wip
This commit is contained in:
bpinsard
parent
3005669eba
commit
fe95059f1c
|
|
@ -1,5 +1,5 @@
|
|||
FROM python:3.12-alpine
|
||||
RUN apk add --no-cache ca-certificates tzdata \
|
||||
RUN apk add --no-cache ca-certificates tzdata 7zip jq\
|
||||
git openssh-client git-annex curl bzip2 bash glab\
|
||||
&& cp /usr/share/zoneinfo/UTC /etc/localtime \
|
||||
&& apk del tzdata \
|
||||
|
|
@ -12,6 +12,6 @@ RUN pip install --break-system-packages --no-cache-dir datalad ssh_agent_setup p
|
|||
ADD indexer /indexer
|
||||
COPY entrypoint.sh /entrypoint.sh
|
||||
RUN chmod +x /entrypoint.sh
|
||||
CMD /entrypoint.sh
|
||||
ENTRYPOINT ["bash", "/entrypoint.sh"]
|
||||
|
||||
WORKDIR /work
|
||||
|
|
|
|||
|
|
@ -1,21 +1,24 @@
|
|||
#!/bin/bash
|
||||
|
||||
CONTAINER_ID=$(basename $(cat /proc/1/cpuset))
|
||||
GITLAB_TOKEN_SECRET=/var/run/secrets/dicom_bot_gitlab_token
|
||||
GITLAB_TOKEN_SECRET=$(cat /var/run/secrets/dicom_bot_gitlab_token 2>/dev/null)
|
||||
GITLAB_TOKEN=${GITLAB_TOKEN_SECRET:=$GITLAB_TOKEN}
|
||||
|
||||
# only export keys when deploying as a service on swarm
|
||||
# TODO: should try using gitlab runner mechanism if not
|
||||
if [ -e $GITLAB_TOKEN_SECRET ] ; then
|
||||
if [ -n "${GITLAB_TOKEN}" ] ; then
|
||||
# generate container specific ssh-key
|
||||
ssh-keygen -f /root/.ssh/id_rsa -N ''
|
||||
# register it for dicom_bot user
|
||||
curl -X POST -F "private_token=$(cat $GITLAB_TOKEN_SECRET)" \
|
||||
echo 'registering the ssh key'
|
||||
ssh_key_json=$(curl -X POST -F "private_token=${GITLAB_TOKEN}" \
|
||||
-F "title="$(cat /etc/hostname)${CONTAINER_ID:0:12} -F "key=$(cat ~/.ssh/id_rsa.pub)" \
|
||||
"${GITLAB_API_URL}/user/keys"
|
||||
"${GITLAB_API_URL}/user/keys")
|
||||
fi
|
||||
|
||||
git config --global init.defaultBranch main
|
||||
|
||||
mkdir -p ~/.ssh/known_hosts
|
||||
install -m 600 /dev/stdin ~/.ssh/known_hosts <<< "$SSH_KNOWN_HOSTS"
|
||||
|
||||
# example
|
||||
# /usr/bin/storescp \
|
||||
|
|
@ -26,12 +29,12 @@ git config --global init.defaultBranch main
|
|||
# --exec-on-eostudy "python3 $DICOM_ROOT/exec_on_study_received.py #p " 2100 >> $DICOM_DATA_ROOT/storescp.log
|
||||
|
||||
# run whatever command was passed (storescp or python index_dicoms directly)
|
||||
echo $@
|
||||
bash -c "$@"
|
||||
$@
|
||||
|
||||
if [ -e $GITLAB_TOKEN_SECRET ] ; then
|
||||
if [ -n "${GITLAB_TOKEN}" ] ; then
|
||||
# unregister the temporary ssh key
|
||||
curl -X DELETE -F "private_token=$(cat $GITLAB_TOKEN_SECRET)" \
|
||||
ssh_key_id=$(jq .id <<< $ssh_key_json)
|
||||
curl -X DELETE -F "private_token=${GITLAB_TOKEN}" \
|
||||
-F "title="$(cat /etc/hostname)${CONTAINER_ID:0:12}
|
||||
"${GITLAB_API_URL}/user/keys"
|
||||
"${GITLAB_API_URL}/users/keys/${ssh_key_id}"
|
||||
fi
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
include:
|
||||
- local: /.ci-env.yml
|
||||
- project: "$NI_DATAOPS_GITLAB_ROOT/ci-pipelines"
|
||||
ref: refactor
|
||||
file:
|
||||
- 'ci-pipelines/bids/bids_repo.yml'
|
||||
|
|
|
|||
|
|
@ -2,5 +2,6 @@
|
|||
include:
|
||||
- local: /.ci-env.yml
|
||||
- project: "$NI_DATAOPS_GITLAB_ROOT/ci-pipelines"
|
||||
ref: refactor
|
||||
file:
|
||||
- 'ci-pipelines/sources/dicoms_study.yml'
|
||||
|
|
|
|||
Loading…
Reference in New Issue