Bumps the go group in /build.assets/tooling with 2 updates: [golang.org/x/mod](https://github.com/golang/mod) and [golang.org/x/oauth2](https://github.com/golang/oauth2).
Updates `golang.org/x/mod` from 0.12.0 to 0.13.0
- [Commits](https://github.com/golang/mod/compare/v0.12.0...v0.13.0)
Updates `golang.org/x/oauth2` from 0.12.0 to 0.13.0
- [Commits](https://github.com/golang/oauth2/compare/v0.12.0...v0.13.0)
---
updated-dependencies:
- dependency-name: golang.org/x/mod
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
- dependency-name: golang.org/x/oauth2
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: go
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
When checking GHA logs of OS Compatibility build, I notice info log
```
The repository will be downloaded using the GitHub REST API
To create a local Git repository instead, add Git 2.18 or higher to the PATH
```
suggesting that our self-compiled git is not being used. For some reason out git binary was installed in /usr/local/usr/local/bin/git. I removed the additional /usr/local prefix to install the binary in the correct directory. I also updated git to the latest version.
* Revise Docker handling in OS compatibility script
This commit revises how Docker containers are interacted with in build-test-compat.sh. Optimized Docker image pulling process by pulling images in parallel to speed up the testing process. Makefile targets in Github workflow are also parallelized to speed up the build process.
* Simplify and parallel docker logic
https://github.com/GoogleContainerTools/distroless#debian-12
Note that the debian12 images no longer include OpenSSL, which we
don't need anyway, as we statically link our own copy for tsh and
other purposes.
Also, add Debian 12 to various places, as a supported OS.
Other included changes:
* Remove Debian 8 and 9, as they aren't receiving any security updates.
* Standardize how we select which distroless release to use.
* Ensure a specific distroless version is used instead of latest.
* Add new Amazon Linux and Oracle Linux releases to compatibility testing.
* Correct s/MacOS/macOS/ in install script.
`e` companion -- https://github.com/gravitational/teleport.e/pull/2154
* Dont allow directly dialing to servers not in inventory
add direct dial escape hatch
* Fix failing unit test
* Fix TestProxySSH
* Fix TestTraitsPropagation
* resolve comment
* fix non-multiplexed trusted cluster setup in tsh test suite
* Fix TestProxySSH
* wait on nodes
* Skip the flaky check for TestSSHLoadAllCAs
---------
Co-authored-by: Forrest Marshall <forrest@goteleport.com>
* build: Build webassets for CentOS 7 with Ubuntu buildbox
Build the webassets for the CentOS 7 binaries using the standard Ubuntu
buildbox prior to building the binaries. This allows us to use a later
version of node.js to build the UI than what is available on CentOS 7.
The `release-unix` and `clean` targets need to be rejigged a little as
`release-unix` first cleans any pre-build webassets. So we add a new
target `release-unix-preserving-webassets` that only cleans the build
and not the webassets and update the Makefile in `build.assets` to call
this new target when building CentOS 7 binaries.
* build: Conditionally build enterprise webassets
Only build enterprise webassets if the enterprise submodule is present.
For a normal release, this will always be the case, but for local
testing and people wishing to build just the OSS release, the enterprise
submodule may not be present.
* build: Build webassets with buildbox-connect
Use the Teleport Connect buildbox for building the webassets. That
ensures the same version of node is used for building all the node
stuff; the web UI as well as Teleport Connect. It makes maintenance of
the buildboxes easier as we can move to using only the one buildbox for
node in the future.
* build: Pre-build webassets for non-centos7 build targets
Add a dependency on `webassets` for the non-centos7 fips build/release
targets in build.assets/Makefile. These targets were recently changed to
actually use centos7 anyway, so we do need to pre-build webassets as
centos7 will soon no longer be able to build them.
NOTE: These updated targets should probably be removed. They are
effectively duplicates of their centos7 counterparts now and should
probably just chain to those targets. The `release-fips` target is
actually broken at the moment as it needs to use `scl enable ...` to
build now it uses centos7.
* Replace "standard Ubuntu buildbox" in comments with buildbox-connect
---------
Co-authored-by: Grzegorz Zdunek <grzegorz.zdunek@goteleport.com>
Co-authored-by: Grzegorz Zdunek <gzdunek@users.noreply.github.com>
Included a comment at the top of the Dockerfile used for Continuous Integration (CI) to not use it for anything else than CI. We have had multiple incidents of people accidentally breaking the production build by changing this image. Currently none of our production builds are using it, but the history shows that this will probably change soon...
* Refactor ARM build process and environment setup
This commit changes the ARM build process by updating the build tools. The `CC` environment variable in Makefile was changed from `arm-linux-gnueabihf-gcc` to `arm-linux-gnueabi-gcc` to match the new setup.
