From c4e17e23bfb56f37e9cb7ca0011e7f484f77ff4b Mon Sep 17 00:00:00 2001 From: GregoryDosh Date: Wed, 16 Feb 2022 10:39:20 -0600 Subject: [PATCH 1/6] feat(ci): add tests for dependency binary versions --- test/docker-compose-scp.yml | 9 +++++++++ test/docker-compose-ssh.yml | 9 +++++++++ test/ensure-version-info-set.sh | 19 +++++++++++++++++++ test/integration-tests.sh | 2 ++ 4 files changed, 39 insertions(+) create mode 100755 test/ensure-version-info-set.sh diff --git a/test/docker-compose-scp.yml b/test/docker-compose-scp.yml index 6e6a05f..0ab437b 100644 --- a/test/docker-compose-scp.yml +++ b/test/docker-compose-scp.yml @@ -87,3 +87,12 @@ services: image: vela-scp:local entrypoint: which command: scp + + ensure-version-info-set: + depends_on: + - fake-remote-server + image: vela-scp:local + volumes: + - ./ensure-version-info-set.sh:/ensure-version-info-set.sh + entrypoint: sh + command: /ensure-version-info-set.sh scp diff --git a/test/docker-compose-ssh.yml b/test/docker-compose-ssh.yml index f6caef3..43e9ac0 100644 --- a/test/docker-compose-ssh.yml +++ b/test/docker-compose-ssh.yml @@ -87,3 +87,12 @@ services: image: vela-ssh:local entrypoint: ssh command: -V + + ensure-version-info-set: + depends_on: + - fake-remote-server + image: vela-ssh:local + volumes: + - ./ensure-version-info-set.sh:/ensure-version-info-set.sh + entrypoint: sh + command: /ensure-version-info-set.sh ssh diff --git a/test/ensure-version-info-set.sh b/test/ensure-version-info-set.sh new file mode 100755 index 0000000..65dad66 --- /dev/null +++ b/test/ensure-version-info-set.sh @@ -0,0 +1,19 @@ +#!/bin/sh +set -e + +BINARY="$1" + +if [ -z "${OPENSSH_VERSION}" ]; then + printf "OPENSSH_VERSION missing\n" + exit 1 +fi + +if [ -z "${SSHPASS_VERSION}" ]; then + printf "SSHPASS_VERSION missing\n" + exit 2 +fi + +if "/bin/vela-$BINARY" -v | grep unknown; then + printf "Version information isn't set\n" + exit 3 +fi diff --git a/test/integration-tests.sh b/test/integration-tests.sh index 7615fd1..1f443b0 100755 --- a/test/integration-tests.sh +++ b/test/integration-tests.sh @@ -11,6 +11,7 @@ SCP_TESTS=( passphrase-auth additional-secrets-in-params override-plugin + ensure-version-info-set ) SSH_TESTS=( @@ -20,6 +21,7 @@ SSH_TESTS=( passphrase-auth additional-secrets-in-params override-plugin + ensure-version-info-set ) # Make sure we move into the folder where the integration tests From 5cd961625ebc6db5a7ee87ce79f5bd43f701ff77 Mon Sep 17 00:00:00 2001 From: GregoryDosh Date: Wed, 16 Feb 2022 10:40:06 -0600 Subject: [PATCH 2/6] feat(ci): add tests for dependency binary versions --- .github/workflows/prerelease.yml | 7 +++++++ .github/workflows/publish.yml | 7 +++++++ Dockerfile.scp | 11 ++++++++++- Dockerfile.ssh | 11 ++++++++++- Makefile | 13 ++++++++++--- cmd/vela-scp/main.go | 20 +++++++++++++------- cmd/vela-ssh/main.go | 20 +++++++++++++------- internal/openssh/openssh.go | 6 ++++++ 8 files changed, 76 insertions(+), 19 deletions(-) diff --git a/.github/workflows/prerelease.yml b/.github/workflows/prerelease.yml index 91aceca..ddd90a0 100644 --- a/.github/workflows/prerelease.yml +++ b/.github/workflows/prerelease.yml @@ -32,6 +32,11 @@ jobs: run: | make build-static-ci + - name: grab dependency versions from makefile + run: | + grep "^OPENSSH.*=" Makefile >> $GITHUB_ENV + grep "^SSHPASS_VERSION.