RubyGems - capistrano-dockerbuild - Versions diffs - 1.0.0 → 1.1.0 - Mend

capistrano-dockerbuild 1.0.0 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml +4 -4
data/README.md +29 -1
data/capistrano-dockerbuild.gemspec +1 -1
data/lib/capistrano/dockerbuild.rb +18 -0
data/lib/capistrano/tasks/docker.rake +51 -9
metadata +3 -3

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 411b02ef1e66127fab930b7476e2f4e618276c0f0e60ac8327543e6f0051bd35
-  data.tar.gz: ffed26862d2999bf476f464da9e2a11aa4844088a7cb34a01d01a401331524c5
+  metadata.gz: d7346efa239fc872e0194afb86f2e155aec196f8ef16490af28dfb16a8e1b726
+  data.tar.gz: 647ae21571209763324edb86400d78498bdbd5b5423784530cac71e01544e783
 SHA512:
-  metadata.gz: 636f6d7114ee9ed6a1e156d0bd7c41d46ab91e52e747afa1142599b2e12c90ae5a3b8cf126fd4152b6729eab2e0a6b3ceefea181601b3f980762867173c34315
-  data.tar.gz: 9f585640710fb132e198ddb94493d5a1fc600cee7e542e41cd97667ede164f508fe5393c922a22dbb97c3d307dbd34aa2ce889f6701839cbca0853a11413ba62
+  metadata.gz: 9e3b6d93525ef5baf7d376f9d893f5f0db6227bb4c8fbb04c11f7c92a126e6ec2481c1dfb7c61562004aa58f4391bca3b31f73217df843b0af062032e32514b4
+  data.tar.gz: 949edfc5295850a32f6dbef737127ba2d1e700214fb560666936b4a6e6c8f4be3f60846f7c635b394914088afb97ee93270c4bbb382287c4ac285936d2e007e5

data/README.md CHANGED Viewed

@@ -88,6 +88,8 @@ Use common variables
 | keep_docker_image_count       | no       | 10                                                                                                                 |                                                                                          |
 | git_http_username             | no       | nil                                                                                                                | See below                                                                                |
 | git_http_password             | no       | nil                                                                                                                | See below                                                                                |
+| git_auth_token                | no       | nil                                                                                                                | See below                                                                                |
+| update_git_submodule          | no       | false                                                                                                              | Run `git submodule update --init --recursive` after checkout                             |
 If you want to use GitHub Apps installation access token or something to authorize repository access using HTTPS protocol. You can set variables in your config/deploy.rb:
@@ -105,8 +107,32 @@ end
 Update remote URL always if you set proper value to all of `repo_url`, `git_http_username`, and `git_http_password`.
+Alternatively, you can authenticate via an HTTP `Authorization` header using `:git_auth_token`. This is useful when the build server has no SSH key access to the repository (e.g. using a GitHub Apps installation access token or a personal access token).
+```ruby
+set :git_auth_token, -> { ENV["GIT_AUTH_TOKEN"] }
+set :repo_url, "git@github.com:owner/repo.git"  # SSH or HTTPS both work
+```
+When `:git_auth_token` is set, `docker:setup` creates a temporary `.gitconfig` on each remote build host containing:
+- `http.extraheader = Authorization: Basic <token>` — injects the token into every HTTPS git request
+- `url."https://<host>/".insteadOf` rules — rewrites SSH-style URLs (`git@host:` and `ssh://git@host/`) to HTTPS so the token is used regardless of how `repo_url` is written
+The host is derived automatically from `:repo_url`, so this works with GitHub, GitLab, Bitbucket, or any self-hosted git server.
+The temporary directory is removed automatically by `docker:clean` after `docker:build`.
 ## Tasks
+#### docker:setup
+- Create a temporary `.gitconfig` on each remote build host when `:git_auth_token` is set
+- Automatically invoked before `docker:check`
+#### docker:clean
+- Remove the temporary directory created by `docker:setup`
+- Automatically invoked after `docker:build`
 #### docker:check
 - Ensure `#{docker_build_base_dir}`
 - Ensure git reachable
@@ -132,7 +158,9 @@ Update remote URL always if you set proper value to all of `repo_url`, `git_http
 ## Task Dependency
-docker:push => docker:build => docker:update_mirror => docker:clone => docker:check
+docker:push => docker:build => docker:update_mirror => docker:clone => docker:check => docker:setup
+docker:clean is triggered automatically after docker:build
 ## Development

