conjur-debify 0.0.1.pre.47 → 0.2.0

data/image-tags

@@ -1,23 +0,0 @@
-#!/bin/bash -e
-
-: ${BRANCH_NAME:=$(git symbolic-ref --short HEAD)}
-
-show_master_tags() {
-  IFS=. read MAJOR MINOR PATCH <<< "$(<VERSION)"
-  TAG="$MAJOR.$MINOR.$PATCH"
-  echo "latest $TAG $MAJOR.$MINOR"
-}
-
-show_branch_tags() {
-  # tail and tr, to remove the grottiness from the detect-version
-  # output
-  local version="$(DEBIFY_IMAGE=debify:$(<VERSION) ./docker-debify detect-version | tail -1 | tr -d '\r')"
-  
-  echo "$BRANCH_NAME $version"
-}
-
-if [[ "$BRANCH_NAME" == "master" ]]; then
-  show_master_tags
-else
-  show_branch_tags
-fi

data/lib/conjur/debify/action/publish.rb

@@ -1,136 +0,0 @@
-module Conjur::Debify
-  module Action
-    class Publish
-
-      def detect_component
-        branch = ENV['GIT_BRANCH'] || ENV['BRANCH_NAME'] || `git rev-parse --abbrev-ref HEAD`.strip
-        if %w(master origin/master).include?(branch)
-          'stable'
-        else
-          branch.gsub('/', '.')
-        end
-      end
-
-      attr_reader :distribution, :project_name, :cmd_options
-      def initialize(distribution, project_name, cmd_options)
-        @distribution = distribution
-        @project_name = project_name
-        @cmd_options = cmd_options
-      end
-
-      def run
-        dir = cmd_options[:dir] || '.'
-        dir = File.expand_path(dir)
-        raise "Directory #{dir} does not exist or is not a directory" unless File.directory?(dir)
-
-        Dir.chdir dir do
-          version = cmd_options[:version] || detect_version
-
-          publish_image = create_image
-          DebugMixin.debug_write "Built base publish image '#{publish_image.id}'\n"
-
-          art_url = cmd_options[:url]
-          deb_art_repo = cmd_options[:repo]
-
-          art_user = ENV['ARTIFACTORY_USER']
-          art_password = ENV['ARTIFACTORY_PASSWORD']
-          unless art_user && art_password
-            art_user, art_password = fetch_art_creds
-          end
-
-          # Publish deb package
-          component = cmd_options[:component] || detect_component
-          deb_info = "#{distribution}/#{component}/amd64"
-          package_name = "conjur-#{project_name}_#{version}_amd64.deb"
-          publish_package(
-            publish_image: publish_image,
-            art_url: art_url,
-            art_user: art_user,
-            art_password: art_password,
-            art_repo: deb_art_repo,
-            package_name: package_name,
-            dir: dir,
-            deb_info: deb_info
-          )
-
-          # Publish RPM package
-          # The rpm builder replaces dashes with underscores in the version
-          rpm_version = version.tr('-', '_')
-          package_name = "conjur-#{project_name}-#{rpm_version}-1.x86_64.rpm"
-          rpm_art_repo = cmd_options['rpm-repo']
-          publish_package(
-            publish_image: publish_image,
-            art_url: art_url,
-            art_user: art_user,
-            art_password: art_password,
-            art_repo: rpm_art_repo,
-            package_name: package_name,
-            dir: dir
-          )
-        end
-      end
-
-      def create_image
-        Docker::Image.build_from_dir File.expand_path('../../publish', File.dirname(__FILE__)), tag: "debify-publish", &DebugMixin::DOCKER
-      end
-
-      def fetch_art_creds
-        require 'conjur/cli'
-        require 'conjur/authn'
-        Conjur::Config.load
-        Conjur::Config.apply
-        conjur = Conjur::Authn.connect nil, noask: true
-
-        account = Conjur.configuration.account
-        username_var = [account, "variable", "ci/artifactory/users/jenkins/username"].join(':')
-        password_var = [account, "variable", 'ci/artifactory/users/jenkins/password'].join(':')
-        [conjur.resource(username_var).value, conjur.resource(password_var).value]
-      end
-
-      def publish_package(
-        publish_image:,
-        art_url:,
-        art_user:,
-        art_password:,
-        art_repo:,
-        package_name:,
-        dir:,
-        deb_info: nil
-      )
-
-        cmd_args = [
-          "jfrog", "rt", "upload",
-          "--url", art_url,
-          "--user", art_user,
-          "--password", art_password,
-        ]
-
-        cmd_args += ["--deb", deb_info] if deb_info
-        cmd_args += [package_name, "#{art_repo}/"]
-
-        options = {
-          'Image' => publish_image.id,
-          'Cmd' => cmd_args,
-          'Binds' => [
-            [ dir, "/src" ].join(':')
-          ]
-        }
-        options['Privileged'] = true if Docker.version['Version'] >= '1.10.0'
-
-        publish(options)
-      end
-
-      def publish(options)
-        container = Docker::Container.create(options)
-        begin
-          container.tap(&:start!).streaming_logs(follow: true, stdout: true, stderr: true) { |stream, chunk| puts "#{chunk}" }
-          status = container.wait
-          raise "Failed to publish package" unless status['StatusCode'] == 0
-        ensure
-          container.delete(force: true)
-        end
-      end
-
-    end
-  end
-end

