AdrianoDev
c9ab211c38
Skip login se ~/.docker/config.json contiene già auth per il registry. Permette di fare 'docker login' una volta e poi lanciare lo script senza dover esportare GITEA_PAT ad ogni run. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
91 lines
3.0 KiB
Bash
Executable File
91 lines
3.0 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
# Cerbero_mcp — build & push image al registry Gitea da macchina locale.
|
|
#
|
|
# Sostituisce il job CI `build-and-push` di .gitea/workflows/ci.yml.
|
|
# Usalo dopo `git push` (o senza, se vuoi pushare un build "dirty").
|
|
# Watchtower sul VPS pulla automaticamente entro WATCHTOWER_POLL_INTERVAL.
|
|
#
|
|
# Pre-requisiti:
|
|
# - docker + buildx
|
|
# - PAT Gitea con scope `write:package` in env $GITEA_PAT
|
|
# - $GITEA_USER (default: adriano)
|
|
#
|
|
# Uso:
|
|
# ./scripts/build-push.sh # tutte le image
|
|
# ./scripts/build-push.sh base gateway # solo specifiche
|
|
|
|
set -euo pipefail
|
|
|
|
REGISTRY="${REGISTRY:-git.tielogic.xyz}"
|
|
IMAGE_PREFIX="${IMAGE_PREFIX:-$REGISTRY/adriano/cerbero-mcp}"
|
|
GITEA_USER="${GITEA_USER:-adriano}"
|
|
SHA="$(git rev-parse --short HEAD)"
|
|
|
|
# Ordine di build: base prima (parent delle mcp-*), poi le altre.
|
|
ALL_TARGETS=(base gateway mcp-deribit mcp-bybit mcp-hyperliquid mcp-alpaca mcp-macro mcp-sentiment)
|
|
TARGETS=("${@:-${ALL_TARGETS[@]}}")
|
|
|
|
command -v docker >/dev/null || { echo "FATAL: docker non installato"; exit 1; }
|
|
docker buildx version >/dev/null || { echo "FATAL: docker buildx non disponibile"; exit 1; }
|
|
|
|
# Login solo se non già autenticato sul registry. Per primo login fai:
|
|
# echo "<PAT>" | docker login $REGISTRY -u $GITEA_USER --password-stdin
|
|
if grep -q "\"$REGISTRY\"" ~/.docker/config.json 2>/dev/null; then
|
|
echo "=== docker già loggato su $REGISTRY (skip login) ==="
|
|
elif [ -n "${GITEA_PAT:-}" ]; then
|
|
echo "=== docker login $REGISTRY ==="
|
|
echo "$GITEA_PAT" | docker login "$REGISTRY" -u "$GITEA_USER" --password-stdin
|
|
else
|
|
echo "FATAL: non autenticato su $REGISTRY e GITEA_PAT non settata."
|
|
echo " Esegui una volta: docker login $REGISTRY -u $GITEA_USER"
|
|
exit 1
|
|
fi
|
|
|
|
build_one() {
|
|
local name="$1"
|
|
local context file
|
|
case "$name" in
|
|
base)
|
|
context="."; file="docker/base.Dockerfile" ;;
|
|
gateway)
|
|
context="./gateway"; file="gateway/Dockerfile" ;;
|
|
mcp-*)
|
|
context="."; file="docker/${name}.Dockerfile" ;;
|
|
*)
|
|
echo "FATAL: target sconosciuto '$name'"; exit 1 ;;
|
|
esac
|
|
|
|
if [ ! -f "$file" ]; then
|
|
echo "FATAL: Dockerfile non trovato: $file"; exit 1
|
|
fi
|
|
|
|
local tag_latest="$IMAGE_PREFIX/$name:latest"
|
|
local tag_sha="$IMAGE_PREFIX/$name:sha-$SHA"
|
|
|
|
echo "=== [$name] build & push ==="
|
|
local args=(buildx build --push
|
|
-f "$file"
|
|
-t "$tag_latest"
|
|
-t "$tag_sha"
|
|
)
|
|
if [[ "$name" == mcp-* ]]; then
|
|
args+=(--build-arg "BASE_IMAGE=$IMAGE_PREFIX/base"
|
|
--build-arg "BASE_TAG=latest")
|
|
fi
|
|
args+=("$context")
|
|
|
|
docker "${args[@]}"
|
|
echo " pushed: $tag_latest"
|
|
echo " pushed: $tag_sha"
|
|
}
|
|
|
|
for t in "${TARGETS[@]}"; do
|
|
build_one "$t"
|
|
done
|
|
|
|
echo
|
|
echo "=== Tutto pushato (commit $SHA) ==="
|
|
echo "VPS Watchtower farà pull entro WATCHTOWER_POLL_INTERVAL (default 5min)."
|
|
echo "Per forzare subito:"
|
|
echo " ssh <vps> 'cd /docker/cerbero_mcp && docker compose -f docker-compose.prod.yml pull && docker compose -f docker-compose.prod.yml up -d'"
|