2017-10-23 12:38:30 -04:00
# Determine this makefile's path.
# Be sure to place this BEFORE `include` directives, if any.
THIS_FILE := $( lastword $( MAKEFILE_LIST) )
2024-01-25 08:45:44 -05:00
MAIN_PACKAGES = $$ ( $( GO_CMD) list ./... | grep -v vendor/ )
SDK_PACKAGES = $$ ( cd $( CURDIR) /sdk && $( GO_CMD) list ./... | grep -v vendor/ )
API_PACKAGES = $$ ( cd $( CURDIR) /api && $( GO_CMD) list ./... | grep -v vendor/ )
ALL_PACKAGES = $( MAIN_PACKAGES) $( SDK_PACKAGES) $( API_PACKAGES)
TEST = $$ ( echo $( ALL_PACKAGES) | grep -v integ/ )
2019-07-22 13:11:00 -04:00
TEST_TIMEOUT ?= 45m
EXTENDED_TEST_TIMEOUT = 60m
INTEG_TEST_TIMEOUT = 120m
2015-03-04 02:14:18 -05:00
VETARGS ?= -asmdecl -atomic -bool -buildtags -copylocks -methods -nilfunc -printf -rangeloops -shift -structtags -unsafeptr
2019-12-07 21:01:11 -05:00
GOFMT_FILES ?= $$ ( find . -name '*.go' | grep -v pb.go | grep -v vendor)
Add plugin version to GRPC interface (#17088)
Add plugin version to GRPC interface
Added a version interface in the sdk/logical so that it can be shared between all plugin types, and then wired it up to RunningVersion in the mounts, auth list, and database systems.
I've tested that this works with auth, database, and secrets plugin types, with the following logic to populate RunningVersion:
If a plugin has a PluginVersion() method implemented, then that is used
If not, and the plugin is built into the Vault binary, then the go.mod version is used
Otherwise, the it will be the empty string.
My apologies for the length of this PR.
* Placeholder backend should be external
We use a placeholder backend (previously a framework.Backend) before a
GRPC plugin is lazy-loaded. This makes us later think the plugin is a
builtin plugin.
So we added a `placeholderBackend` type that overrides the
`IsExternal()` method so that later we know that the plugin is external,
and don't give it a default builtin version.
2022-09-15 19:37:59 -04:00
SED ?= $( shell command -v gsed || command -v sed)
2019-12-07 21:01:11 -05:00
2022-11-03 10:04:53 -04:00
GO_VERSION_MIN = $$ ( cat $( CURDIR) /.go-version)
2020-01-09 12:35:32 -05:00
GO_CMD ?= go
2019-05-22 08:17:55 -04:00
CGO_ENABLED ?= 0
2018-07-16 10:18:09 -04:00
i f n e q ( $( FDB_ENABLED ) , )
CGO_ENABLED = 1
BUILD_TAGS += foundationdb
e n d i f
2024-06-12 12:53:49 -04:00
# Set BUILD_MINIMAL to a non-empty value to build a minimal version of Vault with only core features.
BUILD_MINIMAL ?=
i f n e q ( $( strip $ ( BUILD_MINIMAL ) ) , )
BUILD_TAGS += minimal
e n d i f
2017-02-05 20:30:40 -05:00
default : dev
2015-03-04 02:14:18 -05:00
2018-03-20 14:54:10 -04:00
# bin generates the releasable binaries for Vault
2017-10-23 12:38:30 -04:00
bin : prep
2018-07-16 10:18:09 -04:00
@CGO_ENABLED= $( CGO_ENABLED) BUILD_TAGS = '$(BUILD_TAGS) ui' sh -c " ' $( CURDIR) /scripts/build.sh' "
2015-03-04 02:14:18 -05:00
# dev creates binaries for testing Vault locally. These are put
2018-04-09 17:36:05 -04:00
# into ./bin/ as well as $GOPATH/bin
2023-05-02 08:46:13 -04:00
dev : BUILD_TAGS +=testonly
dev : prep
2023-03-21 16:59:40 -04:00
@CGO_ENABLED= $( CGO_ENABLED) BUILD_TAGS = '$(BUILD_TAGS)' VAULT_DEV_BUILD = 1 sh -c " ' $( CURDIR) /scripts/build.sh' "
2023-05-02 08:46:13 -04:00
dev-ui : BUILD_TAGS +=testonly
dev-ui : assetcheck prep
2018-07-16 10:18:09 -04:00
@CGO_ENABLED= $( CGO_ENABLED) BUILD_TAGS = '$(BUILD_TAGS) ui' VAULT_DEV_BUILD = 1 sh -c " ' $( CURDIR) /scripts/build.sh' "
2023-05-02 08:46:13 -04:00
dev-dynamic : BUILD_TAGS +=testonly
dev-dynamic : prep
2016-05-09 23:17:38 -04:00
@CGO_ENABLED= 1 BUILD_TAGS = '$(BUILD_TAGS)' VAULT_DEV_BUILD = 1 sh -c " ' $( CURDIR) /scripts/build.sh' "
