Merge branch 'cloudflare:master' into tunnel-health
This commit is contained in:
commit
037f056d0c
|
@ -12,8 +12,6 @@ export GO111MODULE=on
|
||||||
|
|
||||||
# build 'cloudflared-darwin-amd64.tgz'
|
# build 'cloudflared-darwin-amd64.tgz'
|
||||||
mkdir -p artifacts
|
mkdir -p artifacts
|
||||||
FILENAME="$(pwd)/artifacts/cloudflared-darwin-amd64.tgz"
|
|
||||||
PKGNAME="$(pwd)/artifacts/cloudflared-amd64.pkg"
|
|
||||||
TARGET_DIRECTORY=".build"
|
TARGET_DIRECTORY=".build"
|
||||||
BINARY_NAME="cloudflared"
|
BINARY_NAME="cloudflared"
|
||||||
VERSION=$(git describe --tags --always --dirty="-dev")
|
VERSION=$(git describe --tags --always --dirty="-dev")
|
||||||
|
@ -28,7 +26,6 @@ export PATH="$PATH:/usr/local/bin"
|
||||||
mkdir -p ../src/github.com/cloudflare/
|
mkdir -p ../src/github.com/cloudflare/
|
||||||
cp -r . ../src/github.com/cloudflare/cloudflared
|
cp -r . ../src/github.com/cloudflare/cloudflared
|
||||||
cd ../src/github.com/cloudflare/cloudflared
|
cd ../src/github.com/cloudflare/cloudflared
|
||||||
GOCACHE="$PWD/../../../../" GOPATH="$PWD/../../../../" CGO_ENABLED=1 make cloudflared
|
|
||||||
|
|
||||||
# Add code signing private key to the key chain
|
# Add code signing private key to the key chain
|
||||||
if [[ ! -z "$CFD_CODE_SIGN_KEY" ]]; then
|
if [[ ! -z "$CFD_CODE_SIGN_KEY" ]]; then
|
||||||
|
@ -138,47 +135,59 @@ else
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# sign the cloudflared binary
|
# cleanup the build directory because the previous execution might have failed without cleaning up.
|
||||||
if [[ ! -z "$CODE_SIGN_NAME" ]]; then
|
rm -rf "${TARGET_DIRECTORY}"
|
||||||
codesign -s "${CODE_SIGN_NAME}" -f -v --timestamp --options runtime ${BINARY_NAME}
|
archs=("amd64" "arm64")
|
||||||
|
export TARGET_OS=darwin
|
||||||
|
for arch in ${archs[@]}; do
|
||||||
|
|
||||||
# notarize the binary
|
FILENAME="$(pwd)/artifacts/cloudflared-darwin-$arch.tgz"
|
||||||
# TODO: TUN-5789
|
PKGNAME="$(pwd)/artifacts/cloudflared-$arch.pkg"
|
||||||
fi
|
TARGET_ARCH=$arch GOCACHE="$PWD/../../../../" GOPATH="$PWD/../../../../" CGO_ENABLED=1 make cloudflared
|
||||||
|
|
||||||
# creating build directory
|
# sign the cloudflared binary
|
||||||
rm -rf $TARGET_DIRECTORY
|
if [[ ! -z "$CODE_SIGN_NAME" ]]; then
|
||||||
mkdir "${TARGET_DIRECTORY}"
|
codesign -s "${CODE_SIGN_NAME}" -f -v --timestamp --options runtime ${BINARY_NAME}
|
||||||
mkdir "${TARGET_DIRECTORY}/contents"
|
|
||||||
cp -r ".mac_resources/scripts" "${TARGET_DIRECTORY}/scripts"
|
# notarize the binary
|
||||||
|
# TODO: TUN-5789
|
||||||
|
fi
|
||||||
|
|
||||||
# copy cloudflared into the build directory
|
ARCH_TARGET_DIRECTORY="${TARGET_DIRECTORY}/${arch}-build"
|
||||||
cp ${BINARY_NAME} "${TARGET_DIRECTORY}/contents/${PRODUCT}"
|
# creating build directory
|
||||||
|
rm -rf $ARCH_TARGET_DIRECTORY
|
||||||
|
mkdir -p "${ARCH_TARGET_DIRECTORY}"
|
||||||
|
mkdir -p "${ARCH_TARGET_DIRECTORY}/contents"
|
||||||
|
cp -r ".mac_resources/scripts" "${ARCH_TARGET_DIRECTORY}/scripts"
|
||||||
|
|
||||||
# compress cloudflared into a tar and gzipped file
|
# copy cloudflared into the build directory
|
||||||
