From 0770685adf7a0c57f76795e8875ed9f4af6958cb Mon Sep 17 00:00:00 2001 From: Anna Henningsen Date: Tue, 15 Mar 2022 16:00:03 +0100 Subject: [PATCH 1/4] feat: add packaging for CSFLE shared library MONGOSH-1116 --- config/build.conf.js | 22 ++++++---- lerna.json | 3 +- package-lock.json | 12 +++--- package.json | 2 +- packages/build/src/config/config.ts | 2 +- packages/build/src/config/redact-config.ts | 2 +- packages/build/src/download-mongodb.ts | 27 ++++++++---- ...ngocryptd.ts => download-csfle-library.ts} | 41 +++++++++++++------ .../src/packaging/package/debian.spec.ts | 2 +- .../packaging/package/package-information.ts | 2 +- .../src/packaging/package/redhat.spec.ts | 2 +- .../build/src/packaging/package/redhat.ts | 4 +- packages/build/src/packaging/run-package.ts | 15 +++---- packages/build/test/fixtures/pkgconf.js | 2 +- packages/build/test/helpers.ts | 2 +- .../{LICENSE-mongocryptd => LICENSE-csfle} | 20 ++++----- packaging/README | 9 ++-- scripts/docker/amazonlinux1-rpm.Dockerfile | 3 +- scripts/docker/amazonlinux2-rpm.Dockerfile | 3 +- scripts/docker/build.sh | 3 ++ scripts/docker/centos7-rpm.Dockerfile | 3 +- scripts/docker/debian10-deb.Dockerfile | 3 +- scripts/docker/debian9-deb.Dockerfile | 3 +- scripts/docker/fedora34-rpm.Dockerfile | 3 +- scripts/docker/package.json | 19 +++++++++ scripts/docker/rocky8-rpm.Dockerfile | 3 +- scripts/docker/suse12-rpm.Dockerfile | 3 +- scripts/docker/suse15-rpm.Dockerfile | 3 +- scripts/docker/ubuntu18.04-deb.Dockerfile | 3 +- scripts/docker/ubuntu20.04-deb.Dockerfile | 3 +- scripts/no-mongocryptd.sh | 2 - 31 files changed, 141 insertions(+), 85 deletions(-) rename packages/build/src/packaging/{download-mongocryptd.ts => download-csfle-library.ts} (51%) rename packaging/{LICENSE-mongocryptd => LICENSE-csfle} (74%) create mode 100644 scripts/docker/package.json delete mode 100755 scripts/no-mongocryptd.sh diff --git a/config/build.conf.js b/config/build.conf.js index 575377e05c..0f1058be0c 100644 --- a/config/build.conf.js +++ b/config/build.conf.js @@ -3,6 +3,10 @@ const path = require('path'); const os = require('os'); +const SHARED_LIBRARY_SUFFIX = + process.platform === 'win32' ? 'dll' : + process.platform === 'darwin' ? 'dylib' : 'so'; + /** * The project root. */ @@ -45,11 +49,11 @@ const OUTPUT_DIR = path.join(ROOT, 'dist'); const EXECUTABLE_PATH = path.join(OUTPUT_DIR, process.platform === 'win32' ? 'mongosh.exe' : 'mongosh'); /** - * The name of the downloaded mongocryptd executable. - * We use the name mongocryptd-mongosh to avoid conflicts with users - * potentially installing the 'proper' mongocryptd package. + * The path to the downloaded csfe shared library. + * We use the name mongosh_csfle_v1 to avoid conflicts with users + * potentially installing the 'proper' csfle shared library. */ -const MONGOCRYPTD_PATH = path.resolve(TMP_DIR, 'mongocryptd-mongosh' + (process.platform === 'win32' ? '.exe' : '')); +const CSFLE_LIBRARY_PATH = path.resolve(TMP_DIR, 'mongosh_csfle_v1.' + SHARED_LIBRARY_SUFFIX); /** * Build info JSON data file. @@ -105,7 +109,7 @@ module.exports = { repo: 'mongosh' }, artifactUrlFile: process.env.ARTIFACT_URL_FILE, - mongocryptdPath: MONGOCRYPTD_PATH, + csfleLibraryPath: CSFLE_LIBRARY_PATH, packageInformation: { binaries: [ { @@ -120,11 +124,11 @@ module.exports = { } }, { - sourceFilePath: MONGOCRYPTD_PATH, - category: 'libexec', + sourceFilePath: CSFLE_LIBRARY_PATH, + category: 'lib', license: { - sourceFilePath: path.resolve(__dirname, '..', 'packaging', 'LICENSE-mongocryptd'), - packagedFilePath: 'LICENSE-mongocryptd', + sourceFilePath: path.resolve(__dirname, '..', 'packaging', 'LICENSE-csfle'), + packagedFilePath: 'LICENSE-csfle', debCopyright: COPYRIGHT, debIdentifier: 'Proprietary', rpmIdentifier: 'Proprietary' diff --git a/lerna.json b/lerna.json index 8cba3d8bff..2929c2dcef 100644 --- a/lerna.json +++ b/lerna.json @@ -1,6 +1,7 @@ { "packages": [ - "packages/*" + "packages/*", + "scripts/docker" ], "version": "0.0.0-dev.0" } diff --git a/package-lock.json b/package-lock.json index 2ed8b82bdf..1bef982a36 100644 --- a/package-lock.json +++ b/package-lock.json @@ -18364,9 +18364,9 @@ } }, "mongodb-download-url": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/mongodb-download-url/-/mongodb-download-url-1.1.2.tgz", - "integrity": "sha512-El64L/3WgZdobgDrG91N2mXAnvEWO2xUARTv9T3vZ3ivrg+Qh7CqU91Aw6VNjCLfmEIHe9i+5tYDtWAlD/u+OA==", + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/mongodb-download-url/-/mongodb-download-url-1.2.0.tgz", + "integrity": "sha512-we49hjNjsthOCHDkx+P3EhYlbcX8hGYgeNQF4In/oONroLeUjCcRZgNOEtwYwabXhcP6lMMlAS5I7HRhJsP14Q==", "dev": true, "requires": { "debug": "^4.1.1", @@ -18376,9 +18376,9 @@ }, "dependencies": { "debug": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.2.tgz", - "integrity": "sha512-mOp8wKcvj7XxC78zLgw/ZA+6TSgkoE2C/ienthhRD298T7UNwAg9diBpLRxC0mOezLl4B0xV7M0cCO6P/O0Xhw==", + "version": "4.3.3", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.3.tgz", + "integrity": "sha512-/zxw5+vh1Tfv+4Qn7a5nsbcJKPaSvCDhojn6FEl9vupwK2VCSDtEiEtqr8DFtzYFOdz63LBkxec7DYuc2jon6Q==", "dev": true, "requires": { "ms": "2.1.2" diff --git a/package.json b/package.json index 5c7c07deb7..02c9fa45dc 100644 --- a/package.json +++ b/package.json @@ -123,7 +123,7 @@ "lerna": "^4.0.0", "mocha": "^7.1.2", "mongodb": "^4.4.0", - "mongodb-download-url": "^1.1.2", + "mongodb-download-url": "^1.2.0", "mongodb-js-precommit": "^2.0.0", "nock": "^13.0.11", "node-codesign": "^0.3.3", diff --git a/packages/build/src/config/config.ts b/packages/build/src/config/config.ts index 712b559354..4d8acb6657 100644 --- a/packages/build/src/config/config.ts +++ b/packages/build/src/config/config.ts @@ -40,7 +40,7 @@ export interface Config { }; isPatch?: boolean; triggeringGitTag?: string; - mongocryptdPath: string; + csfleLibraryPath: string; packageInformation?: PackageInformation; artifactUrlFile?: string; manpage?: ManPageConfig; diff --git a/packages/build/src/config/redact-config.ts b/packages/build/src/config/redact-config.ts index c056166f26..a2607b5648 100644 --- a/packages/build/src/config/redact-config.ts +++ b/packages/build/src/config/redact-config.ts @@ -17,7 +17,7 @@ export function redactConfig(config: Config): Partial { repo: config.repo, isPatch: config.isPatch, packageInformation: config.packageInformation, - mongocryptdPath: config.mongocryptdPath, + csfleLibraryPath: config.csfleLibraryPath, artifactUrlFile: config.artifactUrlFile }; } diff --git a/packages/build/src/download-mongodb.ts b/packages/build/src/download-mongodb.ts index ffd706395b..70c5e939db 100644 --- a/packages/build/src/download-mongodb.ts +++ b/packages/build/src/download-mongodb.ts @@ -1,8 +1,11 @@ /* eslint-disable no-return-assign, no-empty */ /* istanbul ignore file */ +import fetch from 'node-fetch'; +import tar from 'tar'; +import { promisify } from 'util'; import { promises as fs } from 'fs'; import path from 'path'; -import download from 'download'; +import { pipeline } from 'stream'; import getDownloadURL from 'mongodb-download-url'; import type { Options as DownloadOptions } from 'mongodb-download-url'; @@ -21,7 +24,7 @@ export async function downloadMongoDb(tmpdir: string, targetVersionSemverSpecifi await fs.mkdir(tmpdir, { recursive: true }); if (targetVersionSemverSpecifier === 'latest-alpha') { - return await doDownload(tmpdir, 'latest-alpha', lookupDownloadUrl); + return await doDownload(tmpdir, !!options.csfle, 'latest-alpha', lookupDownloadUrl); } if (/-community$/.test(targetVersionSemverSpecifier)) { @@ -31,18 +34,23 @@ export async function downloadMongoDb(tmpdir: string, targetVersionSemverSpecifi return await doDownload( tmpdir, + !!options.csfle, targetVersionSemverSpecifier + (wantsEnterprise ? '-enterprise' : '-community'), () => lookupDownloadUrl()); } const downloadPromises: Record> = {}; -async function doDownload(tmpdir: string, version: string, lookupDownloadUrl: () => Promise) { +async function doDownload( + tmpdir: string, + isCsfle: boolean, + version: string, + lookupDownloadUrl: () => Promise) { const downloadTarget = path.resolve( tmpdir, `mongodb-${process.platform}-${process.env.DISTRO_ID || 'none'}-${process.arch}-${version}` .replace(/[^a-zA-Z0-9_-]/g, '')); return downloadPromises[downloadTarget] ??= (async() => { - const bindir = path.resolve(downloadTarget, 'bin'); + const bindir = path.resolve(downloadTarget, isCsfle ? 'lib' : 'bin'); try { await fs.stat(bindir); console.info(`Skipping download because ${downloadTarget} exists`); @@ -50,9 +58,14 @@ async function doDownload(tmpdir: string, version: string, lookupDownloadUrl: () } catch {} await fs.mkdir(downloadTarget, { recursive: true }); - const downloadInfo = await lookupDownloadUrl(); - console.info('Downloading...', downloadInfo); - await download(downloadInfo, downloadTarget, { extract: true, strip: 1 }); + const url = await lookupDownloadUrl(); + console.info('Downloading...', url); + + const response = await fetch(url); + await promisify(pipeline)( + response.body, + tar.x({ cwd: downloadTarget, strip: isCsfle ? 0 : 1 }) + ); await fs.stat(bindir); // Make sure it exists. return bindir; diff --git a/packages/build/src/packaging/download-mongocryptd.ts b/packages/build/src/packaging/download-csfle-library.ts similarity index 51% rename from packages/build/src/packaging/download-mongocryptd.ts rename to packages/build/src/packaging/download-csfle-library.ts index c356a48799..8f473a1574 100644 --- a/packages/build/src/packaging/download-mongocryptd.ts +++ b/packages/build/src/packaging/download-csfle-library.ts @@ -4,26 +4,41 @@ import { promises as fs, constants as fsConstants } from 'fs'; import { downloadMongoDb, DownloadOptions } from '../download-mongodb'; import { BuildVariant, getDistro, getArch } from '../config'; -export async function downloadMongocrypt(variant: BuildVariant): Promise { +export async function downloadCsfleLibrary(variant: BuildVariant): Promise { const opts: DownloadOptions = {}; opts.arch = getArch(variant); opts.distro = lookupReleaseDistro(variant); opts.enterprise = true; - opts.cryptd = true; - console.info('mongosh: downloading latest mongocryptd for inclusion in package:', JSON.stringify(opts)); + opts.csfle = true; + console.info('mongosh: downloading latest csfle shared library for inclusion in package:', JSON.stringify(opts)); - const bindir = await downloadMongoDb( - path.resolve(__dirname, '..', '..', '..', '..', 'tmp', 'mongocryptd-store', variant), - '*', - opts); // Download mongodb for latest server version. - let mongocryptd = path.join(bindir, 'mongocryptd'); + let libdir = ''; + const csfleTmpTargetDir = path.resolve(__dirname, '..', '..', '..', '..', 'tmp', 'csfle-store', variant); + // Download mongodb for latest server version. Since the CSFLE shared + // library is not part of a non-rc release yet and 5.3.0 not released yet, try: + // 1. release server version, 2. '5.3.0' specifically, 3. any version at all + let error: Error | undefined; + for (const version of [ 'stable', '5.3.0', 'unstable' ]) { + try { + libdir = await downloadMongoDb(csfleTmpTargetDir, version, opts); + break; + } catch (e: any) { + error = e; + } + } + if (!libdir) throw error; + let csfleLibrary = path.join(libdir, 'mongo_csfle_v1'); if (opts.distro === 'win32') { - mongocryptd += '.exe'; + csfleLibrary += '.dll'; + } else if (opts.distro === 'darwin') { + csfleLibrary += '.dylib'; + } else { + csfleLibrary += '.so'; } - // Make sure that the binary exists and is executable. - await fs.access(mongocryptd, fsConstants.X_OK); - console.info('mongosh: downloaded', mongocryptd); - return mongocryptd; + // Make sure that the binary exists and is readable. + await fs.access(csfleLibrary, fsConstants.R_OK); + console.info('mongosh: downloaded', csfleLibrary); + return csfleLibrary; } // eslint-disable-next-line complexity diff --git a/packages/build/src/packaging/package/debian.spec.ts b/packages/build/src/packaging/package/debian.spec.ts index 660650221e..cf143074b7 100644 --- a/packages/build/src/packaging/package/debian.spec.ts +++ b/packages/build/src/packaging/package/debian.spec.ts @@ -25,7 +25,7 @@ describe('tarball debian', () => { { const { stdout } = await execFile('dpkg', ['-c', tarball.path]); expect(stdout).to.match(/^-rwxr.xr-x.+\/usr\/bin\/foo$/m); - expect(stdout).to.match(/^-rwxr.xr-x.+\/usr\/libexec\/bar$/m); + expect(stdout).to.match(/^-rwxr.xr-x.+\/usr\/lib\/bar$/m); expect(stdout).to.match(/^-rw-r.-r--.+\/usr\/share\/doc\/foobar\/LICENSE_bar$/m); expect(stdout).to.match(/^-rw-r.-r--.+\/usr\/share\/doc\/foobar\/LICENSE_foo$/m); expect(stdout).to.match(/^-rw-r.-r--.