self-hosted/teleport
self-hosted/teleport
1
0
Fork 0
mirror of https://github.com/gravitational/teleport synced 2024-10-21 17:53:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add Drone builds on push to branch (#5292)

Browse source
This commit is contained in:
Gus Luxton 2021-01-15 17:08:07 -04:00 committed by GitHub
parent b36d4c4dd7
commit 8f04136f8f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 704 additions and 105 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

809
.drone.yml
View file

@ -196,109 +196,6 @@ volumes:
temp:
medium: memory
---
kind: pipeline
type: kubernetes
name: build-on-push
environment:
RUNTIME: go1.15.5
UID: 1000
GID: 1000
trigger:
event:
include:
- push
exclude:
- pull_request
branch:
include:
- master
- branch/*
- stratus
repo:
include:
- gravitational/*
workspace:
path: /go
clone:
disable: true
steps:
- name: Check out code
image: docker:git
environment:
GITHUB_PRIVATE_KEY:
from_secret: GITHUB_PRIVATE_KEY
commands:
- mkdir -p /go/src/github.com/gravitational/teleport /go/cache
- cd /go/src/github.com/gravitational/teleport
- git init && git remote add origin ${DRONE_REMOTE_URL}
- git fetch origin
- git checkout -qf ${DRONE_COMMIT_SHA}
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
- git submodule update --init webassets || true
- mkdir -m 0700 /root/.ssh && echo "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa && chmod 600 /root/.ssh/id_rsa
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
- git submodule update --init e
# do a recursive submodule checkout to get both webassets and webassets/e
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
- git submodule update --init --recursive webassets || true
- rm -f /root/.ssh/id_rsa
- name: Pull buildbox image
image: docker
volumes:
- name: dockersock
path: /var/run
commands:
- apk add --no-cache make
- chown -R $UID:$GID /go
- docker pull quay.io/gravitational/teleport-buildbox:$RUNTIME || true
- name: Build release
image: docker
environment:
GOPATH: /go
volumes:
- name: dockersock
path: /var/run
commands:
- apk add --no-cache make
- chown -R $UID:$GID /go
- cd /go/src/github.com/gravitational/teleport
- make -C build.assets release
- name: Send Slack notification
image: plugins/slack
settings:
webhook:
from_secret: SLACK_WEBHOOK_DEV_TELEPORT
channel: dev-teleport
template: |
*{{#success build.status}}✔{{ else }}✘{{/success}} {{ uppercasefirst build.status }}: Build #{{ build.number }}* (type: `{{ build.event }}`)
Commit: <https://github.com/{{ repo.owner }}/{{ repo.name }}/commit/{{ build.commit }}|{{ truncate build.commit 8 }}>
Branch: <https://github.com/{{ repo.owner }}/{{ repo.name }}/commits/{{ build.branch }}|{{ build.branch }}>
Author: <https://github.com/{{ build.author }}|{{ build.author }}>
<{{ build.link }}|Visit Drone build page ↗>
*Warning:* This is a genuine failure to build the Teleport binary from a branch (likely due to a bad merge or commit) and should be investigated immediately.
