From b33a9fc80ae6708edad674cef025abf315e26afa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Justinas=20Stankevi=C4=8Dius?= Date: Mon, 3 Jan 2022 17:51:17 +0200 Subject: [PATCH] Upload release binaries to new release infrastructure (#8722) Cherry-picked from cc6cb4e8da0dd67795fe1c2a97fabc91119433b9 --- .drone.yml | 697 ++++++++++++++++++++++++++++++++++++++++++-- dronegen/mac.go | 17 +- dronegen/mac_pkg.go | 17 +- dronegen/tag.go | 52 ++++ 4 files changed, 761 insertions(+), 22 deletions(-) diff --git a/.drone.yml b/.drone.yml index bde314f6732cf..c6cbca416c12c 100644 --- a/.drone.yml +++ b/.drone.yml @@ -2,6 +2,7 @@ ################################################ # Generated using dronegen, do not edit by hand! # Use 'make dronegen' to update. +# Generated at dronegen/push.go:90 ################################################ kind: pipeline @@ -969,7 +970,7 @@ steps: ################################################ # Generated using dronegen, do not edit by hand! # Use 'make dronegen' to update. -# Generated at dronegen/tag.go:207 +# Generated at dronegen/tag.go:209 ################################################ kind: pipeline @@ -1058,6 +1059,39 @@ steps: source: /go/artifacts/* strip_prefix: /go/artifacts/ target: teleport/tag/${DRONE_TAG##v} +- name: Register artifacts + image: docker + commands: + - WORKSPACE_DIR=$${WORKSPACE_DIR:-/} + - VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt") + - RELEASES_HOST='https://releases-staging.platform.teleport.sh' + - echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt" + - echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key" + - trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT + - CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key" + - which curl || apk add --no-cache curl + - |- + cd "$WORKSPACE_DIR/go/artifacts" + for file in $(find . -type f ! -iname '*.sha256'); do + # Skip files that are not results of this build + # (e.g. tarballs from which OS packages are made) + [ -f "$file.sha256" ] || continue + + product="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z + shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)" + status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases") + if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then + echo "curl HTTP status: $status_code" + cat $WORKSPACE_DIR/curl_out.txt + exit 1 + fi + curl $CREDENTIALS --fail -o /dev/null -F description="TODO" -F os="linux" -F arch="amd64" -F "file=@$file" -F "sha256=$shasum" -F "releaseId=$product@$VERSION" "$RELEASES_HOST/assets"; + done + environment: + RELEASES_CERT: + from_secret: RELEASES_CERT_STAGING + RELEASES_KEY: + from_secret: RELEASES_KEY_STAGING services: - name: Start Docker image: docker:dind @@ -1073,7 +1107,7 @@ volumes: ################################################ # Generated using dronegen, do not edit by hand! # Use 'make dronegen' to update. -# Generated at dronegen/tag.go:207 +# Generated at dronegen/tag.go:209 ################################################ kind: pipeline @@ -1162,6 +1196,39 @@ steps: source: /go/artifacts/* strip_prefix: /go/artifacts/ target: teleport/tag/${DRONE_TAG##v} +- name: Register artifacts + image: docker + commands: + - WORKSPACE_DIR=$${WORKSPACE_DIR:-/} + - VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt") + - RELEASES_HOST='https://releases-staging.platform.teleport.sh' + - echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt" + - echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key" + - trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT + - CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key" + - which curl || apk add --no-cache curl + - |- + cd "$WORKSPACE_DIR/go/artifacts" + for file in $(find . -type f ! -iname '*.sha256'); do + # Skip files that are not results of this build + # (e.g. tarballs from which OS packages are made) + [ -f "$file.sha256" ] || continue + + product="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z + shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)" + status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases") + if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then + echo "curl HTTP status: $status_code" + cat $WORKSPACE_DIR/curl_out.txt + exit 1 + fi + curl $CREDENTIALS --fail -o /dev/null -F description="TODO" -F os="linux" -F arch="amd64" -F "file=@$file" -F "sha256=$shasum" -F "releaseId=$product@$VERSION" "$RELEASES_HOST/assets"; + done + environment: + RELEASES_CERT: + from_secret: RELEASES_CERT_STAGING + RELEASES_KEY: + from_secret: RELEASES_KEY_STAGING services: - name: Start Docker image: docker:dind @@ -1177,7 +1244,7 @@ volumes: ################################################ # Generated using dronegen, do not edit by hand! # Use 'make dronegen' to update. -# Generated at dronegen/tag.go:207 +# Generated at dronegen/tag.go:209 ################################################ kind: pipeline @@ -1269,6 +1336,39 @@ steps: source: /go/artifacts/* strip_prefix: /go/artifacts/ target: teleport/tag/${DRONE_TAG##v} +- name: Register artifacts + image: docker + commands: + - WORKSPACE_DIR=$${WORKSPACE_DIR:-/} + - VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt") + - RELEASES_HOST='https://releases-staging.platform.teleport.sh' + - echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt" + - echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key" + - trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT + - CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key" + - which curl || apk add --no-cache curl + - |- + cd "$WORKSPACE_DIR/go/artifacts" + for file in $(find . -type f ! -iname '*.sha256'); do + # Skip files that are not results of this build + # (e.g. tarballs from which OS packages are made) + [ -f "$file.sha256" ] || continue + + product="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z + shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)" + status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases") + if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then + echo "curl HTTP status: $status_code" + cat $WORKSPACE_DIR/curl_out.txt + exit 1 + fi + curl $CREDENTIALS --fail -o /dev/null -F description="TODO" -F os="linux" -F arch="amd64" -F "file=@$file" -F "sha256=$shasum" -F "releaseId=$product@$VERSION" "$RELEASES_HOST/assets"; + done + environment: + RELEASES_CERT: + from_secret: RELEASES_CERT_STAGING + RELEASES_KEY: + from_secret: RELEASES_KEY_STAGING services: - name: Start Docker image: docker:dind @@ -1284,7 +1384,7 @@ volumes: ################################################ # Generated using dronegen, do not edit by hand! # Use 'make dronegen' to update. -# Generated at dronegen/tag.go:349 +# Generated at dronegen/tag.go:392 ################################################ kind: pipeline @@ -1396,6 +1496,39 @@ steps: source: /go/artifacts/* strip_prefix: /go/artifacts/ target: teleport/tag/${DRONE_TAG##v} +- name: Register artifacts + image: docker + commands: + - WORKSPACE_DIR=$${WORKSPACE_DIR:-/} + - VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt") + - RELEASES_HOST='https://releases-staging.platform.teleport.sh' + - echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt" + - echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key" + - trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT + - CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key" + - which curl || apk add --no-cache curl + - |- + cd "$WORKSPACE_DIR/go/artifacts" + for file in $(find . -type f ! -iname '*.sha256'); do + # Skip files that are not results of this build + # (e.g. tarballs from which OS packages are made) + [ -f "$file.sha256" ] || continue + + product="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z + shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)" + status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases") + if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then + echo "curl HTTP status: $status_code" + cat $WORKSPACE_DIR/curl_out.txt + exit 1 + fi + curl $CREDENTIALS --fail -o /dev/null -F description="TODO" -F os="linux" -F arch="amd64" -F "file=@$file" -F "sha256=$shasum" -F "releaseId=$product@$VERSION" "$RELEASES_HOST/assets"; + done + environment: + RELEASES_CERT: + from_secret: RELEASES_CERT_STAGING + RELEASES_KEY: + from_secret: RELEASES_KEY_STAGING services: - name: Start Docker image: docker:dind @@ -1416,7 +1549,7 @@ volumes: ################################################ # Generated using dronegen, do not edit by hand! # Use 'make dronegen' to update. -# Generated at dronegen/tag.go:349 +# Generated at dronegen/tag.go:392 ################################################ kind: pipeline @@ -1525,6 +1658,39 @@ steps: source: /go/artifacts/* strip_prefix: /go/artifacts/ target: teleport/tag/${DRONE_TAG##v} +- name: Register artifacts + image: docker + commands: + - WORKSPACE_DIR=$${WORKSPACE_DIR:-/} + - VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt") + - RELEASES_HOST='https://releases-staging.platform.teleport.sh' + - echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt" + - echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key" + - trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT + - CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key" + - which curl || apk add --no-cache curl + - |- + cd "$WORKSPACE_DIR/go/artifacts" + for file in $(find . -type f ! -iname '*.sha256'); do + # Skip files that are not results of this build + # (e.g. tarballs from which OS packages are made) + [ -f "$file.sha256" ] || continue + + product="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z + shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)" + status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases") + if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then + echo "curl HTTP status: $status_code" + cat $WORKSPACE_DIR/curl_out.txt + exit 1 + fi + curl $CREDENTIALS --fail -o /dev/null -F description="TODO" -F os="linux" -F arch="amd64" -F "file=@$file" -F "sha256=$shasum" -F "releaseId=$product@$VERSION" "$RELEASES_HOST/assets"; + done + environment: + RELEASES_CERT: + from_secret: RELEASES_CERT_STAGING + RELEASES_KEY: + from_secret: RELEASES_KEY_STAGING services: - name: Start Docker image: docker:dind @@ -1545,7 +1711,7 @@ volumes: ################################################ # Generated using dronegen, do not edit by hand! # Use 'make dronegen' to update. -# Generated at dronegen/tag.go:349 +# Generated at dronegen/tag.go:392 ################################################ kind: pipeline @@ -1648,6 +1814,39 @@ steps: source: /go/artifacts/* strip_prefix: /go/artifacts/ target: teleport/tag/${DRONE_TAG##v} +- name: Register artifacts + image: docker + commands: + - WORKSPACE_DIR=$${WORKSPACE_DIR:-/} + - VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt") + - RELEASES_HOST='https://releases-staging.platform.teleport.sh' + - echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt" + - echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key" + - trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT + - CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key" + - which curl || apk add --no-cache curl + - |- + cd "$WORKSPACE_DIR/go/artifacts" + for file in $(find . -type f ! -iname '*.sha256'); do + # Skip files that are not results of this build + # (e.g. tarballs from which OS packages are made) + [ -f "$file.sha256" ] || continue + + product="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z + shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)" + status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases") + if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then + echo "curl HTTP status: $status_code" + cat $WORKSPACE_DIR/curl_out.txt + exit 1 + fi + curl $CREDENTIALS --fail -o /dev/null -F description="TODO" -F os="linux" -F arch="amd64" -F "file=@$file" -F "sha256=$shasum" -F "releaseId=$product@$VERSION" "$RELEASES_HOST/assets"; + done + environment: + RELEASES_CERT: + from_secret: RELEASES_CERT_STAGING + RELEASES_KEY: + from_secret: RELEASES_KEY_STAGING services: - name: Start Docker image: docker:dind @@ -1663,7 +1862,7 @@ volumes: ################################################ # Generated using dronegen, do not edit by hand! # Use 'make dronegen' to update. -# Generated at dronegen/tag.go:349 +# Generated at dronegen/tag.go:392 ################################################ kind: pipeline @@ -1763,6 +1962,39 @@ steps: source: /go/artifacts/* strip_prefix: /go/artifacts/ target: teleport/tag/${DRONE_TAG##v} +- name: Register artifacts + image: docker + commands: + - WORKSPACE_DIR=$${WORKSPACE_DIR:-/} + - VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt") + - RELEASES_HOST='https://releases-staging.platform.teleport.sh' + - echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt" + - echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key" + - trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT + - CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key" + - which curl || apk add --no-cache curl + - |- + cd "$WORKSPACE_DIR/go/artifacts" + for file in $(find . -type f ! -iname '*.sha256'); do + # Skip files that are not results of this build + # (e.g. tarballs from which OS packages are made) + [ -f "$file.sha256" ] || continue + + product="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z + shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)" + status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases") + if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then + echo "curl HTTP status: $status_code" + cat $WORKSPACE_DIR/curl_out.txt + exit 1 + fi + curl $CREDENTIALS --fail -o /dev/null -F description="TODO" -F os="linux" -F arch="amd64" -F "file=@$file" -F "sha256=$shasum" -F "releaseId=$product@$VERSION" "$RELEASES_HOST/assets"; + done + environment: + RELEASES_CERT: + from_secret: RELEASES_CERT_STAGING + RELEASES_KEY: + from_secret: RELEASES_KEY_STAGING services: - name: Start Docker image: docker:dind @@ -1778,7 +2010,7 @@ volumes: ################################################ # Generated using dronegen, do not edit by hand! # Use 'make dronegen' to update. -# Generated at dronegen/tag.go:207 +# Generated at dronegen/tag.go:209 ################################################ kind: pipeline @@ -1867,6 +2099,39 @@ steps: source: /go/artifacts/* strip_prefix: /go/artifacts/ target: teleport/tag/${DRONE_TAG##v} +- name: Register artifacts + image: docker + commands: + - WORKSPACE_DIR=$${WORKSPACE_DIR:-/} + - VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt") + - RELEASES_HOST='https://releases-staging.platform.teleport.sh' + - echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt" + - echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key" + - trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT + - CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key" + - which curl || apk add --no-cache curl + - |- + cd "$WORKSPACE_DIR/go/artifacts" + for file in $(find . -type f ! -iname '*.sha256'); do + # Skip files that are not results of this build + # (e.g. tarballs from which OS packages are made) + [ -f "$file.sha256" ] || continue + + product="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z + shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)" + status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases") + if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then + echo "curl HTTP status: $status_code" + cat $WORKSPACE_DIR/curl_out.txt + exit 1 + fi + curl $CREDENTIALS --fail -o /dev/null -F description="TODO" -F os="linux" -F arch="386" -F "file=@$file" -F "sha256=$shasum" -F "releaseId=$product@$VERSION" "$RELEASES_HOST/assets"; + done + environment: + RELEASES_CERT: + from_secret: RELEASES_CERT_STAGING + RELEASES_KEY: + from_secret: RELEASES_KEY_STAGING services: - name: Start Docker image: docker:dind @@ -1882,7 +2147,7 @@ volumes: ################################################ # Generated using dronegen, do not edit by hand! # Use 'make dronegen' to update. -# Generated at dronegen/tag.go:349 +# Generated at dronegen/tag.go:392 ################################################ kind: pipeline @@ -1994,6 +2259,39 @@ steps: source: /go/artifacts/* strip_prefix: /go/artifacts/ target: teleport/tag/${DRONE_TAG##v} +- name: Register artifacts + image: docker + commands: + - WORKSPACE_DIR=$${WORKSPACE_DIR:-/} + - VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt") + - RELEASES_HOST='https://releases-staging.platform.teleport.sh' + - echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt" + - echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key" + - trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT + - CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key" + - which curl || apk add --no-cache curl + - |- + cd "$WORKSPACE_DIR/go/artifacts" + for file in $(find . -type f ! -iname '*.sha256'); do + # Skip files that are not results of this build + # (e.g. tarballs from which OS packages are made) + [ -f "$file.sha256" ] || continue + + product="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z + shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)" + status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases") + if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then + echo "curl HTTP status: $status_code" + cat $WORKSPACE_DIR/curl_out.txt + exit 1 + fi + curl $CREDENTIALS --fail -o /dev/null -F description="TODO" -F os="linux" -F arch="386" -F "file=@$file" -F "sha256=$shasum" -F "releaseId=$product@$VERSION" "$RELEASES_HOST/assets"; + done + environment: + RELEASES_CERT: + from_secret: RELEASES_CERT_STAGING + RELEASES_KEY: + from_secret: RELEASES_KEY_STAGING services: - name: Start Docker image: docker:dind @@ -2014,7 +2312,7 @@ volumes: ################################################ # Generated using dronegen, do not edit by hand! # Use 'make dronegen' to update. -# Generated at dronegen/tag.go:349 +# Generated at dronegen/tag.go:392 ################################################ kind: pipeline @@ -2117,6 +2415,39 @@ steps: source: /go/artifacts/* strip_prefix: /go/artifacts/ target: teleport/tag/${DRONE_TAG##v} +- name: Register artifacts + image: docker + commands: + - WORKSPACE_DIR=$${WORKSPACE_DIR:-/} + - VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt") + - RELEASES_HOST='https://releases-staging.platform.teleport.sh' + - echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt" + - echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key" + - trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT + - CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key" + - which curl || apk add --no-cache curl + - |- + cd "$WORKSPACE_DIR/go/artifacts" + for file in $(find . -type f ! -iname '*.sha256'); do + # Skip files that are not results of this build + # (e.g. tarballs from which OS packages are made) + [ -f "$file.sha256" ] || continue + + product="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z + shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)" + status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases") + if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then + echo "curl HTTP status: $status_code" + cat $WORKSPACE_DIR/curl_out.txt + exit 1 + fi + curl $CREDENTIALS --fail -o /dev/null -F description="TODO" -F os="linux" -F arch="386" -F "file=@$file" -F "sha256=$shasum" -F "releaseId=$product@$VERSION" "$RELEASES_HOST/assets"; + done + environment: + RELEASES_CERT: + from_secret: RELEASES_CERT_STAGING + RELEASES_KEY: + from_secret: RELEASES_KEY_STAGING services: - name: Start Docker image: docker:dind @@ -2225,6 +2556,39 @@ steps: AWS_SECRET_ACCESS_KEY: from_secret: AWS_SECRET_ACCESS_KEY WORKSPACE_DIR: /tmp/build-darwin-amd64 +- name: Register artifacts + commands: + - WORKSPACE_DIR=$${WORKSPACE_DIR:-/} + - VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt") + - RELEASES_HOST='https://releases-staging.platform.teleport.sh' + - echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt" + - echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key" + - trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT + - CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key" + - which curl || apk add --no-cache curl + - |- + cd "$WORKSPACE_DIR/go/artifacts" + for file in $(find . -type f ! -iname '*.sha256'); do + # Skip files that are not results of this build + # (e.g. tarballs from which OS packages are made) + [ -f "$file.sha256" ] || continue + + product="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z + shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)" + status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases") + if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then + echo "curl HTTP status: $status_code" + cat $WORKSPACE_DIR/curl_out.txt + exit 1 + fi + curl $CREDENTIALS --fail -o /dev/null -F description="TODO" -F os="darwin" -F arch="amd64" -F "file=@$file" -F "sha256=$shasum" -F "releaseId=$product@$VERSION" "$RELEASES_HOST/assets"; + done + environment: + RELEASES_CERT: + from_secret: RELEASES_CERT_STAGING + RELEASES_KEY: + from_secret: RELEASES_KEY_STAGING + WORKSPACE_DIR: /tmp/build-darwin-amd64 - name: Clean up exec runner storage (post) commands: - set -u @@ -2362,6 +2726,39 @@ steps: AWS_SECRET_ACCESS_KEY: from_secret: AWS_SECRET_ACCESS_KEY WORKSPACE_DIR: /tmp/build-darwin-amd64-pkg +- name: Register artifacts + commands: + - WORKSPACE_DIR=$${WORKSPACE_DIR:-/} + - VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt") + - RELEASES_HOST='https://releases-staging.platform.teleport.sh' + - echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt" + - echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key" + - trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT + - CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key" + - which curl || apk add --no-cache curl + - |- + cd "$WORKSPACE_DIR/go/artifacts" + for file in $(find . -type f ! -iname '*.sha256'); do + # Skip files that are not results of this build + # (e.g. tarballs from which OS packages are made) + [ -f "$file.sha256" ] || continue + + product="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z + shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)" + status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases") + if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then + echo "curl HTTP status: $status_code" + cat $WORKSPACE_DIR/curl_out.txt + exit 1 + fi + curl $CREDENTIALS --fail -o /dev/null -F description="TODO" -F os="darwin" -F arch="amd64" -F "file=@$file" -F "sha256=$shasum" -F "releaseId=$product@$VERSION" "$RELEASES_HOST/assets"; + done + environment: + RELEASES_CERT: + from_secret: RELEASES_CERT_STAGING + RELEASES_KEY: + from_secret: RELEASES_KEY_STAGING + WORKSPACE_DIR: /tmp/build-darwin-amd64-pkg - name: Clean up exec runner storage (post) commands: - set -u @@ -2499,6 +2896,39 @@ steps: AWS_SECRET_ACCESS_KEY: from_secret: AWS_SECRET_ACCESS_KEY WORKSPACE_DIR: /tmp/build-darwin-amd64-pkg-tsh +- name: Register artifacts + commands: + - WORKSPACE_DIR=$${WORKSPACE_DIR:-/} + - VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt") + - RELEASES_HOST='https://releases-staging.platform.teleport.sh' + - echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt" + - echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key" + - trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT + - CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key" + - which curl || apk add --no-cache curl + - |- + cd "$WORKSPACE_DIR/go/artifacts" + for file in $(find . -type f ! -iname '*.sha256'); do + # Skip files that are not results of this build + # (e.g. tarballs from which OS packages are made) + [ -f "$file.sha256" ] || continue + + product="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z + shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)" + status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases") + if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then + echo "curl HTTP status: $status_code" + cat $WORKSPACE_DIR/curl_out.txt + exit 1 + fi + curl $CREDENTIALS --fail -o /dev/null -F description="TODO" -F os="darwin" -F arch="amd64" -F "file=@$file" -F "sha256=$shasum" -F "releaseId=$product@$VERSION" "$RELEASES_HOST/assets"; + done + environment: + RELEASES_CERT: + from_secret: RELEASES_CERT_STAGING + RELEASES_KEY: + from_secret: RELEASES_KEY_STAGING + WORKSPACE_DIR: /tmp/build-darwin-amd64-pkg-tsh - name: Clean up exec runner storage (post) commands: - set -u @@ -2511,7 +2941,7 @@ steps: ################################################ # Generated using dronegen, do not edit by hand! # Use 'make dronegen' to update. -# Generated at dronegen/tag.go:207 +# Generated at dronegen/tag.go:209 ################################################ kind: pipeline @@ -2600,6 +3030,39 @@ steps: source: /go/artifacts/* strip_prefix: /go/artifacts/ target: teleport/tag/${DRONE_TAG##v} +- name: Register artifacts + image: docker + commands: + - WORKSPACE_DIR=$${WORKSPACE_DIR:-/} + - VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt") + - RELEASES_HOST='https://releases-staging.platform.teleport.sh' + - echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt" + - echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key" + - trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT + - CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key" + - which curl || apk add --no-cache curl + - |- + cd "$WORKSPACE_DIR/go/artifacts" + for file in $(find . -type f ! -iname '*.sha256'); do + # Skip files that are not results of this build + # (e.g. tarballs from which OS packages are made) + [ -f "$file.sha256" ] || continue + + product="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z + shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)" + status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases") + if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then + echo "curl HTTP status: $status_code" + cat $WORKSPACE_DIR/curl_out.txt + exit 1 + fi + curl $CREDENTIALS --fail -o /dev/null -F description="TODO" -F os="linux" -F arch="arm" -F "file=@$file" -F "sha256=$shasum" -F "releaseId=$product@$VERSION" "$RELEASES_HOST/assets"; + done + environment: + RELEASES_CERT: + from_secret: RELEASES_CERT_STAGING + RELEASES_KEY: + from_secret: RELEASES_KEY_STAGING services: - name: Start Docker image: docker:dind @@ -2615,7 +3078,7 @@ volumes: ################################################ # Generated using dronegen, do not edit by hand! # Use 'make dronegen' to update. -# Generated at dronegen/tag.go:207 +# Generated at dronegen/tag.go:209 ################################################ kind: pipeline @@ -2704,6 +3167,39 @@ steps: source: /go/artifacts/* strip_prefix: /go/artifacts/ target: teleport/tag/${DRONE_TAG##v} +- name: Register artifacts + image: docker + commands: + - WORKSPACE_DIR=$${WORKSPACE_DIR:-/} + - VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt") + - RELEASES_HOST='https://releases-staging.platform.teleport.sh' + - echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt" + - echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key" + - trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT + - CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key" + - which curl || apk add --no-cache curl + - |- + cd "$WORKSPACE_DIR/go/artifacts" + for file in $(find . -type f ! -iname '*.sha256'); do + # Skip files that are not results of this build + # (e.g. tarballs from which OS packages are made) + [ -f "$file.sha256" ] || continue + + product="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z + shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)" + status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases") + if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then + echo "curl HTTP status: $status_code" + cat $WORKSPACE_DIR/curl_out.txt + exit 1 + fi + curl $CREDENTIALS --fail -o /dev/null -F description="TODO" -F os="linux" -F arch="arm64" -F "file=@$file" -F "sha256=$shasum" -F "releaseId=$product@$VERSION" "$RELEASES_HOST/assets"; + done + environment: + RELEASES_CERT: + from_secret: RELEASES_CERT_STAGING + RELEASES_KEY: + from_secret: RELEASES_KEY_STAGING services: - name: Start Docker image: docker:dind @@ -2719,7 +3215,7 @@ volumes: ################################################ # Generated using dronegen, do not edit by hand! # Use 'make dronegen' to update. -# Generated at dronegen/tag.go:349 +# Generated at dronegen/tag.go:392 ################################################ kind: pipeline @@ -2822,6 +3318,39 @@ steps: source: /go/artifacts/* strip_prefix: /go/artifacts/ target: teleport/tag/${DRONE_TAG##v} +- name: Register artifacts + image: docker + commands: + - WORKSPACE_DIR=$${WORKSPACE_DIR:-/} + - VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt") + - RELEASES_HOST='https://releases-staging.platform.teleport.sh' + - echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt" + - echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key" + - trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT + - CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key" + - which curl || apk add --no-cache curl + - |- + cd "$WORKSPACE_DIR/go/artifacts" + for file in $(find . -type f ! -iname '*.sha256'); do + # Skip files that are not results of this build + # (e.g. tarballs from which OS packages are made) + [ -f "$file.sha256" ] || continue + + product="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z + shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)" + status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases") + if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then + echo "curl HTTP status: $status_code" + cat $WORKSPACE_DIR/curl_out.txt + exit 1 + fi + curl $CREDENTIALS --fail -o /dev/null -F description="TODO" -F os="linux" -F arch="arm64" -F "file=@$file" -F "sha256=$shasum" -F "releaseId=$product@$VERSION" "$RELEASES_HOST/assets"; + done + environment: + RELEASES_CERT: + from_secret: RELEASES_CERT_STAGING + RELEASES_KEY: + from_secret: RELEASES_KEY_STAGING services: - name: Start Docker image: docker:dind @@ -2837,7 +3366,7 @@ volumes: ################################################ # Generated using dronegen, do not edit by hand! # Use 'make dronegen' to update. -# Generated at dronegen/tag.go:349 +# Generated at dronegen/tag.go:392 ################################################ kind: pipeline @@ -2940,6 +3469,39 @@ steps: source: /go/artifacts/* strip_prefix: /go/artifacts/ target: teleport/tag/${DRONE_TAG##v} +- name: Register artifacts + image: docker + commands: + - WORKSPACE_DIR=$${WORKSPACE_DIR:-/} + - VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt") + - RELEASES_HOST='https://releases-staging.platform.teleport.sh' + - echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt" + - echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key" + - trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT + - CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key" + - which curl || apk add --no-cache curl + - |- + cd "$WORKSPACE_DIR/go/artifacts" + for file in $(find . -type f ! -iname '*.sha256'); do + # Skip files that are not results of this build + # (e.g. tarballs from which OS packages are made) + [ -f "$file.sha256" ] || continue + + product="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z + shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)" + status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases") + if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then + echo "curl HTTP status: $status_code" + cat $WORKSPACE_DIR/curl_out.txt + exit 1 + fi + curl $CREDENTIALS --fail -o /dev/null -F description="TODO" -F os="linux" -F arch="arm" -F "file=@$file" -F "sha256=$shasum" -F "releaseId=$product@$VERSION" "$RELEASES_HOST/assets"; + done + environment: + RELEASES_CERT: + from_secret: RELEASES_CERT_STAGING + RELEASES_KEY: + from_secret: RELEASES_KEY_STAGING services: - name: Start Docker image: docker:dind @@ -2955,7 +3517,7 @@ volumes: ################################################ # Generated using dronegen, do not edit by hand! # Use 'make dronegen' to update. -# Generated at dronegen/tag.go:349 +# Generated at dronegen/tag.go:392 ################################################ kind: pipeline @@ -3067,6 +3629,39 @@ steps: source: /go/artifacts/* strip_prefix: /go/artifacts/ target: teleport/tag/${DRONE_TAG##v} +- name: Register artifacts + image: docker + commands: + - WORKSPACE_DIR=$${WORKSPACE_DIR:-/} + - VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt") + - RELEASES_HOST='https://releases-staging.platform.teleport.sh' + - echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt" + - echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key" + - trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT + - CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key" + - which curl || apk add --no-cache curl + - |- + cd "$WORKSPACE_DIR/go/artifacts" + for file in $(find . -type f ! -iname '*.sha256'); do + # Skip files that are not results of this build + # (e.g. tarballs from which OS packages are made) + [ -f "$file.sha256" ] || continue + + product="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z + shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)" + status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases") + if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then + echo "curl HTTP status: $status_code" + cat $WORKSPACE_DIR/curl_out.txt + exit 1 + fi + curl $CREDENTIALS --fail -o /dev/null -F description="TODO" -F os="linux" -F arch="arm64" -F "file=@$file" -F "sha256=$shasum" -F "releaseId=$product@$VERSION" "$RELEASES_HOST/assets"; + done + environment: + RELEASES_CERT: + from_secret: RELEASES_CERT_STAGING + RELEASES_KEY: + from_secret: RELEASES_KEY_STAGING services: - name: Start Docker image: docker:dind @@ -3087,7 +3682,7 @@ volumes: ################################################ # Generated using dronegen, do not edit by hand! # Use 'make dronegen' to update. -# Generated at dronegen/tag.go:349 +# Generated at dronegen/tag.go:392 ################################################ kind: pipeline @@ -3199,6 +3794,39 @@ steps: source: /go/artifacts/* strip_prefix: /go/artifacts/ target: teleport/tag/${DRONE_TAG##v} +- name: Register artifacts + image: docker + commands: + - WORKSPACE_DIR=$${WORKSPACE_DIR:-/} + - VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt") + - RELEASES_HOST='https://releases-staging.platform.teleport.sh' + - echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt" + - echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key" + - trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT + - CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key" + - which curl || apk add --no-cache curl + - |- + cd "$WORKSPACE_DIR/go/artifacts" + for file in $(find . -type f ! -iname '*.sha256'); do + # Skip files that are not results of this build + # (e.g. tarballs from which OS packages are made) + [ -f "$file.sha256" ] || continue + + product="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z + shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)" + status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases") + if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then + echo "curl HTTP status: $status_code" + cat $WORKSPACE_DIR/curl_out.txt + exit 1 + fi + curl $CREDENTIALS --fail -o /dev/null -F description="TODO" -F os="linux" -F arch="arm" -F "file=@$file" -F "sha256=$shasum" -F "releaseId=$product@$VERSION" "$RELEASES_HOST/assets"; + done + environment: + RELEASES_CERT: + from_secret: RELEASES_CERT_STAGING + RELEASES_KEY: + from_secret: RELEASES_KEY_STAGING services: - name: Start Docker image: docker:dind @@ -3219,7 +3847,7 @@ volumes: ################################################ # Generated using dronegen, do not edit by hand! # Use 'make dronegen' to update. -# Generated at dronegen/tag.go:207 +# Generated at dronegen/tag.go:209 ################################################ kind: pipeline @@ -3311,6 +3939,39 @@ steps: source: /go/artifacts/* strip_prefix: /go/artifacts/ target: teleport/tag/${DRONE_TAG##v} +- name: Register artifacts + image: docker + commands: + - WORKSPACE_DIR=$${WORKSPACE_DIR:-/} + - VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt") + - RELEASES_HOST='https://releases-staging.platform.teleport.sh' + - echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt" + - echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key" + - trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT + - CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key" + - which curl || apk add --no-cache curl + - |- + cd "$WORKSPACE_DIR/go/artifacts" + for file in $(find . -type f ! -iname '*.sha256'); do + # Skip files that are not results of this build + # (e.g. tarballs from which OS packages are made) + [ -f "$file.sha256" ] || continue + + product="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z + shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)" + status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases") + if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then + echo "curl HTTP status: $status_code" + cat $WORKSPACE_DIR/curl_out.txt + exit 1 + fi + curl $CREDENTIALS --fail -o /dev/null -F description="TODO" -F os="windows" -F arch="amd64" -F "file=@$file" -F "sha256=$shasum" -F "releaseId=$product@$VERSION" "$RELEASES_HOST/assets"; + done + environment: + RELEASES_CERT: + from_secret: RELEASES_CERT_STAGING + RELEASES_KEY: + from_secret: RELEASES_KEY_STAGING services: - name: Start Docker image: docker:dind @@ -4120,6 +4781,6 @@ volumes: name: drone-s3-debrepo-pvc --- kind: signature -hmac: e2ca92f19f5d5a8ac469bfa5b8fbb5a9827382e08b51417c3c2cc19c2c65bf4c +hmac: 0558db9b94b452657ab2b0ef6e09c7a39a9626e3bb41570a9eaed20f3581e6f9 ... diff --git a/dronegen/mac.go b/dronegen/mac.go index c27803c1c4a90..462956660cc56 100644 --- a/dronegen/mac.go +++ b/dronegen/mac.go @@ -70,6 +70,10 @@ curl -sL -X POST -H 'Content-type: application/json' --data "{\"text\":\"Warning } func darwinTagPipeline() pipeline { + b := buildType{ + arch: "amd64", + os: "darwin", + } p := newDarwinPipeline("build-darwin-amd64") p.Trigger = triggerTag p.Steps = []step{ @@ -87,8 +91,8 @@ func darwinTagPipeline() pipeline { Environment: map[string]value{ "GOPATH": {raw: path.Join(p.Workspace.Path, "/go")}, "GOCACHE": {raw: path.Join(p.Workspace.Path, "/go/cache")}, - "OS": {raw: "darwin"}, - "ARCH": {raw: "amd64"}, + "OS": {raw: b.os}, + "ARCH": {raw: b.arch}, "WORKSPACE_DIR": {raw: p.Workspace.Path}, }, Commands: darwinTagBuildCommands(), @@ -111,6 +115,15 @@ func darwinTagPipeline() pipeline { }, Commands: darwinUploadToS3Commands(), }, + { + Name: "Register artifacts", + Commands: tagCreateReleaseAssetCommands(b), + Environment: map[string]value{ + "WORKSPACE_DIR": {raw: p.Workspace.Path}, + "RELEASES_CERT": value{fromSecret: "RELEASES_CERT_STAGING"}, + "RELEASES_KEY": value{fromSecret: "RELEASES_KEY_STAGING"}, + }, + }, cleanUpExecStorageStep(p.Workspace.Path), } return p diff --git a/dronegen/mac_pkg.go b/dronegen/mac_pkg.go index c65fedc1dbfbd..c0a06e55ec0d1 100644 --- a/dronegen/mac_pkg.go +++ b/dronegen/mac_pkg.go @@ -6,6 +6,10 @@ import ( ) func darwinPkgPipeline(name, makeTarget string, pkgGlobs []string) pipeline { + b := buildType{ + arch: "amd64", + os: "darwin", + } p := newDarwinPipeline(name) p.Trigger = triggerTag p.DependsOn = []string{"build-darwin-amd64"} @@ -40,8 +44,8 @@ func darwinPkgPipeline(name, makeTarget string, pkgGlobs []string) pipeline { "BUILDBOX_PASSWORD": {fromSecret: "BUILDBOX_PASSWORD"}, "OSS_TARBALL_PATH": {raw: "/tmp/build-darwin-amd64-pkg/go/artifacts"}, "ENT_TARBALL_PATH": {raw: "/tmp/build-darwin-amd64-pkg/go/artifacts"}, - "OS": {raw: "darwin"}, - "ARCH": {raw: "amd64"}, + "OS": {raw: b.os}, + "ARCH": {raw: b.arch}, }, Commands: darwinTagPackageCommands(makeTarget), }, @@ -67,6 +71,15 @@ func darwinPkgPipeline(name, makeTarget string, pkgGlobs []string) pipeline { `aws s3 sync . s3://$AWS_S3_BUCKET/teleport/tag/${DRONE_TAG##v}`, }, }, + { + Name: "Register artifacts", + Commands: tagCreateReleaseAssetCommands(b), + Environment: map[string]value{ + "WORKSPACE_DIR": {raw: p.Workspace.Path}, + "RELEASES_CERT": value{fromSecret: "RELEASES_CERT_STAGING"}, + "RELEASES_KEY": value{fromSecret: "RELEASES_KEY_STAGING"}, + }, + }, cleanUpExecStorageStep(p.Workspace.Path), } diff --git a/dronegen/tag.go b/dronegen/tag.go index c7fe3abb2655e..ccdbc1b6c5601 100644 --- a/dronegen/tag.go +++ b/dronegen/tag.go @@ -11,6 +11,8 @@ const ( debPackage = "deb" ) +const releasesHost = "https://releases-staging.platform.teleport.sh" + // tagCheckoutCommands builds a list of commands for Drone to check out a git commit on a tag build func tagCheckoutCommands(fips bool) []string { commands := []string{ @@ -242,6 +244,15 @@ func tagPipeline(b buildType) pipeline { target: "teleport/tag/${DRONE_TAG##v}", stripPrefix: "/go/artifacts/", }), + { + Name: "Register artifacts", + Image: "docker", + Commands: tagCreateReleaseAssetCommands(b), + Environment: map[string]value{ + "RELEASES_CERT": value{fromSecret: "RELEASES_CERT_STAGING"}, + "RELEASES_KEY": value{fromSecret: "RELEASES_KEY_STAGING"}, + }, + }, } return p } @@ -282,6 +293,38 @@ func tagCopyPackageArtifactCommands(b buildType, packageType string) []string { return commands } +// createReleaseAssetCommands generates a set of commands to create release & asset in release management service +func tagCreateReleaseAssetCommands(b buildType) []string { + commands := []string{ + `WORKSPACE_DIR=$${WORKSPACE_DIR:-/}`, + `VERSION=$(cat "$WORKSPACE_DIR/go/.version.txt")`, + fmt.Sprintf(`RELEASES_HOST='%v'`, releasesHost), + `echo "$RELEASES_CERT" | base64 -d > "$WORKSPACE_DIR/releases.crt"`, + `echo "$RELEASES_KEY" | base64 -d > "$WORKSPACE_DIR/releases.key"`, + `trap "rm -f '$WORKSPACE_DIR/releases.crt' '$WORKSPACE_DIR/releases.key'" EXIT`, + `CREDENTIALS="--cert $WORKSPACE_DIR/releases.crt --key $WORKSPACE_DIR/releases.key"`, + `which curl || apk add --no-cache curl`, + fmt.Sprintf(`cd "$WORKSPACE_DIR/go/artifacts" +for file in $(find . -type f ! -iname '*.sha256'); do + # Skip files that are not results of this build + # (e.g. tarballs from which OS packages are made) + [ -f "$file.sha256" ] || continue + + product="$(basename "$file" | sed -E 's/(-|_)v?[0-9].*$//')" # extract part before -vX.Y.Z + shasum="$(cat "$file.sha256" | cut -d ' ' -f 1)" + status_code=$(curl $CREDENTIALS -o "$WORKSPACE_DIR/curl_out.txt" -w "%%{http_code}" -F "product=$product" -F "version=$VERSION" -F notesMd="# Teleport $VERSION" -F status=draft "$RELEASES_HOST/releases") + if [ $status_code -ne 200 ] && [ $status_code -ne 409 ]; then + echo "curl HTTP status: $status_code" + cat $WORKSPACE_DIR/curl_out.txt + exit 1 + fi + curl $CREDENTIALS --fail -o /dev/null -F description="TODO" -F os="%s" -F arch="%s" -F "file=@$file" -F "sha256=$shasum" -F "releaseId=$product@$VERSION" "$RELEASES_HOST/assets"; +done`, + b.os, b.arch /* TODO: fips */), + } + return commands +} + // tagPackagePipeline generates a tag package pipeline for a given combination of os/arch/FIPS func tagPackagePipeline(packageType string, b buildType) pipeline { if packageType == "" { @@ -393,6 +436,15 @@ func tagPackagePipeline(packageType string, b buildType) pipeline { target: "teleport/tag/${DRONE_TAG##v}", stripPrefix: "/go/artifacts/", }), + { + Name: "Register artifacts", + Image: "docker", + Commands: tagCreateReleaseAssetCommands(b), + Environment: map[string]value{ + "RELEASES_CERT": value{fromSecret: "RELEASES_CERT_STAGING"}, + "RELEASES_KEY": value{fromSecret: "RELEASES_KEY_STAGING"}, + }, + }, } return p }