2021-01-15 21:08:07 +00:00
---
2022-03-04 04:14:50 +00:00
kind : pipeline
type : kubernetes
name : update-docs-webhook
trigger :
event :
include :
- push
exclude :
- pull_request
branch :
include :
- master
- branch/*
repo :
include :
- gravitational/teleport
clone :
disable : true
steps :
- name : Trigger docs deployment
image : plugins/webhook
settings :
urls :
from_secret : DOCS_DEPLOY_HOOK
---
2021-03-23 01:32:45 +00:00
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/push.go (main.pushPipeline)
2021-03-23 01:32:45 +00:00
################################################
2021-01-15 21:08:07 +00:00
kind : pipeline
type : kubernetes
name : push-build-linux-amd64
environment :
2022-06-16 03:05:54 +00:00
BUILDBOX_VERSION : teleport11
2021-03-23 01:32:45 +00:00
GID : "1000"
2022-09-19 17:31:51 +00:00
RUNTIME : go1.19.1
2021-03-23 01:32:45 +00:00
UID : "1000"
2021-01-15 21:08:07 +00:00
trigger :
event :
include :
2021-03-23 01:32:45 +00:00
- push
2021-01-15 21:08:07 +00:00
exclude :
2021-03-23 01:32:45 +00:00
- pull_request
2021-01-15 21:08:07 +00:00
repo :
include :
2021-03-23 01:32:45 +00:00
- gravitational/*
branch :
include :
- master
- branch/*
2021-01-15 21:08:07 +00:00
workspace :
path : /go
clone :
disable : true
steps :
2021-03-23 01:32:45 +00:00
- name : Check out code
image : docker:git
commands :
2022-08-23 19:57:22 +00:00
- mkdir -p /go/src/github.com/gravitational/webapps
2021-03-23 01:32:45 +00:00
- mkdir -p /go/src/github.com/gravitational/teleport /go/cache
- cd /go/src/github.com/gravitational/teleport
- git init && git remote add origin ${DRONE_REMOTE_URL}
- git fetch origin
- git checkout -qf ${DRONE_COMMIT_SHA}
- git submodule update --init webassets || true
- mkdir -m 0700 /root/.ssh && echo "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa &&
chmod 600 /root/.ssh/id_rsa
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
- git submodule update --init e
- git submodule update --init --recursive webassets || true
2022-08-23 20:52:56 +00:00
- cd /go/src/github.com/gravitational/webapps
- git clone https://github.com/gravitational/webapps.git .
- git checkout "$(/go/src/github.com/gravitational/teleport/build.assets/webapps/webapps-version.sh)"
- git submodule update --init packages/webapps.e
- cd -
2021-03-23 01:32:45 +00:00
- rm -f /root/.ssh/id_rsa
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
2021-03-31 20:41:51 +00:00
- name : Wait for docker
image : docker
commands :
- timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done'
volumes :
- name : dockersock
path : /var/run
2021-03-23 01:32:45 +00:00
- name : Build artifacts
image : docker
commands :
- apk add --no-cache make
- chown -R $UID:$GID /go
- cd /go/src/github.com/gravitational/teleport
2022-08-23 19:57:22 +00:00
- export VERSION=$(cat /go/.version.txt)
2022-07-02 02:11:37 +00:00
- make -C build.assets release-amd64-centos7
2022-08-23 19:57:22 +00:00
- make -C build.assets teleterm
2021-03-23 01:32:45 +00:00
environment :
ARCH : amd64
GID : "1000"
2021-06-14 20:29:32 +00:00
GOCACHE : /go/cache
2021-03-23 01:32:45 +00:00
GOPATH : /go
OS : linux
UID : "1000"
volumes :
- name : dockersock
path : /var/run
- name : Send Slack notification
image : plugins/slack
settings :
webhook :
from_secret : SLACK_WEBHOOK_DEV_TELEPORT
template :
- |
*{{#success build.status}}✔{{ else }}✘{{/success}} {{ uppercasefirst build.status }}: Build #{{ build.number }}* (type: `{{ build.event }}`)
`${DRONE_STAGE_NAME}` artifact build failed.
*Warning:* This is a genuine failure to build the Teleport binary from `{{ build.branch }}` (likely due to a bad merge or commit) and should be investigated immediately.
Commit : <https://github.com/{{ repo.owner }}/{{ repo.name }}/commit/{{ build.commit }}|{{ truncate build.commit 8 }}>
Branch : <https://github.com/{{ repo.owner }}/{{ repo.name }}/commits/{{ build.branch }}|{{ repo.owner }}/{{ repo.name }}:{{ build.branch }}>
Author : <https://github.com/{{ build.author }}|{{ build.author }}>
<{{ build.link }}|Visit Drone build page ↗>
when :
status :
- failure
2021-01-15 21:08:07 +00:00
services :
2021-03-23 01:32:45 +00:00
- name : Start Docker
2021-06-14 20:29:32 +00:00
image : docker:dind
2021-06-21 17:02:30 +00:00
privileged : true
2021-03-23 01:32:45 +00:00
volumes :
2021-01-15 21:08:07 +00:00
- name : dockersock
2021-03-23 01:32:45 +00:00
path : /var/run
volumes :
- name : dockersock
temp : {}
2021-01-15 21:08:07 +00:00
---
2021-03-23 01:32:45 +00:00
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/push.go (main.pushPipeline)
2021-03-23 01:32:45 +00:00
################################################
2021-01-15 21:08:07 +00:00
kind : pipeline
type : kubernetes
2021-03-12 01:29:48 +00:00
name : push-build-linux-386
2021-01-15 21:08:07 +00:00
environment :
2022-06-16 03:05:54 +00:00
BUILDBOX_VERSION : teleport11
2021-03-23 01:32:45 +00:00
GID : "1000"
2022-09-19 17:31:51 +00:00
RUNTIME : go1.19.1
2021-03-23 01:32:45 +00:00
UID : "1000"
2021-01-15 21:08:07 +00:00
trigger :
event :
include :
2021-03-23 01:32:45 +00:00
- push
2021-01-15 21:08:07 +00:00
exclude :
2021-03-23 01:32:45 +00:00
- pull_request
2021-01-15 21:08:07 +00:00
repo :
include :
2021-03-23 01:32:45 +00:00
- gravitational/*
branch :
include :
- master
- branch/*
2021-01-15 21:08:07 +00:00
workspace :
path : /go
clone :
disable : true
steps :
2021-03-23 01:32:45 +00:00
- name : Check out code
image : docker:git
commands :
- mkdir -p /go/src/github.com/gravitational/teleport /go/cache
- cd /go/src/github.com/gravitational/teleport
- git init && git remote add origin ${DRONE_REMOTE_URL}
- git fetch origin
- git checkout -qf ${DRONE_COMMIT_SHA}
- git submodule update --init webassets || true
- mkdir -m 0700 /root/.ssh && echo "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa &&
chmod 600 /root/.ssh/id_rsa
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
- git submodule update --init e
- git submodule update --init --recursive webassets || true
- rm -f /root/.ssh/id_rsa
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
2021-03-31 20:41:51 +00:00
- name : Wait for docker
image : docker
commands :
- timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done'
volumes :
- name : dockersock
path : /var/run
2021-03-23 01:32:45 +00:00
- name : Build artifacts
image : docker
commands :
- apk add --no-cache make
- chown -R $UID:$GID /go
- cd /go/src/github.com/gravitational/teleport
- make -C build.assets release-386
environment :
ARCH : "386"
GID : "1000"
2021-06-14 20:29:32 +00:00
GOCACHE : /go/cache
2021-03-23 01:32:45 +00:00
GOPATH : /go
OS : linux
UID : "1000"
volumes :
- name : dockersock
path : /var/run
- name : Send Slack notification
image : plugins/slack
settings :
webhook :
from_secret : SLACK_WEBHOOK_DEV_TELEPORT
template :
- |
*{{#success build.status}}✔{{ else }}✘{{/success}} {{ uppercasefirst build.status }}: Build #{{ build.number }}* (type: `{{ build.event }}`)
`${DRONE_STAGE_NAME}` artifact build failed.
*Warning:* This is a genuine failure to build the Teleport binary from `{{ build.branch }}` (likely due to a bad merge or commit) and should be investigated immediately.
Commit : <https://github.com/{{ repo.owner }}/{{ repo.name }}/commit/{{ build.commit }}|{{ truncate build.commit 8 }}>
Branch : <https://github.com/{{ repo.owner }}/{{ repo.name }}/commits/{{ build.branch }}|{{ repo.owner }}/{{ repo.name }}:{{ build.branch }}>
Author : <https://github.com/{{ build.author }}|{{ build.author }}>
<{{ build.link }}|Visit Drone build page ↗>
when :
status :
- failure
2021-01-15 21:08:07 +00:00
services :
2021-03-23 01:32:45 +00:00
- name : Start Docker
2021-06-14 20:29:32 +00:00
image : docker:dind
2021-06-21 17:02:30 +00:00
privileged : true
2021-03-23 01:32:45 +00:00
volumes :
2021-01-15 21:08:07 +00:00
- name : dockersock
2021-03-23 01:32:45 +00:00
path : /var/run
volumes :
- name : dockersock
temp : {}
2021-01-15 21:08:07 +00:00
---
2021-03-23 01:32:45 +00:00
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/push.go (main.pushPipeline)
2021-03-23 01:32:45 +00:00
################################################
2021-01-15 21:08:07 +00:00
kind : pipeline
type : kubernetes
name : push-build-linux-amd64-fips
2020-10-15 02:39:06 +00:00
environment :
2022-06-16 03:05:54 +00:00
BUILDBOX_VERSION : teleport11
2021-03-23 01:32:45 +00:00
GID : "1000"
2022-09-19 17:31:51 +00:00
RUNTIME : go1.19.1
2021-03-23 01:32:45 +00:00
UID : "1000"
2020-10-15 02:39:06 +00:00
trigger :
event :
include :
2021-03-23 01:32:45 +00:00
- push
2020-10-15 02:39:06 +00:00
exclude :
2021-03-23 01:32:45 +00:00
- pull_request
2020-10-15 02:39:06 +00:00
repo :
include :
2021-03-23 01:32:45 +00:00
- gravitational/*
branch :
include :
- master
- branch/*
2020-10-15 02:39:06 +00:00
workspace :
path : /go
clone :
disable : true
steps :
2021-03-23 01:32:45 +00:00
- name : Check out code
image : docker:git
commands :
- mkdir -p /go/src/github.com/gravitational/teleport /go/cache
- cd /go/src/github.com/gravitational/teleport
- git init && git remote add origin ${DRONE_REMOTE_URL}
- git fetch origin
- git checkout -qf ${DRONE_COMMIT_SHA}
- git submodule update --init webassets || true
- mkdir -m 0700 /root/.ssh && echo "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa &&
chmod 600 /root/.ssh/id_rsa
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
- git submodule update --init e
- git submodule update --init --recursive webassets || true
- rm -f /root/.ssh/id_rsa
- if [[ "${DRONE_TAG}" != "" ]]; then echo "${DRONE_TAG##v}" > /go/.version.txt;
else egrep ^VERSION Makefile | cut -d= -f2 > /go/.version.txt; fi; cat /go/.version.txt
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
2021-03-31 20:41:51 +00:00
- name : Wait for docker
image : docker
commands :
- timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done'
volumes :
- name : dockersock
path : /var/run
2021-03-23 01:32:45 +00:00
- name : Build artifacts
image : docker
commands :
- apk add --no-cache make
- chown -R $UID:$GID /go
- cd /go/src/github.com/gravitational/teleport
- export VERSION=$(cat /go/.version.txt)
2022-07-02 02:11:37 +00:00
- make -C build.assets release-amd64-centos7-fips
2021-03-23 01:32:45 +00:00
environment :
ARCH : amd64
FIPS : "yes"
GID : "1000"
2021-06-14 20:29:32 +00:00
GOCACHE : /go/cache
2021-03-23 01:32:45 +00:00
GOPATH : /go
OS : linux
UID : "1000"
volumes :
- name : dockersock
path : /var/run
- name : Send Slack notification
image : plugins/slack
settings :
webhook :
from_secret : SLACK_WEBHOOK_DEV_TELEPORT
template :
- |
*{{#success build.status}}✔{{ else }}✘{{/success}} {{ uppercasefirst build.status }}: Build #{{ build.number }}* (type: `{{ build.event }}`)
`${DRONE_STAGE_NAME}` artifact build failed.
*Warning:* This is a genuine failure to build the Teleport binary from `{{ build.branch }}` (likely due to a bad merge or commit) and should be investigated immediately.
Commit : <https://github.com/{{ repo.owner }}/{{ repo.name }}/commit/{{ build.commit }}|{{ truncate build.commit 8 }}>
Branch : <https://github.com/{{ repo.owner }}/{{ repo.name }}/commits/{{ build.branch }}|{{ repo.owner }}/{{ repo.name }}:{{ build.branch }}>
Author : <https://github.com/{{ build.author }}|{{ build.author }}>
<{{ build.link }}|Visit Drone build page ↗>
when :
status :
- failure
2021-01-15 21:08:07 +00:00
services :
2021-03-23 01:32:45 +00:00
- name : Start Docker
2021-06-14 20:29:32 +00:00
image : docker:dind
2021-06-21 17:02:30 +00:00
privileged : true
2021-03-23 01:32:45 +00:00
volumes :
2021-01-15 21:08:07 +00:00
- name : dockersock
2021-03-23 01:32:45 +00:00
path : /var/run
volumes :
- name : dockersock
temp : {}
2021-01-15 21:08:07 +00:00
---
2021-03-23 01:32:45 +00:00
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/push.go (main.pushPipeline)
2021-03-23 01:32:45 +00:00
################################################
2021-01-15 21:08:07 +00:00
kind : pipeline
type : kubernetes
name : push-build-windows-amd64
environment :
2022-06-16 03:05:54 +00:00
BUILDBOX_VERSION : teleport11
2021-03-23 01:32:45 +00:00
GID : "1000"
2022-09-19 17:31:51 +00:00
RUNTIME : go1.19.1
2021-03-23 01:32:45 +00:00
UID : "1000"
2021-01-15 21:08:07 +00:00
trigger :
event :
include :
2021-03-23 01:32:45 +00:00
- push
2021-01-15 21:08:07 +00:00
exclude :
2021-03-23 01:32:45 +00:00
- pull_request
2021-01-15 21:08:07 +00:00
repo :
include :
2021-03-23 01:32:45 +00:00
- gravitational/*
branch :
include :
- master
- branch/*
2021-01-15 21:08:07 +00:00
workspace :
path : /go
clone :
disable : true
steps :
2021-03-23 01:32:45 +00:00
- name : Check out code
image : docker:git
commands :
- mkdir -p /go/src/github.com/gravitational/teleport /go/cache
- cd /go/src/github.com/gravitational/teleport
- git init && git remote add origin ${DRONE_REMOTE_URL}
- git fetch origin
- git checkout -qf ${DRONE_COMMIT_SHA}
- git submodule update --init webassets || true
- mkdir -m 0700 /root/.ssh && echo "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa &&
chmod 600 /root/.ssh/id_rsa
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
- git submodule update --init e
- git submodule update --init --recursive webassets || true
- rm -f /root/.ssh/id_rsa
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
2021-03-31 20:41:51 +00:00
- name : Wait for docker
image : docker
commands :
- timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done'
volumes :
- name : dockersock
path : /var/run
2021-03-23 01:32:45 +00:00
- name : Build artifacts
image : docker
commands :
- apk add --no-cache make
- chown -R $UID:$GID /go
- cd /go/src/github.com/gravitational/teleport
2021-09-02 23:42:57 +00:00
- make -C build.assets release-windows-unsigned
2021-03-23 01:32:45 +00:00
environment :
ARCH : amd64
GID : "1000"
2021-06-14 20:29:32 +00:00
GOCACHE : /go/cache
2021-03-23 01:32:45 +00:00
GOPATH : /go
OS : windows
UID : "1000"
volumes :
- name : dockersock
path : /var/run
- name : Send Slack notification
image : plugins/slack
settings :
webhook :
from_secret : SLACK_WEBHOOK_DEV_TELEPORT
template :
- |
*{{#success build.status}}✔{{ else }}✘{{/success}} {{ uppercasefirst build.status }}: Build #{{ build.number }}* (type: `{{ build.event }}`)
`${DRONE_STAGE_NAME}` artifact build failed.
*Warning:* This is a genuine failure to build the Teleport binary from `{{ build.branch }}` (likely due to a bad merge or commit) and should be investigated immediately.
Commit : <https://github.com/{{ repo.owner }}/{{ repo.name }}/commit/{{ build.commit }}|{{ truncate build.commit 8 }}>
Branch : <https://github.com/{{ repo.owner }}/{{ repo.name }}/commits/{{ build.branch }}|{{ repo.owner }}/{{ repo.name }}:{{ build.branch }}>
Author : <https://github.com/{{ build.author }}|{{ build.author }}>
<{{ build.link }}|Visit Drone build page ↗>
when :
status :
- failure
2020-10-15 02:39:06 +00:00
services :
2021-03-23 01:32:45 +00:00
- name : Start Docker
2021-06-14 20:29:32 +00:00
image : docker:dind
2021-06-21 17:02:30 +00:00
privileged : true
2021-03-23 01:32:45 +00:00
volumes :
2020-10-15 02:39:06 +00:00
- name : dockersock
2021-03-23 01:32:45 +00:00
path : /var/run
volumes :
- name : dockersock
temp : {}
2020-10-15 02:39:06 +00:00
2020-06-25 17:29:10 +00:00
---
2021-08-18 11:28:59 +00:00
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/mac.go (main.newDarwinPipeline)
2021-08-18 11:28:59 +00:00
################################################
2020-06-25 17:29:10 +00:00
kind : pipeline
2021-01-15 21:08:07 +00:00
type : exec
name : push-build-darwin-amd64
trigger :
event :
include :
2021-08-18 11:28:59 +00:00
- push
2021-01-15 21:08:07 +00:00
exclude :
2021-08-18 11:28:59 +00:00
- pull_request
2021-01-15 21:08:07 +00:00
repo :
include :
2021-08-18 11:28:59 +00:00
- gravitational/*
branch :
include :
- master
- branch/*
2021-01-15 21:08:07 +00:00
workspace :
path : /tmp/push-build-darwin-amd64
2021-08-18 11:28:59 +00:00
platform :
os : darwin
arch : amd64
2021-01-15 21:08:07 +00:00
clone :
disable : true
2021-08-18 11:28:59 +00:00
concurrency :
limit : 1
2021-01-15 21:08:07 +00:00
steps :
2021-08-18 11:28:59 +00:00
- name : Set up exec runner storage
commands :
- set -u
- mkdir -p $WORKSPACE_DIR
- chmod -R u+rw $WORKSPACE_DIR
- rm -rf $WORKSPACE_DIR/go $WORKSPACE_DIR/.ssh
environment :
WORKSPACE_DIR : /tmp/push-build-darwin-amd64
- name : Check out code
commands :
- set -u
- mkdir -p $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
- cd $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
- git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
2022-06-03 02:19:42 +00:00
- mkdir -p $WORKSPACE_DIR/go/src/github.com/gravitational/webapps
- cd $WORKSPACE_DIR/go/src/github.com/gravitational/webapps
- git clone https://github.com/gravitational/webapps.git .
2022-08-23 19:57:22 +00:00
- git checkout $($WORKSPACE_DIR/go/src/github.com/gravitational/teleport/build.assets/webapps/webapps-version.sh)
2022-06-03 02:19:42 +00:00
- cd $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
2021-08-18 11:28:59 +00:00
- mkdir -m 0700 $WORKSPACE_DIR/.ssh && echo "$GITHUB_PRIVATE_KEY" > $WORKSPACE_DIR/.ssh/id_rsa
&& chmod 600 $WORKSPACE_DIR/.ssh/id_rsa
- ssh-keyscan -H github.com > $WORKSPACE_DIR/.ssh/known_hosts 2>/dev/null
- chmod 600 $WORKSPACE_DIR/.ssh/known_hosts
- GIT_SSH_COMMAND='ssh -i $WORKSPACE_DIR/.ssh/id_rsa -o UserKnownHostsFile=$WORKSPACE_DIR/.ssh/known_hosts
-F /dev/null' git submodule update --init e
- GIT_SSH_COMMAND='ssh -i $WORKSPACE_DIR/.ssh/id_rsa -o UserKnownHostsFile=$WORKSPACE_DIR/.ssh/known_hosts
-F /dev/null' git submodule update --init --recursive webassets || true
- rm -rf $WORKSPACE_DIR/.ssh
- mkdir -p $WORKSPACE_DIR/go/cache
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
WORKSPACE_DIR : /tmp/push-build-darwin-amd64
2021-10-29 16:02:58 +00:00
- name : Install Go Toolchain
commands :
- set -u
2022-06-03 02:19:42 +00:00
- mkdir -p /tmp/build-$DRONE_BUILD_NUMBER-$DRONE_BUILD_CREATED/toolchains
2021-10-29 16:02:58 +00:00
- curl --silent -O https://dl.google.com/go/$RUNTIME.darwin-amd64.tar.gz
2022-06-03 02:19:42 +00:00
- tar -C /tmp/build-$DRONE_BUILD_NUMBER-$DRONE_BUILD_CREATED/toolchains -xzf $RUNTIME.darwin-amd64.tar.gz
2021-10-29 16:02:58 +00:00
- rm -rf $RUNTIME.darwin-amd64.tar.gz
environment :
2022-09-19 17:31:51 +00:00
RUNTIME : go1.19.1
2021-10-29 16:02:58 +00:00
- name : Install Rust Toolchain
commands :
- set -u
2022-06-03 02:19:42 +00:00
- export PATH=/Users/$(whoami)/.cargo/bin:$PATH
- mkdir -p /tmp/build-$DRONE_BUILD_NUMBER-$DRONE_BUILD_CREATED/toolchains
2021-12-01 01:39:24 +00:00
- export RUST_VERSION=$(make -C $WORKSPACE_DIR/go/src/github.com/gravitational/teleport/build.assets
print-rust-version)
2022-06-03 02:19:42 +00:00
- export CARGO_HOME=/tmp/build-$DRONE_BUILD_NUMBER-$DRONE_BUILD_CREATED/toolchains/cargo
2021-10-29 16:02:58 +00:00
- export RUST_HOME=$CARGO_HOME
2022-06-03 02:19:42 +00:00
- export RUSTUP_HOME=/tmp/build-$DRONE_BUILD_NUMBER-$DRONE_BUILD_CREATED/toolchains/rustup
2021-10-29 16:02:58 +00:00
- rustup toolchain install $RUST_VERSION
environment :
WORKSPACE_DIR : /tmp/push-build-darwin-amd64
2022-06-03 02:19:42 +00:00
- name : Install Node Toolchain
commands :
- set -u
- export NODE_VERSION=$(make -C $WORKSPACE_DIR/go/src/github.com/gravitational/teleport/build.assets
print-node-version)
- export TOOLCHAIN_DIR=/tmp/build-$DRONE_BUILD_NUMBER-$DRONE_BUILD_CREATED/toolchains
- export NODE_DIR=$TOOLCHAIN_DIR/node-v$NODE_VERSION-darwin-x64
- mkdir -p $TOOLCHAIN_DIR
- curl --silent -O https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-darwin-x64.tar.gz
- tar -C $TOOLCHAIN_DIR -xzf node-v$NODE_VERSION-darwin-x64.tar.gz
- rm -f node-v$NODE_VERSION-darwin-x64.tar.gz
- export PATH=$NODE_DIR/bin:$PATH
- corepack enable yarn
- echo Node reporting version $(node --version)
- echo Yarn reporting version $(yarn --version)
environment :
WORKSPACE_DIR : /tmp/push-build-darwin-amd64
2022-08-24 14:38:42 +00:00
- name : Build Mac artifacts (binaries and Teleport Connect)
2021-08-18 11:28:59 +00:00
commands :
- set -u
2022-06-03 02:19:42 +00:00
- export HOME=/Users/$(whoami)
- export TOOLCHAIN_DIR=/tmp/build-$DRONE_BUILD_NUMBER-$DRONE_BUILD_CREATED/toolchains
- export NODE_VERSION=$(make -C $WORKSPACE_DIR/go/src/github.com/gravitational/teleport/build.assets
print-node-version)
2022-08-24 14:38:42 +00:00
- export NODE_HOME=$TOOLCHAIN_DIR/node-v$NODE_VERSION-darwin-x64
- export PATH=$NODE_HOME/bin:$PATH
2021-12-01 01:39:24 +00:00
- export RUST_VERSION=$(make -C $WORKSPACE_DIR/go/src/github.com/gravitational/teleport/build.assets
print-rust-version)
2022-06-03 02:19:42 +00:00
- export CARGO_HOME=/tmp/build-$DRONE_BUILD_NUMBER-$DRONE_BUILD_CREATED/toolchains/cargo
2021-10-29 16:02:58 +00:00
- export RUST_HOME=$CARGO_HOME
2022-06-03 02:19:42 +00:00
- export RUSTUP_HOME=/tmp/build-$DRONE_BUILD_NUMBER-$DRONE_BUILD_CREATED/toolchains/rustup
2022-08-24 14:38:42 +00:00
- export PATH=$CARGO_HOME/bin:/Users/build/.cargo/bin:$PATH
- rustup override set $RUST_VERSION
- export PATH=$TOOLCHAIN_DIR/go/bin:$PATH
2021-08-18 11:28:59 +00:00
- cd $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
2022-05-31 14:50:56 +00:00
- build.assets/build-fido2-macos.sh build
- export PKG_CONFIG_PATH="$(build.assets/build-fido2-macos.sh pkg_config_path)"
2022-09-22 23:16:51 +00:00
- make clean release OS=$OS ARCH=$ARCH FIDO2=yes TOUCHID=yes LIBPCSCLITE=yes
2022-08-24 14:38:42 +00:00
- export VERSION=$(make -C $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
print-version)
2022-06-07 09:55:32 +00:00
- export BUILD_NUMBER=$DRONE_BUILD_NUMBER
2022-07-27 04:05:40 +00:00
- security unlock-keychain -p $${BUILDBOX_PASSWORD} login.keychain
- security find-identity -v
2022-08-24 14:38:42 +00:00
- export CSC_NAME=0FFD3E3413AB4C599C53FBB1D8CA690915E33D83
2022-08-26 15:43:16 +00:00
- export DEBUG="electron-*"
2022-08-24 14:38:42 +00:00
- export CONNECT_TSH_BIN_PATH=$WORKSPACE_DIR/go/src/github.com/gravitational/teleport/build/tsh
2022-06-03 02:19:42 +00:00
- cd $WORKSPACE_DIR/go/src/github.com/gravitational/webapps
2022-08-24 14:38:42 +00:00
- yarn install && yarn build-term && yarn package-term -c.extraMetadata.version=$VERSION
2021-08-18 11:28:59 +00:00
environment :
ARCH : amd64
2022-07-27 04:05:40 +00:00
BUILDBOX_PASSWORD :
from_secret : BUILDBOX_PASSWORD
2021-08-18 11:28:59 +00:00
GOCACHE : /tmp/push-build-darwin-amd64/go/cache
GOPATH : /tmp/push-build-darwin-amd64/go
OS : darwin
WORKSPACE_DIR : /tmp/push-build-darwin-amd64
2021-10-29 16:02:58 +00:00
- name : Clean up toolchains (post)
commands :
- set -u
2022-06-03 02:19:42 +00:00
- export PATH=/Users/$(whoami)/.cargo/bin:$PATH
- export CARGO_HOME=/tmp/build-$DRONE_BUILD_NUMBER-$DRONE_BUILD_CREATED/toolchains/cargo
2021-10-29 16:02:58 +00:00
- export RUST_HOME=$CARGO_HOME
2022-06-03 02:19:42 +00:00
- export RUSTUP_HOME=/tmp/build-$DRONE_BUILD_NUMBER-$DRONE_BUILD_CREATED/toolchains/rustup
2021-12-01 01:39:24 +00:00
- export RUST_VERSION=$(make -C $WORKSPACE_DIR/go/src/github.com/gravitational/teleport/build.assets
print-rust-version)
2021-10-29 16:02:58 +00:00
- cd $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
- rustup override unset
- rustup toolchain uninstall $RUST_VERSION
2022-06-03 02:19:42 +00:00
- rm -rf /tmp/build-$DRONE_BUILD_NUMBER-$DRONE_BUILD_CREATED
2021-10-29 16:02:58 +00:00
environment :
WORKSPACE_DIR : /tmp/push-build-darwin-amd64
when :
status :
- success
- failure
2021-08-18 11:28:59 +00:00
- name : Clean up exec runner storage (post)
commands :
- set -u
- chmod -R u+rw $WORKSPACE_DIR
- rm -rf $WORKSPACE_DIR/go $WORKSPACE_DIR/.ssh
environment :
WORKSPACE_DIR : /tmp/push-build-darwin-amd64
- name : Send Slack notification (exec)
commands :
- |2
2021-01-15 21:08:07 +00:00
2021-08-18 11:28:59 +00:00
export DRONE_BUILD_LINK="${DRONE_SYSTEM_PROTO}://${DRONE_SYSTEM_HOSTNAME}/${DRONE_REPO_OWNER}/${DRONE_REPO_NAME}/${DRONE_BUILD_NUMBER}"
export GOOS=$(go env GOOS)
export GOARCH=$(go env GOARCH)
- |2-
2021-01-15 21:08:07 +00:00
2021-08-18 11:28:59 +00:00
curl -sL -X POST -H 'Content-type : application/json' --data "{\"text\":\"Warning: \`${GOOS}-${GOARCH}\` artifact build failed for [\`${DRONE_REPO_NAME}\`] - please investigate immediately!\nBranch: \`${DRONE_BRANCH}\`\nCommit: \`${DRONE_COMMIT_SHA}\`\nLink: $DRONE_BUILD_LINK\"}" $SLACK_WEBHOOK_DEV_TELEPORT
environment :
SLACK_WEBHOOK_DEV_TELEPORT :
from_secret : SLACK_WEBHOOK_DEV_TELEPORT
when :
status :
- failure
2021-01-15 21:08:07 +00:00
2022-08-29 06:56:55 +00:00
---
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
# Generated at dronegen/windows.go (main.newWindowsPipeline)
################################################
kind : pipeline
type : exec
name : push-build-native-windows-amd64
trigger :
event :
include :
- push
exclude :
- pull_request
repo :
include :
- gravitational/*
branch :
include :
- master
- branch/*
workspace :
path : C:/Drone/Workspace/push-build-native-windows-amd64
platform :
os : windows
arch : amd64
clone :
disable : true
concurrency :
limit : 1
steps :
- name : Check out Teleport
commands :
- $ErrorActionPreference = 'Stop'
- $Workspace = "$Env:WORKSPACE_DIR/$Env:DRONE_BUILD_NUMBER"
- $TeleportSrc = "$Workspace/go/src/github.com/gravitational/teleport"
- $WebappsSrc = "$Workspace/go/src/github.com/gravitational/webapps"
- $TeleportRev = if ($Env:DRONE_TAG -ne $null) { $Env:DRONE_TAG } else { $Env:DRONE_COMMIT
}
- New-Item -Path $TeleportSrc -ItemType Directory | Out-Null
- cd $TeleportSrc
- git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .
- git checkout $TeleportRev
- New-Item -Path $WebappsSrc -ItemType Directory | Out-Null
- cd $WebappsSrc
- git clone https://github.com/gravitational/webapps.git .
- git checkout $(& $TeleportSrc/build.assets/webapps/webapps-version.ps1)
environment :
WORKSPACE_DIR : C:/Drone/Workspace/push-build-native-windows-amd64
- name : Checkout Submodules
commands :
- $ErrorActionPreference = 'Stop'
- $Workspace = "$Env:WORKSPACE_DIR/$Env:DRONE_BUILD_NUMBER"
- $TeleportSrc = "$Workspace/go/src/github.com/gravitational/teleport"
- . "$TeleportSrc/build.assets/windows/build.ps1"
- Enable-Git -Workspace $Workspace -PrivateKey $Env:GITHUB_PRIVATE_KEY
- cd $TeleportSrc
- git submodule update --init e
- git submodule update --init --recursive webassets
- Reset-Git -Workspace $Workspace
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
WORKSPACE_DIR : C:/Drone/Workspace/push-build-native-windows-amd64
- name : Install Node Toolchain
commands :
- $ProgressPreference = 'SilentlyContinue'
- $ErrorActionPreference = 'Stop'
- $Workspace = "$Env:WORKSPACE_DIR/$Env:DRONE_BUILD_NUMBER"
- $TeleportSrc = "$Workspace/go/src/github.com/gravitational/teleport"
- . "$TeleportSrc/build.assets/windows/build.ps1"
- Push-Location "$TeleportSrc/build.assets"
- $NodeVersion = $(make print-node-version).Trim()
- Pop-Location
- Install-Node -NodeVersion $NodeVersion -ToolchainDir "$Workspace/toolchains"
environment :
WORKSPACE_DIR : C:/Drone/Workspace/push-build-native-windows-amd64
- name : Install Go Toolchain
commands :
- $ProgressPreference = 'SilentlyContinue'
- $ErrorActionPreference = 'Stop'
- $Workspace = "$Env:WORKSPACE_DIR/$Env:DRONE_BUILD_NUMBER"
- $TeleportSrc = "$Workspace/go/src/github.com/gravitational/teleport"
- . "$TeleportSrc/build.assets/windows/build.ps1"
- Push-Location "$TeleportSrc/build.assets"
- $GoVersion = $(make print-go-version).TrimStart("go")
- Pop-Location
- Install-Go -GoVersion $GoVersion -ToolchainDir "$Workspace/toolchains"
environment :
WORKSPACE_DIR : C:/Drone/Workspace/push-build-native-windows-amd64
- name : Build tsh
commands :
- $ErrorActionPreference = 'Stop'
- $Workspace = "$Env:WORKSPACE_DIR/$Env:DRONE_BUILD_NUMBER"
- $Env:GOCACHE = "$Workspace/gocache"
- $TeleportSrc = "$Workspace/go/src/github.com/gravitational/teleport"
- . "$TeleportSrc/build.assets/windows/build.ps1"
- Enable-Go -ToolchainDir "$Workspace/toolchains"
- cd $TeleportSrc
- $Env:GCO_ENABLED=1
- go build -o build/tsh.exe ./tool/tsh
environment :
WINDOWS_SIGNING_CERT :
from_secret : WINDOWS_SIGNING_CERT
WORKSPACE_DIR : C:/Drone/Workspace/push-build-native-windows-amd64
- name : Build Teleport Connect
commands :
- $ErrorActionPreference = 'Stop'
- $Workspace = "$Env:WORKSPACE_DIR/$Env:DRONE_BUILD_NUMBER"
- $TeleportSrc = "$Workspace/go/src/github.com/gravitational/teleport"
- $WebappsSrc = "$Workspace/go/src/github.com/gravitational/webapps"
- . "$TeleportSrc/build.assets/windows/build.ps1"
- Enable-Node -ToolchainDir "$Workspace/toolchains"
- Push-Location $TeleportSrc
- $TeleportVersion=$(make print-version).Trim()
- Pop-Location
- cd $WebappsSrc
- $Env:CONNECT_TSH_BIN_PATH="$TeleportSrc\build\tsh.exe"
- yarn install --frozen-lockfile
- yarn build-term
- yarn package-term "-c.extraMetadata.version=$TeleportVersion"
environment :
CSC_LINK :
from_secret : WINDOWS_SIGNING_CERT
WORKSPACE_DIR : C:/Drone/Workspace/push-build-native-windows-amd64
- name : Clean up workspace (post)
commands :
- $ErrorActionPreference = 'Continue'
- Remove-Item -Recurse -Force -Path "$Env:WORKSPACE_DIR/$Env:DRONE_BUILD_NUMBER"
environment :
WORKSPACE_DIR : C:/Drone/Workspace/push-build-native-windows-amd64
when :
status :
- success
- failure
2022-08-31 01:32:31 +00:00
- name : Send Slack notification (exec)
commands :
- $Workspace = "$Env:WORKSPACE_DIR/$Env:DRONE_BUILD_NUMBER"
- $TeleportSrc = "$Workspace/go/src/github.com/gravitational/teleport"
- . "$TeleportSrc/build.assets/windows/build.ps1"
- Send-ErrorMessage
environment :
SLACK_WEBHOOK_DEV_TELEPORT :
from_secret : SLACK_WEBHOOK_DEV_TELEPORT
WORKSPACE_DIR : C:/Drone/Workspace/push-build-native-windows-amd64
when :
status :
- failure
2022-08-29 06:56:55 +00:00
2022-09-28 10:59:33 +00:00
---
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
# Generated at dronegen/relcli.go (main.relcliPipeline)
################################################
kind : pipeline
type : kubernetes
name : clean-up-previous-build
environment :
RELCLI_IMAGE : 146628656107. dkr.ecr.us-west-2.amazonaws.com/gravitational/relcli:v1.1.70-beta.3
trigger :
event :
include :
- tag
ref :
include :
- refs/tags/v*
repo :
include :
- gravitational/*
clone :
disable : true
steps :
- name : Check if commit is tagged
image : alpine
commands :
- '[ -n ${DRONE_TAG} ] || (echo ' 'DRONE_TAG is not set. Is the commit tagged?' '
&& exit 1)'
- name : Wait for docker
image : docker
commands :
- timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done'
volumes :
- name : dockersock
path : /var/run
- name : Pull relcli
image : docker:cli
commands :
- apk add --no-cache aws-cli
- aws ecr get-login-password | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com
- docker pull $RELCLI_IMAGE
environment :
AWS_ACCESS_KEY_ID :
from_secret : TELEPORT_BUILD_USER_READ_ONLY_KEY
AWS_DEFAULT_REGION : us-west-2
AWS_SECRET_ACCESS_KEY :
from_secret : TELEPORT_BUILD_USER_READ_ONLY_SECRET
volumes :
- name : dockersock
path : /var/run
- name : Clean up previously built artifacts
image : docker:git
commands :
- mkdir -p /tmpfs/creds
- echo "$RELEASES_CERT" | base64 -d > "$RELCLI_CERT"
- echo "$RELEASES_KEY" | base64 -d > "$RELCLI_KEY"
- trap "rm -rf /tmpfs/creds" EXIT
- |-
docker run -i -v /tmpfs/creds:/tmpfs/creds \
-e DRONE_REPO -e DRONE_TAG -e RELCLI_BASE_URL -e RELCLI_CERT -e RELCLI_KEY \
$RELCLI_IMAGE relcli auto_destroy -f -v 6
environment :
RELCLI_BASE_URL : https://releases-staging.platform.teleport.sh
RELCLI_CERT : /tmpfs/creds/releases.crt
RELCLI_KEY : /tmpfs/creds/releases.key
RELEASES_CERT :
from_secret : RELEASES_CERT_STAGING
RELEASES_KEY :
from_secret : RELEASES_KEY_STAGING
volumes :
- name : tmpfs
path : /tmpfs
- name : dockersock
path : /var/run
failure : ignore
services :
- name : Start Docker
image : docker:dind
privileged : true
volumes :
- name : tmpfs
path : /tmpfs
- name : dockersock
path : /var/run
volumes :
- name : tmpfs
temp :
medium : memory
- name : dockersock
temp : {}
2022-08-29 06:56:55 +00:00
---
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
# Generated at dronegen/windows.go (main.newWindowsPipeline)
################################################
kind : pipeline
type : exec
name : build-native-windows-amd64
trigger :
event :
include :
- tag
ref :
include :
- refs/tags/v*
repo :
include :
- gravitational/*
workspace :
path : C:/Drone/Workspace/build-native-windows-amd64
platform :
os : windows
arch : amd64
clone :
disable : true
2022-09-28 10:59:33 +00:00
depends_on :
- clean-up-previous-build
2022-08-29 06:56:55 +00:00
concurrency :
limit : 1
steps :
- name : Check out Teleport
commands :
- $ErrorActionPreference = 'Stop'
- $Workspace = "$Env:WORKSPACE_DIR/$Env:DRONE_BUILD_NUMBER"
- $TeleportSrc = "$Workspace/go/src/github.com/gravitational/teleport"
- $WebappsSrc = "$Workspace/go/src/github.com/gravitational/webapps"
- $TeleportRev = if ($Env:DRONE_TAG -ne $null) { $Env:DRONE_TAG } else { $Env:DRONE_COMMIT
}
- New-Item -Path $TeleportSrc -ItemType Directory | Out-Null
- cd $TeleportSrc
- git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .
- git checkout $TeleportRev
- New-Item -Path $WebappsSrc -ItemType Directory | Out-Null
- cd $WebappsSrc
- git clone https://github.com/gravitational/webapps.git .
- git checkout $(& $TeleportSrc/build.assets/webapps/webapps-version.ps1)
environment :
WORKSPACE_DIR : C:/Drone/Workspace/build-native-windows-amd64
- name : Checkout Submodules
commands :
- $ErrorActionPreference = 'Stop'
- $Workspace = "$Env:WORKSPACE_DIR/$Env:DRONE_BUILD_NUMBER"
- $TeleportSrc = "$Workspace/go/src/github.com/gravitational/teleport"
- . "$TeleportSrc/build.assets/windows/build.ps1"
- Enable-Git -Workspace $Workspace -PrivateKey $Env:GITHUB_PRIVATE_KEY
- cd $TeleportSrc
- git submodule update --init e
- git submodule update --init --recursive webassets
- Reset-Git -Workspace $Workspace
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
WORKSPACE_DIR : C:/Drone/Workspace/build-native-windows-amd64
- name : Install Node Toolchain
commands :
- $ProgressPreference = 'SilentlyContinue'
- $ErrorActionPreference = 'Stop'
- $Workspace = "$Env:WORKSPACE_DIR/$Env:DRONE_BUILD_NUMBER"
- $TeleportSrc = "$Workspace/go/src/github.com/gravitational/teleport"
- . "$TeleportSrc/build.assets/windows/build.ps1"
- Push-Location "$TeleportSrc/build.assets"
- $NodeVersion = $(make print-node-version).Trim()
- Pop-Location
- Install-Node -NodeVersion $NodeVersion -ToolchainDir "$Workspace/toolchains"
environment :
WORKSPACE_DIR : C:/Drone/Workspace/build-native-windows-amd64
- name : Install Go Toolchain
commands :
- $ProgressPreference = 'SilentlyContinue'
- $ErrorActionPreference = 'Stop'
- $Workspace = "$Env:WORKSPACE_DIR/$Env:DRONE_BUILD_NUMBER"
- $TeleportSrc = "$Workspace/go/src/github.com/gravitational/teleport"
- . "$TeleportSrc/build.assets/windows/build.ps1"
- Push-Location "$TeleportSrc/build.assets"
- $GoVersion = $(make print-go-version).TrimStart("go")
- Pop-Location
- Install-Go -GoVersion $GoVersion -ToolchainDir "$Workspace/toolchains"
environment :
WORKSPACE_DIR : C:/Drone/Workspace/build-native-windows-amd64
- name : Build tsh
commands :
- $ErrorActionPreference = 'Stop'
- $Workspace = "$Env:WORKSPACE_DIR/$Env:DRONE_BUILD_NUMBER"
- $Env:GOCACHE = "$Workspace/gocache"
- $TeleportSrc = "$Workspace/go/src/github.com/gravitational/teleport"
- . "$TeleportSrc/build.assets/windows/build.ps1"
- Enable-Go -ToolchainDir "$Workspace/toolchains"
- cd $TeleportSrc
- $Env:GCO_ENABLED=1
- go build -o build/tsh.exe ./tool/tsh
environment :
WINDOWS_SIGNING_CERT :
from_secret : WINDOWS_SIGNING_CERT
WORKSPACE_DIR : C:/Drone/Workspace/build-native-windows-amd64
- name : Build Teleport Connect
commands :
- $ErrorActionPreference = 'Stop'
- $Workspace = "$Env:WORKSPACE_DIR/$Env:DRONE_BUILD_NUMBER"
- $TeleportSrc = "$Workspace/go/src/github.com/gravitational/teleport"
- $WebappsSrc = "$Workspace/go/src/github.com/gravitational/webapps"
- . "$TeleportSrc/build.assets/windows/build.ps1"
- Enable-Node -ToolchainDir "$Workspace/toolchains"
- Push-Location $TeleportSrc
- $TeleportVersion=$(make print-version).Trim()
- Pop-Location
- cd $WebappsSrc
- $Env:CONNECT_TSH_BIN_PATH="$TeleportSrc\build\tsh.exe"
- yarn install --frozen-lockfile
- yarn build-term
- yarn package-term "-c.extraMetadata.version=$TeleportVersion"
environment :
CSC_LINK :
from_secret : WINDOWS_SIGNING_CERT
WORKSPACE_DIR : C:/Drone/Workspace/build-native-windows-amd64
- name : Upload Artifacts
commands :
- $Workspace = "$Env:WORKSPACE_DIR/$Env:DRONE_BUILD_NUMBER"
- $TeleportSrc = "$Workspace/go/src/github.com/gravitational/teleport"
- $WebappsSrc = "$Workspace/go/src/github.com/gravitational/webapps"
- $TeleportVersion=$Env:DRONE_TAG.TrimStart('v')
- $OutputsDir="$Workspace/outputs"
- New-Item -Path "$OutputsDir" -ItemType 'Directory' | Out-Null
- Get-ChildItem "$WebappsSrc/packages/teleterm/build/release
- Copy-Item -Path "$WebappsSrc/packages/teleterm/build/release/Teleport Connect
Setup*.exe" -Destination $OutputsDir
- . "$TeleportSrc/build.assets/windows/build.ps1"
- Format-FileHashes -PathGlob "$OutputsDir/*.exe"
- Copy-Artifacts -Path $OutputsDir -Bucket $Env:AWS_S3_BUCKET -DstRoot "/teleport/tag/$TeleportVersion"
environment :
AWS_ACCESS_KEY_ID :
from_secret : AWS_ACCESS_KEY_ID
AWS_REGION : us-west-2
AWS_S3_BUCKET :
from_secret : AWS_S3_BUCKET
AWS_SECRET_ACCESS_KEY :
from_secret : AWS_SECRET_ACCESS_KEY
WORKSPACE_DIR : C:/Drone/Workspace/build-native-windows-amd64
2022-09-20 10:42:04 +00:00
- name : Register artifacts
commands :
- $ErrorActionPreference = 'Stop'
- $ProgressPreference = 'SilentlyContinue'
- $Workspace = "$Env:WORKSPACE_DIR/$Env:DRONE_BUILD_NUMBER"
- $TeleportSrc = "$Workspace/go/src/github.com/gravitational/teleport"
- $OutputsDir = "$Workspace/outputs"
2022-09-28 10:59:33 +00:00
- $relcliUrl = 'https://cdn.teleport.dev/relcli-v1.1.70-beta.3-windows.exe'
- $relcliSha256 = '1cd0e4e2912ded6c6b61a82018ac3d76eac091f9719b5a80795d79ff194788a7'
2022-09-20 10:42:04 +00:00
- . "$TeleportSrc/build.assets/windows/build.ps1"
- Get-Relcli -Url $relcliUrl -Sha256 $relcliSha256 -Workspace $Workspace
- Register-Artifacts -Workspace $Workspace -Outputs $OutputsDir
environment :
RELCLI_BASE_URL : https://releases-staging.platform.teleport.sh
RELEASES_CERT :
from_secret : RELEASES_CERT_STAGING
RELEASES_KEY :
from_secret : RELEASES_KEY_STAGING
WORKSPACE_DIR : C:/Drone/Workspace/build-native-windows-amd64
2022-08-29 06:56:55 +00:00
- name : Clean up workspace (post)
commands :
- $ErrorActionPreference = 'Continue'
- Remove-Item -Recurse -Force -Path "$Env:WORKSPACE_DIR/$Env:DRONE_BUILD_NUMBER"
environment :
WORKSPACE_DIR : C:/Drone/Workspace/build-native-windows-amd64
when :
status :
- success
- failure
2021-01-15 21:08:07 +00:00
---
2021-03-23 01:32:45 +00:00
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/push.go (main.pushPipeline)
2021-03-23 01:32:45 +00:00
################################################
2021-01-15 21:08:07 +00:00
kind : pipeline
2021-02-11 15:14:27 +00:00
type : kubernetes
name : push-build-linux-arm
environment :
2022-06-16 03:05:54 +00:00
BUILDBOX_VERSION : teleport11
2021-03-23 01:32:45 +00:00
GID : "1000"
2022-09-19 17:31:51 +00:00
RUNTIME : go1.19.1
2021-03-23 01:32:45 +00:00
UID : "1000"
2020-06-25 17:29:10 +00:00
trigger :
event :
2020-09-01 17:28:47 +00:00
include :
2021-03-23 01:32:45 +00:00
- push
2021-01-15 21:08:07 +00:00
exclude :
2021-03-23 01:32:45 +00:00
- pull_request
repo :
include :
- gravitational/*
2021-01-15 21:08:07 +00:00
branch :
include :
2021-03-23 01:32:45 +00:00
- master
- branch/*
2020-06-25 17:29:10 +00:00
workspace :
2021-02-11 15:14:27 +00:00
path : /go
2020-06-25 17:29:10 +00:00
clone :
disable : true
steps :
2021-03-23 01:32:45 +00:00
- name : Check out code
image : docker:git
commands :
- mkdir -p /go/src/github.com/gravitational/teleport /go/cache
- cd /go/src/github.com/gravitational/teleport
- git init && git remote add origin ${DRONE_REMOTE_URL}
- git fetch origin
- git checkout -qf ${DRONE_COMMIT_SHA}
- git submodule update --init webassets || true
- mkdir -m 0700 /root/.ssh && echo "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa &&
chmod 600 /root/.ssh/id_rsa
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
- git submodule update --init e
- git submodule update --init --recursive webassets || true
- rm -f /root/.ssh/id_rsa
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
2021-03-31 20:41:51 +00:00
- name : Wait for docker
image : docker
commands :
- timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done'
volumes :
- name : dockersock
path : /var/run
2021-03-23 01:32:45 +00:00
- name : Build artifacts
image : docker
commands :
- apk add --no-cache make
- chown -R $UID:$GID /go
- cd /go/src/github.com/gravitational/teleport
- make -C build.assets release-arm
environment :
ARCH : arm
GID : "1000"
2021-06-14 20:29:32 +00:00
GOCACHE : /go/cache
2021-03-23 01:32:45 +00:00
GOPATH : /go
OS : linux
UID : "1000"
volumes :
- name : dockersock
path : /var/run
- name : Send Slack notification
image : plugins/slack
settings :
webhook :
from_secret : SLACK_WEBHOOK_DEV_TELEPORT
template :
- |
*{{#success build.status}}✔{{ else }}✘{{/success}} {{ uppercasefirst build.status }}: Build #{{ build.number }}* (type: `{{ build.event }}`)
`${DRONE_STAGE_NAME}` artifact build failed.
*Warning:* This is a genuine failure to build the Teleport binary from `{{ build.branch }}` (likely due to a bad merge or commit) and should be investigated immediately.
Commit : <https://github.com/{{ repo.owner }}/{{ repo.name }}/commit/{{ build.commit }}|{{ truncate build.commit 8 }}>
Branch : <https://github.com/{{ repo.owner }}/{{ repo.name }}/commits/{{ build.branch }}|{{ repo.owner }}/{{ repo.name }}:{{ build.branch }}>
Author : <https://github.com/{{ build.author }}|{{ build.author }}>
<{{ build.link }}|Visit Drone build page ↗>
when :
status :
- failure
2021-02-11 15:14:27 +00:00
services :
2021-03-23 01:32:45 +00:00
- name : Start Docker
2021-06-14 20:29:32 +00:00
image : docker:dind
2021-06-21 17:02:30 +00:00
privileged : true
2021-03-23 01:32:45 +00:00
volumes :
2021-02-11 15:14:27 +00:00
- name : dockersock
2021-03-23 01:32:45 +00:00
path : /var/run
volumes :
- name : dockersock
temp : {}
2021-02-11 15:14:27 +00:00
---
2021-03-23 01:32:45 +00:00
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/push.go (main.pushPipeline)
2021-03-23 01:32:45 +00:00
################################################
2021-02-11 15:14:27 +00:00
kind : pipeline
type : kubernetes
name : push-build-linux-arm64
environment :
2022-06-16 03:05:54 +00:00
BUILDBOX_VERSION : teleport11
2021-03-23 01:32:45 +00:00
GID : "1000"
2022-09-19 17:31:51 +00:00
RUNTIME : go1.19.1
2021-03-23 01:32:45 +00:00
UID : "1000"
2021-02-11 15:14:27 +00:00
trigger :
event :
include :
2021-03-23 01:32:45 +00:00
- push
2021-02-11 15:14:27 +00:00
exclude :
2021-03-23 01:32:45 +00:00
- pull_request
2021-02-11 15:14:27 +00:00
repo :
include :
2021-03-23 01:32:45 +00:00
- gravitational/*
branch :
include :
- master
- branch/*
2021-02-11 15:14:27 +00:00
workspace :
path : /go
clone :
disable : true
steps :
2021-03-23 01:32:45 +00:00
- name : Check out code
image : docker:git
commands :
- mkdir -p /go/src/github.com/gravitational/teleport /go/cache
- cd /go/src/github.com/gravitational/teleport
- git init && git remote add origin ${DRONE_REMOTE_URL}
- git fetch origin
- git checkout -qf ${DRONE_COMMIT_SHA}
- git submodule update --init webassets || true
- mkdir -m 0700 /root/.ssh && echo "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa &&
chmod 600 /root/.ssh/id_rsa
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
- git submodule update --init e
- git submodule update --init --recursive webassets || true
- rm -f /root/.ssh/id_rsa
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
2021-03-31 20:41:51 +00:00
- name : Wait for docker
image : docker
commands :
- timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done'
volumes :
- name : dockersock
path : /var/run
2021-03-23 01:32:45 +00:00
- name : Build artifacts
image : docker
commands :
- apk add --no-cache make
- chown -R $UID:$GID /go
- cd /go/src/github.com/gravitational/teleport
- make -C build.assets release-arm64
environment :
ARCH : arm64
GID : "1000"
2021-06-14 20:29:32 +00:00
GOCACHE : /go/cache
2021-03-23 01:32:45 +00:00
GOPATH : /go
OS : linux
UID : "1000"
volumes :
- name : dockersock
path : /var/run
- name : Send Slack notification
image : plugins/slack
settings :
webhook :
from_secret : SLACK_WEBHOOK_DEV_TELEPORT
template :
- |
*{{#success build.status}}✔{{ else }}✘{{/success}} {{ uppercasefirst build.status }}: Build #{{ build.number }}* (type: `{{ build.event }}`)
`${DRONE_STAGE_NAME}` artifact build failed.
*Warning:* This is a genuine failure to build the Teleport binary from `{{ build.branch }}` (likely due to a bad merge or commit) and should be investigated immediately.
Commit : <https://github.com/{{ repo.owner }}/{{ repo.name }}/commit/{{ build.commit }}|{{ truncate build.commit 8 }}>
Branch : <https://github.com/{{ repo.owner }}/{{ repo.name }}/commits/{{ build.branch }}|{{ repo.owner }}/{{ repo.name }}:{{ build.branch }}>
Author : <https://github.com/{{ build.author }}|{{ build.author }}>
<{{ build.link }}|Visit Drone build page ↗>
when :
status :
- failure
2021-02-11 15:14:27 +00:00
services :
2021-03-23 01:32:45 +00:00
- name : Start Docker
2021-06-14 20:29:32 +00:00
image : docker:dind
2021-06-21 17:02:30 +00:00
privileged : true
2021-03-23 01:32:45 +00:00
volumes :
2021-02-11 15:14:27 +00:00
- name : dockersock
2021-03-23 01:32:45 +00:00
path : /var/run
volumes :
- name : dockersock
temp : {}
2021-02-11 15:14:27 +00:00
2020-07-02 17:48:54 +00:00
---
kind : pipeline
type : kubernetes
2020-07-18 00:35:46 +00:00
name : teleport-docker-cron
2020-07-02 17:48:54 +00:00
trigger :
cron :
2020-07-18 00:35:46 +00:00
- teleport-docker-cron
2020-07-24 23:37:14 +00:00
repo :
include :
2021-02-12 15:50:21 +00:00
- gravitational/teleport
2020-07-02 17:48:54 +00:00
workspace :
2020-07-18 00:35:46 +00:00
path : /go
clone :
2022-02-11 07:47:50 +00:00
disable : false
2020-07-18 00:35:46 +00:00
steps :
- name : Set up variables and Dockerfile
image : docker:git
environment :
# increment these variables when a new major/minor version is released to bump the automatic builds
2020-10-22 03:17:54 +00:00
# this only needs to be done on the master branch, as that's the branch that the Drone cron is configured for
2021-01-15 21:28:37 +00:00
# build major version images which are just teleport:x
2022-07-08 17:59:19 +00:00
CURRENT_VERSION_ROOT : v10
PREVIOUS_VERSION_ONE_ROOT : v9
PREVIOUS_VERSION_TWO_ROOT : v8
2020-07-18 00:35:46 +00:00
commands :
2022-02-11 07:47:50 +00:00
- apk --update --no-cache add curl go
2020-07-18 00:35:46 +00:00
- mkdir -p /go/build && cd /go/build
2022-07-26 16:14:08 +00:00
# CURRENT_VERSION
2022-02-11 07:47:50 +00:00
- (cd /go/build.assets/tooling && go run ./cmd/query-latest $CURRENT_VERSION_ROOT > /go/build/CURRENT_VERSION_TAG.txt)
2021-01-15 21:28:37 +00:00
- echo "$(cat /go/build/CURRENT_VERSION_TAG.txt | cut -d. -f1 | tr -d '^v')" > /go/build/CURRENT_VERSION_TAG_GENERIC.txt
2022-07-26 16:14:08 +00:00
# PREVIOUS_VERSION_ONE
2022-02-11 07:47:50 +00:00
- (cd /go/build.assets/tooling && go run ./cmd/query-latest $PREVIOUS_VERSION_ONE_ROOT > /go/build/PREVIOUS_VERSION_ONE_TAG.txt)
2021-03-10 20:15:19 +00:00
- echo "$(cat /go/build/PREVIOUS_VERSION_ONE_TAG.txt | cut -d. -f1 | tr -d '^v')" > /go/build/PREVIOUS_VERSION_ONE_TAG_GENERIC.txt
2022-07-26 16:14:08 +00:00
# PREVIOUS_VERSION_TWO
2022-02-11 07:47:50 +00:00
- (cd /go/build.assets/tooling && go run ./cmd/query-latest $PREVIOUS_VERSION_TWO_ROOT > /go/build/PREVIOUS_VERSION_TWO_TAG.txt)
2021-08-12 18:30:18 +00:00
- echo "$(cat /go/build/PREVIOUS_VERSION_TWO_TAG.txt | cut -d. -f1 | tr -d '^v')" > /go/build/PREVIOUS_VERSION_TWO_TAG_GENERIC.txt
2021-01-08 20:08:45 +00:00
# list versions
2020-07-18 00:35:46 +00:00
- for FILE in /go/build/*.txt; do echo $FILE; cat $FILE; done
2020-10-19 19:38:46 +00:00
# get Dockerfiles
2020-07-18 00:35:46 +00:00
- curl -Ls -o /go/build/Dockerfile-cron https://raw.githubusercontent.com/gravitational/teleport/${DRONE_SOURCE_BRANCH:-master}/build.assets/Dockerfile-cron
2022-07-26 16:14:08 +00:00
- curl -Ls -o /go/build/Dockerfile-cron-v8 https://raw.githubusercontent.com/gravitational/teleport/${DRONE_SOURCE_BRANCH:-master}/build.assets/Dockerfile-cron-v8
2022-07-20 16:56:51 +00:00
2020-10-19 19:38:46 +00:00
# wait for Docker to be ready
- sleep 3
2020-07-18 00:35:46 +00:00
- name : Build and push Teleport containers (CURRENT_VERSION)
image : docker
environment :
OS : linux
ARCH : amd64
2022-07-26 16:14:08 +00:00
QUAY_USERNAME :
2020-07-18 00:35:46 +00:00
from_secret : PRODUCTION_QUAYIO_DOCKER_USERNAME
2022-07-26 16:14:08 +00:00
QUAY_PASSWORD :
2020-07-18 00:35:46 +00:00
from_secret : PRODUCTION_QUAYIO_DOCKER_PASSWORD
volumes :
- name : dockersock
path : /var/run
commands :
- export VERSION_TAG=$(cat /go/build/CURRENT_VERSION_TAG.txt)
- export OSS_IMAGE_NAME="quay.io/gravitational/teleport:$(cat /go/build/CURRENT_VERSION_TAG_GENERIC.txt)"
- export ENT_IMAGE_NAME="quay.io/gravitational/teleport-ent:$(cat /go/build/CURRENT_VERSION_TAG_GENERIC.txt)"
- export ENT_FIPS_IMAGE_NAME="quay.io/gravitational/teleport-ent:$(cat /go/build/CURRENT_VERSION_TAG_GENERIC.txt)-fips"
2022-07-26 16:14:08 +00:00
- docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" quay.io
2020-07-18 00:35:46 +00:00
# OSS
2020-10-19 19:38:46 +00:00
- docker build --target teleport --build-arg DOWNLOAD_TYPE=teleport --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $OSS_IMAGE_NAME -f /go/build/Dockerfile-cron /go/build
2020-07-18 00:35:46 +00:00
- docker push $OSS_IMAGE_NAME
# Enterprise
2020-10-19 19:38:46 +00:00
- docker build --target teleport --build-arg DOWNLOAD_TYPE=teleport-ent --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $ENT_IMAGE_NAME -f /go/build/Dockerfile-cron /go/build
2020-07-18 00:35:46 +00:00
- docker push $ENT_IMAGE_NAME
# Enterprise FIPS
2020-10-19 19:38:46 +00:00
- docker build --target teleport-fips --build-arg DOWNLOAD_TYPE=teleport-ent --build-arg EXTRA_DOWNLOAD_ARGS="-fips" --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $ENT_FIPS_IMAGE_NAME -f /go/build/Dockerfile-cron /go/build
2020-07-18 00:35:46 +00:00
- docker push $ENT_FIPS_IMAGE_NAME
2021-03-10 20:15:19 +00:00
- name : Build and push Teleport containers (PREVIOUS_VERSION_ONE)
2020-07-18 00:35:46 +00:00
image : docker
environment :
OS : linux
ARCH : amd64
2022-07-26 16:14:08 +00:00
QUAY_USERNAME :
2020-07-18 00:35:46 +00:00
from_secret : PRODUCTION_QUAYIO_DOCKER_USERNAME
2022-07-26 16:14:08 +00:00
QUAY_PASSWORD :
2020-07-18 00:35:46 +00:00
from_secret : PRODUCTION_QUAYIO_DOCKER_PASSWORD
volumes :
- name : dockersock
path : /var/run
commands :
2021-03-10 20:15:19 +00:00
- export VERSION_TAG=$(cat /go/build/PREVIOUS_VERSION_ONE_TAG.txt)
- export OSS_IMAGE_NAME="quay.io/gravitational/teleport:$(cat /go/build/PREVIOUS_VERSION_ONE_TAG_GENERIC.txt)"
- export ENT_IMAGE_NAME="quay.io/gravitational/teleport-ent:$(cat /go/build/PREVIOUS_VERSION_ONE_TAG_GENERIC.txt)"
- export ENT_FIPS_IMAGE_NAME="quay.io/gravitational/teleport-ent:$(cat /go/build/PREVIOUS_VERSION_ONE_TAG_GENERIC.txt)-fips"
2022-07-26 16:14:08 +00:00
- docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" quay.io
2020-07-18 00:35:46 +00:00
# OSS
2020-10-19 19:38:46 +00:00
- docker build --target teleport --build-arg DOWNLOAD_TYPE=teleport --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $OSS_IMAGE_NAME -f /go/build/Dockerfile-cron /go/build
2020-07-18 00:35:46 +00:00
- docker push $OSS_IMAGE_NAME
# Enterprise
2020-10-19 19:38:46 +00:00
- docker build --target teleport --build-arg DOWNLOAD_TYPE=teleport-ent --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $ENT_IMAGE_NAME -f /go/build/Dockerfile-cron /go/build
2020-07-18 00:35:46 +00:00
- docker push $ENT_IMAGE_NAME
# Enterprise FIPS
2020-10-19 19:38:46 +00:00
- docker build --target teleport-fips --build-arg DOWNLOAD_TYPE=teleport-ent --build-arg EXTRA_DOWNLOAD_ARGS="-fips" --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $ENT_FIPS_IMAGE_NAME -f /go/build/Dockerfile-cron /go/build
2020-07-18 00:35:46 +00:00
- docker push $ENT_FIPS_IMAGE_NAME
2021-03-10 20:15:19 +00:00
- name : Build and push Teleport containers (PREVIOUS_VERSION_TWO)
2020-07-18 00:35:46 +00:00
image : docker
environment :
OS : linux
ARCH : amd64
2022-07-26 16:14:08 +00:00
QUAY_USERNAME :
2020-07-18 00:35:46 +00:00
from_secret : PRODUCTION_QUAYIO_DOCKER_USERNAME
2022-07-26 16:14:08 +00:00
QUAY_PASSWORD :
2020-07-18 00:35:46 +00:00
from_secret : PRODUCTION_QUAYIO_DOCKER_PASSWORD
volumes :
- name : dockersock
path : /var/run
commands :
2021-03-10 20:15:19 +00:00
- export VERSION_TAG=$(cat /go/build/PREVIOUS_VERSION_TWO_TAG.txt)
- export OSS_IMAGE_NAME="quay.io/gravitational/teleport:$(cat /go/build/PREVIOUS_VERSION_TWO_TAG_GENERIC.txt)"
- export ENT_IMAGE_NAME="quay.io/gravitational/teleport-ent:$(cat /go/build/PREVIOUS_VERSION_TWO_TAG_GENERIC.txt)"
- export ENT_FIPS_IMAGE_NAME="quay.io/gravitational/teleport-ent:$(cat /go/build/PREVIOUS_VERSION_TWO_TAG_GENERIC.txt)-fips"
2022-07-26 16:14:08 +00:00
- docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" quay.io
2021-01-08 20:08:45 +00:00
# OSS
2022-07-20 16:56:51 +00:00
# TODO(logand22): Remove v8 when Teleport 11 is released
- docker build --target teleport --build-arg DOWNLOAD_TYPE=teleport --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $OSS_IMAGE_NAME -f /go/build/Dockerfile-cron-v8 /go/build
2021-01-08 20:08:45 +00:00
- docker push $OSS_IMAGE_NAME
# Enterprise
2022-07-20 16:56:51 +00:00
# TODO(logand22): Remove v8 when Teleport 11 is released
- docker build --target teleport --build-arg DOWNLOAD_TYPE=teleport-ent --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $ENT_IMAGE_NAME -f /go/build/Dockerfile-cron-v8 /go/build
2021-01-08 20:08:45 +00:00
- docker push $ENT_IMAGE_NAME
# Enterprise FIPS
2022-07-20 16:56:51 +00:00
# TODO(logand22): Remove v8 when Teleport 11 is released
- docker build --target teleport-fips --build-arg DOWNLOAD_TYPE=teleport-ent --build-arg EXTRA_DOWNLOAD_ARGS="-fips" --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $ENT_FIPS_IMAGE_NAME -f /go/build/Dockerfile-cron-v8 /go/build
2021-01-08 20:08:45 +00:00
- docker push $ENT_FIPS_IMAGE_NAME
2021-07-26 16:45:59 +00:00
- name : Build/push Teleport Lab Docker image
2021-08-11 20:56:30 +00:00
image : docker:git
2021-07-26 16:45:59 +00:00
environment :
OS : linux
ARCH : amd64
settings :
username :
from_secret : PRODUCTION_QUAYIO_DOCKER_USERNAME
password :
from_secret : PRODUCTION_QUAYIO_DOCKER_PASSWORD
volumes :
- name : dockersock
path : /var/run
commands :
2021-08-11 19:41:50 +00:00
- export TELEPORT_TAG=$(cat /go/build/CURRENT_VERSION_TAG.txt | tr -d '^v')
2021-07-26 16:45:59 +00:00
- export TELEPORT_LAB_IMAGE_NAME="quay.io/gravitational/teleport-lab:$(cat /go/build/CURRENT_VERSION_TAG_GENERIC.txt)"
2021-08-11 20:56:30 +00:00
# Check out code
- mkdir -p /go/src/github.com/gravitational/teleport
- cd /go/src/github.com/gravitational/teleport
- git init && git remote add origin ${DRONE_REMOTE_URL}
- git fetch origin
- git checkout -qf ${DRONE_COMMIT_SHA}
2021-07-26 16:45:59 +00:00
# Build and push Teleport lab image
2021-08-11 20:56:30 +00:00
- docker login -u="$PLUGIN_USERNAME" -p="$PLUGIN_PASSWORD" quay.io
- docker build --build-arg TELEPORT_TAG=$TELEPORT_TAG -t $TELEPORT_LAB_IMAGE_NAME /go/src/github.com/gravitational/teleport/docker/sshd
2021-07-26 16:45:59 +00:00
- docker push $TELEPORT_LAB_IMAGE_NAME
2020-07-18 00:35:46 +00:00
services :
- name : Start Docker
image : docker:dind
2021-06-21 17:02:30 +00:00
privileged : true
2020-07-18 00:35:46 +00:00
volumes :
- name : dockersock
path : /var/run
volumes :
- name : dockersock
temp : {}
2022-07-26 16:14:08 +00:00
---
kind : pipeline
type : kubernetes
name : teleport-docker-cron-ecr
trigger :
cron :
- teleport-docker-cron-ecr
repo :
include :
- gravitational/teleport
workspace :
path : /go
clone :
disable : false
steps :
- name : Set up variables and Dockerfile
image : docker:git
environment :
# increment these variables when a new major/minor version is released to bump the automatic builds
# this only needs to be done on the master branch, as that's the branch that the Drone cron is configured for
# build major version images which are just teleport:x
CURRENT_VERSION_ROOT : v10
PREVIOUS_VERSION_ONE_ROOT : v9
PREVIOUS_VERSION_TWO_ROOT : v8
commands :
- apk --update --no-cache add curl go
- mkdir -p /go/build && cd /go/build
# CURRENT_VERSION
- (cd /go/build.assets/tooling && go run ./cmd/query-latest $CURRENT_VERSION_ROOT > /go/build/CURRENT_VERSION_TAG.txt)
- echo "$(cat /go/build/CURRENT_VERSION_TAG.txt | cut -d. -f1 | tr -d '^v')" > /go/build/CURRENT_VERSION_TAG_GENERIC.txt
# PREVIOUS_VERSION_ONE
- (cd /go/build.assets/tooling && go run ./cmd/query-latest $PREVIOUS_VERSION_ONE_ROOT > /go/build/PREVIOUS_VERSION_ONE_TAG.txt)
- echo "$(cat /go/build/PREVIOUS_VERSION_ONE_TAG.txt | cut -d. -f1 | tr -d '^v')" > /go/build/PREVIOUS_VERSION_ONE_TAG_GENERIC.txt
# PREVIOUS_VERSION_TWO
- (cd /go/build.assets/tooling && go run ./cmd/query-latest $PREVIOUS_VERSION_TWO_ROOT > /go/build/PREVIOUS_VERSION_TWO_TAG.txt)
- echo "$(cat /go/build/PREVIOUS_VERSION_TWO_TAG.txt | cut -d. -f1 | tr -d '^v')" > /go/build/PREVIOUS_VERSION_TWO_TAG_GENERIC.txt
# list versions
- for FILE in /go/build/*.txt; do echo $FILE; cat $FILE; done
# get Dockerfiles
- curl -Ls -o /go/build/Dockerfile-cron https://raw.githubusercontent.com/gravitational/teleport/${DRONE_SOURCE_BRANCH:-master}/build.assets/Dockerfile-cron
- curl -Ls -o /go/build/Dockerfile-cron-v8 https://raw.githubusercontent.com/gravitational/teleport/${DRONE_SOURCE_BRANCH:-master}/build.assets/Dockerfile-cron-v8
# wait for Docker to be ready
- sleep 3
- name : Build and push Teleport containers (CURRENT_VERSION)
image : docker
environment :
OS : linux
ARCH : amd64
STAGING_AWS_ACCESS_KEY_ID :
from_secret : STAGING_TELEPORT_DRONE_USER_ECR_KEY
STAGING_AWS_SECRET_ACCESS_KEY :
from_secret : STAGING_TELEPORT_DRONE_USER_ECR_SECRET
PROD_AWS_ACCESS_KEY_ID :
from_secret : PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY
PROD_AWS_SECRET_ACCESS_KEY :
from_secret : PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET
volumes :
- name : dockersock
path : /var/run
commands :
- apk add --no-cache aws-cli
- export VERSION_TAG=$(cat /go/build/CURRENT_VERSION_TAG.txt)
- export CURRENT_DATE=$(date '+%Y%m%d%H%M')
# Staging image names
- export OSS_IMAGE_NAME_STAGE="146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat /go/build/CURRENT_VERSION_TAG_GENERIC.txt)-$CURRENT_DATE"
- export ENT_IMAGE_NAME_STAGE="146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat /go/build/CURRENT_VERSION_TAG_GENERIC.txt)-$CURRENT_DATE"
- export ENT_FIPS_IMAGE_NAME_STAGE="146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat /go/build/CURRENT_VERSION_TAG_GENERIC.txt)-fips-$CURRENT_DATE"
# Production image names
- export OSS_IMAGE_NAME_PROD="public.ecr.aws/gravitational/teleport:$(cat /go/build/CURRENT_VERSION_TAG_GENERIC.txt)"
- export ENT_IMAGE_NAME_PROD="public.ecr.aws/gravitational/teleport-ent:$(cat /go/build/CURRENT_VERSION_TAG_GENERIC.txt)"
- export ENT_FIPS_IMAGE_NAME_PROD="public.ecr.aws/gravitational/teleport-ent:$(cat /go/build/CURRENT_VERSION_TAG_GENERIC.txt)-fips"
# Authenticate to staging registry
- export AWS_ACCESS_KEY_ID="$STAGING_AWS_ACCESS_KEY_ID"
- export AWS_SECRET_ACCESS_KEY="$STAGING_AWS_SECRET_ACCESS_KEY"
- aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com
# OSS
- docker build --target teleport --build-arg DOWNLOAD_TYPE=teleport --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $OSS_IMAGE_NAME_STAGE -f /go/build/Dockerfile-cron /go/build
- docker push $OSS_IMAGE_NAME_STAGE
# Enterprise
- docker build --target teleport --build-arg DOWNLOAD_TYPE=teleport-ent --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $ENT_IMAGE_NAME_STAGE -f /go/build/Dockerfile-cron /go/build
- docker push $ENT_IMAGE_NAME_STAGE
# Enterprise FIPS
- docker build --target teleport-fips --build-arg DOWNLOAD_TYPE=teleport-ent --build-arg EXTRA_DOWNLOAD_ARGS="-fips" --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $ENT_FIPS_IMAGE_NAME_STAGE -f /go/build/Dockerfile-cron /go/build
- docker push $ENT_FIPS_IMAGE_NAME_STAGE
# Authenticate to production registry
- docker logout 146628656107.dkr.ecr.us-west-2.amazonaws.com
- export AWS_ACCESS_KEY_ID="$PROD_AWS_ACCESS_KEY_ID"
- export AWS_SECRET_ACCESS_KEY="$PROD_AWS_SECRET_ACCESS_KEY"
- aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws
# Retag images
- docker tag $OSS_IMAGE_NAME_STAGE $OSS_IMAGE_NAME_PROD
- docker tag $ENT_IMAGE_NAME_STAGE $ENT_IMAGE_NAME_PROD
- docker tag $ENT_FIPS_IMAGE_NAME_STAGE $ENT_FIPS_IMAGE_NAME_PROD
# Promote to production registry
- docker push $ENT_IMAGE_NAME_PROD
- docker push $OSS_IMAGE_NAME_PROD
- docker push $ENT_FIPS_IMAGE_NAME_PROD
- name : Build and push Teleport containers (PREVIOUS_VERSION_ONE)
image : docker
environment :
OS : linux
ARCH : amd64
STAGING_AWS_ACCESS_KEY_ID :
from_secret : STAGING_TELEPORT_DRONE_USER_ECR_KEY
STAGING_AWS_SECRET_ACCESS_KEY :
from_secret : STAGING_TELEPORT_DRONE_USER_ECR_SECRET
PROD_AWS_ACCESS_KEY_ID :
from_secret : PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY
PROD_AWS_SECRET_ACCESS_KEY :
from_secret : PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET
volumes :
- name : dockersock
path : /var/run
commands :
- apk add --no-cache aws-cli
- export VERSION_TAG=$(cat /go/build/PREVIOUS_VERSION_ONE_TAG.txt)
- export CURRENT_DATE=$(date '+%Y%m%d%H%M')
# Staging image names
- export OSS_IMAGE_NAME_STAGE="146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat /go/build/PREVIOUS_VERSION_ONE_TAG_GENERIC.txt)-$CURRENT_DATE"
- export ENT_IMAGE_NAME_STAGE="146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat /go/build/PREVIOUS_VERSION_ONE_TAG_GENERIC.txt)-$CURRENT_DATE"
- export ENT_FIPS_IMAGE_NAME_STAGE="146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat /go/build/PREVIOUS_VERSION_ONE_TAG_GENERIC.txt)-fips-$CURRENT_DATE"
# Production image names
- export OSS_IMAGE_NAME_PROD="public.ecr.aws/gravitational/teleport:$(cat /go/build/PREVIOUS_VERSION_ONE_TAG_GENERIC.txt)"
- export ENT_IMAGE_NAME_PROD="public.ecr.aws/gravitational/teleport-ent:$(cat /go/build/PREVIOUS_VERSION_ONE_TAG_GENERIC.txt)"
- export ENT_FIPS_IMAGE_NAME_PROD="public.ecr.aws/gravitational/teleport-ent:$(cat /go/build/PREVIOUS_VERSION_ONE_TAG_GENERIC.txt)-fips"
# Authenticate to staging registry
- export AWS_ACCESS_KEY_ID="$STAGING_AWS_ACCESS_KEY_ID"
- export AWS_SECRET_ACCESS_KEY="$STAGING_AWS_SECRET_ACCESS_KEY"
- aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com
# OSS
- docker build --target teleport --build-arg DOWNLOAD_TYPE=teleport --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $OSS_IMAGE_NAME_STAGE -f /go/build/Dockerfile-cron /go/build
- docker push $OSS_IMAGE_NAME_STAGE
# Enterprise
- docker build --target teleport --build-arg DOWNLOAD_TYPE=teleport-ent --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $ENT_IMAGE_NAME_STAGE -f /go/build/Dockerfile-cron /go/build
- docker push $ENT_IMAGE_NAME_STAGE
# Enterprise FIPS
- docker build --target teleport-fips --build-arg DOWNLOAD_TYPE=teleport-ent --build-arg EXTRA_DOWNLOAD_ARGS="-fips" --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $ENT_FIPS_IMAGE_NAME_STAGE -f /go/build/Dockerfile-cron /go/build
- docker push $ENT_FIPS_IMAGE_NAME_STAGE
# Authenticate to production registry
- docker logout 146628656107.dkr.ecr.us-west-2.amazonaws.com
- export AWS_ACCESS_KEY_ID="$PROD_AWS_ACCESS_KEY_ID"
- export AWS_SECRET_ACCESS_KEY="$PROD_AWS_SECRET_ACCESS_KEY"
- aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws
# Retag images
- docker tag $OSS_IMAGE_NAME_STAGE $OSS_IMAGE_NAME_PROD
- docker tag $ENT_IMAGE_NAME_STAGE $ENT_IMAGE_NAME_PROD
- docker tag $ENT_FIPS_IMAGE_NAME_STAGE $ENT_FIPS_IMAGE_NAME_PROD
# Promote to production registry
- docker push $ENT_IMAGE_NAME_PROD
- docker push $OSS_IMAGE_NAME_PROD
- docker push $ENT_FIPS_IMAGE_NAME_PROD
- name : Build and push Teleport containers (PREVIOUS_VERSION_TWO)
image : docker
environment :
OS : linux
ARCH : amd64
STAGING_AWS_ACCESS_KEY_ID :
from_secret : STAGING_TELEPORT_DRONE_USER_ECR_KEY
STAGING_AWS_SECRET_ACCESS_KEY :
from_secret : STAGING_TELEPORT_DRONE_USER_ECR_SECRET
PROD_AWS_ACCESS_KEY_ID :
from_secret : PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY
PROD_AWS_SECRET_ACCESS_KEY :
from_secret : PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET
volumes :
- name : dockersock
path : /var/run
commands :
- apk add --no-cache aws-cli
- export CURRENT_DATE=$(date '+%Y%m%d%H%M')
- export VERSION_TAG=$(cat /go/build/PREVIOUS_VERSION_TWO_TAG.txt)
# Staging image names
- export OSS_IMAGE_NAME_STAGE="146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat /go/build/PREVIOUS_VERSION_TWO_TAG_GENERIC.txt)-$CURRENT_DATE"
- export ENT_IMAGE_NAME_STAGE="146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat /go/build/PREVIOUS_VERSION_TWO_TAG_GENERIC.txt)-$CURRENT_DATE"
- export ENT_FIPS_IMAGE_NAME_STAGE="146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat /go/build/PREVIOUS_VERSION_TWO_TAG_GENERIC.txt)-fips-$CURRENT_DATE"
# Production image names
- export OSS_IMAGE_NAME_PROD="public.ecr.aws/gravitational/teleport:$(cat /go/build/PREVIOUS_VERSION_TWO_TAG_GENERIC.txt)"
- export ENT_IMAGE_NAME_PROD="public.ecr.aws/gravitational/teleport-ent:$(cat /go/build/PREVIOUS_VERSION_TWO_TAG_GENERIC.txt)"
- export ENT_FIPS_IMAGE_NAME_PROD="public.ecr.aws/gravitational/teleport-ent:$(cat /go/build/PREVIOUS_VERSION_TWO_TAG_GENERIC.txt)-fips"
# Authenticate to staging registry
- export AWS_ACCESS_KEY_ID="$STAGING_AWS_ACCESS_KEY_ID"
- export AWS_SECRET_ACCESS_KEY="$STAGING_AWS_SECRET_ACCESS_KEY"
- aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com
# OSS
- docker build --target teleport --build-arg DOWNLOAD_TYPE=teleport --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $OSS_IMAGE_NAME_STAGE -f /go/build/Dockerfile-cron-v8 /go/build
- docker push $OSS_IMAGE_NAME_STAGE
# Enterprise
- docker build --target teleport --build-arg DOWNLOAD_TYPE=teleport-ent --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $ENT_IMAGE_NAME_STAGE -f /go/build/Dockerfile-cron-v8 /go/build
- docker push $ENT_IMAGE_NAME_STAGE
# Enterprise FIPS
- docker build --target teleport-fips --build-arg DOWNLOAD_TYPE=teleport-ent --build-arg EXTRA_DOWNLOAD_ARGS="-fips" --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $ENT_FIPS_IMAGE_NAME_STAGE -f /go/build/Dockerfile-cron-v8 /go/build
- docker push $ENT_FIPS_IMAGE_NAME_STAGE
# Authenticate to production registry
- docker logout 146628656107.dkr.ecr.us-west-2.amazonaws.com
- export AWS_ACCESS_KEY_ID="$PROD_AWS_ACCESS_KEY_ID"
- export AWS_SECRET_ACCESS_KEY="$PROD_AWS_SECRET_ACCESS_KEY"
- aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws
# Retag images
- docker tag $OSS_IMAGE_NAME_STAGE $OSS_IMAGE_NAME_PROD
- docker tag $ENT_IMAGE_NAME_STAGE $ENT_IMAGE_NAME_PROD
- docker tag $ENT_FIPS_IMAGE_NAME_STAGE $ENT_FIPS_IMAGE_NAME_PROD
# Promote to production registry
- docker push $ENT_IMAGE_NAME_PROD
- docker push $OSS_IMAGE_NAME_PROD
- docker push $ENT_FIPS_IMAGE_NAME_PROD
2022-08-10 00:10:42 +00:00
- name : Build/push Teleport Lab Docker image
image : docker:git
environment :
OS : linux
ARCH : amd64
STAGING_AWS_ACCESS_KEY_ID :
from_secret : STAGING_TELEPORT_DRONE_USER_ECR_KEY
STAGING_AWS_SECRET_ACCESS_KEY :
from_secret : STAGING_TELEPORT_DRONE_USER_ECR_SECRET
PROD_AWS_ACCESS_KEY_ID :
from_secret : PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY
PROD_AWS_SECRET_ACCESS_KEY :
from_secret : PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET
volumes :
- name : dockersock
path : /var/run
commands :
- apk add --no-cache aws-cli
- export CURRENT_DATE=$(date '+%Y%m%d%H%M')
- export TELEPORT_TAG=$(cat /go/build/CURRENT_VERSION_TAG.txt | tr -d '^v')
- export TELEPORT_LAB_IMAGE_NAME_STAGING="146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-lab:$(cat /go/build/CURRENT_VERSION_TAG_GENERIC.txt)-$CURRENT_DATE"
- export TELEPORT_LAB_IMAGE_NAME_PROD="public.ecr.aws/gravitational/teleport-lab:$(cat /go/build/CURRENT_VERSION_TAG_GENERIC.txt)"
# Check out code
- mkdir -p /go/src/github.com/gravitational/teleport
- cd /go/src/github.com/gravitational/teleport
- git init && git remote add origin ${DRONE_REMOTE_URL}
- git fetch origin
- git checkout -qf ${DRONE_COMMIT_SHA}
# Authenticate to staging registry
- export AWS_ACCESS_KEY_ID="$STAGING_AWS_ACCESS_KEY_ID"
- export AWS_SECRET_ACCESS_KEY="$STAGING_AWS_SECRET_ACCESS_KEY"
- aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com
# Build and push image
- docker build --build-arg TELEPORT_TAG=$TELEPORT_TAG -t $TELEPORT_LAB_IMAGE_NAME_STAGING /go/src/github.com/gravitational/teleport/docker/sshd
- docker push $TELEPORT_LAB_IMAGE_NAME_STAGING
# Authenticate to production registry
- docker logout 146628656107.dkr.ecr.us-west-2.amazonaws.com
- export AWS_ACCESS_KEY_ID="$PROD_AWS_ACCESS_KEY_ID"
- export AWS_SECRET_ACCESS_KEY="$PROD_AWS_SECRET_ACCESS_KEY"
- aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws
# Push to production registry
- docker tag $TELEPORT_LAB_IMAGE_NAME_STAGING $TELEPORT_LAB_IMAGE_NAME_PROD
- docker push $TELEPORT_LAB_IMAGE_NAME_PROD
2022-07-26 16:14:08 +00:00
services :
- name : Start Docker
image : docker:dind
privileged : true
volumes :
- name : dockersock
path : /var/run
volumes :
- name : dockersock
temp : {}
2020-07-18 00:35:46 +00:00
---
kind : pipeline
type : kubernetes
name : teleport-helm-cron
trigger :
cron :
- teleport-helm-cron
2020-07-24 23:37:14 +00:00
repo :
include :
2021-02-12 15:50:21 +00:00
- gravitational/teleport
2020-07-18 00:35:46 +00:00
workspace :
path : /go
2020-07-02 17:48:54 +00:00
clone :
disable : true
steps :
- name : Check out code
image : alpine/git
commands :
2020-07-18 00:35:46 +00:00
- mkdir -p /go/src/github.com/gravitational/teleport
- cd /go/src/github.com/gravitational/teleport
2021-01-15 20:33:54 +00:00
- git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .
2020-08-10 14:15:05 +00:00
- git checkout ${DRONE_COMMIT}
2021-01-26 18:08:15 +00:00
- mkdir -p /go/chart
- cd /go/chart
- name : Download chart repo contents
image : amazon/aws-cli
environment :
AWS_S3_BUCKET :
from_secret : PRODUCTION_CHARTS_AWS_S3_BUCKET
AWS_ACCESS_KEY_ID :
from_secret : PRODUCTION_CHARTS_AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY :
from_secret : PRODUCTION_CHARTS_AWS_SECRET_ACCESS_KEY
commands :
- mkdir -p /go/chart
# download all previously packaged chart versions from the S3 bucket
- aws s3 sync s3://$AWS_S3_BUCKET/ /go/chart
2020-07-02 17:48:54 +00:00
2020-11-13 01:02:33 +00:00
- name : Package helm charts
image : alpine/helm:latest
2020-07-02 17:48:54 +00:00
commands :
2020-07-18 00:35:46 +00:00
- cd /go/chart
2021-03-08 16:06:54 +00:00
- helm package /go/src/github.com/gravitational/teleport/examples/chart/teleport-cluster
2021-05-25 17:53:11 +00:00
- helm package /go/src/github.com/gravitational/teleport/examples/chart/teleport-kube-agent
2021-01-07 20:53:25 +00:00
# copy index.html to root of the S3 bucket
- cp /go/src/github.com/gravitational/teleport/examples/chart/index.html /go/chart
2021-01-26 18:08:15 +00:00
# this will index all previous versions of the charts downloaded from the S3 bucket,
# plus the just-packaged charts listed above
2020-07-18 00:35:46 +00:00
- helm repo index /go/chart
2020-07-02 17:48:54 +00:00
- name : Upload to S3
image : plugins/s3
settings :
2020-11-13 18:03:44 +00:00
bucket :
from_secret : PRODUCTION_CHARTS_AWS_S3_BUCKET
2020-07-02 17:48:54 +00:00
access_key :
from_secret : PRODUCTION_CHARTS_AWS_ACCESS_KEY_ID
secret_key :
from_secret : PRODUCTION_CHARTS_AWS_SECRET_ACCESS_KEY
region : us-east-2
acl : public-read
2020-07-18 00:35:46 +00:00
source : /go/chart/*
2020-07-02 17:48:54 +00:00
target : /
2020-07-18 00:35:46 +00:00
strip_prefix : /go/chart
2020-07-02 17:48:54 +00:00
2020-11-25 20:52:29 +00:00
- name : Send Slack notification
image : plugins/slack
settings :
webhook :
from_secret : SLACK_WEBHOOK_DEV_TELEPORT
template : |
*{{#success build.status}}✔{{ else }}✘{{/success}} {{ uppercasefirst build.status }}: Build #{{ build.number }}* (type: `{{ build.event }}`)
2021-01-15 21:08:07 +00:00
Details : The `teleport-helm-cron` job in Drone failed to publish Helm charts to S3. This is unusual and should be investigated.
2020-11-25 20:52:29 +00:00
Commit : <https://github.com/{{ repo.owner }}/{{ repo.name }}/commit/{{ build.commit }}|{{ truncate build.commit 8 }}>
Branch : <https://github.com/{{ repo.owner }}/{{ repo.name }}/commits/{{ build.branch }}|{{ build.branch }}>
Author : <https://github.com/{{ build.author }}|{{ build.author }}>
<{{ build.link }}|Visit Drone build page ↗>
when :
status : [ failure]
2020-06-25 17:29:10 +00:00
---
2021-03-23 01:32:45 +00:00
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/tag.go (main.tagPipeline)
2021-12-01 01:39:24 +00:00
################################################
kind : pipeline
type : kubernetes
name : build-linux-amd64-centos7
environment :
2022-06-16 03:05:54 +00:00
BUILDBOX_VERSION : teleport11
2022-09-19 17:31:51 +00:00
RUNTIME : go1.19.1
2021-12-01 01:39:24 +00:00
trigger :
event :
include :
- tag
ref :
include :
- refs/tags/v*
repo :
include :
- gravitational/*
workspace :
path : /go
clone :
disable : true
2022-09-28 10:59:33 +00:00
depends_on :
- clean-up-previous-build
2021-12-01 01:39:24 +00:00
steps :
- name : Check out code
image : docker:git
commands :
- mkdir -p /go/src/github.com/gravitational/teleport
- cd /go/src/github.com/gravitational/teleport
- git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa
&& chmod 600 /root/.ssh/id_rsa
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
- git submodule update --init e
- git submodule update --init --recursive webassets || true
- rm -f /root/.ssh/id_rsa
- mkdir -p /go/cache /go/artifacts
2022-04-06 13:35:45 +00:00
- |-
VERSION=$(egrep ^VERSION Makefile | cut -d= -f2)
if [ "$$VERSION" != "${DRONE_TAG##v}" ]; then
echo "Mismatch between Makefile version: $$VERSION and git tag: $DRONE_TAG"
exit 1
fi
echo "$$VERSION" > /go/.version.txt
2021-12-01 01:39:24 +00:00
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
- name : Wait for docker
image : docker
commands :
- timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done'
volumes :
- name : dockersock
path : /var/run
- name : Build artifacts
image : docker
commands :
- apk add --no-cache make
- chown -R $UID:$GID /go
- cd /go/src/github.com/gravitational/teleport
- make -C build.assets release-amd64-centos7
environment :
ARCH : amd64
GID : "1000"
GOCACHE : /go/cache
GOPATH : /go
OS : linux
UID : "1000"
volumes :
- name : dockersock
path : /var/run
- name : Copy artifacts
image : docker
commands :
- cd /go/src/github.com/gravitational/teleport
- find . -maxdepth 1 -iname "teleport*.tar.gz" -print -exec cp {} /go/artifacts
\;
- find e/ -maxdepth 1 -iname "teleport*.tar.gz" -print -exec cp {} /go/artifacts
\;
- export VERSION=$(cat /go/.version.txt)
- mv /go/artifacts/teleport-v$${VERSION}-linux-amd64-bin.tar.gz /go/artifacts/teleport-v$${VERSION}-linux-amd64-centos7-bin.tar.gz
- mv /go/artifacts/teleport-ent-v$${VERSION}-linux-amd64-bin.tar.gz /go/artifacts/teleport-ent-v$${VERSION}-linux-amd64-centos7-bin.tar.gz
- cd /go/artifacts && for FILE in teleport*.tar.gz; do sha256sum $FILE > $FILE.sha256;
done && ls -l
- name : Upload to S3
image : plugins/s3
settings :
access_key :
from_secret : AWS_ACCESS_KEY_ID
bucket :
from_secret : AWS_S3_BUCKET
region : us-west-2
secret_key :
from_secret : AWS_SECRET_ACCESS_KEY
source : /go/artifacts/*
strip_prefix : /go/artifacts/
target : teleport/tag/${DRONE_TAG##v}
2022-01-03 15:51:17 +00:00
- name : Register artifacts
image : docker
commands :
- WORKSPACE_DIR=$${WORKSPACE_DIR:-/}
- VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt")
- RELEASES_HOST='https://releases-staging.platform.teleport.sh'
- echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt"
- echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key"
- trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT
- CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key"
- which curl || apk add --no-cache curl
- |-
cd "$WORKSPACE_DIR/go/artifacts"
2022-07-26 12:27:39 +00:00
find . -type f ! -iname '*.sha256' ! -iname '*-unsigned.zip*' | while read -r file; do
2022-01-03 15:51:17 +00:00
# Skip files that are not results of this build
# (e.g. tarballs from which OS packages are made)
[ -f "$file.sha256" ] || continue
2022-04-06 13:35:45 +00:00
name="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z
2022-07-26 12:27:39 +00:00
description="Linux 64-bit (RHEL/CentOS 7.x compatible)"
products="$name"
2022-04-06 13:35:45 +00:00
if [ "$name" = "tsh" ]; then
2022-07-26 12:27:39 +00:00
products="teleport teleport-ent"
2022-09-09 14:15:54 +00:00
elif [ "$name" = "Teleport Connect" -o "$name" = "teleport-connect" ]; then
2022-07-26 12:27:39 +00:00
description="Teleport Connect"
products="teleport teleport-ent"
2022-01-03 15:51:17 +00:00
fi
2022-04-06 13:35:45 +00:00
shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)"
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -F description="$description" -F os="linux" -F arch="amd64" -F "file=@$file" -F "sha256=$shasum" "$RELEASES_HOST/assets";
2022-04-06 13:35:45 +00:00
for product in $products; do
status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases")
if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then
echo "curl HTTP status: $status_code"
cat $WORKSPACE_DIR/curl_out.txt
exit 1
fi
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -X PUT "$RELEASES_HOST/releases/$product@$VERSION/assets/$(basename "$file" | sed 's/ /%20/g')"
2022-04-06 13:35:45 +00:00
done
2022-01-03 15:51:17 +00:00
done
environment :
RELEASES_CERT :
from_secret : RELEASES_CERT_STAGING
RELEASES_KEY :
from_secret : RELEASES_KEY_STAGING
2022-01-25 19:06:55 +00:00
failure : ignore
2021-12-01 01:39:24 +00:00
services :
- name : Start Docker
image : docker:dind
privileged : true
volumes :
- name : dockersock
path : /var/run
volumes :
- name : dockersock
temp : {}
---
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/tag.go (main.tagPipeline)
2021-12-01 01:39:24 +00:00
################################################
kind : pipeline
type : kubernetes
name : build-linux-amd64-centos7-fips
environment :
2022-06-16 03:05:54 +00:00
BUILDBOX_VERSION : teleport11
2022-09-19 17:31:51 +00:00
RUNTIME : go1.19.1
2021-12-01 01:39:24 +00:00
trigger :
event :
include :
- tag
ref :
include :
- refs/tags/v*
repo :
include :
- gravitational/*
workspace :
path : /go
clone :
disable : true
2022-09-28 10:59:33 +00:00
depends_on :
- clean-up-previous-build
2021-12-01 01:39:24 +00:00
steps :
- name : Check out code
image : docker:git
commands :
- mkdir -p /go/src/github.com/gravitational/teleport
- cd /go/src/github.com/gravitational/teleport
- git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa
&& chmod 600 /root/.ssh/id_rsa
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
- git submodule update --init e
- git submodule update --init --recursive webassets || true
- rm -f /root/.ssh/id_rsa
- mkdir -p /go/cache /go/artifacts
2022-04-06 13:35:45 +00:00
- |-
VERSION=$(egrep ^VERSION Makefile | cut -d= -f2)
if [ "$$VERSION" != "${DRONE_TAG##v}" ]; then
echo "Mismatch between Makefile version: $$VERSION and git tag: $DRONE_TAG"
exit 1
fi
echo "$$VERSION" > /go/.version.txt
2021-12-01 01:39:24 +00:00
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
- name : Wait for docker
image : docker
commands :
- timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done'
volumes :
- name : dockersock
path : /var/run
- name : Build artifacts
image : docker
commands :
- apk add --no-cache make
- chown -R $UID:$GID /go
- cd /go/src/github.com/gravitational/teleport
- export VERSION=$(cat /go/.version.txt)
- make -C build.assets release-amd64-centos7-fips
environment :
ARCH : amd64
FIPS : "yes"
GID : "1000"
GOCACHE : /go/cache
GOPATH : /go
OS : linux
UID : "1000"
volumes :
- name : dockersock
path : /var/run
- name : Copy artifacts
image : docker
commands :
- cd /go/src/github.com/gravitational/teleport
- find e/ -maxdepth 1 -iname "teleport*.tar.gz" -print -exec cp {} /go/artifacts
\;
- export VERSION=$(cat /go/.version.txt)
- mv /go/artifacts/teleport-ent-v$${VERSION}-linux-amd64-fips-bin.tar.gz /go/artifacts/teleport-ent-v$${VERSION}-linux-amd64-centos7-fips-bin.tar.gz
- cd /go/artifacts && for FILE in teleport*.tar.gz; do sha256sum $FILE > $FILE.sha256;
done && ls -l
- name : Upload to S3
image : plugins/s3
settings :
access_key :
from_secret : AWS_ACCESS_KEY_ID
bucket :
from_secret : AWS_S3_BUCKET
region : us-west-2
secret_key :
from_secret : AWS_SECRET_ACCESS_KEY
source : /go/artifacts/*
strip_prefix : /go/artifacts/
target : teleport/tag/${DRONE_TAG##v}
2022-01-03 15:51:17 +00:00
- name : Register artifacts
image : docker
commands :
- WORKSPACE_DIR=$${WORKSPACE_DIR:-/}
- VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt")
- RELEASES_HOST='https://releases-staging.platform.teleport.sh'
- echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt"
- echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key"
- trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT
- CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key"
- which curl || apk add --no-cache curl
- |-
cd "$WORKSPACE_DIR/go/artifacts"
2022-07-26 12:27:39 +00:00
find . -type f ! -iname '*.sha256' ! -iname '*-unsigned.zip*' | while read -r file; do
2022-01-03 15:51:17 +00:00
# Skip files that are not results of this build
# (e.g. tarballs from which OS packages are made)
[ -f "$file.sha256" ] || continue
2022-04-06 13:35:45 +00:00
name="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z
2022-07-26 12:27:39 +00:00
description="Linux 64-bit (RHEL/CentOS 7.x compatible, FedRAMP/FIPS)"
products="$name"
2022-04-06 13:35:45 +00:00
if [ "$name" = "tsh" ]; then
2022-07-26 12:27:39 +00:00
products="teleport teleport-ent"
2022-09-09 14:15:54 +00:00
elif [ "$name" = "Teleport Connect" -o "$name" = "teleport-connect" ]; then
2022-07-26 12:27:39 +00:00
description="Teleport Connect"
products="teleport teleport-ent"
2022-01-03 15:51:17 +00:00
fi
2022-04-06 13:35:45 +00:00
shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)"
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -F description="$description" -F os="linux" -F arch="amd64" -F "file=@$file" -F "sha256=$shasum" "$RELEASES_HOST/assets";
2022-04-06 13:35:45 +00:00
for product in $products; do
status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases")
if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then
echo "curl HTTP status: $status_code"
cat $WORKSPACE_DIR/curl_out.txt
exit 1
fi
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -X PUT "$RELEASES_HOST/releases/$product@$VERSION/assets/$(basename "$file" | sed 's/ /%20/g')"
2022-04-06 13:35:45 +00:00
done
2022-01-03 15:51:17 +00:00
done
environment :
RELEASES_CERT :
from_secret : RELEASES_CERT_STAGING
RELEASES_KEY :
from_secret : RELEASES_KEY_STAGING
2022-01-25 19:06:55 +00:00
failure : ignore
2021-12-01 01:39:24 +00:00
services :
- name : Start Docker
image : docker:dind
privileged : true
volumes :
- name : dockersock
path : /var/run
volumes :
- name : dockersock
temp : {}
---
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/tag.go (main.tagPipeline)
2021-03-23 01:32:45 +00:00
################################################
2020-06-25 17:29:10 +00:00
kind : pipeline
type : kubernetes
name : build-linux-amd64
environment :
2022-06-16 03:05:54 +00:00
BUILDBOX_VERSION : teleport11
2022-09-19 17:31:51 +00:00
RUNTIME : go1.19.1
2020-06-25 17:29:10 +00:00
trigger :
event :
2021-03-23 01:32:45 +00:00
include :
2020-06-25 17:29:10 +00:00
- tag
ref :
include :
2021-03-23 01:32:45 +00:00
- refs/tags/v*
2020-07-24 23:37:14 +00:00
repo :
include :
2021-03-23 01:32:45 +00:00
- gravitational/*
2020-06-25 17:29:10 +00:00
workspace :
path : /go
clone :
disable : true
2022-09-28 10:59:33 +00:00
depends_on :
- clean-up-previous-build
2020-06-25 17:29:10 +00:00
steps :
2021-03-23 01:32:45 +00:00
- name : Check out code
image : docker:git
commands :
2022-08-23 19:57:22 +00:00
- mkdir -p /go/src/github.com/gravitational/webapps
2021-03-23 01:32:45 +00:00
- mkdir -p /go/src/github.com/gravitational/teleport
- cd /go/src/github.com/gravitational/teleport
- git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa
&& chmod 600 /root/.ssh/id_rsa
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
- git submodule update --init e
- git submodule update --init --recursive webassets || true
2022-08-23 19:57:22 +00:00
- cd /go/src/github.com/gravitational/webapps
- git clone https://github.com/gravitational/webapps.git .
- git checkout "$(/go/src/github.com/gravitational/teleport/build.assets/webapps/webapps-version.sh)"
- git submodule update --init packages/webapps.e
- cd -
2021-03-23 01:32:45 +00:00
- rm -f /root/.ssh/id_rsa
- mkdir -p /go/cache /go/artifacts
2022-04-06 13:35:45 +00:00
- |-
VERSION=$(egrep ^VERSION Makefile | cut -d= -f2)
if [ "$$VERSION" != "${DRONE_TAG##v}" ]; then
echo "Mismatch between Makefile version: $$VERSION and git tag: $DRONE_TAG"
exit 1
fi
echo "$$VERSION" > /go/.version.txt
2021-03-23 01:32:45 +00:00
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
2021-03-31 20:41:51 +00:00
- name : Wait for docker
image : docker
commands :
- timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done'
volumes :
- name : dockersock
path : /var/run
2021-03-23 01:32:45 +00:00
- name : Build artifacts
image : docker
commands :
- apk add --no-cache make
- chown -R $UID:$GID /go
- cd /go/src/github.com/gravitational/teleport
2022-08-23 19:57:22 +00:00
- export VERSION=$(cat /go/.version.txt)
2022-07-02 02:11:37 +00:00
- make -C build.assets release-amd64-centos7
2022-08-23 19:57:22 +00:00
- make -C build.assets teleterm
2021-03-23 01:32:45 +00:00
environment :
ARCH : amd64
GID : "1000"
2021-06-14 20:29:32 +00:00
GOCACHE : /go/cache
2021-03-23 01:32:45 +00:00
GOPATH : /go
OS : linux
UID : "1000"
volumes :
- name : dockersock
path : /var/run
- name : Copy artifacts
image : docker
commands :
- cd /go/src/github.com/gravitational/teleport
- find . -maxdepth 1 -iname "teleport*.tar.gz" -print -exec cp {} /go/artifacts
\;
- find e/ -maxdepth 1 -iname "teleport*.tar.gz" -print -exec cp {} /go/artifacts
\;
2022-08-23 19:57:22 +00:00
- find /go/src/github.com/gravitational/webapps/packages/teleterm/build/release
-maxdepth 1 \( -iname "teleport-connect*.tar.gz" -o -iname "teleport-connect*.rpm"
-o -iname "teleport-connect*.deb" \) -print -exec cp {} /go/artifacts/ \;
2021-03-23 01:32:45 +00:00
- cd /go/artifacts && for FILE in teleport*.tar.gz; do sha256sum $FILE > $FILE.sha256;
done && ls -l
2022-09-08 19:50:38 +00:00
- |-
cd /go/artifacts && for FILE in teleport-connect*.deb teleport-connect*.rpm; do
sha256sum $FILE > $FILE.sha256;
done && ls -l
2021-03-23 01:32:45 +00:00
- name : Upload to S3
image : plugins/s3
settings :
access_key :
from_secret : AWS_ACCESS_KEY_ID
bucket :
from_secret : AWS_S3_BUCKET
region : us-west-2
secret_key :
from_secret : AWS_SECRET_ACCESS_KEY
source : /go/artifacts/*
strip_prefix : /go/artifacts/
target : teleport/tag/${DRONE_TAG##v}
2022-01-03 15:51:17 +00:00
- name : Register artifacts
image : docker
commands :
- WORKSPACE_DIR=$${WORKSPACE_DIR:-/}
- VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt")
- RELEASES_HOST='https://releases-staging.platform.teleport.sh'
- echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt"
- echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key"
- trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT
- CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key"
- which curl || apk add --no-cache curl
- |-
cd "$WORKSPACE_DIR/go/artifacts"
2022-07-26 12:27:39 +00:00
find . -type f ! -iname '*.sha256' ! -iname '*-unsigned.zip*' | while read -r file; do
2022-01-03 15:51:17 +00:00
# Skip files that are not results of this build
# (e.g. tarballs from which OS packages are made)
[ -f "$file.sha256" ] || continue
2022-04-06 13:35:45 +00:00
name="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z
2022-07-26 12:27:39 +00:00
description="Linux 64-bit"
products="$name"
2022-04-06 13:35:45 +00:00
if [ "$name" = "tsh" ]; then
2022-07-26 12:27:39 +00:00
products="teleport teleport-ent"
2022-09-09 14:15:54 +00:00
elif [ "$name" = "Teleport Connect" -o "$name" = "teleport-connect" ]; then
2022-07-26 12:27:39 +00:00
description="Teleport Connect"
products="teleport teleport-ent"
2022-01-03 15:51:17 +00:00
fi
2022-04-06 13:35:45 +00:00
shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)"
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -F description="$description" -F os="linux" -F arch="amd64" -F "file=@$file" -F "sha256=$shasum" "$RELEASES_HOST/assets";
2022-04-06 13:35:45 +00:00
for product in $products; do
status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases")
if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then
echo "curl HTTP status: $status_code"
cat $WORKSPACE_DIR/curl_out.txt
exit 1
fi
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -X PUT "$RELEASES_HOST/releases/$product@$VERSION/assets/$(basename "$file" | sed 's/ /%20/g')"
2022-04-06 13:35:45 +00:00
done
2022-01-03 15:51:17 +00:00
done
environment :
RELEASES_CERT :
from_secret : RELEASES_CERT_STAGING
RELEASES_KEY :
from_secret : RELEASES_KEY_STAGING
2022-01-25 19:06:55 +00:00
failure : ignore
2020-06-25 17:29:10 +00:00
services :
2021-03-23 01:32:45 +00:00
- name : Start Docker
2021-06-14 20:29:32 +00:00
image : docker:dind
2021-06-21 17:02:30 +00:00
privileged : true
2021-03-23 01:32:45 +00:00
volumes :
2020-06-25 17:29:10 +00:00
- name : dockersock
2021-03-23 01:32:45 +00:00
path : /var/run
volumes :
- name : dockersock
temp : {}
2020-06-25 17:29:10 +00:00
---
2021-03-23 01:32:45 +00:00
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/tag.go (main.tagPipeline)
2021-03-23 01:32:45 +00:00
################################################
2020-06-25 17:29:10 +00:00
kind : pipeline
type : kubernetes
name : build-linux-amd64-fips
environment :
2022-06-16 03:05:54 +00:00
BUILDBOX_VERSION : teleport11
2022-09-19 17:31:51 +00:00
RUNTIME : go1.19.1
2020-06-25 17:29:10 +00:00
trigger :
event :
2021-03-23 01:32:45 +00:00
include :
2020-06-25 17:29:10 +00:00
- tag
ref :
include :
2021-03-23 01:32:45 +00:00
- refs/tags/v*
2020-07-24 23:37:14 +00:00
repo :
include :
2021-03-23 01:32:45 +00:00
- gravitational/*
2020-06-25 17:29:10 +00:00
workspace :
path : /go
clone :
disable : true
2022-09-28 10:59:33 +00:00
depends_on :
- clean-up-previous-build
2020-06-25 17:29:10 +00:00
steps :
2021-03-23 01:32:45 +00:00
- name : Check out code
image : docker:git
commands :
- mkdir -p /go/src/github.com/gravitational/teleport
- cd /go/src/github.com/gravitational/teleport
- git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa
&& chmod 600 /root/.ssh/id_rsa
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
- git submodule update --init e
- git submodule update --init --recursive webassets || true
- rm -f /root/.ssh/id_rsa
- mkdir -p /go/cache /go/artifacts
2022-04-06 13:35:45 +00:00
- |-
VERSION=$(egrep ^VERSION Makefile | cut -d= -f2)
if [ "$$VERSION" != "${DRONE_TAG##v}" ]; then
echo "Mismatch between Makefile version: $$VERSION and git tag: $DRONE_TAG"
exit 1
fi
echo "$$VERSION" > /go/.version.txt
2021-03-23 01:32:45 +00:00
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
2021-03-31 20:41:51 +00:00
- name : Wait for docker
image : docker
commands :
- timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done'
volumes :
- name : dockersock
path : /var/run
2021-03-23 01:32:45 +00:00
- name : Build artifacts
image : docker
commands :
- apk add --no-cache make
- chown -R $UID:$GID /go
- cd /go/src/github.com/gravitational/teleport
- export VERSION=$(cat /go/.version.txt)
2022-07-02 02:11:37 +00:00
- make -C build.assets release-amd64-centos7-fips
2021-03-23 01:32:45 +00:00
environment :
ARCH : amd64
FIPS : "yes"
GID : "1000"
2021-06-14 20:29:32 +00:00
GOCACHE : /go/cache
2021-03-23 01:32:45 +00:00
GOPATH : /go
OS : linux
UID : "1000"
volumes :
- name : dockersock
path : /var/run
- name : Copy artifacts
image : docker
commands :
- cd /go/src/github.com/gravitational/teleport
- find e/ -maxdepth 1 -iname "teleport*.tar.gz" -print -exec cp {} /go/artifacts
\;
- cd /go/artifacts && for FILE in teleport*.tar.gz; do sha256sum $FILE > $FILE.sha256;
done && ls -l
- name : Upload to S3
image : plugins/s3
settings :
access_key :
from_secret : AWS_ACCESS_KEY_ID
bucket :
from_secret : AWS_S3_BUCKET
region : us-west-2
secret_key :
from_secret : AWS_SECRET_ACCESS_KEY
source : /go/artifacts/*
strip_prefix : /go/artifacts/
target : teleport/tag/${DRONE_TAG##v}
2022-01-03 15:51:17 +00:00
- name : Register artifacts
image : docker
commands :
- WORKSPACE_DIR=$${WORKSPACE_DIR:-/}
- VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt")
- RELEASES_HOST='https://releases-staging.platform.teleport.sh'
- echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt"
- echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key"
- trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT
- CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key"
- which curl || apk add --no-cache curl
- |-
cd "$WORKSPACE_DIR/go/artifacts"
2022-07-26 12:27:39 +00:00
find . -type f ! -iname '*.sha256' ! -iname '*-unsigned.zip*' | while read -r file; do
2022-01-03 15:51:17 +00:00
# Skip files that are not results of this build
# (e.g. tarballs from which OS packages are made)
[ -f "$file.sha256" ] || continue
2022-04-06 13:35:45 +00:00
name="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z
2022-07-26 12:27:39 +00:00
description="Linux 64-bit (FedRAMP/FIPS)"
products="$name"
2022-04-06 13:35:45 +00:00
if [ "$name" = "tsh" ]; then
2022-07-26 12:27:39 +00:00
products="teleport teleport-ent"
2022-09-09 14:15:54 +00:00
elif [ "$name" = "Teleport Connect" -o "$name" = "teleport-connect" ]; then
2022-07-26 12:27:39 +00:00
description="Teleport Connect"
products="teleport teleport-ent"
2022-01-03 15:51:17 +00:00
fi
2022-04-06 13:35:45 +00:00
shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)"
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -F description="$description" -F os="linux" -F arch="amd64" -F "file=@$file" -F "sha256=$shasum" "$RELEASES_HOST/assets";
2022-04-06 13:35:45 +00:00
for product in $products; do
status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases")
if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then
echo "curl HTTP status: $status_code"
cat $WORKSPACE_DIR/curl_out.txt
exit 1
fi
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -X PUT "$RELEASES_HOST/releases/$product@$VERSION/assets/$(basename "$file" | sed 's/ /%20/g')"
2022-04-06 13:35:45 +00:00
done
2022-01-03 15:51:17 +00:00
done
environment :
RELEASES_CERT :
from_secret : RELEASES_CERT_STAGING
RELEASES_KEY :
from_secret : RELEASES_KEY_STAGING
2022-01-25 19:06:55 +00:00
failure : ignore
2020-06-25 17:29:10 +00:00
services :
2021-03-23 01:32:45 +00:00
- name : Start Docker
2021-06-14 20:29:32 +00:00
image : docker:dind
2021-06-21 17:02:30 +00:00
privileged : true
2021-03-23 01:32:45 +00:00
volumes :
2020-06-25 17:29:10 +00:00
- name : dockersock
2021-03-23 01:32:45 +00:00
path : /var/run
volumes :
- name : dockersock
temp : {}
2020-06-25 17:29:10 +00:00
---
2021-03-23 01:32:45 +00:00
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/tag.go (main.tagPackagePipeline)
2021-03-23 01:32:45 +00:00
################################################
2020-06-25 17:29:10 +00:00
kind : pipeline
type : kubernetes
2022-03-25 20:55:31 +00:00
name : build-linux-amd64-centos7-rpm
2020-06-25 17:29:10 +00:00
trigger :
event :
2021-03-23 01:32:45 +00:00
include :
2020-06-25 17:29:10 +00:00
- tag
ref :
include :
2021-03-23 01:32:45 +00:00
- refs/tags/v*
2020-07-24 23:37:14 +00:00
repo :
include :
2021-03-23 01:32:45 +00:00
- gravitational/*
2020-06-25 17:29:10 +00:00
workspace :
path : /go
clone :
disable : true
2021-03-23 01:32:45 +00:00
depends_on :
2022-03-25 20:55:31 +00:00
- build-linux-amd64-centos7
2022-09-28 10:59:33 +00:00
- clean-up-previous-build
2020-06-25 17:29:10 +00:00
steps :
2021-03-23 01:32:45 +00:00
- name : Check out code
image : docker:git
commands :
- mkdir -p /go/src/github.com/gravitational/teleport
- cd /go/src/github.com/gravitational/teleport
- git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa
&& chmod 600 /root/.ssh/id_rsa
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
- git submodule update --init e
- git submodule update --init --recursive webassets || true
- rm -f /root/.ssh/id_rsa
- mkdir -p /go/cache /go/artifacts
2022-04-06 13:35:45 +00:00
- |-
VERSION=$(egrep ^VERSION Makefile | cut -d= -f2)
if [ "$$VERSION" != "${DRONE_TAG##v}" ]; then
echo "Mismatch between Makefile version: $$VERSION and git tag: $DRONE_TAG"
exit 1
fi
echo "$$VERSION" > /go/.version.txt
2021-03-23 01:32:45 +00:00
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
2021-03-31 20:41:51 +00:00
- name : Wait for docker
image : docker
commands :
- timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done'
volumes :
- name : dockersock
path : /var/run
2021-03-23 01:32:45 +00:00
- name : Download artifacts from S3
image : amazon/aws-cli
commands :
- export VERSION=$(cat /go/.version.txt)
- if [[ "${DRONE_TAG}" != "" ]]; then export S3_PATH="tag/$${DRONE_TAG##v}/"; else
export S3_PATH="tag/"; fi
2022-03-25 20:55:31 +00:00
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-v$${VERSION}-linux-amd64-centos7-bin.tar.gz
2021-03-23 01:32:45 +00:00
/go/artifacts/
2022-03-25 20:55:31 +00:00
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-ent-v$${VERSION}-linux-amd64-centos7-bin.tar.gz
2021-03-23 01:32:45 +00:00
/go/artifacts/
environment :
AWS_ACCESS_KEY_ID :
from_secret : AWS_ACCESS_KEY_ID
AWS_REGION : us-west-2
AWS_S3_BUCKET :
from_secret : AWS_S3_BUCKET
AWS_SECRET_ACCESS_KEY :
from_secret : AWS_SECRET_ACCESS_KEY
- name : Build artifacts
image : docker
commands :
2022-03-25 20:55:31 +00:00
- apk add --no-cache bash curl gzip make tar go
2022-08-23 22:45:50 +00:00
- apk add --no-cache aws-cli
2021-03-23 01:32:45 +00:00
- cd /go/src/github.com/gravitational/teleport
- export VERSION=$(cat /go/.version.txt)
2022-08-23 22:45:50 +00:00
- aws ecr-public get-login-password --region us-east-1 | docker login -u="AWS" --password-stdin
public.ecr.aws
2021-03-23 01:32:45 +00:00
- mkdir -m0700 $GNUPG_DIR
- echo "$GPG_RPM_SIGNING_ARCHIVE" | base64 -d | tar -xzf - -C $GNUPG_DIR
- chown -R root:root $GNUPG_DIR
- make rpm
- rm -rf $GNUPG_DIR
environment :
ARCH : amd64
2022-08-23 22:45:50 +00:00
AWS_ACCESS_KEY_ID :
from_secret : TELEPORT_BUILD_USER_READ_ONLY_KEY
AWS_SECRET_ACCESS_KEY :
from_secret : TELEPORT_BUILD_USER_READ_ONLY_SECRET
2021-03-23 01:32:45 +00:00
ENT_TARBALL_PATH : /go/artifacts
GNUPG_DIR : /tmpfs/gnupg
GPG_RPM_SIGNING_ARCHIVE :
from_secret : GPG_RPM_SIGNING_ARCHIVE
OSS_TARBALL_PATH : /go/artifacts
TMPDIR : /go
volumes :
- name : tmpfs
path : /tmpfs
2020-06-25 17:29:10 +00:00
- name : dockersock
2021-03-23 01:32:45 +00:00
path : /var/run
- name : Copy artifacts
image : docker
commands :
- cd /go/src/github.com/gravitational/teleport
- find build -maxdepth 1 -iname "teleport*.rpm*" -print -exec cp {} /go/artifacts
\;
- find e/build -maxdepth 1 -iname "teleport*.rpm*" -print -exec cp {} /go/artifacts
\;
- name : Upload to S3
image : plugins/s3
settings :
access_key :
from_secret : AWS_ACCESS_KEY_ID
bucket :
from_secret : AWS_S3_BUCKET
region : us-west-2
secret_key :
from_secret : AWS_SECRET_ACCESS_KEY
source : /go/artifacts/*
strip_prefix : /go/artifacts/
target : teleport/tag/${DRONE_TAG##v}
2022-01-03 15:51:17 +00:00
- name : Register artifacts
image : docker
commands :
- WORKSPACE_DIR=$${WORKSPACE_DIR:-/}
- VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt")
- RELEASES_HOST='https://releases-staging.platform.teleport.sh'
- echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt"
- echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key"
- trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT
- CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key"
- which curl || apk add --no-cache curl
- |-
cd "$WORKSPACE_DIR/go/artifacts"
2022-07-26 12:27:39 +00:00
find . -type f ! -iname '*.sha256' ! -iname '*-unsigned.zip*' | while read -r file; do
2022-01-03 15:51:17 +00:00
# Skip files that are not results of this build
# (e.g. tarballs from which OS packages are made)
[ -f "$file.sha256" ] || continue
2022-04-06 13:35:45 +00:00
name="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z
2022-07-26 12:27:39 +00:00
description="Linux 64-bit RPM (RHEL/CentOS 7.x compatible)"
products="$name"
2022-04-06 13:35:45 +00:00
if [ "$name" = "tsh" ]; then
2022-07-26 12:27:39 +00:00
products="teleport teleport-ent"
2022-09-09 14:15:54 +00:00
elif [ "$name" = "Teleport Connect" -o "$name" = "teleport-connect" ]; then
2022-07-26 12:27:39 +00:00
description="Teleport Connect"
products="teleport teleport-ent"
2022-01-03 15:51:17 +00:00
fi
2022-04-06 13:35:45 +00:00
shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)"
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -F description="$description" -F os="linux" -F arch="amd64" -F "file=@$file" -F "sha256=$shasum" "$RELEASES_HOST/assets";
2022-04-06 13:35:45 +00:00
for product in $products; do
status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases")
if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then
echo "curl HTTP status: $status_code"
cat $WORKSPACE_DIR/curl_out.txt
exit 1
fi
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -X PUT "$RELEASES_HOST/releases/$product@$VERSION/assets/$(basename "$file" | sed 's/ /%20/g')"
2022-04-06 13:35:45 +00:00
done
2022-01-03 15:51:17 +00:00
done
environment :
RELEASES_CERT :
from_secret : RELEASES_CERT_STAGING
RELEASES_KEY :
from_secret : RELEASES_KEY_STAGING
2022-01-25 16:09:22 +00:00
failure : ignore
2021-03-23 01:32:45 +00:00
services :
- name : Start Docker
2021-06-14 20:29:32 +00:00
image : docker:dind
2021-06-21 17:02:30 +00:00
privileged : true
2021-03-23 01:32:45 +00:00
volumes :
2020-10-31 18:27:00 +00:00
- name : tmpfs
2021-03-23 01:32:45 +00:00
path : /tmpfs
- name : dockersock
path : /var/run
volumes :
- name : tmpfs
temp :
medium : memory
- name : dockersock
temp : {}
2020-06-25 17:29:10 +00:00
---
2021-03-23 01:32:45 +00:00
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/tag.go (main.tagPackagePipeline)
2021-03-23 01:32:45 +00:00
################################################
2020-06-25 17:29:10 +00:00
kind : pipeline
type : kubernetes
2022-03-25 20:55:31 +00:00
name : build-linux-amd64-centos7-fips-rpm
2020-06-25 17:29:10 +00:00
trigger :
event :
2021-03-23 01:32:45 +00:00
include :
2020-07-17 00:43:18 +00:00
- tag
ref :
include :
2021-03-23 01:32:45 +00:00
- refs/tags/v*
2020-07-24 23:37:14 +00:00
repo :
include :
2021-03-23 01:32:45 +00:00
- gravitational/*
2020-06-25 17:29:10 +00:00
workspace :
2021-03-23 01:32:45 +00:00
path : /go
clone :
disable : true
depends_on :
2022-03-25 20:55:31 +00:00
- build-linux-amd64-centos7-fips
2022-09-28 10:59:33 +00:00
- clean-up-previous-build
2021-03-23 01:32:45 +00:00
steps :
- name : Check out code
image : docker:git
commands :
- mkdir -p /go/src/github.com/gravitational/teleport
- cd /go/src/github.com/gravitational/teleport
- git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa
&& chmod 600 /root/.ssh/id_rsa
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
- git submodule update --init e
- git submodule update --init --recursive webassets || true
- rm -f /root/.ssh/id_rsa
- mkdir -p /go/cache /go/artifacts
2022-04-06 13:35:45 +00:00
- |-
VERSION=$(egrep ^VERSION Makefile | cut -d= -f2)
if [ "$$VERSION" != "${DRONE_TAG##v}" ]; then
echo "Mismatch between Makefile version: $$VERSION and git tag: $DRONE_TAG"
exit 1
fi
echo "$$VERSION" > /go/.version.txt
2021-03-23 01:32:45 +00:00
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
2021-03-31 20:41:51 +00:00
- name : Wait for docker
image : docker
