def run_docker_login(self, url, user, password): try: cmd = f'docker login {url} --password {password} --username {user}' process.run_with_output(cmd) except subprocess.CalledProcessError as cpe: raise exceptions.AspenError(f'Could not login to docker registry. ' f'Error was: "{cpe.output}"')
def run_step(self, data): if os.path.isfile(nvm.NVM_DIR): self.log.debug('nvm is already installed, continuing') else: self.log.info('nvm is not installed, installing now') cmd = (f'curl -o- https://raw.githubusercontent.com/creationix/nvm/' f'{self.nvm_version}/install.sh | bash') try: process.run_with_output(cmd) except PipelineException as install_ex: self.handle_step_error( 'Error while installing nvm', install_ex ) self.log.debug('nvm installed successfully')
def run_command(self, cmd): try: return process.run_with_output(cmd) except subprocess.CalledProcessError as cpe: raise exceptions.AspenError( f'Command error when decrypting application passwords. ' f'Error was: "{cpe.output}"')
def build(labels=None, build_args=None): flags = '--pull' #build_local_image_id = 'docker build --quiet --pull' root = environment.get_project_root() if labels: for label in labels: flags = f'{flags} --label {label}' if build_args: for arg in build_args: flags = f'{flags} --build-arg {arg}' # Build log.info(process.run_with_output(f'docker build {flags} {root}')) # Rerun build to get a local image id. return process.run_with_output(f'docker build --quiet {flags} {root}')
def run_step(self, data): try: print_util.green(process.run_with_output('docker --version')) except PipelineException as install_ex: self.handle_step_error('Error while checking Docker version. ', install_ex)
def login_azure(): host = environment.get_azure_registry_host() user = environment.get_azure_registry_user() pwd = environment.get_azure_registry_password() retval = process.run_with_output(f'docker login -u {user} -p {pwd} {host}', False) return retval
def run_step(self, data): # npm login doesn't support non-interactive login, so we'll do this # through a docker image cmd = (f'docker run ' f'-e NPM_USER="******" ' f'-e NPM_PASS="******" ' f'-e NPM_EMAIL="{environment.get_npm_email()}" ' f'{self.get_docker_image()} ') try: self.log.info('Logging into NPM to get an access token.') npm_token = process.run_with_output(cmd, log_cmd=False) file_util.overwite_absolute(self.get_output_file(), npm_token) self.log.debug(f'NPM token written to {self.get_output_file()}') except PipelineException as docker_ex: self.handle_step_error( 'NPM login failed. Exception when trying to get auth token from npm via docker', docker_ex) try: result = nvm.exec_npm_command(data, 'whoami') self.log.info(f"Logged in to NPM as '{result}'.") except PipelineException as npm_ex: self.handle_step_error( 'Exception when trying to verify identify with npm whoami', npm_ex) self.step_ok() return data
def exec_npm_command(data, command, flags=''): result = '' npm_base = get_npm_base(data) npm_command = f'{npm_base} {command} {flags}' output = process.run_with_output(npm_command) if output: result = output.replace('\n', '').strip() return result
def run_step(self, data): try: result = process.run_with_output( '. /var/lib/jenkins/.nvm/nvm.sh && nvm --version') except PipelineException as pipeline_ex: self.handle_step_error('Could not verify nvm version on jenkins', pipeline_ex) self.log.debug('nvm version is: "%s"', result.strip()) return data
def is_installed(self): result = False try: response = process.run_with_output("command -v nvm") if "nvm" in response: result = True except Exception as err: self.handle_step_error('Error checking if NVM is installed.', err) return result
def build(labels=None, build_args=None): build_cmd = 'docker build --quiet --pull' root = environment.get_project_root() if labels: for label in labels: build_cmd = f'{build_cmd} --label {label}' if build_args: for arg in build_args: build_cmd = f'{build_cmd} --build-arg {arg}' return process.run_with_output(f'{build_cmd} {root}')
def run_step(self, data): try: output = process.run_with_output('docker --version') self.log.info(output) self.step_ok() except PipelineException as install_ex: self.handle_step_error('Error while checking Docker version. ', install_ex) return data
def run_step(self, data): try: result = process.run_with_output(f'nvm --version') except PipelineException as pipeline_ex: self.handle_step_error('Could not verify nvm version on jenkins', pipeline_ex) self.log.info('nvm version is: "%s"', result.strip()) self.step_ok() return data
def run_test(compose_test_file, data): image_id = data[pipeline_data.LOCAL_IMAGE_ID] cmd = (f'LOCAL_IMAGE_ID={image_id} ' f'docker-compose --file {compose_test_file} up ' f'--build ' f'--abort-on-container-exit ' f'--always-recreate-deps ' f'--force-recreate') return process.run_with_output(cmd)