when:
status: [failure]
services:
- name: Start Docker
image: docker:dind
volumes:
- name: dockersock
path: /var/run
volumes:
- name: dockersock
temp: {}
---
kind: pipeline
type: kubernetes
@ -470,6 +367,708 @@ volumes:
temp:
medium: memory
---
kind: pipeline
type: kubernetes
name: push-build-linux-amd64
environment:
RUNTIME: go1.15.5
UID: 1000
GID: 1000
trigger:
event:
include:
- push
exclude:
- pull_request
branch:
include:
- master
- branch/*
repo:
include:
- gravitational/*
workspace:
path: /go
clone:
disable: true
steps:
- name: Check out code
image: docker:git
environment:
GITHUB_PRIVATE_KEY:
from_secret: GITHUB_PRIVATE_KEY
commands:
- mkdir -p /go/src/github.com/gravitational/teleport /go/cache
- cd /go/src/github.com/gravitational/teleport
- git init && git remote add origin ${DRONE_REMOTE_URL}
- git fetch origin
- git checkout -qf ${DRONE_COMMIT_SHA}
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
- git submodule update --init webassets || true
- mkdir -m 0700 /root/.ssh && echo "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa && chmod 600 /root/.ssh/id_rsa
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
- git submodule update --init e
# do a recursive submodule checkout to get both webassets and webassets/e
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
- git submodule update --init --recursive webassets || true
- rm -f /root/.ssh/id_rsa
- name: Build artifacts
image: docker
environment:
UID: 1000
GID: 1000
GOPATH: /go
OS: linux
ARCH: amd64
volumes:
- name: dockersock
path: /var/run
commands:
- apk add --no-cache make
- chown -R $UID:$GID /go
- docker pull quay.io/gravitational/teleport-buildbox:$RUNTIME || true
- cd /go/src/github.com/gravitational/teleport
- make -C build.assets release OS=$OS ARCH=$ARCH RUNTIME=$RUNTIME
- name: Send Slack notification
image: plugins/slack
settings:
webhook:
from_secret: SLACK_WEBHOOK_DEV_TELEPORT
channel: dev-teleport
template: |
*{{#success build.status}}✔{{ else }}✘{{/success}} {{ uppercasefirst build.status }}: Build #{{ build.number }}* (type: `{{ build.event }}`)
`linux-amd64` artifact build failed.
*Warning:* This is a genuine failure to build the Teleport binary from `{{ build.branch }}` (likely due to a bad merge or commit) and should be investigated immediately.
Commit: <https://github.com/{{ repo.owner }}/{{ repo.name }}/commit/{{ build.commit }}|{{ truncate build.commit 8 }}>
Branch: <https://github.com/{{ repo.owner }}/{{ repo.name }}/commits/{{ build.branch }}|{{ build.branch }}>
Author: <https://github.com/{{ build.author }}|{{ build.author }}>
<{{ build.link }}|Visit Drone build page ↗>
when:
status: [failure]
services:
- name: Start Docker
image: docker:dind
volumes:
- name: dockersock
path: /var/run
volumes:
- name: dockersock
temp: {}
---
kind: pipeline
type: kubernetes
name: push-build-linux-i386
environment:
RUNTIME: go1.15.5
UID: 1000
GID: 1000
trigger:
event:
include:
- push
exclude:
- pull_request
branch:
include:
- master
- branch/*
repo:
include:
- gravitational/*
workspace:
path: /go
clone:
disable: true
steps:
- name: Check out code
image: docker:git
environment:
GITHUB_PRIVATE_KEY:
from_secret: GITHUB_PRIVATE_KEY
commands:
- mkdir -p /go/src/github.com/gravitational/teleport /go/cache
- cd /go/src/github.com/gravitational/teleport
- git init && git remote add origin ${DRONE_REMOTE_URL}
- git fetch origin
- git checkout -qf ${DRONE_COMMIT_SHA}
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
- git submodule update --init webassets || true
- mkdir -m 0700 /root/.ssh && echo "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa && chmod 600 /root/.ssh/id_rsa
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
- git submodule update --init e
# do a recursive submodule checkout to get both webassets and webassets/e
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
- git submodule update --init --recursive webassets || true
- rm -f /root/.ssh/id_rsa
- name: Build artifacts
image: docker
environment:
UID: 1000
GID: 1000
GOPATH: /go
OS: linux
ARCH: 386
volumes:
- name: dockersock
path: /var/run
commands:
- apk add --no-cache make
- chown -R $UID:$GID /go
- docker pull quay.io/gravitational/teleport-buildbox:$RUNTIME || true
- cd /go/src/github.com/gravitational/teleport
- make -C build.assets release OS=$OS ARCH=$ARCH RUNTIME=$RUNTIME
- name: Send Slack notification
image: plugins/slack
settings:
webhook:
from_secret: SLACK_WEBHOOK_DEV_TELEPORT
channel: dev-teleport
template: |
*{{#success build.status}}✔{{ else }}✘{{/success}} {{ uppercasefirst build.status }}: Build #{{ build.number }}* (type: `{{ build.event }}`)
`linux-386` artifact build failed.
