curben
/
cloudflared-mirror
mirror of https://github.com/cloudflare/cloudflared.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge branch 'cloudflare:master' into tunnel-health

This commit is contained in:
Mads Jon Nielsen 2024-08-22 07:39:56 +02:00 committed by GitHub
parent bec84aeb7b 394d3546bf
commit 72f8ecc521
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
9 changed files with 94 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
.teamcity/package-windows.sh vendored
View File

@ -3,14 +3,17 @@ echo $VERSION
export TARGET_OS=windows export TARGET_OS=windows
# This controls the directory the built artifacts go into # This controls the directory the built artifacts go into
export ARTIFACT_DIR=built_artifacts/ export BUILT_ARTIFACT_DIR=built_artifacts/
mkdir -p $ARTIFACT_DIR export FINAL_ARTIFACT_DIR=artifacts/
mkdir -p $BUILT_ARTIFACT_DIR
mkdir -p $FINAL_ARTIFACT_DIR
windowsArchs=("amd64" "386") windowsArchs=("amd64" "386")
for arch in ${windowsArchs[@]}; do for arch in ${windowsArchs[@]}; do
export TARGET_ARCH=$arch export TARGET_ARCH=$arch
# Copy exe into final directory # Copy exe into final directory
cp $ARTIFACT_DIR/cloudflared-windows-$arch.exe ./cloudflared.exe cp $BUILT_ARTIFACT_DIR/cloudflared-windows-$arch.exe ./cloudflared.exe
make cloudflared-msi make cloudflared-msi
# Copy msi into final directory # Copy msi into final directory
mv cloudflared-$VERSION-$arch.msi $ARTIFACT_DIR/cloudflared-windows-$arch.msi mv cloudflared-$VERSION-$arch.msi $FINAL_ARTIFACT_DIR/cloudflared-windows-$arch.msi
cp $BUILT_ARTIFACT_DIR/cloudflared-windows-$arch.exe $FINAL_ARTIFACT_DIR/cloudflared-windows-$arch.exe
done done

4
Makefile
View File

@ -218,6 +218,10 @@ cloudflared-pkg: cloudflared cloudflared.1
cloudflared-msi: cloudflared-msi:
wixl --define Version=$(VERSION) --define Path=$(EXECUTABLE_PATH) --output cloudflared-$(VERSION)-$(TARGET_ARCH).msi cloudflared.wxs wixl --define Version=$(VERSION) --define Path=$(EXECUTABLE_PATH) --output cloudflared-$(VERSION)-$(TARGET_ARCH).msi cloudflared.wxs
.PHONY: github-release-dryrun
github-release-dryrun:
python3 github_release.py --path $(PWD)/built_artifacts --release-version $(VERSION) --dry-run
.PHONY: github-release .PHONY: github-release
github-release: github-release:
python3 github_release.py --path $(PWD)/built_artifacts --release-version $(VERSION) python3 github_release.py --path $(PWD)/built_artifacts --release-version $(VERSION)

4
RELEASE_NOTES
View File

@ -1,3 +1,7 @@
2024.8.2
- 2024-08-05 TUN-8583: change final directory of artifacts
- 2024-08-05 TUN-8585: Avoid creating GH client when dry-run is true
2024.7.3 2024.7.3
- 2024-07-31 TUN-8546: Fix final artifacts paths - 2024-07-31 TUN-8546: Fix final artifacts paths

2
build-packages-fips.sh
View File

@ -3,7 +3,7 @@ VERSION=$(git describe --tags --always --match "[0-9][0-9][0-9][0-9].*.*")
echo $VERSION echo $VERSION
# This controls the directory the built artifacts go into # This controls the directory the built artifacts go into
export ARTIFACT_DIR=built_artifacts/ export ARTIFACT_DIR=artifacts/
mkdir -p $ARTIFACT_DIR mkdir -p $ARTIFACT_DIR
arch=("amd64") arch=("amd64")

2
build-packages.sh
View File

@ -7,7 +7,7 @@ export GOEXPERIMENT=noboringcrypto
export CGO_ENABLED=0 export CGO_ENABLED=0
# This controls the directory the built artifacts go into # This controls the directory the built artifacts go into
export ARTIFACT_DIR=built_artifacts/ export ARTIFACT_DIR=artifacts/
mkdir -p $ARTIFACT_DIR mkdir -p $ARTIFACT_DIR
linuxArchs=("386" "amd64" "arm" "armhf" "arm64") linuxArchs=("386" "amd64" "arm" "armhf" "arm64")

