conjur-debify 3.0.1.pre.1853 → 3.0.2.pre.1855
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +7 -0
- data/Dockerfile +13 -13
- data/README.md +21 -16
- data/VERSION +1 -1
- data/ci/test.sh +1 -2
- data/debify.gemspec +6 -6
- data/lib/conjur/debify.rb +15 -4
- data/lib/conjur/fpm/{Dockerfile → Dockerfile.template} +1 -2
- metadata +10 -10
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f830da6ee36396d6d06a652cf0f878078ad66cadbc4f824f7d9f92c3c339c4ad
|
4
|
+
data.tar.gz: eb226ecbf731ac75654dd47327429d7b4397e8e0ef57a3ae1460cbc343001c89
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3e3e1d5cf88484e8400559f9849c3a8e5d7d204b72bf106a8782f34c83142983d49b8374c6eef0921d1c427419b9376373fd2d90dc7144259f28d800912dfcf9
|
7
|
+
data.tar.gz: e6b27436807ac62eb9679005b9b94561f0ebef4ba524e92e237cc3f6ac262ae44e7baf03ebffbf0450aa507af7a9c5c9270cc7b608169b83a2830378b07a67dd
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,10 @@
|
|
1
|
+
## [3.0.2]
|
2
|
+
### Changed
|
3
|
+
- Allow Base Image to be configured on execution.
|
4
|
+
- Updated dependencies.
|
5
|
+
- Adapted code to reflect Docker API changes, specifying at least one stream is now required.
|
6
|
+
[conjurinc/debify#86](https://github.com/conjurinc/debify/issues/86)
|
7
|
+
|
1
8
|
## [3.0.1]
|
2
9
|
### Changed
|
3
10
|
|
data/Dockerfile
CHANGED
@@ -1,33 +1,33 @@
|
|
1
|
-
FROM ruby:3.
|
1
|
+
FROM ruby:3.2
|
2
2
|
|
3
3
|
RUN apt-get update -qq && \
|
4
|
-
apt-get
|
4
|
+
apt-get upgrade -qqy && \
|
5
5
|
apt-get install -qqy \
|
6
6
|
apt-transport-https \
|
7
7
|
ca-certificates \
|
8
|
-
curl
|
9
|
-
|
8
|
+
curl && \
|
9
|
+
apt-get clean && \
|
10
|
+
rm -rf /var/lib/apt/lists/*
|
11
|
+
|
10
12
|
# Install Docker client tools
|
11
|
-
ENV DOCKERVERSION=
|
13
|
+
ENV DOCKERVERSION=24.0.2
|
12
14
|
RUN curl -fsSLO https://download.docker.com/linux/static/stable/x86_64/docker-${DOCKERVERSION}.tgz \
|
13
15
|
&& tar xzvf docker-${DOCKERVERSION}.tgz --strip 1 \
|
14
16
|
-C /usr/local/bin docker/docker \
|
15
17
|
&& rm docker-${DOCKERVERSION}.tgz
|
16
18
|
|
17
|
-
RUN mkdir -p /debify
|
18
19
|
WORKDIR /debify
|
19
20
|
|
20
21
|
COPY . ./
|
21
22
|
|
22
|
-
RUN gem install bundler:2.
|
23
|
-
|
23
|
+
RUN gem install --no-document bundler:2.4.14 && \
|
24
|
+
gem build debify.gemspec && \
|
25
|
+
gem install --no-document -N conjur-debify-*.gem
|
24
26
|
|
25
27
|
ARG VERSION
|
26
|
-
RUN gem install -N conjur-debify-*.gem
|
27
|
-
|
28
28
|
ARG CONJUR_APPLIANCE_URL
|
29
|
-
ENV CONJUR_APPLIANCE_URL
|
30
|
-
|
31
|
-
|
29
|
+
ENV CONJUR_APPLIANCE_URL=${CONJUR_APPLIANCE_URL:-https://conjurops.itp.conjur.net} \
|
30
|
+
CONJUR_ACCOUNT=${CONJUR_ACCOUNT:-conjur} \
|
31
|
+
CONJUR_VERSION=${CONJUR_VERSION:-5}
|
32
32
|
|
33
33
|
ENTRYPOINT ["/debify/distrib/entrypoint.sh"]
|
data/README.md
CHANGED
@@ -93,7 +93,7 @@ Builds a Conjur Debian package from a Ruby gem.
|
|
93
93
|
$ debify help package
|
94
94
|
NAME
|
95
95
|
package - Build a debian package for a project
|
96
|
-
|
96
|
+
|
97
97
|
SYNOPSIS
|
98
98
|
debify [global options] package [command options] project_name -- <fpm-arguments>
|
99
99
|
b
|
@@ -110,11 +110,16 @@ DESCRIPTION
|
|
110
110
|
The distrib folder in the project source tree is intended to create scripts for package pre-install, post-install etc. The distrib folder is not
|
111
111
|
included in the deb package, so its contents should be copied to the file system or packaged using fpm arguments.
