luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity
open-consul/GNUmakefile

491 lines
18 KiB
Makefile
Raw Normal View History

docs: link from makefile to compile instructions Some practitioners look to the makefile directly rather than to the consul website for information on how to compile from source. Link to the website instructions directly from the makefile so the practitioner can accomplish their task successfully without a careful read of the makefile.
2021-08-11 20:48:29 +00:00
# For documentation on building consul from source, refer to:
# https://www.consul.io/docs/install#compiling-from-source
build: Use bash for building
2017-04-27 18:49:43 +00:00
SHELL = bash
build: install mog and execute it during protobuf compilation (#12647) - also import replace isn't needed anymore
2022-03-29 20:18:05 +00:00
Migrate from `protoc` to `buf` (#12841) * Install `buf` instead of `protoc` * Created `buf.yaml` and `buf.gen.yaml` files in the two proto directories to control how `buf` generates/lints proto code. * Invoke `buf` instead of `protoc` * Added a `proto-format` make target. * Committed the reformatted proto files. * Added a `proto-lint` make target. * Integrated proto linting with CI * Fixed tons of proto linter warnings. * Got rid of deprecated builtin protoc-gen-go grpc plugin usage. Moved to direct usage of protoc-gen-go-grpc. * Unified all proto directories / go packages around using pb prefixes but ensuring all proto packages do not have the prefix.
2022-05-23 14:37:52 +00:00
###
build: wire up remaining 5 helper tools into the same auto-install logic used for protobuf tools (#13184)
2022-05-23 15:50:45 +00:00
# These version variables can either be a valid string for "go install <module>@<version>"
Migrate from `protoc` to `buf` (#12841) * Install `buf` instead of `protoc` * Created `buf.yaml` and `buf.gen.yaml` files in the two proto directories to control how `buf` generates/lints proto code. * Invoke `buf` instead of `protoc` * Added a `proto-format` make target. * Committed the reformatted proto files. * Added a `proto-lint` make target. * Integrated proto linting with CI * Fixed tons of proto linter warnings. * Got rid of deprecated builtin protoc-gen-go grpc plugin usage. Moved to direct usage of protoc-gen-go-grpc. * Unified all proto directories / go packages around using pb prefixes but ensuring all proto packages do not have the prefix.
2022-05-23 14:37:52 +00:00
# or the string @DEV to imply use what is currently installed locally.
###
chore: update golangci-lint to v1.50.1 (#15022)
2022-10-24 16:48:02 +00:00
GOLANGCI_LINT_VERSION='v1.50.1'
build: wire up remaining 5 helper tools into the same auto-install logic used for protobuf tools (#13184)
2022-05-23 15:50:45 +00:00
MOCKERY_VERSION='v2.12.2'
Migrate from `protoc` to `buf` (#12841) * Install `buf` instead of `protoc` * Created `buf.yaml` and `buf.gen.yaml` files in the two proto directories to control how `buf` generates/lints proto code. * Invoke `buf` instead of `protoc` * Added a `proto-format` make target. * Committed the reformatted proto files. * Added a `proto-lint` make target. * Integrated proto linting with CI * Fixed tons of proto linter warnings. * Got rid of deprecated builtin protoc-gen-go grpc plugin usage. Moved to direct usage of protoc-gen-go-grpc. * Unified all proto directories / go packages around using pb prefixes but ensuring all proto packages do not have the prefix.
2022-05-23 14:37:52 +00:00
BUF_VERSION='v1.4.0'
PROTOC_GEN_GO_GRPC_VERSION="v1.2.0"
Update go version to 1.18.1
2022-04-14 20:55:10 +00:00
MOG_VERSION='v0.3.0'
build: conditionally install or reinstall protobuf supporting tools as needed (#12674)
2022-04-05 16:58:07 +00:00
PROTOC_GO_INJECT_TAG_VERSION='v1.3.0'
perf: remove expensive reflection from xDS hot path (#14934) Replaces the reflection-based implementation of proxycfg's ConfigSnapshot.Clone with code generated by deep-copy. While load testing server-based xDS (for consul-dataplane) we discovered this method is extremely expensive. The ConfigSnapshot struct, directly or indirectly, contains a copy of many of the structs in the agent/structs package, which creates a large graph for copystructure.Copy to traverse at runtime, on every proxy reconfiguration.
2022-10-14 09:26:42 +00:00
DEEP_COPY_VERSION='bc3f5aa5735d8a54961580a3a24422c308c831c2'
build: build all packages together Build all packages together with a global timeout. Locally, the tests pass within 40 sec. On travis, we complete within 3-4 min. travis truncates the logs after 4MB which we are hitting so show the relevant information first and then whatever is left.
2017-06-29 12:50:47 +00:00
Add mocks for probuf generation
2022-09-30 04:17:30 +00:00
MOCKED_PB_DIRS= pbdns
build: drop 'consul' build tag for OSS build
2017-08-30 11:25:14 +00:00
GOTAGS ?=
Allow for default GOPATH
2018-01-04 19:38:20 +00:00
GOPATH=$(shell go env GOPATH)
chore: add multi-arch docker build for testing
2022-08-16 20:47:39 +00:00
GOARCH?=$(shell go env GOARCH)
`make test-docker` (#6059) * Implement the test-docker make target Running tests within docker allows us to resource constrain them better to not take over our systems. Additionally it allows us to run the tests on linux instead of the host OS which often times is macOS. * Use GOMAXPROCS instead of -p * Add a comment about docker cpus
2019-07-04 14:22:59 +00:00
MAIN_GOPATH=$(shell go env GOPATH | cut -d: -f1)
Faster dev builds (#2924) This patch runs 'go install' instead of gox which runs 'go build' for 'make dev' and copies the binary into ./bin and ./pkg/${GOOS}_${GOARCH} to mimick the previous behavior. This reduces the roundtrip times for a dev build from 11 sec to 500ms if there weren't any changes.
2017-04-18 22:03:51 +00:00
build: conditionally install or reinstall protobuf supporting tools as needed (#12674)
2022-04-05 16:58:07 +00:00
export PATH := $(PWD)/bin:$(GOPATH)/bin:$(PATH)
ensure make dev target puts the newly constructed binary onto the PATH (#12318) This restores the prior behavior of make dev and ensures that tests using the sdk package (like the api package) will correctly locate the consul binary under test. Also ensure the constructed consul binary is present on the path for sdk-based tests.
2022-02-11 16:45:37 +00:00
Faster dev builds (#2924) This patch runs 'go install' instead of gox which runs 'go build' for 'make dev' and copies the binary into ./bin and ./pkg/${GOOS}_${GOARCH} to mimick the previous behavior. This reduces the roundtrip times for a dev build from 11 sec to 500ms if there weren't any changes.
2017-04-18 22:03:51 +00:00
# Get the git commit
Initial progress on build system updates
2018-06-08 14:20:54 +00:00
GIT_COMMIT?=$(shell git rev-parse --short HEAD)
Pass the git commits year through as an env var to the ui build (#7126)
2020-01-24 15:40:14 +00:00
GIT_COMMIT_YEAR?=$(shell git show -s --format=%cd --date=format:%Y HEAD)
Initial progress on build system updates
2018-06-08 14:20:54 +00:00
GIT_DIRTY?=$(shell test -n "`git status --porcelain`" && echo "+CHANGES" || true)
Faster dev builds (#2924) This patch runs 'go install' instead of gox which runs 'go build' for 'make dev' and copies the binary into ./bin and ./pkg/${GOOS}_${GOARCH} to mimick the previous behavior. This reduces the roundtrip times for a dev build from 11 sec to 500ms if there weren't any changes.
2017-04-18 22:03:51 +00:00
GIT_IMPORT=github.com/hashicorp/consul/version
Add BuildDate to version structure Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2022-03-18 16:55:12 +00:00
DATE_FORMAT="%Y-%m-%dT%H:%M:%SZ" # it's tricky to do an RFC3339 format in a cross platform way, so we hardcode UTC
Cleanup and extend basic build date Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2022-06-02 02:29:40 +00:00
GIT_DATE=$(shell $(CURDIR)/build-support/scripts/build-date.sh) # we're using this for build date because it's stable across platform builds
Add BuildDate to version structure Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2022-03-18 16:55:12 +00:00
GOLDFLAGS=-X $(GIT_IMPORT).GitCommit=$(GIT_COMMIT)$(GIT_DIRTY) -X $(GIT_IMPORT).BuildDate=$(GIT_DATE)
Faster dev builds (#2924) This patch runs 'go install' instead of gox which runs 'go build' for 'make dev' and copies the binary into ./bin and ./pkg/${GOOS}_${GOARCH} to mimick the previous behavior. This reduces the roundtrip times for a dev build from 11 sec to 500ms if there weren't any changes.
2017-04-18 22:03:51 +00:00
Update the scripting Automated putting the source tree into release mode.
2018-06-15 01:25:59 +00:00
ifeq ($(FORCE_REBUILD),1)
NOCACHE=--no-cache
else
NOCACHE=
endif
DOCKER_BUILD_QUIET?=1
ifeq (${DOCKER_BUILD_QUIET},1)
QUIET=-q
else
QUIET=
endif
CONSUL_DEV_IMAGE?=consul-dev
Initial progress on build system updates
2018-06-08 14:20:54 +00:00
GO_BUILD_TAG?=consul-build-go
UI_BUILD_TAG?=consul-build-ui
BUILD_CONTAINER_NAME?=consul-builder
Build System Fixes for Go Modules (#5655) * Docker based builds can now use the module cache * Simplify building the consul-dev docker image. * Make sure to pull the latest consul image. * Allow selecting base image version for the dev image
2019-04-12 19:17:13 +00:00
CONSUL_IMAGE_VERSION?=latest
Initial progress on build system updates
2018-06-08 14:20:54 +00:00
add dev docker image upload (#5879) * add dev docker image upload * remove the go cache since that isn't needed * add comment and image labels * get password from stdin
2019-07-25 13:19:09 +00:00
################
# CI Variables #
################
CI_DEV_DOCKER_NAMESPACE?=hashicorpdev
CI_DEV_DOCKER_IMAGE_NAME?=consul
CI_DEV_DOCKER_WORKDIR?=bin/
################
`make test-docker` (#6059) * Implement the test-docker make target Running tests within docker allows us to resource constrain them better to not take over our systems. Additionally it allows us to run the tests on linux instead of the host OS which often times is macOS. * Use GOMAXPROCS instead of -p * Add a comment about docker cpus
2019-07-04 14:22:59 +00:00
TEST_MODCACHE?=1
TEST_BUILDCACHE?=1
# You can only use as many CPUs as you have allocated to docker
ifdef TEST_DOCKER_CPUS
TEST_DOCKER_RESOURCE_CONSTRAINTS=--cpus $(TEST_DOCKER_CPUS)
TEST_PARALLELIZATION=-e GOMAXPROCS=$(TEST_DOCKER_CPUS)
else
TEST_DOCKER_RESOURCE_CONSTRAINTS=
TEST_PARALLELIZATION=
endif
ifeq ($(TEST_MODCACHE), 1)
TEST_MODCACHE_VOL=-v $(MAIN_GOPATH)/pkg/mod:/go/pkg/mod
else
TEST_MODCACHE_VOL=
endif
ifeq ($(TEST_BUILDCACHE), 1)
TEST_BUILDCACHE_VOL=-v $(shell go env GOCACHE):/root/.caches/go-build
else
TEST_BUILDCACHE_VOL=
endif
Redo the build system Improvements: - More modular - Building within docker doesn’t use volumes so can be run on a remote docker host - Build containers include only minimal context so they only rarely need to be rebuilt and most of the time can be used from the cache. - 3 build containers instead of 1. One based off of the upstream golang containers for building go stuff with all our required GOTOOLS installed. One like the old container based off ubuntu bionic for building the old UI (didn’t bother creating a much better container as this shouldn’t be needed once we completely remove the legacy UI). One for building the new UI. Its alpine based with all the node, ember, yarn stuff installed. - Top level makefile has the ability to do a container based build without running make dist - Can build for arbitrary platforms at the top level using: make consul-docker XC_OS=… XC_ARCH=… - overridable functionality to allow for customizations to the enterprise build (like to generate multiple binaries) - unified how we compile our go. always use gox even for dev-builds or rather always use the tooling around our scripts which will make sure things get copied to the correct places throughout the filesystem.