*Warning:* This is a genuine failure to build the Teleport binary from `{{ build.branch }}` (likely due to a bad merge or commit) and should be investigated immediately.
Commit: <https://github.com/{{ repo.owner }}/{{ repo.name }}/commit/{{ build.commit }}|{{ truncate build.commit 8 }}>
Branch: <https://github.com/{{ repo.owner }}/{{ repo.name }}/commits/{{ build.branch }}|{{ build.branch }}>
Author: <https://github.com/{{ build.author }}|{{ build.author }}>
<{{ build.link }}|Visit Drone build page ↗>
when:
status: [failure]
services:
- name: Start Docker
image: docker:dind
volumes:
- name: dockersock
path: /var/run
volumes:
- name: dockersock
temp: {}
---
kind: pipeline
type: kubernetes
name: push-build-linux-amd64-fips
environment:
RUNTIME: go1.15.5
UID: 1000
GID: 1000
trigger:
event:
include:
- push
exclude:
- pull_request
branch:
include:
- master
- branch/*
repo:
include:
- gravitational/*
workspace:
path: /go
clone:
disable: true
steps:
- name: Check out code
image: docker:git
environment:
GITHUB_PRIVATE_KEY:
from_secret: GITHUB_PRIVATE_KEY
commands:
- mkdir -p /go/src/github.com/gravitational/teleport /go/cache
- cd /go/src/github.com/gravitational/teleport
- git init && git remote add origin ${DRONE_REMOTE_URL}
- git fetch origin
- git checkout -qf ${DRONE_COMMIT_SHA}
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
- git submodule update --init webassets || true
- mkdir -m 0700 /root/.ssh && echo "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa && chmod 600 /root/.ssh/id_rsa
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
- git submodule update --init e
# do a recursive submodule checkout to get both webassets and webassets/e
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
- git submodule update --init --recursive webassets || true
- rm -f /root/.ssh/id_rsa
# set version
- if [[ "${DRONE_TAG}" != "" ]]; then echo "${DRONE_TAG##v}" > /go/.version.txt; else egrep ^VERSION Makefile | cut -d= -f2 > /go/.version.txt; fi; cat /go/.version.txt
- name: Build FIPS artifacts
image: docker
environment:
UID: 1000
GID: 1000
GOPATH: /go
OS: linux
ARCH: amd64
FIPS: "yes"
volumes:
- name: dockersock
path: /var/run
commands:
- apk add --no-cache make
- chown -R $UID:$GID /go
- docker pull quay.io/gravitational/teleport-buildbox-fips:$RUNTIME || true
- cd /go/src/github.com/gravitational/teleport
- export VERSION=$(cat /go/.version.txt)
- make -C build.assets release-fips VERSION=$VERSION OS=$OS ARCH=$ARCH RUNTIME=$RUNTIME FIPS=$FIPS
- name: Send Slack notification
image: plugins/slack
settings:
webhook:
from_secret: SLACK_WEBHOOK_DEV_TELEPORT
channel: dev-teleport
template: |
*{{#success build.status}}✔{{ else }}✘{{/success}} {{ uppercasefirst build.status }}: Build #{{ build.number }}* (type: `{{ build.event }}`)
`linux-amd64-fips` artifact build failed.
*Warning:* This is a genuine failure to build the Teleport binary from `{{ build.branch }}` (likely due to a bad merge or commit) and should be investigated immediately.
