This commit is contained in:
Sarah Thompson 2023-09-06 18:24:39 +01:00 committed by GitHub
parent 4969480dfb
commit 2ae56bd4ac
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
17 changed files with 280 additions and 248 deletions

View File

@ -35,7 +35,12 @@ on:
web-ui-cache-key: web-ui-cache-key:
type: string type: string
required: true required: true
vault-base-version:
type: string
required: true
vault-prerelease-version:
type: string
required: true
jobs: jobs:
build: build:
runs-on: custom-linux-xl-vault-latest runs-on: custom-linux-xl-vault-latest
@ -55,15 +60,18 @@ jobs:
key: ${{ inputs.web-ui-cache-key }} key: ${{ inputs.web-ui-cache-key }}
- name: Build Vault - name: Build Vault
env: env:
GO_TAGS: ${{ inputs.go-tags }}
CGO_ENABLED: ${{ inputs.cgo-enabled }} CGO_ENABLED: ${{ inputs.cgo-enabled }}
GOARCH: ${{ inputs.goarch }} GOARCH: ${{ inputs.goarch }}
GOOS: ${{ inputs.goos }} GOOS: ${{ inputs.goos }}
GO_TAGS: ${{ inputs.go-tags }} VERSION: ${{ inputs.vault-version }}
run: make ci-build run:
make ci-build
- name: Determine artifact basename - name: Determine artifact basename
env: env:
GOARCH: ${{ inputs.goarch }} GOARCH: ${{ inputs.goarch }}
GOOS: ${{ inputs.goos }} GOOS: ${{ inputs.goos }}
VERSION: ${{ inputs.vault-version }}
run: echo "ARTIFACT_BASENAME=$(make ci-get-artifact-basename)" >> "$GITHUB_ENV" run: echo "ARTIFACT_BASENAME=$(make ci-get-artifact-basename)" >> "$GITHUB_ENV"
- name: Bundle Vault - name: Bundle Vault
env: env:

