2020-06-25 17:29:10 +00:00
|
|
|
---
|
|
|
|
|
kind: pipeline
|
|
|
|
|
type: kubernetes
|
|
|
|
|
name: test
|
|
|
|
|
|
|
|
|
|
environment:
|
2020-07-10 17:05:18 +00:00
|
|
|
RUNTIME: go1.14.4
|
2020-06-25 17:29:10 +00:00
|
|
|
UID: 1000
|
|
|
|
|
GID: 1000
|
|
|
|
|
|
|
|
|
|
trigger:
|
|
|
|
|
event:
|
2020-09-01 17:28:47 +00:00
|
|
|
include:
|
|
|
|
|
- pull_request
|
2020-07-28 20:59:08 +00:00
|
|
|
repo:
|
|
|
|
|
include:
|
|
|
|
|
- gravitational/*
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
workspace:
|
|
|
|
|
path: /go
|
|
|
|
|
|
|
|
|
|
clone:
|
|
|
|
|
disable: true
|
|
|
|
|
|
|
|
|
|
steps:
|
|
|
|
|
- name: Check out code
|
2020-07-24 23:37:14 +00:00
|
|
|
image: docker:git
|
|
|
|
|
environment:
|
|
|
|
|
GITHUB_PRIVATE_KEY:
|
|
|
|
|
from_secret: GITHUB_PRIVATE_KEY
|
|
|
|
|
commands:
|
2020-07-28 20:59:08 +00:00
|
|
|
- mkdir -p /go/src/github.com/gravitational/teleport /go/cache
|
2020-07-24 23:37:14 +00:00
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
2020-07-28 20:59:08 +00:00
|
|
|
- git init && git remote add origin ${DRONE_REMOTE_URL}
|
|
|
|
|
- |
|
|
|
|
|
# handle pull requests
|
|
|
|
|
if [ "${DRONE_BUILD_EVENT}" = "pull_request" ]; then
|
|
|
|
|
git fetch origin +refs/heads/${DRONE_COMMIT_BRANCH}:
|
|
|
|
|
git checkout ${DRONE_COMMIT_BRANCH}
|
|
|
|
|
git fetch origin ${DRONE_COMMIT_REF}:
|
|
|
|
|
git merge ${DRONE_COMMIT}
|
|
|
|
|
# handle tags
|
|
|
|
|
elif [ "${DRONE_BUILD_EVENT}" = "tag" ]; then
|
|
|
|
|
git fetch origin +refs/tags/${DRONE_TAG}:
|
|
|
|
|
git checkout -qf FETCH_HEAD
|
|
|
|
|
# handle pushes/other events
|
|
|
|
|
else
|
|
|
|
|
if [ "${DRONE_COMMIT_BRANCH}" = "" ]; then
|
|
|
|
|
git fetch origin
|
|
|
|
|
git checkout -qf ${DRONE_COMMIT_SHA}
|
|
|
|
|
else
|
|
|
|
|
git fetch origin +refs/heads/${DRONE_COMMIT_BRANCH}:
|
|
|
|
|
git checkout ${DRONE_COMMIT} -b ${DRONE_COMMIT_BRANCH}
|
|
|
|
|
fi
|
|
|
|
|
fi
|
2020-07-17 00:43:18 +00:00
|
|
|
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
|
2020-07-28 20:59:08 +00:00
|
|
|
- git submodule update --init webassets || true
|
|
|
|
|
# use the Github API to check whether this PR comes from a forked repo or not
|
|
|
|
|
# if it does, don't check out the Enterprise code
|
|
|
|
|
- |
|
|
|
|
|
if [ "${DRONE_BUILD_EVENT}" = "pull_request" ]; then
|
|
|
|
|
apk add --no-cache curl jq
|
|
|
|
|
export PR_REPO=$(curl -Ls https://api.github.com/repos/gravitational/teleport/pulls/${DRONE_PULL_REQUEST} | jq -r '.head.repo.full_name')
|
2020-08-31 21:01:48 +00:00
|
|
|
echo "---> Source repo for PR ${DRONE_PULL_REQUEST}: $${PR_REPO}"
|
2020-07-28 20:59:08 +00:00
|
|
|
# if the source repo for the PR matches DRONE_REPO, then this is not a PR raised from a fork
|
|
|
|
|
if [ "$${PR_REPO}" = "${DRONE_REPO}" ]; then
|
|
|
|
|
mkdir -m 0700 /root/.ssh && echo "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa && chmod 600 /root/.ssh/id_rsa
|
|
|
|
|
ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
|
|
|
|
|
git submodule update --init e
|
|
|
|
|
# do a recursive submodule checkout to get both webassets and webassets/e
|
|
|
|
|
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
|
|
|
|
|
git submodule update --init --recursive webassets || true
|
|
|
|
|
rm -f /root/.ssh/id_rsa
|
|
|
|
|
fi
|
|
|
|
|
fi
|
2020-06-25 17:29:10 +00:00
|
|
|
|
2020-07-09 01:46:11 +00:00
|
|
|
- name: Build buildbox
|
|
|
|
|
image: docker
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
commands:
|
|
|
|
|
- apk add --no-cache make
|
|
|
|
|
- chown -R $UID:$GID /go
|
|
|
|
|
- docker pull quay.io/gravitational/teleport-buildbox:$RUNTIME || true
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
- make -C build.assets buildbox
|
|
|
|
|
|
2020-06-25 17:29:10 +00:00
|
|
|
- name: Run linter
|
2020-07-09 01:46:11 +00:00
|
|
|
image: docker
|
2020-06-25 17:29:10 +00:00
|
|
|
environment:
|
2020-07-09 01:46:11 +00:00
|
|
|
GOPATH: /go
|
2020-06-25 17:29:10 +00:00
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
commands:
|
2020-07-09 01:46:11 +00:00
|
|
|
- apk add --no-cache make
|
2020-06-25 17:29:10 +00:00
|
|
|
- chown -R $UID:$GID /go
|
2020-07-09 01:46:11 +00:00
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
- make -C build.assets lint
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
- name: Run unit tests
|
2020-07-09 01:46:11 +00:00
|
|
|
image: docker
|
2020-06-25 17:29:10 +00:00
|
|
|
environment:
|
2020-07-09 01:46:11 +00:00
|
|
|
GOPATH: /go
|
2020-06-25 17:29:10 +00:00
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
commands:
|
2020-07-09 01:46:11 +00:00
|
|
|
- apk add --no-cache make
|
2020-06-25 17:29:10 +00:00
|
|
|
- chown -R $UID:$GID /go
|
2020-07-09 01:46:11 +00:00
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
- make -C build.assets test
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
- name: Run integration tests
|
2020-07-09 01:46:11 +00:00
|
|
|
image: docker
|
2020-06-25 17:29:10 +00:00
|
|
|
environment:
|
2020-07-09 01:46:11 +00:00
|
|
|
GOPATH: /go
|
2020-06-25 17:29:10 +00:00
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
commands:
|
2020-07-09 01:46:11 +00:00
|
|
|
- apk add --no-cache make
|
2020-06-25 17:29:10 +00:00
|
|
|
- chown -R $UID:$GID /go
|
2020-07-09 01:46:11 +00:00
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
- make -C build.assets integration
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
services:
|
|
|
|
|
- name: Start Docker
|
|
|
|
|
image: docker:dind
|
|
|
|
|
privileged: true
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
temp: {}
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
kind: pipeline
|
|
|
|
|
type: kubernetes
|
2020-08-31 21:01:48 +00:00
|
|
|
name: test-docs-internal
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
trigger:
|
|
|
|
|
event:
|
2020-09-01 17:28:47 +00:00
|
|
|
include:
|
|
|
|
|
- pull_request
|
2020-07-28 20:59:08 +00:00
|
|
|
repo:
|
|
|
|
|
include:
|
|
|
|
|
- gravitational/*
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
workspace:
|
|
|
|
|
path: /go
|
|
|
|
|
|
|
|
|
|
clone:
|
|
|
|
|
disable: true
|
|
|
|
|
|
|
|
|
|
steps:
|
|
|
|
|
- name: Check out code
|
2020-07-10 17:05:18 +00:00
|
|
|
image: golang:1.14.4
|
2020-06-25 17:29:10 +00:00
|
|
|
commands:
|
|
|
|
|
- mkdir -p /go/src/github.com/gravitational/teleport
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
2020-07-28 20:59:08 +00:00
|
|
|
- git init && git remote add origin ${DRONE_REMOTE_URL}
|
|
|
|
|
- |
|
|
|
|
|
# handle pull requests
|
|
|
|
|
if [ "${DRONE_BUILD_EVENT}" = "pull_request" ]; then
|
|
|
|
|
git fetch origin +refs/heads/${DRONE_COMMIT_BRANCH}:
|
|
|
|
|
git checkout ${DRONE_COMMIT_BRANCH}
|
|
|
|
|
git fetch origin ${DRONE_COMMIT_REF}:
|
|
|
|
|
git merge ${DRONE_COMMIT}
|
|
|
|
|
# handle tags
|
|
|
|
|
elif [ "${DRONE_BUILD_EVENT}" = "tag" ]; then
|
|
|
|
|
git fetch origin +refs/tags/${DRONE_TAG}:
|
|
|
|
|
git checkout -qf FETCH_HEAD
|
|
|
|
|
# handle pushes/other events
|
|
|
|
|
else
|
|
|
|
|
if [ "${DRONE_COMMIT_BRANCH}" = "" ]; then
|
|
|
|
|
git fetch origin
|
|
|
|
|
git checkout -qf ${DRONE_COMMIT_SHA}
|
|
|
|
|
else
|
|
|
|
|
git fetch origin +refs/heads/${DRONE_COMMIT_BRANCH}:
|
|
|
|
|
git checkout ${DRONE_COMMIT} -b ${DRONE_COMMIT_BRANCH}
|
|
|
|
|
fi
|
|
|
|
|
fi
|
2020-06-25 17:29:10 +00:00
|
|
|
|
2020-08-31 21:01:48 +00:00
|
|
|
- name: Run docs tests (internal links only)
|
2020-07-10 17:05:18 +00:00
|
|
|
image: golang:1.14.4
|
2020-06-25 17:29:10 +00:00
|
|
|
commands:
|
2020-06-26 18:55:52 +00:00
|
|
|
- |
|
|
|
|
|
cd /go/src/github.com/gravitational/teleport
|
2020-07-28 20:59:08 +00:00
|
|
|
git diff --raw ${DRONE_COMMIT}..origin/${DRONE_COMMIT_BRANCH:-master} | awk '{print $6}' | grep -E '^docs' | grep -v ^$ | cut -d/ -f2 | sort | uniq > /tmp/docs-versions-changed.txt
|
2020-06-26 18:55:52 +00:00
|
|
|
if [ $(stat --printf="%s" /tmp/docs-versions-changed.txt) -gt 0 ]; then
|
2020-08-31 21:01:48 +00:00
|
|
|
echo "---> Changes to docs detected, versions $(cat /tmp/docs-versions-changed.txt | tr '\n' ' ')"
|
2020-07-08 18:37:04 +00:00
|
|
|
# Check trailing whitespace
|
|
|
|
|
make docs-test-whitespace
|
|
|
|
|
# Check links
|
2020-06-26 18:55:52 +00:00
|
|
|
for VERSION in $(cat /tmp/docs-versions-changed.txt); do
|
|
|
|
|
if [ -f docs/$VERSION/milv.config.yaml ]; then
|
2020-08-31 21:01:48 +00:00
|
|
|
go get github.com/magicmatatjahu/milv
|
2020-06-26 18:55:52 +00:00
|
|
|
cd docs/$VERSION
|
2020-08-31 21:01:48 +00:00
|
|
|
echo "---> Running milv on docs/$VERSION:"
|
|
|
|
|
milv -ignore-external
|
|
|
|
|
echo "------------------------------\n"
|
2020-06-26 18:55:52 +00:00
|
|
|
cd -
|
|
|
|
|
else
|
2020-08-31 21:01:48 +00:00
|
|
|
echo "---> No milv config found, skipping docs/$VERSION"
|
2020-06-26 18:55:52 +00:00
|
|
|
fi
|
|
|
|
|
done
|
2020-08-31 21:01:48 +00:00
|
|
|
else echo "---> No changes to docs detected, not running tests"
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
kind: pipeline
|
|
|
|
|
type: kubernetes
|
|
|
|
|
name: test-docs-external
|
|
|
|
|
|
|
|
|
|
trigger:
|
|
|
|
|
event:
|
2020-09-01 17:28:47 +00:00
|
|
|
include:
|
|
|
|
|
- pull_request
|
2020-08-31 21:01:48 +00:00
|
|
|
repo:
|
|
|
|
|
include:
|
|
|
|
|
- gravitational/*
|
|
|
|
|
|
|
|
|
|
workspace:
|
|
|
|
|
path: /go
|
|
|
|
|
|
|
|
|
|
clone:
|
|
|
|
|
disable: true
|
|
|
|
|
|
|
|
|
|
steps:
|
|
|
|
|
- name: Check out code
|
|
|
|
|
image: golang:1.14.4
|
|
|
|
|
commands:
|
|
|
|
|
- mkdir -p /go/src/github.com/gravitational/teleport
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
- git init && git remote add origin ${DRONE_REMOTE_URL}
|
|
|
|
|
- |
|
|
|
|
|
# handle pull requests
|
|
|
|
|
if [ "${DRONE_BUILD_EVENT}" = "pull_request" ]; then
|
|
|
|
|
git fetch origin +refs/heads/${DRONE_COMMIT_BRANCH}:
|
|
|
|
|
git checkout ${DRONE_COMMIT_BRANCH}
|
|
|
|
|
git fetch origin ${DRONE_COMMIT_REF}:
|
|
|
|
|
git merge ${DRONE_COMMIT}
|
|
|
|
|
# handle tags
|
|
|
|
|
elif [ "${DRONE_BUILD_EVENT}" = "tag" ]; then
|
|
|
|
|
git fetch origin +refs/tags/${DRONE_TAG}:
|
|
|
|
|
git checkout -qf FETCH_HEAD
|
|
|
|
|
# handle pushes/other events
|
|
|
|
|
else
|
|
|
|
|
if [ "${DRONE_COMMIT_BRANCH}" = "" ]; then
|
|
|
|
|
git fetch origin
|
|
|
|
|
git checkout -qf ${DRONE_COMMIT_SHA}
|
|
|
|
|
else
|
|
|
|
|
git fetch origin +refs/heads/${DRONE_COMMIT_BRANCH}:
|
|
|
|
|
git checkout ${DRONE_COMMIT} -b ${DRONE_COMMIT_BRANCH}
|
|
|
|
|
fi
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
- name: Run docs tests (external links only)
|
|
|
|
|
image: golang:1.14.4
|
|
|
|
|
failure: ignore
|
|
|
|
|
commands:
|
|
|
|
|
- |
|
|
|
|
|
cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
git diff --raw ${DRONE_COMMIT}..origin/${DRONE_COMMIT_BRANCH:-master} | awk '{print $6}' | grep -E '^docs' | grep -v ^$ | cut -d/ -f2 | sort | uniq > /tmp/docs-versions-changed.txt
|
|
|
|
|
if [ $(stat --printf="%s" /tmp/docs-versions-changed.txt) -gt 0 ]; then
|
|
|
|
|
echo "---> Changes to docs detected, versions $(cat /tmp/docs-versions-changed.txt | tr '\n' ' ')"
|
|
|
|
|
# Check trailing whitespace
|
|
|
|
|
make docs-test-whitespace
|
|
|
|
|
# Check links
|
|
|
|
|
for VERSION in $(cat /tmp/docs-versions-changed.txt); do
|
|
|
|
|
if [ -f docs/$VERSION/milv.config.yaml ]; then
|
|
|
|
|
go get github.com/magicmatatjahu/milv
|
|
|
|
|
cd docs/$VERSION
|
|
|
|
|
echo "---> Running milv on docs/$VERSION:"
|
|
|
|
|
milv -ignore-internal
|
|
|
|
|
echo "------------------------------\n"
|
|
|
|
|
cd -
|
|
|
|
|
else
|
|
|
|
|
echo "---> No milv config found, skipping docs/$VERSION"
|
|
|
|
|
fi
|
|
|
|
|
done
|
|
|
|
|
else echo "---> No changes to docs detected, not running tests"
|
2020-06-26 18:55:52 +00:00
|
|
|
fi
|
2020-06-25 17:29:10 +00:00
|
|
|
|
2020-07-02 17:48:54 +00:00
|
|
|
---
|
|
|
|
|
kind: pipeline
|
|
|
|
|
type: kubernetes
|
2020-07-18 00:35:46 +00:00
|
|
|
name: teleport-docker-cron
|
2020-07-02 17:48:54 +00:00
|
|
|
|
|
|
|
|
trigger:
|
|
|
|
|
cron:
|
2020-07-18 00:35:46 +00:00
|
|
|
- teleport-docker-cron
|
2020-07-24 23:37:14 +00:00
|
|
|
repo:
|
|
|
|
|
include:
|
|
|
|
|
- gravitational/*
|
2020-07-02 17:48:54 +00:00
|
|
|
|
|
|
|
|
workspace:
|
2020-07-18 00:35:46 +00:00
|
|
|
path: /go
|
|
|
|
|
|
|
|
|
|
clone:
|
|
|
|
|
disable: true
|
|
|
|
|
|
|
|
|
|
steps:
|
|
|
|
|
- name: Set up variables and Dockerfile
|
|
|
|
|
image: docker:git
|
|
|
|
|
environment:
|
|
|
|
|
# increment these variables when a new major/minor version is released to bump the automatic builds
|
|
|
|
|
CURRENT_VERSION_ROOT: 4.3
|
|
|
|
|
PREVIOUS_VERSION_ONE_ROOT: 4.2
|
|
|
|
|
PREVIOUS_VERSION_TWO_ROOT: 4.1
|
|
|
|
|
commands:
|
|
|
|
|
- apk --update --no-cache add curl
|
|
|
|
|
- mkdir -p /go/build && cd /go/build
|
|
|
|
|
# CURRENT_VERSION
|
|
|
|
|
- echo $(git ls-remote --tags https://github.com/gravitational/teleport | cut -d'/' -f3 | grep $CURRENT_VERSION_ROOT | grep -Ev '(alpha|beta|dev|rc)' | sort -rV | head -n1) > /go/build/CURRENT_VERSION_TAG.txt
|
|
|
|
|
- echo "$(cat /go/build/CURRENT_VERSION_TAG.txt | cut -d. -f1-2 | cut -dv -f2)" > /go/build/CURRENT_VERSION_TAG_GENERIC.txt
|
|
|
|
|
# PREVIOUS_VERSION_ONE
|
|
|
|
|