tar czf "$FILENAME" "${BINARY_NAME}"
|
cp ${BINARY_NAME} "${ARCH_TARGET_DIRECTORY}/contents/${PRODUCT}"
|
||||||
|
|
||||||
# build the installer package
|
# compress cloudflared into a tar and gzipped file
|
||||||
if [[ ! -z "$PKG_SIGN_NAME" ]]; then
|
tar czf "$FILENAME" "${BINARY_NAME}"
|
||||||
pkgbuild --identifier com.cloudflare.${PRODUCT} \
|
|
||||||
--version ${VERSION} \
|
|
||||||
--scripts ${TARGET_DIRECTORY}/scripts \
|
|
||||||
--root ${TARGET_DIRECTORY}/contents \
|
|
||||||
--install-location /usr/local/bin \
|
|
||||||
--sign "${PKG_SIGN_NAME}" \
|
|
||||||
${PKGNAME}
|
|
||||||
|
|
||||||
# notarize the package
|
# build the installer package
|
||||||
# TODO: TUN-5789
|
if [[ ! -z "$PKG_SIGN_NAME" ]]; then
|
||||||
else
|
|
||||||
pkgbuild --identifier com.cloudflare.${PRODUCT} \
|
pkgbuild --identifier com.cloudflare.${PRODUCT} \
|
||||||
--version ${VERSION} \
|
--version ${VERSION} \
|
||||||
--scripts ${TARGET_DIRECTORY}/scripts \
|
--scripts ${ARCH_TARGET_DIRECTORY}/scripts \
|
||||||
--root ${TARGET_DIRECTORY}/contents \
|
--root ${ARCH_TARGET_DIRECTORY}/contents \
|
||||||
--install-location /usr/local/bin \
|
--install-location /usr/local/bin \
|
||||||
${PKGNAME}
|
--sign "${PKG_SIGN_NAME}" \
|
||||||
fi
|
${PKGNAME}
|
||||||
|
|
||||||
|
# notarize the package
|
||||||
|
# TODO: TUN-5789
|
||||||
|
else
|
||||||
|
pkgbuild --identifier com.cloudflare.${PRODUCT} \
|
||||||
|
--version ${VERSION} \
|
||||||
|
--scripts ${ARCH_TARGET_DIRECTORY}/scripts \
|
||||||
|
--root ${ARCH_TARGET_DIRECTORY}/contents \
|
||||||
|
--install-location /usr/local/bin \
|
||||||
|
${PKGNAME}
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
# cleaning up the build directory
|
# cleanup build directory because this script is not ran within containers,
|
||||||
rm -rf $TARGET_DIRECTORY
|
# which might lead to future issues in subsequent runs.
|
||||||
|
rm -rf "${TARGET_DIRECTORY}"
|
||||||
|
|
|
@ -9,9 +9,8 @@ windowsArchs=("amd64" "386")
|
||||||
for arch in ${windowsArchs[@]}; do
|
for arch in ${windowsArchs[@]}; do
|
||||||
export TARGET_ARCH=$arch
|
export TARGET_ARCH=$arch
|
||||||
# Copy exe into final directory
|
# Copy exe into final directory
|
||||||
cp ./artifacts/cloudflared-windows-$arch.exe $ARTIFACT_DIR/cloudflared-windows-$arch.exe
|
cp $ARTIFACT_DIR/cloudflared-windows-$arch.exe ./cloudflared.exe
|
||||||
cp ./artifacts/cloudflared-windows-$arch.exe ./cloudflared.exe
|
|
||||||
make cloudflared-msi
|
make cloudflared-msi
|
||||||
# Copy msi into final directory
|
# Copy msi into final directory
|
||||||
mv cloudflared-$VERSION-$arch.msi $ARTIFACT_DIR/cloudflared-windows-$arch.msi
|
mv cloudflared-$VERSION-$arch.msi $ARTIFACT_DIR/cloudflared-windows-$arch.msi
|
||||||
done
|
done
|
||||||
|
|
|
@ -5,41 +5,6 @@ $ProgressPreference = "SilentlyContinue"
|
||||||
$WorkingDirectory = Get-Location
|
$WorkingDirectory = Get-Location
|
||||||
$CloudflaredDirectory = "$WorkingDirectory\go\src\github.com\cloudflare\cloudflared"
|
$CloudflaredDirectory = "$WorkingDirectory\go\src\github.com\cloudflare\cloudflared"
|
||||||
|
|
||||||
Write-Output "Installing python..."