15
cfsetup.yaml
View File

@ -195,6 +195,20 @@ buster: &buster
- component-tests/requirements.txt - component-tests/requirements.txt
pre-cache: *component_test_pre_cache pre-cache: *component_test_pre_cache
post-cache: *component_test_post_cache post-cache: *component_test_post_cache
github-release-dryrun:
build_dir: *build_dir
builddeps:
- *pinned_go
- build-essential
- python3-dev
- libffi-dev
- python3-setuptools
- python3-pip
pre-cache:
- pip3 install pynacl==1.4.0
- pip3 install pygithub==1.55
post-cache:
- make github-release-dryrun
github-release: github-release:
build_dir: *build_dir build_dir: *build_dir
builddeps: builddeps:
@ -209,7 +223,6 @@ buster: &buster
- pip3 install pygithub==1.55 - pip3 install pygithub==1.55
post-cache: post-cache:
- make github-release - make github-release
- make github-message
r2-linux-release: r2-linux-release:
build_dir: *build_dir build_dir: *build_dir
builddeps: builddeps:

48
cmd/cloudflared/access/cmd.go
View File

@ -26,6 +26,7 @@ import (
) )
const ( const (
appURLFlag = "app"
loginQuietFlag = "quiet" loginQuietFlag = "quiet"
sshHostnameFlag = "hostname" sshHostnameFlag = "hostname"
sshDestinationFlag = "destination" sshDestinationFlag = "destination"
@ -83,9 +84,10 @@ func Commands() []*cli.Command {
applications from the command line.`, applications from the command line.`,
Subcommands: []*cli.Command{ Subcommands: []*cli.Command{
{ {
Name: "login", Name: "login",
Action: cliutil.Action(login), Action: cliutil.Action(login),
Usage: "login <url of access application>", Usage: "login <url of access application>",
ArgsUsage: "url of Access application",
Description: `The login subcommand initiates an authentication flow with your identity provider. Description: `The login subcommand initiates an authentication flow with your identity provider.
The subcommand will launch a browser. For headless systems, a url is provided. The subcommand will launch a browser. For headless systems, a url is provided.
Once authenticated with your identity provider, the login command will generate a JSON Web Token (JWT) Once authenticated with your identity provider, the login command will generate a JSON Web Token (JWT)
@ -97,6 +99,13 @@ func Commands() []*cli.Command {
Aliases: []string{"q"}, Aliases: []string{"q"},
Usage: "do not print the jwt to the command line", Usage: "do not print the jwt to the command line",
}, },
&cli.BoolFlag{
Name: "no-verbose",
Usage: "print only the jwt to stdout",
},
&cli.StringFlag{
Name: appURLFlag,
},
}, },
}, },
{ {
@ -111,12 +120,12 @@ func Commands() []*cli.Command {
{ {
Name: "token", Name: "token",
Action: cliutil.Action(generateToken), Action: cliutil.Action(generateToken),
Usage: "token -app=<url of access application>", Usage: "token <url of access application>",
ArgsUsage: "url of Access application", ArgsUsage: "url of Access application",
Description: `The token subcommand produces a JWT which can be used to authenticate requests.`, Description: `The token subcommand produces a JWT which can be used to authenticate requests.`,
Flags: []cli.Flag{ Flags: []cli.Flag{
&cli.StringFlag{ &cli.StringFlag{
Name: "app", Name: appURLFlag,
}, },
}, },
}, },
@ -232,9 +241,8 @@ func login(c *cli.Context) error {
log := logger.CreateLoggerFromContext(c, logger.EnableTerminalLog) log := logger.CreateLoggerFromContext(c, logger.EnableTerminalLog)
args := c.Args() appURL, err := getAppURLFromArgs(c)
appURL, err := parseURL(args.First()) if err != nil {
if args.Len() < 1 || err != nil {
log.Error().Msg("Please provide the url of the Access application") log.Error().Msg("Please provide the url of the Access application")
return err return err
} }
@ -261,7 +269,14 @@ func login(c *cli.Context) error {
if c.Bool(loginQuietFlag) { if c.Bool(loginQuietFlag) {
return nil return nil
} }
fmt.Fprintf(os.Stdout, "Successfully fetched your token:\n\n%s\n\n", cfdToken)
// Chatty by default for backward compat. The new --app flag
// is an implicit opt-out of the backwards-compatible chatty output.
if c.Bool("no-verbose") || c.IsSet(appURLFlag) {
fmt.Fprint(os.Stdout, cfdToken)
} else {
fmt.Fprintf(os.Stdout, "Successfully fetched your token:\n\n%s\n\n", cfdToken)
}
return nil return nil
} }
@ -340,6 +355,17 @@ func run(cmd string, args ...string) error {
return c.Run() return c.Run()
} }
func getAppURLFromArgs(c *cli.Context) (*url.URL, error) {
var appURLStr string
args := c.Args()
if args.Len() < 1 {
appURLStr = c.String(appURLFlag)
} else {
appURLStr = args.First()
}
return parseURL(appURLStr)
}
// token dumps provided token to stdout // token dumps provided token to stdout
func generateToken(c *cli.Context) error { func generateToken(c *cli.Context) error {
err := sentry.Init(sentry.ClientOptions{ err := sentry.Init(sentry.ClientOptions{
@ -349,8 +375,8 @@ func generateToken(c *cli.Context) error {
if err != nil { if err != nil {
return err return err
} }
appURL, err := parseURL(c.String("app")) appURL, err := getAppURLFromArgs(c)
if err != nil || c.NumFlags() < 1 { if err != nil {
fmt.Fprintln(os.Stderr, "Please provide a url.") fmt.Fprintln(os.Stderr, "Please provide a url.")
return err return err
} }

