conjur-debify 1.12.0 → 2.1.1.pre.4

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 0b5fa10a6d866735c45f5edfd2a9defcc685ebe502c8950b219b6a8bc22ed232
4
- data.tar.gz: 169e5c66e12fe3533c778255b337ad64b323f35cbc298f8e39c00e7abe765b7f
3
+ metadata.gz: 2747ff6c3ff8221c8cde88db6e41a9d3fe2955f46a9d4a35581c6d9588e7ba3b
4
+ data.tar.gz: 6709af83edc34fefd2ee0583fc816b4ee950c498cac54bd05e85a9a1959c8c9e
5
5
  SHA512:
6
- metadata.gz: f9326cdb7fd4efafc3db3dda92e6a313cfc504dc34a24450be1076078cc8124b93c8f8ab781f59434cf625c4a37e2a1e8e6b1ead7466a7df00c2de7e3c3cca30
7
- data.tar.gz: 8aae92edeacc8a8ffecaa7bbe4bf09cbb0a0f797b40c4cc8e52e4b9999cd7f607a58a913334e5f82cdcabfe07cc94ab2803bce65b3e99e0b84a0ed23d56824d6
6
+ metadata.gz: 53c2942288ec1af7b38c831b28a5e066713dc6f4d0b7b339693c021c9c77d13216a6380e854660696bccf9de74c1939454666ec4f35f7f3f6c3a3ffdb947ee0a
7
+ data.tar.gz: 0e128decf3f960f495aee458fcf865e26b7700d94c6b9ed96f46b04d062777da4c9b8bacf4bce3a07c0adbd20c45b3bd5a1f7fb391fe8d491fd2a29580c7e4b5
data/CHANGELOG.md CHANGED
@@ -1,4 +1,20 @@
1
- ## [Unreleased]
1
+ ## [2.1.1]
2
+ ### Changed
3
+
4
+ - Update to use automated release process
5
+
6
+ # 2.1.0
7
+ ### Changed
8
+
9
+ - Refine bundler related steps in `debify package` flow: only `package.sh` file configures
10
+ and invokes bundler. `Dockerfile.fpm` only copies files and adjusts folder structure.
11
+ - Remove bundler 1.* support
12
+
13
+ # 2.0.0
14
+ ### Changed
15
+ - Debify now receives the flag `--output` as input to indicate the file type that it should package (e.g `rpm`). If this
16
+ flag is not given, the default value is `deb`.
17
+ [conjurinc/debify#56](https://github.com/conjurinc/debify/issues/56)
2
18
 
3
19
  # 1.12.0
4
20
 
data/Dockerfile CHANGED
@@ -1,46 +1,33 @@
1
1
  FROM ruby:2.6-stretch
2
2
 
3
- ### DockerInDocker support is take from
4
- ### https://github.com/jpetazzo/dind/blob/master/Dockerfile . I
5
- ### elected to base this image on ruby, then pull in the (slightly
6
- ### outdated) support for DockerInDocker. Creation of the official
7
- ### docker:dind image much more complicated and didn't lend itself to
8
- ### also running ruby.
9
-
10
3
  RUN apt-get update -qq && \
11
4
  apt-get dist-upgrade -qqy && \
12
5
  apt-get install -qqy \
13
6
  apt-transport-https \
14
7
  ca-certificates \
15
- curl \
16
- lxc \
17
- iptables
8
+ curl
18
9
 
19
- # Install Docker from Docker Inc. repositories.
20
- RUN curl -sSL https://get.docker.com/ | sh
21
-
22
- # Install the magic wrapper.
23
- RUN curl -sSL -o /usr/local/bin/wrapdocker https://raw.githubusercontent.com/jpetazzo/dind/master/wrapdocker
24
- RUN chmod +x /usr/local/bin/wrapdocker
25
-
26
- # Define additional metadata for our image.
27
- VOLUME /var/lib/docker
28
-
29
- ### End of DockerInDocker support
10
+ # Install Docker client tools
11
+ ENV DOCKERVERSION=20.10.0
12
+ RUN curl -fsSLO https://download.docker.com/linux/static/stable/x86_64/docker-${DOCKERVERSION}.tgz \
13
+ && tar xzvf docker-${DOCKERVERSION}.tgz --strip 1 \
14
+ -C /usr/local/bin docker/docker \
15
+ && rm docker-${DOCKERVERSION}.tgz
30
16
 
31
17
  RUN mkdir -p /debify
32
18
  WORKDIR /debify
33
19
 
34
20
  COPY . ./
35
21
 
22
+ RUN gem install bundler:2.2.30
36
23
  RUN gem build debify.gemspec
37
24
 
38
25
  ARG VERSION
39
- RUN gem install -N conjur-debify-${VERSION}.gem
26
+ RUN gem install -N conjur-debify-*.gem
40
27
 
41
28
  ARG CONJUR_APPLIANCE_URL
42
- ENV CONJUR_APPLIANCE_URL ${CONJUR_APPLIANCE_URL:-https://conjur-master-v2.itp.conjur.net/api}
29
+ ENV CONJUR_APPLIANCE_URL ${CONJUR_APPLIANCE_URL:-https://conjurops.itp.conjur.net}
43
30
  ENV CONJUR_ACCOUNT ${CONJUR_ACCOUNT:-conjur}
44
- ENV CONJUR_VERSION ${CONJUR_VERSION:-4}
31
+ ENV CONJUR_VERSION ${CONJUR_VERSION:-5}
45
32
 
46
33
  ENTRYPOINT ["/debify/distrib/entrypoint.sh"]
data/Jenkinsfile CHANGED
@@ -1,29 +1,52 @@
1
1
  #!/usr/bin/env groovy
2
2
 
3
+ // Automated release, promotion and dependencies
4
+ properties([
5
+ release.addParams(),
6
+ dependencies(['cyberark/conjur-base-image'])
7
+ ])
8
+
9
+ if (params.MODE == "PROMOTE") {
10
+ release.promote(params.VERSION_TO_PROMOTE) { sourceVersion, targetVersion, assetDirectory ->
11
+ sh './publish-rubygems.sh'
12
+ }
13
+ return
14
+ }
15
+
3
16
  pipeline {
4
17
  agent { label 'executor-v2' }
5
18
 
6
19
  options {
7
20
  timestamps()
8
21
  buildDiscarder(logRotator(daysToKeepStr: '30'))
9
- skipDefaultCheckout()
10
22
  }
11
23
 
