diff --git a/.ci/after_deploy.sh b/.ci/after_deploy.sh deleted file mode 100644 index 4aa499a0..00000000 --- a/.ci/after_deploy.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/usr/bin/env bash - -set -e - -# This file is required, because for some reason -# travis deploys do not trigger metadata calculation. -# See: https://github.com/sobolevn/git-secret/issues/89 - -# This file is only called after successful deploy. - -# We need to execute custom call to the Bintray API: -curl -X POST \ - --user "sobolevn:$BINTRAY_API_KEY" \ - -H "X-GPG-PASSPHRASE: $BINTRAY_GPG_PASS" \ - "https://api.bintray.com/calc_metadata/sobolevn/$GITSECRET_DIST" diff --git a/.ci/ansible-setup.sh b/.ci/ansible-setup.sh deleted file mode 100755 index 564f6120..00000000 --- a/.ci/ansible-setup.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/sh -## Script is specifically for use on travis-ci - -set -e - -## This is an example setup script that you would encapsulate the installation -# What version of avm setup to use -echo "Setting up Ansible Version Manager" -AVM_VERSION="v1.0.0" -## Install Ansible using pip and label it -export ANSIBLE_VERSIONS_0="2.9.2.0" -export INSTALL_TYPE_0="pip" -export ANSIBLE_LABEL_0="v2.9" -# Whats the default version -export ANSIBLE_DEFAULT_VERSION="v2.9" - -## Create a temp dir to download avm -avm_dir="$(mktemp -d 2> /dev/null || mktemp -d -t 'mytmpdir')" -git clone https://github.com/ahelal/avm.git "${avm_dir}" > /dev/null 2>&1 - -## Run the setup -/bin/sh ${avm_dir}/setup.sh - -exit 0 diff --git a/.ci/docker/debian/Dockerfile b/.ci/docker/debian/Dockerfile new file mode 100644 index 00000000..761c02fc --- /dev/null +++ b/.ci/docker/debian/Dockerfile @@ -0,0 +1,18 @@ +FROM debian:10.9-slim + +ENV DEBIAN_FRONTEND="noninteractive" + +RUN apt-get update \ + && apt-get upgrade -y \ + && apt-get install -y \ + # Direct dependencies: + curl \ + gawk \ + git \ + gnupg \ + # Assumed to be present: + procps \ + make \ + # Cleaning cache: + && apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false \ + && apt-get clean -y && rm -rf /var/lib/apt/lists/* diff --git a/.ci/github_release_script.sh b/.ci/github_release_script.sh index 2aea8158..2aff92ef 100755 --- a/.ci/github_release_script.sh +++ b/.ci/github_release_script.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/usr/bin/env bash # https://github.com/travis-ci/dpl/issues/155 # https://gist.github.com/Jaskaranbir/d5b065173b3a6f164e47a542472168c1 @@ -10,7 +10,7 @@ echo "LAST_RELEASE_TAG=$LAST_RELEASE_TAG" # An automatic changelog generator gem install github_changelog_generator -# move the manual log out of the way else it will be used by the tool. +# move the manual log out of the way else it will be used by the tool. rm CHANGELOG.md # Generate CHANGELOG.md diff --git a/.ci/integration/gnupg-git/default.yml b/.ci/integration/gnupg-git/default.yml deleted file mode 100644 index 77819489..00000000 --- a/.ci/integration/gnupg-git/default.yml +++ /dev/null @@ -1,153 +0,0 @@ ---- -# host to test against -- hosts: test-kitchen - remote_user: root - tasks: - - include_tasks: tasks/dependencies.yml - - - name: Install build tools - package: - name: "{{ item }}" - with_items: "{{ build_tools }}" - - - name: Check whether deb-src repos are enabled - command: grep -c -e "^deb-src.*" /etc/apt/sources.list - register: deb_src_check - ignore_errors: yes - when: - - ansible_os_family == "Debian" - - - name: Set deb-src check results - set_fact: - deb_src_check_result: "{{ deb_src_check.stdout | default(0) }}" - - - name: Enable Ubuntu main & restricted source repo - replace: - path: '/etc/apt/sources.list' - regexp: '^(#\s)(.*main\srestricted)$' - replace: '\2 # enabled' - when: - - ansible_distribution == "Ubuntu" - - deb_src_check_result|int < 1 - - - name: Remove dpkg excludes on Ubuntu - replace: - path: '/etc/dpkg/dpkg.cfg.d/excludes' - regexp: '^(path-exclude=/usr/share/man/.*)' - replace: '#\1' - when: - - ansible_distribution == "Ubuntu" - - - name: Enable Debian source repos - replace: - path: '/etc/apt/sources.list' - regexp: '^(deb)(.