luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
open-vault/.circleci/config.yml
Nick Cabatoff ff74f49047
Move to go 1.17 (#12868) 
Also ensure that the go 1.17 breaking changes to net.ParseCIDR don't make us choke on stored CIDRs that were acceptable to older Go versions.
2021-10-21 09:32:03 -04:00

2720 lines
116 KiB
YAML
Generated
Raw Blame History

### ***
### WARNING: DO NOT manually EDIT or MERGE this file, it is generated by 'make ci-config'.
### INSTEAD: Edit or merge the source in config/ then run 'make ci-config'.
### ***
# Orb 'circleci/slack@3.2.0' resolved to 'circleci/slack@3.2.0'
version: 2
jobs:
bundle-releases:
docker:
- image: docker.mirror.hashicorp.services/circleci/buildpack-deps
shell: /usr/bin/env bash -euo pipefail -c
steps:
- checkout:
path: .
- run:
command: make -C packages*.lock write-all-package-cache-keys
name: Write all package cache keys
- run:
command: mkdir -p .buildcache && echo "*" > .buildcache/.gitignore
name: Ignore .buildcache
- restore_cache:
key: package-4f0e5368d2877895a597d8fd4598dd6e8c25ca33-{{checksum ".buildcache/cache-keys/package-4f0e5368d2877895a597d8fd4598dd6e8c25ca33"}}
name: Restore package cache
- restore_cache:
key: package-34ae8176a7948f5394e13b1f50a4fef3fa8cfc24-{{checksum ".buildcache/cache-keys/package-34ae8176a7948f5394e13b1f50a4fef3fa8cfc24"}}
name: Restore package cache
- restore_cache:
key: package-82f9a5672baa21c81f8cbe723d809aa4eb8cb37f-{{checksum ".buildcache/cache-keys/package-82f9a5672baa21c81f8cbe723d809aa4eb8cb37f"}}
name: Restore package cache
- restore_cache:
key: package-3169a9620bf58a58c4754c925224e792d19f229d-{{checksum ".buildcache/cache-keys/package-3169a9620bf58a58c4754c925224e792d19f229d"}}
name: Restore package cache
- restore_cache:
key: package-1c9830949ec7c9a729004e4e0d03fc202498b122-{{checksum ".buildcache/cache-keys/package-1c9830949ec7c9a729004e4e0d03fc202498b122"}}
name: Restore package cache
- restore_cache:
key: package-4e8e7583b0c10de35f600c7a32826c79f6f84e64-{{checksum ".buildcache/cache-keys/package-4e8e7583b0c10de35f600c7a32826c79f6f84e64"}}
name: Restore package cache
- restore_cache:
key: package-518bffc4352b6dc5a926ccfc298928e5a2491262-{{checksum ".buildcache/cache-keys/package-518bffc4352b6dc5a926ccfc298928e5a2491262"}}
name: Restore package cache
- restore_cache:
key: package-2cb1d35768c2d22815195653b679a1100f3812fe-{{checksum ".buildcache/cache-keys/package-2cb1d35768c2d22815195653b679a1100f3812fe"}}
name: Restore package cache
- restore_cache:
key: package-1cde55f7ae4e7bee929e5e0ec0e42a7f1411bf56-{{checksum ".buildcache/cache-keys/package-1cde55f7ae4e7bee929e5e0ec0e42a7f1411bf56"}}
name: Restore package cache
- restore_cache:
key: package-195bd6a05b1feb6506cb35347d3025832fd7acf3-{{checksum ".buildcache/cache-keys/package-195bd6a05b1feb6506cb35347d3025832fd7acf3"}}
name: Restore package cache
- restore_cache:
key: package-333efb7eb87e0bad1387f1e683cb4434fc99f9af-{{checksum ".buildcache/cache-keys/package-333efb7eb87e0bad1387f1e683cb4434fc99f9af"}}
name: Restore package cache
- restore_cache:
key: package-454f061138fcbbb161e5360bf8c5773fce25c8db-{{checksum ".buildcache/cache-keys/package-454f061138fcbbb161e5360bf8c5773fce25c8db"}}
name: Restore package cache
- restore_cache:
key: package-3f9c6b5987fcd19d637a066d4956e63b42516f38-{{checksum ".buildcache/cache-keys/package-3f9c6b5987fcd19d637a066d4956e63b42516f38"}}
name: Restore package cache
- restore_cache:
key: package-2b3ca11a3d2b787952020bcde603859093126a40-{{checksum ".buildcache/cache-keys/package-2b3ca11a3d2b787952020bcde603859093126a40"}}
name: Restore package cache
- restore_cache:
key: package-139ddf51f9efab7a480de28bd4293dbe81f3c881-{{checksum ".buildcache/cache-keys/package-139ddf51f9efab7a480de28bd4293dbe81f3c881"}}
name: Restore package cache
- restore_cache:
key: package-df040588ea83a25989b822a0f302850a4c46a6b8-{{checksum ".buildcache/cache-keys/package-df040588ea83a25989b822a0f302850a4c46a6b8"}}
name: Restore package cache
- run:
command: make package-meta-all
name: Write Package Metadata
- run:
command: make aliases
name: Write package aliases
- run:
command: ls -lahR .buildcache
name: List Build Cache
- run:
command: cp packages*.lock/pkgs.yml lockfile-66f6daa0d5685744.yml
name: Update Lockfile Name
- run:
command: tar -czf packages-66f6daa0d5685744.tar.gz .buildcache/packages lockfile-66f6daa0d5685744.yml
name: Create Raw Package Tarball
- run:
command: tar -czf meta-66f6daa0d5685744.tar.gz .buildcache/packages/store/*.json lockfile-66f6daa0d5685744.yml
name: Create Metadata Tarball
- store_artifacts:
path: lockfile-66f6daa0d5685744.yml
- store_artifacts:
path: packages-66f6daa0d5685744.tar.gz
- store_artifacts:
path: meta-66f6daa0d5685744.tar.gz
- store_artifacts:
path: .buildcache/packages
environment:
- AUTO_INSTALL_TOOLS: 'YES'
- BUILDKIT_PROGRESS: plain
- PRODUCT_REVISION: ''
darwin_amd64_package:
docker:
- image: docker.mirror.hashicorp.services/circleci/buildpack-deps
shell: /usr/bin/env bash -euo pipefail -c
environment:
- AUTO_INSTALL_TOOLS: 'YES'
- BUILDKIT_PROGRESS: plain
- PRODUCT_REVISION: ''
- PACKAGE_SPEC_ID: 4f0e5368d2877895a597d8fd4598dd6e8c25ca33
steps:
- setup_remote_docker:
docker_layer_caching: false
version: 19.03.12
- add_ssh_keys:
fingerprints:
- 0e:03:77:f4:e2:c3:56:c2:53:6a:03:e1:31:91:2f:06
- checkout:
path: .
- run:
command: make -C packages*.lock write-package-cache-key
name: Write package cache key
- restore_cache:
key: package-4f0e5368d2877895a597d8fd4598dd6e8c25ca33-{{checksum ".buildcache/cache-keys/package-4f0e5368d2877895a597d8fd4598dd6e8c25ca33"}}
name: Restore package cache
- run:
command: |2
if ! { PKG=$(find .buildcache/packages/store -maxdepth 1 -mindepth 1 -name '*.zip' 2> /dev/null) && [ -n "$PKG" ]; }; then
echo "No package found, continuing with build."
exit 0
fi
echo "Package already cached, skipping build."
circleci-agent step halt
name: Check cache status
- run:
command: make -C packages*.lock write-builder-cache-keys
name: Write builder layer cache keys
- restore_cache:
key: copy-source_1ab1_{{checksum ".buildcache/cache-keys/copy-source-1ab15aacac6a43f8c71defb28e9bcdefafcecfc5"}}
keys:
- go-modules_a1e9_{{checksum ".buildcache/cache-keys/go-modules-a1e9cc6c22e8691bbc9a3bb3e91eb05d5e97730b"}}
- build-ui_9a4c_{{checksum ".buildcache/cache-keys/build-ui-9a4c8178808477469c37460df34f28cade634794"}}
- ui-dependencies_ee1b_{{checksum ".buildcache/cache-keys/ui-dependencies-ee1bc43cc876b6ac95b30d77c726ccd15ad8e4de"}}
- make-ui-folder_c9af_{{checksum ".buildcache/cache-keys/make-ui-folder-c9af5b6ad4a1e4dffbb201bf29c492e6a838ff43"}}
- install-yarn_f8c6_{{checksum ".buildcache/cache-keys/install-yarn-f8c6e065673e6047441a051da1a992019ca43a86"}}
- set-workdir_56f0_{{checksum ".buildcache/cache-keys/set-workdir-56f07806a01db8130a01fdbad631a2cba3ff7c53"}}
- install-go-tools_f4c1_{{checksum ".buildcache/cache-keys/install-go-tools-f4c1518e9671005726e8bf75513528512b36f5a2"}}
- install-go_877b_{{checksum ".buildcache/cache-keys/install-go-877bac5144c973403bc3944c0a4d0e870fbbb079"}}
- base_fc1f_{{checksum ".buildcache/cache-keys/base-fc1fa0c0d0643b393dfc77cbd78580b60fc4366f"}}
name: 'Restore Builder Image Cache: copy-source'
- run:
command: make -C packages*.lock load-builder-cache
name: Load whatever builder cache we have (if any) into the Docker daemon
no_output_timeout: 30m
- run:
command: |2-
KEYFILE="$HOME/.ssh/id_rsa_0e0377f4e2c356c2536a03e131912f06"
eval "$(ssh-agent -s)"
if [ -f "$KEYFILE" ]; then
ssh-add "$KEYFILE"
else
echo "==> INFO: SSH key for github.com not found"
echo " Attempts to access private repositories from within"
echo " the build will fail, e.g. for private go modules, or"
echo " attempts to directly clone private repositories."
fi
make -C packages*.lock package
name: Compile Package
- run:
command: ls -lahR .buildcache/packages
name: List packages
- save_cache:
key: package-4f0e5368d2877895a597d8fd4598dd6e8c25ca33-{{checksum ".buildcache/cache-keys/package-4f0e5368d2877895a597d8fd4598dd6e8c25ca33"}}
name: Save package cache
paths:
- .buildcache/packages/store
darwin_arm64_package:
docker:
- image: docker.mirror.hashicorp.services/circleci/buildpack-deps
shell: /usr/bin/env bash -euo pipefail -c
environment:
- AUTO_INSTALL_TOOLS: 'YES'
- BUILDKIT_PROGRESS: plain
- PRODUCT_REVISION: ''
- PACKAGE_SPEC_ID: 34ae8176a7948f5394e13b1f50a4fef3fa8cfc24
steps:
- setup_remote_docker:
docker_layer_caching: false
version: 19.03.12
- add_ssh_keys:
fingerprints:
- 0e:03:77:f4:e2:c3:56:c2:53:6a:03:e1:31:91:2f:06
- checkout:
path: .
- run:
command: make -C packages*.lock write-package-cache-key
name: Write package cache key
- restore_cache:
key: package-34ae8176a7948f5394e13b1f50a4fef3fa8cfc24-{{checksum ".buildcache/cache-keys/package-34ae8176a7948f5394e13b1f50a4fef3fa8cfc24"}}
name: Restore package cache
- run:
command: |2
if ! { PKG=$(find .buildcache/packages/store -maxdepth 1 -mindepth 1 -name '*.zip' 2> /dev/null) && [ -n "$PKG" ]; }; then
echo "No package found, continuing with build."
exit 0
fi
echo "Package already cached, skipping build."
circleci-agent step halt
name: Check cache status
- run:
command: make -C packages*.lock write-builder-cache-keys
name: Write builder layer cache keys
- restore_cache:
key: copy-source_1ab1_{{checksum ".buildcache/cache-keys/copy-source-1ab15aacac6a43f8c71defb28e9bcdefafcecfc5"}}
keys:
- go-modules_a1e9_{{checksum ".buildcache/cache-keys/go-modules-a1e9cc6c22e8691bbc9a3bb3e91eb05d5e97730b"}}
- build-ui_9a4c_{{checksum ".buildcache/cache-keys/build-ui-9a4c8178808477469c37460df34f28cade634794"}}
- ui-dependencies_ee1b_{{checksum ".buildcache/cache-keys/ui-dependencies-ee1bc43cc876b6ac95b30d77c726ccd15ad8e4de"}}
- make-ui-folder_c9af_{{checksum ".buildcache/cache-keys/make-ui-folder-c9af5b6ad4a1e4dffbb201bf29c492e6a838ff43"}}
- install-yarn_f8c6_{{checksum ".buildcache/cache-keys/install-yarn-f8c6e065673e6047441a051da1a992019ca43a86"}}
- set-workdir_56f0_{{checksum ".buildcache/cache-keys/set-workdir-56f07806a01db8130a01fdbad631a2cba3ff7c53"}}
- install-go-tools_f4c1_{{checksum ".buildcache/cache-keys/install-go-tools-f4c1518e9671005726e8bf75513528512b36f5a2"}}
- install-go_877b_{{checksum ".buildcache/cache-keys/install-go-877bac5144c973403bc3944c0a4d0e870fbbb079"}}
- base_fc1f_{{checksum ".buildcache/cache-keys/base-fc1fa0c0d0643b393dfc77cbd78580b60fc4366f"}}
name: 'Restore Builder Image Cache: copy-source'
- run:
command: make -C packages*.lock load-builder-cache
name: Load whatever builder cache we have (if any) into the Docker daemon
no_output_timeout: 30m
- run:
command: |2-
KEYFILE="$HOME/.ssh/id_rsa_0e0377f4e2c356c2536a03e131912f06"
eval "$(ssh-agent -s)"
if [ -f "$KEYFILE" ]; then
ssh-add "$KEYFILE"
else
echo "==> INFO: SSH key for github.com not found"
echo " Attempts to access private repositories from within"
echo " the build will fail, e.g. for private go modules, or"
echo " attempts to directly clone private repositories."
fi
make -C packages*.lock package
name: Compile Package
- run:
command: ls -lahR .buildcache/packages
name: List packages
- save_cache:
key: package-34ae8176a7948f5394e13b1f50a4fef3fa8cfc24-{{checksum ".buildcache/cache-keys/package-34ae8176a7948f5394e13b1f50a4fef3fa8cfc24"}}
name: Save package cache
paths:
- .buildcache/packages/store
windows_386_package:
docker:
- image: docker.mirror.hashicorp.services/circleci/buildpack-deps
shell: /usr/bin/env bash -euo pipefail -c
environment:
- AUTO_INSTALL_TOOLS: 'YES'
- BUILDKIT_PROGRESS: plain
- PRODUCT_REVISION: ''
- PACKAGE_SPEC_ID: 139ddf51f9efab7a480de28bd4293dbe81f3c881
steps:
- setup_remote_docker:
docker_layer_caching: false
version: 19.03.12
- add_ssh_keys:
fingerprints:
- 0e:03:77:f4:e2:c3:56:c2:53:6a:03:e1:31:91:2f:06
- checkout:
path: .