|
112
112
|
|
113
|
-
All arguments to this command which follow the double-dash are propagated to the fpm command.
|
113
|
+
All arguments to this command which follow the double-dash are propagated to the fpm command.
|
114
114
|
|
115
115
|
COMMAND OPTIONS
|
116
|
-
-
|
117
|
-
-
|
116
|
+
--additional-files=arg - Specify files to add to the FPM image that are not included from the git repo (default: none)
|
117
|
+
-d, --dir=arg - Set the current working directory (default: none)
|
118
|
+
--dockerfile=arg - Specify a custom Dockerfile.fpm (default: none)
|
119
|
+
-i, --image=arg - Image name (default: cyberark/phusion-ruby-fips)
|
120
|
+
-o, --output=arg - Set the output file type of the fpm command (e.g rpm) (default: none)
|
121
|
+
-t, --image-tag=arg - Image tag, e.g. 4.5-stable, 4.6-stable (default: latest)
|
122
|
+
-v, --version=arg - Specify the deb version; by default, it's read from the VERSION file (default: none)
|
118
123
|
```
|
119
124
|
|
120
125
|
### Example usage
|
@@ -151,7 +156,7 @@ DESCRIPTION
|
|
151
156
|
|
152
157
|
Finally, a test script from the project source tree is run, again with the container id as the program argument.
|
153
158
|
|
154
|
-
Then the Conjur container is deleted (use --keep to leave it running).
|
159
|
+
Then the Conjur container is deleted (use --keep to leave it running).
|
155
160
|
|
156
161
|
COMMAND OPTIONS
|
157
162
|
-c, --configure-script=arg - Shell script to configure the appliance before testing (default: none)
|
@@ -215,17 +220,17 @@ NAME
|
|
215
220
|
sandbox - Setup a development sandbox for a Conjur debian package in a Conjur appliance container
|
216
221
|
|
217
222
|
SYNOPSIS
|
218
|
-
debify [global options] sandbox [command options]
|
223
|
+
debify [global options] sandbox [command options]
|
219
224
|
|
220
225
|
DESCRIPTION
|
221
|
-
First, a Conjur appliance container is created and started. By default, the container image is
|
226
|
+
First, a Conjur appliance container is created and started. By default, the container image is
|
222
227
|
registry.tld/conjur-appliance-cuke-master. An image tag MUST be supplied. This image
|
223
|
-
is configured with all the CONJUR_ environment variables setup for the local environment (appliance URL,
|
228
|
+
is configured with all the CONJUR_ environment variables setup for the local environment (appliance URL,
|
224
229
|
cert path, admin username and password, etc). The project source tree is
|
225
|
-
also mounted into the container, at /src/<project-name>, where <project-name> is taken from the name of the
|
230
|
+
also mounted into the container, at /src/<project-name>, where <project-name> is taken from the name of the
|
226
231
|
current working directory.
|
227
232
|
|
228
|
-
Once in the container, use "/opt/conjur/evoke/bin/dev-install" to install the development bundle of your project.
|
233
|
+
Once in the container, use "/opt/conjur/evoke/bin/dev-install" to install the development bundle of your project.
|
229
234
|
|
230
235
|
COMMAND OPTIONS
|
231
236
|
--bind=arg - Bind another source directory into the container. Use <src>:<dest>, where both are full paths. (default: none)
|
@@ -249,12 +254,12 @@ root@7d4217655332:/src/authz# bundle exec rake db:migrate
|
|
249
254
|
|
250
255
|
## Usage with docker-compose
|
251
256
|
|
252
|
-
As of v1.10.0, both the `test` and `sandbox` subcommands support the `--net` switch.
|
257
|
+
As of v1.10.0, both the `test` and `sandbox` subcommands support the `--net` switch.
|
258
|
+
This allows you to specify a network to which the Conjur appliance container should be attached.
|
253
259
|
|
254
|
-
There are a variety of ways to make use of this feature. One
|
255
|
-
|
256
|
-
|
257
|
-
appliance container created by debify, to it.
|
260
|
+
There are a variety of ways to make use of this feature. One possibility is creating a network
|
261
|
+
using `docker network create`, then attaching both the docker-compose services, as well, as the Conjur
|
262
|
+
appliance container created by debify, to it.
|
258
263
|
|
259
264
|
As a (somewhat contrived) example, create a new docker network:
|
260
265
|
|
@@ -298,6 +303,6 @@ root@7d4217655332:/src/example# getent hosts mydb
|
|
298
303
|
|
299
304
|
## Contributing
|
300
305
|
|
301
|
-
For instructions on how to get started and
|
306
|
+
For instructions on how to get started and
|
302
307
|
descriptions of our development workflows, please see our
|
303
308
|
[contributing guide](CONTRIBUTING.md).
