Merge pull request #174 from Timshel/feature/build

Use checkout and build scripts in docker

Dockerfile

@@ -20,56 +20,37 @@
 FROM node:20-bookworm AS build
 RUN node --version && npm --version
 
-# Prepare the folder to enable non-root, otherwise npm will refuse to run the postinstall
-RUN mkdir /vault
-RUN chown node:node /vault
-USER node
-
 # Can be a tag, release, but prefer a commit hash because it's not changeable
 # https://github.com/bitwarden/clients/commit/${VAULT_VERSION}
 #
 # Using https://github.com/bitwarden/clients/releases/tag/web-v2024.6.2
 ARG VAULT_VERSION=e2354e8694ab5e532d04f275e4bd6bf560c7509b
+ENV VAULT_VERSION=$VAULT_VERSION
+ENV VAULT_FOLDER=bw_clients
+ENV CHECKOUT_TAGS=false
 
-WORKDIR /vault
-RUN git -c init.defaultBranch=main init && \
-    git remote add origin https://github.com/bitwarden/clients.git && \
-    git fetch --depth 1 origin "${VAULT_VERSION}" && \
-    git -c advice.detachedHead=false checkout FETCH_HEAD
-
-COPY --chown=node:node patches /patches
-COPY --chown=node:node resources /resources
-COPY --chown=node:node scripts/apply_patches.sh /apply_patches.sh
-
-RUN bash /apply_patches.sh
-
-# Build
-RUN npm ci
+RUN mkdir /bw_web_builds
+WORKDIR /bw_web_builds
 
-# Switch to the web apps folder
-WORKDIR /vault/apps/web
+COPY patches ./patches
+COPY resources ./resources
+COPY scripts ./scripts
 
-RUN npm run dist:oss:selfhost
+RUN ./scripts/checkout_web_vault.sh
+RUN ./scripts/patch_web_vault.sh
+RUN ./scripts/build_web_vault.sh
+RUN mv "${VAULT_FOLDER}/apps/web/build" ./web-vault
 
-RUN printf '{"version":"%s"}' \
-      $(git -c 'versionsort.suffix=-' ls-remote --tags --refs --sort='v:refname' https://github.com/dani-garcia/bw_web_builds.git 'v*' | tail -n1 | grep -Eo '[^\/v]*$') \
-      > build/vw-version.json
-
-# Delete debugging map files, optional
-# RUN find build -name "*.map" -delete
-
-# Prepare the final archives
-RUN mv build web-vault
 RUN tar -czvf "bw_web_vault.tar.gz" web-vault --owner=0 --group=0
-
 # Output the sha256sum here so people are able to match the sha256sum from the CI with the assets and the downloaded version if needed
 RUN echo "sha256sum: $(sha256sum "bw_web_vault.tar.gz")"
 
 # We copy the final result as a separate empty image so there's no need to download all the intermediate steps
 # The result is included both uncompressed and as a tar.gz, to be able to use it in the docker images and the github releases directly
 FROM scratch
 # hadolint ignore=DL3010
-COPY --from=build /vault/apps/web/bw_web_vault.tar.gz /bw_web_vault.tar.gz
-COPY --from=build /vault/apps/web/web-vault /web-vault
+COPY --from=build /bw_web_builds/bw_web_vault.tar.gz /bw_web_vault.tar.gz
+COPY --from=build /bw_web_builds/web-vault /web-vault
+
 # Added so docker create works, can't actually run a scratch image
 CMD [""]

scripts/.script_env

@@ -2,7 +2,8 @@
 # shellcheck disable=SC2034
 set -o pipefail -o errexit
 
-VAULT_FOLDER=web-vault
+VAULT_FOLDER=${VAULT_FOLDER:=web-vault}
+CHECKOUT_TAGS=${CHECKOUT_TAGS:=true}
 OUTPUT_FOLDER=builds
 
 function get_web_vault_version {

scripts/checkout_web_vault.sh

@@ -26,6 +26,7 @@ if [[ "${VAULT_VERSION}" =~ ^20[0-9]{2}\.[0-9]{1,2}.[0-9]{1} ]]; then
 elif [[ "${VAULT_VERSION}" =~ ^v20[0-9]{2}\.[0-9]{1,2}.[0-9]{1} ]]; then
     VAULT_VERSION="web-${VAULT_VERSION}"
 fi
+
 echo "Using: '${VAULT_VERSION}' to checkout bitwarden/client."
 
 if [ ! -d "${VAULT_FOLDER}" ]; then
@@ -47,10 +48,14 @@ else
     popd
 fi
 
+if [[ "$CHECKOUT_TAGS" == "true" ]]; then
+    CHECKOUT_ARGS="${CHECKOUT_ARGS:-} --tags"
+fi
+
 # Checkout the request
 pushd "${VAULT_FOLDER}"
     # Update branch and tag metadata
-    git fetch --tags --depth 1 origin "${VAULT_VERSION}"
+    git fetch --depth 1 ${CHECKOUT_ARGS:-} origin "${VAULT_VERSION}"
     # Checkout the branch we want
     git -c advice.detachedHead=false checkout FETCH_HEAD
 popd