*=" Makefile >> $GITHUB_ENV + - name: publish scp uses: elgohr/Publish-Docker-Github-Action@master with: @@ -41,6 +46,7 @@ jobs: dockerfile: Dockerfile.scp username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} + buildargs: OPENSSH_VERSION,SSHPASS_VERSION - name: publish ssh uses: elgohr/Publish-Docker-Github-Action@master @@ -51,3 +57,4 @@ jobs: dockerfile: Dockerfile.ssh username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} + buildargs: OPENSSH_VERSION,SSHPASS_VERSION diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 1a5e4b9..87bda2c 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -26,6 +26,11 @@ jobs: run: | make build-static-ci + - name: grab dependency versions from makefile + run: | + grep "^OPENSSH.*=" Makefile >> $GITHUB_ENV + grep "^SSHPASS_VERSION.*=" Makefile >> $GITHUB_ENV + - name: publish scp uses: elgohr/Publish-Docker-Github-Action@master with: @@ -34,6 +39,7 @@ jobs: dockerfile: Dockerfile.scp username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} + buildargs: OPENSSH_VERSION,SSHPASS_VERSION - name: publish ssh uses: elgohr/Publish-Docker-Github-Action@master @@ -43,3 +49,4 @@ jobs: dockerfile: Dockerfile.ssh username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} + buildargs: OPENSSH_VERSION,SSHPASS_VERSION diff --git a/Dockerfile.scp b/Dockerfile.scp index 48889a9..55932fe 100644 --- a/Dockerfile.scp +++ b/Dockerfile.scp @@ -8,7 +8,16 @@ FROM alpine:latest -RUN apk add --update --no-cache ca-certificates openssh sshpass +# Build args to be used from the Makefile +ARG OPENSSH_VERSION +ARG SSHPASS_VERSION + +# Set environmental variables to the build args so the container +# keeps the history of what it was built with if users want to check. +ENV OPENSSH_VERSION=$OPENSSH_VERSION +ENV SSHPASS_VERSION=$SSHPASS_VERSION + +RUN apk add --update --no-cache ca-certificates openssh=${OPENSSH_VERSION} sshpass=${SSHPASS_VERSION} COPY release/vela-scp /bin/vela-scp diff --git a/Dockerfile.ssh b/Dockerfile.ssh index b02abc9..8fea865 100644 --- a/Dockerfile.ssh +++ b/Dockerfile.ssh @@ -8,7 +8,16 @@ FROM alpine:latest -RUN apk add --update --no-cache ca-certificates openssh sshpass +# Build args to be used from the Makefile +ARG OPENSSH_VERSION +ARG SSHPASS_VERSION + +# Set environmental variables to the build args so the container +# keeps the history of what it was built with if users want to check. +ENV OPENSSH_VERSION=$OPENSSH_VERSION +ENV SSHPASS_VERSION=$SSHPASS_VERSION + +RUN apk add --update --no-cache ca-certificates openssh=${OPENSSH_VERSION} sshpass=${SSHPASS_VERSION} COPY release/vela-ssh /bin/vela-ssh diff --git a/Makefile b/Makefile index 837945d..c8b40be 100644 --- a/Makefile +++ b/Makefile @@ -5,6 +5,13 @@ # capture the current date we build the application from BUILD_DATE = $(shell date +%Y-%m-%dT%H:%M:%SZ) +# Versions installed for OpenSSH and SSHPass binaries. +# This is the ONLY place these hardcoded versions are set. +# They're used in the Dockerfile the GitHub Actions workflow, +# the integration tests, and the static build flags for Go. +OPENSSH_VERSION = 8.8_p1-r1 +SSHPASS_VERSION=1.09-r0 + # check if a git commit sha is already set ifndef GITHUB_SHA # capture the current git commit sha we build the application from @@ -27,7 +34,7 @@ endif # The reference here to Kaniko is so that this repo doesn't need to duplicate # the version.go file across multiple plugin repositories. Ideally that file would # migrate into its own repository at some point so that