View File

@ -1,4 +1,3 @@
---
name: build name: build
on: on:
@ -38,8 +37,10 @@ jobs:
matrix-test-group: ${{ steps.get-metadata.outputs.matrix-test-group }} matrix-test-group: ${{ steps.get-metadata.outputs.matrix-test-group }}
package-name: ${{ steps.get-metadata.outputs.package-name }} package-name: ${{ steps.get-metadata.outputs.package-name }}
vault-revision: ${{ steps.get-metadata.outputs.vault-revision }} vault-revision: ${{ steps.get-metadata.outputs.vault-revision }}
vault-version: ${{ steps.get-metadata.outputs.vault-version }} vault-version: ${{ steps.set-product-version.outputs.product-version }}
vault-base-version: ${{ steps.get-metadata.outputs.vault-base-version }} vault-base-version: ${{ steps.set-product-version.outputs.base-product-version }}
vault-prerelease-version: ${{ steps.set-product-version.outputs.prerelease-product-version }}
vault-minor-version: ${{ steps.set-product-version.outputs.minor-product-version }}
steps: steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: Ensure Go modules are cached - name: Ensure Go modules are cached
@ -48,6 +49,9 @@ jobs:
with: with:
github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }} github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
no-restore: true # don't download them on a cache hit no-restore: true # don't download them on a cache hit
- name: Set Product version
id: set-product-version
uses: hashicorp/actions-set-product-version@v1
- name: Get metadata - name: Get metadata
id: get-metadata id: get-metadata
env: env:
@ -55,18 +59,17 @@ jobs:
# test group. It should be set to the highest test_group used in the # test group. It should be set to the highest test_group used in the
# enos-run-matrices. # enos-run-matrices.
MATRIX_MAX_TEST_GROUPS: 5 MATRIX_MAX_TEST_GROUPS: 5
VAULT_VERSION: ${{ steps.set-product-version.outputs.product-version }}
run: | run: |
# shellcheck disable=SC2129 # shellcheck disable=SC2129
echo "build-date=$(make ci-get-date)" >> "$GITHUB_OUTPUT" echo "build-date=$(make ci-get-date)" >> "$GITHUB_OUTPUT"
echo "matrix-test-group=$(make ci-get-matrix-group-id)" >> "$GITHUB_OUTPUT" echo "matrix-test-group=$(make ci-get-matrix-group-id)" >> "$GITHUB_OUTPUT"
echo "package-name=vault" >> "$GITHUB_OUTPUT" echo "package-name=vault" >> "$GITHUB_OUTPUT"
echo "vault-base-version=$(make ci-get-version-base)" >> "$GITHUB_OUTPUT"
echo "vault-revision=$(make ci-get-revision)" >> "$GITHUB_OUTPUT" echo "vault-revision=$(make ci-get-revision)" >> "$GITHUB_OUTPUT"
echo "vault-version=$(make ci-get-version)" >> "$GITHUB_OUTPUT"
- uses: hashicorp/actions-generate-metadata@v1 - uses: hashicorp/actions-generate-metadata@v1
id: generate-metadata-file id: generate-metadata-file
with: with:
version: ${{ steps.get-metadata.outputs.vault-version }} version: ${{ steps.set-product-version.outputs.product-version }}
product: ${{ steps.get-metadata.outputs.package-name }} product: ${{ steps.get-metadata.outputs.package-name }}
- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with: with:
@ -131,6 +134,8 @@ jobs:
package-name: ${{ needs.product-metadata.outputs.package-name }} package-name: ${{ needs.product-metadata.outputs.package-name }}
web-ui-cache-key: ${{ needs.build-ui.outputs.cache-key }} web-ui-cache-key: ${{ needs.build-ui.outputs.cache-key }}
vault-version: ${{ needs.product-metadata.outputs.vault-version }} vault-version: ${{ needs.product-metadata.outputs.vault-version }}
vault-base-version: ${{ needs.product-metadata.outputs.vault-base-version }}
vault-prerelease-version: ${{ needs.product-metadata.outputs.vault-prerelease-version }}
secrets: inherit secrets: inherit
build-linux: build-linux:
@ -151,6 +156,8 @@ jobs:
package-name: ${{ needs.product-metadata.outputs.package-name }} package-name: ${{ needs.product-metadata.outputs.package-name }}
web-ui-cache-key: ${{ needs.build-ui.outputs.cache-key }} web-ui-cache-key: ${{ needs.build-ui.outputs.cache-key }}
vault-version: ${{ needs.product-metadata.outputs.vault-version }} vault-version: ${{ needs.product-metadata.outputs.vault-version }}
vault-base-version: ${{ needs.product-metadata.outputs.vault-base-version }}
vault-prerelease-version: ${{ needs.product-metadata.outputs.vault-prerelease-version }}
secrets: inherit secrets: inherit
build-darwin: build-darwin:
@ -172,6 +179,8 @@ jobs:
package-name: ${{ needs.product-metadata.outputs.package-name }} package-name: ${{ needs.product-metadata.outputs.package-name }}
web-ui-cache-key: ${{ needs.build-ui.outputs.cache-key }} web-ui-cache-key: ${{ needs.build-ui.outputs.cache-key }}
vault-version: ${{ needs.product-metadata.outputs.vault-version }} vault-version: ${{ needs.product-metadata.outputs.vault-version }}
vault-base-version: ${{ needs.product-metadata.outputs.vault-base-version }}
vault-prerelease-version: ${{ needs.product-metadata.outputs.vault-prerelease-version }}
secrets: inherit secrets: inherit
build-docker: build-docker:
@ -183,17 +192,20 @@ jobs:
strategy: strategy:
matrix: matrix:
arch: [arm, arm64, 386, amd64] arch: [arm, arm64, 386, amd64]
env:
repo: ${{ github.event.repository.name }}
version: ${{ needs.product-metadata.outputs.vault-version }}
steps: steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- uses: hashicorp/actions-docker-build@v1 - uses: hashicorp/actions-docker-build@v1
with: with:
version: ${{ needs.product-metadata.outputs.vault-version }} version: "${{ env.version }}"
target: default target: default
arch: ${{ matrix.arch }} arch: ${{ matrix.arch }}
zip_artifact_name: vault_${{ needs.product-metadata.outputs.vault-version }}_linux_${{ matrix.arch }}.zip zip_artifact_name: vault_${{ env.version }}_linux_${{ matrix.arch }}.zip
tags: | tags: |
docker.io/hashicorp/${{ github.event.repository.name }}:${{ needs.product-metadata.outputs.vault-version }} docker.io/hashicorp/${{ env.repo }}:${{ env.version }}
public.ecr.aws/hashicorp/${{ github.event.repository.name }}:${{ needs.product-metadata.outputs.vault-version }} public.ecr.aws/hashicorp/${{ env.repo }}:${{ env.version }}
build-ubi: build-ubi:
name: UBI image name: UBI image
@ -204,15 +216,18 @@ jobs:
strategy: strategy:
matrix: matrix:
arch: [amd64] arch: [amd64]
env:
repo: ${{ github.event.repository.name }}
version: ${{ needs.product-metadata.outputs.vault-version }}
steps: steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- uses: hashicorp/actions-docker-build@v1 - uses: hashicorp/actions-docker-build@v1
with: with:
version: ${{ needs.product-metadata.outputs.vault-version }} version: ${{ env.version }}
target: ubi target: ubi
arch: ${{ matrix.arch }} arch: ${{ matrix.arch }}
zip_artifact_name: vault_${{ needs.product-metadata.outputs.vault-version }}_linux_${{ matrix.arch }}.zip zip_artifact_name: vault_${{ env.version }}_linux_${{ matrix.arch }}.zip
redhat_tag: quay.io/redhat-isv-containers/5f89bb5e0b94cf64cfeb500a:${{ needs.product-metadata.outputs.vault-version }}-ubi redhat_tag: quay.io/redhat-isv-containers/5f89bb5e0b94cf64cfeb500a:${{ env.version }}-ubi
test: test:
name: Test ${{ matrix.build-artifact-name }} name: Test ${{ matrix.build-artifact-name }}
@ -244,6 +259,8 @@ jobs:
vault-edition: oss vault-edition: oss
vault-revision: ${{ needs.product-metadata.outputs.vault-revision }} vault-revision: ${{ needs.product-metadata.outputs.vault-revision }}
ssh-key-name: ${{ github.event.repository.name }}-ci-ssh-key ssh-key-name: ${{ github.event.repository.name }}-ci-ssh-key
vault-version: ${{ needs.product-metadata.outputs.vault-version }}
vault-minor-version: ${{ needs.product-metadata.outputs.vault-minor-version }}
secrets: inherit secrets: inherit
test-docker-k8s: test-docker-k8s:

View File

@ -17,8 +17,11 @@ jobs:
ENOS_VAR_tfc_api_token: ${{ secrets.TF_API_TOKEN }} ENOS_VAR_tfc_api_token: ${{ secrets.TF_API_TOKEN }}
steps: steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: Set Product version
id: set-product-version
uses: hashicorp/actions-set-product-version@v1
- id: get-version - id: get-version
run: echo "version=$(make ci-get-version)" >> "$GITHUB_OUTPUT" run: echo "version=${{ steps.set-product-version.outputs.product-version }}" >> "$GITHUB_OUTPUT"
- uses: hashicorp/setup-terraform@v2 - uses: hashicorp/setup-terraform@v2
with: with:
terraform_wrapper: false terraform_wrapper: false

View File

@ -7,13 +7,17 @@ on:
- enos-release-testing-oss::* - enos-release-testing-oss::*
jobs: jobs:
product-metadata: product-metadata:
if: ${{ startsWith(github.event.client_payload.payload.branch, 'release/') }} if: ${{ startsWith(github.event.client_payload.payload.branch, 'release/') }}
runs-on: ubuntu-latest runs-on: ubuntu-latest
outputs: outputs:
matrix-test-group: ${{ steps.get-metadata.outputs.matrix-test-group }} matrix-test-group: ${{ steps.get-metadata.outputs.matrix-test-group }}
vault-revision: ${{ steps.get-metadata.outputs.vault-revision }} vault-revision: ${{ steps.get-metadata.outputs.vault-revision }}
vault-version: ${{ steps.get-metadata.outputs.vault-version }} vault-version: ${{ steps.set-product-version.outputs.product-version }}
vault-base-version: ${{ steps.set-product-version.outputs.base-product-version }}
vault-prerelease-version: ${{ steps.set-product-version.outputs.prerelease-product-version }}
vault-minor-version: ${{ steps.set-product-version.outputs.minor-product-version }}
steps: steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
with: with:
@ -30,7 +34,6 @@ jobs:
# shellcheck disable=SC2129 # shellcheck disable=SC2129
echo "matrix-test-group=$(make ci-get-matrix-group-id)" >> "$GITHUB_OUTPUT" echo "matrix-test-group=$(make ci-get-matrix-group-id)" >> "$GITHUB_OUTPUT"
echo "vault-revision=$(make ci-get-revision)" >> "$GITHUB_OUTPUT" echo "vault-revision=$(make ci-get-revision)" >> "$GITHUB_OUTPUT"
echo "vault-version=$(make ci-get-version)" >> "$GITHUB_OUTPUT"
# Get the workflow summary similar to CRT workflows # Get the workflow summary similar to CRT workflows
- name: Release Artifact Info - name: Release Artifact Info
run: | run: |
@ -40,6 +43,10 @@ jobs:
echo "__Commit:__ ${{ github.event.client_payload.payload.sha }}" >> "$GITHUB_STEP_SUMMARY" echo "__Commit:__ ${{ github.event.client_payload.payload.sha }}" >> "$GITHUB_STEP_SUMMARY"
echo "" >> "$GITHUB_STEP_SUMMARY" echo "" >> "$GITHUB_STEP_SUMMARY"
echo "[Build Workflow](https://github.com/${{github.event.client_payload.payload.org}}/${{github.event.client_payload.payload.repo}}/actions/runs/${{github.event.client_payload.payload.buildworkflowid}})" >> "$GITHUB_STEP_SUMMARY" echo "[Build Workflow](https://github.com/${{github.event.client_payload.payload.org}}/${{github.event.client_payload.payload.repo}}/actions/runs/${{github.event.client_payload.payload.buildworkflowid}})" >> "$GITHUB_STEP_SUMMARY"
- name: Set Product version
id: set-product-version
uses: hashicorp/actions-set-product-version@v1
test: test:
name: Test ${{ matrix.build-artifact-name }} name: Test ${{ matrix.build-artifact-name }}
@ -60,6 +67,8 @@ jobs:
matrix-test-group: ${{ needs.product-metadata.outputs.matrix-test-group }} matrix-test-group: ${{ needs.product-metadata.outputs.matrix-test-group }}
vault-edition: oss vault-edition: oss
vault-revision: ${{ needs.product-metadata.outputs.vault-revision }} vault-revision: ${{ needs.product-metadata.outputs.vault-revision }}
vault-version: ${{ needs.product-metadata.outputs.vault-version }}
vault-minor-version: ${{ needs.product-metadata.outputs.vault-minor-version }}
secrets: inherit secrets: inherit
save-metadata: save-metadata:

View File

@ -51,6 +51,12 @@ on:
vault-edition: vault-edition:
required: true required: true
type: string type: string
vault-version:
required: true
type: string
vault-minor-version:
required: true
type: string
# The Git commit SHA used as the revision when building vault # The Git commit SHA used as the revision when building vault
vault-revision: vault-revision:
required: true required: true
@ -62,12 +68,12 @@ jobs:
outputs: outputs:
build-date: ${{ steps.metadata.outputs.build-date }} build-date: ${{ steps.metadata.outputs.build-date }}
matrix: ${{ steps.metadata.outputs.matrix }} matrix: ${{ steps.metadata.outputs.matrix }}
version: ${{ steps.metadata.outputs.version }}
version-minor: ${{ steps.metadata.outputs.matrix }}
env: env:
# Pass the vault edition as VAULT_METADATA so the CI make targets can create # Pass the vault edition as VAULT_METADATA so the CI make targets can create
# values that consider the edition. # values that consider the edition.
VAULT_METADATA: ${{ inputs.vault-edition }} VAULT_METADATA: ${{ inputs.vault-edition }}
VAULT_VERSION: ${{ inputs.vault-version }}
VAULT_MINOR_VERSION: ${{ inputs.vault-minor-version }}
# Pass in the matrix and matrix group for filtering # Pass in the matrix and matrix group for filtering
MATRIX_FILE: ./.github/enos-run-matrices/${{ inputs.matrix-file-name }}.json MATRIX_FILE: ./.github/enos-run-matrices/${{ inputs.matrix-file-name }}.json
MATRIX_TEST_GROUP: ${{ inputs.matrix-test-group }} MATRIX_TEST_GROUP: ${{ inputs.matrix-test-group }}
@ -77,10 +83,9 @@ jobs:
ref: ${{ inputs.vault-revision }} ref: ${{ inputs.vault-revision }}
- id: metadata - id: metadata
run: | run: |
# shellcheck disable=SC2129
echo "build-date=$(make ci-get-date)" >> "$GITHUB_OUTPUT" echo "build-date=$(make ci-get-date)" >> "$GITHUB_OUTPUT"
echo "version=$(make ci-get-version)" >> "$GITHUB_OUTPUT" filtered="$(make ci-filter-matrix)"
echo "matrix=$(make ci-filter-matrix)" >> "$GITHUB_OUTPUT" echo "matrix=$filtered" >> "$GITHUB_OUTPUT"
# Run the Enos test scenarios # Run the Enos test scenarios
run: run:
@ -101,7 +106,7 @@ jobs:
ENOS_VAR_terraform_plugin_cache_dir: ./support/terraform-plugin-cache ENOS_VAR_terraform_plugin_cache_dir: ./support/terraform-plugin-cache
ENOS_VAR_vault_artifact_path: ./support/downloads/${{ inputs.build-artifact-name }} ENOS_VAR_vault_artifact_path: ./support/downloads/${{ inputs.build-artifact-name }}
ENOS_VAR_vault_build_date: ${{ needs.metadata.outputs.build-date }} ENOS_VAR_vault_build_date: ${{ needs.metadata.outputs.build-date }}
ENOS_VAR_vault_product_version: ${{ needs.metadata.outputs.version }} ENOS_VAR_vault_product_version: ${{ inputs.vault-version }}
ENOS_VAR_vault_revision: ${{ inputs.vault-revision }} ENOS_VAR_vault_revision: ${{ inputs.vault-revision }}
ENOS_VAR_vault_license_path: ./support/vault.hclic ENOS_VAR_vault_license_path: ./support/vault.hclic
ENOS_DEBUG_DATA_ROOT_DIR: /tmp/enos-debug-data ENOS_DEBUG_DATA_ROOT_DIR: /tmp/enos-debug-data

View File

@ -153,8 +153,17 @@ event "post-publish-website" {
} }
} }
event "update-ironbank" { event "bump-version" {
depends = ["post-publish-website"] depends = ["post-publish-website"]
action "bump-version" {
organization = "hashicorp"
repository = "crt-workflows-common"
workflow = "bump-version"
}
}
event "update-ironbank" {
depends = ["bump-version"]
action "update-ironbank" { action "update-ironbank" {
organization = "hashicorp" organization = "hashicorp"
repository = "crt-workflows-common" repository = "crt-workflows-common"

