diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index fd92d0c4a..3502c9ecb 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,8 +2,6 @@ name: CI on: push: - branches-ignore: - - 'release-*' env: GOLANGCI_LINT_VERSION: 'v1.46.2' @@ -91,11 +89,13 @@ jobs: uses: docker/build-push-action@v3 with: file: scripts/packages/packager/Dockerfile - tags: build-packager:1.0.0 + tags: build-local-packager:1.0.0 context: '.' push: false load: true no-cache: true + build-args: | + package_type=local-package - name: Build Packages # TODO: Remove git config step later once the repo https://github.com/nginxinc/crossplane-go is made public env: @@ -103,8 +103,8 @@ jobs: run: | git config --global url."https://dhurley:${TOKEN}@github.com".insteadOf "https://github.com" go install github.com/goreleaser/nfpm/v2/cmd/nfpm@${{ env.NFPM_VERSION }} - make clean local-apk-package local-deb-package local-rpm-package local-pkg-package - tar -cf ./build/snapshots.tar.gz ./build/*.deb ./build/*.rpm ./build/*.pkg ./build/*.apk + make clean local-apk-package local-deb-package local-rpm-package local-txz-package + tar -cf ./build/snapshots.tar.gz ./build/*.deb ./build/*.rpm ./build/*.txz ./build/*.apk - name: Upload Artifacts uses: actions/upload-artifact@v3 with: diff --git a/.github/workflows/release-branch.yml b/.github/workflows/release-branch.yml new file mode 100644 index 000000000..4cdf3fe63 --- /dev/null +++ b/.github/workflows/release-branch.yml @@ -0,0 +1,206 @@ +name: Release Branch + +on: + workflow_dispatch: + inputs: + publishPackages: + description: 'Publish packages to up-ap.nginx.com' + required: true + type: boolean + default: false + workflow_run: + branches: [release-*] + workflows: [CI] + types: + - completed + +jobs: + update-draft: + name: Update Release + runs-on: ubuntu-22.04 + steps: + - uses: actions/checkout@v3 + with: + fetch-depth: 0 + - uses: actions/setup-go@v3 + with: + go-version-file: 'go.mod' + - uses: actions/setup-node@v3 + - run: npm install semver + - name: Create Draft Release + uses: actions/github-script@v6 + id: release + with: + script: | + const semver = require('semver'); + const ref = context.ref.split("/")[2] + const releases = (await github.rest.repos.listReleases({ + owner: context.payload.repository.owner.login, + repo: context.payload.repository.name, + per_page: 100, + })).data + let latest_release + const latest_release_current_branch = releases.find(release => !release.draft && release.tag_name.startsWith("v" + ref.split("-")[1])) + if (latest_release_current_branch === undefined){ + latest_release = (await github.rest.repos.getLatestRelease({ + owner: context.payload.repository.owner.login, + repo: context.payload.repository.name, + })).data.tag_name + } else { + latest_release = latest_release_current_branch.tag_name + } + console.log(`The latest release was ${latest_release}`) + const temp_notes = (await github.rest.repos.generateReleaseNotes({ + owner: context.payload.repository.owner.login, + repo: context.payload.repository.name, + tag_name: "next", + previous_tag_name: latest_release, + target_commitish: ref, + })).data.body + let level + temp_notes.includes("### 🚀 Features") ? level = 'minor' : level = 'patch' + temp_notes.includes("### 💣 Breaking Changes") ? level = 'major' : level = level + const version = semver.inc(latest_release, level) + console.log(`The level of the release is ${level}`) + const draft = releases.find((r) => r.draft && r.tag_name === "v"+version) + const draft_found = !