From 220c8d0da4faf7f785c3eccd8ab23bfeb40ccdc8 Mon Sep 17 00:00:00 2001 From: max furman Date: Thu, 18 Feb 2021 12:38:32 -0800 Subject: [PATCH 01/16] First commit at replacing travis with actions --- .github/workflows/release.yml | 247 ++++++++++++++++++++++++++++++++++ .github/workflows/test.yml | 31 +++++ .goreleaser.yml | 197 +++++++++++++++++++++++++++ .travis.yml | 37 ----- 4 files changed, 475 insertions(+), 37 deletions(-) create mode 100644 .github/workflows/release.yml create mode 100644 .github/workflows/test.yml create mode 100644 .goreleaser.yml delete mode 100644 .travis.yml diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 00000000..49bce944 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,247 @@ +name: Create Release & Upload Assets + +on: + push: + # Sequence of patterns matched against refs/tags + tags: + - 'v*' # Push events to matching v*, i.e. v1.0, v20.15.10 + +jobs: + lintTestBuild: + name: Lint, Test, Build + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: '^1.15.6' + - name: Lint, Test, Build + id: lintTestBuild + run: V=1 make -j1 bootstrap travis + + create_release: + name: Create Release + runs-on: ubuntu-latest + needs: lintTestBuild + outputs: + version: ${{ steps.extract-tag.outputs.VERSION }} + vversion: ${{ steps.extract-tag.outputs.VVERSION }} + upload_url: ${{ steps.create_release.outputs.upload_url }} + is_prerelease: ${{ steps.is_prerelease.outputs.IS_PRERELEASE }} + steps: + - name: Checkout + uses: actions/checkout@v2 + - name: Extract Tag Names + id: extract-tag + run: | + VVERSION=${GITHUB_REF#refs/tags/} + VERSION=${GITHUB_REF#refs/tags/v} + echo "::set-output name=VVERSION::${VVERSION}" + echo "::set-output name=VERSION::${VERSION}" + - name: Is Pre-release + id: is_prerelease + run: | + set +e + echo ${{ github.ref }} | grep "\-rc.*" + OUT=$? + if [ $OUT -eq 0 ]; then IS_PRERELEASE=true; else IS_PRERELEASE=false; fi + echo "::set-output name=IS_PRERELEASE::${IS_PRERELEASE}" + - name: Create Release + id: create_release + uses: actions/create-release@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + tag_name: ${{ github.ref }} + release_name: Release ${{ github.ref }} + draft: false + prerelease: ${{ steps.is_prerelease.outputs.IS_PRERELEASE }} + + build_upload_github_assets: + name: Build & Upload Mac OS | Linux | Windows Assets To Github Release + runs-on: ubuntu-latest + needs: create_release + steps: + - + name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - + name: Set up Go + uses: actions/setup-go@v2 + with: + go-version: 1.16 + - + name: Run GoReleaser + uses: goreleaser/goreleaser-action@56f5b77f7fa4a8fe068bf22b732ec036cc9bc13f # v2.4.1 + with: + version: latest + args: release --rm-dist + env: + GITHUB_TOKEN: ${{ secrets.PAT }} + + # build_upload_docker: + # name: Build & Upload Docker Images + # runs-on: ubuntu-latest + # needs: create_release + # if: needs.create_release.outputs.is_prerelease == 'false' + # steps: + # - name: Checkout + # uses: actions/checkout@v2 + # - name: Setup Go + # uses: actions/setup-go@v2 + # with: + # go-version: '^1.15.6' + # - name: Build + # id: build + # run: | + # PATH=$PATH:/usr/local/go/bin:/home/admin/go/bin + # make docker-artifacts + # env: + # DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} + # DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} + # + # build_upload_aws_s3_binaries: + # name: Build & Upload AWS S3 Binaries + # runs-on: ubuntu-latest + # needs: create_release + # if: needs.create_release.outputs.is_prerelease == 'false' + # steps: + # - name: Checkout + # uses: actions/checkout@v2 + # - name: Setup Go + # uses: actions/setup-go@v2 + # with: + # go-version: '^1.15.6' + # - name: Build + # id: build + # run: | + # PATH=$PATH:/usr/local/go/bin:/home/admin/go/bin + # make -j1 binary-linux binary-darwin binary-windows + # mkdir -p ./.releases + # cp ./output/binary/linux/bin/step ./.releases/step-linux-${{ needs.create_release.outputs.version }} + # cp ./output/binary/linux/bin/step ./.releases/step-linux-latest-integration + # cp ./output/binary/darwin/bin/step ./.releases/step-darwin-${{ needs.create_release.outputs.version }} + # cp ./output/binary/windows/bin/step ./.releases/step-windows-${{ needs.create_release.outputs.version }}.exe + # - name: Upload s3 + # id: upload-s3 + # uses: jakejarvis/s3-sync-action@v0.5.1 + # with: + # args: --acl public-read --follow-symlinks + # env: + # AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }} + # AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + # AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + # AWS_REGION: us-east-1 + # SOURCE_DIR: ./.releases + # + # upload_windows_installer: + # name: Upload Windows Installer + # runs-on: ubuntu-latest + # needs: create_release + # if: needs.create_release.outputs.is_prerelease == 'false' + # steps: + # - name: Checkout + # uses: actions/checkout@v2 + # - name: Download Existing Installer + # id: download + # uses: prewk/s3-cp-action@v0.1.1 + # env: + # AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + # AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + # AWS_REGION: us-east-1 + # SOURCE: s3://${{ secrets.AWS_s3_BUCKET }}/install-step.ps1 + # DEST: ./install-step.ps1 + # - name: Modify Installer + # id: modify + # run: sed -i -e "s~step-windows-.