Commit: <https://github.com/{{ repo.owner }}/{{ repo.name }}/commit/{{ build.commit }}|{{ truncate build.commit 8 }}>
Branch: <https://github.com/{{ repo.owner }}/{{ repo.name }}/commits/{{ build.branch }}|{{ build.branch }}>
Author: <https://github.com/{{ build.author }}|{{ build.author }}>
<{{ build.link }}|Visit Drone build page ↗>
when:
status: [failure]
services:
- name: Start Docker
image: docker:dind
volumes:
- name: dockersock
path: /var/run
volumes:
- name: dockersock
temp: {}
---
kind: pipeline
type: kubernetes
name: push-build-windows-amd64
environment:
RUNTIME: go1.15.5
UID: 1000
GID: 1000
trigger:
event:
include:
- push
exclude:
- pull_request
branch:
include:
- master
- branch/*
repo:
include:
- gravitational/*
workspace:
path: /go
clone:
disable: true
steps:
- name: Check out code
image: docker:git
environment:
GITHUB_PRIVATE_KEY:
from_secret: GITHUB_PRIVATE_KEY
commands:
- mkdir -p /go/src/github.com/gravitational/teleport /go/cache
- cd /go/src/github.com/gravitational/teleport
- git init && git remote add origin ${DRONE_REMOTE_URL}
- git fetch origin
- git checkout -qf ${DRONE_COMMIT_SHA}
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
- git submodule update --init webassets || true
- mkdir -m 0700 /root/.ssh && echo "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa && chmod 600 /root/.ssh/id_rsa
- ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts
- git submodule update --init e
# do a recursive submodule checkout to get both webassets and webassets/e
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
- git submodule update --init --recursive webassets || true
- rm -f /root/.ssh/id_rsa
- name: Build artifacts
image: docker
environment:
UID: 1000
GID: 1000
GOPATH: /go
OS: windows
ARCH: amd64
volumes:
- name: dockersock
path: /var/run
commands:
- apk add --no-cache make
- chown -R $UID:$GID /go
- docker pull quay.io/gravitational/teleport-buildbox:$RUNTIME || true
- cd /go/src/github.com/gravitational/teleport
- make -C build.assets release OS=$OS ARCH=$ARCH RUNTIME=$RUNTIME
- name: Send Slack notification
image: plugins/slack
settings:
webhook:
from_secret: SLACK_WEBHOOK_DEV_TELEPORT
channel: dev-teleport
template: |
*{{#success build.status}}✔{{ else }}✘{{/success}} {{ uppercasefirst build.status }}: Build #{{ build.number }}* (type: `{{ build.event }}`)
`windows-amd64` artifact build failed.
*Warning:* This is a genuine failure to build the Teleport binary from `{{ build.branch }}` (likely due to a bad merge or commit) and should be investigated immediately.
Commit: <https://github.com/{{ repo.owner }}/{{ repo.name }}/commit/{{ build.commit }}|{{ truncate build.commit 8 }}>
Branch: <https://github.com/{{ repo.owner }}/{{ repo.name }}/commits/{{ build.branch }}|{{ build.branch }}>
Author: <https://github.com/{{ build.author }}|{{ build.author }}>
<{{ build.link }}|Visit Drone build page ↗>
when:
status: [failure]
services:
- name: Start Docker
image: docker:dind
volumes:
- name: dockersock
path: /var/run
volumes:
- name: dockersock
temp: {}
---
kind: pipeline
type: exec
name: push-build-darwin-amd64
concurrency:
limit: 1
platform:
os: darwin
arch: amd64
trigger:
event:
include:
- push
exclude:
- pull_request
branch:
include:
- master
- branch/*
repo:
include:
- gravitational/*
workspace:
path: /tmp/push-build-darwin-amd64
clone:
disable: true
steps:
- name: Set up exec runner storage
environment:
WORKSPACE_DIR: /tmp/push-build-darwin-amd64
commands:
- set -u
- mkdir -p $WORKSPACE_DIR
- chmod -R u+rw $WORKSPACE_DIR
- rm -rf $WORKSPACE_DIR/go $WORKSPACE_DIR/.ssh
- name: Check out code
environment:
GITHUB_PRIVATE_KEY:
from_secret: GITHUB_PRIVATE_KEY
WORKSPACE_DIR: /tmp/push-build-darwin-amd64
commands:
- set -u
- mkdir -p $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
- cd $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
- git clone https://github.com/gravitational/teleport.git .