- run:
command: make -C packages*.lock write-package-cache-key
name: Write package cache key
- restore_cache:
key: package-139ddf51f9efab7a480de28bd4293dbe81f3c881-{{checksum ".buildcache/cache-keys/package-139ddf51f9efab7a480de28bd4293dbe81f3c881"}}
name: Restore package cache
- run:
command: |2
if ! { PKG=$(find .buildcache/packages/store -maxdepth 1 -mindepth 1 -name '*.zip' 2> /dev/null) && [ -n "$PKG" ]; }; then
echo "No package found, continuing with build."
exit 0
fi
echo "Package already cached, skipping build."
circleci-agent step halt
name: Check cache status
- run:
command: make -C packages*.lock write-builder-cache-keys
name: Write builder layer cache keys
- restore_cache:
key: copy-source_1ab1_{{checksum ".buildcache/cache-keys/copy-source-1ab15aacac6a43f8c71defb28e9bcdefafcecfc5"}}
keys:
- go-modules_a1e9_{{checksum ".buildcache/cache-keys/go-modules-a1e9cc6c22e8691bbc9a3bb3e91eb05d5e97730b"}}
- build-ui_9a4c_{{checksum ".buildcache/cache-keys/build-ui-9a4c8178808477469c37460df34f28cade634794"}}
- ui-dependencies_ee1b_{{checksum ".buildcache/cache-keys/ui-dependencies-ee1bc43cc876b6ac95b30d77c726ccd15ad8e4de"}}
- make-ui-folder_c9af_{{checksum ".buildcache/cache-keys/make-ui-folder-c9af5b6ad4a1e4dffbb201bf29c492e6a838ff43"}}
- install-yarn_f8c6_{{checksum ".buildcache/cache-keys/install-yarn-f8c6e065673e6047441a051da1a992019ca43a86"}}
- set-workdir_56f0_{{checksum ".buildcache/cache-keys/set-workdir-56f07806a01db8130a01fdbad631a2cba3ff7c53"}}
- install-go-tools_f4c1_{{checksum ".buildcache/cache-keys/install-go-tools-f4c1518e9671005726e8bf75513528512b36f5a2"}}
- install-go_877b_{{checksum ".buildcache/cache-keys/install-go-877bac5144c973403bc3944c0a4d0e870fbbb079"}}
- base_fc1f_{{checksum ".buildcache/cache-keys/base-fc1fa0c0d0643b393dfc77cbd78580b60fc4366f"}}
name: 'Restore Builder Image Cache: copy-source'
- run:
command: make -C packages*.lock load-builder-cache
name: Load whatever builder cache we have (if any) into the Docker daemon
no_output_timeout: 30m
- run:
command: |2-
KEYFILE="$HOME/.ssh/id_rsa_0e0377f4e2c356c2536a03e131912f06"
eval "$(ssh-agent -s)"
if [ -f "$KEYFILE" ]; then
ssh-add "$KEYFILE"
else
echo "==> INFO: SSH key for github.com not found"
echo " Attempts to access private repositories from within"
echo " the build will fail, e.g. for private go modules, or"
echo " attempts to directly clone private repositories."
fi
make -C packages*.lock package
name: Compile Package
- run:
command: ls -lahR .buildcache/packages
name: List packages
- save_cache:
key: package-139ddf51f9efab7a480de28bd4293dbe81f3c881-{{checksum ".buildcache/cache-keys/package-139ddf51f9efab7a480de28bd4293dbe81f3c881"}}
name: Save package cache
paths:
- .buildcache/packages/store
install-ui-dependencies:
docker:
- image: docker.mirror.hashicorp.services/node:14-buster
shell: /usr/bin/env bash -euo pipefail -c
working_directory: /go/src/github.com/hashicorp/vault
steps:
- checkout
- restore_cache:
key: yarn-lock-v6-{{ checksum "ui/yarn.lock" }}
name: Restore yarn cache
- run:
command: |
cd ui
yarn install
npm rebuild node-sass
name: Install UI dependencies
- save_cache:
key: yarn-lock-v6-{{ checksum "ui/yarn.lock" }}
name: Save yarn cache
paths:
- ui/node_modules
build-common-layers:
machine:
image: ubuntu-1604:202007-01
resource_class: xlarge
shell: /usr/bin/env bash -euo pipefail -c
steps:
- add_ssh_keys:
fingerprints:
- 0e:03:77:f4:e2:c3:56:c2:53:6a:03:e1:31:91:2f:06
- checkout:
path: .
- run:
command: make -C packages*.lock write-builder-cache-keys
name: Write builder layer cache keys
- restore_cache:
key: copy-source_1ab1_{{checksum ".buildcache/cache-keys/copy-source-1ab15aacac6a43f8c71defb28e9bcdefafcecfc5"}}
keys:
- go-modules_a1e9_{{checksum ".buildcache/cache-keys/go-modules-a1e9cc6c22e8691bbc9a3bb3e91eb05d5e97730b"}}
- build-ui_9a4c_{{checksum ".buildcache/cache-keys/build-ui-9a4c8178808477469c37460df34f28cade634794"}}
- ui-dependencies_ee1b_{{checksum ".buildcache/cache-keys/ui-dependencies-ee1bc43cc876b6ac95b30d77c726ccd15ad8e4de"}}
- make-ui-folder_c9af_{{checksum ".buildcache/cache-keys/make-ui-folder-c9af5b6ad4a1e4dffbb201bf29c492e6a838ff43"}}
- install-yarn_f8c6_{{checksum ".buildcache/cache-keys/install-yarn-f8c6e065673e6047441a051da1a992019ca43a86"}}
- set-workdir_56f0_{{checksum ".buildcache/cache-keys/set-workdir-56f07806a01db8130a01fdbad631a2cba3ff7c53"}}
- install-go-tools_f4c1_{{checksum ".buildcache/cache-keys/install-go-tools-f4c1518e9671005726e8bf75513528512b36f5a2"}}
- install-go_877b_{{checksum ".buildcache/cache-keys/install-go-877bac5144c973403bc3944c0a4d0e870fbbb079"}}
- base_fc1f_{{checksum ".buildcache/cache-keys/base-fc1fa0c0d0643b393dfc77cbd78580b60fc4366f"}}
name: 'Restore Layer Cache: copy-source'
- run:
command: LAYER_SPEC_ID=09-copy-source-1ab15aacac6a43f8c71defb28e9bcdefafcecfc5 make -C packages*.lock load-builder-cache
name: Load whatever builder cache we have (if any) into the Docker daemon
- run:
command: |2-
KEYFILE="$HOME/.ssh/id_rsa_0e0377f4e2c356c2536a03e131912f06"
eval "$(ssh-agent -s)"
if [ -f "$KEYFILE" ]; then
ssh-add "$KEYFILE"
else
echo "==> INFO: SSH key for github.com not found"
echo " Attempts to access private repositories from within"
echo " the build will fail, e.g. for private go modules, or"
echo " attempts to directly clone private repositories."
fi
make -f packages*.lock/layer.mk 00-base-fc1fa0c0d0643b393dfc77cbd78580b60fc4366f-image
name: Build base layer
- run:
command: |2-
KEYFILE="$HOME/.ssh/id_rsa_0e0377f4e2c356c2536a03e131912f06"
eval "$(ssh-agent -s)"
if [ -f "$KEYFILE" ]; then
ssh-add "$KEYFILE"
else
echo "==> INFO: SSH key for github.com not found"
echo " Attempts to access private repositories from within"
echo " the build will fail, e.g. for private go modules, or"
echo " attempts to directly clone private repositories."
fi
make -f packages*.lock/layer.mk 01-install-go-877bac5144c973403bc3944c0a4d0e870fbbb079-image
name: Build install-go layer
- run:
command: |2-
KEYFILE="$HOME/.ssh/id_rsa_0e0377f4e2c356c2536a03e131912f06"
eval "$(ssh-agent -s)"
if [ -f "$KEYFILE" ]; then
ssh-add "$KEYFILE"
else
echo "==> INFO: SSH key for github.com not found"
echo " Attempts to access private repositories from within"
echo " the build will fail, e.g. for private go modules, or"
echo " attempts to directly clone private repositories."
fi
make -f packages*.lock/layer.mk 02-install-go-tools-f4c1518e9671005726e8bf75513528512b36f5a2-image
name: Build install-go-tools layer
- run:
command: |2-
KEYFILE="$HOME/.ssh/id_rsa_0e0377f4e2c356c2536a03e131912f06"
eval "$(ssh-agent -s)"
if [ -f "$KEYFILE" ]; then
ssh-add "$KEYFILE"
else
echo "==> INFO: SSH key for github.com not found"
echo " Attempts to access private repositories from within"
echo " the build will fail, e.g. for private go modules, or"
echo " attempts to directly clone private repositories."
fi
make -f packages*.lock/layer.mk 03-set-workdir-56f07806a01db8130a01fdbad631a2cba3ff7c53-image
name: Build set-workdir layer
- run:
command: |2-
KEYFILE="$HOME/.ssh/id_rsa_0e0377f4e2c356c2536a03e131912f06"
eval "$(ssh-agent -s)"
if [ -f "$KEYFILE" ]; then
ssh-add "$KEYFILE"
else
echo "==> INFO: SSH key for github.com not found"
echo " Attempts to access private repositories from within"
echo " the build will fail, e.g. for private go modules, or"
echo " attempts to directly clone private repositories."
fi
make -f packages*.lock/layer.mk 04-install-yarn-f8c6e065673e6047441a051da1a992019ca43a86-image
name: Build install-yarn layer
- run:
command: |2-
KEYFILE="$HOME/.ssh/id_rsa_0e0377f4e2c356c2536a03e131912f06"
eval "$(ssh-agent -s)"
if [ -f "$KEYFILE" ]; then
ssh-add "$KEYFILE"
else
echo "==> INFO: SSH key for github.com not found"
echo " Attempts to access private repositories from within"
echo " the build will fail, e.g. for private go modules, or"
echo " attempts to directly clone private repositories."
fi
make -f packages*.lock/layer.mk 05-make-ui-folder-c9af5b6ad4a1e4dffbb201bf29c492e6a838ff43-image
name: Build make-ui-folder layer
- run:
command: |2-
KEYFILE="$HOME/.ssh/id_rsa_0e0377f4e2c356c2536a03e131912f06"
eval "$(ssh-agent -s)"
if [ -f "$KEYFILE" ]; then
ssh-add "$KEYFILE"
else
echo "==> INFO: SSH key for github.com not found"
echo " Attempts to access private repositories from within"
echo " the build will fail, e.g. for private go modules, or"
echo " attempts to directly clone private repositories."
fi
make -f packages*.lock/layer.mk 06-ui-dependencies-ee1bc43cc876b6ac95b30d77c726ccd15ad8e4de-image
name: Build ui-dependencies layer
- run:
command: |2-
KEYFILE="$HOME/.ssh/id_rsa_0e0377f4e2c356c2536a03e131912f06"
eval "$(ssh-agent -s)"
if [ -f "$KEYFILE" ]; then
ssh-add "$KEYFILE"
else
echo "==> INFO: SSH key for github.com not found"
echo " Attempts to access private repositories from within"
echo " the build will fail, e.g. for private go modules, or"
echo " attempts to directly clone private repositories."
fi
make -f packages*.lock/layer.mk 07-build-ui-9a4c8178808477469c37460df34f28cade634794-image
name: Build build-ui layer
- run:
command: |2-
KEYFILE="$HOME/.ssh/id_rsa_0e0377f4e2c356c2536a03e131912f06"
eval "$(ssh-agent -s)"
if [ -f "$KEYFILE" ]; then
ssh-add "$KEYFILE"
else
echo "==> INFO: SSH key for github.com not found"
echo " Attempts to access private repositories from within"
echo " the build will fail, e.g. for private go modules, or"
echo " attempts to directly clone private repositories."
fi
make -f packages*.lock/layer.mk 08-go-modules-a1e9cc6c22e8691bbc9a3bb3e91eb05d5e97730b-image
name: Build go-modules layer
- run:
command: |2-
KEYFILE="$HOME/.ssh/id_rsa_0e0377f4e2c356c2536a03e131912f06"
eval "$(ssh-agent -s)"
if [ -f "$KEYFILE" ]; then
ssh-add "$KEYFILE"
else
echo "==> INFO: SSH key for github.com not found"
echo " Attempts to access private repositories from within"
echo " the build will fail, e.g. for private go modules, or"
echo " attempts to directly clone private repositories."
fi
make -f packages*.lock/layer.mk 09-copy-source-1ab15aacac6a43f8c71defb28e9bcdefafcecfc5-image
name: Build copy-source layer
- run:
command: |2-
KEYFILE="$HOME/.ssh/id_rsa_0e0377f4e2c356c2536a03e131912f06"
eval "$(ssh-agent -s)"
if [ -f "$KEYFILE" ]; then
ssh-add "$KEYFILE"
else
echo "==> INFO: SSH key for github.com not found"
echo " Attempts to access private repositories from within"
echo " the build will fail, e.g. for private go modules, or"
echo " attempts to directly clone private repositories."
fi
make -f packages*.lock/layer.mk 09-copy-source-1ab15aacac6a43f8c71defb28e9bcdefafcecfc5-save
name: Build copy-source layer
- save_cache:
key: copy-source_1ab1_{{checksum ".buildcache/cache-keys/copy-source-1ab15aacac6a43f8c71defb28e9bcdefafcecfc5"}}
name: 'Save Layer Cache: copy-source'
paths:
- .buildcache/archives/09-copy-source-1ab15aacac6a43f8c71defb28e9bcdefafcecfc5.tar.gz
environment:
- AUTO_INSTALL_TOOLS: 'YES'
- BUILDKIT_PROGRESS: plain
- PRODUCT_REVISION: ''
linux_arm64_package:
docker:
- image: docker.mirror.hashicorp.services/circleci/buildpack-deps
shell: /usr/bin/env bash -euo pipefail -c
environment:
- AUTO_INSTALL_TOOLS: 'YES'
- BUILDKIT_PROGRESS: plain
- PRODUCT_REVISION: ''
- PACKAGE_SPEC_ID: 1cde55f7ae4e7bee929e5e0ec0e42a7f1411bf56
steps:
- setup_remote_docker:
docker_layer_caching: false
version: 19.03.12
- add_ssh_keys:
fingerprints:
- 0e:03:77:f4:e2:c3:56:c2:53:6a:03:e1:31:91:2f:06
- checkout:
path: .
