2017-09-17 22:20:16 +00:00
|
|
|
# Make targets:
|
|
|
|
#
|
|
|
|
# all : builds all binaries in development mode, without web assets (default)
|
|
|
|
# full : builds all binaries for PRODUCTION use
|
|
|
|
# release: prepares a release tarball
|
|
|
|
# clean : removes all buld artifacts
|
|
|
|
# test : runs tests
|
|
|
|
|
|
|
|
# To update the Teleport version, update VERSION variable:
|
2016-06-15 17:50:45 +00:00
|
|
|
# Naming convention:
|
|
|
|
# for stable releases we use "1.0.0" format
|
|
|
|
# for pre-releases, we use "1.0.0-beta.2" format
|
2020-06-25 18:42:48 +00:00
|
|
|
VERSION=4.4.0-dev
|
2016-06-14 23:52:32 +00:00
|
|
|
|
2019-10-08 14:09:56 +00:00
|
|
|
DOCKER_IMAGE ?= quay.io/gravitational/teleport
|
|
|
|
|
2016-04-18 03:55:46 +00:00
|
|
|
# These are standard autotools variables, don't change them please
|
2016-03-23 01:22:48 +00:00
|
|
|
BUILDDIR ?= build
|
2016-03-24 19:32:59 +00:00
|
|
|
BINDIR ?= /usr/local/bin
|
|
|
|
DATADIR ?= /usr/local/share/teleport
|
2016-03-22 19:15:17 +00:00
|
|
|
ADDFLAGS ?=
|
2017-01-13 06:56:53 +00:00
|
|
|
PWD ?= `pwd`
|
2018-10-30 23:52:18 +00:00
|
|
|
GOPKGDIR ?= `go env GOPATH`/pkg/`go env GOHOSTOS`_`go env GOARCH`/github.com/gravitational/teleport*
|
2016-05-11 05:05:01 +00:00
|
|
|
TELEPORT_DEBUG ?= no
|
2017-01-19 00:53:19 +00:00
|
|
|
GITTAG=v$(VERSION)
|
2017-08-03 19:51:06 +00:00
|
|
|
BUILDFLAGS ?= $(ADDFLAGS) -ldflags '-w -s'
|
2018-10-30 23:52:18 +00:00
|
|
|
CGOFLAG ?= CGO_ENABLED=1
|
2020-05-20 19:07:55 +00:00
|
|
|
GO_LINTERS ?= "unused,govet,typecheck,deadcode,goimports,varcheck,structcheck,bodyclose,staticcheck,ineffassign,unconvert,misspell,gosimple"
|
2016-04-16 00:48:25 +00:00
|
|
|
|
2019-07-02 21:35:17 +00:00
|
|
|
OS ?= $(shell go env GOOS)
|
|
|
|
ARCH ?= $(shell go env GOARCH)
|
2019-03-12 22:30:44 +00:00
|
|
|
FIPS ?=
|
2018-07-31 20:41:33 +00:00
|
|
|
RELEASE=teleport-$(GITTAG)-$(OS)-$(ARCH)-bin
|
|
|
|
|
2019-03-12 22:30:44 +00:00
|
|
|
# FIPS support must be requested at build time.
|
|
|
|
FIPS_MESSAGE := "without FIPS support"
|
|
|
|
ifneq ("$(FIPS)","")
|
|
|
|
FIPS_TAG := fips
|
|
|
|
FIPS_MESSAGE := "with FIPS support"
|
|
|
|
endif
|
|
|
|
|
2018-09-27 01:21:45 +00:00
|
|
|
# PAM support will only be built into Teleport if headers exist at build time.
|
|
|
|
PAM_MESSAGE := "without PAM support"
|
|
|
|
ifneq ("$(wildcard /usr/include/security/pam_appl.h)","")
|
2019-03-12 22:30:44 +00:00
|
|
|
PAM_TAG := pam
|
2018-09-27 01:21:45 +00:00
|
|
|
PAM_MESSAGE := "with PAM support"
|
|
|
|
endif
|
|
|
|
|
2019-11-16 00:39:40 +00:00
|
|
|
# BPF support will only be built into Teleport if headers exist at build time.
|
|
|
|
BPF_MESSAGE := "without BPF support"
|
|
|
|
ifneq ("$(wildcard /usr/include/bcc/libbpf.h)","")
|
|
|
|
BPF_TAG := bpf
|
|
|
|
BPF_MESSAGE := "with BPF support"
|
|
|
|
endif
|
|
|
|
|
2018-07-31 20:41:33 +00:00
|
|
|
# On Windows only build tsh. On all other platforms build teleport, tctl,
|
|
|
|
# and tsh.
|
2018-02-24 01:23:09 +00:00
|
|
|
BINARIES=$(BUILDDIR)/teleport $(BUILDDIR)/tctl $(BUILDDIR)/tsh
|
2019-11-16 00:39:40 +00:00
|
|
|
RELEASE_MESSAGE := "Building with GOOS=$(OS) GOARCH=$(ARCH) and $(PAM_MESSAGE) and $(FIPS_MESSAGE) and $(BPF_MESSAGE)."