2018-06-12 20:55:52 +00:00
DIST_TAG?=1
DIST_BUILD?=1
DIST_SIGN?=1
Update the scripting Automated putting the source tree into release mode.
2018-06-15 01:25:59 +00:00
ifdef DIST_VERSION
Quote some make vars
2018-06-18 18:36:24 +00:00
DIST_VERSION_ARG=-v "$(DIST_VERSION)"
Update the scripting Automated putting the source tree into release mode.
2018-06-15 01:25:59 +00:00
else
DIST_VERSION_ARG=
endif
ifdef DIST_RELEASE_DATE
Quote some make vars
2018-06-18 18:36:24 +00:00
DIST_DATE_ARG=-d "$(DIST_RELEASE_DATE)"
Update the scripting Automated putting the source tree into release mode.
2018-06-15 01:25:59 +00:00
else
DIST_DATE_ARG=
endif
Allow for building pre-releases/rcs/betas
2018-06-18 21:01:20 +00:00
ifdef DIST_PRERELEASE
DIST_REL_ARG=-r "$(DIST_PRERELEASE)"
else
DIST_REL_ARG=
endif
Generalize git pushing in a bash function
2018-06-15 19:23:26 +00:00
PUB_GIT?=1
PUB_WEBSITE?=1
ifeq ($(PUB_GIT),1)
PUB_GIT_ARG=-g
else
PUB_GIT_ARG=
endif
ifeq ($(PUB_WEBSITE),1)
Fix bug in makefile that prevented running the website publish.
2018-06-26 18:08:10 +00:00
PUB_WEBSITE_ARG=-w
Generalize git pushing in a bash function
2018-06-15 19:23:26 +00:00
else
PUB_WEBSITE_ARG=
endif
Default dev-build to not using GOX
2018-06-26 18:26:23 +00:00
Initial progress on build system updates
2018-06-08 14:20:54 +00:00
export GO_BUILD_TAG
export UI_BUILD_TAG
export BUILD_CONTAINER_NAME
export GIT_COMMIT
Pass the git commits year through as an env var to the ui build (#7126)
2020-01-24 15:40:14 +00:00
export GIT_COMMIT_YEAR
Initial progress on build system updates
2018-06-08 14:20:54 +00:00
export GIT_DIRTY
export GOTAGS
Faster dev builds (#2924) This patch runs 'go install' instead of gox which runs 'go build' for 'make dev' and copies the binary into ./bin and ./pkg/${GOOS}_${GOARCH} to mimick the previous behavior. This reduces the roundtrip times for a dev build from 11 sec to 500ms if there weren't any changes.
2017-04-18 22:03:51 +00:00
export GOLDFLAGS
consul: adding basic skeleton
2013-12-06 23:43:07 +00:00
Connect: allow configuring Envoy for L7 Observability (#5558) * Add support for HTTP proxy listeners * Add customizable bootstrap configuration options * Debug logging for xDS AuthZ * Add Envoy Integration test suite with basic test coverage * Add envoy command tests to cover new cases * Add tracing integration test * Add gRPC support WIP * Merged changes from master Docker. get CI integration to work with same Dockerfile now * Make docker build optional for integration * Enable integration tests again! * http2 and grpc integration tests and fixes * Fix up command config tests * Store all container logs as artifacts in circle on fail * Add retries to outer part of stats measurements as we keep missing them in CI * Only dump logs on failing cases * Fix typos from code review * Review tidying and make tests pass again * Add debug logs to exec test. * Fix legit test failure caused by upstream rename in envoy config * Attempt to reduce cases of bad TLS handshake in CI integration tests * bring up the right service * Add prometheus integration test * Add test for denied AuthZ both HTTP and TCP * Try ANSI term for Circle
2019-04-29 16:27:57 +00:00
# Allow skipping docker build during integration tests in CI since we already
# have a built binary
Run integration tests locally using amd64 (#14365) Locally, always run integration tests using amd64, even if running on an arm mac. This ensures the architecture locally always matches the CI/CD environment. In addition: * Use consul:local for envoy integration and upgrade tests. Previously, consul:local was used for upgrade tests and consul-dev for integration tests. I didn't see a reason to use separate images as it's more confusing. * By default, disable the requirement that aws credentials are set. These are only needed for the lambda tests and make it so you can't run any tests locally, even if you're not running the lambda tests. Now they'll only run if the LAMBDA_TESTS_ENABLED env var is set. * Split out the building of the Docker image for integration tests into its own target from `dev-docker`. This allows us to always use an amd64 image without messing up the `dev-docker` target. * Add support for passing GO_TEST_FLAGs to `test-envoy-integ` target. * Add a wait_for_leader function because tests were failing locally without it.
2022-08-29 23:13:49 +00:00
ENVOY_INTEG_DEPS?=docker-envoy-integ
Connect: allow configuring Envoy for L7 Observability (#5558) * Add support for HTTP proxy listeners * Add customizable bootstrap configuration options * Debug logging for xDS AuthZ * Add Envoy Integration test suite with basic test coverage * Add envoy command tests to cover new cases * Add tracing integration test * Add gRPC support WIP * Merged changes from master Docker. get CI integration to work with same Dockerfile now * Make docker build optional for integration * Enable integration tests again! * http2 and grpc integration tests and fixes * Fix up command config tests * Store all container logs as artifacts in circle on fail * Add retries to outer part of stats measurements as we keep missing them in CI * Only dump logs on failing cases * Fix typos from code review * Review tidying and make tests pass again * Add debug logs to exec test. * Fix legit test failure caused by upstream rename in envoy config * Attempt to reduce cases of bad TLS handshake in CI integration tests * bring up the right service * Add prometheus integration test * Add test for denied AuthZ both HTTP and TCP * Try ANSI term for Circle
2019-04-29 16:27:57 +00:00
ifdef SKIP_DOCKER_BUILD
ENVOY_INTEG_DEPS=noop
endif
Default dev-build to not using GOX
2018-06-26 18:26:23 +00:00
Replace build script with 'go build'
2021-09-08 23:50:42 +00:00
all: dev-build
Only builds the binary stuff under master branch CI.
2016-10-25 20:49:57 +00:00
Connect: allow configuring Envoy for L7 Observability (#5558) * Add support for HTTP proxy listeners * Add customizable bootstrap configuration options * Debug logging for xDS AuthZ * Add Envoy Integration test suite with basic test coverage * Add envoy command tests to cover new cases * Add tracing integration test * Add gRPC support WIP * Merged changes from master Docker. get CI integration to work with same Dockerfile now * Make docker build optional for integration * Enable integration tests again! * http2 and grpc integration tests and fixes * Fix up command config tests * Store all container logs as artifacts in circle on fail * Add retries to outer part of stats measurements as we keep missing them in CI * Only dump logs on failing cases * Fix typos from code review * Review tidying and make tests pass again * Add debug logs to exec test. * Fix legit test failure caused by upstream rename in envoy config * Attempt to reduce cases of bad TLS handshake in CI integration tests * bring up the right service * Add prometheus integration test * Add test for denied AuthZ both HTTP and TCP * Try ANSI term for Circle
2019-04-29 16:27:57 +00:00
# used to make integration dependencies conditional
noop: ;
Replace build script with 'go build'
2021-09-08 23:50:42 +00:00
# dev creates binaries for testing locally - these are put into ./bin
Remove a few unused things from build-support
2021-06-04 17:01:03 +00:00
dev: dev-build
build: fix travis build
2017-07-18 07:22:49 +00:00
dev-build:
Replace build script with 'go build'
2021-09-08 23:50:42 +00:00
mkdir -p bin
ensure make dev target puts the newly constructed binary onto the PATH (#12318) This restores the prior behavior of make dev and ensures that tests using the sdk package (like the api package) will correctly locate the consul binary under test. Also ensure the constructed consul binary is present on the path for sdk-based tests.
2022-02-11 16:45:37 +00:00
CGO_ENABLED=0 go install -ldflags "$(GOLDFLAGS)" -tags "$(GOTAGS)"
builds: fix "Killed" error with make dev (#15003) Previously, I would sometimes get Killed errors when executing the binary created by `make dev`. This is because we were using `cp` and OSX has a bug where it caches the old signature and so doesn't allow the new binary to run (see https://apple.stackexchange.com/a/428388)
2022-10-21 18:10:11 +00:00
# rm needed due to signature caching (https://apple.stackexchange.com/a/428388)
rm -f ./bin/consul
cp ${MAIN_GOPATH}/bin/consul ./bin/consul
Update the scripting Automated putting the source tree into release mode.