|
|
||||||
|
|
||||||
$PythonVersion = "3.10.11"
|
|
||||||
$PythonZipFile = "$env:Temp\python-$PythonVersion-embed-amd64.zip"
|
|
||||||
$PipInstallFile = "$env:Temp\get-pip.py"
|
|
||||||
$PythonZipUrl = "https://www.python.org/ftp/python/$PythonVersion/python-$PythonVersion-embed-amd64.zip"
|
|
||||||
$PythonPath = "$WorkingDirectory\Python"
|
|
||||||
$PythonBinPath = "$PythonPath\python.exe"
|
|
||||||
|
|
||||||
# Download Python zip file
|
|
||||||
Invoke-WebRequest -Uri $PythonZipUrl -OutFile $PythonZipFile
|
|
||||||
|
|
||||||
# Download Python pip file
|
|
||||||
Invoke-WebRequest -Uri "https://bootstrap.pypa.io/get-pip.py" -OutFile $PipInstallFile
|
|
||||||
|
|
||||||
# Extract Python files
|
|
||||||
Expand-Archive $PythonZipFile -DestinationPath $PythonPath -Force
|
|
||||||
|
|
||||||
# Add Python to PATH
|
|
||||||
$env:Path = "$PythonPath\Scripts;$PythonPath;$($env:Path)"
|
|
||||||
|
|
||||||
Write-Output "Installed to $PythonPath"
|
|
||||||
|
|
||||||
# Install pip
|
|
||||||
& $PythonBinPath $PipInstallFile
|
|
||||||
|
|
||||||
# Add package paths in pythonXX._pth to unblock python -m pip
|
|
||||||
$PythonImportPathFile = "$PythonPath\python310._pth"
|
|
||||||
$ComponentTestsDir = "$CloudflaredDirectory\component-tests\"
|
|
||||||
@($ComponentTestsDir, "Lib\site-packages", $(Get-Content $PythonImportPathFile)) | Set-Content $PythonImportPathFile
|
|
||||||
|
|
||||||
# Test Python installation
|
|
||||||
& $PythonBinPath --version
|
|
||||||
& $PythonBinPath -m pip --version
|
|
||||||
|
|
||||||
go env
|
go env
|
||||||
go version
|
go version
|
||||||
|
|
||||||
|
@ -48,8 +13,8 @@ $env:CGO_ENABLED = 1
|
||||||
$env:TARGET_ARCH = "amd64"
|
$env:TARGET_ARCH = "amd64"
|
||||||
$env:Path = "$Env:Temp\go\bin;$($env:Path)"
|
$env:Path = "$Env:Temp\go\bin;$($env:Path)"
|
||||||
|
|
||||||
& $PythonBinPath --version
|
python --version
|
||||||
& $PythonBinPath -m pip --version
|
python -m pip --version
|
||||||
|
|
||||||
cd $CloudflaredDirectory
|
cd $CloudflaredDirectory
|
||||||
|
|
||||||
|
@ -72,11 +37,11 @@ if ($LASTEXITCODE -ne 0) { throw "Failed unit tests" }
|
||||||
|
|
||||||
Write-Output "Running component tests"
|
Write-Output "Running component tests"
|
||||||
|
|
||||||
& $PythonBinPath -m pip install --upgrade -r component-tests/requirements.txt
|
python -m pip --disable-pip-version-check install --upgrade -r component-tests/requirements.txt
|
||||||
& $PythonBinPath component-tests/setup.py --type create
|
python component-tests/setup.py --type create
|
||||||
& $PythonBinPath -m pytest component-tests -o log_cli=true --log-cli-level=INFO
|
python -m pytest component-tests -o log_cli=true --log-cli-level=INFO
|
||||||
if ($LASTEXITCODE -ne 0) {
|
if ($LASTEXITCODE -ne 0) {
|
||||||
& $PythonBinPath component-tests/setup.py --type cleanup
|
python component-tests/setup.py --type cleanup
|
||||||
throw "Failed component tests"
|
throw "Failed component tests"
|
||||||
}
|
}
|
||||||
& $PythonBinPath component-tests/setup.py --type cleanup
|
python component-tests/setup.py --type cleanup
|
32
Makefile
32
Makefile
|
@ -218,38 +218,14 @@ cloudflared-pkg: cloudflared cloudflared.1
|
||||||
cloudflared-msi:
|
cloudflared-msi:
|
||||||
wixl --define Version=$(VERSION) --define Path=$(EXECUTABLE_PATH) --output cloudflared-$(VERSION)-$(TARGET_ARCH).msi cloudflared.wxs
|
wixl --define Version=$(VERSION) --define Path=$(EXECUTABLE_PATH) --output cloudflared-$(VERSION)-$(TARGET_ARCH).msi cloudflared.wxs
|
||||||
|
|
||||||
.PHONY: cloudflared-darwin-amd64.tgz
|
|
||||||
cloudflared-darwin-amd64.tgz: cloudflared
|
|
||||||
tar czf cloudflared-darwin-amd64.tgz cloudflared
|
|
||||||
rm cloudflared
|
|
||||||
|
|
||||||
.PHONY: github-release
|
.PHONY: github-release
|
||||||
github-release: cloudflared
|
github-release:
|
||||||
python3 github_release.py --path $(EXECUTABLE_PATH) --release-version $(VERSION)
|
|
||||||
|
|
||||||
.PHONY: github-release-built-pkgs
|
|
||||||
github-release-built-pkgs:
|
|
||||||
python3 github_release.py --path $(PWD)/built_artifacts --release-version $(VERSION)
|
python3 github_release.py --path $(PWD)/built_artifacts --release-version $(VERSION)
|
||||||
|
|
||||||
.PHONY: release-pkgs-linux
|
|
||||||
release-pkgs-linux:
|
|
||||||
python3 ./release_pkgs.py
|
|
||||||
|
|
||||||
.PHONY: github-message
|
|
||||||
github-message:
|
|
||||||
python3 github_message.py --release-version $(VERSION)
|
python3 github_message.py --release-version $(VERSION)
|
||||||
|
|
||||||
.PHONY: github-mac-upload
|
.PHONY: r2-linux-release
|
||||||
github-mac-upload:
|
r2-linux-release:
|
||||||
python3 github_release.py --path artifacts/cloudflared-darwin-amd64.tgz --release-version $(VERSION) --name cloudflared-darwin-amd64.tgz
|
python3 ./release_pkgs.py
|
||||||
python3 github_release.py --path artifacts/cloudflared-amd64.pkg --release-version $(VERSION) --name cloudflared-amd64.pkg
|
|
||||||
|
|
||||||
.PHONY: github-windows-upload
|
|
||||||
github-windows-upload:
|
|
||||||
python3 github_release.py --path built_artifacts/cloudflared-windows-amd64.exe --release-version $(VERSION) --name cloudflared-windows-amd64.exe
|
|
||||||
python3 github_release.py --path built_artifacts/cloudflared-windows-amd64.msi --release-version $(VERSION) --name cloudflared-windows-amd64.msi
|
|
||||||
python3 github_release.py --path built_artifacts/cloudflared-windows-386.exe --release-version $(VERSION) --name cloudflared-windows-386.exe
|
|
||||||
python3 github_release.py --path built_artifacts/cloudflared-windows-386.msi --release-version $(VERSION) --name cloudflared-windows-386.msi
|
|
||||||
|
|
||||||
.PHONY: capnp
|
.PHONY: capnp
|
||||||
capnp:
|
capnp:
|
||||||
|
|
|
@ -1,3 +1,14 @@
|
||||||
|
2024.7.1
|
||||||
|
- 2024-07-16 TUN-8543: use -p flag to create intermediate directories
|
||||||
|
|
||||||
|
2024.7.0
|
||||||
|
- 2024-07-05 TUN-8520: add macos arm64 build
|
||||||
|
- 2024-07-05 TUN-8523: refactor makefile and cfsetup
|
||||||
|
- 2024-07-02 TUN-8504: Use pre-installed python version instead of downloading it on Windows builds
|
||||||
|
- 2024-06-26 TUN-8489: Add default noop logger for capnprpc
|
||||||
|
- 2024-06-25 TUN-8487: Add user-agent for quick-tunnel requests
|
||||||
|
- 2023-12-12 TUN-8057: cloudflared uses new PQ curve ID
|
||||||
|
|
||||||
2024.6.1
|
2024.6.1
|
||||||
- 2024-06-12 TUN-8461: Don't log Failed to send session payload if the error is EOF
|
- 2024-06-12 TUN-8461: Don't log Failed to send session payload if the error is EOF
|
||||||
- 2024-06-07 TUN-8456: Update quic-go to 0.45 and collect mtu and congestion control metrics
|
- 2024-06-07 TUN-8456: Update quic-go to 0.45 and collect mtu and congestion control metrics
|
||||||
|
|
132
cfsetup.yaml
132
cfsetup.yaml
|
@ -3,34 +3,27 @@ pinned_go: &pinned_go go-boring=1.22.2-1
|
||||||
build_dir: &build_dir /cfsetup_build
|
build_dir: &build_dir /cfsetup_build
|
||||||
default-flavor: bullseye
|
default-flavor: bullseye
|
||||||
buster: &buster
|
buster: &buster
|
||||||
build:
|
build-linux:
|
||||||
build_dir: *build_dir
|
build_dir: *build_dir
|
||||||
builddeps: &build_deps
|
builddeps: &build_deps
|
||||||
- *pinned_go
|
- *pinned_go
|
||||||
- build-essential
|
- build-essential
|
||||||
- gotest-to-teamcity
|
|
||||||
- fakeroot
|
- fakeroot
|
||||||
- rubygem-fpm
|
- rubygem-fpm
|
||||||
- rpm
|
- rpm
|
||||||
- libffi-dev
|
- libffi-dev
|
||||||
- reprepro
|
|
||||||
- createrepo
|
|
||||||
pre-cache: &build_pre_cache
|
pre-cache: &build_pre_cache
|
||||||
- export GOCACHE=/cfsetup_build/.cache/go-build
|
- export GOCACHE=/cfsetup_build/.cache/go-build
|
||||||
- go install golang.org/x/tools/cmd/goimports@latest
|
- go install golang.org/x/tools/cmd/goimports@latest
|
||||||
post-cache:
|
post-cache:
|
||||||
# TODO: TUN-8126 this is temporary to make sure packages can be built before release
|
|
||||||
- ./build-packages.sh
|
|
||||||
# Build binary for component test
|
# Build binary for component test
|
||||||
- GOOS=linux GOARCH=amd64 make cloudflared
|
- GOOS=linux GOARCH=amd64 make cloudflared
|
||||||
build-fips:
|
build-linux-fips:
|
||||||
build_dir: *build_dir
|
build_dir: *build_dir
|
||||||
builddeps: *build_deps
|
builddeps: *build_deps
|
||||||
pre-cache: *build_pre_cache
|
pre-cache: *build_pre_cache
|
||||||
post-cache:
|
post-cache:
|
||||||
- export FIPS=true
|
- export FIPS=true
|
||||||
# TODO: TUN-8126 this is temporary to make sure packages can be built before release
|
|
||||||
- ./build-packages-fips.sh
|
|
||||||
# Build binary for component test
|
# Build binary for component test
|
||||||
- GOOS=linux GOARCH=amd64 make cloudflared
|
- GOOS=linux GOARCH=amd64 make cloudflared
|
||||||
cover:
|
cover:
|
||||||
|
@ -39,28 +32,21 @@ buster: &buster
|
||||||
pre-cache: *build_pre_cache
|
pre-cache: *build_pre_cache
|
||||||
post-cache:
|
post-cache:
|
||||||
- make cover
|
- make cover
|
||||||
# except FIPS (handled in github-fips-release-pkgs) and macos (handled in github-release-macos-amd64)
|
# except FIPS and macos
|
||||||
github-release-pkgs:
|
build-linux-release:
|
||||||
build_dir: *build_dir
|
build_dir: *build_dir
|
||||||
builddeps:
|
builddeps: &build_deps_release
|
||||||
- *pinned_go
|
- *pinned_go
|
||||||
- build-essential
|
- build-essential
|
||||||
- fakeroot
|
- fakeroot
|
||||||
- rubygem-fpm
|
- rubygem-fpm
|
||||||
- rpm
|
- rpm
|
||||||
- wget
|
|
||||||
# libmsi and libgcab are libraries the wixl binary depends on.
|
|
||||||
- libmsi-dev
|
|
||||||
- libgcab-dev
|
|
||||||
- python3-dev
|
|
||||||
- libffi-dev
|
- libffi-dev
|
||||||
- python3-setuptools
|
- python3-dev
|
||||||
- python3-pip
|
- python3-pip
|
||||||
- reprepro
|
- python3-setuptools
|
||||||
- createrepo
|
- wget
|
||||||
pre-cache: &github_release_pkgs_pre_cache
|
pre-cache: &build_release_pre_cache
|
||||||
- wget https://github.com/sudarshan-reddy/msitools/releases/download/v0.101b/wixl -P /usr/local/bin
|
|
||||||
- chmod a+x /usr/local/bin/wixl
|
|
||||||
- pip3 install pynacl==1.4.0
|
- pip3 install pynacl==1.4.0
|
||||||
- pip3 install pygithub==1.55
|
- pip3 install pygithub==1.55
|
||||||
- pip3 install boto3==1.22.9
|
- pip3 install boto3==1.22.9
|
||||||
|
@ -68,32 +54,14 @@ buster: &buster
|
||||||
post-cache:
|
post-cache:
|
||||||
# build all packages (except macos and FIPS) and move them to /cfsetup/built_artifacts
|
# build all packages (except macos and FIPS) and move them to /cfsetup/built_artifacts
|
||||||
- ./build-packages.sh
|
- ./build-packages.sh
|
||||||
# release the packages built and moved to /cfsetup/built_artifacts
|
|
||||||
- make github-release-built-pkgs
|
|
||||||
# publish packages to linux repos
|
|
||||||
- make release-pkgs-linux
|
|
||||||
# handle FIPS separately so that we built with gofips compiler
|
# handle FIPS separately so that we built with gofips compiler
|
||||||
github-fips-release-pkgs:
|
build-linux-fips-release:
|
||||||
build_dir: *build_dir
|
build_dir: *build_dir
|
||||||
builddeps:
|
builddeps: *build_deps_release
|
||||||
- *pinned_go
|
pre-cache: *build_release_pre_cache
|
||||||
- build-essential
|
|
||||||
- fakeroot
|
|
||||||
- rubygem-fpm
|
|
||||||
- rpm
|
|
||||||
- wget
|
|
||||||
# libmsi and libgcab are libraries the wixl binary depends on.
|
|
||||||
- libmsi-dev
|
|
||||||
- libgcab-dev
|
|
||||||
- python3-dev
|
|
||||||
- libffi-dev
|
|
||||||
- python3-setuptools
|
|
||||||
- python3-pip
|
|
||||||
pre-cache: *github_release_pkgs_pre_cache
|
|
||||||
post-cache:
|
post-cache:
|
||||||
# same logic as above, but for FIPS packages only
|
# same logic as above, but for FIPS packages only
|
||||||
- ./build-packages-fips.sh
|
- ./build-packages-fips.sh
|
||||||
- make github-release-built-pkgs
|
|
||||||
generate-versions-file:
|
generate-versions-file:
|
||||||
build_dir: *build_dir
|
build_dir: *build_dir
|
||||||
builddeps:
|
builddeps:
|
||||||
|
@ -152,21 +120,7 @@ buster: &buster
|
||||||
- export GOOS=linux
|
- export GOOS=linux
|
||||||
- export GOARCH=arm64
|
- export GOARCH=arm64
|
||||||
- make cloudflared-deb
|
- make cloudflared-deb
|
||||||
github-release-macos-amd64:
|
package-windows:
|
||||||
build_dir: *build_dir
|
|
||||||
builddeps: &build_pygithub
|
|
||||||
- *pinned_go
|
|
||||||
- build-essential
|
|
||||||
- python3-dev
|
|
||||||
- libffi-dev
|
|
||||||
- python3-setuptools
|
|
||||||
- python3-pip
|
|
||||||
pre-cache: &install_pygithub
|
|
||||||
- pip3 install pynacl==1.4.0
|
|
||||||
- pip3 install pygithub==1.55
|
|
||||||
post-cache:
|
|
||||||
- make github-mac-upload
|
|
||||||
github-release-windows:
|
|
||||||
build_dir: *build_dir
|
build_dir: *build_dir
|
||||||
builddeps:
|
builddeps:
|
||||||
- *pinned_go
|
- *pinned_go
|
||||||
|
@ -186,10 +140,16 @@ buster: &buster
|
||||||
- pip3 install pygithub==1.55
|
- pip3 install pygithub==1.55
|
||||||
post-cache:
|
post-cache:
|
||||||
- .teamcity/package-windows.sh
|
- .teamcity/package-windows.sh
|
||||||
- make github-windows-upload
|
|
||||||
test:
|
test:
|
||||||
build_dir: *build_dir
|
build_dir: *build_dir
|
||||||
builddeps: *build_deps
|
builddeps: &build_deps_tests
|
||||||
|
- *pinned_go
|
||||||
|
- build-essential
|
||||||
|
- fakeroot
|
||||||
|
- rubygem-fpm
|
||||||
|
- rpm
|
||||||
|
- libffi-dev
|
||||||
|
- gotest-to-teamcity
|
