diff --git a/.woodpecker.yaml b/.woodpecker.yaml index f6f7381..8ec32e1 100644 --- a/.woodpecker.yaml +++ b/.woodpecker.yaml @@ -49,7 +49,7 @@ steps: update-values-frontend: name: Update frontend tag in values.yaml - image: harbor.dvirlabs.com/base-images/alpine:3.19 + image: harbor.dvirlabs.com/base-images/alpine-git-yq:3.19 when: branch: [ master, develop ] event: [ push ] @@ -61,7 +61,6 @@ steps: GIT_TOKEN: from_secret: GIT_TOKEN commands: - - apk add --no-cache git yq - git config --global user.name "woodpecker-bot" - git config --global user.email "ci@dvirlabs.com" - git clone "https://$${GIT_USERNAME}:$${GIT_TOKEN}@git.dvirlabs.com/dvirlabs/my-apps.git" @@ -76,7 +75,7 @@ steps: update-values-backend: name: Update backend tag in values.yaml - image: harbor.dvirlabs.com/base-images/alpine:3.19 + image: harbor.dvirlabs.com/base-images/alpine-git-yq:3.19 when: branch: [ master, develop ] event: [ push ] @@ -88,7 +87,6 @@ steps: GIT_TOKEN: from_secret: GIT_TOKEN commands: - - apk add --no-cache git yq - git config --global user.name "woodpecker-bot" - git config --global user.email "ci@dvirlabs.com" - | diff --git a/CI_IMAGE_SETUP.md b/CI_IMAGE_SETUP.md new file mode 100644 index 0000000..18ddcf7 --- /dev/null +++ b/CI_IMAGE_SETUP.md @@ -0,0 +1 @@ +# Air-Gapped CI/CD Image Requirements\n\n## Problem\nYour Woodpecker CI pipeline needs `git` and `yq` but cannot install them via `apk add` because:\n- ❌ Alpine repositories (dl-cdn.alpinelinux.org) are blocked\n- ❌ SSL/TLS handshake failures\n- ❌ Permission denied errors\n\n## Solution\nUse a **pre-built Alpine image** with git and yq already installed.\n\n## Steps to Fix\n\n### 1. Build Custom Image (on a machine WITH internet)\n\n**Requirements:**\n- Machine with internet access\n- Docker installed\n- Access to Docker Hub (to pull alpine:3.19)\n- Access to push to Harbor\n\n**Windows:**\n```bash\n.\\build-alpine-ci-image.bat\n```\n\n**Linux/Mac:**\n```bash\nchmod +x build-alpine-ci-image.sh\n./build-alpine-ci-image.sh\n```\n\n### 2. Verify Image in Harbor\n\nCheck that the image exists:\n```bash\ncurl -u "username:password" https://harbor.dvirlabs.com/api/v2.0/projects/base-images/repositories/alpine-git-yq/artifacts\n```\n\nOr visit: https://harbor.dvirlabs.com → base-images → alpine-git-yq\n\n### 3. Update CI Config (Already Done)\n\nThe `.woodpecker.yaml` has been updated to use:\n```yaml\nimage: harbor.dvirlabs.com/base-images/alpine-git-yq:3.19\n```\n\nInstead of:\n```yaml\nimage: harbor.dvirlabs.com/base-images/alpine:3.19\ncommands:\n - apk add --no-cache git yq # ❌ This fails in air-gapped\n```\n\n### 4. Push Updated Config\n\n```bash\ngit add .\ngit commit -m \"Use custom Alpine image with git and yq for CI\"\ngit push\n```\n\n## What's Included\n\nThe custom `alpine-git-yq` image includes:\n- ✅ git\n- ✅ yq (YAML processor)\n- ✅ curl\n- ✅ bash\n\nAll pre-installed and ready to use in your air-gapped cluster!\n\n## If Build Fails\n\n### Error: \"Cannot connect to Docker Hub\"\n**Cause:** No internet access on the build machine.\n**Solution:** Build on a different machine that has internet access.\n\n### Error: \"apk: network error\"\n**Cause:** Building inside the air-gapped cluster.\n**Solution:** Build on a machine outside the cluster with internet access.\n\n### Alternative: Manual Build\n\nIf scripts don't work, build manually:\n\n```bash\ncd base-images/alpine-git-yq\ndocker build -t harbor.dvirlabs.com/base-images/alpine-git-yq:3.19 .\ndocker login harbor.dvirlabs.com\ndocker push harbor.dvirlabs.com/base-images/alpine-git-yq:3.19\n```\n\n## Result\n\nOnce the image is in Harbor, your CI pipeline will:\n1. ✅ Pull alpine-git-yq from Harbor (no external access needed)\n2. ✅ Use git and yq commands directly (already installed)\n3. ✅ Update values.yaml successfully\n4. ✅ Push changes to Git\n\nNo more package installation failures!