39
github_release.py
View File

@ -17,7 +17,7 @@ import re
from github import Github, GithubException, UnknownObjectException from github import Github, GithubException, UnknownObjectException
FORMAT = "%(levelname)s - %(asctime)s: %(message)s" FORMAT = "%(levelname)s - %(asctime)s: %(message)s"
logging.basicConfig(format=FORMAT) logging.basicConfig(format=FORMAT, level=logging.INFO)
CLOUDFLARED_REPO = os.environ.get("GITHUB_REPO", "cloudflare/cloudflared") CLOUDFLARED_REPO = os.environ.get("GITHUB_REPO", "cloudflare/cloudflared")
GITHUB_CONFLICT_CODE = "already_exists" GITHUB_CONFLICT_CODE = "already_exists"
@ -214,24 +214,33 @@ def main():
""" Attempts to upload Asset to Github Release. Creates Release if it doesn't exist """ """ Attempts to upload Asset to Github Release. Creates Release if it doesn't exist """
try: try:
args = parse_args() args = parse_args()
client = Github(args.api_key)
repo = client.get_repo(CLOUDFLARED_REPO)
release = get_or_create_release(repo, args.release_version, args.dry_run)
if args.dry_run: if args.dry_run:
logging.info("Skipping asset upload because of dry-run") if os.path.isdir(args.path):
onlyfiles = [f for f in listdir(args.path) if isfile(join(args.path, f))]
for filename in onlyfiles:
binary_path = os.path.join(args.path, filename)
logging.info("binary: " + binary_path)
elif os.path.isfile(args.path):
logging.info("binary: " + binary_path)
else:
logging.error("dryrun failed")
return return
if os.path.isdir(args.path):
onlyfiles = [f for f in listdir(args.path) if isfile(join(args.path, f))]
for filename in onlyfiles:
binary_path = os.path.join(args.path, filename)
upload_asset(release, binary_path, filename, args.release_version, args.kv_account_id, args.namespace_id,
args.kv_api_token)
move_asset(binary_path, filename)
else: else:
upload_asset(release, args.path, args.name, args.release_version, args.kv_account_id, args.namespace_id, client = Github(args.api_key)
args.kv_api_token) repo = client.get_repo(CLOUDFLARED_REPO)
release = get_or_create_release(repo, args.release_version, args.dry_run)
if os.path.isdir(args.path):
onlyfiles = [f for f in listdir(args.path) if isfile(join(args.path, f))]
for filename in onlyfiles:
binary_path = os.path.join(args.path, filename)
upload_asset(release, binary_path, filename, args.release_version, args.kv_account_id, args.namespace_id,
args.kv_api_token)
move_asset(binary_path, filename)
else:
upload_asset(release, args.path, args.name, args.release_version, args.kv_account_id, args.namespace_id,
args.kv_api_token)
except Exception as e: except Exception as e:
logging.exception(e) logging.exception(e)

2
management/middleware_test.go
View File

@ -52,13 +52,11 @@ func testRequest(t *testing.T, ts *httptest.Server, method, path string, body io
req, err := http.NewRequest(method, ts.URL+path, body) req, err := http.NewRequest(method, ts.URL+path, body)
if err != nil { if err != nil {
t.Fatal(err) t.Fatal(err)
return nil, nil
} }
resp, err := ts.Client().Do(req) resp, err := ts.Client().Do(req)
if err != nil { if err != nil {
t.Fatal(err) t.Fatal(err)
return nil, nil
} }
var claims managementErrorResponse var claims managementErrorResponse
err = json.NewDecoder(resp.Body).Decode(&claims) err = json.NewDecoder(resp.Body).Decode(&claims)