View File

@ -300,22 +300,13 @@ ci-build:
ci-build-ui: ci-build-ui:
@$(CURDIR)/scripts/ci-helper.sh build-ui @$(CURDIR)/scripts/ci-helper.sh build-ui
.PHONY: ci-bundle
ci-bundle:
@$(CURDIR)/scripts/ci-helper.sh bundle
.PHONY: ci-filter-matrix .PHONY: ci-filter-matrix
ci-filter-matrix: ci-filter-matrix:
@$(CURDIR)/scripts/ci-helper.sh matrix-filter-file @$(CURDIR)/scripts/ci-helper.sh matrix-filter-file
.PHONY: ci-get-artifact-basename
ci-get-artifact-basename:
@$(CURDIR)/scripts/ci-helper.sh artifact-basename
.PHONY: ci-get-date .PHONY: ci-get-date
ci-get-date: ci-get-date:
@$(CURDIR)/scripts/ci-helper.sh date @$(CURDIR)/scripts/ci-helper.sh date
.PHONY: ci-get-matrix-group-id .PHONY: ci-get-matrix-group-id
ci-get-matrix-group-id: ci-get-matrix-group-id:
@$(CURDIR)/scripts/ci-helper.sh matrix-group-id @$(CURDIR)/scripts/ci-helper.sh matrix-group-id
@ -324,38 +315,19 @@ ci-get-matrix-group-id:
ci-get-revision: ci-get-revision:
@$(CURDIR)/scripts/ci-helper.sh revision @$(CURDIR)/scripts/ci-helper.sh revision
.PHONY: ci-get-version .PHONY: ci-prepare-legal
ci-get-version: ci-prepare-legal:
@$(CURDIR)/scripts/ci-helper.sh version @$(CURDIR)/scripts/ci-helper.sh prepare-legal
.PHONY: ci-get-version-base
ci-get-version-base:
@$(CURDIR)/scripts/ci-helper.sh version-base
.PHONY: ci-get-version-major
ci-get-version-major:
@$(CURDIR)/scripts/ci-helper.sh version-major
.PHONY: ci-get-version-meta
ci-get-version-meta:
@$(CURDIR)/scripts/ci-helper.sh version-meta
.PHONY: ci-get-version-minor
ci-get-version-minor:
@$(CURDIR)/scripts/ci-helper.sh version-minor
.PHONY: ci-get-version-package .PHONY: ci-get-version-package
ci-get-version-package: ci-get-version-package:
@$(CURDIR)/scripts/ci-helper.sh version-package @$(CURDIR)/scripts/ci-helper.sh version-package
.PHONY: ci-get-version-patch .PHONY: ci-get-artifact-basename
ci-get-version-patch: ci-get-artifact-basename:
@$(CURDIR)/scripts/ci-helper.sh version-patch @$(CURDIR)/scripts/ci-helper.sh artifact-basename
.PHONY: ci-get-version-pre .PHONY: ci-bundle
ci-get-version-pre: ci-bundle:
@$(CURDIR)/scripts/ci-helper.sh version-pre @$(CURDIR)/scripts/ci-helper.sh bundle
.PHONY: ci-prepare-legal
ci-prepare-legal:
@$(CURDIR)/scripts/ci-helper.sh prepare-legal

View File

@ -45,11 +45,6 @@ scenario "agent" {
vault_tag_key = "Type" // enos_vault_start expects Type as the tag key vault_tag_key = "Type" // enos_vault_start expects Type as the tag key
} }
step "get_local_metadata" {
skip_step = matrix.artifact_source != "local"
module = module.get_local_metadata
}
step "build_vault" { step "build_vault" {
module = "build_${matrix.artifact_source}" module = "build_${matrix.artifact_source}"

View File

@ -42,10 +42,6 @@ scenario "ui" {
ui_test_filter = var.ui_test_filter != null && try(trimspace(var.ui_test_filter), "") != "" ? var.ui_test_filter : (matrix.edition == "oss") ? "!enterprise" : null ui_test_filter = var.ui_test_filter != null && try(trimspace(var.ui_test_filter), "") != "" ? var.ui_test_filter : (matrix.edition == "oss") ? "!enterprise" : null
} }
step "get_local_metadata" {
module = module.get_local_metadata
}
step "build_vault" { step "build_vault" {
module = module.build_local module = module.build_local

View File

@ -35,35 +35,29 @@ variable "artifactory_host" { default = null }
variable "artifactory_repo" { default = null } variable "artifactory_repo" { default = null }
variable "artifactory_username" { default = null } variable "artifactory_username" { default = null }
variable "artifactory_token" { default = null } variable "artifactory_token" { default = null }
variable "arch" { variable "arch" { default = null }
default = null variable "artifact_path" { default = null }
} variable "artifact_type" { default = null }
variable "artifact_path" { variable "distro" { default = null }
default = null variable "edition" { default = null }
} variable "revision" { default = null }
variable "artifact_type" { variable "product_version" { default = null }
default = null
} module "local_metadata" {
variable "distro" { source = "../get_local_metadata"
default = null
}
variable "edition" {
default = null
}
variable "revision" {
default = null
}
variable "product_version" {
default = null
} }
resource "enos_local_exec" "build" { resource "enos_local_exec" "build" {
scripts = [abspath("${path.module}/scripts/build.sh")] scripts = [abspath("${path.module}/scripts/build.sh")]
environment = { environment = {
BASE_VERSION = module.local_metadata.version_base
BIN_PATH = "dist"
BUNDLE_PATH = var.bundle_path, BUNDLE_PATH = var.bundle_path,
GO_TAGS = join(" ", var.build_tags) GO_TAGS = join(" ", var.build_tags)
GOARCH = var.goarch GOARCH = var.goarch
GOOS = var.goos GOOS = var.goos
PRERELEASE_VERSION = module.local_metadata.version_pre
VERSION_METADATA = module.local_metadata.version_meta
} }
} }