2024-11-12 12:38:59 -05:00
# quickdev creates binaries for testing Vault locally like dev, but skips
# the prep step.
quickdev : BUILD_TAGS +=testonly
quickdev :
@CGO_ENABLED= $( CGO_ENABLED) BUILD_TAGS = '$(BUILD_TAGS)' VAULT_DEV_BUILD = 1 sh -c " ' $( CURDIR) /scripts/build.sh' "
2018-10-31 14:11:45 -04:00
# *-mem variants will enable memory profiling which will write snapshots of heap usage
# to $TMP/vaultprof every 5 minutes. These can be analyzed using `$ go tool pprof <profile_file>`.
# Note that any build can have profiling added via: `$ BUILD_TAGS=memprofiler make ...`
dev-mem : BUILD_TAGS +=memprofiler
dev-mem : dev
dev-ui-mem : BUILD_TAGS +=memprofiler
2019-03-25 13:07:14 -04:00
dev-ui-mem : assetcheck dev -ui
2018-10-31 14:11:45 -04:00
dev-dynamic-mem : BUILD_TAGS +=memprofiler
dev-dynamic-mem : dev -dynamic
2020-07-20 14:11:34 -04:00
# Creates a Docker image by adding the compiled linux/amd64 binary found in ./bin.
2020-10-08 14:30:31 -04:00
# The resulting image is tagged "vault:dev".
2023-05-02 08:46:13 -04:00
docker-dev : BUILD_TAGS +=testonly
docker-dev : prep
2021-06-04 11:51:55 -04:00
docker build --build-arg VERSION = $( GO_VERSION_MIN) --build-arg BUILD_TAGS = " $( BUILD_TAGS) " -f scripts/docker/Dockerfile -t vault:dev .
2020-07-20 14:11:34 -04:00
2023-05-02 08:46:13 -04:00
docker-dev-ui : BUILD_TAGS +=testonly
docker-dev-ui : prep
2021-06-04 11:51:55 -04:00
docker build --build-arg VERSION = $( GO_VERSION_MIN) --build-arg BUILD_TAGS = " $( BUILD_TAGS) " -f scripts/docker/Dockerfile.ui -t vault:dev-ui .