data/lib/conjur/debify/utils.rb

@@ -1,16 +0,0 @@
-require 'rubygems/package'
-
-module Conjur::Debify::Utils
-  module_function
-
-  # copy a file from container to the current working directory
-  def copy_from_container container, path
-    tar = StringIO.new
-    container.archive_out(path) { |chunk| tar.write chunk }
-    tar.rewind
-    Gem::Package::TarReader.new(tar).each do |entry|
-      File.write entry.full_name, entry.read
-    end
-  end
-end
-

data/lib/conjur/publish/Dockerfile

@@ -1,5 +0,0 @@
-FROM releases-docker.jfrog.io/jfrog/jfrog-cli:latest
-
-ENV JFROG_CLI_OFFER_CONFIG=false
-
-WORKDIR /src

data/publish-rubygem.sh

@@ -1,10 +0,0 @@
-#!/usr/bin/env bash
-set -e
-
-docker run -i --rm -v $PWD:/src -w /src alpine/git clean -fxd \
-  -e VERSION \
-  -e bom-assets/ \
-  -e release-assets/
-
-summon --yaml "RUBYGEMS_API_KEY: !var rubygems/api-key" \
-  publish-rubygem debify

data/push-image.sh

@@ -1,6 +0,0 @@
-#!/bin/bash -ex
-
-for t in $(./image-tags); do
-  docker push registry.tld/conjurinc/debify:$t
-done
-

data/secrets.yml

@@ -1,3 +0,0 @@
-# Example of secrets.yml file needed for debify publish
-ARTIFACTORY_USERNAME: !var artifactory/users/jenkins/username
-ARTIFACTORY_PASSWORD: !var artifactory/users/jenkins/password

data/spec/action/publish_spec.rb

@@ -1,54 +0,0 @@
-require 'spec_helper'
-require 'conjur/debify/action/publish'
-
-describe Conjur::Debify::Action::Publish do
-
-  let (:cmd_options) {
-    {
-      :version => '1.0.0',
-      :component => 'stable'
-    }
-  }
-
-  let (:action) { Conjur::Debify::Action::Publish.new('dist', 'proj', cmd_options) }
-
-  before do
-    allow(DebugMixin).to receive(:debug_write)
-    
-    allow(action).to receive(:create_image).and_return(double('publish_image', :id => 'a1b2c3d4'))
-  end
-  
-  context 'with artifactory creds in the environment' do
-
-    before do
-      ENV['ARTIFACTORY_USER'] = 'art_user'
-      ENV['ARTIFACTORY_PASSWORD'] = 'art_password'
-    end
-
-    after do
-      ENV.delete('ARTIFACTORY_USER')
-      ENV.delete('ARTIFACTORY_PASSWORD')
-    end
-    
-    it 'runs' do
-      expect(action).to receive(:publish).twice
-
-      action.run
-    end
-    
-  end
-
-  context 'without artifactory creds in the environment' do
-
-    it 'runs' do
-      expect(action).to receive(:fetch_art_creds)
-      expect(action).to receive(:publish).twice
-
-      action.run
-    end
-  end
-  
-end
-
-    
-    