(draft === undefined) + console.log(`The next version is v${version}`) + const footer = ` + ## Resources + - Documentation -- https://docs.nginx.com/nginx-instance-manager/nginx-agent/ + - Upgrade Steps -- https://docs.nginx.com/nginx-instance-manager/installation/upgrade-guide/#upgrade-nginx-agent + ` + const release_notes = (await github.rest.repos.generateReleaseNotes({ + owner: context.payload.repository.owner.login, + repo: context.payload.repository.name, + tag_name: 'v' + version, + previous_tag_name: latest_release, + target_commitish: ref, + })) + let release + if (draft_found){ + console.log("Draft release already exists. Deleting current draft release and recreating it") + release = (await github.rest.repos.deleteRelease({ + owner: context.payload.repository.owner.login, + repo: context.payload.repository.name, + release_id: draft.id, + })) + } + release = (await github.rest.repos.createRelease({ + owner: context.payload.repository.owner.login, + repo: context.payload.repository.name, + tag_name: 'v' + version, + target_commitish: ref, + name: 'v' + version, + body: release_notes.data.body + footer, + draft: true, + })) + console.log(`Release created: ${release.data.html_url}`) + console.log(`Release ID: ${release.data.id}`) + console.log(`Release notes: ${release_notes.data.body}`) + console.log(`Release Upload URL: ${release.data.upload_url}`) + + return { + version: version, + release_id: release.data.id, + release_upload_url: release.data.upload_url, + } + - name: Set Environment Variables + run: | + echo "${{steps.release.outputs.result}}" + echo "VERSION=$(echo '${{steps.release.outputs.result}}' | jq -r '.version')" >> $GITHUB_ENV + echo "RELEASE_ID=$(echo '${{steps.release.outputs.result}}' | jq -r '.release_id')" >> $GITHUB_ENV + echo "RELEASE_UPLOAD_URL=$(echo '${{steps.release.outputs.result}}' | jq -r '.release_upload_url')" >> $GITHUB_ENV + - name: Setup build environment + run: | + sudo apt-get update + sudo apt-get install -y gpgv1 monkeysphere + go install github.com/goreleaser/nfpm/v2/cmd/nfpm@v2.18.0 + go install github.com/goreleaser/chglog/cmd/chglog@v0.2.0 + - name: Tag release and update changelog + # TODO: Remove git config step later once the repo https://github.com/nginxinc/crossplane-go is made public + env: + TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN }} + PUBLISH_PACKAGE: ${{ inputs.publishPackages }} + run: | + git config --global url."https://dhurley:${TOKEN}@github.com".insteadOf "https://github.com" + git config --global user.name 'github-actions' + git config --global user.email '41898282+github-actions[bot]@users.noreply.github.com' + + git tag -a "v${{env.VERSION}}" -m "CI Autogenerated" + git tag -a "sdk/v${{env.VERSION}}" -m "CI Autogenerated" + + chglog init -o ./scripts/changelog.yml . + chglog