|
2018-07-31 20:41:33 +00:00
|
|
|
ifeq ("$(OS)","windows")
|
|
|
|
BINARIES=$(BUILDDIR)/tsh
|
|
|
|
endif
|
2017-01-16 00:27:19 +00:00
|
|
|
|
2017-01-25 03:36:30 +00:00
|
|
|
VERSRC = version.go gitref.go
|
2017-01-16 00:27:19 +00:00
|
|
|
|
2018-06-15 22:05:15 +00:00
|
|
|
KUBECONFIG ?=
|
|
|
|
TEST_KUBE ?=
|
|
|
|
export
|
|
|
|
|
2016-01-17 18:28:34 +00:00
|
|
|
#
|
2018-07-31 20:41:33 +00:00
|
|
|
# 'make all' builds all 3 executables and places them in the current directory.
|
2018-02-24 01:23:09 +00:00
|
|
|
#
|
2017-09-17 22:20:16 +00:00
|
|
|
# IMPORTANT: the binaries will not contain the web UI assets and `teleport`
|
|
|
|
# won't start without setting the environment variable DEBUG=1
|
|
|
|
# This is the default build target for convenience of working on
|
|
|
|
# a web UI.
|
2016-02-14 01:09:05 +00:00
|
|
|
.PHONY: all
|
2017-08-11 05:00:52 +00:00
|
|
|
all: $(VERSRC)
|
2018-09-27 01:21:45 +00:00
|
|
|
@echo "---> Building OSS binaries."
|
2018-03-27 17:43:27 +00:00
|
|
|
$(MAKE) $(BINARIES)
|
|
|
|
|
2018-05-19 23:58:14 +00:00
|
|
|
# By making these 3 targets below (tsh, tctl and teleport) PHONY we are solving
|
|
|
|
# several problems:
|
|
|
|
# * Build will rely on go build internal caching https://golang.org/doc/go1.10 at all times
|
|
|
|
# * Manual change detection was broken on a large dependency tree
|
|
|
|
# If you are considering changing this behavior, please consult with dev team first
|
|
|
|
.PHONY: $(BUILDDIR)/tctl
|
|
|
|
$(BUILDDIR)/tctl:
|
2019-11-16 00:39:40 +00:00
|
|
|
GOOS=$(OS) GOARCH=$(ARCH) $(CGOFLAG) go build -tags "$(PAM_TAG) $(FIPS_TAG) $(BPF_TAG)" -o $(BUILDDIR)/tctl $(BUILDFLAGS) ./tool/tctl
|
2018-03-27 17:43:27 +00:00
|
|
|
|
2018-05-19 23:58:14 +00:00
|
|
|
.PHONY: $(BUILDDIR)/teleport
|
2020-04-15 19:35:26 +00:00
|
|
|
$(BUILDDIR)/teleport: ensure-webassets
|
2019-11-16 00:39:40 +00:00
|
|
|
GOOS=$(OS) GOARCH=$(ARCH) $(CGOFLAG) go build -tags "$(PAM_TAG) $(FIPS_TAG) $(BPF_TAG)" -o $(BUILDDIR)/teleport $(BUILDFLAGS) ./tool/teleport
|
2018-03-27 17:43:27 +00:00
|
|
|
|
2018-05-19 23:58:14 +00:00
|
|
|
.PHONY: $(BUILDDIR)/tsh
|
|
|
|
$(BUILDDIR)/tsh:
|
2019-03-12 22:30:44 +00:00
|
|
|
GOOS=$(OS) GOARCH=$(ARCH) $(CGOFLAG) go build -tags "$(PAM_TAG) $(FIPS_TAG)" -o $(BUILDDIR)/tsh $(BUILDFLAGS) ./tool/tsh
|
2016-03-22 19:15:17 +00:00
|
|
|
|
2016-06-14 23:52:32 +00:00
|
|
|
#
|
2018-07-31 20:41:33 +00:00
|
|
|
# make full - Builds Teleport binaries with the built-in web assets and
|
|
|
|
# places them into $(BUILDDIR). On Windows, this target is skipped because
|
|
|
|
# only tsh is built.
|
2017-09-17 23:24:11 +00:00
|
|
|
#
|
|
|
|
.PHONY:full
|
|
|
|
full: all $(BUILDDIR)/webassets.zip
|
2018-07-31 20:41:33 +00:00
|
|
|
ifneq ("$(OS)", "windows")
|
2018-09-27 01:21:45 +00:00
|
|
|
@echo "---> Attaching OSS web assets."
|
2017-09-17 23:24:11 +00:00
|
|
|
cat $(BUILDDIR)/webassets.zip >> $(BUILDDIR)/teleport
|
|
|
|
rm -fr $(BUILDDIR)/webassets.zip
|
|
|
|
zip -q -A $(BUILDDIR)/teleport
|
2018-07-31 20:41:33 +00:00
|
|
|
endif
|
2016-03-18 21:54:20 +00:00
|
|
|
|
2018-07-31 20:41:33 +00:00
|
|
|
#
|
|
|
|
# make clean - Removed all build artifacts.
|
|
|
|
#
|
2016-03-19 20:43:23 +00:00
|
|
|
.PHONY: clean
|
2016-01-17 22:50:00 +00:00
|
|
|
clean:
|
2018-09-27 01:21:45 +00:00
|
|
|
@echo "---> Cleaning up OSS build artifacts."