+\/usr\/share\/doc\/foobar\/README$/m); diff --git a/packages/build/src/packaging/package/package-information.ts b/packages/build/src/packaging/package/package-information.ts index f440723467..1c05d11da9 100644 --- a/packages/build/src/packaging/package/package-information.ts +++ b/packages/build/src/packaging/package/package-information.ts @@ -15,7 +15,7 @@ type ManPage = DocumentationFile; export interface PackageInformation { binaries: { sourceFilePath: string; - category: 'bin' | 'libexec'; + category: 'bin' | 'lib'; license: LicenseInformation; }[]; otherDocFilePaths: DocumentationFile[]; diff --git a/packages/build/src/packaging/package/redhat.spec.ts b/packages/build/src/packaging/package/redhat.spec.ts index 25184826dc..fbdedc02b4 100644 --- a/packages/build/src/packaging/package/redhat.spec.ts +++ b/packages/build/src/packaging/package/redhat.spec.ts @@ -34,7 +34,7 @@ describe('tarball redhat', () => { expect(stdout).to.match(/URL\s+:\s+https:\/\/example.org/); expect(stdout).to.match(/Summary\s+:\s+Dummy package/); expect(stdout).to.match(/^\/usr\/bin\/foo$/m); - expect(stdout).to.match(/^\/usr\/libexec\/bar$/m); + expect(stdout).to.match(/^\/usr\/lib\/bar$/m); expect(stdout).to.match(/^\/usr\/share\/doc\/foobar-1.0.0\/README$/m); expect(stdout).to.match(/^\/usr\/share\/licenses\/foobar-1.0.0\/LICENSE_bar$/m); expect(stdout).to.match(/^\/usr\/share\/licenses\/foobar-1.0.0\/LICENSE_foo$/m); diff --git a/packages/build/src/packaging/package/redhat.ts b/packages/build/src/packaging/package/redhat.ts index 14a718f1a4..4910c18dfb 100644 --- a/packages/build/src/packaging/package/redhat.ts +++ b/packages/build/src/packaging/package/redhat.ts @@ -11,7 +11,7 @@ const { COPYFILE_FICLONE } = constants; interface InstallFile { fromFilename: string; toFilename: string; - category: 'man' | 'bin' | 'libexec'; + category: 'man' | 'bin' | 'libexec' | 'lib'; mode: string; } @@ -37,7 +37,7 @@ export async function createRedhatPackage( fromFilename: path.basename(sourceFilePath), toFilename: path.basename(sourceFilePath), category, - mode: '755' + mode: category === 'lib' ? '644' : '755' })); if (pkg.manpage) { installFiles.push({ diff --git a/packages/build/src/packaging/run-package.ts b/packages/build/src/packaging/run-package.ts index 031e176195..b1670cf3ad 100644 --- a/packages/build/src/packaging/run-package.ts +++ b/packages/build/src/packaging/run-package.ts @@ -1,7 +1,7 @@ import { constants as fsConstants, promises as fs } from 'fs'; import path from 'path'; import { Config, validateBuildVariant } from '../config'; -import { downloadMongocrypt } from './download-mongocryptd'; +import { downloadCsfleLibrary } from './download-csfle-library'; import { downloadManpage } from './download-manpage'; import { notarizeArtifact } from './notary-service'; import { createPackage, PackageFile } from './package'; @@ -12,18 +12,13 @@ export async function runPackage( const distributionBuildVariant = config.distributionBuildVariant; validateBuildVariant(distributionBuildVariant); - await fs.mkdir(path.dirname(config.mongocryptdPath), { recursive: true }); - // TODO: add mongocryptd and E2E tests for darwin-arm64 once server builds + await fs.mkdir(path.dirname(config.csfleLibraryPath), { recursive: true }); + // TODO: add csfle and E2E tests for darwin-arm64 once server builds // are available for that platform. if (distributionBuildVariant !== 'darwin-arm64') { await fs.copyFile( - await downloadMongocrypt(distributionBuildVariant), - config.mongocryptdPath, - fsConstants.COPYFILE_FICLONE); - } else { - await fs.copyFile( - path.resolve(__dirname, '..', '..', '..', '..', 'scripts', 'no-mongocryptd.sh'), - config.mongocryptdPath, + await downloadCsfleLibrary(distributionBuildVariant), + config.csfleLibraryPath, fsConstants.COPYFILE_FICLONE); } diff --git a/packages/build/test/fixtures/pkgconf.js b/packages/build/test/fixtures/pkgconf.js index 95630d4a65..97c5be6edb 100644 --- a/packages/build/test/fixtures/pkgconf.js +++ b/packages/build/test/fixtures/pkgconf.js @@ -15,7 +15,7 @@ module.exports = { }, { sourceFilePath: path.resolve(__dirname, 'bin', 'bar'), - category: 'libexec', + category: 'lib', license: { debIdentifier: 'Apple', debCopyright: '2021 Somebody Else’s Cats', diff --git a/packages/build/test/helpers.ts b/packages/build/test/helpers.ts index cd9917417a..a6e2f4d4f7 100644 --- a/packages/build/test/helpers.ts +++ b/packages/build/test/helpers.ts @@ -29,7 +29,7 @@ export const dummyConfig: Config = Object.freeze({ bundleEntrypointInput: 'bundleEntrypointInput', bundleSinglefileOutput: 'bundleSinglefileOutput', executablePath: 'executablePath', - mongocryptdPath: 'mongocryptdPath', + csfleLibraryPath: 'csfleLibraryPath', outputDir: 'outputDir', buildInfoFilePath: 'buildInfoFilePath', project: 'project', diff --git a/packaging/LICENSE-mongocryptd b/packaging/LICENSE-csfle similarity index 74% rename from packaging/LICENSE-mongocryptd rename to packaging/LICENSE-csfle index 8d34d456a9..5dba125ea2 100644 --- a/packaging/LICENSE-mongocryptd +++ b/packaging/LICENSE-csfle @@ -1,7 +1,6 @@ Customer Agreement By agreeing to an Order Form that references this Customer Agreement (this “Agreement”), or by downloading our Software for a free trial, you agree to this Agreement. If you represent an organization, you represent and warrant that you have the authority to agree to this Agreement on behalf of your organization. - 1. Definitions. The following terms have the following meanings: “Affiliate” means an organization that controls, is controlled by, or is under common control with, a party, where “control” means direct or indirect ownership of more than 50% of the voting interests of the organization. @@ -10,19 +9,17 @@ By agreeing to an Order Form that references this Customer Agreement (this “Ag “Consulting Services” means the consulting or professional services included in your Subscription. -“Customer,” “you” and “your” means the organization that agrees to an Order Form or downloads the Software for a free trial. +“Customer”, “you” and “your” means the organization that agrees to an Order Form or downloads the Software for a free trial. “Deliverable” means a work provided to you as a part of the Consulting Services, including any report. “Documentation” means the instructions, specifications and information regarding the Software available at https://docs.mongodb.com/. - -“MongoDB,” “we,” “our” and “us” means the MongoDB company that agrees to an Order Form. - + “Order Form” means an ordering document for Subscriptions signed by both parties that refers to this Agreement. -“Server” means a virtual machine or container that stores data up to the amount of RAM specified on an applicable Order Form. +“Server” means a virtual machine or container that stores data up to the amount of RAM specified on an applicable Order Form. -“Software” means the MongoDB Enterprise database software, MongoDB Ops Manager, MongoDB Charts, MongoDB Connector for Business Intelligence, and any other software included with a Subscription, including any generally available updates to such software, but excluding open source software components, each of which has its copyright notice