conjur-debify 3.0.3.pre.1965 → 3.0.3.pre.1971

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: bb57973a44bd19cc50287b17d5827be06557beb8aa62f45c439899e7eec4b45f
-  data.tar.gz: 6abe99e1aa7819e6bb6b106bb8e587a41b20b7a226e2b15ea61e15ff938e3c28
+  metadata.gz: dbb48a20c69ae4de07aa6be5a0812fc434862d0a6b892ac9e14307a699d4eca4
+  data.tar.gz: e49635adbf456eee2eac799f8eea2be543c27b52bcec615de92e755c47cca5e1
 SHA512:
-  metadata.gz: e2cd3cfa37fd275b6997006de154d7b7da962d75781263b04bd0f8fd8253fae89aee5e74392ba1c4b4609b47e405b116177517e90e38c696865748b97764281d
-  data.tar.gz: bb62f3194644f9b8dcf9446fede0ce73d36ae89106d78bdb785ac334af57cc0ebabb3f98ccd6ba8554b4f231af3be269aeb70df7288f4ccb643c3e0ceaec0ab5
+  metadata.gz: 51126d13fd0a308ad4d3b753cd9edbdc425069ae20a3a583d4db1d2b5e5b4dd2ed99adf1e5235235eff5c03c6fd2a9c4a2daff3e0a26b33665648da0ac9e3c3f
+  data.tar.gz: 4d78bc9be16f8b8b4f3e7d70b51fea06beef7611de142f2bba84d912f72237a872b730de52049a1c16695c7d88f533cae81d9b5e0bfcb5f3fcebbf45abdd063a

data/CHANGELOG.md

@@ -1,4 +1,6 @@
 ## [3.0.3]
+### Added
+- Allow user to specify architecture of packages (arm64 or amd64)
 
 ## [3.0.2]
 ### Changed

data/README.md

@@ -110,9 +110,10 @@ DESCRIPTION
     The distrib folder in the project source tree is intended to create scripts for package pre-install, post-install etc. The distrib folder is not
     included in the deb package, so its contents should be copied to the file system or packaged using fpm arguments.
 
-    All arguments to this command which follow the double-dash are propagated to the fpm command.
+    All arguments to this command which follow the double-dash are propagated to the fpm command. 
 
 COMMAND OPTIONS
+    -a, --architecture=arg - Set the architecture of the package; can be set to arm64 or amd64 (default: amd64)
     --additional-files=arg - Specify files to add to the FPM image that are not included from the git repo (default: none)
     -d, --dir=arg          - Set the current working directory (default: none)
     --dockerfile=arg       - Specify a custom Dockerfile.fpm (default: none)

data/VERSION

@@ -1 +1 @@
-3.0.3-1965
+3.0.3-1971

data/features/package.feature

@@ -4,20 +4,41 @@ Feature: Packaging
   Background:
     # We use version 0.0.1-suffix to verify that RPM converts dashes to underscores
     # in the version as we expect
-    Given I successfully run `env DEBUG=true GLI_DEBUG=true debify package -d ../../example -v 0.0.1-suffix example -- --post-install /distrib/postinstall.sh`
-    And I successfully run `env DEBUG=true GLI_DEBUG=true debify package -d ../../example --output rpm  -v 0.0.1-suffix example  -- --post-install /distrib/postinstall.sh`
 
-  Scenario: 'example' project can be packaged successfully
+
+  Scenario: 'example' project can be packaged successfully for amd64
+    Given I successfully run `env DEBUG=true GLI_DEBUG=true debify package -d ../../example -v 0.0.1-suffix --architecture=amd64 example -- --post-install /distrib/postinstall.sh`
+    And I successfully run `env DEBUG=true GLI_DEBUG=true debify package -d ../../example --output rpm  -v 0.0.1-suffix --architecture=amd64 example  -- --post-install /distrib/postinstall.sh`
     Then the stdout should contain "conjur-example_0.0.1-suffix_amd64.deb"
     And the stdout should contain "conjur-example-dev_0.0.1-suffix_amd64.deb"
     And the stdout should contain "conjur-example-0.0.1_suffix-1.x86_64.rpm"
     And the stdout should contain "conjur-example-dev-0.0.1_suffix-1.x86_64.rpm"
 
