From baf5f13c51898cca34d556059666eedb507492a0 Mon Sep 17 00:00:00 2001
From: Dan Anglin <daangling@gmail.com>
Date: Mon, 31 Jul 2023 00:40:19 +0100
Subject: [PATCH] chore: upgrade Woodpecker to v1.0.0

- Update the Woodpecker Dockerfile.
- Add .dockerignore to limit the context.
- Add code to download the Woodpecker binary.
- Refactor the prepare target.
---
 magefiles/download.go                     | 53 +++++++++++++++++++++++
 magefiles/prepare.go                      | 36 ++++++++++-----
 templates/woodpecker/.dockerignore.gotmpl |  4 ++
 templates/woodpecker/Dockerfile.gotmpl    | 19 ++++----
 4 files changed, 93 insertions(+), 19 deletions(-)
 create mode 100644 templates/woodpecker/.dockerignore.gotmpl

diff --git a/magefiles/download.go b/magefiles/download.go
index e7f893e..f3ef03d 100644
--- a/magefiles/download.go
+++ b/magefiles/download.go
@@ -29,6 +29,10 @@ func Download(name string) error {
 		if err := downloadGoToSocial(cfg.GoToSocial.Version); err != nil {
 			return fmt.Errorf("an error occurred whilst getting the packages for GoToSocial; %w", err)
 		}
+	case "woodpecker":
+		if err := downloadWoodpecker(cfg.Woodpecker.Version); err != nil {
+			return fmt.Errorf("an error occurred whilst getting the packages for Woodpecker; %w", err)
+		}
 	default:
 		fmt.Printf("'%s' has no files to download.\n", name)
 	}
@@ -36,6 +40,55 @@ func Download(name string) error {
 	return nil
 }
 
+// downloadWoodpecker downloads and validates the files for the Woodpecker deployment.
+func downloadWoodpecker(version string) error {
+	destinationDir := filepath.Join(rootBuildDir, "woodpecker")
+
+	binaryTarUrl := fmt.Sprintf(
+		"https://github.com/woodpecker-ci/woodpecker/releases/download/v%s/woodpecker-server_linux_amd64.tar.gz",
+		version,
+	)
+
+	binaryTarFilepath := filepath.Join(
+		destinationDir,
+		fmt.Sprintf("woodpecker-server-%s_linux_amd64.tar.gz", version),
+	)
+
+	checksumUrl := fmt.Sprintf(
+		"https://github.com/woodpecker-ci/woodpecker/releases/download/v%s/checksums.txt",
+		version,
+	)
+
+	checksumFilePath := filepath.Join(
+		destinationDir,
+		fmt.Sprintf("woodpecker_%s_checksums.txt", version),
+	)
+
+	pack := downloadPack{
+		destinationDir: destinationDir,
+		packages: []pack{
+			{
+				file: object{
+					source: binaryTarUrl,
+					destination: binaryTarFilepath,
+				},
+			},
+		},
+		validateGPGSignature: false,
+		checksum: object{
+			source: checksumUrl,
+			destination: checksumFilePath,
+		},
+		validateChecksum: false,
+	}
+
+	if err := download(pack); err != nil {
+		return err
+	}
+
+	return nil
+}
+
 // downloadForgejo downloads and validates the Forgejo files.
 func downloadForgejo(version string) error {
 	var (
diff --git a/magefiles/prepare.go b/magefiles/prepare.go
index 5674588..35732b2 100644
--- a/magefiles/prepare.go
+++ b/magefiles/prepare.go
@@ -35,10 +35,23 @@ func Prepare(service string) error {
 
 			service := o.Name()
 
+			buildDir := filepath.Join(rootBuildDir, service)
+
+			if _, err := os.Stat(buildDir); err != nil {
+				if err := os.Mkdir(buildDir, 0o700); err != nil {
+					return fmt.Errorf("unable to make %s; %w", buildDir, err)
+				}
+			}
+
 			if service != "compose" {
 				mg.Deps(
 					mg.F(Download, service),
 				)
+
+				log.Printf("Copying assets for %s.\n", service)
+				if err := copyAssets(service); err != nil {
+					return fmt.Errorf("unable to copy the assets for %s; %w", service, err)
+				}
 			}
 
 			log.Printf("Rendering templates for %s.\n", service)
@@ -46,26 +59,32 @@ func Prepare(service string) error {
 				return fmt.Errorf("unable to render templates for %s; %w", service, err)
 			}
 
