luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity

cherrypick of a9a4b0b9ff (#22813)

This commit is contained in:
Sarah Thompson 2023-09-06 18:24:39 +01:00 committed by GitHub
parent 4969480dfb
commit 2ae56bd4ac
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
17 changed files with 280 additions and 248 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
.github/workflows/build-vault-oss.yml vendored
View File

@ -35,7 +35,12 @@ on:
web-ui-cache-key:
type: string
required: true
vault-base-version:
type: string
required: true
vault-prerelease-version:
type: string
required: true
jobs:
build:
runs-on: custom-linux-xl-vault-latest
@ -55,15 +60,18 @@ jobs:
key: ${{ inputs.web-ui-cache-key }}
- name: Build Vault
env:
GO_TAGS: ${{ inputs.go-tags }}
CGO_ENABLED: ${{ inputs.cgo-enabled }}
GOARCH: ${{ inputs.goarch }}
GOOS: ${{ inputs.goos }}
GO_TAGS: ${{ inputs.go-tags }}
run: make ci-build
VERSION: ${{ inputs.vault-version }}
run:
make ci-build
- name: Determine artifact basename
env:
GOARCH: ${{ inputs.goarch }}
GOOS: ${{ inputs.goos }}
VERSION: ${{ inputs.vault-version }}
run: echo "ARTIFACT_BASENAME=$(make ci-get-artifact-basename)" >> "$GITHUB_ENV"
- name: Bundle Vault
env:

43
.github/workflows/build.yml vendored
View File

@ -1,4 +1,3 @@
---
name: build
on:
@ -38,8 +37,10 @@ jobs:
matrix-test-group: ${{ steps.get-metadata.outputs.matrix-test-group }}
package-name: ${{ steps.get-metadata.outputs.package-name }}
vault-revision: ${{ steps.get-metadata.outputs.vault-revision }}
vault-version: ${{ steps.get-metadata.outputs.vault-version }}
vault-base-version: ${{ steps.get-metadata.outputs.vault-base-version }}
vault-version: ${{ steps.set-product-version.outputs.product-version }}
vault-base-version: ${{ steps.set-product-version.outputs.base-product-version }}
vault-prerelease-version: ${{ steps.set-product-version.outputs.prerelease-product-version }}
vault-minor-version: ${{ steps.set-product-version.outputs.minor-product-version }}
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: Ensure Go modules are cached
@ -48,6 +49,9 @@ jobs:
with:
github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
no-restore: true # don't download them on a cache hit
- name: Set Product version
id: set-product-version
uses: hashicorp/actions-set-product-version@v1
- name: Get metadata
id: get-metadata
env:
@ -55,18 +59,17 @@ jobs:
# test group. It should be set to the highest test_group used in the
# enos-run-matrices.
MATRIX_MAX_TEST_GROUPS: 5
VAULT_VERSION: ${{ steps.set-product-version.outputs.product-version }}
run: |
# shellcheck disable=SC2129
echo "build-date=$(make ci-get-date)" >> "$GITHUB_OUTPUT"
echo "matrix-test-group=$(make ci-get-matrix-group-id)" >> "$GITHUB_OUTPUT"
echo "package-name=vault" >> "$GITHUB_OUTPUT"
echo "vault-base-version=$(make ci-get-version-base)" >> "$GITHUB_OUTPUT"
echo "vault-revision=$(make ci-get-revision)" >> "$GITHUB_OUTPUT"
echo "vault-version=$(make ci-get-version)" >> "$GITHUB_OUTPUT"
- uses: hashicorp/actions-generate-metadata@v1
id: generate-metadata-file
with:
version: ${{ steps.get-metadata.outputs.vault-version }}
version: ${{ steps.set-product-version.outputs.product-version }}
product: ${{ steps.get-metadata.outputs.package-name }}
- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
@ -131,6 +134,8 @@ jobs:
package-name: ${{ needs.product-metadata.outputs.package-name }}
web-ui-cache-key: ${{ needs.build-ui.outputs.cache-key }}
vault-version: ${{ needs.product-metadata.outputs.vault-version }}
vault-base-version: ${{ needs.product-metadata.outputs.vault-base-version }}
vault-prerelease-version: ${{ needs.product-metadata.outputs.vault-prerelease-version }}
secrets: inherit
build-linux:
@ -151,6 +156,8 @@ jobs:
package-name: ${{ needs.product-metadata.outputs.package-name }}
web-ui-cache-key: ${{ needs.build-ui.outputs.cache-key }}
vault-version: ${{ needs.product-metadata.outputs.vault-version }}
vault-base-version: ${{ needs.product-metadata.outputs.vault-base-version }}
vault-prerelease-version: ${{ needs.product-metadata.outputs.vault-prerelease-version }}
secrets: inherit
build-darwin:
@ -172,6 +179,8 @@ jobs:
package-name: ${{ needs.product-metadata.outputs.package-name }}
web-ui-cache-key: ${{ needs.build-ui.outputs.cache-key }}
vault-version: ${{ needs.product-metadata.outputs.vault-version }}
vault-base-version: ${{ needs.product-metadata.outputs.vault-base-version }}
vault-prerelease-version: ${{ needs.product-metadata.outputs.vault-prerelease-version }}
secrets: inherit
build-docker:
@ -183,17 +192,20 @@ jobs:
strategy:
matrix:
arch: [arm, arm64, 386, amd64]
env:
repo: ${{ github.event.repository.name }}
version: ${{ needs.product-metadata.outputs.vault-version }}
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- uses: hashicorp/actions-docker-build@v1
with:
version: ${{ needs.product-metadata.outputs.vault-version }}
version: "${{ env.version }}"
target: default
arch: ${{ matrix.arch }}
zip_artifact_name: vault_${{ needs.product-metadata.outputs.vault-version }}_linux_${{ matrix.arch }}.zip
zip_artifact_name: vault_${{ env.version }}_linux_${{ matrix.arch }}.zip
tags: |
docker.io/hashicorp/${{ github.event.repository.name }}:${{ needs.product-metadata.outputs.vault-version }}
public.ecr.aws/hashicorp/${{ github.event.repository.name }}:${{ needs.product-metadata.outputs.vault-version }}
docker.io/hashicorp/${{ env.repo }}:${{ env.version }}
public.ecr.aws/hashicorp/${{ env.repo }}:${{ env.version }}
build-ubi:
name: UBI image
@ -204,15 +216,18 @@ jobs:
strategy:
matrix:
arch: [amd64]
env:
repo: ${{ github.event.repository.name }}
version: ${{ needs.product-metadata.outputs.vault-version }}
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- uses: hashicorp/actions-docker-build@v1
with:
version: ${{ needs.product-metadata.outputs.vault-version }}
version: ${{ env.version }}
target: ubi
arch: ${{ matrix.arch }}
zip_artifact_name: vault_${{ needs.product-metadata.outputs.vault-version }}_linux_${{ matrix.arch }}.zip
redhat_tag: quay.io/redhat-isv-containers/5f89bb5e0b94cf64cfeb500a:${{ needs.product-metadata.outputs.vault-version }}-ubi
zip_artifact_name: vault_${{ env.version }}_linux_${{ matrix.arch }}.zip
redhat_tag: quay.io/redhat-isv-containers/5f89bb5e0b94cf64cfeb500a:${{ env.version }}-ubi
test:
name: Test ${{ matrix.build-artifact-name }}
@ -244,6 +259,8 @@ jobs:
vault-edition: oss
vault-revision: ${{ needs.product-metadata.outputs.vault-revision }}
ssh-key-name: ${{ github.event.repository.name }}-ci-ssh-key
vault-version: ${{ needs.product-metadata.outputs.vault-version }}
vault-minor-version: ${{ needs.product-metadata.outputs.vault-minor-version }}
secrets: inherit
test-docker-k8s:

5
.github/workflows/enos-lint.yml vendored
View File

@ -17,8 +17,11 @@ jobs:
ENOS_VAR_tfc_api_token: ${{ secrets.TF_API_TOKEN }}
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
- name: Set Product version
id: set-product-version
uses: hashicorp/actions-set-product-version@v1
- id: get-version
run: echo "version=$(make ci-get-version)" >> "$GITHUB_OUTPUT"
run: echo "version=${{ steps.set-product-version.outputs.product-version }}" >> "$GITHUB_OUTPUT"
- uses: hashicorp/setup-terraform@v2
with:
terraform_wrapper: false

13
.github/workflows/enos-release-testing-oss.yml vendored
View File

@ -7,13 +7,17 @@ on:
- enos-release-testing-oss::*
jobs:
product-metadata:
if: ${{ startsWith(github.event.client_payload.payload.branch, 'release/') }}
runs-on: ubuntu-latest
outputs:
matrix-test-group: ${{ steps.get-metadata.outputs.matrix-test-group }}
vault-revision: ${{ steps.get-metadata.outputs.vault-revision }}
vault-version: ${{ steps.get-metadata.outputs.vault-version }}
vault-version: ${{ steps.set-product-version.outputs.product-version }}
vault-base-version: ${{ steps.set-product-version.outputs.base-product-version }}
vault-prerelease-version: ${{ steps.set-product-version.outputs.prerelease-product-version }}
vault-minor-version: ${{ steps.set-product-version.outputs.minor-product-version }}
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
with:
@ -30,7 +34,6 @@ jobs:
# shellcheck disable=SC2129
echo "matrix-test-group=$(make ci-get-matrix-group-id)" >> "$GITHUB_OUTPUT"
echo "vault-revision=$(make ci-get-revision)" >> "$GITHUB_OUTPUT"
echo "vault-version=$(make ci-get-version)" >> "$GITHUB_OUTPUT"
# Get the workflow summary similar to CRT workflows
- name: Release Artifact Info
run: |
@ -40,6 +43,10 @@ jobs:
echo "__Commit:__ ${{ github.event.client_payload.payload.sha }}" >> "$GITHUB_STEP_SUMMARY"
echo "" >> "$GITHUB_STEP_SUMMARY"
echo "[Build Workflow](https://github.com/${{github.event.client_payload.payload.org}}/${{github.event.client_payload.payload.repo}}/actions/runs/${{github.event.client_payload.payload.buildworkflowid}})" >> "$GITHUB_STEP_SUMMARY"
- name: Set Product version
id: set-product-version
uses: hashicorp/actions-set-product-version@v1
test:
name: Test ${{ matrix.build-artifact-name }}
@ -60,6 +67,8 @@ jobs:
matrix-test-group: ${{ needs.product-metadata.outputs.matrix-test-group }}
vault-edition: oss
vault-revision: ${{ needs.product-metadata.outputs.vault-revision }}
vault-version: ${{ needs.product-metadata.outputs.vault-version }}
vault-minor-version: ${{ needs.product-metadata.outputs.vault-minor-version }}
secrets: inherit
save-metadata:

17
.github/workflows/test-run-enos-scenario-matrix.yml vendored
View File

@ -51,6 +51,12 @@ on:
vault-edition:
required: true
type: string
vault-version:
required: true
type: string
vault-minor-version:
required: true
type: string
# The Git commit SHA used as the revision when building vault
vault-revision:
required: true
@ -62,12 +68,12 @@ jobs:
outputs:
build-date: ${{ steps.metadata.outputs.build-date }}
matrix: ${{ steps.metadata.outputs.matrix }}
version: ${{ steps.metadata.outputs.version }}
version-minor: ${{ steps.metadata.outputs.matrix }}
env:
# Pass the vault edition as VAULT_METADATA so the CI make targets can create
# values that consider the edition.
VAULT_METADATA: ${{ inputs.vault-edition }}
VAULT_VERSION: ${{ inputs.vault-version }}
VAULT_MINOR_VERSION: ${{ inputs.vault-minor-version }}
# Pass in the matrix and matrix group for filtering
MATRIX_FILE: ./.github/enos-run-matrices/${{ inputs.matrix-file-name }}.json
MATRIX_TEST_GROUP: ${{ inputs.matrix-test-group }}
@ -77,10 +83,9 @@ jobs:
ref: ${{ inputs.vault-revision }}
- id: metadata
run: |
# shellcheck disable=SC2129
echo "build-date=$(make ci-get-date)" >> "$GITHUB_OUTPUT"
echo "version=$(make ci-get-version)" >> "$GITHUB_OUTPUT"
echo "matrix=$(make ci-filter-matrix)" >> "$GITHUB_OUTPUT"
filtered="$(make ci-filter-matrix)"
echo "matrix=$filtered" >> "$GITHUB_OUTPUT"
# Run the Enos test scenarios
run:
@ -101,7 +106,7 @@ jobs:
ENOS_VAR_terraform_plugin_cache_dir: ./support/terraform-plugin-cache
ENOS_VAR_vault_artifact_path: ./support/downloads/${{ inputs.build-artifact-name }}
ENOS_VAR_vault_build_date: ${{ needs.metadata.outputs.build-date }}
ENOS_VAR_vault_product_version: ${{ needs.metadata.outputs.version }}
ENOS_VAR_vault_product_version: ${{ inputs.vault-version }}
ENOS_VAR_vault_revision: ${{ inputs.vault-revision }}
ENOS_VAR_vault_license_path: ./support/vault.hclic
ENOS_DEBUG_DATA_ROOT_DIR: /tmp/enos-debug-data

11
.release/ci.hcl
View File

@ -153,8 +153,17 @@ event "post-publish-website" {
}
}
event "update-ironbank" {
event "bump-version" {
depends = ["post-publish-website"]
action "bump-version" {
organization = "hashicorp"
repository = "crt-workflows-common"
workflow = "bump-version"
}
}
event "update-ironbank" {
depends = ["bump-version"]
action "update-ironbank" {
organization = "hashicorp"
repository = "crt-workflows-common"

46
Makefile
View File

@ -300,22 +300,13 @@ ci-build:
ci-build-ui:
@$(CURDIR)/scripts/ci-helper.sh build-ui
.PHONY: ci-bundle
ci-bundle:
@$(CURDIR)/scripts/ci-helper.sh bundle
.PHONY: ci-filter-matrix
ci-filter-matrix:
@$(CURDIR)/scripts/ci-helper.sh matrix-filter-file
.PHONY: ci-get-artifact-basename
ci-get-artifact-basename:
@$(CURDIR)/scripts/ci-helper.sh artifact-basename
.PHONY: ci-get-date
ci-get-date:
@$(CURDIR)/scripts/ci-helper.sh date
.PHONY: ci-get-matrix-group-id
ci-get-matrix-group-id:
@$(CURDIR)/scripts/ci-helper.sh matrix-group-id
@ -324,38 +315,19 @@ ci-get-matrix-group-id:
ci-get-revision:
@$(CURDIR)/scripts/ci-helper.sh revision
.PHONY: ci-get-version
ci-get-version:
@$(CURDIR)/scripts/ci-helper.sh version
.PHONY: ci-get-version-base
ci-get-version-base:
@$(CURDIR)/scripts/ci-helper.sh version-base
.PHONY: ci-get-version-major
ci-get-version-major:
@$(CURDIR)/scripts/ci-helper.sh version-major
.PHONY: ci-get-version-meta
ci-get-version-meta:
@$(CURDIR)/scripts/ci-helper.sh version-meta
.PHONY: ci-get-version-minor
ci-get-version-minor:
@$(CURDIR)/scripts/ci-helper.sh version-minor
.PHONY: ci-prepare-legal
ci-prepare-legal:
@$(CURDIR)/scripts/ci-helper.sh prepare-legal
.PHONY: ci-get-version-package
ci-get-version-package:
@$(CURDIR)/scripts/ci-helper.sh version-package
.PHONY: ci-get-version-patch
ci-get-version-patch:
@$(CURDIR)/scripts/ci-helper.sh version-patch
.PHONY: ci-get-artifact-basename
ci-get-artifact-basename:
@$(CURDIR)/scripts/ci-helper.sh artifact-basename
.PHONY: ci-get-version-pre
ci-get-version-pre:
@$(CURDIR)/scripts/ci-helper.sh version-pre
.PHONY: ci-bundle
ci-bundle:
@$(CURDIR)/scripts/ci-helper.sh bundle
.PHONY: ci-prepare-legal
ci-prepare-legal:
@$(CURDIR)/scripts/ci-helper.sh prepare-legal