- echo $(git ls-remote --tags https://github.com/gravitational/teleport | cut -d'/' -f3 | grep $PREVIOUS_VERSION_ONE_ROOT | grep -Ev '(alpha|beta|dev|rc)' | sort -rV | head -n1) > /go/build/PREVIOUS_VERSION_ONE_TAG.txt
|
|
|
|
|
- echo "$(cat /go/build/PREVIOUS_VERSION_ONE_TAG.txt | cut -d. -f1-2 | cut -dv -f2)" > /go/build/PREVIOUS_VERSION_ONE_TAG_GENERIC.txt
|
|
|
|
|
# PREVIOUS_VERSION_TWO
|
|
|
|
|
- echo $(git ls-remote --tags https://github.com/gravitational/teleport | cut -d'/' -f3 | grep $PREVIOUS_VERSION_TWO_ROOT | grep -Ev '(alpha|beta|dev|rc)' | sort -rV | head -n1) > /go/build/PREVIOUS_VERSION_TWO_TAG.txt
|
|
|
|
|
- echo "$(cat /go/build/PREVIOUS_VERSION_TWO_TAG.txt | cut -d. -f1-2 | cut -dv -f2)" > /go/build/PREVIOUS_VERSION_TWO_TAG_GENERIC.txt
|
|
|
|
|
- for FILE in /go/build/*.txt; do echo $FILE; cat $FILE; done
|
|
|
|
|
# get Dockerfile
|
|
|
|
|
- curl -Ls -o /go/build/Dockerfile-cron https://raw.githubusercontent.com/gravitational/teleport/${DRONE_SOURCE_BRANCH:-master}/build.assets/Dockerfile-cron
|
|
|
|
|
|
|
|
|
|
- name: Build and push Teleport containers (CURRENT_VERSION)
|
|
|
|
|
image: docker
|
|
|
|
|
environment:
|
|
|
|
|
OS: linux
|
|
|
|
|
ARCH: amd64
|
|
|
|
|
settings:
|
|
|
|
|
username:
|
|
|
|
|
from_secret: PRODUCTION_QUAYIO_DOCKER_USERNAME
|
|
|
|
|
password:
|
|
|
|
|
from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
commands:
|
|
|
|
|
- export VERSION_TAG=$(cat /go/build/CURRENT_VERSION_TAG.txt)
|
|
|
|
|
- export OSS_IMAGE_NAME="quay.io/gravitational/teleport:$(cat /go/build/CURRENT_VERSION_TAG_GENERIC.txt)"
|
|
|
|
|
- export ENT_IMAGE_NAME="quay.io/gravitational/teleport-ent:$(cat /go/build/CURRENT_VERSION_TAG_GENERIC.txt)"
|
|
|
|
|
- export ENT_FIPS_IMAGE_NAME="quay.io/gravitational/teleport-ent:$(cat /go/build/CURRENT_VERSION_TAG_GENERIC.txt)-fips"
|
|
|
|
|
- docker login -u="$PLUGIN_USERNAME" -p="$PLUGIN_PASSWORD" quay.io
|
|
|
|
|
# OSS
|
|
|
|
|
- docker build --build-arg DOWNLOAD_TYPE=teleport --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $OSS_IMAGE_NAME -f /go/build/Dockerfile-cron /go/build
|
|
|
|
|
- docker push $OSS_IMAGE_NAME
|
|
|
|
|
# Enterprise
|
|
|
|
|
- docker build --build-arg DOWNLOAD_TYPE=teleport-ent --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $ENT_IMAGE_NAME -f /go/build/Dockerfile-cron /go/build
|
|
|
|
|
- docker push $ENT_IMAGE_NAME
|
|
|
|
|
# Enterprise FIPS
|
|
|
|
|
- docker build --build-arg DOWNLOAD_TYPE=teleport-ent --build-arg EXTRA_DOWNLOAD_ARGS="-fips" --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $ENT_FIPS_IMAGE_NAME -f /go/build/Dockerfile-cron /go/build
|
|
|
|
|
- docker push $ENT_FIPS_IMAGE_NAME
|
|
|
|
|
|
|
|
|
|
- name: Build and push Teleport containers (PREVIOUS_VERSION_ONE)
|
|
|
|
|
image: docker
|
|
|
|
|
environment:
|
|
|
|
|
OS: linux
|
|
|
|
|
ARCH: amd64
|
|
|
|
|
settings:
|
|
|
|
|
username:
|
|
|
|
|
from_secret: PRODUCTION_QUAYIO_DOCKER_USERNAME
|
|
|
|
|
password:
|
|
|
|
|
from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
commands:
|
|
|
|
|
- export VERSION_TAG=$(cat /go/build/PREVIOUS_VERSION_ONE_TAG.txt)
|
|
|
|
|
- export OSS_IMAGE_NAME="quay.io/gravitational/teleport:$(cat /go/build/PREVIOUS_VERSION_ONE_TAG_GENERIC.txt)"
|
|
|
|
|
- export ENT_IMAGE_NAME="quay.io/gravitational/teleport-ent:$(cat /go/build/PREVIOUS_VERSION_ONE_TAG_GENERIC.txt)"
|
|
|
|
|
- export ENT_FIPS_IMAGE_NAME="quay.io/gravitational/teleport-ent:$(cat /go/build/PREVIOUS_VERSION_ONE_TAG_GENERIC.txt)-fips"
|
|
|
|
|
- docker login -u="$PLUGIN_USERNAME" -p="$PLUGIN_PASSWORD" quay.io
|
|
|
|
|
# OSS
|
|
|
|
|
- docker build --build-arg DOWNLOAD_TYPE=teleport --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $OSS_IMAGE_NAME -f /go/build/Dockerfile-cron /go/build
|
|
|
|
|
- docker push $OSS_IMAGE_NAME
|
|
|
|
|
# Enterprise
|
|
|
|
|
- docker build --build-arg DOWNLOAD_TYPE=teleport-ent --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $ENT_IMAGE_NAME -f /go/build/Dockerfile-cron /go/build
|
|
|
|
|
- docker push $ENT_IMAGE_NAME
|
|
|
|
|
# Enterprise FIPS
|
|
|
|
|
- docker build --build-arg DOWNLOAD_TYPE=teleport-ent --build-arg EXTRA_DOWNLOAD_ARGS="-fips" --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $ENT_FIPS_IMAGE_NAME -f /go/build/Dockerfile-cron /go/build
|
|
|
|
|
- docker push $ENT_FIPS_IMAGE_NAME
|
|
|
|
|
|
|
|
|
|
- name: Build and push Teleport containers (PREVIOUS_VERSION_TWO)
|
|
|
|
|
image: docker
|
|
|
|
|
environment:
|
|
|
|
|
OS: linux
|
|
|
|
|
ARCH: amd64
|
|
|
|
|
settings:
|
|
|
|
|
username:
|
|
|
|
|
from_secret: PRODUCTION_QUAYIO_DOCKER_USERNAME
|
|
|
|
|
password:
|
|
|
|
|
from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
commands:
|
|
|
|
|
- export VERSION_TAG=$(cat /go/build/PREVIOUS_VERSION_TWO_TAG.txt)
|
|
|
|
|
- export OSS_IMAGE_NAME="quay.io/gravitational/teleport:$(cat /go/build/PREVIOUS_VERSION_TWO_TAG_GENERIC.txt)"
|
|
|
|
|
- export ENT_IMAGE_NAME="quay.io/gravitational/teleport-ent:$(cat /go/build/PREVIOUS_VERSION_TWO_TAG_GENERIC.txt)"
|
|
|
|
|
- export ENT_FIPS_IMAGE_NAME="quay.io/gravitational/teleport-ent:$(cat /go/build/PREVIOUS_VERSION_TWO_TAG_GENERIC.txt)-fips"
|
|
|
|
|
- docker login -u="$PLUGIN_USERNAME" -p="$PLUGIN_PASSWORD" quay.io
|
|
|
|
|
# OSS
|
|
|
|
|
- docker build --build-arg DOWNLOAD_TYPE=teleport --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $OSS_IMAGE_NAME -f /go/build/Dockerfile-cron /go/build
|
|
|
|
|
- docker push $OSS_IMAGE_NAME
|
|
|
|
|
# Enterprise
|
|
|
|
|
- docker build --build-arg DOWNLOAD_TYPE=teleport-ent --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $ENT_IMAGE_NAME -f /go/build/Dockerfile-cron /go/build
|
|
|
|
|
- docker push $ENT_IMAGE_NAME
|
|
|
|
|
# Enterprise FIPS
|
|
|
|
|
- docker build --build-arg DOWNLOAD_TYPE=teleport-ent --build-arg EXTRA_DOWNLOAD_ARGS="-fips" --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $ENT_FIPS_IMAGE_NAME -f /go/build/Dockerfile-cron /go/build
|
|
|
|
|
- docker push $ENT_FIPS_IMAGE_NAME
|
|
|
|
|
|
|
|
|
|
services:
|
|
|
|
|
- name: Start Docker
|
|
|
|
|
image: docker:dind
|
|
|
|
|
privileged: true
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
temp: {}
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
kind: pipeline
|
|
|
|
|
type: kubernetes
|
|
|
|
|
name: teleport-helm-cron
|
|
|
|
|
|
|
|
|
|
trigger:
|
|
|
|
|
cron:
|
|
|
|
|
- teleport-helm-cron
|
2020-07-24 23:37:14 +00:00
|
|
|
repo:
|
|
|
|
|
include:
|
|
|
|
|
- gravitational/*
|
2020-07-18 00:35:46 +00:00
|
|
|
|
|
|
|
|
workspace:
|
|
|
|
|
path: /go
|
2020-07-02 17:48:54 +00:00
|
|
|
|
|
|
|
|
clone:
|
|
|
|
|
disable: true
|
|
|
|
|
|
|
|
|
|
steps:
|
|
|
|
|
- name: Check out code
|
|
|
|
|
image: alpine/git
|
|
|
|
|
commands:
|
2020-07-18 00:35:46 +00:00
|
|
|
- mkdir -p /go/src/github.com/gravitational/teleport
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
2020-07-02 17:48:54 +00:00
|
|
|
- git clone https://github.com/gravitational/teleport.git .
|
2020-08-10 14:15:05 +00:00
|
|
|
- git checkout ${DRONE_COMMIT}
|
2020-07-02 17:48:54 +00:00
|
|
|
|
|
|
|
|
- name: Package helm chart
|
|
|
|
|
image: alpine/helm:2.16.9
|
|
|
|
|
commands:
|
2020-07-18 00:35:46 +00:00
|
|
|
- mkdir -p /go/chart
|
|
|
|
|
- cd /go/chart
|
2020-07-02 17:48:54 +00:00
|
|
|
- helm init --client-only
|
2020-07-18 00:35:46 +00:00
|
|
|
- helm package /go/src/github.com/gravitational/teleport/examples/chart/teleport
|
|
|
|
|
- helm repo index /go/chart
|
2020-07-02 17:48:54 +00:00
|
|
|
|
|
|
|
|
- name: Upload to S3
|
|
|
|
|
image: plugins/s3
|
|
|
|
|
settings:
|
|
|
|
|
bucket: charts.gravitational.io
|
|
|
|
|
access_key:
|
|
|
|
|
from_secret: PRODUCTION_CHARTS_AWS_ACCESS_KEY_ID
|
|
|
|
|
secret_key:
|
|
|
|
|
from_secret: PRODUCTION_CHARTS_AWS_SECRET_ACCESS_KEY
|
|
|
|
|
region: us-east-2
|
|
|
|
|
acl: public-read
|
2020-07-18 00:35:46 +00:00
|
|
|
source: /go/chart/*
|
2020-07-02 17:48:54 +00:00
|
|
|
target: /
|
2020-07-18 00:35:46 +00:00
|
|
|
strip_prefix: /go/chart
|
2020-07-02 17:48:54 +00:00
|
|
|
|
2020-06-25 17:29:10 +00:00
|
|
|
---
|
|
|
|
|
kind: pipeline
|
|
|
|
|
type: kubernetes
|
|
|
|
|
name: build-linux-amd64
|
|
|
|
|
|
|
|
|
|
environment:
|
2020-07-10 17:05:18 +00:00
|
|
|
RUNTIME: go1.14.4
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
trigger:
|
|
|
|
|
event:
|
|
|
|
|
- tag
|
|
|
|
|
ref:
|
|
|
|
|
include:
|
|
|
|
|
- refs/tags/v*
|
2020-07-24 23:37:14 +00:00
|
|
|
repo:
|
|
|
|
|
include:
|
|
|
|
|
- gravitational/*
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
depends_on:
|
|
|
|
|
- test
|
|
|
|
|
|
|
|
|
|
workspace:
|
|
|
|
|
path: /go
|
|
|
|
|
|
|
|
|
|
clone:
|
|
|
|
|
disable: true
|
|
|
|
|
|
|
|
|
|
steps:
|
|
|
|
|
- name: Check out code
|
|
|
|
|
image: docker:git
|
|
|
|
|
environment:
|
|
|
|
|
GITHUB_PRIVATE_KEY:
|
|
|
|
|
from_secret: GITHUB_PRIVATE_KEY
|
|
|
|
|
commands:
|
|
|
|
|
- mkdir -p /go/src/github.com/gravitational/teleport
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
- git clone https://github.com/gravitational/teleport.git .
|
2020-07-17 00:43:18 +00:00
|
|
|
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
|
2020-06-25 17:29:10 +00:00
|
|
|
# fetch enterprise submodules
|
|
|
|
|
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa && chmod 600 /root/.ssh/id_rsa
|
|
|
|
|
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
|
|
|
|
|
- git submodule update --init e
|
2020-07-17 00:43:18 +00:00
|
|
|
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
|
2020-06-25 17:29:10 +00:00
|
|
|
- git submodule update --init --recursive webassets || true
|
|
|
|
|
- rm -f /root/.ssh/id_rsa
|
|
|
|
|
# create necessary directories
|
2020-07-17 00:43:18 +00:00
|
|
|
- mkdir -p /go/cache /go/artifacts/e
|
|
|
|
|
# set version
|
2020-08-10 14:15:05 +00:00
|
|
|
- if [[ "${DRONE_TAG}" != "" ]]; then echo "${DRONE_TAG##v}" > /go/.version.txt; else egrep ^VERSION Makefile | cut -d= -f2 > /go/.version.txt; fi; cat /go/.version.txt
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
- name: Build release artifacts
|
2020-07-17 00:43:18 +00:00
|
|
|
image: docker
|
2020-06-25 17:29:10 +00:00
|
|
|
environment:
|
|
|
|
|
UID: 1000
|
|
|
|
|
GID: 1000
|
2020-07-17 00:43:18 +00:00
|
|
|
GOPATH: /go
|
2020-06-25 17:29:10 +00:00
|
|
|
OS: linux
|
|
|
|
|
ARCH: amd64
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
commands:
|
2020-07-17 00:43:18 +00:00
|
|
|
- apk add --no-cache make
|
2020-06-25 17:29:10 +00:00
|
|
|
- chown -R $UID:$GID /go
|
2020-07-17 00:43:18 +00:00
|
|
|
- docker pull quay.io/gravitational/teleport-buildbox:$RUNTIME || true
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
- make -C build.assets release OS=$OS ARCH=$ARCH RUNTIME=$RUNTIME
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
- name: Copy artifacts
|
2020-07-17 00:43:18 +00:00
|
|
|
image: docker
|
2020-06-25 17:29:10 +00:00
|
|
|
commands:
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
# copy release archives to artifact directory
|
|
|
|
|
- find . -maxdepth 1 -iname "teleport*.tar.gz" -print -exec cp {} /go/artifacts \;
|
2020-07-17 00:43:18 +00:00
|
|
|
- find e/ -maxdepth 1 -iname "teleport*.tar.gz" -print -exec cp {} /go/artifacts/e \;
|
|
|
|
|
# rename artifact
|
|
|
|
|
- export VERSION=$(cat /go/.version.txt)
|
|
|
|
|
- mv /go/artifacts/e/teleport-v$${VERSION}-linux-amd64-bin.tar.gz /go/artifacts/teleport-ent-v$${VERSION}-linux-amd64-bin.tar.gz
|
2020-06-25 17:29:10 +00:00
|
|
|
# generate checksums
|
|
|
|
|
- cd /go/artifacts && for FILE in teleport*.tar.gz; do sha256sum $FILE > $FILE.sha256; done && ls -l
|
|
|
|
|
|
|
|
|
|
- name: Upload to S3
|
|
|
|
|
image: plugins/s3
|
|
|
|
|
settings:
|
|
|
|
|
bucket:
|
|
|
|
|
from_secret: AWS_S3_BUCKET
|
|
|
|
|
access_key:
|
|
|
|
|
from_secret: AWS_ACCESS_KEY_ID
|
|
|
|
|
secret_key:
|
|
|
|
|
from_secret: AWS_SECRET_ACCESS_KEY
|
|
|
|
|
region: us-west-2
|
|
|
|
|
source: /go/artifacts/*
|
2020-08-10 14:15:05 +00:00
|
|
|
target: teleport/tag/${DRONE_TAG##v}
|
2020-06-25 17:29:10 +00:00
|
|
|
strip_prefix: /go/artifacts/
|
|
|
|
|
|
|
|
|
|
services:
|
|
|
|
|
- name: Start Docker
|
|
|
|
|
image: docker:dind
|
|
|
|
|
privileged: true
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
temp: {}
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
kind: pipeline
|
|
|
|
|
type: kubernetes
|
|
|
|
|
name: build-linux-amd64-fips
|
|
|
|
|
|
|
|
|
|
environment:
|
2020-07-10 17:05:18 +00:00
|
|
|
RUNTIME: go1.14.4
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
trigger:
|
|
|
|
|
event:
|
|
|
|
|
- tag
|
|
|
|
|
ref:
|
|
|
|
|
include:
|
|
|
|
|
- refs/tags/v*
|
2020-07-24 23:37:14 +00:00
|
|
|
repo:
|
|
|
|
|
include:
|
|
|
|
|
- gravitational/*
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
depends_on:
|
|
|
|
|
- test
|
|
|
|
|
|
|
|
|
|
workspace:
|
|
|
|
|
path: /go
|
|
|
|
|
|
|
|
|
|
clone:
|
|
|
|
|
disable: true
|
|
|
|
|
|
|
|
|
|
steps:
|
|
|
|
|
- name: Check out code
|
|
|
|
|
image: docker:git
|
|
|
|
|
environment:
|
|
|
|
|
GITHUB_PRIVATE_KEY:
|
|
|
|
|
from_secret: GITHUB_PRIVATE_KEY
|
|
|
|
|
commands:
|
|
|
|
|
- mkdir -p /go/src/github.com/gravitational/teleport
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
- git clone https://github.com/gravitational/teleport.git .
