Commit Graph

100 Commits

Author SHA1 Message Date
Luis Neto 14cf0eff1d TUN-8795: update createrepo to createrepo_c to fix the release_pkgs.py script
## Summary
The default-flavour of cfsetup changed from bullseye to bookworm and in the latter the createrepo package was renamed to createrepo_c.

Closes TUN-8795
2024-12-10 08:07:02 -08:00
Luis Neto 12d878531c TUN-8789: make python package installation consistent
## Summary

The previous changes regarding python's distribution which broke CI the installation of python packages.

Python packages in cfsetup are now installed via virtual environment. The dependency python3-venv was added as builddep to allow the creation of venv and the python packages installation was moved to the post-cache resulting in the removal of 

* anchor build_release_pre_cache
* anchor component_test_pre_cache

Closes TUN-8789
2024-12-09 08:52:48 -08:00
Joe Groocock dfbccd917c TUN-8781: Add Trixie, drop Buster. Default to Bookworm
Closes TUN-8781
2024-12-06 05:04:16 -08:00
lneto d29017fac9 TUN-8553: Bump go to 1.22.5 and go-boring 1.22.5-1
update docker files with go1.22.5
update windows scripts with go1.22.5
2024-11-04 01:25:49 -08:00
lneto b03ea055b0 TUN-8581: create dry run for github release 2024-08-01 17:42:59 +01:00
lneto ae7f7fa7e8 TUN-8546: remove call to non existant make target 2024-08-01 10:06:23 +00:00
lneto 47733ba25e TUN-8523: refactor makefile and cfsetup
- remove unused targets in Makefile
- order deps in cfsetup.yaml
- only build cloudflared not all linux targets
- rename stages to be more explicit
- adjust build deps of build-linux-release
- adjust build deps of build-linux-fips-release
- rename github_release_pkgs_pre_cache to build_release_pre_cache
- only build release release artifacts within build-linux-release
- only build release release artifacts within build-linux-fips-release
- remove github-release-macos
- remove github-release-windows
- adjust builddeps of test and test-fips
- create builddeps anchor for component-test and use it in component-test-fips
- remove wixl from build-linux-*
- rename release-pkgs-linux to r2-linux-release
- add github-release: artifacts uplooad and set release message
- clean build directory before build
- add step to package windows binaries
- refactor windows script
One of TeamCity changes is moving the artifacts to the built artifacts, hence, there is no need to cp files from artifacts to built_artifacts
- create anchor for release builds
- create anchor for tests stages
- remove reprepro and createrepo as they are only called by release_pkgs.py
2024-07-15 12:56:43 +01:00
João "Pisco" Fernandes 66efd3f2bb TUN-8407: Upgrade go to version 1.22.2 2024-05-07 16:58:57 +01:00
João "Pisco" Fernandes 8d9aab5217 TUN-8140: Remove homebrew scripts
## Summary
We have decided to no longer push cloudflared to cloudflare homebrew, and use
the automation from homebrew-core to update cloudflared on their repository.
Therefore, the scripts for homebrew and makefile targets are no longer necessary.
2024-01-11 11:34:33 +00:00
chungthuang cf5be91d2d TUN-8129: Use the same build command between branch and release builds 2024-01-09 17:07:49 +00:00
Chung-Ting 12dd91ada1 TUN-8052: Update go to 1.21.5
Also update golang.org/x/net and google.golang.org/grpc to fix vulnerabilities,
although cloudflared is using them in a way that is not exposed to those risks
2023-12-15 12:17:21 +00:00
Devin Carr 65247b6f0f TUN-7584: Bump go 1.20.6
Pins all docker and cfsetup builds to a specific go patch version.
Also ran go fix on repo.
2023-07-26 13:52:40 -07:00
Devin Carr 0096f2613c TUN-7587: Remove junos builds 2023-07-20 18:29:33 +00:00
Devin Carr 2084a123c2 TUN-7594: Add nightly arm64 cloudflared internal deb publishes 2023-07-17 15:04:17 -07:00
Sudarsan Reddy 58b27a1ccf TUN-7447: Add a cover build to report code coverage 2023-05-31 14:59:05 +01:00
Devin Carr c7f343a3b4 TUN-7390: Remove Debian stretch builds 2023-04-25 21:44:08 +00:00
Devin Carr 04367b0f63 TUN-7357: Bump to go 1.19.6 2023-04-07 18:35:06 +00:00
Devin Carr 515ad7cbee TUN-6917: Bump go to 1.19.3 2022-11-07 09:19:19 -08:00
Sudarsan Reddy 442af9ee38 TUN-6869: Fix Makefile complaining about missing GO packages
cloudflared's Makefile uses `shell go env GOOS` to determine the
LOCAL_OS regardless of it being provided. We therefore need pinned_go as
a dependency to run docker-generate-versions.
2022-10-18 13:49:19 +01:00
Sudarsan Reddy e89bceca5e TUN-6825: Fix cloudflared:version images require arch hyphens
Once we introduced multi arch docker images, pinning cloudflared
versions required suffixing -(arm64/amd64) to the cloudflared:version
image tag. This change should fix that by adding specific versions to
the cloudflare docker build cycle
2022-10-04 15:48:58 +00:00
Sudarsan Reddy 5b30925773 TUN-6755: Remove unused publish functions
We no longer need the functions that publish deb and rpm to the old
pkg.cloudflare.com backed since we now send them to R2.
2022-09-30 10:28:28 +01:00
Devin Carr d7fb18be22 TUN-6810: Add component test for post-quantum 2022-09-29 09:22:43 -07:00
Nuno Diegues 0aa21f302e TUN-6792: Fix brew core release by not auditing the formula 2022-09-22 11:58:17 +01:00
Devin Carr b0f0741a9b TUN-6590: Use Windows Teamcity agent to build binary 2022-09-21 19:34:36 +00:00
Devin Carr 013bdbd10c TUN-6718: Bump go and go-boring 1.18.6 2022-09-19 15:18:59 +00:00
cthuang a65f8bce7f TUN-6749: Fix icmp_generic build 2022-09-09 16:14:07 +01:00
Opeyemi Onikute 88235356d5 EDGEPLAT-3918: bump go and go-boring to 1.18.5 2022-08-12 10:46:16 +01:00
Sudarsan Reddy 046a30e3c7 TUN-6637: Upgrade go version and quic-go 2022-08-08 15:49:10 +01:00
Opeyemi Onikute 7a9207a6e1 EDGEPLAT-3918: build cloudflared for Bookworm
Adds bookworm to cfsetup.yaml
2022-08-05 08:11:11 +00:00
Sudarsan Reddy 337591b2bb TUN-6414: Remove go-sumtype from cloudflared build process
This PR removes go-sumtype from cloudflared's build processes.

