conjur-debify 3.0.0.pre.1118 → 3.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.dockerignore +1 -0
- data/.gitignore +22 -0
- data/.project +18 -0
- data/.rvmrc +60 -0
- data/CHANGELOG.md +246 -0
- data/CONTRIBUTING.md +16 -0
- data/Dockerfile +33 -0
- data/Gemfile +2 -0
- data/Jenkinsfile +116 -0
- data/LICENSE.txt +22 -0
- data/README.md +303 -0
- data/Rakefile +75 -0
- data/VERSION +1 -1
- data/bin/debify +5 -0
- data/build.sh +8 -0
- data/ci/test.sh +8 -0
- data/debify.gemspec +36 -0
- data/distrib/conjur_creds.rb +7 -0
- data/distrib/docker-debify +50 -0
- data/distrib/entrypoint.sh +19 -0
- data/distrib/script +1 -0
- data/distrib/secrets +1 -0
- data/distrib/secrets.yml +2 -0
- data/example/Gemfile +9 -0
- data/example/Gemfile.lock +32 -0
- data/example/debify.sh +3 -0
- data/example/distrib/postinstall.sh +8 -0
- data/example/docker-compose.yml +11 -0
- data/example/net-test.sh +7 -0
- data/example/test.sh +4 -0
- data/features/detect_version.feature +12 -0
- data/features/package.feature +23 -0
- data/features/sandbox.feature +23 -0
- data/features/step_definitions/debify_steps.rb +29 -0
- data/features/support/env.rb +12 -0
- data/features/support/hooks.rb +29 -0
- data/features/support/world.rb +10 -0
- data/features/test.feature +24 -0
- data/image-tags +23 -0
- data/lib/conjur/debify/Dockerfile.fpm +13 -0
- data/lib/conjur/debify/action/publish.rb +136 -0
- data/lib/conjur/debify/utils.rb +16 -0
- data/lib/conjur/debify/version.rb +5 -0
- data/lib/conjur/debify.rb +850 -0
- data/lib/conjur/fpm/Dockerfile +26 -0
- data/lib/conjur/fpm/debify_utils.sh +32 -0
- data/lib/conjur/fpm/package.sh +107 -0
- data/lib/conjur/publish/Dockerfile +5 -0
- data/publish-rubygem.sh +10 -0
- data/push-image.sh +6 -0
- data/secrets.yml +3 -0
- data/spec/action/publish_spec.rb +54 -0
- data/spec/data/Makefile +5 -0
- data/spec/data/test.tar +0 -0
- data/spec/debify_utils_spec.rb +55 -0
- data/spec/spec_helper.rb +1 -0
- data/spec/utils_spec.rb +22 -0
- data/tag-image.sh +6 -0
- data/test.sh +6 -0
- metadata +80 -7
@@ -0,0 +1,26 @@
|
|
1
|
+
# Build from the same version of ubuntu as phusion/baseimage
|
2
|
+
FROM cyberark/phusion-ruby-fips:latest
|
3
|
+
|
4
|
+
RUN apt-get update -y && \
|
5
|
+
apt-get dist-upgrade -y && \
|
6
|
+
apt-get install -y build-essential \
|
7
|
+
git \
|
8
|
+
libffi-dev \
|
9
|
+
rpm
|
10
|
+
|
11
|
+
RUN gem install --no-document fpm
|
12
|
+
|
13
|
+
ENV GEM_HOME /usr/local/bundle
|
14
|
+
ENV BUNDLE_PATH="$GEM_HOME" \
|
15
|
+
BUNDLE_BIN="$GEM_HOME/bin" \
|
16
|
+
BUNDLE_SILENCE_ROOT_WARNING=1
|
17
|
+
ENV PATH $BUNDLE_BIN:$PATH
|
18
|
+
RUN mkdir -p "$GEM_HOME" "$BUNDLE_BIN" && \
|
19
|
+
chmod 777 "$GEM_HOME" "$BUNDLE_BIN"
|
20
|
+
|
21
|
+
RUN mkdir /src
|
22
|
+
|
23
|
+
ENTRYPOINT [ "/package.sh" ]
|
24
|
+
|
25
|
+
COPY debify_utils.sh /
|
26
|
+
COPY package.sh /
|
@@ -0,0 +1,32 @@
|
|
1
|
+
function bundle_clean() {
|
2
|
+
ruby_version="$(ruby -v | grep -o '[0-9]\.[0-9]\.[0-9]')"
