forked from openfrontier/docker-gerrit
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathgerrit-entrypoint.sh
168 lines (146 loc) · 9.48 KB
/
gerrit-entrypoint.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
#!/bin/bash
set -e
function set_gerrit_config {
gosu ${GERRIT_USER} git config -f "${GERRIT_SITE}/etc/gerrit.config" "$@"
}
function set_secure_config {
gosu ${GERRIT_USER} git config -f "${GERRIT_SITE}/etc/secure.config" "$@"
}
#Initialize gerrit if gerrit site dir is empty.
#This is necessary when gerrit site is in a volume.
if [ "$1" = "/gerrit-start.sh" ]; then
# If you're mounting ${GERRIT_SITE} to your host, you this will default to root.
# This obviously ensures the permissions are set correctly for when gerrit starts.
chown -R ${GERRIT_USER} "${GERRIT_SITE}"
if [ -z "$(ls -A "$GERRIT_SITE")" ]; then
echo "First time initialize gerrit..."
gosu ${GERRIT_USER} java -jar "${GERRIT_WAR}" init --batch --no-auto-start -d "${GERRIT_SITE}" ${GERRIT_INIT_ARGS}
#All git repositories must be removed when database is set as postgres or mysql
#in order to be recreated at the secondary init below.
#Or an execption will be thrown on secondary init.
[ ${#DATABASE_TYPE} -gt 0 ] && rm -rf "${GERRIT_SITE}/git"
fi
# Install external plugins
cp -f ${GERRIT_HOME}/delete-project.jar ${GERRIT_SITE}/plugins/delete-project.jar
cp -f ${GERRIT_HOME}/events-log.jar ${GERRIT_SITE}/plugins/events-log.jar
# Install the Bouncy Castle
cp -f ${GERRIT_HOME}/bcprov-jdk15on-${BOUNCY_CASTLE_VERSION}.jar ${GERRIT_SITE}/lib/bcprov-jdk15on-${BOUNCY_CASTLE_VERSION}.jar
cp -f ${GERRIT_HOME}/bcpkix-jdk15on-${BOUNCY_CASTLE_VERSION}.jar ${GERRIT_SITE}/lib/bcpkix-jdk15on-${BOUNCY_CASTLE_VERSION}.jar
# Provide a way to customise this image
echo
for f in /docker-entrypoint-init.d/*; do
case "$f" in
*.sh) echo "$0: running $f"; . "$f" ;;
*) echo "$0: ignoring $f" ;;
esac
echo
done
#Customize gerrit.config
#Section gerrit
[ -z "${WEBURL}" ] || set_gerrit_config gerrit.canonicalWebUrl "${WEBURL}"
#Section database
if [ "${DATABASE_TYPE}" = 'postgresql' ]; then
set_gerrit_config database.type "${DATABASE_TYPE}"
[ -z "${DB_PORT_5432_TCP_ADDR}" ] || set_gerrit_config database.hostname "${DB_PORT_5432_TCP_ADDR}"
[ -z "${DB_PORT_5432_TCP_PORT}" ] || set_gerrit_config database.port "${DB_PORT_5432_TCP_PORT}"
[ -z "${DB_ENV_POSTGRES_DB}" ] || set_gerrit_config database.database "${DB_ENV_POSTGRES_DB}"
[ -z "${DB_ENV_POSTGRES_USER}" ] || set_gerrit_config database.username "${DB_ENV_POSTGRES_USER}"
[ -z "${DB_ENV_POSTGRES_PASSWORD}" ] || set_secure_config database.password "${DB_ENV_POSTGRES_PASSWORD}"
fi
#Section database
if [ "${DATABASE_TYPE}" = 'mysql' ]; then
set_gerrit_config database.type "${DATABASE_TYPE}"
[ -z "${DB_PORT_3306_TCP_ADDR}" ] || set_gerrit_config database.hostname "${DB_PORT_3306_TCP_ADDR}"
[ -z "${DB_PORT_3306_TCP_PORT}" ] || set_gerrit_config database.port "${DB_PORT_3306_TCP_PORT}"
[ -z "${DB_ENV_MYSQL_DB}" ] || set_gerrit_config database.database "${DB_ENV_MYSQL_DB}"