- run:
command: make -C packages*.lock write-package-cache-key
name: Write package cache key
- restore_cache:
key: package-1cde55f7ae4e7bee929e5e0ec0e42a7f1411bf56-{{checksum ".buildcache/cache-keys/package-1cde55f7ae4e7bee929e5e0ec0e42a7f1411bf56"}}
name: Restore package cache
- run:
command: |2
if ! { PKG=$(find .buildcache/packages/store -maxdepth 1 -mindepth 1 -name '*.zip' 2> /dev/null) && [ -n "$PKG" ]; }; then
echo "No package found, continuing with build."
exit 0
fi
echo "Package already cached, skipping build."
circleci-agent step halt
name: Check cache status
- run:
command: make -C packages*.lock write-builder-cache-keys
name: Write builder layer cache keys
- restore_cache:
key: copy-source_1ab1_{{checksum ".buildcache/cache-keys/copy-source-1ab15aacac6a43f8c71defb28e9bcdefafcecfc5"}}
keys:
- go-modules_a1e9_{{checksum ".buildcache/cache-keys/go-modules-a1e9cc6c22e8691bbc9a3bb3e91eb05d5e97730b"}}
- build-ui_9a4c_{{checksum ".buildcache/cache-keys/build-ui-9a4c8178808477469c37460df34f28cade634794"}}
- ui-dependencies_ee1b_{{checksum ".buildcache/cache-keys/ui-dependencies-ee1bc43cc876b6ac95b30d77c726ccd15ad8e4de"}}
- make-ui-folder_c9af_{{checksum ".buildcache/cache-keys/make-ui-folder-c9af5b6ad4a1e4dffbb201bf29c492e6a838ff43"}}
- install-yarn_f8c6_{{checksum ".buildcache/cache-keys/install-yarn-f8c6e065673e6047441a051da1a992019ca43a86"}}
- set-workdir_56f0_{{checksum ".buildcache/cache-keys/set-workdir-56f07806a01db8130a01fdbad631a2cba3ff7c53"}}
- install-go-tools_f4c1_{{checksum ".buildcache/cache-keys/install-go-tools-f4c1518e9671005726e8bf75513528512b36f5a2"}}
- install-go_877b_{{checksum ".buildcache/cache-keys/install-go-877bac5144c973403bc3944c0a4d0e870fbbb079"}}
- base_fc1f_{{checksum ".buildcache/cache-keys/base-fc1fa0c0d0643b393dfc77cbd78580b60fc4366f"}}
name: 'Restore Builder Image Cache: copy-source'
- run:
command: make -C packages*.lock load-builder-cache
name: Load whatever builder cache we have (if any) into the Docker daemon
no_output_timeout: 30m
- run:
command: |2-
KEYFILE="$HOME/.ssh/id_rsa_0e0377f4e2c356c2536a03e131912f06"
eval "$(ssh-agent -s)"
if [ -f "$KEYFILE" ]; then
ssh-add "$KEYFILE"
else
echo "==> INFO: SSH key for github.com not found"
echo " Attempts to access private repositories from within"
echo " the build will fail, e.g. for private go modules, or"
echo " attempts to directly clone private repositories."
fi
make -C packages*.lock package
name: Compile Package
- run:
command: ls -lahR .buildcache/packages
name: List packages
- save_cache:
key: package-1cde55f7ae4e7bee929e5e0ec0e42a7f1411bf56-{{checksum ".buildcache/cache-keys/package-1cde55f7ae4e7bee929e5e0ec0e42a7f1411bf56"}}
name: Save package cache
paths:
- .buildcache/packages/store
test-ui:
docker:
- image: docker.mirror.hashicorp.services/node:14-buster
shell: /usr/bin/env bash -euo pipefail -c
working_directory: /go/src/github.com/hashicorp/vault
resource_class: xlarge
steps:
- run:
command: |
case "$CIRCLE_BRANCH" in
main|ui/*|release/*|merge*) ;;
*) # If the branch being tested doesn't match one of the above patterns,
# we don't need to run test-ui and can abort the job.
circleci-agent step halt
;;
esac
# exit with success either way
exit 0
name: Check branch name
working_directory: ~/
- checkout
- restore_cache:
key: yarn-lock-v6-{{ checksum "ui/yarn.lock" }}
name: Restore yarn cache
- attach_workspace:
at: .
- run:
command: |
set -x
# Install Chrome
wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub \
| apt-key add -
echo "deb http://dl.google.com/linux/chrome/deb/ stable main" \
| tee /etc/apt/sources.list.d/google-chrome.list
apt-get update
apt-get -y install google-chrome-stable
rm /etc/apt/sources.list.d/google-chrome.list
rm -rf /var/lib/apt/lists/* /var/cache/apt/*
# Add ./bin to the PATH so vault binary can be run by Ember tests
export PATH="${PWD}/bin:${PATH}"
# Run Ember tests
cd ui
mkdir -p test-results/qunit
yarn test:oss
name: Test UI
- store_artifacts:
path: ui/test-results
- store_test_results:
path: ui/test-results
linux_arm_package:
docker:
- image: docker.mirror.hashicorp.services/circleci/buildpack-deps
shell: /usr/bin/env bash -euo pipefail -c
environment:
- AUTO_INSTALL_TOOLS: 'YES'
- BUILDKIT_PROGRESS: plain
- PRODUCT_REVISION: ''
- PACKAGE_SPEC_ID: 2cb1d35768c2d22815195653b679a1100f3812fe
steps:
- setup_remote_docker:
docker_layer_caching: false
version: 19.03.12
- add_ssh_keys:
fingerprints:
- 0e:03:77:f4:e2:c3:56:c2:53:6a:03:e1:31:91:2f:06
- checkout:
path: .
- run:
command: make -C packages*.lock write-package-cache-key
name: Write package cache key
- restore_cache:
key: package-2cb1d35768c2d22815195653b679a1100f3812fe-{{checksum ".buildcache/cache-keys/package-2cb1d35768c2d22815195653b679a1100f3812fe"}}
name: Restore package cache
- run:
command: |2
if ! { PKG=$(find .buildcache/packages/store -maxdepth 1 -mindepth 1 -name '*.zip' 2> /dev/null) && [ -n "$PKG" ]; }; then
echo "No package found, continuing with build."
exit 0
fi
echo "Package already cached, skipping build."
circleci-agent step halt
name: Check cache status
- run:
command: make -C packages*.lock write-builder-cache-keys
name: Write builder layer cache keys
- restore_cache:
key: copy-source_1ab1_{{checksum ".buildcache/cache-keys/copy-source-1ab15aacac6a43f8c71defb28e9bcdefafcecfc5"}}
keys:
- go-modules_a1e9_{{checksum ".buildcache/cache-keys/go-modules-a1e9cc6c22e8691bbc9a3bb3e91eb05d5e97730b"}}
- build-ui_9a4c_{{checksum ".buildcache/cache-keys/build-ui-9a4c8178808477469c37460df34f28cade634794"}}
- ui-dependencies_ee1b_{{checksum ".buildcache/cache-keys/ui-dependencies-ee1bc43cc876b6ac95b30d77c726ccd15ad8e4de"}}
- make-ui-folder_c9af_{{checksum ".buildcache/cache-keys/make-ui-folder-c9af5b6ad4a1e4dffbb201bf29c492e6a838ff43"}}
- install-yarn_f8c6_{{checksum ".buildcache/cache-keys/install-yarn-f8c6e065673e6047441a051da1a992019ca43a86"}}
- set-workdir_56f0_{{checksum ".buildcache/cache-keys/set-workdir-56f07806a01db8130a01fdbad631a2cba3ff7c53"}}
- install-go-tools_f4c1_{{checksum ".buildcache/cache-keys/install-go-tools-f4c1518e9671005726e8bf75513528512b36f5a2"}}
- install-go_877b_{{checksum ".buildcache/cache-keys/install-go-877bac5144c973403bc3944c0a4d0e870fbbb079"}}
- base_fc1f_{{checksum ".buildcache/cache-keys/base-fc1fa0c0d0643b393dfc77cbd78580b60fc4366f"}}
name: 'Restore Builder Image Cache: copy-source'
- run:
command: make -C packages*.lock load-builder-cache
name: Load whatever builder cache we have (if any) into the Docker daemon
no_output_timeout: 30m
- run:
command: |2-
KEYFILE="$HOME/.ssh/id_rsa_0e0377f4e2c356c2536a03e131912f06"
eval "$(ssh-agent -s)"
if [ -f "$KEYFILE" ]; then
ssh-add "$KEYFILE"
else
echo "==> INFO: SSH key for github.com not found"
echo " Attempts to access private repositories from within"
echo " the build will fail, e.g. for private go modules, or"
echo " attempts to directly clone private repositories."
fi
make -C packages*.lock package
name: Compile Package
- run:
command: ls -lahR .buildcache/packages
name: List packages
- save_cache:
key: package-2cb1d35768c2d22815195653b679a1100f3812fe-{{checksum ".buildcache/cache-keys/package-2cb1d35768c2d22815195653b679a1100f3812fe"}}
name: Save package cache
paths:
- .buildcache/packages/store
test-ui-browserstack:
docker:
- image: docker.mirror.hashicorp.services/node:14-buster
shell: /usr/bin/env bash -euo pipefail -c
working_directory: /go/src/github.com/hashicorp/vault
resource_class: xlarge
steps:
- checkout
- restore_cache:
key: yarn-lock-v6-{{ checksum "ui/yarn.lock" }}
name: Restore yarn cache
- attach_workspace:
at: .
- run:
command: |
# Add ./bin to the PATH so vault binary can be found.
export PATH="${PWD}"/bin:${PATH}
make test-ui-browserstack
name: Run Browserstack Tests
build-go-dev:
machine: true
shell: /usr/bin/env bash -euo pipefail -c
working_directory: /go/src/github.com/hashicorp/vault
steps:
- run:
command: |
[ -n "$GO_VERSION" ] || { echo "You must set GO_VERSION"; exit 1; }
# Install Go
curl -sSLO "https://dl.google.com/go/go${GO_VERSION}.linux-amd64.tar.gz"
sudo rm -rf /usr/local/go
sudo tar -C /usr/local -xzf "go${GO_VERSION}.linux-amd64.tar.gz"
rm -f "go${GO_VERSION}.linux-amd64.tar.gz"
GOPATH="/go"
mkdir $GOPATH 2>/dev/null || { sudo mkdir $GOPATH && sudo chmod 777 $GOPATH; }
echo "export GOPATH='$GOPATH'" >> "$BASH_ENV"
echo "export PATH='$PATH:$GOPATH/bin:/usr/local/go/bin'" >> "$BASH_ENV"
echo "export GOPROXY=off" >> "$BASH_ENV"
echo "export GOPRIVATE=github.com/hashicorp/*" >> "$BASH_ENV"
echo "$ go version"
go version
name: Setup Go
working_directory: ~/
- checkout
- restore_cache:
keys:
- v1.3-{{checksum "go.sum"}}-{{checksum "sdk/go.sum"}}-{{checksum "api/go.sum"}}
name: Restore exact go modules cache
- attach_workspace:
at: .
- run:
command: |
# Move dev UI assets to expected location
rm -rf ./pkg
mkdir ./pkg
# Build dev binary
make ci-bootstrap dev
name: Build dev binary
- persist_to_workspace:
paths:
- bin
root: .
environment:
- CIRCLECI_CLI_VERSION: 0.1.5546
- GO_TAGS: ''
- GO_VERSION: 1.17.2
- GOTESTSUM_VERSION: 0.5.2
algolia-index:
docker:
- image: node:12
steps:
- checkout
- run:
command: |
if [ "$CIRCLE_REPOSITORY_URL" != "git@github.com:hashicorp/vault.git" ]; then
echo "Not Vault OSS Repo, not indexing Algolia"
exit 0
fi
cd website/
npm install
node scripts/index_search_content.js
name: Push content to Algolia Index
linux_386_package:
docker:
- image: docker.mirror.hashicorp.services/circleci/buildpack-deps
shell: /usr/bin/env bash -euo pipefail -c
environment:
- AUTO_INSTALL_TOOLS: 'YES'
- BUILDKIT_PROGRESS: plain
- PRODUCT_REVISION: ''
- PACKAGE_SPEC_ID: 4e8e7583b0c10de35f600c7a32826c79f6f84e64
steps:
- setup_remote_docker:
docker_layer_caching: false
version: 19.03.12
- add_ssh_keys:
fingerprints:
- 0e:03:77:f4:e2:c3:56:c2:53:6a:03:e1:31:91:2f:06
- checkout:
path: .
- run:
command: make -C packages*.lock write-package-cache-key
name: Write package cache key
- restore_cache:
key: package-4e8e7583b0c10de35f600c7a32826c79f6f84e64-{{checksum ".buildcache/cache-keys/package-4e8e7583b0c10de35f600c7a32826c79f6f84e64"}}
name: Restore package cache
- run:
command: |2
if ! { PKG=$(find .buildcache/packages/store -maxdepth 1 -mindepth 1 -name '*.zip' 2> /dev/null) && [ -n "$PKG" ]; }; then
echo "No package found, continuing with build."
exit 0
fi
echo "Package already cached, skipping build."
circleci-agent step halt
name: Check cache status
- run:
command: make -C packages*.lock write-builder-cache-keys
name: Write builder layer cache keys
- restore_cache:
key: copy-source_1ab1_{{checksum ".buildcache/cache-keys/copy-source-1ab15aacac6a43f8c71defb28e9bcdefafcecfc5"}}
keys:
- go-modules_a1e9_{{checksum ".buildcache/cache-keys/go-modules-a1e9cc6c22e8691bbc9a3bb3e91eb05d5e97730b"}}
- build-ui_9a4c_{{checksum ".buildcache/cache-keys/build-ui-9a4c8178808477469c37460df34f28cade634794"}}
- ui-dependencies_ee1b_{{checksum ".buildcache/cache-keys/ui-dependencies-ee1bc43cc876b6ac95b30d77c726ccd15ad8e4de"}}
- make-ui-folder_c9af_{{checksum ".buildcache/cache-keys/make-ui-folder-c9af5b6ad4a1e4dffbb201bf29c492e6a838ff43"}}
- install-yarn_f8c6_{{checksum ".buildcache/cache-keys/install-yarn-f8c6e065673e6047441a051da1a992019ca43a86"}}
- set-workdir_56f0_{{checksum ".buildcache/cache-keys/set-workdir-56f07806a01db8130a01fdbad631a2cba3ff7c53"}}
- install-go-tools_f4c1_{{checksum ".buildcache/cache-keys/install-go-tools-f4c1518e9671005726e8bf75513528512b36f5a2"}}
- install-go_877b_{{checksum ".buildcache/cache-keys/install-go-877bac5144c973403bc3944c0a4d0e870fbbb079"}}
- base_fc1f_{{checksum ".buildcache/cache-keys/base-fc1fa0c0d0643b393dfc77cbd78580b60fc4366f"}}
name: 'Restore Builder Image Cache: copy-source'
- run:
command: make -C packages*.lock load-builder-cache
name: Load whatever builder cache we have (if any) into the Docker daemon
no_output_timeout: 30m
- run:
command: |2-
KEYFILE="$HOME/.ssh/id_rsa_0e0377f4e2c356c2536a03e131912f06"
eval "$(ssh-agent -s)"
if [ -f "$KEYFILE" ]; then
ssh-add "$KEYFILE"
else
echo "==> INFO: SSH key for github.com not found"
echo " Attempts to access private repositories from within"
echo " the build will fail, e.g. for private go modules, or"
echo " attempts to directly clone private repositories."