||||||
pre-cache: *build_pre_cache
|
pre-cache: *build_pre_cache
|
||||||
post-cache:
|
post-cache:
|
||||||
- export GOOS=linux
|
- export GOOS=linux
|
||||||
|
@ -199,7 +159,7 @@ buster: &buster
|
||||||
- make test | gotest-to-teamcity
|
- make test | gotest-to-teamcity
|
||||||
test-fips:
|
test-fips:
|
||||||
build_dir: *build_dir
|
build_dir: *build_dir
|
||||||
builddeps: *build_deps
|
builddeps: *build_deps_tests
|
||||||
pre-cache: *build_pre_cache
|
pre-cache: *build_pre_cache
|
||||||
post-cache:
|
post-cache:
|
||||||
- export GOOS=linux
|
- export GOOS=linux
|
||||||
|
@ -210,7 +170,7 @@ buster: &buster
|
||||||
- make test | gotest-to-teamcity
|
- make test | gotest-to-teamcity
|
||||||
component-test:
|
component-test:
|
||||||
build_dir: *build_dir
|
build_dir: *build_dir
|
||||||
builddeps:
|
builddeps: &build_deps_component_test
|
||||||
- *pinned_go
|
- *pinned_go
|
||||||
- python3.7
|
- python3.7
|
||||||
- python3-pip
|
- python3-pip
|
||||||
|
@ -230,24 +190,48 @@ buster: &buster
|
||||||
- python3 component-tests/setup.py --type cleanup
|
- python3 component-tests/setup.py --type cleanup
|
||||||
component-test-fips:
|
component-test-fips:
|
||||||
build_dir: *build_dir
|
build_dir: *build_dir
|
||||||
builddeps:
|
builddeps: *build_deps_component_test
|
||||||
- *pinned_go
|
|
||||||
- python3.7
|
|
||||||
- python3-pip
|
|
||||||
- python3-setuptools
|
|
||||||
# procps installs the ps command which is needed in test_sysv_service because the init script
|
|
||||||
# uses ps pid to determine if the agent is running
|
|
||||||
- procps
|
|
||||||
pre-cache-copy-paths:
|
pre-cache-copy-paths:
|
||||||
- component-tests/requirements.txt
|
- component-tests/requirements.txt
|
||||||
pre-cache: *component_test_pre_cache
|
pre-cache: *component_test_pre_cache
|
||||||
post-cache: *component_test_post_cache
|
post-cache: *component_test_post_cache
|
||||||
github-message-release:
|
github-release:
|
||||||
build_dir: *build_dir
|
build_dir: *build_dir
|
||||||
builddeps: *build_pygithub
|
builddeps:
|
||||||
pre-cache: *install_pygithub
|
- *pinned_go
|
||||||
|
- build-essential
|
||||||
|
- python3-dev
|
||||||
|
- libffi-dev
|
||||||
|
- python3-setuptools
|
||||||
|
- python3-pip
|
||||||
|
pre-cache:
|
||||||
|
- pip3 install pynacl==1.4.0
|
||||||
|
- pip3 install pygithub==1.55
|
||||||
post-cache:
|
post-cache:
|
||||||
|
- make github-release
|
||||||
- make github-message
|
- make github-message
|
||||||
|
r2-linux-release:
|
||||||
|
build_dir: *build_dir
|
||||||
|
builddeps:
|
||||||
|
- *pinned_go
|
||||||
|
- build-essential
|
||||||
|
- fakeroot
|
||||||
|
- rubygem-fpm
|
||||||
|
- rpm
|
||||||
|
- wget
|
||||||
|
- python3-dev
|
||||||
|
- libffi-dev
|
||||||
|
- python3-setuptools
|
||||||
|
- python3-pip
|
||||||
|
- reprepro
|
||||||
|
- createrepo
|
||||||
|
pre-cache:
|
||||||
|
- pip3 install pynacl==1.4.0
|
||||||
|
- pip3 install pygithub==1.55
|
||||||
|
- pip3 install boto3==1.22.9
|
||||||
|
- pip3 install python-gnupg==0.4.9
|
||||||
|
post-cache:
|
||||||
|
- make r2-linux-release
|
||||||
|
|
||||||
bullseye: *buster
|
bullseye: *buster
|
||||||
bookworm: *buster
|
bookworm: *buster
|
||||||
|
|
|
@ -35,7 +35,13 @@ func RunQuickTunnel(sc *subcommandContext) error {
|
||||||
Timeout: httpTimeout,
|
Timeout: httpTimeout,
|
||||||
}
|
}
|
||||||
|
|
||||||
resp, err := client.Post(fmt.Sprintf("%s/tunnel", sc.c.String("quick-service")), "application/json", nil)
|
req, err := http.NewRequest(http.MethodPost, fmt.Sprintf("%s/tunnel", sc.c.String("quick-service")), nil)
|
||||||
|
if err != nil {
|
||||||
|
return errors.Wrap(err, "failed to build quick tunnel request")
|
||||||
|
}
|
||||||
|
req.Header.Add("Content-Type", "application/json")
|
||||||
|
req.Header.Add("User-Agent", buildInfo.UserAgent())
|
||||||
|
resp, err := client.Do(req)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return errors.Wrap(err, "failed to request quick Tunnel")
|
return errors.Wrap(err, "failed to request quick Tunnel")
|
||||||
}
|
}
|
||||||
|
|
|
@ -12,7 +12,7 @@ import (
|
||||||
// to https://pqtunnels.cloudflareresearch.com.