5
enos/enos-scenario-agent.hcl
View File

@ -45,11 +45,6 @@ scenario "agent" {
vault_tag_key = "Type" // enos_vault_start expects Type as the tag key
}
step "get_local_metadata" {
skip_step = matrix.artifact_source != "local"
module = module.get_local_metadata
}
step "build_vault" {
module = "build_${matrix.artifact_source}"

4
enos/enos-scenario-ui.hcl
View File

@ -42,10 +42,6 @@ scenario "ui" {
ui_test_filter = var.ui_test_filter != null && try(trimspace(var.ui_test_filter), "") != "" ? var.ui_test_filter : (matrix.edition == "oss") ? "!enterprise" : null
}
step "get_local_metadata" {
module = module.get_local_metadata
}
step "build_vault" {
module = module.build_local

34
enos/modules/build_local/main.tf
View File

@ -35,35 +35,29 @@ variable "artifactory_host" { default = null }
variable "artifactory_repo" { default = null }
variable "artifactory_username" { default = null }
variable "artifactory_token" { default = null }
variable "arch" {
default = null
}
variable "artifact_path" {
default = null
}
variable "artifact_type" {
default = null
}
variable "distro" {
default = null
}
variable "edition" {
default = null
}
variable "revision" {
default = null
}
variable "product_version" {
default = null
variable "arch" { default = null }
variable "artifact_path" { default = null }
variable "artifact_type" { default = null }
variable "distro" { default = null }
variable "edition" { default = null }
variable "revision" { default = null }
variable "product_version" { default = null }
module "local_metadata" {
source = "../get_local_metadata"
}
resource "enos_local_exec" "build" {
scripts = [abspath("${path.module}/scripts/build.sh")]
environment = {
BASE_VERSION = module.local_metadata.version_base
BIN_PATH = "dist"
BUNDLE_PATH = var.bundle_path,
GO_TAGS = join(" ", var.build_tags)
GOARCH = var.goarch
GOOS = var.goos
PRERELEASE_VERSION = module.local_metadata.version_pre
VERSION_METADATA = module.local_metadata.version_meta
}
}

8
enos/modules/build_local/scripts/build.sh
View File

@ -11,5 +11,11 @@ export CGO_ENABLED=0
root_dir="$(git rev-parse --show-toplevel)"
pushd "$root_dir" > /dev/null
make ci-build-ui ci-build ci-bundle
make ci-build-ui ci-build
: "${BIN_PATH:="dist"}"
: "${BUNDLE_PATH:=$(git rev-parse --show-toplevel)/vault.zip}"
echo "--> Bundling $BIN_PATH/* to $BUNDLE_PATH"
zip -r -j "$BUNDLE_PATH" "$BIN_PATH/"
popd > /dev/null

