From 6c7200bfc06cafc795eed4ee233d1634ea63f38d Mon Sep 17 00:00:00 2001
From: Max Rydahl Andersen <max.andersen@gmail.com>
Date: Wed, 19 Jul 2023 15:15:51 +0200
Subject: [PATCH] feat: introduce clean docker multi java version build

Why:

 * jbang-action is hardcoded to use a specific java version
   requiring users to download new java version
 * nicer if can have a docker images that has the java version
   built in

This change addreses the need by:

 * move jbang-action to a separate distribution (might consider dropping it fully)
 * add a jbang-docker repo that builds a docker image with jbang and java
   and publishes under jbangdev/jbang:<version>-java-<java major version>.
---
 .gitignore                                    |  1 -
 jreleaser.yml                                 | 43 ++++++++++-
 .../jbang-action/docker/Dockerfile.tpl        | 37 ++++++++++
 .../jbang-action/docker/README.md.tpl         | 73 +++++++++++++++++++
 .../docker/action.yml.tpl                     |  0
 .../docker/container-structure-test.yaml      |  0
 .../jbang-action/docker/entrypoint            | 21 ++++++
 .../distributions/jbang/docker/Dockerfile.tpl | 25 ++-----
 .../distributions/jbang/docker/README.md.tpl  | 15 ++--
 .../distributions/jbang/docker/entrypoint     |  7 +-
 10 files changed, 186 insertions(+), 36 deletions(-)
 create mode 100644 src/jreleaser/distributions/jbang-action/docker/Dockerfile.tpl
 create mode 100644 src/jreleaser/distributions/jbang-action/docker/README.md.tpl
 rename src/jreleaser/distributions/{jbang => jbang-action}/docker/action.yml.tpl (100%)
 rename src/jreleaser/distributions/{jbang => jbang-action}/docker/container-structure-test.yaml (100%)
 create mode 100644 src/jreleaser/distributions/jbang-action/docker/entrypoint

diff --git a/.gitignore b/.gitignore
index b46b8e314..a13e2fb4a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -12,7 +12,6 @@ bin
 homebrew-tap
 RESULTS
 *.db
-jbang-action
 out
 node_modules
 package-lock.json
diff --git a/jreleaser.yml b/jreleaser.yml
index a3b118e82..c8927d521 100644
--- a/jreleaser.yml
+++ b/jreleaser.yml
@@ -67,16 +67,40 @@ files:
 