12
24
  triggers {
13
25
  cron(getDailyCronString())
14
26
  }
15
27
 
28
+ environment {
29
+ MODE = release.canonicalizeMode()
30
+ }
31
+
16
32
  stages {
17
- stage('Checkout') {
33
+ stage ("Skip build if triggering job didn't create a release") {
34
+ when {
35
+ expression {
36
+ MODE == "SKIP"
37
+ }
38
+ }
18
39
  steps {
19
- // One of our cukes tests to see if debify can correctly
20
- // determine the version for the package being created, based
21
- // on the tags in the repo. By default, the Git SCM plugin
22
- // doesn't pull tags, causing the cuke to fail.
23
- //
24
- // I couldn't find any way to configure the plugin, so I used
25
- // the Snippet Generator to create this:
26
- checkout([$class: 'GitSCM', branches: [[name: env.BRANCH_NAME]], doGenerateSubmoduleConfigurations: false, extensions: [[$class: 'CloneOption', depth: 0, noTags: false, reference: '', shallow: false]], submoduleCfg: [], userRemoteConfigs: [[credentialsId: 'conjur-jenkins', url: 'git@github.com:conjurinc/debify.git']]])
40
+ script {
41
+ currentBuild.result = 'ABORTED'
42
+ error("Aborting build because this build was triggered from upstream, but no release was built")
43
+ }
44
+ }
45
+ }
46
+ stage('Prepare') {
47
+ steps {
48
+ // Initialize VERSION file
49
+ updateVersion("CHANGELOG.md", "${BUILD_NUMBER}")
27
50
  }
28
51
  }
29
52
  stage('Build docker image') {
@@ -42,10 +65,14 @@ pipeline {
42
65
  scanAndReport("debify:${VERSION}", "HIGH", false)
43
66
  }
44
67
  }
45
- // No all report generated because it currently adds 10-12 minutes of
46
- // build time just to write the trivy report. It'll be added once we've
47
- // cleaned up and/or ignored enough issues to reduce the impact
48
- // on build time.
68
+ stage('Scan Docker image for all issues') {
69
+ steps{
70
+ script {
71
+ VERSION = sh(returnStdout: true, script: 'cat VERSION')
72
+ }
73
+ scanAndReport("debify:${VERSION}", "NONE", true)
74
+ }
75
+ }
49
76
  }
50
77
  }
51
78
 
@@ -67,29 +94,16 @@ pipeline {
67
94
 
68
95
  stage('Publish to RubyGems') {
69
96
  when {
70
- allOf {
71
- branch 'master'
72
- /* expression {
73
- boolean publish = false
74
-
75
- try {
76
- timeout(time: 5, unit: 'MINUTES') {
77
- input(message: 'Publish to RubyGems?')
78
- publish = true
79
- }
80
- } catch (final ignore) {
81
- publish = false
82
- }
83
-
84
- return publish
85
- }*/
97
+ expression {
98
+ MODE == "RELEASE"
86
99
  }
87
100
  }
88
101
 
89
102
  steps {
90
- checkout scm
91
- sh './publish-rubygem.sh'
92
- deleteDir()
103
+ release {
104
+ sh './publish-rubygem.sh'
105
+ sh "cp conjur-debify-*.gem release-assets/."
106
+ }
93
107
  }
94
108
  }
95
109
  }
data/README.md CHANGED
@@ -289,7 +289,7 @@ Start a sandbox, see that it can resolve the hostname `mydb`:
289
289
 
