conjur-debify 1.7.4 → 1.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 25e7e371c95312fbb642c60bb40909bfe5f00e13
-  data.tar.gz: 3fbf7dc8fcb6fcd9ff1600f3e129a1e5839ba67b
+SHA256:
+  metadata.gz: 5b219503ab3f09f2373d24e4bac3e34bd72c2c589924129eb56de4b531eb5035
+  data.tar.gz: cf31ae9124e790229026c42137010f7cb309059e5faf1eb87bfe3586cfe25ba1
 SHA512:
-  metadata.gz: 5b937e0e09ef9b403f268a853b1ea51eb07729810454e95c4cd8b19ed830c4afc42517354feb10e7aeb5e26c1365d1eb9b84aeeeb1766fbbd23f466cf9f3f5b7
-  data.tar.gz: 8baaf6cf2589c30c888dafe41944817124d10923cc51607083e41e013a0a7f76df96e47cc44ab75f6a830c78938c4c930c0c8499531819603dfe9d2c94397044
+  metadata.gz: 90d8a3fe86a992b9789b0734d2b1438cc860b004eff656a6992790cb93668b4f0fbbe6ee2e81e0ffc3df8dda5b07271556190a0e3517286b865c7bd966efc0fb
+  data.tar.gz: 42229cbc3f2ed5b8e5e096995f5b229a5b52c5e383da102f7af8a9c0d434220a74c1c4189878aff0ab11531443921de9d9a1d2566dddb3cfe4582349781aea5f

data/CHANGELOG.md

@@ -1,3 +1,8 @@
+# 1.8.0
+
+* Added artifactory url option to `debian publish`, defaults to jfrog.io domain
+* Added artifactory repo option to `debian publish`, defaults to 'debian-private'
+
 # 1.7.4
 
 * Fix publishing support in docker-debify

data/Jenkinsfile

@@ -31,8 +31,10 @@ pipeline {
     stage('Run feature tests') {
       steps {
         sh './test.sh'
-        junit 'features/reports/*.xml'
       }
+      post { always {
+        junit 'features/reports/*.xml'
+      }}
     }
 
     stage('Push Docker image') {
@@ -78,14 +80,7 @@ pipeline {
 
   post {
     always {
-      sh 'docker run -i --rm -v $PWD:/src -w /src alpine/git clean -fxd'
-      deleteDir()
-    }
-    failure {
-      slackSend(color: 'danger', message: "${env.JOB_NAME} #${env.BUILD_NUMBER} FAILURE (<${env.BUILD_URL}|Open>)")
-    }
-    unstable {
-      slackSend(color: 'warning', message: "${env.JOB_NAME} #${env.BUILD_NUMBER} UNSTABLE (<${env.BUILD_URL}|Open>)")
+      cleanupAndNotify(currentBuild.currentResult)
     }
   }
 }

data/VERSION

@@ -1 +1 @@
-1.7.4
+1.8.0

data/ci/test.sh

@@ -3,6 +3,6 @@
 bundle
 
 for target in spec cucumber; do
-  bundle exec rake $target || true
+  bundle exec rake $target
 done
 

data/lib/conjur/debify.rb

@@ -120,30 +120,30 @@ arg_name "project-name -- <fpm-arguments>"
 command "clean" do |c|
   c.desc "Set the current working directory"
   c.flag [ :d, "dir" ]
-    
+
   c.desc "Ignore (don't delete) a file or directory"
   c.flag [ :i, :ignore ]
-  
+
   c.desc "Force file deletion even if if this doesn't look like a Jenkins environment"
   c.switch [ :force ]
-    
+
   c.action do |global_options,cmd_options,args|
     def looks_like_jenkins?
       require 'etc'
       Etc.getlogin == 'jenkins' && ENV['BUILD_NUMBER']
     end
-    
+
     require 'set'
     perform_deletion = cmd_options[:force] || looks_like_jenkins?
     if !perform_deletion
       $stderr.puts "No --force, and this doesn't look like Jenkins. I won't actually delete anything"
     end
     @ignore_list = Array(cmd_options[:ignore]) + [ '.', '..', '.git' ]
-     
+
     def ignore_file? f
       @ignore_list.find{|ignore| f.index(ignore) == 0}
     end
-       
+
     dir = cmd_options[:dir] || '.'
     dir = File.expand_path(dir)
     Dir.chdir dir do
@@ -154,7 +154,7 @@ command "clean" do |c|
       end
       find_files.compact!
       delete_files = (find_files - git_files)
-      delete_files.delete_if{|file| 
+      delete_files.delete_if{|file|
         File.directory?(file) || ignore_file?(file)
       }
       if perform_deletion
@@ -172,10 +172,10 @@ command "clean" do |c|
           container.start
           delete_files.each do |file|
             puts file
-            
+
             file = "/src/#{file}"
             cmd = [ "rm", "-f", file ]
-            
+
             stdout, stderr, status = container.exec cmd, &DebugMixin::DOCKER
             $stderr.puts "Failed to delete #{file}" unless status == 0
           end
@@ -200,39 +200,39 @@ The project directory is required to contain:
 * A Gemfile and Gemfile.lock
 * A shell script called debify.sh
 
