diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 913653edca..31db2febeb 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -9,11 +9,23 @@ env: PKG_NAME: "boundary" jobs: + set-product-version: + runs-on: ubuntu-latest + outputs: + product-version: ${{ steps.set-product-version.outputs.product-version }} + base-product-version: $${{ steps.set-product-version.outputs.base-product-version }} + prerelease-product-version: ${{ steps.set-product-version.outputs.prerelease-product-version }} + steps: + - uses: actions/checkout@v3 + - name: Set Product version + id: set-product-version + uses: hashicorp/actions-set-product-version@v1 + product-metadata: + needs: set-product-version runs-on: ubuntu-latest outputs: - product-version: ${{ steps.get-product-version.outputs.product-version }} - product-minor-version: ${{ steps.get-product-version.outputs.product-minor-version }} + product-minor-version: ${{ steps.get-product-minor-version.outputs.product-minor-version }} product-edition: ${{ steps.get-product-edition.outputs.product-edition }} go-version: ${{ steps.get-go-version.outputs.go-version }} steps: @@ -49,27 +61,29 @@ jobs: run: | make edition echo "::set-output name=product-edition::$(make edition)" - - name: Determine product version - id: get-product-version + - name: Determine minor product version + id: get-product-minor-version run: | - VERSION=$(make version) + VERSION=${{ needs.set-product-version.outputs.product-version }} MINOR_VERSION=$(echo $VERSION | cut -d. -f-2) - echo "::set-output name=product-version::$VERSION" echo "::set-output name=product-minor-version::$MINOR_VERSION" verify-product-metadata: - needs: product-metadata + needs: + - set-product-version + - product-metadata runs-on: ubuntu-latest steps: - name: 'Checkout directory' uses: actions/checkout@v3 - run: | - echo "Product Version - ${{ needs.product-metadata.outputs.product-version }}" + echo "Product Version - ${{ needs.set-product-version.outputs.product-version }}" + echo "Product Prerelease - ${{ needs.set-product-version.outputs.prerelease-product-version }}" + echo "Product Metadata - ${{ needs.product-metadata.outputs.product-edition }}" echo "Product Minor Version - ${{ needs.product-metadata.outputs.product-minor-version }}" - echo "Product Edition - ${{ needs.product-metadata.outputs.product-edition }}" generate-metadata-file: - needs: product-metadata + needs: set-product-version runs-on: ubuntu-latest outputs: filepath: ${{ steps.generate-metadata-file.outputs.filepath }} @@ -78,9 +92,9 @@ jobs: uses: actions/checkout@v3 - name: Generate metadata file id: generate-metadata-file - uses: hashicorp/actions-generate-metadata@main + uses: hashicorp/actions-generate-metadata@v1 with: - version: ${{ needs.product-metadata.outputs.product-version }} + version: ${{ needs.set-product-version.outputs.product-version }} product: ${{ env.PKG_NAME }} - uses: actions/upload-artifact@v3 @@ -91,6 +105,7 @@ jobs: build-other: needs: - product-metadata + - set-product-version runs-on: ubuntu-latest strategy: matrix: @@ -143,23 +158,30 @@ jobs: repo: "hashicorp/boundary-ui" name: admin-ui-${{ needs.product-metadata.outputs.product-edition }} path: internal/ui/.tmp/boundary-ui/ui/admin/dist - - name: Go build + - name: Go Build env: - GOOS: ${{ matrix.goos }} - GOARCH: ${{ matrix.goarch }} - CGO_ENABLED: 0 - run: | - mkdir out - make build - zip -r -j out/${{ env.PKG_NAME }}_${{ needs.product-metadata.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip bin/ + CGO_ENABLED: "0" + PRERELEASE_PRODUCT_VERSION: ${{ needs.set-product-version.outputs.prerelease-product-version }} + METADATA_PRODUCT_VERSION: ${{ needs.product-metadata.outputs.product-edition }} + uses: hashicorp/actions-go-build@v0.1.7 + with: + product_name: ${{ env.PKG_NAME }} + product_version: ${{ needs.set-product-version. outputs.product-version }} + go_version: ${{ matrix.go }} + os: ${{ matrix.goos }} + arch: ${{ matrix.goarch }} + reproducible: report + instructions: |- + make build - uses: actions/upload-artifact@v3 with: - name: ${{ env.PKG_NAME }}_${{ needs.product-metadata.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip - path: out/${{ env.PKG_NAME }}_${{ needs.product-metadata.