fi
make -C packages*.lock package
name: Compile Package
- run:
command: ls -lahR .buildcache/packages
name: List packages
- save_cache:
key: package-4e8e7583b0c10de35f600c7a32826c79f6f84e64-{{checksum ".buildcache/cache-keys/package-4e8e7583b0c10de35f600c7a32826c79f6f84e64"}}
name: Save package cache
paths:
- .buildcache/packages/store
test-go-remote-docker:
docker:
- image: docker.mirror.hashicorp.services/circleci/golang:1.17.2-buster
resource_class: medium
working_directory: /go/src/github.com/hashicorp/vault
parallelism: 8
steps:
- run:
command: |
# If the branch being tested starts with ui/ or docs/ we want to exit the job without failing
[[ "$CIRCLE_BRANCH" = ui/* || "$CIRCLE_BRANCH" = docs/* ]] && {
# stop the job from this step
circleci-agent step halt
}
# exit with success either way
exit 0
name: Check branch name
working_directory: ~/
- checkout
- setup_remote_docker:
docker_layer_caching: true
version: 18.09.3
- add_ssh_keys:
fingerprints:
- 0e:03:77:f4:e2:c3:56:c2:53:6a:03:e1:31:91:2f:06
- run:
command: |
git config --global url."git@github.com:".insteadOf https://github.com/
- run:
command: |
TZ=GMT date '+%Y%m%d' > /tmp/go-cache-key
name: Compute test cache key
- restore_cache:
keys:
- go-test-cache-date-v1-{{ checksum "/tmp/go-cache-key" }}
- restore_cache:
keys:
- v1.3-{{checksum "go.sum"}}-{{checksum "sdk/go.sum"}}-{{checksum "api/go.sum"}}
name: Restore exact go modules cache
- run:
command: |
set -x
EXTRA_TAGS=
case "" in
*-race*) export VAULT_CI_GO_TEST_RACE=1;;
*) EXTRA_TAGS=deadlock;;
esac
# Install CircleCI CLI
curl -sSL \
"https://github.com/CircleCI-Public/circleci-cli/releases/download/v${CIRCLECI_CLI_VERSION}/circleci-cli_${CIRCLECI_CLI_VERSION}_linux_amd64.tar.gz" \
| sudo tar --overwrite -xz \
-C /usr/local/bin \
"circleci-cli_${CIRCLECI_CLI_VERSION}_linux_amd64/circleci"
USE_DOCKER=0
USE_DOCKER=1
# Check all directories with a go.mod file
modules=("." "api" "sdk")
all_package_names=""
for dir in "${modules[@]}"
do
pushd "$dir"
# Split Go tests by prior test times. If use_docker is true, only run
# tests that depend on docker, otherwise only those that don't.
# The appended true condition ensures the command will succeed if no packages are found
if [ $USE_DOCKER == 1 ]; then
package_names=$(go list -test -json ./... |
jq -r 'select(.Deps != null) |
select(any(.Deps[] ; contains("github.com/hashicorp/vault/helper/testhelpers/docker"))) |
.ForTest | select(. != null)' |
sort -u | grep -v vault/integ | circleci tests split --split-by=timings --timings-type=classname) || true
else
package_names=$(go list -test -json ./... |
jq -r 'select(.Deps != null) |
select(all(.Deps[] ; contains("github.com/hashicorp/vault/helper/testhelpers/docker")|not)) |
.ForTest | select(. != null)' |
sort -u | grep -v vault/integ | circleci tests split --split-by=timings --timings-type=classname) || true
fi
# Move back into root directory
popd
# Append the test packages into the global list, if any are found
if [ -n "$package_names" ]; then
all_package_names+=" ${package_names}"
fi
done
# After running tests split step, we are now running the following steps
# in multiple different containers, each getting a different subset of
# the test packages in their package_names variable. Each container
# has its own remote docker VM.
make prep
mkdir -p test-results/go-test
# We don't want VAULT_LICENSE set when running Go tests, because that's
# not what developers have in their environments and it could break some
# tests; it would be like setting VAULT_TOKEN. However some non-Go
# CI commands, like the UI tests, shouldn't have to worry about licensing.
# So we set VAULT_LICENSE in CI, and here we unset it. Instead of
# VAULT_LICENSE, we populate VAULT_LICENSE_CI, so that tests which want
# an externally supplied license can opt-in to using it.
export VAULT_LICENSE_CI="$VAULT_LICENSE"
VAULT_LICENSE=
# Create a docker network for our testcontainer
if [ $USE_DOCKER == 1 ]; then
# Despite the fact that we're using a circleci image (thus getting the
# version they chose for the docker cli) and that we're specifying a
# docker version to use for the remote docker instances, we occasionally
# see "client version too new, max supported version 1.39" errors for
# reasons unclear.
export DOCKER_API_VERSION=1.39
export TEST_DOCKER_NETWORK_ID=$(docker network list -q -f 'name=vaulttest')
if [ -z $TEST_DOCKER_NETWORK_ID ]; then
TEST_DOCKER_NETWORK_ID=$(docker network create vaulttest)
fi
# Start a docker testcontainer to run the tests in
docker run -d \
-e TEST_DOCKER_NETWORK_ID \
-e GOPRIVATE \
-e DOCKER_CERT_PATH \
-e DOCKER_HOST \
-e DOCKER_MACHINE_NAME \
-e DOCKER_TLS_VERIFY \
-e NO_PROXY \
-e VAULT_TEST_LOG_DIR=/tmp/testlogs \
--network vaulttest --name \
testcontainer docker.mirror.hashicorp.services/circleci/golang:1.17.2-buster \
tail -f /dev/null
# Run tests
test -d /tmp/go-cache && docker cp /tmp/go-cache testcontainer:/tmp/gocache
docker exec testcontainer sh -c 'mkdir -p /go/src/github.com/hashicorp/vault'
docker cp . testcontainer:/go/src/github.com/hashicorp/vault/
docker cp $DOCKER_CERT_PATH/ testcontainer:$DOCKER_CERT_PATH
# Copy the downloaded modules inside the container.
docker exec testcontainer sh -c 'mkdir -p /go/pkg'
docker cp "$(go env GOPATH)/pkg/mod" testcontainer:/go/pkg/mod
docker exec -w /go/src/github.com/hashicorp/vault/ \
-e CIRCLECI -e VAULT_CI_GO_TEST_RACE \
-e GOCACHE=/tmp/gocache \
-e GO_TAGS \
-e GOPROXY="off" \
-e VAULT_LICENSE_CI \
-e GOARCH=amd64 \
testcontainer \
gotestsum --format=short-verbose \
--junitfile test-results/go-test/results.xml \
--jsonfile test-results/go-test/results.json \
-- \
-tags "${GO_TAGS} ${EXTRA_TAGS}" \
-timeout=60m \
-parallel=20 \
\
${all_package_names}
else
GOARCH=amd64 \
GOCACHE=/tmp/go-cache \
gotestsum --format=short-verbose \
--junitfile test-results/go-test/results.xml \
--jsonfile test-results/go-test/results.json \
-- \
-tags "${GO_TAGS} ${EXTRA_TAGS}" \
-timeout=60m \
-parallel=20 \
\
${all_package_names}
fi
environment:
GOPRIVATE: github.com/hashicorp/*
name: Run Go tests
no_output_timeout: 60m
- run:
command: |
docker cp testcontainer:/go/src/github.com/hashicorp/vault/test-results .
docker cp testcontainer:/tmp/gocache /tmp/go-cache
name: Copy test results
when: always
- store_artifacts:
path: test-results
- store_test_results:
path: test-results
- store_artifacts:
path: /tmp/testlogs
environment:
- CIRCLECI_CLI_VERSION: 0.1.5546
- GO_TAGS: ''
freebsd_386_package:
docker:
- image: docker.mirror.hashicorp.services/circleci/buildpack-deps
shell: /usr/bin/env bash -euo pipefail -c
environment:
- AUTO_INSTALL_TOOLS: 'YES'
- BUILDKIT_PROGRESS: plain
- PRODUCT_REVISION: ''
- PACKAGE_SPEC_ID: 82f9a5672baa21c81f8cbe723d809aa4eb8cb37f
steps:
- setup_remote_docker:
docker_layer_caching: false
version: 19.03.12
- add_ssh_keys:
fingerprints:
- 0e:03:77:f4:e2:c3:56:c2:53:6a:03:e1:31:91:2f:06
- checkout:
path: .
- run:
command: make -C packages*.lock write-package-cache-key
name: Write package cache key
- restore_cache:
key: package-82f9a5672baa21c81f8cbe723d809aa4eb8cb37f-{{checksum ".buildcache/cache-keys/package-82f9a5672baa21c81f8cbe723d809aa4eb8cb37f"}}
name: Restore package cache
- run:
command: |2
if ! { PKG=$(find .buildcache/packages/store -maxdepth 1 -mindepth 1 -name '*.zip' 2> /dev/null) && [ -n "$PKG" ]; }; then
echo "No package found, continuing with build."
exit 0
fi
echo "Package already cached, skipping build."
circleci-agent step halt
name: Check cache status
- run:
command: make -C packages*.lock write-builder-cache-keys
name: Write builder layer cache keys
- restore_cache:
key: copy-source_1ab1_{{checksum ".buildcache/cache-keys/copy-source-1ab15aacac6a43f8c71defb28e9bcdefafcecfc5"}}
keys:
- go-modules_a1e9_{{checksum ".buildcache/cache-keys/go-modules-a1e9cc6c22e8691bbc9a3bb3e91eb05d5e97730b"}}
- build-ui_9a4c_{{checksum ".buildcache/cache-keys/build-ui-9a4c8178808477469c37460df34f28cade634794"}}
- ui-dependencies_ee1b_{{checksum ".buildcache/cache-keys/ui-dependencies-ee1bc43cc876b6ac95b30d77c726ccd15ad8e4de"}}
- make-ui-folder_c9af_{{checksum ".buildcache/cache-keys/make-ui-folder-c9af5b6ad4a1e4dffbb201bf29c492e6a838ff43"}}
- install-yarn_f8c6_{{checksum ".buildcache/cache-keys/install-yarn-f8c6e065673e6047441a051da1a992019ca43a86"}}
- set-workdir_56f0_{{checksum ".buildcache/cache-keys/set-workdir-56f07806a01db8130a01fdbad631a2cba3ff7c53"}}
- install-go-tools_f4c1_{{checksum ".buildcache/cache-keys/install-go-tools-f4c1518e9671005726e8bf75513528512b36f5a2"}}
- install-go_877b_{{checksum ".buildcache/cache-keys/install-go-877bac5144c973403bc3944c0a4d0e870fbbb079"}}
- base_fc1f_{{checksum ".buildcache/cache-keys/base-fc1fa0c0d0643b393dfc77cbd78580b60fc4366f"}}
name: 'Restore Builder Image Cache: copy-source'
- run:
command: make -C packages*.lock load-builder-cache
name: Load whatever builder cache we have (if any) into the Docker daemon
no_output_timeout: 30m
- run:
command: |2-
KEYFILE="$HOME/.ssh/id_rsa_0e0377f4e2c356c2536a03e131912f06"
eval "$(ssh-agent -s)"
if [ -f "$KEYFILE" ]; then
ssh-add "$KEYFILE"
else
echo "==> INFO: SSH key for github.com not found"
echo " Attempts to access private repositories from within"
echo " the build will fail, e.g. for private go modules, or"
echo " attempts to directly clone private repositories."
fi
make -C packages*.lock package
name: Compile Package
- run:
command: ls -lahR .buildcache/packages
name: List packages
- save_cache:
key: package-82f9a5672baa21c81f8cbe723d809aa4eb8cb37f-{{checksum ".buildcache/cache-keys/package-82f9a5672baa21c81f8cbe723d809aa4eb8cb37f"}}
name: Save package cache
paths:
- .buildcache/packages/store
test-go-race:
docker:
- image: docker.mirror.hashicorp.services/circleci/golang:1.17.2-buster
resource_class: xlarge
working_directory: /go/src/github.com/hashicorp/vault
parallelism: 8
steps:
- run:
command: |
# If the branch being tested starts with ui/ or docs/ we want to exit the job without failing
[[ "$CIRCLE_BRANCH" = ui/* || "$CIRCLE_BRANCH" = docs/* ]] && {
# stop the job from this step
circleci-agent step halt
}
# exit with success either way
exit 0
name: Check branch name
working_directory: ~/
- checkout
- add_ssh_keys:
fingerprints:
- 0e:03:77:f4:e2:c3:56:c2:53:6a:03:e1:31:91:2f:06
- run:
command: |
git config --global url."git@github.com:".insteadOf https://github.com/
- run:
command: |
TZ=GMT date '+%Y%m%d' > /tmp/go-cache-key
name: Compute test cache key
- restore_cache:
keys:
- go-test-cache-date-v1-{{ checksum "/tmp/go-cache-key" }}
- restore_cache:
keys:
- v1.3-{{checksum "go.sum"}}-{{checksum "sdk/go.sum"}}-{{checksum "api/go.sum"}}
name: Restore exact go modules cache
- run:
command: |
set -x
EXTRA_TAGS=
case "-race" in
*-race*) export VAULT_CI_GO_TEST_RACE=1;;
*) EXTRA_TAGS=deadlock;;
esac
# Install CircleCI CLI
curl -sSL \
"https://github.com/CircleCI-Public/circleci-cli/releases/download/v${CIRCLECI_CLI_VERSION}/circleci-cli_${CIRCLECI_CLI_VERSION}_linux_amd64.tar.gz" \
| sudo tar --overwrite -xz \
-C /usr/local/bin \
"circleci-cli_${CIRCLECI_CLI_VERSION}_linux_amd64/circleci"
USE_DOCKER=0
# Check all directories with a go.mod file
modules=("." "api" "sdk")
all_package_names=""
for dir in "${modules[@]}"
do
pushd "$dir"
# Split Go tests by prior test times. If use_docker is true, only run
# tests that depend on docker, otherwise only those that don't.
# The appended true condition ensures the command will succeed if no packages are found
if [ $USE_DOCKER == 1 ]; then
package_names=$(go list -test -json ./... |
jq -r 'select(.Deps != null) |
select(any(.Deps[] ; contains("github.com/hashicorp/vault/helper/testhelpers/docker"))) |
.ForTest | select(. != null)' |
sort -u | grep -v vault/integ | circleci tests split --split-by=timings --timings-type=classname) || true
else
package_names=$(go list -test -json ./... |
jq -r 'select(.Deps != null) |
select(all(.Deps[] ; contains("github.com/hashicorp/vault/helper/testhelpers/docker")|not)) |
.ForTest | select(. != null)' |
sort -u | grep -v vault/integ | circleci tests split --split-by=timings --timings-type=classname) || true
fi
# Move back into root directory
popd
# Append the test packages into the global list, if any are found
if [ -n "$package_names" ]; then
all_package_names+=" ${package_names}"