-  Scenario: 'clean' command will delete non-Git-managed files
+  Scenario: 'clean' command will delete non-Git-managed files for amd64
+    Given I successfully run `env DEBUG=true GLI_DEBUG=true debify package -d ../../example -v 0.0.1-suffix --architecture=amd64 example -- --post-install /distrib/postinstall.sh`
+    And I successfully run `env DEBUG=true GLI_DEBUG=true debify package -d ../../example --output rpm  -v 0.0.1-suffix --architecture=amd64 example  -- --post-install /distrib/postinstall.sh`
     When I successfully run `env DEBUG=true GLI_DEBUG=true debify clean -d ../../example --force`
     And I successfully run `find ../../example`
     Then the stdout from "find ../../example" should not contain "conjur-example_0.0.1-suffix_amd64.deb"
     And the stdout from "find ../../example" should not contain "conjur-example-0.0.1_suffix-1.x86_64.rpm"
 
+  Scenario: 'example' project can be packaged successfully for arm64
+    Given I successfully run `env DEBUG=true GLI_DEBUG=true debify package -d ../../example -v 0.0.1-suffix --architecture=aarch64 example -- --post-install /distrib/postinstall.sh`
+    And I successfully run `env DEBUG=true GLI_DEBUG=true debify package -d ../../example --output rpm  -v 0.0.1-suffix --architecture=aarch64 example  -- --post-install /distrib/postinstall.sh`
+    Then the stdout should contain "conjur-example_0.0.1-suffix_arm64.deb"
+    And the stdout should contain "conjur-example-dev_0.0.1-suffix_arm64.deb"
+    And the stdout should contain "conjur-example-0.0.1_suffix-1.aarch64.rpm"
+    And the stdout should contain "conjur-example-dev-0.0.1_suffix-1.aarch64.rpm"
+
+  Scenario: 'clean' command will delete non-Git-managed files for arm64
+    Given I successfully run `env DEBUG=true GLI_DEBUG=true debify package -d ../../example -v 0.0.1-suffix --architecture=aarch64 example -- --post-install /distrib/postinstall.sh`
+    And I successfully run `env DEBUG=true GLI_DEBUG=true debify package -d ../../example --output rpm  -v 0.0.1-suffix --architecture=aarch64 example  -- --post-install /distrib/postinstall.sh`
+    When I successfully run `env DEBUG=true GLI_DEBUG=true debify clean -d ../../example --force`
+    And I successfully run `find ../../example`
+    Then the stdout from "find ../../example" should not contain "conjur-example_0.0.1-suffix_arm64.deb"
+    And the stdout from "find ../../example" should not contain "conjur-example-0.0.1_suffix-1.aarch64.rpm"
+
   Scenario: 'example' project can be published
+    Given I successfully run `env DEBUG=true GLI_DEBUG=true debify package -d ../../example -v 0.0.1-suffix example -- --post-install /distrib/postinstall.sh`
+    And I successfully run `env DEBUG=true GLI_DEBUG=true debify package -d ../../example --output rpm  -v 0.0.1-suffix example  -- --post-install /distrib/postinstall.sh`
     When I successfully run `env DEBUG=true GLI_DEBUG=true debify publish -v 0.0.1-suffix -d ../../example 5.0 example`

data/lib/conjur/debify.rb

@@ -14,6 +14,8 @@ require 'active_support/core_ext'
 include GLI::App
 
 DEFAULT_FILE_TYPE = "deb"
+ARM64_ARCHITECTURE_NAME = "aarch64"
+AMD64_ARCHITECTURE_NAME = "amd64"
 
 config_file '.debifyrc'
 
@@ -31,24 +33,24 @@ Docker.options[:read_timeout] = 300
 module DebugMixin
   DEBUG = ENV['DEBUG'].nil? ? true : ENV['DEBUG'].downcase == 'true'
 
-  def debug *a
+  def debug(* a)
     DebugMixin.debug *a
   end
 
-  def self.debug *a
+  def self.debug(* a)
     $stderr.puts *a if DEBUG
   end
 
-  def debug_write *a
+  def debug_write(* a)
     DebugMixin.debug_write *a
   end
 
-  def self.debug_write *a
+  def self.debug_write(* a)
     $stderr.write *a if DEBUG
   end
 