*)$' - replace: '\1\2\ndeb-src\2' - when: - - ansible_distribution == "Debian" - - deb_src_check_result|int < 1 - - - name: Install gnupg build dependencies for Debian based distros - apt: - name: gnupg2 - state: build-dep - update_cache: yes - when: - - ansible_os_family == "Debian" - - - name: Install gnupg build dependencies for RedHat based distros - command: bash -lc "dnf -y install 'dnf-command(builddep)' && dnf builddep -y gnupg2" - when: - - ansible_os_family == "RedHat" - - - name: Install gnupg build dependencies for Alpine based distros - command: bash -lc "apk add gnutls-dev libksba-dev libgcrypt-dev libgpg-error-dev npth-dev zlib-dev libassuan-dev bzip2-dev sqlite-dev libusb-dev" - when: - - ansible_os_family == "Alpine" - - - name: Install rspec in /usr/local/bin for RedHat based distros - command: bash -lc "gem install -n /usr/local/bin rspec" - when: - - ansible_os_family == "RedHat" - - - name: Make directory /usr/local/src/ for Alpine based distros - command: bash -lc "mkdir -p /usr/local/src/" - when: - - ansible_os_family == "Alpine" - - - name: Set gnupg src directory - set_fact: - gpg_src_path: /usr/local/src/gpg-gnupg - - - name: Get GnuPG from github - git: - repo: 'https://github.com/gpg/gnupg.git' - dest: "{{ gpg_src_path }}" - update: true - - - name: get latest tag name - shell: "git describe --tags `git rev-list --tags --max-count=1`" - args: - chdir: "{{ gpg_src_path }}" - register: latest_tag - - - name: Checkout latest tag - git: - repo: 'https://github.com/gpg/gnupg.git' - dest: "{{ gpg_src_path }}" - version: "{{ latest_tag.stdout }}" - - - name: Run gnupg autogen - command: bash -lc "cd {{ gpg_src_path }} && ./autogen.sh " - changed_when: False - - - name: Disable development msg for gnupg - lineinfile: - path: "{{ gpg_src_path }}/configure" - regexp: '^development_version=.*' - line: 'development_version=no' - - - name: Set gnupg build config - set_fact: - gpg_build_config: >- - --sysconfdir=/etc - --prefix=/usr - --enable-symcryptrun - --docdir=/usr/share/doc/gnupg-2.2.0 - --disable-rpath - --enable-maintainer-mode - changed_when: False - - - name: Configure gnupg build - command: bash -lc "cd {{ gpg_src_path }} && ./configure {{ gpg_build_config }}" - changed_when: False - - # disable gnupg doc build on alpine as it is not detecting an absence of graphical tools such as fig2dev on alpine - - name: Disable making docs on Alpine - lineinfile: - path: "{{ gpg_src_path }}/Makefile" - regexp: '^doc = doc$' - line: 'doc = ' - when: - - ansible_os_family == "Alpine" - - # disable gnupg doc build on Ubuntu-Rolling because it won't build - # ( See https://travis-ci.org/sobolevn/git-secret/jobs/439870332 ) - - name: Disable making docs on Ubuntu-Rolling - lineinfile: - path: "{{ gpg_src_path }}/Makefile" - regexp: '^doc = doc$' - line: 'doc = ' - when: - - ansible_distribution == "Ubuntu" - - - name: Compile gnupg src - command: bash -lc "cd {{ gpg_src_path }} && make" - changed_when: False - - - name: Install compiled gnupg - command: bash -lc "cd {{ gpg_src_path }} && make install" - changed_when: False - - - include_tasks: tasks/prep-tests.yml - - include_tasks: tasks/run-tests.yml diff --git a/.ci/integration/gnupg-git/serverspec/default_spec.rb b/.ci/integration/gnupg-git/serverspec/default_spec.rb deleted file mode 100644 index a5fc757f..00000000 --- a/.ci/integration/gnupg-git/serverspec/default_spec.rb +++ /dev/null @@ -1,53 +0,0 @@ -require_relative './spec_helper' - -describe 'git-secret::test' do - - describe package('git-secret') do - it { should be_installed } - end - - if host_inventory['platform'] == 'fedora' - describe command('find /tmp/git-secret/build -name "*.rpm"') do - its(:stdout) { should match /git-secret.*rpm/ } - end - elsif host_inventory['platform'] == 'alpine' - describe command('find /tmp/git-secret/build -name "*.apk"') do - its(:stdout) { should match /git-secret.*apk/ } - end - else - describe command('find /tmp/git-secret/build -name "*.deb"') do - its(:stdout) { should match /git-secret.