 distributions:
   jbang:
+    extraProperties:
+      # Key will be capitalized and prefixed with `distribution`, i.e, `distributionFoo`.
+      foo: bar
     executable:
       windowsExtension: cmd
-    docker:  ## not ready to release this way.
+    docker: 
       active: RELEASE
       continueOnError: true
+      templateDirectory: src/jreleaser/distributions/jbang/docker
       postCommands:
         - "VOLUME /scripts"
-      baseImage: "adoptopenjdk:11-jdk-hotspot"
+      registries:
+        - serverName: quay.io
+        - serverName: docker.io
+        - serverName: gcr.io
       repository:
-        name: jbang-action
+        name: jbang-docker
+      specs:
+        java-11:
+          baseImage: "eclipse-temurin:11"
+          templateDirectory: src/jreleaser/distributions/jbang/docker
+          imageNames:
+            - 'jbangdev/jbang:{{tagName}}-{{dockerSpecName}}'
+          matchers:
+            foo: bar
+        java-17:
+          baseImage: "eclipse-temurin:17"
+          templateDirectory: src/jreleaser/distributions/jbang/docker
+          imageNames:
+            - 'jbangdev/jbang:{{tagName}}-{{dockerSpecName}}'
+            - 'jbangdev/jbang:{{tagName}}'
+            - 'jbangdev/jbang:latest'
+          matchers:
+            foo: bar
     sdkman:
       active: RELEASE
       continueOnError: true
@@ -104,3 +128,16 @@ distributions:
     artifacts:
       - path: build/distributions/jbang-{{projectVersion}}.zip
       - path: build/distributions/jbang-{{projectVersion}}.tar
+  jbang-action:
+    docker:  ## not ready to release this way.
+      active: RELEASE
+      continueOnError: true
+      postCommands:
+        - "VOLUME /scripts"
+      baseImage: "adoptopenjdk:11-jdk-hotspot"
+      repository:
+        name: jbang-action
+    artifacts:
+      - path: build/distributions/jbang-{{projectVersion}}.zip
+      - path: build/distributions/jbang-{{projectVersion}}.tar
+    
diff --git a/src/jreleaser/distributions/jbang-action/docker/Dockerfile.tpl b/src/jreleaser/distributions/jbang-action/docker/Dockerfile.tpl
new file mode 100644
index 000000000..c6775ce38
--- /dev/null
+++ b/src/jreleaser/distributions/jbang-action/docker/Dockerfile.tpl
@@ -0,0 +1,37 @@
+FROM {{dockerBaseImage}}
+
+{{#dockerLabels}}
+LABEL {{.}}
+{{/dockerLabels}}
+
+{{#dockerPreCommands}}
+{{.}}
+{{/dockerPreCommands}}
+
+COPY assembly/* /
+
+RUN jar xf {{distributionArtifactFileName}}{{distributionArtifactFileExtension}} && \
+    rm {{distributionArtifactFileName}}{{distributionArtifactFileExtension}} && \
+    mv jbang-* jbang && \
+    chmod +x jbang/bin/jbang
+
+{{#dockerPostCommands}}
+{{.}}
+{{/dockerPostCommands}}
+
+ENV PATH="${PATH}:/{{distributionArtifactName}}/bin"
+
+ADD ./entrypoint /bin/entrypoint
+
+ENV SCRIPTS_HOME /scripts
+ENV JBANG_VERSION {{projectVersion}}
+ENV JBANG_PATH=/jbang/bin
+
+VOLUME /scripts
+
+ENV PATH="${PATH}:/jbang/bin"
+
+## github action does not allow writing to $HOME thus routing this elsewhere
+ENV JBANG_DIR="/jbang/.jbang"
+
+ENTRYPOINT ["entrypoint"]
diff --git a/src/jreleaser/distributions/jbang-action/docker/README.md.tpl b/src/jreleaser/distributions/jbang-action/docker/README.md.tpl
new file mode 100644
index 000000000..460e3ff0d
--- /dev/null
+++ b/src/jreleaser/distributions/jbang-action/docker/README.md.tpl
@@ -0,0 +1,73 @@
+# JBang Container for Docker and Github Action
+
+[![GitHub release badge](https://badgen.net/github/release/jbangdev/jbang-action/stable)](https://github.com/jbangdev/jbang-action/releases/latest)
+[![GitHub license badge](https://badgen.net/github/license/jbangdev/jbang-action)]()
+[![GitHub Workflows badge](https://badgen.net/runkit/maxandersen/61b3c9809073c8000ae9b210)](https://github.com/search?q=jbang-action+language%3AYAML+language%3AYAML+path%3A.github%2Fworkflows&type=Code&ref=advsearch&l=&l=)
+[![DockerHub Pulls](https://img.shields.io/docker/pulls/jbangdev/jbang-action)]()
+
