|
||||||
pull: 'always',
|
|
||||||
settings: {
|
settings: {
|
||||||
auto_tag: true,
|
auto_tag: true,
|
||||||
auto_tag_suffix: version_tag,
|
auto_tag_suffix: arch,
|
||||||
dockerfile: './Dockerfile.' + file_suffix,
|
dockerfile: 'Dockerfile',
|
||||||
repo: 'xoxys/freshrss',
|
repo: 'xoxys/freshrss',
|
||||||
username: { from_secret: "docker_username" },
|
username: { from_secret: 'docker_username' },
|
||||||
password: { from_secret: "docker_password" },
|
password: { from_secret: 'docker_password' },
|
||||||
build_args: {
|
build_args: [
|
||||||
FRESHRSS_VERSION: "${DRONE_TAG%-*}",
|
'FRESHRSS_VERSION=${DRONE_TAG%-*}',
|
||||||
},
|
],
|
||||||
},
|
},
|
||||||
when: {
|
when: {
|
||||||
ref: [
|
ref: [
|
||||||
|
@ -48,15 +47,14 @@ local PipelineBuild(os='linux', arch='amd64') = {
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
name: "publish-gitea",
|
name: 'publish-gitea',
|
||||||
image: "plugins/gitea-release",
|
image: 'plugins/gitea-release',
|
||||||
pull: "always",
|
|
||||||
settings: {
|
settings: {
|
||||||
api_key: { "from_secret": "gitea_token" },
|
api_key: { from_secret: 'gitea_token' },
|
||||||
base_url: "https://gitea.rknet.org",
|
base_url: 'https://gitea.rknet.org',
|
||||||
overwrite: true,
|
overwrite: true,
|
||||||
title: "${DRONE_TAG}",
|
title: '${DRONE_TAG}',
|
||||||
note: "CHANGELOG.md",
|
note: 'CHANGELOG.md',
|
||||||
},
|
},
|
||||||
when: {
|
when: {
|
||||||
ref: ['refs/tags/**'],
|
ref: ['refs/tags/**'],
|
||||||
|
@ -66,83 +64,85 @@ local PipelineBuild(os='linux', arch='amd64') = {
|
||||||
};
|
};
|
||||||
|
|
||||||
local PipelineNotifications(depends_on=[]) = {
|
local PipelineNotifications(depends_on=[]) = {
|
||||||
kind: "pipeline",
|
kind: 'pipeline',
|
||||||
name: "notifications",
|
name: 'notifications',
|
||||||
platform: {
|
platform: {
|
||||||
os: "linux",
|
os: 'linux',
|
||||||
arch: "amd64",
|
arch: 'amd64',
|
||||||
},
|
},
|
||||||
steps: [
|
steps: [
|
||||||
{
|
{
|
||||||
image: "plugins/manifest",
|
image: 'plugins/manifest',
|
||||||
name: "manifest",
|
name: 'manifest',
|
||||||
pull: "always",
|
|
||||||
settings: {
|
settings: {
|
||||||
ignore_missing: true,
|
ignore_missing: true,
|
||||||
tags: ["${DRONE_TAG}", "${DRONE_TAG%-*}", "${DRONE_TAG%.*}", "${DRONE_TAG%%.*}"],
|
tags: [
|
||||||
username: { from_secret: "docker_username" },
|
'${DRONE_TAG}',
|
||||||
password: { from_secret: "docker_password" },
|
'${DRONE_TAG%-*}',
|
||||||
spec: "./manifest.tmpl",
|
'${DRONE_TAG%.*}',
|
||||||
|
'${DRONE_TAG%%.*}',
|
||||||
|
],
|
||||||
|
username: { from_secret: 'docker_username' },
|
||||||
|
password: { from_secret: 'docker_password' },
|
||||||
|
spec: 'manifest.tmpl',
|
||||||
},
|
},
|
||||||
when: {
|
when: {
|
||||||
ref: [
|
status: [
|
||||||
'refs/heads/master',
|
'success',
|
||||||
'refs/tags/**',
|
|
||||||
],
|
],
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
name: "readme",
|
name: 'readme',
|
||||||
image: "sheogorath/readme-to-dockerhub",
|
image: 'sheogorath/readme-to-dockerhub',
|
||||||
pull: "always",
|
|
||||||
environment: {
|
environment: {
|
||||||
DOCKERHUB_USERNAME: { from_secret: "docker_username" },
|
DOCKERHUB_USERNAME: { from_secret: 'docker_username' },
|
||||||
DOCKERHUB_PASSWORD: { from_secret: "docker_password" },
|
DOCKERHUB_PASSWORD: { from_secret: 'docker_password' },
|
||||||
DOCKERHUB_REPO_PREFIX: "xoxys",
|
DOCKERHUB_REPO_PREFIX: 'xoxys',
|
||||||
DOCKERHUB_REPO_NAME: "freshrss",
|
DOCKERHUB_REPO_NAME: 'freshrss',
|
||||||
README_PATH: "README.md",