290
290
  ```sh-session
291
291
 
292
- example $ debify sandbox -t 4.9-stable --net testnet
292
+ example $ debify sandbox -t 5.0-stable --net testnet
293
293
  example $ docker exec -it example-sandbox /bin/bash
294
294
  root@7d4217655332:/src/example# getent hosts mydb
295
295
  172.19.0.2 mydb
data/Rakefile CHANGED
@@ -33,7 +33,8 @@ if cucumber?
33
33
  Cucumber::Rake::Task.new(:features) do |t|
34
34
  opts = "features --format junit -o #{CUKE_RESULTS} --format pretty -x"
35
35
  opts += " --tags #{ENV['TAGS']}" if ENV['TAGS']
36
- t.cucumber_opts = opts
36
+ opts += " --tags ~@skip"
37
+ t.cucumber_opts = opts
37
38
  t.fork = false
38
39
  end
39
40
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.12.0
1
+ 2.1.1-4
data/ci/test.sh CHANGED
@@ -2,11 +2,6 @@
2
2
 
3
3
  bundle
4
4
 
5
- # Some tests need to be logged in to the registry, to pull a base
6
- # image if it's not already available. Have entrypoint.sh do something
7
- # simple, and log in as a side effect.
8
- /debify/distrib/entrypoint.sh detect-version
9
-
10
5
  for target in spec cucumber; do
11
6
  bundle exec rake $target
12
7
  done
data/debify.gemspec CHANGED
@@ -12,26 +12,26 @@ Gem::Specification.new do |spec|
12
12
  spec.homepage = "https://github.com/conjurinc/debify"
13
13
  spec.license = "MIT"
14
14
 
15
- spec.files = `git ls-files -z`.split("\x0")
15
+ spec.files = `git ls-files -z`.split("\x0").append("VERSION")
16
16
  spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
17
17
  spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
18
18
  spec.require_paths = ["lib"]
19
19
 
20
20
  spec.add_dependency "gli"
21
- spec.add_dependency "docker-api", "~> 1.33"
21
+ spec.add_dependency "docker-api", "~> 2.0"
22
22
  spec.add_dependency "conjur-cli" , "~> 6"
23
23
  spec.add_dependency "conjur-api", "~> 5"
24
24
 
25
- spec.add_development_dependency "bundler", "~> 1.7"
25
+ spec.add_development_dependency "bundler", ">= 2.2.30"
26
26
  spec.add_development_dependency "fakefs", "~> 0"
27
- spec.add_development_dependency "rake", "~> 12.3.3"
27
+ spec.add_development_dependency "rake", "~> 13.0"
28
28
 
29
29
  # Pin to cucumbe v2. cucumber v3 changes (breaks) the behavior of
30
30
  # unmatched capture groups with \(d+). In v3, the value of such a
31
31
  # group is 0 instead of nil, which breaks aruba's "I successfully
32
32
  # run...." steps.
33
33
  spec.add_development_dependency "cucumber", '~> 2'
34
- spec.add_development_dependency "aruba", "~> 0.14"
34
+ spec.add_development_dependency "aruba", "~> 1.0"
35
35
  spec.add_development_dependency 'rspec', '~> 3'
36
36
  spec.add_development_dependency 'ci_reporter_rspec', '~> 1.0'
37
37
  end
@@ -6,17 +6,14 @@ set +x
6
6
 
7
7
  creds=( $(ruby /debify/distrib/conjur_creds.rb) )
8
8
 
9
- # If there are creds, use them to log in to the registry. Then, run
10
- # the magic DockerInDocker wrapper script so debify can interact with
11
- # the Docker daemon.
9
+ # If there are creds, use them to log in to the registry.
12
10
  #
13
- # If there are no creds, just run debify itself. Any commands that do
11
+ # If there are no creds, any commands that do
14
12
  # Docker stuff will fail, but the non-Docker commands (e.g. the config
15
13
  # subcommands) will work fine.
16
14
  if [[ ${#creds[*]} > 0 ]]; then
17
15
  echo -n "${creds[1]}" | docker login registry.tld -u ${creds[0]} --password-stdin >/dev/null 2>&1
18
- exec wrapdocker debify "$@"
19
- else
20
- exec debify "$@"
21
16
  fi
22
17
 
18
+ exec debify "$@"
19
+
data/example/Gemfile.lock CHANGED
@@ -29,4 +29,4 @@ DEPENDENCIES
29
29
  rspec
30
30
 
31
31
  BUNDLED WITH
32
- 1.16.1
32
+ 2.1.4
data/example/net-test.sh CHANGED
@@ -2,6 +2,6 @@
2
2
 
3
3
  cid=$1
4
4
 
5
- docker exec $cid ping -c1 other_host
5
+ docker exec $cid curl -s http://other_host > /dev/null
6
6
 
7
7
  echo Test succeeded
@@ -5,6 +5,7 @@ Feature: Packaging
5
5
  # We use version 0.0.1-suffix to verify that RPM converts dashes to underscores
6
6
  # in the version as we expect
7
7
  Given I successfully run `env DEBUG=true GLI_DEBUG=true debify package -d ../../example -v 0.0.1-suffix example -- --post-install /distrib/postinstall.sh`
8
+ And I successfully run `env DEBUG=true GLI_DEBUG=true debify package -d ../../example --output rpm -v 0.0.1-suffix example -- --post-install /distrib/postinstall.sh`
8
9
 
9
10
  Scenario: 'example' project can be packaged successfully
10
11
  Then the stdout should contain "conjur-example_0.0.1-suffix_amd64.deb"
@@ -19,4 +20,4 @@ Feature: Packaging
19
20
  And the stdout from "find ../../example" should not contain "conjur-example-0.0.1_suffix-1.x86_64.rpm"
20
21
 
21
22
  Scenario: 'example' project can be published
22
- When I successfully run `env DEBUG=true GLI_DEBUG=true debify publish -v 0.0.1-suffix -d ../../example 4.9 example`
23
+ When I successfully run `env DEBUG=true GLI_DEBUG=true debify publish -v 0.0.1-suffix -d ../../example 5.0 example`
@@ -1,19 +1,23 @@
1
1
  @announce-output
2
2
  Feature: Running a sandbox
3
3
  Background:
4
- Given I successfully run `docker pull registry.tld/conjur-appliance-cuke-master:4.9-stable`
4
+ Given I successfully run `docker pull registry.tld/conjur-appliance-cuke-master:5.0-stable`
5
+ # The extra containers will use the `alpine` image, so we need to pull it first on the
6
+ # host to use the authenticated DockerHub connection. This avoids hitting DockerHub
7
+ # rate limits.
8
+ And I successfully run `docker pull nginx`
5
9
 
6
10
  Scenario: sandbox for 'example' project be started
7
- Given I successfully start a sandbox for "example" with arguments "-t 4.9-stable --no-pull"
11
+ Given I successfully start a sandbox for "example" with arguments "-t 5.0-stable --no-pull"
8
12
 
9
13
  Scenario: sandbox for 'example' project be started linked to another container
10
14
  Given I start a container named "other_host"
11
- Then I successfully start a sandbox for "example" with arguments "-t 4.9-stable --no-pull --link other_host -c 'ping -c1 other_host'"
15
+ Then I successfully start a sandbox for "example" with arguments "-t 5.0-stable --no-pull --link other_host -c 'curl -s http://other_host > /dev/null'"
12
16
 
13
17
  Scenario: sandbox for 'example' project be started on a network other than the default
14
18
  Given I start a container named "other_host" on network "test-net"
15
- Then I successfully start a sandbox for "example" with arguments "-t 4.9-stable --no-pull --net test-net -c 'ping -c1 other_host'"
19
+ Then I successfully start a sandbox for "example" with arguments "-t 5.0-stable --no-pull --net test-net -c 'curl -s http://other_host > /dev/null'"
16
20
 
17
21
  Scenario: sandbox for 'example' project be started on a network other than the default with a host aliased