data/capistrano-dockerbuild.gemspec CHANGED Viewed

@@ -4,7 +4,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
 Gem::Specification.new do |spec|
   spec.name          = "capistrano-dockerbuild"
-  spec.version       = "1.0.0"
+  spec.version       = "1.1.0"
   spec.authors       = ["joker1007"]
   spec.email         = ["kakyoin.hierophant@gmail.com"]

data/lib/capistrano/dockerbuild.rb CHANGED Viewed

@@ -1,5 +1,6 @@
 require "cgi"
 require "uri"
+require "securerandom"
 class Capistrano::Dockerbuild < Capistrano::Plugin
   def set_defaults
@@ -15,6 +16,7 @@ class Capistrano::Dockerbuild < Capistrano::Plugin
     set_if_empty :keep_docker_image_count, 10
     set_if_empty :git_gc_prune_date, "3.days.ago"
     set_if_empty :docker_build_no_worktree, false
+    set_if_empty :update_git_submodule, false
   end
   def define_tasks
@@ -40,4 +42,20 @@ class Capistrano::Dockerbuild < Capistrano::Plugin
       repo_url
     end
   end
+  def git_repo_host
+    URI.parse(repo_url.sub(/^git@.*/) {|m| "https://#{m}" }).host
+  end
+  def tmp_home(host)
+    @tmp_host ||= {}
+    @tmp_host[host.properties.arch] ||= "/tmp/capistrano-dockerbuild-#{SecureRandom.hex(8)}"
+  end
+  def git_env(host)
+    return {} if fetch(:git_auth_token).to_s.empty?
+    @git_env ||= {}
+    @git_env[host.properties.arch] ||= { HOME: tmp_home(host), GIT_CONFIG_NOSYSTEM: "1" }
+  end
 end

