forked from mystiq/dex
*: only use docker when releasing, update to Go 1.8, remove aci scripts
This change modifies our release process to only require Docker when building a release and updates our released binary to use Go 1.8. It also removes our .aci scripts, which we've not been regularly building. A nice consequence is that OSX users can now build a release image.
This commit is contained in:
parent
95d54956e9
commit
ee27a4f9f4
7 changed files with 22 additions and 82 deletions
3
.dockerignore
Normal file
3
.dockerignore
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
*
|
||||||
|
!_output/bin
|
||||||
|
!web
|
|
@ -1,7 +1,8 @@
|
||||||
language: go
|
language: go
|
||||||
|
|
||||||
go:
|
go:
|
||||||
- 1.7.4
|
- 1.7.5
|
||||||
|
- 1.8
|
||||||
|
|
||||||
services:
|
services:
|
||||||
- postgresql
|
- postgresql
|
||||||
|
|
|
@ -4,20 +4,15 @@ Making a dex release involves:
|
||||||
|
|
||||||
* Tagging a git commit and pushing the tag to GitHub.
|
* Tagging a git commit and pushing the tag to GitHub.
|
||||||
* Building and pushing a Docker image.
|
* Building and pushing a Docker image.
|
||||||
* Building, signing, and hosting an ACI.
|
|
||||||
|
|
||||||
This requires the following tools.
|
This requires the following tools.
|
||||||
|
|
||||||
* rkt
|
|
||||||
* Docker
|
* Docker
|
||||||
* [docker2aci](https://github.com/appc/docker2aci)
|
|
||||||
* [acbuild](https://github.com/containers/build) (must be in your sudo user's PATH)
|
|
||||||
|
|
||||||
And the following permissions.
|
And the following permissions.
|
||||||
|
|
||||||
* Push access to the github.com/coreos/dex git repo.
|
* Push access to the github.com/coreos/dex git repo.
|
||||||
* Push access to the quay.io/coreos/dex Docker repo.
|
* Push access to the quay.io/coreos/dex Docker repo.
|
||||||
* Access to the CoreOS application signing key.
|
|
||||||
|
|
||||||
## Tagging the release
|
## Tagging the release
|
||||||
|
|
||||||
|
@ -80,24 +75,7 @@ Build the Docker image and push to Quay.
|
||||||
```bash
|
```bash
|
||||||
# checkout the tag
|
# checkout the tag
|
||||||
git checkout tags/v2.1.0
|
git checkout tags/v2.1.0
|
||||||
# rkt doesn't play nice with SELinux, see https://github.com/coreos/rkt/issues/1727
|
|
||||||
sudo setenforce Permissive
|
|
||||||
# will prompt for sudo password
|
# will prompt for sudo password
|
||||||
make docker-image
|
make docker-image
|
||||||
sudo docker push quay.io/coreos/dex:v2.1.0
|
sudo docker push quay.io/coreos/dex:v2.1.0
|
||||||
```
|
```
|
||||||
|
|
||||||
## Building the ACI
|
|
||||||
|
|
||||||
```bash
|
|
||||||
# checkout the tag
|
|
||||||
git checkout tags/v2.1.0
|
|
||||||
# rkt doesn't play nice with SELinux, see https://github.com/coreos/rkt/issues/1727
|
|
||||||
sudo setenforce Permissive
|
|
||||||
# will prompt for sudo password
|
|
||||||
make aci
|
|
||||||
# aci will be built at _output/image/dex.aci
|
|
||||||
```
|
|
||||||
|
|
||||||
Sign the ACI using the CoreOS application signing key. Upload the ACI and
|
|
||||||
signature to the GitHub release.
|
|
||||||
|
|
18
Makefile
18
Makefile
|
@ -36,7 +36,7 @@ bin/grpc-client: check-go-version
|
||||||
|
|
||||||
.PHONY: release-binary
|
.PHONY: release-binary
|
||||||
release-binary:
|
release-binary:
|
||||||
@go build -o _output/bin/dex -v -ldflags $(LD_FLAGS) $(REPO_PATH)/cmd/dex
|
@go build -o /go/bin/dex -v -ldflags $(LD_FLAGS) $(REPO_PATH)/cmd/dex
|
||||||
|
|
||||||
.PHONY: revendor
|
.PHONY: revendor
|
||||||
revendor:
|
revendor:
|
||||||
|
@ -63,23 +63,9 @@ lint:
|
||||||
done
|
done
|
||||||
|
|
||||||
_output/bin/dex:
|
_output/bin/dex:
|
||||||
# Using rkt to build the dex binary.
|
@./scripts/docker-build
|
||||||
@./scripts/rkt-build
|
|
||||||
@sudo chown $(user):$(group) _output/bin/dex
|
@sudo chown $(user):$(group) _output/bin/dex
|
||||||
|
|
||||||
_output/images/library-alpine-3.4.aci:
|
|
||||||
@mkdir -p _output/images
|
|
||||||
# Using docker2aci to get a base ACI to build from.
|
|
||||||
@docker2aci docker://alpine:3.4
|
|
||||||
@mv library-alpine-3.4.aci _output/images/library-alpine-3.4.aci
|
|
||||||
|
|
||||||
.PHONY: aci
|
|
||||||
aci: clean-release _output/bin/dex _output/images/library-alpine-3.4.aci
|
|
||||||
# Using acbuild to build a application container image.
|
|
||||||
@sudo ./scripts/build-aci ./_output/images/library-alpine-3.4.aci
|
|
||||||
@sudo chown $(user):$(group) _output/images/dex.aci
|
|
||||||
@mv _output/images/dex.aci _output/images/dex-$(VERSION)-linux-amd64.aci
|
|
||||||
|
|
||||||
.PHONY: docker-image
|
.PHONY: docker-image
|
||||||
docker-image: clean-release _output/bin/dex
|
docker-image: clean-release _output/bin/dex
|
||||||
@sudo docker build -t $(DOCKER_IMAGE) .
|
@sudo docker build -t $(DOCKER_IMAGE) .
|
||||||
|
|
|
@ -1,30 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
|
|
||||||
set -e
|
|
||||||
|
|
||||||
if [ "$EUID" -ne 0 ]; then
|
|
||||||
echo "This script uses functionality which requires root privileges"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Start the build with an empty ACI
|
|
||||||
acbuild --debug begin $1
|
|
||||||
|
|
||||||
# In the event of the script exiting, end the build
|
|
||||||
trap "{ export EXT=$?; sudo acbuild --debug end && exit $EXT; }" EXIT
|
|
||||||
|
|
||||||
# Name the ACI
|
|
||||||
acbuild --debug set-name coreos.com/dex
|
|
||||||
|
|
||||||
# Add a version label
|
|
||||||
acbuild --debug label add version $( ./scripts/git-version )
|
|
||||||
|
|
||||||
acbuild --debug run -- apk add --update ca-certificates
|
|
||||||
|
|
||||||
acbuild --debug copy _output/bin/dex /usr/local/bin/dex
|
|
||||||
|
|
||||||
acbuild --debug port add www tcp 5556
|
|
||||||
acbuild --debug port add grcp tpc 5557
|
|
||||||
|
|
||||||
acbuild --debug set-exec -- /usr/local/bin/dex
|
|
||||||
acbuild --debug write --overwrite _output/images/dex.aci
|
|
15
scripts/docker-build
Executable file
15
scripts/docker-build
Executable file
|
@ -0,0 +1,15 @@
|
||||||
|
#!/bin/bash -e
|
||||||
|
|
||||||
|
mkdir -p _output/bin
|
||||||
|
|
||||||
|
sudo docker run \
|
||||||
|
--cidfile=cid \
|
||||||
|
-v $PWD:/go/src/github.com/coreos/dex:ro \
|
||||||
|
-w /go/src/github.com/coreos/dex \
|
||||||
|
golang:1.8.0-alpine \
|
||||||
|
/bin/sh -x -c \
|
||||||
|
'apk add --no-cache --update alpine-sdk && make release-binary'
|
||||||
|
|
||||||
|
sudo docker cp $( cat cid ):/go/bin/dex _output/bin/dex
|
||||||
|
sudo docker rm $( cat cid )
|
||||||
|
sudo rm cid
|
|
@ -1,13 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
|
|
||||||
mkdir -p _output/bin
|
|
||||||
|
|
||||||
sudo rkt run \
|
|
||||||
--volume dex,kind=host,source=$PWD \
|
|
||||||
--mount volume=dex,target=/go/src/github.com/coreos/dex \
|
|
||||||
--dns=8.8.8.8 \
|
|
||||||
--net=host \
|
|
||||||
--insecure-options=image \
|
|
||||||
docker://golang:1.7.4-alpine \
|
|
||||||
--exec=/bin/sh -- -x -c \
|
|
||||||
'apk add --no-cache --update alpine-sdk && cd /go/src/github.com/coreos/dex && make release-binary'
|
|
Loading…
Reference in a new issue