fi
done
# After running tests split step, we are now running the following steps
# in multiple different containers, each getting a different subset of
# the test packages in their package_names variable. Each container
# has its own remote docker VM.
make prep
mkdir -p test-results/go-test
# We don't want VAULT_LICENSE set when running Go tests, because that's
# not what developers have in their environments and it could break some
# tests; it would be like setting VAULT_TOKEN. However some non-Go
# CI commands, like the UI tests, shouldn't have to worry about licensing.
# So we set VAULT_LICENSE in CI, and here we unset it. Instead of
# VAULT_LICENSE, we populate VAULT_LICENSE_CI, so that tests which want
# an externally supplied license can opt-in to using it.
export VAULT_LICENSE_CI="$VAULT_LICENSE"
VAULT_LICENSE=
# Create a docker network for our testcontainer
if [ $USE_DOCKER == 1 ]; then
# Despite the fact that we're using a circleci image (thus getting the
# version they chose for the docker cli) and that we're specifying a
# docker version to use for the remote docker instances, we occasionally
# see "client version too new, max supported version 1.39" errors for
# reasons unclear.
export DOCKER_API_VERSION=1.39
export TEST_DOCKER_NETWORK_ID=$(docker network list -q -f 'name=vaulttest')
if [ -z $TEST_DOCKER_NETWORK_ID ]; then
TEST_DOCKER_NETWORK_ID=$(docker network create vaulttest)
fi
# Start a docker testcontainer to run the tests in
docker run -d \
-e TEST_DOCKER_NETWORK_ID \
-e GOPRIVATE \
-e DOCKER_CERT_PATH \
-e DOCKER_HOST \
-e DOCKER_MACHINE_NAME \
-e DOCKER_TLS_VERIFY \
-e NO_PROXY \
-e VAULT_TEST_LOG_DIR=/tmp/testlogs \
--network vaulttest --name \
testcontainer docker.mirror.hashicorp.services/circleci/golang:1.17.2-buster \
tail -f /dev/null
# Run tests
test -d /tmp/go-cache && docker cp /tmp/go-cache testcontainer:/tmp/gocache
docker exec testcontainer sh -c 'mkdir -p /go/src/github.com/hashicorp/vault'
docker cp . testcontainer:/go/src/github.com/hashicorp/vault/
docker cp $DOCKER_CERT_PATH/ testcontainer:$DOCKER_CERT_PATH
# Copy the downloaded modules inside the container.
docker exec testcontainer sh -c 'mkdir -p /go/pkg'
docker cp "$(go env GOPATH)/pkg/mod" testcontainer:/go/pkg/mod
docker exec -w /go/src/github.com/hashicorp/vault/ \
-e CIRCLECI -e VAULT_CI_GO_TEST_RACE \
-e GOCACHE=/tmp/gocache \
-e GO_TAGS \
-e GOPROXY="off" \
-e VAULT_LICENSE_CI \
-e GOARCH=amd64 \
testcontainer \
gotestsum --format=short-verbose \
--junitfile test-results/go-test/results.xml \
--jsonfile test-results/go-test/results.json \
-- \
-tags "${GO_TAGS} ${EXTRA_TAGS}" \
-timeout=60m \
-parallel=20 \
-race \
${all_package_names}
else
GOARCH=amd64 \
GOCACHE=/tmp/go-cache \
gotestsum --format=short-verbose \
--junitfile test-results/go-test/results.xml \
--jsonfile test-results/go-test/results.json \
-- \
-tags "${GO_TAGS} ${EXTRA_TAGS}" \
-timeout=60m \
-parallel=20 \
-race \
${all_package_names}
fi
environment:
GOPRIVATE: github.com/hashicorp/*
name: Run Go tests
no_output_timeout: 60m
- store_artifacts:
path: test-results
- store_test_results:
path: test-results
- store_artifacts:
path: /tmp/testlogs
environment:
- CIRCLECI_CLI_VERSION: 0.1.5546
- GO_TAGS: ''
freebsd_amd64_package:
docker:
- image: docker.mirror.hashicorp.services/circleci/buildpack-deps
shell: /usr/bin/env bash -euo pipefail -c
environment:
- AUTO_INSTALL_TOOLS: 'YES'
- BUILDKIT_PROGRESS: plain
- PRODUCT_REVISION: ''
- PACKAGE_SPEC_ID: 3169a9620bf58a58c4754c925224e792d19f229d
steps:
- setup_remote_docker:
docker_layer_caching: false
version: 19.03.12
- add_ssh_keys:
fingerprints:
- 0e:03:77:f4:e2:c3:56:c2:53:6a:03:e1:31:91:2f:06
- checkout:
path: .
- run:
command: make -C packages*.lock write-package-cache-key
name: Write package cache key
- restore_cache:
key: package-3169a9620bf58a58c4754c925224e792d19f229d-{{checksum ".buildcache/cache-keys/package-3169a9620bf58a58c4754c925224e792d19f229d"}}
name: Restore package cache
- run:
command: |2
if ! { PKG=$(find .buildcache/packages/store -maxdepth 1 -mindepth 1 -name '*.zip' 2> /dev/null) && [ -n "$PKG" ]; }; then
echo "No package found, continuing with build."
exit 0
fi
echo "Package already cached, skipping build."
circleci-agent step halt
name: Check cache status
- run:
command: make -C packages*.lock write-builder-cache-keys
name: Write builder layer cache keys
- restore_cache:
key: copy-source_1ab1_{{checksum ".buildcache/cache-keys/copy-source-1ab15aacac6a43f8c71defb28e9bcdefafcecfc5"}}
keys:
- go-modules_a1e9_{{checksum ".buildcache/cache-keys/go-modules-a1e9cc6c22e8691bbc9a3bb3e91eb05d5e97730b"}}
- build-ui_9a4c_{{checksum ".buildcache/cache-keys/build-ui-9a4c8178808477469c37460df34f28cade634794"}}
- ui-dependencies_ee1b_{{checksum ".buildcache/cache-keys/ui-dependencies-ee1bc43cc876b6ac95b30d77c726ccd15ad8e4de"}}
- make-ui-folder_c9af_{{checksum ".buildcache/cache-keys/make-ui-folder-c9af5b6ad4a1e4dffbb201bf29c492e6a838ff43"}}
- install-yarn_f8c6_{{checksum ".buildcache/cache-keys/install-yarn-f8c6e065673e6047441a051da1a992019ca43a86"}}
- set-workdir_56f0_{{checksum ".buildcache/cache-keys/set-workdir-56f07806a01db8130a01fdbad631a2cba3ff7c53"}}
- install-go-tools_f4c1_{{checksum ".buildcache/cache-keys/install-go-tools-f4c1518e9671005726e8bf75513528512b36f5a2"}}
- install-go_877b_{{checksum ".buildcache/cache-keys/install-go-877bac5144c973403bc3944c0a4d0e870fbbb079"}}
- base_fc1f_{{checksum ".buildcache/cache-keys/base-fc1fa0c0d0643b393dfc77cbd78580b60fc4366f"}}
name: 'Restore Builder Image Cache: copy-source'
- run:
command: make -C packages*.lock load-builder-cache
name: Load whatever builder cache we have (if any) into the Docker daemon
no_output_timeout: 30m
- run:
command: |2-
KEYFILE="$HOME/.ssh/id_rsa_0e0377f4e2c356c2536a03e131912f06"
eval "$(ssh-agent -s)"
if [ -f "$KEYFILE" ]; then
ssh-add "$KEYFILE"
else
echo "==> INFO: SSH key for github.com not found"
echo " Attempts to access private repositories from within"
echo " the build will fail, e.g. for private go modules, or"
echo " attempts to directly clone private repositories."
fi
make -C packages*.lock package
name: Compile Package
- run:
command: ls -lahR .buildcache/packages
name: List packages
- save_cache:
key: package-3169a9620bf58a58c4754c925224e792d19f229d-{{checksum ".buildcache/cache-keys/package-3169a9620bf58a58c4754c925224e792d19f229d"}}
name: Save package cache
paths:
- .buildcache/packages/store
openbsd_386_package:
docker:
- image: docker.mirror.hashicorp.services/circleci/buildpack-deps
shell: /usr/bin/env bash -euo pipefail -c
environment:
- AUTO_INSTALL_TOOLS: 'YES'
- BUILDKIT_PROGRESS: plain
- PRODUCT_REVISION: ''
- PACKAGE_SPEC_ID: 454f061138fcbbb161e5360bf8c5773fce25c8db
steps:
- setup_remote_docker:
docker_layer_caching: false
version: 19.03.12
- add_ssh_keys:
fingerprints:
- 0e:03:77:f4:e2:c3:56:c2:53:6a:03:e1:31:91:2f:06
- checkout:
path: .
- run:
command: make -C packages*.lock write-package-cache-key
name: Write package cache key
- restore_cache:
key: package-454f061138fcbbb161e5360bf8c5773fce25c8db-{{checksum ".buildcache/cache-keys/package-454f061138fcbbb161e5360bf8c5773fce25c8db"}}
name: Restore package cache
- run:
command: |2
if ! { PKG=$(find .buildcache/packages/store -maxdepth 1 -mindepth 1 -name '*.zip' 2> /dev/null) && [ -n "$PKG" ]; }; then
echo "No package found, continuing with build."
exit 0
fi
echo "Package already cached, skipping build."
circleci-agent step halt
name: Check cache status
- run:
command: make -C packages*.lock write-builder-cache-keys
name: Write builder layer cache keys
- restore_cache:
key: copy-source_1ab1_{{checksum ".buildcache/cache-keys/copy-source-1ab15aacac6a43f8c71defb28e9bcdefafcecfc5"}}
keys:
- go-modules_a1e9_{{checksum ".buildcache/cache-keys/go-modules-a1e9cc6c22e8691bbc9a3bb3e91eb05d5e97730b"}}
- build-ui_9a4c_{{checksum ".buildcache/cache-keys/build-ui-9a4c8178808477469c37460df34f28cade634794"}}
- ui-dependencies_ee1b_{{checksum ".buildcache/cache-keys/ui-dependencies-ee1bc43cc876b6ac95b30d77c726ccd15ad8e4de"}}
- make-ui-folder_c9af_{{checksum ".buildcache/cache-keys/make-ui-folder-c9af5b6ad4a1e4dffbb201bf29c492e6a838ff43"}}
- install-yarn_f8c6_{{checksum ".buildcache/cache-keys/install-yarn-f8c6e065673e6047441a051da1a992019ca43a86"}}
- set-workdir_56f0_{{checksum ".buildcache/cache-keys/set-workdir-56f07806a01db8130a01fdbad631a2cba3ff7c53"}}
- install-go-tools_f4c1_{{checksum ".buildcache/cache-keys/install-go-tools-f4c1518e9671005726e8bf75513528512b36f5a2"}}
- install-go_877b_{{checksum ".buildcache/cache-keys/install-go-877bac5144c973403bc3944c0a4d0e870fbbb079"}}
- base_fc1f_{{checksum ".buildcache/cache-keys/base-fc1fa0c0d0643b393dfc77cbd78580b60fc4366f"}}
name: 'Restore Builder Image Cache: copy-source'
- run:
command: make -C packages*.lock load-builder-cache
name: Load whatever builder cache we have (if any) into the Docker daemon
no_output_timeout: 30m
- run:
command: |2-
KEYFILE="$HOME/.ssh/id_rsa_0e0377f4e2c356c2536a03e131912f06"
eval "$(ssh-agent -s)"
if [ -f "$KEYFILE" ]; then
ssh-add "$KEYFILE"
else
echo "==> INFO: SSH key for github.com not found"
echo " Attempts to access private repositories from within"
echo " the build will fail, e.g. for private go modules, or"
echo " attempts to directly clone private repositories."
fi
make -C packages*.lock package
name: Compile Package
- run:
command: ls -lahR .buildcache/packages
name: List packages
- save_cache:
key: package-454f061138fcbbb161e5360bf8c5773fce25c8db-{{checksum ".buildcache/cache-keys/package-454f061138fcbbb161e5360bf8c5773fce25c8db"}}
name: Save package cache
paths:
- .buildcache/packages/store
linux_amd64_package:
docker:
- image: docker.mirror.hashicorp.services/circleci/buildpack-deps
shell: /usr/bin/env bash -euo pipefail -c
environment:
- AUTO_INSTALL_TOOLS: 'YES'
- BUILDKIT_PROGRESS: plain
- PRODUCT_REVISION: ''
- PACKAGE_SPEC_ID: 518bffc4352b6dc5a926ccfc298928e5a2491262
steps:
- setup_remote_docker:
docker_layer_caching: false
version: 19.03.12
- add_ssh_keys:
fingerprints:
- 0e:03:77:f4:e2:c3:56:c2:53:6a:03:e1:31:91:2f:06
- checkout:
path: .
- run:
command: make -C packages*.lock write-package-cache-key
name: Write package cache key
- restore_cache:
key: package-518bffc4352b6dc5a926ccfc298928e5a2491262-{{checksum ".buildcache/cache-keys/package-518bffc4352b6dc5a926ccfc298928e5a2491262"}}
name: Restore package cache
- run:
command: |2
if ! { PKG=$(find .buildcache/packages/store -maxdepth 1 -mindepth 1 -name '*.zip' 2> /dev/null) && [ -n "$PKG" ]; }; then
echo "No package found, continuing with build."
exit 0
fi
echo "Package already cached, skipping build."
circleci-agent step halt
name: Check cache status
- run:
command: make -C packages*.lock write-builder-cache-keys
name: Write builder layer cache keys
- restore_cache:
key: copy-source_1ab1_{{checksum ".buildcache/cache-keys/copy-source-1ab15aacac6a43f8c71defb28e9bcdefafcecfc5"}}
keys:
- go-modules_a1e9_{{checksum ".buildcache/cache-keys/go-modules-a1e9cc6c22e8691bbc9a3bb3e91eb05d5e97730b"}}
- build-ui_9a4c_{{checksum ".buildcache/cache-keys/build-ui-9a4c8178808477469c37460df34f28cade634794"}}
- ui-dependencies_ee1b_{{checksum ".buildcache/cache-keys/ui-dependencies-ee1bc43cc876b6ac95b30d77c726ccd15ad8e4de"}}
- make-ui-folder_c9af_{{checksum ".buildcache/cache-keys/make-ui-folder-c9af5b6ad4a1e4dffbb201bf29c492e6a838ff43"}}
- install-yarn_f8c6_{{checksum ".buildcache/cache-keys/install-yarn-f8c6e065673e6047441a051da1a992019ca43a86"}}
- set-workdir_56f0_{{checksum ".buildcache/cache-keys/set-workdir-56f07806a01db8130a01fdbad631a2cba3ff7c53"}}
- install-go-tools_f4c1_{{checksum ".buildcache/cache-keys/install-go-tools-f4c1518e9671005726e8bf75513528512b36f5a2"}}
- install-go_877b_{{checksum ".buildcache/cache-keys/install-go-877bac5144c973403bc3944c0a4d0e870fbbb079"}}
- base_fc1f_{{checksum ".buildcache/cache-keys/base-fc1fa0c0d0643b393dfc77cbd78580b60fc4366f"}}
name: 'Restore Builder Image Cache: copy-source'
- run:
command: make -C packages*.lock load-builder-cache
name: Load whatever builder cache we have (if any) into the Docker daemon
no_output_timeout: 30m
- run:
command: |2-
KEYFILE="$HOME/.ssh/id_rsa_0e0377f4e2c356c2536a03e131912f06"
eval "$(ssh-agent -s)"
if [ -f "$KEYFILE" ]; then
ssh-add "$KEYFILE"
else
echo "==> INFO: SSH key for github.com not found"
echo " Attempts to access private repositories from within"
echo " the build will fail, e.g. for private go modules, or"
echo " attempts to directly clone private repositories."
fi
make -C packages*.lock package
name: Compile Package
- run:
command: ls -lahR .buildcache/packages
name: List packages
- save_cache:
key: package-518bffc4352b6dc5a926ccfc298928e5a2491262-{{checksum ".buildcache/cache-keys/package-518bffc4352b6dc5a926ccfc298928e5a2491262"}}
name: Save package cache
paths:
- .buildcache/packages/store
website-docker-image:
docker:
- image: circleci/buildpack-deps
shell: /usr/bin/env bash -euo pipefail -c
steps:
- checkout
- setup_remote_docker
- run:
command: |
IMAGE_TAG="$(git rev-list -n1 HEAD -- website/Dockerfile website/package-lock.json)"
echo "Using $IMAGE_TAG"
if [ "$CIRCLE_REPOSITORY_URL" != "git@github.com:hashicorp/vault.git" ]; then
echo "Not Vault OSS Repo, not building website docker image"
elif curl https://hub.docker.com/v2/repositories/hashicorp/vault-website/tags/$IMAGE_TAG -fsL > /dev/null; then
echo "Dependencies have not changed, not building a new website docker image."
else
cd website/
docker build -t hashicorp/vault-website:$IMAGE_TAG .
docker tag hashicorp/vault-website:$IMAGE_TAG hashicorp/vault-website:latest
docker login -u $WEBSITE_DOCKER_USER -p $WEBSITE_DOCKER_PASS
docker push hashicorp/vault-website
fi
name: Build Docker Image if Necessary
solaris_amd64_package:
docker:
- image: docker.mirror.hashicorp.services/circleci/buildpack-deps
shell: /usr/bin/env bash -euo pipefail -c
environment:
- AUTO_INSTALL_TOOLS: 'YES'
- BUILDKIT_PROGRESS: plain
- PRODUCT_REVISION: ''
- PACKAGE_SPEC_ID: 2b3ca11a3d2b787952020bcde603859093126a40
steps:
- setup_remote_docker:
docker_layer_caching: false
version: 19.03.12
- add_ssh_keys:
fingerprints:
- 0e:03:77:f4:e2:c3:56:c2:53:6a:03:e1:31:91:2f:06
- checkout:
path: .