and license included in the license file and Documentation. +“Software” means the MongoDB Enterprise database software, MongoDB Ops Manager, MongoDB Charts, MongoDB Connector for Business Intelligence, and any other software included with a Subscription, including any generally available updates to such software, but excluding (a) beta offerings and (b) open source software components, each of which has its copyright notice and license included in the license file and Documentation. “Subscription” means a subscription for our Software, Support, or Consulting Services set forth in an Order Form. @@ -30,7 +27,7 @@ By agreeing to an Order Form that references this Customer Agreement (this “Ag 2. Subscriptions. -(a) Generally. We will provide you with the Software, Support and Consulting Services included in the Subscription. We will provide you with Support in accordance with the applicable support policy available on our website, currently available at https://www.mongodb.com/support-policy. While we may modify our support policy from time to time, we will not modify it in a way that materially and adversely affects your Support. Your Affiliates may purchase Subscriptions directly from us by signing an Order Form and you may allow an Affiliate to use your Subscriptions as long as you are responsible for the Affiliate’s compliance with this Agreement. +(a) Generally. We will provide you with the Software, Support and Consulting Services included in the Subscription. We will provide you with Support in accordance with the applicable support policy available on our website, currently available at https://www.mongodb.com/support-policy. While we may modify our support policy from time to time, we will not modify it in a way that materially and adversely affects your Support. Your Affiliates may purchase Subscriptions directly from us or our Affiliates by signing an Order Form and you may allow an Affiliate to use your Subscriptions as long as you are responsible for the Affiliate’s compliance with this Agreement. (b) Free Evaluation and Development. MongoDB grants you a royalty-free, nontransferable and nonexclusive license to use and reproduce the Software in your internal environment for evaluation and development purposes. You will not use the Software for any other purpose, including testing, quality assurance or production purposes without purchasing an Enterprise Advanced Subscription. We provide the free evaluation and development license of our Software on an “AS-IS” basis without any warranty. @@ -42,11 +39,11 @@ By agreeing to an Order Form that references this Customer Agreement (this “Ag 5. Payment and Taxes. You will pay undisputed fees and reimburse any business expenses as set forth on and in accordance with an Order Form. Your payment for Subscriptions is non-refundable and you may not terminate or cancel an Order Form except as stated in this Agreement. Our fees exclude and you will pay applicable taxes and similar charges, including sales, usage, excise and value added taxes. Nothing in this Agreement requires either party to pay any income taxes or similar charges of the other party. If applicable law requires you to withhold any amount from your payment, you will provide us with copies of documents related to your withholding upon our request. -6. Confidentiality. This Agreement supersedes any applicable non-disclosure agreement between the parties with respect to your use of the Software. The receiving party will use the disclosing party’s Confidential Information only in connection with this Agreement and protect the disclosing party’s Confidential Information by using the same degree of care used to protect its own confidential information, but not less than a reasonable degree of care. The receiving party will limit disclosure of the disclosing party’s Confidential Information to its and its Affiliates’ directors, officers, employees and contractors bound to confidentiality obligations at least as protective as the confidentiality provisions in this Agreement and who have a need to know the Confidential Information. The receiving party will not disclose the disclosing party’s Confidential Information to a any other third party without the disclosing party's consent, except where required to comply with applicable law or a compulsory legal order or process, provided that the receiving party will, if legally permitted, promptly notify the disclosing party. Each party will return or destroy the other party’s Confidential Information upon written request from the other party. +6. Confidentiality. This Agreement supersedes any applicable non-disclosure agreement between the parties with respect to your Subscriptions. The receiving party will use the disclosing party’s Confidential Information only in connection with this Agreement and protect the disclosing party’s Confidential Information by using the same degree of care used to protect its own confidential information, but not less than a reasonable degree of care. The receiving party will limit disclosure of the disclosing party’s Confidential Information to its and its Affiliates’ directors, officers, employees and contractors bound to confidentiality obligations at least as protective as the confidentiality provisions in this Agreement and who have a need to know the Confidential Information. The receiving party will not disclose the disclosing party’s Confidential Information to any other third party without the disclosing party's consent, except where required to comply with applicable law or a compulsory legal order or process, provided that the receiving party will, if legally permitted, promptly notify the disclosing party. Each party will return or destroy the other party’s Confidential Information upon written request from the other party. 