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
# fetch enterprise submodules
# suppressing the newline on the end of the private key makes git operations fail on MacOS
# with an error like 'Load key "/path/.ssh/id_rsa": invalid format'
- mkdir -m 0700 $WORKSPACE_DIR/.ssh && echo "$GITHUB_PRIVATE_KEY" > $WORKSPACE_DIR/.ssh/id_rsa && chmod 600 $WORKSPACE_DIR/.ssh/id_rsa
- ssh-keyscan -H github.com > $WORKSPACE_DIR/.ssh/known_hosts 2>/dev/null
- chmod 600 $WORKSPACE_DIR/.ssh/known_hosts
- GIT_SSH_COMMAND='ssh -i $WORKSPACE_DIR/.ssh/id_rsa -o UserKnownHostsFile=$WORKSPACE_DIR/.ssh/known_hosts -F /dev/null' git submodule update --init e
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
- GIT_SSH_COMMAND='ssh -i $WORKSPACE_DIR/.ssh/id_rsa -o UserKnownHostsFile=$WORKSPACE_DIR/.ssh/known_hosts -F /dev/null' git submodule update --init --recursive webassets || true
- rm -rf $WORKSPACE_DIR/.ssh
- mkdir -p $WORKSPACE_DIR/go/cache
- name: Build Mac artifacts
environment:
GOPATH: /tmp/push-build-darwin-amd64/go
GOCACHE: /tmp/push-build-darwin-amd64/go/cache
OS: darwin
ARCH: amd64
WORKSPACE_DIR: /tmp/push-build-darwin-amd64
commands:
- set -u
- cd $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
- make clean release OS=$OS ARCH=$ARCH
- name: Clean up exec runner storage (post)
environment:
WORKSPACE_DIR: /tmp/push-build-darwin-amd64
commands:
- set -u
- chmod -R u+rw $WORKSPACE_DIR
- rm -rf $WORKSPACE_DIR/go $WORKSPACE_DIR/.ssh
- name: Send Slack notification (exec)
environment:
SLACK_WEBHOOK:
from_secret: SLACK_WEBHOOK_DEV_TELEPORT
commands:
- |
export DRONE_BUILD_LINK="${DRONE_SYSTEM_PROTO}://${DRONE_SYSTEM_HOSTNAME}/${DRONE_REPO_OWNER}/${DRONE_REPO_NAME}/${DRONE_BUILD_NUMBER}"
export GOOS=$(go env GOOS)
export GOARCH=$(go env GOARCH)
curl -sL -X POST -H 'Content-type: application/json' --data "{\"text\":\"Warning: \`$GOOS-$GOARCH\` artifact build failed - please investigate immediately!\nBranch: \`${DRONE_BRANCH}\`\nCommit: \`${DRONE_COMMIT_SHA}\`\nLink: $DRONE_BUILD_LINK\"}" $SLACK_WEBHOOK
when:
status: [failure]
---
kind: pipeline
type: exec
name: push-build-arm
concurrency:
limit: 1
platform:
os: linux
arch: arm
trigger:
event:
include:
- push
exclude:
- pull_request
branch:
include:
- master
- branch/*
repo:
include:
- gravitational/*
workspace:
path: /dev/shm/push-build-arm
# use ramfs for go build cache - saves wear and tear on the SD card, plus it's faster
# note: declaring the WORKSPACE_DIR variable once in this block and then trying to
# quote it in commands below doesn't seem to work; it has to be redeclared as part of
# the environment inside every individual step. per-pipeline environments seem to be
# inconsistently implemented across different drone runners and may well be deprecated
environment:
TMPDIR: /dev/shm/push-build-arm/tmp
clone:
disable: true
steps:
- name: Clean up exec runner storage (pre)
environment:
WORKSPACE_DIR: /dev/shm/push-build-arm/tmp
commands:
- set -u
- mkdir -p $WORKSPACE_DIR
- chmod -R u+rw $WORKSPACE_DIR
- rm -rf $WORKSPACE_DIR/go $WORKSPACE_DIR/.ssh
- name: Check out code
environment:
GITHUB_PRIVATE_KEY:
from_secret: GITHUB_PRIVATE_KEY
WORKSPACE_DIR: /dev/shm/push-build-arm/tmp
commands:
- set -u
- mkdir -p $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
- cd $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
- git clone https://github.com/gravitational/teleport.git .
