mirror of
https://github.com/gravitational/teleport
synced 2024-10-20 01:03:40 +00:00
Restore Build pipeline in CI (#521)
The build pipeline was not carried across from drone to GCB. This patch: - Restores build assets pipeline - Adds submodule checkout for webapps.e in both test and build jobs
This commit is contained in:
parent
06d0515d49
commit
1f139accb8
26
web/.cloudbuild/ci/build.yaml
Normal file
26
web/.cloudbuild/ci/build.yaml
Normal file
|
@ -0,0 +1,26 @@
|
|||
options:
|
||||
machineType: 'E2_HIGHCPU_32'
|
||||
|
||||
availableSecrets:
|
||||
secretManager:
|
||||
- versionName: projects/771512790633/secrets/webapps-e-deployment-key/versions/1
|
||||
env: WEBAPPS_E_DEPLOYMENT_KEY
|
||||
|
||||
steps:
|
||||
- name: golang:1.17
|
||||
id: checkout
|
||||
secretEnv:
|
||||
- WEBAPPS_E_DEPLOYMENT_KEY
|
||||
entrypoint: /bin/bash
|
||||
dir: .cloudbuild/scripts
|
||||
args:
|
||||
- "-c"
|
||||
- "go run ./cmd/checkout -w=/workspace"
|
||||
|
||||
- name: gcr.io/cloud-builders/docker
|
||||
id: build
|
||||
args:
|
||||
- build
|
||||
- '--build-arg'
|
||||
- NPM_SCRIPT=build
|
||||
- .
|
|
@ -1,5 +1,21 @@
|
|||
availableSecrets:
|
||||
secretManager:
|
||||
- versionName: projects/771512790633/secrets/webapps-e-deployment-key/versions/1
|
||||
env: WEBAPPS_E_DEPLOYMENT_KEY
|
||||
|
||||
steps:
|
||||
- name: golang:1.17
|
||||
id: checkout
|
||||
secretEnv:
|
||||
- WEBAPPS_E_DEPLOYMENT_KEY
|
||||
entrypoint: /bin/bash
|
||||
dir: .cloudbuild/scripts
|
||||
args:
|
||||
- "-c"
|
||||
- "go run ./cmd/checkout -w=/workspace"
|
||||
|
||||
- name: gcr.io/cloud-builders/docker
|
||||
id: test
|
||||
args:
|
||||
- build
|
||||
- '--build-arg'
|
||||
|
|
154
web/.cloudbuild/scripts/cmd/checkout/checkout.go
Normal file
154
web/.cloudbuild/scripts/cmd/checkout/checkout.go
Normal file
|
@ -0,0 +1,154 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"flag"
|
||||
"fmt"
|
||||
"log"
|
||||
"os"
|
||||
"os/exec"
|
||||
"path"
|
||||
"path/filepath"
|
||||
|
||||
"github.com/gravitational/trace"
|
||||
)
|
||||
|
||||
func main() {
|
||||
err := innerMain()
|
||||
if err != nil {
|
||||
log.Fatalf("ERROR: %v", err)
|
||||
}
|
||||
}
|
||||
|
||||
type cliArgs struct {
|
||||
workspace string
|
||||
}
|
||||
|
||||
func innerMain() error {
|
||||
args, err := parseCLI()
|
||||
if err != nil {
|
||||
return trace.Wrap(err)
|
||||
}
|
||||
|
||||
// We need to inject deployment keys into the user's SSH config. Note that we
|
||||
// assume we're running as root.
|
||||
err = initSSH()
|
||||
if err != nil {
|
||||
return trace.Wrap(err)
|
||||
}
|
||||
defer cleanupSSH()
|
||||
|
||||
log.Print("Updating submodules...")
|
||||
err = git(args.workspace, "submodule", "update", "--init", "--recursive")
|
||||
if err != nil {
|
||||
return trace.Wrap(err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func parseCLI() (cliArgs, error) {
|
||||
args := cliArgs{}
|
||||
|
||||
flag.StringVar(&args.workspace, "w", "", "Path to the workspace to act on")
|
||||
|
||||
flag.Parse()
|
||||
|
||||
if args.workspace == "" {
|
||||
return cliArgs{}, trace.Errorf("workspace path must be set")
|
||||
}
|
||||
|
||||
var err error
|
||||
args.workspace, err = filepath.Abs(args.workspace)
|
||||
if err != nil {
|
||||
return cliArgs{}, trace.Wrap(err, "Unable to resole absolute path to workspace")
|
||||
}
|
||||
|
||||
return args, nil
|
||||
}
|
||||
|
||||
func initSSH() error {
|
||||
sshConfigDir := path.Join("/", "root", ".ssh")
|
||||
err := os.MkdirAll(sshConfigDir, 0700)
|
||||
if err != nil {
|
||||
return trace.Wrap(err, "failed creating ssh config dir")
|
||||
}
|
||||
|
||||
log.Printf("Configuring known hosts in %s", sshConfigDir)
|
||||
knownHostsFile := path.Join(sshConfigDir, "known_hosts")
|
||||
script := fmt.Sprintf("ssh-keyscan -H github.com > %q 2>/dev/null", knownHostsFile)
|
||||
err = run("/bin/bash", "-c", script)
|
||||
if err != nil {
|
||||
return trace.Wrap(err, "failed adding github.com to known hosts")
|
||||
}
|
||||
err = os.Chmod(knownHostsFile, 0600)
|
||||
if err != nil {
|
||||
return trace.Wrap(err, "failed setting known_hosts permissions")
|
||||
}
|
||||
|
||||
log.Print("Configuring deployment SSH keys")
|
||||
|
||||
key := os.Getenv("WEBAPPS_E_DEPLOYMENT_KEY")
