Support insecure VPN registry pulls
Build & Deploy / Build & Push Docker Image (push) Successful in 2m52s
Test / Type Check (all packages) (push) Successful in 50s
Build & Deploy / Deploy to VPS (push) Successful in 4s
Test / API Unit Tests (push) Successful in 49s
Test / Homepage Unit Tests (push) Successful in 42s
Test / Storefront Unit Tests (push) Successful in 39s
Test / Admin Unit Tests (push) Successful in 40s
Test / Dashboard Unit Tests (push) Successful in 41s
Test / API Integration Tests (push) Successful in 1m1s
Build & Deploy / Build & Push Docker Image (push) Successful in 2m52s
Test / Type Check (all packages) (push) Successful in 50s
Build & Deploy / Deploy to VPS (push) Successful in 4s
Test / API Unit Tests (push) Successful in 49s
Test / Homepage Unit Tests (push) Successful in 42s
Test / Storefront Unit Tests (push) Successful in 39s
Test / Admin Unit Tests (push) Successful in 40s
Test / Dashboard Unit Tests (push) Successful in 41s
Test / API Integration Tests (push) Successful in 1m1s
This commit is contained in:
@@ -112,7 +112,8 @@ load_prod_env_exports() {
|
||||
REGISTRY_HOST \
|
||||
REGISTRY_USER \
|
||||
REGISTRY_PASSWORD \
|
||||
REGISTRY_TOKEN
|
||||
REGISTRY_TOKEN \
|
||||
REGISTRY_INSECURE
|
||||
do
|
||||
export_env_value_if_unset "${key}"
|
||||
done
|
||||
@@ -123,6 +124,54 @@ load_prod_env_exports() {
|
||||
fi
|
||||
}
|
||||
|
||||
registry_host_name() {
|
||||
local host="${REGISTRY_HOST:-}"
|
||||
|
||||
host="${host#http://}"
|
||||
host="${host#https://}"
|
||||
host="${host%%/*}"
|
||||
printf '%s' "${host}"
|
||||
}
|
||||
|
||||
ensure_registry_transport_configured() {
|
||||
local insecure="${REGISTRY_INSECURE:-false}"
|
||||
local host
|
||||
|
||||
if [[ "${insecure}" != "true" && "${insecure}" != "1" ]]; then
|
||||
return 0
|
||||
fi
|
||||
|
||||
host="$(registry_host_name)"
|
||||
if [[ -z "${host}" ]]; then
|
||||
return 0
|
||||
fi
|
||||
|
||||
REGISTRY_HOST="${host}"
|
||||
export REGISTRY_HOST
|
||||
|
||||
if docker info 2>/dev/null | awk '/Insecure Registries:/,/Live Restore Enabled:/' | grep -Fqx " ${host}"; then
|
||||
return 0
|
||||
fi
|
||||
|
||||
cat >&2 <<EOF
|
||||
Docker is not configured to pull ${host} over HTTP.
|
||||
|
||||
Docker image names cannot include http://. Configure the VPS Docker daemon once by adding
|
||||
this entry to /etc/docker/daemon.json, merging it with any existing settings:
|
||||
|
||||
{
|
||||
"insecure-registries": ["${host}"]
|
||||
}
|
||||
|
||||
Then restart Docker:
|
||||
|
||||
sudo systemctl restart docker
|
||||
|
||||
Then rerun ./deploy-production.sh.
|
||||
EOF
|
||||
exit 1
|
||||
}
|
||||
|
||||
validate_prod_env_file() {
|
||||
local acme_email api_domain public_site_domain cors_origins portainer_domain postgres_password redis_password jwt_secret
|
||||
|
||||
@@ -245,6 +294,8 @@ require_release_image() {
|
||||
}
|
||||
|
||||
login_registry_if_configured() {
|
||||
ensure_registry_transport_configured
|
||||
|
||||
if [[ -z "${REGISTRY_PASSWORD:-}" && -n "${REGISTRY_TOKEN:-}" ]]; then
|
||||
REGISTRY_PASSWORD="${REGISTRY_TOKEN}"
|
||||
export REGISTRY_PASSWORD
|
||||
@@ -287,6 +338,7 @@ login_registry_if_configured() {
|
||||
|
||||
pull_prod_release_images() {
|
||||
require_release_image
|
||||
ensure_registry_transport_configured
|
||||
|
||||
if load_release_image_archives; then
|
||||
return 0
|
||||
|
||||
Reference in New Issue
Block a user