commands :
- timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done'
volumes :
- name : dockersock
path : /var/run
2021-03-23 01:32:45 +00:00
- name : Download artifacts from S3
image : amazon/aws-cli
commands :
- export VERSION=$(cat /go/.version.txt)
- if [[ "${DRONE_TAG}" != "" ]]; then export S3_PATH="tag/$${DRONE_TAG##v}/"; else
export S3_PATH="tag/"; fi
2022-03-25 20:55:31 +00:00
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-ent-v$${VERSION}-linux-amd64-centos7-fips-bin.tar.gz
2021-03-23 01:32:45 +00:00
/go/artifacts/
environment :
AWS_ACCESS_KEY_ID :
from_secret : AWS_ACCESS_KEY_ID
AWS_REGION : us-west-2
AWS_S3_BUCKET :
from_secret : AWS_S3_BUCKET
AWS_SECRET_ACCESS_KEY :
from_secret : AWS_SECRET_ACCESS_KEY
- name : Build artifacts
image : docker
commands :
2022-03-25 20:55:31 +00:00
- apk add --no-cache bash curl gzip make tar go
2022-08-23 22:45:50 +00:00
- apk add --no-cache aws-cli
2021-03-23 01:32:45 +00:00
- cd /go/src/github.com/gravitational/teleport
- export VERSION=$(cat /go/.version.txt)
2022-08-23 22:45:50 +00:00
- aws ecr-public get-login-password --region us-east-1 | docker login -u="AWS" --password-stdin
public.ecr.aws
2021-03-23 01:32:45 +00:00
- mkdir -m0700 $GNUPG_DIR
- echo "$GPG_RPM_SIGNING_ARCHIVE" | base64 -d | tar -xzf - -C $GNUPG_DIR
- chown -R root:root $GNUPG_DIR
- make -C e rpm
- rm -rf $GNUPG_DIR
environment :
ARCH : amd64
2022-08-23 22:45:50 +00:00
AWS_ACCESS_KEY_ID :
from_secret : TELEPORT_BUILD_USER_READ_ONLY_KEY
AWS_SECRET_ACCESS_KEY :
from_secret : TELEPORT_BUILD_USER_READ_ONLY_SECRET
2021-03-23 01:32:45 +00:00
ENT_TARBALL_PATH : /go/artifacts
FIPS : "yes"
GNUPG_DIR : /tmpfs/gnupg
GPG_RPM_SIGNING_ARCHIVE :
from_secret : GPG_RPM_SIGNING_ARCHIVE
RUNTIME : fips
TMPDIR : /go
volumes :
- name : tmpfs
path : /tmpfs
2020-07-17 00:43:18 +00:00
- name : dockersock
2021-03-23 01:32:45 +00:00
path : /var/run
- name : Copy artifacts
image : docker
commands :
- cd /go/src/github.com/gravitational/teleport
- find e/build -maxdepth 1 -iname "teleport*.rpm*" -print -exec cp {} /go/artifacts
\;
- name : Upload to S3
image : plugins/s3
settings :
access_key :
from_secret : AWS_ACCESS_KEY_ID
bucket :
from_secret : AWS_S3_BUCKET
region : us-west-2
secret_key :
from_secret : AWS_SECRET_ACCESS_KEY
source : /go/artifacts/*
strip_prefix : /go/artifacts/
target : teleport/tag/${DRONE_TAG##v}
2022-01-03 15:51:17 +00:00
- name : Register artifacts
image : docker
commands :
- WORKSPACE_DIR=$${WORKSPACE_DIR:-/}
- VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt")
- RELEASES_HOST='https://releases-staging.platform.teleport.sh'
- echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt"
- echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key"
- trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT
- CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key"
- which curl || apk add --no-cache curl
- |-
cd "$WORKSPACE_DIR/go/artifacts"
2022-07-26 12:27:39 +00:00
find . -type f ! -iname '*.sha256' ! -iname '*-unsigned.zip*' | while read -r file; do
2022-01-03 15:51:17 +00:00
# Skip files that are not results of this build
# (e.g. tarballs from which OS packages are made)
[ -f "$file.sha256" ] || continue
2022-04-06 13:35:45 +00:00
name="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z
2022-07-26 12:27:39 +00:00
description="Linux 64-bit RPM (RHEL/CentOS 7.x compatible, FedRAMP/FIPS)"
products="$name"
2022-04-06 13:35:45 +00:00
if [ "$name" = "tsh" ]; then
2022-07-26 12:27:39 +00:00
products="teleport teleport-ent"
2022-09-09 14:15:54 +00:00
elif [ "$name" = "Teleport Connect" -o "$name" = "teleport-connect" ]; then
2022-07-26 12:27:39 +00:00
description="Teleport Connect"
products="teleport teleport-ent"
2022-01-03 15:51:17 +00:00
fi
2022-04-06 13:35:45 +00:00
shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)"
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -F description="$description" -F os="linux" -F arch="amd64" -F "file=@$file" -F "sha256=$shasum" "$RELEASES_HOST/assets";
2022-04-06 13:35:45 +00:00
for product in $products; do
status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases")
if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then
echo "curl HTTP status: $status_code"
cat $WORKSPACE_DIR/curl_out.txt
exit 1
fi
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -X PUT "$RELEASES_HOST/releases/$product@$VERSION/assets/$(basename "$file" | sed 's/ /%20/g')"
2022-04-06 13:35:45 +00:00
done
2022-01-03 15:51:17 +00:00
done
environment :
RELEASES_CERT :
from_secret : RELEASES_CERT_STAGING
RELEASES_KEY :
from_secret : RELEASES_KEY_STAGING
2022-01-25 16:09:22 +00:00
failure : ignore
2021-03-23 01:32:45 +00:00
services :
- name : Start Docker
2021-06-14 20:29:32 +00:00
image : docker:dind
2021-06-21 17:02:30 +00:00
privileged : true
2021-03-23 01:32:45 +00:00
volumes :
2020-10-31 18:27:00 +00:00
- name : tmpfs
2021-03-23 01:32:45 +00:00
path : /tmpfs
- name : dockersock
path : /var/run
volumes :
- name : tmpfs
temp :
medium : memory
- name : dockersock
temp : {}
2020-07-17 00:43:18 +00:00
---
2021-03-23 01:32:45 +00:00
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/tag.go (main.tagPackagePipeline)
2021-03-23 01:32:45 +00:00
################################################
2020-07-17 00:43:18 +00:00
kind : pipeline
type : kubernetes
name : build-linux-amd64-deb
trigger :
event :
2021-03-23 01:32:45 +00:00
include :
2020-07-17 00:43:18 +00:00
- tag
ref :
include :
2021-03-23 01:32:45 +00:00
- refs/tags/v*
2020-07-24 23:37:14 +00:00
repo :
include :
2021-03-23 01:32:45 +00:00
- gravitational/*
2020-07-17 00:43:18 +00:00
workspace :
path : /go
clone :
disable : true
2021-03-23 01:32:45 +00:00
depends_on :
- build-linux-amd64
2022-09-28 10:59:33 +00:00
- clean-up-previous-build
2020-07-17 00:43:18 +00:00
steps :
2021-03-23 01:32:45 +00:00
- name : Check out code
image : docker:git
commands :
2022-08-23 19:57:22 +00:00
- mkdir -p /go/src/github.com/gravitational/webapps
2021-03-23 01:32:45 +00:00
- mkdir -p /go/src/github.com/gravitational/teleport
- cd /go/src/github.com/gravitational/teleport
- git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa
&& chmod 600 /root/.ssh/id_rsa
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
- git submodule update --init e
- git submodule update --init --recursive webassets || true
2022-08-23 19:57:22 +00:00
- cd /go/src/github.com/gravitational/webapps
- git clone https://github.com/gravitational/webapps.git .
- git checkout "$(/go/src/github.com/gravitational/teleport/build.assets/webapps/webapps-version.sh)"
- git submodule update --init packages/webapps.e
- cd -
2021-03-23 01:32:45 +00:00
- rm -f /root/.ssh/id_rsa
- mkdir -p /go/cache /go/artifacts
2022-04-06 13:35:45 +00:00
- |-
VERSION=$(egrep ^VERSION Makefile | cut -d= -f2)
if [ "$$VERSION" != "${DRONE_TAG##v}" ]; then
echo "Mismatch between Makefile version: $$VERSION and git tag: $DRONE_TAG"
exit 1
fi
echo "$$VERSION" > /go/.version.txt
2021-03-23 01:32:45 +00:00
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
2021-03-31 20:41:51 +00:00
- name : Wait for docker
image : docker
commands :
- timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done'
volumes :
- name : dockersock
path : /var/run
2021-03-23 01:32:45 +00:00
- name : Download artifacts from S3
image : amazon/aws-cli
commands :
- export VERSION=$(cat /go/.version.txt)
- if [[ "${DRONE_TAG}" != "" ]]; then export S3_PATH="tag/$${DRONE_TAG##v}/"; else
export S3_PATH="tag/"; fi
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-v$${VERSION}-linux-amd64-bin.tar.gz
/go/artifacts/
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-ent-v$${VERSION}-linux-amd64-bin.tar.gz
/go/artifacts/
environment :
AWS_ACCESS_KEY_ID :
from_secret : AWS_ACCESS_KEY_ID
AWS_REGION : us-west-2
AWS_S3_BUCKET :
from_secret : AWS_S3_BUCKET
AWS_SECRET_ACCESS_KEY :
from_secret : AWS_SECRET_ACCESS_KEY
- name : Build artifacts
image : docker
commands :
- apk add --no-cache bash curl gzip make tar
2022-08-23 22:45:50 +00:00
- apk add --no-cache aws-cli
2021-03-23 01:32:45 +00:00
- cd /go/src/github.com/gravitational/teleport
- export VERSION=$(cat /go/.version.txt)
2022-08-23 22:45:50 +00:00
- aws ecr-public get-login-password --region us-east-1 | docker login -u="AWS" --password-stdin
public.ecr.aws
2021-03-23 01:32:45 +00:00
- make deb
environment :
ARCH : amd64
2022-08-23 22:45:50 +00:00
AWS_ACCESS_KEY_ID :
from_secret : TELEPORT_BUILD_USER_READ_ONLY_KEY
AWS_SECRET_ACCESS_KEY :
from_secret : TELEPORT_BUILD_USER_READ_ONLY_SECRET
2021-03-23 01:32:45 +00:00
ENT_TARBALL_PATH : /go/artifacts
OSS_TARBALL_PATH : /go/artifacts
TMPDIR : /go
volumes :
- name : dockersock
path : /var/run
- name : Copy artifacts
image : docker
commands :
- cd /go/src/github.com/gravitational/teleport
- find build -maxdepth 1 -iname "teleport*.deb*" -print -exec cp {} /go/artifacts
\;
- find e/build -maxdepth 1 -iname "teleport*.deb*" -print -exec cp {} /go/artifacts
\;
- name : Upload to S3
image : plugins/s3
settings :
access_key :
from_secret : AWS_ACCESS_KEY_ID
bucket :
from_secret : AWS_S3_BUCKET
region : us-west-2
secret_key :
from_secret : AWS_SECRET_ACCESS_KEY
source : /go/artifacts/*
strip_prefix : /go/artifacts/
target : teleport/tag/${DRONE_TAG##v}
2022-01-03 15:51:17 +00:00
- name : Register artifacts
image : docker
commands :
- WORKSPACE_DIR=$${WORKSPACE_DIR:-/}
- VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt")
- RELEASES_HOST='https://releases-staging.platform.teleport.sh'
- echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt"
- echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key"
- trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT
- CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key"
- which curl || apk add --no-cache curl
- |-
cd "$WORKSPACE_DIR/go/artifacts"
2022-07-26 12:27:39 +00:00
find . -type f ! -iname '*.sha256' ! -iname '*-unsigned.zip*' | while read -r file; do
2022-01-03 15:51:17 +00:00
# Skip files that are not results of this build
# (e.g. tarballs from which OS packages are made)
[ -f "$file.sha256" ] || continue
2022-04-06 13:35:45 +00:00
name="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z
2022-07-26 12:27:39 +00:00
description="Linux 64-bit DEB"
products="$name"
2022-04-06 13:35:45 +00:00
if [ "$name" = "tsh" ]; then
2022-07-26 12:27:39 +00:00
products="teleport teleport-ent"
2022-09-09 14:15:54 +00:00
elif [ "$name" = "Teleport Connect" -o "$name" = "teleport-connect" ]; then
2022-07-26 12:27:39 +00:00
description="Teleport Connect"
products="teleport teleport-ent"
2022-01-03 15:51:17 +00:00
fi
2022-04-06 13:35:45 +00:00
shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)"
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -F description="$description" -F os="linux" -F arch="amd64" -F "file=@$file" -F "sha256=$shasum" "$RELEASES_HOST/assets";
2022-04-06 13:35:45 +00:00
for product in $products; do
status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases")
if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then
echo "curl HTTP status: $status_code"
cat $WORKSPACE_DIR/curl_out.txt
exit 1
fi
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -X PUT "$RELEASES_HOST/releases/$product@$VERSION/assets/$(basename "$file" | sed 's/ /%20/g')"
2022-04-06 13:35:45 +00:00
done
2022-01-03 15:51:17 +00:00
done
environment :
RELEASES_CERT :
from_secret : RELEASES_CERT_STAGING
RELEASES_KEY :
from_secret : RELEASES_KEY_STAGING
2022-01-25 16:09:22 +00:00
failure : ignore
2020-07-17 00:43:18 +00:00
services :
2021-03-23 01:32:45 +00:00
- name : Start Docker
2021-06-14 20:29:32 +00:00
image : docker:dind
2021-06-21 17:02:30 +00:00
privileged : true
2021-03-23 01:32:45 +00:00
volumes :
2020-07-17 00:43:18 +00:00
- name : dockersock
2021-03-23 01:32:45 +00:00
path : /var/run
volumes :
- name : dockersock
temp : {}
2020-07-17 00:43:18 +00:00
---
2021-03-23 01:32:45 +00:00
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/tag.go (main.tagPackagePipeline)
2021-03-23 01:32:45 +00:00
################################################
2020-07-17 00:43:18 +00:00
kind : pipeline
type : kubernetes
name : build-linux-amd64-fips-deb
trigger :
event :
2021-03-23 01:32:45 +00:00
include :
2020-07-17 00:43:18 +00:00
- tag
ref :
include :
2021-03-23 01:32:45 +00:00
- refs/tags/v*
2020-07-24 23:37:14 +00:00
repo :
include :
2021-03-23 01:32:45 +00:00
- gravitational/*
2020-07-17 00:43:18 +00:00
workspace :
path : /go
clone :
disable : true
2021-03-23 01:32:45 +00:00
depends_on :
- build-linux-amd64-fips
2022-09-28 10:59:33 +00:00
- clean-up-previous-build
2020-07-17 00:43:18 +00:00
steps :
2021-03-23 01:32:45 +00:00
- name : Check out code
image : docker:git
commands :
- mkdir -p /go/src/github.com/gravitational/teleport
- cd /go/src/github.com/gravitational/teleport
- git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa
&& chmod 600 /root/.ssh/id_rsa
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
- git submodule update --init e
- git submodule update --init --recursive webassets || true
- rm -f /root/.ssh/id_rsa
- mkdir -p /go/cache /go/artifacts
2022-04-06 13:35:45 +00:00
- |-
VERSION=$(egrep ^VERSION Makefile | cut -d= -f2)
if [ "$$VERSION" != "${DRONE_TAG##v}" ]; then
echo "Mismatch between Makefile version: $$VERSION and git tag: $DRONE_TAG"
exit 1
fi
echo "$$VERSION" > /go/.version.txt
2021-03-23 01:32:45 +00:00
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
2021-03-31 20:41:51 +00:00
- name : Wait for docker
image : docker
commands :
- timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done'
volumes :
- name : dockersock
path : /var/run
2021-03-23 01:32:45 +00:00
- name : Download artifacts from S3
image : amazon/aws-cli
commands :
- export VERSION=$(cat /go/.version.txt)
- if [[ "${DRONE_TAG}" != "" ]]; then export S3_PATH="tag/$${DRONE_TAG##v}/"; else
export S3_PATH="tag/"; fi
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-ent-v$${VERSION}-linux-amd64-fips-bin.tar.gz
/go/artifacts/
environment :
AWS_ACCESS_KEY_ID :
from_secret : AWS_ACCESS_KEY_ID
AWS_REGION : us-west-2
AWS_S3_BUCKET :
from_secret : AWS_S3_BUCKET
AWS_SECRET_ACCESS_KEY :
from_secret : AWS_SECRET_ACCESS_KEY
- name : Build artifacts
image : docker
commands :
- apk add --no-cache bash curl gzip make tar
2022-08-23 22:45:50 +00:00
- apk add --no-cache aws-cli
2021-03-23 01:32:45 +00:00
- cd /go/src/github.com/gravitational/teleport
- export VERSION=$(cat /go/.version.txt)
2022-08-23 22:45:50 +00:00
- aws ecr-public get-login-password --region us-east-1 | docker login -u="AWS" --password-stdin
public.ecr.aws
2021-03-23 01:32:45 +00:00
- make -C e deb
environment :
ARCH : amd64
2022-08-23 22:45:50 +00:00
AWS_ACCESS_KEY_ID :
from_secret : TELEPORT_BUILD_USER_READ_ONLY_KEY
AWS_SECRET_ACCESS_KEY :
from_secret : TELEPORT_BUILD_USER_READ_ONLY_SECRET
2021-03-23 01:32:45 +00:00
ENT_TARBALL_PATH : /go/artifacts
FIPS : "yes"
RUNTIME : fips
TMPDIR : /go
volumes :
- name : dockersock
path : /var/run
- name : Copy artifacts
image : docker
commands :
- cd /go/src/github.com/gravitational/teleport
- find e/build -maxdepth 1 -iname "teleport*.deb*" -print -exec cp {} /go/artifacts
\;
- name : Upload to S3
image : plugins/s3
settings :
access_key :
from_secret : AWS_ACCESS_KEY_ID
bucket :
from_secret : AWS_S3_BUCKET
region : us-west-2
secret_key :
from_secret : AWS_SECRET_ACCESS_KEY
source : /go/artifacts/*
strip_prefix : /go/artifacts/
target : teleport/tag/${DRONE_TAG##v}
2022-01-03 15:51:17 +00:00
- name : Register artifacts
image : docker
commands :
- WORKSPACE_DIR=$${WORKSPACE_DIR:-/}
- VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt")
- RELEASES_HOST='https://releases-staging.platform.teleport.sh'
- echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt"
- echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key"
- trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT
- CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key"
- which curl || apk add --no-cache curl
- |-
cd "$WORKSPACE_DIR/go/artifacts"
2022-07-26 12:27:39 +00:00
find . -type f ! -iname '*.sha256' ! -iname '*-unsigned.zip*' | while read -r file; do
2022-01-03 15:51:17 +00:00
# Skip files that are not results of this build
# (e.g. tarballs from which OS packages are made)
[ -f "$file.sha256" ] || continue
2022-04-06 13:35:45 +00:00
name="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z
2022-07-26 12:27:39 +00:00
description="Linux 64-bit DEB (FedRAMP/FIPS)"
products="$name"
2022-04-06 13:35:45 +00:00
if [ "$name" = "tsh" ]; then
2022-07-26 12:27:39 +00:00
products="teleport teleport-ent"
2022-09-09 14:15:54 +00:00
elif [ "$name" = "Teleport Connect" -o "$name" = "teleport-connect" ]; then
2022-07-26 12:27:39 +00:00
description="Teleport Connect"
products="teleport teleport-ent"
2022-01-03 15:51:17 +00:00
fi
2022-04-06 13:35:45 +00:00
shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)"
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -F description="$description" -F os="linux" -F arch="amd64" -F "file=@$file" -F "sha256=$shasum" "$RELEASES_HOST/assets";
2022-04-06 13:35:45 +00:00
for product in $products; do
status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases")
if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then
echo "curl HTTP status: $status_code"
cat $WORKSPACE_DIR/curl_out.txt
exit 1
fi
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -X PUT "$RELEASES_HOST/releases/$product@$VERSION/assets/$(basename "$file" | sed 's/ /%20/g')"
2022-04-06 13:35:45 +00:00
done
2022-01-03 15:51:17 +00:00
done
environment :
RELEASES_CERT :
from_secret : RELEASES_CERT_STAGING
RELEASES_KEY :
from_secret : RELEASES_KEY_STAGING
2022-01-25 16:09:22 +00:00
failure : ignore
2020-07-17 00:43:18 +00:00
services :
2021-03-23 01:32:45 +00:00
- name : Start Docker
2021-06-14 20:29:32 +00:00
image : docker:dind
2021-06-21 17:02:30 +00:00
privileged : true
2021-03-23 01:32:45 +00:00
volumes :
2020-07-17 00:43:18 +00:00
- name : dockersock
2021-03-23 01:32:45 +00:00
path : /var/run
volumes :
- name : dockersock
temp : {}
2020-07-17 00:43:18 +00:00
---
2021-03-23 01:32:45 +00:00
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/tag.go (main.tagPipeline)
2021-03-23 01:32:45 +00:00
################################################
2020-07-17 00:43:18 +00:00
kind : pipeline
type : kubernetes
2021-03-12 01:29:48 +00:00
name : build-linux-386
2020-07-17 00:43:18 +00:00
environment :
2022-06-16 03:05:54 +00:00
BUILDBOX_VERSION : teleport11
2022-09-19 17:31:51 +00:00
RUNTIME : go1.19.1
2020-07-17 00:43:18 +00:00
trigger :
event :
2021-03-23 01:32:45 +00:00
include :
2020-07-17 00:43:18 +00:00
- tag
ref :
include :
2021-03-23 01:32:45 +00:00
- refs/tags/v*
2020-07-24 23:37:14 +00:00
repo :
include :
2021-03-23 01:32:45 +00:00
- gravitational/*
2020-07-17 00:43:18 +00:00
workspace :
path : /go
clone :
disable : true
2022-09-28 10:59:33 +00:00
depends_on :
- clean-up-previous-build
2020-07-17 00:43:18 +00:00
steps :
2021-03-23 01:32:45 +00:00
- name : Check out code
image : docker:git
commands :
- mkdir -p /go/src/github.com/gravitational/teleport
- cd /go/src/github.com/gravitational/teleport
- git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa
&& chmod 600 /root/.ssh/id_rsa
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
- git submodule update --init e
- git submodule update --init --recursive webassets || true
- rm -f /root/.ssh/id_rsa
- mkdir -p /go/cache /go/artifacts
2022-04-06 13:35:45 +00:00
- |-
VERSION=$(egrep ^VERSION Makefile | cut -d= -f2)
if [ "$$VERSION" != "${DRONE_TAG##v}" ]; then
echo "Mismatch between Makefile version: $$VERSION and git tag: $DRONE_TAG"
exit 1
fi
echo "$$VERSION" > /go/.version.txt
2021-03-23 01:32:45 +00:00
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
2021-03-31 20:41:51 +00:00
- name : Wait for docker
image : docker
commands :
- timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done'
volumes :
- name : dockersock
path : /var/run
2021-03-23 01:32:45 +00:00
- name : Build artifacts
image : docker
commands :
- apk add --no-cache make
- chown -R $UID:$GID /go
- cd /go/src/github.com/gravitational/teleport
- make -C build.assets release-386
environment :
ARCH : "386"
GID : "1000"
2021-06-14 20:29:32 +00:00
GOCACHE : /go/cache
2021-03-23 01:32:45 +00:00
GOPATH : /go
OS : linux
UID : "1000"
volumes :
- name : dockersock
path : /var/run
- name : Copy artifacts
image : docker
commands :
- cd /go/src/github.com/gravitational/teleport
- find . -maxdepth 1 -iname "teleport*.tar.gz" -print -exec cp {} /go/artifacts
\;
- find e/ -maxdepth 1 -iname "teleport*.tar.gz" -print -exec cp {} /go/artifacts
\;
- cd /go/artifacts && for FILE in teleport*.tar.gz; do sha256sum $FILE > $FILE.sha256;
done && ls -l
- name : Upload to S3
image : plugins/s3
settings :
access_key :
from_secret : AWS_ACCESS_KEY_ID
bucket :
from_secret : AWS_S3_BUCKET
region : us-west-2
secret_key :
from_secret : AWS_SECRET_ACCESS_KEY
source : /go/artifacts/*
strip_prefix : /go/artifacts/
target : teleport/tag/${DRONE_TAG##v}
2022-01-03 15:51:17 +00:00
- name : Register artifacts
image : docker
commands :
- WORKSPACE_DIR=$${WORKSPACE_DIR:-/}
- VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt")
- RELEASES_HOST='https://releases-staging.platform.teleport.sh'
- echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt"
- echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key"
- trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT
- CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key"
- which curl || apk add --no-cache curl
- |-
cd "$WORKSPACE_DIR/go/artifacts"
2022-07-26 12:27:39 +00:00
find . -type f ! -iname '*.sha256' ! -iname '*-unsigned.zip*' | while read -r file; do
2022-01-03 15:51:17 +00:00
# Skip files that are not results of this build
# (e.g. tarballs from which OS packages are made)
[ -f "$file.sha256" ] || continue
2022-04-06 13:35:45 +00:00
name="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z
2022-07-26 12:27:39 +00:00
description="Linux 32-bit"
products="$name"
2022-04-06 13:35:45 +00:00
if [ "$name" = "tsh" ]; then
2022-07-26 12:27:39 +00:00
products="teleport teleport-ent"
2022-09-09 14:15:54 +00:00
elif [ "$name" = "Teleport Connect" -o "$name" = "teleport-connect" ]; then
2022-07-26 12:27:39 +00:00
description="Teleport Connect"
products="teleport teleport-ent"
2022-01-03 15:51:17 +00:00
fi
2022-04-06 13:35:45 +00:00
shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)"
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -F description="$description" -F os="linux" -F arch="386" -F "file=@$file" -F "sha256=$shasum" "$RELEASES_HOST/assets";
2022-04-06 13:35:45 +00:00
for product in $products; do
status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases")
if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then
echo "curl HTTP status: $status_code"
cat $WORKSPACE_DIR/curl_out.txt
exit 1
fi
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -X PUT "$RELEASES_HOST/releases/$product@$VERSION/assets/$(basename "$file" | sed 's/ /%20/g')"
2022-04-06 13:35:45 +00:00
done
2022-01-03 15:51:17 +00:00
done
environment :
RELEASES_CERT :
from_secret : RELEASES_CERT_STAGING
RELEASES_KEY :
from_secret : RELEASES_KEY_STAGING
2022-01-25 19:06:55 +00:00
failure : ignore
2020-07-17 00:43:18 +00:00
services :
2021-03-23 01:32:45 +00:00
- name : Start Docker
2021-06-14 20:29:32 +00:00
image : docker:dind
2021-06-21 17:02:30 +00:00
privileged : true
2021-03-23 01:32:45 +00:00
volumes :
2020-07-17 00:43:18 +00:00
- name : dockersock
2021-03-23 01:32:45 +00:00
path : /var/run
volumes :
- name : dockersock
temp : {}
2020-07-17 00:43:18 +00:00
---
2021-03-23 01:32:45 +00:00
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/tag.go (main.tagPackagePipeline)
2021-03-23 01:32:45 +00:00
################################################
2020-07-17 00:43:18 +00:00
kind : pipeline
type : kubernetes
2021-03-12 01:29:48 +00:00
name : build-linux-386-rpm
2020-07-17 00:43:18 +00:00
trigger :
event :
2021-03-23 01:32:45 +00:00
include :
2020-07-17 00:43:18 +00:00
- tag
ref :
include :
2021-03-23 01:32:45 +00:00
- refs/tags/v*
2020-07-24 23:37:14 +00:00
repo :
include :
2021-03-23 01:32:45 +00:00
- gravitational/*
2020-07-17 00:43:18 +00:00
workspace :
path : /go
clone :
disable : true
2021-03-23 01:32:45 +00:00
depends_on :
- build-linux-386
2022-09-28 10:59:33 +00:00
- clean-up-previous-build
2020-07-17 00:43:18 +00:00
steps :
2021-03-23 01:32:45 +00:00
- name : Check out code
image : docker:git
commands :
- mkdir -p /go/src/github.com/gravitational/teleport
- cd /go/src/github.com/gravitational/teleport
- git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa
&& chmod 600 /root/.ssh/id_rsa
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
- git submodule update --init e
- git submodule update --init --recursive webassets || true
- rm -f /root/.ssh/id_rsa
- mkdir -p /go/cache /go/artifacts
2022-04-06 13:35:45 +00:00
- |-
VERSION=$(egrep ^VERSION Makefile | cut -d= -f2)
if [ "$$VERSION" != "${DRONE_TAG##v}" ]; then
echo "Mismatch between Makefile version: $$VERSION and git tag: $DRONE_TAG"
exit 1
fi
echo "$$VERSION" > /go/.version.txt
2021-03-23 01:32:45 +00:00
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
2021-03-31 20:41:51 +00:00
- name : Wait for docker
image : docker
commands :
- timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done'
volumes :
- name : dockersock
path : /var/run
2021-03-23 01:32:45 +00:00
- name : Download artifacts from S3
image : amazon/aws-cli
commands :
- export VERSION=$(cat /go/.version.txt)
- if [[ "${DRONE_TAG}" != "" ]]; then export S3_PATH="tag/$${DRONE_TAG##v}/"; else
export S3_PATH="tag/"; fi
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-v$${VERSION}-linux-386-bin.tar.gz
/go/artifacts/
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-ent-v$${VERSION}-linux-386-bin.tar.gz
/go/artifacts/
environment :
AWS_ACCESS_KEY_ID :
from_secret : AWS_ACCESS_KEY_ID
AWS_REGION : us-west-2
AWS_S3_BUCKET :
from_secret : AWS_S3_BUCKET
AWS_SECRET_ACCESS_KEY :
from_secret : AWS_SECRET_ACCESS_KEY
- name : Build artifacts
image : docker
commands :
2022-03-25 20:55:31 +00:00
- apk add --no-cache bash curl gzip make tar go
2022-08-23 22:45:50 +00:00
- apk add --no-cache aws-cli
2021-03-23 01:32:45 +00:00
- cd /go/src/github.com/gravitational/teleport
- export VERSION=$(cat /go/.version.txt)
2022-08-23 22:45:50 +00:00
- aws ecr-public get-login-password --region us-east-1 | docker login -u="AWS" --password-stdin
public.ecr.aws
2021-03-23 01:32:45 +00:00
- mkdir -m0700 $GNUPG_DIR
- echo "$GPG_RPM_SIGNING_ARCHIVE" | base64 -d | tar -xzf - -C $GNUPG_DIR
- chown -R root:root $GNUPG_DIR
- make rpm
- rm -rf $GNUPG_DIR
environment :
ARCH : "386"
2022-08-23 22:45:50 +00:00
AWS_ACCESS_KEY_ID :
from_secret : TELEPORT_BUILD_USER_READ_ONLY_KEY
AWS_SECRET_ACCESS_KEY :
from_secret : TELEPORT_BUILD_USER_READ_ONLY_SECRET
2021-03-23 01:32:45 +00:00
ENT_TARBALL_PATH : /go/artifacts
GNUPG_DIR : /tmpfs/gnupg
GPG_RPM_SIGNING_ARCHIVE :
from_secret : GPG_RPM_SIGNING_ARCHIVE
OSS_TARBALL_PATH : /go/artifacts
TMPDIR : /go
volumes :
- name : tmpfs
path : /tmpfs
2020-07-17 00:43:18 +00:00
- name : dockersock
2021-03-23 01:32:45 +00:00
path : /var/run
- name : Copy artifacts
image : docker
commands :
- cd /go/src/github.com/gravitational/teleport
- find build -maxdepth 1 -iname "teleport*.rpm*" -print -exec cp {} /go/artifacts
\;
- find e/build -maxdepth 1 -iname "teleport*.rpm*" -print -exec cp {} /go/artifacts
\;
- name : Upload to S3
image : plugins/s3
settings :
access_key :
from_secret : AWS_ACCESS_KEY_ID
bucket :
from_secret : AWS_S3_BUCKET
region : us-west-2
secret_key :
from_secret : AWS_SECRET_ACCESS_KEY
source : /go/artifacts/*
strip_prefix : /go/artifacts/
target : teleport/tag/${DRONE_TAG##v}
2022-01-03 15:51:17 +00:00
- name : Register artifacts
image : docker
commands :
- WORKSPACE_DIR=$${WORKSPACE_DIR:-/}
- VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt")
- RELEASES_HOST='https://releases-staging.platform.teleport.sh'
- echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt"
- echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key"
- trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT
- CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key"
- which curl || apk add --no-cache curl
- |-
cd "$WORKSPACE_DIR/go/artifacts"
2022-07-26 12:27:39 +00:00
find . -type f ! -iname '*.sha256' ! -iname '*-unsigned.zip*' | while read -r file; do
2022-01-03 15:51:17 +00:00
# Skip files that are not results of this build
# (e.g. tarballs from which OS packages are made)
[ -f "$file.sha256" ] || continue
2022-04-06 13:35:45 +00:00
name="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z
2022-07-26 12:27:39 +00:00
description="Linux 32-bit RPM"
products="$name"
2022-04-06 13:35:45 +00:00
if [ "$name" = "tsh" ]; then
2022-07-26 12:27:39 +00:00
products="teleport teleport-ent"
2022-09-09 14:15:54 +00:00
elif [ "$name" = "Teleport Connect" -o "$name" = "teleport-connect" ]; then
2022-07-26 12:27:39 +00:00
description="Teleport Connect"
products="teleport teleport-ent"
2022-01-03 15:51:17 +00:00
fi
2022-04-06 13:35:45 +00:00
shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)"
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -F description="$description" -F os="linux" -F arch="386" -F "file=@$file" -F "sha256=$shasum" "$RELEASES_HOST/assets";
2022-04-06 13:35:45 +00:00
for product in $products; do
status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases")
if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then
echo "curl HTTP status: $status_code"
cat $WORKSPACE_DIR/curl_out.txt
exit 1
fi
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -X PUT "$RELEASES_HOST/releases/$product@$VERSION/assets/$(basename "$file" | sed 's/ /%20/g')"
2022-04-06 13:35:45 +00:00
done
2022-01-03 15:51:17 +00:00
done
environment :
RELEASES_CERT :
from_secret : RELEASES_CERT_STAGING
RELEASES_KEY :
from_secret : RELEASES_KEY_STAGING
2022-01-25 16:09:22 +00:00
failure : ignore
2021-03-23 01:32:45 +00:00
services :
- name : Start Docker
2021-06-14 20:29:32 +00:00
image : docker:dind
2021-06-21 17:02:30 +00:00
privileged : true
2021-03-23 01:32:45 +00:00
volumes :
2020-10-31 18:27:00 +00:00
- name : tmpfs
2021-03-23 01:32:45 +00:00
path : /tmpfs
- name : dockersock
path : /var/run
volumes :
- name : tmpfs
temp :
medium : memory
- name : dockersock
temp : {}
2020-07-17 00:43:18 +00:00
---
2021-03-23 01:32:45 +00:00
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/tag.go (main.tagPackagePipeline)
2021-03-23 01:32:45 +00:00
################################################
2020-07-17 00:43:18 +00:00
kind : pipeline
type : kubernetes
2021-03-12 01:29:48 +00:00
name : build-linux-386-deb
2020-07-17 00:43:18 +00:00
trigger :
event :
2021-03-23 01:32:45 +00:00
include :
2020-07-17 00:43:18 +00:00
- tag
ref :
include :
2021-03-23 01:32:45 +00:00
- refs/tags/v*
2020-07-24 23:37:14 +00:00
repo :
include :
2021-03-23 01:32:45 +00:00
- gravitational/*
2020-07-17 00:43:18 +00:00
workspace :
path : /go
clone :
disable : true
2021-03-23 01:32:45 +00:00
depends_on :
- build-linux-386
2022-09-28 10:59:33 +00:00
- clean-up-previous-build
2020-07-17 00:43:18 +00:00
steps :
2021-03-23 01:32:45 +00:00
- name : Check out code
image : docker:git
commands :
- mkdir -p /go/src/github.com/gravitational/teleport
- cd /go/src/github.com/gravitational/teleport
- git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa
&& chmod 600 /root/.ssh/id_rsa
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
- git submodule update --init e
- git submodule update --init --recursive webassets || true
- rm -f /root/.ssh/id_rsa
- mkdir -p /go/cache /go/artifacts
2022-04-06 13:35:45 +00:00
- |-
VERSION=$(egrep ^VERSION Makefile | cut -d= -f2)
if [ "$$VERSION" != "${DRONE_TAG##v}" ]; then
echo "Mismatch between Makefile version: $$VERSION and git tag: $DRONE_TAG"
exit 1
fi
echo "$$VERSION" > /go/.version.txt
2021-03-23 01:32:45 +00:00
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
2021-03-31 20:41:51 +00:00
- name : Wait for docker
image : docker
commands :
- timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done'
volumes :
- name : dockersock
path : /var/run
2021-03-23 01:32:45 +00:00
- name : Download artifacts from S3
image : amazon/aws-cli
commands :
- export VERSION=$(cat /go/.version.txt)
- if [[ "${DRONE_TAG}" != "" ]]; then export S3_PATH="tag/$${DRONE_TAG##v}/"; else
export S3_PATH="tag/"; fi
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-v$${VERSION}-linux-386-bin.tar.gz
/go/artifacts/
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-ent-v$${VERSION}-linux-386-bin.tar.gz
/go/artifacts/
environment :
AWS_ACCESS_KEY_ID :
from_secret : AWS_ACCESS_KEY_ID
AWS_REGION : us-west-2
AWS_S3_BUCKET :
from_secret : AWS_S3_BUCKET
AWS_SECRET_ACCESS_KEY :
from_secret : AWS_SECRET_ACCESS_KEY
- name : Build artifacts
image : docker
commands :
- apk add --no-cache bash curl gzip make tar
2022-08-23 22:45:50 +00:00
- apk add --no-cache aws-cli
2021-03-23 01:32:45 +00:00
- cd /go/src/github.com/gravitational/teleport
- export VERSION=$(cat /go/.version.txt)
2022-08-23 22:45:50 +00:00
- aws ecr-public get-login-password --region us-east-1 | docker login -u="AWS" --password-stdin
public.ecr.aws
2021-03-23 01:32:45 +00:00
- make deb
environment :
ARCH : "386"
2022-08-23 22:45:50 +00:00
AWS_ACCESS_KEY_ID :
from_secret : TELEPORT_BUILD_USER_READ_ONLY_KEY
AWS_SECRET_ACCESS_KEY :
from_secret : TELEPORT_BUILD_USER_READ_ONLY_SECRET
2021-03-23 01:32:45 +00:00
ENT_TARBALL_PATH : /go/artifacts
OSS_TARBALL_PATH : /go/artifacts
TMPDIR : /go
volumes :
- name : dockersock
path : /var/run
- name : Copy artifacts
image : docker
commands :
- cd /go/src/github.com/gravitational/teleport
- find build -maxdepth 1 -iname "teleport*.deb*" -print -exec cp {} /go/artifacts
\;
- find e/build -maxdepth 1 -iname "teleport*.deb*" -print -exec cp {} /go/artifacts
\;
- name : Upload to S3
image : plugins/s3
settings :
access_key :
from_secret : AWS_ACCESS_KEY_ID
bucket :
from_secret : AWS_S3_BUCKET
region : us-west-2
secret_key :
from_secret : AWS_SECRET_ACCESS_KEY
source : /go/artifacts/*