7. Intellectual Property. This Agreement does not transfer any right, title or interest in any intellectual property to any party, except as expressly set forth in this Agreement. You are not obligated to provide us with any suggestions or other feedback, but if you do, we may use and modify this feedback without any restriction or payment. -8. Warranties. MongoDB represents and warrants that: (a) the Software will perform substantially in accordance with the Documentation, and (b) it will perform Consulting Services and Support in a diligent and workmanlike manner consistent with industry standards. Your exclusive remedy for MongoDB’s material breach of warranty is to terminate any affected Subscription in accordance with Section 11 and receive a refund of any prepaid fees for unused Subscriptions. Except as set forth in this Section, we provide the Software, Consulting Services and Support on an “AS-IS” basis. To the fullest extent not prohibited by law, MongoDB disclaims and this Agreement excludes any implied or statutory warranty, including any warranty of title, non-infringement, merchantability or fitness for a particular purpose. +8. Warranties. MongoDB represents and warrants that: (a) the Software will perform substantially in accordance with the Documentation; and (b) it will perform Consulting Services and Support in a diligent and workmanlike manner consistent with industry standards. Your exclusive remedy for MongoDB’s material breach of warranty is to terminate any affected Subscription in accordance with Section 11 and receive a refund of any prepaid fees for unused Subscriptions. Except as set forth in this Section, we provide the Software, Consulting Services and Support on an “AS-IS” basis. To the fullest extent not prohibited by law, MongoDB disclaims and this Agreement excludes any implied or statutory warranty, including any warranty of title, non-infringement, merchantability or fitness for a particular purpose. 9. Limitation of Liability. @@ -70,4 +67,5 @@ By agreeing to an Order Form that references this Customer Agreement (this “Ag 11. Term and Termination. The term of this Agreement commences when you agree to an Order Form, or you download our Software for a free trial, and will remain in effect until terminated in accordance with this Agreement. Either party may terminate this Agreement for convenience immediately upon notice if all Order Forms under this Agreement have expired or been terminated. Neither party may terminate an Order Form for convenience. If a party fails to cure a material breach of this Agreement within 30 days after receipt of written notice of the breach, the other party may terminate this Agreement and any affected Order Form. Upon termination of an Order Form or this Agreement, you will remove the Software from all Servers covered by the terminated Subscriptions. Provisions intended by their nature to survive termination of this Agreement survive termination. During the term of this Agreement and one year following termination, we may inspect your records relating to your use of the Software or Consulting Services for the purposes of verifying compliance with this Agreement. -12. General. Notices under this Agreement will be in writing and effective on the delivery date. The parties will deliver notices by (a) email, in the case of MongoDB to legal@mongodb.com and, in the case of customer, to the email address set forth on Customer’s most recent Order Form and (b) personal delivery or courier to the address of the other party set forth on the Customer’s most recent Order Form. If you are located in North, Central or South America, New York law governs this Agreement, excluding any applicable conflict of laws rules or principles, and the parties agree to the exclusive jurisdiction of the courts in New York, New York. For customers located elsewhere, the law of England and Wales governs this Agreement, excluding any applicable conflict of laws rules or principles, and the parties agree to the exclusive jurisdiction of the courts in London, England. This Agreement does not create a partnership, agency relationship, or joint venture between the parties. The United Nations Convention for the International Sale of Goods does not apply to this Agreement. Unless you tell us otherwise in writing, we may refer to our relationship with you as a customer. Any assignment of this Agreement by you without our prior written consent will be null and void, except an assignment to an Affiliate or in connection with a merger or sale of all or substantially all of your assets or stock, provided that you may not assign this Agreement to a competitor of ours without our prior written consent. If any provision of this Agreement is unenforceable, that provision will be modified to render it enforceable to the extent possible to effect the parties’ intention and the remaining provisions will not be affected. The parties may amend this Agreement only by a written amendment signed by both parties. This Agreement incorporates any addenda or exhibits, and any Order Form, and comprises the parties’ entire agreement relating to the subject matter of this Agreement. Neither party has entered into this Agreement in reliance on any representations or warranties other than those expressly set forth in this Agreement or in an applicable Order Form. If any conflict exists between the provisions in this Agreement and any Order Form, the Order Form controls, and if any conflict exists between this Agreement and any addenda, exhibit or other agreement, this Agreement controls. A purchase order is for convenience only and any terms that govern the purchase order are of no effect. Customer’s purchase of any Subscription is not contingent on, and Customer has not relied on, the delivery of any future functionality, regardless of any communication about our products. Neither party will be liable for failures or delays in performance due to causes beyond its reasonable control. +12. General. Notices under this Agreement will be in writing and effective on the delivery date. The parties will deliver notices by (a) email, in the case of MongoDB to legal@mongodb.com and, in the case of Customer, to the email address set forth on your most recent Order Form and (b) personal delivery or courier to the address of the other party set forth on Customer’s most recent Order Form. If you are located in North, Central or South America, New York law governs this Agreement, excluding any applicable conflict of laws rules or principles, and the parties agree to the exclusive jurisdiction of the courts in New York, New York. For customers located elsewhere, the law of England and Wales governs this Agreement, excluding any applicable conflict of laws rules or principles, and the parties agree to the exclusive jurisdiction of the courts in London, England. This Agreement does not create a partnership, agency relationship, or joint venture between the parties. The United Nations Convention for the International Sale of Goods does not apply to this Agreement. Unless you tell us otherwise in writing, we may refer to our relationship with you as a customer. Any assignment of this Agreement by you without our prior written consent will be null and void, except an assignment to an Affiliate or in connection with a merger or sale of all or substantially