format -i ./scripts/changelog.yml --template repo > ./docs/CHANGELOG.md + git commit -am "Updating changelog" + git push + + if [[ -z "${PUBLISH_PACKAGE}" ]] && ${PUBLISH_PACKAGE}='true'; then + git push origin "v${{env.VERSION}}" + git push origin "sdk/v${{env.VERSION}}" + fi + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Build Docker Image + uses: docker/build-push-action@v3 + with: + file: scripts/packages/packager/Dockerfile + tags: build-signed-packager:1.0.0 + context: '.' + push: false + load: true + no-cache: true + build-args: | + package_type=signed-package + - name: Build Packages + env: + INDIGO_GPG_AGENT: ${{ secrets.INDIGO_GPG_AGENT }} + NFPM_SIGNING_KEY_FILE: .key.asc + run: | + echo $INDIGO_GPG_AGENT | base64 --decode > .key.asc + make clean build package + - name: Upload Release Assets + uses: actions/upload-release-asset@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + upload_url: ${{ env.RELEASE_UPLOAD_URL }} + asset_path: ./build/packages/nginx-agent.tar.gz + asset_name: nginx-agent.tar.gz + asset_content_type: application/zip + - name: Publish Release Packages + if: ${{ inputs.publishPackages == 'true' }} + env: + AGENT_UPLOADER_PEM: ${{ secrets.AGENT_UPLOADER_PEM }} + run: | + echo $AGENT_UPLOADER_PEM | base64 --decode > agent-uploader.pem + make release + - name: Publish Github Release + if: ${{ inputs.publishPackages == 'true' }} + uses: actions/github-script@v6 + with: + script: | + const {RELEASE_ID} = process.env + const release = (await github.rest.repos.updateRelease({ + owner: context.payload.repository.owner.login, + repo: context.payload.repository.name, + release_id: `${RELEASE_ID}`, + draft: false, + })) + console.log(`Release published: ${release.data.html_url}`) + - name: Create Pull Request + if: ${{ inputs.publishPackages == 'true' }} + uses: actions/github-script@v6 + with: + script: | + const { repo, owner } = context.repo; + const result = await github.rest.pulls.create({ + title: 'Merge ${{ github.event.inputs.branch }} back into main', + owner, + repo, + head: '${{ github.ref_name }}', + base: 'main', + body: [ + 'This PR is auto-generated by the release branch workflow.' + ].join('\n') + }); diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml deleted file mode 100644 index 676c8ad0b..000000000 --- a/.github/workflows/release.yml +++ /dev/null @@ -1,47 +0,0 @@ -name: Release - -on: - workflow_dispatch: - -jobs: - release: - name: Release - runs-on: ubuntu-22.04 - steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 0 - - uses: actions/setup-go@v3 - with: - go-version-file: 'go.mod' - - name: Setup build environment - run: | - sudo apt-get update - sudo apt-get install -y jq gnupg gnupg1 gpgv1 debsig-verify createrepo-c dnf rpm curl gettext-base monkeysphere libtool libssl-dev libbz2-dev libbsd-dev libarchive-dev liblzma-dev zlib1g-dev - mkdir /tmp/pkg - cd /tmp/pkg - go install github.com/goreleaser/nfpm/v2/cmd/nfpm@v2.18.0 - curl -L -o pkg.zip https://github.com/freebsd/pkg/archive/refs/tags/1.17.5.zip - unzip -qo pkg.zip - cd pkg-1.17.5 - ./configure - make -s -j$(nproc) - sudo make install - rm -rf /tmp/pkg - - name: Release Packages - # TODO: Remove git config step later once the repo https://github.com/nginxinc/crossplane-go is made public - env: - TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN }} - INDIGO_GPG_AGENT: ${{ secrets.INDIGO_GPG_AGENT }} - NFPM_SIGNING_KEY_FILE: .key.asc - run: | - git config --global url."https://dhurley:${TOKEN}@github.com".insteadOf "https://github.com" - echo -n $INDIGO_GPG_AGENT | base64 --decode --ignore-garbage > .key.asc - make package - # make release - - name: Upload Artifacts - uses: actions/upload-artifact@v3 - with: - name: nginx-agent - path: build/packages/nginx-agent.tar.gz - retention-days: 3 diff --git a/.nfpm.yaml b/.nfpm.yaml index 8622faac5..215eb56db 100644 --- a/.nfpm.yaml +++ b/.nfpm.yaml @@ -35,6 +35,7 @@ overrides: - apt-transport-https deb: signature: + method: dpkg-sig key_file: ".key.asc" rpm: signature: diff --git a/Makefile b/Makefile index 9ad765e05..d373c1140 100644 --- a/Makefile +++ b/Makefile @@ -42,7 +42,7 @@ CERTS_DIR := ./build/certs PACKAGE_PREFIX := nginx-agent PACKAGES_DIR := ./build/packages PACKAGES_REPO := "pkgs.nginx.com" -AGENT_UPLOADER_KEY := "~/agent-uploader.pem" +AGENT_UPLOADER_KEY := "./agent-uploader.pem" UNAME_M = $(shell uname -m) TEST_BUILD_DIR := build/test # override this value if you want to change the architecture. GOOS options here: https://gist.github.com/asukakenji/f15ba7e588ac42795f421b48b8aede63 @@ -101,7 +101,7 @@ clean-packages: @rm -rf $(PACKAGES_DIR) $(PACKAGES_DIR): - @mkdir -p $(PACKAGES_DIR)/deb && mkdir -p $(PACKAGES_DIR)/rpm && mkdir -p $(PACKAGES_DIR)/apk && mkdir -p $(PACKAGES_DIR)/pkg + @mkdir -p $(PACKAGES_DIR)/deb && mkdir -p $(PACKAGES_DIR)/rpm && mkdir -p $(PACKAGES_DIR)/apk && mkdir -p $(PACKAGES_DIR)/txz package: gpg-key $(PACKAGES_DIR) ## Create final packages for all supported distros @for distro in $(DEB_DISTROS); do \ @@ -110,64 +110,51 @@ package: gpg-key $(PACKAGES_DIR) ## Create final packages for all supported dist VERSION=$(shell echo ${VERSION} | tr -d 'v')~$${deb_codename} ARCH=$${arch} nfpm pkg --config .nfpm.yaml --packager deb --target ${PACKAGES_DIR}/deb/${PACKAGE_PREFIX}_$(shell echo ${VERSION} | tr -d 'v')~$${deb_codename}_$${arch}.deb; \ done; \ done; \ + for distro in $(RPM_DISTROS); do \ rpm_distro=`echo $$distro | cut -d- -f 1`; \ rpm_major=`echo $$distro | cut -d- -f 2`; \ rpm_codename='na'; \ - if [ "$$rpm_distro" == "centos" ] || [ "$$rpm_distro" == "redhatenterprise" ]; then rpm_codename="el$$rpm_major"; \ - elif [ "$$rpm_distro" == "amazon" ] && [ "$$rpm_major" == "2" ]; then rpm_codename="amzn$$rpm_major"; fi; \ - if [ "$$rpm_distro" == "suse" ]; then rpm_codename="sles$$rpm_major"; fi; \ + if [ "$$rpm_distro" = "centos" ] || [ "$$rpm_distro" = "redhatenterprise" ]; then rpm_codename="el$$rpm_major"; \ + elif [ "$$rpm_distro" = "amazon" ] && [ "$$rpm_major" = "2" ]; then rpm_codename="amzn$$rpm_major"; fi; \ + if [ "$$rpm_distro" = "suse" ]; then rpm_codename="sles$$rpm_major"; fi; \ if [ "$$rpm_codename" != "na" ]; then \ VERSION=$(shell echo ${VERSION} | tr -d 'v') ARCH=${ARCH} nfpm pkg --config .nfpm.yaml --packager rpm --target $(PACKAGES_DIR)/rpm/${PACKAGE_PREFIX}-$(shell echo ${VERSION} | tr -d 'v').