-
Notifications
You must be signed in to change notification settings - Fork 156
Expand file tree
/
Copy pathRun.ps1
More file actions
230 lines (196 loc) · 10.5 KB
/
Run.ps1
File metadata and controls
230 lines (196 loc) · 10.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
# ensure SAS variables were passed in
if ($env:LINUX_IMAGES_TARGZIP -eq $null)
{
Write-Verbose -Verbose "LINUX_IMAGES_TARGZIP variable didn't get passed correctly"
return 1
}
if ($env:WINDOWS_IMAGES_TARGZIP -eq $null)
{
Write-Verbose -Verbose "WINDOWS_IMAGES_TARGZIP variable didn't get passed correctly"
return 1
}
if ($env:DESTINATION_ACR_NAME -eq $null)
{
Write-Verbose -Verbose "DESTINATION_ACR_NAME variable didn't get passed correctly"
return 1
}
if ($env:MI_CLIENTID -eq $null)
{
Write-Verbose -Verbose "MI_CLIENTID variable didn't get passed correctly"
return 1
}
if ($env:IMAGE_INFO_JSON -eq $null)
{
Write-Verbose -Verbose "IMAGE_INFO_JSON variable didn't get parsed properly"
return 1
}
if ($env:CHANNEL_INFO_JSON -eq $null)
{
Write-Verbose -Verbose "CHANNEL_INFO_JSON variable didn't get parsed properly"
return 1
}
try {
Write-Verbose -Verbose "LinuxSrcFiles.tar.gz: $env:LINUX_IMAGES_TARGZIP"
Write-Verbose -Verbose "WindowsSrcFiles.tar.gz: $env:WINDOWS_IMAGES_TARGZIP"
Write-Verbose -Verbose "acrname: $env:DESTINATION_ACR_NAME"
Write-Verbose -Verbose "MI client Id: $env:MI_CLIENTID"
Write-Verbose -Verbose "imginfo: $env:IMAGE_INFO_JSON"
Write-Verbose -Verbose "channel info file: $env:CHANNEL_INFO_JSON"
Write-Verbose -Verbose "Download files"
Invoke-WebRequest -Uri $env:LINUX_IMAGES_TARGZIP -OutFile LinuxSrcFiles.tar.gz
Invoke-WebRequest -Uri $env:WINDOWS_IMAGES_TARGZIP -OutFile WindowsSrcFiles.tar.gz
Invoke-WebRequest -Uri $env:IMAGE_INFO_JSON -OutFile ImageMetadata.json
Invoke-WebRequest -Uri $env:CHANNEL_INFO_JSON -OutFile ChannelInfo.json
$liunxPathToTarGz = Join-Path -Path "/package/unarchive/" -ChildPath "LinuxSrcFiles.tar.gz"
$linuxPathToTarGzExists = Test-Path $liunxPathToTarGz
Write-Verbose -Verbose "LinuxSrcFiles.tar.gz exists: $linuxPathToTarGzExists"
$windowsPathToTarGz = Join-Path -Path "/package/unarchive/" -ChildPath "WindowsSrcFiles.tar.gz"
$windowsPathToTarGzExists = Test-Path $windowsPathToTarGz
Write-Verbose -Verbose "WindowsSrcFiles.tar.gz exists: $windowsPathToTarGzExists"
$pathToChannelJson = Join-Path "/package/unarchive/" -ChildPath "ChannelInfo.json"
$pathToChannelJsonExists = Test-Path $pathToChannelJson
Write-Verbose -Verbose "ChannelInfo.json file exists: $pathToChannelJsonExists"
$pathToImgMetadataJson = Join-Path -Path "/package/unarchive/" -ChildPath "ImageMetadata.json"
$pathToImgMetadataJsonExists = Test-Path $pathToImgMetadataJson
Write-Verbose -Verbose "ImageMetadata.json file exists: $pathToImgMetadataJsonExists"
# Expected file structure:
# images
# - linux
# - distro1
# - main
# - distro1.tar
# - test
# - distro1.tar
# - windows
# - distro2
# - main
# - distro2.tar
# - test
# - distro2.tar
Write-Verbose -Verbose "Getting image .tar files"
$unarchivePath = Join-Path -Path "/package" -ChildPath "unarchive"
$unarchivePathExists = Test-Path -Path $unarchivePath
Write-Verbose -Verbose "unarchive path exists: $unarchivePathExists"
$imagesFolder = Join-Path -Path "/package/unarchive/" -ChildPath "images"
New-Item -Path $imagesFolder -ItemType Directory
$imagesFolderExists = Test-Path $imagesFolder
Write-Verbose -Verbose "images folder exists: $imagesFolderExists"
$linuxImagesFolder = Join-Path -Path $imagesFolder -ChildPath "linux"
New-Item -Path $linuxImagesFolder -ItemType Directory
$linuxFolderExists = Test-Path $linuxImagesFolder
Write-Verbose -Verbose "linux folder exists: $linuxFolderExists"
tar -xzvf $liunxPathToTarGz -C $linuxImagesFolder --force-local
$windowsImagesFolder = Join-Path -Path $imagesFolder -ChildPath "windows"
New-Item -Path $windowsImagesFolder -ItemType Directory
$windowsFolderExists = Test-Path -Path $windowsImagesFolder
Write-Verbose -Verbose "windows folder exists: $windowsFolderExists"
tar -xzvf $windowsPathToTarGz -C $windowsImagesFolder --force-local
Write-Verbose -Verbose "Login cli using managed identity"
az login --identity --username $env:MI_CLIENTID
Write-Verbose -Verbose "Getting ACR credentials"
