mirror of
https://github.com/cloudflare/cloudflared.git
synced 2025-05-11 03:16:34 +00:00
2dc5f6ec8c
This reverts commit 157f5d1412.
FIPS compliant binaries (for linux/amd64) are causing HTTPS origins to not
be reachable by cloudflared in certain cases (e.g. with Let's Encrypt certificates).
Origins that are not HTTPS for cloudflared are not affected.
239 lines
6.6 KiB
YAML
239 lines
6.6 KiB
YAML
pinned_go: &pinned_go go=1.17-1
|
|
pinned_go_fips: &pinned_go_fips go-boring=1.16.6-6
|
|
|
|
build_dir: &build_dir /cfsetup_build
|
|
default-flavor: buster
|
|
stretch: &stretch
|
|
build:
|
|
build_dir: *build_dir
|
|
builddeps:
|
|
- *pinned_go_fips
|
|
- build-essential
|
|
post-cache:
|
|
- export GOOS=linux
|
|
- export GOARCH=amd64
|
|
- export FIPS=true
|
|
- make cloudflared
|
|
build-non-fips: # helpful to catch problems with non-fips (only used for releasing non-linux artifacts) before releases
|
|
build_dir: *build_dir
|
|
builddeps:
|
|
- *pinned_go
|
|
- build-essential
|
|
post-cache:
|
|
- export GOOS=linux
|
|
- export GOARCH=amd64
|
|
- make cloudflared
|
|
build-all-packages: #except osxpkg
|
|
build_dir: *build_dir
|
|
builddeps:
|
|
- *pinned_go_fips
|
|
- build-essential
|
|
- fakeroot
|
|
- rubygem-fpm
|
|
- rpm
|
|
- wget
|
|
# libmsi and libgcab are libraries the wixl binary depends on.
|
|
- libmsi-dev
|
|
- libgcab-dev
|
|
pre-cache:
|
|
# TODO: https://jira.cfops.it/browse/TUN-4792 Replace this wixl with the official one once msitools supports
|
|
# environment.
|
|
- wget https://github.com/sudarshan-reddy/msitools/releases/download/v0.101b/wixl -P /usr/local/bin
|
|
- chmod a+x /usr/local/bin/wixl
|
|
post-cache:
|
|
- export FIPS=true
|
|
- ./build-packages.sh
|
|
github-release-pkgs:
|
|
build_dir: *build_dir
|
|
builddeps:
|
|
- *pinned_go_fips
|
|
- build-essential
|
|
- fakeroot
|
|
- rubygem-fpm
|
|
- rpm
|
|
- wget
|
|
# libmsi and libgcab are libraries the wixl binary depends on.
|
|
- libmsi-dev
|
|
- libgcab-dev
|
|
- python3-dev
|
|
- libffi-dev
|
|
- python3-setuptools
|
|
- python3-pip
|
|
pre-cache:
|
|
- wget https://github.com/sudarshan-reddy/msitools/releases/download/v0.101b/wixl -P /usr/local/bin
|
|
- chmod a+x /usr/local/bin/wixl
|
|
- pip3 install pygithub
|
|
post-cache:
|
|
# build all packages and move them to /cfsetup/built_artifacts
|
|
- ./build-packages.sh
|
|
# release the packages built and moved to /cfsetup/built_artifacts
|
|
- make github-release-built-pkgs
|
|
build-deb:
|
|
build_dir: *build_dir
|
|
builddeps: &build_deb_deps
|
|
- *pinned_go_fips
|
|
- build-essential
|
|
- fakeroot
|
|
- rubygem-fpm
|
|
post-cache:
|
|
- export GOOS=linux
|
|
- export GOARCH=amd64
|
|
- export FIPS=true
|
|
- make cloudflared-deb
|
|
build-deb-nightly:
|
|
build_dir: *build_dir
|
|
builddeps: *build_deb_deps
|
|
post-cache:
|
|
- export GOOS=linux
|
|
- export GOARCH=amd64
|
|
- export FIPS=true
|
|
- export NIGHTLY=true
|
|
- make cloudflared-deb
|
|
build-deb-arm64:
|
|
build_dir: *build_dir
|
|
builddeps: *build_deb_deps
|
|
post-cache:
|
|
- export GOOS=linux
|
|
- export GOARCH=arm64
|
|
- make cloudflared-deb
|
|
publish-deb:
|
|
build_dir: *build_dir
|
|
builddeps:
|
|
- *pinned_go_fips
|
|
- build-essential
|
|
- fakeroot
|
|
- rubygem-fpm
|
|
- openssh-client
|
|
post-cache:
|
|
- export GOOS=linux
|
|
- export GOARCH=amd64
|
|
- export FIPS=true
|
|
- make publish-deb
|
|
github-release-macos-amd64:
|
|
build_dir: *build_dir
|
|
builddeps:
|
|
- *pinned_go
|
|