   # you can give this to various docker methods to print output if debug is on
-  def self.docker_debug *a
+  def self.docker_debug(* a)
     if a.length == 2 && a[0].is_a?(Symbol)
       debug a.last
     else
@@ -91,7 +93,7 @@ def detect_version
 end
 
 def git_files
-  files = (`git ls-files -z`.split("\x0") + ['Gemfile.lock', 'VERSION']).uniq
+  files = (`git ls-files -z`.split("\x0") + %w['Gemfile.lock', 'VERSION']).uniq
   # Since submodule directories are listed, but are not files, we remove them.
   # Currently, `conjur-project-config` is the only submodule in Conjur, and it
   # can safely be removed because it's a developer-only tool.  If we add another
@@ -141,7 +143,7 @@ command "clean" do |c|
   c.desc "Force file deletion even if if this doesn't look like a Jenkins environment"
   c.switch [:force]
 
-  c.action do |global_options, cmd_options, args|
+  c.action do |_, cmd_options, _|
     def looks_like_jenkins?
       require 'etc'
       Etc.getlogin == 'jenkins' && ENV['BUILD_NUMBER']
@@ -149,12 +151,12 @@ command "clean" do |c|
 
     require 'set'
     perform_deletion = cmd_options[:force] || looks_like_jenkins?
-    if !perform_deletion
+    unless perform_deletion
       $stderr.puts "No --force, and this doesn't look like Jenkins. I won't actually delete anything"
     end
-    @ignore_list = Array(cmd_options[:ignore]) + ['.', '..', '.git']
+    @ignore_list = Array(cmd_options[:ignore]) + %w['.', '..', '.git']
 
-    def ignore_file? f
+    def ignore_file?(f)
       @ignore_list.find { |ignore| f.index(ignore) == 0 }
     end
 
@@ -190,7 +192,7 @@ command "clean" do |c|
             file = "/src/#{file}"
             cmd = ["rm", "-f", file]
 
-            stdout, stderr, status = container.exec cmd, &DebugMixin::DOCKER
+            _, _, status = container.exec cmd, &DebugMixin::DOCKER
             $stderr.puts "Failed to delete #{file}" unless status == 0
           end
         ensure
@@ -262,8 +264,12 @@ command "package" do |c|
   c.default_value "latest"
   c.flag [:t, :'image-tag']
 
-  c.action do |global_options, cmd_options, args|
-    raise "project-name is required" unless project_name = args.shift
+  c.desc "Set the architecture of the package; can be set to arm64 or amd64"
+  c.default_value AMD64_ARCHITECTURE_NAME
+  c.flag [:a, :architecture]
+
+  c.action do |_, cmd_options, args|
+    raise "project-name is required" unless (project_name = args.shift)
 
     fpm_args = []
     if (delimeter = args.shift) == '--'
@@ -333,36 +339,33 @@ command "package" do |c|
       file_type = cmd_options[:output] || DEFAULT_FILE_TYPE
       container_cmd_options << "--file-type=#{file_type}"
 
+      # Set the architecture of the package
+      architecture = cmd_options[:architecture] || AMD64_ARCHITECTURE_NAME
+      if architecture != AMD64_ARCHITECTURE_NAME && architecture != ARM64_ARCHITECTURE_NAME
+        raise "Unsupported architecture type: #{architecture}, choose one of the following: #{AMD64_ARCHITECTURE_NAME}, #{ARM64_ARCHITECTURE_NAME}"
+      end
+      container_cmd_options << "--architecture=#{architecture}"
+
       options = {
         'Cmd' => container_cmd_options + fpm_args,
         'Image' => image.id
       }
       options['Privileged'] = true if Docker.version['Version'] >= '1.10.0'
 
+      file_path, dev_file_path = determine_file_path(file_type, architecture, project_name, version)
+
       container = Docker::Container.create options
       begin
         DebugMixin.debug_write "Packaging #{project_name} in container #{container.id}\n"
-        container.tap(&:start!).streaming_logs(follow: true, stdout: true, stderr: true) { |stream, chunk| $stderr.puts "#{chunk}" }
+        container.tap(&:start!).streaming_logs(follow: true, stdout: true, stderr: true) { |_, chunk| $stderr.puts "#{chunk}" }
         status = container.wait
         raise "Failed to package #{project_name}" unless status['StatusCode'] == 0
 