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip + name: ${{ env.PKG_NAME }}_${{ needs.set-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip + path: out/${{ env.PKG_NAME }}_${{ needs.set-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip build-linux: needs: - product-metadata + - set-product-version runs-on: ubuntu-latest strategy: matrix: @@ -207,31 +229,36 @@ jobs: repo: "hashicorp/boundary-ui" name: admin-ui-${{ needs.product-metadata.outputs.product-edition }} path: internal/ui/.tmp/boundary-ui/ui/admin/dist - - name: Go build + - name: Go Build env: - GOOS: ${{ matrix.goos }} - GOARCH: ${{ matrix.goarch }} - CGO_ENABLED: 0 - run: | - mkdir out - make build - zip -r -j out/${{ env.PKG_NAME }}_${{ needs.product-metadata.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip bin/ + CGO_ENABLED: "0" + PRERELEASE_PRODUCT_VERSION: ${{ needs.set-product-version.outputs.prerelease-product-version }} + METADATA_PRODUCT_VERSION: ${{ needs.product-metadata.outputs.product-edition }} + uses: hashicorp/actions-go-build@v0.1.7 + with: + product_name: ${{ env.PKG_NAME }} + product_version: ${{ needs.set-product-version. outputs.product-version }} + go_version: ${{ matrix.go }} + os: ${{ matrix.goos }} + arch: ${{ matrix.goarch }} + reproducible: report + instructions: |- + make build - uses: actions/upload-artifact@v3 with: - name: ${{ env.PKG_NAME }}_${{ needs.product-metadata.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip - path: out/${{ env.PKG_NAME }}_${{ needs.product-metadata.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip - + name: ${{ env.PKG_NAME }}_${{ needs.set-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip + path: out/${{ env.PKG_NAME }}_${{ needs.set-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip - name: Package uses: hashicorp/actions-packaging-linux@v1 with: name: ${{ github.event.repository.name }} description: "HashiCorp Boundary - Identity-based access management for dynamic infrastructure" arch: ${{ matrix.goarch }} - version: ${{ needs.product-metadata.outputs.product-version }} + version: ${{ needs.set-product-version.outputs.product-version }} maintainer: "HashiCorp" homepage: "https://github.com/hashicorp/boundary" license: "MPL-2.0" - binary: "bin/${{ env.PKG_NAME }}" + binary: "dist/${{ env.PKG_NAME }}" deb_depends: "openssl" rpm_depends: "openssl" config_dir: ".release/linux/package/" @@ -255,6 +282,7 @@ jobs: build-darwin: needs: - product-metadata + - set-product-version runs-on: macos-latest strategy: matrix: @@ -299,24 +327,31 @@ jobs: repo: "hashicorp/boundary-ui" name: admin-ui-${{ needs.product-metadata.outputs.product-edition }} path: internal/ui/.tmp/boundary-ui/ui/admin/dist - - name: Go build + - name: Go Build env: - GOOS: ${{ matrix.goos }} - GOARCH: ${{ matrix.goarch }} - CGO_ENABLED: 0 - run: | - mkdir out - make build - zip -r -j out/${{ env.PKG_NAME }}_${{ needs.product-metadata.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip bin/ + CGO_ENABLED: "0" + PRERELEASE_PRODUCT_VERSION: ${{ needs.set-product-version.outputs.prerelease-product-version }} + METADATA_PRODUCT_VERSION: ${{ needs.product-metadata.outputs.product-edition }} + uses: hashicorp/actions-go-build@v0.1.7 + with: + product_name: ${{ env.PKG_NAME }} + product_version: ${{ needs.set-product-version. outputs.product-version }} + go_version: ${{ matrix.go }} + os: ${{ matrix.goos }} + arch: ${{ matrix.goarch }} + reproducible: report + instructions: |- + make build - uses: actions/upload-artifact@v3 with: - name: ${{ env.PKG_NAME }}_${{ needs.product-metadata.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip - path: out/${{ env.PKG_NAME }}_${{ needs.product-metadata.