Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Request access to previously pushed release via balena deploy #1057

Merged
merged 1 commit into from
Jan 10, 2019
Merged

Request access to previously pushed release via balena deploy #1057

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
50 changes: 47 additions & 3 deletions lib/utils/compose.coffee
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -349,13 +349,54 @@ tagServiceImages = (docker, images, serviceImages) ->
logs: d.logs
props: d.props

authorizePush = (tokenAuthEndpoint, registry, images) ->

getPreviousRepos = (sdk, docker, logger, appID) ->
sdk.pine.get(
resource: 'release'
options:
$filter:
belongs_to__application: appID
status: 'success'
$select:
[ 'id' ]
$expand:
contains__image:
$expand: 'image'
$orderby: 'id desc'
$top: 1
)
.then (release) ->
# grab all images from the latest release, return all image locations in the registry
if release?.length > 0
images = release[0].contains__image
Promise.map images, (d) ->
imageName = d.image[0].is_stored_at__image_location
docker.getRegistryAndName(imageName)
.then ( registry ) ->
logger.logDebug("Requesting access to previously pushed image repo (#{registry.imageName})")
return registry.imageName
.catch (e) ->
logger.logDebug("Failed to access previously pushed image repo: #{e}")

authorizePush = (sdk, logger, tokenAuthEndpoint, registry, images, previousRepos) ->
_ = require('lodash')
sdk = require('balena-sdk').fromSharedOptions()

# TODO: https://github.com/balena-io/balena-cli/issues/1070
maxRepos = 20

if not _.isArray(images)
images = [ images ]

if images.length > maxRepos
throw new Error (
"More than #{maxRepos} containers is currently not supported, see " +
'https://github.com/balena-io/balena-cli/issues/1070 for more information'
)
images.push previousRepos...
if images.length + previousRepos?.length > maxRepos
logger.logDebug("Truncating requested repositories to #{maxRepos} by limiting previously pushed repo access")
# at this point, we know we're only truncating access to previously pushed repos
images = images[0...maxRepos]
sdk.request.send
baseUrl: tokenAuthEndpoint
url: '/auth/v1/token'
Expand Down Expand Up @@ -423,7 +464,10 @@ exports.deployProject = (
tagServiceImages(docker, images, serviceImages)
.tap (images) ->
logger.logDebug('Authorizing push...')
authorizePush(apiEndpoint, images[0].registry, _.map(images, 'repo'))
sdk = require('balena-sdk').fromSharedOptions()
getPreviousRepos(sdk, docker, logger, appId)
.then (previousRepos) ->
authorizePush(sdk, logger, apiEndpoint, images[0].registry, _.map(images, 'repo'), previousRepos)
.then (token) ->
logger.logInfo('Pushing images to registry...')
pushAndUpdateServiceImages docker, token, images, (serviceImage) ->
Expand Down