Skip to content

Commit

Permalink
just: patch deployments with image digests
Browse files Browse the repository at this point in the history
Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
  • Loading branch information
katexochen committed Jan 16, 2024
1 parent 6cb8afd commit 2119748
Show file tree
Hide file tree
Showing 2 changed files with 28 additions and 0 deletions.
2 changes: 2 additions & 0 deletions justfile
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@ generate target=default_deploy_target:
mkdir -p ./{{workspace_dir}}
rm -rf ./{{workspace_dir}}/*
cp -R ./deployments/{{target}} ./{{workspace_dir}}/deployment
nix run .#patch-nunki-image-hashes -- ./{{workspace_dir}}/deployment
nix run .#patch-kube-images -- ./{{workspace_dir}}/deployment \
--replace ghcr.io/edgelesssys ${container_registry}
nix run .#cli -- generate \
Expand Down Expand Up @@ -99,6 +100,7 @@ demodir:
nix build .#nunki.cli
cp ./result-cli/bin/cli "${d}/nunki"
cp -R ./deployments/emojivoto "${d}/deployment"
nix run .#patch-nunki-image-hashes -- "${d}/deployment"
nix run .#patch-kube-images -- "${d}/deployment" \
--replace ghcr.io/edgelesssys ${container_registry}
echo "Demo directory ready at ${d}"
Expand Down
26 changes: 26 additions & 0 deletions packages/default.nix
Original file line number Diff line number Diff line change
Expand Up @@ -151,6 +151,32 @@ rec {
text = ''golangci-lint "$@"'';
};

patch-nunki-image-hashes = writeShellApplication {
name = "patch-nunki-image-hashes";
runtimeInputs = [
coordinator
crane
initializer
patch-kube-images
];
text = ''
targetPath=$1
tmpdir=$(mktemp -d)
trap 'rm -rf $tmpdir' EXIT
gunzip < "${coordinator}" > "$tmpdir/coordinator.tar"
gunzip < "${initializer}" > "$tmpdir/initializer.tar"
coordHash=$(crane digest --tarball "$tmpdir/coordinator.tar")
initHash=$(crane digest --tarball "$tmpdir/initializer.tar")
patch-kube-images "$targetPath" \
--replace "nunki/coordinator:latest" "nunki/coordinator@$coordHash" \
--replace "nunki/initializer:latest" "nunki/initializer@$initHash"
'';
};

patch-kube-images = writeShellApplication {
name = "patch-kube-images";
runtimeInputs = [ yq-go ];
Expand Down

0 comments on commit 2119748

Please sign in to comment.