Add crt files

hashicorp · Oct 29, 2021 · 03d5e50 · 03d5e50
1 parent 7a93a2b
commit 03d5e50
Show file tree

Hide file tree

Showing 9 changed files with 582 additions and 3 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -0,0 +1,250 @@
+name: build
+
+on:
+  push:
+    # Sequence of patterns matched against refs/heads
+    branches:
+    # Provide the release branch
+      - crt_release/1.8.x
+
+env:
+  PKG_NAME: consul
+
+jobs:
+  get-product-version:
+    runs-on: ubuntu-latest
+    outputs:
+      product-version: ${{ steps.get-product-version.outputs.product-version }}
+      pre-version: ${{ steps.get-product-version.outputs.pre-version }}
+      pkg-version: ${{ steps.get-product-version.outputs.pkg-version }}
+      shared-ldflags: ${{ steps.shared-ldflags.outputs.shared-ldflags }}
+    steps:
+      - uses: actions/checkout@v2
+      - name: get product version
+        id: get-product-version
+        run: |
+          IFS="-"; OUTPUT=$(build-support/scripts/version.sh -r);
+          read -a V <<< "$OUTPUT"; unset IFS;
+
+          VERSION=${V[0]}
+          PREREL_VERSION=${V[1]}
+
+          echo "::set-output name=product-version::${VERSION}-${PREREL_VERSION}"
+          echo "::set-output name=pre-version::${PREREL_VERSION}"
+          echo "::set-output name=pkg-version::${VERSION}"
+
+      - name: Set shared -ldflags
+        id: shared-ldflags
+        run: echo "::set-output name=shared-ldflags::-X github.com/hashicorp/consul/version.GitCommit=${GITHUB_SHA::8} -X github.com/hashicorp/consul/version.GitDescribe=${{ steps.get-product-version.outputs.product-version }}"
+
+  generate-metadata-file:
+    needs: get-product-version
+    runs-on: ubuntu-latest
+    outputs:
+      filepath: ${{ steps.generate-metadata-file.outputs.filepath }}
+    steps:
+      - name: 'Checkout directory'
+        uses: actions/checkout@v2
+      - name: Generate metadata file
+        id: generate-metadata-file
+        uses: hashicorp/actions-generate-metadata@main
+        with:
+          version: ${{ needs.get-product-version.outputs.product-version }}
+          product: ${{ env.PKG_NAME }}
+
+      - uses: actions/upload-artifact@v2
+        with:
+          name: metadata.json
+          path: ${{ steps.generate-metadata-file.outputs.filepath }}
+
+  build:
+    needs: get-product-version
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        include:
+          - {go: "1.17", goos: "linux", goarch: "386"}
+          - {go: "1.17", goos: "linux", goarch: "amd64"}
+          - {go: "1.17", goos: "linux", goarch: "arm"}
+          - {go: "1.17", goos: "linux", goarch: "arm64"}
+          - {go: "1.17", goos: "freebsd", goarch: "386"}
+          - {go: "1.17", goos: "freebsd", goarch: "amd64"}
+          - {go: "1.17", goos: "windows", goarch: "386"}
+          - {go: "1.17", goos: "windows", goarch: "amd64"}
+          - {go: "1.17", goos: "solaris", goarch: "amd64"}
+      fail-fast: true
+
+    name: Go ${{ matrix.go }} ${{ matrix.goos }} ${{ matrix.goarch }} build
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Setup go
+        uses: actions/setup-go@v2
+        with:
+          go-version: ${{ matrix.go }}
+
+      - name: Install project dependencies
+        run: |
+          go install github.com/elazarl/go-bindata-assetfs/go-bindata-assetfs@38087fe
+          go install github.com/hashicorp/go-bindata/go-bindata@bf7910a
+
+      - name: Setup with node and yarn
+        uses: actions/setup-node@v2
+        with:
+          node-version: '14'
+          cache: 'yarn'
+          cache-dependency-path: 'ui/yarn.lock'
+
+      - name: Build UI
+        run: |
+          CONSUL_VERSION=${{ needs.get-product-version.outputs.product-version }}
+          CONSUL_BINARY_TYPE=${CONSUL_BINARY_TYPE}
+          CONSUL_COPYRIGHT_YEAR=$(git show -s --format=%cd --date=format:%Y HEAD)
+          echo "consul_version is ${CONSUL_VERSION}"
+          echo "consul binary type is ${CONSUL_BINARY_TYPE}"
+          echo "consul copyright year is ${CONSUL_COPYRIGHT_YEAR}"
+          cd ui && make && cd ..