2020-07-20 14:11:34 -04:00
2015-03-04 02:14:18 -05:00
# test runs the unit tests and vets the code
2023-05-02 08:46:13 -04:00
test : BUILD_TAGS +=testonly
test : prep
2018-07-16 10:18:09 -04:00
@CGO_ENABLED= $( CGO_ENABLED) \
2017-09-04 23:51:29 -04:00
VAULT_ADDR = \
VAULT_TOKEN = \
VAULT_DEV_ROOT_TOKEN_ID = \
VAULT_ACC = \
2020-01-09 12:35:32 -05:00
$( GO_CMD) test -tags= '$(BUILD_TAGS)' $( TEST) $( TESTARGS) -timeout= $( TEST_TIMEOUT) -parallel= 20
2015-03-04 02:14:18 -05:00
2023-05-02 08:46:13 -04:00
testcompile : BUILD_TAGS +=testonly
testcompile : prep
2017-02-16 15:15:02 -05:00
@for pkg in $( TEST) ; do \
2020-01-09 12:35:32 -05:00
$( GO_CMD) test -v -c -tags= '$(BUILD_TAGS)' $$ pkg -parallel= 4 ; \
2017-02-16 15:15:02 -05:00
done
2015-03-20 12:59:48 -04:00
# testacc runs acceptance tests
2023-05-02 08:46:13 -04:00
testacc : BUILD_TAGS +=testonly
testacc : prep
2015-03-20 12:59:48 -04:00
@if [ " $( TEST) " = "./..." ] ; then \
echo "ERROR: Set TEST to a specific package" ; \
exit 1; \
fi
2020-01-09 12:35:32 -05:00
VAULT_ACC = 1 $( GO_CMD) test -tags= '$(BUILD_TAGS)' $( TEST) -v $( TESTARGS) -timeout= $( EXTENDED_TEST_TIMEOUT)
2015-03-20 12:59:48 -04:00
2015-03-04 02:14:18 -05:00
# testrace runs the race checker
2023-05-02 08:46:13 -04:00
testrace : BUILD_TAGS +=testonly
testrace : prep
2017-09-04 23:51:29 -04:00
@CGO_ENABLED= 1 \
VAULT_ADDR = \
VAULT_TOKEN = \
VAULT_DEV_ROOT_TOKEN_ID = \
VAULT_ACC = \
2020-01-09 12:35:32 -05:00
$( GO_CMD) test -tags= '$(BUILD_TAGS)' -race $( TEST) $( TESTARGS) -timeout= $( EXTENDED_TEST_TIMEOUT) -parallel= 20
2015-03-04 02:14:18 -05:00
cover :
2015-04-28 22:02:46 -04:00
./scripts/coverage.sh --html
2015-03-04 02:14:18 -05:00
# vet runs the Go source code static analysis tool `vet` to find
# any common errors.
vet :
2020-01-09 12:35:32 -05:00
@$( GO_CMD) list -f '{{.Dir}}' ./... | grep -v /vendor/ \
2015-04-28 16:18:55 -04:00
| grep -v '.*github.com/hashicorp/vault$$' \
2020-01-09 12:35:32 -05:00
| xargs $( GO_CMD) vet ; if [ $$ ? -eq 1 ] ; then \
2015-04-28 16:18:55 -04:00
echo "" ; \
echo "Vet found suspicious constructs. Please check the reported constructs" ; \
echo "and fix them if necessary before submitting the code for reviewal." ; \
fi
2015-03-04 02:14:18 -05:00
2023-09-08 14:46:32 -04:00
# deprecations runs staticcheck tool to look for deprecations. Checks entire code to see if it
2023-03-28 01:50:58 -04:00
# has deprecated function, variable, constant or field
2023-07-18 11:31:29 -04:00
deprecations : bootstrap prep
2023-07-06 09:18:42 -04:00
@BUILD_TAGS= '$(BUILD_TAGS)' ./scripts/deprecations-checker.sh ""
2023-03-28 01:50:58 -04:00
# ci-deprecations runs staticcheck tool to look for deprecations. All output gets piped to revgrep
# which will only return an error if changes that is not on main has deprecated function, variable, constant or field
2024-01-09 12:50:46 -05:00
ci-deprecations : prep check -tools -external
2023-07-06 09:18:42 -04:00
@BUILD_TAGS= '$(BUILD_TAGS)' ./scripts/deprecations-checker.sh main
2023-03-28 01:50:58 -04:00
2023-07-06 09:18:42 -04:00
# vet-codechecker runs our custom linters on the test functions. All output gets
# piped to revgrep which will only return an error if new piece of code violates
2023-09-08 14:46:32 -04:00
# the check
2024-01-09 12:50:46 -05:00
vet-codechecker : check -tools -internal
@echo "==> Running go vet with ./tools/codechecker..."
@$( GO_CMD) vet -vettool= $$ ( which codechecker) -tags= $( BUILD_TAGS) ./... 2>& 1 | revgrep
2023-06-13 12:32:06 -04:00
2023-07-06 09:18:42 -04:00
# vet-codechecker runs our custom linters on the test functions. All output gets
2023-09-08 14:46:32 -04:00
# piped to revgrep which will only return an error if new piece of code that is
# not on main violates the check
2024-01-09 12:50:46 -05:00
ci-vet-codechecker : tools -internal check -tools -external
@echo "==> Running go vet with ./tools/codechecker..."