|
2016-03-19 20:43:23 +00:00
|
|
|
rm -rf $(BUILDDIR)
|
2019-05-03 21:14:12 +00:00
|
|
|
-go clean -cache
|
2018-10-30 23:52:18 +00:00
|
|
|
rm -rf $(GOPKGDIR)
|
2016-06-14 23:52:32 +00:00
|
|
|
rm -rf teleport
|
2017-01-16 07:25:37 +00:00
|
|
|
rm -rf *.gz
|
2018-07-31 20:41:33 +00:00
|
|
|
rm -rf *.zip
|
2017-09-19 19:17:23 +00:00
|
|
|
rm -f gitref.go
|
2016-01-17 22:50:00 +00:00
|
|
|
|
2017-09-17 23:24:11 +00:00
|
|
|
#
|
2018-07-31 20:41:33 +00:00
|
|
|
# make release - Produces a binary release tarball.
|
2018-02-24 01:23:09 +00:00
|
|
|
#
|
|
|
|
.PHONY:
|
2017-09-17 23:24:11 +00:00
|
|
|
export
|
2018-07-31 20:41:33 +00:00
|
|
|
release:
|
2018-09-27 01:21:45 +00:00
|
|
|
@echo "---> $(RELEASE_MESSAGE)"
|
2018-07-31 20:41:33 +00:00
|
|
|
ifeq ("$(OS)", "windows")
|
|
|
|
$(MAKE) --no-print-directory release-windows
|
|
|
|
else
|
|
|
|
$(MAKE) --no-print-directory release-unix
|
|
|
|
endif
|
|
|
|
|
|
|
|
#
|
|
|
|
# make release-unix - Produces a binary release tarball containing teleport,
|
|
|
|
# tctl, and tsh.
|
|
|
|
#
|
|
|
|
.PHONY:
|
|
|
|
release-unix: clean full
|
2018-09-27 01:21:45 +00:00
|
|
|
@echo "---> Creating OSS release archive."
|
2017-09-17 23:24:11 +00:00
|
|
|
mkdir teleport
|
2017-09-19 19:54:02 +00:00
|
|
|
cp -rf $(BUILDDIR)/* \
|
2017-09-17 23:24:11 +00:00
|
|
|
examples \
|
|
|
|
build.assets/install\
|
|
|
|
README.md \
|
|
|
|
CHANGELOG.md \
|
|
|
|
teleport/
|
|
|
|
echo $(GITTAG) > teleport/VERSION
|
|
|
|
tar -czf $(RELEASE).tar.gz teleport
|
|
|
|
rm -rf teleport
|
2018-09-27 01:21:45 +00:00
|
|
|
@echo "---> Created $(RELEASE).tar.gz."
|
2018-07-31 20:41:33 +00:00
|
|
|
@if [ -f e/Makefile ]; then $(MAKE) -C e release; fi
|
|
|
|
|
|
|
|
#
|
|
|
|
# make release-windows - Produces a binary release tarball containing teleport,
|
|
|
|
# tctl, and tsh.
|
|
|
|
#
|
|
|
|
.PHONY:
|
|
|
|
release-windows: clean all
|
2018-09-27 01:21:45 +00:00
|
|
|
@echo "---> Creating OSS release archive."
|
2018-07-31 20:41:33 +00:00
|
|
|
mkdir teleport
|
|
|
|
cp -rf $(BUILDDIR)/* \
|
|
|
|
README.md \
|
|
|
|
CHANGELOG.md \
|
|
|
|
teleport/
|
|
|
|
mv teleport/tsh teleport/tsh.exe
|
|
|
|
echo $(GITTAG) > teleport/VERSION
|
|
|
|
zip -9 -y -r -q $(RELEASE).zip teleport/
|
|
|
|
rm -rf teleport/
|
2018-09-27 01:21:45 +00:00
|
|
|
@echo "---> Created $(RELEASE).zip."