data/spec/data/Makefile

@@ -1,5 +0,0 @@
-test.tar:
-	echo "this is a test" > test.txt
-	tar cf test.tar test.txt
-	rm test.txt
-

data/spec/debify_utils_spec.rb

@@ -1,55 +0,0 @@
-require 'spec_helper'
-require 'aruba/rspec'
-
-Aruba.configure do |c|
-  c.activate_announcer_on_command_failure = %i(stderr stdout)
-end
-
-describe "remove_matching()", type: :aruba do
-  it "removes matching files" do
-    here %w(foo bar/baz bar/xyzzy zork)
-    there %w(foo bar/baz not)
-    remove_matching
-    expect(contents_of herepath).to match_array %w(zork bar bar/xyzzy)
-  end
-  
-  it "also handles files with spaces in names" do
-    here ['foo', 'bar/baz', 'with space', 'with', 'bar/another space']
-    there ['with space', 'bar/another space here']
-    remove_matching
-    expect(contents_of herepath).to match_array ['foo', 'bar', 'bar/baz', 'with', 'bar/another space']
-  end
-  
-  # auxiliary methods and setup
-  let(:herepath) { Pathname.new Dir.mktmpdir }
-  let(:therepath) { Pathname.new Dir.mktmpdir }
-  after { [herepath, therepath].each &FileUtils.method(:remove_entry) }
-
-  def contents_of dir
-    Dir.chdir(dir) { Dir['**/*'] }
-  end
-
-  def remove_matching
-    run_command_and_stop "bash -c 'source #{DEBIFY_UTILS_PATH}; cd #{herepath}; remove_matching #{therepath}'"
-  end
-  
-  def here files
-    mkfiles herepath, files
-  end
-  
-  def there files
-    mkfiles therepath, files
-  end
-
-  def mkfiles dir, files  
-    return dir if files.empty?
-    files.each do |path|
-      fullpath = dir + path
-      FileUtils.makedirs fullpath.dirname
-      FileUtils.touch fullpath
-    end
-  end
-  
-  DEBIFY_UTILS_PATH = File.expand_path '../../lib/conjur/fpm/debify_utils.sh', __FILE__
-end
-

data/spec/spec_helper.rb

@@ -1 +0,0 @@
-require 'conjur/debify'

data/spec/utils_spec.rb

@@ -1,22 +0,0 @@
-require 'fakefs/safe'
-
-require 'conjur/debify/utils'
-
-describe 'Conjur::Debify::Utils.copy_from_container' do
-  it "copies a file from the container to the current directory" do
-    tar = File.read "#{__dir__}/data/test.tar"
-    container = instance_double Docker::Container
-    allow(container).to receive(:archive_out).with "/tmp/test.tar" do |&b|
-      StringIO.new(tar).each(nil, 512) do |c|
-        # docker api sends three arguments, so emulate that
-        b[c, nil, nil]
-      end
-    end
-
-    FakeFS do
-      Conjur::Debify::Utils.copy_from_container container, "/tmp/test.tar"
-      expect(File.read 'test.txt').to eq "this is a test\n"
-    end
-  end
-end
-

data/tag-image.sh

@@ -1,6 +0,0 @@
-#!/bin/bash -ex
-
-TAG=$(< VERSION)
-for t in $(./image-tags); do
-  docker tag debify:$TAG registry.tld/conjurinc/debify:$t
-done

data/test.sh

@@ -1,6 +0,0 @@
-#!/bin/bash -ex
-
-VERSION=$(< VERSION)
-docker run --rm debify:$VERSION config script > docker-debify
-chmod +x docker-debify
-DEBIFY_IMAGE=debify:$VERSION DEBIFY_ENTRYPOINT=ci/test.sh ./docker-debify