2018-06-15 01:25:59 +00:00
build: ensure 'make dev-docker' also produces a matching CLI binary at the same time (#15188)
2022-10-28 20:21:05 +00:00
dev-docker: linux dev-build
Build System Fixes for Go Modules (#5655) * Docker based builds can now use the module cache * Simplify building the consul-dev docker image. * Make sure to pull the latest consul image. * Allow selecting base image version for the dev image
2019-04-12 19:17:13 +00:00
@echo "Pulling consul container image - $(CONSUL_IMAGE_VERSION)"
@docker pull consul:$(CONSUL_IMAGE_VERSION) >/dev/null
@echo "Building Consul Development container - $(CONSUL_DEV_IMAGE)"
build: ensure 'make dev-docker' updates consul-dev:latest too (#15176) Fixes a minor regression from #14222
2022-10-28 15:27:24 +00:00
@# 'consul:local' tag is needed to run the integration tests
@# 'consul-dev:latest' is needed by older workflows
@docker buildx use default && docker buildx build -t 'consul:local' -t '$(CONSUL_DEV_IMAGE)' \
chore: add multi-arch docker build for testing
2022-08-16 20:47:39 +00:00
--platform linux/$(GOARCH) \
--build-arg CONSUL_IMAGE_VERSION=$(CONSUL_IMAGE_VERSION) \
--load \
-f $(CURDIR)/build-support/docker/Consul-Dev-Multiarch.dockerfile $(CURDIR)/pkg/bin/
check-remote-dev-image-env:
ifndef REMOTE_DEV_IMAGE
$(error REMOTE_DEV_IMAGE is undefined: set this image to <your_docker_repo>/<your_docker_image>:<image_tag>, e.g. hashicorp/consul-k8s-dev:latest)
endif
remote-docker: check-remote-dev-image-env
$(MAKE) GOARCH=amd64 linux
$(MAKE) GOARCH=arm64 linux
@echo "Pulling consul container image - $(CONSUL_IMAGE_VERSION)"
@docker pull consul:$(CONSUL_IMAGE_VERSION) >/dev/null
@echo "Building and Pushing Consul Development container - $(REMOTE_DEV_IMAGE)"
chore: fix remote docker make target (#15870)
2022-12-22 20:44:18 +00:00
@if ! docker buildx inspect consul-builder; then \
docker buildx create --name consul-builder --driver docker-container --bootstrap; \
fi;
@docker buildx use consul-builder && docker buildx build -t '$(REMOTE_DEV_IMAGE)' \
chore: add multi-arch docker build for testing
2022-08-16 20:47:39 +00:00
--platform linux/amd64,linux/arm64 \
--build-arg CONSUL_IMAGE_VERSION=$(CONSUL_IMAGE_VERSION) \
--push \
-f $(CURDIR)/build-support/docker/Consul-Dev-Multiarch.dockerfile $(CURDIR)/pkg/bin/
Use gox for building
2015-10-22 18:16:01 +00:00
add dev docker image upload (#5879) * add dev docker image upload * remove the go cache since that isn't needed * add comment and image labels * get password from stdin
2019-07-25 13:19:09 +00:00
# In CircleCI, the linux binary will be attached from a previous step at bin/. This make target
# should only run in CI and not locally.
ci.dev-docker:
@echo "Pulling consul container image - $(CONSUL_IMAGE_VERSION)"
@docker pull consul:$(CONSUL_IMAGE_VERSION) >/dev/null
@echo "Building Consul Development container - $(CI_DEV_DOCKER_IMAGE_NAME)"
@docker build $(NOCACHE) $(QUIET) -t '$(CI_DEV_DOCKER_NAMESPACE)/$(CI_DEV_DOCKER_IMAGE_NAME):$(GIT_COMMIT)' \
--build-arg CONSUL_IMAGE_VERSION=$(CONSUL_IMAGE_VERSION) \
--label COMMIT_SHA=$(CIRCLE_SHA1) \
--label PULL_REQUEST=$(CIRCLE_PULL_REQUEST) \
--label CIRCLE_BUILD_URL=$(CIRCLE_BUILD_URL) \
$(CI_DEV_DOCKER_WORKDIR) -f $(CURDIR)/build-support/docker/Consul-Dev.dockerfile
change DOCKER_LOGIN env name to DOCKER_USER (#6451)
2019-09-05 18:29:39 +00:00
@echo $(DOCKER_PASS) | docker login -u="$(DOCKER_USER)" --password-stdin
add dev docker image upload (#5879) * add dev docker image upload * remove the go cache since that isn't needed * add comment and image labels * get password from stdin
2019-07-25 13:19:09 +00:00
@echo "Pushing dev image to: https://cloud.docker.com/u/hashicorpdev/repository/docker/hashicorpdev/consul"
@docker push $(CI_DEV_DOCKER_NAMESPACE)/$(CI_DEV_DOCKER_IMAGE_NAME):$(GIT_COMMIT)
Update references to the main branch The main branch is being renamed from master->main. This commit should update all references to the main branch to the new name. Co-Authored-By: Mike Morris <mikemorris@users.noreply.github.com>
2021-06-29 21:04:24 +00:00
ifeq ($(CIRCLE_BRANCH), main)
add dev docker image upload (#5879) * add dev docker image upload * remove the go cache since that isn't needed * add comment and image labels * get password from stdin
2019-07-25 13:19:09 +00:00
@docker tag $(CI_DEV_DOCKER_NAMESPACE)/$(CI_DEV_DOCKER_IMAGE_NAME):$(GIT_COMMIT) $(CI_DEV_DOCKER_NAMESPACE)/$(CI_DEV_DOCKER_IMAGE_NAME):latest
@docker push $(CI_DEV_DOCKER_NAMESPACE)/$(CI_DEV_DOCKER_IMAGE_NAME):latest
endif
chore: add multi-arch docker build for testing
2022-08-16 20:47:39 +00:00
# linux builds a linux binary compatible with the source platform
Add make target for linux binary
2017-05-04 11:31:56 +00:00
linux:
chore: add multi-arch docker build for testing
2022-08-16 20:47:39 +00:00
@mkdir -p ./pkg/bin/linux_$(GOARCH)
CGO_ENABLED=0 GOOS=linux GOARCH=$(GOARCH) go build -o ./pkg/bin/linux_$(GOARCH) -ldflags "$(GOLDFLAGS)" -tags "$(GOTAGS)"
Add make target for linux binary
2017-05-04 11:31:56 +00:00
Tweaks some of the default makefile targets.
2016-02-18 04:36:48 +00:00
# dist builds binaries for all platforms and packages them for distribution
dist:
Allow for building pre-releases/rcs/betas
2018-06-18 21:01:20 +00:00
@$(SHELL) $(CURDIR)/build-support/scripts/release.sh -t '$(DIST_TAG)' -b '$(DIST_BUILD)' -S '$(DIST_SIGN)' $(DIST_VERSION_ARG) $(DIST_DATE_ARG) $(DIST_REL_ARG)
Update verify.sh script
2018-06-26 16:08:33 +00:00
Switch to go 1.13.7 (#7262) - You can no longer cross submodule boundaries with ./... in go subcommands like `go list` or `go test`. The makefile and CI scripts were updated accordingly. - Also of note: `go mod vendor` now omits things build ignored.
2020-02-12 16:15:24 +00:00
cover: cov
cov: other-consul dev-build
go test -tags '$(GOTAGS)' ./... -coverprofile=coverage.out
cd sdk && go test -tags '$(GOTAGS)' ./... -coverprofile=../coverage.sdk.part
cd api && go test -tags '$(GOTAGS)' ./... -coverprofile=../coverage.api.part
grep -h -v "mode: set" coverage.{sdk,api}.part >> coverage.out
rm -f coverage.{sdk,api}.part
removing gocov packages (#5534) * removing gocov packages * revise cov make target
2019-04-09 20:05:52 +00:00
go tool cover -html=coverage.out
consul: adding basic skeleton
2013-12-06 23:43:07 +00:00
Add lint to makefile And support for setting build tags in CI lint job. Removed the unused 'test-ci' target.
2020-03-24 20:14:12 +00:00
test: other-consul dev-build lint test-internal
Refactor test retry to only affect CI (#4436) * Refactor test retry to only affect CI * Move test install deps out of the retry loop * Add internal targets to PHONY too
2018-07-24 14:12:48 +00:00
add 'make go-mod-tidy' to serially run tidy on all submodules in the correct order (#7179) - also make go-mod-tidy a dependency of update-vendor
2020-02-03 16:12:26 +00:00
go-mod-tidy:
@echo "--> Running go mod tidy"
@cd sdk && go mod tidy
@cd api && go mod tidy
@go mod tidy
Refactor test retry to only affect CI (#4436) * Refactor test retry to only affect CI * Move test install deps out of the retry loop * Add internal targets to PHONY too
2018-07-24 14:12:48 +00:00
test-internal:
New config parser, HCL support, multiple bind addrs (#3480) * new config parser for agent This patch implements a new config parser for the consul agent which makes the following changes to the previous implementation: * add HCL support * all configuration fragments in tests and for default config are expressed as HCL fragments * HCL fragments can be provided on the command line so that they can eventually replace the command line flags. * HCL/JSON fragments are parsed into a temporary Config structure which can be merged using reflection (all values are pointers). The existing merge logic of overwrite for values and append for slices has been preserved. * A single builder process generates a typed runtime configuration for the agent. The new implementation is more strict and fails in the builder process if no valid runtime configuration can be generated. Therefore, additional validations in other parts of the code should be removed. The builder also pre-computes all required network addresses so that no address/port magic should be required where the configuration is used and should therefore be removed. * Upgrade github.com/hashicorp/hcl to support int64 * improve error messages * fix directory permission test * Fix rtt test * Fix ForceLeave test * Skip performance test for now until we know what to do * Update github.com/hashicorp/memberlist to update log prefix * Make memberlist use the default logger * improve config error handling * do not fail on non-existing data-dir * experiment with non-uniform timeouts to get a handle on stalled leader elections * Run tests for packages separately to eliminate the spurious port conflicts * refactor private address detection and unify approach for ipv4 and ipv6. Fixes #2825 * do not allow unix sockets for DNS * improve bind and advertise addr error handling * go through builder using test coverage * minimal update to the docs * more coverage tests fixed * more tests * fix makefile * cleanup * fix port conflicts with external port server 'porter' * stop test server on error * do not run api test that change global ENV concurrently with the other tests * Run remaining api tests concurrently * no need for retry with the port number service * monkey patch race condition in go-sockaddr until we understand why that fails * monkey patch hcl decoder race condidtion until we understand why that fails * monkey patch spurious errors in strings.EqualFold from here * add test for hcl decoder race condition. Run with go test -parallel 128 * Increase timeout again * cleanup * don't log port allocations by default * use base command arg parsing to format help output properly * handle -dc deprecation case in Build * switch autopilot.max_trailing_logs to int * remove duplicate test case * remove unused methods * remove comments about flag/config value inconsistencies * switch got and want around since the error message was misleading. * Removes a stray debug log. * Removes a stray newline in imports. * Fixes TestACL_Version8. * Runs go fmt. * Adds a default case for unknown address types. * Reoders and reformats some imports. * Adds some comments and fixes typos. * Reorders imports. * add unix socket support for dns later * drop all deprecated flags and arguments * fix wrong field name * remove stray node-id file * drop unnecessary patch section in test * drop duplicate test * add test for LeaveOnTerm and SkipLeaveOnInt in client mode * drop "bla" and add clarifying comment for the test * split up tests to support enterprise/non-enterprise tests * drop raft multiplier and derive values during build phase * sanitize runtime config reflectively and add test * detect invalid config fields * fix tests with invalid config fields * use different values for wan sanitiziation test * drop recursor in favor of recursors * allow dns_config.udp_answer_limit to be zero * make sure tests run on machines with multiple ips * Fix failing tests in a few more places by providing a bind address in the test * Gets rid of skipped TestAgent_CheckPerformanceSettings and adds case for builder. * Add porter to server_test.go to make tests there less flaky * go fmt
2017-09-25 18:40:42 +00:00
@echo "--> Running go test"
@rm -f test.log exit-code
Only output sparse lines to keep Travis happy while logging verbosely to disk
2018-02-20 15:32:44 +00:00
@# Dump verbose output to test.log so we can surface test names on failure but
@# hide it from travis as it exceeds their log limits and causes job to be
@# terminated (over 4MB and over 10k lines in the UI). We need to output
@# _something_ to stop them terminating us due to inactivity...