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
# fetch enterprise submodules
- mkdir -m 0700 $WORKSPACE_DIR/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > $WORKSPACE_DIR/.ssh/id_rsa && chmod 600 $WORKSPACE_DIR/.ssh/id_rsa
- ssh-keyscan -H github.com > $WORKSPACE_DIR/.ssh/known_hosts 2>/dev/null
- chmod 600 $WORKSPACE_DIR/.ssh/known_hosts
- GIT_SSH_COMMAND='ssh -i $WORKSPACE_DIR/.ssh/id_rsa -o UserKnownHostsFile=$WORKSPACE_DIR/.ssh/known_hosts -F /dev/null' git submodule update --init e
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
- GIT_SSH_COMMAND='ssh -i $WORKSPACE_DIR/.ssh/id_rsa -o UserKnownHostsFile=$WORKSPACE_DIR/.ssh/known_hosts -F /dev/null' git submodule update --init --recursive webassets || true
- rm -rf $WORKSPACE_DIR/.ssh
- mkdir -p $WORKSPACE_DIR/go/cache
- name: Build ARM artifacts
environment:
GOPATH: /dev/shm/push-build-arm/tmp/go
GOCACHE: /dev/shm/push-build-arm/tmp/go/cache
OS: linux
ARCH: arm
WORKSPACE_DIR: /dev/shm/push-build-arm/tmp
commands:
- set -u
- cd $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
- make clean release OS=$OS ARCH=$ARCH
- name: Clean up exec runner storage (post)
environment:
WORKSPACE_DIR: /dev/shm/push-build-arm/tmp
commands:
- set -u
- chmod -R u+rw $WORKSPACE_DIR
- rm -rf $WORKSPACE_DIR/go $WORKSPACE_DIR/.ssh
- name: Send Slack notification (exec)
environment:
SLACK_WEBHOOK:
from_secret: SLACK_WEBHOOK_DEV_TELEPORT
commands:
- |
export DRONE_BUILD_LINK="${DRONE_SYSTEM_PROTO}://${DRONE_SYSTEM_HOSTNAME}/${DRONE_REPO_OWNER}/${DRONE_REPO_NAME}/${DRONE_BUILD_NUMBER}"
export GOOS=$(go env GOOS)
export GOARCH=$(go env GOARCH)
curl -sL -X POST -H 'Content-type: application/json' --data "{\"text\":\"Warning: \`$GOOS-$GOARCH\` artifact build failed - please investigate immediately!\nBranch: \`${DRONE_BRANCH}\`\nCommit: \`${DRONE_COMMIT_SHA}\`\nLink: $DRONE_BUILD_LINK\"}" $SLACK_WEBHOOK
when:
status: [failure]
---
kind: pipeline
type: exec
name: push-build-arm64
concurrency:
limit: 1
platform:
os: linux
arch: arm64
trigger:
event:
include:
- push
exclude:
- pull_request
branch:
include:
- master
- branch/*
repo:
include:
- gravitational/*
workspace:
path: /dev/shm/push-build-arm64
# use ramfs for go build cache
# note: declaring the WORKSPACE_DIR variable once in this block and then trying to
# quote it in commands below doesn't seem to work; it has to be redeclared as part of
# the environment inside every individual step. per-pipeline environments seem to be
# inconsistently implemented across different drone runners and may well be deprecated
environment:
TMPDIR: /dev/shm/push-build-arm64/tmp
clone:
disable: true
steps:
- name: Clean up exec runner storage (pre)
environment:
WORKSPACE_DIR: /dev/shm/push-build-arm64/tmp
commands:
- set -u
- mkdir -p $WORKSPACE_DIR
- chmod -R u+rw $WORKSPACE_DIR
- rm -rf $WORKSPACE_DIR/go $WORKSPACE_DIR/.ssh
- name: Check out code
environment:
GITHUB_PRIVATE_KEY:
from_secret: GITHUB_PRIVATE_KEY
WORKSPACE_DIR: /dev/shm/push-build-arm64/tmp
commands:
- set -u
- mkdir -p $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
- cd $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
- git clone https://github.com/gravitational/teleport.git .