data/lib/capistrano/tasks/docker.rake CHANGED Viewed

@@ -1,11 +1,37 @@
 dockerbuild_plugin = self
 namespace :docker do
+  desc "setup temporary gitconfig for HTTP authentication"
+  task :setup do
+    on roles(:docker_build) do |host|
+      unless fetch(:git_auth_token).to_s.empty?
+        tmp_home = dockerbuild_plugin.tmp_home(host)
+        git_host = dockerbuild_plugin.git_repo_host
+        execute :mkdir, "-p", tmp_home
+        execute :git, :config, "--file", "#{tmp_home}/.gitconfig", "http.extraheader", "'Authorization: Basic #{fetch(:git_auth_token)}'"
+        execute :git, :config, "--file", "#{tmp_home}/.gitconfig", %Q(url."https://#{git_host}/".insteadOf), "git@#{git_host}:"
+        execute :git, :config, "--file", "#{tmp_home}/.gitconfig", "--add", %Q(url."https://#{git_host}/".insteadOf), "ssh://git@#{git_host}/"
+      end
+    end
+  end
+  desc "clean up temporary gitconfig"
+  task :clean do
+    on roles(:docker_build) do |host|
+      unless fetch(:git_auth_token).to_s.empty?
+        tmp_home = dockerbuild_plugin.tmp_home(host)
+        execute :rm, "-rf", tmp_home
+      end
+    end
+  end
   desc "check directory exist"
-  task :check do
+  task check: [:"docker:setup"] do
     on roles(:docker_build) do |host|
-      execute :mkdir, "-p", dockerbuild_plugin.docker_build_base_path.dirname.to_s
-      execute :git, :'ls-remote', dockerbuild_plugin.git_repo_url, "HEAD"
+      with dockerbuild_plugin.git_env(host) do
+        execute :mkdir, "-p", dockerbuild_plugin.docker_build_base_path.dirname.to_s
+        execute :git, :'ls-remote', dockerbuild_plugin.git_repo_url, "HEAD"
+      end
     end
   end
@@ -17,7 +43,9 @@ namespace :docker do
           info "The repository is at #{dockerbuild_plugin.docker_build_base_path}"
         else
           within dockerbuild_plugin.docker_build_base_path.dirname do
-            execute :git, :clone, dockerbuild_plugin.git_repo_url, dockerbuild_plugin.docker_build_base_path.to_s
+            with dockerbuild_plugin.git_env(host) do
+              execute :git, :clone, dockerbuild_plugin.git_repo_url, dockerbuild_plugin.docker_build_base_path.to_s
+            end
           end
         end
       else
@@ -25,7 +53,9 @@ namespace :docker do
           info t(:mirror_exists, at: dockerbuild_plugin.docker_build_base_path.to_s)
         else
           within dockerbuild_plugin.docker_build_base_path.dirname do
-            execute :git, :clone, "--mirror", dockerbuild_plugin.git_repo_url, dockerbuild_plugin.docker_build_base_path.to_s
+            with dockerbuild_plugin.git_env(host) do
+              execute :git, :clone, "--mirror", dockerbuild_plugin.git_repo_url, dockerbuild_plugin.docker_build_base_path.to_s
+            end
           end
         end
       end
@@ -36,8 +66,10 @@ namespace :docker do
   task update_mirror: :'docker:clone' do
     on roles(:docker_build) do |host|
       within dockerbuild_plugin.docker_build_base_path do
-        execute :git, :remote, "set-url", :origin, dockerbuild_plugin.git_repo_url
-        execute :git, :remote, :update, "--prune"
+        with dockerbuild_plugin.git_env(host) do
+          execute :git, :remote, "set-url", :origin, dockerbuild_plugin.git_repo_url
+          execute :git, :remote, :update, "--prune"
+        end
       end
     end
   end
@@ -55,8 +87,11 @@ namespace :docker do
       end
       within dockerbuild_plugin.docker_build_base_path do
         if fetch(:docker_build_no_worktree)
-          commands = "sha1=$(git rev-parse #{fetch(:branch)}); git reset --hard ${sha1}; #{build_cmd.map {|c| c.to_s.shellescape }.join(" ")}"
-          execute(:flock, "capistrano_dockerbuild.lock", "-c", "'#{commands}'")
+          submodule_cmd = fetch(:update_git_submodule) ? "; git submodule update --init --recursive" : ""
+          commands = "sha1=$(git rev-parse #{fetch(:branch)}); git reset --hard ${sha1}#{submodule_cmd}; #{build_cmd.map {|c| c.to_s.shellescape }.join(" ")}"
+          with dockerbuild_plugin.git_env(host) do
+            execute(:flock, "capistrano_dockerbuild.lock", "-c", "'#{commands}'")
+          end
         else
           timestamp = Time.now.to_i
           git_sha1 = `git rev-parse #{fetch(:branch)}`.chomp
@@ -66,6 +101,11 @@ namespace :docker do
           begin
             within worktree_dir_name do
+              if fetch(:update_git_submodule)
+                with dockerbuild_plugin.git_env(host) do
+                  execute :git, :submodule, :update, "--init", "--recursive"
+                end
+              end
               execute(*build_cmd)
             end
           ensure
@@ -136,3 +176,5 @@ namespace :docker do
     end
   end
 end
+after "docker:build", "docker:clean"

metadata CHANGED Viewed

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: capistrano-dockerbuild
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.1.0
 platform: ruby
 authors:
 - joker1007
 bindir: exe
 cert_chain: []
-date: 2025-02-10 00:00:00.000000000 Z
+date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: capistrano
@@ -86,7 +86,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.6.2
+rubygems_version: 4.0.10
 specification_version: 4
 summary: Capistrano task definition for `docker build`
 test_files: []