Our Dockerfile-arm has been rewritten to use Debian 11 image instead of re-using CI Ubuntu image to match glibc version on distroless images.
* Fix ARM build process and environment setup
Fixed the ARM build process by updating the C compiler set in the Makefile and simplifying Dockerfile dependencies for the build. De-cluttered Makefile for streamlining build process. Replaced the usage of an incorrect C compiler in the Makefile and reduced the number of dependencies in Dockerfile-arm to only those necessary for building on ARM. Fixed build errors that prevented successful compilation on ARM.
* Remove RUST_VERSION as it's not being used in the ARM Dockerfile
* Fix typo
Co-authored-by: Isaiah Becker-Mayer <isaiah@goteleport.com>
* Address code review comments
* Fix typo
Co-authored-by: Reed Loden <reed@goteleport.com>
* Update Dockerfile to clean up temporary node file and improve variable usage
The Dockerfile has been updated to delete the temporary node file after use to reduce unnecessary space usage. Additionally, run commands have been adjusted to use double quotes around variables for better compatibility and safety. Lastly, a comment is added to explain the reason behind the persistence of CI user creation in the image.
---------
Co-authored-by: Isaiah Becker-Mayer <isaiah@goteleport.com>
Co-authored-by: Reed Loden <reed@goteleport.com>
* Event Schema protoc plugin, initial commit
* Generate mappings + dump table and schema views
* Add license headers
* Add license headers pt.2
* go mod tidy
* go mod tidy pt.2
* goimports
* Address feedback: consistent order, document rebuild, drop eventype mapping
* Reduce the list of queryable events
* Remove stale comment
* fixup! Address feedback: consistent order, document rebuild, drop eventype mapping
* Fix view generation
- support nested dmlTypes (`array(map(...))`)
- support fields with `.` in their names
- use same function to generate field names for view and table
- use leading commas when generating schema views
* display event_date and event_table in tableSchema + add tests
* Add docstrings
* Address jakule's feedback
* Address marco's feedback
* Convert Fields from a map to a list of fields
* lint
* Fix kube operator cross compilation.
* Update .drone and generation logic
* Update compiler name used by Drone
* Use arm-linux-gnueabihf-gcc for ARM builds
* Sign .drone.yml
* Build version checker - multiple fixes
In several files, the command 'go run' has been updated to 'CC=gcc go run'. This ensures that gcc is used when compiling the Go code, to provide better cross platform support. Prior to this change, the Go compiler was making platform specific builds.
This was a significant issue with the 'kube operator' goal where the built binary could not operate across different platforms.
The change has been applied consistently throughout the codebase in 'Makefile', 'container_image_triggers.go', 'version.mk', 'os_repos.go', and 'build.assets/Makefile' files. Compliance with this new standard should be maintained going forward for any new compilation requests.
* Update .drone.yml
* Replace CC=gcc environment variable with CGO_ENABLED=0
The CC=gcc environment variable was replaced with CGO_ENABLED=0 as CGO is not needed.
* Update .drone.yml
Tagging a release with an invalid semver string (especially an almost-but-
not-quite-valid semver string) can cause an incorrect environment to be
selected when publishing packages during promotion, with the attendant
risk of polluting production artefact repositories.
This change attempts to force the use of correctly-formed semver strings by
- validating the semver string on application (i.e. as part of make version)
- validating that the GITTAG value used to trigger a build is valid semver, and
- as a harm reduction measure, changing the semver check tool to interpret
an invalid semver string as if it had pre-release or build metadata.
This is a backstop, just in case a malformed tag sneaks through outside of
our automation.
Changelog: none
* Fix init_hook for Fish users
* Move development tools to "latest"
* Use Buf and OpenSSL formulas
* Use rust and yarn formulas
* Bump Go version
* Update lock files
* Use Debian as base image for the operator build
Stop using the buildbox for building the K8S operator to pin down Glibc version.
* Refactor Dockerfile to make installations cleaner
This commit refactors the Dockerfile used in integrations/operator to clean up dependencies installations. This change was essential to make the installation lines concise and improve the readability of the document. Now, all the elements are installed independently using 'no-install-recommends', which is helpful in controlling unnecessary package installations.
* Add ca-certificates package and centralize versioning
Added installation of 'ca-certificates' in operator's Dockerfile to fix SSL related issues. Removed hardcoded tooling versions in Makefile and created 'versions.mk', a single include file for all Makefiles to manage tool versions in one place. This change ensures consistency of versions across different builds and makes version upgrades easier to implement.
* Formatting changes
* I've no idea if this makes any difference, but all other places use this order