- git checkout ${DRONE_TAG:-$DRONE_COMMIT}
# fetch enterprise submodules
- mkdir -m 0700 $WORKSPACE_DIR/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > $WORKSPACE_DIR/.ssh/id_rsa && chmod 600 $WORKSPACE_DIR/.ssh/id_rsa
- ssh-keyscan -H github.com > $WORKSPACE_DIR/.ssh/known_hosts 2>/dev/null
- chmod 600 $WORKSPACE_DIR/.ssh/known_hosts
- GIT_SSH_COMMAND='ssh -i $WORKSPACE_DIR/.ssh/id_rsa -o UserKnownHostsFile=$WORKSPACE_DIR/.ssh/known_hosts -F /dev/null' git submodule update --init e
# this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule
- GIT_SSH_COMMAND='ssh -i $WORKSPACE_DIR/.ssh/id_rsa -o UserKnownHostsFile=$WORKSPACE_DIR/.ssh/known_hosts -F /dev/null' git submodule update --init --recursive webassets || true
- rm -rf $WORKSPACE_DIR/.ssh
- mkdir -p $WORKSPACE_DIR/go/cache
- name: Build ARM64 artifacts
environment:
GOPATH: /dev/shm/push-build-arm64/tmp/go
GOCACHE: /dev/shm/push-build-arm64/tmp/go/cache
OS: linux
ARCH: arm64
WORKSPACE_DIR: /dev/shm/push-build-arm64/tmp
commands:
- set -u
- cd $WORKSPACE_DIR/go/src/github.com/gravitational/teleport
- make clean release OS=$OS ARCH=$ARCH
- name: Clean up exec runner storage (post)
environment:
WORKSPACE_DIR: /dev/shm/push-build-arm64/tmp
commands:
- set -u
- chmod -R u+rw $WORKSPACE_DIR
- rm -rf $WORKSPACE_DIR/go $WORKSPACE_DIR/.ssh
- name: Send Slack notification (exec)
environment:
SLACK_WEBHOOK:
from_secret: SLACK_WEBHOOK_DEV_TELEPORT
commands:
- |
export DRONE_BUILD_LINK="${DRONE_SYSTEM_PROTO}://${DRONE_SYSTEM_HOSTNAME}/${DRONE_REPO_OWNER}/${DRONE_REPO_NAME}/${DRONE_BUILD_NUMBER}"
export GOOS=$(go env GOOS)
export GOARCH=$(go env GOARCH)
curl -sL -X POST -H 'Content-type: application/json' --data "{\"text\":\"Warning: \`$GOOS-$GOARCH\` artifact build failed - please investigate immediately!\nBranch: \`${DRONE_BRANCH}\`\nCommit: \`${DRONE_COMMIT_SHA}\`\nLink: $DRONE_BUILD_LINK\"}" $SLACK_WEBHOOK
when:
status: [failure]
---
kind: pipeline
type: kubernetes
@ -710,11 +1309,11 @@ steps:
channel: dev-teleport
template: |
*{{#success build.status}}✔{{ else }}✘{{/success}} {{ uppercasefirst build.status }}: Build #{{ build.number }}* (type: `{{ build.event }}`)
Details: The `teleport-helm-cron` job in Drone failed to publish Helm charts to S3. This is unusual and should be investigated.
Commit: <https://github.com/{{ repo.owner }}/{{ repo.name }}/commit/{{ build.commit }}|{{ truncate build.commit 8 }}>
Branch: <https://github.com/{{ repo.owner }}/{{ repo.name }}/commits/{{ build.branch }}|{{ build.branch }}>
Author: <https://github.com/{{ build.author }}|{{ build.author }}>
<{{ build.link }}|Visit Drone build page ↗>
Details: The `teleport-helm-cron` job in Drone failed to publish Helm charts to S3. This is unusual and should be investigated.
when:
status: [failure]
@ -3407,6 +4006,6 @@ volumes:
---
kind: signature
hmac: 96b46663feb72b582e769ce9b61d406448b497fa385ba69caf609a8a4712f4a2
hmac: 14ba541d0e21b8cb95be6919aec7cb358930af39b331033414df1d0089b276ac
...