*.exe~step-windows-foo.exe~g" ./install-step.ps1 + # - name: Upload and Overwrite + # id: upload + # uses: prewk/s3-cp-action@v0.1.1 + # with: + # args: --acl public-read --follow-symlinks + # env: + # AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + # AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + # AWS_REGION: us-east-1 + # DEST: s3://${{ secrets.AWS_s3_BUCKET }}/install-step.ps1 + # SOURCE: ./install-step.ps1 + # + # update_arch: + # name: Update Arch Linux Packager + # runs-on: ubuntu-latest + # needs: [create_release, build_upload_github_assets] + # if: needs.create_release.outputs.is_prerelease == 'false' + # steps: + # - name: Checkout + # uses: actions/checkout@v2 + # - name: Calculate New SHAs + # id: calculate-shas + # run: | + # PKG=step-cli-bin + # VVER=${{ needs.create_release.outputs.vversion }} + # VER=${{ needs.create_release.outputs.version }} + # ARM64_URL="https://github.com/smallstep/cli/releases/download/${VVER}/step_linux_${VER}_arm64.tar.gz" + # AMD64_URL="https://github.com/smallstep/cli/releases/download/${VVER}/step_linux_${VER}_amd64.tar.gz" + # # Get arm64 SHA for step-cli + # curl -o "${PKG}-arm64.tar.gz" -J -L -s --show-error -f "${ARM64_URL}" + # ARM64_SHA="$(shasum -a 256 "${PKG}-arm64.tar.gz" | awk '{printf $1}')" + # # Get amd64 SHA for step-cli + # curl -o "${PKG}-amd64.tar.gz" -J -L -s --show-error -f "${AMD64_URL}" + # AMD64_SHA="$(shasum -a 256 "${PKG}-amd64.tar.gz" | awk '{printf $1}')" + # # Clone arch linux step-cli-bin repo + # echo "${{ secrets.ARCH_SSH_KEY }}" > /tmp/ssh_arch_key && chmod 0400 /tmp/ssh_arch_key + # ssh-agent bash -c 'ssh-add /tmp/ssh_arch_key; GIT_SSH_COMMAND="ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" git clone ssh://aur@aur.archlinux.org/step-cli-bin.git' + # cd step-cli-bin + # # Modify values in files + # sed -i -e "s/^pkgver=.*/pkgver=${VER}/" "./PKGBUILD" + # sed -i -e "s/^sha256sums_aarch64=.*/sha256sums_aarch64=(\"${ARM64_SHA}\")/" "./PKGBUILD" + # sed -i -e "s/^sha256sums_x86_64=.*/sha256sums_x86_64=(\"${AMD64_SHA}\")/" "./PKGBUILD" + # - name: Makepkg Build and Check + # id: makepkg + # uses: smallstep/pkgbuild-action@v1.0.2 + # with: + # pkgdir: ./step-cli-bin + # - name: Update ARCH Repo + # id: update + # run: | + # # Git commit and push + # cd ./step-cli-bin + # git add "./PKGBUILD" "./.SRCINFO" + # git commit -m "Update to ${{ needs.create_release.outputs.vversion }}" + # ssh-agent bash -c 'ssh-add /tmp/ssh_arch_key; GIT_SSH_COMMAND="ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" git push origin HEAD:master' + # + # update_reference_docs: + # name: Update Reference Docs + # runs-on: ubuntu-latest + # needs: create_release + # if: needs.create_release.outputs.is_prerelease == 'false' + # steps: + # - name: Checkout + # uses: actions/checkout@v2 + # - name: Setup Go + # uses: actions/setup-go@v2 + # with: + # go-version: '^1.15.6' + # - name: Build + # id: build + # run: make build + # - name: Checkout Docs + # uses: actions/checkout@master + # with: + # repository: smallstep/docs + # token: ${{ secrets.PAT }} + # path: './docs' + # - name: Update Reference + # id: update_refrence + # run: ./bin/step help --markdown ./docs/step-cli/reference + # - name: Push changes + # uses: ad-m/github-push-action@v0.6.0 + # with: + # github_token: ${{ secrets.PAT }} + # branch: 'master' + # directory: './docs' + # repository: 'smallstep/docs' diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 00000000..3a516c7e --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,31 @@ +name: Lint, Test, Build + +on: + push: + tags-ignore: + - 'v*' + branches: + - "**" + pull_request: + +jobs: + lintTestBuild: + name: Lint, Test, Build + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: '^1.15.6' + - name: Lint, Test, Build + id: lintTestBuild + run: V=1 make -j1 bootstrap all + - name: Codecov + uses: codecov/codecov-action@v1.2.1 + with: + token: ${{ secrets.CODECOV_TOKEN }} # not required for public repos + file: ./coverage.out # optional + name: codecov-umbrella # optional + fail_ci_if_error: true # optional (default = false) diff --git a/.goreleaser.yml b/.goreleaser.yml new file mode 100644 index 00000000..65f3efc7 --- /dev/null +++ b/.goreleaser.yml @@ -0,0 +1,197 @@ +# This is an example .goreleaser.yml file with some sane defaults. +# Make sure to check the documentation at http://goreleaser.com +project_name: step-ca +before: + hooks: + # You may remove this if you don't use go modules. + - go mod download + # - go generate ./... +builds: + - + env: + - CGO_ENABLED=0 + goos: + - linux + - darwin + goarch: + - amd64 + - arm + - arm64 + - 386 + goarm: + - 7 + flags: + - -trimpath + main: ./cmd/step-ca/main.go + binary: bin/step + ldflags: + - -w -X main.Version={{.Version}} -X main.BuildTime={{.Date}} + - + env: + - CGO_ENABLED=0 + goos: + - linux + - darwin + goarch: + - amd64 + - arm + - arm64 + - 386 + goarm: + - 7 + flags: + - -trimpath + main: ./cmd/step-cloudkms-init/main.go + binary: bin/step-cloudkms-init + ldflags: + - -w -X main.Version={{.Version}} -X main.BuildTime={{.Date}} + - + env: + - CGO_ENABLED=0 + goos: + - linux + - darwin + goarch: + - amd64 + - arm + - arm64 + - 386 + goarm: + - 7 + flags: + - -trimpath + main: ./cmd/step-awskms-init/main.go + binary: bin/step-awskms-init + ldflags: + - -w -X main.Version={{.Version}} -X main.BuildTime={{.Date}} +archives: + - + # Can be used to change the archive formats for specific GOOSs. + # Most common use case is to archive as zip on Windows. + # Default is empty. + name_template: "{{ .ProjectName }}_{{ .Os }}_{{ .Version }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}{{ if .Mips }}_{{ .Mips }}{{ end }}" + wrap_in_directory: "{{ .ProjectName }}_{{ .Version }}" + files: + - README.md + - LICENSE +source: + enabled: true + name_template: '{{ .ProjectName }}_{{ .Version }}' +checksum: + name_template: 'checksums.txt' +snapshot: + name_template: "{{ .Tag }}-next" +release: + # Repo in which the release will be created. + # Default is extracted from the origin remote URL or empty if its private hosted. + # Note: it can only be one: either github, gitlab or gitea + github: + owner: smallstep + name: certificates + + # IDs of the archives to use. + # Defaults to all. + #ids: + # - foo + # - bar + + # If set to true, will not auto-publish the release. + # Default is false. + #draft: true + + # If set to auto, will mark the release as not ready for production + # in case there is an indicator for this in the tag e.g. v1.0.0-rc1 + # If set to true, will mark the release as not ready for production. + # Default is false. + prerelease: auto + + # You can change the name of the release. + # Default is `{{.Tag}}` + #name_template: "{{.ProjectName}}-v{{.Version}} {{.Env.USER}}" + + # You can disable this pipe in order to not upload any artifacts. + # Defaults to false. + #disable: true + + # You can add extra pre-existing files to the release. + # The filename on the release will be the last part of the path (base). If + # another file with the same name exists, the latest one found will be used. + # Defaults to empty. + #extra_files: + # - glob: ./path/to/file.txt + # - glob: ./glob/**/to/**/file/**/* + # - glob: ./glob/foo/to/bar/file/foobar/override_from_previous +scoop: + # Template for the url which is determined by the given Token (github or gitlab) + # Default for github is "https://github.com///releases/download/{{ .Tag }}/{{ .ArtifactName }}" + # Default for gitlab is "https://gitlab.com///uploads/{{ .ArtifactUploadHash }}/{{ .ArtifactName }}" + # Default for gitea is "https://gitea.com///releases/download/{{ .Tag }}/{{ .ArtifactName }}" + url_template: "http://github.com/smallstep/certificates/releases/download/{{ .Tag }}/{{ .ArtifactName }}" + + # Repository to push the app manifest to. + bucket: + owner: smallstep + name: scoop-bucket + + # Git author used to commit to the repository. + # Defaults are shown. + commit_author: + name: goreleaserbot + email: goreleaser@smallstep.com + + # The project name and current git tag are used in the format string. + commit_msg_template: "Scoop update for {{ .ProjectName }} version {{ .Tag }}" + + # Your app's homepage. + # Default is empty. + homepage: "https://smallstep.com/docs/step-ca" + + # Skip uploads for prerelease. + skip_upload: auto + + # Your app's description. + # Default is empty. + description: "A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH." + + # Your app's license + # Default is empty. + license: "Apache-2.0" + + #dockers: + # - dockerfile: docker/Dockerfile + # goos: linux + # goarch: amd64 + # use_buildx: true + # image_templates: + # - "smallstep/step-cli:latest" + # - "smallstep/step-cli:{{ .Tag }}" + # build_flag_templates: + # - "--platform=linux/amd64" + # - dockerfile: docker/Dockerfile + # goos: linux + # goarch: 386 + # use_buildx: true + # image_templates: + # - "smallstep/step-cli:latest" + # - "smallstep/step-cli:{{ .Tag }}" + # build_flag_templates: + # - "--platform=linux/386" + # - dockerfile: docker/Dockerfile + # goos: linux + # goarch: arm + # goarm: 7 + # use_buildx: true + # image_templates: + # - "smallstep/step-cli:latest" + # - "smallstep/step-cli:{{ .Tag }}" + # build_flag_templates: + # - "--platform=linux/arm/v7" + # - dockerfile: docker/Dockerfile + # goos: linux + # goarch: arm64 + # use_buildx: true + # image_templates: + # - "smallstep/step-cli:latest" + # - "smallstep/step-cli:{{ .Tag }}" + # build_flag_templates: + # - "--platform=linux/arm64/v8" diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index fcf73d2d..00000000 --- a/.travis.yml +++ /dev/null @@ -1,37 +0,0 @@ -language: go -os: linux -dist: focal -services: - - docker -go: - - 1.14.x -addons: - apt: - packages: - - debhelper - - fakeroot - - bash-completion - - libpcsclite-dev -env: - global: - - V=1 -before_script: - - make bootstrap -script: - - make travis - - make artifacts -after_success: - - bash <(curl -s https://codecov.io/bash) -t "$CODECOV_TOKEN" || echo "Codecov did - not collect coverage reports" -notifications: - email: false -deploy: - provider: releases - skip_cleanup: true - token: - secure: EVV43Vkqn67hhKGYn4WhQp2YO6KFmUDSkLXjYXYGX07Fm8p5KjRFBPOz9LV83QrvVmLigvg0CtR8Jqqcnq2SUhus3nhZaN2g19NhMypZLioyOVP0kAkas8ocuvxkwz3YxIK/yMrmTKbQ7JGXtbc8IjAox9ovNo1fFIQmVMAzPfu++OWBJ0j+gUqKtpaNA7gzsSv8UOw3/T3hNm6E1IbpWxl9BPSOzUOE9F/QOThANzifGfdxvqNJFkAgqu5DVPz8zQNbMrz4zH+KwASKxd6hjhzSSMzouKzOEHTA/elDCHEjke0Jos29MkGWHcIydLtCD95DGecqM8BFSC9f2acHDjmUO1rdfoLA3Pt+UiZJuTwyQm/jrHHhRnH8oJpK15G5LvxSqzY9YDWpAk38+jMw/udW6wt7BGAU8FEXLbq0bsFL3yfTepeWjmzT5WS0YXdiBz2SEK+Og9R2bSdtl4owghRzKNio5DNPuYAbqbpi+jqzqQVLj27x7LWoQ0MHvZcz9U+oO00r6M1tDCmFVRdtfgb2H+MIDY69qYGo5qoGMfH1btCWR8bA9wSYB/Z7hW/xZT9r7f/d5/P40k8yKINmTZqyUTQeplrE3y4BPVzKksclczBZa67syIUQ49I35QppnH4GFQHUwlra7r3W9zfZRvaLnp5qOIKAQe3MAIZqtLg= - file_glob: true - file: .travis-releases/* - on: - repo: smallstep/certificates - tags: true From 847ae6c3f9ac632ee98024b172aacd83af3f93b9 Mon Sep 17 00:00:00 2001 From: max furman Date: Thu, 18 Feb 2021 12:47:51 -0800 Subject: [PATCH 02/16] noop for tag --- distribution.md | 1 - 1 file changed, 1 deletion(-) diff --git a/distribution.md b/distribution.md index 5e3e4727..703be042 100644 --- a/distribution.md +++ b/distribution.md @@ -16,7 +16,6 @@ e.g. `v1.0.2` `-rc*` suffix. e.g. `v1.0.2-rc` or `v1.0.2-rc.4` --- - 1. **Tag it!** 1. Find the most recent tag. From 47e2e5949190ae002f90c8db239a8b6b62bd953d Mon Sep 17 00:00:00 2001 From: max furman Date: Thu, 18 Feb 2021 13:09:27 -0800 Subject: [PATCH 03/16] Install libpcsclite-dev dep before running linter --- .github/workflows/release.