|
README_PATH: 'README.md',
|
||||||
SHORT_DESCRIPTION: "Rootless FreshRSS - Self-hosted RSS feed aggregator"
|
SHORT_DESCRIPTION: 'Rootless FreshRSS - Self-hosted RSS feed aggregator',
|
||||||
},
|
},
|
||||||
when: {
|
when: {
|
||||||
ref: [
|
status: [
|
||||||
'refs/heads/master',
|
'success',
|
||||||
'refs/tags/**',
|
|
||||||
],
|
],
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
name: "microbadger",
|
name: 'matrix',
|
||||||
image: "plugins/webhook",
|
image: 'plugins/matrix',
|
||||||
pull: "always",
|
|
||||||
settings: {
|
settings: {
|
||||||
urls: { from_secret: "microbadger_url" },
|
homeserver: { from_secret: 'matrix_homeserver' },
|
||||||
},
|
roomid: { from_secret: 'matrix_roomid' },
|
||||||
},
|
template: 'Status: **{{ build.status }}**<br/> Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}<br/> Message: {{ build.message }}',
|
||||||
{
|
username: { from_secret: 'matrix_username' },
|
||||||
image: "plugins/matrix",
|
password: { from_secret: 'matrix_password' },
|
||||||
name: "matrix",
|
|
||||||
pull: 'always',
|
|
||||||
settings: {
|
|
||||||
homeserver: "https://matrix.rknet.org",
|
|
||||||
roomid: "MtidqQXWWAtQcByBhH:rknet.org",
|
|
||||||
template: "Status: **{{ build.status }}**<br/> Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}<br/> Message: {{ build.message }}",
|
|
||||||
username: { from_secret: "matrix_username" },
|
|
||||||
password: { from_secret: "matrix_password" },
|
|
||||||
},
|
},
|
||||||
when: {
|
when: {
|
||||||
status: [ "success", "failure" ],
|
status: [
|
||||||
|
'success',
|
||||||
|
'failure',
|
||||||
|
],
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
],
|
],
|
||||||
trigger: {
|
trigger: {
|
||||||
status: [ "success", "failure" ],
|
ref: [
|
||||||
|
'refs/heads/master',
|
||||||
|
'refs/tags/**',
|
||||||
|
],
|
||||||
|
status: [
|
||||||
|
'success',
|
||||||
|
'failure',
|
||||||
|
],
|
||||||
},
|
},
|
||||||
depends_on: depends_on,
|
depends_on: depends_on,
|
||||||
};
|
};
|
||||||
|
|
||||||
[
|
[
|
||||||
PipelineBuild(os='linux', arch='amd64'),
|
PipelineBuild(arch='amd64'),
|
||||||
PipelineNotifications(depends_on=[
|
PipelineNotifications(depends_on=[
|
||||||
"linux-amd64",
|
'build-amd64',
|
||||||
])
|
]),
|
||||||
]
|
]
|
||||||
|
|
10
CHANGELOG.md
10
CHANGELOG.md
|
@ -1,8 +1,4 @@
|
||||||
|
> __WARNING:__ Versionning was not working due to a bug in CI pipeline. You may run a developent version of FreshRSS currently!
|
||||||
|
|
||||||
* BUGFIX
|
* BUGFIX
|
||||||
* fix init error if DB not available
|
* fix versioning
|
||||||
* ENHANCEMENT
|
|
||||||
* remove stdout redirect for the supercronic main process
|
|
||||||
* remove log redirect from cron scripts
|
|
||||||
* remove `FRESHRSS_LIMITS_MAX_INACTIVITY`
|
|
||||||
* SECURITY
|
|
||||||
* update PHP to address [CVE-2019-11043](https://de.tenable.com/blog/cve-2019-11043-vulnerability-in-php-fpm-could-lead-to-remote-code-execution-on-nginx)
|
|
||||||
|
|
|
@ -2,7 +2,7 @@ FROM xoxys/nginx:latest
|
||||||
|
|
||||||
LABEL maintainer="Robert Kaussow <mail@geeklabor.de>" \
|
LABEL maintainer="Robert Kaussow <mail@geeklabor.de>" \
|
||||||
org.label-schema.name="FreshRSS" \
|
org.label-schema.name="FreshRSS" \
|
||||||
org.label-schema.version="1.2" \
|
org.label-schema.vcs-url="https://gitea.rknet.org/docker/freshrss" \
|
||||||
org.label-schema.vendor="Robert Kaussow" \
|
org.label-schema.vendor="Robert Kaussow" \
|
||||||
org.label-schema.schema-version="1.0"
|
org.label-schema.schema-version="1.0"
|
