From cf1714dafaa0cda98640c772106620586dae7763 Mon Sep 17 00:00:00 2001 From: hackerman <3372410+aeneasr@users.noreply.github.com> Date: Mon, 8 Nov 2021 16:24:14 +0100 Subject: [PATCH] feat: add new goreleaser build chain (#1932) This patch adds full compatibility with ARM architectures, including Apple Silicon (M1). We additionally added cryptographically signed signatures verifiable using [cosign](https://github.com/sigstore/cosign) for both binaries as well as docker images. BREAKING CHANGES: To celebrate this change, we cleaned up the ways you install Ory software, and will roll this out to all other projects soon: There is now one central brew / bash curl repository: ```patch -brew install ory/kratos/kratos +brew install ory/tap/kratos -bash <(curl https://raw.githubusercontent.com/ory/kratos/master/install.sh) +bash <(curl https://raw.githubusercontent.com/ory/meta/master/install.sh) kratos ``` --- .goreleaser.yml | 278 ++---------------------------------------- .releaser/LICENSE.txt | 84 ------------- .releaser/rename.sh | 20 --- docs/docs/install.md | 5 +- 4 files changed, 12 insertions(+), 375 deletions(-) delete mode 100644 .releaser/LICENSE.txt delete mode 100755 .releaser/rename.sh diff --git a/.goreleaser.yml b/.goreleaser.yml index 565315bde975..ac12317673ae 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -1,272 +1,14 @@ -# This is an example goreleaser.yaml file with some sane defaults. -# Make sure to check the documentation at http://goreleaser.com -project_name: kratos - -env: - - GOPROXY=https://proxy.golang.org,direct - -before: - hooks: - - go mod download - - go mod tidy - - go install github.com/CycloneDX/cyclonedx-gomod@v1.0.0 - -builds: - - - id: kratos-sqlite-darwin - flags: - - -tags - - sqlite - ldflags: - - -s -w -X github.com/ory/kratos/driver/config.Version={{.Tag}} -X github.com/ory/kratos/driver/config.Commit={{.FullCommit}} -X github.com/ory/kratos/driver/config.Date={{.Date}} - # - "-extldflags '-static'" - binary: kratos - env: - - CGO_ENABLED=1 - - CC=o64-clang - - CXX=o64-clang++ - goarch: - - amd64 - goos: - - darwin - hooks: - post: - - cmd: cyclonedx-gomod app -licenses -json -output "./dist/{{ .ProjectName }}_{{ .Version }}-sqlite_{{ .Target }}.bom.json" - - cmd: ./.releaser/rename.sh "./dist/{{ .ProjectName }}_{{ .Version }}-sqlite_{{ .Target }}.bom.json" - - - id: kratos-sqlite-darwin-arm - flags: - - -tags - - sqlite - ldflags: - - -s -w -X github.com/ory/kratos/driver/config.Version={{.Tag}} -X github.com/ory/kratos/driver/config.Commit={{.FullCommit}} -X github.com/ory/kratos/driver/config.Date={{.Date}} - # - "-extldflags '-static'" - binary: kratos - env: - - CGO_ENABLED=1 - - CC=oa64-clang - - CXX=oa64-clang++ - goarch: - - arm64 - goos: - - darwin - hooks: - post: - - cmd: cyclonedx-gomod app -licenses -json -output "./dist/{{ .ProjectName }}_{{ .Version }}-sqlite_{{ .Target }}.bom.json" - - cmd: ./.releaser/rename.sh "./dist/{{ .ProjectName }}_{{ .Version }}-sqlite_{{ .Target }}.bom.json" - - - id: kratos-sqlite-linux - flags: - - -tags - - sqlite - ldflags: - - -s -w -X github.com/ory/kratos/driver/config.Version={{.Tag}} -X github.com/ory/kratos/driver/config.Commit={{.FullCommit}} -X github.com/ory/kratos/driver/config.Date={{.Date}} - binary: kratos - env: - - CGO_ENABLED=1 - goarch: - - amd64 - goos: - - linux - hooks: - post: - - cmd: cyclonedx-gomod app -licenses -json -output "./dist/{{ .ProjectName }}_{{ .Version }}-sqlite_{{ .Target }}.bom.json" - - cmd: ./.releaser/rename.sh "./dist/{{ .ProjectName }}_{{ .Version }}-sqlite_{{ .Target }}.bom.json" - - - id: kratos-sqlite-linux-libmusl - flags: - - -tags - - sqlite - ldflags: - - -s -w -X github.com/ory/kratos/driver/config.Version={{.Tag}} -X github.com/ory/kratos/driver/config.Commit={{.FullCommit}} -X github.com/ory/kratos/driver/config.Date={{.Date}} - binary: kratos - env: - - CGO_ENABLED=1 - - CC=musl-gcc - goarch: - - amd64 - goos: - - linux - hooks: - post: - - cmd: cyclonedx-gomod app -licenses -json -output "./dist/{{ .ProjectName }}_{{ .Version }}-sqlite-libmusl_{{ .Target }}.bom.json" - - cmd: ./.releaser/rename.sh "./dist/{{ .ProjectName }}_{{ .Version }}-sqlite-libmusl_{{ .Target }}.bom.json" - - - id: kratos-sqlite-windows - flags: - - -tags - - sqlite - # Remove once https://github.com/golang/go/issues/40795 is closed - - -buildmode=exe - ldflags: - - -s -w -X github.com/ory/kratos/driver/config.Version={{.Tag}} -X github.com/ory/kratos/driver/config.Commit={{.FullCommit}} -X github.com/ory/kratos/driver/config.Date={{.Date}} - - "-extldflags '-static'" - binary: kratos - env: - - CGO_ENABLED=1 - - CC=x86_64-w64-mingw32-gcc - - CXX=x86_64-w64-mingw32-g++ - goarch: - - amd64 - goos: - - windows - hooks: - post: - - cmd: cyclonedx-gomod app -licenses -json -output "./dist/{{ .ProjectName }}_{{ .Version }}-sqlite_{{ .Target }}.bom.json" - - cmd: ./.releaser/rename.sh "./dist/{{ .ProjectName }}_{{ .Version }}-sqlite_{{ .Target }}.bom.json" - - - - id: kratos - ldflags: - - -s -w -X github.com/ory/kratos/driver/config.Version={{.Tag}} -X github.com/ory/kratos/driver/config.Commit={{.FullCommit}} -X github.com/ory/kratos/driver/config.Date={{.Date}} - binary: kratos - env: - - CGO_ENABLED=0 - goarch: - - amd64 - - 386 - - arm - - arm64 - goarm: - - 5 - - 6 - - 7 - goos: - - linux - - windows - - darwin - hooks: - post: - - cmd: cyclonedx-gomod app -licenses -json -output "./dist/{{ .ProjectName }}_{{ .Version }}_{{ .Target }}.bom.json" - - cmd: ./.releaser/rename.sh "./dist/{{ .ProjectName }}_{{ .Version }}_{{ .Target }}.bom.json" - -archives: - - id: kratos-sqlite - builds: - - kratos-sqlite-windows - - kratos-sqlite-darwin-arm - - kratos-sqlite-darwin - - kratos-sqlite-linux - replacements: - darwin: macos - 386: 32bit - amd64: 64bit - arm: arm32 - arm64: arm64 - format_overrides: - - - goos: windows - format: zip - files: - - CHANGELOG.md - - LICENSE - - README.md - - SECURITY.md - name_template: "{{ .ProjectName }}_{{ .Version }}-sqlite_{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}" +includes: + - from_url: + url: https://raw.githubusercontent.com/ory/xgoreleaser/master/build.tmpl.yml - - id: kratos-sqlite-libmusl - builds: - - kratos-sqlite-linux-libmusl - replacements: - darwin: macos - 386: 32bit - amd64: 64bit - arm: arm32 - format_overrides: - - - goos: windows - format: zip - files: - - CHANGELOG.md - - LICENSE - - README.md - - SECURITY.md - name_template: "{{ .ProjectName }}_{{ .Version }}-sqlite-libmusl_{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}" +variables: + brew_name: kratos - - id: kratos - builds: - - kratos - replacements: - darwin: macos - 386: 32bit - amd64: 64bit - arm: arm32 - arm64: arm64 - format_overrides: - - goos: windows - format: zip - files: - - CHANGELOG.md - - LICENSE - - README.md - - SECURITY.md + brew_description: "The Ory Kratos Identity Platform" -snapshot: - name_template: "{{ .Tag }}-next" + buildinfo_hash: "github.com/ory/kratos/driver/config.Commit" + buildinfo_tag: "github.com/ory/kratos/driver/config.Version" + buildinfo_date: "github.com/ory/kratos/driver/config.Date" -changelog: - sort: asc - filters: - exclude: - - ci skip - - Merge pull request - - Merge branch - -brews: - - tap: - owner: ory - name: homebrew-tap - ids: - - kratos-sqlite - homepage: https://www.ory.sh - commit_author: - name: aeneasr - email: 3372410+aeneasr@users.noreply.github.com - install: | - bin.install "kratos" - -scoop: - bucket: - owner: ory - name: scoop-kratos - homepage: https://www.ory.sh - commit_author: - name: aeneasr - email: 3372410+aeneasr@users.noreply.github.com - -checksum: - algorithm: sha256 - extra_files: - - glob: ./dist/*.bom.json - -dockers: - - dockerfile: .docker/Dockerfile-sqlite - use: buildx - ids: - - kratos-sqlite-linux-libmusl - image_templates: - - "oryd/kratos:v{{ .Major }}-sqlite" - - "oryd/kratos:v{{ .Major }}.{{ .Minor }}-sqlite" - - "oryd/kratos:v{{ .Major }}.{{ .Minor }}.{{ .Patch }}-sqlite" - - "oryd/kratos:{{.Tag}}-sqlite" - - "oryd/kratos:latest-sqlite" - - dockerfile: .docker/Dockerfile - use: buildx - ids: - - kratos - image_templates: - - "oryd/kratos:v{{ .Major }}" - - "oryd/kratos:v{{ .Major }}.{{ .Minor }}" - - "oryd/kratos:v{{ .Major }}.{{ .Minor }}.{{ .Patch }}" - - "oryd/kratos:{{.Tag}}" - - "oryd/kratos:latest" - -release: - prerelease: auto - name_template: "{{.Tag}}" - ids: - - kratos-sqlite - - kratos-sqlite-libmusl - - kratos - extra_files: - - glob: ./dist/*.bom.json +project_name: kratos diff --git a/.releaser/LICENSE.txt b/.releaser/LICENSE.txt deleted file mode 100644 index 4131d627398c..000000000000 --- a/.releaser/LICENSE.txt +++ /dev/null @@ -1,84 +0,0 @@ -Ory Kratos -Copyright (c) 2019 Ory GmbH - -*** END USER LICENSE AGREEMENT *** - -IMPORTANT: PLEASE READ THIS LICENSE CAREFULLY BEFORE USING THIS SOFTWARE. - -1. LICENSE - -By receiving, opening the file package, and/or using Ory Kratos ("Software") containing this software, you agree that -this End User User License Agreement(EULA) is a legally binding and valid contract and agree to be bound by it. -You agree to abide by the intellectual property laws and all of the terms and conditions of this Agreement. - -Unless you have a different license agreement signed by Ory GmbH your use of Ory Kratos indicates -your acceptance of this license agreement and warranty. - -Subject to the terms of this Agreement, Ory GmbH grants to you a limited, non-exclusive, non-transferable -license, without right to sub-license, to use Ory Kratos in accordance with this Agreement and any other written -agreement with Ory GmbH. Ory GmbH does not transfer the title of Ory Kratos to you; the license granted to you is not a -sale. This agreement is a binding legal agreement between Ory GmbH and the purchasers or users of Ory Kratos. - -If you do not agree to be bound by this agreement, remove Ory Kratos from your computer now and, if applicable, -promptly return to Ory GmbH by mail any copies of Ory Kratos and related documentation and packaging in your possession. - -2. DISTRIBUTION - -Ory Kratos and the license herein granted shall not be copied, shared, distributed, re-sold, offered for re-sale, -transferred or sub-licensed in whole or in part except that you may make one copy for archive purposes only. For -information about redistribution of Ory Kratos contact Ory GmbH. - -3. USER AGREEMENT - -3.1 Use - -Your license to use Ory Kratos is limited to the number of licenses purchased by you. You shall not allow others to use, -copy or evaluate copies of Ory Kratos. - -3.2 Use Restrictions - -You shall use Ory Kratos in compliance with all applicable laws and not for any unlawful purpose. Without limiting the -foregoing, use, display or distribution of Ory Kratos together with material that is pornographic, racist, vulgar, -obscene, defamatory, libelous, abusive, promoting hatred, discriminating or displaying