[ -z "${DB_ENV_MYSQL_USER}" ] || set_gerrit_config database.username "${DB_ENV_MYSQL_USER}"
[ -z "${DB_ENV_MYSQL_PASSWORD}" ] || set_secure_config database.password "${DB_ENV_MYSQL_PASSWORD}"
fi
#Section ldap
if [ "${AUTH_TYPE}" = 'LDAP' ] || [ "${AUTH_TYPE}" = 'LDAP_BIND' ] ; then
set_gerrit_config auth.type "${AUTH_TYPE}"
set_gerrit_config auth.gitBasicAuth true
[ -z "${LDAP_SERVER}" ] || set_gerrit_config ldap.server "ldap://${LDAP_SERVER}"
[ -z "${LDAP_SSLVERIFY}" ] || set_gerrit_config ldap.sslVerify "${LDAP_SSLVERIFY}"
[ -z "${LDAP_GROUPSVISIBLETOALL}" ] || set_gerrit_config ldap.groupsVisibleToAll "${LDAP_GROUPSVISIBLETOALL}"
[ -z "${LDAP_USERNAME}" ] || set_gerrit_config ldap.username "${LDAP_USERNAME}"
[ -z "${LDAP_PASSWORD}" ] || set_secure_config ldap.password "${LDAP_PASSWORD}"
[ -z "${LDAP_REFERRAL}" ] || set_gerrit_config ldap.referral "${LDAP_REFERRAL}"
[ -z "${LDAP_READTIMEOUT}" ] || set_gerrit_config ldap.readTimeout "${LDAP_READTIMEOUT}"
[ -z "${LDAP_ACCOUNTBASE}" ] || set_gerrit_config ldap.accountBase "${LDAP_ACCOUNTBASE}"
[ -z "${LDAP_ACCOUNTSCOPE}" ] || set_gerrit_config ldap.accountScope "${LDAP_ACCOUNTSCOPE}"
[ -z "${LDAP_ACCOUNTPATTERN}" ] || set_gerrit_config ldap.accountPattern "${LDAP_ACCOUNTPATTERN}"
[ -z "${LDAP_ACCOUNTFULLNAME}" ] || set_gerrit_config ldap.accountFullName "${LDAP_ACCOUNTFULLNAME}"
[ -z "${LDAP_ACCOUNTEMAILADDRESS}" ] || set_gerrit_config ldap.accountEmailAddress "${LDAP_ACCOUNTEMAILADDRESS}"
[ -z "${LDAP_ACCOUNTSSHUSERNAME}" ] || set_gerrit_config ldap.accountSshUserName "${LDAP_ACCOUNTSSHUSERNAME}"
[ -z "${LDAP_ACCOUNTMEMBERFIELD}" ] || set_gerrit_config ldap.accountMemberField "${LDAP_ACCOUNTMEMBERFIELD}"
[ -z "${LDAP_FETCHMEMBEROFEAGERLY}" ] || set_gerrit_config ldap.fetchMemberOfEagerly "${LDAP_FETCHMEMBEROFEAGERLY}"
[ -z "${LDAP_GROUPBASE}" ] || set_gerrit_config ldap.groupBase "${LDAP_GROUPBASE}"
[ -z "${LDAP_GROUPSCOPE}" ] || set_gerrit_config ldap.groupScope "${LDAP_GROUPSCOPE}"
[ -z "${LDAP_GROUPPATTERN}" ] || set_gerrit_config ldap.groupPattern "${LDAP_GROUPPATTERN}"
[ -z "${LDAP_GROUPMEMBERPATTERN}" ] || set_gerrit_config ldap.groupMemberPattern "${LDAP_GROUPMEMBERPATTERN}"
[ -z "${LDAP_GROUPNAME}" ] || set_gerrit_config ldap.groupName "${LDAP_GROUPNAME}"
[ -z "${LDAP_LOCALUSERNAMETOLOWERCASE}" ] || set_gerrit_config ldap.localUsernameToLowerCase "${LDAP_LOCALUSERNAMETOLOWERCASE}"
[ -z "${LDAP_AUTHENTICATION}" ] || set_gerrit_config ldap.authentication "${LDAP_AUTHENTICATION}"
[ -z "${LDAP_USECONNECTIONPOOLING}" ] || set_gerrit_config ldap.useConnectionPooling "${LDAP_USECONNECTIONPOOLING}"
[ -z "${LDAP_CONNECTTIMEOUT}" ] || set_gerrit_config ldap.connectTimeout "${LDAP_CONNECTTIMEOUT}"
fi
# section OAUTH general
if [ "${AUTH_TYPE}" = 'OAUTH' ] ; then
cp -f ${GERRIT_HOME}/gerrit-oauth-provider.jar ${GERRIT_SITE}/plugins/gerrit-oauth-provider.jar
set_gerrit_config auth.type "${AUTH_TYPE}"
[ -z "${OAUTH_ALLOW_EDIT_FULL_NAME}" ] || set_gerrit_config oauth.allowEditFullName "${OAUTH_ALLOW_EDIT_FULL_NAME}"