|
// to https://pqtunnels.cloudflareresearch.com.
|
||||||
|
|
||||||
const (
|
const (
|
||||||
PQKex = tls.CurveID(0xfe31) // X25519Kyber768Draft00
|
PQKex = tls.CurveID(0x6399) // X25519Kyber768Draft00
|
||||||
PQKexName = "X25519Kyber768Draft00"
|
PQKexName = "X25519Kyber768Draft00"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
|
@ -32,7 +32,7 @@ func NewCloudflaredClient(ctx context.Context, stream io.ReadWriteCloser, reques
|
||||||
return nil, fmt.Errorf("expect to write %d bytes for RPC stream protocol signature, wrote %d", len(rpcStreamProtocolSignature), n)
|
return nil, fmt.Errorf("expect to write %d bytes for RPC stream protocol signature, wrote %d", len(rpcStreamProtocolSignature), n)
|
||||||
}
|
}
|
||||||
transport := tunnelrpc.SafeTransport(stream)
|
transport := tunnelrpc.SafeTransport(stream)
|
||||||
conn := rpc.NewConn(transport)
|
conn := tunnelrpc.NewClientConn(transport)
|
||||||
client := pogs.NewCloudflaredServer_PogsClient(conn.Bootstrap(ctx), conn)
|
client := pogs.NewCloudflaredServer_PogsClient(conn.Bootstrap(ctx), conn)
|
||||||
return &CloudflaredClient{
|
return &CloudflaredClient{
|
||||||
client: client,
|
client: client,
|
||||||
|
|
|
@ -6,8 +6,6 @@ import (
|
||||||
"io"
|
"io"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"zombiezen.com/go/capnproto2/rpc"
|
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/tunnelrpc"
|
"github.com/cloudflare/cloudflared/tunnelrpc"
|
||||||
"github.com/cloudflare/cloudflared/tunnelrpc/pogs"
|
"github.com/cloudflare/cloudflared/tunnelrpc/pogs"
|
||||||
)
|
)
|
||||||
|
@ -58,7 +56,7 @@ func (s *CloudflaredServer) handleRPC(ctx context.Context, stream io.ReadWriteCl
|
||||||
defer transport.Close()
|
defer transport.Close()
|
||||||
|
|
||||||
main := pogs.CloudflaredServer_ServerToClient(s.sessionManager, s.configManager)
|
main := pogs.CloudflaredServer_ServerToClient(s.sessionManager, s.configManager)
|
||||||
rpcConn := rpc.NewConn(transport, rpc.MainInterface(main.Client))
|
rpcConn := tunnelrpc.NewServerConn(transport, main.Client)
|
||||||
defer rpcConn.Close()
|
defer rpcConn.Close()
|
||||||
|
|
||||||
// We ignore the errors here because if cloudflared fails to handle a request, we will just move on.
|
// We ignore the errors here because if cloudflared fails to handle a request, we will just move on.