def run_test(compose_test_file, data): image_id = data[pipeline_data.LOCAL_IMAGE_ID] cmd = ( f'cd {file_util.get_project_root()} && LOCAL_IMAGE_ID={image_id} ' f'{environment.get_tests_secrets()} WORKSPACE={environment.get_docker_mount_root()} docker-compose --file {compose_test_file} up ' f'--build ' f'--no-log-prefix ' f'--quiet-pull ' f'--abort-on-container-exit ' f'--always-recreate-deps ' f'--force-recreate') output = process.run_with_output(cmd, log_cmd=False, check=True) cmd_clean = (f'docker-compose --file {compose_test_file} down -v') process.run_with_output(cmd_clean) return output
def run_step(self, data): #self.log.info(f'Is NVM installed (check using command -v nvm) {self.is_installed()}') # TODO: https://github.com/nvm-sh/nvm#verify-installation if os.path.isfile(nvm.NVM_DIR): self.log.info('nvm is already installed, continuing') else: self.log.info('nvm is not installed, installing now') cmd = ( f'curl -o- https://raw.githubusercontent.com/creationix/nvm/' f'{self.nvm_version}/install.sh | bash') try: process.run_with_output(cmd) except PipelineException as install_ex: self.handle_step_error('Error while installing nvm', install_ex) self.log.debug('nvm installed successfully') self.step_ok()
def run_docker_slim(self, data): env = environment.get_slim_env() if env: env = f'--env {env}' image_id = data[pipeline_data.LOCAL_IMAGE_ID] output = process.run_with_output( f'docker run --rm ' f'-v /var/run/docker.sock:/var/run/docker.sock ' f'dslim/docker-slim --in-container build {env} ' f'{image_id}') self.log.debug('Output from docker-slim was: %s', output)
def check_dependencies(): package_json = file_util.get_absolue_path(PACKAGE_JSON) if environment.is_run_inside_docker(): package_json = file_util.get_docker_mounted_path(PACKAGE_JSON) image_name = IMAGE_NAME # Mount the local package.json file into the Docker instance cmd = f'docker run --tty --rm -v {package_json}:/package.json {image_name}' try: return process.run_with_output(cmd) except PipelineException as pipeline_ex: log.warning('Could not check dependencies: "%s"', str(pipeline_ex)) return None
def _run_supervisor(self, image_name): cmd = ( 'docker run --rm -v ${{WORKSPACE}}:{0} {1} ' '/bin/bash -c "source ~/.bashrc && ' 'JSON_OUTPUT=1 node /opt/repo-supervisor/dist/cli.js {0}"'.format( RepoSupervisorStep.REPO_MOUNTED_DIR, image_name)) try: return process.run_with_output(cmd) except PipelineException as pipeline_ex: # Special handling while waiting for https://github.com/auth0/repo-supervisor/pull/5 if 'Not detected any secrets in files' not in str(pipeline_ex): self.log.warning( 'Ignoring error in repo supervisor step: "%s"', str(pipeline_ex)) return None
def _run_supervisor(self, image_name): root = file_util.get_project_root() if environment.is_run_inside_docker(): root = environment.get_docker_mount_root() mounted_dir = RepoSupervisorStep.REPO_MOUNTED_DIR cmd = (f'docker run --rm -v {root}:{mounted_dir} {image_name} /bin/bash -c "source ~/.bashrc && JSON_OUTPUT=1 node /opt/repo-supervisor/dist/cli.js {mounted_dir}"') try: # Do note that if your have packages installed like (/node_modules) this will probably break with # char encoding problems. output = process.run_with_output(cmd) except PipelineException as pipeline_ex: # Special handling while waiting for https://github.com/auth0/repo-supervisor/pull/5 if 'Not detected any secrets in files' not in str(pipeline_ex): self.log.warning( 'Ignoring error in repo supervisor step: "%s"', str(pipeline_ex) ) return None
def run_step(self, data): # npm login doesn't support non-interactive login, so we'll do this # through a docker image cmd = (f'docker run ' f'-e NPM_USER="******" ' f'-e NPM_PASS="******" ' f'-e NPM_EMAIL="{environment.get_npm_email()}" ' f'{self.get_docker_image()} ' f'> {self.get_output_file()}') try: result = process.run_with_output(cmd, False) except PipelineException as docker_ex: self.handle_step_error( 'NPM login failed. Exception when trying to get auth token from npm via docker', docker_ex) self.log.debug('Output from npm login was: "%s"', result) try: result = nvm.exec_npm_command(data, 'whoami') except PipelineException as npm_ex: self.handle_step_error( 'Exception when trying to verify identify with npm whoami', npm_ex) self.log.debug('Output from npm whoami was: "%s"', result) return data
def pull(image_name): return process.run_with_output(f'docker pull {image_name}')
def inspect_image(image_id): return process.run_with_output(f'docker image inspect {image_id}')
def push(registry_image_name): return process.run_with_output(f'docker push {registry_image_name}')
def tag_image(image_id, tag): return process.run_with_output(f'docker tag {image_id} {tag}')
def stop_and_remove_container(container_id): return process.run_with_output(f'docker rm -f {container_id}')
def run(image_id): return process.run_with_output(f'docker run -d {image_id}').rstrip()
def grep_image_id(image_id): try: return process.run_with_output(f'docker images | grep {image_id}') except PipelineException: # An exception here means that the grep failed and that the image is missing return None
def get_container_status(container_id): return process.run_with_output( f'docker inspect --format=\'{{{{.State.Status}}}}\' ' f'{container_id}').replace('\n', '')
def get_image_id(tag): return process.run_with_output( f'docker image ls --filter reference="{tag}" -q').rstrip()