18
22
  Given I start a container named "another_host" on network "test-net"
19
- Then I successfully start a sandbox for "example" with arguments "-t 4.9-stable --no-pull --net test-net --link another_host:other_host -c 'ping -c1 other_host'"
23
+ Then I successfully start a sandbox for "example" with arguments "-t 5.0-stable --no-pull --net test-net --link another_host:other_host -c 'curl -s http://other_host > /dev/null'"
@@ -12,11 +12,9 @@ When /^I start a container named "(.*?)"(?: on network "(.*?)")*$/ do |name, net
12
12
  networks << network
13
13
  end
14
14
 
15
- alpine = Docker::Image.create('fromImage' => 'alpine')
16
15
  options = {
17
16
  'name' => name,
18
- 'Cmd' => [ "sh", "-c", "while true; do sleep 1; done" ],
19
- 'Image' => alpine.id
17
+ 'Image' => 'nginx'
20
18
  }
21
19
  options['HostConfig'] = { 'NetworkMode' => net_name } if net_name
22
20
 
@@ -6,5 +6,7 @@ LIB_DIR = File.join(File.expand_path(File.dirname(__FILE__)),'..','..','lib')
6
6
 
7
7
  Aruba.configure do |config|
8
8
  config.exit_timeout = 1200
9
+ # not a best practice from aruba's point of view
10
+ # but the only solution I've found to have docker credentials context
11
+ config.home_directory = ENV['HOME']
9
12
  end
10
-
@@ -5,20 +5,20 @@ Feature: Testing
5
5
  Given I successfully run `env DEBUG=true GLI_DEBUG=true debify package -d ../../example -v 0.0.1 example -- --post-install /distrib/postinstall.sh`
6
6
 
7
7
  Scenario: 'example' project can be tested successfully
8
- When I successfully run `env DEBUG=true GLI_DEBUG=true debify test -t 4.9-stable -v 0.0.1 -d ../../example --no-pull example test.sh`
8
+ When I successfully run `env DEBUG=true GLI_DEBUG=true debify test -t 5.0-stable -v 0.0.1 -d ../../example --no-pull example test.sh`
9
9
  Then the stderr should contain "Test succeeded"
10
10
 
11
11
  Scenario: 'example' project can be tested when linked to another container
12
12
  Given I start a container named "other_host"
13
- When I successfully run `env DEBUG=true GLI_DEBUG=true debify test -t 4.9-stable -v 0.0.1 -d ../../example --no-pull --link other_host example net-test.sh`
13
+ When I successfully run `env DEBUG=true GLI_DEBUG=true debify test -t 5.0-stable -v 0.0.1 -d ../../example --no-pull --link other_host example net-test.sh`
14
14
  Then the stderr should contain "Test succeeded"
15
15
 
16
16
  Scenario: 'example' project can be tested on a network other than the default
17
17
  Given I start a container named "other_host" on network "test-net"
18
- When I successfully run `env DEBUG=true GLI_DEBUG=true debify test -t 4.9-stable -v 0.0.1 -d ../../example --no-pull --net test-net example net-test.sh`
18
+ When I successfully run `env DEBUG=true GLI_DEBUG=true debify test -t 5.0-stable -v 0.0.1 -d ../../example --no-pull --net test-net example net-test.sh`
19
19
  Then the stderr should contain "Test succeeded"
20
20
 
21
21
  Scenario: 'example' project can be tested on a network other than the default with a host aliased
22
22
  Given I start a container named "another_host" on network "test-net"
23
- When I successfully run `env DEBUG=true GLI_DEBUG=true debify test -t 4.9-stable -v 0.0.1 -d ../../example --no-pull --link another_host:other_host --net test-net example net-test.sh`
23
+ When I successfully run `env DEBUG=true GLI_DEBUG=true debify test -t 5.0-stable -v 0.0.1 -d ../../example --no-pull --link another_host:other_host --net test-net example net-test.sh`
24
24
  Then the stderr should contain "Test succeeded"
@@ -7,10 +7,6 @@ WORKDIR /src/opt/conjur/project
7
7
  COPY Gemfile ./
8
8
  COPY Gemfile.lock ./
9
9
 
10
- RUN bundle --deployment
11
- RUN mkdir -p .bundle
12
- RUN cp /usr/local/bundle/config .bundle/config
13
-
14
10
  COPY . .
15
11
  ADD debify.sh /
16
12
 
@@ -6,7 +6,7 @@ module Conjur::Debify::Utils
6
6
  # copy a file from container to the current working directory
7
7
  def copy_from_container container, path
8
8
  tar = StringIO.new
9
- container.copy(path) { |chunk| tar.write chunk }
9
+ container.archive_out(path) { |chunk| tar.write chunk }
10
10
  tar.rewind
11
11
  Gem::Package::TarReader.new(tar).each do |entry|
12
12
  File.write entry.full_name, entry.read
data/lib/conjur/debify.rb CHANGED
@@ -13,6 +13,8 @@ require 'active_support/core_ext'
13
13
 
14
14
  include GLI::App
15
15
 
16
+ DEFAULT_FILE_TYPE = "deb"
17
+
16
18
  config_file '.debifyrc'
17
19
 
18
20
  desc 'Set an environment variable (e.g. TERM=xterm) when starting a container'
@@ -50,7 +52,7 @@ module DebugMixin
50
52
  if a.length == 2 && a[0].is_a?(Symbol)
51
53
  debug a.last
52
54
  else
53
- a.each do |line|
55
+ a.each do |line|
54
56
  begin
55
57
  line = JSON.parse(line)
56
58
  line.keys.each do |k|
@@ -80,7 +82,7 @@ def detect_version
80
82
  base_version = File.read("VERSION").strip
81
83
  commits_since = `git log #{base_commit}..HEAD --pretty='%h'`.split("\n").size
82
84
  hash = `git rev-parse --short HEAD`.strip
83
- [ [ base_version, commits_since ].join('.'), hash ].join("-")
85
+ [[base_version, commits_since].join('.'), hash].join("-")
84
86
  else
85
87
  `git describe --long --tags --abbrev=7 --match 'v*.*.*' | sed -e 's/^v//'`.strip.tap do |version|
86
88
  raise "No Git version (tag) for project" if version.empty?
@@ -89,7 +91,13 @@ def detect_version
89
91
  end
90
92
 
91
93
  def git_files
92
- (`git ls-files -z`.split("\x0") + ['Gemfile.lock']).uniq
94
+ files = (`git ls-files -z`.split("\x0") + ['Gemfile.lock']).uniq
95
+ # Since submodule directories are listed, but are not files, we remove them.
96
+ # Currently, `conjur-project-config` is the only submodule in Conjur, and it
97
+ # can safely be removed because it's a developer-only tool. If we add another
98
+ # submodule in the future needed for production, we'll need to update this
99
+ # code. But YAGNI for now.
100
+ files.select { |f| File.file?(f) }
93
101
  end
94
102
 
95
103
  def login_to_registry(appliance_image_id)
@@ -125,15 +133,15 @@ DESC
125
133
  arg_name "project-name -- <fpm-arguments>"
126
134
  command "clean" do |c|
127
135
  c.desc "Set the current working directory"
128
- c.flag [ :d, "dir" ]
136
+ c.flag [:d, "dir"]
129
137
 
130
138
  c.desc "Ignore (don't delete) a file or directory"
131
- c.flag [ :i, :ignore ]
139
+ c.flag [:i, :ignore]
132
140
 
133
141
  c.desc "Force file deletion even if if this doesn't look like a Jenkins environment"
134
- c.switch [ :force ]
142
+ c.switch [:force]
135
143
 
136
- c.action do |global_options,cmd_options,args|
144
+ c.action do |global_options, cmd_options, args|
137
145
  def looks_like_jenkins?
138
146
  require 'etc'
139
147
  Etc.getlogin == 'jenkins' && ENV['BUILD_NUMBER']
@@ -144,10 +152,10 @@ command "clean" do |c|
144
152
  if !perform_deletion