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 49bce944..99d78b34 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -17,6 +17,9 @@ jobs: uses: actions/setup-go@v2 with: go-version: '^1.15.6' + - name: Install Deps + id: install-deps + run: sudo apt-get -y install libpcsclite-dev - name: Lint, Test, Build id: lintTestBuild run: V=1 make -j1 bootstrap travis From 049be1707a89cf8967c1e5de1ae2274772c00718 Mon Sep 17 00:00:00 2001 From: max furman Date: Thu, 18 Feb 2021 13:25:27 -0800 Subject: [PATCH 04/16] Run cgo tests for normal pushes --- .github/workflows/test.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 3a516c7e..273d0241 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -19,9 +19,12 @@ jobs: uses: actions/setup-go@v2 with: go-version: '^1.15.6' + - name: Install Deps + id: install-deps + run: sudo apt-get -y install libpcsclite-dev - name: Lint, Test, Build id: lintTestBuild - run: V=1 make -j1 bootstrap all + run: V=1 make -j1 bootstrap travis - name: Codecov uses: codecov/codecov-action@v1.2.1 with: From 6920af0521838cc665e39078d4ef07197abdd742 Mon Sep 17 00:00:00 2001 From: max furman Date: Thu, 18 Feb 2021 13:55:50 -0800 Subject: [PATCH 05/16] [action] let goreleaser create the release --- .github/workflows/release.yml | 51 ++++++++++------------------------- .goreleaser.yml | 2 +- 2 files changed, 15 insertions(+), 38 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 99d78b34..369f9122 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -7,43 +7,30 @@ on: - 'v*' # Push events to matching v*, i.e. v1.0, v20.15.10 jobs: - lintTestBuild: + lint_test_build: name: Lint, Test, Build runs-on: ubuntu-latest + outputs: + is_prerelease: ${{ steps.is_prerelease.outputs.IS_PRERELEASE }} steps: - - name: Checkout + - + name: Checkout uses: actions/checkout@v2 - - name: Setup Go + - + name: Setup Go uses: actions/setup-go@v2 with: go-version: '^1.15.6' - - name: Install Deps + - + name: Install Deps id: install-deps run: sudo apt-get -y install libpcsclite-dev - - name: Lint, Test, Build + - + name: Lint, Test, Build id: lintTestBuild run: V=1 make -j1 bootstrap travis - - create_release: - name: Create Release - runs-on: ubuntu-latest - needs: lintTestBuild - outputs: - version: ${{ steps.extract-tag.outputs.VERSION }} - vversion: ${{ steps.extract-tag.outputs.VVERSION }} - upload_url: ${{ steps.create_release.outputs.upload_url }} - is_prerelease: ${{ steps.is_prerelease.outputs.IS_PRERELEASE }} - steps: - - name: Checkout - uses: actions/checkout@v2 - - name: Extract Tag Names - id: extract-tag - run: | - VVERSION=${GITHUB_REF#refs/tags/} - VERSION=${GITHUB_REF#refs/tags/v} - echo "::set-output name=VVERSION::${VVERSION}" - echo "::set-output name=VERSION::${VERSION}" - - name: Is Pre-release + - + name: Is Pre-release id: is_prerelease run: | set +e @@ -51,21 +38,11 @@ jobs: OUT=$? if [ $OUT -eq 0 ]; then IS_PRERELEASE=true; else IS_PRERELEASE=false; fi echo "::set-output name=IS_PRERELEASE::${IS_PRERELEASE}" - - name: Create Release - id: create_release - uses: actions/create-release@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - tag_name: ${{ github.ref }} - release_name: Release ${{ github.ref }} - draft: false - prerelease: ${{ steps.is_prerelease.outputs.IS_PRERELEASE }} build_upload_github_assets: name: Build & Upload Mac OS | Linux | Windows Assets To Github Release runs-on: ubuntu-latest - needs: create_release + needs: lint_test_build steps: - name: Checkout diff --git a/.goreleaser.yml b/.goreleaser.yml index 65f3efc7..7ca2fe50 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -97,7 +97,7 @@ release: # If set to true, will not auto-publish the release. # Default is false. - #draft: true + draft: true # If set to auto, will mark the release as not ready for production # in case there is an indicator for this in the tag e.g. v1.0.0-rc1 From 036c3d8d512263e3f8469c89373df816f0dbd206 Mon Sep 17 00:00:00 2001 From: max furman Date: Thu, 18 Feb 2021 14:04:28 -0800 Subject: [PATCH 06/16] [actions] give ids to each goreleaser build --- .goreleaser.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.goreleaser.yml b/.goreleaser.yml index 7ca2fe50..c691fa7d 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -8,6 +8,7 @@ before: # - go generate ./... builds: - + id: step-ca env: - CGO_ENABLED=0 goos: @@ -27,6 +28,7 @@ builds: ldflags: - -w -X main.Version={{.Version}} -X main.BuildTime={{.Date}} - + id: step-cloudkms-init env: - CGO_ENABLED=0 goos: @@ -46,6 +48,7 @@ builds: ldflags: - -w -X main.Version={{.Version}} -X main.BuildTime={{.Date}} - + id: step-awskms-init env: - CGO_ENABLED=0 goos: From 2c495a347f305e7f9034eadc8d0e2d3fafc19fa7 Mon Sep 17 00:00:00 2001 From: max furman Date: Thu, 18 Feb 2021 14:28:17 -0800 Subject: [PATCH 07/16] [actions] renaming jobs and setting up docker job --- .github/workflows/release.yml | 52 ++++++++++++------------- .goreleaser.yml | 72 +++++++++++++++++------------------ Makefile | 32 +--------------- 3 files changed, 64 insertions(+), 92 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 369f9122..0250e346 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -7,7 +7,7 @@ on: - 'v*' # Push events to matching v*, i.e. v1.0, v20.15.10 jobs: - lint_test_build: + test: name: Lint, Test, Build runs-on: ubuntu-latest outputs: @@ -27,7 +27,7 @@ jobs: run: sudo apt-get -y install libpcsclite-dev - name: Lint, Test, Build - id: lintTestBuild + id: lint_test_build run: V=1 make -j1 bootstrap travis - name: Is Pre-release @@ -39,10 +39,10 @@ jobs: if [ $OUT -eq 0 ]; then IS_PRERELEASE=true; else IS_PRERELEASE=false; fi echo "::set-output name=IS_PRERELEASE::${IS_PRERELEASE}" - build_upload_github_assets: - name: Build & Upload Mac OS | Linux | Windows Assets To Github Release + release: + name: Create Release & Upload Assets runs-on: ubuntu-latest - needs: lint_test_build + needs: test steps: - name: Checkout @@ -63,27 +63,27 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.PAT }} - # build_upload_docker: - # name: Build & Upload Docker Images - # runs-on: ubuntu-latest - # needs: create_release - # if: needs.create_release.outputs.is_prerelease == 'false' - # steps: - # - name: Checkout - # uses: actions/checkout@v2 - # - name: Setup Go - # uses: actions/setup-go@v2 - # with: - # go-version: '^1.15.6' - # - name: Build - # id: build - # run: | - # PATH=$PATH:/usr/local/go/bin:/home/admin/go/bin - # make docker-artifacts - # env: - # DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - # DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - # + build_upload_docker: + name: Build & Upload Docker Images + runs-on: ubuntu-latest + needs: release + if: needs.test.outputs.is_prerelease == 'false' + steps: + - name: Checkout + uses: actions/checkout@v2 + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: '^1.15.6' + - name: Build + id: build + run: | + PATH=$PATH:/usr/local/go/bin:/home/admin/go/bin + make docker-artifacts + env: + DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} + DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} + # build_upload_aws_s3_binaries: # name: Build & Upload AWS S3 Binaries # runs-on: ubuntu-latest diff --git a/.goreleaser.yml b/.goreleaser.yml index c691fa7d..e4bf1b87 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -5,7 +5,6 @@ before: hooks: # You may remove this if you don't use go modules. - go mod download - # - go generate ./... builds: - id: step-ca @@ -24,7 +23,7 @@ builds: flags: - -trimpath main: ./cmd/step-ca/main.go - binary: bin/step + binary: bin/step-ca ldflags: - -w -X main.Version={{.Version}} -X main.BuildTime={{.Date}} - @@ -124,41 +123,42 @@ release: # - glob: ./path/to/file.txt # - glob: ./glob/**/to/**/file/**/* # - glob: ./glob/foo/to/bar/file/foobar/override_from_previous -scoop: - # Template for the url which is determined by the given Token (github or gitlab) - # Default for github is "https://github.com///releases/download/{{ .Tag }}/{{ .ArtifactName }}" - # Default for gitlab is "https://gitlab.com///uploads/{{ .ArtifactUploadHash }}/{{ .ArtifactName }}" - # Default for gitea is "https://gitea.com///releases/download/{{ .Tag }}/{{ .ArtifactName }}" - url_template: "http://github.com/smallstep/certificates/releases/download/{{ .Tag }}/{{ .ArtifactName }}" - # Repository to push the app manifest to. - bucket: - owner: smallstep - name: scoop-bucket - - # Git author used to commit to the repository. - # Defaults are shown. - commit_author: - name: goreleaserbot - email: goreleaser@smallstep.com - - # The project name and current git tag are used in the format string. - commit_msg_template: "Scoop update for {{ .ProjectName }} version {{ .Tag }}" - - # Your app's homepage. - # Default is empty. - homepage: "https://smallstep.com/docs/step-ca" - - # Skip uploads for prerelease. - skip_upload: auto - - # Your app's description. - # Default is empty. - description: "A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH." - - # Your app's license - # Default is empty. - license: "Apache-2.0" + #scoop: + # # Template for the url which is determined by the given Token (github or gitlab) + # # Default for github is "https://github.com///releases/download/{{ .Tag }}/{{ .ArtifactName }}" + # # Default for gitlab is "https://gitlab.com///uploads/{{ .ArtifactUploadHash }}/{{ .ArtifactName }}" + # # Default for gitea is "https://gitea.com///releases/download/{{ .Tag }}/{{ .ArtifactName }}" + # url_template: "http://github.com/smallstep/certificates/releases/download/{{ .Tag }}/{{ .ArtifactName }}" + # + # # Repository to push the app manifest to. + # bucket: + # owner: smallstep + # name: scoop-bucket + # + # # Git author used to commit to the repository. + # # Defaults are shown. + # commit_author: + # name: goreleaserbot + # email: goreleaser@smallstep.com + # + # # The project name and current git tag are used in the format string. + # commit_msg_template: "Scoop update for {{ .ProjectName }} version {{ .Tag }}" + # + # # Your app's homepage. + # # Default is empty. + # homepage: "https://smallstep.com/docs/step-ca" + # + # # Skip uploads for prerelease. + # skip_upload: auto + # + # # Your app's description. + # # Default is empty. + # description: "A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH." + # + # # Your app's license + # # Default is empty. + # license: "Apache-2.0" #dockers: # - dockerfile: docker/Dockerfile diff --git a/Makefile b/Makefile index c9b453e1..3d30cf23 100644 --- a/Makefile +++ b/Makefile @@ -266,39 +266,11 @@ bundle-darwin: binary-darwin .PHONY: binary-linux binary-darwin bundle-linux bundle-darwin -################################################# -# Targets for creating OS specific artifacts and archives -################################################# - -artifacts-linux-tag: bundle-linux debian - -artifacts-darwin-tag: bundle-darwin - -artifacts-archive-tag: - $Q mkdir -p $(RELEASE) - $Q git archive v$(VERSION) | gzip > $(RELEASE)/step-certificates_$(VERSION).tar.gz - -artifacts-tag: artifacts-linux-tag artifacts-darwin-tag artifacts-archive-tag - -.PHONY: artifacts-linux-tag artifacts-darwin-tag artifacts-archive-tag artifacts-tag - ################################################# # Targets for creating step artifacts ################################################# -# For all builds that are not tagged and not on the master branch -artifacts-branch: - -# For all builds that are not tagged -artifacts-master: - -# For all builds with a release-candidate (-rc) tag -artifacts-release-candidate: artifacts-tag - -# For all builds with a release tag -artifacts-release: artifacts-tag - # This command is called by travis directly *after* a successful build -artifacts: artifacts-$(PUSHTYPE) docker-$(PUSHTYPE) +docker-artifacts: docker-$(PUSHTYPE) -.PHONY: artifacts-master artifacts-release-candidate artifacts-release artifacts +.PHONY: docker-artifacts From 3473b88ac85c6a8f8df328ac1c4cd70458a87d8b Mon Sep 17 00:00:00 2001 From: max furman Date: Thu, 18 Feb 2021 14:39:25 -0800 Subject: [PATCH 08/16] [actions] build but don't push docker on -rc --- .github/workflows/release.