-debify.sh is invoked by the package build process to create any custom 
-files, other than the project source tree. For example, config files can be 
+debify.sh is invoked by the package build process to create any custom
+files, other than the project source tree. For example, config files can be
 created in /opt/conjur/etc.
 
 The distrib folder in the project source tree is intended to create scripts
 for package pre-install, post-install etc. The distrib folder is not included
-in the deb package, so its contents should be copied to the file system or 
+in the deb package, so its contents should be copied to the file system or
 packaged using fpm arguments.
 
-All arguments to this command which follow the double-dash are propagated to 
+All arguments to this command which follow the double-dash are propagated to
 the fpm command.
 DESC
 arg_name "project-name -- <fpm-arguments>"
 command "package" do |c|
   c.desc "Set the current working directory"
   c.flag [ :d, "dir" ]
-  
+
   c.desc "Specify the deb version; by default, it's read from the VERSION file"
   c.flag [ :v, :version ]
 
   c.desc "Specify a custom Dockerfile.fpm"
   c.flag [ :dockerfile]
-  
+
   c.action do |global_options,cmd_options,args|
     raise "project-name is required" unless project_name = args.shift
-    
+
     fpm_args = []
     if (delimeter = args.shift) == '--'
       fpm_args = args.dup
     else
       raise "Unexpected argument '#{delimeter}'"
     end
-    
+
     dir = cmd_options[:dir] || '.'
     pwd = File.dirname(__FILE__)
 
@@ -245,7 +245,7 @@ command "package" do |c|
       dockerfile = File.read(dockerfile_path)
 
       package_name = "conjur-#{project_name}_#{version}_amd64.deb"
-      
+
       output = StringIO.new
       Gem::Package::TarWriter.new(output) do |tar|
         git_files.each do |fname|
@@ -255,7 +255,7 @@ command "package" do |c|
         tar.add_file('Dockerfile', 0640) { |tar_file| tar_file.write dockerfile.gsub("@@image@@", fpm_image.id) }
       end
       output.rewind
-        
+
       image = Docker::Image.build_from_tar output, &DebugMixin::DOCKER
 
       DebugMixin.debug_write "Built fpm image '#{image.id}' for project #{project_name}\n"
@@ -265,14 +265,14 @@ command "package" do |c|
         'Image' => image.id
       }
       options['Privileged'] = true if Docker.version['Version'] >= '1.10.0'
-      
+
       container = Docker::Container.create options
       begin
         DebugMixin.debug_write "Packaging #{project_name} in container #{container.id}\n"
         container.tap(&:start).streaming_logs(follow: true, stdout: true, stderr: true) { |stream, chunk| $stderr.puts "#{chunk}" }
         status = container.wait
         raise "Failed to package #{project_name}" unless status['StatusCode'] == 0
-        
+
         require 'rubygems/package'
         deb = StringIO.new
         container.copy("/src/#{package_name}") { |chunk| deb.write(chunk) }
@@ -312,12 +312,12 @@ password, etc). The project source tree is also mounted into the container, at
 This command then waits for Conjur to initialize and be healthy. It proceeds by
 installing the conjur-<project-name>_<version>_amd64.deb from the project working directory.
 
-Then the evoke "test-install" command is used to install the test code in the 
+Then the evoke "test-install" command is used to install the test code in the
 /src/<project-name>. Basically, the development bundle is installed and the database
 configuration (if any) is setup.
 
 Finally, a test script from the project source tree is run, again with the container
-id as the program argument. 
+id as the program argument.
 