|
2020-07-17 00:43:18 +00:00
|
|
|
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
|
2020-06-25 17:29:10 +00:00
|
|
|
# fetch enterprise submodules
|
|
|
|
|
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa && chmod 600 /root/.ssh/id_rsa
|
|
|
|
|
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
|
|
|
|
|
- git submodule update --init e
|
2020-07-17 00:43:18 +00:00
|
|
|
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
|
2020-06-25 17:29:10 +00:00
|
|
|
- git submodule update --init --recursive webassets || true
|
|
|
|
|
- rm -f /root/.ssh/id_rsa
|
|
|
|
|
# create necessary directories
|
|
|
|
|
- mkdir -p /go/cache /go/artifacts
|
2020-07-17 00:43:18 +00:00
|
|
|
# set version
|
2020-08-10 14:15:05 +00:00
|
|
|
- if [[ "${DRONE_TAG}" != "" ]]; then echo "${DRONE_TAG##v}" > /go/.version.txt; else egrep ^VERSION Makefile | cut -d= -f2 > /go/.version.txt; fi; cat /go/.version.txt
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
- name: Build FIPS release artifacts
|
2020-07-17 00:43:18 +00:00
|
|
|
image: docker
|
2020-06-25 17:29:10 +00:00
|
|
|
environment:
|
|
|
|
|
UID: 1000
|
|
|
|
|
GID: 1000
|
2020-07-17 00:43:18 +00:00
|
|
|
GOPATH: /go
|
2020-06-25 17:29:10 +00:00
|
|
|
OS: linux
|
|
|
|
|
ARCH: amd64
|
|
|
|
|
FIPS: "yes"
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
commands:
|
2020-07-17 00:43:18 +00:00
|
|
|
- apk add --no-cache make
|
2020-06-25 17:29:10 +00:00
|
|
|
- chown -R $UID:$GID /go
|
2020-07-17 00:43:18 +00:00
|
|
|
- docker pull quay.io/gravitational/teleport-buildbox-fips:$RUNTIME || true
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
- export VERSION=$(cat /go/.version.txt)
|
|
|
|
|
- make -C build.assets release-fips VERSION=$VERSION OS=$OS ARCH=$ARCH RUNTIME=$RUNTIME FIPS=$FIPS
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
- name: Copy FIPS artifacts
|
2020-07-17 00:43:18 +00:00
|
|
|
image: docker
|
2020-06-25 17:29:10 +00:00
|
|
|
commands:
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
# copy release archives to artifact directory
|
2020-07-17 00:43:18 +00:00
|
|
|
- find e/ -maxdepth 1 -iname "teleport*.tar.gz" -print -exec cp {} /go/artifacts \;
|
|
|
|
|
# rename artifact
|
|
|
|
|
- export VERSION=$(cat /go/.version.txt)
|
|
|
|
|
- mv /go/artifacts/teleport-ent-v$${VERSION}-linux-amd64-bin.tar.gz /go/artifacts/teleport-ent-v$${VERSION}-linux-amd64-fips-bin.tar.gz
|
2020-06-25 17:29:10 +00:00
|
|
|
# generate checksums
|
|
|
|
|
- cd /go/artifacts && for FILE in teleport*.tar.gz; do sha256sum $FILE > $FILE.sha256; done && ls -l
|
|
|
|
|
|
|
|
|
|
- name: Upload to S3
|
|
|
|
|
image: plugins/s3
|
|
|
|
|
settings:
|
|
|
|
|
bucket:
|
|
|
|
|
from_secret: AWS_S3_BUCKET
|
|
|
|
|
access_key:
|
|
|
|
|
from_secret: AWS_ACCESS_KEY_ID
|
|
|
|
|
secret_key:
|
|
|
|
|
from_secret: AWS_SECRET_ACCESS_KEY
|
|
|
|
|
region: us-west-2
|
|
|
|
|
source: /go/artifacts/*
|
2020-08-13 17:28:09 +00:00
|
|
|
target: teleport/tag/${DRONE_TAG##v}
|
2020-06-25 17:29:10 +00:00
|
|
|
strip_prefix: /go/artifacts/
|
|
|
|
|
|
|
|
|
|
services:
|
|
|
|
|
- name: Start Docker
|
|
|
|
|
image: docker:dind
|
|
|
|
|
privileged: true
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
temp: {}
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
kind: pipeline
|
|
|
|
|
type: kubernetes
|
|
|
|
|
name: build-linux-amd64-centos6
|
|
|
|
|
|
|
|
|
|
environment:
|
2020-07-10 17:05:18 +00:00
|
|
|
RUNTIME: go1.14.4
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
trigger:
|
|
|
|
|
event:
|
|
|
|
|
- tag
|
|
|
|
|
ref:
|
|
|
|
|
include:
|
|
|
|
|
- refs/tags/v*
|
2020-07-24 23:37:14 +00:00
|
|
|
repo:
|
|
|
|
|
include:
|
|
|
|
|
- gravitational/*
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
depends_on:
|
|
|
|
|
- test
|
|
|
|
|
|
|
|
|
|
workspace:
|
|
|
|
|
path: /go
|
|
|
|
|
|
|
|
|
|
clone:
|
|
|
|
|
disable: true
|
|
|
|
|
|
|
|
|
|
steps:
|
|
|
|
|
- name: Check out code
|
|
|
|
|
image: docker:git
|
|
|
|
|
environment:
|
|
|
|
|
GITHUB_PRIVATE_KEY:
|
|
|
|
|
from_secret: GITHUB_PRIVATE_KEY
|
|
|
|
|
commands:
|
|
|
|
|
- mkdir -p /go/src/github.com/gravitational/teleport
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
- git clone https://github.com/gravitational/teleport.git .
|
2020-07-17 00:43:18 +00:00
|
|
|
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
|
2020-06-25 17:29:10 +00:00
|
|
|
# fetch enterprise submodules
|
|
|
|
|
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa && chmod 600 /root/.ssh/id_rsa
|
|
|
|
|
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
|
|
|
|
|
- git submodule update --init e
|
2020-07-17 00:43:18 +00:00
|
|
|
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
|
2020-06-25 17:29:10 +00:00
|
|
|
- git submodule update --init --recursive webassets || true
|
|
|
|
|
- rm -f /root/.ssh/id_rsa
|
|
|
|
|
# create necessary directories
|
2020-07-17 00:43:18 +00:00
|
|
|
- mkdir -p /go/cache /go/artifacts/e
|
|
|
|
|
# set version
|
2020-08-10 14:15:05 +00:00
|
|
|
- if [[ "${DRONE_TAG}" != "" ]]; then echo "${DRONE_TAG##v}" > /go/.version.txt; else egrep ^VERSION Makefile | cut -d= -f2 > /go/.version.txt; fi; cat /go/.version.txt
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
- name: Build CentOS 6 release artifacts
|
2020-07-17 00:43:18 +00:00
|
|
|
image: docker
|
2020-06-25 17:29:10 +00:00
|
|
|
environment:
|
|
|
|
|
UID: 1000
|
|
|
|
|
GID: 1000
|
2020-07-17 00:43:18 +00:00
|
|
|
GOPATH: /go
|
2020-06-25 17:29:10 +00:00
|
|
|
OS: linux
|
|
|
|
|
ARCH: amd64
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
commands:
|
2020-07-17 00:43:18 +00:00
|
|
|
- apk add --no-cache make
|
2020-06-25 17:29:10 +00:00
|
|
|
- chown -R $UID:$GID /go
|
2020-07-17 00:43:18 +00:00
|
|
|
- docker pull quay.io/gravitational/teleport-buildbox-centos6:$RUNTIME || true
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
- make -C build.assets release-centos6 OS=$OS ARCH=$ARCH RUNTIME=$RUNTIME
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
- name: Copy CentOS 6 artifacts
|
2020-07-17 00:43:18 +00:00
|
|
|
image: docker
|
2020-06-25 17:29:10 +00:00
|
|
|
commands:
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
# copy release archives to artifact directory
|
|
|
|
|
- find . -maxdepth 1 -iname "teleport*.tar.gz" -print -exec cp {} /go/artifacts \;
|
2020-07-17 00:43:18 +00:00
|
|
|
- find e/ -maxdepth 1 -iname "teleport*.tar.gz" -print -exec cp {} /go/artifacts/e \;
|
2020-06-25 17:29:10 +00:00
|
|
|
# rename artifacts
|
2020-07-17 00:43:18 +00:00
|
|
|
- export VERSION=$(cat /go/.version.txt)
|
|
|
|
|
- mv /go/artifacts/teleport-v$${VERSION}-linux-amd64-bin.tar.gz /go/artifacts/teleport-v$${VERSION}-linux-amd64-centos6-bin.tar.gz
|
|
|
|
|
- mv /go/artifacts/e/teleport-v$${VERSION}-linux-amd64-bin.tar.gz /go/artifacts/teleport-ent-v$${VERSION}-linux-amd64-centos6-bin.tar.gz
|
2020-06-25 17:29:10 +00:00
|
|
|
# generate checksums
|
|
|
|
|
- cd /go/artifacts && for FILE in teleport*.tar.gz; do sha256sum $FILE > $FILE.sha256; done && ls -l
|
|
|
|
|
|
|
|
|
|
- name: Upload to S3
|
|
|
|
|
image: plugins/s3
|
|
|
|
|
settings:
|
|
|
|
|
bucket:
|
|
|
|
|
from_secret: AWS_S3_BUCKET
|
|
|
|
|
access_key:
|
|
|
|
|
from_secret: AWS_ACCESS_KEY_ID
|
|
|
|
|
secret_key:
|
|
|
|
|
from_secret: AWS_SECRET_ACCESS_KEY
|
|
|
|
|
region: us-west-2
|
|
|
|
|
source: /go/artifacts/*
|
2020-08-10 14:15:05 +00:00
|
|
|
target: teleport/tag/${DRONE_TAG##v}
|
2020-06-25 17:29:10 +00:00
|
|
|
strip_prefix: /go/artifacts/
|
|
|
|
|
|
|
|
|
|
services:
|
|
|
|
|
- name: Start Docker
|
|
|
|
|
image: docker:dind
|
|
|
|
|
privileged: true
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
temp: {}
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
kind: pipeline
|
|
|
|
|
type: kubernetes
|
|
|
|
|
name: build-linux-amd64-centos6-fips
|
|
|
|
|
|
|
|
|
|
environment:
|
2020-07-10 17:05:18 +00:00
|
|
|
RUNTIME: go1.14.4
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
trigger:
|
|
|
|
|
event:
|
|
|
|
|
- tag
|
|
|
|
|
ref:
|
|
|
|
|
include:
|
|
|
|
|
- refs/tags/v*
|
2020-07-24 23:37:14 +00:00
|
|
|
repo:
|
|
|
|
|
include:
|
|
|
|
|
- gravitational/*
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
depends_on:
|
|
|
|
|
- test
|
|
|
|
|
|
|
|
|
|
workspace:
|
|
|
|
|
path: /go
|
|
|
|
|
|
|
|
|
|
clone:
|
|
|
|
|
disable: true
|
|
|
|
|
|
|
|
|
|
steps:
|
|
|
|
|
- name: Check out code
|
|
|
|
|
image: docker:git
|
|
|
|
|
environment:
|
|
|
|
|
GITHUB_PRIVATE_KEY:
|
|
|
|
|
from_secret: GITHUB_PRIVATE_KEY
|
|
|
|
|
commands:
|
|
|
|
|
- mkdir -p /go/src/github.com/gravitational/teleport
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
- git clone https://github.com/gravitational/teleport.git .
|
2020-07-17 00:43:18 +00:00
|
|
|
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
|
2020-06-25 17:29:10 +00:00
|
|
|
# fetch enterprise submodules
|
|
|
|
|
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa && chmod 600 /root/.ssh/id_rsa
|
|
|
|
|
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
|
|
|
|
|
- git submodule update --init e
|
2020-07-17 00:43:18 +00:00
|
|
|
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
|
2020-06-25 17:29:10 +00:00
|
|
|
- git submodule update --init --recursive webassets || true
|
|
|
|
|
- rm -f /root/.ssh/id_rsa
|
|
|
|
|
# create necessary directories
|
|
|
|
|
- mkdir -p /go/cache /go/artifacts
|
2020-07-17 00:43:18 +00:00
|
|
|
# set version
|
2020-08-10 14:15:05 +00:00
|
|
|
- if [[ "${DRONE_TAG}" != "" ]]; then echo "${DRONE_TAG##v}" > /go/.version.txt; else egrep ^VERSION Makefile | cut -d= -f2 > /go/.version.txt; fi; cat /go/.version.txt
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
- name: Build CentOS 6 FIPS release artifacts
|
2020-07-17 00:43:18 +00:00
|
|
|
image: docker
|
2020-06-25 17:29:10 +00:00
|
|
|
environment:
|
|
|
|
|
UID: 1000
|
|
|
|
|
GID: 1000
|
2020-07-17 00:43:18 +00:00
|
|
|
GOPATH: /go
|
2020-06-25 17:29:10 +00:00
|
|
|
OS: linux
|
|
|
|
|
ARCH: amd64
|
|
|
|
|
FIPS: "yes"
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
commands:
|
2020-07-17 00:43:18 +00:00
|
|
|
- apk add --no-cache make
|
2020-06-25 17:29:10 +00:00
|
|
|
- chown -R $UID:$GID /go
|
2020-07-17 00:43:18 +00:00
|
|
|
- docker pull quay.io/gravitational/teleport-buildbox-centos6-fips:$RUNTIME || true
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
- make -C build.assets release-centos6-fips OS=$OS ARCH=$ARCH RUNTIME=$RUNTIME FIPS=$FIPS
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
- name: Copy CentOS 6 FIPS artifacts
|
2020-07-17 00:43:18 +00:00
|
|
|
image: docker
|
2020-06-25 17:29:10 +00:00
|
|
|
commands:
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
# copy release archives to artifact directory
|
2020-07-17 00:43:18 +00:00
|
|
|
- find e/ -maxdepth 1 -iname "teleport*.tar.gz" -print -exec cp {} /go/artifacts \;
|
2020-06-25 17:29:10 +00:00
|
|
|
# rename artifact
|
2020-07-17 00:43:18 +00:00
|
|
|
- export VERSION=$(cat /go/.version.txt)
|
|
|
|
|
- mv /go/artifacts/teleport-v$${VERSION}-linux-amd64-bin.tar.gz /go/artifacts/teleport-ent-v$${VERSION}-linux-amd64-centos6-fips-bin.tar.gz
|
2020-06-25 17:29:10 +00:00
|
|
|
# generate checksums
|
|
|
|
|
- cd /go/artifacts && for FILE in teleport*.tar.gz; do sha256sum $FILE > $FILE.sha256; done && ls -l
|
|
|
|
|
|
|
|
|
|
- name: Upload to S3
|
|
|
|
|
image: plugins/s3
|
|
|
|
|
settings:
|
|
|
|
|
bucket:
|
|
|
|
|
from_secret: AWS_S3_BUCKET
|
|
|
|
|
access_key:
|
|
|
|
|
from_secret: AWS_ACCESS_KEY_ID
|
|
|
|
|
secret_key:
|
|
|
|
|
from_secret: AWS_SECRET_ACCESS_KEY
|
|
|
|
|
region: us-west-2
|
|
|
|
|
source: /go/artifacts/*
|
2020-08-10 14:15:05 +00:00
|
|
|
target: teleport/tag/${DRONE_TAG##v}
|
2020-06-25 17:29:10 +00:00
|
|
|
strip_prefix: /go/artifacts/
|
|
|
|
|
|
|
|
|
|
services:
|
|
|
|
|
- name: Start Docker
|
|
|
|
|
image: docker:dind
|
|
|
|
|
privileged: true
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
temp: {}
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
kind: pipeline
|
|
|
|
|
type: kubernetes
|
2020-07-17 00:43:18 +00:00
|
|
|
name: build-linux-amd64-rpm
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
trigger:
|
|
|
|
|
event:
|
|
|
|
|
- tag
|
|
|
|
|
ref:
|
|
|
|
|
include:
|
|
|
|
|
- refs/tags/v*
|
2020-07-24 23:37:14 +00:00
|
|
|
repo:
|
|
|
|
|
include:
|
|
|
|
|
- gravitational/*
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
depends_on:
|
2020-07-17 00:43:18 +00:00
|
|
|
- build-linux-amd64
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
workspace:
|
|
|
|
|
path: /go
|
|
|
|
|
|
|
|
|
|
clone:
|
|
|
|
|
disable: true
|
|
|
|
|
|
|
|
|
|
steps:
|
|
|
|
|
- name: Check out code
|
|
|
|
|
image: docker:git
|
|
|
|
|
environment:
|
|
|
|
|
GITHUB_PRIVATE_KEY:
|
|
|
|
|
from_secret: GITHUB_PRIVATE_KEY
|
|
|
|
|
commands:
|
|
|
|
|
- mkdir -p /go/src/github.com/gravitational/teleport
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
- git clone https://github.com/gravitational/teleport.git .