145
153
  $stderr.puts "No --force, and this doesn't look like Jenkins. I won't actually delete anything"
146
154
  end
147
- @ignore_list = Array(cmd_options[:ignore]) + [ '.', '..', '.git' ]
155
+ @ignore_list = Array(cmd_options[:ignore]) + ['.', '..', '.git']
148
156
 
149
157
  def ignore_file? f
150
- @ignore_list.find{|ignore| f.index(ignore) == 0}
158
+ @ignore_list.find { |ignore| f.index(ignore) == 0 }
151
159
  end
152
160
 
153
161
  dir = cmd_options[:dir] || '.'
@@ -160,16 +168,16 @@ command "clean" do |c|
160
168
  end
161
169
  find_files.compact!
162
170
  delete_files = (find_files - git_files)
163
- delete_files.delete_if{|file|
171
+ delete_files.delete_if { |file|
164
172
  File.directory?(file) || ignore_file?(file)
165
173
  }
166
174
  if perform_deletion
167
175
  image = Docker::Image.create 'fromImage' => "alpine:3.3"
168
176
  options = {
169
- 'Cmd' => [ "sh", "-c", "while true; do sleep 1; done" ],
177
+ 'Cmd' => ["sh", "-c", "while true; do sleep 1; done"],
170
178
  'Image' => image.id,
171
179
  'Binds' => [
172
- [ dir, "/src" ].join(':'),
180
+ [dir, "/src"].join(':'),
173
181
  ]
174
182
  }
175
183
  options['Privileged'] = true if Docker.version['Version'] >= '1.10.0'
@@ -180,7 +188,7 @@ command "clean" do |c|
180
188
  puts file
181
189
 
182
190
  file = "/src/#{file}"
183
- cmd = [ "rm", "-f", file ]
191
+ cmd = ["rm", "-f", file]
184
192
 
185
193
  stdout, stderr, status = container.exec cmd, &DebugMixin::DOCKER
186
194
  $stderr.puts "Failed to delete #{file}" unless status == 0
@@ -232,18 +240,21 @@ DESC
232
240
  arg_name "project-name -- <fpm-arguments>"
233
241
  command "package" do |c|
234
242
  c.desc "Set the current working directory"
235
- c.flag [ :d, "dir" ]
243
+ c.flag [:d, "dir"]
244
+
245
+ c.desc "Set the output file type of the fpm command (e.g rpm)"
246
+ c.flag [:o, :output]
236
247
 
237
248
  c.desc "Specify the deb version; by default, it's read from the VERSION file"
238
- c.flag [ :v, :version ]
249
+ c.flag [:v, :version]
239
250
 
240
251
  c.desc "Specify a custom Dockerfile.fpm"
241
- c.flag [ :dockerfile]
252
+ c.flag [:dockerfile]
242
253
 
243
254
  c.desc "Specify files to add to the FPM image that are not included from the git repo"
244
- c.flag [ :'additional-files' ]
255
+ c.flag [:'additional-files']
245
256
 
246
- c.action do |global_options,cmd_options,args|
257
+ c.action do |global_options, cmd_options, args|
247
258
  raise "project-name is required" unless project_name = args.shift
248
259
 
249
260
  fpm_args = []
@@ -261,7 +272,17 @@ command "package" do |c|
261
272
  additional_files = cmd_options[:'additional-files'].split(',').map(&:strip)
262
273
  end
263
274
 
264
- fpm_image = Docker::Image.build_from_dir File.expand_path('fpm', File.dirname(__FILE__)), tag: "debify-fpm", &DebugMixin::DOCKER
275
+ begin
276
+ tries ||= 2
277
+ fpm_image = Docker::Image.build_from_dir File.expand_path('fpm', File.dirname(__FILE__)), tag: "debify-fpm", &DebugMixin::DOCKER
278
+ rescue
279
+ image_id = File.readlines(File.expand_path('fpm/Dockerfile', File.dirname(__FILE__)))
280
+ .find { | line | line =~ /^FROM/ }
281
+ .split(' ')
282
+ .last
283
+ login_to_registry image_id
284
+ retry unless (tries -= 1).zero?
285
+ end
265
286
  DebugMixin.debug_write "Built base fpm image '#{fpm_image.id}'\n"
266
287
  dir = File.expand_path(dir)
267
288
 
@@ -279,23 +300,29 @@ command "package" do |c|
279
300
  FileUtils.mkdir_p(File.dirname(destination_path))
280
301
  FileUtils.cp(original_file, destination_path)
281
302
  end
282
-
303
+
283
304
  # rename specified dockerfile to 'Dockerfile' during copy, incase name is different
284
305
  dockerfile_path = cmd_options[:dockerfile] || File.expand_path("debify/Dockerfile.fpm", pwd)
285
306
  temp_dockerfile = File.join(temp_dir, "Dockerfile")
286
-
307
+
287
308
  # change image variable in specified Dockerfile
288
309
  dockerfile = File.read(dockerfile_path)
289
310
  replace_image = dockerfile.gsub("@@image@@", fpm_image.id)
290
- File.open(temp_dockerfile, "w") {|file| file.puts replace_image}
311
+ File.open(temp_dockerfile, "w") { |file| file.puts replace_image }
291
312
 
292
313
  # build image from project being debified dir
293
314
  image = Docker::Image.build_from_dir temp_dir, &DebugMixin::DOCKER
294
315
 
295
316
  DebugMixin.debug_write "Built fpm image '#{image.id}' for project #{project_name}\n"
296
317
 
318
+ container_cmd_options = [project_name, version]
319
+
320
+ # Set the output file type if present
321
+ file_type = cmd_options[:output] || DEFAULT_FILE_TYPE
322
+ container_cmd_options << "--file-type=#{file_type}"
323
+
297
324
  options = {
298
- 'Cmd' => [ project_name, version ] + fpm_args,
325
+ 'Cmd' => container_cmd_options + fpm_args,
299
326
  'Image' => image.id
300
327
  }
301
328
  options['Privileged'] = true if Docker.version['Version'] >= '1.10.0'
@@ -307,21 +334,23 @@ command "package" do |c|
307
334
  status = container.wait
308
335
  raise "Failed to package #{project_name}" unless status['StatusCode'] == 0
309
336
 
310
- # Copy deb packages
311
- copy_packages_from_container(
312
- container,
313
- "conjur-#{project_name}_#{version}_amd64.deb",
314
- "conjur-#{project_name}-dev_#{version}_amd64.deb"
315
- )
316
-
317
- # Copy rpm packages
318
- # The rpm builder replaces dashes with underscores in the version
319
- rpm_version = version.tr('-', '_')
320
- copy_packages_from_container(
321
- container,
322
- "conjur-#{project_name}-#{rpm_version}-1.x86_64.rpm",
323
- "conjur-#{project_name}-dev-#{rpm_version}-1.x86_64.rpm"
324
- )
337
+ if file_type == "deb"
338
+ # Copy deb packages
339
+ copy_packages_from_container(
340
+ container,
341
+ "conjur-#{project_name}_#{version}_amd64.deb",
342
+ "conjur-#{project_name}-dev_#{version}_amd64.deb"
343
+ )
344
+ elsif file_type == "rpm"
345
+ # Copy rpm packages
346
+ # The rpm builder replaces dashes with underscores in the version
347
+ rpm_version = version.tr('-', '_')
348
+ copy_packages_from_container(
349
+ container,
350
+ "conjur-#{project_name}-#{rpm_version}-1.x86_64.rpm",
351
+ "conjur-#{project_name}-dev-#{rpm_version}-1.x86_64.rpm"
352
+ )
353
+ end
325
354
  ensure
326
355
  container.delete(force: true)
327
356
  end
@@ -344,10 +373,10 @@ end
344
373
 
345
374
  def network_options(cmd)
346
375
  cmd.desc "Specify link for test container"
347
- cmd.flag [ :l, :link ], :multiple => true
376
+ cmd.flag [:l, :link], :multiple => true
348
377
 
349
378
  cmd.desc 'Attach to the specified network'
350
- cmd.flag [ :n, :net ]
379
+ cmd.flag [:n, :net]
351
380
  end
352
381
 
353
382
  def short_id(id)
@@ -363,7 +392,7 @@ end
363
392
  # instead. (Docker doesn't add full container ids as network aliases,
364