+This container intended for quick and easily run java based scripts with [jbang](https://jbang.dev).
+
+Can be used directly with docker or as a GitHub Action.
+
+The source is located in [jbangdev/jbang](https://github.com/jbangdev/jbang/blob/HEAD/src/jreleaser/distributions/jbang/docker/) and are updated in this repo on every tag/release of jbangdev/jbang.
+
+
+[Source](https://github.com/jbangdev/jbang-action)
+
+## Container/Docker usage
+
+Using dockerhub images:
+
+```
+docker run -v `pwd`:/ws --workdir=/ws jbangdev/jbang-action helloworld.java
+```
+
+Using quay.io images:
+
+```
+docker run -v `pwd`:/ws --workdir=/ws quay.io/jbangdev/jbang-action helloworld.java
+```
+
+
+## Github Action
+
+### Inputs
+
+Key | Example | Description
+----|---------|------------
+trust | `https://github.com/maxandersen` | Host pattern to add to be trusted before the script are executed.
+jbangargs | `--verbose` | Arguments to pass to jbang before the script.
+script | `hello.java` | File, URL or alias referring to script to run
+scriptargs | `--token ${GITHUB_TOKEN}` | Arguments to pass to the script. Note: due to how github actions + docker arguments containing spaces gets treated as separate arguments no matter how much quoting is done. If you need argument with spaces better to extend the docker file and call jbang directly.
+
+### Outputs
+
+### Example usage
+
+Here it is assumed you have a jbang script called `createissue.java` in the root of your project.
+
+```yaml
+on: [push]
+
+jobs:
+  jbang:
+    runs-on: ubuntu-latest
+    name: A job to run jbang
+    steps:
+    - name: checkout
+      uses: actions/checkout@v1
+    - uses: actions/cache@v1
+      with:
+        path: /root/.jbang
+        key: ${{ runner.os }}-jbang-${{ hashFiles('*.java') }}
+        restore-keys: |
+            ${{ runner.os }}-jbang-
+    - name: jbang
+      uses: jbangdev/jbang-action@{{tagName}}
+      with:
+        script: createissue.java
+        scriptargs: "my world"
+      env:
+        JBANG_REPO: /root/.jbang/repository
+        GITHUB_TOKEN: ${{ secrets.ISSUE_GITHUB_TOKEN }}
+```
diff --git a/src/jreleaser/distributions/jbang/docker/action.yml.tpl b/src/jreleaser/distributions/jbang-action/docker/action.yml.tpl
similarity index 100%
rename from src/jreleaser/distributions/jbang/docker/action.yml.tpl
rename to src/jreleaser/distributions/jbang-action/docker/action.yml.tpl
diff --git a/src/jreleaser/distributions/jbang/docker/container-structure-test.yaml b/src/jreleaser/distributions/jbang-action/docker/container-structure-test.yaml
similarity index 100%
rename from src/jreleaser/distributions/jbang/docker/container-structure-test.yaml
rename to src/jreleaser/distributions/jbang-action/docker/container-structure-test.yaml
diff --git a/src/jreleaser/distributions/jbang-action/docker/entrypoint b/src/jreleaser/distributions/jbang-action/docker/entrypoint
new file mode 100644
index 000000000..469e34874
--- /dev/null
+++ b/src/jreleaser/distributions/jbang-action/docker/entrypoint
@@ -0,0 +1,21 @@
+#!/usr/bin/env bash
+
+# In OpenShift, containers are run as a random high number uid
+# that doesn't exist in /etc/passwd
+if [ `id -u` -ge 500 ] || [ -z "${CURRENT_UID}" ]; then
+
+  cat << EOF > /tmp/passwd
+root:x:0:0:root:/root:/bin/bash
+jbang:x:`id -u`:`id -g`:,,,:/scripts:/bin/bash
+EOF
+
+  cat /tmp/passwd > /etc/passwd
+  rm /tmp/passwd
+fi
+
+if [[ ! -z "$INPUT_TRUST" ]]; then
+  $JBANG_PATH/jbang trust add $INPUT_TRUST
+fi
+
+echo jbang $INPUT_JBANGARGS $INPUT_SCRIPT $INPUT_ARGS "${@}"
+exec $JBANG_PATH/jbang $INPUT_JBANGARGS $INPUT_SCRIPT $INPUT_SCRIPTARGS "${@}"
diff --git a/src/jreleaser/distributions/jbang/docker/Dockerfile.tpl b/src/jreleaser/distributions/jbang/docker/Dockerfile.tpl
index c6775ce38..4c66d9127 100644
--- a/src/jreleaser/distributions/jbang/docker/Dockerfile.tpl
+++ b/src/jreleaser/distributions/jbang/docker/Dockerfile.tpl
@@ -1,3 +1,4 @@
+# {{jreleaserCreationStamp}}
 FROM {{dockerBaseImage}}
 