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
3.0.
|
1
|
+
3.0.2-1855
|
data/ci/test.sh
CHANGED
data/debify.gemspec
CHANGED
@@ -16,21 +16,21 @@ Gem::Specification.new do |spec|
|
|
16
16
|
spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
|
17
17
|
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
18
18
|
spec.require_paths = ["lib"]
|
19
|
-
|
19
|
+
|
20
20
|
spec.add_dependency "gli"
|
21
21
|
spec.add_dependency "docker-api", "~> 2.0"
|
22
22
|
spec.add_dependency "conjur-cli" , "~> 6"
|
23
23
|
spec.add_dependency "conjur-api", "~> 5.3"
|
24
|
-
spec.add_development_dependency "bundler", ">= 2.
|
25
|
-
spec.add_development_dependency "fakefs", "~> 0"
|
24
|
+
spec.add_development_dependency "bundler", ">= 2.4.14"
|
25
|
+
spec.add_development_dependency "fakefs", "~> 2.5.0"
|
26
26
|
spec.add_development_dependency "rake", "~> 13.0"
|
27
|
-
|
27
|
+
|
28
28
|
# Pin to cucumbe v2. cucumber v3 changes (breaks) the behavior of
|
29
29
|
# unmatched capture groups with \(d+). In v3, the value of such a
|
30
30
|
# group is 0 instead of nil, which breaks aruba's "I successfully
|
31
31
|
# run...." steps.
|
32
32
|
spec.add_development_dependency "cucumber", '~> 7.1'
|
33
|
-
spec.add_development_dependency "aruba", "~> 2.
|
34
|
-
spec.add_development_dependency 'rspec', '~> 3.
|
33
|
+
spec.add_development_dependency "aruba", "~> 2.1"
|
34
|
+
spec.add_development_dependency 'rspec', '~> 3.12'
|
35
35
|
spec.add_development_dependency 'ci_reporter_rspec', '~> 1.0'
|
36
36
|
end
|
data/lib/conjur/debify.rb
CHANGED
@@ -78,7 +78,7 @@ subcommand_option_handling :normal
|
|
78
78
|
arguments :strict
|
79
79
|
|
80
80
|
def detect_version
|
81
|
-
if File.
|
81
|
+
if File.exist?("VERSION") && !(base_commit = `git log --pretty='%h' VERSION | head -n 1`.strip).empty?
|
82
82
|
base_version = File.read("VERSION").strip
|
83
83
|
commits_since = `git log #{base_commit}..HEAD --pretty='%h'`.split("\n").size
|
84
84
|
hash = `git rev-parse --short HEAD`.strip
|
@@ -254,6 +254,14 @@ command "package" do |c|
|
|
254
254
|
c.desc "Specify files to add to the FPM image that are not included from the git repo"
|
255
255
|
c.flag [:'additional-files']
|
256
256
|
|
257
|
+
c.desc "Image name"
|
258
|
+
c.default_value "cyberark/phusion-ruby-fips"
|
259
|
+
c.flag [:i, :image]
|
260
|
+
|
261
|
+
c.desc "Image tag, e.g. 4.5-stable, 4.6-stable"
|
262
|
+
c.default_value "latest"
|
263
|
+
c.flag [:t, :'image-tag']
|
264
|
+
|
257
265
|
c.action do |global_options, cmd_options, args|
|
258
266
|
raise "project-name is required" unless project_name = args.shift
|
259
267
|
|
@@ -272,9 +280,13 @@ command "package" do |c|
|
|
272
280
|
additional_files = cmd_options[:'additional-files'].split(',').map(&:strip)
|
273
281
|
end
|
274
282
|
|
283
|
+
dockerfile = File.read(File.expand_path('fpm/Dockerfile.template', File.dirname(__FILE__)))
|
284
|
+
replace_image = dockerfile.gsub("@@image@@", cmd_options[:'image'] + ":" + cmd_options[:'image-tag'])
|
285
|
+
File.open(File.expand_path('fpm/Dockerfile', File.dirname(__FILE__)), "w") { |file| file.puts replace_image }
|
286
|
+
|
275
287
|
begin
|
276
288
|
tries ||= 2
|
277
|
-
fpm_image = Docker::Image.build_from_dir File.expand_path('fpm', File.dirname(__FILE__)), tag: "debify-fpm", &DebugMixin::DOCKER
|
289
|
+
fpm_image = Docker::Image.build_from_dir File.expand_path('fpm', File.dirname(__FILE__)), architecture: "x86_64", tag: "debify-fpm", &DebugMixin::DOCKER
|
278
290
|
rescue
|
279
291
|
image_id = File.readlines(File.expand_path('fpm/Dockerfile', File.dirname(__FILE__)))
|
280
292
|
.find { | line | line =~ /^FROM/ }
|
@@ -367,7 +379,7 @@ end
|
|
367
379
|
def wait_for_conjur appliance_image, container
|
368
380
|
container_command container, '/opt/conjur/evoke/bin/wait_for_conjur'
|
369
381
|
rescue
|
370
|
-
$stderr.puts container.logs
|
382
|
+
$stderr.puts container.logs(stdout: true, stderr: true)
|
371
383
|
raise
|
372
384
|
end
|
373
385
|
|
@@ -848,4 +860,3 @@ on_error do |exception|
|
|
848
860
|
# return false to skip default error handling
|
849
861
|
true
|
850
862
|
end
|
851
|
-
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: conjur-debify
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.0.