|
||||
if key == "" {
|
||||
return trace.Errorf("webapps.e deployment key not in environment")
|
||||
}
|
||||
|
||||
webappsKeyFile := path.Join(sshConfigDir, "webapps.e")
|
||||
log.Printf("Writing webassets deployment key to %s", webappsKeyFile)
|
||||
err = writeFile(
|
||||
webappsKeyFile,
|
||||
[]byte(key),
|
||||
0600)
|
||||
if err != nil {
|
||||
return trace.Wrap(err, "failed writing deployment SSH key")
|
||||
}
|
||||
|
||||
sshConfigPath := path.Join(sshConfigDir, "config")
|
||||
configFile, err := os.OpenFile(sshConfigPath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0600)
|
||||
if err != nil {
|
||||
return trace.Wrap(err, "failed opening ssh config file %q", sshConfigPath)
|
||||
}
|
||||
defer configFile.Close()
|
||||
|
||||
for _, keyFile := range []string{webappsKeyFile} {
|
||||
_, err := fmt.Fprintf(configFile, "IdentityFile %s\n", keyFile)
|
||||
if err != nil {
|
||||
return trace.Wrap(err, "failed adding deployment SSH key %q", keyFile)
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func cleanupSSH() {
|
||||
os.RemoveAll("/root/.ssh")
|
||||
}
|
||||
|
||||
func git(repoDir string, args ...string) error {
|
||||
return runInDir(repoDir, "/usr/bin/git", args...)
|
||||
}
|
||||
|
||||
func run(cmd string, args ...string) error {
|
||||
return runInDir("", cmd, args...)
|
||||
}
|
||||
|
||||
func runInDir(dir string, cmd string, args ...string) error {
|
||||
p := exec.Command(cmd, args...)
|
||||
p.Dir = dir
|
||||
p.Stdout = os.Stdout
|
||||
p.Stderr = os.Stderr
|
||||
return p.Run()
|
||||
}
|
||||
|
||||
// writeFile is a backport of os.WriteFile() so that we can run this script in
|
||||
// versions of Go older than 1.16
|
||||
func writeFile(name string, data []byte, perm os.FileMode) error {
|
||||
f, err := os.OpenFile(name, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, perm)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
_, err = f.Write(data)
|
||||
if err1 := f.Close(); err1 != nil && err == nil {
|
||||
err = err1
|
||||
}
|
||||
return err
|
||||
}
|
13
web/.cloudbuild/scripts/go.mod
Normal file
13
web/.cloudbuild/scripts/go.mod
Normal file
|
@ -0,0 +1,13 @@
|
|||
module github.com/gravitational/webapps/.cloudbuild/scripts
|
||||
|
||||
go 1.17
|
||||
|
||||
require (
|
||||
github.com/gravitational/trace v1.1.15 // indirect
|
||||
github.com/jonboulle/clockwork v0.2.2 // indirect
|
||||
github.com/sirupsen/logrus v1.8.1 // indirect
|
||||
golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3 // indirect
|
||||
golang.org/x/net v0.0.0-20211216030914-fe4d6282115f // indirect
|
||||
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1 // indirect
|
||||
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 // indirect
|
||||
)
|
19
web/.cloudbuild/scripts/go.sum
Normal file
19
web/.cloudbuild/scripts/go.sum
Normal file
|
@ -0,0 +1,19 @@
|
|||
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
github.com/gravitational/trace v1.1.15 h1:dfaFcARt110nCX6RSvrcRUbvRawEYAasXyCqnhXo0Xg=
|
||||
github.com/gravitational/trace v1.1.15/go.mod h1:RvdOUHE4SHqR3oXlFFKnGzms8a5dugHygGw1bqDstYI=
|
||||
github.com/jonboulle/clockwork v0.2.2 h1:UOGuzwb1PwsrDAObMuhUnj0p5ULPj8V/xJ7Kx9qUBdQ=
|
||||
github.com/jonboulle/clockwork v0.2.2/go.mod h1:Pkfl5aHPm1nk2H9h0bjmnJD/BcgbGXUBGnn1kMkgxc8=
|
||||
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
||||
github.com/sirupsen/logrus v1.8.1 h1:dJKuHgqk1NNQlqoA6BTlM1Wf9DOH3NBjQyu0h9+AZZE=
|
||||
github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
|
||||
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
|
||||
golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3 h1:0es+/5331RGQPcXlMfP+WrnIIS6dNnNRe0WB02W0F4M=
|
||||
golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
|
||||
golang.org/x/net v0.0.0-20211216030914-fe4d6282115f h1:hEYJvxw1lSnWIl8X9ofsYMklzaDs90JI2az5YMd4fPM=
|
||||
golang.org/x/net v0.0.0-20211216030914-fe4d6282115f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
||||
golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1 h1:SrN+KX8Art/Sf4HNj6Zcz06G7VEz+7w9tdXTPOZ7+l4=
|
||||
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E=
|
||||
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
Loading…
Reference in a new issue