\n \ No newline at end of file diff --git a/backend/app/__pycache__/config.cpython-314.pyc b/backend/app/__pycache__/config.cpython-314.pyc index 2593fb5..f6d7598 100644 Binary files a/backend/app/__pycache__/config.cpython-314.pyc and b/backend/app/__pycache__/config.cpython-314.pyc differ diff --git a/backend/app/__pycache__/main.cpython-314.pyc b/backend/app/__pycache__/main.cpython-314.pyc index 6d50a86..a8dabf1 100644 Binary files a/backend/app/__pycache__/main.cpython-314.pyc and b/backend/app/__pycache__/main.cpython-314.pyc differ diff --git a/backend/app/models/__pycache__/user.cpython-314.pyc b/backend/app/models/__pycache__/user.cpython-314.pyc index 50d2931..b5c6025 100644 Binary files a/backend/app/models/__pycache__/user.cpython-314.pyc and b/backend/app/models/__pycache__/user.cpython-314.pyc differ diff --git a/backend/app/routers/__pycache__/auth.cpython-314.pyc b/backend/app/routers/__pycache__/auth.cpython-314.pyc index e693939..e035c85 100644 Binary files a/backend/app/routers/__pycache__/auth.cpython-314.pyc and b/backend/app/routers/__pycache__/auth.cpython-314.pyc differ diff --git a/backend/app/routers/__pycache__/users.cpython-314.pyc b/backend/app/routers/__pycache__/users.cpython-314.pyc index ea95dfc..72ea1dd 100644 Binary files a/backend/app/routers/__pycache__/users.cpython-314.pyc and b/backend/app/routers/__pycache__/users.cpython-314.pyc differ diff --git a/backend/app/schemas/__pycache__/user.cpython-314.pyc b/backend/app/schemas/__pycache__/user.cpython-314.pyc index 01355a0..b79b1fc 100644 Binary files a/backend/app/schemas/__pycache__/user.cpython-314.pyc and b/backend/app/schemas/__pycache__/user.cpython-314.pyc differ diff --git a/base-images/alpine-git-yq/Dockerfile b/base-images/alpine-git-yq/Dockerfile new file mode 100644 index 0000000..7dec672 --- /dev/null +++ b/base-images/alpine-git-yq/Dockerfile @@ -0,0 +1,20 @@ +# Alpine with git and yq pre-installed for CI/CD +# +# IMPORTANT: This image MUST be built on a machine with internet access! +# It needs to download packages from Alpine repositories. +# +# Build instructions: +# docker build -t harbor.dvirlabs.com/base-images/alpine-git-yq:3.19 . +# docker login harbor.dvirlabs.com +# docker push harbor.dvirlabs.com/base-images/alpine-git-yq:3.19 +# +FROM alpine:3.19 + +# Install git and yq while we have internet access +# This should be built on a machine with internet and pushed to Harbor +RUN apk add --no-cache git yq curl bash + +# Verify installations +RUN git --version && yq --version + +CMD ["/bin/sh"] diff --git a/build-alpine-ci-image.bat b/build-alpine-ci-image.bat new file mode 100644 index 0000000..df07ce2 --- /dev/null +++ b/build-alpine-ci-image.bat @@ -0,0 +1,40 @@ +@echo off +REM Build and push Alpine with git and yq for CI/CD + +set HARBOR_REGISTRY=harbor.dvirlabs.com +set HARBOR_PROJECT=base-images +set IMAGE_NAME=alpine-git-yq +set TAG=3.19 + +echo. +echo 🏗️ Building Alpine image with git and yq... +echo Registry: %HARBOR_REGISTRY% +echo Image: %HARBOR_PROJECT%/%IMAGE_NAME%:%TAG% +echo. + +REM Build the image +cd base-images\alpine-git-yq +docker build -t %HARBOR_REGISTRY%/%HARBOR_PROJECT%/%IMAGE_NAME%:%TAG% . +docker tag %HARBOR_REGISTRY%/%HARBOR_PROJECT%/%IMAGE_NAME%:%TAG% %HARBOR_REGISTRY%/%HARBOR_PROJECT%/%IMAGE_NAME%:latest +cd ..\.. + +echo. +echo ✅ Image built successfully! +echo. + +REM Login to Harbor +echo Please login to Harbor: +docker login %HARBOR_REGISTRY% + +REM Push to Harbor +echo. +echo 🚀 Pushing to Harbor... +docker push %HARBOR_REGISTRY%/%HARBOR_PROJECT%/%IMAGE_NAME%:%TAG% +docker push %HARBOR_REGISTRY%/%HARBOR_PROJECT%/%IMAGE_NAME%:latest + +echo. +echo 🎉 Alpine CI image pushed successfully! +echo. +echo Image: %HARBOR_REGISTRY%/%HARBOR_PROJECT%/%IMAGE_NAME%:%TAG% +echo. +pause diff --git a/build-alpine-ci-image.sh b/build-alpine-ci-image.sh new file mode 100644 index 0000000..bd9eb86 --- /dev/null +++ b/build-alpine-ci-image.sh @@ -0,0 +1,39 @@ +#!/bin/bash +# Build and push Alpine with git and yq for CI/CD +set -e + +HARBOR_REGISTRY="harbor.dvirlabs.com" +HARBOR_PROJECT="base-images" +IMAGE_NAME="alpine-git-yq" +TAG="3.19" + +echo "🏗️ Building Alpine image with git and yq..." +echo "Registry: $HARBOR_REGISTRY" +echo "Image: $HARBOR_PROJECT/$IMAGE_NAME:$TAG" +echo "" + +# Build the image +cd base-images/alpine-git-yq +docker build -t $HARBOR_REGISTRY/$HARBOR_PROJECT/$IMAGE_NAME:$TAG . +docker tag $HARBOR_REGISTRY/$HARBOR_PROJECT/$IMAGE_NAME:$TAG $HARBOR_REGISTRY/$HARBOR_PROJECT/$IMAGE_NAME:latest +cd ../.. + +echo "" +echo "✅ Image built successfully!" +echo "" + +# Login to Harbor +echo "Please login to Harbor:" +docker login $HARBOR_REGISTRY + +# Push to Harbor +echo "" +echo "🚀 Pushing to Harbor..." +docker push $HARBOR_REGISTRY/$HARBOR_PROJECT/$IMAGE_NAME:$TAG +docker push $HARBOR_REGISTRY/$HARBOR_PROJECT/$IMAGE_NAME:latest + +echo "" +echo "🎉 Alpine CI image pushed successfully!" +echo "" +echo "Image: $HARBOR_REGISTRY/$HARBOR_PROJECT/$IMAGE_NAME:$TAG" +echo ""