+          mkdir pkg
+          mv ui/packages/consul-ui/dist pkg/web_ui
+
+      - name: Build static-assets
+        run: make static-assets
+
+      - name: Build
+        env:
+          GOOS: ${{ matrix.goos }}
+          GOARCH: ${{ matrix.goarch }}
+          CGO_ENABLED: 0
+          GOLDFLAGS: "${{needs.get-product-version.outputs.shared-ldflags}}"
+        run: |
+          mkdir dist out
+          go build -ldflags="$GOLDFLAGS" -o dist/ .
+          zip -r -j out/${{ env.PKG_NAME }}_${{ needs.get-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip dist/
+
+      - uses: actions/upload-artifact@v2
+        with:
+          name: ${{ env.PKG_NAME }}_${{ needs.get-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip
+          path: out/${{ env.PKG_NAME }}_${{ needs.get-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip
+
+      - name: Package
+        if: ${{ matrix.goos == 'linux' }}
+        uses: hashicorp/actions-packaging-linux@v1
+        with:
+          name: ${{ github.event.repository.name }}
+          description: "Consul is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure. "
+          arch: ${{ matrix.goarch }}
+          version: ${{ needs.get-product-version.outputs.product-version }}
+          maintainer: "HashiCorp"
+          homepage: "https://github.com/hashicorp/consul"
+          license: "MPL-2.0"
+          binary: "dist/${{ env.PKG_NAME }}"
+          deb_depends: "openssl"
+          rpm_depends: "openssl"
+          config_dir: ".release/linux/package"
+          preinstall: ".release/linux/preinstall"
+          postinstall: ".release/linux/postinstall"
+          postremove: ".release/linux/postremove"
+
+      - name: Set Package Names
+        if: ${{ matrix.goos == 'linux' }}
+        run: |
+          echo "RPM_PACKAGE=$(basename out/*.rpm)" >> $GITHUB_ENV
+          echo "DEB_PACKAGE=$(basename out/*.deb)" >> $GITHUB_ENV
+
+      - uses: actions/upload-artifact@v2
+        if: ${{ matrix.goos == 'linux' }}
+        with:
+          name: ${{ env.RPM_PACKAGE }}
+          path: out/${{ env.RPM_PACKAGE }}
+
+      - uses: actions/upload-artifact@v2
+        if: ${{ matrix.goos == 'linux' }}
+        with:
+          name: ${{ env.DEB_PACKAGE }}
+          path: out/${{ env.DEB_PACKAGE }}
+
+  build-darwin:
+    needs: get-product-version
+    runs-on: macos-latest
+    strategy:
+      matrix:
+        goos: [ darwin ]
+        goarch: [ "amd64" ]
+        go: [ "1.17" ]
+      fail-fast: true
+
+    name: Go ${{ matrix.go }} ${{ matrix.goos }} ${{ matrix.goarch }} build
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Setup go
+        uses: actions/setup-go@v2
+        with:
+          go-version: ${{ matrix.go }}
+
+      - name: Install project dependencies
+        run: |
+          go install github.com/elazarl/go-bindata-assetfs/go-bindata-assetfs@38087fe
+          go install github.com/hashicorp/go-bindata/go-bindata@bf7910a
+
+      - name: Setup with node and yarn
+        uses: actions/setup-node@v2
+        with:
+          node-version: '14'
+          cache: 'yarn'
+          cache-dependency-path: 'ui/yarn.lock'
+
+      - name: Build UI
+        run: |
+          CONSUL_VERSION=${{ needs.get-product-version.outputs.product-version }}
+          CONSUL_BINARY_TYPE=${CONSUL_BINARY_TYPE}
+          CONSUL_COPYRIGHT_YEAR=$(git show -s --format=%cd --date=format:%Y HEAD)
+          echo "consul_version is ${CONSUL_VERSION}"
+          echo "consul binary type is ${CONSUL_BINARY_TYPE}"
+          echo "consul copyright year is ${CONSUL_COPYRIGHT_YEAR}"
+          cd ui && make && cd ..