Switch to go 1.13.7 (#7262) - You can no longer cross submodule boundaries with ./... in go subcommands like `go list` or `go test`. The makefile and CI scripts were updated accordingly. - Also of note: `go mod vendor` now omits things build ignored.
2020-02-12 16:15:24 +00:00
@echo "===================== submodule: sdk =====================" | tee -a test.log
cd sdk && { go test -v $(GOTEST_FLAGS) -tags '$(GOTAGS)' ./... 2>&1 ; echo $$? >> ../exit-code ; } | tee -a ../test.log | egrep '^(ok|FAIL|panic:|--- FAIL|--- PASS)'
@echo "===================== submodule: api =====================" | tee -a test.log
cd api && { go test -v $(GOTEST_FLAGS) -tags '$(GOTAGS)' ./... 2>&1 ; echo $$? >> ../exit-code ; } | tee -a ../test.log | egrep '^(ok|FAIL|panic:|--- FAIL|--- PASS)'
@echo "===================== submodule: root =====================" | tee -a test.log
{ go test -v $(GOTEST_FLAGS) -tags '$(GOTAGS)' ./... 2>&1 ; echo $$? >> exit-code ; } | tee -a test.log | egrep '^(ok|FAIL|panic:|--- FAIL|--- PASS)'
@# if everything worked fine then all 3 zeroes will be collapsed to a single zero here
@exit_codes="$$(sort -u exit-code)" ; echo "$$exit_codes" > exit-code
Refactor test retry to only affect CI (#4436) * Refactor test retry to only affect CI * Move test install deps out of the retry loop * Add internal targets to PHONY too
2018-07-24 14:12:48 +00:00
@echo "Exit code: $$(cat exit-code)"
Make test output more useful now we uses testify with multi-line error messages
2018-04-19 12:01:20 +00:00
@# This prints all the race report between ====== lines
@awk '/^WARNING: DATA RACE/ {do_print=1; print "=================="} do_print==1 {print} /^={10,}/ {do_print=0}' test.log || true
Adds `api` client code and tests for new Proxy Config endpoint, registering with proxy and seeing proxy config in /agent/services list.
2018-04-20 13:24:24 +00:00
@grep -A10 'panic: ' test.log || true
Make test output more useful now we uses testify with multi-line error messages
2018-04-19 12:01:20 +00:00
@# Prints all the failure output until the next non-indented line - testify
Adds `api` client code and tests for new Proxy Config endpoint, registering with proxy and seeing proxy config in /agent/services list.
2018-04-20 13:24:24 +00:00
@# helpers often output multiple lines for readability but useless if we can't
@# see them. Un-intuitive order of matches is necessary. No || true because
@# awk always returns true even if there is no match and it breaks non-bash
@# shells locally.
@awk '/^[^[:space:]]/ {do_print=0} /--- SKIP/ {do_print=1} do_print==1 {print}' test.log
@awk '/^[^[:space:]]/ {do_print=0} /--- FAIL/ {do_print=1} do_print==1 {print}' test.log
build: build all packages together Build all packages together with a global timeout. Locally, the tests pass within 40 sec. On travis, we complete within 3-4 min. travis truncates the logs after 4MB which we are hitting so show the relevant information first and then whatever is left.
2017-06-29 12:50:47 +00:00
@grep '^FAIL' test.log || true
New config parser, HCL support, multiple bind addrs (#3480) * new config parser for agent This patch implements a new config parser for the consul agent which makes the following changes to the previous implementation: * add HCL support * all configuration fragments in tests and for default config are expressed as HCL fragments * HCL fragments can be provided on the command line so that they can eventually replace the command line flags. * HCL/JSON fragments are parsed into a temporary Config structure which can be merged using reflection (all values are pointers). The existing merge logic of overwrite for values and append for slices has been preserved. * A single builder process generates a typed runtime configuration for the agent. The new implementation is more strict and fails in the builder process if no valid runtime configuration can be generated. Therefore, additional validations in other parts of the code should be removed. The builder also pre-computes all required network addresses so that no address/port magic should be required where the configuration is used and should therefore be removed. * Upgrade github.com/hashicorp/hcl to support int64 * improve error messages * fix directory permission test * Fix rtt test * Fix ForceLeave test * Skip performance test for now until we know what to do * Update github.com/hashicorp/memberlist to update log prefix * Make memberlist use the default logger * improve config error handling * do not fail on non-existing data-dir * experiment with non-uniform timeouts to get a handle on stalled leader elections * Run tests for packages separately to eliminate the spurious port conflicts * refactor private address detection and unify approach for ipv4 and ipv6. Fixes #2825 * do not allow unix sockets for DNS * improve bind and advertise addr error handling * go through builder using test coverage * minimal update to the docs * more coverage tests fixed * more tests * fix makefile * cleanup * fix port conflicts with external port server 'porter' * stop test server on error * do not run api test that change global ENV concurrently with the other tests * Run remaining api tests concurrently * no need for retry with the port number service * monkey patch race condition in go-sockaddr until we understand why that fails * monkey patch hcl decoder race condidtion until we understand why that fails * monkey patch spurious errors in strings.EqualFold from here * add test for hcl decoder race condition. Run with go test -parallel 128 * Increase timeout again * cleanup * don't log port allocations by default * use base command arg parsing to format help output properly * handle -dc deprecation case in Build * switch autopilot.max_trailing_logs to int * remove duplicate test case * remove unused methods * remove comments about flag/config value inconsistencies * switch got and want around since the error message was misleading. * Removes a stray debug log. * Removes a stray newline in imports. * Fixes TestACL_Version8. * Runs go fmt. * Adds a default case for unknown address types. * Reoders and reformats some imports. * Adds some comments and fixes typos. * Reorders imports. * add unix socket support for dns later * drop all deprecated flags and arguments * fix wrong field name * remove stray node-id file * drop unnecessary patch section in test * drop duplicate test * add test for LeaveOnTerm and SkipLeaveOnInt in client mode * drop "bla" and add clarifying comment for the test * split up tests to support enterprise/non-enterprise tests * drop raft multiplier and derive values during build phase * sanitize runtime config reflectively and add test * detect invalid config fields * fix tests with invalid config fields * use different values for wan sanitiziation test * drop recursor in favor of recursors * allow dns_config.udp_answer_limit to be zero * make sure tests run on machines with multiple ips * Fix failing tests in a few more places by providing a bind address in the test * Gets rid of skipped TestAgent_CheckPerformanceSettings and adds case for builder. * Add porter to server_test.go to make tests there less flaky * go fmt
2017-09-25 18:40:42 +00:00
@if [ "$$(cat exit-code)" == "0" ] ; then echo "PASS" ; exit 0 ; else exit 1 ; fi
build: build all packages together Build all packages together with a global timeout. Locally, the tests pass within 40 sec. On travis, we complete within 3-4 min. travis truncates the logs after 4MB which we are hitting so show the relevant information first and then whatever is left.
2017-06-29 12:50:47 +00:00
test-race:
$(MAKE) GOTEST_FLAGS=-race
build: add target for running tests with race detector
2017-05-22 19:24:38 +00:00
`make test-docker` (#6059) * Implement the test-docker make target Running tests within docker allows us to resource constrain them better to not take over our systems. Additionally it allows us to run the tests on linux instead of the host OS which often times is macOS. * Use GOMAXPROCS instead of -p * Add a comment about docker cpus
2019-07-04 14:22:59 +00:00
test-docker: linux go-build-image
@# -ti run in the foreground showing stdout
@# --rm removes the container once its finished running
@# GO_MODCACHE_VOL - args for mapping in the go module cache
@# GO_BUILD_CACHE_VOL - args for mapping in the go build cache
@# All the env vars are so we pass through all the relevant bits of information
@# Needed for running the tests
@# We map in our local linux_amd64 bin directory as thats where the linux dep
@# target dropped the binary. We could build the binary in the container too
@# but that might take longer as caching gets weird
@# Lastly we map the source dir here to the /consul workdir
@echo "Running tests within a docker container"
@docker run -ti --rm \
-e 'GOTEST_FLAGS=$(GOTEST_FLAGS)' \
-e 'GOTAGS=$(GOTAGS)' \
-e 'GIT_COMMIT=$(GIT_COMMIT)' \
Pass the git commits year through as an env var to the ui build (#7126)
2020-01-24 15:40:14 +00:00
-e 'GIT_COMMIT_YEAR=$(GIT_COMMIT_YEAR)' \
`make test-docker` (#6059) * Implement the test-docker make target Running tests within docker allows us to resource constrain them better to not take over our systems. Additionally it allows us to run the tests on linux instead of the host OS which often times is macOS. * Use GOMAXPROCS instead of -p * Add a comment about docker cpus
2019-07-04 14:22:59 +00:00
-e 'GIT_DIRTY=$(GIT_DIRTY)' \
$(TEST_PARALLELIZATION) \
$(TEST_DOCKER_RESOURCE_CONSTRAINTS) \
$(TEST_MODCACHE_VOL) \
$(TEST_BUILDCACHE_VOL) \
-v $(MAIN_GOPATH)/bin/linux_amd64/:/go/bin \
-v $(shell pwd):/consul \
$(GO_BUILD_TAG) \
make test-internal
New config parser, HCL support, multiple bind addrs (#3480) * new config parser for agent This patch implements a new config parser for the consul agent which makes the following changes to the previous implementation: * add HCL support * all configuration fragments in tests and for default config are expressed as HCL fragments * HCL fragments can be provided on the command line so that they can eventually replace the command line flags. * HCL/JSON fragments are parsed into a temporary Config structure which can be merged using reflection (all values are pointers). The existing merge logic of overwrite for values and append for slices has been preserved. * A single builder process generates a typed runtime configuration for the agent. The new implementation is more strict and fails in the builder process if no valid runtime configuration can be generated. Therefore, additional validations in other parts of the code should be removed. The builder also pre-computes all required network addresses so that no address/port magic should be required where the configuration is used and should therefore be removed. * Upgrade github.com/hashicorp/hcl to support int64 * improve error messages * fix directory permission test * Fix rtt test * Fix ForceLeave test * Skip performance test for now until we know what to do * Update github.com/hashicorp/memberlist to update log prefix * Make memberlist use the default logger * improve config error handling * do not fail on non-existing data-dir * experiment with non-uniform timeouts to get a handle on stalled leader elections * Run tests for packages separately to eliminate the spurious port conflicts * refactor private address detection and unify approach for ipv4 and ipv6. Fixes #2825 * do not allow unix sockets for DNS * improve bind and advertise addr error handling * go through builder using test coverage * minimal update to the docs * more coverage tests fixed * more tests * fix makefile * cleanup * fix port conflicts with external port server 'porter' * stop test server on error * do not run api test that change global ENV concurrently with the other tests * Run remaining api tests concurrently * no need for retry with the port number service * monkey patch race condition in go-sockaddr until we understand why that fails * monkey patch hcl decoder race condidtion until we understand why that fails * monkey patch spurious errors in strings.EqualFold from here * add test for hcl decoder race condition. Run with go test -parallel 128 * Increase timeout again * cleanup * don't log port allocations by default * use base command arg parsing to format help output properly * handle -dc deprecation case in Build * switch autopilot.max_trailing_logs to int * remove duplicate test case * remove unused methods * remove comments about flag/config value inconsistencies * switch got and want around since the error message was misleading. * Removes a stray debug log. * Removes a stray newline in imports. * Fixes TestACL_Version8. * Runs go fmt. * Adds a default case for unknown address types. * Reoders and reformats some imports. * Adds some comments and fixes typos. * Reorders imports. * add unix socket support for dns later * drop all deprecated flags and arguments * fix wrong field name * remove stray node-id file * drop unnecessary patch section in test * drop duplicate test * add test for LeaveOnTerm and SkipLeaveOnInt in client mode * drop "bla" and add clarifying comment for the test * split up tests to support enterprise/non-enterprise tests * drop raft multiplier and derive values during build phase * sanitize runtime config reflectively and add test * detect invalid config fields * fix tests with invalid config fields * use different values for wan sanitiziation test * drop recursor in favor of recursors * allow dns_config.udp_answer_limit to be zero * make sure tests run on machines with multiple ips * Fix failing tests in a few more places by providing a bind address in the test * Gets rid of skipped TestAgent_CheckPerformanceSettings and adds case for builder. * Add porter to server_test.go to make tests there less flaky * go fmt
2017-09-25 18:40:42 +00:00
other-consul:
@echo "--> Checking for other consul instances"
@if ps -ef | grep 'consul agent' | grep -v grep ; then \
echo "Found other running consul agents. This may affect your tests." ; \
exit 1 ; \
fi
build: wire up remaining 5 helper tools into the same auto-install logic used for protobuf tools (#13184)
2022-05-23 15:50:45 +00:00
lint: lint-tools
@echo "--> Running golangci-lint"
Add lint to makefile And support for setting build tags in CI lint job. Removed the unused 'test-ci' target.