View File

@ -11,5 +11,11 @@ export CGO_ENABLED=0
root_dir="$(git rev-parse --show-toplevel)" root_dir="$(git rev-parse --show-toplevel)"
pushd "$root_dir" > /dev/null pushd "$root_dir" > /dev/null
make ci-build-ui ci-build ci-bundle make ci-build-ui ci-build
: "${BIN_PATH:="dist"}"
: "${BUNDLE_PATH:=$(git rev-parse --show-toplevel)/vault.zip}"
echo "--> Bundling $BIN_PATH/* to $BUNDLE_PATH"
zip -r -j "$BUNDLE_PATH" "$BIN_PATH/"
popd > /dev/null popd > /dev/null

View File

@ -13,22 +13,46 @@ resource "enos_local_exec" "get_build_date" {
scripts = [abspath("${path.module}/scripts/build_date.sh")] scripts = [abspath("${path.module}/scripts/build_date.sh")]
} }
resource "enos_local_exec" "get_revision" {
inline = ["git rev-parse HEAD"]
}
resource "enos_local_exec" "get_version" {
inline = ["${abspath("${path.module}/scripts/version.sh")} version"]
}
resource "enos_local_exec" "get_version_base" {
inline = ["${abspath("${path.module}/scripts/version.sh")} version-base"]
}
resource "enos_local_exec" "get_version_pre" {
inline = ["${abspath("${path.module}/scripts/version.sh")} version-pre"]
}
resource "enos_local_exec" "get_version_meta" {
inline = ["${abspath("${path.module}/scripts/version.sh")} version-meta"]
}
output "build_date" { output "build_date" {
value = trimspace(enos_local_exec.get_build_date.stdout) value = trimspace(enos_local_exec.get_build_date.stdout)
} }
resource "enos_local_exec" "get_version" { output "revision" {
scripts = [abspath("${path.module}/scripts/version.sh")] value = trimspace(enos_local_exec.get_revision.stdout)
} }
output "version" { output "version" {
value = trimspace(enos_local_exec.get_version.stdout) value = trimspace(enos_local_exec.get_version.stdout)
} }
resource "enos_local_exec" "get_revision" { output "version_base" {
inline = ["git rev-parse HEAD"] value = trimspace(enos_local_exec.get_version_base.stdout)
} }
output "revision" { output "version_pre" {
value = trimspace(enos_local_exec.get_revision.stdout) value = trimspace(enos_local_exec.get_version_pre.stdout)
}
output "version_meta" {
value = trimspace(enos_local_exec.get_version_meta.stdout)
} }

View File

@ -2,8 +2,96 @@
# Copyright (c) HashiCorp, Inc. # Copyright (c) HashiCorp, Inc.
# SPDX-License-Identifier: MPL-2.0 # SPDX-License-Identifier: MPL-2.0
set -eu -o pipefail set -euo pipefail
pushd "$(git rev-parse --show-toplevel)" > /dev/null # Get the full version information
make ci-get-version # this is only needed for local enos builds in order to get the default version from version_base.go
popd > /dev/null # this should match the default version that the binary has been built with
# CRT release builds use the new static version from ./release/VERSION
function version() {
local version
local prerelease
local metadata
version=$(version_base)
prerelease=$(version_pre)
metadata=$(version_metadata)
if [ -n "$metadata" ] && [ -n "$prerelease" ]; then
echo "$version-$prerelease+$metadata"
elif [ -n "$metadata" ]; then
echo "$version+$metadata"
elif [ -n "$prerelease" ]; then
echo "$version-$prerelease"
else
echo "$version"
fi
}
# Get the base version
function version_base() {
: "${VAULT_VERSION:=""}"
if [ -n "$VAULT_VERSION" ]; then
echo "$VAULT_VERSION"
return
fi
: "${VERSION_FILE:=$(repo_root)/version/VERSION}"
awk -F- '{ print $1 }' < "$VERSION_FILE"
}
# Get the version pre-release
function version_pre() {
: "${VAULT_PRERELEASE:=""}"
if [ -n "$VAULT_PRERELEASE" ]; then
echo "$VAULT_PRERELEASE"
return
fi
: "${VERSION_FILE:=$(repo_root)/version/VERSION}"
awk -F- '{ print $2 }' < "$VERSION_FILE"
}
# Get the version metadata, which is commonly the edition
function version_metadata() {
: "${VAULT_METADATA:=""}"
if [ -n "$VAULT_METADATA" ]; then
echo "$VAULT_METADATA"
return
fi
: "${VERSION_FILE:=$(repo_root)/version/version_base.go}"
awk '$1 == "VersionMetadata" && $2 == "=" { gsub(/"/, "", $3); print $3 }' < "$VERSION_FILE"
}
# Determine the root directory of the repository
function repo_root() {
git rev-parse --show-toplevel
}
# Run Enos local
function main() {
case $1 in
version)
version
;;
version-base)
version_base
;;
version-pre)
version_pre
;;
version-meta)
version_metadata
;;
*)
echo "unknown sub-command" >&2
exit 1
;;
esac
}
main "$@"