|
2017-01-28 02:26:27 +00:00
|
|
|
|
2016-03-19 17:32:08 +00:00
|
|
|
#
|
2016-03-22 17:11:12 +00:00
|
|
|
# Builds docs using containerized mkdocs
|
2016-03-19 17:32:08 +00:00
|
|
|
#
|
|
|
|
.PHONY:docs
|
2020-06-18 00:09:41 +00:00
|
|
|
docs: docs-test
|
2016-03-19 17:32:08 +00:00
|
|
|
$(MAKE) -C build.assets docs
|
|
|
|
|
2016-05-14 23:44:41 +00:00
|
|
|
#
|
|
|
|
# Runs the documentation site inside a container on localhost with live updates
|
|
|
|
# Convenient for editing documentation.
|
|
|
|
#
|
|
|
|
.PHONY:run-docs
|
|
|
|
run-docs:
|
|
|
|
$(MAKE) -C build.assets run-docs
|
|
|
|
|
2020-06-18 00:09:41 +00:00
|
|
|
#
|
|
|
|
# Remove trailing whitespace in all markdown files under docs/.
|
|
|
|
#
|
|
|
|
# Note: this runs in a busybox container to avoid incompatibilities between
|
|
|
|
# linux and macos CLI tools.
|
|
|
|
#
|
|
|
|
.PHONY:docs-fix-whitespace
|
|
|
|
docs-fix-whitespace:
|
|
|
|
docker run --rm -v $(PWD):/teleport busybox \
|
|
|
|
find /teleport/docs/ -type f -name '*.md' -exec sed -E -i 's/\s+$$//g' '{}' \;
|
|
|
|
|
|
|
|
#
|
|
|
|
# Test docs for trailing whitespace and broken links
|
|
|
|
#
|
|
|
|
.PHONY:docs-test
|
|
|
|
docs-test: docs-test-whitespace docs-test-links
|
|
|
|
|
|
|
|
#
|
|
|
|
# Check for trailing whitespace in all markdown files under docs/
|
|
|
|
#
|
|
|
|
.PHONY:docs-test-whitespace
|
|
|
|
docs-test-whitespace:
|
|
|
|
if find docs/ -type f -name '*.md' | xargs grep -E '\s+$$'; then \
|
|
|
|
echo "trailing whitespace found in docs/ (see above)"; \
|
|
|
|
echo "run 'make docs-fix-whitespace' to fix it"; \
|
|
|
|
exit 1; \
|
|
|
|
fi
|
|
|
|
|
|
|
|
#
|
|
|
|
# Run milv in docs to detect broken links.
|
|
|
|
# milv is installed if missing.
|
|
|
|
#
|
|
|
|
.PHONY:docs-test-links
|
|
|
|
docs-test-links: DOCS_FOLDERS := $(shell find . -name milv.config.yaml -exec dirname {} \;)
|
|
|
|
docs-test-links:
|
|
|
|
go get -v github.com/magicmatatjahu/milv
|
|
|
|
for docs_dir in $(DOCS_FOLDERS); do \
|
|
|
|
echo "running milv in $${docs_dir}"; \
|
|
|
|
cd $${docs_dir} && milv ; cd $(PWD); \
|
|
|
|
done
|
|
|
|
|
2016-02-16 21:18:58 +00:00
|
|
|
#
|
|
|
|
# tests everything: called by Jenkins
|
|
|
|
#
|
2016-03-23 18:12:24 +00:00
|
|
|
.PHONY: test
|
2020-04-15 19:35:26 +00:00
|
|
|
test: ensure-webassets
|
2020-04-08 17:31:02 +00:00
|
|
|
test: FLAGS ?= '-race'
|
|
|
|
test: PACKAGES := $(shell go list ./... | grep -v integration)
|
2017-09-13 22:25:38 +00:00
|
|
|
test: $(VERSRC)
|
2020-04-08 17:31:02 +00:00
|
|
|
go test -tags "$(PAM_TAG) $(FIPS_TAG) $(BPF_TAG)" $(PACKAGES) $(FLAGS) $(ADDFLAGS)
|
2016-02-24 07:35:25 +00:00
|
|
|
|
2016-04-14 21:42:10 +00:00
|
|
|
#
|
2020-04-17 15:57:10 +00:00
|
|
|
# Integration tests. Need a TTY to work.
|
2016-04-14 21:42:10 +00:00
|
|
|
#
|
|
|
|
.PHONY: integration
|
2020-04-17 15:57:10 +00:00
|
|
|
integration: FLAGS ?= -v -race
|
2018-02-24 01:23:09 +00:00
|
|
|
integration:
|
2018-06-15 22:05:15 +00:00
|
|
|
@echo KUBECONFIG is: $(KUBECONFIG), TEST_KUBE: $(TEST_KUBE)
|
2020-04-17 15:57:10 +00:00
|
|
|
go test -tags "$(PAM_TAG) $(FIPS_TAG) $(BPF_TAG)" ./integration/... $(FLAGS)