|
2020-07-17 00:43:18 +00:00
|
|
|
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
|
2020-06-25 17:29:10 +00:00
|
|
|
# fetch enterprise submodules
|
|
|
|
|
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa && chmod 600 /root/.ssh/id_rsa
|
|
|
|
|
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
|
|
|
|
|
- git submodule update --init e
|
2020-07-17 00:43:18 +00:00
|
|
|
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
|
2020-06-25 17:29:10 +00:00
|
|
|
- git submodule update --init --recursive webassets || true
|
|
|
|
|
- rm -f /root/.ssh/id_rsa
|
|
|
|
|
# create necessary directories
|
|
|
|
|
- mkdir -p /go/cache /go/artifacts
|
2020-07-17 00:43:18 +00:00
|
|
|
# set version
|
2020-08-10 14:15:05 +00:00
|
|
|
- if [[ "${DRONE_TAG}" != "" ]]; then echo "${DRONE_TAG##v}" > /go/.version.txt; else egrep ^VERSION Makefile | cut -d= -f2 > /go/.version.txt; fi; cat /go/.version.txt
|
2020-06-25 17:29:10 +00:00
|
|
|
|
2020-07-17 00:43:18 +00:00
|
|
|
- name: Download built tarball artifacts from S3
|
|
|
|
|
image: amazon/aws-cli
|
2020-06-25 17:29:10 +00:00
|
|
|
environment:
|
2020-07-17 00:43:18 +00:00
|
|
|
AWS_S3_BUCKET:
|
|
|
|
|
from_secret: AWS_S3_BUCKET
|
|
|
|
|
AWS_ACCESS_KEY_ID:
|
|
|
|
|
from_secret: AWS_ACCESS_KEY_ID
|
|
|
|
|
AWS_SECRET_ACCESS_KEY:
|
|
|
|
|
from_secret: AWS_SECRET_ACCESS_KEY
|
|
|
|
|
AWS_REGION: us-west-2
|
|
|
|
|
commands:
|
|
|
|
|
- export VERSION=$(cat /go/.version.txt)
|
2020-08-10 14:15:05 +00:00
|
|
|
- if [[ "${DRONE_TAG}" != "" ]]; then export S3_PATH="tag/$${DRONE_TAG##v}/"; else export S3_PATH="tag/"; fi
|
2020-07-17 00:43:18 +00:00
|
|
|
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-v$${VERSION}-linux-amd64-bin.tar.gz /go/artifacts/
|
|
|
|
|
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-ent-v$${VERSION}-linux-amd64-bin.tar.gz /go/artifacts/
|
|
|
|
|
|
|
|
|
|
- name: Build RPM artifacts
|
|
|
|
|
image: docker
|
|
|
|
|
environment:
|
|
|
|
|
ARCH: amd64
|
|
|
|
|
TMPDIR: /go
|
|
|
|
|
OSS_TARBALL_PATH: /go/artifacts
|
|
|
|
|
ENT_TARBALL_PATH: /go/artifacts
|
2020-06-25 17:29:10 +00:00
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
commands:
|
2020-07-17 00:43:18 +00:00
|
|
|
- apk add --no-cache bash curl go make tar
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
- export VERSION=$(cat /go/.version.txt)
|
|
|
|
|
- make rpm
|
2020-06-25 17:29:10 +00:00
|
|
|
|
2020-07-17 00:43:18 +00:00
|
|
|
- name: Copy RPM artifacts
|
|
|
|
|
image: docker
|
2020-06-25 17:29:10 +00:00
|
|
|
commands:
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
2020-07-17 00:43:18 +00:00
|
|
|
# copy release archives (and checksums) to artifact directory
|
|
|
|
|
- find build -maxdepth 1 -iname "teleport*.rpm*" -print -exec cp {} /go/artifacts \;
|
|
|
|
|
- find e/build -maxdepth 1 -iname "teleport*.rpm*" -print -exec cp {} /go/artifacts \;
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
- name: Upload to S3
|
|
|
|
|
image: plugins/s3
|
|
|
|
|
settings:
|
|
|
|
|
bucket:
|
|
|
|
|
from_secret: AWS_S3_BUCKET
|
|
|
|
|
access_key:
|
|
|
|
|
from_secret: AWS_ACCESS_KEY_ID
|
|
|
|
|
secret_key:
|
|
|
|
|
from_secret: AWS_SECRET_ACCESS_KEY
|
|
|
|
|
region: us-west-2
|
|
|
|
|
source: /go/artifacts/*
|
2020-08-10 14:15:05 +00:00
|
|
|
target: teleport/tag/${DRONE_TAG##v}
|
2020-06-25 17:29:10 +00:00
|
|
|
strip_prefix: /go/artifacts/
|
|
|
|
|
|
|
|
|
|
services:
|
|
|
|
|
- name: Start Docker
|
|
|
|
|
image: docker:dind
|
|
|
|
|
privileged: true
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
temp: {}
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
kind: pipeline
|
|
|
|
|
type: kubernetes
|
2020-07-17 00:43:18 +00:00
|
|
|
name: build-linux-amd64-fips-rpm
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
trigger:
|
|
|
|
|
event:
|
2020-07-17 00:43:18 +00:00
|
|
|
- tag
|
|
|
|
|
ref:
|
|
|
|
|
include:
|
|
|
|
|
- refs/tags/v*
|
2020-07-24 23:37:14 +00:00
|
|
|
repo:
|
|
|
|
|
include:
|
|
|
|
|
- gravitational/*
|
2020-07-17 00:43:18 +00:00
|
|
|
|
|
|
|
|
depends_on:
|
|
|
|
|
- build-linux-amd64-fips
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
workspace:
|
2020-07-17 00:43:18 +00:00
|
|
|
path: /go
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
clone:
|
|
|
|
|
disable: true
|
|
|
|
|
|
|
|
|
|
steps:
|
|
|
|
|
- name: Check out code
|
|
|
|
|
image: docker:git
|
2020-07-17 00:43:18 +00:00
|
|
|
environment:
|
|
|
|
|
GITHUB_PRIVATE_KEY:
|
|
|
|
|
from_secret: GITHUB_PRIVATE_KEY
|
2020-06-25 17:29:10 +00:00
|
|
|
commands:
|
2020-07-17 00:43:18 +00:00
|
|
|
- mkdir -p /go/src/github.com/gravitational/teleport
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
2020-06-25 17:29:10 +00:00
|
|
|
- git clone https://github.com/gravitational/teleport.git .
|
2020-07-17 00:43:18 +00:00
|
|
|
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
|
|
|
|
|
# fetch enterprise submodules
|
|
|
|
|
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa && chmod 600 /root/.ssh/id_rsa
|
|
|
|
|
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
|
|
|
|
|
- git submodule update --init e
|
|
|
|
|
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
|
|
|
|
|
- git submodule update --init --recursive webassets || true
|
|
|
|
|
- rm -f /root/.ssh/id_rsa
|
|
|
|
|
# create necessary directories
|
|
|
|
|
- mkdir -p /go/cache /go/artifacts
|
|
|
|
|
# set version
|
2020-08-10 14:15:05 +00:00
|
|
|
- if [[ "${DRONE_TAG}" != "" ]]; then echo "${DRONE_TAG##v}" > /go/.version.txt; else egrep ^VERSION Makefile | cut -d= -f2 > /go/.version.txt; fi; cat /go/.version.txt
|
2020-06-25 17:29:10 +00:00
|
|
|
|
2020-07-17 00:43:18 +00:00
|
|
|
- name: Download built tarball artifacts from S3
|
|
|
|
|
image: amazon/aws-cli
|
2020-06-25 17:29:10 +00:00
|
|
|
environment:
|
2020-07-17 00:43:18 +00:00
|
|
|
AWS_S3_BUCKET:
|
|
|
|
|
from_secret: AWS_S3_BUCKET
|
|
|
|
|
AWS_ACCESS_KEY_ID:
|
|
|
|
|
from_secret: AWS_ACCESS_KEY_ID
|
|
|
|
|
AWS_SECRET_ACCESS_KEY:
|
|
|
|
|
from_secret: AWS_SECRET_ACCESS_KEY
|
|
|
|
|
AWS_REGION: us-west-2
|
|
|
|
|
commands:
|
|
|
|
|
- export VERSION=$(cat /go/.version.txt)
|
2020-08-10 14:15:05 +00:00
|
|
|
- if [[ "${DRONE_TAG}" != "" ]]; then export S3_PATH="tag/$${DRONE_TAG##v}/"; else export S3_PATH="tag/"; fi
|
2020-07-17 00:43:18 +00:00
|
|
|
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-ent-v$${VERSION}-linux-amd64-fips-bin.tar.gz /go/artifacts/
|
|
|
|
|
|
|
|
|
|
- name: Build FIPS RPM artifacts
|
|
|
|
|
image: docker
|
|
|
|
|
environment:
|
|
|
|
|
ARCH: amd64
|
|
|
|
|
FIPS: "yes"
|
|
|
|
|
# weird quirk of FIPS package builds
|
|
|
|
|
RUNTIME: fips
|
|
|
|
|
TMPDIR: /go
|
|
|
|
|
ENT_TARBALL_PATH: /go/artifacts
|
2020-06-25 17:29:10 +00:00
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
commands:
|
2020-07-17 00:43:18 +00:00
|
|
|
- apk add --no-cache bash curl make tar
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
- export VERSION=$(cat /go/.version.txt)
|
|
|
|
|
# build enterprise only
|
|
|
|
|
- make -C e rpm
|
2020-06-25 17:29:10 +00:00
|
|
|
|
2020-07-17 00:43:18 +00:00
|
|
|
- name: Copy FIPS RPM artifacts
|
|
|
|
|
image: docker
|
|
|
|
|
commands:
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
# copy release archives (and checksums) to artifact directory
|
|
|
|
|
- find e/build -maxdepth 1 -iname "teleport*.rpm*" -print -exec cp {} /go/artifacts \;
|
|
|
|
|
|
|
|
|
|
- name: Upload to S3
|
|
|
|
|
image: plugins/s3
|
|
|
|
|
settings:
|
|
|
|
|
bucket:
|
|
|
|
|
from_secret: AWS_S3_BUCKET
|
|
|
|
|
access_key:
|
|
|
|
|
from_secret: AWS_ACCESS_KEY_ID
|
|
|
|
|
secret_key:
|
|
|
|
|
from_secret: AWS_SECRET_ACCESS_KEY
|
|
|
|
|
region: us-west-2
|
|
|
|
|
source: /go/artifacts/*
|
2020-08-10 14:15:05 +00:00
|
|
|
target: teleport/tag/${DRONE_TAG##v}
|
2020-07-17 00:43:18 +00:00
|
|
|
strip_prefix: /go/artifacts/
|
|
|
|
|
|
|
|
|
|
services:
|
|
|
|
|
- name: Start Docker
|
|
|
|
|
image: docker:dind
|
|
|
|
|
privileged: true
|
2020-06-25 17:29:10 +00:00
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
|
2020-07-17 00:43:18 +00:00
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
temp: {}
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
kind: pipeline
|
|
|
|
|
type: kubernetes
|
|
|
|
|
name: build-linux-amd64-deb
|
|
|
|
|
|
|
|
|
|
trigger:
|
|
|
|
|
event:
|
|
|
|
|
- tag
|
|
|
|
|
ref:
|
|
|
|
|
include:
|
|
|
|
|
- refs/tags/v*
|
2020-07-24 23:37:14 +00:00
|
|
|
repo:
|
|
|
|
|
include:
|
|
|
|
|
- gravitational/*
|
2020-07-17 00:43:18 +00:00
|
|
|
|
|
|
|
|
depends_on:
|
|
|
|
|
- build-linux-amd64
|
|
|
|
|
|
|
|
|
|
workspace:
|
|
|
|
|
path: /go
|
|
|
|
|
|
|
|
|
|
clone:
|
|
|
|
|
disable: true
|
|
|
|
|
|
|
|
|
|
steps:
|
|
|
|
|
- name: Check out code
|
2020-06-25 17:29:10 +00:00
|
|
|
image: docker:git
|
|
|
|
|
environment:
|
2020-07-17 00:43:18 +00:00
|
|
|
GITHUB_PRIVATE_KEY:
|
|
|
|
|
from_secret: GITHUB_PRIVATE_KEY
|
|
|
|
|
commands:
|
|
|
|
|
- mkdir -p /go/src/github.com/gravitational/teleport
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
- git clone https://github.com/gravitational/teleport.git .
|
|
|
|
|
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
|
|
|
|
|
# fetch enterprise submodules
|
|
|
|
|
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa && chmod 600 /root/.ssh/id_rsa
|
|
|
|
|
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
|
|
|
|
|
- git submodule update --init e
|
|
|
|
|
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
|
|
|
|
|
- git submodule update --init --recursive webassets || true
|
|
|
|
|
- rm -f /root/.ssh/id_rsa
|
|
|
|
|
# create necessary directories
|
|
|
|
|
- mkdir -p /go/cache /go/artifacts
|
|
|
|
|
# set version
|
2020-08-10 14:15:05 +00:00
|
|
|
- if [[ "${DRONE_TAG}" != "" ]]; then echo "${DRONE_TAG##v}" > /go/.version.txt; else egrep ^VERSION Makefile | cut -d= -f2 > /go/.version.txt; fi; cat /go/.version.txt
|
2020-07-17 00:43:18 +00:00
|
|
|
|
|
|
|
|
- name: Download built tarball artifacts from S3
|
|
|
|
|
image: amazon/aws-cli
|
|
|
|
|
environment:
|
|
|
|
|
AWS_S3_BUCKET:
|
|
|
|
|
from_secret: AWS_S3_BUCKET
|
|
|
|
|
AWS_ACCESS_KEY_ID:
|
|
|
|
|
from_secret: AWS_ACCESS_KEY_ID
|
|
|
|
|
AWS_SECRET_ACCESS_KEY:
|
|
|
|
|
from_secret: AWS_SECRET_ACCESS_KEY
|
|
|
|
|
AWS_REGION: us-west-2
|
|
|
|
|
commands:
|
|
|
|
|
- export VERSION=$(cat /go/.version.txt)
|
2020-08-10 14:15:05 +00:00
|
|
|
- if [[ "${DRONE_TAG}" != "" ]]; then export S3_PATH="tag/$${DRONE_TAG##v}/"; else export S3_PATH="tag/"; fi
|
2020-07-17 00:43:18 +00:00
|
|
|
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-v$${VERSION}-linux-amd64-bin.tar.gz /go/artifacts/
|
|
|
|
|
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-ent-v$${VERSION}-linux-amd64-bin.tar.gz /go/artifacts/
|
|
|
|
|
|
|
|
|
|
- name: Build DEB artifacts
|
|
|
|
|
image: docker
|
|
|
|
|
environment:
|
|
|
|
|
ARCH: amd64
|
|
|
|
|
TMPDIR: /go
|
|
|
|
|
OSS_TARBALL_PATH: /go/artifacts
|
|
|
|
|
ENT_TARBALL_PATH: /go/artifacts
|
2020-06-25 17:29:10 +00:00
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
commands:
|
2020-07-17 00:43:18 +00:00
|
|
|
- apk add --no-cache bash curl make tar
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
- export VERSION=$(cat /go/.version.txt)
|
|
|
|
|
- make deb
|
2020-06-25 17:29:10 +00:00
|
|
|
|
2020-07-17 00:43:18 +00:00
|
|
|
- name: Copy DEB artifacts
|
|
|
|
|
image: docker
|
|
|
|
|
commands:
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
# copy release archives (and checksums) to artifact directory
|
|
|
|
|
- find build -maxdepth 1 -iname "teleport*.deb*" -print -exec cp {} /go/artifacts \;
|
|
|
|
|
- find e/build -maxdepth 1 -iname "teleport*.deb*" -print -exec cp {} /go/artifacts \;
|
|
|
|
|
|
|
|
|
|
- name: Upload to S3
|
|
|
|
|
image: plugins/s3
|
|
|
|
|
settings:
|
|
|
|
|
bucket:
|
|
|
|
|
from_secret: AWS_S3_BUCKET
|
|
|
|
|
access_key:
|
|
|
|
|
from_secret: AWS_ACCESS_KEY_ID
|
|
|
|
|
secret_key:
|
|
|
|
|
from_secret: AWS_SECRET_ACCESS_KEY
|
|
|
|
|
region: us-west-2
|
|
|
|
|
source: /go/artifacts/*
|
2020-08-10 14:15:05 +00:00
|
|
|
target: teleport/tag/${DRONE_TAG##v}
|
2020-07-17 00:43:18 +00:00
|
|
|
strip_prefix: /go/artifacts/
|
|
|
|
|
|
|
|
|
|
services:
|
|
|
|
|
- name: Start Docker
|
|
|
|
|
image: docker:dind
|
|
|
|
|
privileged: true
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
temp: {}
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
kind: pipeline
|
|
|
|
|
type: kubernetes
|
|
|
|
|
name: build-linux-amd64-fips-deb
|
|
|
|
|
|
|
|
|
|
trigger:
|
|
|
|
|
event:
|
|
|
|
|
- tag
|
|
|
|
|
ref:
|
|
|
|
|
include:
|
|
|
|
|
- refs/tags/v*
|
2020-07-24 23:37:14 +00:00
|
|
|
repo:
|
|
|
|
|
include:
|
|
|
|
|
- gravitational/*
|
2020-07-17 00:43:18 +00:00
|
|
|
|
|
|
|
|
depends_on:
|
|
|
|
|
- build-linux-amd64-fips
|
|
|
|
|
|
|
|
|
|
workspace:
|
|
|
|
|
path: /go
|
|
|
|
|
|
|
|
|
|
clone:
|
|
|
|
|
disable: true
|
|
|
|
|
|
|
|
|
|
steps:
|
|
|
|
|
- name: Check out code
|
|
|
|
|
image: docker:git
|
|
|
|
|
environment:
|
|
|
|
|
GITHUB_PRIVATE_KEY:
|
|
|
|
|
from_secret: GITHUB_PRIVATE_KEY
|
|
|
|
|
commands:
|
|
|
|
|
- mkdir -p /go/src/github.com/gravitational/teleport
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
- git clone https://github.com/gravitational/teleport.git .
|
|
|
|
|
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
|
|
|
|
|
# fetch enterprise submodules
|
|
|
|
|
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa && chmod 600 /root/.ssh/id_rsa
|
|
|
|
|
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
|
|
|
|
|
- git submodule update --init e
|
|
|
|
|
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
|
|
|
|
|
- git submodule update --init --recursive webassets || true
|
|
|
|
|
- rm -f /root/.ssh/id_rsa
|
|
|
|
|
# create necessary directories
|
|
|
|
|
- mkdir -p /go/cache /go/artifacts
|
|
|
|
|
# set version
|
2020-08-10 14:15:05 +00:00
|
|
|
- if [[ "${DRONE_TAG}" != "" ]]; then echo "${DRONE_TAG##v}" > /go/.version.txt; else egrep ^VERSION Makefile | cut -d= -f2 > /go/.version.txt; fi; cat /go/.version.txt
|
2020-07-17 00:43:18 +00:00
|
|
|
|
|
|
|
|
- name: Download built tarball artifacts from S3
|
|
|
|
|
image: amazon/aws-cli
|
|
|
|
|
environment:
|
|
|
|
|
AWS_S3_BUCKET:
|
|
|
|
|
from_secret: AWS_S3_BUCKET
|
|
|
|
|
AWS_ACCESS_KEY_ID:
|
|
|
|
|
from_secret: AWS_ACCESS_KEY_ID
|
|
|
|
|
AWS_SECRET_ACCESS_KEY:
|
|
|
|
|
from_secret: AWS_SECRET_ACCESS_KEY
|
|
|
|
|
AWS_REGION: us-west-2
|
|
|
|
|
commands:
|
|
|
|
|
- export VERSION=$(cat /go/.version.txt)
|
2020-08-10 14:15:05 +00:00
|
|
|
- if [[ "${DRONE_TAG}" != "" ]]; then export S3_PATH="tag/$${DRONE_TAG##v}/"; else export S3_PATH="tag/"; fi
|
2020-07-17 00:43:18 +00:00
|
|
|
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-ent-v$${VERSION}-linux-amd64-fips-bin.tar.gz /go/artifacts/
|
|
|
|
|
|
|
|
|
|
- name: Build FIPS DEB artifacts
|
|
|
|
|
image: docker
|
|
|
|
|
environment:
|
|
|
|
|
ARCH: amd64
|
|
|
|
|
FIPS: "yes"
|
|
|
|
|
# weird quirk with FIPS package builds
|
|
|
|
|
RUNTIME: "fips"
|
|
|
|
|
TMPDIR: /go
|
|
|
|
|
ENT_TARBALL_PATH: /go/artifacts
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
commands:
|
|
|
|
|
- apk add --no-cache bash curl make tar
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
- export VERSION=$(cat /go/.version.txt)
|
|
|
|
|
# build enterprise only
|
|
|
|
|
- make -C e deb
|
|
|
|
|
|
|
|
|
|
- name: Copy FIPS DEB artifacts
|
|
|
|
|
image: docker
|
|
|
|
|
commands:
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
# copy release archives (and checksums) to artifact directory
|
|
|
|
|
- find e/build -maxdepth 1 -iname "teleport*.deb*" -print -exec cp {} /go/artifacts \;
|
|
|
|
|
- ls -l /go/artifacts
|
|
|
|
|
|
|
|
|
|
- name: Upload to S3
|
|
|
|
|
image: plugins/s3
|
|
|
|
|
settings:
|
|
|
|
|
bucket:
|
|
|
|
|
from_secret: AWS_S3_BUCKET
|
|
|
|
|
access_key:
|
|
|
|
|
from_secret: AWS_ACCESS_KEY_ID
|
|
|
|
|
secret_key:
|
|
|
|
|
from_secret: AWS_SECRET_ACCESS_KEY
|
|
|
|
|
region: us-west-2
|
|
|
|
|
source: /go/artifacts/*
|
2020-08-10 14:15:05 +00:00
|
|
|
target: teleport/tag/${DRONE_TAG##v}
|
2020-07-17 00:43:18 +00:00
|
|
|
strip_prefix: /go/artifacts/
|
|
|
|
|
|
|
|
|
|
services:
|
|
|
|
|
- name: Start Docker
|
|
|
|
|
image: docker:dind
|
|
|
|
|
privileged: true
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
temp: {}
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
kind: pipeline
|
|
|
|
|
type: kubernetes
|
|
|
|
|
name: build-linux-i386
|
|
|
|
|
|
|
|
|
|
environment:
|
|
|
|
|
RUNTIME: go1.14.4
|
|
|
|
|
|
|
|
|
|
trigger:
|
|
|
|
|
event:
|
|
|
|
|
- tag
|
|
|
|
|
ref:
|
|
|
|
|
include:
|
|
|
|
|
- refs/tags/v*
|
2020-07-24 23:37:14 +00:00
|
|
|
repo:
|
|
|
|
|
include:
|
|
|
|
|
- gravitational/*
|
2020-07-17 00:43:18 +00:00
|
|
|
|
|
|
|
|
depends_on:
|
|
|
|
|
- test
|
|
|
|
|
|
|
|
|
|
workspace:
|
|
|
|
|
path: /go
|
|
|
|
|
|
|
|
|
|
clone:
|
|
|
|
|
disable: true
|
|
|
|
|
|
|
|
|
|
steps:
|
|
|
|
|
- name: Check out code
|
|
|
|
|
image: docker:git
|
|
|
|
|
environment:
|
|
|
|
|
GITHUB_PRIVATE_KEY:
|
|
|
|
|
from_secret: GITHUB_PRIVATE_KEY
|
|
|
|
|
commands:
|
|
|
|
|
- mkdir -p /go/src/github.com/gravitational/teleport
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
- git clone https://github.com/gravitational/teleport.git .