|
3
|
+
|
4
|
+
if [ -d vendor/bundle ]; then
|
5
|
+
chmod og+r -R vendor/bundle # some gems have broken perms
|
6
|
+
|
7
|
+
# some cleanup
|
8
|
+
rm -rf vendor/bundle/ruby/${ruby_version}/cache
|
9
|
+
rm -rf vendor/bundle/ruby/${ruby_version}/gems/*/{test,spec,examples,example,contrib,doc,ext,sample}
|
10
|
+
fi
|
11
|
+
}
|
12
|
+
|
13
|
+
# Remove files from the current directory that also exist in another given
|
14
|
+
# directory. For example, say in the current directory there is:
|
15
|
+
# foo
|
16
|
+
# bar/baz
|
17
|
+
# bar/xyzzy
|
18
|
+
# bacon
|
19
|
+
# people/phlebas
|
20
|
+
# and in dir2 there is
|
21
|
+
# bacon
|
22
|
+
# alice
|
23
|
+
# people/phlebas
|
24
|
+
# bar/xyzzy
|
25
|
+
# then after running `remove_matching dir2` current directory will be left with only:
|
26
|
+
# foo
|
27
|
+
# bar/baz
|
28
|
+
# Note it probably isn't 100% fool-proof, so don't launch it out to space or something.
|
29
|
+
function remove_matching() {
|
30
|
+
find "$1" -type f -print0 | sed -ze "s@^$1@.@" | xargs -0 rm -f
|
31
|
+
find . -type d -empty -delete
|
32
|
+
}
|
@@ -0,0 +1,107 @@
|
|
1
|
+
#!/bin/bash -ex
|
2
|
+
|
3
|
+
source /debify_utils.sh
|
4
|
+
|
5
|
+
project_name=$1
|
6
|
+
shift
|
7
|
+
version=$1
|
8
|
+
shift
|
9
|
+
|
10
|
+
if [ -z "$project_name" ]; then
|
11
|
+
echo Project name argument is required
|
12
|
+
exit 1
|
13
|
+
fi
|
14
|
+
if [ -z "$version" ]; then
|
15
|
+
echo Version argument is required
|
16
|
+
exit 1
|
17
|
+
fi
|
18
|
+
|
19
|
+
for i in "$@"; do
|
20
|
+
case $i in
|
21
|
+
-ft=* | --file-type=*)
|
22
|
+
file_type="${i#*=}"
|
23
|
+
shift
|
24
|
+
;;
|
25
|
+
esac
|
26
|
+
done
|
27
|
+
|
28
|
+
if [ -z "$file_type" ]; then
|
29
|
+
echo "No file type given. Using deb"
|
30
|
+
file_type=deb
|
31
|
+
fi
|
32
|
+
|
33
|
+
echo Project Name is $project_name
|
34
|
+
echo Version is $version
|
35
|
+
echo file_type is $file_type
|
36
|
+
echo params at the end are $@
|
37
|
+
|
38
|
+
# Build dev package first
|
39
|
+
prefix=/src/opt/conjur/project
|
40
|
+
cd $prefix
|
41
|
+
bundle config set --local deployment 'true' && \
|
42
|
+
bundle config set --local path 'vendor/bundle' && \
|
43
|
+
bundle
|
44
|
+
cp -al $prefix /dev-pkg
|
45
|
+
bundle config set --local without 'development test'
|
46
|
+
bundle clean
|
47
|
+
cd /dev-pkg
|
48
|
+
remove_matching $prefix
|
49
|
+
bundle_clean
|
50
|
+
|
51
|
+
if [ $(ls | wc -l) -eq 0 ]; then
|
52
|
+
echo No dev dependencies, skipping dev package
|
53
|
+
else
|
54
|
+
echo "Building conjur-$project_name-dev $file_type package"
|
55
|
+
|
56
|
+
fpm \
|
57
|
+
-s dir \
|
58
|
+
-t $file_type \
|
59
|
+
-n conjur-$project_name-dev \
|
60
|
+
-v $version \
|
61
|
+
-C . \
|
62
|
+
--maintainer "CyberArk Software, Inc." \
|
63
|
+
--vendor "CyberArk Software, Inc." \
|
64
|
+
--license "Proprietary" \
|
65
|
+
--url "https://www.cyberark.com" \
|
66
|
+
--deb-no-default-config-files \