2020-03-24 20:14:12 +00:00
@golangci-lint run --build-tags '$(GOTAGS)' && \
(cd api && golangci-lint run --build-tags '$(GOTAGS)') && \
(cd sdk && golangci-lint run --build-tags '$(GOTAGS)')
build: wire up remaining 5 helper tools into the same auto-install logic used for protobuf tools (#13184)
2022-05-23 15:50:45 +00:00
@echo "--> Running lint-consul-retry"
@lint-consul-retry
api: ensure peering API endpoints do not use protobufs (#13204) I noticed that the JSON api endpoints for peerings json encodes protobufs directly, rather than converting them into their `api` package equivalents before marshal/unmarshaling them. I updated this and used `mog` to do the annoying part in the middle. Other changes: - the status enum was converted into the friendlier string form of the enum for readability with tools like `curl` - some of the `api` library functions were slightly modified to match other similar endpoints in UX (cc: @ndhanushkodi ) - peeringRead returns `nil` if not found - partitions are NOT inferred from the agent's partition (matching 1.11-style logic)
2022-05-25 18:43:35 +00:00
@echo "--> Running enumcover"
@enumcover ./...
Makefile: add vet target Add a vet target in order to catch suspicious constructs reported by go vet. Vet has successfully detected problems in the past, for example, see c9333b1b9b472feb5cad80e2c8276d41b64bde88 Some vet flags are noisy. In particular, the following flags reports a large amount of generally unharmful constructs: ``` -assign: check for useless assignments -composites: check that composite literals used field-keyed elements -shadow: check for shadowed variables -shadowstrict: whether to be strict about shadowing -unreachable: check for unreachable code ``` In order to skip running the flags mentioned above, vet is invoked on a directory basis with `go tool vet .` since package- level type-checking with `go vet` doesn't accept flags. Hence, each file is vetted in isolation, which is weaker than package-level type-checking. But nevertheless, it might catch suspicious constructs that pose a real issue. The vet target runs the following flags on the entire repo: ``` -asmdecl: check assembly against Go declarations -atomic: check for common mistaken usages of the sync/atomic package -bool: check for mistakes involving boolean operators -buildtags: check that +build tags are valid -copylocks: check that locks are not passed by value -methods: check that canonically named methods are canonically defined -nilfunc: check for comparisons between functions and nil -printf: check printf-like invocations -rangeloops: check that range loop variables are used correctly -shift: check for useless shifts -structtags: check that struct field tags have canonical format and apply to exported fields as needed -unsafeptr: check for misuse of unsafe.Pointer ``` Now and then, it might make sense to check the output of the disabled flags manually. For example, `VETARGS=-unreachable make vet` can detect several lines of dead code that can be deleted, etc.
2015-01-17 06:44:10 +00:00
Update repo to use go:embed (#10996) Replace bindata packages with stdlib go:embed. Modernize some uiserver code with newer interfaces introduced in go 1.16 (mainly working with fs.File instead of http.File. Remove steps that are no longer used from our build files. Add Github Action to detect differences in agent/uiserver/dist and verify that the files are correct (by compiling UI assets and comparing contents).
2022-05-31 19:33:56 +00:00
# Build the static web ui inside a Docker container. For local testing only; do not commit these assets.
ui: ui-docker
agent: compile web assets into consul binary
2015-11-30 19:24:08 +00:00
Update repo to use go:embed (#10996) Replace bindata packages with stdlib go:embed. Modernize some uiserver code with newer interfaces introduced in go 1.16 (mainly working with fs.File instead of http.File. Remove steps that are no longer used from our build files. Add Github Action to detect differences in agent/uiserver/dist and verify that the files are correct (by compiling UI assets and comparing contents).
2022-05-31 19:33:56 +00:00
# Build the static web ui with yarn. This is the version to commit.
.PHONY: ui-regen
ui-regen:
cd $(CURDIR)/ui && make && cd ..
rm -rf $(CURDIR)/agent/uiserver/dist
mv $(CURDIR)/ui/packages/consul-ui/dist $(CURDIR)/agent/uiserver/
Add capability to put tree back into dev mode via make dev-tree
2018-06-15 12:00:12 +00:00
build: wire up remaining 5 helper tools into the same auto-install logic used for protobuf tools (#13184)
2022-05-23 15:50:45 +00:00
tools:
@$(SHELL) $(CURDIR)/build-support/scripts/devtools.sh
.PHONY: lint-tools
lint-tools:
@$(SHELL) $(CURDIR)/build-support/scripts/devtools.sh -lint
Add a tools target that fetches various build-time tools
2016-02-13 01:09:18 +00:00
build: wire up remaining 5 helper tools into the same auto-install logic used for protobuf tools (#13184)
2022-05-23 15:50:45 +00:00
.PHONY: proto-tools
build: install mog and execute it during protobuf compilation (#12647) - also import replace isn't needed anymore
2022-03-29 20:18:05 +00:00
proto-tools:
build: wire up remaining 5 helper tools into the same auto-install logic used for protobuf tools (#13184)
2022-05-23 15:50:45 +00:00
@$(SHELL) $(CURDIR)/build-support/scripts/devtools.sh -protobuf
build: install mog and execute it during protobuf compilation (#12647) - also import replace isn't needed anymore
2022-03-29 20:18:05 +00:00
perf: remove expensive reflection from xDS hot path (#14934) Replaces the reflection-based implementation of proxycfg's ConfigSnapshot.Clone with code generated by deep-copy. While load testing server-based xDS (for consul-dataplane) we discovered this method is extremely expensive. The ConfigSnapshot struct, directly or indirectly, contains a copy of many of the structs in the agent/structs package, which creates a large graph for copystructure.Copy to traverse at runtime, on every proxy reconfiguration.
2022-10-14 09:26:42 +00:00
.PHONY: codegen-tools
codegen-tools:
@$(SHELL) $(CURDIR)/build-support/scripts/devtools.sh -codegen
.PHONY: deep-copy
deep-copy:
@$(SHELL) $(CURDIR)/agent/structs/deep-copy.sh
@$(SHELL) $(CURDIR)/agent/proxycfg/deep-copy.sh
Redo the build system Improvements: - More modular - Building within docker doesn’t use volumes so can be run on a remote docker host - Build containers include only minimal context so they only rarely need to be rebuilt and most of the time can be used from the cache. - 3 build containers instead of 1. One based off of the upstream golang containers for building go stuff with all our required GOTOOLS installed. One like the old container based off ubuntu bionic for building the old UI (didn’t bother creating a much better container as this shouldn’t be needed once we completely remove the legacy UI). One for building the new UI. Its alpine based with all the node, ember, yarn stuff installed. - Top level makefile has the ability to do a container based build without running make dist - Can build for arbitrary platforms at the top level using: make consul-docker XC_OS=… XC_ARCH=… - overridable functionality to allow for customizations to the enterprise build (like to generate multiple binaries) - unified how we compile our go. always use gox even for dev-builds or rather always use the tooling around our scripts which will make sure things get copied to the correct places throughout the filesystem.
2018-06-12 20:55:52 +00:00
version:
Add more functionality related to verifying a build and publishing
2018-06-13 19:10:02 +00:00
@echo -n "Version: "
Update the scripting Automated putting the source tree into release mode.
2018-06-15 01:25:59 +00:00
@$(SHELL) $(CURDIR)/build-support/scripts/version.sh
Add more functionality related to verifying a build and publishing
2018-06-13 19:10:02 +00:00
@echo -n "Version + release: "
Update the scripting Automated putting the source tree into release mode.
2018-06-15 01:25:59 +00:00
@$(SHELL) $(CURDIR)/build-support/scripts/version.sh -r
Add more functionality related to verifying a build and publishing
2018-06-13 19:10:02 +00:00
@echo -n "Version + git: "
Update the scripting Automated putting the source tree into release mode.
2018-06-15 01:25:59 +00:00
@$(SHELL) $(CURDIR)/build-support/scripts/version.sh -g
Add more functionality related to verifying a build and publishing
2018-06-13 19:10:02 +00:00
@echo -n "Version + release + git: "
Add capability to put tree back into dev mode via make dev-tree
2018-06-15 12:00:12 +00:00
@$(SHELL) $(CURDIR)/build-support/scripts/version.sh -r -g
New ACLs (#4791) This PR is almost a complete rewrite of the ACL system within Consul. It brings the features more in line with other HashiCorp products. Obviously there is quite a bit left to do here but most of it is related docs, testing and finishing the last few commands in the CLI. I will update the PR description and check off the todos as I finish them over the next few days/week. Description At a high level this PR is mainly to split ACL tokens from Policies and to split the concepts of Authorization from Identities. A lot of this PR is mostly just to support CRUD operations on ACLTokens and ACLPolicies. These in and of themselves are not particularly interesting. The bigger conceptual changes are in how tokens get resolved, how backwards compatibility is handled and the separation of policy from identity which could lead the way to allowing for alternative identity providers. On the surface and with a new cluster the ACL system will look very similar to that of Nomads. Both have tokens and policies. Both have local tokens. The ACL management APIs for both are very similar. I even ripped off Nomad's ACL bootstrap resetting procedure. There are a few key differences though. Nomad requires token and policy replication where Consul only requires policy replication with token replication being opt-in. In Consul local tokens only work with token replication being enabled though. All policies in Nomad are globally applicable. In Consul all policies are stored and replicated globally but can be scoped to a subset of the datacenters. This allows for more granular access management. Unlike Nomad, Consul has legacy baggage in the form of the original ACL system. The ramifications of this are: A server running the new system must still support other clients using the legacy system. A client running the new system must be able to use the legacy RPCs when the servers in its datacenter are running the legacy system. The primary ACL DC's servers running in legacy mode needs to be a gate that keeps everything else in the entire multi-DC cluster running in legacy mode. So not only does this PR implement the new ACL system but has a legacy mode built in for when the cluster isn't ready for new ACLs. Also detecting that new ACLs can be used is automatic and requires no configuration on the part of administrators. This process is detailed more in the "Transitioning from Legacy to New ACL Mode" section below.