|
|
|
|
|
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
|
|
|
|
|
# fetch enterprise submodules
|
|
|
|
|
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa && chmod 600 /root/.ssh/id_rsa
|
|
|
|
|
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
|
|
|
|
|
- git submodule update --init e
|
|
|
|
|
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
|
|
|
|
|
- git submodule update --init --recursive webassets || true
|
|
|
|
|
- rm -f /root/.ssh/id_rsa
|
|
|
|
|
# create necessary directories
|
|
|
|
|
- mkdir -p /go/cache /go/artifacts/e
|
|
|
|
|
# set version
|
2020-08-10 14:15:05 +00:00
|
|
|
- if [[ "${DRONE_TAG}" != "" ]]; then echo "${DRONE_TAG##v}" > /go/.version.txt; else egrep ^VERSION Makefile | cut -d= -f2 > /go/.version.txt; fi; cat /go/.version.txt
|
2020-07-17 00:43:18 +00:00
|
|
|
|
|
|
|
|
- name: Build i386 release artifacts
|
|
|
|
|
image: docker
|
|
|
|
|
environment:
|
|
|
|
|
UID: 1000
|
|
|
|
|
GID: 1000
|
|
|
|
|
GOPATH: /go
|
|
|
|
|
OS: linux
|
|
|
|
|
ARCH: "386"
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
commands:
|
|
|
|
|
- apk add --no-cache make
|
|
|
|
|
- chown -R $UID:$GID /go
|
|
|
|
|
- docker pull quay.io/gravitational/teleport-buildbox:$RUNTIME || true
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
- make -C build.assets release OS=$OS ARCH=$ARCH RUNTIME=$RUNTIME
|
|
|
|
|
|
|
|
|
|
- name: Copy artifacts
|
|
|
|
|
image: docker
|
|
|
|
|
commands:
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
# copy release archives to artifact directory
|
|
|
|
|
- find . -maxdepth 1 -iname "teleport*.tar.gz" -print -exec cp {} /go/artifacts \;
|
|
|
|
|
- find e/ -maxdepth 1 -iname "teleport*.tar.gz" -print -exec cp {} /go/artifacts/e \;
|
|
|
|
|
# rename artifacts
|
|
|
|
|
- export VERSION=$(cat /go/.version.txt)
|
|
|
|
|
- mv /go/artifacts/e/teleport-v$${VERSION}-linux-386-bin.tar.gz /go/artifacts/teleport-ent-v$${VERSION}-linux-386-bin.tar.gz
|
|
|
|
|
# generate checksums
|
|
|
|
|
- cd /go/artifacts && for FILE in teleport*.tar.gz; do sha256sum $FILE > $FILE.sha256; done && ls -l
|
|
|
|
|
|
|
|
|
|
- name: Upload to S3
|
|
|
|
|
image: plugins/s3
|
|
|
|
|
settings:
|
|
|
|
|
bucket:
|
|
|
|
|
from_secret: AWS_S3_BUCKET
|
|
|
|
|
access_key:
|
|
|
|
|
from_secret: AWS_ACCESS_KEY_ID
|
|
|
|
|
secret_key:
|
|
|
|
|
from_secret: AWS_SECRET_ACCESS_KEY
|
|
|
|
|
region: us-west-2
|
|
|
|
|
source: /go/artifacts/*
|
2020-08-10 14:15:05 +00:00
|
|
|
target: teleport/tag/${DRONE_TAG##v}
|
2020-07-17 00:43:18 +00:00
|
|
|
strip_prefix: /go/artifacts/
|
|
|
|
|
|
|
|
|
|
services:
|
|
|
|
|
- name: Start Docker
|
|
|
|
|
image: docker:dind
|
|
|
|
|
privileged: true
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
temp: {}
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
kind: pipeline
|
|
|
|
|
type: kubernetes
|
|
|
|
|
name: build-linux-i386-rpm
|
|
|
|
|
|
|
|
|
|
trigger:
|
|
|
|
|
event:
|
|
|
|
|
- tag
|
|
|
|
|
ref:
|
|
|
|
|
include:
|
|
|
|
|
- refs/tags/v*
|
2020-07-24 23:37:14 +00:00
|
|
|
repo:
|
|
|
|
|
include:
|
|
|
|
|
- gravitational/*
|
2020-07-17 00:43:18 +00:00
|
|
|
|
|
|
|
|
depends_on:
|
|
|
|
|
- build-linux-i386
|
|
|
|
|
|
|
|
|
|
workspace:
|
|
|
|
|
path: /go
|
|
|
|
|
|
|
|
|
|
clone:
|
|
|
|
|
disable: true
|
|
|
|
|
|
|
|
|
|
steps:
|
|
|
|
|
- name: Check out code
|
|
|
|
|
image: docker:git
|
|
|
|
|
environment:
|
|
|
|
|
GITHUB_PRIVATE_KEY:
|
|
|
|
|
from_secret: GITHUB_PRIVATE_KEY
|
|
|
|
|
commands:
|
|
|
|
|
- mkdir -p /go/src/github.com/gravitational/teleport
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
- git clone https://github.com/gravitational/teleport.git .
|
|
|
|
|
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
|
|
|
|
|
# fetch enterprise submodules
|
|
|
|
|
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa && chmod 600 /root/.ssh/id_rsa
|
|
|
|
|
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
|
|
|
|
|
- git submodule update --init e
|
|
|
|
|
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
|
|
|
|
|
- git submodule update --init --recursive webassets || true
|
|
|
|
|
- rm -f /root/.ssh/id_rsa
|
|
|
|
|
# create necessary directories
|
|
|
|
|
- mkdir -p /go/cache /go/artifacts
|
|
|
|
|
# set version
|
2020-08-10 14:15:05 +00:00
|
|
|
- if [[ "${DRONE_TAG}" != "" ]]; then echo "${DRONE_TAG##v}" > /go/.version.txt; else egrep ^VERSION Makefile | cut -d= -f2 > /go/.version.txt; fi; cat /go/.version.txt
|
2020-07-17 00:43:18 +00:00
|
|
|
|
|
|
|
|
- name: Download built tarball artifacts from S3
|
|
|
|
|
image: amazon/aws-cli
|
|
|
|
|
environment:
|
|
|
|
|
AWS_S3_BUCKET:
|
|
|
|
|
from_secret: AWS_S3_BUCKET
|
|
|
|
|
AWS_ACCESS_KEY_ID:
|
|
|
|
|
from_secret: AWS_ACCESS_KEY_ID
|
|
|
|
|
AWS_SECRET_ACCESS_KEY:
|
|
|
|
|
from_secret: AWS_SECRET_ACCESS_KEY
|
|
|
|
|
AWS_REGION: us-west-2
|
|
|
|
|
commands:
|
|
|
|
|
- export VERSION=$(cat /go/.version.txt)
|
2020-08-10 14:15:05 +00:00
|
|
|
- if [[ "${DRONE_TAG}" != "" ]]; then export S3_PATH="tag/$${DRONE_TAG##v}/"; else export S3_PATH="tag/"; fi
|
2020-07-17 00:43:18 +00:00
|
|
|
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-v$${VERSION}-linux-386-bin.tar.gz /go/artifacts/
|
|
|
|
|
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-ent-v$${VERSION}-linux-386-bin.tar.gz /go/artifacts/
|
|
|
|
|
|
|
|
|
|
- name: Build i386 RPM artifacts
|
|
|
|
|
image: docker
|
|
|
|
|
environment:
|
|
|
|
|
ARCH: "386"
|
|
|
|
|
TMPDIR: /go
|
|
|
|
|
OSS_TARBALL_PATH: /go/artifacts
|
|
|
|
|
ENT_TARBALL_PATH: /go/artifacts
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
commands:
|
|
|
|
|
- apk add --no-cache bash curl make tar
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
- export VERSION=$(cat /go/.version.txt)
|
|
|
|
|
- make rpm
|
|
|
|
|
|
|
|
|
|
- name: Copy i386 RPM artifacts
|
|
|
|
|
image: docker
|
|
|
|
|
commands:
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
# copy release archives (and checksums) to artifact directory
|
|
|
|
|
- find build -maxdepth 1 -iname "teleport*.rpm*" -print -exec cp {} /go/artifacts \;
|
|
|
|
|
- find e/build -maxdepth 1 -iname "teleport*.rpm*" -print -exec cp {} /go/artifacts \;
|
|
|
|
|
|
|
|
|
|
- name: Upload to S3
|
|
|
|
|
image: plugins/s3
|
|
|
|
|
settings:
|
|
|
|
|
bucket:
|
|
|
|
|
from_secret: AWS_S3_BUCKET
|
|
|
|
|
access_key:
|
|
|
|
|
from_secret: AWS_ACCESS_KEY_ID
|
|
|
|
|
secret_key:
|
|
|
|
|
from_secret: AWS_SECRET_ACCESS_KEY
|
|
|
|
|
region: us-west-2
|
|
|
|
|
source: /go/artifacts/*
|
2020-08-10 14:15:05 +00:00
|
|
|
target: teleport/tag/${DRONE_TAG##v}
|
2020-07-17 00:43:18 +00:00
|
|
|
strip_prefix: /go/artifacts/
|
|
|
|
|
|
|
|
|
|
services:
|
|
|
|
|
- name: Start Docker
|
|
|
|
|
image: docker:dind
|
|
|
|
|
privileged: true
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
temp: {}
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
kind: pipeline
|
|
|
|
|
type: kubernetes
|
|
|
|
|
name: build-linux-i386-deb
|
|
|
|
|
|
|
|
|
|
trigger:
|
|
|
|
|
event:
|
|
|
|
|
- tag
|
|
|
|
|
ref:
|
|
|
|
|
include:
|
|
|
|
|
- refs/tags/v*
|
2020-07-24 23:37:14 +00:00
|
|
|
repo:
|
|
|
|
|
include:
|
|
|
|
|
- gravitational/*
|
2020-07-17 00:43:18 +00:00
|
|
|
|
|
|
|
|
depends_on:
|
|
|
|
|
- build-linux-i386
|
|
|
|
|
|
|
|
|
|
workspace:
|
|
|
|
|
path: /go
|
|
|
|
|
|
|
|
|
|
clone:
|
|
|
|
|
disable: true
|
|
|
|
|
|
|
|
|
|
steps:
|
|
|
|
|
- name: Check out code
|
|
|
|
|
image: docker:git
|
|
|
|
|
environment:
|
|
|
|
|
GITHUB_PRIVATE_KEY:
|
|
|
|
|
from_secret: GITHUB_PRIVATE_KEY
|
|
|
|
|
commands:
|
|
|
|
|
- mkdir -p /go/src/github.com/gravitational/teleport
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
- git clone https://github.com/gravitational/teleport.git .
|
|
|
|
|
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
|
|
|
|
|
# fetch enterprise submodules
|
|
|
|
|
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa && chmod 600 /root/.ssh/id_rsa
|
|
|
|
|
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
|
|
|
|
|
- git submodule update --init e
|
|
|
|
|
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
|
|
|
|
|
- git submodule update --init --recursive webassets || true
|
|
|
|
|
- rm -f /root/.ssh/id_rsa
|
|
|
|
|
# create necessary directories
|
|
|
|
|
- mkdir -p /go/cache /go/artifacts
|
|
|
|
|
# set version
|
2020-08-10 14:15:05 +00:00
|
|
|
- if [[ "${DRONE_TAG}" != "" ]]; then echo "${DRONE_TAG##v}" > /go/.version.txt; else egrep ^VERSION Makefile | cut -d= -f2 > /go/.version.txt; fi; cat /go/.version.txt
|
2020-07-17 00:43:18 +00:00
|
|
|
|
|
|
|
|
- name: Download built tarball artifacts from S3
|
|
|
|
|
image: amazon/aws-cli
|
|
|
|
|
environment:
|
|
|
|
|
AWS_S3_BUCKET:
|
|
|
|
|
from_secret: AWS_S3_BUCKET
|
|
|
|
|
AWS_ACCESS_KEY_ID:
|
|
|
|
|
from_secret: AWS_ACCESS_KEY_ID
|
|
|
|
|
AWS_SECRET_ACCESS_KEY:
|
|
|
|
|
from_secret: AWS_SECRET_ACCESS_KEY
|
|
|
|
|
AWS_REGION: us-west-2
|
|
|
|
|
commands:
|
|
|
|
|
- export VERSION=$(cat /go/.version.txt)
|
2020-08-10 14:15:05 +00:00
|
|
|
- if [[ "${DRONE_TAG}" != "" ]]; then export S3_PATH="tag/$${DRONE_TAG##v}/"; else export S3_PATH="tag/"; fi
|
2020-07-17 00:43:18 +00:00
|
|
|
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-v$${VERSION}-linux-386-bin.tar.gz /go/artifacts/
|
|
|
|
|
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-ent-v$${VERSION}-linux-386-bin.tar.gz /go/artifacts/
|
|
|
|
|
|
|
|
|
|
- name: Build i386 DEB artifacts
|
|
|
|
|
image: docker
|
|
|
|
|
environment:
|
|
|
|
|
ARCH: "386"
|
|
|
|
|
TMPDIR: /go
|
|
|
|
|
OSS_TARBALL_PATH: /go/artifacts
|
|
|
|
|
ENT_TARBALL_PATH: /go/artifacts
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
commands:
|
|
|
|
|
- apk add --no-cache bash curl make tar
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
- export VERSION=$(cat /go/.version.txt)
|
|
|
|
|
- make deb
|
|
|
|
|
|
|
|
|
|
- name: Copy i386 DEB artifacts
|
|
|
|
|
image: docker
|
|
|
|
|
commands:
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
# copy release archives (and checksums) to artifact directory
|
|
|
|
|
- find build -maxdepth 1 -iname "teleport*.deb*" -print -exec cp {} /go/artifacts \;
|
|
|
|
|
- find e/build -maxdepth 1 -iname "teleport*.deb*" -print -exec cp {} /go/artifacts \;
|
|
|
|
|
|
|
|
|
|
- name: Upload to S3
|
|
|
|
|
image: plugins/s3
|
|
|
|
|
settings:
|
|
|
|
|
bucket:
|
|
|
|
|
from_secret: AWS_S3_BUCKET
|
|
|
|
|
access_key:
|
|
|
|
|
from_secret: AWS_ACCESS_KEY_ID
|
|
|
|
|
secret_key:
|
|
|
|
|
from_secret: AWS_SECRET_ACCESS_KEY
|
|
|
|
|
region: us-west-2
|
|
|
|
|
source: /go/artifacts/*
|
2020-08-10 14:15:05 +00:00
|
|
|
target: teleport/tag/${DRONE_TAG##v}
|
2020-07-17 00:43:18 +00:00
|
|
|
strip_prefix: /go/artifacts/
|
|
|
|
|
|
|
|
|
|
services:
|
|
|
|
|
- name: Start Docker
|
|
|
|
|
image: docker:dind
|
|
|
|
|
privileged: true
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
temp: {}
|
|
|
|
|
|
2020-07-24 20:46:20 +00:00
|
|
|
---
|
|
|
|
|
kind: pipeline
|
|
|
|
|
type: exec
|
|
|
|
|
name: build-darwin-amd64
|
|
|
|
|
|
|
|
|
|
concurrency:
|
|
|
|
|
limit: 1
|
|
|
|
|
|
|
|
|
|
platform:
|
|
|
|
|
os: darwin
|
|
|
|
|
arch: amd64
|
|
|
|
|
|
|
|
|
|
trigger:
|
|
|
|
|
event:
|
|
|
|
|
- tag
|
|
|
|
|
ref:
|
|
|
|
|
include:
|
|
|
|
|
- refs/tags/v*
|
|
|
|
|
repo:
|
|
|
|
|
include:
|
|
|
|
|
- gravitational/*
|
|
|
|
|
|
|
|
|
|
depends_on:
|
|
|
|
|
- test
|
|
|
|
|
|
|
|
|
|
workspace:
|
|
|
|
|
path: /tmp/build-darwin-amd64
|
|
|
|
|
|
|
|
|
|
clone:
|
|
|
|
|
disable: true
|
|
|
|
|
|
|
|
|
|
steps:
|
|
|
|
|
- name: Set up exec runner storage
|
|
|
|
|
commands:
|
|
|
|
|
- mkdir -p /tmp/build-darwin-amd64
|
|
|
|
|
- chmod -R u+rw /tmp/build-darwin-amd64
|
|
|
|
|
- rm -rf /tmp/build-darwin-amd64/go
|
|
|
|
|
|
|
|
|
|
- name: Check out code
|
|
|
|
|
environment:
|
|
|
|
|
GITHUB_PRIVATE_KEY:
|
|
|
|
|
from_secret: GITHUB_PRIVATE_KEY
|
|
|
|
|
commands:
|
|
|
|
|
- mkdir -p /tmp/build-darwin-amd64/go/src/github.com/gravitational/teleport
|
|
|
|
|
- cd /tmp/build-darwin-amd64/go/src/github.com/gravitational/teleport
|
|
|
|
|
- git clone https://github.com/gravitational/teleport.git .