@$( GO_CMD) vet -vettool= $$ ( which codechecker) -tags= $( BUILD_TAGS) ./... 2>& 1 | revgrep origin/main
2023-06-13 12:32:06 -04:00
2019-07-22 13:11:00 -04:00
# lint runs vet plus a number of other checkers, it is more comprehensive, but louder
2024-01-09 12:50:46 -05:00
lint : check -tools -external
2020-01-09 12:35:32 -05:00
@$( GO_CMD) list -f '{{.Dir}}' ./... | grep -v /vendor/ \
2019-07-22 13:11:00 -04:00
| xargs golangci-lint run; if [ $$ ? -eq 1 ] ; then \
echo "" ; \
echo "Lint found suspicious constructs. Please check the reported constructs" ; \
echo "and fix them if necessary before submitting the code for reviewal." ; \
fi
2024-01-09 12:50:46 -05:00
2019-07-22 13:11:00 -04:00
# for ci jobs, runs lint against the changed packages in the commit
2024-01-09 12:50:46 -05:00
ci-lint : check -tools -external
2019-07-22 13:11:00 -04:00
@golangci-lint run --deadline 10m --new-from-rev= HEAD~
2023-07-31 14:44:56 -04:00
# Lint protobuf files
2024-01-09 12:50:46 -05:00
protolint : prep check -tools -external
@echo "==> Linting protobufs..."
@buf lint
2023-07-31 14:44:56 -04:00
2017-09-04 19:16:11 -04:00
# prep runs `go generate` to build the dynamically generated
2015-03-04 02:14:18 -05:00
# source files.
2023-07-10 13:40:19 -04:00
#
# n.b.: prep used to depend on fmtcheck, but since fmtcheck is
# now run as a pre-commit hook (and there's little value in
# making every build run the formatter), we've removed that
# dependency.
2024-03-26 06:30:30 -04:00
prep : check -go -version clean
2024-01-09 12:50:46 -05:00
@echo "==> Running go generate..."
2024-01-25 08:45:44 -05:00
@GOARCH= GOOS = $( GO_CMD) generate $( MAIN_PACKAGES)
@GOARCH= GOOS = cd api && $( GO_CMD) generate $( API_PACKAGES)
@GOARCH= GOOS = cd sdk && $( GO_CMD) generate $( SDK_PACKAGES)
2024-02-02 13:38:01 -05:00
# Git doesn't allow us to store shared hooks in .git. Instead, we make sure they're up-to-date
# whenever a make target is invoked.
.PHONY : hooks
hooks :