View File

@ -23,12 +23,7 @@ test -x "$binpath" || fail "unable to locate vault binary at $binpath"
export VAULT_ADDR='http://127.0.0.1:8200' export VAULT_ADDR='http://127.0.0.1:8200'
export VAULT_TOKEN='${vault_token}' export VAULT_TOKEN='${vault_token}'
# Build date was added in 1.11
if [[ "$(echo "$version" |awk -F'.' '{print $2}')" -ge 11 ]]; then
version_expected="Vault v$version ($sha), built $build_date" version_expected="Vault v$version ($sha), built $build_date"
else
version_expected="Vault v$version ($sha)"
fi
case "$edition" in case "$edition" in
*oss) ;; *oss) ;;

View File

@ -11,86 +11,6 @@ set -euo pipefail
# We don't want to get stuck in some kind of interactive pager # We don't want to get stuck in some kind of interactive pager
export GIT_PAGER=cat export GIT_PAGER=cat
# Get the full version information
function version() {
local version
local prerelease
local metadata
version=$(version_base)
prerelease=$(version_pre)
metadata=$(version_metadata)
if [ -n "$metadata" ] && [ -n "$prerelease" ]; then
echo "$version-$prerelease+$metadata"
elif [ -n "$metadata" ]; then
echo "$version+$metadata"
elif [ -n "$prerelease" ]; then
echo "$version-$prerelease"
else
echo "$version"
fi
}
# Get the base version
function version_base() {
: "${VAULT_VERSION:=""}"
if [ -n "$VAULT_VERSION" ]; then
echo "$VAULT_VERSION"
return
fi
: "${VERSION_FILE:=$(repo_root)/version/version_base.go}"
awk '$1 == "Version" && $2 == "=" { gsub(/"/, "", $3); print $3 }' < "$VERSION_FILE"
}
# Get the version major
function version_major() {
version_base | cut -d '.' -f 1
}
# Get the version minor
function version_minor() {
version_base | cut -d '.' -f 2
}
# Get the version patch
function version_patch() {
version_base | cut -d '.' -f 3
}
# Get the version pre-release
function version_pre() {
: "${VAULT_PRERELEASE:=""}"
if [ -n "$VAULT_PRERELEASE" ]; then
echo "$VAULT_PRERELEASE"
return
fi
: "${VERSION_FILE:=$(repo_root)/version/version_base.go}"
awk '$1 == "VersionPrerelease" && $2 == "=" { gsub(/"/, "", $3); print $3 }' < "$VERSION_FILE"
}
# Get the version metadata, which is commonly the edition
function version_metadata() {
: "${VAULT_METADATA:=""}"
if [[ (-n "$VAULT_METADATA") && ("$VAULT_METADATA" != "oss") ]]; then
echo "$VAULT_METADATA"
return
fi
: "${VERSION_FILE:=$(repo_root)/version/version_base.go}"
awk '$1 == "VersionMetadata" && $2 == "=" { gsub(/"/, "", $3); print $3 }' < "$VERSION_FILE"
}
# Get the version formatted for Debian and RHEL packages
function version_package() {
version | awk '{ gsub("-","~",$1); print $1 }'
}
# Get the build date from the latest commit since it can be used across all # Get the build date from the latest commit since it can be used across all
# builds # builds
function build_date() { function build_date() {
@ -109,18 +29,31 @@ function repo() {
basename -s .git "$(git config --get remote.origin.url)" basename -s .git "$(git config --get remote.origin.url)"
} }
# Determine the root directory of the repository
function repo_root() {
git rev-parse --show-toplevel
}
# Determine the artifact basename based on metadata # Determine the artifact basename based on metadata
function artifact_basename() { function artifact_basename() {
: "${PKG_NAME:="vault"}" : "${PKG_NAME:="vault"}"
: "${GOOS:=$(go env GOOS)}" : "${GOOS:=$(go env GOOS)}"
: "${GOARCH:=$(go env GOARCH)}" : "${GOARCH:=$(go env GOARCH)}"
echo "${PKG_NAME}_$(version)_${GOOS}_${GOARCH}" : "${VERSION:=""}"
if [ -z "$VERSION" ]; then
echo "You must specify the VERSION variable for this command" >&2
exit 1
fi
echo "${PKG_NAME}_${VERSION}_${GOOS}_${GOARCH}"
}
# Bundle the dist directory into a zip
function bundle() {
: "${BUNDLE_PATH:=$(repo_root)/vault.zip}"
echo "--> Bundling dist/* to $BUNDLE_PATH"
zip -r -j "$BUNDLE_PATH" dist/
}
# Determine the root directory of the repository
function repo_root() {
git rev-parse --show-toplevel
} }
# Build the UI # Build the UI
@ -140,24 +73,20 @@ function build_ui() {
# Build Vault # Build Vault
function build() { function build() {
local version
local revision local revision
local prerelease
local build_date local build_date
local ldflags local ldflags
local msg local msg
# Get or set our basic build metadata # Get or set our basic build metadata
version=$(version_base)
revision=$(build_revision) revision=$(build_revision)