|
67
|
+
--$file_type-user conjur \
|
68
|
+
--$file_type-group conjur \
|
69
|
+
--depends "conjur-$project_name = $version" \
|
70
|
+
--prefix /opt/conjur/$project_name \
|
71
|
+
--description "Conjur $project_name service - development files"
|
72
|
+
fi
|
73
|
+
|
74
|
+
mv /src/opt/conjur/project /src/opt/conjur/$project_name
|
75
|
+
|
76
|
+
cd /src/opt/conjur/$project_name
|
77
|
+
|
78
|
+
bundle_clean
|
79
|
+
|
80
|
+
cd /src
|
81
|
+
|
82
|
+
mkdir -p opt/conjur/etc
|
83
|
+
|
84
|
+
/debify.sh
|
85
|
+
|
86
|
+
[ -d opt/conjur/"$project_name"/distrib ] && mv opt/conjur/"$project_name"/distrib /
|
87
|
+
|
88
|
+
echo "Building conjur-$project_name $file_type package"
|
89
|
+
|
90
|
+
fpm \
|
91
|
+
-s dir \
|
92
|
+
-t $file_type \
|
93
|
+
-n conjur-$project_name \
|
94
|
+
-v $version \
|
95
|
+
-C . \
|
96
|
+
--maintainer "CyberArk Software, Inc." \
|
97
|
+
--vendor "CyberArk Software, Inc." \
|
98
|
+
--license "Proprietary" \
|
99
|
+
--url "https://www.cyberark.com" \
|
100
|
+
--config-files opt/conjur/etc \
|
101
|
+
--deb-no-default-config-files \
|
102
|
+
--$file_type-user conjur \
|
103
|
+
--$file_type-group conjur \
|
104
|
+
--description "Conjur $project_name service" \
|
105
|
+
"$@"
|
106
|
+
|
107
|
+
ls -l
|
data/publish-rubygem.sh
ADDED
data/push-image.sh
ADDED
data/secrets.yml
ADDED
@@ -0,0 +1,54 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'conjur/debify/action/publish'
|
3
|
+
|
4
|
+
describe Conjur::Debify::Action::Publish do
|
5
|
+
|
6
|
+
let (:cmd_options) {
|
7
|
+
{
|
8
|
+
:version => '1.0.0',
|
9
|
+
:component => 'stable'
|
10
|
+
}
|
11
|
+
}
|
12
|
+
|
13
|
+
let (:action) { Conjur::Debify::Action::Publish.new('dist', 'proj', cmd_options) }
|
14
|
+
|
15
|
+
before do
|
16
|
+
allow(DebugMixin).to receive(:debug_write)
|
17
|
+
|
18
|
+
allow(action).to receive(:create_image).and_return(double('publish_image', :id => 'a1b2c3d4'))
|
19
|
+
end
|
20
|
+
|
21
|
+
context 'with artifactory creds in the environment' do
|
22
|
+
|
23
|
+
before do
|
24
|
+
ENV['ARTIFACTORY_USER'] = 'art_user'
|
25
|
+
ENV['ARTIFACTORY_PASSWORD'] = 'art_password'
|
26
|
+
end
|
27
|
+
|
28
|
+
after do
|
29
|
+
ENV.delete('ARTIFACTORY_USER')
|
30
|
+
ENV.delete('ARTIFACTORY_PASSWORD')
|
31
|
+
end
|
32
|
+
|
33
|
+
it 'runs' do
|
34
|
+
expect(action).to receive(:publish).twice
|
35
|
+
|
36
|
+
action.run
|
37
|
+
end
|
38
|
+
|
39
|
+
end
|
40
|
+
|
41
|
+
context 'without artifactory creds in the environment' do
|
42
|
+
|
43
|
+
it 'runs' do
|
44
|
+
expect(action).to receive(:fetch_art_creds)
|
45
|
+
expect(action).to receive(:publish).twice
|
46
|
+
|
47
|
+
action.run
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
end
|
52
|
+
|
53
|
+
|
54
|
+
|
data/spec/data/Makefile
ADDED
data/spec/data/test.tar
ADDED
Binary file
|
@@ -0,0 +1,55 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'aruba/rspec'
|
3
|
+
|
4
|
+
Aruba.configure do |c|
|
5
|
+