393
  # only short ids).
365
394
  def shorten_source_id(link)
366
- src,dest = link.split(':')
395
+ src, dest = link.split(':')
367
396
  src && dest ? "#{short_id(src)}:#{dest}" : link
368
397
  end
369
398
 
@@ -413,32 +442,32 @@ DESC
413
442
  arg_name "project-name test-script"
414
443
  command "test" do |c|
415
444
  c.desc "Set the current working directory"
416
- c.flag [ :d, :dir ]
445
+ c.flag [:d, :dir]
417
446
 
418
447
  c.desc "Keep the Conjur appliance container after the command finishes"
419
448
  c.default_value false
420
- c.switch [ :k, :keep ]
449
+ c.switch [:k, :keep]
421
450
 
422
451
  c.desc "Image name"
423
452
  c.default_value "registry.tld/conjur-appliance-cuke-master"
424
- c.flag [ :i, :image ]
453
+ c.flag [:i, :image]
425
454
 
426
455
  c.desc "Image tag, e.g. 4.5-stable, 4.6-stable"
427
- c.flag [ :t, "image-tag"]
456
+ c.flag [:t, "image-tag"]
428
457
 
429
458
  c.desc "'docker pull' the Conjur container image"
430
459
  c.default_value true
431
- c.switch [ :pull ]
460
+ c.switch [:pull]
432
461
 
433
462
  c.desc "Specify the deb version; by default, it's read from the VERSION file"
434
- c.flag [ :v, :version ]
463
+ c.flag [:v, :version]
435
464
 
436
465
  c.desc "Specify volume for test container"
437
- c.flag [ :'volumes-from' ], :multiple => true
466
+ c.flag [:'volumes-from'], :multiple => true
438
467
 
439
468
  network_options(c)
440
469
 
441
- c.action do |global_options,cmd_options,args|
470
+ c.action do |global_options, cmd_options, args|
442
471
  raise "project-name is required" unless project_name = args.shift
443
472
  raise "test-script is required" unless test_script = args.shift
444
473
  raise "Received extra command-line arguments" if args.shift
@@ -451,7 +480,7 @@ command "test" do |c|
451
480
 
452
481
  Dir.chdir dir do
453
482
  image_tag = cmd_options["image-tag"] or raise "image-tag is required"
454
- appliance_image_id = [ cmd_options[:image], image_tag ].join(":")
483
+ appliance_image_id = [cmd_options[:image], image_tag].join(":")
455
484
  version = cmd_options[:version] || detect_version
456
485
  package_name = "conjur-#{project_name}_#{version}_amd64.deb"
457
486
  dev_package_name = "conjur-#{project_name}-dev_#{version}_amd64.deb"
@@ -459,7 +488,7 @@ command "test" do |c|
459
488
  raise "#{test_script} does not exist or is not a file" unless File.file?(test_script)
460
489
 
461
490
  begin
462
- tries ||=2
491
+ tries ||= 2
463
492
  Docker::Image.create 'fromImage' => appliance_image_id, &DebugMixin::DOCKER if cmd_options[:pull]
464
493
  rescue
465
494
  login_to_registry appliance_image_id
@@ -498,7 +527,7 @@ RUN touch /etc/service/conjur/down
498
527
  packages << dev_package_name if File.exist? dev_package_name
499
528
 
500
529
  begin
501
- tries ||=2
530
+ tries ||= 2
502
531
  appliance_image = build_test_image(appliance_image_id, project_name, packages)
503
532
  rescue
504
533
  login_to_registry appliance_image_id
@@ -519,7 +548,7 @@ RUN touch /etc/service/conjur/down
519
548
  ] + global_options[:env],
520
549
  'HostConfig' => {
521
550
  'Binds' => [
522
- [ dir, "/src/#{project_name}" ].join(':')
551
+ [dir, "/src/#{project_name}"].join(':')
523
552
  ]
524
553
  }
525
554
  }
@@ -532,16 +561,16 @@ RUN touch /etc/service/conjur/down
532
561
 
533
562
  if global_options[:'local-bundle']
534
563
  host_config['Binds']
535
- .push([ vendor_dir, "/src/#{project_name}/vendor" ].join(':'))
536
- .push([ dot_bundle_dir, "/src/#{project_name}/.bundle" ].join(':'))
564
+ .push([vendor_dir, "/src/#{project_name}/vendor"].join(':'))
565
+ .push([dot_bundle_dir, "/src/#{project_name}/.bundle"].join(':'))
537
566
  end
538
567
 
539
- container = Docker::Container.create(options.tap {|o| DebugMixin.debug_write "creating container with options #{o.inspect}"})
568
+ container = Docker::Container.create(options.tap { |o| DebugMixin.debug_write "creating container with options #{o.inspect}" })
540
569
 
541
570
  begin
542
571
  DebugMixin.debug_write "Testing #{project_name} in container #{container.id}\n"
543
572
 
544
- spawn("docker logs -f #{container.id}", [ :out, :err ] => $stderr).tap do |pid|
573
+ spawn("docker logs -f #{container.id}", [:out, :err] => $stderr).tap do |pid|
545
574
  Process.detach pid
546
575
  end
547
576
  container.start!
@@ -592,29 +621,29 @@ Once in the container, use "/opt/conjur/evoke/bin/dev-install" to install the de
592
621
  DESC
593
622
  command "sandbox" do |c|
594
623
  c.desc "Set the current working directory"
595
- c.flag [ :d, :dir ]
624
+ c.flag [:d, :dir]
596
625
 
597
626
  c.desc "Image name"
598
627
  c.default_value "registry.tld/conjur-appliance-cuke-master"
599
- c.flag [ :i, :image ]
628
+ c.flag [:i, :image]
600
629
 
601
630
  c.desc "Image tag, e.g. 4.5-stable, 4.6-stable"
602
- c.flag [ :t, "image-tag"]
631
+ c.flag [:t, "image-tag"]
603
632
 
604
633
  c.desc "Bind another source directory into the container. Use <src>:<dest>, where both are full paths."
605
- c.flag [ :"bind" ], :multiple => true
634
+ c.flag [:"bind"], :multiple => true
606
635
 
607
636
  c.desc "'docker pull' the Conjur container image"
608
637
  c.default_value false
609
- c.switch [ :pull ]
638
+ c.switch [:pull]
610
639
 
611
640
  network_options(c)
612
641
 
613
642
  c.desc "Specify volume for container"
614
- c.flag [ :'volumes-from' ], :multiple => true
643
+ c.flag [:'volumes-from'], :multiple => true
615
644
 
616
645
  c.desc "Expose a port from the container to host. Use <host>:<container>."
617
- c.flag [ :p, :port ], :multiple => true
646
+ c.flag [:p, :port], :multiple => true
618
647
 
619
648
  c.desc 'Run dev-install in /src/<project-name>'
620
649
  c.default_value false
@@ -625,9 +654,9 @@ command "sandbox" do |c|
625
654
  c.switch [:kill]
626
655
 
627
656
  c.desc 'A command to run in the sandbox'
628
- c.flag [ :c, :command ]
657
+ c.flag [:c, :command]
629
658
 
630
- c.action do |global_options,cmd_options,args|
659
+ c.action do |global_options, cmd_options, args|
631
660
  raise "Received extra command-line arguments" if args.shift
632
661
 
633
662
  dir = cmd_options[:dir] || '.'
@@ -637,11 +666,11 @@ command "sandbox" do |c|
637
666
 
638
667
  Dir.chdir dir do
639
668
  image_tag = cmd_options["image-tag"] or raise "image-tag is required"
640
- appliance_image_id = [ cmd_options[:image], image_tag ].join(":")
669
+ appliance_image_id = [cmd_options[:image], image_tag].join(":")
641
670
 
642
671
  appliance_image = if cmd_options[:pull]
643
672
  begin
644
- tries ||=2
673
+ tries ||= 2
645
674
  Docker::Image.create 'fromImage' => appliance_image_id, &DebugMixin::DOCKER if cmd_options[:pull]
646
675
  rescue
647
676
  login_to_registry appliance_image_id
@@ -671,14 +700,14 @@ command "sandbox" do |c|