prejudice based on religion, -ethnic heritage, race, sexual orientation or age is strictly prohibited. - -Each licensed copy of Ory Kratos may be used on one single computer location by one user. Use of Ory Kratos means that you have loaded, installed, or run Ory Kratos on a computer or similar device. If you install Ory Kratos onto a multi-user platform, server or network, each and every individual user of Ory Kratos must be licensed separately. - -You may make one copy of Ory Kratos for backup purposes, providing you only have one copy installed on one computer being used by one person. Other users may not use your copy of Ory Kratos . The assignment, sublicense, networking, sale, or distribution of copies of Ory Kratos are strictly forbidden without the prior written consent of Ory GmbH. It is a violation of this agreement to assign, sell, share, loan, rent, lease, borrow, network or transfer the use of Ory Kratos. If any person other than yourself uses Ory Kratos registered in your name, regardless of whether it is at the same time or different times, then this agreement is being violated and you are responsible for that violation! - -3.3 Copyright Restriction - -This Software contains copyrighted material, trade secrets and other proprietary material. You shall not, and shall not attempt to, modify, reverse engineer, disassemble or decompile Ory Kratos. Nor can you create any derivative works or other works that are based upon or derived from Ory Kratos in whole or in part. - -Ory GmbH's name, logo and graphics file that represents Ory Kratos shall not be used in any way to promote products developed with Ory Kratos . Ory GmbH retains sole and exclusive ownership of all right, title and interest in and to Ory Kratos and all Intellectual Property rights relating thereto. - -Copyright law and international copyright treaty provisions protect all parts of Ory Kratos, products and services. No program, code, part, image, audio sample, or text may be copied or used in any way by the user except as intended within the bounds of the single user program. All rights not expressly granted hereunder are reserved for Ory GmbH. - -3.4 Limitation of Responsibility - -You will indemnify, hold harmless, and defend Ory GmbH , its employees, agents and distributors against any and all claims, proceedings, demand and costs resulting from or in any way connected with your use of Ory GmbH's Software. - -In no event (including, without limitation, in the event of negligence) will Ory GmbH , its employees, agents or distributors be liable for any consequential, incidental, indirect, special or punitive damages whatsoever (including, without limitation, damages for loss of profits, loss of use, business interruption, loss of information or data, or pecuniary loss), in connection with or arising out of or related to this Agreement, Ory Kratos or the use or inability to use Ory Kratos or the furnishing, performance or use of any other matters hereunder whether based upon contract, tort or any other theory including negligence. - -Ory GmbH's entire liability, without exception, is limited to the customers' reimbursement of the purchase price of the Software (maximum being the lesser of the amount paid by you and the suggested retail price as listed by Ory GmbH ) in exchange for the return of the product, all copies, registration papers and manuals, and all materials that constitute a transfer of license from the customer back to Ory GmbH. - -3.5 Warranties - -Except as expressly stated in writing, Ory GmbH makes no representation or warranties in respect of this Software