blob: 278a5b3747fd472852419c9e1e2321b9d7c63441 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
#!/bin/bash
# usage: laminarc run ci remote="ssh://src.liz.coffee:2222/cgit" rev="<sha>" \
# refname="refs/..."
set -e
RUN=`date +%s`
CWD=`$PWD`
WORKING_DIR=`$PWD/$RUN`
mkdir -p "$WORKING_DIR" && cd "$WORKING_DIR"
checkout="$rev" path="tmpsrc" fetch_code.sh
if [[ ! -e "$WORKING_DIR/tmpsrc/.ci/ci.json" ]]; then
echo "No Continuous Integration configured for $remote."
exit 0
fi
PIPELINE_GENERATOR_PATH=$(jq -r '.pipeline' "$WORKING_DIR/tmpsrc/.ci/ci.json")
if [[ "$PIPELINE_GENERATOR_PATH" == *".."* ]]; then
echo "Error: Path contains '..'"
exit 1
fi
docker run --rm \
--network none \
--cap-drop ALL \
--security-opt no-new-privileges \
-v "$WORKING_DIR/tmpsrc/$PIPELINE_GENERATOR:/pipeline" \
-e refname="$refname" \
-e rev="$rev" \
-e remote="$remote" \
oci.liz.coffee/img/liz-ci:release \
/pipeline \
> "$WORKING_DIR/pipeline.json"
pipeline="$WORKING_DIR/pipeline.json" run_pipeline
cd "$CWD" && rm -rf "$WORKING_DIR"
|