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 0250e346..b80d0cf3 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -67,7 +67,6 @@ jobs: name: Build & Upload Docker Images runs-on: ubuntu-latest needs: release - if: needs.test.outputs.is_prerelease == 'false' steps: - name: Checkout uses: actions/checkout@v2 From 95fa37fa0c28f239521f013de22a39a9425c0ab7 Mon Sep 17 00:00:00 2001 From: max furman Date: Thu, 18 Feb 2021 14:44:05 -0800 Subject: [PATCH 09/16] [actions] depend on 'test' finishing rather than 'release' - docker --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b80d0cf3..44f16d98 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -66,7 +66,7 @@ jobs: build_upload_docker: name: Build & Upload Docker Images runs-on: ubuntu-latest - needs: release + needs: test steps: - name: Checkout uses: actions/checkout@v2 From 8921a2e8bf8cc7864f42cf9cfe9bffcc5f0b7366 Mon Sep 17 00:00:00 2001 From: max furman Date: Thu, 18 Feb 2021 14:48:54 -0800 Subject: [PATCH 10/16] [actions] remove unused actions --- .github/workflows/release.yml | 142 ---------------------------------- 1 file changed, 142 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 44f16d98..15c8d832 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -82,145 +82,3 @@ jobs: env: DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - - # build_upload_aws_s3_binaries: - # name: Build & Upload AWS S3 Binaries - # runs-on: ubuntu-latest - # needs: create_release - # if: needs.create_release.outputs.is_prerelease == 'false' - # steps: - # - name: Checkout - # uses: actions/checkout@v2 - # - name: Setup Go - # uses: actions/setup-go@v2 - # with: - # go-version: '^1.15.6' - # - name: Build - # id: build - # run: | - # PATH=$PATH:/usr/local/go/bin:/home/admin/go/bin - # make -j1 binary-linux binary-darwin binary-windows - # mkdir -p ./.releases - # cp ./output/binary/linux/bin/step ./.releases/step-linux-${{ needs.create_release.outputs.version }} - # cp ./output/binary/linux/bin/step ./.releases/step-linux-latest-integration - # cp ./output/binary/darwin/bin/step ./.releases/step-darwin-${{ needs.create_release.outputs.version }} - # cp ./output/binary/windows/bin/step ./.releases/step-windows-${{ needs.create_release.outputs.version }}.exe - # - name: Upload s3 - # id: upload-s3 - # uses: jakejarvis/s3-sync-action@v0.5.1 - # with: - # args: --acl public-read --follow-symlinks - # env: - # AWS_S3_BUCKET: ${{ secrets.AWS_S3_BUCKET }} - # AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - # AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - # AWS_REGION: us-east-1 - # SOURCE_DIR: ./.releases - # - # upload_windows_installer: - # name: Upload Windows Installer - # runs-on: ubuntu-latest - # needs: create_release - # if: needs.create_release.outputs.is_prerelease == 'false' - # steps: - # - name: Checkout - # uses: actions/checkout@v2 - # - name: Download Existing Installer - # id: download - # uses: prewk/s3-cp-action@v0.1.1 - # env: - # AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - # AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - # AWS_REGION: us-east-1 - # SOURCE: s3://${{ secrets.AWS_s3_BUCKET }}/install-step.ps1 - # DEST: ./install-step.ps1 - # - name: Modify Installer - # id: modify - # run: sed -i -e "s~step-windows-.*.exe~step-windows-foo.exe~g" ./install-step.ps1 - # - name: Upload and Overwrite - # id: upload - # uses: prewk/s3-cp-action@v0.1.1 - # with: - # args: --acl public-read --follow-symlinks - # env: - # AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - # AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - # AWS_REGION: us-east-1 - # DEST: s3://${{ secrets.AWS_s3_BUCKET }}/install-step.ps1 - # SOURCE: ./install-step.ps1 - # - # update_arch: - # name: Update Arch Linux Packager - # runs-on: ubuntu-latest - # needs: [create_release, build_upload_github_assets] - # if: needs.create_release.outputs.is_prerelease == 'false' - # steps: - # - name: Checkout - # uses: actions/checkout@v2 - # - name: Calculate New SHAs - # id: calculate-shas - # run: | - # PKG=step-cli-bin - # VVER=${{ needs.create_release.outputs.vversion }} - # VER=${{ needs.create_release.outputs.version }} - # ARM64_URL="https://github.com/smallstep/cli/releases/download/${VVER}/step_linux_${VER}_arm64.tar.gz" - # AMD64_URL="https://github.com/smallstep/cli/releases/download/${VVER}/step_linux_${VER}_amd64.tar.gz" - # # Get arm64 SHA for step-cli - # curl -o "${PKG}-arm64.tar.gz" -J -L -s --show-error -f "${ARM64_URL}" - # ARM64_SHA="$(shasum -a 256 "${PKG}-arm64.tar.gz" | awk '{printf $1}')" - # # Get amd64 SHA for step-cli - # curl -o "${PKG}-amd64.tar.gz" -J -L -s --show-error -f "${AMD64_URL}" - # AMD64_SHA="$(shasum -a 256 "${PKG}-amd64.tar.gz" | awk '{printf $1}')" - # # Clone arch linux step-cli-bin repo - # echo "${{ secrets.ARCH_SSH_KEY }}" > /tmp/ssh_arch_key && chmod 0400 /tmp/ssh_arch_key - # ssh-agent bash -c 'ssh-add /tmp/ssh_arch_key; GIT_SSH_COMMAND="ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" git clone ssh://aur@aur.archlinux.org/step-cli-bin.git' - # cd step-cli-bin - # # Modify values in files - # sed -i -e "s/^pkgver=.*/pkgver=${VER}/" "./PKGBUILD" - # sed -i -e "s/^sha256sums_aarch64=.*/sha256sums_aarch64=(\"${ARM64_SHA}\")/" "./PKGBUILD" - # sed -i -e "s/^sha256sums_x86_64=.