|
2020-08-10 14:15:05 +00:00
|
|
|
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
|
2020-07-24 20:46:20 +00:00
|
|
|
# fetch enterprise submodules
|
|
|
|
|
- mkdir -m 0700 ~/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > ~/.ssh/id_rsa && chmod 600 ~/.ssh/id_rsa
|
|
|
|
|
- ssh-keyscan -H github.com > ~/.ssh/known_hosts 2>/dev/null && chmod 600 ~/.ssh/known_hosts
|
|
|
|
|
- git submodule update --init e
|
|
|
|
|
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
|
|
|
|
|
- git submodule update --init --recursive webassets || true
|
|
|
|
|
- rm -f ~/.ssh/id_rsa
|
|
|
|
|
- mkdir -p /tmp/build-darwin-amd64/go/artifacts /tmp/build-darwin-amd64/go/cache
|
2020-08-10 14:15:05 +00:00
|
|
|
- if [[ "${DRONE_TAG}" != "" ]]; then echo "${DRONE_TAG##v}" > /tmp/build-darwin-amd64/go/.version.txt; else egrep ^VERSION Makefile | cut -d= -f2 > /tmp/build-darwin-amd64/go/.version.txt; fi; cat /tmp/build-darwin-amd64/go/.version.txt
|
2020-07-24 20:46:20 +00:00
|
|
|
|
|
|
|
|
- name: Build Mac release artifacts
|
|
|
|
|
environment:
|
|
|
|
|
GOPATH: /tmp/build-darwin-amd64/go
|
|
|
|
|
GOCACHE: /tmp/build-darwin-amd64/go/cache
|
|
|
|
|
OS: darwin
|
|
|
|
|
ARCH: amd64
|
|
|
|
|
commands:
|
|
|
|
|
- cd /tmp/build-darwin-amd64/go/src/github.com/gravitational/teleport
|
|
|
|
|
- make clean release OS=$OS ARCH=$ARCH RUNTIME=$RUNTIME
|
|
|
|
|
|
|
|
|
|
- name: Copy Mac artifacts
|
|
|
|
|
commands:
|
|
|
|
|
- cd /tmp/build-darwin-amd64/go/src/github.com/gravitational/teleport
|
|
|
|
|
# copy release archives to artifact directory
|
|
|
|
|
- cp teleport*.tar.gz /tmp/build-darwin-amd64/go/artifacts
|
|
|
|
|
- cp e/teleport-ent*.tar.gz /tmp/build-darwin-amd64/go/artifacts
|
|
|
|
|
# generate checksums (for mac)
|
|
|
|
|
- cd /tmp/build-darwin-amd64/go/artifacts && for FILE in teleport*.tar.gz; do shasum -a 256 $FILE > $FILE.sha256; done && ls -l
|
|
|
|
|
|
|
|
|
|
- name: Upload to S3
|
|
|
|
|
environment:
|
|
|
|
|
AWS_S3_BUCKET:
|
|
|
|
|
from_secret: AWS_S3_BUCKET
|
|
|
|
|
AWS_ACCESS_KEY_ID:
|
|
|
|
|
from_secret: AWS_ACCESS_KEY_ID
|
|
|
|
|
AWS_SECRET_ACCESS_KEY:
|
|
|
|
|
from_secret: AWS_SECRET_ACCESS_KEY
|
|
|
|
|
AWS_REGION: us-west-2
|
|
|
|
|
commands:
|
|
|
|
|
- cd /tmp/build-darwin-amd64/go/artifacts
|
2020-08-10 14:15:05 +00:00
|
|
|
- aws s3 sync . s3://$AWS_S3_BUCKET/teleport/tag/${DRONE_TAG##v}
|
2020-07-24 20:46:20 +00:00
|
|
|
|
|
|
|
|
- name: Clean up exec runner storage (post)
|
|
|
|
|
commands:
|
|
|
|
|
- chmod -R u+rw /tmp/build-darwin-amd64
|
|
|
|
|
- rm -rf /tmp/build-darwin-amd64/go
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
kind: pipeline
|
|
|
|
|
type: exec
|
|
|
|
|
name: build-darwin-amd64-pkg
|
|
|
|
|
|
|
|
|
|
concurrency:
|
|
|
|
|
limit: 1
|
|
|
|
|
|
|
|
|
|
platform:
|
|
|
|
|
os: darwin
|
|
|
|
|
arch: amd64
|
|
|
|
|
|
|
|
|
|
trigger:
|
|
|
|
|
event:
|
|
|
|
|
- tag
|
|
|
|
|
ref:
|
|
|
|
|
include:
|
|
|
|
|
- refs/tags/v*
|
|
|
|
|
repo:
|
|
|
|
|
include:
|
|
|
|
|
- gravitational/*
|
|
|
|
|
|
|
|
|
|
depends_on:
|
|
|
|
|
- build-darwin-amd64
|
|
|
|
|
|
|
|
|
|
workspace:
|
|
|
|
|
path: /tmp/build-darwin-amd64-pkg
|
|
|
|
|
|
|
|
|
|
clone:
|
|
|
|
|
disable: true
|
|
|
|
|
|
|
|
|
|
steps:
|
|
|
|
|
- name: Set up exec runner storage
|
|
|
|
|
commands:
|
|
|
|
|
- mkdir -p /tmp/build-darwin-amd64-pkg
|
|
|
|
|
- chmod -R u+rw /tmp/build-darwin-amd64-pkg
|
|
|
|
|
- rm -rf /tmp/build-darwin-amd64-pkg/go
|
|
|
|
|
|
|
|
|
|
- name: Check out code
|
|
|
|
|
environment:
|
|
|
|
|
GITHUB_PRIVATE_KEY:
|
|
|
|
|
from_secret: GITHUB_PRIVATE_KEY
|
|
|
|
|
commands:
|
|
|
|
|
- mkdir -p /tmp/build-darwin-amd64-pkg/go/src/github.com/gravitational/teleport
|
|
|
|
|
- cd /tmp/build-darwin-amd64-pkg/go/src/github.com/gravitational/teleport
|
|
|
|
|
- git clone https://github.com/gravitational/teleport.git .
|
2020-08-10 14:15:05 +00:00
|
|
|
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
|
2020-07-24 20:46:20 +00:00
|
|
|
# fetch enterprise submodules
|
|
|
|
|
- mkdir -m 0700 ~/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > ~/.ssh/id_rsa && chmod 600 ~/.ssh/id_rsa
|
|
|
|
|
- ssh-keyscan -H github.com > ~/.ssh/known_hosts 2>/dev/null && chmod 600 ~/.ssh/known_hosts
|
|
|
|
|
- git submodule update --init e
|
|
|
|
|
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
|
|
|
|
|
- git submodule update --init --recursive webassets || true
|
|
|
|
|
- rm -f ~/.ssh/id_rsa
|
|
|
|
|
- mkdir -p /tmp/build-darwin-amd64-pkg/go/artifacts /tmp/build-darwin-amd64-pkg/go/cache
|
2020-08-10 14:15:05 +00:00
|
|
|
- if [[ "${DRONE_TAG}" != "" ]]; then echo "${DRONE_TAG##v}" > /tmp/build-darwin-amd64-pkg/go/.version.txt; else egrep ^VERSION Makefile | cut -d= -f2 > /tmp/build-darwin-amd64-pkg/go/.version.txt; fi; cat /tmp/build-darwin-amd64-pkg/go/.version.txt
|
2020-07-24 20:46:20 +00:00
|
|
|
|
|
|
|
|
- name: Download built tarball artifacts from S3
|
|
|
|
|
environment:
|
|
|
|
|
AWS_S3_BUCKET:
|
|
|
|
|
from_secret: AWS_S3_BUCKET
|
|
|
|
|
AWS_ACCESS_KEY_ID:
|
|
|
|
|
from_secret: AWS_ACCESS_KEY_ID
|
|
|
|
|
AWS_SECRET_ACCESS_KEY:
|
|
|
|
|
from_secret: AWS_SECRET_ACCESS_KEY
|
|
|
|
|
AWS_REGION: us-west-2
|
|
|
|
|
commands:
|
|
|
|
|
- export VERSION=$(cat /tmp/build-darwin-amd64-pkg/go/.version.txt)
|
2020-08-10 14:15:05 +00:00
|
|
|
- if [[ "${DRONE_TAG}" != "" ]]; then export S3_PATH="tag/$${DRONE_TAG##v}/"; else export S3_PATH="tag/"; fi
|
2020-07-24 20:46:20 +00:00
|
|
|
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-v$${VERSION}-darwin-amd64-bin.tar.gz /tmp/build-darwin-amd64-pkg/go/artifacts/
|
|
|
|
|
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-ent-v$${VERSION}-darwin-amd64-bin.tar.gz /tmp/build-darwin-amd64-pkg/go/artifacts/
|
|
|
|
|
|
|
|
|
|
- name: Build Mac pkg release artifacts
|
|
|
|
|
environment:
|
|
|
|
|
OS: darwin
|
|
|
|
|
ARCH: amd64
|
|
|
|
|
OSS_TARBALL_PATH: /tmp/build-darwin-amd64-pkg/go/artifacts
|
|
|
|
|
ENT_TARBALL_PATH: /tmp/build-darwin-amd64-pkg/go/artifacts
|
|
|
|
|
commands:
|
|
|
|
|
- cd /tmp/build-darwin-amd64-pkg/go/src/github.com/gravitational/teleport
|
|
|
|
|
- export VERSION=$(cat /tmp/build-darwin-amd64-pkg/go/.version.txt)
|
|
|
|
|
- make pkg OS=$OS ARCH=$ARCH
|
|
|
|
|
|
|
|
|
|
- name: Copy Mac pkg artifacts
|
|
|
|
|
commands:
|
|
|
|
|
- cd /tmp/build-darwin-amd64-pkg/go/src/github.com/gravitational/teleport
|
|
|
|
|
# delete temporary tarball artifacts so we don't re-upload them in the next stage
|
|
|
|
|
- rm -rf /tmp/build-darwin-amd64-pkg/go/artifacts/*.tar.gz
|
|
|
|
|
# copy release archives to artifact directory
|
|
|
|
|
- cp build/teleport*.pkg /tmp/build-darwin-amd64-pkg/go/artifacts
|
|
|
|
|
- cp e/build/teleport-ent*.pkg /tmp/build-darwin-amd64-pkg/go/artifacts
|
|
|
|
|
# generate checksums (for mac)
|
|
|
|
|
- cd /tmp/build-darwin-amd64-pkg/go/artifacts && for FILE in teleport*.pkg; do shasum -a 256 $FILE > $FILE.sha256; done && ls -l
|
|
|
|
|
|
|
|
|
|
- name: Upload to S3
|
|
|
|
|
environment:
|
|
|
|
|
AWS_S3_BUCKET:
|
|
|
|
|
from_secret: AWS_S3_BUCKET
|
|
|
|
|
AWS_ACCESS_KEY_ID:
|
|
|
|
|
from_secret: AWS_ACCESS_KEY_ID
|
|
|
|
|
AWS_SECRET_ACCESS_KEY:
|
|
|
|
|
from_secret: AWS_SECRET_ACCESS_KEY
|
|
|
|
|
AWS_REGION: us-west-2
|
|
|
|
|
commands:
|
|
|
|
|
- cd /tmp/build-darwin-amd64-pkg/go/artifacts
|
2020-08-10 14:15:05 +00:00
|
|
|
- aws s3 sync . s3://$AWS_S3_BUCKET/teleport/tag/${DRONE_TAG##v}
|
2020-07-24 20:46:20 +00:00
|
|
|
|
|
|
|
|
- name: Clean up exec runner storage
|
|
|
|
|
commands:
|
|
|
|
|
- chmod -R u+rw /tmp/build-darwin-amd64-pkg
|
|
|
|
|
- rm -rf /tmp/build-darwin-amd64-pkg/go
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
kind: pipeline
|
|
|
|
|
type: exec
|
|
|
|
|
name: build-darwin-amd64-pkg-tsh
|
|
|
|
|
|
|
|
|
|
concurrency:
|
|
|
|
|
limit: 1
|
|
|
|
|
|
|
|
|
|
platform:
|
|
|
|
|
os: darwin
|
|
|
|
|
arch: amd64
|
|
|
|
|
|
|
|
|
|
trigger:
|
|
|
|
|
event:
|
|
|
|
|
- tag
|
|
|
|
|
ref:
|
|
|
|
|
include:
|
|
|
|
|
- refs/tags/v*
|
|
|
|
|
repo:
|
|
|
|
|
include:
|
|
|
|
|
- gravitational/*
|
|
|
|
|
|
|
|
|
|
depends_on:
|
|
|
|
|
- build-darwin-amd64
|
|
|
|
|
|
|
|
|
|
workspace:
|
|
|
|
|
path: /tmp/build-darwin-amd64-pkg-tsh
|
|
|
|
|
|
|
|
|
|
clone:
|
|
|
|
|
disable: true
|
|
|
|
|
|
|
|
|
|
steps:
|
|
|
|
|
- name: Set up exec runner storage
|
|
|
|
|
commands:
|
|
|
|
|
- mkdir -p /tmp/build-darwin-amd64-pkg-tsh
|
|
|
|
|
- chmod -R u+rw /tmp/build-darwin-amd64-pkg-tsh
|
|
|
|
|
- rm -rf /tmp/build-darwin-amd64-pkg-tsh/go
|
|
|
|
|
|
|
|
|
|
- name: Check out code
|
|
|
|
|
environment:
|
|
|
|
|
GITHUB_PRIVATE_KEY:
|
|
|
|
|
from_secret: GITHUB_PRIVATE_KEY
|
|
|
|
|
commands:
|
|
|
|
|
- mkdir -p /tmp/build-darwin-amd64-pkg-tsh/go/src/github.com/gravitational/teleport
|
|
|
|
|
- cd /tmp/build-darwin-amd64-pkg-tsh/go/src/github.com/gravitational/teleport
|
|
|
|
|
- git clone https://github.com/gravitational/teleport.git .
|
2020-08-10 14:15:05 +00:00
|
|
|
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
|
2020-07-24 20:46:20 +00:00
|
|
|
# fetch enterprise submodules
|
|
|
|
|
- mkdir -m 0700 ~/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > ~/.ssh/id_rsa && chmod 600 ~/.ssh/id_rsa
|
|
|
|
|
- ssh-keyscan -H github.com > ~/.ssh/known_hosts 2>/dev/null && chmod 600 ~/.ssh/known_hosts
|
|
|
|
|
- git submodule update --init e
|
|
|
|
|
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
|
|
|
|
|
- git submodule update --init --recursive webassets || true
|
|
|
|
|
- rm -f ~/.ssh/id_rsa
|
|
|
|
|
- mkdir -p /tmp/build-darwin-amd64-pkg-tsh/go/artifacts /tmp/build-darwin-amd64-pkg-tsh/go/cache
|
2020-08-10 14:15:05 +00:00
|
|
|
- if [[ "${DRONE_TAG}" != "" ]]; then echo "${DRONE_TAG##v}" > /tmp/build-darwin-amd64-pkg-tsh/go/.version.txt; else egrep ^VERSION Makefile | cut -d= -f2 > /tmp/build-darwin-amd64-pkg-tsh/go/.version.txt; fi; cat /tmp/build-darwin-amd64-pkg-tsh/go/.version.txt
|
2020-07-24 20:46:20 +00:00
|
|
|
|
|
|
|
|
- name: Download built tarball artifact from S3
|
|
|
|
|
environment:
|
|
|
|
|
AWS_S3_BUCKET:
|
|
|
|
|
from_secret: AWS_S3_BUCKET
|
|
|
|
|
AWS_ACCESS_KEY_ID:
|
|
|
|
|
from_secret: AWS_ACCESS_KEY_ID
|
|
|
|
|
AWS_SECRET_ACCESS_KEY:
|
|
|
|
|
from_secret: AWS_SECRET_ACCESS_KEY
|
|
|
|
|
AWS_REGION: us-west-2
|
|
|
|
|
commands:
|
|
|
|
|
- export VERSION=$(cat /tmp/build-darwin-amd64-pkg-tsh/go/.version.txt)
|
2020-08-10 14:15:05 +00:00
|
|
|
- if [[ "${DRONE_TAG}" != "" ]]; then export S3_PATH="tag/$${DRONE_TAG##v}/"; else export S3_PATH="tag/"; fi
|
2020-07-24 20:46:20 +00:00
|
|
|
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-v$${VERSION}-darwin-amd64-bin.tar.gz /tmp/build-darwin-amd64-pkg-tsh/go/artifacts/
|
|
|
|
|
|
|
|
|
|
- name: Build Mac tsh pkg release artifacts
|
|
|
|
|
environment:
|
|
|
|
|
OS: darwin
|
|
|
|
|
ARCH: amd64
|
|
|
|
|
APPLE_USERNAME:
|
|
|
|
|
from_secret: APPLE_USERNAME
|
|
|
|
|
APPLE_PASSWORD:
|
|
|
|
|
from_secret: APPLE_PASSWORD
|
|
|
|
|
BUILDBOX_PASSWORD:
|
|
|
|
|
from_secret: BUILDBOX_PASSWORD
|
|
|
|
|
OSS_TARBALL_PATH: /tmp/build-darwin-amd64-pkg-tsh/go/artifacts
|
|
|
|
|
commands:
|
|
|
|
|
- cd /tmp/build-darwin-amd64-pkg-tsh/go/src/github.com/gravitational/teleport
|
|
|
|
|
- export VERSION=$(cat /tmp/build-darwin-amd64-pkg-tsh/go/.version.txt)
|
|
|
|
|
# set HOME explicitly (as Drone overrides it normally)
|
|
|
|
|
- export HOME=/Users/build
|
|
|
|
|
# unlock login keychain
|
|
|
|
|
- security unlock-keychain -p $${BUILDBOX_PASSWORD} login.keychain
|
|
|
|
|
# show available certificates
|
|
|
|
|
- security find-identity -v
|
|
|
|
|
# build pkg
|
|
|
|
|
- make pkg-tsh OS=$OS ARCH=$ARCH
|
|
|
|
|
|
|
|
|
|
- name: Copy Mac tsh pkg artifacts
|
|
|
|
|
commands:
|
|
|
|
|
- cd /tmp/build-darwin-amd64-pkg-tsh/go/src/github.com/gravitational/teleport
|
|
|
|
|
# delete temporary tarball artifacts so we don't re-upload them in the next stage
|
|
|
|
|
- rm -rf /tmp/build-darwin-amd64-pkg-tsh/go/artifacts/*.tar.gz
|
|
|
|
|
# copy release archives to artifact directory
|
|
|
|
|
- cp build/tsh*.pkg /tmp/build-darwin-amd64-pkg-tsh/go/artifacts
|
|
|
|
|
# generate checksums (for mac)
|
|
|
|
|
- cd /tmp/build-darwin-amd64-pkg-tsh/go/artifacts && for FILE in tsh*.pkg; do shasum -a 256 $FILE > $FILE.sha256; done && ls -l
|
|
|
|
|
|
|
|
|
|
- name: Upload to S3
|
|
|
|
|
environment:
|
|
|
|
|
AWS_S3_BUCKET:
|
|
|
|
|
from_secret: AWS_S3_BUCKET
|
|
|
|
|
AWS_ACCESS_KEY_ID:
|
|
|
|
|
from_secret: AWS_ACCESS_KEY_ID
|
|
|
|
|
AWS_SECRET_ACCESS_KEY:
|
|
|
|
|
from_secret: AWS_SECRET_ACCESS_KEY
|
|
|
|
|
AWS_REGION: us-west-2
|
|
|
|
|
commands:
|
|
|
|
|
- cd /tmp/build-darwin-amd64-pkg-tsh/go/artifacts
|
2020-08-10 14:15:05 +00:00
|
|
|
- aws s3 sync . s3://$AWS_S3_BUCKET/teleport/tag/${DRONE_TAG##v}
|
2020-07-24 20:46:20 +00:00
|
|
|
|
|
|
|
|
- name: Clean up exec runner storage
|
|
|
|
|
commands:
|
|
|
|
|
- chmod -R u+rw /tmp/build-darwin-amd64-pkg-tsh
|
|
|
|
|
- rm -rf /tmp/build-darwin-amd64-pkg-tsh/go
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
kind: pipeline
|
|
|
|
|
type: exec
|
|
|
|
|
name: build-arm
|
|
|
|
|
|
|
|
|
|
concurrency:
|
|
|
|
|
limit: 1
|
|
|
|
|
|
|
|
|
|
platform:
|
|
|
|
|
os: linux
|
|
|
|
|
arch: arm
|
|
|
|
|
|
|
|
|
|
# use ramfs for go build cache
|
|
|
|
|
# saves wear and tear on the SD card, plus it's faster
|
|
|
|
|
environment:
|
|
|
|
|
TMPDIR: /dev/shm
|
|
|
|
|
|
|
|
|
|
trigger:
|
|
|
|
|
event:
|
|
|
|
|
- tag
|
|
|
|
|
ref:
|
|
|
|
|
include:
|
|
|
|
|
- refs/tags/v*
|
|
|
|
|
repo:
|
|
|
|
|
include:
|
|
|
|
|
- gravitational/*
|
|
|
|
|
|
|
|
|
|
depends_on:
|
|
|
|
|
- test
|
|
|
|
|
|
|
|
|
|
workspace:
|
|
|
|
|
path: /dev/shm/tmp
|
|
|
|
|
|
|
|
|
|
clone:
|
|
|
|
|
disable: true
|
|
|
|
|
|
|
|
|
|
steps:
|
|
|
|
|
- name: Clean up exec runner storage (pre)
|
|
|
|
|
commands:
|
|
|
|
|
- chmod -R u+rw /dev/shm/tmp
|
|
|
|
|
- rm -rf /dev/shm/tmp/go
|
|
|
|
|
|
|
|
|
|
- name: Check out code
|
|
|
|
|
environment:
|
|
|
|
|
GITHUB_PRIVATE_KEY:
|
|
|
|
|
from_secret: GITHUB_PRIVATE_KEY
|
|
|
|
|
commands:
|
|
|
|
|
- mkdir -p /dev/shm/tmp/go/src/github.com/gravitational/teleport
|
|
|
|
|
- cd /dev/shm/tmp/go/src/github.com/gravitational/teleport
|
|
|
|
|
- git clone https://github.com/gravitational/teleport.git .