|
2016-03-23 00:03:58 +00:00
|
|
|
|
2020-04-10 18:37:09 +00:00
|
|
|
#
|
|
|
|
# Lint the Go code.
|
|
|
|
# By default lint scans the entire repo. Pass FLAGS='--new' to only scan local
|
|
|
|
# changes (or last commit).
|
|
|
|
#
|
|
|
|
.PHONY: lint
|
|
|
|
lint: FLAGS ?=
|
|
|
|
lint:
|
|
|
|
golangci-lint run \
|
|
|
|
--disable-all \
|
|
|
|
--exclude-use-default \
|
2020-05-11 18:36:50 +00:00
|
|
|
--exclude='S1002: should omit comparison to bool constant' \
|
2020-04-10 18:37:09 +00:00
|
|
|
--skip-dirs vendor \
|
2020-04-13 23:35:46 +00:00
|
|
|
--uniq-by-line=false \
|
|
|
|
--max-same-issues=0 \
|
2020-04-10 18:37:09 +00:00
|
|
|
--max-issues-per-linter 0 \
|
2020-04-16 17:46:00 +00:00
|
|
|
--timeout=5m \
|
2020-04-13 23:35:46 +00:00
|
|
|
--enable $(GO_LINTERS) \
|
2020-04-10 18:37:09 +00:00
|
|
|
$(FLAGS)
|
|
|
|
|
2017-01-25 03:36:30 +00:00
|
|
|
# This rule triggers re-generation of version.go and gitref.go if Makefile changes
|
|
|
|
$(VERSRC): Makefile
|
2016-12-31 08:13:41 +00:00
|
|
|
VERSION=$(VERSION) $(MAKE) -f version.mk setver
|
2016-06-13 18:27:19 +00:00
|
|
|
|
2016-06-15 17:50:45 +00:00
|
|
|
# make tag - prints a tag to use with git for the current version
|
|
|
|
# To put a new release on Github:
|
|
|
|
# - bump VERSION variable
|
|
|
|
# - run make setver
|
|
|
|
# - commit changes to git
|
|
|
|
# - build binaries with 'make release'
|
|
|
|
# - run `make tag` and use its output to 'git tag' and 'git push --tags'
|
|
|
|
.PHONY: tag
|
|
|
|
tag:
|
|
|
|
@echo "Run this:\n> git tag $(GITTAG)\n> git push --tags"
|
2016-03-23 00:03:58 +00:00
|
|
|
|
|
|
|
|
2017-01-16 00:27:19 +00:00
|
|
|
# build/webassets.zip archive contains the web assets (UI) which gets
|
|
|
|
# appended to teleport binary
|
|
|
|
$(BUILDDIR)/webassets.zip:
|
2018-07-31 20:41:33 +00:00
|
|
|
ifneq ("$(OS)", "windows")
|
2018-09-27 01:21:45 +00:00
|
|
|
@echo "---> Building OSS web assets."
|
2020-04-15 19:35:26 +00:00
|
|
|
cd webassets/teleport/ ; zip -qr ../../$(BUILDDIR)/webassets.zip .
|
2018-07-31 20:41:33 +00:00
|
|
|
endif
|
2015-03-02 20:11:23 +00:00
|
|
|
|
2016-03-23 18:12:24 +00:00
|
|
|
.PHONY: test-package
|
|
|
|
test-package: remove-temp-files
|
2019-04-17 17:16:28 +00:00
|
|
|
go test -v ./$(p)
|
2015-03-02 20:11:23 +00:00
|
|
|
|
2016-03-23 18:12:24 +00:00
|
|
|
.PHONY: test-grep-package
|
|
|
|
test-grep-package: remove-temp-files
|
2015-03-02 20:11:23 +00:00
|
|
|
go test -v ./$(p) -check.f=$(e)
|
|
|
|
|
2016-03-23 18:12:24 +00:00
|
|
|
.PHONY: cover-package
|
2015-05-04 15:28:32 +00:00
|
|
|
cover-package: remove-temp-files
|
2015-03-02 20:11:23 +00:00
|
|
|
go test -v ./$(p) -coverprofile=/tmp/coverage.out
|
|
|
|
go tool cover -html=/tmp/coverage.out
|
|
|
|
|
2016-03-23 18:12:24 +00:00
|
|
|
.PHONY: profile
|
2015-03-02 20:11:23 +00:00
|
|
|
profile:
|
|
|
|
go tool pprof http://localhost:6060/debug/pprof/profile
|
|
|
|
|
2016-03-23 18:12:24 +00:00
|
|
|
.PHONY: sloccount
|
2015-03-02 20:11:23 +00:00
|
|
|
sloccount:
|
2016-02-24 01:26:23 +00:00
|
|
|
find . -path ./vendor -prune -o -name "*.go" -print0 | xargs -0 wc -l
|
2015-05-14 01:40:39 +00:00
|
|
|
|
2016-03-23 18:12:24 +00:00
|
|
|
.PHONY: remove-temp-files
|
|
|
|
remove-temp-files:
|
|
|
|
find . -name flymake_* -delete
|
2016-10-09 23:00:20 +00:00
|
|
|
|
2020-04-25 00:54:49 +00:00
|
|
|
# Dockerized build: useful for making Linux releases on OSX
|
2016-10-09 23:00:20 +00:00
|
|
|
.PHONY:docker
|
|
|
|
docker:
|
2020-04-25 00:54:49 +00:00
|
|
|
make -C build.assets build
|
|
|
|
|
|
|
|
# Dockerized build: useful for making Linux binaries on OSX
|
|
|
|
.PHONY:docker-binaries
|
|
|
|
docker-binaries:
|
|
|
|
make -C build.assets build-binaries
|
2016-12-21 00:39:11 +00:00
|
|
|
|
|
|
|
# Interactively enters a Docker container (which you can build and run Teleport inside of)
|
|
|
|
.PHONY:enter
|
|
|
|
enter:
|
|
|
|
make -C build.assets enter
|
2017-05-27 01:03:19 +00:00
|
|
|
|
Events and GRPC API
This commit introduces several key changes to
Teleport backend and API infrastructure
in order to achieve scalability improvements
on 10K+ node deployments.