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip + name: ${{ env.PKG_NAME }}_${{ needs.set-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip + path: out/${{ env.PKG_NAME }}_${{ needs.set-product-version.outputs.product-version }}_${{ matrix.goos }}_${{ matrix.goarch }}.zip build-docker: name: Docker ${{ matrix.arch }} build needs: - product-metadata + - set-product-version - build-linux runs-on: ubuntu-latest strategy: @@ -324,7 +359,7 @@ jobs: arch: ["arm", "arm64", "386", "amd64"] env: repo: ${{ github.event.repository.name }} - version: ${{ needs.product-metadata.outputs.product-version }} + version: ${{ needs.set-product-version.outputs.product-version }} minor-version: ${{ needs.product-metadata.outputs.product-minor-version }} steps: - uses: actions/checkout@v3 @@ -352,11 +387,12 @@ jobs: # workflow. if: "! github.event.pull_request.head.repo.fork" needs: + - set-product-version - product-metadata - build-linux uses: ./.github/workflows/enos-run.yml with: - artifact-name: "boundary_${{ needs.product-metadata.outputs.product-version }}_linux_amd64.zip" + artifact-name: "boundary_${{ needs.set-product-version.outputs.product-version }}_linux_amd64.zip" go-version: ${{ needs.product-metadata.outputs.go-version }} secrets: inherit @@ -365,7 +401,7 @@ jobs: name: CLI tests if: "! github.event.pull_request.head.repo.fork" needs: - - product-metadata + - set-product-version - build-linux steps: - uses: actions/checkout@v3 @@ -421,12 +457,12 @@ jobs: id: download uses: actions/download-artifact@v3 with: - name: boundary_${{ needs.product-metadata.outputs.product-version }}_linux_amd64.zip + name: boundary_${{ needs.set-product-version.outputs.product-version }}_linux_amd64.zip path: /tmp - name: Unpack boundary bundle run: | - unzip ${{steps.download.outputs.download-path}}/boundary_${{ needs.product-metadata.outputs.product-version }}_linux_amd64.zip -d /usr/local/bin - rm ${{steps.download.outputs.download-path}}/boundary_${{ needs.product-metadata.outputs.product-version }}_linux_amd64.zip + unzip ${{steps.download.outputs.download-path}}/boundary_${{ needs.set-product-version.outputs.product-version }}_linux_amd64.zip -d /usr/local/bin + rm ${{steps.download.outputs.download-path}}/boundary_${{ needs.set-product-version.outputs.product-version }}_linux_amd64.zip - name: Versions run: | echo "go version:" diff --git a/.release/ci.hcl b/.release/ci.hcl index 8f8d782f6f..dc959a0612 100644 --- a/.release/ci.hcl +++ b/.release/ci.hcl @@ -13,14 +13,11 @@ project "boundary" { release_branches = [ "main", + "release/**", ] } } -event "merge" { - // "entrypoint" to use if build is not run automatically // i.e. send "merge" complete signal to orchestrator to trigger build -} - event "build" { depends = ["merge"] @@ -31,13 +28,13 @@ event "build" { } } -event "upload-dev" { +event "prepare" { depends = ["build"] - action "upload-dev" { + action "prepare" { organization = "hashicorp" repository = "crt-workflows-common" - workflow = "upload-dev" + workflow = "prepare" depends = ["build"] } @@ -46,157 +43,6 @@ event "upload-dev" { } } -event "security-scan-binaries" { - depends = ["upload-dev"] - - action "security-scan-binaries" { - organization = "hashicorp" - repository = "crt-workflows-common" - workflow = "security-scan-binaries" - config = "security-scan.hcl" - } - - notification { - on = "fail" - } -} - -event "security-scan-containers" { - depends = ["security-scan-binaries"] - - action "security-scan-containers" { - organization = "hashicorp" - repository = "crt-workflows-common" - workflow = "security-scan-containers" - config = "security-scan.hcl" - } - - notification { - on = "fail" - } -} - -event "notarize-darwin-amd64" { - depends = ["security-scan-containers"] - - action "notarize-darwin-amd64" { - organization = "hashicorp" - repository = "crt-workflows-common" - workflow = "notarize-darwin-amd64" - } - - notification { - on = "fail" - } -} - -event "notarize-darwin-arm64" { - depends = ["notarize-darwin-amd64"] - - action "notarize-darwin-arm64" { - organization = "hashicorp" - repository = "crt-workflows-common" - workflow = "notarize-darwin-arm64" - } - - notification { - on = "fail" - } -} - -event "notarize-windows-386" { - depends = ["notarize-darwin-arm64"] - - action "notarize-windows-386" { - organization = "hashicorp" - repository = "crt-workflows-common" - workflow = "notarize-windows-386" - } - - notification { - on = "fail" - } -} - -event "notarize-windows-amd64" { - depends = ["notarize-windows-386"] - - action "notarize-windows-amd64" { - organization = "hashicorp" - repository = "crt-workflows-common" - workflow = "notarize-windows-amd64" - } - - notification { - on = "fail" - } -} - -event "sign" { - depends = ["notarize-windows-amd64"] - - action "sign" { - organization = "hashicorp" - repository = "crt-workflows-common" - workflow = "sign" - } - - notification { - on = "fail" - } -} - -event "sign-linux-rpms" { - depends = ["sign"] - - action "sign-linux-rpms" { - organization = "hashicorp" - repository = "crt-workflows-common" - workflow = "sign-linux-rpms" - } - - notification { - on = "fail" - } -} - -event "verify" { - depends = ["sign-linux-rpms"] - - action "verify" { - organization = "hashicorp" - repository = "crt-workflows-common" - workflow = "verify" - } - - notification { - on = "fail" - } -} - -event "promote-dev-docker" { - depends = ["verify"] - action "promote-dev-docker" { - organization = "hashicorp" - repository = "crt-workflows-common" - workflow = "promote-dev-docker" - depends = ["verify"] - } - - notification { - on = "fail" - } -} - -event "fossa-scan" { - depends = ["promote-dev-docker"] - action "fossa-scan" { - organization = "hashicorp" - repository = "crt-workflows-common" - workflow = "fossa-scan" - } -} - ## These are promotion and post-publish events ## they should be added to the end of the file after the verify event stanza. @@ -292,8 +138,17 @@ event "post-publish-website" { } } -event "update-ironbank" { +event "bump-version" { depends = ["post-publish-website"] + action "bump-version" { + organization = "hashicorp" + repository = "crt-workflows-common" + workflow = "bump-version" + } +} + +event "update-ironbank" { + depends = ["bump-version"] action "update-ironbank" { organization = "hashicorp" repository = "crt-workflows-common" diff --git a/scripts/build.sh b/scripts/build.sh index b506a0c7a9..d4625eda96 100755 --- a/scripts/build.sh +++ b/scripts/build.sh @@ -54,26 +54,38 @@ if [ "${CI_BUILD}x" != "x" ]; then exit fi +# Declare binary paths! +BINARY_NAME="boundary${BINARY_SUFFIX}" +BIN_PATH=${BIN_PATH:=bin/${BINARY_NAME}} +BIN_PARENT_DIR="${BIN_PATH%/*}" +BIN_PARENT_DIR="${BIN_PARENT_DIR##*/}" + # Delete the old dir -echo "==> Removing old directory..." -rm -f bin/* -mkdir -p bin/ +echo "==> Removing old directory ${BIN_PARENT_DIR}..." +rm -rf ${BIN_PARENT_DIR} +mkdir -p ${BIN_PARENT_DIR} # Build! -echo "==> Building into bin/ for ${GOOS}_${GOARCH}..." -BINARY_NAME="boundary${BINARY_SUFFIX}" +echo "==> Building into ${BIN_PARENT_DIR} for ${GOOS}_${GOARCH}..." ${GO_CMD} build \ -tags="${BUILD_TAGS}" \ - -ldflags "-X github.com/hashicorp/boundary/version.GitCommit=${GIT_COMMIT}${GIT_DIRTY}" \ - -o "bin/${BINARY_NAME}" \ + -trimpath \ + -buildvcs=false \ + -ldflags " + -X github.com/hashicorp/boundary/version.GitCommit=${GIT_COMMIT}${GIT_DIRTY} + -X 'github.com/hashicorp/boundary/version.Version=$PRODUCT_VERSION' + -X 'github.com/hashicorp/boundary/version.VersionPrerelease=$PRERELEASE_PRODUCT_VERSION' + -X 'github.com/hashicorp/boundary/version.VersionMetadata=$METADATA_PRODUCT_VERSION' + " \ + -o "$BIN_PATH" \ ./cmd/boundary # Copy binary into gopath if desired if [ "${BOUNDARY_INSTALL_BINARY}x" != "x" ]; then echo "==> Moving binary into GOPATH/bin..." - mv -f "bin/${BINARY_NAME}" "${GOPATH}/bin/" + mv -f "${BIN_PATH}" "${GOPATH}/bin/" fi # Done! echo "==> Results:" -ls -hl bin/ \ No newline at end of file +ls -hl ${BIN_PARENT_DIR} \ No newline at end of file diff --git a/version/VERSION b/version/VERSION new file mode 100644 index 0000000000..d33c3a2128 --- /dev/null +++ b/version/VERSION @@ -0,0 +1 @@ +0.12.0 \ No newline at end of file diff --git a/version/version_base.go b/version/version_base.go index da554db4ba..1df564d65c 100644 --- a/version/version_base.go +++ b/version/version_base.go @@ -1,17 +1,20 @@ package version var ( - // The git commit that was compiled. This will be filled in by the compiler. + // GitCommit is the git commit that was compiled. This will be filled in by the compiler. GitCommit string GitDescribe string - // Whether cgo is enabled or not; set at build time + // CgoEnabled is whether cgo is enabled or not; set at build time CgoEnabled bool + // Version is the base version + // Default values - set when building locally (at build time) Version = "0.12.0" // VersionPrerelease is also set at compile time, similarly to Version. VersionPrerelease = "" + // VersionMetadata is also set at compile time. VersionMetadata = "" )