 {{#dockerLabels}}
@@ -8,30 +9,16 @@ LABEL {{.}}
 {{.}}
 {{/dockerPreCommands}}
 
-COPY assembly/* /
+COPY assembly/ /
 
 RUN jar xf {{distributionArtifactFileName}}{{distributionArtifactFileExtension}} && \
     rm {{distributionArtifactFileName}}{{distributionArtifactFileExtension}} && \
-    mv jbang-* jbang && \
-    chmod +x jbang/bin/jbang
-
+    chmod +x {{distributionArtifactRootEntryName}}/bin/{{distributionExecutableUnix}}
+    
 {{#dockerPostCommands}}
 {{.}}
 {{/dockerPostCommands}}
 
-ENV PATH="${PATH}:/{{distributionArtifactName}}/bin"
-
-ADD ./entrypoint /bin/entrypoint
-
-ENV SCRIPTS_HOME /scripts
-ENV JBANG_VERSION {{projectVersion}}
-ENV JBANG_PATH=/jbang/bin
-
-VOLUME /scripts
-
-ENV PATH="${PATH}:/jbang/bin"
-
-## github action does not allow writing to $HOME thus routing this elsewhere
-ENV JBANG_DIR="/jbang/.jbang"
+ENV PATH="${PATH}:/{{distributionArtifactRootEntryName}}/bin"
 
-ENTRYPOINT ["entrypoint"]
+ENTRYPOINT ["/{{distributionArtifactRootEntryName}}/bin/{{distributionExecutableUnix}}"]
\ No newline at end of file
diff --git a/src/jreleaser/distributions/jbang/docker/README.md.tpl b/src/jreleaser/distributions/jbang/docker/README.md.tpl
index 460e3ff0d..5f8d7b40b 100644
--- a/src/jreleaser/distributions/jbang/docker/README.md.tpl
+++ b/src/jreleaser/distributions/jbang/docker/README.md.tpl
@@ -1,31 +1,28 @@
 # JBang Container for Docker and Github Action
 
-[![GitHub release badge](https://badgen.net/github/release/jbangdev/jbang-action/stable)](https://github.com/jbangdev/jbang-action/releases/latest)
-[![GitHub license badge](https://badgen.net/github/license/jbangdev/jbang-action)]()
-[![GitHub Workflows badge](https://badgen.net/runkit/maxandersen/61b3c9809073c8000ae9b210)](https://github.com/search?q=jbang-action+language%3AYAML+language%3AYAML+path%3A.github%2Fworkflows&type=Code&ref=advsearch&l=&l=)
-[![DockerHub Pulls](https://img.shields.io/docker/pulls/jbangdev/jbang-action)]()
+[![GitHub release badge](https://badgen.net/github/release/jbangdev/jbang-docker/stable)](https://github.com/jbangdev/jbang-docker/releases/latest)
+[![GitHub license badge](https://badgen.net/github/license/jbangdev/jbang-docker)]()
+[![DockerHub Pulls](https://img.shields.io/docker/pulls/jbangdev/jbang-docker)]()
 
 This container intended for quick and easily run java based scripts with [jbang](https://jbang.dev).
 
-Can be used directly with docker or as a GitHub Action.
-
 The source is located in [jbangdev/jbang](https://github.com/jbangdev/jbang/blob/HEAD/src/jreleaser/distributions/jbang/docker/) and are updated in this repo on every tag/release of jbangdev/jbang.
 
 
-[Source](https://github.com/jbangdev/jbang-action)
+[Source](https://github.com/jbangdev/jbang-docker)
 
 ## Container/Docker usage
 
 Using dockerhub images:
 
 ```
-docker run -v `pwd`:/ws --workdir=/ws jbangdev/jbang-action helloworld.java
+docker run -v `pwd`:/ws --workdir=/ws jbangdev/jbang helloworld.java
 ```
 
 Using quay.io images:
 
 ```
-docker run -v `pwd`:/ws --workdir=/ws quay.io/jbangdev/jbang-action helloworld.java
+docker run -v `pwd`:/ws --workdir=/ws quay.io/jbangdev/jbang helloworld.java
 ```
 
 
diff --git a/src/jreleaser/distributions/jbang/docker/entrypoint b/src/jreleaser/distributions/jbang/docker/entrypoint
index 469e34874..235440462 100644
--- a/src/jreleaser/distributions/jbang/docker/entrypoint
+++ b/src/jreleaser/distributions/jbang/docker/entrypoint
@@ -13,9 +13,8 @@ EOF
   rm /tmp/passwd
 fi
 
-if [[ ! -z "$INPUT_TRUST" ]]; then
-  $JBANG_PATH/jbang trust add $INPUT_TRUST
+if [[ ! -z "$TRUST" ]]; then
+  jbang trust add $TRUST
 fi
 
-echo jbang $INPUT_JBANGARGS $INPUT_SCRIPT $INPUT_ARGS "${@}"
-exec $JBANG_PATH/jbang $INPUT_JBANGARGS $INPUT_SCRIPT $INPUT_SCRIPTARGS "${@}"
+exec jbang "${@}"