 Then the Conjur container is deleted (use --keep to leave it running).
 DESC
@@ -333,10 +333,10 @@ command "test" do |c|
   c.desc "Image name"
   c.default_value "registry.tld/conjur-appliance-cuke-master"
   c.flag [ :i, :image ]
-  
+
   c.desc "Image tag, e.g. 4.5-stable, 4.6-stable"
   c.flag [ :t, "image-tag"]
-  
+
   c.desc "'docker pull' the Conjur container image"
   c.default_value true
   c.switch [ :pull ]
@@ -357,16 +357,16 @@ command "test" do |c|
 
     dir = cmd_options[:dir] || '.'
     dir = File.expand_path(dir)
-    
+
     raise "Directory #{dir} does not exist or is not a directory" unless File.directory?(dir)
     raise "Directory #{dir} does not contain a .deb file" unless Dir["#{dir}/*.deb"].length >= 1
-    
+
     Dir.chdir dir do
       image_tag = cmd_options["image-tag"] or raise "image-tag is required"
       appliance_image_id = [ cmd_options[:image], image_tag ].join(":")
       version = cmd_options[:version] || detect_version
       package_name = "conjur-#{project_name}_#{version}_amd64.deb"
-        
+
       raise "#{test_script} does not exist or is not a file" unless File.file?(test_script)
 
       begin
@@ -377,7 +377,7 @@ command "test" do |c|
         retry unless (tries -= 1).zero?
       end
 
-      
+
       def build_test_image(appliance_image_id, project_name, package_name)
         dockerfile = <<-DOCKERFILE
 FROM #{appliance_image_id}
@@ -411,7 +411,7 @@ RUN touch /etc/service/conjur/down
         login_to_registry appliance_image_id
         retry unless (tries -= 1).zero?
       end
-      
+
       vendor_dir = File.expand_path("tmp/debify/#{project_name}/vendor", ENV['HOME'])
       dot_bundle_dir = File.expand_path("tmp/debify/#{project_name}/.bundle", ENV['HOME'])
       FileUtils.mkdir_p vendor_dir
@@ -438,7 +438,7 @@ RUN touch /etc/service/conjur/down
       end
 
       container = Docker::Container.create(options)
-      
+
       begin
         DebugMixin.debug_write "Testing #{project_name} in container #{container.id}\n"
 
@@ -467,7 +467,7 @@ RUN touch /etc/service/conjur/down
         container_command container, "rm", "/etc/service/conjur/down"
         container_command container, "sv", "start", "conjur"
         wait_for_conjur appliance_image, container
-  
+
         system "./#{test_script} #{container.id}"
         exit_now! "#{test_script} failed with exit code #{$?.exitstatus}", $?.exitstatus unless $?.exitstatus == 0
       ensure
@@ -496,13 +496,13 @@ command "sandbox" do |c|
   c.desc "Image name"
   c.default_value "registry.tld/conjur-appliance-cuke-master"
   c.flag [ :i, :image ]
-  
+
   c.desc "Image tag, e.g. 4.5-stable, 4.6-stable"
   c.flag [ :t, "image-tag"]
 
   c.desc "Bind another source directory into the container. Use <src>:<dest>, where both are full paths."
   c.flag [ :"bind" ], :multiple => true
-  
+
   c.desc "'docker pull' the Conjur container image"
   c.default_value false
   c.switch [ :pull ]
@@ -526,16 +526,16 @@ command "sandbox" do |c|
 
   c.action do |global_options,cmd_options,args|
     raise "Received extra command-line arguments" if args.shift
-    
+
     dir = cmd_options[:dir] || '.'
     dir = File.expand_path(dir)
-    
+
     raise "Directory #{dir} does not exist or is not a directory" unless File.directory?(dir)
-    
+
     Dir.chdir dir do
       image_tag = cmd_options["image-tag"] or raise "image-tag is required"
       appliance_image_id = [ cmd_options[:image], image_tag ].join(":")
-      
+
       appliance_image = if cmd_options[:pull]
         begin
           tries ||=2
@@ -547,15 +547,15 @@ command "sandbox" do |c|
       else
         Docker::Image.get appliance_image_id
       end
-      
+
       project_name = File.basename(Dir.getwd)
       vendor_dir = File.expand_path("tmp/debify/#{project_name}/vendor", ENV['HOME'])
       dot_bundle_dir = File.expand_path("tmp/debify/#{project_name}/.bundle", ENV['HOME'])
       FileUtils.mkdir_p vendor_dir
       FileUtils.mkdir_p dot_bundle_dir
-      
+
       options = {
-        'name' => "#{project_name}-sandbox", 
+        'name' => "#{project_name}-sandbox",
         'Image' => appliance_image.id,
         'WorkingDir' => "/src/#{project_name}",
         'Env' => [
@@ -630,13 +630,21 @@ arg_name "distribution project-name"
 command "publish" do |c|
   c.desc "Set the current working directory"
   c.flag [ :d, :dir ]
-    
+
   c.desc "Specify the deb package version; by default, it's computed automatically"
   c.flag [ :v, :version ]
 
   c.desc "Component to publish to, either 'stable' or the name of the git branch"
   c.flag [ :c, :component ]
 