671
700
 
672
701
  options['HostConfig'] = host_config = {}
673
702
  host_config['Binds'] = [
674
- [ File.expand_path(".ssh/id_rsa", ENV['HOME']), "/root/.ssh/id_rsa", 'ro' ].join(':'),
675
- [ dir, "/src/#{project_name}" ].join(':'),
703
+ [File.expand_path(".ssh/id_rsa", ENV['HOME']), "/root/.ssh/id_rsa", 'ro'].join(':'),
704
+ [dir, "/src/#{project_name}"].join(':'),
676
705
  ] + Array(cmd_options[:bind])
677
706
 
678
707
  if global_options[:'local-bundle']
679
708
  host_config['Binds']
680
- .push([ vendor_dir, "/src/#{project_name}/vendor" ].join(':'))
681
- .push([ dot_bundle_dir, "/src/#{project_name}/.bundle" ].join(':'))
709
+ .push([vendor_dir, "/src/#{project_name}/vendor"].join(':'))
710
+ .push([dot_bundle_dir, "/src/#{project_name}/.bundle"].join(':'))
682
711
  end
683
712
 
684
713
  host_config['Privileged'] = true if Docker.version['Version'] >= '1.10.0'
@@ -690,7 +719,7 @@ command "sandbox" do |c|
690
719
  port_bindings = Hash.new({})
691
720
  cmd_options[:port].each do |mapping|
692
721
  hport, cport = mapping.split(':')
693
- port_bindings["#{cport}/tcp"] = [{ 'HostPort' => hport }]
722
+ port_bindings["#{cport}/tcp"] = [{'HostPort' => hport}]
694
723
  end
695
724
  host_config['PortBindings'] = port_bindings
696
725
  end
@@ -700,7 +729,7 @@ command "sandbox" do |c|
700
729
  previous.delete(:force => true) if previous
701
730
  end
702
731
 
703
- container = Docker::Container.create(options.tap {|o| DebugMixin.debug_write "creating container with options #{o.inspect}"})
732
+ container = Docker::Container.create(options.tap { |o| DebugMixin.debug_write "creating container with options #{o.inspect}" })
704
733
  $stdout.puts container.id
705
734
  container.start!
706
735
 
@@ -736,27 +765,27 @@ DESC
736
765
  arg_name "distribution project-name"
737
766
  command "publish" do |c|
738
767
  c.desc "Set the current working directory"
739
- c.flag [ :d, :dir ]
768
+ c.flag [:d, :dir]
740
769
 
741
770
  c.desc "Specify the deb package version; by default, it's computed automatically"
742
- c.flag [ :v, :version ]
771
+ c.flag [:v, :version]
743
772
 
744
773
  c.desc "Component to publish to, either 'stable' or the name of the git branch"
745
- c.flag [ :c, :component ]
774
+ c.flag [:c, :component]
746
775
 
747
776
  c.desc "Artifactory URL to publish to"
748
777
  c.default_value "https://conjurinc.jfrog.io/conjurinc"
749
- c.flag [ :u, :url]
778
+ c.flag [:u, :url]
750
779
 
751
780
  c.desc "Artifactory Debian repo to publish package to"
752
781
  c.default_value "debian-private"
753
- c.flag [ :r, :repo]
782
+ c.flag [:r, :repo]
754
783
 
755
784
  c.desc "Artifactory RPM repo to publish package to"
756
785
  c.default_value "redhat-private"
757
786
  c.flag ['rpm-repo']
758
787
 
759
- c.action do |global_options,cmd_options,args|
788
+ c.action do |global_options, cmd_options, args|
760
789
  require 'conjur/debify/action/publish'
761
790
  raise "distribution is required" unless distribution = args.shift
762
791
  raise "project-name is required" unless project_name = args.shift
@@ -769,8 +798,8 @@ end
769
798
  desc "Auto-detect and print the repository version"
770
799
  command "detect-version" do |c|
771
800
  c.desc "Set the current working directory"
772
- c.flag [ :d, :dir ]
773
- c.action do |global_options,cmd_options,args|
801
+ c.flag [:d, :dir]
802
+ c.action do |global_options, cmd_options, args|
774
803
  raise "Received extra command-line arguments" if args.shift
775
804
 
776
805
  dir = cmd_options[:dir] || '.'
@@ -787,7 +816,7 @@ end
787
816
  desc 'Show the given configuration'
788
817
  arg_name 'configuration'
789
818
  command 'config' do |c|
790
- c.action do |_,_,args|
819
+ c.action do |_, _, args|
791
820
  raise 'no configuration provided' unless config = args.shift
792
821
  raise "Received extra command-line arguments" if args.shift
793
822
 
@@ -798,7 +827,7 @@ command 'config' do |c|
798
827
  end
799
828
 
800
829
 
801
- pre do |global,command,options,args|
830
+ pre do |global, command, options, args|
802
831
  # Pre logic here
803
832
  # Return true to proceed; false to abort and not call the
804
833
  # chosen command
@@ -807,7 +836,7 @@ pre do |global,command,options,args|
807
836
  true
808
837
  end
809
838
 
810
- post do |global,command,options,args|
839
+ post do |global, command, options, args|
811
840
  # Post logic here
812
841
  # Use skips_post before a command to skip this
813
842
  # block on that command only
@@ -1,5 +1,5 @@
1
1
  # Build from the same version of ubuntu as phusion/baseimage
2
- FROM cyberark/phusion-ruby-fips:0.11-latest
2
+ FROM cyberark/phusion-ruby-fips:latest
3
3
 
4
4
  RUN apt-get update -y && \
5
5
  apt-get dist-upgrade -y && \
@@ -8,14 +8,12 @@ RUN apt-get update -y && \
8
8
  libffi-dev \
9
9
  rpm
10
10
 
11
- RUN gem install --no-document bundler:1.17.3 \
12
- fpm
11
+ RUN gem install --no-document fpm
13
12
 
14
13
  ENV GEM_HOME /usr/local/bundle
15
14
  ENV BUNDLE_PATH="$GEM_HOME" \
16
15
  BUNDLE_BIN="$GEM_HOME/bin" \
17
- BUNDLE_SILENCE_ROOT_WARNING=1 \
18
- BUNDLE_APP_CONFIG="$GEM_HOME"
16
+ BUNDLE_SILENCE_ROOT_WARNING=1
19
17
  ENV PATH $BUNDLE_BIN:$PATH
20
18
  RUN mkdir -p "$GEM_HOME" "$BUNDLE_BIN" && \
21
19
  chmod 777 "$GEM_HOME" "$BUNDLE_BIN"
@@ -8,33 +8,52 @@ version=$1
8
8
  shift
9
9
 
10
10
  if [ -z "$project_name" ]; then
11
- echo Project name argument is required
12
- exit 1
11
+ echo Project name argument is required
12
+ exit 1
13
13
  fi
14
14
  if [ -z "$version" ]; then
15
- echo Version argument is required
16
- exit 1
15
+ echo Version argument is required
16
+ exit 1
17
17
  fi
18
18
 
19
+ for i in "$@"; do
20
+ case $i in
21
+ -ft=* | --file-type=*)
22
+ file_type="${i#*=}"
23
+ shift
24
+ ;;
25
+ esac
26
+ done
27
+
28
+ if [ -z "$file_type" ]; then
29
+ echo "No file type given. Using deb"
30
+ file_type=deb
31
+ fi
32
+
33
+ echo Project Name is $project_name
34
+ echo Version is $version
35
+ echo file_type is $file_type
36
+ echo params at the end are $@
37
+
19
38
  # Build dev package first
20
39
  prefix=/src/opt/conjur/project
21
- cp -al $prefix /dev-pkg
22
40
  cd $prefix
23
- bundle --without development test
41
+ bundle config set --local deployment 'true' && \
42
+ bundle config set --local path 'vendor/bundle' && \
43
+ bundle
44
+ cp -al $prefix /dev-pkg
45
+ bundle config set --local without 'development test'
24
46
  bundle clean
25
- cp /usr/local/bundle/config .bundle/config # bundler for some reason stores config there...
26
47
  cd /dev-pkg
27
48
  remove_matching $prefix
28
49
  bundle_clean
29
50
 
30
- if [ `ls | wc -l` -eq 0 ]; then
51
+ if [ $(ls | wc -l) -eq 0 ]; then
31
52
  echo No dev dependencies, skipping dev package
32
53
  else
33