|
2020-08-10 14:15:05 +00:00
|
|
|
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
|
2020-07-24 20:46:20 +00:00
|
|
|
# fetch enterprise submodules
|
|
|
|
|
- mkdir -m 0700 ~/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > ~/.ssh/id_rsa && chmod 600 ~/.ssh/id_rsa
|
|
|
|
|
- ssh-keyscan -H github.com > ~/.ssh/known_hosts 2>/dev/null && chmod 600 ~/.ssh/known_hosts
|
|
|
|
|
- git submodule update --init e
|
|
|
|
|
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
|
|
|
|
|
- git submodule update --init --recursive webassets || true
|
|
|
|
|
- rm -f ~/.ssh/id_rsa
|
|
|
|
|
- mkdir -p /dev/shm/tmp/go/artifacts /dev/shm/tmp/go/cache
|
2020-08-10 14:15:05 +00:00
|
|
|
- if [[ "${DRONE_TAG}" != "" ]]; then echo "${DRONE_TAG##v}" > /dev/shm/tmp/go/.version.txt; else egrep ^VERSION Makefile | cut -d= -f2 > /dev/shm/tmp/go/.version.txt; fi; cat /dev/shm/tmp/go/.version.txt
|
2020-07-24 20:46:20 +00:00
|
|
|
|
|
|
|
|
- name: Build ARM release artifacts
|
|
|
|
|
environment:
|
|
|
|
|
GOPATH: /dev/shm/tmp/go
|
|
|
|
|
GOCACHE: /dev/shm/tmp/go/cache
|
|
|
|
|
OS: linux
|
|
|
|
|
ARCH: arm
|
|
|
|
|
commands:
|
|
|
|
|
- cd /dev/shm/tmp/go/src/github.com/gravitational/teleport
|
|
|
|
|
- make clean release OS=$OS ARCH=$ARCH RUNTIME=$RUNTIME
|
|
|
|
|
|
|
|
|
|
- name: Copy ARM artifacts
|
|
|
|
|
commands:
|
|
|
|
|
- cd /dev/shm/tmp/go/src/github.com/gravitational/teleport
|
|
|
|
|
# copy release archives to artifact directory
|
|
|
|
|
- cp teleport*.tar.gz /dev/shm/tmp/go/artifacts
|
|
|
|
|
- cp e/teleport-ent*.tar.gz /dev/shm/tmp/go/artifacts
|
|
|
|
|
# generate checksums
|
|
|
|
|
- cd /dev/shm/tmp/go/artifacts && for FILE in teleport*.tar.gz; do sha256sum $FILE > $FILE.sha256; done && ls -l
|
|
|
|
|
|
|
|
|
|
- name: Upload to S3
|
|
|
|
|
environment:
|
|
|
|
|
AWS_S3_BUCKET:
|
|
|
|
|
from_secret: AWS_S3_BUCKET
|
|
|
|
|
AWS_ACCESS_KEY_ID:
|
|
|
|
|
from_secret: AWS_ACCESS_KEY_ID
|
|
|
|
|
AWS_SECRET_ACCESS_KEY:
|
|
|
|
|
from_secret: AWS_SECRET_ACCESS_KEY
|
|
|
|
|
AWS_REGION: us-west-2
|
|
|
|
|
commands:
|
|
|
|
|
- cd /dev/shm/tmp/go/artifacts
|
2020-08-10 14:15:05 +00:00
|
|
|
- aws s3 sync . s3://$AWS_S3_BUCKET/teleport/tag/${DRONE_TAG##v}
|
2020-07-24 20:46:20 +00:00
|
|
|
|
|
|
|
|
- name: Clean up exec runner storage (post)
|
|
|
|
|
commands:
|
|
|
|
|
- chmod -R u+rw /dev/shm/tmp
|
|
|
|
|
- rm -rf /dev/shm/tmp/go
|
|
|
|
|
|
2020-07-17 00:43:18 +00:00
|
|
|
---
|
|
|
|
|
kind: pipeline
|
|
|
|
|
type: kubernetes
|
|
|
|
|
name: build-windows
|
|
|
|
|
|
|
|
|
|
environment:
|
|
|
|
|
RUNTIME: go1.14.4
|
|
|
|
|
|
|
|
|
|
trigger:
|
|
|
|
|
event:
|
|
|
|
|
- tag
|
|
|
|
|
ref:
|
|
|
|
|
include:
|
|
|
|
|
- refs/tags/v*
|
2020-07-24 23:37:14 +00:00
|
|
|
repo:
|
|
|
|
|
include:
|
|
|
|
|
- gravitational/*
|
2020-07-17 00:43:18 +00:00
|
|
|
|
|
|
|
|
depends_on:
|
|
|
|
|
- test
|
|
|
|
|
|
|
|
|
|
workspace:
|
|
|
|
|
path: /go
|
|
|
|
|
|
|
|
|
|
clone:
|
|
|
|
|
disable: true
|
|
|
|
|
|
|
|
|
|
steps:
|
|
|
|
|
- name: Check out code
|
|
|
|
|
image: docker:git
|
|
|
|
|
environment:
|
|
|
|
|
GITHUB_PRIVATE_KEY:
|
|
|
|
|
from_secret: GITHUB_PRIVATE_KEY
|
|
|
|
|
commands:
|
|
|
|
|
- mkdir -p /go/src/github.com/gravitational/teleport
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
- git clone https://github.com/gravitational/teleport.git .
|
|
|
|
|
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
|
|
|
|
|
# fetch enterprise submodules
|
|
|
|
|
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa && chmod 600 /root/.ssh/id_rsa
|
|
|
|
|
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
|
|
|
|
|
- git submodule update --init e
|
|
|
|
|
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
|
|
|
|
|
- git submodule update --init --recursive webassets || true
|
|
|
|
|
- rm -f /root/.ssh/id_rsa
|
|
|
|
|
# create necessary directories
|
|
|
|
|
- mkdir -p /go/cache /go/artifacts
|
|
|
|
|
# set version
|
2020-08-10 14:15:05 +00:00
|
|
|
- if [[ "${DRONE_TAG}" != "" ]]; then echo "${DRONE_TAG##v}" > /go/.version.txt; else egrep ^VERSION Makefile | cut -d= -f2 > /go/.version.txt; fi; cat /go/.version.txt
|
2020-07-17 00:43:18 +00:00
|
|
|
|
|
|
|
|
- name: Build Windows release artifacts
|
|
|
|
|
image: docker
|
|
|
|
|
environment:
|
|
|
|
|
UID: 1000
|
|
|
|
|
GID: 1000
|
|
|
|
|
GOPATH: /go
|
|
|
|
|
OS: windows
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
commands:
|
|
|
|
|
- apk add --no-cache make
|
|
|
|
|
- chown -R $UID:$GID /go
|
|
|
|
|
- docker pull quay.io/gravitational/teleport-buildbox:$RUNTIME || true
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
- make -C build.assets release-windows OS=$OS
|
|
|
|
|
|
|
|
|
|
- name: Copy Windows artifacts
|
|
|
|
|
image: docker
|
|
|
|
|
commands:
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
# copy release archives to build directory
|
|
|
|
|
- mkdir -p /go/artifacts/windows
|
|
|
|
|
- find . -maxdepth 1 -iname "teleport*.zip" -print -exec cp {} /go/artifacts \;
|
2020-08-10 14:15:05 +00:00
|
|
|
# make a copy of the Windows binaries named 'teleport-ent'
|
|
|
|
|
# our download portal looks for downloads starting with 'teleport-ent' to serve up, so
|
|
|
|
|
# for us to list any Windows Enterprise downloads, we need a 'teleport-ent*zip' binary
|
|
|
|
|
# The Windows artifacts only contain tsh.exe, which is the same for both OSS and Enterprise.
|
|
|
|
|
- export VERSION=$(cat /go/.version.txt)
|
|
|
|
|
- cp /go/artifacts/teleport-v$${VERSION}-windows-amd64-bin.zip /go/artifacts/teleport-ent-v$${VERSION}-windows-amd64-bin.zip
|
2020-07-17 00:43:18 +00:00
|
|
|
# generate checksums
|
|
|
|
|
- cd /go/artifacts && for FILE in teleport*.zip; do sha256sum $FILE > $FILE.sha256; done && ls -l
|
|
|
|
|
|
|
|
|
|
- name: Upload to S3
|
|
|
|
|
image: plugins/s3
|
|
|
|
|
settings:
|
|
|
|
|
bucket:
|
|
|
|
|
from_secret: AWS_S3_BUCKET
|
|
|
|
|
access_key:
|
|
|
|
|
from_secret: AWS_ACCESS_KEY_ID
|
|
|
|
|
secret_key:
|
|
|
|
|
from_secret: AWS_SECRET_ACCESS_KEY
|
|
|
|
|
region: us-west-2
|
|
|
|
|
source: /go/artifacts/*
|
2020-08-10 14:15:05 +00:00
|
|
|
target: teleport/tag/${DRONE_TAG##v}
|
2020-07-17 00:43:18 +00:00
|
|
|
strip_prefix: /go/artifacts/
|
|
|
|
|
|
|
|
|
|
services:
|
|
|
|
|
- name: Start Docker
|
|
|
|
|
image: docker:dind
|
|
|
|
|
privileged: true
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
temp: {}
|
|
|
|
|
|
2020-07-20 20:18:00 +00:00
|
|
|
---
|
|
|
|
|
kind: pipeline
|
|
|
|
|
type: kubernetes
|
|
|
|
|
name: build-docker-images
|
|
|
|
|
|
|
|
|
|
environment:
|
|
|
|
|
RUNTIME: go1.14.4
|
|
|
|
|
|
|
|
|
|
trigger:
|
|
|
|
|
event:
|
|
|
|
|
- tag
|
|
|
|
|
ref:
|
|
|
|
|
include:
|
|
|
|
|
- refs/tags/v*
|
2020-07-24 23:37:14 +00:00
|
|
|
repo:
|
|
|
|
|
include:
|
|
|
|
|
- gravitational/*
|
|
|
|
|
|
|
|
|
|
depends_on:
|
|
|
|
|
- test
|
2020-07-20 20:18:00 +00:00
|
|
|
|
|
|
|
|
workspace:
|
|
|
|
|
path: /go
|
|
|
|
|
|
|
|
|
|
clone:
|
|
|
|
|
disable: true
|
|
|
|
|
|
|
|
|
|
steps:
|
|
|
|
|
- name: Check out code
|
|
|
|
|
image: docker:git
|
|
|
|
|
environment:
|
|
|
|
|
GITHUB_PRIVATE_KEY:
|
|
|
|
|
from_secret: GITHUB_PRIVATE_KEY
|
|
|
|
|
commands:
|
|
|
|
|
- mkdir -p /go/src/github.com/gravitational/teleport
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
- git clone https://github.com/gravitational/teleport.git .
|
|
|
|
|
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
|
|
|
|
|
# fetch enterprise submodules
|
|
|
|
|
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa && chmod 600 /root/.ssh/id_rsa
|
|
|
|
|
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
|
|
|
|
|
- git submodule update --init e
|
2020-08-10 14:15:05 +00:00
|
|
|
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
|
2020-07-20 20:18:00 +00:00
|
|
|
- git submodule update --init --recursive webassets || true
|
|
|
|
|
- rm -f /root/.ssh/id_rsa
|
|
|
|
|
# create necessary directories
|
|
|
|
|
- mkdir -p /go/cache /go/artifacts
|
|
|
|
|
# set version
|
2020-08-10 14:15:05 +00:00
|
|
|
- if [[ "${DRONE_TAG}" != "" ]]; then echo "${DRONE_TAG##v}" > /go/.version.txt; else egrep ^VERSION Makefile | cut -d= -f2 > /go/.version.txt; fi; cat /go/.version.txt
|
2020-07-20 20:18:00 +00:00
|
|
|
|
|
|
|
|
- name: Build OSS/Enterprise Docker images
|
|
|
|
|
image: docker
|
|
|
|
|
environment:
|
|
|
|
|
UID: 1000
|
|
|
|
|
GID: 1000
|
|
|
|
|
GOPATH: /go
|
|
|
|
|
OS: linux
|
|
|
|
|
ARCH: amd64
|
|
|
|
|
settings:
|
|
|
|
|
username:
|
|
|
|
|
from_secret: PRODUCTION_QUAYIO_DOCKER_USERNAME
|
|
|
|
|
password:
|
|
|
|
|
from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
commands:
|
|
|
|
|
- apk add --no-cache make
|
|
|
|
|
- chown -R $UID:$GID /go
|
|
|
|
|
- docker login -u="$PLUGIN_USERNAME" -p="$PLUGIN_PASSWORD" quay.io
|
|
|
|
|
- docker pull quay.io/gravitational/teleport-buildbox:$RUNTIME || true
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
# TODO
|
|
|
|
|
# this should be changed to "make image publish" when we want to actually cut over
|
|
|
|
|
# to building public-facing Docker images using Drone
|
|
|
|
|
- make image
|
|
|
|
|
|
|
|
|
|
- name: Build FIPS Docker image
|
|
|
|
|
image: docker
|
|
|
|
|
environment:
|
|
|
|
|
UID: 1000
|
|
|
|
|
GID: 1000
|
|
|
|
|
GOPATH: /go
|
|
|
|
|
OS: linux
|
|
|
|
|
ARCH: amd64
|
|
|
|
|
settings:
|
|
|
|
|
username:
|
|
|
|
|
from_secret: PRODUCTION_QUAYIO_DOCKER_USERNAME
|
|
|
|
|
password:
|
|
|
|
|
from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
commands:
|
|
|
|
|
- apk add --no-cache make
|
|
|
|
|
- chown -R $UID:$GID /go
|
|
|
|
|
- docker login -u="$PLUGIN_USERNAME" -p="$PLUGIN_PASSWORD" quay.io
|
|
|
|
|
- docker pull quay.io/gravitational/teleport-buildbox:$RUNTIME || true
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
2020-08-13 17:28:09 +00:00
|
|
|
# VERSION needs to be set manually when running in the e directory.
|
|
|
|
|
# Normally, the version is set and exported by the root Makefile and then inherited,
|
|
|
|
|
# but this is not the case for FIPS builds (which only run in e/Makefile)
|
2020-07-20 20:18:00 +00:00
|
|
|
- export VERSION=$(cat /go/.version.txt)
|
|
|
|
|
# TODO
|
|
|
|
|
# this should be changed to "make -C e image-fips publish-fips" when we want to
|
|
|
|
|
# actually cut over to building public-facing Docker images using Drone
|
|
|
|
|
- make -C e image-fips
|
|
|
|
|
|
|
|
|
|
services:
|
|
|
|
|
- name: Start Docker
|
|
|
|
|
image: docker:dind
|
|
|
|
|
privileged: true
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
temp: {}
|
|
|
|
|
|
2020-08-10 12:51:26 +00:00
|
|
|
---
|
|
|
|
|
kind: pipeline
|
|
|
|
|
type: kubernetes
|
|
|
|
|
name: build-oss-amis
|
|
|
|
|
|
|
|
|
|
trigger:
|
|
|
|
|
event:
|
|
|
|
|
- tag
|
|
|
|
|
ref:
|
|
|
|
|
include:
|
|
|
|
|
- refs/tags/v*
|
|
|
|
|
repo:
|
|
|
|
|
include:
|
|
|
|
|
- gravitational/*
|
|
|
|
|
|
|
|
|
|
depends_on:
|
|
|
|
|
- test
|
|
|
|
|
- build-linux-amd64
|
|
|
|
|
|
|
|
|
|
workspace:
|
|
|
|
|
path: /go
|
|
|
|
|
|
|
|
|
|
clone:
|
|
|
|
|
disable: true
|
|
|
|
|
|
|
|
|
|
steps:
|
|
|
|
|
- name: Check out code
|
|
|
|
|
image: docker:git
|
|
|
|
|
commands:
|
|
|
|
|
- mkdir -p /go/src/github.com/gravitational/teleport
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
- git clone https://github.com/gravitational/teleport.git .