and expressly excludes all other warranties, expressed or implied, oral or written, including, without limitation, any implied warranties of merchantable quality or fitness for a particular purpose. - -3.6 Governing Law - -This Agreement shall be governed by the law of the Germany applicable therein. You hereby irrevocably attorn and submit to the non-exclusive jurisdiction of the courts of Germany therefrom. If any provision shall be considered unlawful, void or otherwise unenforceable, then that provision shall be deemed severable from this License and not affect the validity and enforceability of any other provisions. - -3.7 Termination - -Any failure to comply with the terms and conditions of this Agreement will result in automatic and immediate termination of this license. Upon termination of this license granted herein for any reason, you agree to immediately cease use of Ory Kratos and destroy all copies of Ory Kratos supplied under this Agreement. The financial obligations incurred by you shall survive the expiration or termination of this license. - -4. DISCLAIMER OF WARRANTY - -THIS SOFTWARE AND THE ACCOMPANYING FILES ARE SOLD "AS IS" AND WITHOUT WARRANTIES AS TO PERFORMANCE OR MERCHANTABILITY OR ANY OTHER WARRANTIES WHETHER EXPRESSED OR IMPLIED. THIS DISCLAIMER CONCERNS ALL FILES GENERATED AND EDITED BY Ory Kratos AS WELL. - -5. CONSENT OF USE OF DATA - -You agree that Ory GmbH may collect and use information gathered in any manner as part of the product support services provided to you, if any, related to Ory Kratos.Ory GmbH may also use this information to provide notices to you which may be of use or interest to you. - diff --git a/.releaser/rename.sh b/.releaser/rename.sh deleted file mode 100755 index b52dd9b74b5a..000000000000 --- a/.releaser/rename.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash - -# workaround script as goreleaser doesnt support 'replacements' in builds section -# needed to adjust cyclonedx-gomod sbom files to match archive file names -# https://github.com/goreleaser/goreleaser/issues/2617 -filename=$1 -filename_adjusted=${filename//darwin/macos} -filename_adjusted=${filename_adjusted//386/32bit} -filename_adjusted=${filename_adjusted//amd64/64bit} -filename_adjusted=${filename_adjusted//arm_5/arm32v5} -filename_adjusted=${filename_adjusted//arm_6/arm32v6} -filename_adjusted=${filename_adjusted//arm_7/arm32v7} - -if [ "$filename" != "$filename_adjusted" ]; then - echo "Renaming '$filename' to '$filename_adjusted' ..." - mv "$filename" "$filename_adjusted" -else - echo "Skipping file '$filename' ..." -fi - diff --git a/docs/docs/install.md b/docs/docs/install.md index 9669cf4e1dc2..5ce0577418c0 100644 --- a/docs/docs/install.md +++ b/docs/docs/install.md @@ -23,7 +23,6 @@ You can find more detailed information on the official Kratos docker images You can install Ory Kratos using [homebrew](https://brew.sh/) on macOS: ```shell -$ brew tap ory/tap $ brew install ory/tap/kratos $ kratos help ``` @@ -34,7 +33,7 @@ On linux, you can use `bash <(curl ...)` to fetch the latest stable binary using: ```shell -$ bash <(curl https://raw.githubusercontent.com/ory/kratos/v0.8.0-alpha.3/install.sh) -b . v0.8.0-alpha.3 +$ bash <(curl https://raw.githubusercontent.com/ory/meta/master/install.sh) -d -b . kratos v0.8.0-alpha.3 $ ./kratos help ``` @@ -51,7 +50,7 @@ You can install Ory Kratos using [scoop](https://scoop.sh) on Windows (Powershell is required): ```shell -> scoop bucket add ory-kratos https://github.com/ory/scoop-kratos.git +> scoop bucket add ory https://github.com/ory/scoop.git > scoop install kratos > kratos help ```