2018-10-19 16:04:07 +00:00
Update the scripting Automated putting the source tree into release mode.
2018-06-15 01:25:59 +00:00
Remove old UI, option to use it, and its build processes
2019-04-12 15:02:27 +00:00
docker-images: go-build-image ui-build-image
Initial progress on build system updates
2018-06-08 14:20:54 +00:00
go-build-image:
Update the scripting Automated putting the source tree into release mode.
2018-06-15 01:25:59 +00:00
@echo "Building Golang build container"
build: wire up remaining 5 helper tools into the same auto-install logic used for protobuf tools (#13184)
2022-05-23 15:50:45 +00:00
@docker build $(NOCACHE) $(QUIET) -t $(GO_BUILD_TAG) - < build-support/docker/Build-Go.dockerfile
New ACLs (#4791) This PR is almost a complete rewrite of the ACL system within Consul. It brings the features more in line with other HashiCorp products. Obviously there is quite a bit left to do here but most of it is related docs, testing and finishing the last few commands in the CLI. I will update the PR description and check off the todos as I finish them over the next few days/week. Description At a high level this PR is mainly to split ACL tokens from Policies and to split the concepts of Authorization from Identities. A lot of this PR is mostly just to support CRUD operations on ACLTokens and ACLPolicies. These in and of themselves are not particularly interesting. The bigger conceptual changes are in how tokens get resolved, how backwards compatibility is handled and the separation of policy from identity which could lead the way to allowing for alternative identity providers. On the surface and with a new cluster the ACL system will look very similar to that of Nomads. Both have tokens and policies. Both have local tokens. The ACL management APIs for both are very similar. I even ripped off Nomad's ACL bootstrap resetting procedure. There are a few key differences though. Nomad requires token and policy replication where Consul only requires policy replication with token replication being opt-in. In Consul local tokens only work with token replication being enabled though. All policies in Nomad are globally applicable. In Consul all policies are stored and replicated globally but can be scoped to a subset of the datacenters. This allows for more granular access management. Unlike Nomad, Consul has legacy baggage in the form of the original ACL system. The ramifications of this are: A server running the new system must still support other clients using the legacy system. A client running the new system must be able to use the legacy RPCs when the servers in its datacenter are running the legacy system. The primary ACL DC's servers running in legacy mode needs to be a gate that keeps everything else in the entire multi-DC cluster running in legacy mode. So not only does this PR implement the new ACL system but has a legacy mode built in for when the cluster isn't ready for new ACLs. Also detecting that new ACLs can be used is automatic and requires no configuration on the part of administrators. This process is detailed more in the "Transitioning from Legacy to New ACL Mode" section below.
2018-10-19 16:04:07 +00:00
Initial progress on build system updates
2018-06-08 14:20:54 +00:00
ui-build-image:
Update the scripting Automated putting the source tree into release mode.
2018-06-15 01:25:59 +00:00
@echo "Building UI build container"
@docker build $(NOCACHE) $(QUIET) -t $(UI_BUILD_TAG) - < build-support/docker/Build-UI.dockerfile
New ACLs (#4791) This PR is almost a complete rewrite of the ACL system within Consul. It brings the features more in line with other HashiCorp products. Obviously there is quite a bit left to do here but most of it is related docs, testing and finishing the last few commands in the CLI. I will update the PR description and check off the todos as I finish them over the next few days/week. Description At a high level this PR is mainly to split ACL tokens from Policies and to split the concepts of Authorization from Identities. A lot of this PR is mostly just to support CRUD operations on ACLTokens and ACLPolicies. These in and of themselves are not particularly interesting. The bigger conceptual changes are in how tokens get resolved, how backwards compatibility is handled and the separation of policy from identity which could lead the way to allowing for alternative identity providers. On the surface and with a new cluster the ACL system will look very similar to that of Nomads. Both have tokens and policies. Both have local tokens. The ACL management APIs for both are very similar. I even ripped off Nomad's ACL bootstrap resetting procedure. There are a few key differences though. Nomad requires token and policy replication where Consul only requires policy replication with token replication being opt-in. In Consul local tokens only work with token replication being enabled though. All policies in Nomad are globally applicable. In Consul all policies are stored and replicated globally but can be scoped to a subset of the datacenters. This allows for more granular access management. Unlike Nomad, Consul has legacy baggage in the form of the original ACL system. The ramifications of this are: A server running the new system must still support other clients using the legacy system. A client running the new system must be able to use the legacy RPCs when the servers in its datacenter are running the legacy system. The primary ACL DC's servers running in legacy mode needs to be a gate that keeps everything else in the entire multi-DC cluster running in legacy mode. So not only does this PR implement the new ACL system but has a legacy mode built in for when the cluster isn't ready for new ACLs. Also detecting that new ACLs can be used is automatic and requires no configuration on the part of administrators. This process is detailed more in the "Transitioning from Legacy to New ACL Mode" section below.
2018-10-19 16:04:07 +00:00
Redo the build system Improvements: - More modular - Building within docker doesn’t use volumes so can be run on a remote docker host - Build containers include only minimal context so they only rarely need to be rebuilt and most of the time can be used from the cache. - 3 build containers instead of 1. One based off of the upstream golang containers for building go stuff with all our required GOTOOLS installed. One like the old container based off ubuntu bionic for building the old UI (didn’t bother creating a much better container as this shouldn’t be needed once we completely remove the legacy UI). One for building the new UI. Its alpine based with all the node, ember, yarn stuff installed. - Top level makefile has the ability to do a container based build without running make dist - Can build for arbitrary platforms at the top level using: make consul-docker XC_OS=… XC_ARCH=… - overridable functionality to allow for customizations to the enterprise build (like to generate multiple binaries) - unified how we compile our go. always use gox even for dev-builds or rather always use the tooling around our scripts which will make sure things get copied to the correct places throughout the filesystem.
2018-06-12 20:55:52 +00:00
consul-docker: go-build-image
Update the scripting Automated putting the source tree into release mode.
2018-06-15 01:25:59 +00:00
@$(SHELL) $(CURDIR)/build-support/scripts/build-docker.sh consul
New ACLs (#4791) This PR is almost a complete rewrite of the ACL system within Consul. It brings the features more in line with other HashiCorp products. Obviously there is quite a bit left to do here but most of it is related docs, testing and finishing the last few commands in the CLI. I will update the PR description and check off the todos as I finish them over the next few days/week. Description At a high level this PR is mainly to split ACL tokens from Policies and to split the concepts of Authorization from Identities. A lot of this PR is mostly just to support CRUD operations on ACLTokens and ACLPolicies. These in and of themselves are not particularly interesting. The bigger conceptual changes are in how tokens get resolved, how backwards compatibility is handled and the separation of policy from identity which could lead the way to allowing for alternative identity providers. On the surface and with a new cluster the ACL system will look very similar to that of Nomads. Both have tokens and policies. Both have local tokens. The ACL management APIs for both are very similar. I even ripped off Nomad's ACL bootstrap resetting procedure. There are a few key differences though. Nomad requires token and policy replication where Consul only requires policy replication with token replication being opt-in. In Consul local tokens only work with token replication being enabled though. All policies in Nomad are globally applicable. In Consul all policies are stored and replicated globally but can be scoped to a subset of the datacenters. This allows for more granular access management. Unlike Nomad, Consul has legacy baggage in the form of the original ACL system. The ramifications of this are: A server running the new system must still support other clients using the legacy system. A client running the new system must be able to use the legacy RPCs when the servers in its datacenter are running the legacy system. The primary ACL DC's servers running in legacy mode needs to be a gate that keeps everything else in the entire multi-DC cluster running in legacy mode. So not only does this PR implement the new ACL system but has a legacy mode built in for when the cluster isn't ready for new ACLs. Also detecting that new ACLs can be used is automatic and requires no configuration on the part of administrators. This process is detailed more in the "Transitioning from Legacy to New ACL Mode" section below.
2018-10-19 16:04:07 +00:00
Initial progress on build system updates
2018-06-08 14:20:54 +00:00
ui-docker: ui-build-image
Update the scripting Automated putting the source tree into release mode.
2018-06-15 01:25:59 +00:00
@$(SHELL) $(CURDIR)/build-support/scripts/build-docker.sh ui
New ACLs (#4791) This PR is almost a complete rewrite of the ACL system within Consul. It brings the features more in line with other HashiCorp products. Obviously there is quite a bit left to do here but most of it is related docs, testing and finishing the last few commands in the CLI. I will update the PR description and check off the todos as I finish them over the next few days/week. Description At a high level this PR is mainly to split ACL tokens from Policies and to split the concepts of Authorization from Identities. A lot of this PR is mostly just to support CRUD operations on ACLTokens and ACLPolicies. These in and of themselves are not particularly interesting. The bigger conceptual changes are in how tokens get resolved, how backwards compatibility is handled and the separation of policy from identity which could lead the way to allowing for alternative identity providers. On the surface and with a new cluster the ACL system will look very similar to that of Nomads. Both have tokens and policies. Both have local tokens. The ACL management APIs for both are very similar. I even ripped off Nomad's ACL bootstrap resetting procedure. There are a few key differences though. Nomad requires token and policy replication where Consul only requires policy replication with token replication being opt-in. In Consul local tokens only work with token replication being enabled though. All policies in Nomad are globally applicable. In Consul all policies are stored and replicated globally but can be scoped to a subset of the datacenters. This allows for more granular access management. Unlike Nomad, Consul has legacy baggage in the form of the original ACL system. The ramifications of this are: A server running the new system must still support other clients using the legacy system. A client running the new system must be able to use the legacy RPCs when the servers in its datacenter are running the legacy system. The primary ACL DC's servers running in legacy mode needs to be a gate that keeps everything else in the entire multi-DC cluster running in legacy mode. So not only does this PR implement the new ACL system but has a legacy mode built in for when the cluster isn't ready for new ACLs. Also detecting that new ACLs can be used is automatic and requires no configuration on the part of administrators. This process is detailed more in the "Transitioning from Legacy to New ACL Mode" section below.