*/sha256sums_x86_64=(\"${AMD64_SHA}\")/" "./PKGBUILD" - # - name: Makepkg Build and Check - # id: makepkg - # uses: smallstep/pkgbuild-action@v1.0.2 - # with: - # pkgdir: ./step-cli-bin - # - name: Update ARCH Repo - # id: update - # run: | - # # Git commit and push - # cd ./step-cli-bin - # git add "./PKGBUILD" "./.SRCINFO" - # git commit -m "Update to ${{ needs.create_release.outputs.vversion }}" - # ssh-agent bash -c 'ssh-add /tmp/ssh_arch_key; GIT_SSH_COMMAND="ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" git push origin HEAD:master' - # - # update_reference_docs: - # name: Update Reference Docs - # runs-on: ubuntu-latest - # needs: create_release - # if: needs.create_release.outputs.is_prerelease == 'false' - # steps: - # - name: Checkout - # uses: actions/checkout@v2 - # - name: Setup Go - # uses: actions/setup-go@v2 - # with: - # go-version: '^1.15.6' - # - name: Build - # id: build - # run: make build - # - name: Checkout Docs - # uses: actions/checkout@master - # with: - # repository: smallstep/docs - # token: ${{ secrets.PAT }} - # path: './docs' - # - name: Update Reference - # id: update_refrence - # run: ./bin/step help --markdown ./docs/step-cli/reference - # - name: Push changes - # uses: ad-m/github-push-action@v0.6.0 - # with: - # github_token: ${{ secrets.PAT }} - # branch: 'master' - # directory: './docs' - # repository: 'smallstep/docs' From 836f68979c154b876661b8998b09d30b27ba1f97 Mon Sep 17 00:00:00 2001 From: max furman Date: Thu, 18 Feb 2021 19:13:09 -0800 Subject: [PATCH 11/16] [actions] always build/test with go1.16 + rename travis target --- .github/workflows/release.yml | 4 ++-- .github/workflows/test.yml | 2 +- Makefile | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 15c8d832..846e2bff 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -20,7 +20,7 @@ jobs: name: Setup Go uses: actions/setup-go@v2 with: - go-version: '^1.15.6' + go-version: '^1.16.0' - name: Install Deps id: install-deps @@ -28,7 +28,7 @@ jobs: - name: Lint, Test, Build id: lint_test_build - run: V=1 make -j1 bootstrap travis + run: V=1 make -j1 bootstrap ci - name: Is Pre-release id: is_prerelease diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 273d0241..32742133 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -18,7 +18,7 @@ jobs: - name: Setup Go uses: actions/setup-go@v2 with: - go-version: '^1.15.6' + go-version: '^1.16.0' - name: Install Deps id: install-deps run: sudo apt-get -y install libpcsclite-dev diff --git a/Makefile b/Makefile index 3d30cf23..66921ade 100644 --- a/Makefile +++ b/Makefile @@ -18,7 +18,7 @@ OUTPUT_ROOT=output/ all: lint test build -travis: lintcgo testcgo build +ci: lintcgo testcgo build .PHONY: all travis From 296d9ee293c2b47c2c0916c72495a65e2d8fdc9e Mon Sep 17 00:00:00 2001 From: max furman Date: Thu, 18 Feb 2021 19:15:47 -0800 Subject: [PATCH 12/16] [actions] forgot to update make target in test action --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 32742133..a5b344cd 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -24,7 +24,7 @@ jobs: run: sudo apt-get -y install libpcsclite-dev - name: Lint, Test, Build id: lintTestBuild - run: V=1 make -j1 bootstrap travis + run: V=1 make -j1 bootstrap ci - name: Codecov uses: codecov/codecov-action@v1.2.1 with: From f88f58440ff29d618a4ee5912dfbbda8aa9a6878 Mon Sep 17 00:00:00 2001 From: max furman Date: Thu, 18 Feb 2021 20:14:20 -0800 Subject: [PATCH 13/16] add //nolint for new 1.16 deprecation warnings - dsa - pem.DecryptPEMBlock --- api/api.go | 2 +- api/api_test.go | 2 +- kms/softkms/softkms_test.go | 2 +- kms/sshagentkms/sshagentkms_test.go | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/api/api.go b/api/api.go index 699092a7..2ae6e6e8 100644 --- a/api/api.go +++ b/api/api.go @@ -3,7 +3,7 @@ package api import ( "context" "crypto" - "crypto/dsa" + "crypto/dsa" //nolint "crypto/ecdsa" "crypto/rsa" "crypto/x509" diff --git a/api/api_test.go b/api/api_test.go index 190e5a2a..944927ff 100644 --- a/api/api_test.go +++ b/api/api_test.go @@ -4,7 +4,7 @@ import ( "bytes" "context" "crypto" - "crypto/dsa" + "crypto/dsa" //nolint "crypto/ecdsa" "crypto/elliptic" "crypto/rand" diff --git a/kms/softkms/softkms_test.go b/kms/softkms/softkms_test.go index 11c0cdd1..607a5a51 100644 --- a/kms/softkms/softkms_test.go +++ b/kms/softkms/softkms_test.go @@ -83,7 +83,7 @@ func TestSoftKMS_CreateSigner(t *testing.T) { t.Fatal(err) } block, _ := pem.Decode(b) - block.Bytes, err = x509.DecryptPEMBlock(block, []byte("pass")) + block.Bytes, err = x509.DecryptPEMBlock(block, []byte("pass")) //nolint if err != nil { t.Fatal(err) } diff --git a/kms/sshagentkms/sshagentkms_test.go b/kms/sshagentkms/sshagentkms_test.go index 4c572530..30edd5d1 100644 --- a/kms/sshagentkms/sshagentkms_test.go +++ b/kms/sshagentkms/sshagentkms_test.go @@ -295,7 +295,7 @@ func TestSSHAgentKMS_CreateSigner(t *testing.T) { t.Fatal(err) } block, _ := pem.Decode(b) - block.Bytes, err = x509.DecryptPEMBlock(block, []byte("pass")) + block.Bytes, err = x509.DecryptPEMBlock(block, []byte("pass")) //nolint if err != nil { t.Fatal(err) } From 96b38ccd5537c14b4be8c40ad20a7dbae41b5dbe Mon Sep 17 00:00:00 2001 From: max furman Date: Thu, 18 Feb 2021 20:41:33 -0800 Subject: [PATCH 14/16] [actions] revert build/test/lint step to 1.15.6 --- .github/workflows/release.yml | 2 +- .github/workflows/test.