- for file_type in deb rpm
34
- do
35
- echo "Building conjur-$project_name-dev $file_type package"
54
+ echo "Building conjur-$project_name-dev $file_type package"
36
55
 
37
- fpm \
56
+ fpm \
38
57
  -s dir \
39
58
  -t $file_type \
40
59
  -n conjur-$project_name-dev \
@@ -50,7 +69,6 @@ else
50
69
  --depends "conjur-$project_name = $version" \
51
70
  --prefix /opt/conjur/$project_name \
52
71
  --description "Conjur $project_name service - development files"
53
- done
54
72
  fi
55
73
 
56
74
  mv /src/opt/conjur/project /src/opt/conjur/$project_name
@@ -67,26 +85,23 @@ mkdir -p opt/conjur/etc
67
85
 
68
86
  [ -d opt/conjur/"$project_name"/distrib ] && mv opt/conjur/"$project_name"/distrib /
69
87
 
70
- for file_type in deb rpm
71
- do
72
- echo "Building conjur-$project_name-dev $file_type package"
88
+ echo "Building conjur-$project_name $file_type package"
73
89
 
74
- fpm \
90
+ fpm \
75
91
  -s dir \
76
92
  -t $file_type \
77
93
  -n conjur-$project_name \
78
94
  -v $version \
79
95
  -C . \
80
- --maintainer "CyberArk Software, Inc." \
81
- --vendor "CyberArk Software, Inc." \
82
- --license "Proprietary" \
83
- --url "https://www.cyberark.com" \
84
- --config-files opt/conjur/etc \
85
- --deb-no-default-config-files \
86
- --$file_type-user conjur \
87
- --$file_type-group conjur \
88
- --description "Conjur $project_name service" \
89
- "$@"
90
- done
91
-
92
- ls -al *.{deb,rpm}
96
+ --maintainer "CyberArk Software, Inc." \
97
+ --vendor "CyberArk Software, Inc." \
98
+ --license "Proprietary" \
99
+ --url "https://www.cyberark.com" \
100
+ --config-files opt/conjur/etc \
101
+ --deb-no-default-config-files \
102
+ --$file_type-user conjur \
103
+ --$file_type-group conjur \
104
+ --description "Conjur $project_name service" \
105
+ "$@"
106
+
107
+ ls -l
@@ -1,11 +1,5 @@
1
- FROM buildpack-deps:curl
1
+ FROM releases-docker.jfrog.io/jfrog/jfrog-cli:1.52.0
2
2
 
3
3
  ENV JFROG_CLI_OFFER_CONFIG=false
4
- ENV JFROG_VERSION=1.13.1
5
-
6
- RUN curl -kL \
7
- -o /usr/bin/jfrog \
8
- https://bintray.com/jfrog/jfrog-cli-go/download_file?file_path=${JFROG_VERSION}%2Fjfrog-cli-linux-amd64%2Fjfrog && \
9
- chmod +x /usr/bin/jfrog
10
4
 
11
5
  WORKDIR /src
data/publish-rubygem.sh CHANGED
@@ -1,11 +1,10 @@
1
- #!/bin/bash -e
1
+ #!/usr/bin/env bash
2
+ set -e
2
3
 
3
- docker pull registry.tld/conjurinc/publish-rubygem
4
-
5
- docker run -i --rm -v $PWD:/src -w /src alpine/git clean -fxd
4
+ docker run -i --rm -v $PWD:/src -w /src alpine/git clean -fxd \
5
+ -e VERSION \
6
+ -e bom-assets/ \
7
+ -e release-assets/
6
8
 
7
9
  summon --yaml "RUBYGEMS_API_KEY: !var rubygems/api-key" \
8
- docker run --rm --env-file @SUMMONENVFILE -v "$(pwd)":/opt/src \
9
- registry.tld/conjurinc/publish-rubygem debify
10
-
11
- docker run -i --rm -v $PWD:/src -w /src alpine/git clean -fxd
10
+ publish-rubygem debify
@@ -30,7 +30,7 @@ describe "remove_matching()", type: :aruba do
30
30
  end
31
31
 
32
32
  def remove_matching
33
- run_simple "bash -c 'source #{DEBIFY_UTILS_PATH}; cd #{herepath}; remove_matching #{therepath}'"
33
+ run_command_and_stop "bash -c 'source #{DEBIFY_UTILS_PATH}; cd #{herepath}; remove_matching #{therepath}'"
34
34
  end
35
35
 
36
36
  def here files
data/spec/utils_spec.rb CHANGED
@@ -6,7 +6,7 @@ describe 'Conjur::Debify::Utils.copy_from_container' do
6
6
  it "copies a file from the container to the current directory" do
7
7
  tar = File.read "#{__dir__}/data/test.tar"
8
8
  container = instance_double Docker::Container
9
- allow(container).to receive(:copy).with "/tmp/test.tar" do |&b|
9
+ allow(container).to receive(:archive_out).with "/tmp/test.tar" do |&b|
10
10
  StringIO.new(tar).each(nil, 512) do |c|
11
11
  # docker api sends three arguments, so emulate that
12
12
  b[c, nil, nil]
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: conjur-debify
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.12.0
4
+ version: 2.1.1.pre.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - CyberArk Software, Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-11-17 00:00:00.000000000 Z
11
+ date: 2022-01-06 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: gli
@@ -30,14 +30,14 @@ dependencies:
30
30
  requirements:
31
31
  - - "~>"
32
32
  - !ruby/object:Gem::Version
33
- version: '1.33'
33
+ version: '2.0'
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
38
  - - "~>"
39
39
  - !ruby/object:Gem::Version
40
- version: '1.33'
40
+ version: '2.0'
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: conjur-cli
43
43
  requirement: !ruby/object:Gem::Requirement
@@ -70,16 +70,16 @@ dependencies:
70
70
  name: bundler
71
71
  requirement: !ruby/object:Gem::Requirement
72
72
  requirements:
73
- - - "~>"
73
+ - - ">="
74
74
  - !ruby/object:Gem::Version
75
- version: '1.7'
75
+ version: 2.2.30
76
76
  type: :development
77
77
  prerelease: false
78
78
  version_requirements: !ruby/object:Gem::Requirement
79
79
  requirements:
80
- - - "~>"
80
+ - - ">="
81
81
  - !ruby/object:Gem::Version
82
- version: '1.7'
82
+ version: 2.2.30
83
83
  - !ruby/object:Gem::Dependency
84
84
  name: fakefs
85
85
  requirement: !ruby/object:Gem::Requirement
@@ -100,14 +100,14 @@ dependencies:
100
100
  requirements:
101
101
  - - "~>"
102
102
  - !ruby/object:Gem::Version
103
- version: 12.3.3
103
+ version: '13.0'
104
104
  type: :development
105
105
  prerelease: false
106
106
  version_requirements: !ruby/object:Gem::Requirement
107
107
  requirements:
108
108
  - - "~>"
109
109
  - !ruby/object:Gem::Version
110
- version: 12.3.3
110
+ version: '13.0'
111
111
  - !ruby/object:Gem::Dependency
112
112
  name: cucumber
113
113
  requirement: !ruby/object:Gem::Requirement
@@ -128,14 +128,14 @@ dependencies:
128
128
  requirements:
129
129
  - - "~>"
130
130
  - !ruby/object:Gem::Version
131
- version: '0.14'
131
+ version: '1.0'
132
132
  type: :development
133
133
  prerelease: false
134
134
  version_requirements: !ruby/object:Gem::Requirement
135
135
  requirements:
136
136
  - - "~>"
137
137
  - !ruby/object:Gem::Version
138
- version: '0.14'
138
+ version: '1.0'
139
139
  - !ruby/object:Gem::Dependency
140
140
  name: rspec
141
141
  requirement: !ruby/object:Gem::Requirement
@@ -246,11 +246,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
246
246
  version: '0'
247
247
  required_rubygems_version: !ruby/object:Gem::Requirement
248
248
  requirements:
249
- - - ">="
249
+ - - ">"
250
250
  - !ruby/object:Gem::Version
251
- version: '0'
251
+ version: 1.3.1
252
252
  requirements: []
253
- rubygems_version: 3.1.2
253
+ rubyforge_project:
254
+ rubygems_version: 2.7.6.2
254
255
  signing_key:
255
256
  specification_version: 4
256
257
  summary: Utility commands to build and package Conjur services as Debian packages