2018-10-19 16:04:07 +00:00
Run integration tests locally using amd64 (#14365) Locally, always run integration tests using amd64, even if running on an arm mac. This ensures the architecture locally always matches the CI/CD environment. In addition: * Use consul:local for envoy integration and upgrade tests. Previously, consul:local was used for upgrade tests and consul-dev for integration tests. I didn't see a reason to use separate images as it's more confusing. * By default, disable the requirement that aws credentials are set. These are only needed for the lambda tests and make it so you can't run any tests locally, even if you're not running the lambda tests. Now they'll only run if the LAMBDA_TESTS_ENABLED env var is set. * Split out the building of the Docker image for integration tests into its own target from `dev-docker`. This allows us to always use an amd64 image without messing up the `dev-docker` target. * Add support for passing GO_TEST_FLAGs to `test-envoy-integ` target. * Add a wait_for_leader function because tests were failing locally without it.
2022-08-29 23:13:49 +00:00
# Build image used to run integration tests locally.
docker-envoy-integ:
$(MAKE) GOARCH=amd64 linux
docker build \
--platform linux/amd64 $(NOCACHE) $(QUIET) \
-t 'consul:local' \
--build-arg CONSUL_IMAGE_VERSION=$(CONSUL_IMAGE_VERSION) \
$(CURDIR)/pkg/bin/linux_amd64 \
-f $(CURDIR)/build-support/docker/Consul-Dev.dockerfile
# Run integration tests.
# Use GO_TEST_FLAGS to run specific tests:
# make test-envoy-integ GO_TEST_FLAGS="-run TestEnvoy/case-basic"
# NOTE: Always uses amd64 images, even when running on M1 macs, to match CI/CD environment.
Connect: allow configuring Envoy for L7 Observability (#5558) * Add support for HTTP proxy listeners * Add customizable bootstrap configuration options * Debug logging for xDS AuthZ * Add Envoy Integration test suite with basic test coverage * Add envoy command tests to cover new cases * Add tracing integration test * Add gRPC support WIP * Merged changes from master Docker. get CI integration to work with same Dockerfile now * Make docker build optional for integration * Enable integration tests again! * http2 and grpc integration tests and fixes * Fix up command config tests * Store all container logs as artifacts in circle on fail * Add retries to outer part of stats measurements as we keep missing them in CI * Only dump logs on failing cases * Fix typos from code review * Review tidying and make tests pass again * Add debug logs to exec test. * Fix legit test failure caused by upstream rename in envoy config * Attempt to reduce cases of bad TLS handshake in CI integration tests * bring up the right service * Add prometheus integration test * Add test for denied AuthZ both HTTP and TCP * Try ANSI term for Circle
2019-04-29 16:27:57 +00:00
test-envoy-integ: $(ENVOY_INTEG_DEPS)
Run integration tests locally using amd64 (#14365) Locally, always run integration tests using amd64, even if running on an arm mac. This ensures the architecture locally always matches the CI/CD environment. In addition: * Use consul:local for envoy integration and upgrade tests. Previously, consul:local was used for upgrade tests and consul-dev for integration tests. I didn't see a reason to use separate images as it's more confusing. * By default, disable the requirement that aws credentials are set. These are only needed for the lambda tests and make it so you can't run any tests locally, even if you're not running the lambda tests. Now they'll only run if the LAMBDA_TESTS_ENABLED env var is set. * Split out the building of the Docker image for integration tests into its own target from `dev-docker`. This allows us to always use an amd64 image without messing up the `dev-docker` target. * Add support for passing GO_TEST_FLAGs to `test-envoy-integ` target. * Add a wait_for_leader function because tests were failing locally without it.
2022-08-29 23:13:49 +00:00
@go test -v -timeout=30m -tags integration $(GO_TEST_FLAGS) ./test/integration/connect/envoy
Connect: allow configuring Envoy for L7 Observability (#5558) * Add support for HTTP proxy listeners * Add customizable bootstrap configuration options * Debug logging for xDS AuthZ * Add Envoy Integration test suite with basic test coverage * Add envoy command tests to cover new cases * Add tracing integration test * Add gRPC support WIP * Merged changes from master Docker. get CI integration to work with same Dockerfile now * Make docker build optional for integration * Enable integration tests again! * http2 and grpc integration tests and fixes * Fix up command config tests * Store all container logs as artifacts in circle on fail * Add retries to outer part of stats measurements as we keep missing them in CI * Only dump logs on failing cases * Fix typos from code review * Review tidying and make tests pass again * Add debug logs to exec test. * Fix legit test failure caused by upstream rename in envoy config * Attempt to reduce cases of bad TLS handshake in CI integration tests * bring up the right service * Add prometheus integration test * Add test for denied AuthZ both HTTP and TCP * Try ANSI term for Circle
2019-04-29 16:27:57 +00:00
test: cleanup and unflake parts of the upgrade compat tests (#13126)
2022-05-18 19:52:26 +00:00
.PHONY: test-compat-integ
test-compat-integ: dev-docker
ifeq ("$(GOTAGS)","")
@docker tag consul-dev:latest consul:local
@docker run --rm -t consul:local consul version
@cd ./test/integration/consul-container && \
tests: ensure integration tests show logs from the containers to help debugging (#13593)
2022-06-24 15:26:17 +00:00
go test -v -timeout=30m ./... --target-version local --latest-version latest
test: cleanup and unflake parts of the upgrade compat tests (#13126)
2022-05-18 19:52:26 +00:00
else
@docker tag consul-dev:latest hashicorp/consul-enterprise:local
@docker run --rm -t hashicorp/consul-enterprise:local consul version
@cd ./test/integration/consul-container && \
tests: ensure integration tests show logs from the containers to help debugging (#13593)
2022-06-24 15:26:17 +00:00
go test -v -timeout=30m ./... --tags $(GOTAGS) --target-version local --latest-version latest
test: cleanup and unflake parts of the upgrade compat tests (#13126)
2022-05-18 19:52:26 +00:00
endif
Add isLeader metric to track if a server is a leader (#13304) CTIA-21: sdd is_leader metric to track if a server is a leader Co-authored-by: alex <8968914+acpana@users.noreply.github.com>
2022-06-03 17:07:37 +00:00
.PHONY: test-metrics-integ
test-metrics-integ: dev-docker
@docker tag consul-dev:latest consul:local
@docker run --rm -t consul:local consul version
@cd ./test/integration/consul-container && \
go test -v -timeout=7m ./metrics --target-version local
ci: Run all connect/ca tests from the integration suite To reduce the chance of some tests not being run because it does not match the regex passed to '-run'. Also document why some tests are allowed to be skipped on CI.
2020-03-24 19:16:13 +00:00
test-connect-ca-providers:
Add CI test-integrations job for connect Vault CA provider (#6949) * vault-ca-provider: add make target and CI test-integration job for /agent/connect/ca/ Vault Provider tests * load env vars in the vault-ca-provider ci job * add checkout task, see if we need to attach workspace or not * ci: remove vault dependency from go-test job to ensure we only run the vault-provider tests in their job * ci: fix from RB and Alvin code review, add mod cache after checkout * ci: add CI context to make target and store test results * ci: fix whitespace * ci: create test results directory before we try to write to it
2019-12-17 21:22:32 +00:00
ifeq ("$(CIRCLECI)","true")
# Run in CI
test(vault): generate test coverage and upload to CodeCov (#8870)
2020-10-07 20:32:25 +00:00
gotestsum --format=short-verbose --junitfile "$(TEST_RESULTS_DIR)/gotestsum-report.xml" -- -cover -coverprofile=coverage.txt ./agent/connect/ca
Update CI for leader renew CA test using Vault
2020-10-09 12:02:18 +00:00
# Run leader tests that require Vault
ca: require that tests that use Vault are named correctly Previously we were using two different criteria to decide where to run a test. The main `go-test` job would skip Vault tests based on the presence of the `vault` binary, but the `test-connect-ca-providers` job would run tests based on the name. This led to a scenario where a test may never run in CI. To fix this problem I added a name check to the function we use to skip the test. This should ensure that any test that requires vault is named correctly to be run as part of the `test-connect-ca-providers` job. At the same time I relaxed the regex we use. I verified this runs the same tests using `go test --list Vault`. I made this change because a bunch of tests in `agent/connect/ca` used `Vault` in the name, without the underscores. Instead of changing a bunch of test names, this seemed easier. With this approach, the worst case is that we run a few extra tests in the `test-connect-ca-providers` job, which doesn't seem like a problem.
2022-02-28 21:13:53 +00:00
gotestsum --format=short-verbose --junitfile "$(TEST_RESULTS_DIR)/gotestsum-report-leader.xml" -- -cover -coverprofile=coverage-leader.txt -run Vault ./agent/consul
connect: connect CA Roots in the primary datacenter should use a SigningKeyID derived from their local intermediate (#9428) This fixes an issue where leaf certificates issued in primary datacenters using Vault as a Connect CA would be reissued very frequently (every ~20 seconds) because the logic meant to detect root rotation was errantly triggering. The hash of the rootCA was being compared against a hash of the intermediateCA and always failing. This doesn't apply to the Consul built-in CA provider because there is no intermediate in use in the primary DC. This is reminiscent of #6513
2021-02-08 19:18:51 +00:00
# Run agent tests that require Vault
ca: require that tests that use Vault are named correctly Previously we were using two different criteria to decide where to run a test. The main `go-test` job would skip Vault tests based on the presence of the `vault` binary, but the `test-connect-ca-providers` job would run tests based on the name. This led to a scenario where a test may never run in CI. To fix this problem I added a name check to the function we use to skip the test. This should ensure that any test that requires vault is named correctly to be run as part of the `test-connect-ca-providers` job. At the same time I relaxed the regex we use. I verified this runs the same tests using `go test --list Vault`. I made this change because a bunch of tests in `agent/connect/ca` used `Vault` in the name, without the underscores. Instead of changing a bunch of test names, this seemed easier. With this approach, the worst case is that we run a few extra tests in the `test-connect-ca-providers` job, which doesn't seem like a problem.
2022-02-28 21:13:53 +00:00
gotestsum --format=short-verbose --junitfile "$(TEST_RESULTS_DIR)/gotestsum-report-agent.xml" -- -cover -coverprofile=coverage-agent.txt -run Vault ./agent
Add CI test-integrations job for connect Vault CA provider (#6949) * vault-ca-provider: add make target and CI test-integration job for /agent/connect/ca/ Vault Provider tests * load env vars in the vault-ca-provider ci job * add checkout task, see if we need to attach workspace or not * ci: remove vault dependency from go-test job to ensure we only run the vault-provider tests in their job * ci: fix from RB and Alvin code review, add mod cache after checkout * ci: add CI context to make target and store test results * ci: fix whitespace * ci: create test results directory before we try to write to it
2019-12-17 21:22:32 +00:00
else
# Run locally
ci: Run all connect/ca tests from the integration suite To reduce the chance of some tests not being run because it does not match the regex passed to '-run'. Also document why some tests are allowed to be skipped on CI.
2020-03-24 19:16:13 +00:00
@echo "Running /agent/connect/ca tests in verbose mode"
@go test -v ./agent/connect/ca
ca: require that tests that use Vault are named correctly Previously we were using two different criteria to decide where to run a test. The main `go-test` job would skip Vault tests based on the presence of the `vault` binary, but the `test-connect-ca-providers` job would run tests based on the name. This led to a scenario where a test may never run in CI. To fix this problem I added a name check to the function we use to skip the test. This should ensure that any test that requires vault is named correctly to be run as part of the `test-connect-ca-providers` job. At the same time I relaxed the regex we use. I verified this runs the same tests using `go test --list Vault`. I made this change because a bunch of tests in `agent/connect/ca` used `Vault` in the name, without the underscores. Instead of changing a bunch of test names, this seemed easier. With this approach, the worst case is that we run a few extra tests in the `test-connect-ca-providers` job, which doesn't seem like a problem.