it can be widely used. -LD_FLAGS = -X github.com/go-vela/vela-kaniko/version.Commit=${GITHUB_SHA} -X github.com/go-vela/vela-kaniko/version.Date=${BUILD_DATE} -X github.com/go-vela/vela-kaniko/version.Go=${GOLANG_VERSION} -X github.com/go-vela/vela-kaniko/version.Tag=${GITHUB_TAG} +LD_FLAGS = -X github.com/go-vela/vela-openssh/internal/openssh.OpenSSHVersion=${OPENSSH_VERSION} -X github.com/go-vela/vela-openssh/internal/openssh.SSHPassVersion=${SSHPASS_VERSION} -X github.com/go-vela/vela-kaniko/version.Commit=${GITHUB_SHA} -X github.com/go-vela/vela-kaniko/version.Date=${BUILD_DATE} -X github.com/go-vela/vela-kaniko/version.Go=${GOLANG_VERSION} -X github.com/go-vela/vela-kaniko/version.Tag=${GITHUB_TAG} # The `clean` target is intended to clean the workspace # and prepare the local changes for submission. @@ -237,8 +244,8 @@ bump-deps-full: check docker-build: @echo @echo "### Building vela-scp:local image" - @docker build -f Dockerfile.scp --no-cache -t vela-scp:local . - @docker build -f Dockerfile.ssh --no-cache -t vela-ssh:local . + @docker build -f Dockerfile.scp --no-cache --build-arg OPENSSH_VERSION=${OPENSSH_VERSION} --build-arg SSHPASS_VERSION=${SSHPASS_VERSION} -t vela-scp:local . + @docker build -f Dockerfile.ssh --no-cache --build-arg OPENSSH_VERSION=${OPENSSH_VERSION} --build-arg SSHPASS_VERSION=${SSHPASS_VERSION} -t vela-ssh:local . # The `docker-test` target is intended to execute # the Docker image for the plugin with test variables diff --git a/cmd/vela-scp/main.go b/cmd/vela-scp/main.go index 9be52fe..83144ff 100644 --- a/cmd/vela-scp/main.go +++ b/cmd/vela-scp/main.go @@ -1,6 +1,7 @@ package main import ( + "fmt" "os" "github.com/sirupsen/logrus" @@ -22,8 +23,11 @@ func main() { Email: "vela@target.com", }, }, - Action: run, - Version: openssh.PluginVersion.Semantic(), + Action: run, + // The version field looks gross but in practice is really only seen and used in integration tests + // or when a plugin is misconfigured. We should log the version information of dependent binaries + // to assist with debugging why a plugin might be failing to operate in a way users expect. + Version: fmt.Sprintf("Plugin: %s - OpenSSH: %s - SSHPass: %s", openssh.PluginVersion.Semantic(), openssh.OpenSSHVersion, openssh.SSHPassVersion), Flags: []cli.Flag{ &cli.StringSliceFlag{ Name: "source", @@ -103,11 +107,13 @@ func run(c *cli.Context) error { } logrus.WithFields(logrus.Fields{ - "code": "https://github.com/go-vela/vela-openssh", - "docs": "https://go-vela.github.io/docs/plugins/registry/scp", - "registry": "https://hub.docker.com/r/target/vela-scp", - "version": openssh.PluginVersion.Semantic(), - "commit": openssh.PluginVersion.Metadata.GitCommit, + "code": "https://github.com/go-vela/vela-openssh", + "docs": "https://go-vela.github.io/docs/plugins/registry/scp", + "registry": "https://hub.docker.com/r/target/vela-scp", + "commit": openssh.PluginVersion.Metadata.GitCommit, + "version-plugin": openssh.PluginVersion.Semantic(), + "version-openssh": openssh.OpenSSHVersion, + "version-sshpass": openssh.SSHPassVersion, }).Info("Vela SCP Plugin") bp := binarywrapper.Plugin{ diff --git a/cmd/vela-ssh/main.go b/cmd/vela-ssh/main.go index f6a4e29..ce9c760 100644 --- a/cmd/vela-ssh/main.go +++ b/cmd/vela-ssh/main.go @@ -1,6 +1,7 @@ package main import ( + "fmt" "os" "github.com/sirupsen/logrus" @@ -22,8 +23,11 @@ func main() { Email: "vela@target.com", }, }, - Action: run, - Version: openssh.PluginVersion.Semantic(), + Action: run, + // The version field looks gross but in practice is really only seen and used in integration tests + // or when a plugin is misconfigured. We should log the version information of dependent binaries + // to assist with debugging why a plugin might be failing to operate in a way users expect. + Version: fmt.Sprintf("Plugin: %s - OpenSSH: %s - SSHPass: %s", openssh.PluginVersion.Semantic(), openssh.OpenSSHVersion, openssh.SSHPassVersion), Flags: []cli.Flag{ &cli.StringFlag{ Name: "destination", @@ -103,11 +107,13 @@ func run(c *cli.Context) error { } logrus.WithFields(logrus.Fields{ - "code": "https://github.com/go-vela/vela-openssh", - "docs": "https://go-vela.github.io/docs/plugins/registry/ssh", - "registry": "https://hub.docker.com/r/target/vela-ssh", - "version": openssh.PluginVersion.Semantic(), - "commit": openssh.PluginVersion.Metadata.GitCommit, + "code": "https://github.com/go-vela/vela-openssh", + "docs": "https://go-vela.github.io/docs/plugins/registry/ssh", + "registry": "https://hub.docker.com/r/target/vela-ssh", + "commit": openssh.PluginVersion.Metadata.GitCommit, + "version-plugin": openssh.PluginVersion.Semantic(), + "version-openssh": openssh.OpenSSHVersion, + "version-sshpass": openssh.SSHPassVersion, }).Info("Vela SSH Plugin") bp := binarywrapper.Plugin{ diff --git a/internal/openssh/openssh.go b/internal/openssh/openssh.go index 19d5fe8..c4092ea 100644 --- a/internal/openssh/openssh.go +++ b/internal/openssh/openssh.go @@ -14,6 +14,12 @@ import ( "github.com/spf13/afero" ) +// These are build time constants for use in logging which binaries a plugin happens to be using. +var ( + OpenSSHVersion = "unknown" + SSHPassVersion = "unknown" +) + var ( // PluginVersion provides a common place to pull the plugin configuration from. PluginVersion = version.New() From 5890e54fbb306b037df1686a89e0b631d5ef5e83 Mon Sep 17 00:00:00 2001 From: GregoryDosh Date: Wed, 16 Feb 2022 10:51:58 -0600 Subject: [PATCH 3/6] fix(ci): update master references to main --- .github/CONTRIBUTING.md | 2 +- .github/workflows/codeql-analysis.yml | 4 ++-- .github/workflows/publish.yml | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index ccd1689..ac7de79 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -97,7 +97,7 @@ make clean ```bash # Push your code up to your fork -git push fork master +git push fork main ``` * Open a pull request. Thank you for your contribution! diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index fa7b6e4..a5ea387 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -13,10 +13,10 @@ name: "CodeQL" on: push: - branches: [ master ] + branches: [ main ] pull_request: # The branches below must be a subset of the branches above - branches: [ master ] + branches: [ main ] schedule: - cron: '30 21 * * 0' diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 87bda2c..562d5f6 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -1,10 +1,10 @@ # name of the action name: publish -# trigger on push events with branch master +# trigger on push events with branch main on: push: - branches: [ master ] + branches: [ main ] # pipeline to execute jobs: From fb2ac5998f0451b2495ffb09fd7e2c8ebd2e9e6f Mon Sep 17 00:00:00 2001 From: GregoryDosh Date: Wed, 16 Feb 2022 10:52:19 -0600 Subject: [PATCH 4/6] feat(ci): adding docker publish testing --- .github/workflows/test.yml | 44 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 6587b22..1ceebf5 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -40,3 +40,47 @@ jobs: - name: integration test with fake server run: make docker-build && make docker-test + + publish-test: + runs-on: ubuntu-latest + needs: + - unit-test + - integration-test + container: + image: golang:1.17 + steps: + - name: clone + uses: actions/checkout@v2 + with: + # ensures we fetch tag history for the repository + fetch-depth: 0 + + - name: build + env: + GOOS: linux + CGO_ENABLED: '0' + run: | + make build-static-ci + + - name: grab dependency versions from makefile + run: | + grep "^OPENSSH.*=" Makefile >> $GITHUB_ENV + grep "^SSHPASS_VERSION.*=" Makefile >> $GITHUB_ENV + + - name: publish scp + uses: elgohr/Publish-Docker-Github-Action@master + with: + name: target/vela-scp + cache: true + dockerfile: Dockerfile.scp + no_push: true + buildargs: OPENSSH_VERSION,SSHPASS_VERSION + + - name: publish ssh + uses: elgohr/Publish-Docker-Github-Action@master + with: + name: target/vela-ssh + cache: true + dockerfile: Dockerfile.ssh + no_push: true + buildargs: OPENSSH_VERSION,SSHPASS_VERSION From a7715d7e92a6e33e812c0b596ed417fd053e4bcf Mon Sep 17 00:00:00 2001 From: GregoryDosh Date: Wed, 16 Feb 2022 11:07:17 -0600 Subject: [PATCH 5/6] fix(ci): remove space between equals and unneeded needs --- .github/workflows/test.yml | 5 +---- Makefile | 3 ++- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 1ceebf5..b341690 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -41,11 +41,8 @@ jobs: - name: integration test with fake server run: make docker-build && make docker-test - publish-test: + gha-publish-test: runs-on: ubuntu-latest - needs: - - unit-test - - integration-test container: image: golang:1.17 steps: diff --git a/Makefile b/Makefile index c8b40be..e269fd1 100644 --- a/Makefile +++ b/Makefile @@ -9,7 +9,8 @@ BUILD_DATE = $(shell date +%Y-%m-%dT%H:%M:%SZ) # This is the ONLY place these hardcoded versions are set. # They're used in the Dockerfile the GitHub Actions workflow, # the integration tests, and the static build flags for Go. -OPENSSH_VERSION = 8.8_p1-r1 +# Note: No space between the equals and the value else issues arise. +OPENSSH_VERSION=8.8_p1-r1 SSHPASS_VERSION=1.09-r0 # check if a git commit sha is already set From 2644c92036ad783573cc12448ed78db9568d00da Mon Sep 17 00:00:00 2001 From: GregoryDosh Date: Wed, 16 Feb 2022 11:18:07 -0600 Subject: [PATCH 6/6] fix(ci): update master references to main --- .github/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/README.md b/.github/README.md index 0c42987..f8ac914 100644 --- a/.github/README.md +++ b/.github/README.md @@ -3,7 +3,7 @@ [![license](https://img.shields.io/crates/l/gl.svg)](../LICENSE) [![GoDoc](https://godoc.org/github.com/go-vela/vela-openssh?status.svg)](https://godoc.org/github.com/go-vela/vela-openssh) [![Go Report Card](https://goreportcard.com/badge/go-vela/vela-openssh)](https://goreportcard.com/report/go-vela/vela-openssh) -[![codecov](https://codecov.io/gh/go-vela/vela-openssh/branch/master/graph/badge.svg)](https://codecov.io/gh/go-vela/vela-openssh) +[![codecov](https://codecov.io/gh/go-vela/vela-openssh/branch/main/graph/badge.svg)](https://codecov.io/gh/go-vela/vela-openssh) A set of Vela plugins designed to make common SSH and SCP actions easy to do within the Vela CI environment.