2017-10-27 13:11:02 -04:00
@if [ -d .git/hooks ] ; then cp .hooks/* .git/hooks/; fi
2015-03-04 02:14:18 -05:00
2024-02-02 13:38:01 -05:00
- i n c l u d e h o o k s # Make sure they're always up-to-date
2024-01-09 12:50:46 -05:00
# bootstrap the build by generating any necessary code and downloading additional tools that may
# be used by devs.
2024-04-30 14:36:11 -04:00
bootstrap : tools prep
2015-05-31 19:32:36 -04:00
2018-05-29 21:09:57 -04:00
# Note: if you have plugins in GOPATH you can update all of them via something like:
# for i in $(ls | grep vault-plugin-); do cd $i; git remote update; git reset --hard origin/master; dep ensure -update; git add .; git commit; git push; cd ..; done
2018-04-10 02:32:41 -04:00
update-plugins :
2021-06-11 07:49:50 -04:00
grep vault-plugin- go.mod | cut -d ' ' -f 1 | while read -r P; do echo " Updating $P ... " ; go get -v " $P " ; done
2018-04-10 02:32:41 -04:00
2019-12-06 13:58:40 -05:00
static-assets-dir :
2021-08-18 11:05:11 -04:00
@mkdir -p ./http/web_ui
2018-04-03 10:46:45 -04:00
2022-03-08 10:58:28 -05:00
install-ui-dependencies :
2024-01-09 12:50:46 -05:00
@echo "==> Installing JavaScript assets"
2026-01-09 12:45:14 -05:00
@cd ui && pnpm i
2022-03-08 10:58:28 -05:00
test-ember : install -ui -dependencies
2024-01-09 12:50:46 -05:00
@echo "==> Running ember tests"
2026-01-09 12:45:14 -05:00
@cd ui && pnpm run test:oss
2018-04-03 10:46:45 -04:00
2022-03-08 10:58:28 -05:00
test-ember-enos : install -ui -dependencies
2024-01-09 12:50:46 -05:00
@echo "==> Running ember tests with a real backend"
2026-01-09 12:45:14 -05:00
@cd ui && pnpm run test:enos
2022-03-08 10:58:28 -05:00
ember-dist : install -ui -dependencies
2018-04-03 10:46:45 -04:00
@cd ui && npm rebuild node-sass
2024-01-09 12:50:46 -05:00
@echo "==> Building Ember application"
2026-01-09 12:45:14 -05:00
@cd ui && pnpm run build
2018-04-03 10:46:45 -04:00
@rm -rf ui/if-you-need-to-delete-this-open-an-issue-async-disk-cache
2022-03-08 10:58:28 -05:00
ember-dist-dev : install -ui -dependencies
2018-06-25 16:30:11 -04:00
@cd ui && npm rebuild node-sass
2024-01-09 12:50:46 -05:00
@echo "==> Building Ember application"
2026-01-09 12:45:14 -05:00
@cd ui && pnpm run build:dev
2018-06-25 16:30:11 -04:00
2022-03-10 07:59:30 -05:00
static-dist : ember -dist
static-dist-dev : ember -dist -dev
2018-04-03 10:46:45 -04:00
2024-01-09 12:50:46 -05:00
proto : check -tools -external
@echo "==> Generating Go code from protobufs..."
2023-07-31 14:44:56 -04:00
buf generate
2021-09-29 21:25:15 -04:00
# No additional sed expressions should be added to this list. Going forward
2025-04-08 14:00:08 -04:00
# we should just use the variable names chosen by protobuf. These are left
2025-01-21 12:49:36 -05:00
# here for backwards compatibility, namely for SDK compilation.
2023-03-15 12:00:52 -04:00
$( SED) -i -e 's/Id/ID/' -e 's/SPDX-License-IDentifier/SPDX-License-Identifier/' vault/request_forwarding_service.pb.go
$( SED) -i -e 's/Idp/IDP/' -e 's/Url/URL/' -e 's/Id/ID/' -e 's/IDentity/Identity/' -e 's/EntityId/EntityID/' -e 's/Api/API/' -e 's/Qr/QR/' -e 's/Totp/TOTP/' -e 's/Mfa/MFA/' -e 's/Pingid/PingID/' -e 's/namespaceId/namespaceID/' -e 's/Ttl/TTL/' -e 's/BoundCidrs/BoundCIDRs/' -e 's/SPDX-License-IDentifier/SPDX-License-Identifier/' helper/identity/types.pb.go helper/identity/mfa/types.pb.go helper/storagepacker/types.pb.go sdk/plugin/pb/backend.pb.go sdk/logical/identity.pb.go vault/activity/activity_log.pb.go
2021-09-29 21:25:15 -04:00
# This will inject the sentinel struct tags as decorated in the proto files.
protoc-go-inject-tag -input= ./helper/identity/types.pb.go
protoc-go-inject-tag -input= ./helper/identity/mfa/types.pb.go
2016-10-20 12:39:19 -04:00
2024-02-13 17:07:02 -05:00
importfmt : check -tools -external
find . -name '*.go' | grep -v pb.go | grep -v vendor | xargs gosimports -w
fmt : importfmt
2024-01-09 12:50:46 -05:00
find . -name '*.go' | grep -v pb.go | grep -v vendor | xargs gofumpt -w
2017-05-19 08:34:17 -04:00
2024-01-09 12:50:46 -05:00
fmtcheck : check -go -fmt
2017-05-19 08:34:17 -04:00
2024-01-09 12:50:46 -05:00
.PHONY : go -mod -download
go-mod-download :
@$( CURDIR) /scripts/go-helper.sh mod-download
.PHONY : go -mod -tidy
go-mod-tidy :
@$( CURDIR) /scripts/go-helper.sh mod-tidy
protofmt :
2023-07-31 14:44:56 -04:00
buf format -w
2022-07-20 13:44:41 -04:00
semgrep :
2022-03-18 14:14:03 -04:00
semgrep --include '*.go' --exclude 'vendor' -a -f tools/semgrep .