+          mkdir pkg
+          mv ui/packages/consul-ui/dist pkg/web_ui
+
+      - name: Build static-assets
+        run: make static-assets
+
+      - name: Build
+        env:
+          GOOS: ${{ matrix.goos }}
+          GOARCH: ${{ matrix.goarch }}
+          GOLDFLAGS: "${{ needs.get-product-version.outputs.shared-ldflags }}"
+        run: |
+          mkdir dist out
+          go build -ldflags="$GOLDFLAGS" -o dist/ .
+          zip -r -j out/${{ env.PKG_NAME }}_${{ needs.get-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip dist/
+
+      - uses: actions/upload-artifact@v2
+        with:
+          name: ${{ env.PKG_NAME }}_${{ needs.get-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip
+          path: out/${{ env.PKG_NAME }}_${{ needs.get-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip
+
+  build-docker:
+    name: Docker ${{ matrix.arch }} build
+    needs:
+      - get-product-version
+      - build
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        arch: ["arm", "arm64", "386", "amd64"]
+    env:
+      repo: ${{github.event.repository.name}}
+      version: ${{needs.get-product-version.outputs.product-version}}
+
+    steps:
+      - uses: actions/checkout@v2
+      - name: Docker Build (Action)
+        uses: hashicorp/actions-docker-build@v1
+        with:
+          version: ${{env.version}}
+          target: default
+          arch: ${{matrix.arch}}
+          tags: |
+            docker.io/hashicorp/${{env.repo}}:${{env.version}}
+            ecr.public.aws/hashicorp/${{env.repo}}:${{env.version}}
diff --git a/.release/ci.hcl b/.release/ci.hcl
@@ -12,9 +12,6 @@ project "consul" {
     release_branches = [
       "main",
       "release/1.8.x",
-      "release/1.9.x",
-      "release/1.10.x",
-      # "release/1.11.x"
     ]
   }
 }

diff --git a/.release/docker/docker-entrypoint.sh b/.release/docker/docker-entrypoint.sh
@@ -0,0 +1,114 @@
+#!/usr/bin/dumb-init /bin/sh
+set -e
+
+# Note above that we run dumb-init as PID 1 in order to reap zombie processes
+# as well as forward signals to all processes in its session. Normally, sh
+# wouldn't do either of these functions so we'd leak zombies as well as do
+# unclean termination of all our sub-processes.
+# As of docker 1.13, using docker run --init achieves the same outcome.
+
+# You can set CONSUL_BIND_INTERFACE to the name of the interface you'd like to
+# bind to and this will look up the IP and pass the proper -bind= option along
+# to Consul.
+if [ -z "$CONSUL_BIND" ]; then
+  if [ -n "$CONSUL_BIND_INTERFACE" ]; then
+    CONSUL_BIND_ADDRESS=$(ip -o -4 addr list $CONSUL_BIND_INTERFACE | head -n1 | awk '{print $4}' | cut -d/ -f1)
+    if [ -z "$CONSUL_BIND_ADDRESS" ]; then
+      echo "Could not find IP for interface '$CONSUL_BIND_INTERFACE', exiting"
+      exit 1
+    fi
+
+    CONSUL_BIND="-bind=$CONSUL_BIND_ADDRESS"
+    echo "==> Found address '$CONSUL_BIND_ADDRESS' for interface '$CONSUL_BIND_INTERFACE', setting bind option..."
+  fi
+fi
+
+# You can set CONSUL_CLIENT_INTERFACE to the name of the interface you'd like to
+# bind client intefaces (HTTP, DNS, and RPC) to and this will look up the IP and
+# pass the proper -client= option along to Consul.
