fix: issues related to publish, install-docker-compose and `updat…

…e-description` (#147)

* fix: payload used in the `update-description` command (#143)

* chore: bump orb dependencies and remove deprecated commands (#146)

* fix: curl error in `install-docker-compose` (#145)

* fix: support for env vars parameters in `publish` (#142)

.circleci/test-deploy.yml

@@ -16,13 +16,17 @@ promotion_requires: &promotion_requires
     publish-docker-cache-not-found,
     publish-docker-with-buildkit,
     publish-docker-multiple-tags,
+    publish-docker-env-var-image-param,
     test-pull,
     test-install-docker-tools-docker-latest,
     test-install-docker-tools-docker-old,
     test-install-docker-tools-macos-latest,
     test-install-docker-tools-macos-old,
     test-install-docker-tools-machine-latest,
     test-install-docker-tools-machine-old,
+    test-install-docker-compose-with-checksums,
+    test-install-docker-compose-with-sha256,
+    test-install-docker-compose-with-checksums-and-sha256,
     test-docker-latest,
     test-docker-old,
     test-macos-latest,
@@ -210,6 +214,32 @@ jobs:
           debug: <<parameters.debug>>
           dockerfile: <<parameters.dockerfile>>
           treat-warnings-as-errors: <<parameters.treat-warnings-as-errors>>
+  test-install-docker-compose:
+    parameters:
+      docker-compose-version:
+        type: string
+        default: latest
+        description: >
+          Version of `docker-compose` to install, defaults to the latest stable release.
+          If specifying a version other than latest, provide a full release tag,
+          as listed at https://github.com/docker/compose/releases or
+          https://api.github.com/repos/docker/compose/releases, e.g., `1.23.1`.
+
+      install-dir:
+        type: string
+        default: /usr/local/bin
+        description: >
+          Directory in which to install `docker-compose`
+      executor:
+        type: executor
+
+    executor: << parameters.executor >>
+
+    steps:
+      - docker/install-docker
+      - docker/install-docker-compose:
+          version: << parameters.docker-compose-version>>
+          install-dir: << parameters.install-dir>>  
 
 workflows:
   test-deploy:
@@ -236,6 +266,23 @@ workflows:
       - test-build-with-args:
           filters: *filters
 
+      # begin test-install-docker-compose
+      - test-install-docker-compose:
+          name: test-install-docker-compose-with-checksums
+          executor: docker-latest
+          filters: *filters
+      - test-install-docker-compose:
+          name: test-install-docker-compose-with-sha256
+          docker-compose-version: v2.0.1
+          executor: docker-latest
+          filters: *filters
+      - test-install-docker-compose:
+          name: test-install-docker-compose-with-checksums-and-sha256
+          docker-compose-version: v2.9.0
+          executor: docker-latest
+          filters: *filters
+      # end test-install-docker-compose
+
       # begin test-check-command
       - test-check-command:
           name: test-check-command-docker
@@ -389,6 +436,21 @@ workflows:
           docker-password: DOCKER_PASS
           use-docker-credentials-store: true
           filters: *filters
+      - docker/publish:
+          pre-steps:
+            - run: echo 'export DOCKER_USERNAME=cpeorbtesting' >> $BASH_ENV
+            - run: echo 'export DOCKER_NAME=docker-orb-test' >> $BASH_ENV
+          name: publish-docker-env-var-image-param
+          executor: docker-latest
+          context: CPE-orb-docker-testing
+          use-remote-docker: true
+          dockerfile: test.Dockerfile
+          image: $DOCKER_USERNAME/$DOCKER_NAME
+          tag: $CIRCLE_SHA1,$CIRCLE_BUILD_NUM
+          docker-username: DOCKER_USER
+          docker-password: DOCKER_PASS
+          use-docker-credentials-store: true
+          filters: *filters
       # end docker/publish
 