2019-03-25 13:07:14 -04:00
assetcheck :
@echo "==> Checking compiled UI assets..."
@sh -c " ' $( CURDIR) /scripts/assetcheck.sh' "
2017-10-19 12:55:39 -04:00
spellcheck :
@echo "==> Spell checking website..."
@misspell -error -source= text website/source
2024-01-09 12:50:46 -05:00
.PHONY check-go-fmt :
check-go-fmt :
@$( CURDIR) /scripts/go-helper.sh check-fmt
.PHONY check-go-version :
check-go-version :
@$( CURDIR) /scripts/go-helper.sh check-version $( GO_VERSION_MIN)
.PHONY : check -proto -fmt
check-proto-fmt :
buf format -d --error-format github-actions --exit-code
.PHONY : check -proto -delta
check-proto-delta : prep
@echo "==> Checking for a delta in proto generated Go files..."
@echo "==> Deleting all *.pg.go files..."
find . -type f -name '*.pb.go' -delete -print0
@$( MAKE) -f $( THIS_FILE) proto
@if ! git diff --exit-code; then echo "Go protobuf bindings need to be regenerated. Run 'make proto' to fix them." && exit 1; fi
.PHONY : check -sempgrep
check-sempgrep : check -tools -external
@echo "==> Checking semgrep..."
@semgrep --error --include '*.go' --exclude 'vendor' -f tools/semgrep/ci .
.PHONY : check -tools
check-tools :
@$( CURDIR) /tools/tools.sh check
.PHONY : check -tools -external
check-tools-external :
@$( CURDIR) /tools/tools.sh check-external
.PHONY : check -tools -internal
check-tools-internal :
@$( CURDIR) /tools/tools.sh check-internal
VAULT-31181: Add `pipeline` tool to Vault (#28536)
As the Vault pipeline and release processes evolve over time, so too must the tooling that drives them. Historically we've utilized a combination of CI features and shell scripts that are wrapped into make targets to drive our CI. While this
approach has worked, it requires careful consideration of what features to use (bash in CI almost never matches bash in developer machines, etc.) and often requires a deep understanding of several CLI tools (jq, etc). `make` itself also has limitations in user experience, e.g. passing flags.
As we're all in on Github Actions as our pipeline coordinator, continuing to utilize and build CLI tools to perform our pipeline tasks makes sense. This PR adds a new CLI tool called `pipeline` which we can use to build new isolated tasks that we can string together in Github Actions. We intend to use this utility as the interface for future release automation work, see VAULT-27514.
For the first task in this new `pipeline` tool, I've chosen to build two small sub-commands:
* `pipeline releases list-versions` - Allows us to list Vault versions between a range. The range is configurable either by setting `--upper` and/or `--lower` bounds, or by using the `--nminus` to set the N-X to go back from the current branches version. As CE and ENT do not have version parity we also consider the `--edition`, as well as none-to-many `--skip` flags to exclude specific versions.
* `pipeline generate enos-dynamic-config` - Which creates dynamic enos configuration based on the branch and the current list of release versions. It takes largely the same flags as the `release list-versions` command, however it also expects a `--dir` for the enos directory and a `--file` where the dynamic configuration will be written. This allows us to dynamically update and feed the latest versions into our sampling algorithm to get coverage over all supported prior versions.
We then integrate these new tools into the pipeline itself and cache the dynamic config on a weekly basis. We also cache the pipeline tool itself as it will likely become a repository for pipeline specific tooling. The caching strategy for the `pipeline` tool itself will make most workflows that require it super fast.