-        if file_type == "deb"
-          # Copy deb packages
-          copy_packages_from_container(
-            container,
-            "conjur-#{project_name}_#{version}_amd64.deb",
-            "conjur-#{project_name}-dev_#{version}_amd64.deb"
-          )
-        elsif file_type == "rpm"
-          # Copy rpm packages
-          # The rpm builder replaces dashes with underscores in the version
-          rpm_version = version.tr('-', '_')
-          copy_packages_from_container(
-            container,
-            "conjur-#{project_name}-#{rpm_version}-1.x86_64.rpm",
-            "conjur-#{project_name}-dev-#{rpm_version}-1.x86_64.rpm"
-          )
-        end
+        copy_packages_from_container(
+          container,
+          file_path,
+          dev_file_path
+        )
       ensure
         container.delete(force: true)
       end
@@ -370,13 +373,40 @@ command "package" do |c|
   end
 end
 
-def container_command container, *args
-  stdout, stderr, exitcode = container.exec args, &DebugMixin::DOCKER
+def determine_file_path(file_type, architecture, project_name, version)
+  if file_type == "deb"
+    if architecture == ARM64_ARCHITECTURE_NAME
+      architecture = "arm64"
+    end
+
+    file_path = "conjur-#{project_name}_#{version}_#{architecture}.#{file_type}"
+    dev_file_path = "conjur-#{project_name}-dev_#{version}_#{architecture}.#{file_type}"
+
+  elsif file_type == "rpm"
+    if architecture == AMD64_ARCHITECTURE_NAME
+      architecture = "x86_64"
+    end
+
+    # The rpm builder replaces dashes with underscores in the version
+    version = version.tr('-', '_')
+
+    file_path = "conjur-#{project_name}-#{version}-1.#{architecture}.#{file_type}"
+    dev_file_path = "conjur-#{project_name}-dev-#{version}-1.#{architecture}.#{file_type}"
+
+  else
+    raise "Unrecognized file type: #{file_type}, must be one of the following: deb, rpm"
+  end
+
+  [file_path, dev_file_path]
+end
+
+def container_command(container, *args)
+  stdout, _, exitcode = container.exec args, &DebugMixin::DOCKER
   exit_now! "Command failed : #{args.join(' ')}", exitcode unless exitcode == 0
   stdout
 end
 
-def wait_for_conjur appliance_image, container
+def wait_for_conjur(container)
   container_command container, '/opt/conjur/evoke/bin/wait_for_conjur'
 rescue
   $stderr.puts container.logs(stdout: true, stderr: true)
@@ -480,8 +510,8 @@ command "test" do |c|
   network_options(c)
 
   c.action do |global_options, cmd_options, args|
-    raise "project-name is required" unless project_name = args.shift
-    raise "test-script is required" unless test_script = args.shift
+    raise "project-name is required" unless (project_name = args.shift)
+    raise "test-script is required" unless (test_script = args.shift)
     raise "Received extra command-line arguments" if args.shift
 
     dir = cmd_options[:dir] || '.'
@@ -553,7 +583,7 @@ RUN touch /etc/service/conjur/down
       options = {
         'Image' => appliance_image.id,
         'name' => project_name,
-        'Env' => [
+        'Env' => %w[
           "CONJUR_AUTHN_LOGIN=admin",
           "CONJUR_ENV=appliance",
           "CONJUR_AUTHN_API_KEY=SEcret12!!!!",
@@ -590,9 +620,9 @@ RUN touch /etc/service/conjur/down
 
         # Wait for pg/main so that migrations can run
         30.times do
-          stdout, stderr, exitcode = container.exec %w(sv status pg/main), &DebugMixin::DOCKER
+          stdout, _, exitcode = container.exec %w(sv status pg/main), &DebugMixin::DOCKER
           status = stdout.join
-          break if exitcode == 0 && status =~ /^run\:/
+          break if exitcode == 0 && status =~ /^run/
           sleep 1
         end
 