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 846e2bff..8c43aaaf 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -20,7 +20,7 @@ jobs: name: Setup Go uses: actions/setup-go@v2 with: - go-version: '^1.16.0' + go-version: '^1.15.6' - name: Install Deps id: install-deps diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index a5b344cd..4ddc6d21 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -18,7 +18,7 @@ jobs: - name: Setup Go uses: actions/setup-go@v2 with: - go-version: '^1.16.0' + go-version: '^1.15.6' - name: Install Deps id: install-deps run: sudo apt-get -y install libpcsclite-dev From 9652a89629fe7e007a635aa2b3cd2e2063ca6a29 Mon Sep 17 00:00:00 2001 From: max furman Date: Mon, 22 Feb 2021 21:05:24 -0800 Subject: [PATCH 15/16] [action] release housekeeping - separate create_release, goreleaser, and debian to parallelize - 1.15.8 - ubuntu-20.04 --- .github/workflows/release.yml | 76 +++++++++++++++++++++++++++++++---- .goreleaser.yml | 2 +- 2 files changed, 70 insertions(+), 8 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 8c43aaaf..74787a99 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -9,7 +9,7 @@ on: jobs: test: name: Lint, Test, Build - runs-on: ubuntu-latest + runs-on: ubuntu-20.04 outputs: is_prerelease: ${{ steps.is_prerelease.outputs.IS_PRERELEASE }} steps: @@ -20,7 +20,7 @@ jobs: name: Setup Go uses: actions/setup-go@v2 with: - go-version: '^1.15.6' + go-version: '^1.15.8' - name: Install Deps id: install-deps @@ -39,10 +39,38 @@ jobs: if [ $OUT -eq 0 ]; then IS_PRERELEASE=true; else IS_PRERELEASE=false; fi echo "::set-output name=IS_PRERELEASE::${IS_PRERELEASE}" - release: - name: Create Release & Upload Assets - runs-on: ubuntu-latest + create_release: + name: Create Release needs: test + runs-on: ubuntu-20.04 + outputs: + is_prerelease: ${{ steps.is_prerelease.outputs.IS_PRERELEASE }} + steps: + - + name: Is Pre-release + id: is_prerelease + run: | + set +e + echo ${{ github.ref }} | grep "\-rc.*" + OUT=$? + if [ $OUT -eq 0 ]; then IS_PRERELEASE=true; else IS_PRERELEASE=false; fi + echo "::set-output name=IS_PRERELEASE::${IS_PRERELEASE}" + - + name: Create Release + id: create_release + uses: actions/create-release@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + tag_name: ${{ github.ref }} + release_name: Release ${{ github.ref }} + draft: false + prerelease: ${{ steps.is_prerelease.outputs.IS_PRERELEASE }} + + goreleaser: + name: Create Release & Upload Assets + runs-on: ubuntu-20.04 + needs: create_release steps: - name: Checkout @@ -63,9 +91,43 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.PAT }} + release_deb: + name: Build & Release Debian package + runs-on: ubuntu-20.04 + needs: create_release + steps: + - + name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + - + name: Set up Go + uses: actions/setup-go@v2 + with: + go-version: '^1.15.8' + - + name: APT Install + id: aptInstall + run: sudo apt-get -y install build-essential debhelper fakeroot + - + name: Build Debian package + id: build + run: | + PATH=$PATH:/usr/local/go/bin:/home/admin/go/bin + make debian + - + name: Upload Debian Package + id: upload_deb + run: | + tag_name="${GITHUB_REF##*/}" + hub release edit $(find ./.releases -type f -printf "-a %p ") -m "" "$tag_name" + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + build_upload_docker: name: Build & Upload Docker Images - runs-on: ubuntu-latest + runs-on: ubuntu-20.04 needs: test steps: - name: Checkout @@ -73,7 +135,7 @@ jobs: - name: Setup Go uses: actions/setup-go@v2 with: - go-version: '^1.15.6' + go-version: '^1.15.8' - name: Build id: build run: | diff --git a/.goreleaser.yml b/.goreleaser.yml index e4bf1b87..880a3f4a 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -105,7 +105,7 @@ release: # in case there is an indicator for this in the tag e.g. v1.0.0-rc1 # If set to true, will mark the release as not ready for production. # Default is false. - prerelease: auto + prerelease: false # You can change the name of the release. # Default is `{{.Tag}}` From 1748b2b6c638cb5f2a9b26a7ffe66518b42113dc Mon Sep 17 00:00:00 2001 From: max furman Date: Mon, 22 Feb 2021 21:25:40 -0800 Subject: [PATCH 16/16] [action] Rename some steps and fix version calculation for actions --- .github/workflows/release.yml | 4 ++-- Makefile | 13 +++++++++++-- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 74787a99..dc65b334 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -68,7 +68,7 @@ jobs: prerelease: ${{ steps.is_prerelease.outputs.IS_PRERELEASE }} goreleaser: - name: Create Release & Upload Assets + name: Upload Assets To Github w/ goreleaser runs-on: ubuntu-20.04 needs: create_release steps: @@ -92,7 +92,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.PAT }} release_deb: - name: Build & Release Debian package + name: Build & Upload Debian Package To Github runs-on: ubuntu-20.04 needs: create_release steps: diff --git a/Makefile b/Makefile index 66921ade..37539348 100644 --- a/Makefile +++ b/Makefile @@ -20,7 +20,7 @@ all: lint test build ci: lintcgo testcgo build -.PHONY: all travis +.PHONY: all ci ######################################### # Bootstrapping @@ -39,6 +39,15 @@ bootstra%: # If TRAVIS_TAG is set then we know this ref has been tagged. ifdef TRAVIS_TAG VERSION := $(TRAVIS_TAG) +NOT_RC := $(shell echo $(VERSION) | grep -v -e -rc) + ifeq ($(NOT_RC),) +PUSHTYPE := release-candidate + else +PUSHTYPE := release + endif +# GITHUB Actions +else ifdef GITHUB_REF +VERSION := $(shell echo $(GITHUB_REF) | sed 's/^refs\/tags\///') NOT_RC := $(shell echo $(VERSION) | grep -v -e -rc) ifeq ($(NOT_RC),) PUSHTYPE := release-candidate @@ -62,6 +71,7 @@ DEB_VERSION := $(shell echo $(VERSION) | sed 's/-/~/g') ifdef V $(info TRAVIS_TAG is $(TRAVIS_TAG)) +$(info GITHUB_REF is $(GITHUB_REF)) $(info VERSION is $(VERSION)) $(info DEB_VERSION is $(DEB_VERSION)) $(info PUSHTYPE is $(PUSHTYPE)) @@ -270,7 +280,6 @@ bundle-darwin: binary-darwin # Targets for creating step artifacts ################################################# -# This command is called by travis directly *after* a successful build docker-artifacts: docker-$(PUSHTYPE) .PHONY: docker-artifacts