36
enos/modules/get_local_metadata/main.tf
View File

@ -13,22 +13,46 @@ resource "enos_local_exec" "get_build_date" {
scripts = [abspath("${path.module}/scripts/build_date.sh")]
}
resource "enos_local_exec" "get_revision" {
inline = ["git rev-parse HEAD"]
}
resource "enos_local_exec" "get_version" {
inline = ["${abspath("${path.module}/scripts/version.sh")} version"]
}
resource "enos_local_exec" "get_version_base" {
inline = ["${abspath("${path.module}/scripts/version.sh")} version-base"]
}
resource "enos_local_exec" "get_version_pre" {
inline = ["${abspath("${path.module}/scripts/version.sh")} version-pre"]
}
resource "enos_local_exec" "get_version_meta" {
inline = ["${abspath("${path.module}/scripts/version.sh")} version-meta"]
}
output "build_date" {
value = trimspace(enos_local_exec.get_build_date.stdout)
}
resource "enos_local_exec" "get_version" {
scripts = [abspath("${path.module}/scripts/version.sh")]
output "revision" {
value = trimspace(enos_local_exec.get_revision.stdout)
}
output "version" {
value = trimspace(enos_local_exec.get_version.stdout)
}
resource "enos_local_exec" "get_revision" {
inline = ["git rev-parse HEAD"]
output "version_base" {
value = trimspace(enos_local_exec.get_version_base.stdout)
}
output "revision" {
value = trimspace(enos_local_exec.get_revision.stdout)
output "version_pre" {
value = trimspace(enos_local_exec.get_version_pre.stdout)
}
output "version_meta" {
value = trimspace(enos_local_exec.get_version_meta.stdout)
}

96
enos/modules/get_local_metadata/scripts/version.sh
View File

@ -2,8 +2,96 @@
# Copyright (c) HashiCorp, Inc.
# SPDX-License-Identifier: MPL-2.0
set -eu -o pipefail
set -euo pipefail
pushd "$(git rev-parse --show-toplevel)" > /dev/null
make ci-get-version
popd > /dev/null
# Get the full version information
# this is only needed for local enos builds in order to get the default version from version_base.go
# this should match the default version that the binary has been built with
# CRT release builds use the new static version from ./release/VERSION
function version() {
local version
local prerelease
local metadata
version=$(version_base)
prerelease=$(version_pre)
metadata=$(version_metadata)
if [ -n "$metadata" ] && [ -n "$prerelease" ]; then
echo "$version-$prerelease+$metadata"
elif [ -n "$metadata" ]; then
echo "$version+$metadata"
elif [ -n "$prerelease" ]; then
echo "$version-$prerelease"
else
echo "$version"
fi
}
# Get the base version
function version_base() {
: "${VAULT_VERSION:=""}"
if [ -n "$VAULT_VERSION" ]; then
echo "$VAULT_VERSION"
return
fi
: "${VERSION_FILE:=$(repo_root)/version/VERSION}"
awk -F- '{ print $1 }' < "$VERSION_FILE"
}
# Get the version pre-release
function version_pre() {
: "${VAULT_PRERELEASE:=""}"
if [ -n "$VAULT_PRERELEASE" ]; then
echo "$VAULT_PRERELEASE"
return
fi
: "${VERSION_FILE:=$(repo_root)/version/VERSION}"
awk -F- '{ print $2 }' < "$VERSION_FILE"
}
# Get the version metadata, which is commonly the edition
function version_metadata() {
: "${VAULT_METADATA:=""}"
if [ -n "$VAULT_METADATA" ]; then
echo "$VAULT_METADATA"
return
fi
: "${VERSION_FILE:=$(repo_root)/version/version_base.go}"
awk '$1 == "VersionMetadata" && $2 == "=" { gsub(/"/, "", $3); print $3 }' < "$VERSION_FILE"
}
# Determine the root directory of the repository
function repo_root() {
git rev-parse --show-toplevel
}
# Run Enos local
function main() {
case $1 in
version)
version
;;
version-base)
version_base
;;
version-pre)
version_pre
;;
version-meta)
version_metadata
;;
*)
echo "unknown sub-command" >&2
exit 1
;;
esac
}
main "$@"

5
enos/modules/vault_verify_version/templates/verify-cluster-version.sh
View File

@ -23,12 +23,7 @@ test -x "$binpath" || fail "unable to locate vault binary at $binpath"
export VAULT_ADDR='http://127.0.0.1:8200'
export VAULT_TOKEN='${vault_token}'
# Build date was added in 1.11
if [[ "$(echo "$version" |awk -F'.' '{print $2}')" -ge 11 ]]; then
version_expected="Vault v$version ($sha), built $build_date"
else
version_expected="Vault v$version ($sha)"
fi
case "$edition" in
*oss) ;;