- run:
command: make -C packages*.lock write-package-cache-key
name: Write package cache key
- restore_cache:
key: package-2b3ca11a3d2b787952020bcde603859093126a40-{{checksum ".buildcache/cache-keys/package-2b3ca11a3d2b787952020bcde603859093126a40"}}
name: Restore package cache
- run:
command: |2
if ! { PKG=$(find .buildcache/packages/store -maxdepth 1 -mindepth 1 -name '*.zip' 2> /dev/null) && [ -n "$PKG" ]; }; then
echo "No package found, continuing with build."
exit 0
fi
echo "Package already cached, skipping build."
circleci-agent step halt
name: Check cache status
- run:
command: make -C packages*.lock write-builder-cache-keys
name: Write builder layer cache keys
- restore_cache:
key: copy-source_1ab1_{{checksum ".buildcache/cache-keys/copy-source-1ab15aacac6a43f8c71defb28e9bcdefafcecfc5"}}
keys:
- go-modules_a1e9_{{checksum ".buildcache/cache-keys/go-modules-a1e9cc6c22e8691bbc9a3bb3e91eb05d5e97730b"}}
- build-ui_9a4c_{{checksum ".buildcache/cache-keys/build-ui-9a4c8178808477469c37460df34f28cade634794"}}
- ui-dependencies_ee1b_{{checksum ".buildcache/cache-keys/ui-dependencies-ee1bc43cc876b6ac95b30d77c726ccd15ad8e4de"}}
- make-ui-folder_c9af_{{checksum ".buildcache/cache-keys/make-ui-folder-c9af5b6ad4a1e4dffbb201bf29c492e6a838ff43"}}
- install-yarn_f8c6_{{checksum ".buildcache/cache-keys/install-yarn-f8c6e065673e6047441a051da1a992019ca43a86"}}
- set-workdir_56f0_{{checksum ".buildcache/cache-keys/set-workdir-56f07806a01db8130a01fdbad631a2cba3ff7c53"}}
- install-go-tools_f4c1_{{checksum ".buildcache/cache-keys/install-go-tools-f4c1518e9671005726e8bf75513528512b36f5a2"}}
- install-go_877b_{{checksum ".buildcache/cache-keys/install-go-877bac5144c973403bc3944c0a4d0e870fbbb079"}}
- base_fc1f_{{checksum ".buildcache/cache-keys/base-fc1fa0c0d0643b393dfc77cbd78580b60fc4366f"}}
name: 'Restore Builder Image Cache: copy-source'
- run:
command: make -C packages*.lock load-builder-cache
name: Load whatever builder cache we have (if any) into the Docker daemon
no_output_timeout: 30m
- run:
command: |2-
KEYFILE="$HOME/.ssh/id_rsa_0e0377f4e2c356c2536a03e131912f06"
eval "$(ssh-agent -s)"
if [ -f "$KEYFILE" ]; then
ssh-add "$KEYFILE"
else
echo "==> INFO: SSH key for github.com not found"
echo " Attempts to access private repositories from within"
echo " the build will fail, e.g. for private go modules, or"
echo " attempts to directly clone private repositories."
fi
make -C packages*.lock package
name: Compile Package
- run:
command: ls -lahR .buildcache/packages
name: List packages
- save_cache:
key: package-2b3ca11a3d2b787952020bcde603859093126a40-{{checksum ".buildcache/cache-keys/package-2b3ca11a3d2b787952020bcde603859093126a40"}}
name: Save package cache
paths:
- .buildcache/packages/store
test-go:
docker:
- image: docker.mirror.hashicorp.services/circleci/golang:1.17.2-buster
resource_class: large
working_directory: /go/src/github.com/hashicorp/vault
parallelism: 8
steps:
- run:
command: |
# If the branch being tested starts with ui/ or docs/ we want to exit the job without failing
[[ "$CIRCLE_BRANCH" = ui/* || "$CIRCLE_BRANCH" = docs/* ]] && {
# stop the job from this step
circleci-agent step halt
}
# exit with success either way
exit 0
name: Check branch name
working_directory: ~/
- checkout
- add_ssh_keys:
fingerprints:
- 0e:03:77:f4:e2:c3:56:c2:53:6a:03:e1:31:91:2f:06
- run:
command: |
git config --global url."git@github.com:".insteadOf https://github.com/
- run:
command: |
TZ=GMT date '+%Y%m%d' > /tmp/go-cache-key
name: Compute test cache key
- restore_cache:
keys:
- go-test-cache-date-v1-{{ checksum "/tmp/go-cache-key" }}
- restore_cache:
keys:
- v1.3-{{checksum "go.sum"}}-{{checksum "sdk/go.sum"}}-{{checksum "api/go.sum"}}
name: Restore exact go modules cache
- run:
command: |
set -x
EXTRA_TAGS=
case "" in
*-race*) export VAULT_CI_GO_TEST_RACE=1;;
*) EXTRA_TAGS=deadlock;;
esac
# Install CircleCI CLI
curl -sSL \
"https://github.com/CircleCI-Public/circleci-cli/releases/download/v${CIRCLECI_CLI_VERSION}/circleci-cli_${CIRCLECI_CLI_VERSION}_linux_amd64.tar.gz" \
| sudo tar --overwrite -xz \
-C /usr/local/bin \
"circleci-cli_${CIRCLECI_CLI_VERSION}_linux_amd64/circleci"
USE_DOCKER=0
# Check all directories with a go.mod file
modules=("." "api" "sdk")
all_package_names=""
for dir in "${modules[@]}"
do
pushd "$dir"
# Split Go tests by prior test times. If use_docker is true, only run
# tests that depend on docker, otherwise only those that don't.
# The appended true condition ensures the command will succeed if no packages are found
if [ $USE_DOCKER == 1 ]; then
package_names=$(go list -test -json ./... |
jq -r 'select(.Deps != null) |
select(any(.Deps[] ; contains("github.com/hashicorp/vault/helper/testhelpers/docker"))) |
.ForTest | select(. != null)' |
sort -u | grep -v vault/integ | circleci tests split --split-by=timings --timings-type=classname) || true
else
package_names=$(go list -test -json ./... |
jq -r 'select(.Deps != null) |
select(all(.Deps[] ; contains("github.com/hashicorp/vault/helper/testhelpers/docker")|not)) |
.ForTest | select(. != null)' |
sort -u | grep -v vault/integ | circleci tests split --split-by=timings --timings-type=classname) || true
fi
# Move back into root directory
popd
# Append the test packages into the global list, if any are found
if [ -n "$package_names" ]; then
all_package_names+=" ${package_names}"
fi
done
# After running tests split step, we are now running the following steps
# in multiple different containers, each getting a different subset of
# the test packages in their package_names variable. Each container
# has its own remote docker VM.
make prep
mkdir -p test-results/go-test
# We don't want VAULT_LICENSE set when running Go tests, because that's
# not what developers have in their environments and it could break some
# tests; it would be like setting VAULT_TOKEN. However some non-Go
# CI commands, like the UI tests, shouldn't have to worry about licensing.
# So we set VAULT_LICENSE in CI, and here we unset it. Instead of
# VAULT_LICENSE, we populate VAULT_LICENSE_CI, so that tests which want
# an externally supplied license can opt-in to using it.
export VAULT_LICENSE_CI="$VAULT_LICENSE"
VAULT_LICENSE=
# Create a docker network for our testcontainer
if [ $USE_DOCKER == 1 ]; then
# Despite the fact that we're using a circleci image (thus getting the
# version they chose for the docker cli) and that we're specifying a
# docker version to use for the remote docker instances, we occasionally
# see "client version too new, max supported version 1.39" errors for
# reasons unclear.
export DOCKER_API_VERSION=1.39
export TEST_DOCKER_NETWORK_ID=$(docker network list -q -f 'name=vaulttest')
if [ -z $TEST_DOCKER_NETWORK_ID ]; then
TEST_DOCKER_NETWORK_ID=$(docker network create vaulttest)
fi
# Start a docker testcontainer to run the tests in
docker run -d \
-e TEST_DOCKER_NETWORK_ID \
-e GOPRIVATE \
-e DOCKER_CERT_PATH \
-e DOCKER_HOST \
-e DOCKER_MACHINE_NAME \
-e DOCKER_TLS_VERIFY \
-e NO_PROXY \
-e VAULT_TEST_LOG_DIR=/tmp/testlogs \
--network vaulttest --name \
testcontainer docker.mirror.hashicorp.services/circleci/golang:1.17.2-buster \
tail -f /dev/null
# Run tests
test -d /tmp/go-cache && docker cp /tmp/go-cache testcontainer:/tmp/gocache
docker exec testcontainer sh -c 'mkdir -p /go/src/github.com/hashicorp/vault'
docker cp . testcontainer:/go/src/github.com/hashicorp/vault/
docker cp $DOCKER_CERT_PATH/ testcontainer:$DOCKER_CERT_PATH
# Copy the downloaded modules inside the container.
docker exec testcontainer sh -c 'mkdir -p /go/pkg'
docker cp "$(go env GOPATH)/pkg/mod" testcontainer:/go/pkg/mod
docker exec -w /go/src/github.com/hashicorp/vault/ \
-e CIRCLECI -e VAULT_CI_GO_TEST_RACE \
-e GOCACHE=/tmp/gocache \
-e GO_TAGS \
-e GOPROXY="off" \
-e VAULT_LICENSE_CI \
-e GOARCH=amd64 \
testcontainer \
gotestsum --format=short-verbose \
--junitfile test-results/go-test/results.xml \
--jsonfile test-results/go-test/results.json \
-- \
-tags "${GO_TAGS} ${EXTRA_TAGS}" \
-timeout=60m \
-parallel=20 \
\
${all_package_names}
else
GOARCH=amd64 \
GOCACHE=/tmp/go-cache \
gotestsum --format=short-verbose \
--junitfile test-results/go-test/results.xml \
--jsonfile test-results/go-test/results.json \
-- \
-tags "${GO_TAGS} ${EXTRA_TAGS}" \
-timeout=60m \
-parallel=20 \
\
${all_package_names}
fi
environment:
GOPRIVATE: github.com/hashicorp/*
name: Run Go tests
no_output_timeout: 60m
- store_artifacts:
path: test-results
- store_test_results:
path: test-results
- store_artifacts:
path: /tmp/testlogs
environment:
- CIRCLECI_CLI_VERSION: 0.1.5546
- GO_TAGS: ''
netbsd_amd64_package:
docker:
- image: docker.mirror.hashicorp.services/circleci/buildpack-deps
shell: /usr/bin/env bash -euo pipefail -c
environment:
- AUTO_INSTALL_TOOLS: 'YES'
- BUILDKIT_PROGRESS: plain
- PRODUCT_REVISION: ''
- PACKAGE_SPEC_ID: 333efb7eb87e0bad1387f1e683cb4434fc99f9af
steps:
- setup_remote_docker:
docker_layer_caching: false
version: 19.03.12
- add_ssh_keys:
fingerprints:
- 0e:03:77:f4:e2:c3:56:c2:53:6a:03:e1:31:91:2f:06
- checkout:
path: .
- run:
command: make -C packages*.lock write-package-cache-key
name: Write package cache key
- restore_cache:
key: package-333efb7eb87e0bad1387f1e683cb4434fc99f9af-{{checksum ".buildcache/cache-keys/package-333efb7eb87e0bad1387f1e683cb4434fc99f9af"}}
name: Restore package cache
- run:
command: |2
if ! { PKG=$(find .buildcache/packages/store -maxdepth 1 -mindepth 1 -name '*.zip' 2> /dev/null) && [ -n "$PKG" ]; }; then
echo "No package found, continuing with build."
exit 0
fi
echo "Package already cached, skipping build."
circleci-agent step halt
name: Check cache status
- run:
command: make -C packages*.lock write-builder-cache-keys
name: Write builder layer cache keys
- restore_cache:
key: copy-source_1ab1_{{checksum ".buildcache/cache-keys/copy-source-1ab15aacac6a43f8c71defb28e9bcdefafcecfc5"}}
keys:
- go-modules_a1e9_{{checksum ".buildcache/cache-keys/go-modules-a1e9cc6c22e8691bbc9a3bb3e91eb05d5e97730b"}}
- build-ui_9a4c_{{checksum ".buildcache/cache-keys/build-ui-9a4c8178808477469c37460df34f28cade634794"}}
- ui-dependencies_ee1b_{{checksum ".buildcache/cache-keys/ui-dependencies-ee1bc43cc876b6ac95b30d77c726ccd15ad8e4de"}}
- make-ui-folder_c9af_{{checksum ".buildcache/cache-keys/make-ui-folder-c9af5b6ad4a1e4dffbb201bf29c492e6a838ff43"}}
- install-yarn_f8c6_{{checksum ".buildcache/cache-keys/install-yarn-f8c6e065673e6047441a051da1a992019ca43a86"}}
- set-workdir_56f0_{{checksum ".buildcache/cache-keys/set-workdir-56f07806a01db8130a01fdbad631a2cba3ff7c53"}}
- install-go-tools_f4c1_{{checksum ".buildcache/cache-keys/install-go-tools-f4c1518e9671005726e8bf75513528512b36f5a2"}}
- install-go_877b_{{checksum ".buildcache/cache-keys/install-go-877bac5144c973403bc3944c0a4d0e870fbbb079"}}
- base_fc1f_{{checksum ".buildcache/cache-keys/base-fc1fa0c0d0643b393dfc77cbd78580b60fc4366f"}}
name: 'Restore Builder Image Cache: copy-source'
- run:
command: make -C packages*.lock load-builder-cache
name: Load whatever builder cache we have (if any) into the Docker daemon
no_output_timeout: 30m
- run:
command: |2-
KEYFILE="$HOME/.ssh/id_rsa_0e0377f4e2c356c2536a03e131912f06"
eval "$(ssh-agent -s)"
if [ -f "$KEYFILE" ]; then
ssh-add "$KEYFILE"
else
echo "==> INFO: SSH key for github.com not found"
echo " Attempts to access private repositories from within"
echo " the build will fail, e.g. for private go modules, or"
echo " attempts to directly clone private repositories."
fi
make -C packages*.lock package
name: Compile Package
- run:
command: ls -lahR .buildcache/packages
name: List packages
- save_cache:
key: package-333efb7eb87e0bad1387f1e683cb4434fc99f9af-{{checksum ".buildcache/cache-keys/package-333efb7eb87e0bad1387f1e683cb4434fc99f9af"}}
name: Save package cache
paths:
- .buildcache/packages/store
openbsd_amd64_package:
docker:
- image: docker.mirror.hashicorp.services/circleci/buildpack-deps
shell: /usr/bin/env bash -euo pipefail -c
environment:
- AUTO_INSTALL_TOOLS: 'YES'
- BUILDKIT_PROGRESS: plain
- PRODUCT_REVISION: ''
- PACKAGE_SPEC_ID: 3f9c6b5987fcd19d637a066d4956e63b42516f38
steps:
- setup_remote_docker:
docker_layer_caching: false
version: 19.03.12
- add_ssh_keys:
fingerprints:
- 0e:03:77:f4:e2:c3:56:c2:53:6a:03:e1:31:91:2f:06
- checkout:
path: .