|
||||||
|
|
|
@ -31,7 +31,7 @@ func NewSessionClient(ctx context.Context, stream io.ReadWriteCloser, requestTim
|
||||||
return nil, fmt.Errorf("expect to write %d bytes for RPC stream protocol signature, wrote %d", len(rpcStreamProtocolSignature), n)
|
return nil, fmt.Errorf("expect to write %d bytes for RPC stream protocol signature, wrote %d", len(rpcStreamProtocolSignature), n)
|
||||||
}
|
}
|
||||||
transport := tunnelrpc.SafeTransport(stream)
|
transport := tunnelrpc.SafeTransport(stream)
|
||||||
conn := rpc.NewConn(transport)
|
conn := tunnelrpc.NewClientConn(transport)
|
||||||
return &SessionClient{
|
return &SessionClient{
|
||||||
client: pogs.NewSessionManager_PogsClient(conn.Bootstrap(ctx), conn),
|
client: pogs.NewSessionManager_PogsClient(conn.Bootstrap(ctx), conn),
|
||||||
transport: transport,
|
transport: transport,
|
||||||
|
|
|
@ -6,8 +6,6 @@ import (
|
||||||
"io"
|
"io"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"zombiezen.com/go/capnproto2/rpc"
|
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/tunnelrpc"
|
"github.com/cloudflare/cloudflared/tunnelrpc"
|
||||||
"github.com/cloudflare/cloudflared/tunnelrpc/pogs"
|
"github.com/cloudflare/cloudflared/tunnelrpc/pogs"
|
||||||
)
|
)
|
||||||
|
@ -48,7 +46,7 @@ func (s *SessionManagerServer) Serve(ctx context.Context, stream io.ReadWriteClo
|
||||||
defer transport.Close()
|
defer transport.Close()
|
||||||
|
|
||||||
main := pogs.SessionManager_ServerToClient(s.sessionManager)
|
main := pogs.SessionManager_ServerToClient(s.sessionManager)
|
||||||
rpcConn := rpc.NewConn(transport, rpc.MainInterface(main.Client))
|
rpcConn := tunnelrpc.NewServerConn(transport, main.Client)
|
||||||
defer rpcConn.Close()
|
defer rpcConn.Close()
|
||||||
|
|
||||||
select {
|
select {
|
||||||
|
|
|
@ -35,7 +35,7 @@ type registrationClient struct {
|
||||||
|
|
||||||
func NewRegistrationClient(ctx context.Context, stream io.ReadWriteCloser, requestTimeout time.Duration) RegistrationClient {
|
func NewRegistrationClient(ctx context.Context, stream io.ReadWriteCloser, requestTimeout time.Duration) RegistrationClient {
|
||||||
transport := SafeTransport(stream)
|
transport := SafeTransport(stream)
|
||||||
conn := rpc.NewConn(transport)
|
conn := NewClientConn(transport)
|
||||||
client := pogs.NewRegistrationServer_PogsClient(conn.Bootstrap(ctx), conn)
|
client := pogs.NewRegistrationServer_PogsClient(conn.Bootstrap(ctx), conn)
|
||||||
return ®istrationClient{
|
return ®istrationClient{
|
||||||
client: client,
|
client: client,
|
||||||
|
|
|
@ -4,8 +4,6 @@ import (
|
||||||
"context"
|
"context"
|
||||||
"io"
|
"io"
|
||||||
|
|
||||||
"zombiezen.com/go/capnproto2/rpc"
|
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/tunnelrpc/pogs"
|
"github.com/cloudflare/cloudflared/tunnelrpc/pogs"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -28,8 +26,7 @@ func (s *RegistrationServer) Serve(ctx context.Context, stream io.ReadWriteClose
|
||||||
defer transport.Close()
|
defer transport.Close()
|
||||||
|
|
||||||
main := pogs.RegistrationServer_ServerToClient(s.registrationServer)
|
main := pogs.RegistrationServer_ServerToClient(s.registrationServer)
|
||||||
rpcConn := rpc.NewConn(transport, rpc.MainInterface(main.Client))
|
rpcConn := NewServerConn(transport, main.Client)
|
||||||
defer rpcConn.Close()
|
|
||||||
|
|
||||||
select {
|
select {
|
||||||
case <-rpcConn.Done():
|
case <-rpcConn.Done():
|
||||||
|
|
|
@ -1,10 +1,12 @@
|
||||||
package tunnelrpc
|
package tunnelrpc
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"context"
|
||||||
"io"
|
"io"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/pkg/errors"
|
"github.com/pkg/errors"
|
||||||
|
capnp "zombiezen.com/go/capnproto2"
|
||||||
"zombiezen.com/go/capnproto2/rpc"
|
"zombiezen.com/go/capnproto2/rpc"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -67,3 +69,21 @@ func isTemporaryError(e error) bool {
|
||||||
t, ok := e.(temp)
|
t, ok := e.(temp)
|
||||||
return ok && t.Temporary()
|
return ok && t.Temporary()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// NoopCapnpLogger provides a logger to discard all capnp rpc internal logging messages as
|
||||||
|
// they are by default provided to stdout if no logger interface is provided. These logging
|
||||||
|
// messages in cloudflared have typically not provided a high amount of pratical value
|
||||||
|
// as the messages are extremely verbose and don't provide a good insight into the message
|
||||||
|
// contents or rpc method names.
|
||||||
|
type noopCapnpLogger struct{}
|
||||||
|
|
||||||
|
func (noopCapnpLogger) Infof(ctx context.Context, format string, args ...interface{}) {}
|
||||||
|
func (noopCapnpLogger) Errorf(ctx context.Context, format string, args ...interface{}) {}
|
||||||
|
|
||||||
|
func NewClientConn(transport rpc.Transport) *rpc.Conn {
|
||||||
|
return rpc.NewConn(transport, rpc.ConnLog(noopCapnpLogger{}))
|
||||||
|
}
|
||||||
|
|
||||||
|
func NewServerConn(transport rpc.Transport, client capnp.Client) *rpc.Conn {
|
||||||
|
return rpc.NewConn(transport, rpc.MainInterface(client), rpc.ConnLog(noopCapnpLogger{}))
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in New Issue