@@ -607,7 +637,7 @@ RUN touch /etc/service/conjur/down
 
         container_command container, "rm", "/etc/service/conjur/down"
         container_command container, "sv", "start", "conjur"
-        wait_for_conjur appliance_image, container
+        wait_for_conjur container
 
         system "./#{test_script} #{container.id}"
         exit_now! "#{test_script} failed with exit code #{$?.exitstatus}", $?.exitstatus unless $?.exitstatus == 0
@@ -703,7 +733,7 @@ command "sandbox" do |c|
         'name' => "#{project_name}-sandbox",
         'Image' => appliance_image.id,
         'WorkingDir' => "/src/#{project_name}",
-        'Env' => [
+        'Env' => %w[
           "CONJUR_AUTHN_LOGIN=admin",
           "CONJUR_ENV=appliance",
           "CONJUR_AUTHN_API_KEY=SEcret12!!!!",
@@ -746,7 +776,7 @@ command "sandbox" do |c|
       $stdout.puts container.id
       container.start!
 
-      wait_for_conjur appliance_image, container
+      wait_for_conjur container
 
       if cmd_options[:'dev-install']
         container_command(container, "/opt/conjur/evoke/bin/dev-install", project_name)
@@ -798,10 +828,10 @@ command "publish" do |c|
   c.default_value "redhat-private"
   c.flag ['rpm-repo']
 
-  c.action do |global_options, cmd_options, args|
+  c.action do |_, cmd_options, args|
     require 'conjur/debify/action/publish'
-    raise "distribution is required" unless distribution = args.shift
-    raise "project-name is required" unless project_name = args.shift
+    raise "distribution is required" unless (distribution = args.shift)
+    raise "project-name is required" unless (project_name = args.shift)
     raise "Received extra command-line arguments" if args.shift
 
     Conjur::Debify::Action::Publish.new(distribution, project_name, cmd_options).run
@@ -812,7 +842,7 @@ desc "Auto-detect and print the repository version"
 command "detect-version" do |c|
   c.desc "Set the current working directory"
   c.flag [:d, :dir]
-  c.action do |global_options, cmd_options, args|
+  c.action do |_, cmd_options, args|
     raise "Received extra command-line arguments" if args.shift
 
     dir = cmd_options[:dir] || '.'
@@ -830,7 +860,7 @@ desc 'Show the given configuration'
 arg_name 'configuration'
 command 'config' do |c|
   c.action do |_, _, args|
-    raise 'no configuration provided' unless config = args.shift
+    raise 'no configuration provided' unless (config = args.shift)
     raise "Received extra command-line arguments" if args.shift
 
     File.open(File.join('distrib', config)).each do |line|
@@ -838,25 +868,3 @@ command 'config' do |c|
     end
   end
 end
-
-
-pre do |global, command, options, args|
-  # Pre logic here
-  # Return true to proceed; false to abort and not call the
-  # chosen command
-  # Use skips_pre before a command to skip this block
-  # on that command only
-  true
-end
-
-post do |global, command, options, args|
-  # Post logic here
-  # Use skips_post before a command to skip this
-  # block on that command only
-end
-
-on_error do |exception|
-  # Error logic here
-  # return false to skip default error handling
-  true
-end

data/lib/conjur/fpm/package.sh

@@ -22,6 +22,10 @@ for i in "$@"; do
     file_type="${i#*=}"
     shift
     ;;
+  --architecture=*)
+    architecture="${i#*=}"
+    shift
+    ;;
   esac
 done
 
@@ -30,9 +34,15 @@ if [ -z "$file_type" ]; then
   file_type=deb
 fi
 
+if [ -z "$architecture" ]; then
+  echo "No architecture given. Using amd64"
+  file_type=amd64
+fi
+
 echo Project Name is $project_name
 echo Version is $version
 echo file_type is $file_type
+echo architecture is $architecture
 echo params at the end are $@
 
 # Build dev package first
@@ -56,6 +66,7 @@ else
   fpm \
     -s dir \
     -t $file_type \
+    -a $architecture \
     -n conjur-$project_name-dev \
     -v $version \
     -C . \
@@ -91,6 +102,7 @@ echo "Building conjur-$project_name $file_type package"
 fpm \
   -s dir \
   -t $file_type \
+  -a $architecture \
   -n conjur-$project_name \
   -v $version \
   -C . \

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: conjur-debify
 version: !ruby/object:Gem::Version
-  version: 3.0.3.pre.1965
+  version: 3.0.3.pre.1971
 platform: ruby
 authors:
 - CyberArk Software, Inc.
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-10-27 00:00:00.000000000 Z
+date: 2023-11-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gli