c.activate_announcer_on_command_failure = %i(stderr stdout)
|
6
|
+
end
|
7
|
+
|
8
|
+
describe "remove_matching()", type: :aruba do
|
9
|
+
it "removes matching files" do
|
10
|
+
here %w(foo bar/baz bar/xyzzy zork)
|
11
|
+
there %w(foo bar/baz not)
|
12
|
+
remove_matching
|
13
|
+
expect(contents_of herepath).to match_array %w(zork bar bar/xyzzy)
|
14
|
+
end
|
15
|
+
|
16
|
+
it "also handles files with spaces in names" do
|
17
|
+
here ['foo', 'bar/baz', 'with space', 'with', 'bar/another space']
|
18
|
+
there ['with space', 'bar/another space here']
|
19
|
+
remove_matching
|
20
|
+
expect(contents_of herepath).to match_array ['foo', 'bar', 'bar/baz', 'with', 'bar/another space']
|
21
|
+
end
|
22
|
+
|
23
|
+
# auxiliary methods and setup
|
24
|
+
let(:herepath) { Pathname.new Dir.mktmpdir }
|
25
|
+
let(:therepath) { Pathname.new Dir.mktmpdir }
|
26
|
+
after { [herepath, therepath].each &FileUtils.method(:remove_entry) }
|
27
|
+
|
28
|
+
def contents_of dir
|
29
|
+
Dir.chdir(dir) { Dir['**/*'] }
|
30
|
+
end
|
31
|
+
|
32
|
+
def remove_matching
|
33
|
+
run_command_and_stop "bash -c 'source #{DEBIFY_UTILS_PATH}; cd #{herepath}; remove_matching #{therepath}'"
|
34
|
+
end
|
35
|
+
|
36
|
+
def here files
|
37
|
+
mkfiles herepath, files
|
38
|
+
end
|
39
|
+
|
40
|
+
def there files
|
41
|
+
mkfiles therepath, files
|
42
|
+
end
|
43
|
+
|
44
|
+
def mkfiles dir, files
|
45
|
+
return dir if files.empty?
|
46
|
+
files.each do |path|
|
47
|
+
fullpath = dir + path
|
48
|
+
FileUtils.makedirs fullpath.dirname
|
49
|
+
FileUtils.touch fullpath
|
50
|
+
end
|
51
|
+
end
|
52
|
+
|
53
|
+
DEBIFY_UTILS_PATH = File.expand_path '../../lib/conjur/fpm/debify_utils.sh', __FILE__
|
54
|
+
end
|
55
|
+
|
data/spec/spec_helper.rb
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
require 'conjur/debify'
|
data/spec/utils_spec.rb
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
require 'fakefs/safe'
|
2
|
+
|
3
|
+
require 'conjur/debify/utils'
|
4
|
+
|
5
|
+
describe 'Conjur::Debify::Utils.copy_from_container' do
|
6
|
+
it "copies a file from the container to the current directory" do
|
7
|
+
tar = File.read "#{__dir__}/data/test.tar"
|
8
|
+
container = instance_double Docker::Container
|
9
|
+
allow(container).to receive(:archive_out).with "/tmp/test.tar" do |&b|
|
10
|
+
StringIO.new(tar).each(nil, 512) do |c|
|
11
|
+
# docker api sends three arguments, so emulate that
|
12
|
+
b[c, nil, nil]
|
13
|
+
end
|
14
|
+
end
|
15
|
+
|
16
|
+
FakeFS do
|
17
|
+
Conjur::Debify::Utils.copy_from_container container, "/tmp/test.tar"
|
18
|
+
expect(File.read 'test.txt').to eq "this is a test\n"
|
19
|
+
end
|
20
|
+
end
|
21
|
+
end
|
22
|
+
|
data/tag-image.sh
ADDED
data/test.sh
ADDED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: conjur-debify
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.0.0
|
4
|
+
version: 3.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- CyberArk Software, Inc.