strip_prefix : /go/artifacts/
target : teleport/tag/${DRONE_TAG##v}
2022-01-03 15:51:17 +00:00
- name : Register artifacts
image : docker
commands :
- WORKSPACE_DIR=$${WORKSPACE_DIR:-/}
- VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt")
- RELEASES_HOST='https://releases-staging.platform.teleport.sh'
- echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt"
- echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key"
- trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT
- CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key"
- which curl || apk add --no-cache curl
- |-
cd "$WORKSPACE_DIR/go/artifacts"
2022-07-26 12:27:39 +00:00
find . -type f ! -iname '*.sha256' ! -iname '*-unsigned.zip*' | while read -r file; do
2022-01-03 15:51:17 +00:00
# Skip files that are not results of this build
# (e.g. tarballs from which OS packages are made)
[ -f "$file.sha256" ] || continue
2022-04-06 13:35:45 +00:00
name="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z
2022-07-26 12:27:39 +00:00
description="Linux 32-bit DEB"
products="$name"
2022-04-06 13:35:45 +00:00
if [ "$name" = "tsh" ]; then
2022-07-26 12:27:39 +00:00
products="teleport teleport-ent"
2022-09-09 14:15:54 +00:00
elif [ "$name" = "Teleport Connect" -o "$name" = "teleport-connect" ]; then
2022-07-26 12:27:39 +00:00
description="Teleport Connect"
products="teleport teleport-ent"
2022-01-03 15:51:17 +00:00
fi
2022-04-06 13:35:45 +00:00
shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)"
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -F description="$description" -F os="linux" -F arch="386" -F "file=@$file" -F "sha256=$shasum" "$RELEASES_HOST/assets";
2022-04-06 13:35:45 +00:00
for product in $products; do
status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases")
if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then
echo "curl HTTP status: $status_code"
cat $WORKSPACE_DIR/curl_out.txt
exit 1
fi
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -X PUT "$RELEASES_HOST/releases/$product@$VERSION/assets/$(basename "$file" | sed 's/ /%20/g')"
2022-04-06 13:35:45 +00:00
done
2022-01-03 15:51:17 +00:00
done
environment :
RELEASES_CERT :
from_secret : RELEASES_CERT_STAGING
RELEASES_KEY :
from_secret : RELEASES_KEY_STAGING
2022-01-25 16:09:22 +00:00
failure : ignore
2020-07-17 00:43:18 +00:00
services :
2021-03-23 01:32:45 +00:00
- name : Start Docker
2021-06-14 20:29:32 +00:00
image : docker:dind
2021-06-21 17:02:30 +00:00
privileged : true
2021-03-23 01:32:45 +00:00
volumes :
2020-07-17 00:43:18 +00:00
- name : dockersock
2021-03-23 01:32:45 +00:00
path : /var/run
volumes :
- name : dockersock
temp : {}
2020-07-17 00:43:18 +00:00
2020-07-24 20:46:20 +00:00
---
2021-08-18 11:28:59 +00:00
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/mac.go (main.newDarwinPipeline)
2021-08-18 11:28:59 +00:00
################################################
2020-07-24 20:46:20 +00:00
kind : pipeline
type : exec
name : build-darwin-amd64
trigger :
event :
2021-08-18 11:28:59 +00:00
include :
2020-07-24 20:46:20 +00:00
- tag
ref :
include :
2021-08-18 11:28:59 +00:00
- refs/tags/v*
2020-07-24 20:46:20 +00:00
repo :
include :
2021-08-18 11:28:59 +00:00
- gravitational/*
2020-07-24 20:46:20 +00:00
workspace :
path : /tmp/build-darwin-amd64
2021-08-18 11:28:59 +00:00
platform :
os : darwin
arch : amd64
2020-07-24 20:46:20 +00:00
clone :
disable : true
2022-09-28 10:59:33 +00:00
depends_on :
- clean-up-previous-build
2021-08-18 11:28:59 +00:00
concurrency :
limit : 1
2020-07-24 20:46:20 +00:00
steps :
2021-08-18 11:28:59 +00:00
- name : Set up exec runner storage
commands :
- set -u
- mkdir -p $WORKSPACE_DIR
- chmod -R u+rw $WORKSPACE_DIR
- rm -rf $WORKSPACE_DIR/go $WORKSPACE_DIR/.ssh
environment :
WORKSPACE_DIR : /tmp/build-darwin-amd64
- name : Check out code
commands :
- set -u
- mkdir -p $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
- cd $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
- git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
- mkdir -m 0700 $WORKSPACE_DIR/.ssh && echo "$GITHUB_PRIVATE_KEY" > $WORKSPACE_DIR/.ssh/id_rsa
&& chmod 600 $WORKSPACE_DIR/.ssh/id_rsa
- ssh-keyscan -H github.com > $WORKSPACE_DIR/.ssh/known_hosts 2>/dev/null
- chmod 600 $WORKSPACE_DIR/.ssh/known_hosts
- GIT_SSH_COMMAND='ssh -i $WORKSPACE_DIR/.ssh/id_rsa -o UserKnownHostsFile=$WORKSPACE_DIR/.ssh/known_hosts
-F /dev/null' git submodule update --init e
- GIT_SSH_COMMAND='ssh -i $WORKSPACE_DIR/.ssh/id_rsa -o UserKnownHostsFile=$WORKSPACE_DIR/.ssh/known_hosts
-F /dev/null' git submodule update --init --recursive webassets || true
- rm -rf $WORKSPACE_DIR/.ssh
- mkdir -p $WORKSPACE_DIR/go/cache
- mkdir -p $WORKSPACE_DIR/go/artifacts
- echo "${DRONE_TAG##v}" > $WORKSPACE_DIR/go/.version.txt
- cat $WORKSPACE_DIR/go/.version.txt
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
WORKSPACE_DIR : /tmp/build-darwin-amd64
2021-11-13 02:19:43 +00:00
- name : Install Go Toolchain
commands :
- set -u
2022-06-03 02:19:42 +00:00
- mkdir -p /tmp/build-$DRONE_BUILD_NUMBER-$DRONE_BUILD_CREATED/toolchains
2021-11-13 02:19:43 +00:00
- curl --silent -O https://dl.google.com/go/$RUNTIME.darwin-amd64.tar.gz
2022-06-03 02:19:42 +00:00
- tar -C /tmp/build-$DRONE_BUILD_NUMBER-$DRONE_BUILD_CREATED/toolchains -xzf $RUNTIME.darwin-amd64.tar.gz
2021-11-13 02:19:43 +00:00
- rm -rf $RUNTIME.darwin-amd64.tar.gz
environment :
2022-09-19 17:31:51 +00:00
RUNTIME : go1.19.1
2021-11-13 02:19:43 +00:00
- name : Install Rust Toolchain
commands :
- set -u
2022-06-03 02:19:42 +00:00
- export PATH=/Users/$(whoami)/.cargo/bin:$PATH
- mkdir -p /tmp/build-$DRONE_BUILD_NUMBER-$DRONE_BUILD_CREATED/toolchains
2021-12-01 01:39:24 +00:00
- export RUST_VERSION=$(make -C $WORKSPACE_DIR/go/src/github.com/gravitational/teleport/build.assets
print-rust-version)
2022-06-03 02:19:42 +00:00
- export CARGO_HOME=/tmp/build-$DRONE_BUILD_NUMBER-$DRONE_BUILD_CREATED/toolchains/cargo
2021-11-13 02:19:43 +00:00
- export RUST_HOME=$CARGO_HOME
2022-06-03 02:19:42 +00:00
- export RUSTUP_HOME=/tmp/build-$DRONE_BUILD_NUMBER-$DRONE_BUILD_CREATED/toolchains/rustup
2021-11-13 02:19:43 +00:00
- rustup toolchain install $RUST_VERSION
environment :
WORKSPACE_DIR : /tmp/build-darwin-amd64
2022-08-24 14:38:42 +00:00
- name : Build Mac artifacts (binaries)
2021-08-18 11:28:59 +00:00
commands :
- set -u
2022-06-03 02:19:42 +00:00
- export HOME=/Users/$(whoami)
- export TOOLCHAIN_DIR=/tmp/build-$DRONE_BUILD_NUMBER-$DRONE_BUILD_CREATED/toolchains
2021-12-01 01:39:24 +00:00
- export RUST_VERSION=$(make -C $WORKSPACE_DIR/go/src/github.com/gravitational/teleport/build.assets
print-rust-version)
2022-06-03 02:19:42 +00:00
- export CARGO_HOME=/tmp/build-$DRONE_BUILD_NUMBER-$DRONE_BUILD_CREATED/toolchains/cargo
2021-10-29 16:02:58 +00:00
- export RUST_HOME=$CARGO_HOME
2022-06-03 02:19:42 +00:00
- export RUSTUP_HOME=/tmp/build-$DRONE_BUILD_NUMBER-$DRONE_BUILD_CREATED/toolchains/rustup
2022-08-24 14:38:42 +00:00
- export PATH=$CARGO_HOME/bin:/Users/build/.cargo/bin:$PATH
- rustup override set $RUST_VERSION
- export PATH=$TOOLCHAIN_DIR/go/bin:$PATH
2021-08-18 11:28:59 +00:00
- cd $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
2022-05-31 14:50:56 +00:00
- build.assets/build-fido2-macos.sh build
- export PKG_CONFIG_PATH="$(build.assets/build-fido2-macos.sh pkg_config_path)"
2022-09-22 23:16:51 +00:00
- make clean release OS=$OS ARCH=$ARCH FIDO2=yes TOUCHID=yes LIBPCSCLITE=yes
2021-08-18 11:28:59 +00:00
environment :
ARCH : amd64
2022-06-03 02:19:42 +00:00
BUILDBOX_PASSWORD :
from_secret : BUILDBOX_PASSWORD
2021-08-18 11:28:59 +00:00
GOCACHE : /tmp/build-darwin-amd64/go/cache
GOPATH : /tmp/build-darwin-amd64/go
OS : darwin
WORKSPACE_DIR : /tmp/build-darwin-amd64
- name : Copy Mac artifacts
commands :
- set -u
- cd $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
- cp teleport*.tar.gz $WORKSPACE_DIR/go/artifacts
- cp e/teleport-ent*.tar.gz $WORKSPACE_DIR/go/artifacts
- cd $WORKSPACE_DIR/go/artifacts && for FILE in teleport*.tar.gz; do shasum -a 256
$FILE > $FILE.sha256; done && ls -l
environment :
WORKSPACE_DIR : /tmp/build-darwin-amd64
- name : Upload to S3
commands :
- set -u
- cd $WORKSPACE_DIR/go/artifacts
- aws s3 sync . s3://$AWS_S3_BUCKET/teleport/tag/${DRONE_TAG##v}
environment :
AWS_ACCESS_KEY_ID :
from_secret : AWS_ACCESS_KEY_ID
AWS_REGION : us-west-2
AWS_S3_BUCKET :
from_secret : AWS_S3_BUCKET
AWS_SECRET_ACCESS_KEY :
from_secret : AWS_SECRET_ACCESS_KEY
WORKSPACE_DIR : /tmp/build-darwin-amd64
2022-01-03 15:51:17 +00:00
- name : Register artifacts
commands :
- WORKSPACE_DIR=$${WORKSPACE_DIR:-/}
- VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt")
- RELEASES_HOST='https://releases-staging.platform.teleport.sh'
- echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt"
- echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key"
- trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT
- CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key"
- which curl || apk add --no-cache curl
- |-
cd "$WORKSPACE_DIR/go/artifacts"
2022-07-26 12:27:39 +00:00
find . -type f ! -iname '*.sha256' ! -iname '*-unsigned.zip*' | while read -r file; do
2022-01-03 15:51:17 +00:00
# Skip files that are not results of this build
# (e.g. tarballs from which OS packages are made)
[ -f "$file.sha256" ] || continue
2022-04-06 13:35:45 +00:00
name="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z
2022-07-26 12:27:39 +00:00
description="MacOS Intel"
products="$name"
2022-04-06 13:35:45 +00:00
if [ "$name" = "tsh" ]; then
2022-07-26 12:27:39 +00:00
products="teleport teleport-ent"
2022-09-09 14:15:54 +00:00
elif [ "$name" = "Teleport Connect" -o "$name" = "teleport-connect" ]; then
2022-07-26 12:27:39 +00:00
description="Teleport Connect"
products="teleport teleport-ent"
2022-01-03 15:51:17 +00:00
fi
2022-04-06 13:35:45 +00:00
shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)"
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -F description="$description" -F os="darwin" -F arch="amd64" -F "file=@$file" -F "sha256=$shasum" "$RELEASES_HOST/assets";
2022-04-06 13:35:45 +00:00
for product in $products; do
status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases")
if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then
echo "curl HTTP status: $status_code"
cat $WORKSPACE_DIR/curl_out.txt
exit 1
fi
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -X PUT "$RELEASES_HOST/releases/$product@$VERSION/assets/$(basename "$file" | sed 's/ /%20/g')"
2022-04-06 13:35:45 +00:00
done
2022-01-03 15:51:17 +00:00
done
environment :
RELEASES_CERT :
from_secret : RELEASES_CERT_STAGING
RELEASES_KEY :
from_secret : RELEASES_KEY_STAGING
WORKSPACE_DIR : /tmp/build-darwin-amd64
2022-01-25 16:09:22 +00:00
failure : ignore
2021-11-13 02:19:43 +00:00
- name : Clean up toolchains (post)
commands :
- set -u
2022-06-03 02:19:42 +00:00
- export PATH=/Users/$(whoami)/.cargo/bin:$PATH
- export CARGO_HOME=/tmp/build-$DRONE_BUILD_NUMBER-$DRONE_BUILD_CREATED/toolchains/cargo
2021-11-13 02:19:43 +00:00
- export RUST_HOME=$CARGO_HOME
2022-06-03 02:19:42 +00:00
- export RUSTUP_HOME=/tmp/build-$DRONE_BUILD_NUMBER-$DRONE_BUILD_CREATED/toolchains/rustup
2021-12-01 01:39:24 +00:00
- export RUST_VERSION=$(make -C $WORKSPACE_DIR/go/src/github.com/gravitational/teleport/build.assets
print-rust-version)
2021-11-13 02:19:43 +00:00
- cd $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
- rustup override unset
- rustup toolchain uninstall $RUST_VERSION
2022-06-03 02:19:42 +00:00
- rm -rf /tmp/build-$DRONE_BUILD_NUMBER-$DRONE_BUILD_CREATED
2021-11-13 02:19:43 +00:00
environment :
WORKSPACE_DIR : /tmp/build-darwin-amd64
when :
status :
- success
- failure
2021-08-18 11:28:59 +00:00
- name : Clean up exec runner storage (post)
commands :
- set -u
- chmod -R u+rw $WORKSPACE_DIR
- rm -rf $WORKSPACE_DIR/go $WORKSPACE_DIR/.ssh
environment :
WORKSPACE_DIR : /tmp/build-darwin-amd64
2020-07-24 20:46:20 +00:00
---
2021-08-18 11:28:59 +00:00
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/mac.go (main.newDarwinPipeline)
2021-08-18 11:28:59 +00:00
################################################
2020-07-24 20:46:20 +00:00
kind : pipeline
type : exec
name : build-darwin-amd64-pkg
trigger :
event :
2021-08-18 11:28:59 +00:00
include :
2020-07-24 20:46:20 +00:00
- tag
ref :
include :
2021-08-18 11:28:59 +00:00
- refs/tags/v*
2020-07-24 20:46:20 +00:00
repo :
include :
2021-08-18 11:28:59 +00:00
- gravitational/*
2020-07-24 20:46:20 +00:00
workspace :
path : /tmp/build-darwin-amd64-pkg
2021-08-18 11:28:59 +00:00
platform :
os : darwin
arch : amd64
2020-07-24 20:46:20 +00:00
clone :
disable : true
2021-08-18 11:28:59 +00:00
depends_on :
- build-darwin-amd64
concurrency :
limit : 1
2020-07-24 20:46:20 +00:00
steps :
2021-08-18 11:28:59 +00:00
- name : Set up exec runner storage
commands :
- set -u
- mkdir -p $WORKSPACE_DIR
- chmod -R u+rw $WORKSPACE_DIR
- rm -rf $WORKSPACE_DIR/go $WORKSPACE_DIR/.ssh
environment :
WORKSPACE_DIR : /tmp/build-darwin-amd64-pkg
- name : Check out code
commands :
- set -u
- mkdir -p $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
- cd $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
- git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
- mkdir -m 0700 $WORKSPACE_DIR/.ssh && echo "$GITHUB_PRIVATE_KEY" > $WORKSPACE_DIR/.ssh/id_rsa
&& chmod 600 $WORKSPACE_DIR/.ssh/id_rsa
- ssh-keyscan -H github.com > $WORKSPACE_DIR/.ssh/known_hosts 2>/dev/null
- chmod 600 $WORKSPACE_DIR/.ssh/known_hosts
- GIT_SSH_COMMAND='ssh -i $WORKSPACE_DIR/.ssh/id_rsa -o UserKnownHostsFile=$WORKSPACE_DIR/.ssh/known_hosts
-F /dev/null' git submodule update --init e
- GIT_SSH_COMMAND='ssh -i $WORKSPACE_DIR/.ssh/id_rsa -o UserKnownHostsFile=$WORKSPACE_DIR/.ssh/known_hosts
-F /dev/null' git submodule update --init --recursive webassets || true
- rm -rf $WORKSPACE_DIR/.ssh
- mkdir -p $WORKSPACE_DIR/go/cache
- mkdir -p $WORKSPACE_DIR/go/artifacts
- echo "${DRONE_TAG##v}" > $WORKSPACE_DIR/go/.version.txt
- cat $WORKSPACE_DIR/go/.version.txt
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
WORKSPACE_DIR : /tmp/build-darwin-amd64-pkg
- name : Download built tarball artifacts from S3
commands :
- set -u
- export VERSION=$(cat $WORKSPACE_DIR/go/.version.txt)
- export S3_PATH="tag/$${DRONE_TAG##v}/"
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-v$${VERSION}-darwin-amd64-bin.tar.gz
$WORKSPACE_DIR/go/artifacts/
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-ent-v$${VERSION}-darwin-amd64-bin.tar.gz
$WORKSPACE_DIR/go/artifacts/
environment :
AWS_ACCESS_KEY_ID :
from_secret : AWS_ACCESS_KEY_ID
AWS_REGION : us-west-2
AWS_S3_BUCKET :
from_secret : AWS_S3_BUCKET
AWS_SECRET_ACCESS_KEY :
from_secret : AWS_SECRET_ACCESS_KEY
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
WORKSPACE_DIR : /tmp/build-darwin-amd64-pkg
- name : Build Mac pkg release artifacts
commands :
- set -u
- cd $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
- export VERSION=$(cat $WORKSPACE_DIR/go/.version.txt)
- export HOME=/Users/build
- security unlock-keychain -p $${BUILDBOX_PASSWORD} login.keychain
- security find-identity -v
- make pkg OS=$OS ARCH=$ARCH
environment :
APPLE_PASSWORD :
from_secret : APPLE_PASSWORD
APPLE_USERNAME :
from_secret : APPLE_USERNAME
ARCH : amd64
BUILDBOX_PASSWORD :
from_secret : BUILDBOX_PASSWORD
ENT_TARBALL_PATH : /tmp/build-darwin-amd64-pkg/go/artifacts
OS : darwin
OSS_TARBALL_PATH : /tmp/build-darwin-amd64-pkg/go/artifacts
WORKSPACE_DIR : /tmp/build-darwin-amd64-pkg
- name : Copy Mac pkg artifacts
commands :
- set -u
- cd $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
- rm -rf $WORKSPACE_DIR/go/artifacts/*.tar.gz
- cp build/teleport*.pkg e/build/teleport-ent*.pkg $WORKSPACE_DIR/go/artifacts/
- cd $WORKSPACE_DIR/go/artifacts && for FILE in *.pkg; do shasum -a 256 $FILE >
$FILE.sha256; done && ls -l
environment :
WORKSPACE_DIR : /tmp/build-darwin-amd64-pkg
- name : Upload to S3
commands :
- set -u
- cd $WORKSPACE_DIR/go/artifacts
- aws s3 sync . s3://$AWS_S3_BUCKET/teleport/tag/${DRONE_TAG##v}
environment :
AWS_ACCESS_KEY_ID :
from_secret : AWS_ACCESS_KEY_ID
AWS_REGION : us-west-2
AWS_S3_BUCKET :
from_secret : AWS_S3_BUCKET
AWS_SECRET_ACCESS_KEY :
from_secret : AWS_SECRET_ACCESS_KEY
WORKSPACE_DIR : /tmp/build-darwin-amd64-pkg
2022-01-03 15:51:17 +00:00
- name : Register artifacts
commands :
- WORKSPACE_DIR=$${WORKSPACE_DIR:-/}
- VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt")
- RELEASES_HOST='https://releases-staging.platform.teleport.sh'
- echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt"
- echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key"
- trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT
- CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key"
- which curl || apk add --no-cache curl
- |-
cd "$WORKSPACE_DIR/go/artifacts"
2022-07-26 12:27:39 +00:00
find . -type f ! -iname '*.sha256' ! -iname '*-unsigned.zip*' | while read -r file; do
2022-01-03 15:51:17 +00:00
# Skip files that are not results of this build
# (e.g. tarballs from which OS packages are made)
[ -f "$file.sha256" ] || continue
2022-04-06 13:35:45 +00:00
name="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z
2022-07-26 12:27:39 +00:00
description="MacOS Intel .pkg installer"
products="$name"
2022-04-06 13:35:45 +00:00
if [ "$name" = "tsh" ]; then
2022-07-26 12:27:39 +00:00
products="teleport teleport-ent"
2022-09-09 14:15:54 +00:00
elif [ "$name" = "Teleport Connect" -o "$name" = "teleport-connect" ]; then
2022-07-26 12:27:39 +00:00
description="Teleport Connect"
products="teleport teleport-ent"
2022-01-03 15:51:17 +00:00
fi
2022-04-06 13:35:45 +00:00
shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)"
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -F description="$description" -F os="darwin" -F arch="amd64" -F "file=@$file" -F "sha256=$shasum" "$RELEASES_HOST/assets";
2022-04-06 13:35:45 +00:00
for product in $products; do
status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases")
if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then
echo "curl HTTP status: $status_code"
cat $WORKSPACE_DIR/curl_out.txt
exit 1
fi
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -X PUT "$RELEASES_HOST/releases/$product@$VERSION/assets/$(basename "$file" | sed 's/ /%20/g')"
2022-04-06 13:35:45 +00:00
done
2022-01-03 15:51:17 +00:00
done
environment :
RELEASES_CERT :
from_secret : RELEASES_CERT_STAGING
RELEASES_KEY :
from_secret : RELEASES_KEY_STAGING
WORKSPACE_DIR : /tmp/build-darwin-amd64-pkg
2022-01-25 19:06:55 +00:00
failure : ignore
2021-08-18 11:28:59 +00:00
- name : Clean up exec runner storage (post)
commands :
- set -u
- chmod -R u+rw $WORKSPACE_DIR
- rm -rf $WORKSPACE_DIR/go $WORKSPACE_DIR/.ssh
environment :
WORKSPACE_DIR : /tmp/build-darwin-amd64-pkg
2020-07-24 20:46:20 +00:00
---
2021-08-18 11:28:59 +00:00
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/mac.go (main.newDarwinPipeline)
2021-08-18 11:28:59 +00:00
################################################
2020-07-24 20:46:20 +00:00
kind : pipeline
type : exec
name : build-darwin-amd64-pkg-tsh
trigger :
event :
2021-08-18 11:28:59 +00:00
include :
2020-07-24 20:46:20 +00:00
- tag
ref :
include :
2021-08-18 11:28:59 +00:00
- refs/tags/v*
2020-07-24 20:46:20 +00:00
repo :
include :
2021-08-18 11:28:59 +00:00
- gravitational/*
2020-07-24 20:46:20 +00:00
workspace :
path : /tmp/build-darwin-amd64-pkg-tsh
2021-08-18 11:28:59 +00:00
platform :
os : darwin
arch : amd64
2020-07-24 20:46:20 +00:00
clone :
disable : true
2021-08-18 11:28:59 +00:00
depends_on :
- build-darwin-amd64
concurrency :
limit : 1
2020-07-24 20:46:20 +00:00
steps :
2021-08-18 11:28:59 +00:00
- name : Set up exec runner storage
commands :
- set -u
- mkdir -p $WORKSPACE_DIR
- chmod -R u+rw $WORKSPACE_DIR
- rm -rf $WORKSPACE_DIR/go $WORKSPACE_DIR/.ssh
environment :
WORKSPACE_DIR : /tmp/build-darwin-amd64-pkg-tsh
- name : Check out code
commands :
- set -u
- mkdir -p $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
- cd $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
- git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
- mkdir -m 0700 $WORKSPACE_DIR/.ssh && echo "$GITHUB_PRIVATE_KEY" > $WORKSPACE_DIR/.ssh/id_rsa
&& chmod 600 $WORKSPACE_DIR/.ssh/id_rsa
- ssh-keyscan -H github.com > $WORKSPACE_DIR/.ssh/known_hosts 2>/dev/null
- chmod 600 $WORKSPACE_DIR/.ssh/known_hosts
- GIT_SSH_COMMAND='ssh -i $WORKSPACE_DIR/.ssh/id_rsa -o UserKnownHostsFile=$WORKSPACE_DIR/.ssh/known_hosts
-F /dev/null' git submodule update --init e
- GIT_SSH_COMMAND='ssh -i $WORKSPACE_DIR/.ssh/id_rsa -o UserKnownHostsFile=$WORKSPACE_DIR/.ssh/known_hosts
-F /dev/null' git submodule update --init --recursive webassets || true
- rm -rf $WORKSPACE_DIR/.ssh
- mkdir -p $WORKSPACE_DIR/go/cache
- mkdir -p $WORKSPACE_DIR/go/artifacts
- echo "${DRONE_TAG##v}" > $WORKSPACE_DIR/go/.version.txt
- cat $WORKSPACE_DIR/go/.version.txt
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
WORKSPACE_DIR : /tmp/build-darwin-amd64-pkg-tsh
- name : Download built tarball artifacts from S3
commands :
- set -u
- export VERSION=$(cat $WORKSPACE_DIR/go/.version.txt)
- export S3_PATH="tag/$${DRONE_TAG##v}/"
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-v$${VERSION}-darwin-amd64-bin.tar.gz
$WORKSPACE_DIR/go/artifacts/
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-ent-v$${VERSION}-darwin-amd64-bin.tar.gz
$WORKSPACE_DIR/go/artifacts/
environment :
AWS_ACCESS_KEY_ID :
from_secret : AWS_ACCESS_KEY_ID
AWS_REGION : us-west-2
AWS_S3_BUCKET :
from_secret : AWS_S3_BUCKET
AWS_SECRET_ACCESS_KEY :
from_secret : AWS_SECRET_ACCESS_KEY
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
WORKSPACE_DIR : /tmp/build-darwin-amd64-pkg-tsh
- name : Build Mac pkg release artifacts
commands :
- set -u
- cd $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
- export VERSION=$(cat $WORKSPACE_DIR/go/.version.txt)
- export HOME=/Users/build
- security unlock-keychain -p $${BUILDBOX_PASSWORD} login.keychain
- security find-identity -v
- make pkg-tsh OS=$OS ARCH=$ARCH
environment :
APPLE_PASSWORD :
from_secret : APPLE_PASSWORD
APPLE_USERNAME :
from_secret : APPLE_USERNAME
ARCH : amd64
BUILDBOX_PASSWORD :
from_secret : BUILDBOX_PASSWORD
2022-03-04 21:35:37 +00:00
ENT_TARBALL_PATH : /tmp/build-darwin-amd64-pkg-tsh/go/artifacts
2021-08-18 11:28:59 +00:00
OS : darwin
2022-03-04 21:35:37 +00:00
OSS_TARBALL_PATH : /tmp/build-darwin-amd64-pkg-tsh/go/artifacts
2021-08-18 11:28:59 +00:00
WORKSPACE_DIR : /tmp/build-darwin-amd64-pkg-tsh
- name : Copy Mac pkg artifacts
commands :
- set -u
- cd $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
- rm -rf $WORKSPACE_DIR/go/artifacts/*.tar.gz
- cp build/tsh*.pkg $WORKSPACE_DIR/go/artifacts/
- cd $WORKSPACE_DIR/go/artifacts && for FILE in *.pkg; do shasum -a 256 $FILE >
$FILE.sha256; done && ls -l
environment :
WORKSPACE_DIR : /tmp/build-darwin-amd64-pkg-tsh
- name : Upload to S3
commands :
- set -u
- cd $WORKSPACE_DIR/go/artifacts
- aws s3 sync . s3://$AWS_S3_BUCKET/teleport/tag/${DRONE_TAG##v}
environment :
AWS_ACCESS_KEY_ID :
from_secret : AWS_ACCESS_KEY_ID
AWS_REGION : us-west-2
AWS_S3_BUCKET :
from_secret : AWS_S3_BUCKET
AWS_SECRET_ACCESS_KEY :
from_secret : AWS_SECRET_ACCESS_KEY
WORKSPACE_DIR : /tmp/build-darwin-amd64-pkg-tsh
2022-01-03 15:51:17 +00:00
- name : Register artifacts
commands :
- WORKSPACE_DIR=$${WORKSPACE_DIR:-/}
- VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt")
- RELEASES_HOST='https://releases-staging.platform.teleport.sh'
- echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt"
- echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key"
- trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT
- CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key"
- which curl || apk add --no-cache curl
- |-
cd "$WORKSPACE_DIR/go/artifacts"
2022-07-26 12:27:39 +00:00
find . -type f ! -iname '*.sha256' ! -iname '*-unsigned.zip*' | while read -r file; do
2022-01-03 15:51:17 +00:00
# Skip files that are not results of this build
# (e.g. tarballs from which OS packages are made)
[ -f "$file.sha256" ] || continue
2022-04-06 13:35:45 +00:00
name="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z
2022-07-26 12:27:39 +00:00
description="MacOS Intel .pkg installer (tsh client only)"
products="$name"
2022-04-06 13:35:45 +00:00
if [ "$name" = "tsh" ]; then
2022-07-26 12:27:39 +00:00
products="teleport teleport-ent"
2022-09-09 14:15:54 +00:00
elif [ "$name" = "Teleport Connect" -o "$name" = "teleport-connect" ]; then
2022-07-26 12:27:39 +00:00
description="Teleport Connect"
products="teleport teleport-ent"
2022-01-03 15:51:17 +00:00
fi
2022-04-06 13:35:45 +00:00
shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)"
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -F description="$description" -F os="darwin" -F arch="amd64" -F "file=@$file" -F "sha256=$shasum" "$RELEASES_HOST/assets";
2022-04-06 13:35:45 +00:00
for product in $products; do
status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases")
if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then
echo "curl HTTP status: $status_code"
cat $WORKSPACE_DIR/curl_out.txt
exit 1
fi
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -X PUT "$RELEASES_HOST/releases/$product@$VERSION/assets/$(basename "$file" | sed 's/ /%20/g')"
2022-04-06 13:35:45 +00:00
done
2022-01-03 15:51:17 +00:00
done
environment :
RELEASES_CERT :
from_secret : RELEASES_CERT_STAGING
RELEASES_KEY :
from_secret : RELEASES_KEY_STAGING
WORKSPACE_DIR : /tmp/build-darwin-amd64-pkg-tsh
2022-01-25 19:06:55 +00:00
failure : ignore
2021-08-18 11:28:59 +00:00
- name : Clean up exec runner storage (post)
commands :
- set -u
- chmod -R u+rw $WORKSPACE_DIR
- rm -rf $WORKSPACE_DIR/go $WORKSPACE_DIR/.ssh
environment :
WORKSPACE_DIR : /tmp/build-darwin-amd64-pkg-tsh
2020-07-24 20:46:20 +00:00
2021-03-23 01:32:45 +00:00
---
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/tag.go (main.tagPipeline)
2021-03-23 01:32:45 +00:00
################################################
2021-02-11 15:14:27 +00:00
2021-03-23 01:32:45 +00:00
kind : pipeline
type : kubernetes
name : build-linux-arm
environment :
2022-06-16 03:05:54 +00:00
BUILDBOX_VERSION : teleport11
2022-09-19 17:31:51 +00:00
RUNTIME : go1.19.1
2021-03-23 01:32:45 +00:00
trigger :
event :
include :
- tag
ref :
include :
- refs/tags/v*
repo :
include :
- gravitational/*
workspace :
path : /go
clone :
disable : true
2022-09-28 10:59:33 +00:00
depends_on :
- clean-up-previous-build
2021-03-23 01:32:45 +00:00
steps :
- name : Check out code
image : docker:git
commands :
- mkdir -p /go/src/github.com/gravitational/teleport
- cd /go/src/github.com/gravitational/teleport
- git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa
&& chmod 600 /root/.ssh/id_rsa
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
- git submodule update --init e
- git submodule update --init --recursive webassets || true
- rm -f /root/.ssh/id_rsa
- mkdir -p /go/cache /go/artifacts
2022-04-06 13:35:45 +00:00
- |-
VERSION=$(egrep ^VERSION Makefile | cut -d= -f2)
if [ "$$VERSION" != "${DRONE_TAG##v}" ]; then
echo "Mismatch between Makefile version: $$VERSION and git tag: $DRONE_TAG"
exit 1
fi
echo "$$VERSION" > /go/.version.txt
2021-03-23 01:32:45 +00:00
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
2021-03-31 20:41:51 +00:00
- name : Wait for docker
image : docker
commands :
- timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done'
volumes :
- name : dockersock
path : /var/run
2021-03-23 01:32:45 +00:00
- name : Build artifacts
image : docker
commands :
- apk add --no-cache make
- chown -R $UID:$GID /go
- cd /go/src/github.com/gravitational/teleport
- make -C build.assets release-arm
environment :
ARCH : arm
GID : "1000"
2021-06-14 20:29:32 +00:00
GOCACHE : /go/cache
2021-03-23 01:32:45 +00:00
GOPATH : /go
OS : linux
UID : "1000"
volumes :
2021-02-11 15:14:27 +00:00
- name : dockersock
2021-03-23 01:32:45 +00:00
path : /var/run
- name : Copy artifacts
image : docker
commands :
- cd /go/src/github.com/gravitational/teleport
- find . -maxdepth 1 -iname "teleport*.tar.gz" -print -exec cp {} /go/artifacts
\;
- find e/ -maxdepth 1 -iname "teleport*.tar.gz" -print -exec cp {} /go/artifacts
\;
- cd /go/artifacts && for FILE in teleport*.tar.gz; do sha256sum $FILE > $FILE.sha256;
done && ls -l
- name : Upload to S3
image : plugins/s3
settings :
access_key :
from_secret : AWS_ACCESS_KEY_ID
bucket :
from_secret : AWS_S3_BUCKET
region : us-west-2
secret_key :
from_secret : AWS_SECRET_ACCESS_KEY
source : /go/artifacts/*
strip_prefix : /go/artifacts/
target : teleport/tag/${DRONE_TAG##v}
2022-01-03 15:51:17 +00:00
- name : Register artifacts
image : docker
commands :
- WORKSPACE_DIR=$${WORKSPACE_DIR:-/}
- VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt")
- RELEASES_HOST='https://releases-staging.platform.teleport.sh'
- echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt"
- echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key"
- trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT
- CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key"
- which curl || apk add --no-cache curl
- |-
cd "$WORKSPACE_DIR/go/artifacts"
2022-07-26 12:27:39 +00:00
find . -type f ! -iname '*.sha256' ! -iname '*-unsigned.zip*' | while read -r file; do
2022-01-03 15:51:17 +00:00
# Skip files that are not results of this build
# (e.g. tarballs from which OS packages are made)
[ -f "$file.sha256" ] || continue
2022-04-06 13:35:45 +00:00
name="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z
2022-07-26 12:27:39 +00:00
description="Linux ARMv7 (32-bit)"
products="$name"
2022-04-06 13:35:45 +00:00
if [ "$name" = "tsh" ]; then
2022-07-26 12:27:39 +00:00
products="teleport teleport-ent"
2022-09-09 14:15:54 +00:00
elif [ "$name" = "Teleport Connect" -o "$name" = "teleport-connect" ]; then
2022-07-26 12:27:39 +00:00
description="Teleport Connect"
products="teleport teleport-ent"
2022-01-03 15:51:17 +00:00
fi
2022-04-06 13:35:45 +00:00
shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)"
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -F description="$description" -F os="linux" -F arch="arm" -F "file=@$file" -F "sha256=$shasum" "$RELEASES_HOST/assets";
2022-04-06 13:35:45 +00:00
for product in $products; do
status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases")
if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then
echo "curl HTTP status: $status_code"
cat $WORKSPACE_DIR/curl_out.txt
exit 1
fi
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -X PUT "$RELEASES_HOST/releases/$product@$VERSION/assets/$(basename "$file" | sed 's/ /%20/g')"
2022-04-06 13:35:45 +00:00
done
2022-01-03 15:51:17 +00:00
done
environment :
RELEASES_CERT :
from_secret : RELEASES_CERT_STAGING
RELEASES_KEY :
from_secret : RELEASES_KEY_STAGING
2022-01-25 19:06:55 +00:00
failure : ignore
2021-03-23 01:32:45 +00:00
services :
- name : Start Docker
2021-06-14 20:29:32 +00:00
image : docker:dind
2021-06-21 17:02:30 +00:00
privileged : true
2021-03-23 01:32:45 +00:00
volumes :
- name : dockersock
path : /var/run
volumes :
- name : dockersock
temp : {}
2020-07-24 20:46:20 +00:00
---
2021-03-23 01:32:45 +00:00
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/tag.go (main.tagPipeline)
2021-03-23 01:32:45 +00:00
################################################
2020-07-24 20:46:20 +00:00
kind : pipeline
2021-02-11 15:14:27 +00:00
type : kubernetes
name : build-linux-arm64
environment :
2022-06-16 03:05:54 +00:00
BUILDBOX_VERSION : teleport11
2022-09-19 17:31:51 +00:00
RUNTIME : go1.19.1
2020-07-24 20:46:20 +00:00
trigger :
event :
2021-03-23 01:32:45 +00:00
include :
2020-07-24 20:46:20 +00:00
- tag
ref :
include :
2021-03-23 01:32:45 +00:00
- refs/tags/v*
2020-07-24 20:46:20 +00:00
repo :
include :
2021-03-23 01:32:45 +00:00
- gravitational/*
2020-07-24 20:46:20 +00:00
workspace :
2021-02-11 15:14:27 +00:00
path : /go
2020-07-24 20:46:20 +00:00
clone :
disable : true
2022-09-28 10:59:33 +00:00
depends_on :
- clean-up-previous-build
2020-07-24 20:46:20 +00:00
steps :
2021-03-23 01:32:45 +00:00
- name : Check out code
image : docker:git
commands :
- mkdir -p /go/src/github.com/gravitational/teleport
- cd /go/src/github.com/gravitational/teleport
- git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa
&& chmod 600 /root/.ssh/id_rsa
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
- git submodule update --init e
- git submodule update --init --recursive webassets || true
- rm -f /root/.ssh/id_rsa
- mkdir -p /go/cache /go/artifacts
2022-04-06 13:35:45 +00:00
- |-
VERSION=$(egrep ^VERSION Makefile | cut -d= -f2)
if [ "$$VERSION" != "${DRONE_TAG##v}" ]; then
echo "Mismatch between Makefile version: $$VERSION and git tag: $DRONE_TAG"
exit 1
fi
echo "$$VERSION" > /go/.version.txt
2021-03-23 01:32:45 +00:00
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
2021-03-31 20:41:51 +00:00
- name : Wait for docker
image : docker
commands :
- timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done'
volumes :
- name : dockersock
path : /var/run
2021-03-23 01:32:45 +00:00
- name : Build artifacts
image : docker
commands :
- apk add --no-cache make
- chown -R $UID:$GID /go
- cd /go/src/github.com/gravitational/teleport
- make -C build.assets release-arm64
environment :
ARCH : arm64
GID : "1000"
2021-06-14 20:29:32 +00:00
GOCACHE : /go/cache
2021-03-23 01:32:45 +00:00
GOPATH : /go
OS : linux
UID : "1000"
volumes :
- name : dockersock
path : /var/run
- name : Copy artifacts
image : docker
commands :
- cd /go/src/github.com/gravitational/teleport
- find . -maxdepth 1 -iname "teleport*.tar.gz" -print -exec cp {} /go/artifacts
\;
- find e/ -maxdepth 1 -iname "teleport*.tar.gz" -print -exec cp {} /go/artifacts
\;
- cd /go/artifacts && for FILE in teleport*.tar.gz; do sha256sum $FILE > $FILE.sha256;
done && ls -l
- name : Upload to S3
image : plugins/s3
settings :
access_key :
from_secret : AWS_ACCESS_KEY_ID
bucket :
from_secret : AWS_S3_BUCKET
region : us-west-2
secret_key :
from_secret : AWS_SECRET_ACCESS_KEY
source : /go/artifacts/*
strip_prefix : /go/artifacts/
target : teleport/tag/${DRONE_TAG##v}
2022-01-03 15:51:17 +00:00