Events and plain keyspace
--------------------------
New backend interface supports events,
pagination and range queries
and moves away from buckets to
plain keyspace, what better aligns
with DynamoDB and Etcd featuring similar
interfaces.
All backend implementations are
exposing Events API, allowing
multiple subscribers to consume the same
event stream and avoid polling database.
Replacing BoltDB, Dir with SQLite
-------------------------------
BoltDB backend does not support
having two processes access the database at the
same time. This prevented Teleport
using BoltDB backend to be live reloaded.
SQLite supports reads/writes by multiple
processes and makes Dir backend obsolete
as SQLite is more efficient on larger collections,
supports transactions and can detect data
corruption.
Teleport automatically migrates data from
Bolt and Dir backends into SQLite.
GRPC API and protobuf resources
-------------------------------
GRPC API has been introduced for
the auth server. The auth server now serves both GRPC
and JSON-HTTP API on the same TLS socket and uses
the same client certificate authentication.
All future API methods should use GRPC and HTTP-JSON
API is considered obsolete.
In addition to that some resources like
Server and CertificateAuthority are now
generated from protobuf service specifications in
a way that is fully backward compatible with
original JSON spec and schema, so the same resource
can be encoded and decoded from JSON, YAML
and protobuf.
All models should be refactored
into new proto specification over time.
Streaming presence service
--------------------------
In order to cut bandwidth, nodes
are sending full updates only when changes
to labels or spec have occured, otherwise
new light-weight GRPC keep alive updates are sent
over to the presence service, reducing
bandwidth usage on multi-node deployments.
In addition to that nodes are no longer polling
auth server for certificate authority rotation
updates, instead they subscribe to event updates
to detect updates as soon as they happen.
This is a new API, so the errors are inevitable,
that's why polling is still done, but
on a way slower rate.
2018-11-07 23:33:38 +00:00
|
|
|
PROTOC_VER ?= 3.6.1
|
|
|
|
GOGO_PROTO_TAG ?= v1.1.1
|
2017-05-27 01:03:19 +00:00
|
|
|
PLATFORM := linux-x86_64
|
|
|
|
BUILDBOX_TAG := teleport-grpc-buildbox:0.0.1
|
|
|
|
|
|
|
|
# buildbox builds docker buildbox image used to compile binaries and generate GRPc stuff
|
|
|
|
.PHONY: buildbox
|
|
|
|
buildbox:
|
|
|
|
cd build.assets/grpc && docker build \
|
|
|
|
--build-arg PROTOC_VER=$(PROTOC_VER) \
|
|
|
|
--build-arg GOGO_PROTO_TAG=$(GOGO_PROTO_TAG) \
|
|
|
|
--build-arg PLATFORM=$(PLATFORM) \
|
|
|
|
-t $(BUILDBOX_TAG) .
|
|
|
|
|
|
|
|
# proto generates GRPC defs from service definitions
|
|
|
|
.PHONY: grpc
|
|
|
|
grpc: buildbox
|
2020-06-11 20:22:51 +00:00
|
|
|
docker run \
|
|
|
|
--rm \
|
|
|
|
-v $(shell pwd):/go/src/github.com/gravitational/teleport $(BUILDBOX_TAG) \
|
|
|
|
make -C /go/src/github.com/gravitational/teleport buildbox-grpc
|
2017-05-27 01:03:19 +00:00
|
|
|
|
|
|
|
# proto generates GRPC stuff inside buildbox
|
|
|
|
.PHONY: buildbox-grpc
|
|
|
|
buildbox-grpc:
|
|
|
|
# standard GRPC output
|
|
|
|
echo $$PROTO_INCLUDE
|
2020-04-15 19:35:26 +00:00
|
|
|
find lib/ -iname *.proto | xargs clang-format -i -style='{ColumnLimit: 100, IndentWidth: 4, Language: Proto}'
|
|
|
|
|
Events and GRPC API
This commit introduces several key changes to
Teleport backend and API infrastructure
in order to achieve scalability improvements
on 10K+ node deployments.
Events and plain keyspace
--------------------------
New backend interface supports events,
pagination and range queries
and moves away from buckets to
plain keyspace, what better aligns
with DynamoDB and Etcd featuring similar
interfaces.
All backend implementations are
exposing Events API, allowing
multiple subscribers to consume the same
event stream and avoid polling database.
Replacing BoltDB, Dir with SQLite
-------------------------------
BoltDB backend does not support
having two processes access the database at the
same time. This prevented Teleport
using BoltDB backend to be live reloaded.
SQLite supports reads/writes by multiple
processes and makes Dir backend obsolete
as SQLite is more efficient on larger collections,
supports transactions and can detect data
corruption.
Teleport automatically migrates data from
Bolt and Dir backends into SQLite.
GRPC API and protobuf resources
-------------------------------
GRPC API has been introduced for
the auth server. The auth server now serves both GRPC
and JSON-HTTP API on the same TLS socket and uses
the same client certificate authentication.
All future API methods should use GRPC and HTTP-JSON
API is considered obsolete.