all of your assets or stock, provided that you may not assign this Agreement to a competitor of ours without our prior written consent. If any provision of this Agreement is unenforceable, that provision will be modified to render it enforceable to the extent possible to effect the parties’ intention and the remaining provisions will not be affected. The parties may amend this Agreement only by a written amendment signed by both parties. This Agreement incorporates any addenda or exhibits, and any Order Form, and comprises the parties’ entire agreement relating to the subject matter of this Agreement. Neither party has entered into this Agreement in reliance on any representations or warranties other than those expressly set forth in this Agreement or in an applicable Order Form. If any conflict exists between the provisions in this Agreement and any Order Form, the Order Form controls, and if any conflict exists between this Agreement and any addenda, exhibit or other agreement, this Agreement controls. A purchase order is for convenience only and any terms that govern the purchase order are of no effect. Customer’s purchase of any Subscription is not contingent on, and Customer has not relied on, the delivery of any future functionality, regardless of any communication about our products. Neither party will be liable for failures or delays in performance due to causes beyond its reasonable control. + diff --git a/packaging/README b/packaging/README index 9185e6bfc5..d8192b64e6 100644 --- a/packaging/README +++ b/packaging/README @@ -1,12 +1,11 @@ This package contains `mongosh`, the mongo shell. -Additionally, it includes a helper binary, `mongocryptd` (under the name -`mongocryptd-mongosh`), as well as a manual page `mongosh.1.gz` -that can be viewed using the `man` command line utility, and their -respective licensing files. +Additionally, it includes a shared library, `mongosh_csfle_v1`, as well as a +manual page `mongosh.1.gz` that can be viewed using the `man` command line +utility, and their respective licensing files. Extract them to a suitable location. For licensing information: - mongosh: See LICENSE-mongosh -- mongocryptd: See LICENSE-mongocryptd +- mongosh_csfle_v1: See LICENSE-csfle diff --git a/scripts/docker/amazonlinux1-rpm.Dockerfile b/scripts/docker/amazonlinux1-rpm.Dockerfile index 6202a518b9..6a268c713c 100644 --- a/scripts/docker/amazonlinux1-rpm.Dockerfile +++ b/scripts/docker/amazonlinux1-rpm.Dockerfile @@ -2,8 +2,9 @@ FROM amazonlinux:1 ARG artifact_url="" ADD ${artifact_url} /tmp +ADD node_modules /usr/share/mongodb-csfle-library-version/node_modules RUN yum repolist RUN yum install -y /tmp/*mongosh-*.x86_64.rpm RUN /usr/bin/mongosh --version -RUN /usr/libexec/mongocryptd-mongosh --version +RUN env MONGOSH_RUN_NODE_SCRIPT=1 mongosh /usr/share/mongodb-csfle-library-version/node_modules/.bin/mongodb-csfle-library-version /usr/lib/mongosh_csfle_v1.so | grep -q ^mongo_csfle_v1- ENTRYPOINT [ "mongosh" ] diff --git a/scripts/docker/amazonlinux2-rpm.Dockerfile b/scripts/docker/amazonlinux2-rpm.Dockerfile index a3ebcec60c..0de3d60b0b 100644 --- a/scripts/docker/amazonlinux2-rpm.Dockerfile +++ b/scripts/docker/amazonlinux2-rpm.Dockerfile @@ -2,8 +2,9 @@ FROM amazonlinux:2 ARG artifact_url="" ADD ${artifact_url} /tmp +ADD node_modules /usr/share/mongodb-csfle-library-version/node_modules RUN yum repolist RUN yum install -y /tmp/*mongosh-*.x86_64.rpm RUN /usr/bin/mongosh --version -RUN /usr/libexec/mongocryptd-mongosh --version +RUN env MONGOSH_RUN_NODE_SCRIPT=1 mongosh /usr/share/mongodb-csfle-library-version/node_modules/.bin/mongodb-csfle-library-version /usr/lib/mongosh_csfle_v1.so | grep -q ^mongo_csfle_v1- ENTRYPOINT [ "mongosh" ] diff --git a/scripts/docker/build.sh b/scripts/docker/build.sh index 916f6ba539..2481e4a27e 100755 --- a/scripts/docker/build.sh +++ b/scripts/docker/build.sh @@ -3,6 +3,9 @@ set -e cd "$(dirname "$0")" +# Used for verifying that we actually have a working csfle shared library +[ -x node_modules/mongodb-csfle-library-version ] || npm install + if [ x"$ARTIFACT_URL" = x"" ]; then SHA=`git rev-parse origin/main` VERSION=`git show ${SHA}:../../lerna.json | grep version | cut -d ":" -f 2 | cut -d '"' -f 2` diff --git a/scripts/docker/centos7-rpm.Dockerfile b/scripts/docker/centos7-rpm.Dockerfile index 6ff848311e..628369ee1f 100644 --- a/scripts/docker/centos7-rpm.Dockerfile +++ b/scripts/docker/centos7-rpm.Dockerfile @@ -2,8 +2,9 @@ FROM centos:7 ARG artifact_url="" ADD ${artifact_url} /tmp +ADD node_modules /usr/share/mongodb-csfle-library-version/node_modules RUN yum repolist RUN yum install -y /tmp/*mongosh-*.x86_64.rpm RUN /usr/bin/mongosh --version -RUN /usr/libexec/mongocryptd-mongosh --version +RUN env MONGOSH_RUN_NODE_SCRIPT=1 mongosh /usr/share/mongodb-csfle-library-version/node_modules/.bin/mongodb-csfle-library-version /usr/lib/mongosh_csfle_v1.so | grep -q ^mongo_csfle_v1- ENTRYPOINT [ "mongosh" ] diff --git a/scripts/docker/debian10-deb.Dockerfile b/scripts/docker/debian10-deb.Dockerfile index 10b30984e7..01baf9ea86 100644 --- a/scripts/docker/debian10-deb.Dockerfile +++ b/scripts/docker/debian10-deb.Dockerfile @@ -2,10 +2,11 @@ FROM debian:10 ARG artifact_url="" ADD ${artifact_url} /tmp +ADD node_modules /usr/share/mongodb-csfle-library-version/node_modules RUN apt-get update RUN apt-get install -y man-db RUN apt-get install -y /tmp/*mongosh_*_amd64.deb RUN /usr/bin/mongosh --version -RUN /usr/libexec/mongocryptd-mongosh --version +RUN env MONGOSH_RUN_NODE_SCRIPT=1 mongosh /usr/share/mongodb-csfle-library-version/node_modules/.bin/mongodb-csfle-library-version /usr/lib/mongosh_csfle_v1.so | grep -q ^mongo_csfle_v1- RUN man mongosh | grep -q tlsAllowInvalidCertificates ENTRYPOINT [ "mongosh" ] diff --git a/scripts/docker/debian9-deb.Dockerfile b/scripts/docker/debian9-deb.Dockerfile index 7023f5b1b0..ba15bcb404 100644 --- a/scripts/docker/debian9-deb.Dockerfile +++ b/scripts/docker/debian9-deb.Dockerfile @@ -2,10 +2,11 @@ FROM debian:9 ARG artifact_url="" ADD ${artifact_url} /tmp +ADD node_modules /usr/share/mongodb-csfle-library-version/node_modules RUN apt-get update RUN apt-get install -y man-db RUN apt-get install -y /tmp/*mongosh_*_amd64.deb RUN /usr/bin/mongosh --version -RUN /usr/libexec/mongocryptd-mongosh --version +RUN env MONGOSH_RUN_NODE_SCRIPT=1 mongosh /usr/share/mongodb-csfle-library-version/node_modules/.bin/mongodb-csfle-library-version /usr/lib/mongosh_csfle_v1.so | grep -q ^mongo_csfle_v1- RUN man mongosh | grep -q tlsAllowInvalidCertificates ENTRYPOINT [ "mongosh" ] diff --git a/scripts/docker/fedora34-rpm.Dockerfile