166
scripts/ci-helper.sh
View File

@ -11,86 +11,6 @@ set -euo pipefail
# We don't want to get stuck in some kind of interactive pager
export GIT_PAGER=cat
# Get the full version information
function version() {
local version
local prerelease
local metadata
version=$(version_base)
prerelease=$(version_pre)
metadata=$(version_metadata)
if [ -n "$metadata" ] && [ -n "$prerelease" ]; then
echo "$version-$prerelease+$metadata"
elif [ -n "$metadata" ]; then
echo "$version+$metadata"
elif [ -n "$prerelease" ]; then
echo "$version-$prerelease"
else
echo "$version"
fi
}
# Get the base version
function version_base() {
: "${VAULT_VERSION:=""}"
if [ -n "$VAULT_VERSION" ]; then
echo "$VAULT_VERSION"
return
fi
: "${VERSION_FILE:=$(repo_root)/version/version_base.go}"
awk '$1 == "Version" && $2 == "=" { gsub(/"/, "", $3); print $3 }' < "$VERSION_FILE"
}
# Get the version major
function version_major() {
version_base | cut -d '.' -f 1
}
# Get the version minor
function version_minor() {
version_base | cut -d '.' -f 2
}
# Get the version patch
function version_patch() {
version_base | cut -d '.' -f 3
}
# Get the version pre-release
function version_pre() {
: "${VAULT_PRERELEASE:=""}"
if [ -n "$VAULT_PRERELEASE" ]; then
echo "$VAULT_PRERELEASE"
return
fi
: "${VERSION_FILE:=$(repo_root)/version/version_base.go}"
awk '$1 == "VersionPrerelease" && $2 == "=" { gsub(/"/, "", $3); print $3 }' < "$VERSION_FILE"
}
# Get the version metadata, which is commonly the edition
function version_metadata() {
: "${VAULT_METADATA:=""}"
if [[ (-n "$VAULT_METADATA") && ("$VAULT_METADATA" != "oss") ]]; then
echo "$VAULT_METADATA"
return
fi
: "${VERSION_FILE:=$(repo_root)/version/version_base.go}"
awk '$1 == "VersionMetadata" && $2 == "=" { gsub(/"/, "", $3); print $3 }' < "$VERSION_FILE"
}
# Get the version formatted for Debian and RHEL packages
function version_package() {
version | awk '{ gsub("-","~",$1); print $1 }'
}
# Get the build date from the latest commit since it can be used across all
# builds
function build_date() {
@ -109,18 +29,31 @@ function repo() {
basename -s .git "$(git config --get remote.origin.url)"
}
# Determine the root directory of the repository
function repo_root() {
git rev-parse --show-toplevel
}
# Determine the artifact basename based on metadata
function artifact_basename() {
: "${PKG_NAME:="vault"}"
: "${GOOS:=$(go env GOOS)}"
: "${GOARCH:=$(go env GOARCH)}"
echo "${PKG_NAME}_$(version)_${GOOS}_${GOARCH}"
: "${VERSION:=""}"
if [ -z "$VERSION" ]; then
echo "You must specify the VERSION variable for this command" >&2
exit 1
fi
echo "${PKG_NAME}_${VERSION}_${GOOS}_${GOARCH}"
}
# Bundle the dist directory into a zip
function bundle() {
: "${BUNDLE_PATH:=$(repo_root)/vault.zip}"
echo "--> Bundling dist/* to $BUNDLE_PATH"
zip -r -j "$BUNDLE_PATH" dist/
}
# Determine the root directory of the repository
function repo_root() {
git rev-parse --show-toplevel
}
# Build the UI
@ -140,24 +73,20 @@ function build_ui() {
# Build Vault
function build() {
local version
local revision
local prerelease
local build_date
local ldflags
local msg
# Get or set our basic build metadata
version=$(version_base)
revision=$(build_revision)
metadata=$(version_metadata)
prerelease=$(version_pre)
build_date=$(build_date)
build_date=$(build_date) #
: "${BIN_PATH:="dist/"}" #if not run by actions-go-build (enos local) then set this explicitly