-			log.Printf("Copying assets for %s.\n", service)
-			if err := copyAssets(service); err != nil {
-				return fmt.Errorf("unable to copy the assets for %s; %w", service, err)
-			}
 		}
 	} else {
+		buildDir := filepath.Join(rootBuildDir, service)
+
+		if _, err := os.Stat(buildDir); err != nil {
+			if err := os.Mkdir(buildDir, 0o700); err != nil {
+				return fmt.Errorf("unable to make %s; %w", buildDir, err)
+			}
+		}
+
 		if service != "compose" {
 			mg.Deps(
 				mg.F(Download, service),
 				mg.F(Prepare, "compose"),
 			)
+
+			log.Printf("Copying assets for %s.\n", service)
+			if err := copyAssets(service); err != nil {
+				return fmt.Errorf("unable to copy the assets for %s; %w", service, err)
+			}
 		}
 
 		if err := render(cfg, service); err != nil {
 			return fmt.Errorf("an error occurred whilst rendering the templates; %w", err)
 		}
 
-		if err := copyAssets(service); err != nil {
-			return fmt.Errorf("unable to copy the assets for %s; %w", service, err)
-		}
 	}
 
 	return nil
@@ -73,9 +92,6 @@ func Prepare(service string) error {
 
 func render(cfg config, component string) error {
 	buildDirName := filepath.Join(rootBuildDir, component)
-	if err := os.MkdirAll(buildDirName, 0o750); err != nil {
-		return fmt.Errorf("unable to make %s; %w", buildDirName, err)
-	}
 
 	templateDirName := filepath.Join(rootTemplatesDir, component)
 
diff --git a/templates/woodpecker/.dockerignore.gotmpl b/templates/woodpecker/.dockerignore.gotmpl
new file mode 100644
index 0000000..48d23f5
--- /dev/null
+++ b/templates/woodpecker/.dockerignore.gotmpl
@@ -0,0 +1,4 @@
+*
+!entrypoint.sh
+!traefik_woodpecker.yaml
+!woodpecker-server-{{ .Woodpecker.Version }}_linux_amd64.tar.gz
diff --git a/templates/woodpecker/Dockerfile.gotmpl b/templates/woodpecker/Dockerfile.gotmpl
index b9f63e5..a260d07 100644
--- a/templates/woodpecker/Dockerfile.gotmpl
+++ b/templates/woodpecker/Dockerfile.gotmpl
@@ -1,5 +1,5 @@
 # syntax=docker/dockerfile:1
-FROM alpine:3.17
+FROM alpine:3.18
 
 WORKDIR /tmp
 
@@ -9,20 +9,21 @@ RUN --mount=type=bind,source=.,target=/packages \
         ca-certificates \
     && addgroup -g {{ .FlowGID }} flow \
     && adduser -S -H -D -s /bin/bash -u {{ .Woodpecker.LinuxUID }} -G flow workflow \
-    && mkdir -p {{ .Woodpecker.DataContainerDirectory }} \
-    && chown {{ .Woodpecker.LinuxUID }}:{{ .Woodpecker.LinuxUID }} {{ .Woodpecker.DataContainerDirectory }} \
-    && chmod 0700 {{ .Woodpecker.DataContainerDirectory }} \
+    && mkdir -p {{ .Woodpecker.DataContainerDirectory }} /flow/woodpecker/tmp \
+    && chown {{ .Woodpecker.LinuxUID }}:{{ .Woodpecker.LinuxUID }} {{ .Woodpecker.DataContainerDirectory }} /flow/woodpecker/tmp \
+    && chmod 0700 {{ .Woodpecker.DataContainerDirectory }} /flow/woodpecker/tmp \
     && tar xzvf /packages/woodpecker-server-{{ .Woodpecker.Version }}_linux_amd64.tar.gz \
     && mv /tmp/woodpecker-server /usr/local/bin/woodpecker-server \
+    && cp /packages/entrypoint.sh /usr/local/bin/entrypoint \
+    && chmod a+x /usr/local/bin/entrypoint \
+    && cp /packages/traefik_woodpecker.yaml /flow/woodpecker/tmp/traefik_woodpecker.yaml \
+    && chown {{ .Woodpecker.LinuxUID }}:{{ .FlowGID }} /flow/woodpecker/tmp/traefik_woodpecker.yaml \
     && rm -rf /tmp/*
 
-COPY --chown={{ .Woodpecker.LinuxUID }}:{{ .Woodpecker.LinuxUID }} entrypoint.sh /usr/local/bin/entrypoint
-COPY --chown={{ .Woodpecker.LinuxUID }}:{{ .FlowGID }} traefik_woodpecker.yaml /flow/woodpecker/tmp/traefik_woodpecker.yaml
-
-RUN chmod a+x /usr/local/bin/entrypoint
-
 ENV GODEBUG=netdns=go
 
 USER {{ .Woodpecker.LinuxUID }}:{{ .FlowGID }}
 
+WORKDIR /
+
 ENTRYPOINT ["entrypoint"]