From 8d3a5ebffa9ea4e33d9d1cbf30e0c6d9dee655e9 Mon Sep 17 00:00:00 2001 From: Max Schmitt Date: Thu, 7 Mar 2024 20:18:23 +0100 Subject: [PATCH] devops: mark Docker images as EOL (#2347) --- utils/docker/.gitignore | 1 + utils/docker/publish_docker.sh | 21 +++++++++++++++++++++ 2 files changed, 22 insertions(+) create mode 100644 utils/docker/.gitignore diff --git a/utils/docker/.gitignore b/utils/docker/.gitignore new file mode 100644 index 000000000..8803f25de --- /dev/null +++ b/utils/docker/.gitignore @@ -0,0 +1 @@ +oras/ diff --git a/utils/docker/publish_docker.sh b/utils/docker/publish_docker.sh index d47df4c1d..2b4e73a53 100755 --- a/utils/docker/publish_docker.sh +++ b/utils/docker/publish_docker.sh @@ -51,6 +51,27 @@ tag_and_push() { echo "-- tagging: $target" docker tag $source $target docker push $target + attach_eol_manifest $target +} + +attach_eol_manifest() { + local image="$1" + local today=$(date -u +'%Y-%m-%d') + install_oras_if_needed + # oras is re-using Docker credentials, so we don't need to login. + # Following the advice in https://portal.microsofticm.com/imp/v3/incidents/incident/476783820/summary + ./oras/oras attach --artifact-type application/vnd.microsoft.artifact.lifecycle --annotation "vnd.microsoft.artifact.lifecycle.end-of-life.date=$today" $image +} + +install_oras_if_needed() { + if [[ -x oras/oras ]]; then + return + fi + local version="1.1.0" + curl -sLO "https://github.com/oras-project/oras/releases/download/v${version}/oras_${version}_linux_amd64.tar.gz" + mkdir -p oras + tar -zxf oras_${version}_linux_amd64.tar.gz -C oras + rm oras_${version}_linux_amd64.tar.gz } publish_docker_images_with_arch_suffix() {