- build-essential
|
|
- python3-dev
|
|
- libffi-dev
|
|
- python3-setuptools
|
|
- python3-pip
|
|
pre-cache: &install_pygithub
|
|
- pip3 install pygithub
|
|
post-cache:
|
|
- make github-mac-upload
|
|
test:
|
|
build_dir: *build_dir
|
|
builddeps:
|
|
- *pinned_go_fips
|
|
- build-essential
|
|
- gotest-to-teamcity
|
|
pre-cache:
|
|
- go get golang.org/x/tools/cmd/goimports
|
|
- go get github.com/sudarshan-reddy/go-sumtype@v0.0.0-20210827105221-82eca7e5abb1
|
|
post-cache:
|
|
- export GOOS=linux
|
|
- export GOARCH=amd64
|
|
- export FIPS=true
|
|
- export PATH="$HOME/go/bin:$PATH"
|
|
- ./fmt-check.sh
|
|
- make test | gotest-to-teamcity
|
|
component-test:
|
|
build_dir: *build_dir
|
|
builddeps:
|
|
- *pinned_go_fips
|
|
- python3.7
|
|
- python3-pip
|
|
- python3-setuptools
|
|
# procps installs the ps command which is needed in test_sysv_service because the init script
|
|
# uses ps pid to determine if the agent is running
|
|
- procps
|
|
pre-cache-copy-paths:
|
|
- component-tests/requirements.txt
|
|
pre-cache:
|
|
- sudo pip3 install --upgrade -r component-tests/requirements.txt
|
|
post-cache:
|
|
# Creates and routes a Named Tunnel for this build. Also constructs config file from env vars.
|
|
- python3 component-tests/setup.py --type create
|
|
- pytest component-tests -o log_cli=true --log-cli-level=INFO
|
|
# The Named Tunnel is deleted and its route unprovisioned here.
|
|
- python3 component-tests/setup.py --type cleanup
|
|
update-homebrew:
|
|
builddeps:
|
|
- openssh-client
|
|
- s3cmd
|
|
post-cache:
|
|
- .teamcity/update-homebrew.sh
|
|
github-message-release:
|
|
build_dir: *build_dir
|
|
builddeps:
|
|
- *pinned_go
|
|
- build-essential
|
|
- python3-dev
|
|
- libffi-dev
|
|
- python3-setuptools
|
|
- python3-pip
|
|
pre-cache: *install_pygithub
|
|
post-cache:
|
|
- make github-message
|
|
build-junos:
|
|
build_dir: *build_dir
|
|
builddeps:
|
|
- *pinned_go
|
|
- build-essential
|
|
- python3
|
|
- genisoimage
|
|
- jetez
|
|
pre-cache:
|
|
- ln -s /usr/bin/genisoimage /usr/bin/mkisofs
|
|
post-cache:
|
|
- export GOOS=freebsd
|
|
- export GOARCH=amd64
|
|
- make cloudflared-junos
|
|
publish-junos:
|
|
build_dir: *build_dir
|
|
builddeps:
|
|
- *pinned_go
|
|
- build-essential
|
|
- python3
|
|
- genisoimage
|
|
- jetez
|
|
- s4cmd
|
|
pre-cache:
|
|
- ln -s /usr/bin/genisoimage /usr/bin/mkisofs
|
|
post-cache:
|
|
- export GOOS=freebsd
|
|
- export GOARCH=amd64
|
|
- make publish-cloudflared-junos
|
|
|
|
buster: *stretch
|
|
bullseye: *stretch
|
|
centos-7:
|
|
publish-rpm:
|
|
build_dir: *build_dir
|
|
builddeps: &el7_builddeps
|
|
- https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
|
|
pre-cache:
|
|
- yum install -y fakeroot
|
|
- yum upgrade -y binutils-2.27-44.base.el7.x86_64
|
|
- wget https://golang.org/dl/go1.16.3.linux-amd64.tar.gz -P /tmp/
|
|
- tar -C /usr/local -xzf /tmp/go1.16.3.linux-amd64.tar.gz
|
|
post-cache:
|
|
- export PATH=$PATH:/usr/local/go/bin
|
|
- export GOOS=linux
|
|
- export GOARCH=amd64
|
|
- make publish-rpm
|
|
build-rpm:
|
|
build_dir: *build_dir
|
|
builddeps: *el7_builddeps
|
|
pre-cache:
|
|
- yum install -y fakeroot
|
|
- yum upgrade -y binutils-2.27-44.base.el7.x86_64
|
|
- wget https://golang.org/dl/go1.16.3.linux-amd64.tar.gz -P /tmp/
|
|
- tar -C /usr/local -xzf /tmp/go1.16.3.linux-amd64.tar.gz
|
|
post-cache:
|
|
- export PATH=$PATH:/usr/local/go/bin
|
|
- export GOOS=linux
|
|
- export GOARCH=amd64
|
|
- make cloudflared-rpm
|