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-02-09 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: gli
|
@@ -167,11 +167,70 @@ dependencies:
|
|
167
167
|
description:
|
168
168
|
email:
|
169
169
|
- conj_maintainers@cyberark.com
|
170
|
-
executables:
|
170
|
+
executables:
|
171
|
+
- debify
|
171
172
|
extensions: []
|
172
173
|
extra_rdoc_files: []
|
173
174
|
files:
|
175
|
+
- ".dockerignore"
|
176
|
+
- ".gitignore"
|
177
|
+
- ".project"
|
178
|
+
- ".rvmrc"
|
179
|
+
- CHANGELOG.md
|
180
|
+
- CONTRIBUTING.md
|
181
|
+
- Dockerfile
|
182
|
+
- Gemfile
|
183
|
+
- Jenkinsfile
|
184
|
+
- LICENSE.txt
|
185
|
+
- README.md
|
186
|
+
- Rakefile
|
174
187
|
- VERSION
|
188
|
+
- bin/debify
|
189
|
+
- build.sh
|
190
|
+
- ci/test.sh
|
191
|
+
- debify.gemspec
|
192
|
+
- distrib/conjur_creds.rb
|
193
|
+
- distrib/docker-debify
|
194
|
+
- distrib/entrypoint.sh
|
195
|
+
- distrib/script
|
196
|
+
- distrib/secrets
|
197
|
+
- distrib/secrets.yml
|
198
|
+
- example/Gemfile
|
199
|
+
- example/Gemfile.lock
|
200
|
+
- example/debify.sh
|
201
|
+
- example/distrib/postinstall.sh
|
202
|
+
- example/docker-compose.yml
|
203
|
+
- example/net-test.sh
|
204
|
+
- example/test.sh
|
205
|
+
- features/detect_version.feature
|
206
|
+
- features/package.feature
|
207
|
+
- features/sandbox.feature
|
208
|
+
- features/step_definitions/debify_steps.rb
|
209
|
+
- features/support/env.rb
|
210
|
+
- features/support/hooks.rb
|
211
|
+
- features/support/world.rb
|
212
|
+
- features/test.feature
|
213
|
+
- image-tags
|
214
|
+
- lib/conjur/debify.rb
|
215
|
+
- lib/conjur/debify/Dockerfile.fpm
|
216
|
+
- lib/conjur/debify/action/publish.rb
|
217
|
+
- lib/conjur/debify/utils.rb
|
218
|
+
- lib/conjur/debify/version.rb
|
219
|
+
- lib/conjur/fpm/Dockerfile
|
220
|
+
- lib/conjur/fpm/debify_utils.sh
|
221
|
+
- lib/conjur/fpm/package.sh
|
222
|
+
- lib/conjur/publish/Dockerfile
|
223
|
+
- publish-rubygem.sh
|
224
|
+
- push-image.sh
|
225
|
+
- secrets.yml
|
226
|
+
- spec/action/publish_spec.rb
|
227
|
+
- spec/data/Makefile
|
228
|
+
- spec/data/test.tar
|
229
|
+
- spec/debify_utils_spec.rb
|
230
|
+
- spec/spec_helper.rb
|
231
|
+
- spec/utils_spec.rb
|
232
|
+
- tag-image.sh
|
233
|
+
- test.sh
|
175
234
|
homepage: https://github.com/conjurinc/debify
|
176
235
|
licenses:
|
177
236
|
- MIT
|
@@ -187,12 +246,26 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
187
246
|
version: '0'
|
188
247
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
189
248
|
requirements:
|
190
|
-
- - "
|
249
|
+
- - ">="
|
191
250
|
- !ruby/object:Gem::Version
|
192
|
-
version:
|
251
|
+
version: '0'
|
193
252
|
requirements: []
|
194
|
-
rubygems_version: 3.2.
|
253
|
+
rubygems_version: 3.2.22
|
195
254
|
signing_key:
|
196
255
|
specification_version: 4
|
197
256
|
summary: Utility commands to build and package Conjur services as Debian packages
|
198
|
-
test_files:
|
257
|
+
test_files:
|
258
|
+
- features/detect_version.feature
|
259
|
+
- features/package.feature
|
260
|
+
- features/sandbox.feature
|
261
|
+
- features/step_definitions/debify_steps.rb
|
262
|
+
- features/support/env.rb
|
263
|
+
- features/support/hooks.rb
|
264
|
+
- features/support/world.rb
|
265
|
+
- features/test.feature
|
266
|
+
- spec/action/publish_spec.rb
|
267
|
+
- spec/data/Makefile
|
268
|
+
- spec/data/test.tar
|
269
|
+
- spec/debify_utils_spec.rb
|
270
|
+
- spec/spec_helper.rb
|
271
|
+
- spec/utils_spec.rb
|