In addition to that some resources like
Server and CertificateAuthority are now
generated from protobuf service specifications in
a way that is fully backward compatible with
original JSON spec and schema, so the same resource
can be encoded and decoded from JSON, YAML
and protobuf.
All models should be refactored
into new proto specification over time.
Streaming presence service
--------------------------
In order to cut bandwidth, nodes
are sending full updates only when changes
to labels or spec have occured, otherwise
new light-weight GRPC keep alive updates are sent
over to the presence service, reducing
bandwidth usage on multi-node deployments.
In addition to that nodes are no longer polling
auth server for certificate authority rotation
updates, instead they subscribe to event updates
to detect updates as soon as they happen.
This is a new API, so the errors are inevitable,
that's why polling is still done, but
on a way slower rate.
2018-11-07 23:33:38 +00:00
|
|
|
cd lib/events && protoc -I=.:$$PROTO_INCLUDE \
|
|
|
|
--gofast_out=plugins=grpc:.\
|
|
|
|
*.proto
|
|
|
|
|
|
|
|
cd lib/services && protoc -I=.:$$PROTO_INCLUDE \
|
|
|
|
--gofast_out=plugins=grpc:.\
|
|
|
|
*.proto
|
|
|
|
|
|
|
|
cd lib/auth/proto && protoc -I=.:$$PROTO_INCLUDE \
|
2018-09-05 21:03:31 +00:00
|
|
|
--gofast_out=plugins=grpc:.\
|
2017-05-27 01:03:19 +00:00
|
|
|
*.proto
|
|
|
|
|
2019-08-02 00:19:49 +00:00
|
|
|
cd lib/wrappers && protoc -I=.:$$PROTO_INCLUDE \
|
|
|
|
--gofast_out=plugins=grpc:.\
|
|
|
|
*.proto
|
|
|
|
|
2017-09-17 23:24:11 +00:00
|
|
|
.PHONY: goinstall
|
|
|
|
goinstall:
|
|
|
|
go install $(BUILDFLAGS) \
|
|
|
|
github.com/gravitational/teleport/tool/tsh \
|
|
|
|
github.com/gravitational/teleport/tool/teleport \
|
|
|
|
github.com/gravitational/teleport/tool/tctl
|
|
|
|
|
2018-02-24 01:23:09 +00:00
|
|
|
# make install will installs system-wide teleport
|
2017-09-17 23:24:11 +00:00
|
|
|
.PHONY: install
|
|
|
|
install: build
|
|
|
|
@echo "\n** Make sure to run 'make install' as root! **\n"
|
|
|
|
cp -f $(BUILDDIR)/tctl $(BINDIR)/
|
|
|
|
cp -f $(BUILDDIR)/tsh $(BINDIR)/
|
|
|
|
cp -f $(BUILDDIR)/teleport $(BINDIR)/
|
|
|
|
mkdir -p $(DATADIR)
|
|
|
|
|
2018-05-19 23:58:14 +00:00
|
|
|
|
2020-04-25 00:54:49 +00:00
|
|
|
# Docker image build. Always build the binaries themselves within docker (see
|
|
|
|
# the "docker" rule) to avoid dependencies on the host libc version.
|
2018-05-19 23:58:14 +00:00
|
|
|
.PHONY: image
|
2020-04-25 00:54:49 +00:00
|
|
|
image: docker-binaries
|
2018-06-20 23:36:54 +00:00
|
|
|
cp ./build.assets/charts/Dockerfile $(BUILDDIR)/
|
2019-10-08 14:09:56 +00:00
|
|
|
cd $(BUILDDIR) && docker build --no-cache . -t $(DOCKER_IMAGE):$(VERSION)
|
2018-05-19 23:58:14 +00:00
|
|
|
if [ -f e/Makefile ]; then $(MAKE) -C e image; fi
|
|
|
|
|
|
|
|
.PHONY: publish
|
2020-04-25 00:54:49 +00:00
|
|
|
publish: image
|
2019-10-08 14:09:56 +00:00
|
|
|
docker push $(DOCKER_IMAGE):$(VERSION)
|
2018-05-19 23:58:14 +00:00
|
|
|
if [ -f e/Makefile ]; then $(MAKE) -C e publish; fi
|
|
|
|
|
|
|
|
.PHONY: print-version
|
|
|
|
print-version:
|
|
|
|
@echo $(VERSION)
|
|
|
|
|
|
|
|
.PHONY: chart-ent
|
|
|
|
chart-ent:
|
|
|
|
$(MAKE) -C e chart
|
2019-07-12 17:47:59 +00:00
|
|
|
|
|
|
|
RUNTIME_SECTION ?=
|
|
|
|
TARBALL_PATH_SECTION ?=
|
|
|
|
|
|
|
|
ifneq ("$(RUNTIME)", "")
|
|
|
|
RUNTIME_SECTION := -r $(RUNTIME)
|
|
|
|
endif