       # begin test-install-docker-tools
@@ -441,10 +503,10 @@ workflows:
 executors:
   macos-old:
     macos:
-      xcode: 10.3.0
+      xcode: 11.7.0
   macos-latest:
     macos:
-      xcode: 13.1.0
+      xcode: 14.0.0
   docker-old:
     docker:
       - image: cimg/base:2020.08-20.04

src/@orb.yml

@@ -8,6 +8,5 @@ display:
   source_url: https://github.com/CircleCI-Public/docker-orb
 
 orbs:
-  bt: circleci/[email protected]
-  jq: circleci/[email protected]
-  orb-tools: circleci/[email protected]
+  bt: circleci/[email protected]
+  jq: circleci/[email protected]

src/commands/check.yml

@@ -29,12 +29,6 @@ parameters:
       This option is only supported on Ubuntu/Debian/macOS platforms.
 
 steps:
-  - orb-tools/check-env-var-param:
-      param: <<parameters.docker-username>>
-
-  - orb-tools/check-env-var-param:
-      param: <<parameters.docker-password>>
-
   - when:
       condition: <<parameters.use-docker-credentials-store>>
       steps:

src/commands/install-docker-compose.yml

@@ -10,7 +10,8 @@ parameters:
       Version of `docker-compose` to install, defaults to the latest stable release.
       If specifying a version other than latest, provide a full release tag,
       as listed at https://github.com/docker/compose/releases or
-      https://api.github.com/repos/docker/compose/releases, e.g., `1.23.1`.
+      https://api.github.com/repos/docker/compose/releases, e.g., `v2.10.0`.
+      Only versions equal or above v2.0.1 are supported.
 
   install-dir:
     type: string

src/commands/update-description.yml

@@ -36,6 +36,7 @@ parameters:
       Name of environment variable storing your Docker password
 
 steps:
+  - jq/install
   - run:
       name: Update description
       environment:

src/scripts/install-docker-compose.sh

@@ -29,7 +29,7 @@ if command -v docker-compose &> /dev/null; then
     exit 0
   else
     echo "A different version of docker-compose is installed ($(docker-compose --version)); removing it"
-    $SUDO rm -f "$(command -v docker-compose)"1
+    $SUDO rm -f "$(command -v docker-compose)"
   fi
 fi
 
@@ -42,31 +42,44 @@ else
 fi
 
 DOCKER_COMPOSE_BASE_URL="https://github.com/docker/compose/releases/download/$DOCKER_COMPOSE_VERSION"
-DOCKER_COMPOSE_SHASUM_URL="$DOCKER_COMPOSE_BASE_URL/docker-compose-$PLATFORM-x86_64.sha256"
+DOCKER_COMPOSE_RELEASES_HTML="$(curl -Ls --fail --retry 3 "https://github.com/docker/compose/releases/tag/$DOCKER_COMPOSE_VERSION")"
+DOCKER_COMPOSE_RELEASE="docker-compose-$PLATFORM-x86_64"
+DOCKER_SHASUM_FILENAME="checksum.txt"
 
-# download binary and shasum
-curl -O \
-  --silent --show-error --location --fail --retry 3 \
-  "$DOCKER_COMPOSE_SHASUM_URL"
+# since v2.10.0, docker-compose doesn't have a ".sha256" file
+# so we need to use the "checksums.txt" file instead
+if grep --quiet "checksums.txt" <<< "$DOCKER_COMPOSE_RELEASES_HTML"; then
+  printf '%s\n' "Downloading \"checksums.txt\" to verify the binary's integrity."
 
-FILENAME=$(cat docker-compose-$PLATFORM-x86_64.sha256 | awk '{ print $NF }' | sed 's/^\*//')
+  curl -o "$DOCKER_SHASUM_FILENAME" \
+    --silent --location --retry 3 \
+    "$DOCKER_COMPOSE_BASE_URL/checksums.txt"
+else
+  printf '%s\n' "Downloading \"$DOCKER_COMPOSE_RELEASE.sha256\" to verify the binary's integrity."
+
+  curl -o "$DOCKER_SHASUM_FILENAME" \
+    --silent --location --retry 3 \
+    "$DOCKER_COMPOSE_BASE_URL/$DOCKER_COMPOSE_RELEASE.sha256"
+fi
 
