diff --git a/Dockerfile b/Dockerfile index c129351..c14b107 100644 --- a/Dockerfile +++ b/Dockerfile @@ -20,48 +20,28 @@ FROM node:20-bookworm AS build RUN node --version && npm --version -# Prepare the folder to enable non-root, otherwise npm will refuse to run the postinstall -RUN mkdir /vault -RUN chown node:node /vault -USER node - # Can be a tag, release, but prefer a commit hash because it's not changeable # https://github.com/bitwarden/clients/commit/${VAULT_VERSION} # # Using https://github.com/bitwarden/clients/releases/tag/web-v2024.6.2 ARG VAULT_VERSION=e2354e8694ab5e532d04f275e4bd6bf560c7509b +ENV VAULT_VERSION=$VAULT_VERSION +ENV VAULT_FOLDER=bw_clients +ENV CHECKOUT_TAGS=false -WORKDIR /vault -RUN git -c init.defaultBranch=main init && \ - git remote add origin https://github.com/bitwarden/clients.git && \ - git fetch --depth 1 origin "${VAULT_VERSION}" && \ - git -c advice.detachedHead=false checkout FETCH_HEAD - -COPY --chown=node:node patches /patches -COPY --chown=node:node resources /resources -COPY --chown=node:node scripts/apply_patches.sh /apply_patches.sh - -RUN bash /apply_patches.sh - -# Build -RUN npm ci +RUN mkdir /bw_web_builds +WORKDIR /bw_web_builds -# Switch to the web apps folder -WORKDIR /vault/apps/web +COPY patches ./patches +COPY resources ./resources +COPY scripts ./scripts -RUN npm run dist:oss:selfhost +RUN ./scripts/checkout_web_vault.sh +RUN ./scripts/patch_web_vault.sh +RUN ./scripts/build_web_vault.sh +RUN mv "${VAULT_FOLDER}/apps/web/build" ./web-vault -RUN printf '{"version":"%s"}' \ - $(git -c 'versionsort.suffix=-' ls-remote --tags --refs --sort='v:refname' https://github.com/dani-garcia/bw_web_builds.git 'v*' | tail -n1 | grep -Eo '[^\/v]*$') \ - > build/vw-version.json - -# Delete debugging map files, optional -# RUN find build -name "*.map" -delete - -# Prepare the final archives -RUN mv build web-vault RUN tar -czvf "bw_web_vault.tar.gz" web-vault --owner=0 --group=0 - # Output the sha256sum here so people are able to match the sha256sum from the CI with the assets and the downloaded version if needed RUN echo "sha256sum: $(sha256sum "bw_web_vault.tar.gz")" @@ -69,7 +49,8 @@ RUN echo "sha256sum: $(sha256sum "bw_web_vault.tar.gz")" # The result is included both uncompressed and as a tar.gz, to be able to use it in the docker images and the github releases directly FROM scratch # hadolint ignore=DL3010 -COPY --from=build /vault/apps/web/bw_web_vault.tar.gz /bw_web_vault.tar.gz -COPY --from=build /vault/apps/web/web-vault /web-vault +COPY --from=build /bw_web_builds/bw_web_vault.tar.gz /bw_web_vault.tar.gz +COPY --from=build /bw_web_builds/web-vault /web-vault + # Added so docker create works, can't actually run a scratch image CMD [""] diff --git a/scripts/.script_env b/scripts/.script_env index 4a6df27..e9b9628 100644 --- a/scripts/.script_env +++ b/scripts/.script_env @@ -2,7 +2,8 @@ # shellcheck disable=SC2034 set -o pipefail -o errexit -VAULT_FOLDER=web-vault +VAULT_FOLDER=${VAULT_FOLDER:=web-vault} +CHECKOUT_TAGS=${CHECKOUT_TAGS:=true} OUTPUT_FOLDER=builds function get_web_vault_version { diff --git a/scripts/checkout_web_vault.sh b/scripts/checkout_web_vault.sh index f71cac2..d73a316 100755 --- a/scripts/checkout_web_vault.sh +++ b/scripts/checkout_web_vault.sh @@ -26,6 +26,7 @@ if [[ "${VAULT_VERSION}" =~ ^20[0-9]{2}\.[0-9]{1,2}.[0-9]{1} ]]; then elif [[ "${VAULT_VERSION}" =~ ^v20[0-9]{2}\.[0-9]{1,2}.[0-9]{1} ]]; then VAULT_VERSION="web-${VAULT_VERSION}" fi + echo "Using: '${VAULT_VERSION}' to checkout bitwarden/client." if [ ! -d "${VAULT_FOLDER}" ]; then @@ -47,10 +48,14 @@ else popd fi +if [[ "$CHECKOUT_TAGS" == "true" ]]; then + CHECKOUT_ARGS="${CHECKOUT_ARGS:-} --tags" +fi + # Checkout the request pushd "${VAULT_FOLDER}" # Update branch and tag metadata - git fetch --tags --depth 1 origin "${VAULT_VERSION}" + git fetch --depth 1 ${CHECKOUT_ARGS:-} origin "${VAULT_VERSION}" # Checkout the branch we want git -c advice.detachedHead=false checkout FETCH_HEAD popd