[ -z "${OAUTH_ALLOW_REGISTER_NEW_EMAIL}" ] || set_gerrit_config oauth.allowRegisterNewEmail "${OAUTH_ALLOW_REGISTER_NEW_EMAIL}"
# Google
[ -z "${OAUTH_GOOGLE_RESTRICT_DOMAIN}" ] || set_gerrit_config plugin.gerrit-oauth-provider-google-oauth.domain "${OAUTH_GOOGLE_RESTRICT_DOMAIN}"
[ -z "${OAUTH_GOOGLE_CLIENT_ID}" ] || set_gerrit_config plugin.gerrit-oauth-provider-google-oauth.client-id "${OAUTH_GOOGLE_CLIENT_ID}"
[ -z "${OAUTH_GOOGLE_CLIENT_SECRET}" ] || set_gerrit_config plugin.gerrit-oauth-provider-google-oauth.client-secret "${OAUTH_GOOGLE_CLIENT_SECRET}"
[ -z "${OAUTH_GOOGLE_LINK_OPENID}" ] || set_gerrit_config plugin.gerrit-oauth-provider-google-oauth.link-to-existing-openid-accounts "${OAUTH_GOOGLE_LINK_OPENID}"
# Github
[ -z "${OAUTH_GITHUB_CLIENT_ID}" ] || set_gerrit_config plugin.gerrit-oauth-provider-github-oauth.client-id "${OAUTH_GITHUB_CLIENT_ID}"
[ -z "${OAUTH_GITHUB_CLIENT_SECRET}" ] || set_gerrit_config plugin.gerrit-oauth-provider-github-oauth.client-secret "${OAUTH_GITHUB_CLIENT_SECRET}"
fi
# section DEVELOPMENT_BECOME_ANY_ACCOUNT
if [ "${AUTH_TYPE}" = 'DEVELOPMENT_BECOME_ANY_ACCOUNT' ] ; then
set_gerrit_config auth.type "${AUTH_TYPE}"
fi
# section container
[ -z "${JAVA_HEAPLIMIT}" ] || set_gerrit_config container.heapLimit "${JAVA_HEAPLIMIT}"
[ -z "${JAVA_OPTIONS}" ] || set_gerrit_config container.javaOptions "${JAVA_OPTIONS}"
[ -z "${JAVA_SLAVE}" ] || set_gerrit_config container.slave "${JAVA_SLAVE}"
#Section sendemail
if [ -z "${SMTP_SERVER}" ]; then
set_gerrit_config sendemail.enable false
else
set_gerrit_config sendemail.enable true
set_gerrit_config sendemail.smtpServer "${SMTP_SERVER}"
if [ "smtp.gmail.com" = "${SMTP_SERVER}" ]; then
echo "gmail detected, using default port and encryption"
set_gerrit_config sendemail.smtpServerPort 587
set_gerrit_config sendemail.smtpEncryption tls
fi
[ -z "${SMTP_SERVER_PORT}" ] || set_gerrit_config sendemail.smtpServerPort "${SMTP_SERVER_PORT}"
[ -z "${SMTP_USER}" ] || set_gerrit_config sendemail.smtpUser "${SMTP_USER}"
[ -z "${SMTP_PASS}" ] || set_secure_config sendemail.smtpPass "${SMTP_PASS}"
[ -z "${SMTP_ENCRYPTION}" ] || set_gerrit_config sendemail.sendemail.smtpEncryption "${SMTP_ENCRYPTION}"
[ -z "${SMTP_CONNECT_TIMEOUT}" ] || set_gerrit_config sendemail.connectTimeout "${SMTP_CONNECT_TIMEOUT}"
[ -z "${SMTP_FROM}" ] || set_gerrit_config sendemail.from "${SMTP_FROM}"
fi
#Section user
[ -z "${USER_NAME}" ] || set_gerrit_config user.name "${USER_NAME}"
[ -z "${USER_EMAIL}" ] || set_gerrit_config user.email "${USER_EMAIL}"
[ -z "${USER_ANONYMOUS_COWARD}" ] || set_gerrit_config user.anonymousCoward "${USER_ANONYMOUS_COWARD}"
#Section plugins
set_gerrit_config plugins.allowRemoteAdmin true
#Section httpd
[ -z "${HTTPD_LISTENURL}" ] || set_gerrit_config httpd.listenUrl "${HTTPD_LISTENURL}"
echo "Upgrading gerrit..."
gosu ${GERRIT_USER} java -jar "${GERRIT_WAR}" init --batch -d "${GERRIT_SITE}" ${GERRIT_INIT_ARGS}
if [ $? -eq 0 ]; then
echo "Upgrading is OK."
else
echo "Something wrong..."
cat "${GERRIT_SITE}/logs/error_log"
fi
fi
exec "$@"