*deb/ } - end - end - - describe file('/.git-secret_test-passed') do - it { should exist } - end - - describe file('/.git-secret_lint-passed') do - it { should exist } - end - - if host_inventory['platform'] == 'fedora' - describe command('rpm --query --info git-secret') do - its(:exit_status) { should eq 0 } - end - elsif host_inventory['platform'] == 'alpine' - describe command('apk info git-secret') do - its(:exit_status) { should eq 0 } - end - else - describe command('dpkg-query --status git-secret') do - its(:exit_status) { should eq 0 } - end - end - - describe command('man -w "git-secret"') do - its(:exit_status) { should eq 0 } - end - - describe command('man -w "git-secret-init"') do - its(:exit_status) { should eq 0 } - end - -end diff --git a/.ci/integration/gnupg-git/serverspec/spec_helper.rb b/.ci/integration/gnupg-git/serverspec/spec_helper.rb deleted file mode 100644 index a9c6f99d..00000000 --- a/.ci/integration/gnupg-git/serverspec/spec_helper.rb +++ /dev/null @@ -1,11 +0,0 @@ -require 'serverspec' - -# :backend can be either :exec or :ssh -# since we are running local we use :exec -set :backend, :exec - -RSpec.configure do |c| - c.before :all do - c.path = '/usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/sbin' - end -end diff --git a/.ci/integration/gnupg1/default.yml b/.ci/integration/gnupg1/default.yml deleted file mode 100644 index 8efadb78..00000000 --- a/.ci/integration/gnupg1/default.yml +++ /dev/null @@ -1,46 +0,0 @@ ---- -# host to test against -- hosts: test-kitchen - remote_user: root - tasks: - - include_tasks: tasks/dependencies.yml - - - name: Remove dpkg excludes on Ubuntu - replace: - path: '/etc/dpkg/dpkg.cfg.d/excludes' - regexp: '^(path-exclude=/usr/share/man/.*)' - replace: '#\1' - when: - - ansible_distribution == "Ubuntu" - - - name: Install gnupg - package: - name: "{{ item.name }}" - state: present - when: - - ansible_distribution == item.distribution - with_items: - - name: gnupg1 - distribution: Alpine - - name: gnupg1 - distribution: Fedora - - name: gnupg1 - distribution: Debian - - name: gnupg1 - distribution: Alpine - - - name: Check for gpg1 binary - stat: - path: /usr/bin/gpg1 - register: gpg1 - - - name: Make gpg1 default binary - file: - src: /usr/bin/gpg1 - dest: /usr/bin/gpg - state: link - force: yes - when: gpg1.stat.exists - - - include_tasks: tasks/prep-tests.yml - - include_tasks: tasks/run-tests.yml diff --git a/.ci/integration/gnupg1/serverspec/default_spec.rb b/.ci/integration/gnupg1/serverspec/default_spec.rb deleted file mode 100644 index 1106a6f0..00000000 --- a/.ci/integration/gnupg1/serverspec/default_spec.rb +++ /dev/null @@ -1,53 +0,0 @@ -require_relative './spec_helper' - -describe 'git-secret::test' do - - describe package('git-secret') do - it { should be_installed } - end - - if host_inventory['platform'] == 'fedora' || host_inventory['platform'] == 'redhat' - describe command('find /tmp/git-secret/build -name "*.rpm"') do - its(:stdout) { should match /git-secret.*rpm/ } - end - elsif host_inventory['platform'] == 'alpine' - describe command('find /tmp/git-secret/build -name "*.apk"') do - its(:stdout) { should match /git-secret.*apk/ } - end - else - describe command('find /tmp/git-secret/build -name "*.deb"') do - its(:stdout) { should match(/git-secret.*deb/) } - end - end - - describe file('/.git-secret_test-passed') do - it { should exist } - end - - describe file('/.git-secret_lint-passed') do - it { should exist } - end - - if host_inventory['platform'] == 'fedora' || host_inventory['platform'] == 'redhat' - describe command('rpm --query --info git-secret') do - its(:exit_status) { should eq 0 } - end - elsif host_inventory['platform'] == 'alpine' - describe command('apk info git-secret') do - its(:exit_status) { should eq 0 } - end - else - describe command('dpkg-query --status git-secret') do - its(:exit_status) { should eq 0 } - end - end - - describe command('man -w "git-secret"') do - its(:exit_status) { should eq 0 } - end - - describe command('man -w "git-secret-init"') do - its(:exit_status) { should eq 0 } - end - -end diff --git a/.ci/integration/gnupg1/serverspec/spec_helper.rb b/.ci/integration/gnupg1/serverspec/spec_helper.rb deleted file mode 100644 index a9c6f99d..00000000 --- a/.ci/integration/gnupg1/serverspec/spec_helper.rb +++ /dev/null @@ -1,11 +0,0 @@ -require 'serverspec' - -# :backend can be either :exec or :ssh -# since we are running local we use :exec -set :backend, :exec - -RSpec.configure do |c| - c.before :all do - c.path = '/usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/sbin' - end -end diff --git a/.ci/integration/gnupg2/default.yml b/.ci/integration/gnupg2/default.yml deleted file mode 100644 index f365e84f..00000000 --- a/.ci/integration/gnupg2/default.yml +++ /dev/null @@ -1,50 +0,0 @@ ---- -# host to test against -- hosts: test-kitchen - remote_user: root - tasks: - - include_tasks: tasks/dependencies.yml - - - name: Remove dpkg excludes on Ubuntu - replace: - path: '/etc/dpkg/dpkg.cfg.d/excludes' - regexp: '^(path-exclude=/usr/share/man/.*)' - replace: '#\1' - when: - - ansible_distribution == "Ubuntu" - - - name: Install gnupg - package: - name: "{{ item.name }}" - state: present - when: - - ansible_distribution == item.distribution - with_items: - - name: gnupg - distribution: Alpine - - name: gnupg2 - distribution: Fedora - - name: gnupg2 - distribution: Ubuntu - - name: gnupg - distribution: Debian - - name: gnupg - distribution: Alpine - - - name: Check for gpg2 binary - stat: - path: /usr/bin/gpg2 - register: gpg2 - - - name: Make gpg2 default binary - file: - src: /usr/bin/gpg2 - dest: /usr/bin/gpg - state: link - force: yes - when: - - gpg2.stat.exists - - gpg2.stat.islnk == False - - - include_tasks: tasks/prep-tests.yml - - include_tasks: tasks/run-tests.yml diff --git a/.ci/integration/gnupg2/serverspec/default_spec.rb b/.ci/integration/gnupg2/serverspec/default_spec.rb deleted file mode 100644 index 5810d3b4..00000000 --- a/.ci/integration/gnupg2/serverspec/default_spec.rb +++ /dev/null @@ -1,53 +0,0 @@ -require_relative './spec_helper' - -describe 'git-secret::test' do - - describe package('git-secret') do - it { should be_installed } - end - - if host_inventory['platform'] == 'fedora' || host_inventory['platform'] == 'redhat' - describe command('find /tmp/git-secret/build -name "*.rpm"') do - its(:stdout) { should match(/git-secret.*rpm/) } - end - elsif host_inventory['platform'] == 'alpine' - describe command('find /tmp/git-secret/build -name "*.apk"') do - its(:stdout) { should match /git-secret.*apk/ } - end - else - describe command('find /tmp/git-secret/build -name "*.deb"') do - its(:stdout) { should match(/git-secret.*deb/) } - end - end - - describe file('/.git-secret_test-passed') do - it { should exist } - end - - describe file('/.git-secret_lint-passed') do - it { should exist } - end - - if host_inventory['platform'] == 'fedora' || host_inventory['platform'] == 'redhat' - describe command('rpm --query --info git-secret') do - its(:exit_status) { should eq 0 } - end - elsif host_inventory['platform'] == 'alpine' - describe command('apk info git-secret') do - its(:exit_status) { should eq 0 } - end - else - describe command('dpkg-query --status git-secret') do - its(:exit_status) { should eq 0 } - end - end - - describe command('man -w "git-secret"') do - its(:exit_status) { should eq 0 } - end - - describe command('man -w "git-secret-init"') do - its(:exit_status) { should eq 0 } - end - -end diff --git a/.ci/integration/gnupg2/serverspec/spec_helper.rb b/.ci/integration/gnupg2/serverspec/spec_helper.rb deleted file mode 100644 index a9c6f99d..00000000 --- a/.ci/integration/gnupg2/serverspec/spec_helper.rb +++ /dev/null @@ -1,11 +0,0 @@ -require 'serverspec' - -# :backend can be either :exec or :ssh -# since we are running local we use :exec -set :backend, :exec - -RSpec.configure do |c| - c.before :all do - c.path = '/usr/local/bin:/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/sbin' - end -end diff --git a/.ci/integration/tasks/dependencies.yml b/.ci/integration/tasks/dependencies.yml deleted file mode 100644 index ae52ea4a..00000000 --- a/.ci/integration/tasks/dependencies.yml +++ /dev/null @@ -1,36 +0,0 @@ ---- -- name: Load a variable file based on the OS type, or a default if not found. - include_vars: "{{ item }}" - with_first_found: - - "{{ ansible_distribution }}.yml" - - "{{ ansible_os_family }}.yml" - - "default.yml" - -- name: Install Dependencies - package: - name: "{{ item }}" - state: present - with_items: "{{ test_dependencies }}" - -- name: Get ShellCheck - get_url: - url: https://github.com/koalaman/shellcheck/releases/download/v0.7.1/shellcheck-v0.7.1.linux.x86_64.tar.xz - dest: /tmp/shellcheck.tar.xz - -- name: Install ShellCheck - command: tar xvf /tmp/shellcheck.tar.xz -C /usr/bin --strip-components=1 - args: - warn: no - creates: /usr/bin/shellcheck - -- name: Install fpm - gem: - name: fpm - state: present - user_install: no - -# here the package is installed but a non-zero status code is returned that we ignore -- name: Install apk packaging dependencies for Alpine based distros - command: bash -lc "gem install etc || :" - when: - - ansible_os_family == "Alpine" diff --git a/.ci/integration/tasks/prep-tests.yml b/.ci/integration/tasks/prep-tests.yml deleted file mode 100644 index 043afe27..00000000 --- a/.ci/integration/tasks/prep-tests.yml +++ /dev/null @@ -1,36 +0,0 @@ ---- -- name: Get OS package type - set_fact: - os_pkg_type: "{{ item.os_pkg_type }}" - when: - - item.os_family == ansible_os_family - with_items: - - os_family: RedHat - os_pkg_type: "rpm" - - os_family: Debian - os_pkg_type: "deb" - - os_family: Suse - os_pkg_type: "rpm" - - os_family: Alpine - os_pkg_type: "apk" - changed_when: false - tags: - - skip_ansible_lint - -- name: Get gpg version - command: gpg --version - register: gpg_version - changed_when: False - -- name: Print gpg version - debug: - msg: "Running test against {{ gpg_version.stdout_lines | first | string }}." - changed_when: False - -- name: Copy git-secret src - synchronize: - src: /opt/workspace/ - dest: /tmp/git-secret - archive: false - owner: no - recursive: yes diff --git a/.ci/integration/tasks/run-tests.yml b/.ci/integration/tasks/run-tests.yml deleted file mode 100644 index 7f82806d..00000000 --- a/.ci/integration/tasks/run-tests.yml +++ /dev/null @@ -1,69 +0,0 @@ ---- -- name: Run ci-test - command: bash -lc "cd /tmp/git-secret && make test" - changed_when: False - ignore_errors: yes - register: test_results - environment: - PATH: /usr/local/bin:{{ ansible_env.PATH }} - -- name: Print ci-test results - debug: - var: test_results.stdout_lines - -- name: Create file when ci-test passes - file: - path: /.git-secret_test-passed - state: touch - when: - - test_results.rc == 0 - -- name: Run lint - command: bash -lc "cd /tmp/git-secret && make lint" - ignore_errors: yes - register: lint_results - changed_when: False - -- name: Print lint results - debug: - var: lint_results.stdout_lines - -- name: Create file when lint passes - file: - path: /.git-secret_lint-passed - state: touch - when: - - lint_results.rc == 0 - -- name: Create git-secret {{ os_pkg_type }} package - command: bash -lc "cd /tmp/git-secret && make build-{{ os_pkg_type }}" - changed_when: False - ignore_errors: yes - register: test_results - environment: - PATH: /usr/local/bin:{{ ansible_env.PATH }} - -- name: Find git-secret {{ os_pkg_type }} file - find: - paths: /tmp/git-secret/build - patterns: "*.{{ os_pkg_type }}" - recurse: yes - register: pkg_location - -- name: Set git-secret {{ os_pkg_type }} location - set_fact: - pkg_path: "{{ pkg_location.files | map(attribute='path') | first }}" - when: - - pkg_location is defined - -- name: Install git-secret {{ os_pkg_type }} package - command: bash -lc "{{ item.command }} {{ pkg_path }}" - when: - - item.os_family == ansible_os_family - with_items: - - command: "rpm --nodeps --install --force" - os_family: "RedHat" - - command: "dpkg --force-all --install" - os_family: "Debian" - - command: "apk add --allow-untrusted" - os_family: "Alpine" diff --git a/.ci/integration/vars/Alpine.yml b/.ci/integration/vars/Alpine.yml deleted file mode 100644 index 28bced0b..00000000 --- a/.ci/integration/vars/Alpine.