test_apps_publishing.sh

#!/usr/bin/env bash
# Copyright (c) 2020 Foundries.io
# SPDX-License-Identifier: BSD-3-Clause
set -euo pipefail

# examples
# publish just amd64 arch ./tests/test_apps_publishing.sh $FACTORY $OSF_TOKEN $FIO_USER_ID $FACTORY_CREDS $FACTORY_DIR/containers.git msul-dev01/lmp 1161 master $PWD/work-dir "" linux/amd64
# publish all machines and archs/platforms ./tests/test_apps_publishing.sh $FACTORY $OSF_TOKEN $FIO_USER_ID $FACTORY_CREDS $FACTORY_DIR/containers.git msul-dev01/lmp 1161 master $PWD/work-dir


REQ_ARG_NUMB=5
if [[ $# -lt ${REQ_ARG_NUMB} ]]; then
    echo "Insufficient number of parameters"
    exit 1
fi

# Input params
FACTORY=$1
OSF_TOKEN=$2

# jobserv-curl -s https://api.foundries.io/ota/factories/msul-dev01/users/ | jq ".[0].\"polis-id\""
# FIO_USER_ID = $(fioctl users -f <factory>)
USER_ID=$3

# how to download it for average user??
# credentials.zip
CREDS_ARCH=$4

# a full path to containers.git repo
APPS_ROOT_DIR=$5

# e.g. msul-dev01/lmp
H_PROJECT=$6

# a build number
H_BUILD=$7

# A tag to apply to newly created Target(s), optional, master by default
OTA_LITE_TAG=${8-"master"}

# a dir where the updated creds.zip will be stored along with Factory's TUF repo (keys, targets, etc), optional
WORK_DIR=${9-"$(mktemp -d -t publish-compose-app-XXXXXXXXXX)"}
echo ">> Work dir: ${WORK_DIR}"

# MACHINES to create Targets for, optional, by default, if not specified, Targets for all MACHINES
# found in the previous Targets will be created. e.g. intel-corei7-64
MACHINES=${10-""}

# PLATFORMS to create Targets for, optional, if not defined `container` Target will be created for each
# found previous Targets. e.g. linux/amd64
PLATFORMS=${11-""}

# Indicates whether to push the new Target(s) to the Factory's TUF repo, optional, off by default
PUSH_TARGET=${12-""}

# a path to the compose publish binary tool, optional, will be downloaded if not specified
PUBLISH_TOOL=${13-""}


ARCHIVE=$WORK_DIR/archive # directory to store artifacts generated by the given script/job
if [[ ! -d ${ARCHIVE} ]]; then
  mkdir "${ARCHIVE}"
fi

SECRETS=$WORK_DIR/secrets # directory to store secrets,
#    - /secrets/osftok - file containing OSF_TOKEN
#    - /secrets/triggered-by - just client_ID from credentials.zip:treehub.json:oauth2:client_id
#    - /secrets/credentials.zip - you Factory OTA creds, created on the first Factory's build
if [[ ! -d ${SECRETS} ]]; then
  mkdir "${SECRETS}"
fi

echo -n "${OSF_TOKEN}" > "${WORK_DIR}/secrets/osftok"
echo -n "${USER_ID}" > "${WORK_DIR}/secrets/triggered-by"

# needed for docker login and storing an updated credentials.zip
HOME_DIR="${WORK_DIR}/home"
if [[ ! -d ${HOME_DIR} ]]; then
  mkdir "${HOME_DIR}"
fi

TUF_REPO=$WORK_DIR/tuf-repo # directory for TUF metadata files, must be created by current user

if [[ ! -d ${TUF_REPO} ]]; then
  mkdir "${TUF_REPO}"
fi

CMD=./apps/publish.sh

docker run -v -it --rm \
  -e FACTORY=$FACTORY \
  -e TUF_REPO="/tuf-repo/$FACTORY" \
  -e OTA_LITE_TAG=$OTA_LITE_TAG \
  -e APPS_ROOT_DIR=/apps \
  -e PUBLISH_TOOL=/usr/local/bin/compose-publish \
  -e PUSH_TARGETS=$PUSH_TARGET \
  -e MACHINES="${MACHINES}" \
  -e HOME="/home-dir" \
  -e MANIFEST_PLATFORMS_DEFAULT="${PLATFORMS}" \
  -e H_PROJECT="${H_PROJECT}" \
  -e H_BUILD="${H_BUILD}" \
  -e CREDS_ARCH_UPDATED="/home-dir/creds-updated.zip" \
  -v $PWD:/ci-scripts \
  -v $ARCHIVE:/archive \
  -v $SECRETS:/secrets \
  -v $TUF_REPO:/tuf-repo \
  -v $APPS_ROOT_DIR:/apps \
  -v $PUBLISH_TOOL:/usr/local/bin/compose-publish \
  -v "${HOME_DIR}":"/home-dir" \
  -w /ci-scripts \
  -u $(id -u ${USER}):$(id -g ${USER}) \
  foundries/lmp-image-tools "${CMD}"

if [[ $? -eq 0 ]]; then
  echo "Your apps has been successfully published, see the work dir for details: ${WORK_DIR}"
else
  echo "Failed to publish Compose Apps"
fi