|
|
|
|
|
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
|
|
|
|
|
# set version
|
|
|
|
|
- if [[ "${DRONE_TAG}" != "" ]]; then echo "${DRONE_TAG##v}" > /go/.version.txt; else egrep ^VERSION Makefile | cut -d= -f2 > /go/.version.txt; fi; cat /go/.version.txt
|
|
|
|
|
|
|
|
|
|
- name: Download built tarball artifacts from S3
|
|
|
|
|
image: amazon/aws-cli
|
|
|
|
|
environment:
|
|
|
|
|
AWS_S3_BUCKET:
|
|
|
|
|
from_secret: AWS_S3_BUCKET
|
|
|
|
|
AWS_ACCESS_KEY_ID:
|
|
|
|
|
from_secret: AWS_ACCESS_KEY_ID
|
|
|
|
|
AWS_SECRET_ACCESS_KEY:
|
|
|
|
|
from_secret: AWS_SECRET_ACCESS_KEY
|
|
|
|
|
AWS_REGION: us-west-2
|
|
|
|
|
commands:
|
|
|
|
|
- export VERSION=$(cat /go/.version.txt)
|
|
|
|
|
- if [[ "${DRONE_TAG}" != "" ]]; then export S3_PATH="tag/$${DRONE_TAG##v}/"; else export S3_PATH="tag/"; fi
|
|
|
|
|
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-v$${VERSION}-linux-amd64-bin.tar.gz /go/src/github.com/gravitational/teleport/assets/aws/files
|
|
|
|
|
|
|
|
|
|
- name: Build OSS AMIs
|
|
|
|
|
image: hashicorp/packer
|
|
|
|
|
environment:
|
|
|
|
|
AWS_ACCESS_KEY_ID:
|
|
|
|
|
from_secret: AWS_PACKER_ACCESS_KEY_ID
|
|
|
|
|
AWS_SECRET_ACCESS_KEY:
|
|
|
|
|
from_secret: AWS_PACKER_SECRET_ACCESS_KEY
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
commands:
|
|
|
|
|
- apk add --no-cache aws-cli jq make
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport/assets/aws
|
|
|
|
|
- export TELEPORT_VERSION=$(cat /go/.version.txt)
|
|
|
|
|
- export PUBLIC_AMI_NAME=gravitational-teleport-ami-oss-$TELEPORT_VERSION
|
|
|
|
|
- export MARKETPLACE_AMI_NAME=gravitational-teleport-marketplace-ami-oss-$TELEPORT_VERSION
|
|
|
|
|
- |
|
|
|
|
|
if [ "${DRONE_BUILD_EVENT}" = "tag" ]; then
|
2020-08-31 21:01:48 +00:00
|
|
|
echo "---> Building production OSS AMIs"
|
2020-08-10 12:51:26 +00:00
|
|
|
make oss-ci-build
|
2020-08-31 21:01:48 +00:00
|
|
|
echo "---> Making OSS AMIs public"
|
2020-08-10 12:51:26 +00:00
|
|
|
make change-amis-to-public-oss
|
|
|
|
|
else
|
2020-08-31 21:01:48 +00:00
|
|
|
echo "---> Building debug OSS AMIs"
|
2020-08-10 12:51:26 +00:00
|
|
|
make oss
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
services:
|
|
|
|
|
- name: Start Docker
|
|
|
|
|
image: docker:dind
|
|
|
|
|
privileged: true
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
temp: {}
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
kind: pipeline
|
|
|
|
|
type: kubernetes
|
|
|
|
|
name: build-ent-amis
|
|
|
|
|
|
|
|
|
|
trigger:
|
|
|
|
|
event:
|
|
|
|
|
- tag
|
|
|
|
|
ref:
|
|
|
|
|
include:
|
|
|
|
|
- refs/tags/v*
|
|
|
|
|
repo:
|
|
|
|
|
include:
|
|
|
|
|
- gravitational/*
|
|
|
|
|
|
|
|
|
|
depends_on:
|
|
|
|
|
- test
|
|
|
|
|
- build-linux-amd64
|
|
|
|
|
- build-linux-amd64-fips
|
|
|
|
|
|
|
|
|
|
workspace:
|
|
|
|
|
path: /go
|
|
|
|
|
|
|
|
|
|
clone:
|
|
|
|
|
disable: true
|
|
|
|
|
|
|
|
|
|
steps:
|
|
|
|
|
- name: Check out code
|
|
|
|
|
image: docker:git
|
|
|
|
|
commands:
|
|
|
|
|
- mkdir -p /go/src/github.com/gravitational/teleport
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport
|
|
|
|
|
- git clone https://github.com/gravitational/teleport.git .
|
|
|
|
|
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
|
|
|
|
|
# set version
|
|
|
|
|
- if [[ "${DRONE_TAG}" != "" ]]; then echo "${DRONE_TAG##v}" > /go/.version.txt; else egrep ^VERSION Makefile | cut -d= -f2 > /go/.version.txt; fi; cat /go/.version.txt
|
|
|
|
|
|
|
|
|
|
- name: Download built tarball artifacts from S3
|
|
|
|
|
image: amazon/aws-cli
|
|
|
|
|
environment:
|
|
|
|
|
AWS_S3_BUCKET:
|
|
|
|
|
from_secret: AWS_S3_BUCKET
|
|
|
|
|
AWS_ACCESS_KEY_ID:
|
|
|
|
|
from_secret: AWS_ACCESS_KEY_ID
|
|
|
|
|
AWS_SECRET_ACCESS_KEY:
|
|
|
|
|
from_secret: AWS_SECRET_ACCESS_KEY
|
|
|
|
|
AWS_REGION: us-west-2
|
|
|
|
|
commands:
|
|
|
|
|
- export VERSION=$(cat /go/.version.txt)
|
|
|
|
|
- if [[ "${DRONE_TAG}" != "" ]]; then export S3_PATH="tag/$${DRONE_TAG##v}/"; else export S3_PATH="tag/"; fi
|
|
|
|
|
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-ent-v$${VERSION}-linux-amd64-bin.tar.gz /go/src/github.com/gravitational/teleport/assets/aws/files
|
|
|
|
|
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-ent-v$${VERSION}-linux-amd64-fips-bin.tar.gz /go/src/github.com/gravitational/teleport/assets/aws/files
|
|
|
|
|
|
|
|
|
|
- name: Build Enterprise AMIs
|
|
|
|
|
image: hashicorp/packer
|
|
|
|
|
environment:
|
|
|
|
|
AWS_ACCESS_KEY_ID:
|
|
|
|
|
from_secret: AWS_PACKER_ACCESS_KEY_ID
|
|
|
|
|
AWS_SECRET_ACCESS_KEY:
|
|
|
|
|
from_secret: AWS_PACKER_SECRET_ACCESS_KEY
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
commands:
|
|
|
|
|
- apk add --no-cache aws-cli jq make
|
|
|
|
|
- cd /go/src/github.com/gravitational/teleport/assets/aws
|
|
|
|
|
- export TELEPORT_VERSION=$(cat /go/.version.txt)
|
|
|
|
|
- export PUBLIC_AMI_NAME=gravitational-teleport-ami-ent-$TELEPORT_VERSION
|
2020-08-17 14:11:45 +00:00
|
|
|
- export FIPS_AMI_NAME=gravitational-teleport-ami-ent-$TELEPORT_VERSION-fips
|
2020-08-10 12:51:26 +00:00
|
|
|
- export MARKETPLACE_AMI_NAME=gravitational-teleport-marketplace-ami-ent-$TELEPORT_VERSION
|
|
|
|
|
- |
|
|
|
|
|
if [ "${DRONE_BUILD_EVENT}" = "tag" ]; then
|
2020-08-31 21:01:48 +00:00
|
|
|
echo "---> Building production Enterprise AMIs"
|
2020-08-10 12:51:26 +00:00
|
|
|
make ent-ci-build
|
2020-08-31 21:01:48 +00:00
|
|
|
echo "---> Making Enterprise AMIs public"
|
2020-08-10 12:51:26 +00:00
|
|
|
make change-amis-to-public-ent
|
2020-08-31 21:01:48 +00:00
|
|
|
echo "---> Making Enterprise FIPS AMIs public"
|
2020-08-10 12:51:26 +00:00
|
|
|
make change-amis-to-public-ent-fips
|
|
|
|
|
else
|
2020-08-31 21:01:48 +00:00
|
|
|
echo "---> Building debug Enterprise AMIs"
|
2020-08-10 12:51:26 +00:00
|
|
|
make ent
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
services:
|
|
|
|
|
- name: Start Docker
|
|
|
|
|
image: docker:dind
|
|
|
|
|
privileged: true
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
temp: {}
|
|
|
|
|
|
2020-07-17 00:43:18 +00:00
|
|
|
---
|
|
|
|
|
kind: pipeline
|
|
|
|
|
type: kubernetes
|
|
|
|
|
name: build-buildboxes
|
|
|
|
|
|
|
|
|
|
environment:
|
|
|
|
|
RUNTIME: go1.14.4
|
|
|
|
|
UID: 1000
|
|
|
|
|
GID: 1000
|
|
|
|
|
|
|
|
|
|
trigger:
|
|
|
|
|
branch:
|
|
|
|
|
- master
|
|
|
|
|
event:
|
|
|
|
|
- push
|
2020-07-24 23:37:14 +00:00
|
|
|
repo:
|
|
|
|
|
include:
|
|
|
|
|
- gravitational/*
|
2020-07-17 00:43:18 +00:00
|
|
|
|
|
|
|
|
workspace:
|
|
|
|
|
path: /go/src/github.com/gravitational/teleport
|
|
|
|
|
|
|
|
|
|
clone:
|
|
|
|
|
disable: true
|
|
|
|
|
|
|
|
|
|
steps:
|
|
|
|
|
- name: Check out code
|
|
|
|
|
image: docker:git
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
commands:
|
|
|
|
|
- git clone https://github.com/gravitational/teleport.git .
|
2020-08-10 14:15:05 +00:00
|
|
|
- git checkout ${DRONE_COMMIT}
|
2020-07-17 00:43:18 +00:00
|
|
|
|
|
|
|
|
- name: Build and push buildbox container
|
|
|
|
|
image: docker
|
|
|
|
|
environment:
|
|
|
|
|
QUAYIO_DOCKER_USERNAME:
|
|
|
|
|
from_secret: QUAYIO_DOCKER_USERNAME
|
|
|
|
|
QUAYIO_DOCKER_PASSWORD:
|
|
|
|
|
from_secret: QUAYIO_DOCKER_PASSWORD
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
commands:
|
|
|
|
|
- apk add --no-cache make
|
|
|
|
|
- chown -R $UID:$GID /go
|
|
|
|
|
- docker login -u="$QUAYIO_DOCKER_USERNAME" -p="$QUAYIO_DOCKER_PASSWORD" quay.io
|
|
|
|
|
- docker pull quay.io/gravitational/teleport-buildbox:$RUNTIME || true
|
|
|
|
|
- make -C build.assets buildbox
|
|
|
|
|
- docker push quay.io/gravitational/teleport-buildbox:$RUNTIME
|
|
|
|
|
|
|
|
|
|
- name: Build and push buildbox-fips container
|
|
|
|
|
image: docker
|
|
|
|
|
environment:
|
|
|
|
|
QUAYIO_DOCKER_USERNAME:
|
|
|
|
|
from_secret: QUAYIO_DOCKER_USERNAME
|
|
|
|
|
QUAYIO_DOCKER_PASSWORD:
|
|
|
|
|
from_secret: QUAYIO_DOCKER_PASSWORD
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
commands:
|
|
|
|
|
- apk add --no-cache make
|
|
|
|
|
- chown -R $UID:$GID /go
|
|
|
|
|
- docker login -u="$QUAYIO_DOCKER_USERNAME" -p="$QUAYIO_DOCKER_PASSWORD" quay.io
|
|
|
|
|
- docker pull quay.io/gravitational/teleport-buildbox-fips:$RUNTIME || true
|
|
|
|
|
- make -C build.assets buildbox-fips
|
|
|
|
|
- docker push quay.io/gravitational/teleport-buildbox-fips:$RUNTIME
|
|
|
|
|
|
|
|
|
|
- name: Build and push buildbox-centos6 container
|
|
|
|
|
image: docker
|
|
|
|
|
environment:
|
|
|
|
|
QUAYIO_DOCKER_USERNAME:
|
|
|
|
|
from_secret: QUAYIO_DOCKER_USERNAME
|
|
|
|
|
QUAYIO_DOCKER_PASSWORD:
|
|
|
|
|
from_secret: QUAYIO_DOCKER_PASSWORD
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
commands:
|
|
|
|
|
- apk add --no-cache make
|
|
|
|
|
- chown -R $UID:$GID /go
|
|
|
|
|
- docker login -u="$QUAYIO_DOCKER_USERNAME" -p="$QUAYIO_DOCKER_PASSWORD" quay.io
|
|
|
|
|
- docker pull quay.io/gravitational/teleport-buildbox-centos6:$RUNTIME || true
|
|
|
|
|
- make -C build.assets buildbox-centos6
|
|
|
|
|
- docker push quay.io/gravitational/teleport-buildbox-centos6:$RUNTIME
|
|
|
|
|
|
|
|
|
|
- name: Build and push buildbox-centos6-fips container
|
|
|
|
|
image: docker
|
2020-06-25 17:29:10 +00:00
|
|
|
environment:
|
|
|
|
|
QUAYIO_DOCKER_USERNAME:
|
|
|
|
|
from_secret: QUAYIO_DOCKER_USERNAME
|
|
|
|
|
QUAYIO_DOCKER_PASSWORD:
|
|
|
|
|
from_secret: QUAYIO_DOCKER_PASSWORD
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
commands:
|
2020-07-09 01:46:11 +00:00
|
|
|
- apk add --no-cache make
|
2020-06-25 17:29:10 +00:00
|
|
|
- chown -R $UID:$GID /go
|
2020-07-09 01:46:11 +00:00
|
|
|
- docker login -u="$QUAYIO_DOCKER_USERNAME" -p="$QUAYIO_DOCKER_PASSWORD" quay.io
|
2020-06-25 17:29:10 +00:00
|
|
|
- docker pull quay.io/gravitational/teleport-buildbox-centos6-fips:$RUNTIME || true
|
2020-07-09 01:46:11 +00:00
|
|
|
- make -C build.assets buildbox-centos6-fips
|
2020-06-25 17:29:10 +00:00
|
|
|
- docker push quay.io/gravitational/teleport-buildbox-centos6-fips:$RUNTIME
|
|
|
|
|
|
|
|
|
|
services:
|
|
|
|
|
- name: Start Docker
|
|
|
|
|
image: docker:dind
|
|
|
|
|
privileged: true
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
path: /var/run
|
|
|
|
|
|
|
|
|
|
volumes:
|
|
|
|
|
- name: dockersock
|
|
|
|
|
temp: {}
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
kind: pipeline
|
|
|
|
|
type: kubernetes
|
2020-07-17 00:43:18 +00:00
|
|
|
name: promote-artifacts
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
trigger:
|
|
|
|
|
event:
|
|
|
|
|
- promote
|
|
|
|
|
target:
|
|
|
|
|
- production
|
2020-07-24 23:37:14 +00:00
|
|
|
repo:
|
|
|
|
|
include:
|
|
|
|
|
- gravitational/*
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
workspace:
|
|
|
|
|
path: /go/src/github.com/gravitational/teleport
|
|
|
|
|
|
|
|
|
|
clone:
|
|
|
|
|
disable: true
|
|
|
|
|
|
|
|
|
|
steps:
|
2020-07-17 00:43:18 +00:00
|
|
|
- name: Download artifacts from S3 artifact publishing bucket
|
2020-06-25 17:29:10 +00:00
|
|
|
image: amazon/aws-cli
|
|
|
|
|
environment:
|
|
|
|
|
AWS_S3_BUCKET:
|
|
|
|
|
from_secret: AWS_S3_BUCKET
|
|
|
|
|
AWS_ACCESS_KEY_ID:
|
|
|
|
|
from_secret: AWS_ACCESS_KEY_ID
|
|
|
|
|
AWS_SECRET_ACCESS_KEY:
|
|
|
|
|
from_secret: AWS_SECRET_ACCESS_KEY
|
|
|
|
|
AWS_REGION: us-west-2
|
|
|
|
|
commands:
|
2020-08-10 14:15:05 +00:00
|
|
|
- aws s3 sync s3://$AWS_S3_BUCKET/teleport/tag/${DRONE_TAG##v}/ .
|
2020-06-25 17:29:10 +00:00
|
|
|
|
2020-07-17 00:43:18 +00:00
|
|
|
- name: Upload artifacts to production S3 bucket with public read access
|
2020-06-25 17:29:10 +00:00
|
|
|
image: plugins/s3
|
|
|
|
|
settings:
|
|
|
|
|
bucket:
|
|
|
|
|
from_secret: PRODUCTION_AWS_S3_BUCKET
|
|
|
|
|
access_key:
|
|
|
|
|
from_secret: PRODUCTION_AWS_ACCESS_KEY_ID
|
|
|
|
|
secret_key:
|
|
|
|
|
from_secret: PRODUCTION_AWS_SECRET_ACCESS_KEY
|
|
|
|
|
region: us-east-1
|
|
|
|
|
acl: public-read
|
|
|
|
|
source: /go/src/github.com/gravitational/teleport/*
|
2020-08-10 14:15:05 +00:00
|
|
|
target: teleport/${DRONE_TAG##v}/
|
2020-06-25 17:29:10 +00:00
|
|
|
strip_prefix: /go/src/github.com/gravitational/teleport/
|
|
|
|
|
|
|
|
|
|
---
|
|
|
|
|
kind: signature
|
2020-09-01 17:28:47 +00:00
|
|
|
hmac: bcd363559f085905edc708b7ea225610da0cba0568ee70f8e1417e51013b4c9f
|
2020-06-25 17:29:10 +00:00
|
|
|
|
|
|
|
|
...
|