b/scripts/docker/fedora34-rpm.Dockerfile index fdaabaf2ba..07bed9a6f8 100644 --- a/scripts/docker/fedora34-rpm.Dockerfile +++ b/scripts/docker/fedora34-rpm.Dockerfile @@ -2,9 +2,10 @@ FROM fedora:34 ARG artifact_url="" ADD ${artifact_url} /tmp +ADD node_modules /usr/share/mongodb-csfle-library-version/node_modules RUN yum repolist RUN yum install -y man RUN yum install -y /tmp/*mongosh-*.x86_64.rpm RUN /usr/bin/mongosh --version -RUN /usr/libexec/mongocryptd-mongosh --version +RUN env MONGOSH_RUN_NODE_SCRIPT=1 mongosh /usr/share/mongodb-csfle-library-version/node_modules/.bin/mongodb-csfle-library-version /usr/lib/mongosh_csfle_v1.so | grep -q ^mongo_csfle_v1- ENTRYPOINT [ "mongosh" ] diff --git a/scripts/docker/package.json b/scripts/docker/package.json new file mode 100644 index 0000000000..c579d5cd07 --- /dev/null +++ b/scripts/docker/package.json @@ -0,0 +1,19 @@ +{ + "name": "@mongosh/docker-build-scripts", + "version": "0.0.0-dev.0", + "private": true, + "description": "MongoDB Shell Build Docker Images", + "config": { + "unsafe-perm": true + }, + "license": "Apache-2.0", + "publishConfig": { + "access": "public" + }, + "engines": { + "node": ">=12.4.0" + }, + "dependencies": { + "mongodb-csfle-library-version": "^1.0.2" + } +} diff --git a/scripts/docker/rocky8-rpm.Dockerfile b/scripts/docker/rocky8-rpm.Dockerfile index addfa6f51a..a19bb598a7 100644 --- a/scripts/docker/rocky8-rpm.Dockerfile +++ b/scripts/docker/rocky8-rpm.Dockerfile @@ -2,10 +2,11 @@ FROM rockylinux:8 ARG artifact_url="" ADD ${artifact_url} /tmp +ADD node_modules /usr/share/mongodb-csfle-library-version/node_modules RUN yum repolist RUN yum install -y man RUN yum install -y /tmp/*mongosh-*.x86_64.rpm RUN /usr/bin/mongosh --version -RUN /usr/libexec/mongocryptd-mongosh --version +RUN env MONGOSH_RUN_NODE_SCRIPT=1 mongosh /usr/share/mongodb-csfle-library-version/node_modules/.bin/mongodb-csfle-library-version /usr/lib/mongosh_csfle_v1.so | grep -q ^mongo_csfle_v1- RUN man mongosh | grep -q tlsAllowInvalidCertificates ENTRYPOINT [ "mongosh" ] diff --git a/scripts/docker/suse12-rpm.Dockerfile b/scripts/docker/suse12-rpm.Dockerfile index 005bfc091d..3ab9923e47 100644 --- a/scripts/docker/suse12-rpm.Dockerfile +++ b/scripts/docker/suse12-rpm.Dockerfile @@ -2,9 +2,10 @@ FROM registry.suse.com/suse/sles12sp4 ARG artifact_url="" ADD ${artifact_url} /tmp +ADD node_modules /usr/share/mongodb-csfle-library-version/node_modules RUN zypper --no-gpg-checks --non-interactive addrepo https://download.opensuse.org/repositories/openSUSE:Leap:15.1:Update/standard/openSUSE:Leap:15.1:Update.repo RUN zypper --no-gpg-checks --non-interactive refresh RUN zypper --no-gpg-checks --non-interactive install /tmp/*mongosh-*.x86_64.rpm RUN /usr/bin/mongosh --version -RUN /usr/libexec/mongocryptd-mongosh --version +RUN env MONGOSH_RUN_NODE_SCRIPT=1 mongosh /usr/share/mongodb-csfle-library-version/node_modules/.bin/mongodb-csfle-library-version /usr/lib/mongosh_csfle_v1.so | grep -q ^mongo_csfle_v1- ENTRYPOINT [ "mongosh" ] diff --git a/scripts/docker/suse15-rpm.Dockerfile b/scripts/docker/suse15-rpm.Dockerfile index 9c142401cf..5e34c97c8c 100644 --- a/scripts/docker/suse15-rpm.Dockerfile +++ b/scripts/docker/suse15-rpm.Dockerfile @@ -2,11 +2,12 @@ FROM registry.suse.com/suse/sle15 ARG artifact_url="" ADD ${artifact_url} /tmp +ADD node_modules /usr/share/mongodb-csfle-library-version/node_modules RUN zypper --no-gpg-checks --non-interactive addrepo https://download.opensuse.org/repositories/openSUSE:Leap:15.1:Update/standard/openSUSE:Leap:15.1:Update.repo RUN zypper --no-gpg-checks --non-interactive refresh RUN zypper --no-gpg-checks --non-interactive install man RUN zypper --no-gpg-checks --non-interactive install /tmp/*mongosh-*.x86_64.rpm RUN /usr/bin/mongosh --version -RUN /usr/libexec/mongocryptd-mongosh --version +RUN env MONGOSH_RUN_NODE_SCRIPT=1 mongosh /usr/share/mongodb-csfle-library-version/node_modules/.bin/mongodb-csfle-library-version /usr/lib/mongosh_csfle_v1.so | grep -q ^mongo_csfle_v1- RUN man mongosh | grep -q tlsAllowInvalidCertificates ENTRYPOINT [ "mongosh" ] diff --git a/scripts/docker/ubuntu18.04-deb.Dockerfile b/scripts/docker/ubuntu18.04-deb.Dockerfile index c7bda1f2df..efc196e2d5 100644 --- a/scripts/docker/ubuntu18.04-deb.Dockerfile +++ b/scripts/docker/ubuntu18.04-deb.Dockerfile @@ -2,8 +2,9 @@ FROM ubuntu:18.04 ARG artifact_url="" ADD ${artifact_url} /tmp +ADD node_modules /usr/share/mongodb-csfle-library-version/node_modules RUN apt-get update RUN apt-get install -y /tmp/*mongosh_*_amd64.deb RUN /usr/bin/mongosh --version -RUN /usr/libexec/mongocryptd-mongosh --version +RUN env MONGOSH_RUN_NODE_SCRIPT=1 mongosh /usr/share/mongodb-csfle-library-version/node_modules/.bin/mongodb-csfle-library-version /usr/lib/mongosh_csfle_v1.so | grep -q ^mongo_csfle_v1- ENTRYPOINT [ "mongosh" ] diff --git a/scripts/docker/ubuntu20.04-deb.Dockerfile b/scripts/docker/ubuntu20.04-deb.Dockerfile index dcd01eca7c..10f98236cf 100644 --- a/scripts/docker/ubuntu20.04-deb.Dockerfile +++ b/scripts/docker/ubuntu20.04-deb.Dockerfile @@ -2,11 +2,12 @@ FROM ubuntu:20.04 ARG artifact_url="" ADD ${artifact_url} /tmp +ADD node_modules /usr/share/mongodb-csfle-library-version/node_modules RUN apt-get update RUN yes | unminimize RUN apt-get install -y man-db RUN apt-get install -y /tmp/*mongosh_*_amd64.deb RUN /usr/bin/mongosh --version -RUN /usr/libexec/mongocryptd-mongosh --version +RUN env MONGOSH_RUN_NODE_SCRIPT=1 mongosh /usr/share/mongodb-csfle-library-version/node_modules/.bin/mongodb-csfle-library-version /usr/lib/mongosh_csfle_v1.so | grep -q ^mongo_csfle_v1- RUN man mongosh | grep -q tlsAllowInvalidCertificates ENTRYPOINT [ "mongosh" ] diff --git a/scripts/no-mongocryptd.sh b/scripts/no-mongocryptd.sh deleted file mode 100755 index 84d5753d37..0000000000 --- a/scripts/no-mongocryptd.sh +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/sh -echo Sorry, mongocryptd is not available for this platform yet. From 4341b1f5c0788890455bc82d8f6cb450a25c75bb Mon Sep 17 00:00:00 2001 From: Anna Henningsen Date: Wed, 16 Mar 2022 08:21:31 +0100 Subject: [PATCH 2/4] fixup: missing package-lock.json --- scripts/docker/package-lock.json | 35 ++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 scripts/docker/package-lock.json diff --git a/scripts/docker/package-lock.json b/scripts/docker/package-lock.json new file mode 100644 index 0000000000..d8e2096ac3 --- /dev/null +++ b/scripts/docker/package-lock.json @@ -0,0 +1,35 @@ +{ + "name": "@mongosh/docker-build-scripts", + "version": "0.0.0-dev.0", + "lockfileVersion": 