: "${GO_TAGS:=""}"
: "${REMOVE_SYMBOLS:=""}"
# Build our ldflags
msg="--> Building Vault v$version, revision $revision, built $build_date"
msg="--> Building Vault revision $revision, built $build_date"
# Keep the symbol and dwarf information by default
if [ -n "$REMOVE_SYMBOLS" ]; then
@ -166,16 +95,11 @@ function build() {
ldflags=""
fi
ldflags="${ldflags}-X github.com/hashicorp/vault/version.Version=$version -X github.com/hashicorp/vault/version.GitCommit=$revision -X github.com/hashicorp/vault/version.BuildDate=$build_date"
ldflags="${ldflags} -X github.com/hashicorp/vault/version.GitCommit=$revision -X github.com/hashicorp/vault/version.BuildDate=$build_date"
if [ -n "$prerelease" ]; then
msg="${msg}, prerelease ${prerelease}"
ldflags="${ldflags} -X github.com/hashicorp/vault/version.VersionPrerelease=$prerelease"
fi
if [ -n "$metadata" ]; then
msg="${msg}, metadata ${metadata}"
ldflags="${ldflags} -X github.com/hashicorp/vault/version.VersionMetadata=$metadata"
if [[ ${VERSION_METADATA+x} ]]; then
msg="${msg}, metadata ${VERSION_METADATA}"
ldflags="${ldflags} -X github.com/hashicorp/vault/version.VersionMetadata=$VERSION_METADATA"
fi
# Build vault
@ -189,13 +113,6 @@ function build() {
popd
}
# Bundle the dist directory into a zip
function bundle() {
: "${BUNDLE_PATH:=$(repo_root)/vault.zip}"
echo "--> Bundling dist/* to $BUNDLE_PATH"
zip -r -j "$BUNDLE_PATH" dist/
}
# Prepare legal requirements for packaging
function prepare_legal() {
: "${PKG_NAME:="vault"}"
@ -235,6 +152,12 @@ function matrix_filter_file() {
exit 1
fi
: "${VAULT_MINOR_VERSION:=""}"
if [ -z "$VAULT_MINOR_VERSION" ]; then
echo "You must specify the VAULT_MINOR_VERSION variable for this command" >&2
exit 1
fi
: "${MATRIX_TEST_GROUP:=$(matrix_group_id)}"
local path
@ -243,8 +166,8 @@ function matrix_filter_file() {
matrix=$(cat "$path" | jq ".include |
map(. |
select(
((.min_minor_version == null) or (.min_minor_version <= $(version_minor))) and
((.max_minor_version == null) or (.max_minor_version >= $(version_minor))) and
((.min_minor_version == null) or (.min_minor_version <= $VAULT_MINOR_VERSION)) and
((.max_minor_version == null) or (.max_minor_version >= $VAULT_MINOR_VERSION)) and
((.test_group == null) or (.test_group == $MATRIX_TEST_GROUP))
)
)"
@ -283,30 +206,9 @@ function main() {
revision)
build_revision
;;
version)
version
;;
version-base)
version_base
;;
version-pre)
version_pre
;;
version-major)
version_major
;;
version-meta)
version_metadata
;;
version-minor)
version_minor
;;
version-package)
version_package
;;
version-patch)
version_patch
;;
*)
echo "unknown sub-command" >&2
exit 1

1
version/VERSION Normal file
View File

@ -0,0 +1 @@
1.14.3

12
version/version_base.go
View File

@ -3,6 +3,11 @@
package version
import (
_ "embed"
"strings"
)
var (
// The git commit that was compiled. This will be filled in by the compiler.
GitCommit string
@ -14,7 +19,10 @@ var (
// Whether cgo is enabled or not; set at build time
CgoEnabled bool
Version = "1.14.3"
VersionPrerelease = ""
// Version and VersionPrerelease info are now being embedded directly from the VERSION file.
// VersionMetadata is being passed in via ldflags in CI, otherwise the default set here is used.
//go:embed VERSION
fullVersion string
Version, VersionPrerelease, _ = strings.Cut(strings.TrimSpace(fullVersion), "-")
VersionMetadata = ""
)