+  c.desc "Artifactory URL to publish to"
+  c.default_value "https://conjurinc.jfrog.io/conjurinc"
+  c.flag [ :u, :url]
+
+  c.desc "Artifactory Debian repo to publish package to"
+  c.default_value "debian-private"
+  c.flag [ :r, :repo]
+
   c.action do |global_options,cmd_options,args|
     require 'conjur/debify/action/publish'
     raise "distribution is required" unless distribution = args.shift
@@ -646,7 +654,7 @@ command "publish" do |c|
     Conjur::Debify::Action::Publish.new(distribution, project_name, cmd_options).run
   end
 end
-  
+
 desc "Auto-detect and print the repository verison"
 command "detect-version" do |c|
   c.desc "Set the current working directory"
@@ -656,9 +664,9 @@ command "detect-version" do |c|
 
     dir = cmd_options[:dir] || '.'
     dir = File.expand_path(dir)
-    
+
     raise "Directory #{dir} does not exist or is not a directory" unless File.directory?(dir)
-        
+
     Dir.chdir dir do
       puts detect_version
     end
@@ -678,7 +686,7 @@ command 'config' do |c|
   end
 end
 
-  
+
 pre do |global,command,options,args|
   # Pre logic here
   # Return true to proceed; false to abort and not call the

data/lib/conjur/debify/action/publish.rb

@@ -17,20 +17,23 @@ module Conjur::Debify
         @project_name = project_name
         @cmd_options = cmd_options
       end
-      
+
       def run
         dir = cmd_options[:dir] || '.'
         dir = File.expand_path(dir)
         raise "Directory #{dir} does not exist or is not a directory" unless File.directory?(dir)
-        
+
         Dir.chdir dir do
           version = cmd_options[:version] || detect_version
           component = cmd_options[:component] || detect_component
           package_name = "conjur-#{project_name}_#{version}_amd64.deb"
 
-          publish_image = create_image 
+          publish_image = create_image
           DebugMixin.debug_write "Built base publish image '#{publish_image.id}'\n"
 
+          art_url = cmd_options[:url]
+          art_repo = cmd_options[:repo]
+
           art_user = ENV['ARTIFACTORY_USER']
           art_password = ENV['ARTIFACTORY_PASSWORD']
           unless art_user && art_password
@@ -40,12 +43,12 @@ module Conjur::Debify
           options = {
             'Image' => publish_image.id,
             'Cmd' => [
-              "art", "upload",
-              "--url", "https://conjurinc.artifactoryonline.com/conjurinc",
+              "jfrog", "rt", "upload",
+              "--url", art_url,
               "--user", art_user,
               "--password", art_password,
               "--deb", "#{distribution}/#{component}/amd64",
-              package_name, "debian-local/"
+              package_name, "#{art_repo}/"
             ],
             'Binds' => [
               [ dir, "/src" ].join(':')
@@ -67,7 +70,7 @@ module Conjur::Debify
         Conjur::Config.load
         Conjur::Config.apply
         conjur = Conjur::Authn.connect nil, noask: true
-        
+
         username_var = 'ci/artifactory/users/jenkins/username'
         password_var = 'ci/artifactory/users/jenkins/password'
 
@@ -79,12 +82,12 @@ module Conjur::Debify
         begin
           container.tap(&:start).streaming_logs(follow: true, stdout: true, stderr: true) { |stream, chunk| puts "#{chunk}" }
           status = container.wait
-          raise "Failed to publish #{package_name}" unless status['StatusCode'] == 0
+          raise "Failed to publish package" unless status['StatusCode'] == 0
         ensure
           container.delete(force: true)
         end
       end
-      
+
     end
   end
 end

data/lib/conjur/publish/Dockerfile

@@ -1,8 +1,11 @@
 FROM buildpack-deps:curl
 
+ENV JFROG_CLI_OFFER_CONFIG=false
+ENV JFROG_VERSION=1.13.1
+
 RUN curl -kL \
-    -o /usr/bin/art \
-    https://bintray.com/artifact/download/jfrog/artifactory-cli-go/1.2.1/artifactory-cli-linux-amd64/art && \
-    chmod +x /usr/bin/art
+    -o /usr/bin/jfrog \
+    https://bintray.com/jfrog/jfrog-cli-go/download_file?file_path=${JFROG_VERSION}%2Fjfrog-cli-linux-amd64%2Fjfrog && \
+    chmod +x /usr/bin/jfrog
 
 WORKDIR /src

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: conjur-debify
 version: !ruby/object:Gem::Version
-  version: 1.7.4
+  version: 1.8.0
 platform: ruby
 authors:
 - Kevin Gilpin
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-10-26 00:00:00.000000000 Z
+date: 2018-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gli
@@ -224,7 +224,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.14
+rubygems_version: 2.7.4
 signing_key: 
 specification_version: 4
 summary: Utility commands to build and package Conjur services as Debian packages