Signed-off-by: Ryan Cragun <me@ryan.ec>
2024-10-23 17:31:24 -04:00
.PHONY : check -tools -pipeline
check-tools-pipeline :
@$( CURDIR) /tools/tools.sh check-pipeline
2024-01-09 12:50:46 -05:00
check-vault-in-path :
@VAULT_BIN= $$ ( command -v vault) || { echo "vault command not found" ; exit 1; } ; \
[ -x " $$ VAULT_BIN " ] || { echo " $$ VAULT_BIN not executable " ; exit 1; } ; \
printf " Using Vault at %s:\n\$ $ vault version\n%s\n " " $$ VAULT_BIN " " $$ (vault version) "
.PHONY : tools
tools :
@$( CURDIR) /tools/tools.sh install
.PHONY : tools -external
tools-external :
@$( CURDIR) /tools/tools.sh install-external
.PHONY : tools -internal
tools-internal :
@$( CURDIR) /tools/tools.sh install-internal
VAULT-31181: Add `pipeline` tool to Vault (#28536)
As the Vault pipeline and release processes evolve over time, so too must the tooling that drives them. Historically we've utilized a combination of CI features and shell scripts that are wrapped into make targets to drive our CI. While this
approach has worked, it requires careful consideration of what features to use (bash in CI almost never matches bash in developer machines, etc.) and often requires a deep understanding of several CLI tools (jq, etc). `make` itself also has limitations in user experience, e.g. passing flags.
As we're all in on Github Actions as our pipeline coordinator, continuing to utilize and build CLI tools to perform our pipeline tasks makes sense. This PR adds a new CLI tool called `pipeline` which we can use to build new isolated tasks that we can string together in Github Actions. We intend to use this utility as the interface for future release automation work, see VAULT-27514.
For the first task in this new `pipeline` tool, I've chosen to build two small sub-commands:
* `pipeline releases list-versions` - Allows us to list Vault versions between a range. The range is configurable either by setting `--upper` and/or `--lower` bounds, or by using the `--nminus` to set the N-X to go back from the current branches version. As CE and ENT do not have version parity we also consider the `--edition`, as well as none-to-many `--skip` flags to exclude specific versions.
* `pipeline generate enos-dynamic-config` - Which creates dynamic enos configuration based on the branch and the current list of release versions. It takes largely the same flags as the `release list-versions` command, however it also expects a `--dir` for the enos directory and a `--file` where the dynamic configuration will be written. This allows us to dynamically update and feed the latest versions into our sampling algorithm to get coverage over all supported prior versions.
We then integrate these new tools into the pipeline itself and cache the dynamic config on a weekly basis. We also cache the pipeline tool itself as it will likely become a repository for pipeline specific tooling. The caching strategy for the `pipeline` tool itself will make most workflows that require it super fast.
Signed-off-by: Ryan Cragun <me@ryan.ec>
2024-10-23 17:31:24 -04:00
.PHONY : tools -pipeline
tools-pipeline :
@$( CURDIR) /tools/tools.sh install-pipeline
2017-08-10 21:28:18 -04:00
mysql-database-plugin :
2020-01-09 12:35:32 -05:00
@CGO_ENABLED= 0 $( GO_CMD) build -o bin/mysql-database-plugin ./plugins/database/mysql/mysql-database-plugin
2017-08-10 21:28:18 -04:00
mysql-legacy-database-plugin :
2020-01-09 12:35:32 -05:00
@CGO_ENABLED= 0 $( GO_CMD) build -o bin/mysql-legacy-database-plugin ./plugins/database/mysql/mysql-legacy-database-plugin