|
4
|
+
version: 3.0.2.pre.1855
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- CyberArk Software, Inc.
|
@@ -72,28 +72,28 @@ dependencies:
|
|
72
72
|
requirements:
|
73
73
|
- - ">="
|
74
74
|
- !ruby/object:Gem::Version
|
75
|
-
version: 2.
|
75
|
+
version: 2.4.14
|
76
76
|
type: :development
|
77
77
|
prerelease: false
|
78
78
|
version_requirements: !ruby/object:Gem::Requirement
|
79
79
|
requirements:
|
80
80
|
- - ">="
|
81
81
|
- !ruby/object:Gem::Version
|
82
|
-
version: 2.
|
82
|
+
version: 2.4.14
|
83
83
|
- !ruby/object:Gem::Dependency
|
84
84
|
name: fakefs
|
85
85
|
requirement: !ruby/object:Gem::Requirement
|
86
86
|
requirements:
|
87
87
|
- - "~>"
|
88
88
|
- !ruby/object:Gem::Version
|
89
|
-
version:
|
89
|
+
version: 2.5.0
|
90
90
|
type: :development
|
91
91
|
prerelease: false
|
92
92
|
version_requirements: !ruby/object:Gem::Requirement
|
93
93
|
requirements:
|
94
94
|
- - "~>"
|
95
95
|
- !ruby/object:Gem::Version
|
96
|
-
version:
|
96
|
+
version: 2.5.0
|
97
97
|
- !ruby/object:Gem::Dependency
|
98
98
|
name: rake
|
99
99
|
requirement: !ruby/object:Gem::Requirement
|
@@ -128,28 +128,28 @@ dependencies:
|
|
128
128
|
requirements:
|
129
129
|
- - "~>"
|
130
130
|
- !ruby/object:Gem::Version
|
131
|
-
version: '2.
|
131
|
+
version: '2.1'
|
132
132
|
type: :development
|
133
133
|
prerelease: false
|
134
134
|
version_requirements: !ruby/object:Gem::Requirement
|
135
135
|
requirements:
|
136
136
|
- - "~>"
|
137
137
|
- !ruby/object:Gem::Version
|
138
|
-
version: '2.
|
138
|
+
version: '2.1'
|
139
139
|
- !ruby/object:Gem::Dependency
|
140
140
|
name: rspec
|
141
141
|
requirement: !ruby/object:Gem::Requirement
|
142
142
|
requirements:
|
143
143
|
- - "~>"
|
144
144
|
- !ruby/object:Gem::Version
|
145
|
-
version: '3.
|
145
|
+
version: '3.12'
|
146
146
|
type: :development
|
147
147
|
prerelease: false
|
148
148
|
version_requirements: !ruby/object:Gem::Requirement
|
149
149
|
requirements:
|
150
150
|
- - "~>"
|
151
151
|
- !ruby/object:Gem::Version
|
152
|
-
version: '3.
|
152
|
+
version: '3.12'
|
153
153
|
- !ruby/object:Gem::Dependency
|
154
154
|
name: ci_reporter_rspec
|
155
155
|
requirement: !ruby/object:Gem::Requirement
|
@@ -217,7 +217,7 @@ files:
|
|
217
217
|
- lib/conjur/debify/action/publish.rb
|
218
218
|
- lib/conjur/debify/utils.rb
|
219
219
|
- lib/conjur/debify/version.rb
|
220
|
-
- lib/conjur/fpm/Dockerfile
|
220
|
+
- lib/conjur/fpm/Dockerfile.template
|
221
221
|
- lib/conjur/fpm/debify_utils.sh
|
222
222
|
- lib/conjur/fpm/package.sh
|
223
223
|
- lib/conjur/publish/Dockerfile
|