$${rpm_codename}.ngx.${UNAME_M}.rpm; \ fi; \ done; \ + for version in $(APK_VERSIONS); do \ - if [ ! -d "$(PACKAGES_DIR)/apk/$${version}" ]; then mkdir $(PACKAGES_DIR)/apk/$${version}; fi; \ + if [ ! -d "$(PACKAGES_DIR)/apk/v$${version}" ]; then mkdir $(PACKAGES_DIR)/apk/v$${version}; fi; \ for arch in $(APK_ARCHS); do \ - if [ ! -d "$(PACKAGES_DIR)/apk/$${version}/$${arch}" ]; then mkdir $(PACKAGES_DIR)/apk/$${version}/$${arch}; fi; \ - VERSION=$(shell echo ${VERSION} | tr -d 'v') ARCH=$${arch} nfpm pkg --config .nfpm.yaml --packager apk --target $(PACKAGES_DIR)/apk/$${version}/$${arch}/${PACKAGE_PREFIX}-$(shell echo ${VERSION} | tr -d 'v').apk; \ + if [ ! -d "$(PACKAGES_DIR)/apk/v$${version}/$${arch}" ]; then mkdir $(PACKAGES_DIR)/apk/v$${version}/$${arch}; fi; \ + VERSION=$(shell echo ${VERSION} | tr -d 'v') ARCH=$${arch} nfpm pkg --config .nfpm.yaml --packager apk --target $(PACKAGES_DIR)/apk/v$${version}/$${arch}/${PACKAGE_PREFIX}-$(shell echo ${VERSION} | tr -d 'v').apk; \ done; \ done; \ - # create specific freebsd pkg files \ - rm -rf ./build/nginx-agent; \ - mkdir -p $(PACKAGES_DIR)/pkg/freebsd; \ - staging=$$(mktemp -d); \ - mkdir -p $${staging}/usr/local/{bin,etc/nginx-agent,etc/rc.d}; \ - cp nginx-agent.conf $${staging}/usr/local/etc/nginx-agent; \ - cp scripts/packages/nginx-agent $${staging}/usr/local/etc/rc.d; \ - cp scripts/packages/postremove.sh $${staging}/+PRE_DEINSTALL; \ - cp scripts/packages/postinstall.sh $${staging}/+POST_INSTALL; \ - cp scripts/packages/plist $$staging; \ - GOOS=freebsd GOARCH=amd64 CGO_ENABLED=0 go build -ldflags=${LDFLAGS} -o $${staging}/usr/local/bin; \ - chmod +x $${staging}/usr/local/etc/rc.d/nginx-agent; \ - VERSION=$(VERSION); VERSION=$${VERSION//v/} envsubst < scripts/packages/manifest > $${staging}/+MANIFEST; \ - for freebsd_abi in $(FREEBSD_DISTROS); do \ - mkdir -p $(PACKAGES_DIR)/pkg/freebsd/$${freebsd_abi}; \ - pkg -o ABI=$${freebsd_abi} create \ - -m $${staging} \ - -r $${staging} \ - -p $${staging}/plist \ - -o $(PACKAGES_DIR)/pkg/freebsd/$${freebsd_abi}; \ - # create freebsd pkg repo layout \ - pkg repo $(PACKAGES_DIR)/pkg/freebsd/$${freebsd_abi} .key.rsa; \ - done; \ - rm -rf $$staging; \ + + # create specific freebsd txz files + rm -rf ./build/nginx-agent + GOWORK=off CGO_ENABLED=0 GOOS=freebsd GOARCH=amd64 go build -ldflags=${LDFLAGS} -o ./build/nginx-agent + + docker run -v `pwd`:/nginx-agent/ build-signed-packager:1.0.0 + echo "DEB packages:"; \ find $(PACKAGES_DIR)/deb ;\ echo "RPM packages:"; \ find $(PACKAGES_DIR)/rpm ;\ echo "APK packages:"; \ find $(PACKAGES_DIR)/apk ;\ - echo "PKG packages:"; \ - find $(PACKAGES_DIR)/pkg ;\ + echo "TXZ packages:"; \ + find $(PACKAGES_DIR)/txz ;\ cd $(PACKAGES_DIR) && tar -czvf "./${PACKAGE_PREFIX}.tar.gz" * && cd ../..; -gpg-key: ## Generate GPG public key - gpg1 --armor --import $(NFPM_SIGNING_KEY_FILE) \ + gpg-key: ## Generate GPG public key + $$(gpg --import $(NFPM_SIGNING_KEY_FILE)); \ + keyid=$$(gpg --list-keys NGINX | egrep -A1 "^pub" | egrep -v "^pub" | tr -d '[:space:]'); \ + expiry=1y; \ + $$(gpg --quick-set-expire $$keyid $$expiry '*'); \ # we need to convert the private gpg key to rsa pem format for pkg signing \ - keyid=$$(gpg --list-keys NGINX | awk '/pub/{getline; print substr($$0,length($$0)-7,8)}'); \ - gpg1 --export-secret-key $$keyid | openpgp2ssh $$keyid > .key.rsa; \ - gpg1 --armor --export > $(GPG_PUBLIC_KEY) + $$(gpg --export-secret-key $$keyid | openpgp2ssh $$keyid > .key.rsa); \ + $$(gpg --output $(GPG_PUBLIC_KEY) --armor --export) release: ## Publish tarball to the UPLOAD_URL echo "Publishing nginx-agent packages to ${UPLOAD_URL}"; \ @@ -189,13 +176,13 @@ local-rpm-package: ## Create local rpm package GOWORK=off CGO_ENABLED=0 GOARCH=${LOCAL_ARCH} GOOS=linux go build -ldflags=${DEBUG_LDFLAGS} -o ./build/nginx-agent VERSION=$(shell echo ${VERSION} | tr -d 'v') nfpm pkg --config ./scripts/.local-nfpm.yaml --packager rpm --target ./build/${PACKAGE_PREFIX}-$(shell echo ${VERSION} | tr -d 'v')-SNAPSHOT.rpm; -local-pkg-package: ## Create local pkg package +local-txz-package: ## Create local txz package GOWORK=off CGO_ENABLED=0 GOARCH=${LOCAL_ARCH} GOOS=freebsd go build -ldflags=${DEBUG_LDFLAGS} -o ./build/nginx-agent - docker run -v `pwd`:/nginx-agent/ build-packager:1.0.0 + docker run -v `pwd`:/nginx-agent/ build-local-packager:1.0.0 -build-pkg-packager-docker: ## Builds pkg packager docker image +build-txz-packager-docker: ## Builds txz packager docker image @echo Building Local Packager; \ - DOCKER_BUILDKIT=1 docker build -t build-packager:1.0.0 . --no-cache -f ./scripts/packages/packager/Dockerfile + DOCKER_BUILDKIT=1 docker build -t build-local-packager:1.0.0 --build-arg package_type=local-package . --no-cache -f ./scripts/packages/packager/Dockerfile # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # Testing # diff --git a/scripts/packages/packager/Dockerfile b/scripts/packages/packager/Dockerfile index ffc709501..250f1fa7a 100644 --- a/scripts/packages/packager/Dockerfile +++ b/scripts/packages/packager/Dockerfile @@ -1,10 +1,12 @@ -FROM golang:1.18.5-bullseye +ARG package_type + +FROM golang:1.18.5-bullseye AS base ARG PKG_VER="1.17.5" ARG PKG_DIR="/tmp/pkg" RUN apt-get update && \ - apt-get install -y make jq gnupg gnupg1 gpgv1 git aptly debsig-verify aptly debsig-verify createrepo-c dnf rpm \ + apt-get install -y make jq gnupg gnupg1 gpgv1 git aptly debsig-verify createrepo-c dnf rpm \ curl gettext-base make monkeysphere libtool unzip libssl-dev libbz2-dev libbsd-dev libarchive-dev liblzma-dev zlib1g-dev # compile, install pkg tool for linux @@ -14,7 +16,13 @@ RUN mkdir $PKG_DIR; cd $PKG_DIR; \ unzip -qo pkg.zip; cd pkg-$PKG_VER; ./configure; make -s -j$(nproc); make install; \ rm -rf $PKG_DIR -ADD ./scripts/packages/packager/entrypoint.sh /scripts/entrypoint.sh +FROM base AS local-package +ADD ./scripts/packages/packager/local-entrypoint.sh /scripts/entrypoint.sh +RUN chmod +x /scripts/entrypoint.sh + +FROM base AS signed-package +ADD ./scripts/packages/packager/signed-entrypoint.sh /scripts/entrypoint.sh RUN chmod +x /scripts/entrypoint.sh +FROM ${package_type} AS final ENTRYPOINT [ "/scripts/entrypoint.sh" ] diff --git a/scripts/packages/packager/entrypoint.sh b/scripts/packages/packager/local-entrypoint.sh