$token_query_res = az acr login -n "$env:DESTINATION_ACR_NAME" -t
$token_query_json = $token_query_res | ConvertFrom-Json
$token = $token_query_json.accessToken
$destinationACR = $token_query_json.loginServer
# Crane 0.15.2 comes installed on image, but has issue pushing foreign layers for windows containers.
# This issue does not occur with version 0.19.0+ so we must download it.
Write-Verbose -Verbose "Download crane version 0.19.0"
wget -O crane.tar.gz https://github.com/google/go-containerregistry/releases/download/v0.19.1/go-containerregistry_Linux_x86_64.tar.gz
gunzip crane.tar.gz
tar -xvf crane.tar
./crane version
./crane auth login "$destinationACR" -u "00000000-0000-0000-0000-000000000000" -p "$token"
Write-Verbose -Verbose "after crane auth"
Write-Verbose -Verbose "Getting channel info"
$channelJsonFileContent = Get-Content -Path $pathToChannelJson | ConvertFrom-Json
$channel = $channelJsonFileContent.channel
$whatIf = $channelJsonFileContent.whatIf
Write-Verbose -Verbose "Getting image info"
$imgJsonFileContent = Get-Content -Path $pathToImgMetadataJson | ConvertFrom-Json
$images = $imgJsonFileContent.$channel
# Create variables for lifecycle annotations
$endOfLifeDate = Get-Date -Format "yyyy-MM-ddTHH:mm:00Z"
Write-Verbose -Verbose "Push images to ACR"
foreach ($image in $images)
{
$name = $image.name
if (!$name.Contains("test-deps"))
{
$imageOS = $image.os
$tags = $image.tags.Split(' ')
$tarballFileName = "$name.tar"
$osFolder = Join-Path $imagesFolder -ChildPath $imageOS
$currentImageFolder = Join-Path $osFolder -ChildPath $name
$mainImageFolder = Join-Path $currentImageFolder -ChildPath "main"
$tarballFilePath = Join-Path $mainImageFolder -ChildPath $tarballFileName
$tarballFilePathExists = Test-Path -Path $tarballFilePath
Write-Verbose -Verbose "name: $name os: $imageOS tarballFilePath: $tarBallFilePath exists: $tarballFilePathExists"
if ($tarballFilePathExists)
{
foreach ($tag in $tags)
{
Write-Verbose -Verbose "tag: $tag"
# check if this rolling tag is associated with an image
$mcrImageFullName = "mcr.microsoft.com/powershell:$tag"
oras manifest fetch $mcrImageFullName > $null
$rollingTagExists = $?
if ($rollingTagExists)
{
# If the lineage's rolling tag is already associated with an existing image, then only attach lifecycle metadata to the existing image to indicate that it is outdated
# Resolve image's digest
$imageDigest = oras resolve $mcrImageName
# Import (old) image by digest from MCR into our ACR
$mcrImageNameDigest = "mcr.microsoft.com/powershell@$imageDigest"
$acrEOLImageTag = "$tag-EOL"
if (!$whatIf)
{
az acr import --name $env:DESTINATION_ACR_NAME --source $mcrImageNameDigest --image $acrEOLImageTag
}
else {
Write-Verbose -Verbose "az acr import --name $env:DESTINATION_ACR_NAME --source $mcrImageNameDigest --image $acrEOLImageTag"
}
# Attach lifecycle annotation, which will eventually get synced to MCR
$acrImageNameDigest = "$env:DESTINATION_ACR_NAME.azurecr.io/public/powershell@$imageDigest"
if (!$whatIf)
{
oras attach --artifact-type "application/vnd.microsoft.artifact.lifecycle" --annotation "vnd.microsoft.artifact.lifecycle.end-of-life.date=$endOfLifeDate" $acrImageNameDigest
}
else {
Write-Verbose -Verbose "oras attach --artifact-type `"application/vnd.microsoft.artifact.lifecycle`" --annotation `"vnd.microsoft.artifact.lifecycle.end-of-life.date=$endOfLifeDate`" $acrImageNameDigest"
}
if (!$whatIf)
{
$imageAnnotation = oras discover --format json --artifact-type "application/vnd.microsoft.artifact.lifecycle" $acrImageNameDigest
$imageAnnotationJson = $imageAnnotation | ConvertFrom-Json
$eolDateAttached = $imageAnnotationJson.manifests.annotations."vnd.microsoft.artifact.lifecycle.end-of-life.date".ToString("yyyy-MM-ddTHH:mm:00Z")
Write-Verbose -Verbose "date attached: $endOfLifeDate, date found in annotation: $eolDateAttached, match: $($eolDateAttached -eq $endOfLifeDate)"
}
else {
Write-Verbose -Verbose "oras discover --format json --artifact-type `"application/vnd.microsoft.artifact.lifecycle`" $acrImageNameDigest"
}
}
# Need to push image for each tag
$destination_image_full_name = "$env:DESTINATION_ACR_NAME.azurecr.io/public/powershell:${tag}"
Write-Verbose -Verbose "dest img full name: $destination_image_full_name"
Write-Verbose -Verbose "Pushing file $tarballFilePath to $destination_image_full_name"
if (!$whatIf)
{
./crane push $tarballFilePath $destination_image_full_name
}
else {
Write-Verbose "./crane push $tarballFilePath $destination_image_full_name"
}
Write-Verbose -Verbose "done pushing for tag: $tag"
}
}
else {
Write-Verbose -Verbose "tarballFilePath: $tarBallFilePath does not exist"
}
}
}
Write-Verbose -Verbose "script finished running successfully"
}
catch {
return 1
}
return 0