* Revert the removal of quintush/helm-unittest
Commit 5d53c91c7a removed
quintush/helm-unittest from the buildbox. It seems we still need that
version so revert those hunks that removed it.
* tests: Fix invalid sudoers file test
Fix the invalid sudoers file test to not look for an exact string but
just a substring. The error message has changed from Ubuntu 20.04 to
22.04 and it has removed some extra wording.
After moving the Connect to a separate Docker image https://github.com/gravitational/teleport/pull/27175 we're able to use the latest ubuntu LTS on our build image. We're not using this image to produce any releases (only CI runs), so updating the image will have no effect on our releases.
* Move Connect build to a new Docker container
* Update comments
* Update comments
Remove unused packages and unused arguments
* Always use UID=1000 for building teleterm.
* Add the babybox Dockerfile and Makefile
* Change Makefiles to use the babybox
* Change buildbox to use version args
* Keep the old "if BUILDARCH" on protoc install
* Drop --platform directive on babybox (its platform doesn't matter)
* Use mktemp to download protoc
* Remove defaults from ARGs
* Copy ARG comments to buildbox Dockerfile
* Rename babybox to grpcbox
* Restore Kubernetes Integration tests
This PR re-enables the Kubernetes integrations tests using a KinD
(Kubernetes in Docker) cluster.
New steps have been introduced to GitHub's Integrations (Non-Root)
Action that configure the KinD cluster using
[`helm/kind-action`](https://github.com/helm/kind-action) and do some
network configurations allowing the container where tests run to connect
to the KinD control plane.
This PR also fixes some of the tests and fixes a bug that affected
joining operations when the target service was a legacy kubernetes
proxy. Some improvements will be introduced in future patches to improve
the logic and reduce the time required for the tests to run.
Fixes#25539
* fix data race in spdystream dep
* address feedback
* remove docker installation
* fix test
These targets were originally set up to allow parallel arm64 builds
using GHA. These targets were obsoleted when the ARM64 builds were
expanded to be full-fledged teleport releases, but were not removed
at that time.
Leaving these targets is messy and confusing, so this patch removes
them.
* Unify x86/AMD64 build process
Currently, our ARM64 pipeline builds limited subset of Teleport features as none of the 3rd party dependencies (openssh, libbpf etc) are not built on AMR64. This change build all dependencies on AMR64 in the same way as we do on x86.
FIPS changes are not included as we do not support FIPS on ARM64.
* Apply suggestions from code review
Co-authored-by: Roman Tkachenko <roman@goteleport.com>
---------
Co-authored-by: Roman Tkachenko <roman@goteleport.com>
Update to libbpf 1.0.1 and github.com/aquasecurity/libbpfgo v0.4.5-libbpf-1.0.1. As we're building our releases on CentOS 7 anyway we can also switch to mainstream libbpf instead of using our fork.
Moving our CentOS build assets, aka Clang-10 is the first step to enabling our full Teleport to build on ARM64. This change should also save us some $$ as getting the assets from S3 sounds expensive.
* Update JS grpc-tools to 1.12.4
1.11.2 didn't have support for arm64 so we had to do all this extra stuff
in the Dockerfile.
1.11.3 added support for Darwin arm64 and 1.12.4 finally adds support for
Linux arm64. This means we can completely remove extra cruft and just
install grpc-tools 1.12.4 on all architectures.
* Add comment to ptyHostService.proto
* Add check if protos are up to date.
A new check has been added that will detect if protobufs are up to date. The
script will exit abnormally if protobufs need to be regenerated.
* Alan's feedback.
* Restoring the script.
* Update script comment.
* Add in the set -eu.
* Add a comment for the pull_request/merge_group bit in the new github action.
* Remove helper script.
* Reduce the runner size.
* Remove CLANG_FORMAT from Makefiles
It was used to format protos but we use Buf for that since v10.
* Move installing grpc_node_plugin into Dockerfile
This commit basically takes grpc_node_plugin compilation from
Dockerfile-teleterm and moves it to Dockerfile.
* Replace Dockerfile-teleterm with Dockerfile
After moving grpc_node_plugin compilation to Dockerfile, the only remaining
thing that Dockerfile-teleterm does is installing rpm so that we can make
an RPM package for Connect during tag builds.
Installing this package can be simply moved to Dockerfile.
* Remove grpc-teleterm Make target in favor of grpc
* Add updated protobufs
It looks like they're a result of someone changing protos in lib/prehog
without running `make grpc-teleterm` separately. Which is why we're getting
rid of grpc-teleterm as a separate Make target in the first place. ;)
Consolidates more of the build logic into the build.assets Makefile, transplanted from the workflow file in teleport.e
See comment gravitational/teleport.e#673 (comment)
The existing `build.assets` makefile targets had the actual build steps
coupled together with building the build box image. Because of how GHA
image builds work, we need to uncouple those tasks.
GHA also builds OSS and Enterprise teleports in parallel, so we needed
a new target to build the Enterprise release without also automatically
building the OSS bundle in series.
Co-authored-by: Roman Tkachenko <roman@goteleport.com>
* Include Go version in the cache key to prevent cache reuse when upgrading Go.
* Push buildboxes to Github container registry to avoid public ECR rate limiting.
Signed-off-by: Roman Tkachenko <roman@goteleport.com>
Co-authored-by: Victor Sokolov <gzigzigzeo@gmail.com>
* Use Teleport's standard buildbox
This commit edits the teleport-operator container image build process to
rely on Teleport's standard buildbox. This will make sure we are using a
single go version at all time.
This also removed unused environment variables from
`operator/Makefile`.
* Extract BUILDBOX variables out of build.assets/Makefile
* Put `teleport-operator` bin out of the Teleport source volume