metadata=$(version_metadata) build_date=$(build_date) #
prerelease=$(version_pre) : "${BIN_PATH:="dist/"}" #if not run by actions-go-build (enos local) then set this explicitly
build_date=$(build_date)
: "${GO_TAGS:=""}" : "${GO_TAGS:=""}"
: "${REMOVE_SYMBOLS:=""}" : "${REMOVE_SYMBOLS:=""}"
# Build our ldflags # Build our ldflags
msg="--> Building Vault v$version, revision $revision, built $build_date" msg="--> Building Vault revision $revision, built $build_date"
# Keep the symbol and dwarf information by default # Keep the symbol and dwarf information by default
if [ -n "$REMOVE_SYMBOLS" ]; then if [ -n "$REMOVE_SYMBOLS" ]; then
@ -166,16 +95,11 @@ function build() {
ldflags="" ldflags=""
fi fi
ldflags="${ldflags}-X github.com/hashicorp/vault/version.Version=$version -X github.com/hashicorp/vault/version.GitCommit=$revision -X github.com/hashicorp/vault/version.BuildDate=$build_date" ldflags="${ldflags} -X github.com/hashicorp/vault/version.GitCommit=$revision -X github.com/hashicorp/vault/version.BuildDate=$build_date"
if [ -n "$prerelease" ]; then if [[ ${VERSION_METADATA+x} ]]; then
msg="${msg}, prerelease ${prerelease}" msg="${msg}, metadata ${VERSION_METADATA}"
ldflags="${ldflags} -X github.com/hashicorp/vault/version.VersionPrerelease=$prerelease" ldflags="${ldflags} -X github.com/hashicorp/vault/version.VersionMetadata=$VERSION_METADATA"
fi
if [ -n "$metadata" ]; then
msg="${msg}, metadata ${metadata}"
ldflags="${ldflags} -X github.com/hashicorp/vault/version.VersionMetadata=$metadata"
fi fi
# Build vault # Build vault
@ -189,13 +113,6 @@ function build() {
popd popd
} }
# Bundle the dist directory into a zip
function bundle() {
: "${BUNDLE_PATH:=$(repo_root)/vault.zip}"
echo "--> Bundling dist/* to $BUNDLE_PATH"
zip -r -j "$BUNDLE_PATH" dist/
}
# Prepare legal requirements for packaging # Prepare legal requirements for packaging
function prepare_legal() { function prepare_legal() {
: "${PKG_NAME:="vault"}" : "${PKG_NAME:="vault"}"
@ -235,6 +152,12 @@ function matrix_filter_file() {
exit 1 exit 1
fi fi
: "${VAULT_MINOR_VERSION:=""}"
if [ -z "$VAULT_MINOR_VERSION" ]; then
echo "You must specify the VAULT_MINOR_VERSION variable for this command" >&2
exit 1
fi
: "${MATRIX_TEST_GROUP:=$(matrix_group_id)}" : "${MATRIX_TEST_GROUP:=$(matrix_group_id)}"
local path local path
@ -243,8 +166,8 @@ function matrix_filter_file() {
matrix=$(cat "$path" | jq ".include | matrix=$(cat "$path" | jq ".include |
map(. | map(. |
select( select(
((.min_minor_version == null) or (.min_minor_version <= $(version_minor))) and ((.min_minor_version == null) or (.min_minor_version <= $VAULT_MINOR_VERSION)) and
((.max_minor_version == null) or (.max_minor_version >= $(version_minor))) and ((.max_minor_version == null) or (.max_minor_version >= $VAULT_MINOR_VERSION)) and
((.test_group == null) or (.test_group == $MATRIX_TEST_GROUP)) ((.test_group == null) or (.test_group == $MATRIX_TEST_GROUP))
) )
)" )"
@ -283,30 +206,9 @@ function main() {
revision) revision)
build_revision build_revision
;; ;;
version)
version
;;
version-base)
version_base
;;
version-pre)
version_pre
;;
version-major)
version_major
;;
version-meta)
version_metadata
;;
version-minor)
version_minor
;;
version-package) version-package)
version_package version_package
;; ;;
version-patch)
version_patch
;;
*) *)
echo "unknown sub-command" >&2 echo "unknown sub-command" >&2
exit 1 exit 1

1
version/VERSION Normal file
View File

@ -0,0 +1 @@
1.14.3

View File

@ -3,6 +3,11 @@
package version package version
import (
_ "embed"
"strings"
)
var ( var (
// The git commit that was compiled. This will be filled in by the compiler. // The git commit that was compiled. This will be filled in by the compiler.
GitCommit string GitCommit string
@ -14,7 +19,10 @@ var (
// Whether cgo is enabled or not; set at build time // Whether cgo is enabled or not; set at build time
CgoEnabled bool CgoEnabled bool
Version = "1.14.3" // Version and VersionPrerelease info are now being embedded directly from the VERSION file.
VersionPrerelease = "" // VersionMetadata is being passed in via ldflags in CI, otherwise the default set here is used.
//go:embed VERSION
fullVersion string
Version, VersionPrerelease, _ = strings.Cut(strings.TrimSpace(fullVersion), "-")
VersionMetadata = "" VersionMetadata = ""
) )