-
Notifications
You must be signed in to change notification settings - Fork 16
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge remote-tracking branch 'upstream/master' into keymaster-tool
- Loading branch information
Showing
73 changed files
with
3,981 additions
and
1,298 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
name: "CodeQL" | ||
|
||
on: | ||
push: | ||
branches: [ master ] | ||
pull_request: | ||
# The branches below must be a subset of the branches above | ||
branches: [ master ] | ||
schedule: | ||
- cron: '17 11 * * 2' | ||
|
||
jobs: | ||
analyzecover: | ||
name: Analyzecover | ||
runs-on: ubuntu-latest | ||
permissions: | ||
actions: read | ||
contents: read | ||
security-events: write | ||
|
||
strategy: | ||
fail-fast: false | ||
matrix: | ||
language: [ 'go' ] | ||
# CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] | ||
# Learn more about CodeQL language support at https://git.io/codeql-language-support | ||
|
||
steps: | ||
- name: Checkout repository | ||
uses: actions/checkout@v4 | ||
- uses: actions/setup-go@v5 | ||
with: | ||
go-version: 'stable' | ||
- name: Gather dependencies | ||
run: go mod download | ||
- name: Run coverage | ||
# disable race condition test for now as it breaks because of the rrdialer | ||
#run: go test -race -coverprofile=coverage.txt -covermode=atomic ./... | ||
run: go test -coverprofile=coverage.txt -covermode=atomic ./... | ||
- name: Upload coverage reports to Codecov | ||
uses: codecov/codecov-action@v4.0.1 | ||
with: | ||
token: ${{ secrets.CODECOV_TOKEN }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
on: [push, pull_request] | ||
name: Test | ||
jobs: | ||
test: | ||
strategy: | ||
matrix: | ||
go-version: [1.22.x] | ||
os: [ubuntu-latest, macos-latest] | ||
runs-on: ${{ matrix.os }} | ||
steps: | ||
- uses: actions/setup-go@v3 | ||
with: | ||
go-version: ${{ matrix.go-version }} | ||
- uses: actions/checkout@v3 | ||
- run: make test | ||
buildlinuxpackage: | ||
strategy: | ||
matrix: | ||
go-version: [1.22.x] | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/setup-go@v3 | ||
with: | ||
go-version: ${{ matrix.go-version }} | ||
- uses: awalsh128/cache-apt-pkgs-action@latest | ||
with: | ||
packages: gcc rpm alien rsync pkg-config libudev-dev | ||
- uses: actions/checkout@v3 | ||
- run: make rpm | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1,2 @@ | ||
config.yml | ||
keymaster.spec |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,63 +1,43 @@ | ||
################# | ||
# Build Step | ||
################# | ||
|
||
FROM golang:latest as build | ||
FROM golang:bookworm as build | ||
|
||
# Setup work env | ||
RUN mkdir -p /app/ /tmp/gocode/src/github.com/Cloud-Foundations/keymaster | ||
ADD . /tmp/gocode/src/github.com/Cloud-Foundations/keymaster | ||
WORKDIR /tmp/gocode/src/github.com/Cloud-Foundations/keymaster | ||
|
||
|
||
# Required envs for GO | ||
ENV GOPATH=/tmp/gocode | ||
ENV DEBIAN_FRONTEND=noninteractive | ||
|
||
# Update and confirm deps | ||
RUN apt-get update && apt-get -y dist-upgrade && apt-get -y install build-essential | ||
|
||
# Install deps | ||
RUN make get-deps | ||
|
||
## Dirty Hack - Remove when https://github.com/golang/go/issues/37278 is closed | ||
# Compatibility with OpenSSH 8.2 and above | ||
WORKDIR /tmp/gocode/src/golang.org/x/crypto/ | ||
RUN git config user.email "you@example.com" | ||
RUN git config user.name "Your Name" | ||
RUN git pull --no-edit https://go.googlesource.com/crypto refs/changes/37/220037/3 | ||
WORKDIR /tmp/gocode/src/github.com/Cloud-Foundations/keymaster | ||
## Dirty Hack End | ||
|
||
# Build and copy final result | ||
RUN make | ||
RUN strip /tmp/gocode/bin/keymaster* | ||
|
||
################# | ||
# Run Step | ||
################# | ||
|
||
FROM debian:buster as run | ||
FROM debian:bookworm as run | ||
|
||
# Copy binary from build container | ||
COPY --from=build /tmp/gocode/bin/keymasterd /app/keymasterd | ||
COPY --from=build /tmp/gocode/bin/keymaster-unlocker /app/keymaster-unlocker | ||
COPY --from=build /tmp/gocode/src/github.com/Cloud-Foundations/keymaster/cmd/keymasterd/customization_data /usr/share/keymasterd/customization_data | ||
COPY --from=build /tmp/gocode/src/github.com/Cloud-Foundations/keymaster/cmd/keymasterd/static_files /usr/share/keymasterd/static_files | ||
|
||
# Copy docker specific scripts from build container | ||
COPY --from=build /tmp/gocode/src/github.com/Cloud-Foundations/keymaster/misc/docker/start.sh /app/docker/ | ||
|
||
# Perform update and clear cache | ||
ENV DEBIAN_FRONTEND=noninteractive | ||
RUN apt-get update | ||
RUN apt-get -y --no-install-recommends install procps apache2-utils ca-certificates dumb-init | ||
RUN apt-get -y dist-upgrade && rm -rf /var/cache/apt/* | ||
|
||
|
||
# Install init | ||
|
||
# Expose web and LDAP ports | ||
EXPOSE 80 443 6920 | ||
|
||
ENTRYPOINT ["/usr/bin/dumb-init", "--"] | ||
CMD ["/bin/sh", "/app/docker/start.sh"] | ||
CMD ["/app/keymasterd", "-config", "/etc/keymaster/config.yml", "-alsoLogToStderr"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.