- name : Register artifacts
image : docker
commands :
- WORKSPACE_DIR=$${WORKSPACE_DIR:-/}
- VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt")
- RELEASES_HOST='https://releases-staging.platform.teleport.sh'
- echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt"
- echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key"
- trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT
- CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key"
- which curl || apk add --no-cache curl
- |-
cd "$WORKSPACE_DIR/go/artifacts"
2022-07-26 12:27:39 +00:00
find . -type f ! -iname '*.sha256' ! -iname '*-unsigned.zip*' | while read -r file; do
2022-01-03 15:51:17 +00:00
# Skip files that are not results of this build
# (e.g. tarballs from which OS packages are made)
[ -f "$file.sha256" ] || continue
2022-04-06 13:35:45 +00:00
name="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z
2022-07-26 12:27:39 +00:00
description="Linux ARM64/ARMv8 (64-bit)"
products="$name"
2022-04-06 13:35:45 +00:00
if [ "$name" = "tsh" ]; then
2022-07-26 12:27:39 +00:00
products="teleport teleport-ent"
2022-09-09 14:15:54 +00:00
elif [ "$name" = "Teleport Connect" -o "$name" = "teleport-connect" ]; then
2022-07-26 12:27:39 +00:00
description="Teleport Connect"
products="teleport teleport-ent"
2022-01-03 15:51:17 +00:00
fi
2022-04-06 13:35:45 +00:00
shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)"
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -F description="$description" -F os="linux" -F arch="arm64" -F "file=@$file" -F "sha256=$shasum" "$RELEASES_HOST/assets";
2022-04-06 13:35:45 +00:00
for product in $products; do
status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases")
if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then
echo "curl HTTP status: $status_code"
cat $WORKSPACE_DIR/curl_out.txt
exit 1
fi
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -X PUT "$RELEASES_HOST/releases/$product@$VERSION/assets/$(basename "$file" | sed 's/ /%20/g')"
2022-04-06 13:35:45 +00:00
done
2022-01-03 15:51:17 +00:00
done
environment :
RELEASES_CERT :
from_secret : RELEASES_CERT_STAGING
RELEASES_KEY :
from_secret : RELEASES_KEY_STAGING
2022-01-25 19:06:55 +00:00
failure : ignore
2021-02-11 15:14:27 +00:00
services :
2021-03-23 01:32:45 +00:00
- name : Start Docker
2021-06-14 20:29:32 +00:00
image : docker:dind
2021-06-21 17:02:30 +00:00
privileged : true
2021-03-23 01:32:45 +00:00
volumes :
2021-02-11 15:14:27 +00:00
- name : dockersock
2021-03-23 01:32:45 +00:00
path : /var/run
volumes :
- name : dockersock
temp : {}
2020-07-24 20:46:20 +00:00
2020-07-17 00:43:18 +00:00
---
2021-03-23 01:32:45 +00:00
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/tag.go (main.tagPackagePipeline)
2021-03-23 21:56:53 +00:00
################################################
kind : pipeline
type : kubernetes
name : build-linux-arm64-deb
trigger :
event :
include :
- tag
ref :
include :
- refs/tags/v*
repo :
include :
- gravitational/*
workspace :
path : /go
clone :
disable : true
depends_on :
- build-linux-arm64
2022-09-28 10:59:33 +00:00
- clean-up-previous-build
2021-03-23 21:56:53 +00:00
steps :
- name : Check out code
image : docker:git
commands :
- mkdir -p /go/src/github.com/gravitational/teleport
- cd /go/src/github.com/gravitational/teleport
- git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa
&& chmod 600 /root/.ssh/id_rsa
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
- git submodule update --init e
- git submodule update --init --recursive webassets || true
- rm -f /root/.ssh/id_rsa
- mkdir -p /go/cache /go/artifacts
2022-04-06 13:35:45 +00:00
- |-
VERSION=$(egrep ^VERSION Makefile | cut -d= -f2)
if [ "$$VERSION" != "${DRONE_TAG##v}" ]; then
echo "Mismatch between Makefile version: $$VERSION and git tag: $DRONE_TAG"
exit 1
fi
echo "$$VERSION" > /go/.version.txt
2021-03-23 21:56:53 +00:00
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
2021-03-31 20:41:51 +00:00
- name : Wait for docker
image : docker
commands :
- timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done'
volumes :
- name : dockersock
path : /var/run
2021-03-23 21:56:53 +00:00
- name : Download artifacts from S3
image : amazon/aws-cli
commands :
- export VERSION=$(cat /go/.version.txt)
- if [[ "${DRONE_TAG}" != "" ]]; then export S3_PATH="tag/$${DRONE_TAG##v}/"; else
export S3_PATH="tag/"; fi
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-v$${VERSION}-linux-arm64-bin.tar.gz
/go/artifacts/
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-ent-v$${VERSION}-linux-arm64-bin.tar.gz
/go/artifacts/
environment :
AWS_ACCESS_KEY_ID :
from_secret : AWS_ACCESS_KEY_ID
AWS_REGION : us-west-2
AWS_S3_BUCKET :
from_secret : AWS_S3_BUCKET
AWS_SECRET_ACCESS_KEY :
from_secret : AWS_SECRET_ACCESS_KEY
- name : Build artifacts
image : docker
commands :
- apk add --no-cache bash curl gzip make tar
2022-08-23 22:45:50 +00:00
- apk add --no-cache aws-cli
2021-03-23 21:56:53 +00:00
- cd /go/src/github.com/gravitational/teleport
- export VERSION=$(cat /go/.version.txt)
2022-08-23 22:45:50 +00:00
- aws ecr-public get-login-password --region us-east-1 | docker login -u="AWS" --password-stdin
public.ecr.aws
2021-03-23 21:56:53 +00:00
- make deb
environment :
ARCH : arm64
2022-08-23 22:45:50 +00:00
AWS_ACCESS_KEY_ID :
from_secret : TELEPORT_BUILD_USER_READ_ONLY_KEY
AWS_SECRET_ACCESS_KEY :
from_secret : TELEPORT_BUILD_USER_READ_ONLY_SECRET
2021-03-23 21:56:53 +00:00
ENT_TARBALL_PATH : /go/artifacts
OSS_TARBALL_PATH : /go/artifacts
TMPDIR : /go
volumes :
- name : dockersock
path : /var/run
- name : Copy artifacts
image : docker
commands :
- cd /go/src/github.com/gravitational/teleport
- find build -maxdepth 1 -iname "teleport*.deb*" -print -exec cp {} /go/artifacts
\;
- find e/build -maxdepth 1 -iname "teleport*.deb*" -print -exec cp {} /go/artifacts
\;
- name : Upload to S3
image : plugins/s3
settings :
access_key :
from_secret : AWS_ACCESS_KEY_ID
bucket :
from_secret : AWS_S3_BUCKET
region : us-west-2
secret_key :
from_secret : AWS_SECRET_ACCESS_KEY
source : /go/artifacts/*
strip_prefix : /go/artifacts/
target : teleport/tag/${DRONE_TAG##v}
2022-01-03 15:51:17 +00:00
- name : Register artifacts
image : docker
commands :
- WORKSPACE_DIR=$${WORKSPACE_DIR:-/}
- VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt")
- RELEASES_HOST='https://releases-staging.platform.teleport.sh'
- echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt"
- echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key"
- trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT
- CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key"
- which curl || apk add --no-cache curl
- |-
cd "$WORKSPACE_DIR/go/artifacts"
2022-07-26 12:27:39 +00:00
find . -type f ! -iname '*.sha256' ! -iname '*-unsigned.zip*' | while read -r file; do
2022-01-03 15:51:17 +00:00
# Skip files that are not results of this build
# (e.g. tarballs from which OS packages are made)
[ -f "$file.sha256" ] || continue
2022-04-06 13:35:45 +00:00
name="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z
2022-07-26 12:27:39 +00:00
description="Linux ARM64/ARMv8 (64-bit) DEB"
products="$name"
2022-04-06 13:35:45 +00:00
if [ "$name" = "tsh" ]; then
2022-07-26 12:27:39 +00:00
products="teleport teleport-ent"
2022-09-09 14:15:54 +00:00
elif [ "$name" = "Teleport Connect" -o "$name" = "teleport-connect" ]; then
2022-07-26 12:27:39 +00:00
description="Teleport Connect"
products="teleport teleport-ent"
2022-01-03 15:51:17 +00:00
fi
2022-04-06 13:35:45 +00:00
shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)"
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -F description="$description" -F os="linux" -F arch="arm64" -F "file=@$file" -F "sha256=$shasum" "$RELEASES_HOST/assets";
2022-04-06 13:35:45 +00:00
for product in $products; do
status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases")
if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then
echo "curl HTTP status: $status_code"
cat $WORKSPACE_DIR/curl_out.txt
exit 1
fi
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -X PUT "$RELEASES_HOST/releases/$product@$VERSION/assets/$(basename "$file" | sed 's/ /%20/g')"
2022-04-06 13:35:45 +00:00
done
2022-01-03 15:51:17 +00:00
done
environment :
RELEASES_CERT :
from_secret : RELEASES_CERT_STAGING
RELEASES_KEY :
from_secret : RELEASES_KEY_STAGING
2022-01-25 16:09:22 +00:00
failure : ignore
2021-03-23 21:56:53 +00:00
services :
- name : Start Docker
2021-06-14 20:29:32 +00:00
image : docker:dind
2021-06-21 17:02:30 +00:00
privileged : true
2021-03-23 21:56:53 +00:00
volumes :
- name : dockersock
path : /var/run
volumes :
- name : dockersock
temp : {}
---
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/tag.go (main.tagPackagePipeline)
2021-03-23 21:56:53 +00:00
################################################
kind : pipeline
type : kubernetes
name : build-linux-arm-deb
trigger :
event :
include :
- tag
ref :
include :
- refs/tags/v*
repo :
include :
- gravitational/*
workspace :
path : /go
clone :
disable : true
depends_on :
- build-linux-arm
2022-09-28 10:59:33 +00:00
- clean-up-previous-build
2021-03-23 21:56:53 +00:00
steps :
- name : Check out code
image : docker:git
commands :
- mkdir -p /go/src/github.com/gravitational/teleport
- cd /go/src/github.com/gravitational/teleport
- git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa
&& chmod 600 /root/.ssh/id_rsa
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
- git submodule update --init e
- git submodule update --init --recursive webassets || true
- rm -f /root/.ssh/id_rsa
- mkdir -p /go/cache /go/artifacts
2022-04-06 13:35:45 +00:00
- |-
VERSION=$(egrep ^VERSION Makefile | cut -d= -f2)
if [ "$$VERSION" != "${DRONE_TAG##v}" ]; then
echo "Mismatch between Makefile version: $$VERSION and git tag: $DRONE_TAG"
exit 1
fi
echo "$$VERSION" > /go/.version.txt
2021-03-23 21:56:53 +00:00
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
2021-03-31 20:41:51 +00:00
- name : Wait for docker
image : docker
commands :
- timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done'
volumes :
- name : dockersock
path : /var/run
2021-03-23 21:56:53 +00:00
- name : Download artifacts from S3
image : amazon/aws-cli
commands :
- export VERSION=$(cat /go/.version.txt)
- if [[ "${DRONE_TAG}" != "" ]]; then export S3_PATH="tag/$${DRONE_TAG##v}/"; else
export S3_PATH="tag/"; fi
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-v$${VERSION}-linux-arm-bin.tar.gz
/go/artifacts/
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-ent-v$${VERSION}-linux-arm-bin.tar.gz
/go/artifacts/
environment :
AWS_ACCESS_KEY_ID :
from_secret : AWS_ACCESS_KEY_ID
AWS_REGION : us-west-2
AWS_S3_BUCKET :
from_secret : AWS_S3_BUCKET
AWS_SECRET_ACCESS_KEY :
from_secret : AWS_SECRET_ACCESS_KEY
- name : Build artifacts
image : docker
commands :
- apk add --no-cache bash curl gzip make tar
2022-08-23 22:45:50 +00:00
- apk add --no-cache aws-cli
2021-03-23 21:56:53 +00:00
- cd /go/src/github.com/gravitational/teleport
- export VERSION=$(cat /go/.version.txt)
2022-08-23 22:45:50 +00:00
- aws ecr-public get-login-password --region us-east-1 | docker login -u="AWS" --password-stdin
public.ecr.aws
2021-03-23 21:56:53 +00:00
- make deb
environment :
ARCH : arm
2022-08-23 22:45:50 +00:00
AWS_ACCESS_KEY_ID :
from_secret : TELEPORT_BUILD_USER_READ_ONLY_KEY
AWS_SECRET_ACCESS_KEY :
from_secret : TELEPORT_BUILD_USER_READ_ONLY_SECRET
2021-03-23 21:56:53 +00:00
ENT_TARBALL_PATH : /go/artifacts
OSS_TARBALL_PATH : /go/artifacts
TMPDIR : /go
volumes :
- name : dockersock
path : /var/run
- name : Copy artifacts
image : docker
commands :
- cd /go/src/github.com/gravitational/teleport
- find build -maxdepth 1 -iname "teleport*.deb*" -print -exec cp {} /go/artifacts
\;
- find e/build -maxdepth 1 -iname "teleport*.deb*" -print -exec cp {} /go/artifacts
\;
- name : Upload to S3
image : plugins/s3
settings :
access_key :
from_secret : AWS_ACCESS_KEY_ID
bucket :
from_secret : AWS_S3_BUCKET
region : us-west-2
secret_key :
from_secret : AWS_SECRET_ACCESS_KEY
source : /go/artifacts/*
strip_prefix : /go/artifacts/
target : teleport/tag/${DRONE_TAG##v}
2022-01-03 15:51:17 +00:00
- name : Register artifacts
image : docker
commands :
- WORKSPACE_DIR=$${WORKSPACE_DIR:-/}
- VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt")
- RELEASES_HOST='https://releases-staging.platform.teleport.sh'
- echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt"
- echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key"
- trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT
- CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key"
- which curl || apk add --no-cache curl
- |-
cd "$WORKSPACE_DIR/go/artifacts"
2022-07-26 12:27:39 +00:00
find . -type f ! -iname '*.sha256' ! -iname '*-unsigned.zip*' | while read -r file; do
2022-01-03 15:51:17 +00:00
# Skip files that are not results of this build
# (e.g. tarballs from which OS packages are made)
[ -f "$file.sha256" ] || continue
2022-04-06 13:35:45 +00:00
name="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z
2022-07-26 12:27:39 +00:00
description="Linux ARMv7 (32-bit) DEB"
products="$name"
2022-04-06 13:35:45 +00:00
if [ "$name" = "tsh" ]; then
2022-07-26 12:27:39 +00:00
products="teleport teleport-ent"
2022-09-09 14:15:54 +00:00
elif [ "$name" = "Teleport Connect" -o "$name" = "teleport-connect" ]; then
2022-07-26 12:27:39 +00:00
description="Teleport Connect"
products="teleport teleport-ent"
2022-01-03 15:51:17 +00:00
fi
2022-04-06 13:35:45 +00:00
shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)"
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -F description="$description" -F os="linux" -F arch="arm" -F "file=@$file" -F "sha256=$shasum" "$RELEASES_HOST/assets";
2022-04-06 13:35:45 +00:00
for product in $products; do
status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases")
if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then
echo "curl HTTP status: $status_code"
cat $WORKSPACE_DIR/curl_out.txt
exit 1
fi
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -X PUT "$RELEASES_HOST/releases/$product@$VERSION/assets/$(basename "$file" | sed 's/ /%20/g')"
2022-04-06 13:35:45 +00:00
done
2022-01-03 15:51:17 +00:00
done
environment :
RELEASES_CERT :
from_secret : RELEASES_CERT_STAGING
RELEASES_KEY :
from_secret : RELEASES_KEY_STAGING
2022-01-25 16:09:22 +00:00
failure : ignore
2021-03-23 21:56:53 +00:00
services :
- name : Start Docker
2021-06-14 20:29:32 +00:00
image : docker:dind
2021-06-21 17:02:30 +00:00
privileged : true
2021-03-23 21:56:53 +00:00
volumes :
- name : dockersock
path : /var/run
volumes :
- name : dockersock
temp : {}
---
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/tag.go (main.tagPackagePipeline)
2021-03-23 21:56:53 +00:00
################################################
kind : pipeline
type : kubernetes
name : build-linux-arm64-rpm
trigger :
event :
include :
- tag
ref :
include :
- refs/tags/v*
repo :
include :
- gravitational/*
workspace :
path : /go
clone :
disable : true
depends_on :
- build-linux-arm64
2022-09-28 10:59:33 +00:00
- clean-up-previous-build
2021-03-23 21:56:53 +00:00
steps :
- name : Check out code
image : docker:git
commands :
- mkdir -p /go/src/github.com/gravitational/teleport
- cd /go/src/github.com/gravitational/teleport
- git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa
&& chmod 600 /root/.ssh/id_rsa
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
- git submodule update --init e
- git submodule update --init --recursive webassets || true
- rm -f /root/.ssh/id_rsa
- mkdir -p /go/cache /go/artifacts
2022-04-06 13:35:45 +00:00
- |-
VERSION=$(egrep ^VERSION Makefile | cut -d= -f2)
if [ "$$VERSION" != "${DRONE_TAG##v}" ]; then
echo "Mismatch between Makefile version: $$VERSION and git tag: $DRONE_TAG"
exit 1
fi
echo "$$VERSION" > /go/.version.txt
2021-03-23 21:56:53 +00:00
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
2021-03-31 20:41:51 +00:00
- name : Wait for docker
image : docker
commands :
- timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done'
volumes :
- name : dockersock
path : /var/run
2021-03-23 21:56:53 +00:00
- name : Download artifacts from S3
image : amazon/aws-cli
commands :
- export VERSION=$(cat /go/.version.txt)
- if [[ "${DRONE_TAG}" != "" ]]; then export S3_PATH="tag/$${DRONE_TAG##v}/"; else
export S3_PATH="tag/"; fi
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-v$${VERSION}-linux-arm64-bin.tar.gz
/go/artifacts/
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-ent-v$${VERSION}-linux-arm64-bin.tar.gz
/go/artifacts/
environment :
AWS_ACCESS_KEY_ID :
from_secret : AWS_ACCESS_KEY_ID
AWS_REGION : us-west-2
AWS_S3_BUCKET :
from_secret : AWS_S3_BUCKET
AWS_SECRET_ACCESS_KEY :
from_secret : AWS_SECRET_ACCESS_KEY
- name : Build artifacts
image : docker
commands :
2022-03-25 20:55:31 +00:00
- apk add --no-cache bash curl gzip make tar go
2022-08-23 22:45:50 +00:00
- apk add --no-cache aws-cli
2021-03-23 21:56:53 +00:00
- cd /go/src/github.com/gravitational/teleport
- export VERSION=$(cat /go/.version.txt)
2022-08-23 22:45:50 +00:00
- aws ecr-public get-login-password --region us-east-1 | docker login -u="AWS" --password-stdin
public.ecr.aws
2021-03-23 21:56:53 +00:00
- mkdir -m0700 $GNUPG_DIR
- echo "$GPG_RPM_SIGNING_ARCHIVE" | base64 -d | tar -xzf - -C $GNUPG_DIR
- chown -R root:root $GNUPG_DIR
- make rpm
- rm -rf $GNUPG_DIR
environment :
ARCH : arm64
2022-08-23 22:45:50 +00:00
AWS_ACCESS_KEY_ID :
from_secret : TELEPORT_BUILD_USER_READ_ONLY_KEY
AWS_SECRET_ACCESS_KEY :
from_secret : TELEPORT_BUILD_USER_READ_ONLY_SECRET
2021-03-23 21:56:53 +00:00
ENT_TARBALL_PATH : /go/artifacts
GNUPG_DIR : /tmpfs/gnupg
GPG_RPM_SIGNING_ARCHIVE :
from_secret : GPG_RPM_SIGNING_ARCHIVE
OSS_TARBALL_PATH : /go/artifacts
TMPDIR : /go
volumes :
- name : tmpfs
path : /tmpfs
- name : dockersock
path : /var/run
- name : Copy artifacts
image : docker
commands :
- cd /go/src/github.com/gravitational/teleport
- find build -maxdepth 1 -iname "teleport*.rpm*" -print -exec cp {} /go/artifacts
\;
- find e/build -maxdepth 1 -iname "teleport*.rpm*" -print -exec cp {} /go/artifacts
\;
- name : Upload to S3
image : plugins/s3
settings :
access_key :
from_secret : AWS_ACCESS_KEY_ID
bucket :
from_secret : AWS_S3_BUCKET
region : us-west-2
secret_key :
from_secret : AWS_SECRET_ACCESS_KEY
source : /go/artifacts/*
strip_prefix : /go/artifacts/
target : teleport/tag/${DRONE_TAG##v}
2022-01-03 15:51:17 +00:00
- name : Register artifacts
image : docker
commands :
- WORKSPACE_DIR=$${WORKSPACE_DIR:-/}
- VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt")
- RELEASES_HOST='https://releases-staging.platform.teleport.sh'
- echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt"
- echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key"
- trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT
- CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key"
- which curl || apk add --no-cache curl
- |-
cd "$WORKSPACE_DIR/go/artifacts"
2022-07-26 12:27:39 +00:00
find . -type f ! -iname '*.sha256' ! -iname '*-unsigned.zip*' | while read -r file; do
2022-01-03 15:51:17 +00:00
# Skip files that are not results of this build
# (e.g. tarballs from which OS packages are made)
[ -f "$file.sha256" ] || continue
2022-04-06 13:35:45 +00:00
name="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z
2022-07-26 12:27:39 +00:00
description="Linux ARM64/ARMv8 (64-bit) RPM"
products="$name"
2022-04-06 13:35:45 +00:00
if [ "$name" = "tsh" ]; then
2022-07-26 12:27:39 +00:00
products="teleport teleport-ent"
2022-09-09 14:15:54 +00:00
elif [ "$name" = "Teleport Connect" -o "$name" = "teleport-connect" ]; then
2022-07-26 12:27:39 +00:00
description="Teleport Connect"
products="teleport teleport-ent"
2022-01-03 15:51:17 +00:00
fi
2022-04-06 13:35:45 +00:00
shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)"
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -F description="$description" -F os="linux" -F arch="arm64" -F "file=@$file" -F "sha256=$shasum" "$RELEASES_HOST/assets";
2022-04-06 13:35:45 +00:00
for product in $products; do
status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases")
if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then
echo "curl HTTP status: $status_code"
cat $WORKSPACE_DIR/curl_out.txt
exit 1
fi
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -X PUT "$RELEASES_HOST/releases/$product@$VERSION/assets/$(basename "$file" | sed 's/ /%20/g')"
2022-04-06 13:35:45 +00:00
done
2022-01-03 15:51:17 +00:00
done
environment :
RELEASES_CERT :
from_secret : RELEASES_CERT_STAGING
RELEASES_KEY :
from_secret : RELEASES_KEY_STAGING
2022-01-25 16:09:22 +00:00
failure : ignore
2021-03-23 21:56:53 +00:00
services :
- name : Start Docker
2021-06-14 20:29:32 +00:00
image : docker:dind
2021-06-21 17:02:30 +00:00
privileged : true
2021-03-23 21:56:53 +00:00
volumes :
- name : tmpfs
path : /tmpfs
- name : dockersock
path : /var/run
volumes :
- name : tmpfs
temp :
medium : memory
- name : dockersock
temp : {}
---
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/tag.go (main.tagPackagePipeline)
2021-03-23 21:56:53 +00:00
################################################
kind : pipeline
type : kubernetes
name : build-linux-arm-rpm
trigger :
event :
include :
- tag
ref :
include :
- refs/tags/v*
repo :
include :
- gravitational/*
workspace :
path : /go
clone :
disable : true
depends_on :
- build-linux-arm
2022-09-28 10:59:33 +00:00
- clean-up-previous-build
2021-03-23 21:56:53 +00:00
steps :
- name : Check out code
image : docker:git
commands :
- mkdir -p /go/src/github.com/gravitational/teleport
- cd /go/src/github.com/gravitational/teleport
- git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa
&& chmod 600 /root/.ssh/id_rsa
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
- git submodule update --init e
- git submodule update --init --recursive webassets || true
- rm -f /root/.ssh/id_rsa
- mkdir -p /go/cache /go/artifacts
2022-04-06 13:35:45 +00:00
- |-
VERSION=$(egrep ^VERSION Makefile | cut -d= -f2)
if [ "$$VERSION" != "${DRONE_TAG##v}" ]; then
echo "Mismatch between Makefile version: $$VERSION and git tag: $DRONE_TAG"
exit 1
fi
echo "$$VERSION" > /go/.version.txt
2021-03-23 21:56:53 +00:00
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
2021-03-31 20:41:51 +00:00
- name : Wait for docker
image : docker
commands :
- timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done'
volumes :
- name : dockersock
path : /var/run
2021-03-23 21:56:53 +00:00
- name : Download artifacts from S3
image : amazon/aws-cli
commands :
- export VERSION=$(cat /go/.version.txt)
- if [[ "${DRONE_TAG}" != "" ]]; then export S3_PATH="tag/$${DRONE_TAG##v}/"; else
export S3_PATH="tag/"; fi
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-v$${VERSION}-linux-arm-bin.tar.gz
/go/artifacts/
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-ent-v$${VERSION}-linux-arm-bin.tar.gz
/go/artifacts/
environment :
AWS_ACCESS_KEY_ID :
from_secret : AWS_ACCESS_KEY_ID
AWS_REGION : us-west-2
AWS_S3_BUCKET :
from_secret : AWS_S3_BUCKET
AWS_SECRET_ACCESS_KEY :
from_secret : AWS_SECRET_ACCESS_KEY
- name : Build artifacts
image : docker
commands :
2022-03-25 20:55:31 +00:00
- apk add --no-cache bash curl gzip make tar go
2022-08-23 22:45:50 +00:00
- apk add --no-cache aws-cli
2021-03-23 21:56:53 +00:00
- cd /go/src/github.com/gravitational/teleport
- export VERSION=$(cat /go/.version.txt)
2022-08-23 22:45:50 +00:00
- aws ecr-public get-login-password --region us-east-1 | docker login -u="AWS" --password-stdin
public.ecr.aws
2021-03-23 21:56:53 +00:00
- mkdir -m0700 $GNUPG_DIR
- echo "$GPG_RPM_SIGNING_ARCHIVE" | base64 -d | tar -xzf - -C $GNUPG_DIR
- chown -R root:root $GNUPG_DIR
- make rpm
- rm -rf $GNUPG_DIR
environment :
ARCH : arm
2022-08-23 22:45:50 +00:00
AWS_ACCESS_KEY_ID :
from_secret : TELEPORT_BUILD_USER_READ_ONLY_KEY
AWS_SECRET_ACCESS_KEY :
from_secret : TELEPORT_BUILD_USER_READ_ONLY_SECRET
2021-03-23 21:56:53 +00:00
ENT_TARBALL_PATH : /go/artifacts
GNUPG_DIR : /tmpfs/gnupg
GPG_RPM_SIGNING_ARCHIVE :
from_secret : GPG_RPM_SIGNING_ARCHIVE
OSS_TARBALL_PATH : /go/artifacts
TMPDIR : /go
volumes :
- name : tmpfs
path : /tmpfs
- name : dockersock
path : /var/run
- name : Copy artifacts
image : docker
commands :
- cd /go/src/github.com/gravitational/teleport
- find build -maxdepth 1 -iname "teleport*.rpm*" -print -exec cp {} /go/artifacts
\;
- find e/build -maxdepth 1 -iname "teleport*.rpm*" -print -exec cp {} /go/artifacts
\;
- name : Upload to S3
image : plugins/s3
settings :
access_key :
from_secret : AWS_ACCESS_KEY_ID
bucket :
from_secret : AWS_S3_BUCKET
region : us-west-2
secret_key :
from_secret : AWS_SECRET_ACCESS_KEY
source : /go/artifacts/*
strip_prefix : /go/artifacts/
target : teleport/tag/${DRONE_TAG##v}
2022-01-03 15:51:17 +00:00
- name : Register artifacts
image : docker
commands :
- WORKSPACE_DIR=$${WORKSPACE_DIR:-/}
- VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt")
- RELEASES_HOST='https://releases-staging.platform.teleport.sh'
- echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt"
- echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key"
- trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT
- CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key"
- which curl || apk add --no-cache curl
- |-
cd "$WORKSPACE_DIR/go/artifacts"
2022-07-26 12:27:39 +00:00
find . -type f ! -iname '*.sha256' ! -iname '*-unsigned.zip*' | while read -r file; do
2022-01-03 15:51:17 +00:00
# Skip files that are not results of this build
# (e.g. tarballs from which OS packages are made)
[ -f "$file.sha256" ] || continue
2022-04-06 13:35:45 +00:00
name="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z
2022-07-26 12:27:39 +00:00
description="Linux ARMv7 (32-bit) RPM"
products="$name"
2022-04-06 13:35:45 +00:00
if [ "$name" = "tsh" ]; then
2022-07-26 12:27:39 +00:00
products="teleport teleport-ent"
2022-09-09 14:15:54 +00:00
elif [ "$name" = "Teleport Connect" -o "$name" = "teleport-connect" ]; then
2022-07-26 12:27:39 +00:00
description="Teleport Connect"
products="teleport teleport-ent"
2022-01-03 15:51:17 +00:00
fi
2022-04-06 13:35:45 +00:00
shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)"
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -F description="$description" -F os="linux" -F arch="arm" -F "file=@$file" -F "sha256=$shasum" "$RELEASES_HOST/assets";
2022-04-06 13:35:45 +00:00
for product in $products; do
status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases")
if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then
echo "curl HTTP status: $status_code"
cat $WORKSPACE_DIR/curl_out.txt
exit 1
fi
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -X PUT "$RELEASES_HOST/releases/$product@$VERSION/assets/$(basename "$file" | sed 's/ /%20/g')"
2022-04-06 13:35:45 +00:00
done
2022-01-03 15:51:17 +00:00
done
environment :
RELEASES_CERT :
from_secret : RELEASES_CERT_STAGING
RELEASES_KEY :
from_secret : RELEASES_KEY_STAGING
2022-01-25 16:09:22 +00:00
failure : ignore
2021-03-23 21:56:53 +00:00
services :
- name : Start Docker
2021-06-14 20:29:32 +00:00
image : docker:dind
2021-06-21 17:02:30 +00:00
privileged : true
2021-03-23 21:56:53 +00:00
volumes :
- name : tmpfs
path : /tmpfs
- name : dockersock
path : /var/run
volumes :
- name : tmpfs
temp :
medium : memory
- name : dockersock
temp : {}
---
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/tag.go (main.tagPipeline)
2021-03-23 01:32:45 +00:00
################################################
2020-07-17 00:43:18 +00:00
kind : pipeline
type : kubernetes
2021-03-12 01:29:48 +00:00
name : build-windows-amd64
2020-07-17 00:43:18 +00:00
environment :
2022-06-16 03:05:54 +00:00
BUILDBOX_VERSION : teleport11
2022-09-19 17:31:51 +00:00
RUNTIME : go1.19.1
2020-07-17 00:43:18 +00:00
trigger :
event :
2021-03-23 01:32:45 +00:00
include :
2020-07-17 00:43:18 +00:00
- tag
ref :
include :
2021-03-23 01:32:45 +00:00
- refs/tags/v*
2020-07-24 23:37:14 +00:00
repo :
include :
2021-03-23 01:32:45 +00:00
- gravitational/*
2020-07-17 00:43:18 +00:00
workspace :
path : /go
clone :
disable : true
2022-09-28 10:59:33 +00:00
depends_on :
- clean-up-previous-build
2020-07-17 00:43:18 +00:00
steps :
2021-03-23 01:32:45 +00:00
- name : Check out code
image : docker:git
commands :
- mkdir -p /go/src/github.com/gravitational/teleport
- cd /go/src/github.com/gravitational/teleport
- git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa
&& chmod 600 /root/.ssh/id_rsa
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
- git submodule update --init e
- git submodule update --init --recursive webassets || true
- rm -f /root/.ssh/id_rsa
- mkdir -p /go/cache /go/artifacts
2022-04-06 13:35:45 +00:00
- |-
VERSION=$(egrep ^VERSION Makefile | cut -d= -f2)
if [ "$$VERSION" != "${DRONE_TAG##v}" ]; then
echo "Mismatch between Makefile version: $$VERSION and git tag: $DRONE_TAG"
exit 1
fi
echo "$$VERSION" > /go/.version.txt
2021-03-23 01:32:45 +00:00
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
2021-03-31 20:41:51 +00:00
- name : Wait for docker
image : docker
commands :
- timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done'
volumes :
- name : dockersock
path : /var/run
2021-03-23 01:32:45 +00:00
- name : Build artifacts
image : docker
commands :
- apk add --no-cache make
- chown -R $UID:$GID /go
- cd /go/src/github.com/gravitational/teleport
2021-09-02 22:34:57 +00:00
- echo -n "$WINDOWS_SIGNING_CERT" | base64 -d > windows-signing-cert.pfx
2022-06-15 19:59:34 +00:00
- make -C build.assets release-windows
2021-09-02 22:34:57 +00:00
- rm -f windows-signing-cert.pfx
2021-03-23 01:32:45 +00:00
environment :
ARCH : amd64
GID : "1000"
2021-06-14 20:29:32 +00:00
GOCACHE : /go/cache
2021-03-23 01:32:45 +00:00
GOPATH : /go
OS : windows
UID : "1000"
2021-09-02 22:34:57 +00:00
WINDOWS_SIGNING_CERT :
from_secret : WINDOWS_SIGNING_CERT
2021-03-23 01:32:45 +00:00
volumes :
- name : dockersock
path : /var/run
- name : Copy artifacts
image : docker
commands :
- cd /go/src/github.com/gravitational/teleport
- find . -maxdepth 1 -iname "teleport*.zip" -print -exec cp {} /go/artifacts \;
- export VERSION=$(cat /go/.version.txt)
- cp /go/artifacts/teleport-v$${VERSION}-windows-amd64-bin.zip /go/artifacts/teleport-ent-v$${VERSION}-windows-amd64-bin.zip
- cd /go/artifacts && for FILE in teleport*.zip; do sha256sum $FILE > $FILE.sha256;
done && ls -l
- name : Upload to S3
image : plugins/s3
settings :
access_key :
from_secret : AWS_ACCESS_KEY_ID
bucket :
from_secret : AWS_S3_BUCKET
region : us-west-2
secret_key :
from_secret : AWS_SECRET_ACCESS_KEY
source : /go/artifacts/*
strip_prefix : /go/artifacts/
target : teleport/tag/${DRONE_TAG##v}
2022-01-03 15:51:17 +00:00
- name : Register artifacts
image : docker
commands :
- WORKSPACE_DIR=$${WORKSPACE_DIR:-/}
- VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt")
- RELEASES_HOST='https://releases-staging.platform.teleport.sh'
- echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt"
- echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key"
- trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT
- CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key"
- which curl || apk add --no-cache curl
- |-
cd "$WORKSPACE_DIR/go/artifacts"
2022-07-26 12:27:39 +00:00
find . -type f ! -iname '*.sha256' ! -iname '*-unsigned.zip*' | while read -r file; do
2022-01-03 15:51:17 +00:00
# Skip files that are not results of this build
# (e.g. tarballs from which OS packages are made)
[ -f "$file.sha256" ] || continue
2022-04-06 13:35:45 +00:00
name="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z
2022-07-26 12:27:39 +00:00
description="Windows 64-bit (tsh client only)"
products="$name"
2022-04-06 13:35:45 +00:00
if [ "$name" = "tsh" ]; then
2022-07-26 12:27:39 +00:00
products="teleport teleport-ent"
2022-09-09 14:15:54 +00:00
elif [ "$name" = "Teleport Connect" -o "$name" = "teleport-connect" ]; then
2022-07-26 12:27:39 +00:00
description="Teleport Connect"
products="teleport teleport-ent"
2022-01-03 15:51:17 +00:00
fi
2022-04-06 13:35:45 +00:00
shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)"
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -F description="$description" -F os="windows" -F arch="amd64" -F "file=@$file" -F "sha256=$shasum" "$RELEASES_HOST/assets";
2022-04-06 13:35:45 +00:00
for product in $products; do
status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases")
if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then
echo "curl HTTP status: $status_code"
cat $WORKSPACE_DIR/curl_out.txt
exit 1
fi
2022-07-26 12:27:39 +00:00
curl $CREDENTIALS --fail -o /dev/null -X PUT "$RELEASES_HOST/releases/$product@$VERSION/assets/$(basename "$file" | sed 's/ /%20/g')"
2022-04-06 13:35:45 +00:00
done
2022-01-03 15:51:17 +00:00
done
environment :
RELEASES_CERT :
from_secret : RELEASES_CERT_STAGING
RELEASES_KEY :
from_secret : RELEASES_KEY_STAGING
2022-01-25 19:06:55 +00:00
failure : ignore
2020-07-17 00:43:18 +00:00
services :
2021-03-23 01:32:45 +00:00
- name : Start Docker
2021-06-14 20:29:32 +00:00
image : docker:dind
2021-06-21 17:02:30 +00:00
privileged : true
2021-03-23 01:32:45 +00:00
volumes :
2020-07-17 00:43:18 +00:00
- name : dockersock
2021-03-23 01:32:45 +00:00
path : /var/run
volumes :
- name : dockersock
temp : {}
2020-07-17 00:43:18 +00:00
2020-07-20 20:18:00 +00:00
---
kind : pipeline
type : kubernetes
name : build-docker-images
environment :
2022-06-16 03:05:54 +00:00
BUILDBOX_VERSION : "teleport11"
2022-06-03 02:19:42 +00:00
RUNTIME : go1.17.9
2020-07-20 20:18:00 +00:00
trigger :
event :
- tag
ref :
include :
- refs/tags/v*
2020-07-24 23:37:14 +00:00
repo :
include :
- gravitational/*
2020-07-20 20:18:00 +00:00
workspace :
path : /go
clone :
disable : true
steps :
- name : Check out code
image : docker:git
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
2021-06-08 20:05:29 +00:00
GOCACHE : /go/cache
2020-07-20 20:18:00 +00:00
commands :
- mkdir -p /go/src/github.com/gravitational/teleport
- cd /go/src/github.com/gravitational/teleport
2021-01-15 20:33:54 +00:00
- git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .
2020-07-20 20:18:00 +00:00
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
# fetch enterprise submodules
- mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa && chmod 600 /root/.ssh/id_rsa
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
- git submodule update --init e
2020-08-10 14:15:05 +00:00
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
2020-07-20 20:18:00 +00:00
- git submodule update --init --recursive webassets || true
- rm -f /root/.ssh/id_rsa
# create necessary directories
2021-06-14 20:29:32 +00:00
- mkdir -p /go/artifacts $GOCACHE
2020-07-20 20:18:00 +00:00
# set version
2020-08-10 14:15:05 +00:00
- if [[ "${DRONE_TAG}" != "" ]]; then echo "${DRONE_TAG##v}" > /go/.version.txt; else egrep ^VERSION Makefile | cut -d= -f2 > /go/.version.txt; fi; cat /go/.version.txt
2020-07-20 20:18:00 +00:00
2020-09-21 17:34:50 +00:00
- name : Build/push OSS/Enterprise Docker images
2020-07-20 20:18:00 +00:00
image : docker
environment :
UID : 1000
GID : 1000
2021-06-08 20:05:29 +00:00
GOCACHE : /go/cache
2020-07-20 20:18:00 +00:00
GOPATH : /go
OS : linux
ARCH : amd64
2022-07-26 16:14:08 +00:00
AWS_ACCESS_KEY_ID :
from_secret : STAGING_TELEPORT_DRONE_USER_ECR_KEY
AWS_SECRET_ACCESS_KEY :
from_secret : STAGING_TELEPORT_DRONE_USER_ECR_SECRET
2020-07-20 20:18:00 +00:00
volumes :
- name : dockersock
path : /var/run
commands :
2022-07-26 16:14:08 +00:00
- apk add --no-cache make bash aws-cli
2020-07-20 20:18:00 +00:00
- chown -R $UID:$GID /go
2022-07-26 16:14:08 +00:00
- aws ecr get-login-password --region us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com
2020-07-20 20:18:00 +00:00
- cd /go/src/github.com/gravitational/teleport
2020-09-21 17:34:50 +00:00
- make image-ci publish-ci
2022-06-09 09:16:52 +00:00
- make publish-operator-ci
2020-07-20 20:18:00 +00:00
2020-09-21 17:34:50 +00:00
- name : Build/push FIPS Docker image
2020-07-20 20:18:00 +00:00
image : docker
environment :
UID : 1000
GID : 1000
2021-06-08 20:05:29 +00:00
GOCACHE : /go/cache
2020-07-20 20:18:00 +00:00
GOPATH : /go
OS : linux
ARCH : amd64
2022-07-26 16:14:08 +00:00
AWS_ACCESS_KEY_ID :
from_secret : STAGING_TELEPORT_DRONE_USER_ECR_KEY
AWS_SECRET_ACCESS_KEY :
from_secret : STAGING_TELEPORT_DRONE_USER_ECR_SECRET
2020-07-20 20:18:00 +00:00
volumes :
- name : dockersock
path : /var/run
commands :
2022-07-26 16:14:08 +00:00
- apk add --no-cache make aws-cli
2020-07-20 20:18:00 +00:00
- chown -R $UID:$GID /go
2022-07-26 16:14:08 +00:00
- aws ecr get-login-password --region us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com
2020-07-20 20:18:00 +00:00
- cd /go/src/github.com/gravitational/teleport
2020-08-13 17:28:09 +00:00
# VERSION needs to be set manually when running in the e directory.
# Normally, the version is set and exported by the root Makefile and then inherited,
# but this is not the case for FIPS builds (which only run in e/Makefile)
2020-07-20 20:18:00 +00:00
- export VERSION=$(cat /go/.version.txt)
2020-09-21 17:34:50 +00:00
- make -C e image-fips-ci publish-fips-ci
2020-07-20 20:18:00 +00:00
services :
- name : Start Docker
image : docker:dind
2021-06-21 17:02:30 +00:00
privileged : true
2020-07-20 20:18:00 +00:00
volumes :
- name : dockersock
path : /var/run
volumes :
- name : dockersock
temp : {}
2020-08-10 12:51:26 +00:00
---
kind : pipeline
type : kubernetes
name : build-oss-amis
trigger :
event :
- tag
ref :
include :
- refs/tags/v*
repo :
include :
- gravitational/*
depends_on :
- build-linux-amd64
workspace :
path : /go
clone :
disable : true
steps :
- name : Check out code
image : docker:git
commands :
- mkdir -p /go/src/github.com/gravitational/teleport
- cd /go/src/github.com/gravitational/teleport
2021-01-15 20:33:54 +00:00
- git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .
2020-08-10 12:51:26 +00:00
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
# set version
- if [[ "${DRONE_TAG}" != "" ]]; then echo "${DRONE_TAG##v}" > /go/.version.txt; else egrep ^VERSION Makefile | cut -d= -f2 > /go/.version.txt; fi; cat /go/.version.txt
- name : Download built tarball artifacts from S3
image : amazon/aws-cli
environment :
AWS_S3_BUCKET :
from_secret : AWS_S3_BUCKET
AWS_ACCESS_KEY_ID :
from_secret : AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY :
from_secret : AWS_SECRET_ACCESS_KEY
AWS_REGION : us-west-2
commands :
- export VERSION=$(cat /go/.version.txt)
- if [[ "${DRONE_TAG}" != "" ]]; then export S3_PATH="tag/$${DRONE_TAG##v}/"; else export S3_PATH="tag/"; fi
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-v$${VERSION}-linux-amd64-bin.tar.gz /go/src/github.com/gravitational/teleport/assets/aws/files
- name : Build OSS AMIs
2021-10-27 22:14:46 +00:00
image : hashicorp/packer:1.7.6
2020-08-10 12:51:26 +00:00
environment :
AWS_ACCESS_KEY_ID :
from_secret : AWS_PACKER_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY :
from_secret : AWS_PACKER_SECRET_ACCESS_KEY
volumes :
- name : dockersock
path : /var/run
commands :
- apk add --no-cache aws-cli jq make
- cd /go/src/github.com/gravitational/teleport/assets/aws
- export TELEPORT_VERSION=$(cat /go/.version.txt)
- export PUBLIC_AMI_NAME=gravitational-teleport-ami-oss-$TELEPORT_VERSION
- |
if [ "${DRONE_BUILD_EVENT}" = "tag" ]; then
2020-08-31 21:01:48 +00:00
echo "---> Building production OSS AMIs"
2020-09-21 17:34:50 +00:00
echo "---> Note: these AMIs will not be made public until the 'promote' step is run"
2020-08-10 12:51:26 +00:00
make oss-ci-build
else
2020-08-31 21:01:48 +00:00
echo "---> Building debug OSS AMIs"
2020-08-10 12:51:26 +00:00
make oss
fi
2020-09-21 17:34:50 +00:00
- name : Sync OSS build timestamp to S3
image : amazon/aws-cli
environment :
AWS_S3_BUCKET :
from_secret : AWS_S3_BUCKET
AWS_ACCESS_KEY_ID :
from_secret : AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY :
from_secret : AWS_SECRET_ACCESS_KEY
AWS_REGION : us-west-2
commands :
- export VERSION=$(cat /go/.version.txt)
- aws s3 cp /go/src/github.com/gravitational/teleport/assets/aws/files/build/oss_build_timestamp.txt s3://$AWS_S3_BUCKET/teleport/ami/$${VERSION}/
2020-08-10 12:51:26 +00:00
services :
- name : Start Docker
image : docker:dind
2021-06-21 17:02:30 +00:00
privileged : true
2020-08-10 12:51:26 +00:00
volumes :
- name : dockersock
path : /var/run
volumes :
- name : dockersock
temp : {}
---
kind : pipeline
type : kubernetes
name : build-ent-amis
trigger :
event :
- tag
ref :
include :
- refs/tags/v*
repo :
include :
- gravitational/*
depends_on :
- build-linux-amd64
- build-linux-amd64-fips
workspace :
path : /go
clone :
disable : true
steps :
- name : Check out code
image : docker:git
commands :
- mkdir -p /go/src/github.com/gravitational/teleport
- cd /go/src/github.com/gravitational/teleport
2021-01-15 20:33:54 +00:00
- git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .
2020-08-10 12:51:26 +00:00
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
# set version
- if [[ "${DRONE_TAG}" != "" ]]; then echo "${DRONE_TAG##v}" > /go/.version.txt; else egrep ^VERSION Makefile | cut -d= -f2 > /go/.version.txt; fi; cat /go/.version.txt
- name : Download built tarball artifacts from S3
image : amazon/aws-cli
environment :
AWS_S3_BUCKET :
from_secret : AWS_S3_BUCKET
AWS_ACCESS_KEY_ID :
from_secret : AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY :
from_secret : AWS_SECRET_ACCESS_KEY
AWS_REGION : us-west-2
commands :
- export VERSION=$(cat /go/.version.txt)
- if [[ "${DRONE_TAG}" != "" ]]; then export S3_PATH="tag/$${DRONE_TAG##v}/"; else export S3_PATH="tag/"; fi
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-ent-v$${VERSION}-linux-amd64-bin.tar.gz /go/src/github.com/gravitational/teleport/assets/aws/files
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}teleport-ent-v$${VERSION}-linux-amd64-fips-bin.tar.gz /go/src/github.com/gravitational/teleport/assets/aws/files
- name : Build Enterprise AMIs
2021-10-27 22:14:46 +00:00
image : hashicorp/packer:1.7.6
2020-08-10 12:51:26 +00:00
environment :
AWS_ACCESS_KEY_ID :
from_secret : AWS_PACKER_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY :
from_secret : AWS_PACKER_SECRET_ACCESS_KEY
volumes :
- name : dockersock
path : /var/run
commands :
- apk add --no-cache aws-cli jq make
- cd /go/src/github.com/gravitational/teleport/assets/aws
- export TELEPORT_VERSION=$(cat /go/.version.txt)
- export PUBLIC_AMI_NAME=gravitational-teleport-ami-ent-$TELEPORT_VERSION
2020-08-17 14:11:45 +00:00
- export FIPS_AMI_NAME=gravitational-teleport-ami-ent-$TELEPORT_VERSION-fips
2020-08-10 12:51:26 +00:00
- |
if [ "${DRONE_BUILD_EVENT}" = "tag" ]; then
2020-08-31 21:01:48 +00:00
echo "---> Building production Enterprise AMIs"
2020-09-21 17:34:50 +00:00
echo "---> Note: these AMIs will not be made public until the 'promote' step is run"
2020-08-10 12:51:26 +00:00
make ent-ci-build
else
2020-08-31 21:01:48 +00:00
echo "---> Building debug Enterprise AMIs"
2020-08-10 12:51:26 +00:00
make ent
fi
2020-09-21 17:34:50 +00:00
- name : Sync Enterprise build timestamp to S3
image : amazon/aws-cli
environment :
AWS_S3_BUCKET :
from_secret : AWS_S3_BUCKET
AWS_ACCESS_KEY_ID :
from_secret : AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY :
from_secret : AWS_SECRET_ACCESS_KEY
AWS_REGION : us-west-2
commands :
- export VERSION=$(cat /go/.version.txt)
- aws s3 cp /go/src/github.com/gravitational/teleport/assets/aws/files/build/ent_build_timestamp.txt s3://$AWS_S3_BUCKET/teleport/ami/$${VERSION}/
2020-08-10 12:51:26 +00:00
services :
- name : Start Docker
image : docker:dind
2021-06-21 17:02:30 +00:00
privileged : true
2020-08-10 12:51:26 +00:00
volumes :
- name : dockersock
path : /var/run
volumes :
- name : dockersock
temp : {}
2020-07-17 00:43:18 +00:00
---
2021-03-31 20:41:51 +00:00
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/buildbox.go (main.buildboxPipeline)
2021-03-31 20:41:51 +00:00
################################################
2020-07-17 00:43:18 +00:00
kind : pipeline
type : kubernetes
name : build-buildboxes
environment :
2022-06-16 03:05:54 +00:00
BUILDBOX_VERSION : teleport11
2021-03-31 20:41:51 +00:00
GID : "1000"
UID : "1000"
2020-07-17 00:43:18 +00:00
trigger :
event :
2021-03-31 20:41:51 +00:00
include :
2020-07-17 00:43:18 +00:00
- push
2020-07-24 23:37:14 +00:00
repo :
include :
2021-03-31 20:41:51 +00:00
- gravitational/teleport
branch :
include :
- master
2022-03-01 04:31:46 +00:00
- branch/*
2020-07-17 00:43:18 +00:00
workspace :
path : /go/src/github.com/gravitational/teleport
clone :
disable : true
steps :
2021-03-31 20:41:51 +00:00
- name : Check out code
image : docker:git
commands :
- git clone --depth 1 --single-branch --branch ${DRONE_SOURCE_BRANCH:-master} https://github.com/gravitational/${DRONE_REPO_NAME}.git
.
- git checkout ${DRONE_COMMIT}
- name : Wait for docker
image : docker
commands :
- timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done'
volumes :
- name : dockersock
path : /var/run
- name : buildbox
image : docker
commands :
2022-08-16 21:07:07 +00:00
- apk add --no-cache make aws-cli
2021-03-31 20:41:51 +00:00
- chown -R $UID:$GID /go
2022-08-16 21:07:07 +00:00
- export AWS_ACCESS_KEY_ID="$STAGING_AWS_ACCESS_KEY_ID"
- export AWS_SECRET_ACCESS_KEY="$STAGING_AWS_SECRET_ACCESS_KEY"
- aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin
146628656107. dkr.ecr.us-west-2.amazonaws.com
2021-03-31 20:41:51 +00:00
- make -C build.assets buildbox
2022-08-16 21:07:07 +00:00
- docker tag public.ecr.aws/gravitational/teleport-buildbox:$BUILDBOX_VERSION 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-buildbox:$BUILDBOX_VERSION-$DRONE_COMMIT_SHA
- docker push 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-buildbox:$BUILDBOX_VERSION-$DRONE_COMMIT_SHA
- docker logout 146628656107.dkr.ecr.us-west-2.amazonaws.com
- export AWS_ACCESS_KEY_ID="$PROD_AWS_ACCESS_KEY_ID"
- export AWS_SECRET_ACCESS_KEY="$PROD_AWS_SECRET_ACCESS_KEY"
- aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin
public.ecr.aws
- docker push public.ecr.aws/gravitational/teleport-buildbox:$BUILDBOX_VERSION
2021-03-31 20:41:51 +00:00
environment :
2022-08-16 21:07:07 +00:00
PROD_AWS_ACCESS_KEY_ID :
from_secret : PRODUCTION_BUILDBOX_DRONE_USER_ECR_KEY
PROD_AWS_SECRET_ACCESS_KEY :
from_secret : PRODUCTION_BUILDBOX_DRONE_USER_ECR_SECRET
STAGING_AWS_ACCESS_KEY_ID :
from_secret : STAGING_BUILDBOX_DRONE_USER_ECR_KEY
STAGING_AWS_SECRET_ACCESS_KEY :
from_secret : STAGING_BUILDBOX_DRONE_USER_ECR_SECRET
2021-03-31 20:41:51 +00:00
volumes :
- name : dockersock
path : /var/run
- name : buildbox-fips
image : docker
commands :
2022-08-16 21:07:07 +00:00
- apk add --no-cache make aws-cli
2021-03-31 20:41:51 +00:00
- chown -R $UID:$GID /go
2022-08-16 21:07:07 +00:00
- export AWS_ACCESS_KEY_ID="$STAGING_AWS_ACCESS_KEY_ID"
- export AWS_SECRET_ACCESS_KEY="$STAGING_AWS_SECRET_ACCESS_KEY"
- aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin
146628656107. dkr.ecr.us-west-2.amazonaws.com
2021-03-31 20:41:51 +00:00
- make -C build.assets buildbox-fips
2022-08-16 21:07:07 +00:00
- docker tag public.ecr.aws/gravitational/teleport-buildbox-fips:$BUILDBOX_VERSION
146628656107. dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-buildbox-fips:$BUILDBOX_VERSION-$DRONE_COMMIT_SHA
- docker push 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-buildbox-fips:$BUILDBOX_VERSION-$DRONE_COMMIT_SHA
- docker logout 146628656107.dkr.ecr.us-west-2.amazonaws.com
- export AWS_ACCESS_KEY_ID="$PROD_AWS_ACCESS_KEY_ID"
- export AWS_SECRET_ACCESS_KEY="$PROD_AWS_SECRET_ACCESS_KEY"
- aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin
public.ecr.aws
- docker push public.ecr.aws/gravitational/teleport-buildbox-fips:$BUILDBOX_VERSION
2021-03-31 20:41:51 +00:00
environment :
2022-08-16 21:07:07 +00:00
PROD_AWS_ACCESS_KEY_ID :
from_secret : PRODUCTION_BUILDBOX_DRONE_USER_ECR_KEY
PROD_AWS_SECRET_ACCESS_KEY :
from_secret : PRODUCTION_BUILDBOX_DRONE_USER_ECR_SECRET
STAGING_AWS_ACCESS_KEY_ID :
from_secret : STAGING_BUILDBOX_DRONE_USER_ECR_KEY
STAGING_AWS_SECRET_ACCESS_KEY :
from_secret : STAGING_BUILDBOX_DRONE_USER_ECR_SECRET
2021-03-31 20:41:51 +00:00
volumes :
- name : dockersock
path : /var/run
- name : buildbox-arm
image : docker
commands :
2022-08-16 21:07:07 +00:00
- apk add --no-cache make aws-cli
2021-03-31 20:41:51 +00:00
- chown -R $UID:$GID /go
2022-08-16 21:07:07 +00:00
- export AWS_ACCESS_KEY_ID="$STAGING_AWS_ACCESS_KEY_ID"
- export AWS_SECRET_ACCESS_KEY="$STAGING_AWS_SECRET_ACCESS_KEY"
- aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin
146628656107. dkr.ecr.us-west-2.amazonaws.com
2021-03-31 20:41:51 +00:00
- make -C build.assets buildbox-arm
2022-08-16 21:07:07 +00:00
- docker tag public.ecr.aws/gravitational/teleport-buildbox-arm:$BUILDBOX_VERSION
146628656107. dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-buildbox-arm:$BUILDBOX_VERSION-$DRONE_COMMIT_SHA
- docker push 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-buildbox-arm:$BUILDBOX_VERSION-$DRONE_COMMIT_SHA
- docker logout 146628656107.dkr.ecr.us-west-2.amazonaws.com
- export AWS_ACCESS_KEY_ID="$PROD_AWS_ACCESS_KEY_ID"
- export AWS_SECRET_ACCESS_KEY="$PROD_AWS_SECRET_ACCESS_KEY"
- aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin
public.ecr.aws
- docker push public.ecr.aws/gravitational/teleport-buildbox-arm:$BUILDBOX_VERSION
environment :
PROD_AWS_ACCESS_KEY_ID :
from_secret : PRODUCTION_BUILDBOX_DRONE_USER_ECR_KEY
PROD_AWS_SECRET_ACCESS_KEY :
from_secret : PRODUCTION_BUILDBOX_DRONE_USER_ECR_SECRET
STAGING_AWS_ACCESS_KEY_ID :
from_secret : STAGING_BUILDBOX_DRONE_USER_ECR_KEY
STAGING_AWS_SECRET_ACCESS_KEY :
from_secret : STAGING_BUILDBOX_DRONE_USER_ECR_SECRET
volumes :
- name : dockersock
path : /var/run
- name : buildbox-centos7
image : docker
commands :
- apk add --no-cache make aws-cli
- chown -R $UID:$GID /go
- export AWS_ACCESS_KEY_ID="$STAGING_AWS_ACCESS_KEY_ID"
- export AWS_SECRET_ACCESS_KEY="$STAGING_AWS_SECRET_ACCESS_KEY"
- aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin
146628656107. dkr.ecr.us-west-2.amazonaws.com
- make -C build.assets buildbox-centos7
- docker tag public.ecr.aws/gravitational/teleport-buildbox-centos7:$BUILDBOX_VERSION
146628656107. dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-buildbox-centos7:$BUILDBOX_VERSION-$DRONE_COMMIT_SHA
- docker push 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-buildbox-centos7:$BUILDBOX_VERSION-$DRONE_COMMIT_SHA
- docker logout 146628656107.dkr.ecr.us-west-2.amazonaws.com
- export AWS_ACCESS_KEY_ID="$PROD_AWS_ACCESS_KEY_ID"
- export AWS_SECRET_ACCESS_KEY="$PROD_AWS_SECRET_ACCESS_KEY"
- aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin
public.ecr.aws
- docker push public.ecr.aws/gravitational/teleport-buildbox-centos7:$BUILDBOX_VERSION
environment :
PROD_AWS_ACCESS_KEY_ID :
from_secret : PRODUCTION_BUILDBOX_DRONE_USER_ECR_KEY
PROD_AWS_SECRET_ACCESS_KEY :
from_secret : PRODUCTION_BUILDBOX_DRONE_USER_ECR_SECRET
STAGING_AWS_ACCESS_KEY_ID :
from_secret : STAGING_BUILDBOX_DRONE_USER_ECR_KEY
STAGING_AWS_SECRET_ACCESS_KEY :
from_secret : STAGING_BUILDBOX_DRONE_USER_ECR_SECRET
volumes :
- name : dockersock
path : /var/run
- name : buildbox-centos7-fips
image : docker
commands :
- apk add --no-cache make aws-cli
- chown -R $UID:$GID /go
- export AWS_ACCESS_KEY_ID="$STAGING_AWS_ACCESS_KEY_ID"
- export AWS_SECRET_ACCESS_KEY="$STAGING_AWS_SECRET_ACCESS_KEY"
- aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin
146628656107. dkr.ecr.us-west-2.amazonaws.com
- make -C build.assets buildbox-centos7-fips
- docker tag public.ecr.aws/gravitational/teleport-buildbox-centos7-fips:$BUILDBOX_VERSION
146628656107. dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-buildbox-centos7-fips:$BUILDBOX_VERSION-$DRONE_COMMIT_SHA
- docker push 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-buildbox-centos7-fips:$BUILDBOX_VERSION-$DRONE_COMMIT_SHA
- docker logout 146628656107.dkr.ecr.us-west-2.amazonaws.com
- export AWS_ACCESS_KEY_ID="$PROD_AWS_ACCESS_KEY_ID"
- export AWS_SECRET_ACCESS_KEY="$PROD_AWS_SECRET_ACCESS_KEY"
- aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin
public.ecr.aws
- docker push public.ecr.aws/gravitational/teleport-buildbox-centos7-fips:$BUILDBOX_VERSION
2021-03-31 20:41:51 +00:00
environment :
2022-08-16 21:07:07 +00:00
PROD_AWS_ACCESS_KEY_ID :
from_secret : PRODUCTION_BUILDBOX_DRONE_USER_ECR_KEY
PROD_AWS_SECRET_ACCESS_KEY :
from_secret : PRODUCTION_BUILDBOX_DRONE_USER_ECR_SECRET
STAGING_AWS_ACCESS_KEY_ID :
from_secret : STAGING_BUILDBOX_DRONE_USER_ECR_KEY
STAGING_AWS_SECRET_ACCESS_KEY :
from_secret : STAGING_BUILDBOX_DRONE_USER_ECR_SECRET
2021-03-31 20:41:51 +00:00
volumes :
- name : dockersock
path : /var/run
2020-06-25 17:29:10 +00:00
services :
2021-03-31 20:41:51 +00:00
- name : Start Docker
2021-06-14 20:29:32 +00:00
image : docker:dind
2021-06-21 17:02:30 +00:00
privileged : true
2021-03-31 20:41:51 +00:00
volumes :
2020-06-25 17:29:10 +00:00
- name : dockersock
2021-03-31 20:41:51 +00:00
path : /var/run
volumes :
- name : dockersock
temp : {}
2020-06-25 17:29:10 +00:00
2022-06-03 19:36:56 +00:00
---
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/os_repos.go (main.buildNeverTriggerPipeline)
2022-06-03 19:36:56 +00:00
################################################
kind : pipeline
type : kubernetes
name : migrate-apt-new-repos
trigger :
event :
include :
- custom
repo :
include :
- non-existent-repository
branch :
include :
- non-existent-branch
clone :
disable : true
steps :
- name : Placeholder
image : alpine:latest
commands :
- echo "This command, step, and pipeline never runs"
---
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/os_repos.go (main.(*OsPackageToolPipelineBuilder).buildBaseOsPackagePipeline)
2022-06-03 19:36:56 +00:00
################################################
kind : pipeline
type : kubernetes
name : publish-apt-new-repos
trigger :
event :
include :
- promote
target :
include :
- production
repo :
include :
- gravitational/teleport
workspace :
path : /go
clone :
disable : true
steps :
- name : Verify build is tagged
image : alpine:latest
commands :
- '[ -n ${DRONE_TAG} ] || (echo ' 'DRONE_TAG is not set. Is the commit tagged?' '
&& exit 1)'
- name : Check out code
image : alpine/git:latest
commands :
2022-06-08 23:57:25 +00:00
- mkdir -p "/go/src/github.com/gravitational/teleport"
- cd "/go/src/github.com/gravitational/teleport"
2022-06-03 19:36:56 +00:00
- git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .
- git checkout "${DRONE_TAG}"
2022-06-08 23:57:25 +00:00
- name : Check if tag is prerelease
image : golang:1.17-alpine
commands :
- cd "/go/src/github.com/gravitational/teleport/build.assets/tooling"
- go run ./cmd/check -tag ${DRONE_TAG} -check prerelease || (echo '---> This is
a prerelease, not publishing ${DRONE_TAG} packages to APT repos' && exit 78)
2022-06-03 19:36:56 +00:00
- name : Download artifacts for "${DRONE_TAG}"
image : amazon/aws-cli
commands :
- mkdir -pv "$ARTIFACT_PATH"
2022-08-02 21:32:59 +00:00
- rm -rf "${ARTIFACT_PATH}/*"
2022-06-03 19:36:56 +00:00
- aws s3 sync --no-progress --delete --exclude "*" --include "*.deb*" s3://$AWS_S3_BUCKET/teleport/tag/${DRONE_TAG##v}/
"$ARTIFACT_PATH"
environment :
ARTIFACT_PATH : /go/artifacts
AWS_ACCESS_KEY_ID :
from_secret : AWS_ACCESS_KEY_ID
AWS_S3_BUCKET :
from_secret : AWS_S3_BUCKET
AWS_SECRET_ACCESS_KEY :
from_secret : AWS_SECRET_ACCESS_KEY
2022-08-02 21:32:59 +00:00
depends_on :
- Verify build is tagged
- Check out code
- Check if tag is prerelease
2022-06-03 19:36:56 +00:00
- name : Publish debs to APT repos for "${DRONE_TAG}"
2022-08-02 21:32:59 +00:00
image : golang:1.18.4-bullseye
2022-06-03 19:36:56 +00:00
commands :
- apt update
2022-08-02 21:32:59 +00:00
- apt install -y aptly
- mkdir -pv -m0700 "$GNUPGHOME"
- echo "$GPG_RPM_SIGNING_ARCHIVE" | base64 -d | tar -xzf - -C $GNUPGHOME
- chown -R root:root "$GNUPGHOME"
2022-06-08 23:57:25 +00:00
- cd "/go/src/github.com/gravitational/teleport/build.assets/tooling"
2022-06-03 19:36:56 +00:00
- export VERSION="${DRONE_TAG}"
- export RELEASE_CHANNEL="stable"
2022-08-02 21:32:59 +00:00
- go run ./cmd/build-os-package-repos apt -bucket "$REPO_S3_BUCKET" -local-bucket-path
"$BUCKET_CACHE_PATH" -artifact-version "$VERSION" -release-channel "$RELEASE_CHANNEL"
-artifact-path "$ARTIFACT_PATH" -log-level 4 -aptly-root-dir "$APTLY_ROOT_DIR"
2022-06-03 19:36:56 +00:00
environment :
APTLY_ROOT_DIR : /mnt/aptly
ARTIFACT_PATH : /go/artifacts
AWS_ACCESS_KEY_ID :
from_secret : APT_REPO_NEW_AWS_ACCESS_KEY_ID
AWS_REGION : us-west-2
AWS_SECRET_ACCESS_KEY :
from_secret : APT_REPO_NEW_AWS_SECRET_ACCESS_KEY
BUCKET_CACHE_PATH : /tmp/bucket
2022-08-02 21:32:59 +00:00
DEBIAN_FRONTEND : noninteractive
2022-06-03 19:36:56 +00:00
GNUPGHOME : /tmpfs/gnupg
GPG_RPM_SIGNING_ARCHIVE :
from_secret : GPG_RPM_SIGNING_ARCHIVE
2022-08-02 21:32:59 +00:00
REPO_S3_BUCKET :
from_secret : APT_REPO_NEW_AWS_S3_BUCKET
2022-06-03 19:36:56 +00:00
volumes :
2022-08-02 21:32:59 +00:00
- name : apt-persistence
2022-06-03 19:36:56 +00:00
path : /mnt
- name : tmpfs
path : /tmpfs
2022-08-02 21:32:59 +00:00
depends_on :
- Download artifacts for "${DRONE_TAG}"
- Verify build is tagged
- Check out code
- Check if tag is prerelease
2022-06-03 19:36:56 +00:00
volumes :
2022-08-02 21:32:59 +00:00
- name : apt-persistence
2022-06-03 19:36:56 +00:00
claim :
name : drone-s3-aptrepo-pvc
- name : tmpfs
temp :
medium : memory
2022-07-26 16:14:08 +00:00
---
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/os_repos.go (main.buildNeverTriggerPipeline)
2022-07-26 16:14:08 +00:00
################################################
kind : pipeline
type : kubernetes
2022-08-02 21:32:59 +00:00
name : migrate-yum-new-repos
trigger :
event :
include :
- custom
repo :
include :
- non-existent-repository
branch :
include :
- non-existent-branch
clone :
disable : true
steps :
- name : Placeholder
image : alpine:latest
commands :
- echo "This command, step, and pipeline never runs"
---
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/os_repos.go (main.(*OsPackageToolPipelineBuilder).buildBaseOsPackagePipeline)
2022-08-02 21:32:59 +00:00
################################################
kind : pipeline
type : kubernetes
name : publish-yum-new-repos
trigger :
event :
include :
- promote
target :
include :
- production
repo :
include :
- gravitational/teleport
workspace :
path : /go
clone :
disable : true
steps :
- name : Verify build is tagged
image : alpine:latest
commands :
- '[ -n ${DRONE_TAG} ] || (echo ' 'DRONE_TAG is not set. Is the commit tagged?' '
&& exit 1)'
- name : Check out code
image : alpine/git:latest
commands :
- mkdir -p "/go/src/github.com/gravitational/teleport"
- cd "/go/src/github.com/gravitational/teleport"
- git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .
- git checkout "${DRONE_TAG}"
- name : Check if tag is prerelease
image : golang:1.17-alpine
commands :
- cd "/go/src/github.com/gravitational/teleport/build.assets/tooling"
- go run ./cmd/check -tag ${DRONE_TAG} -check prerelease || (echo '---> This is
a prerelease, not publishing ${DRONE_TAG} packages to APT repos' && exit 78)
- name : Download artifacts for "${DRONE_TAG}"
image : amazon/aws-cli
commands :
- mkdir -pv "$ARTIFACT_PATH"
- rm -rf "${ARTIFACT_PATH}/*"
- aws s3 sync --no-progress --delete --exclude "*" --include "*.rpm*" s3://$AWS_S3_BUCKET/teleport/tag/${DRONE_TAG##v}/
"$ARTIFACT_PATH"
environment :
ARTIFACT_PATH : /go/artifacts
AWS_ACCESS_KEY_ID :
from_secret : AWS_ACCESS_KEY_ID
AWS_S3_BUCKET :
from_secret : AWS_S3_BUCKET
AWS_SECRET_ACCESS_KEY :
from_secret : AWS_SECRET_ACCESS_KEY
depends_on :
- Verify build is tagged
- Check out code
- Check if tag is prerelease
- name : Publish rpms to YUM repos for "${DRONE_TAG}"
image : golang:1.18.4-bullseye
commands :
- apt update
- apt install -y createrepo-c
- mkdir -pv "$CACHE_DIR"
- mkdir -pv -m0700 "$GNUPGHOME"
- echo "$GPG_RPM_SIGNING_ARCHIVE" | base64 -d | tar -xzf - -C $GNUPGHOME
- chown -R root:root "$GNUPGHOME"
- cd "/go/src/github.com/gravitational/teleport/build.assets/tooling"
- export VERSION="${DRONE_TAG}"
- export RELEASE_CHANNEL="stable"
- go run ./cmd/build-os-package-repos yum -bucket "$REPO_S3_BUCKET" -local-bucket-path
"$BUCKET_CACHE_PATH" -artifact-version "$VERSION" -release-channel "$RELEASE_CHANNEL"
-artifact-path "$ARTIFACT_PATH" -log-level 4 -cache-dir "$CACHE_DIR"
environment :
ARTIFACT_PATH : /go/artifacts
AWS_ACCESS_KEY_ID :
from_secret : YUM_REPO_NEW_AWS_ACCESS_KEY_ID
AWS_REGION : us-west-2
AWS_SECRET_ACCESS_KEY :
from_secret : YUM_REPO_NEW_AWS_SECRET_ACCESS_KEY
BUCKET_CACHE_PATH : /mnt/bucket
CACHE_DIR : /mnt/createrepo_cache
DEBIAN_FRONTEND : noninteractive
GNUPGHOME : /tmpfs/gnupg
GPG_RPM_SIGNING_ARCHIVE :
from_secret : GPG_RPM_SIGNING_ARCHIVE
REPO_S3_BUCKET :
from_secret : YUM_REPO_NEW_AWS_S3_BUCKET
volumes :
- name : yum-persistence
path : /mnt
- name : tmpfs
path : /tmpfs
depends_on :
- Download artifacts for "${DRONE_TAG}"
- Verify build is tagged
- Check out code
- Check if tag is prerelease
volumes :
- name : yum-persistence
claim :
name : drone-s3-yumrepo-pvc
- name : tmpfs
temp :
medium : memory
---
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/promote.go (main.buildDockerPromotionPipelineECR)
2022-08-02 21:32:59 +00:00
################################################
kind : pipeline
type : kubernetes
name : promote-docker-ecr
2022-07-26 16:14:08 +00:00
trigger :
event :
include :
- promote
target :
include :
- production
- promote-docker
2022-08-02 21:32:59 +00:00
- promote-docker-ecr
2022-07-26 16:14:08 +00:00
repo :
include :
- gravitational/*
workspace :
path : /go
clone :
disable : true
steps :
- name : Verify build is tagged
image : alpine:latest
commands :
- '[ -n ${DRONE_TAG} ] || (echo ' 'DRONE_TAG is not set. Is the commit tagged?' '
&& exit 1)'
- name : Wait for docker
image : docker
commands :
- timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done'
volumes :
- name : dockersock
path : /var/run
- name : Pull/retag Docker images
image : docker
commands :
- apk add --no-cache aws-cli
- export VERSION=${DRONE_TAG##v}
- aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin
146628656107. dkr.ecr.us-west-2.amazonaws.com
- echo "---> Pulling images for $${VERSION}"
- docker pull 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$${VERSION}
- docker pull 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$${VERSION}
- docker pull 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$${VERSION}-fips
2022-08-10 14:50:37 +00:00
- docker pull 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$${VERSION}
2022-07-26 16:14:08 +00:00
- echo "---> Tagging images for $${VERSION}"
- docker tag 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$${VERSION}
2022-08-02 21:32:59 +00:00
public.ecr.aws/gravitational/teleport:$${VERSION}
2022-07-26 16:14:08 +00:00
- docker tag 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$${VERSION}
2022-08-02 21:32:59 +00:00
public.ecr.aws/gravitational/teleport-ent:$${VERSION}
2022-07-26 16:14:08 +00:00
- docker tag 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$${VERSION}-fips
2022-08-02 21:32:59 +00:00
public.ecr.aws/gravitational/teleport-ent:$${VERSION}-fips
2022-08-10 14:50:37 +00:00
- docker tag 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$${VERSION}
public.ecr.aws/gravitational/teleport-operator:$${VERSION}
2022-07-26 16:14:08 +00:00
- docker logout 146628656107.dkr.ecr.us-west-2.amazonaws.com
2022-08-02 21:32:59 +00:00
- aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin
public.ecr.aws
2022-07-26 16:14:08 +00:00
- echo "---> Pushing images for $${VERSION}"
2022-08-02 21:32:59 +00:00
- docker push public.ecr.aws/gravitational/teleport:$${VERSION}
- docker push public.ecr.aws/gravitational/teleport-ent:$${VERSION}
- docker push public.ecr.aws/gravitational/teleport-ent:$${VERSION}-fips
2022-08-10 14:50:37 +00:00
- docker push public.ecr.aws/gravitational/teleport-operator:$${VERSION}
2022-07-26 16:14:08 +00:00
environment :
AWS_ACCESS_KEY_ID :
2022-08-02 21:32:59 +00:00
from_secret : PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY
2022-07-26 16:14:08 +00:00
AWS_SECRET_ACCESS_KEY :
2022-08-02 21:32:59 +00:00
from_secret : PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET
2022-07-26 16:14:08 +00:00
volumes :
- name : dockersock
path : /var/run
services :
- name : Start Docker
image : docker:dind
privileged : true
volumes :
- name : dockersock
path : /var/run
volumes :
- name : dockersock
temp : {}
---
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
2022-08-23 19:57:22 +00:00
# Generated at dronegen/promote.go (main.buildDockerPromotionPipelineQuay)
2022-07-26 16:14:08 +00:00
################################################
kind : pipeline
type : kubernetes
2022-08-02 21:32:59 +00:00
name : promote-docker-quay
2022-07-26 16:14:08 +00:00
trigger :
event :
include :
- promote
target :
include :
- production
- promote-docker
2022-08-02 21:32:59 +00:00
- promote-docker-quay
2022-07-26 16:14:08 +00:00
repo :
include :
- gravitational/*
workspace :
path : /go
clone :
disable : true
steps :
- name : Verify build is tagged
image : alpine:latest
commands :
- '[ -n ${DRONE_TAG} ] || (echo ' 'DRONE_TAG is not set. Is the commit tagged?' '
&& exit 1)'
- name : Wait for docker
image : docker
commands :
- timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done'
volumes :
- name : dockersock
path : /var/run
- name : Pull/retag Docker images
image : docker
commands :
- apk add --no-cache aws-cli
- export VERSION=${DRONE_TAG##v}
- aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin
146628656107. dkr.ecr.us-west-2.amazonaws.com
- echo "---> Pulling images for $${VERSION}"
- docker pull 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$${VERSION}
- docker pull 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$${VERSION}
- docker pull 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$${VERSION}-fips
2022-08-10 14:50:37 +00:00
- docker pull 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$${VERSION}
2022-07-26 16:14:08 +00:00
- echo "---> Tagging images for $${VERSION}"
- docker tag 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$${VERSION}
2022-08-02 21:32:59 +00:00
quay.io/gravitational/teleport:$${VERSION}
2022-07-26 16:14:08 +00:00
- docker tag 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$${VERSION}
2022-08-02 21:32:59 +00:00
quay.io/gravitational/teleport-ent:$${VERSION}
2022-07-26 16:14:08 +00:00
- docker tag 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$${VERSION}-fips
2022-08-02 21:32:59 +00:00
quay.io/gravitational/teleport-ent:$${VERSION}-fips
2022-08-10 14:50:37 +00:00
- docker tag 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$${VERSION}
quay.io/gravitational/teleport-operator:$${VERSION}
2022-07-26 16:14:08 +00:00
- docker logout 146628656107.dkr.ecr.us-west-2.amazonaws.com
2022-08-02 21:32:59 +00:00
- docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" quay.io
2022-07-26 16:14:08 +00:00
- echo "---> Pushing images for $${VERSION}"
2022-08-02 21:32:59 +00:00
- docker push quay.io/gravitational/teleport:$${VERSION}
- docker push quay.io/gravitational/teleport-ent:$${VERSION}
- docker push quay.io/gravitational/teleport-ent:$${VERSION}-fips
2022-08-04 23:30:26 +00:00
- docker push quay.io/gravitational/teleport-operator:$${VERSION}
2022-07-26 16:14:08 +00:00
environment :
AWS_ACCESS_KEY_ID :
2022-08-02 21:32:59 +00:00
from_secret : STAGING_TELEPORT_DRONE_USER_ECR_KEY
2022-07-26 16:14:08 +00:00
AWS_SECRET_ACCESS_KEY :
2022-08-02 21:32:59 +00:00
from_secret : STAGING_TELEPORT_DRONE_USER_ECR_SECRET
QUAY_PASSWORD :
from_secret : PRODUCTION_QUAYIO_DOCKER_PASSWORD
QUAY_USERNAME :
from_secret : PRODUCTION_QUAYIO_DOCKER_USERNAME
2022-07-26 16:14:08 +00:00
volumes :
- name : dockersock
path : /var/run
services :
- name : Start Docker
image : docker:dind
privileged : true
volumes :
- name : dockersock
path : /var/run
volumes :
- name : dockersock
temp : {}
2020-06-25 17:29:10 +00:00
---
kind : pipeline
type : kubernetes
2020-09-21 17:34:50 +00:00
name : promote-build
2020-06-25 17:29:10 +00:00
trigger :
event :
- promote
target :
- production
2020-07-24 23:37:14 +00:00
repo :
include :
- gravitational/*
2020-06-25 17:29:10 +00:00
workspace :
2020-09-21 17:34:50 +00:00
path : /go
2020-06-25 17:29:10 +00:00
clone :
disable : true
steps :
2022-01-14 03:52:15 +00:00
- name : Check if commit is tagged
image : alpine
commands :
- "[ -n ${DRONE_TAG} ] || (echo 'DRONE_TAG is not set. Is the commit tagged?' && exit 1)"
2020-09-21 17:34:50 +00:00
- name : Download artifacts from S3
2020-06-25 17:29:10 +00:00
image : amazon/aws-cli
environment :
AWS_S3_BUCKET :
from_secret : AWS_S3_BUCKET
AWS_ACCESS_KEY_ID :
from_secret : AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY :
from_secret : AWS_SECRET_ACCESS_KEY
AWS_REGION : us-west-2
commands :
2020-09-21 17:34:50 +00:00
- mkdir -p /go/artifacts
- aws s3 sync s3://$AWS_S3_BUCKET/teleport/tag/${DRONE_TAG##v}/ /go/artifacts/
2020-06-25 17:29:10 +00:00
2020-09-21 17:34:50 +00:00
- name : Upload artifacts to production S3
2020-06-25 17:29:10 +00:00
image : plugins/s3
settings :
bucket :
from_secret : PRODUCTION_AWS_S3_BUCKET
access_key :
from_secret : PRODUCTION_AWS_ACCESS_KEY_ID
secret_key :
from_secret : PRODUCTION_AWS_SECRET_ACCESS_KEY
region : us-east-1
acl : public-read
2020-09-21 17:34:50 +00:00
source : /go/artifacts/*
2020-08-10 14:15:05 +00:00
target : teleport/${DRONE_TAG##v}/
2020-09-21 17:34:50 +00:00
strip_prefix : /go/artifacts/
- name : Pull/retag Docker images
image : docker
settings :
docker_staging_username :
from_secret : QUAYIO_DOCKER_USERNAME
docker_staging_password :
from_secret : QUAYIO_DOCKER_PASSWORD
docker_production_username :
from_secret : PRODUCTION_QUAYIO_DOCKER_USERNAME
docker_production_password :
from_secret : PRODUCTION_QUAYIO_DOCKER_PASSWORD
volumes :
- name : dockersock
path : /var/run
commands :
# wait for docker to start
- sleep 3
- export VERSION=${DRONE_TAG##v}
# authenticate with staging credentials
- docker login -u="$PLUGIN_DOCKER_STAGING_USERNAME" -p="$PLUGIN_DOCKER_STAGING_PASSWORD" quay.io
# pull 'temporary' CI-built images
- echo "---> Pulling images for $${VERSION}"
- docker pull quay.io/gravitational/teleport-ci:$${VERSION}
- docker pull quay.io/gravitational/teleport-ent-ci:$${VERSION}
- docker pull quay.io/gravitational/teleport-ent-ci:$${VERSION}-fips
2022-06-09 09:16:52 +00:00
- docker pull quay.io/gravitational/teleport-operator-ci:$${VERSION}
2020-09-21 17:34:50 +00:00
# retag images to production naming
- echo "---> Tagging images for $${VERSION}"
- docker tag quay.io/gravitational/teleport-ci:$${VERSION} quay.io/gravitational/teleport:$${VERSION}
- docker tag quay.io/gravitational/teleport-ent-ci:$${VERSION} quay.io/gravitational/teleport-ent:$${VERSION}
- docker tag quay.io/gravitational/teleport-ent-ci:$${VERSION}-fips quay.io/gravitational/teleport-ent:$${VERSION}-fips
2022-06-09 09:16:52 +00:00
- docker tag quay.io/gravitational/teleport-operator-ci:$${VERSION} quay.io/gravitational/teleport-operator:$${VERSION}
2020-09-21 17:34:50 +00:00
# reauthenticate with production credentials
- docker logout quay.io
- docker login -u="$PLUGIN_DOCKER_PRODUCTION_USERNAME" -p="$PLUGIN_DOCKER_PRODUCTION_PASSWORD" quay.io
# push production images
- echo "---> Pushing images for $${VERSION}"
- docker push quay.io/gravitational/teleport:$${VERSION}
- docker push quay.io/gravitational/teleport-ent:$${VERSION}
- docker push quay.io/gravitational/teleport-ent:$${VERSION}-fips
2022-06-09 09:16:52 +00:00
- docker push quay.io/gravitational/teleport-operator:$${VERSION}
2020-09-21 17:34:50 +00:00
- name : Check out code
image : docker:git
commands :
- |
mkdir -p /go/src/github.com/gravitational/teleport
cd /go/src/github.com/gravitational/teleport
git init && git remote add origin ${DRONE_REMOTE_URL}
git fetch origin +refs/tags/${DRONE_TAG}:
git checkout -qf FETCH_HEAD
- name : Download AMI timestamps
image : docker
environment :
AWS_S3_BUCKET :
from_secret : AWS_S3_BUCKET
AWS_ACCESS_KEY_ID :
from_secret : AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY :
from_secret : AWS_SECRET_ACCESS_KEY
commands :
- apk add --no-cache aws-cli
- mkdir -p /go/src/github.com/gravitational/teleport/assets/aws/files/build
- aws s3 sync s3://$AWS_S3_BUCKET/teleport/ami/${DRONE_TAG##v}/ /go/src/github.com/gravitational/teleport/assets/aws/files/build
- name : Make AMIs public
image : docker
environment :
AWS_ACCESS_KEY_ID :
from_secret : PRODUCTION_AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY :
from_secret : PRODUCTION_AWS_SECRET_ACCESS_KEY
commands :
- apk add --no-cache aws-cli bash jq make
- cd /go/src/github.com/gravitational/teleport/assets/aws
- |
make change-amis-to-public-oss
make change-amis-to-public-ent
make change-amis-to-public-ent-fips
2021-09-28 19:41:05 +00:00
# Download all previously packaged charts. This is needed to rebuild the
# index and re-publish the repository.
- name : "Helm: Download chart repository"
image : amazon/aws-cli
environment :
AWS_S3_BUCKET :
from_secret : PRODUCTION_CHARTS_AWS_S3_BUCKET
AWS_ACCESS_KEY_ID :
from_secret : PRODUCTION_CHARTS_AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY :
from_secret : PRODUCTION_CHARTS_AWS_SECRET_ACCESS_KEY
commands :
- mkdir -p /go/chart
- aws s3 sync s3://$AWS_S3_BUCKET/ /go/chart
- name : "Helm: Package chart repository"
image : alpine/helm:latest
commands :
- cd /go/chart
- helm package /go/src/github.com/gravitational/teleport/examples/chart/teleport-cluster
- helm package /go/src/github.com/gravitational/teleport/examples/chart/teleport-kube-agent
# copy index.html to root of the S3 bucket.
- cp /go/src/github.com/gravitational/teleport/examples/chart/index.html /go/chart
# this will index all previous versions of the charts downloaded from the S3 bucket,
# plus the just-packaged charts listed above
- helm repo index /go/chart
- ls /go/chart
- name : "Helm: Publish chart repository to S3"
2022-09-21 07:20:40 +00:00
image : plugins/s3
settings :
bucket :
2021-09-28 19:41:05 +00:00
from_secret : PRODUCTION_CHARTS_AWS_S3_BUCKET
2022-09-21 07:20:40 +00:00
access_key :
2021-09-28 19:41:05 +00:00
from_secret : PRODUCTION_CHARTS_AWS_ACCESS_KEY_ID
2022-09-21 07:20:40 +00:00
secret_key :
2021-09-28 19:41:05 +00:00
from_secret : PRODUCTION_CHARTS_AWS_SECRET_ACCESS_KEY
2022-09-21 07:20:40 +00:00
region : us-east-2
acl : public-read
source : /go/chart/*
target : /
strip_prefix : /go/chart
2021-09-28 19:41:05 +00:00
2020-11-12 15:13:52 +00:00
# NOTE: all mandatory steps for a release promotion need to go BEFORE this
# step, as there is a chance that everything afterwards will be skipped.
#
2022-01-14 03:52:15 +00:00
# this step exits early and skips all remaining steps in the pipeline if the
# tag looks like a pre-release, to avoid pushing pre-release RPMs and DEBs to
# our yum / apt repos.
2022-02-24 18:55:06 +00:00
- name : Check if repo is public
image : alpine
commands :
- if [ "${DRONE_REPO}" != "gravitational/teleport" ]; then echo "---> Not publishing ${DRONE_REPO} packages to RPM and DEB repos" && exit 78; fi
2022-01-14 03:52:15 +00:00
- name : Check if tag is prerelease
2022-06-03 02:19:42 +00:00
image : golang:1.17-alpine
2020-11-12 15:13:52 +00:00
commands :
2022-02-10 20:49:28 +00:00
- cd /go/src/github.com/gravitational/teleport/build.assets/tooling
2022-02-24 18:55:06 +00:00
- go run ./cmd/check -tag ${DRONE_TAG} -check prerelease || (echo '---> Not publishing ${DRONE_TAG} packages to RPM and DEB repos' && exit 78)
2020-11-12 15:13:52 +00:00
- name : Download RPM repo contents
image : amazon/aws-cli
environment :
AWS_S3_BUCKET :
from_secret : RPMREPO_AWS_S3_BUCKET
AWS_ACCESS_KEY_ID :
from_secret : RPMREPO_AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY :
from_secret : RPMREPO_AWS_SECRET_ACCESS_KEY
volumes :
- name : rpmrepo
path : /rpmrepo
commands :
- mkdir -p /rpmrepo/teleport/cache
# we explicitly want to delete anything present locally which has been deleted
# from the upstream S3 bucket
- aws s3 sync s3://$AWS_S3_BUCKET/teleport/ /rpmrepo/teleport/ --delete
- mkdir -p /rpmrepo/teleport/${DRONE_TAG##v}
- cp -a /go/artifacts/*.rpm /rpmrepo/teleport/${DRONE_TAG##v}/
# we do this using a CentOS 7 container to make sure that the repo files are
# compatible with older versions, also there's no createrepo package in alpine main
- name : Regenerate RPM repo metadata
image : centos:7
volumes :
- name : rpmrepo
path : /rpmrepo
commands :
- yum -y install createrepo
- createrepo --cachedir /rpmrepo/teleport/cache --update /rpmrepo/teleport
2022-01-07 01:10:38 +00:00
# This step requires centos:8 to get gpg 2.2+
# centos:7's gpg 2.0 doesn't understand the format of GPG_RPM_SIGNING_ARCHIVE
- name : Sign RPM repo metadata
image : centos:8
volumes :
- name : rpmrepo
path : /rpmrepo
# for in-memory tmpfs for key material
- name : tmpfs
path : /tmpfs
environment :
GNUPGHOME : /tmpfs/gnupg
GPG_RPM_SIGNING_ARCHIVE :
from_secret : GPG_RPM_SIGNING_ARCHIVE
commands :
- |
# extract signing key
mkdir -m0700 $GNUPGHOME
echo "$GPG_RPM_SIGNING_ARCHIVE" | base64 -d | tar -xzf - -C $GNUPGHOME
chown -R root:root $GNUPGHOME
# Sign rpm repo metadata (yum clients will automatically look for and verify repodata/repomd.xml.asc)
2022-01-12 02:23:30 +00:00
- gpg --batch --yes --detach-sign --armor /rpmrepo/teleport/repodata/repomd.xml
2022-01-07 01:10:38 +00:00
- cat /rpmrepo/teleport/repodata/repomd.xml.asc
- rm -rf $GNUPGHOME
2020-11-12 15:13:52 +00:00
- name : Sync RPM repo changes to S3
image : amazon/aws-cli
environment :
AWS_S3_BUCKET :
from_secret : RPMREPO_AWS_S3_BUCKET
AWS_ACCESS_KEY_ID :
from_secret : RPMREPO_AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY :
from_secret : RPMREPO_AWS_SECRET_ACCESS_KEY
volumes :
- name : rpmrepo
path : /rpmrepo
commands :
- aws s3 sync /rpmrepo/teleport/ s3://$AWS_S3_BUCKET/teleport/
2022-01-14 03:52:15 +00:00
# This step skips all remaining steps in the pipeline if the tag
# is not the highest semver *ever* released, to avoid publishing DEBs
# that would cause apt users to downgrade. For more info see:
# https://github.com/gravitational/teleport/issues/8166
- name : Check if tag is latest
2022-06-03 02:19:42 +00:00
image : golang:1.17-alpine
2022-01-14 03:52:15 +00:00
commands :
2022-02-10 20:49:28 +00:00
- cd /go/src/github.com/gravitational/teleport/build.assets/tooling
- go run ./cmd/check -tag ${DRONE_TAG} -check latest || (echo '---> Not publishing ${DRONE_REPO} packages to DEB repo' && exit 78)
2022-01-14 03:52:15 +00:00
2020-11-30 21:44:48 +00:00
- name : Download DEB repo contents
image : amazon/aws-cli
environment :
AWS_S3_BUCKET :
from_secret : DEBREPO_AWS_S3_BUCKET
AWS_ACCESS_KEY_ID :
from_secret : DEBREPO_AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY :
from_secret : DEBREPO_AWS_SECRET_ACCESS_KEY
volumes :
- name : debrepo
path : /debrepo
commands :
# we explicitly want to delete anything present locally which has been deleted
# from the upstream S3 bucket
- mkdir -p /debrepo/teleport
- aws s3 sync s3://$AWS_S3_BUCKET/teleport /debrepo/teleport --delete
- name : Build DEB repo
image : ubuntu:20.04
environment :
DEBIAN_FRONTEND : noninteractive
GNUPGHOME : /tmpfs/gnupg
GPG_RPM_SIGNING_ARCHIVE :
from_secret : GPG_RPM_SIGNING_ARCHIVE
volumes :
- name : dockersock
path : /var/run
- name : debrepo
path : /debrepo
# for in-memory tmpfs for key material
- name : tmpfs
path : /tmpfs
commands :
- |
# install needed tools
apt-get -y update && apt-get -y install curl gzip gnupg2 reprepro tar
- |
# write config files
mkdir -p /go/reprepro/teleport/conf /go/reprepro/teleport/public
2022-03-29 16:46:55 +00:00
# we have to keep listing "arm" even though it's not a real debian arch
# because we have released packages for it that are currently in the
# repo bucket, and reprepro will error out if it's told to includedeb a
# package for an architecture that's not in its configuration
2020-11-30 21:44:48 +00:00
cat << EOF > /go/reprepro/teleport/conf/distributions
Origin : teleport
Label : teleport
Codename : stable
2022-03-29 16:46:55 +00:00
Architectures : i386 amd64 arm armhf arm64
2020-11-30 21:44:48 +00:00
Components : main
Description : apt repository for teleport
SignWith : 6282C411
EOF
cat << EOF > /go/reprepro/teleport/conf/options
verbose
basedir /go/reprepro/teleport
EOF
- |
# extract signing key
mkdir -m0700 $GNUPGHOME
echo "$GPG_RPM_SIGNING_ARCHIVE" | base64 -d | tar -xzf - -C $GNUPGHOME
chown -R root:root $GNUPGHOME
- |
# create repo
cd /go/reprepro/teleport
reprepro --outdir /go/reprepro/teleport/public includedeb stable /go/artifacts/teleport*.deb
- |
# clean up gnupg
rm -rf $GNUPGHOME
- |
# copy artifacts to PVC
cp -r /go/reprepro/teleport /debrepo/
- name : Sync DEB repo changes to S3
image : amazon/aws-cli
environment :
AWS_S3_BUCKET :
from_secret : DEBREPO_AWS_S3_BUCKET
AWS_ACCESS_KEY_ID :
from_secret : DEBREPO_AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY :
from_secret : DEBREPO_AWS_SECRET_ACCESS_KEY
volumes :
- name : debrepo
path : /debrepo
commands :
- aws s3 sync /debrepo/teleport/ s3://$AWS_S3_BUCKET/teleport/
2020-09-21 17:34:50 +00:00
services :
- name : Start Docker
image : docker:dind
2021-06-21 17:02:30 +00:00
privileged : true
2020-09-21 17:34:50 +00:00
volumes :
- name : dockersock
path : /var/run
2020-12-11 22:45:06 +00:00
- name : tmpfs
path : /tmpfs
2020-09-21 17:34:50 +00:00
volumes :
- name : dockersock
temp : {}
2020-12-11 22:45:06 +00:00
- name : tmpfs
temp :
medium : memory
# these persistent volumes cache RPMs/DEBs near Drone so that we don't need to download the
2020-11-10 19:32:34 +00:00
# entire repo contents from S3 every time to build the repo, we just sync any differences
- name : rpmrepo
claim :
name : drone-s3-rpmrepo-pvc
2020-12-11 22:45:06 +00:00
- name : debrepo
claim :
name : drone-s3-debrepo-pvc
2020-06-25 17:29:10 +00:00
---
2022-09-28 10:59:33 +00:00
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
# Generated at dronegen/relcli.go (main.relcliPipeline)
################################################
2022-08-05 14:50:08 +00:00
kind : pipeline
type : kubernetes
name : publish-rlz
environment :
2022-09-28 10:59:33 +00:00
RELCLI_IMAGE : 146628656107. dkr.ecr.us-west-2.amazonaws.com/gravitational/relcli:v1.1.70-beta.3
2022-08-05 14:50:08 +00:00
trigger :
event :
2022-09-28 10:59:33 +00:00
include :
2022-08-05 14:50:08 +00:00
- promote
target :
2022-09-28 10:59:33 +00:00
include :
2022-08-05 14:50:08 +00:00
- production
repo :
include :
2022-09-28 10:59:33 +00:00
- gravitational/*
2022-08-05 14:50:08 +00:00
clone :
disable : true
steps :
2022-09-28 10:59:33 +00:00
- name : Check if commit is tagged
image : alpine
commands :
- '[ -n ${DRONE_TAG} ] || (echo ' 'DRONE_TAG is not set. Is the commit tagged?' '
&& exit 1)'
- name : Wait for docker
image : docker
commands :
- timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done'
volumes :
2022-08-05 14:50:08 +00:00
- name : dockersock
2022-09-28 10:59:33 +00:00
path : /var/run
- name : Pull relcli
image : docker:cli
commands :
- apk add --no-cache aws-cli
- aws ecr get-login-password | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com
- docker pull $RELCLI_IMAGE
environment :
AWS_ACCESS_KEY_ID :
from_secret : TELEPORT_BUILD_USER_READ_ONLY_KEY
AWS_DEFAULT_REGION : us-west-2
AWS_SECRET_ACCESS_KEY :
from_secret : TELEPORT_BUILD_USER_READ_ONLY_SECRET
volumes :
- name : dockersock
path : /var/run
- name : Publish in Release API
image : docker:git
commands :
- mkdir -p /tmpfs/creds
- echo "$RELEASES_CERT" | base64 -d > "$RELCLI_CERT"
- echo "$RELEASES_KEY" | base64 -d > "$RELCLI_KEY"
- trap "rm -rf /tmpfs/creds" EXIT
- |-
docker run -i -v /tmpfs/creds:/tmpfs/creds \
-e DRONE_REPO -e DRONE_TAG -e RELCLI_BASE_URL -e RELCLI_CERT -e RELCLI_KEY \
$RELCLI_IMAGE relcli auto_publish -f -v 6
environment :
RELCLI_BASE_URL : https://releases-staging.platform.teleport.sh
RELCLI_CERT : /tmpfs/creds/releases.crt
RELCLI_KEY : /tmpfs/creds/releases.key
RELEASES_CERT :
from_secret : RELEASES_CERT_STAGING
RELEASES_KEY :
from_secret : RELEASES_KEY_STAGING
volumes :
2022-08-05 14:50:08 +00:00
- name : tmpfs
2022-09-28 10:59:33 +00:00
path : /tmpfs
- name : dockersock
path : /var/run
failure : ignore
services :
- name : Start Docker
image : docker:dind
privileged : true
volumes :
- name : tmpfs
path : /tmpfs
- name : dockersock
path : /var/run
volumes :
- name : tmpfs
temp :
medium : memory
- name : dockersock
temp : {}
2022-08-05 14:50:08 +00:00
---
2022-08-24 14:38:42 +00:00
################################################
# Generated using dronegen, do not edit by hand!
# Use 'make dronegen' to update.
# Generated at dronegen/mac.go (main.newDarwinPipeline)
################################################
kind : pipeline
type : exec
name : build-darwin-amd64-connect
trigger :
event :
include :
- tag
ref :
include :
- refs/tags/v*
repo :
include :
- gravitational/*
workspace :
path : /tmp/build-darwin-amd64-connect
platform :
os : darwin
arch : amd64
clone :
disable : true
depends_on :
- build-darwin-amd64-pkg-tsh
concurrency :
limit : 1
steps :
- name : Set up exec runner storage
commands :
- set -u
- mkdir -p $WORKSPACE_DIR
- chmod -R u+rw $WORKSPACE_DIR
- rm -rf $WORKSPACE_DIR/go $WORKSPACE_DIR/.ssh
environment :
WORKSPACE_DIR : /tmp/build-darwin-amd64-connect
- name : Check out code
commands :
- set -u
- mkdir -p $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
- cd $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
- git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
- mkdir -p $WORKSPACE_DIR/go/src/github.com/gravitational/webapps
- cd $WORKSPACE_DIR/go/src/github.com/gravitational/webapps
- git clone https://github.com/gravitational/webapps.git .
- git checkout $($WORKSPACE_DIR/go/src/github.com/gravitational/teleport/build.assets/webapps/webapps-version.sh)
- cd $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
- mkdir -m 0700 $WORKSPACE_DIR/.ssh && echo "$GITHUB_PRIVATE_KEY" > $WORKSPACE_DIR/.ssh/id_rsa
&& chmod 600 $WORKSPACE_DIR/.ssh/id_rsa
- ssh-keyscan -H github.com > $WORKSPACE_DIR/.ssh/known_hosts 2>/dev/null
- chmod 600 $WORKSPACE_DIR/.ssh/known_hosts
- GIT_SSH_COMMAND='ssh -i $WORKSPACE_DIR/.ssh/id_rsa -o UserKnownHostsFile=$WORKSPACE_DIR/.ssh/known_hosts
-F /dev/null' git submodule update --init e
- GIT_SSH_COMMAND='ssh -i $WORKSPACE_DIR/.ssh/id_rsa -o UserKnownHostsFile=$WORKSPACE_DIR/.ssh/known_hosts
-F /dev/null' git submodule update --init --recursive webassets || true
- rm -rf $WORKSPACE_DIR/.ssh
- mkdir -p $WORKSPACE_DIR/go/cache
- mkdir -p $WORKSPACE_DIR/go/artifacts
- echo "${DRONE_TAG##v}" > $WORKSPACE_DIR/go/.version.txt
- cat $WORKSPACE_DIR/go/.version.txt
environment :
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
WORKSPACE_DIR : /tmp/build-darwin-amd64-connect
- name : Install Node Toolchain
commands :
- set -u
- export NODE_VERSION=$(make -C $WORKSPACE_DIR/go/src/github.com/gravitational/teleport/build.assets
print-node-version)
- export TOOLCHAIN_DIR=/tmp/build-$DRONE_BUILD_NUMBER-$DRONE_BUILD_CREATED/toolchains
- export NODE_DIR=$TOOLCHAIN_DIR/node-v$NODE_VERSION-darwin-x64
- mkdir -p $TOOLCHAIN_DIR
- curl --silent -O https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION-darwin-x64.tar.gz
- tar -C $TOOLCHAIN_DIR -xzf node-v$NODE_VERSION-darwin-x64.tar.gz
- rm -f node-v$NODE_VERSION-darwin-x64.tar.gz
- export PATH=$NODE_DIR/bin:$PATH
- corepack enable yarn
- echo Node reporting version $(node --version)
- echo Yarn reporting version $(yarn --version)
environment :
WORKSPACE_DIR : /tmp/build-darwin-amd64-connect
- name : Download tsh.pkg artifact from S3
commands :
- set -u
- export VERSION=$(cat $WORKSPACE_DIR/go/.version.txt)
- export S3_PATH="tag/$${DRONE_TAG##v}/"
- aws s3 cp s3://$AWS_S3_BUCKET/teleport/$${S3_PATH}tsh-$${VERSION}.pkg $WORKSPACE_DIR/go/src/github.com/gravitational/
environment :
AWS_ACCESS_KEY_ID :
from_secret : AWS_ACCESS_KEY_ID
AWS_REGION : us-west-2
AWS_S3_BUCKET :
from_secret : AWS_S3_BUCKET
AWS_SECRET_ACCESS_KEY :
from_secret : AWS_SECRET_ACCESS_KEY
GITHUB_PRIVATE_KEY :
from_secret : GITHUB_PRIVATE_KEY
WORKSPACE_DIR : /tmp/build-darwin-amd64-connect
- name : Build Mac artifacts (Teleport Connect)
commands :
- set -u
- export HOME=/Users/$(whoami)
- export TOOLCHAIN_DIR=/tmp/build-$DRONE_BUILD_NUMBER-$DRONE_BUILD_CREATED/toolchains
- export NODE_VERSION=$(make -C $WORKSPACE_DIR/go/src/github.com/gravitational/teleport/build.assets
print-node-version)
- export NODE_HOME=$TOOLCHAIN_DIR/node-v$NODE_VERSION-darwin-x64
- export PATH=$NODE_HOME/bin:$PATH
- export VERSION=$(make -C $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
print-version)
- export BUILD_NUMBER=$DRONE_BUILD_NUMBER
- security unlock-keychain -p $${BUILDBOX_PASSWORD} login.keychain
- security find-identity -v
- export CSC_NAME=0FFD3E3413AB4C599C53FBB1D8CA690915E33D83
2022-08-26 15:43:16 +00:00
- export DEBUG="electron-*"
2022-08-24 14:38:42 +00:00
- cd $WORKSPACE_DIR/go/src/github.com/gravitational
- pkgutil --expand-full tsh-$${VERSION}.pkg tsh
- export CONNECT_TSH_APP_PATH=$WORKSPACE_DIR/go/src/github.com/gravitational/tsh/Payload/tsh.app
- cd $WORKSPACE_DIR/go/src/github.com/gravitational/webapps
- yarn install && yarn build-term && yarn package-term -c.extraMetadata.version=$VERSION
environment :
APPLE_PASSWORD :
from_secret : APPLE_PASSWORD
APPLE_USERNAME :
from_secret : APPLE_USERNAME
ARCH : amd64
BUILDBOX_PASSWORD :
from_secret : BUILDBOX_PASSWORD
GOCACHE : /tmp/build-darwin-amd64-connect/go/cache
GOPATH : /tmp/build-darwin-amd64-connect/go
OS : darwin
WORKSPACE_DIR : /tmp/build-darwin-amd64-connect
- name : Copy dmg artifact
commands :
- set -u
- cd $WORKSPACE_DIR/go/src/github.com/gravitational/webapps/packages/teleterm/build/release
- cp *.dmg $WORKSPACE_DIR/go/artifacts
- cd $WORKSPACE_DIR/go/artifacts && for FILE in *.dmg; do shasum -a 256 "$FILE"
> "$FILE.sha256"; done && ls -l
environment :
WORKSPACE_DIR : /tmp/build-darwin-amd64-connect
- name : Upload to S3
commands :
- set -u
- cd $WORKSPACE_DIR/go/artifacts
- aws s3 sync . s3://$AWS_S3_BUCKET/teleport/tag/${DRONE_TAG##v}
environment :
AWS_ACCESS_KEY_ID :
from_secret : AWS_ACCESS_KEY_ID
AWS_REGION : us-west-2
AWS_S3_BUCKET :
from_secret : AWS_S3_BUCKET
AWS_SECRET_ACCESS_KEY :
from_secret : AWS_SECRET_ACCESS_KEY
WORKSPACE_DIR : /tmp/build-darwin-amd64-connect
- name : Register artifact
commands :
- WORKSPACE_DIR=$${WORKSPACE_DIR:-/}
- VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt")
- RELEASES_HOST='https://releases-staging.platform.teleport.sh'
- echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt"
- echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key"
- trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT
- CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key"
- which curl || apk add --no-cache curl
- |-
cd "$WORKSPACE_DIR/go/artifacts"
find . -type f ! -iname '*.sha256' ! -iname '*-unsigned.zip*' | while read -r file; do
# Skip files that are not results of this build
# (e.g. tarballs from which OS packages are made)
[ -f "$file.sha256" ] || continue
name="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z
description="MacOS Intel"
products="$name"
if [ "$name" = "tsh" ]; then
products="teleport teleport-ent"
2022-09-09 14:15:54 +00:00
elif [ "$name" = "Teleport Connect" -o "$name" = "teleport-connect" ]; then
2022-08-24 14:38:42 +00:00
description="Teleport Connect"
products="teleport teleport-ent"
fi
shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)"
curl $CREDENTIALS --fail -o /dev/null -F description="$description" -F os="darwin" -F arch="amd64" -F "file=@$file" -F "sha256=$shasum" "$RELEASES_HOST/assets";
for product in $products; do
status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases")
if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then
echo "curl HTTP status: $status_code"
cat $WORKSPACE_DIR/curl_out.txt
exit 1
fi
curl $CREDENTIALS --fail -o /dev/null -X PUT "$RELEASES_HOST/releases/$product@$VERSION/assets/$(basename "$file" | sed 's/ /%20/g')"
done
done
environment :
RELEASES_CERT :
from_secret : RELEASES_CERT_STAGING
RELEASES_KEY :
from_secret : RELEASES_KEY_STAGING
WORKSPACE_DIR : /tmp/build-darwin-amd64-connect
failure : ignore
- name : Clean up toolchains (post)
commands :
- set -u
- rm -rf /tmp/build-$DRONE_BUILD_NUMBER-$DRONE_BUILD_CREATED
environment :
WORKSPACE_DIR : /tmp/build-darwin-amd64-connect
when :
status :
- success
- failure
- name : Clean up exec runner storage (post)
commands :
- set -u
- chmod -R u+rw $WORKSPACE_DIR
- rm -rf $WORKSPACE_DIR/go $WORKSPACE_DIR/.ssh
environment :
WORKSPACE_DIR : /tmp/build-darwin-amd64-connect
---
2020-06-25 17:29:10 +00:00
kind : signature
2022-09-28 10:59:33 +00:00
hmac : 707c836fc9c2d0b3ee8074d258b3723651a6e53dcada5b5fcf0417b10f455b45
2020-06-25 17:29:10 +00:00
...