- run:
command: make -C packages*.lock write-package-cache-key
name: Write package cache key
- restore_cache:
key: package-3f9c6b5987fcd19d637a066d4956e63b42516f38-{{checksum ".buildcache/cache-keys/package-3f9c6b5987fcd19d637a066d4956e63b42516f38"}}
name: Restore package cache
- run:
command: |2
if ! { PKG=$(find .buildcache/packages/store -maxdepth 1 -mindepth 1 -name '*.zip' 2> /dev/null) && [ -n "$PKG" ]; }; then
echo "No package found, continuing with build."
exit 0
fi
echo "Package already cached, skipping build."
circleci-agent step halt
name: Check cache status
- run:
command: make -C packages*.lock write-builder-cache-keys
name: Write builder layer cache keys
- restore_cache:
key: copy-source_1ab1_{{checksum ".buildcache/cache-keys/copy-source-1ab15aacac6a43f8c71defb28e9bcdefafcecfc5"}}
keys:
- go-modules_a1e9_{{checksum ".buildcache/cache-keys/go-modules-a1e9cc6c22e8691bbc9a3bb3e91eb05d5e97730b"}}
- build-ui_9a4c_{{checksum ".buildcache/cache-keys/build-ui-9a4c8178808477469c37460df34f28cade634794"}}
- ui-dependencies_ee1b_{{checksum ".buildcache/cache-keys/ui-dependencies-ee1bc43cc876b6ac95b30d77c726ccd15ad8e4de"}}
- make-ui-folder_c9af_{{checksum ".buildcache/cache-keys/make-ui-folder-c9af5b6ad4a1e4dffbb201bf29c492e6a838ff43"}}
- install-yarn_f8c6_{{checksum ".buildcache/cache-keys/install-yarn-f8c6e065673e6047441a051da1a992019ca43a86"}}
- set-workdir_56f0_{{checksum ".buildcache/cache-keys/set-workdir-56f07806a01db8130a01fdbad631a2cba3ff7c53"}}
- install-go-tools_f4c1_{{checksum ".buildcache/cache-keys/install-go-tools-f4c1518e9671005726e8bf75513528512b36f5a2"}}
- install-go_877b_{{checksum ".buildcache/cache-keys/install-go-877bac5144c973403bc3944c0a4d0e870fbbb079"}}
- base_fc1f_{{checksum ".buildcache/cache-keys/base-fc1fa0c0d0643b393dfc77cbd78580b60fc4366f"}}
name: 'Restore Builder Image Cache: copy-source'
- run:
command: make -C packages*.lock load-builder-cache
name: Load whatever builder cache we have (if any) into the Docker daemon
no_output_timeout: 30m
- run:
command: |2-
KEYFILE="$HOME/.ssh/id_rsa_0e0377f4e2c356c2536a03e131912f06"
eval "$(ssh-agent -s)"
if [ -f "$KEYFILE" ]; then
ssh-add "$KEYFILE"
else
echo "==> INFO: SSH key for github.com not found"
echo " Attempts to access private repositories from within"
echo " the build will fail, e.g. for private go modules, or"
echo " attempts to directly clone private repositories."
fi
make -C packages*.lock package
name: Compile Package
- run:
command: ls -lahR .buildcache/packages
name: List packages
- save_cache:
key: package-3f9c6b5987fcd19d637a066d4956e63b42516f38-{{checksum ".buildcache/cache-keys/package-3f9c6b5987fcd19d637a066d4956e63b42516f38"}}
name: Save package cache
paths:
- .buildcache/packages/store
netbsd_386_package:
docker:
- image: docker.mirror.hashicorp.services/circleci/buildpack-deps
shell: /usr/bin/env bash -euo pipefail -c
environment:
- AUTO_INSTALL_TOOLS: 'YES'
- BUILDKIT_PROGRESS: plain
- PRODUCT_REVISION: ''
- PACKAGE_SPEC_ID: 195bd6a05b1feb6506cb35347d3025832fd7acf3
steps:
- setup_remote_docker:
docker_layer_caching: false
version: 19.03.12
- add_ssh_keys:
fingerprints:
- 0e:03:77:f4:e2:c3:56:c2:53:6a:03:e1:31:91:2f:06
- checkout:
path: .
- run:
command: make -C packages*.lock write-package-cache-key
name: Write package cache key
- restore_cache:
key: package-195bd6a05b1feb6506cb35347d3025832fd7acf3-{{checksum ".buildcache/cache-keys/package-195bd6a05b1feb6506cb35347d3025832fd7acf3"}}
name: Restore package cache
- run:
command: |2
if ! { PKG=$(find .buildcache/packages/store -maxdepth 1 -mindepth 1 -name '*.zip' 2> /dev/null) && [ -n "$PKG" ]; }; then
echo "No package found, continuing with build."
exit 0
fi
echo "Package already cached, skipping build."
circleci-agent step halt
name: Check cache status
- run:
command: make -C packages*.lock write-builder-cache-keys
name: Write builder layer cache keys
- restore_cache:
key: copy-source_1ab1_{{checksum ".buildcache/cache-keys/copy-source-1ab15aacac6a43f8c71defb28e9bcdefafcecfc5"}}
keys:
- go-modules_a1e9_{{checksum ".buildcache/cache-keys/go-modules-a1e9cc6c22e8691bbc9a3bb3e91eb05d5e97730b"}}
- build-ui_9a4c_{{checksum ".buildcache/cache-keys/build-ui-9a4c8178808477469c37460df34f28cade634794"}}
- ui-dependencies_ee1b_{{checksum ".buildcache/cache-keys/ui-dependencies-ee1bc43cc876b6ac95b30d77c726ccd15ad8e4de"}}
- make-ui-folder_c9af_{{checksum ".buildcache/cache-keys/make-ui-folder-c9af5b6ad4a1e4dffbb201bf29c492e6a838ff43"}}
- install-yarn_f8c6_{{checksum ".buildcache/cache-keys/install-yarn-f8c6e065673e6047441a051da1a992019ca43a86"}}
- set-workdir_56f0_{{checksum ".buildcache/cache-keys/set-workdir-56f07806a01db8130a01fdbad631a2cba3ff7c53"}}
- install-go-tools_f4c1_{{checksum ".buildcache/cache-keys/install-go-tools-f4c1518e9671005726e8bf75513528512b36f5a2"}}
- install-go_877b_{{checksum ".buildcache/cache-keys/install-go-877bac5144c973403bc3944c0a4d0e870fbbb079"}}
- base_fc1f_{{checksum ".buildcache/cache-keys/base-fc1fa0c0d0643b393dfc77cbd78580b60fc4366f"}}
name: 'Restore Builder Image Cache: copy-source'
- run:
command: make -C packages*.lock load-builder-cache
name: Load whatever builder cache we have (if any) into the Docker daemon
no_output_timeout: 30m
- run:
command: |2-
KEYFILE="$HOME/.ssh/id_rsa_0e0377f4e2c356c2536a03e131912f06"
eval "$(ssh-agent -s)"
if [ -f "$KEYFILE" ]; then
ssh-add "$KEYFILE"
else
echo "==> INFO: SSH key for github.com not found"
echo " Attempts to access private repositories from within"
echo " the build will fail, e.g. for private go modules, or"
echo " attempts to directly clone private repositories."
fi
make -C packages*.lock package
name: Compile Package
- run:
command: ls -lahR .buildcache/packages
name: List packages
- save_cache:
key: package-195bd6a05b1feb6506cb35347d3025832fd7acf3-{{checksum ".buildcache/cache-keys/package-195bd6a05b1feb6506cb35347d3025832fd7acf3"}}
name: Save package cache
paths:
- .buildcache/packages/store
freebsd_arm_package:
docker:
- image: docker.mirror.hashicorp.services/circleci/buildpack-deps
shell: /usr/bin/env bash -euo pipefail -c
environment:
- AUTO_INSTALL_TOOLS: 'YES'
- BUILDKIT_PROGRESS: plain
- PRODUCT_REVISION: ''
- PACKAGE_SPEC_ID: 1c9830949ec7c9a729004e4e0d03fc202498b122
steps:
- setup_remote_docker:
docker_layer_caching: false
version: 19.03.12
- add_ssh_keys:
fingerprints:
- 0e:03:77:f4:e2:c3:56:c2:53:6a:03:e1:31:91:2f:06
- checkout:
path: .
- run:
command: make -C packages*.lock write-package-cache-key
name: Write package cache key
- restore_cache:
key: package-1c9830949ec7c9a729004e4e0d03fc202498b122-{{checksum ".buildcache/cache-keys/package-1c9830949ec7c9a729004e4e0d03fc202498b122"}}
name: Restore package cache
- run:
command: |2
if ! { PKG=$(find .buildcache/packages/store -maxdepth 1 -mindepth 1 -name '*.zip' 2> /dev/null) && [ -n "$PKG" ]; }; then
echo "No package found, continuing with build."
exit 0
fi
echo "Package already cached, skipping build."
circleci-agent step halt
name: Check cache status
- run:
command: make -C packages*.lock write-builder-cache-keys
name: Write builder layer cache keys
- restore_cache:
key: copy-source_1ab1_{{checksum ".buildcache/cache-keys/copy-source-1ab15aacac6a43f8c71defb28e9bcdefafcecfc5"}}
keys:
- go-modules_a1e9_{{checksum ".buildcache/cache-keys/go-modules-a1e9cc6c22e8691bbc9a3bb3e91eb05d5e97730b"}}
- build-ui_9a4c_{{checksum ".buildcache/cache-keys/build-ui-9a4c8178808477469c37460df34f28cade634794"}}
- ui-dependencies_ee1b_{{checksum ".buildcache/cache-keys/ui-dependencies-ee1bc43cc876b6ac95b30d77c726ccd15ad8e4de"}}
- make-ui-folder_c9af_{{checksum ".buildcache/cache-keys/make-ui-folder-c9af5b6ad4a1e4dffbb201bf29c492e6a838ff43"}}
- install-yarn_f8c6_{{checksum ".buildcache/cache-keys/install-yarn-f8c6e065673e6047441a051da1a992019ca43a86"}}
- set-workdir_56f0_{{checksum ".buildcache/cache-keys/set-workdir-56f07806a01db8130a01fdbad631a2cba3ff7c53"}}
- install-go-tools_f4c1_{{checksum ".buildcache/cache-keys/install-go-tools-f4c1518e9671005726e8bf75513528512b36f5a2"}}
- install-go_877b_{{checksum ".buildcache/cache-keys/install-go-877bac5144c973403bc3944c0a4d0e870fbbb079"}}
- base_fc1f_{{checksum ".buildcache/cache-keys/base-fc1fa0c0d0643b393dfc77cbd78580b60fc4366f"}}
name: 'Restore Builder Image Cache: copy-source'
- run:
command: make -C packages*.lock load-builder-cache
name: Load whatever builder cache we have (if any) into the Docker daemon
no_output_timeout: 30m
- run:
command: |2-
KEYFILE="$HOME/.ssh/id_rsa_0e0377f4e2c356c2536a03e131912f06"
eval "$(ssh-agent -s)"
if [ -f "$KEYFILE" ]; then
ssh-add "$KEYFILE"
else
echo "==> INFO: SSH key for github.com not found"
echo " Attempts to access private repositories from within"
echo " the build will fail, e.g. for private go modules, or"
echo " attempts to directly clone private repositories."
fi
make -C packages*.lock package
name: Compile Package
- run:
command: ls -lahR .buildcache/packages
name: List packages
- save_cache:
key: package-1c9830949ec7c9a729004e4e0d03fc202498b122-{{checksum ".buildcache/cache-keys/package-1c9830949ec7c9a729004e4e0d03fc202498b122"}}
name: Save package cache
paths:
- .buildcache/packages/store
windows_amd64_package:
docker:
- image: docker.mirror.hashicorp.services/circleci/buildpack-deps
shell: /usr/bin/env bash -euo pipefail -c
environment:
- AUTO_INSTALL_TOOLS: 'YES'
- BUILDKIT_PROGRESS: plain
- PRODUCT_REVISION: ''
- PACKAGE_SPEC_ID: df040588ea83a25989b822a0f302850a4c46a6b8
steps:
- setup_remote_docker:
docker_layer_caching: false
version: 19.03.12
- add_ssh_keys:
fingerprints:
- 0e:03:77:f4:e2:c3:56:c2:53:6a:03:e1:31:91:2f:06
- checkout:
path: .