||||||
|
|
||||||
|
@ -18,6 +18,7 @@ RUN apk --update add --virtual .build-deps tar curl && \
|
||||||
rm -f /etc/php7/php-fpm.d/www.conf && \
|
rm -f /etc/php7/php-fpm.d/www.conf && \
|
||||||
mkdir -p /var/www/app && \
|
mkdir -p /var/www/app && \
|
||||||
mkdir /var/www/.postgresql && \
|
mkdir /var/www/.postgresql && \
|
||||||
|
echo "Installing FreshRSS '$FRESHRSS_VERSION' ..." && \
|
||||||
curl -SsL ${FRESHRSS_TARBALL} | tar xz -C /var/www/app/ --strip-components=1 && \
|
curl -SsL ${FRESHRSS_TARBALL} | tar xz -C /var/www/app/ --strip-components=1 && \
|
||||||
curl -SsL -o /etc/php7/browscap.ini https://browscap.org/stream?q=Lite_PHP_BrowsCapINI && \
|
curl -SsL -o /etc/php7/browscap.ini https://browscap.org/stream?q=Lite_PHP_BrowsCapINI && \
|
||||||
apk del .build-deps && \
|
apk del .build-deps && \
|
||||||
|
@ -45,7 +46,7 @@ USER nginx
|
||||||
|
|
||||||
STOPSIGNAL SIGTERM
|
STOPSIGNAL SIGTERM
|
||||||
|
|
||||||
ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
|
ENTRYPOINT ["/usr/local/bin/entrypoint"]
|
||||||
HEALTHCHECK --interval=30s --timeout=5s --retries=3 CMD /usr/local/bin/healthcheck.sh
|
HEALTHCHECK --interval=30s --timeout=5s --retries=3 CMD /usr/local/bin/healthcheck
|
||||||
WORKDIR /var/www/app
|
WORKDIR /var/www/app
|
||||||
CMD []
|
CMD []
|
|
@ -1,17 +1,18 @@
|
||||||
#!/bin/sh
|
#!/usr/bin/env sh
|
||||||
|
set -eo pipefail
|
||||||
|
|
||||||
/usr/local/bin/gomplate -V -o /etc/php7/php.ini -f /etc/templates/php.ini.tmpl
|
/usr/local/bin/gomplate -V -o /etc/php7/php.ini -f /etc/templates/php.ini.tmpl
|
||||||
/usr/local/bin/gomplate -V -o /var/www/app/data/config.php -f /etc/templates/config.php.tmpl
|
/usr/local/bin/gomplate -V -o /var/www/app/data/config.php -f /etc/templates/config.php.tmpl
|
||||||
/usr/local/bin/gomplate -V -o /var/www/app/constants.local.php -f /etc/templates/constants.local.php.tmpl
|
/usr/local/bin/gomplate -V -o /var/www/app/constants.local.php -f /etc/templates/constants.local.php.tmpl
|
||||||
|
|
||||||
if [ "${FRESHRSS_POSTGRES_SSL_ROOTCERT}" ] && [ ! -f "/var/www/.postgresql/root.crt" ]; then
|
if [ -n "${FRESHRSS_POSTGRES_SSL_ROOTCERT}" ] && [ ! -f "/var/www/.postgresql/root.crt" ]; then
|
||||||
ln -s "${FRESHRSS_POSTGRES_SSL_ROOTCERT}" /var/www/.postgresql/root.crt
|
ln -s "${FRESHRSS_POSTGRES_SSL_ROOTCERT}" /var/www/.postgresql/root.crt
|
||||||
fi
|
fi
|
||||||
|
|
||||||
printf "\nPrepare FreshRSS...\n"
|
printf "\nPrepare FreshRSS...\n"
|
||||||
PREP=$(/usr/bin/php -f ./cli/prepare.php)
|
PREP=$(/usr/bin/php -f ./cli/prepare.php)
|
||||||
if [ $? -ne 0 ]; then
|
if [ $? -ne 0 ]; then
|
||||||
echo $PREP
|
echo "$PREP"
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
@ -22,12 +23,12 @@ if [ "${FRESHRSS_DEFAULT_USER}" ]; then
|
||||||
case "$UCREATE" in
|
case "$UCREATE" in
|
||||||
*"username already taken"*) ;;
|
*"username already taken"*) ;;
|
||||||
*)
|
*)
|
||||||
echo $UCREATE
|
echo "$UCREATE"
|
||||||
rm -rf "/var/www/app/data/users/$FRESHRSS_DEFAULT_USER"
|
rm -rf "/var/www/app/data/users/$FRESHRSS_DEFAULT_USER"
|
||||||
exit 1
|
exit 1
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
fi
|
fi
|
||||||
printf "Result: success\n\n"
|
printf "Result: success\n\n"
|
||||||
fi
|
fi
|
||||||
|
|
|
@ -1,3 +1,4 @@
|
||||||
#!/bin/sh
|
#!/usr/bin/env sh
|
||||||
|
set -eo pipefail
|
||||||
|
|
||||||
(php -r "readfile('http://localhost:8080/i/');" | grep -q 'jsonVars') || exit 1
|
(php -r "readfile('http://localhost:8080/i/');" | grep -q 'jsonVars') || exit 1
|
Reference in New Issue