From cc998bcae1d8018060bc2d227bf6deacee09dea1 Mon Sep 17 00:00:00 2001 From: Jeremy Phelps Date: Thu, 3 May 2018 19:41:39 -0500 Subject: [PATCH] Add support to log into docker.io This follows essentially the same pattern as logging into the nexus docker registries. Change-Id: I174c0f27d46d59ddae5abc0fda67a839095c2535 Signed-off-by: Jeremy Phelps --- shell/docker-login.sh | 57 ++++++++++++++++++++++++++++++++++++++------------- 1 file changed, 43 insertions(+), 14 deletions(-) diff --git a/shell/docker-login.sh b/shell/docker-login.sh index 92da7e0d..cac51867 100644 --- a/shell/docker-login.sh +++ b/shell/docker-login.sh @@ -22,19 +22,36 @@ # Listing of all the registry ports to login to # ex: 10001 10002 10003 10004 # +# $DOCKERHUB_REGISTRY: Optional +# Set global Jenkins variable to `docker.io` +# Additionally you will need to add as an entry +# to your projects mvn-settings file with username +# and password creds. If you are using docker version +# < 17.06.0 you will need to set DOCKERHUB_EMAIL +# to auth to docker.io +# # $SETTINGS_FILE : Job level variable with maven settings file location # # $DOCKERHUB_EMAIL : Optional # Jenkins global variable that defines the email address that # should be used for logging into DockerHub -# If defined than an attempt to login to docker hub will -# happen +# Note that this will not be used if you are using +# docker version >=17.06.0. + +#So here are the cases in docker login +#1) User logging into nexus no email required regardless of docker version +#2) User logging into docker.io with docker version <17.06.0 email optional +#3) User logging into docker.io wiht docker version >= 17.06.0 cannot use email flag + # Ensure we fail the job if any steps fail set -eu -o pipefail -# Execute the credential lookup and login to the registry -do_login() { +#Check if current version less than desired version +version_lt() { test "$(echo "$@" | tr " " "\n" | sort -rV | head -n 1)" != "$1"; } + +# Execute the credential lookup and set +set_creds() { set +x # Ensure that no other scripts add `set -x` and print passwords echo "$1" CREDENTIAL=$(xmlstarlet sel -N "x=http://maven.apache.org/SETTINGS/1.0.0" \ @@ -57,13 +74,14 @@ do_login() { return 1 fi - docker_version=$(docker -v | awk '{print $3}') - compare_value=$(echo "17.06.0 $docker_version" | \ - tr " " "\n" | \ - sort -V | \ - sed -n 1p) - if [[ "$docker_version" == "$compare_value" && \ - "$docker_version" != "17.06.0" ]] +} + +# Login to the registry +do_login() { + docker_version=$( docker -v | awk '{print $3}') + if version_lt $docker_version "17.06.0" && \ + "$DOCKERHUB_REGISTRY" == "docker.io" && \ + "$DOCKERHUB_EMAIL:-none" != 'none' then docker login -u "$USER" -p "$PASS" -e "$2" "$1" else @@ -71,6 +89,10 @@ do_login() { fi } + +### Main ### + +# Loop through Registry and Ports to concatentate and login to nexus if [ "${DOCKER_REGISTRY:-none}" != 'none' ] then for PORT in $REGISTRY_PORTS @@ -79,12 +101,19 @@ then # docker login requests an email address if nothing is passed to it # Nexus, however, does not need this and ignores the value + set_creds $REGISTRY do_login "$REGISTRY" none done fi -# Attempt to login to docker.io only if $DOCKERHUB_EMAIL is configured -if [ "${DOCKERHUB_EMAIL:-none}" != 'none' ] +# Login to docker.io after determining if email is needed. +if [ "${DOCKERHUB_REGISTRY:-none}" != 'none' ] then - do_login docker.io "$DOCKERHUB_EMAIL" + set_creds $DOCKERHUB_REGISTRY + if [ "${DOCKERHUB_EMAIL:-none}" != 'none' ] + then + do_login "$DOCKERHUB_REGISTRY" "$DOCKERHUB_EMAIL" + else + do_login "$DOCKERHUB_REGISTRY" none + fi fi -- 2.16.6