- run:
command: make -C packages*.lock write-package-cache-key
name: Write package cache key
- restore_cache:
key: package-df040588ea83a25989b822a0f302850a4c46a6b8-{{checksum ".buildcache/cache-keys/package-df040588ea83a25989b822a0f302850a4c46a6b8"}}
name: Restore package cache
- run:
command: |2
if ! { PKG=$(find .buildcache/packages/store -maxdepth 1 -mindepth 1 -name '*.zip' 2> /dev/null) && [ -n "$PKG" ]; }; then
echo "No package found, continuing with build."
exit 0
fi
echo "Package already cached, skipping build."
circleci-agent step halt
name: Check cache status
- run:
command: make -C packages*.lock write-builder-cache-keys
name: Write builder layer cache keys
- restore_cache:
key: copy-source_1ab1_{{checksum ".buildcache/cache-keys/copy-source-1ab15aacac6a43f8c71defb28e9bcdefafcecfc5"}}
keys:
- go-modules_a1e9_{{checksum ".buildcache/cache-keys/go-modules-a1e9cc6c22e8691bbc9a3bb3e91eb05d5e97730b"}}
- build-ui_9a4c_{{checksum ".buildcache/cache-keys/build-ui-9a4c8178808477469c37460df34f28cade634794"}}
- ui-dependencies_ee1b_{{checksum ".buildcache/cache-keys/ui-dependencies-ee1bc43cc876b6ac95b30d77c726ccd15ad8e4de"}}
- make-ui-folder_c9af_{{checksum ".buildcache/cache-keys/make-ui-folder-c9af5b6ad4a1e4dffbb201bf29c492e6a838ff43"}}
- install-yarn_f8c6_{{checksum ".buildcache/cache-keys/install-yarn-f8c6e065673e6047441a051da1a992019ca43a86"}}
- set-workdir_56f0_{{checksum ".buildcache/cache-keys/set-workdir-56f07806a01db8130a01fdbad631a2cba3ff7c53"}}
- install-go-tools_f4c1_{{checksum ".buildcache/cache-keys/install-go-tools-f4c1518e9671005726e8bf75513528512b36f5a2"}}
- install-go_877b_{{checksum ".buildcache/cache-keys/install-go-877bac5144c973403bc3944c0a4d0e870fbbb079"}}
- base_fc1f_{{checksum ".buildcache/cache-keys/base-fc1fa0c0d0643b393dfc77cbd78580b60fc4366f"}}
name: 'Restore Builder Image Cache: copy-source'
- run:
command: make -C packages*.lock load-builder-cache
name: Load whatever builder cache we have (if any) into the Docker daemon
no_output_timeout: 30m
- run:
command: |2-
KEYFILE="$HOME/.ssh/id_rsa_0e0377f4e2c356c2536a03e131912f06"
eval "$(ssh-agent -s)"
if [ -f "$KEYFILE" ]; then
ssh-add "$KEYFILE"
else
echo "==> INFO: SSH key for github.com not found"
echo " Attempts to access private repositories from within"
echo " the build will fail, e.g. for private go modules, or"
echo " attempts to directly clone private repositories."
fi
make -C packages*.lock package
name: Compile Package
- run:
command: ls -lahR .buildcache/packages
name: List packages
- save_cache:
key: package-df040588ea83a25989b822a0f302850a4c46a6b8-{{checksum ".buildcache/cache-keys/package-df040588ea83a25989b822a0f302850a4c46a6b8"}}
name: Save package cache
paths:
- .buildcache/packages/store
pre-flight-checks:
machine: true
shell: /usr/bin/env bash -euo pipefail -c
working_directory: /go/src/github.com/hashicorp/vault
steps:
- run:
command: |
[ -n "$GO_VERSION" ] || { echo "You must set GO_VERSION"; exit 1; }
# Install Go
curl -sSLO "https://dl.google.com/go/go${GO_VERSION}.linux-amd64.tar.gz"
sudo rm -rf /usr/local/go
sudo tar -C /usr/local -xzf "go${GO_VERSION}.linux-amd64.tar.gz"
rm -f "go${GO_VERSION}.linux-amd64.tar.gz"
GOPATH="/go"
mkdir $GOPATH 2>/dev/null || { sudo mkdir $GOPATH && sudo chmod 777 $GOPATH; }
echo "export GOPATH='$GOPATH'" >> "$BASH_ENV"
echo "export PATH='$PATH:$GOPATH/bin:/usr/local/go/bin'" >> "$BASH_ENV"
echo "export GOPROXY=https://proxy.golang.org,direct" >> "$BASH_ENV"
echo "export GOPRIVATE=github.com/hashicorp/*" >> "$BASH_ENV"
echo "$ go version"
go version
name: Setup Go
working_directory: ~/
- checkout
- run:
command: |
export CCI_PATH=/tmp/circleci-cli/$CIRCLECI_CLI_VERSION
mkdir -p $CCI_PATH
NAME=circleci-cli_${CIRCLECI_CLI_VERSION}_${ARCH}
URL=$BASE/v${CIRCLECI_CLI_VERSION}/${NAME}.tar.gz
curl -sSL $URL \
| tar --overwrite --strip-components=1 -xz -C $CCI_PATH "${NAME}/circleci"
# Add circleci to the path for subsequent steps.
echo "export PATH=$CCI_PATH:\$PATH" >> $BASH_ENV
# Done, print some debug info.
set -x
. $BASH_ENV
which circleci
circleci version
environment:
ARCH: linux_amd64
BASE: https://github.com/CircleCI-Public/circleci-cli/releases/download
name: Install CircleCI CLI
- run:
command: make ci-verify
- add_ssh_keys:
fingerprints:
- 0e:03:77:f4:e2:c3:56:c2:53:6a:03:e1:31:91:2f:06
- run:
command: |
git config --global url."git@github.com:".insteadOf https://github.com/
- restore_cache:
keys:
- v1.3-{{checksum "go.sum"}}-{{checksum "sdk/go.sum"}}-{{checksum "api/go.sum"}}
- v1.3-{{checksum "go.sum"}}-{{checksum "sdk/go.sum"}}
- v1.3-{{checksum "go.sum"}}
name: Restore closest matching go modules cache
- run:
command: |
# go list ./... forces downloading some additional versions of modules that 'go mod
# download' misses. We need this because we make use of go list itself during
# code generation in later builds that rely on this module cache.
go list ./...
go mod download -json
( cd sdk && go mod download -json; )
( cd api && go mod download -json; )
name: go mod download
- run:
command: |
git --no-pager diff --exit-code || {
echo "ERROR: Files modified by go mod download, see above."
exit 1
}
name: Verify downloading modules did not modify any files
- save_cache:
key: v1.3-{{checksum "go.sum"}}-{{checksum "sdk/go.sum"}}-{{checksum "api/go.sum"}}
name: Save go modules cache
paths:
- /go/pkg/mod
environment:
- CIRCLECI_CLI_VERSION: 0.1.5546
- GO_TAGS: ''
- GO_VERSION: 1.17.2
- GOTESTSUM_VERSION: 0.5.2
test-go-race-remote-docker:
docker:
- image: docker.mirror.hashicorp.services/circleci/golang:1.17.2-buster
resource_class: medium
working_directory: /go/src/github.com/hashicorp/vault
parallelism: 8
steps:
- run:
command: |
# If the branch being tested starts with ui/ or docs/ we want to exit the job without failing
[[ "$CIRCLE_BRANCH" = ui/* || "$CIRCLE_BRANCH" = docs/* ]] && {
# stop the job from this step
circleci-agent step halt
}
# exit with success either way
exit 0
name: Check branch name
working_directory: ~/
- checkout
- setup_remote_docker:
docker_layer_caching: true
version: 18.09.3
- add_ssh_keys:
fingerprints:
- 0e:03:77:f4:e2:c3:56:c2:53:6a:03:e1:31:91:2f:06
- run:
command: |
git config --global url."git@github.com:".insteadOf https://github.com/
- run:
command: |
TZ=GMT date '+%Y%m%d' > /tmp/go-cache-key
name: Compute test cache key
- restore_cache:
keys:
- go-test-cache-date-v1-{{ checksum "/tmp/go-cache-key" }}
- restore_cache:
keys:
- v1.3-{{checksum "go.sum"}}-{{checksum "sdk/go.sum"}}-{{checksum "api/go.sum"}}
name: Restore exact go modules cache
- run:
command: |
set -x
EXTRA_TAGS=
case "-race" in
*-race*) export VAULT_CI_GO_TEST_RACE=1;;
*) EXTRA_TAGS=deadlock;;
esac
# Install CircleCI CLI
curl -sSL \
"https://github.com/CircleCI-Public/circleci-cli/releases/download/v${CIRCLECI_CLI_VERSION}/circleci-cli_${CIRCLECI_CLI_VERSION}_linux_amd64.tar.gz" \
| sudo tar --overwrite -xz \
-C /usr/local/bin \
"circleci-cli_${CIRCLECI_CLI_VERSION}_linux_amd64/circleci"
USE_DOCKER=0
USE_DOCKER=1
# Check all directories with a go.mod file
modules=("." "api" "sdk")
all_package_names=""
for dir in "${modules[@]}"
do
pushd "$dir"
# Split Go tests by prior test times. If use_docker is true, only run
# tests that depend on docker, otherwise only those that don't.
# The appended true condition ensures the command will succeed if no packages are found
if [ $USE_DOCKER == 1 ]; then
package_names=$(go list -test -json ./... |
jq -r 'select(.Deps != null) |
select(any(.Deps[] ; contains("github.com/hashicorp/vault/helper/testhelpers/docker"))) |
.ForTest | select(. != null)' |
sort -u | grep -v vault/integ | circleci tests split --split-by=timings --timings-type=classname) || true
else
package_names=$(go list -test -json ./... |
jq -r 'select(.Deps != null) |
select(all(.Deps[] ; contains("github.com/hashicorp/vault/helper/testhelpers/docker")|not)) |
.ForTest | select(. != null)' |
sort -u | grep -v vault/integ | circleci tests split --split-by=timings --timings-type=classname) || true
fi
# Move back into root directory
popd
# Append the test packages into the global list, if any are found
if [ -n "$package_names" ]; then
all_package_names+=" ${package_names}"
fi
done
# After running tests split step, we are now running the following steps
# in multiple different containers, each getting a different subset of
# the test packages in their package_names variable. Each container
# has its own remote docker VM.
make prep
mkdir -p test-results/go-test
# We don't want VAULT_LICENSE set when running Go tests, because that's
# not what developers have in their environments and it could break some
# tests; it would be like setting VAULT_TOKEN. However some non-Go
# CI commands, like the UI tests, shouldn't have to worry about licensing.
# So we set VAULT_LICENSE in CI, and here we unset it. Instead of
# VAULT_LICENSE, we populate VAULT_LICENSE_CI, so that tests which want
# an externally supplied license can opt-in to using it.
export VAULT_LICENSE_CI="$VAULT_LICENSE"
VAULT_LICENSE=
# Create a docker network for our testcontainer
if [ $USE_DOCKER == 1 ]; then
# Despite the fact that we're using a circleci image (thus getting the
# version they chose for the docker cli) and that we're specifying a
# docker version to use for the remote docker instances, we occasionally
# see "client version too new, max supported version 1.39" errors for
# reasons unclear.
export DOCKER_API_VERSION=1.39
export TEST_DOCKER_NETWORK_ID=$(docker network list -q -f 'name=vaulttest')
if [ -z $TEST_DOCKER_NETWORK_ID ]; then
TEST_DOCKER_NETWORK_ID=$(docker network create vaulttest)
fi
# Start a docker testcontainer to run the tests in
docker run -d \
-e TEST_DOCKER_NETWORK_ID \
-e GOPRIVATE \
-e DOCKER_CERT_PATH \
-e DOCKER_HOST \
-e DOCKER_MACHINE_NAME \
-e DOCKER_TLS_VERIFY \
-e NO_PROXY \
-e VAULT_TEST_LOG_DIR=/tmp/testlogs \
--network vaulttest --name \
testcontainer docker.mirror.hashicorp.services/circleci/golang:1.17.2-buster \
tail -f /dev/null
# Run tests
test -d /tmp/go-cache && docker cp /tmp/go-cache testcontainer:/tmp/gocache
docker exec testcontainer sh -c 'mkdir -p /go/src/github.com/hashicorp/vault'
docker cp . testcontainer:/go/src/github.com/hashicorp/vault/
docker cp $DOCKER_CERT_PATH/ testcontainer:$DOCKER_CERT_PATH
# Copy the downloaded modules inside the container.
docker exec testcontainer sh -c 'mkdir -p /go/pkg'
docker cp "$(go env GOPATH)/pkg/mod" testcontainer:/go/pkg/mod
docker exec -w /go/src/github.com/hashicorp/vault/ \
-e CIRCLECI -e VAULT_CI_GO_TEST_RACE \
-e GOCACHE=/tmp/gocache \
-e GO_TAGS \
-e GOPROXY="off" \
-e VAULT_LICENSE_CI \
-e GOARCH=amd64 \
testcontainer \
gotestsum --format=short-verbose \
--junitfile test-results/go-test/results.xml \
--jsonfile test-results/go-test/results.json \
-- \
-tags "${GO_TAGS} ${EXTRA_TAGS}" \
-timeout=60m \
-parallel=20 \
-race \
${all_package_names}
else
GOARCH=amd64 \
GOCACHE=/tmp/go-cache \
gotestsum --format=short-verbose \
--junitfile test-results/go-test/results.xml \
--jsonfile test-results/go-test/results.json \
-- \
-tags "${GO_TAGS} ${EXTRA_TAGS}" \
-timeout=60m \
-parallel=20 \
-race \
${all_package_names}
fi
environment:
GOPRIVATE: github.com/hashicorp/*
name: Run Go tests
no_output_timeout: 60m
- run:
command: |
docker cp testcontainer:/go/src/github.com/hashicorp/vault/test-results .
docker cp testcontainer:/tmp/gocache /tmp/go-cache
name: Copy test results
when: always
- store_artifacts:
path: test-results
- store_test_results:
path: test-results
- store_artifacts:
path: /tmp/testlogs
environment:
- CIRCLECI_CLI_VERSION: 0.1.5546
- GO_TAGS: ''
workflows:
build-66f6daa0d5685744:
jobs:
- build-common-layers
- darwin_amd64_package:
requires:
- build-common-layers
- bundle-releases:
requires:
- darwin_amd64_package
- darwin_arm64_package
- freebsd_386_package
- freebsd_amd64_package
- freebsd_arm_package
- linux_386_package
- linux_amd64_package
- linux_arm_package
- linux_arm64_package
- netbsd_386_package
- netbsd_amd64_package
- openbsd_386_package
- openbsd_amd64_package
- solaris_amd64_package
- windows_386_package
- windows_amd64_package
- darwin_arm64_package:
requires:
- build-common-layers
- freebsd_386_package:
requires:
- build-common-layers
- freebsd_amd64_package:
requires:
- build-common-layers
- freebsd_arm_package:
requires:
- build-common-layers
- linux_386_package:
requires:
- build-common-layers
- linux_amd64_package:
requires:
- build-common-layers
- linux_arm_package:
requires:
- build-common-layers
- linux_arm64_package:
requires:
- build-common-layers
- netbsd_386_package:
requires:
- build-common-layers
- netbsd_amd64_package:
requires:
- build-common-layers
- openbsd_386_package:
requires:
- build-common-layers
- openbsd_amd64_package:
requires:
- build-common-layers
- solaris_amd64_package:
requires:
- build-common-layers
- windows_386_package:
requires:
- build-common-layers
- windows_amd64_package:
requires:
- build-common-layers
ci:
jobs:
- pre-flight-checks
- install-ui-dependencies:
requires:
- pre-flight-checks
- build-go-dev:
requires:
- pre-flight-checks
- test-ui:
requires:
- install-ui-dependencies
- build-go-dev
- test-ui-browserstack:
filters:
branches:
ignore: /pull\/[0-9]+/
requires:
- install-ui-dependencies
- build-go-dev
- test-go:
requires:
- pre-flight-checks
- test-go-remote-docker:
requires:
- pre-flight-checks
- test-go-race:
filters:
branches:
ignore:
- /^docs\/.*/
- /^ui\/.*/
requires:
- pre-flight-checks
- test-go-race-remote-docker:
filters:
branches:
ignore:
- /^docs\/.*/
- /^ui\/.*/
requires:
- pre-flight-checks
- website-docker-image:
filters:
branches:
only:
- main
context: vault-docs
- algolia-index:
filters:
branches:
only:
- stable-website
context: vault-docs
version: 2
Reference in a new issue View git blame Copy permalink