2022-02-28 21:13:53 +00:00
@go test -v ./agent/consul -run Vault
@go test -v ./agent -run Vault
Add CI test-integrations job for connect Vault CA provider (#6949) * vault-ca-provider: add make target and CI test-integration job for /agent/connect/ca/ Vault Provider tests * load env vars in the vault-ca-provider ci job * add checkout task, see if we need to attach workspace or not * ci: remove vault dependency from go-test job to ensure we only run the vault-provider tests in their job * ci: fix from RB and Alvin code review, add mod cache after checkout * ci: add CI context to make target and store test results * ci: fix whitespace * ci: create test results directory before we try to write to it
2019-12-17 21:22:32 +00:00
endif
build: run mog separately after the protobufs are generated (#12665) Also ensure that we run mog serially on each package in dependency order.
2022-03-31 18:49:42 +00:00
.PHONY: proto
Add mocks for probuf generation
2022-09-30 04:17:30 +00:00
proto: proto-tools proto-gen proto-mocks
.PHONY: proto-gen
proto-gen: proto-tools
build: wire up remaining 5 helper tools into the same auto-install logic used for protobuf tools (#13184)
2022-05-23 15:50:45 +00:00
@$(SHELL) $(CURDIR)/build-support/scripts/protobuf.sh
Add mocks for probuf generation
2022-09-30 04:17:30 +00:00
.PHONY: proto-mocks
proto-mocks:
for dir in $(MOCKED_PB_DIRS) ; do \
cd proto-public && \
rm -f $$dir/mock*.go && \
mockery --dir $$dir --inpackage --all --recursive --log-level trace ; \
done
Migrate from `protoc` to `buf` (#12841) * Install `buf` instead of `protoc` * Created `buf.yaml` and `buf.gen.yaml` files in the two proto directories to control how `buf` generates/lints proto code. * Invoke `buf` instead of `protoc` * Added a `proto-format` make target. * Committed the reformatted proto files. * Added a `proto-lint` make target. * Integrated proto linting with CI * Fixed tons of proto linter warnings. * Got rid of deprecated builtin protoc-gen-go grpc plugin usage. Moved to direct usage of protoc-gen-go-grpc. * Unified all proto directories / go packages around using pb prefixes but ensuring all proto packages do not have the prefix.
2022-05-23 14:37:52 +00:00
.PHONY: proto-format
proto-format: proto-tools
@buf format -w
build: wire up remaining 5 helper tools into the same auto-install logic used for protobuf tools (#13184)
2022-05-23 15:50:45 +00:00
Migrate from `protoc` to `buf` (#12841) * Install `buf` instead of `protoc` * Created `buf.yaml` and `buf.gen.yaml` files in the two proto directories to control how `buf` generates/lints proto code. * Invoke `buf` instead of `protoc` * Added a `proto-format` make target. * Committed the reformatted proto files. * Added a `proto-lint` make target. * Integrated proto linting with CI * Fixed tons of proto linter warnings. * Got rid of deprecated builtin protoc-gen-go grpc plugin usage. Moved to direct usage of protoc-gen-go-grpc. * Unified all proto directories / go packages around using pb prefixes but ensuring all proto packages do not have the prefix.
2022-05-23 14:37:52 +00:00
.PHONY: proto-lint
proto-lint: proto-tools
@buf lint --config proto/buf.yaml --path proto
@buf lint --config proto-public/buf.yaml --path proto-public
proto: add package prefixes for all proto files where it is safe (#13735) We cannot do this for "subscribe" and "partition" this easily without breakage so those are omitted. Any protobuf message passed around via an Any construct will have the fully qualified package name embedded in the protobuf as a string. Also RPC method dispatch will include the package of the service during serialization. - We will be passing pbservice and pbpeering through an Any as part of peer stream replication. - We will be exposing two new gRPC services via pbpeering and pbpeerstream.
2022-07-13 16:03:27 +00:00
@for fn in $$(find proto -name '*.proto'); do \
if [[ "$$fn" = "proto/pbsubscribe/subscribe.proto" ]]; then \
continue ; \
elif [[ "$$fn" = "proto/pbpartition/partition.proto" ]]; then \
continue ; \
fi ; \
pkg=$$(grep "^package " "$$fn" | sed 's/^package \(.*\);/\1/'); \
if [[ "$$pkg" != hashicorp.consul.internal.* ]]; then \
echo "ERROR: $$fn: is missing 'hashicorp.consul.internal' package prefix: $$pkg" >&2; \
exit 1; \
fi \
done
Add support for implementing new requests with protobufs instea… (#6502) * Add build system support for protobuf generation This is done generically so that we don’t have to keep updating the makefile to add another proto generation. Note: anything not in the vendor directory and with a .proto extension will be run through protoc if the corresponding namespace.pb.go file is not up to date. If you want to rebuild just a single proto file you can do so with: make proto-rebuild PROTOFILES=<list of proto files to rebuild> Providing the PROTOFILES var will override the default behavior of finding all the .proto files. * Start adding types to the agent/proto package These will be needed for some other work and are by no means comprehensive. * Add ability to resolve/fixup the agentpb.ACLLinks structure in the state store. * Use protobuf marshalling of raft requests instead of msgpack for protoc generated types. This does not change any encoding of existing types. * Removed structs package automatically encoding with protobuf marshalling Instead the caller of raftApply that wants to opt-in to protobuf encoding will have to call `raftApplyProtobuf` * Run update-vendor to fixup modules.txt Nothing changed as far as dependencies go but the ordering of modules in that file depends on the time they are first seen and its not alphabetical. * Rename some things and implement the structs.RPCInfo interface bits agentpb.QueryOptions and agentpb.WriteRequest implement 3 of the 4 RPCInfo funcs and the new TargetDatacenter message type implements the fourth. * Use the right encoding function. * Renamed agent/proto package to agent/agentpb to prevent package name conflicts * Update modules.txt to fix ordering * Change blockingQuery to take in interfaces for the query options and meta * Add %T to error output. * Add/Update some comments
2019-09-20 18:37:22 +00:00
build: enforce protoc binary is the expected version (#12641)
2022-03-29 17:02:43 +00:00
# utility to echo a makefile variable (i.e. 'make print-PROTOC_VERSION')
print-% : ; @echo $($*)
Add script to print available module updates
2020-07-23 20:13:20 +00:00
.PHONY: module-versions
# Print a list of modules which can be updated.
# Columns are: module current_version date_of_current_version latest_version
module-versions:
@go list -m -u -f '{{if .Update}} {{printf "%-50v %-40s" .Path .Version}} {{with .Time}} {{ .Format "2006-01-02" -}} {{else}} {{printf "%9s" ""}} {{end}} {{ .Update.Version}} {{end}}' all
xds: ensure that all envoyproxy/go-control-plane protobuf symbols are linked into the final binary (#10131) This ensures that if someone does include some extension Consul does not currently make use of, that extension is actually usable. Without linking these envoy protobufs into the main binary it can't round trip the escape hatches to send them down to envoy. Whenenver the go-control-plane library is upgraded next we just have to re-run 'make envoy-library'.
2021-04-29 19:58:26 +00:00
.PHONY: envoy-library
envoy-library:
@$(SHELL) $(CURDIR)/build-support/scripts/envoy-library-references.sh
New ACLs (#4791) This PR is almost a complete rewrite of the ACL system within Consul. It brings the features more in line with other HashiCorp products. Obviously there is quite a bit left to do here but most of it is related docs, testing and finishing the last few commands in the CLI. I will update the PR description and check off the todos as I finish them over the next few days/week. Description At a high level this PR is mainly to split ACL tokens from Policies and to split the concepts of Authorization from Identities. A lot of this PR is mostly just to support CRUD operations on ACLTokens and ACLPolicies. These in and of themselves are not particularly interesting. The bigger conceptual changes are in how tokens get resolved, how backwards compatibility is handled and the separation of policy from identity which could lead the way to allowing for alternative identity providers. On the surface and with a new cluster the ACL system will look very similar to that of Nomads. Both have tokens and policies. Both have local tokens. The ACL management APIs for both are very similar. I even ripped off Nomad's ACL bootstrap resetting procedure. There are a few key differences though. Nomad requires token and policy replication where Consul only requires policy replication with token replication being opt-in. In Consul local tokens only work with token replication being enabled though. All policies in Nomad are globally applicable. In Consul all policies are stored and replicated globally but can be scoped to a subset of the datacenters. This allows for more granular access management. Unlike Nomad, Consul has legacy baggage in the form of the original ACL system. The ramifications of this are: A server running the new system must still support other clients using the legacy system. A client running the new system must be able to use the legacy RPCs when the servers in its datacenter are running the legacy system. The primary ACL DC's servers running in legacy mode needs to be a gate that keeps everything else in the entire multi-DC cluster running in legacy mode. So not only does this PR implement the new ACL system but has a legacy mode built in for when the cluster isn't ready for new ACLs. Also detecting that new ACLs can be used is automatic and requires no configuration on the part of administrators. This process is detailed more in the "Transitioning from Legacy to New ACL Mode" section below.
2018-10-19 16:04:07 +00:00
dev: adding a make target to regenerate envoy golden files (#10158)
2021-04-30 16:27:12 +00:00
.PHONY: envoy-regen
envoy-regen:
$(info regenerating envoy golden files)
@for d in endpoints listeners routes clusters rbac; do \
if [[ -d "agent/xds/testdata/$${d}" ]]; then \
find "agent/xds/testdata/$${d}" -name '*.golden' -delete ; \
fi \
done
@go test -tags '$(GOTAGS)' ./agent/xds -update
@find "command/connect/envoy/testdata" -name '*.golden' -delete
@go test -tags '$(GOTAGS)' ./command/connect/envoy -update
build: add 'make help' to simply list available make targets (#13322)
2022-06-01 19:16:17 +00:00
.PHONY: help
help:
$(info available make targets)
$(info ----------------------)
@grep "^[a-z0-9-][a-z0-9.-]*:" GNUmakefile | cut -d':' -f1 | sort
Update repo to use go:embed (#10996) Replace bindata packages with stdlib go:embed. Modernize some uiserver code with newer interfaces introduced in go 1.16 (mainly working with fs.File instead of http.File. Remove steps that are no longer used from our build files. Add Github Action to detect differences in agent/uiserver/dist and verify that the files are correct (by compiling UI assets and comparing contents).
2022-05-31 19:33:56 +00:00
.PHONY: all bin dev dist cov test test-internal cover lint ui tools
.PHONY: docker-images go-build-image ui-build-image consul-docker ui-docker
build: run mog separately after the protobufs are generated (#12665) Also ensure that we run mog serially on each package in dependency order.
2022-03-31 18:49:42 +00:00
.PHONY: version test-envoy-integ