similarity index 56% rename from scripts/packages/packager/entrypoint.sh rename to scripts/packages/packager/local-entrypoint.sh index 90f6ee71a..f7e42c1b6 100644 --- a/scripts/packages/packager/entrypoint.sh +++ b/scripts/packages/packager/local-entrypoint.sh @@ -21,10 +21,15 @@ chmod +x /staging/usr/local/etc/rc.d/nginx-agent VERSION="$(git describe --match 'v[0-9]*' --abbrev=0 | tr -d 'v')-SNAPSHOT" envsubst < scripts/packages/manifest > /staging/+MANIFEST -pkg -o ABI="FreeBSD:13:amd64" create \ +pkg -o ABI="FreeBSD:13:amd64" create --format txz \ -m /staging \ -r /staging \ -p /staging/plist \ -o ./build/; \ +# Renaming file extension from pkg to txz. In older versions of pkg the extension would represent the format of the file +# but since version 1.17.0 pkg will now always create a file with the extesion pkg no matter what the format is. +# See 1.17.0 release notes for more info: https://cgit.freebsd.org/ports/commit/?id=e497a16a286972bfcab908209b11ee6a13d99dc9 +mv ./build/nginx-agent-$(git describe --match 'v[0-9]*' --abbrev=0 | tr -d 'v')-SNAPSHOT.pkg ./build/nginx-agent-$(git describe --match 'v[0-9]*' --abbrev=0 | tr -d 'v')-SNAPSHOT.txz + rm -rf /staging diff --git a/scripts/packages/packager/signed-entrypoint.sh b/scripts/packages/packager/signed-entrypoint.sh new file mode 100644 index 000000000..7481475ed --- /dev/null +++ b/scripts/packages/packager/signed-entrypoint.sh @@ -0,0 +1,43 @@ +#!/bin/bash + +set -e +set -x +set -euxo pipefail + +FREEBSD_DISTROS="FreeBSD:12:amd64 FreeBSD:13:amd64" + +cd /nginx-agent/ + +mkdir -p ./build/packages/txz + +mkdir -p staging/usr/local/bin +mkdir -p staging/usr/local/etc/nginx-agent +mkdir -p staging/usr/local/etc/rc.d + +cp nginx-agent.conf staging/usr/local/etc/nginx-agent +cp scripts/packages/nginx-agent staging/usr/local/etc/rc.d +cp scripts/packages/postremove.sh staging/+PRE_DEINSTALL +cp scripts/packages/postinstall.sh staging/+POST_INSTALL +cp scripts/packages/plist staging +cp build/nginx-agent staging/usr/local/bin + +chmod +x staging/usr/local/etc/rc.d/nginx-agent + +VERSION="$(git describe --match 'v[0-9]*' --abbrev=0 | tr -d 'v')" envsubst < scripts/packages/manifest > staging/+MANIFEST + +for freebsd_abi in $FREEBSD_DISTROS; do \ + mkdir -p ./build/packages/txz/$freebsd_abi; \ + pkg -o ABI=$freebsd_abi create --format txz \ + -m staging \ + -r staging \ + -p staging/plist \ + -o ./build/packages/txz/$freebsd_abi; \ + # create freebsd pkg repo layout \ + pkg repo ./build/packages/txz/$freebsd_abi .key.rsa; \ + # Renaming file extension from pkg to txz. In older versions of pkg the extension would represent the format of the file + # but since version 1.17.0 pkg will now always create a file with the extesion pkg no matter what the format is. + # See 1.17.0 release notes for more info: https://cgit.freebsd.org/ports/commit/?id=e497a16a286972bfcab908209b11ee6a13d99dc9 + mv ./build/packages/txz/$freebsd_abi/nginx-agent-$(git describe --match 'v[0-9]*' --abbrev=0 | tr -d 'v').pkg ./build/packages/txz/$freebsd_abi/nginx-agent-$(git describe --match 'v[0-9]*' --abbrev=0 | tr -d 'v').txz; \ +done; \ + +rm -rf /staging