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -ansible_python_interpreter: /usr/bin/python3 -test_dependencies: - - gawk - - git - - make - - man - - procps - - rsync - - ruby - - ruby-dev - - tar - -build_tools: - - make - - tar - - autoconf - - automake - - gettext diff --git a/.ci/integration/vars/CentOS.yml b/.ci/integration/vars/CentOS.yml deleted file mode 100644 index cb19e648..00000000 --- a/.ci/integration/vars/CentOS.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -test_dependencies: - - gawk - - git - - make - - man - - redhat-rpm-config - - rpm-build - - rsync - - ruby-devel - - rubygems - - rubygems-devel - -build_tools: - - ImageMagick - - autoconf - - automake - - texinfo - - transfig diff --git a/.ci/integration/vars/Debian.yml b/.ci/integration/vars/Debian.yml deleted file mode 100644 index fefbf6b4..00000000 --- a/.ci/integration/vars/Debian.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -test_dependencies: - - gawk - - git - - make - - man - - ruby-dev - - rubygems - - rsync - -build_tools: - - autoconf - - automake - - build-essential - - imagemagick - - texinfo - - transfig diff --git a/.ci/integration/vars/Fedora.yml b/.ci/integration/vars/Fedora.yml deleted file mode 100644 index daca1c14..00000000 --- a/.ci/integration/vars/Fedora.yml +++ /dev/null @@ -1,20 +0,0 @@ ---- -ansible_python_interpreter: /usr/bin/python3 -test_dependencies: - - gawk - - git - - make - - man - - redhat-rpm-config - - rpm-build - - rsync - - ruby-devel - - rubygems - - rubygems-devel - -build_tools: - - ImageMagick - - autoconf - - automake - - texinfo - - transfig diff --git a/.ci/integration/vars/Ubuntu.yml b/.ci/integration/vars/Ubuntu.yml deleted file mode 100644 index 0c571792..00000000 --- a/.ci/integration/vars/Ubuntu.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- -ansible_python_interpreter: /usr/bin/python3 -test_dependencies: - - gawk - - git - - make - - man - - ruby-dev - - rubygems - - rsync - -build_tools: - - autoconf - - automake - - build-essential - - imagemagick - - texinfo - - transfig diff --git a/.ci/integration/vars/default.yml b/.ci/integration/vars/default.yml deleted file mode 100644 index 894d3f82..00000000 --- a/.ci/integration/vars/default.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -ansible_python_interpreter: /usr/bin/python3 -test_dependencies: - - gawk - - make - - git - - ruby-dev - - rubygems - - man - -build_tools: - - autoconf - - automake - - build-essential - - imagemagick - - texinfo - - transfig diff --git a/.editorconfig b/.editorconfig index 07af9368..65771d28 100644 --- a/.editorconfig +++ b/.editorconfig @@ -8,17 +8,6 @@ indent_style = space trim_trailing_whitespace = true end_of_line = lf insert_final_newline = true - -[*.json] -indent_size = 2 - -[*.py] -indent_size = 4 - -[*.sh] -indent_size = 2 - -[*.bats] indent_size = 2 [Makefile] diff --git a/.gitattributes b/.gitattributes deleted file mode 100644 index 176a458f..00000000 --- a/.gitattributes +++ /dev/null @@ -1 +0,0 @@ -* text=auto diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 00000000..5c653e5a --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,24 @@ +name: test + +on: + push: + pull_request: + workflow_dispatch: + +jobs: + build: + runs-on: ubuntu-latest + strategy: + matrix: + docker-based-test: + - debian + # - ubuntu + # - alpine + # - fedora + # - centos + + steps: + - uses: actions/checkout@v2 + + - name: Run checks + run: GITSECRET_DOCKER_ENV="${{ matrix.docker-based-test }}" make ci diff --git a/.kitchen.yml b/.kitchen.yml deleted file mode 100644 index 885301c5..00000000 --- a/.kitchen.yml +++ /dev/null @@ -1,127 +0,0 @@ ---- -driver: - name: docker - use_sudo: false - -provisioner: - # name of the host - hosts: test-kitchen - # use an ansible playbook to provision our server - name: ansible_playbook - ansible_verbose: false - require_ansible_repo: false - require_ansible_omnibus: true - ansible_version: 2.9.2 - require_chef_for_busser: false - sudo_command: sudo -E -H - idempotency_test: false - sudo: true - ansible_extra_flags: "-e '{ kitchen_testrun: True }'" - additional_copy_path: - - ".ci/integration/vars" - - ".ci/integration/tasks" - -transport: - max_ssh_sessions: 3 - -platforms: - - name: alpine-latest - driver_config: - run_command: /sbin/init - dockerfile: .Dockerfiles/alpine/latest/Dockerfile - platform: alpine - volume: - - /sys/fs/cgroup:/sys/fs/cgroup:ro - - <%=ENV['PWD']%>:/opt/workspace # Make the working directory available inside the container - run_options: - tmpfs: - - /run - - /run/lock - - - name: debian-latest - driver_config: - run_command: /lib/systemd/systemd - dockerfile: .Dockerfiles/debian/latest/Dockerfile - platform: debian - cap_add: - - SYS_ADMIN - volume: - - /sys/fs/cgroup:/sys/fs/cgroup:ro - - <%=ENV['PWD']%>:/opt/workspace # Make the working directory available inside the container - run_options: - tmpfs: - - /run - - /run/lock - - - name: fedora-latest - driver_config: - run_command: /lib/systemd/systemd - dockerfile: .Dockerfiles/fedora/latest/Dockerfile - platform: fedora - cap_add: - - SYS_ADMIN - volume: - - /sys/fs/cgroup:/sys/fs/cgroup:ro - - <%=ENV['PWD']%>:/opt/workspace # Make the working directory available inside the container - run_options: - tmpfs: - - /run - - /run/lock - - - name: ubuntu-latest - driver_config: - run_command: /lib/systemd/systemd - dockerfile: .Dockerfiles/ubuntu/latest/Dockerfile - platform: ubuntu - cap_add: - - SYS_ADMIN - volume: - - /sys/fs/cgroup:/sys/fs/cgroup:ro - - <%=ENV['PWD']%>:/opt/workspace # Make the working directory available inside the container - run_options: - tmpfs: - - /run - - /run/lock - - - name: ubuntu-rolling - driver_config: - run_command: /lib/systemd/systemd - dockerfile: .Dockerfiles/ubuntu/rolling/Dockerfile - platform: ubuntu - cap_add: - - SYS_ADMIN - volume: - - /sys/fs/cgroup:/sys/fs/cgroup:ro - - <%=ENV['PWD']%>:/opt/workspace # Make the working directory available inside the container - run_options: - tmpfs: - - /run - - /run/lock - -verifier: - name: serverspec - sudo_path: true - -suites: - # suites found at /test/integration/$test-name - # in container @/tmp/kitchen - - name: gnupg1 - verifier: - patterns: - - roles/git-secret/.ci/integration/gnupg1/serverspec/*_spec.rb - excludes: - - centos-latest - - name: gnupg2 - verifier: - patterns: - - roles/git-secret/.ci/integration/gnupg2/serverspec/*_spec.rb - excludes: - - centos-latest - - name: gnupg-git - verifier: - patterns: - - roles/git-secret/.ci/integration/gnupg-git/serverspec/*_spec.rb - excludes: - - centos-latest - - alpine-latest - - debian-latest diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 8adb67dc..00000000 --- a/.travis.yml +++ /dev/null @@ -1,146 +0,0 @@ -dist: xenial - -matrix: - fast_finish: true - include: - #- os: windows - # env: GITSECRET_DIST="windows" - # sudo: required - # language: sh - - os: osx - env: GITSECRET_DIST="brew" - sudo: required - language: shell - - os: osx - name: osx-with-debug-output - env: GITSECRET_DIST="brew"; SECRETS_TEST_VERBOSE=1 - sudo: required - language: shell - #- os: linux - # env: KITCHEN_REGEXP="gnupg1-alpine-latest"; SECRETS_TEST_VERBOSE=1 - # services: docker - # sudo: required - # language: ruby - # rvm: 2.6 - - os: linux - env: KITCHEN_REGEXP="gnupg1-debian-latest" - services: docker - sudo: required - language: ruby - rvm: 2.6 - - os: linux - env: KITCHEN_REGEXP="gnupg1-fedora-latest" - services: docker - sudo: required - language: ruby - rvm: 2.6 - #- os: linux - # env: KITCHEN_REGEXP="gnupg1-ubuntu-latest" - # services: docker - # sudo: required - # language: ruby - # rvm: 2.6 - #- os: linux - # env: KITCHEN_REGEXP="gnupg1-ubuntu-rolling" - # services: docker - # sudo: required - # language: ruby - # rvm: 2.6 - #- os: linux - # env: KITCHEN_REGEXP="gnupg2-alpine-latest" - # services: docker - # sudo: required - # language: ruby - # rvm: 2.6 - # distribute deb on this successful test - - os: linux - env: KITCHEN_REGEXP="gnupg2-debian-latest"; GITSECRET_DIST="deb" - services: docker - sudo: required - language: ruby - rvm: 2.6 - # distribute rpm on this successful test - - os: linux - env: KITCHEN_REGEXP="gnupg2-fedora-latest"; GITSECRET_DIST="rpm" - services: docker - sudo: required - language: ruby - rvm: 2.6 - #- os: linux - # env: KITCHEN_REGEXP="gnupg2-ubuntu-latest" - # services: docker - # sudo: required - # language: ruby - # rvm: 2.6 - #- os: linux - # env: KITCHEN_REGEXP="gnupg2-ubuntu-rolling" - # services: docker - # sudo: required - # language: ruby - # rvm: 2.6 - - os: linux - env: KITCHEN_REGEXP="gnupg-git-fedora-latest" - services: docker - sudo: required - language: ruby - rvm: 2.6 - #- os: linux - # env: KITCHEN_REGEXP="gnupg-git-ubuntu-latest" - # services: docker - # sudo: required - # language: ruby - # rvm: 2.6 - #- os: linux - # env: KITCHEN_REGEXP="gnupg-git-ubuntu-rolling" - # services: docker - # sudo: required - # language: ruby - # rvm: 2.6 - -before_install: - - if [[ "$TRAVIS_OS_NAME" != "windows" ]]; then gem update --system && gem install bundler; fi - -before_script: - - chmod +x ".ci/before_script.sh" && ".ci/before_script.sh" - -script: - - chmod +x ".ci/script.sh" && ".ci/script.sh" - -before_deploy: - - chmod +x ".ci/before_deploy.sh" && ".ci/before_deploy.sh" && chmod +x ".ci/github_release_script.sh" - -deploy: - - provider: bintray - skip_cleanup: true - on: - all_branches: true - tag: true - condition: "$TRAVIS_TAG =~ ^v.*$ && $GITSECRET_DIST == deb" - file: "build/deb_descriptor.json" - user: "sobolevn" - key: "$BINTRAY_API_KEY" - passphrase: "$BINTRAY_GPG_PASS" - - provider: bintray - skip_cleanup: true - on: - all_branches: true - tag: true - condition: "$TRAVIS_TAG =~ ^v.*$ && $GITSECRET_DIST == rpm" - file: "build/rpm_descriptor.json" - user: "sobolevn" - key: "$BINTRAY_API_KEY" - passphrase: "$BINTRAY_GPG_PASS" - - provider: script - script: bash .ci/github_release_script.sh - on: - all_branches: true - tag: true - condition: "$TRAVIS_TAG =~ ^v.*$ && $GITSECRET_DIST == rpm" - -after_deploy: - - chmod +x ".ci/after_deploy.sh" && ".ci/after_deploy.sh" - -notifications: - email: - on_success: never - on_failure: change diff --git a/Gemfile b/Gemfile deleted file mode 100644 index fef6d20e..00000000 --- a/Gemfile +++ /dev/null @@ -1,7 +0,0 @@ -source 'https://rubygems.org' - -gem 'test-kitchen' -gem 'serverspec' -gem 'kitchen-ansible' -gem 'kitchen-docker' -gem 'kitchen-verifier-serverspec' diff --git a/Makefile b/Makefile index b681f045..1b21a0f7 100644 --- a/Makefile +++ b/Makefile @@ -44,6 +44,16 @@ test: clean build export PATH="$(shell echo $${PWD})/vendor/bats-core/bin:$(shell echo $${PWD}):$(shell echo $${PATH})"; \ "./utils/tests.sh" +# We use this script in CI and you can do this too! +# What happens here? +# 1. We pass `GITSECRET_DOCKER_ENV` variable into this job +# 2. Based on it, we select a proper `docker` image to run test on +# 3. We execute `make test` inside the `docker` container +.PHONY: ci +ci: clean + docker build -f ".ci/docker/$${GITSECRET_DOCKER_ENV}/Dockerfile" -t "$${GITSECRET_DOCKER_ENV}:latest" . + docker run --rm --volume="$${PWD}:/code" -w /code "$${GITSECRET_DOCKER_ENV}" make test + # # Manuals: # @@ -157,7 +167,7 @@ deploy-rpm: build-rpm # make: .PHONY: test-make-ci -test-make-ci: clean +test-make-ci: clean chmod +x "./utils/make/make-ci.sh"; sync; \ export SECRET_PROJECT_ROOT="${PWD}"; \ export PATH="${PWD}/vendor/bats-core/bin:${PATH}"; \ diff --git a/src/version.sh b/src/version.sh index 61645f6f..a58c852d 100644 --- a/src/version.sh +++ b/src/version.sh @@ -1,4 +1,4 @@ #!/usr/bin/env bash # shellcheck disable=2034 -GITSECRET_VERSION='0.3.3' +GITSECRET_VERSION='0.4.0.alpha1' diff --git a/tests/test_hide_continue.bats b/tests/test_hide_continue.bats index 496fb3f9..ca9b2dd9 100644 --- a/tests/test_hide_continue.bats +++ b/tests/test_hide_continue.bats @@ -27,8 +27,9 @@ function teardown { unset_current_state } + @test "run 'hide -F' with missing input file" { - mv "$FILE_TO_HIDE" "$FILE_TO_HIDE.was" # move the first file out of the way + mv "$FILE_TO_HIDE" "$FILE_TO_HIDE.was" # move the first file out of the way run git secret hide -F #echo "# output of 'git secret hide -F' is: $output" >&3 @@ -45,6 +46,6 @@ function teardown { [ -f "$encrypted_file2" ] # put back first file so teardown() succeeds - mv "$FILE_TO_HIDE.was" "$FILE_TO_HIDE" + mv "$FILE_TO_HIDE.was" "$FILE_TO_HIDE" } diff --git a/utils/build-utils.sh b/utils/build-utils.sh old mode 100644 new mode 100755 diff --git a/utils/rpm/rpm-build.sh b/utils/rpm/rpm-build.sh old mode 100644 new mode 100755