-curl -O \
-  --silent --show-error --location --fail --retry 3 \
-  "$DOCKER_COMPOSE_BASE_URL/$FILENAME"
+# download docker-compose binary
+curl -o "$DOCKER_COMPOSE_RELEASE" \
+  --location --retry 3 \
+  "$DOCKER_COMPOSE_BASE_URL/$DOCKER_COMPOSE_RELEASE"
 
+# verify binary integrity using SHA-256 checksum
 set +e
-grep "$FILENAME" docker-compose-$PLATFORM-x86_64.sha256 | sha256sum -c -
+grep "$DOCKER_COMPOSE_RELEASE" "$DOCKER_SHASUM_FILENAME" | sha256sum -c -
 SHASUM_SUCCESS=$?
 set -e
 
 if [[ "$SHASUM_SUCCESS" -ne 0 ]]; then
-  echo "Checksum validation failed for $FILENAME"
+  echo "Checksum validation failed for $DOCKER_COMPOSE_RELEASE"
   exit 1
 fi
 
 # install docker-compose
-$SUDO mv "$FILENAME" "$PARAM_INSTALL_DIR"/docker-compose
+$SUDO mv "$DOCKER_COMPOSE_RELEASE" "$PARAM_INSTALL_DIR"/docker-compose
 $SUDO chmod +x "$PARAM_INSTALL_DIR"/docker-compose
 
 # verify version

src/scripts/push.sh

@@ -2,14 +2,19 @@
 
 IFS="," read -ra DOCKER_TAGS <<< "$PARAM_TAG"
 
+image="$(eval echo "$PARAM_IMAGE")"
+
 for docker_tag in "${DOCKER_TAGS[@]}"; do
   tag=$(eval echo "$docker_tag")
-  docker push "$PARAM_REGISTRY"/"$PARAM_IMAGE":"$tag"
+
+  set -x
+  docker push "$PARAM_REGISTRY"/"$image":"$tag"
+  set +x
 done
 
 if [ -n "$PARAM_DIGEST_PATH" ]; then
   mkdir -p "$(dirname "$PARAM_DIGEST_PATH")"
   IFS="," read -ra DOCKER_TAGS <<< "$PARAM_TAG"
   tag=$(eval echo "${DOCKER_TAGS[0]}")
-  docker image inspect --format="{{index .RepoDigests 0}}" "$PARAM_REGISTRY"/"$PARAM_IMAGE":"$tag" > "$PARAM_DIGEST_PATH"
+  docker image inspect --format="{{index .RepoDigests 0}}" "$PARAM_REGISTRY"/"$image":"$tag" > "$PARAM_DIGEST_PATH"
 fi

src/scripts/update-description.sh

@@ -7,13 +7,14 @@ fi
 
 USERNAME=${!PARAM_DOCKER_USERNAME}
 PASSWORD=${!PARAM_DOCKER_PASSWORD}
+IMAGE="$(eval echo "$PARAM_IMAGE")"
 
 DESCRIPTION="$PARAM_PATH/$PARAM_README"
 PAYLOAD="username=$USERNAME&password=$PASSWORD"
 JWT=$(curl -s -d "$PAYLOAD" https://hub.docker.com/v2/users/login/ | jq -r .token)
 HEADER="Authorization: JWT $JWT"
-URL="https://hub.docker.com/v2/repositories/$PARAM_IMAGE/"
-STATUS=$(curl -s -o /dev/null -w '%{http_code}' -X PATCH -H "$HEADER" --data-urlencode full_description@$DESCRIPTION $URL)
+URL="https://hub.docker.com/v2/repositories/$IMAGE/"
+STATUS=$(curl -s -o /dev/null -w '%{http_code}' -X PATCH -H "$HEADER" -H 'Content-type: application/json' --data "{\"full_description\": $(jq -Rs '.' $DESCRIPTION)}" $URL)
 
 if [ $STATUS -ne 200 ]; then
   echo "Could not update image description"