2017-08-10 21:28:18 -04:00
cassandra-database-plugin :
2020-01-09 12:35:32 -05:00
@CGO_ENABLED= 0 $( GO_CMD) build -o bin/cassandra-database-plugin ./plugins/database/cassandra/cassandra-database-plugin
2017-08-10 21:28:18 -04:00
2019-01-17 20:14:57 -05:00
influxdb-database-plugin :
2020-01-09 12:35:32 -05:00
@CGO_ENABLED= 0 $( GO_CMD) build -o bin/influxdb-database-plugin ./plugins/database/influxdb/influxdb-database-plugin
2019-01-17 20:14:57 -05:00
2017-08-10 21:28:18 -04:00
postgresql-database-plugin :
2020-01-09 12:35:32 -05:00
@CGO_ENABLED= 0 $( GO_CMD) build -o bin/postgresql-database-plugin ./plugins/database/postgresql/postgresql-database-plugin
2017-08-10 21:28:18 -04:00
mssql-database-plugin :
2020-01-09 12:35:32 -05:00
@CGO_ENABLED= 0 $( GO_CMD) build -o bin/mssql-database-plugin ./plugins/database/mssql/mssql-database-plugin
2017-08-10 21:28:18 -04:00
hana-database-plugin :
2020-01-09 12:35:32 -05:00
@CGO_ENABLED= 0 $( GO_CMD) build -o bin/hana-database-plugin ./plugins/database/hana/hana-database-plugin
2017-08-10 21:28:18 -04:00
mongodb-database-plugin :
2020-01-09 12:35:32 -05:00
@CGO_ENABLED= 0 $( GO_CMD) build -o bin/mongodb-database-plugin ./plugins/database/mongodb/mongodb-database-plugin
2017-08-10 21:28:18 -04:00
2022-12-12 15:46:04 -05:00
# These ci targets are used for used for building and testing in Github Actions
# workflows and for Enos scenarios.
.PHONY : ci -build
ci-build :
@$( CURDIR) /scripts/ci-helper.sh build
.PHONY : ci -build -ui
ci-build-ui :
@$( CURDIR) /scripts/ci-helper.sh build-ui
2023-09-08 14:46:32 -04:00
.PHONY : ci -bundle
ci-bundle :
@$( CURDIR) /scripts/ci-helper.sh bundle
2025-11-06 13:59:40 -05:00
.PHONY : ci -copy -binary
ci-copy-binary :
@$( CURDIR) /scripts/ci-helper.sh copy-binary
2023-09-08 14:46:32 -04:00
.PHONY : ci -get -artifact -basename
ci-get-artifact-basename :
@$( CURDIR) /scripts/ci-helper.sh artifact-basename
2022-12-12 15:46:04 -05:00
.PHONY : ci -get -date
ci-get-date :
@$( CURDIR) /scripts/ci-helper.sh date
.PHONY : ci -get -revision
ci-get-revision :
@$( CURDIR) /scripts/ci-helper.sh revision
.PHONY : ci -get -version -package
ci-get-version-package :
@$( CURDIR) /scripts/ci-helper.sh version-package
2024-05-17 11:18:38 -04:00
.PHONY : ci -prepare -ent -legal
ci-prepare-ent-legal :
@$( CURDIR) /scripts/ci-helper.sh prepare-ent-legal
.PHONY : ci -prepare -ce -legal
ci-prepare-ce-legal :
@$( CURDIR) /scripts/ci-helper.sh prepare-ce-legal
2023-10-20 11:40:43 -04:00
.PHONY : ci -copywriteheaders
ci-copywriteheaders :
copywrite headers --plan
# Special case for MPL headers in /api, /sdk, and /shamir
cd api && $( CURDIR) /scripts/copywrite-exceptions.sh
cd sdk && $( CURDIR) /scripts/copywrite-exceptions.sh
cd shamir && $( CURDIR) /scripts/copywrite-exceptions.sh
2024-01-09 12:50:46 -05:00
.PHONY : all bin default prep test vet bootstrap fmt fmtcheck mysql -database -plugin mysql -legacy -database -plugin cassandra -database -plugin influxdb -database -plugin postgresql -database -plugin mssql -database -plugin hana -database -plugin mongodb -database -plugin ember -dist ember -dist -dev static -dist static -dist -dev assetcheck check -vault -in -path packages build build -ci semgrep semgrep -ci vet -codechecker ci -vet -codechecker clean dev
.NOTPARALLEL : ember -dist ember -dist -dev
2024-01-25 08:45:44 -05:00
.PHONY : all -packages
all-packages :
2024-02-02 13:38:01 -05:00
@echo $( ALL_PACKAGES) | tr ' ' '\n'
2024-03-26 06:30:30 -04:00
.PHONY : clean
clean :
@echo "==> Cleaning..."