|
|
|
|
ifneq ("$(OSS_TARBALL_PATH)", "")
|
|
|
|
TARBALL_PATH_SECTION := -s $(OSS_TARBALL_PATH)
|
|
|
|
endif
|
|
|
|
|
|
|
|
# build .pkg
|
|
|
|
.PHONY: pkg
|
|
|
|
pkg:
|
|
|
|
cp ./build.assets/build-package.sh $(BUILDDIR)/
|
|
|
|
chmod +x $(BUILDDIR)/build-package.sh
|
|
|
|
# arch and runtime are currently ignored on OS X
|
|
|
|
# we pass them through for consistency - they will be dropped by the build script
|
|
|
|
cd $(BUILDDIR) && ./build-package.sh -t oss -v $(VERSION) -p pkg -a $(ARCH) $(RUNTIME_SECTION) $(TARBALL_PATH_SECTION)
|
|
|
|
if [ -f e/Makefile ]; then $(MAKE) -C e pkg; fi
|
|
|
|
|
2019-12-20 00:42:50 +00:00
|
|
|
# build tsh client-only .pkg
|
|
|
|
.PHONY: pkg-tsh
|
|
|
|
pkg-tsh:
|
|
|
|
cp ./build.assets/build-package.sh $(BUILDDIR)/
|
|
|
|
chmod +x $(BUILDDIR)/build-package.sh
|
|
|
|
# arch and runtime are currently ignored on OS X
|
|
|
|
# we pass them through for consistency - they will be dropped by the build script
|
|
|
|
cd $(BUILDDIR) && ./build-package.sh -t oss -v $(VERSION) -p pkg -a $(ARCH) -m tsh $(RUNTIME_SECTION) $(TARBALL_PATH_SECTION)
|
|
|
|
|
2019-07-12 17:47:59 +00:00
|
|
|
# build .rpm
|
|
|
|
.PHONY: rpm
|
|
|
|
rpm:
|
|
|
|
cp ./build.assets/build-package.sh $(BUILDDIR)/
|
|
|
|
chmod +x $(BUILDDIR)/build-package.sh
|
|
|
|
cd $(BUILDDIR) && ./build-package.sh -t oss -v $(VERSION) -p rpm -a $(ARCH) $(RUNTIME_SECTION) $(TARBALL_PATH_SECTION)
|
|
|
|
if [ -f e/Makefile ]; then $(MAKE) -C e rpm; fi
|
|
|
|
|
|
|
|
# build .deb
|
|
|
|
.PHONY: deb
|
|
|
|
deb:
|
|
|
|
cp ./build.assets/build-package.sh $(BUILDDIR)/
|
|
|
|
chmod +x $(BUILDDIR)/build-package.sh
|
|
|
|
cd $(BUILDDIR) && ./build-package.sh -t oss -v $(VERSION) -p deb -a $(ARCH) $(RUNTIME_SECTION) $(TARBALL_PATH_SECTION)
|
|
|
|
if [ -f e/Makefile ]; then $(MAKE) -C e deb; fi
|
|
|
|
|
2020-03-27 17:13:55 +00:00
|
|
|
# update Helm chart versions
|
|
|
|
# this isn't a 'proper' semver regex but should cover most cases
|
2020-03-27 17:15:33 +00:00
|
|
|
# the order of parameters in sed's extended regex mode matters; the
|
2020-03-27 17:13:55 +00:00
|
|
|
# dash (-) must be the last character for this to work as expected
|
|
|
|
.PHONY: update-helm-charts
|
|
|
|
update-helm-charts:
|
|
|
|
sed -i -E "s/^ tag: [a-z0-9.-]+$$/ tag: $(VERSION)/" examples/chart/teleport/values.yaml
|
|
|
|
sed -i -E "s/^teleportVersion: [a-z0-9.-]+$$/teleportVersion: $(VERSION)/" examples/chart/teleport-demo/values.yaml
|
2020-04-15 19:35:26 +00:00
|
|
|
|
|
|
|
.PHONY: ensure-webassets
|
|
|
|
ensure-webassets:
|
|
|
|
@if [ ! -d $(shell pwd)/webassets/teleport/ ]; then \
|
|
|
|
$(MAKE) init-webapps-submodules; \
|
|
|
|
fi;
|
|
|
|
|
|
|
|
.PHONY: ensure-webassets-e
|
|
|
|
ensure-webassets-e:
|
|
|
|
@if [ ! -d $(shell pwd)/webassets/e/teleport ]; then \
|
|
|
|
$(MAKE) init-webapps-submodules-e; \
|
|
|
|
fi;
|
|
|
|
|
|
|
|
.PHONY: init-webapps-submodules
|
|
|
|
init-webapps-submodules:
|
|
|
|
echo "init webassets submodule"
|
|
|
|
git submodule update --init webassets
|
|
|
|
|
|
|
|
.PHONY: init-webapps-submodules-e
|
|
|
|
init-webapps-submodules-e:
|
|
|
|
echo "init webassets oss and enterprise submodules"
|
|
|
|
git submodule update --init --recursive webassets
|
|
|
|
|
|
|
|
.PHONY: init-submodules-e
|
|
|
|
init-submodules-e: init-webapps-submodules-e
|
|
|
|
git submodule init e
|
2020-04-17 15:57:10 +00:00
|
|
|
git submodule update
|