+if [ -z "$CONSUL_CLIENT" ]; then
+  if [ -n "$CONSUL_CLIENT_INTERFACE" ]; then
+    CONSUL_CLIENT_ADDRESS=$(ip -o -4 addr list $CONSUL_CLIENT_INTERFACE | head -n1 | awk '{print $4}' | cut -d/ -f1)
+    if [ -z "$CONSUL_CLIENT_ADDRESS" ]; then
+      echo "Could not find IP for interface '$CONSUL_CLIENT_INTERFACE', exiting"
+      exit 1
+    fi
+
+    CONSUL_CLIENT="-client=$CONSUL_CLIENT_ADDRESS"
+    echo "==> Found address '$CONSUL_CLIENT_ADDRESS' for interface '$CONSUL_CLIENT_INTERFACE', setting client option..."
+  fi
+fi
+
+# CONSUL_DATA_DIR is exposed as a volume for possible persistent storage. The
+# CONSUL_CONFIG_DIR isn't exposed as a volume but you can compose additional
+# config files in there if you use this image as a base, or use CONSUL_LOCAL_CONFIG
+# below.
+if [ -z "$CONSUL_DATA_DIR" ]; then
+  CONSUL_DATA_DIR=/consul/data
+fi
+
+if [ -z "$CONSUL_CONFIG_DIR" ]; then
+  CONSUL_CONFIG_DIR=/consul/config
+fi
+
+# You can also set the CONSUL_LOCAL_CONFIG environemnt variable to pass some
+# Consul configuration JSON without having to bind any volumes.
+if [ -n "$CONSUL_LOCAL_CONFIG" ]; then
+	echo "$CONSUL_LOCAL_CONFIG" > "$CONSUL_CONFIG_DIR/local.json"
+fi
+
+# If the user is trying to run Consul directly with some arguments, then
+# pass them to Consul.
+if [ "${1:0:1}" = '-' ]; then
+  set -- consul "$@"
+fi
+
+# Look for Consul subcommands.
+if [ "$1" = 'agent' ]; then
+  shift
+  set -- consul agent \
+    -data-dir="$CONSUL_DATA_DIR" \
+    -config-dir="$CONSUL_CONFIG_DIR" \
+    $CONSUL_BIND \
+    $CONSUL_CLIENT \
+    "$@"
+elif [ "$1" = 'version' ]; then
+  # This needs a special case because there's no help output.
+  set -- consul "$@"
+elif consul --help "$1" 2>&1 | grep -q "consul $1"; then
+  # We can't use the return code to check for the existence of a subcommand, so
+  # we have to use grep to look for a pattern in the help output.
+  set -- consul "$@"
+fi
+
+# If we are running Consul, make sure it executes as the proper user.
+if [ "$1" = 'consul' -a -z "${CONSUL_DISABLE_PERM_MGMT+x}" ]; then
+  # Allow to setup user and group via envrironment
+  if [ -z "$CONSUL_UID" ]; then
+    CONSUL_UID="$(id -u consul)"
+  fi
+
+  if [ -z "$CONSUL_GID" ]; then
+    CONSUL_GID="$(id -g consul)"
+  fi
+
+  # If the data or config dirs are bind mounted then chown them.
+  # Note: This checks for root ownership as that's the most common case.
+  if [ "$(stat -c %u "$CONSUL_DATA_DIR")" != "${CONSUL_UID}" ]; then
+    chown ${CONSUL_UID}:${CONSUL_GID} "$CONSUL_DATA_DIR"
+  fi
+  if [ "$(stat -c %u "$CONSUL_CONFIG_DIR")" != "${CONSUL_UID}" ]; then
+    chown ${CONSUL_UID}:${CONSUL_GID} "$CONSUL_CONFIG_DIR"
+  fi
+
+  # If requested, set the capability to bind to privileged ports before
+  # we drop to the non-root user. Note that this doesn't work with all
+  # storage drivers (it won't work with AUFS).
+  if [ ! -z ${CONSUL_ALLOW_PRIVILEGED_PORTS+x} ]; then
+    setcap "cap_net_bind_service=+ep" /bin/consul
+  fi
+
+  set -- su-exec ${CONSUL_UID}:${CONSUL_GID} "$@"
+fi
+
+exec "$@"