From 49d4040b606ffa476efaa8eb6aeae05105007dd1 Mon Sep 17 00:00:00 2001
From: Jamil <jamilbk@users.noreply.github.com>
Date: Wed, 1 Feb 2023 19:38:55 -0800
Subject: [PATCH] Add version tag to migrate script (#1400)

* Add new `VERSION` to `docker_migrate.sh` script
* Add missing `SAML_KEYFILE_PATH` and `SAML_CERTFILE_PATH` env vars to
migrate script
* Add missing `PHOENIX_PORT` var
* Bump Elixir to 1.14.3
* Bump Erlang to 25.2.1
* Update docs to document new VERSION var in docker-compose.yml upgrade
mechanism

Fixes #1395
---
 .github/workflows/docker_publish.yml |  7 +++++++
 .tool-versions                       |  4 ++--
 Dockerfile.dev                       |  2 +-
 Dockerfile.prod                      |  4 ++--
 docs/docs/administer/upgrade.mdx     | 10 +++++++---
 scripts/docker_migrate.sh            |  7 +++++++
 6 files changed, 26 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/docker_publish.yml b/.github/workflows/docker_publish.yml
index 9a29140f6..9573c1a6d 100644
--- a/.github/workflows/docker_publish.yml
+++ b/.github/workflows/docker_publish.yml
@@ -25,10 +25,17 @@ jobs:
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
+      - name: Get minor version of ref
+        env:
+          VERSION: ${{ github.ref_name }}
+        id: get-minor
+        run: echo "::set-output name=fragment::${VERSION%.*}"
+
       - name: Copy image from Github (staging) to Docker (production)
         uses: akhilerm/tag-push-action@v2.1.0
         with:
           src: ${{ env.GITHUB_REGISTRY }}/${{ env.IMAGE_NAME}}:${{ github.ref_name }}
           dst: |
             ${{ env.DOCKERHUB_REGISTRY }}/${{ env.IMAGE_NAME}}:latest
+            ${{ env.DOCKERHUB_REGISTRY }}/${{ env.IMAGE_NAME}}:${{ steps.get-minor.outputs.fragment }}
             ${{ env.DOCKERHUB_REGISTRY }}/${{ env.IMAGE_NAME}}:${{ github.ref_name }}
diff --git a/.tool-versions b/.tool-versions
index f67934721..9a8dd2d59 100644
--- a/.tool-versions
+++ b/.tool-versions
@@ -1,8 +1,8 @@
 # These are used for the dev environment.
 # This should match the versions used in the built product.
 nodejs 16.17.0
-elixir 1.14.2-otp-25
-erlang 25.1.2
+elixir 1.14.3-otp-25
+erlang 25.2.1
 
 # Used for static analysis
 ruby 2.7.6
diff --git a/Dockerfile.dev b/Dockerfile.dev
index 0b7de6e87..d1e5f44c8 100644
--- a/Dockerfile.dev
+++ b/Dockerfile.dev
@@ -1,6 +1,6 @@
 # This Dockerfile builds a development image to use for local development work
 
-FROM firezone/elixir:1.14.2-otp-25.1.2
+FROM firezone/elixir:1.14.3-otp-25.2.1
 
 # Install dev dependencies / convenience tools
 RUN apk add \
diff --git a/Dockerfile.prod b/Dockerfile.prod
index 343db9ce1..0278c2b92 100644
--- a/Dockerfile.prod
+++ b/Dockerfile.prod
@@ -1,5 +1,5 @@
-ARG ELIXIR_VERSION=1.14.2
-ARG OTP_VERSION=25.1.2
+ARG ELIXIR_VERSION=1.14.3
+ARG OTP_VERSION=25.2.1
 ARG ALPINE_VERSION=3.16.3
 
 ARG BUILDER_IMAGE="firezone/elixir:${ELIXIR_VERSION}-otp-${OTP_VERSION}"
diff --git a/docs/docs/administer/upgrade.mdx b/docs/docs/administer/upgrade.mdx
index 60602234f..f817df9b2 100644
--- a/docs/docs/administer/upgrade.mdx
+++ b/docs/docs/administer/upgrade.mdx
@@ -12,16 +12,20 @@ relevant [files and folders](/reference/file-and-directory-locations/)
 before upgrading in case anything goes wrong.
 :::
 
-To upgrade Firezone, follow these steps:
+Follow the steps below to upgrade Firezone:
 
 <Tabs>
 <TabItem label="Docker" value="docker" default>
 
-1. Change to the Firezone installation directory:
+1. Change to your Firezone installation directory, by default `$HOME/.firezone`:
 ```
 cd $HOME/.firezone
 ```
-1. Update docker compose images:
+1. If your `.env` file has a `VERSION` variable, update it to the desired version.
+By default `latest` is assumed if not set. This variable is read in newer versions
+of the docker-compose.yml template to populate the `image:` key for the `firezone`
+service.
+1. Update service images:
 ```
 docker compose pull
 ```
diff --git a/scripts/docker_migrate.sh b/scripts/docker_migrate.sh
index 4dde5455f..d9f0f2995 100755
--- a/scripts/docker_migrate.sh
+++ b/scripts/docker_migrate.sh
@@ -167,6 +167,13 @@ migrate () {
   condIns $env_files "MAX_DEVICES_PER_USER"
   condIns $env_files "CONNECTIVITY_CHECKS_ENABLED"
   condIns $env_files "CONNECTIVITY_CHECKS_INTERVAL"
+  condIns $env_files "SAML_CERTFILE_PATH"
+  condIns $env_files "SAML_KEYFILE_PATH"
+  condIns $env_files "PHOENIX_PORT"
+
+  # Add version for docker-compose.yml to pick up
+  LATEST_VERSION=$(curl -fsSL https://api.github.com/repos/firezone/firezone/releases/latest | grep -w tag_name | cut -d '"' -f 4)
+  sed -i.bak "s~VERSION=.*~VERSION=${LATEST_VERSION}~" "$installDir/.env"
 
   # Add caddy opts
   echo "TLS_OPTS=\"$tlsOpts\"" >> $installDir/.env