1, + "requires": true, + "dependencies": { + "bindings": { + "version": "1.5.0", + "resolved": "https://registry.npmjs.org/bindings/-/bindings-1.5.0.tgz", + "integrity": "sha512-p2q/t/mhvuOj/UeLlV6566GD/guowlr0hHxClI0W9m7MWYkL1F0hLo+0Aexs9HSPCtR1SXQ0TD3MMKrXZajbiQ==", + "requires": { + "file-uri-to-path": "1.0.0" + } + }, + "file-uri-to-path": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/file-uri-to-path/-/file-uri-to-path-1.0.0.tgz", + "integrity": "sha512-0Zt+s3L7Vf1biwWZ29aARiVYLx7iMGnEUl9x33fbB/j3jR81u/O2LbqK+Bm1CDSNDKVtJ/YjwY7TUd5SkeLQLw==" + }, + "mongodb-csfle-library-version": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/mongodb-csfle-library-version/-/mongodb-csfle-library-version-1.0.2.tgz", + "integrity": "sha512-DzO4BDGh8nQUEjr7HcB9w1K1CZlfWQRA1Rkq1ROk8aJoaaEK2m++cyVHVUNzHGrYu7X1r5yqHlGxfPw5bSEU0w==", + "requires": { + "bindings": "^1.5.0", + "node-addon-api": "^4.3.0" + } + }, + "node-addon-api": { + "version": "4.3.0", + "resolved": "https://registry.npmjs.org/node-addon-api/-/node-addon-api-4.3.0.tgz", + "integrity": "sha512-73sE9+3UaLYYFmDsFZnqCInzPyh3MqIwZO9cw58yIqAZhONrrabrYyYe3TuIqtIiOuTXVhsGau8hcrhhwSsDIQ==" + } + } +} From df3b33990b0507582a5a593d846fc9073e0f31ed Mon Sep 17 00:00:00 2001 From: Anna Henningsen Date: Wed, 16 Mar 2022 09:34:45 +0100 Subject: [PATCH 3/4] fixup: add expected scripts to package.json --- scripts/docker/package.json | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/scripts/docker/package.json b/scripts/docker/package.json index c579d5cd07..3a17cca486 100644 --- a/scripts/docker/package.json +++ b/scripts/docker/package.json @@ -10,6 +10,13 @@ "publishConfig": { "access": "public" }, + "scripts": { + "test": "exit 0", + "test-ci": "node ../../scripts/run-if-package-requested.js npm test" + }, + "mongosh": { + "variants": [] + }, "engines": { "node": ">=12.4.0" }, From 74241c506e007201c4d1abd6f9c289ffa2bedcef Mon Sep 17 00:00:00 2001 From: Anna Henningsen Date: Wed, 16 Mar 2022 10:53:48 +0100 Subject: [PATCH 4/4] fixup: use proper node version for docker tests, fixup windows download --- .evergreen.yml | 33 ++++++++++++++++++++++++++ .evergreen/evergreen.yml.in | 3 +++ packages/build/src/download-mongodb.ts | 17 +++++++++---- 3 files changed, 48 insertions(+), 5 deletions(-) diff --git a/.evergreen.yml b/.evergreen.yml index 7a84215df3..3202b0580c 100644 --- a/.evergreen.yml +++ b/.evergreen.yml @@ -7937,6 +7937,9 @@ tasks: vars: source_distribution_build_variant: debian-x64 - func: write_preload_script + - func: install + vars: + node_js_version: "14.18.3" - func: test_artifact_docker vars: dockerfile: ubuntu18.04-deb @@ -7951,6 +7954,9 @@ tasks: vars: source_distribution_build_variant: debian-x64 - func: write_preload_script + - func: install + vars: + node_js_version: "14.18.3" - func: test_artifact_docker vars: dockerfile: ubuntu20.04-deb @@ -7965,6 +7971,9 @@ tasks: vars: source_distribution_build_variant: debian-x64 - func: write_preload_script + - func: install + vars: + node_js_version: "14.18.3" - func: test_artifact_docker vars: dockerfile: debian9-deb @@ -7979,6 +7988,9 @@ tasks: vars: source_distribution_build_variant: debian-x64 - func: write_preload_script + - func: install + vars: + node_js_version: "14.18.3" - func: test_artifact_docker vars: dockerfile: debian10-deb @@ -7993,6 +8005,9 @@ tasks: vars: source_distribution_build_variant: rhel7-x64 - func: write_preload_script + - func: install + vars: + node_js_version: "14.18.3" - func: test_artifact_docker vars: dockerfile: centos7-rpm @@ -8007,6 +8022,9 @@ tasks: vars: source_distribution_build_variant: rhel7-x64 - func: write_preload_script + - func: install + vars: + node_js_version: "14.18.3" - func: test_artifact_docker vars: dockerfile: amazonlinux2-rpm @@ -8021,6 +8039,9 @@ tasks: vars: source_distribution_build_variant: rhel8-x64 - func: write_preload_script + - func: install + vars: + node_js_version: "14.18.3" - func: test_artifact_docker vars: dockerfile: rocky8-rpm @@ -8035,6 +8056,9 @@ tasks: vars: source_distribution_build_variant: rhel8-x64 - func: write_preload_script + - func: install + vars: + node_js_version: "14.18.3" - func: test_artifact_docker vars: dockerfile: fedora34-rpm @@ -8049,6 +8073,9 @@ tasks: vars: source_distribution_build_variant: suse-x64 - func: write_preload_script + - func: install + vars: + node_js_version: "14.18.3" - func: test_artifact_docker vars: dockerfile: suse12-rpm @@ -8063,6 +8090,9 @@ tasks: vars: source_distribution_build_variant: suse-x64 - func: write_preload_script + - func: install + vars: + node_js_version: "14.18.3" - func: test_artifact_docker vars: dockerfile: suse15-rpm @@ -8077,6 +8107,9 @@ tasks: vars: source_distribution_build_variant: amzn1-x64 - func: write_preload_script + - func: install + vars: + node_js_version: "14.18.3" - func: test_artifact_docker vars: dockerfile: amazonlinux1-rpm diff --git a/.evergreen/evergreen.yml.in b/.evergreen/evergreen.yml.in index 775f15b42f..626999603b 100644 --- a/.evergreen/evergreen.yml.in +++ b/.evergreen/evergreen.yml.in @@ -793,6 +793,9 @@ tasks: preload_script_path: preload.sh <% }; break; case 'docker': { %> + - func: install + vars: + node_js_version: "<% out(NODE_JS_VERSION_14) %>" - func: test_artifact_docker vars: dockerfile: <% out(dockerfile) %> diff --git a/packages/build/src/download-mongodb.ts b/packages/build/src/download-mongodb.ts index 70c5e939db..e3f35d1580 100644 --- a/packages/build/src/download-mongodb.ts +++ b/packages/build/src/download-mongodb.ts @@ -5,6 +5,7 @@ import tar from 'tar'; import { promisify } from 'util'; import { promises as fs } from 'fs'; import path from 'path'; +import download from 'download'; import { pipeline } from 'stream'; import getDownloadURL from 'mongodb-download-url'; import type { Options as DownloadOptions } from 'mongodb-download-url'; @@ -61,11 +62,17 @@ async function doDownload( const url = await lookupDownloadUrl(); console.info('Downloading...', url); - const response = await fetch(url); - await promisify(pipeline)( - response.body, - tar.x({ cwd: downloadTarget, strip: isCsfle ? 0 : 1 }) - ); + if (url.match(/\.tgz$|\.tar(\.[^.]+)?$/)) { + // the server's tarballs can contain hard links, which the (unmaintained?) + // `download` package is unable to handle (https://github.com/kevva/decompress/issues/93) + const response = await fetch(url); + await promisify(pipeline)( + response.body, + tar.x({ cwd: downloadTarget, strip: isCsfle ? 0 : 1 }) + ); + } else { + await download(url, downloadTarget, { extract: true, strip: 1 }); + } await fs.stat(bindir); // Make sure it exists. return bindir;