The value we see from analysing exhaustive match patterns in go is minimal (we can do this in code reviews) compared to using a tool that is unmaintained and (now broken) in Go 1.18.

We'd already been using the patched version here: https://github.com/sudarshan-reddy/go-sumtype because the original is broken for go tools > 1.16
2022-06-17 09:23:44 +01:00
Igor Postelnik 7bc2462e36 TUN-6282: Upgrade golang to 1.17.10, go-boring to 1.17.9 2022-05-25 16:26:09 +00:00
Sudarsan Reddy 92f647d45c TUN-6285: Upload pkg assets to repos when cloudflared is released.
This effectively means that during every release going forwards, we'll
have assets for the linux releases and distros that we want to support.
2022-05-25 14:31:05 +01:00
Sudarsan Reddy 32739e9f98 TUN-6209: Improve feedback process if release_pkgs to deb and rpm fail
This PR mostly raises exceptions so we are aware if release deb or
release pkgs fail. It also makes release_version optional if backup pkgs
are not needed.
2022-05-24 13:20:17 +01:00
Sudarsan Reddy 7ce2bb8b2f TUN-6270: Import gpg keys from environment variables
We now keep the gpg key inputs configurable. This PR imports base64
encoded gpg details into the build environment and uses this information
to sign the linux builds.
2022-05-23 14:51:26 +01:00
Sudarsan Reddy 4b6437cc60 TUN-5943: Add RPM support
This PR extends release_pkgs.py to now also support uploading rpm based
assets to R2. The packages are not signed yet  and will be done in a
subsequent PR.

This PR
- Packs the .rpm assets into relevant directories
- Calls createrepo on them to make them yum repo ready
- Uploads them to R2
2022-05-12 16:41:51 +00:00
Nuno Diegues 8fd6074d67 TUN-5958: Fix release to homebrew core 2022-03-28 07:59:49 +00:00
Piper McCorkle 4836216a9b TUN-5895 run brew bump-formula-pr on release 2022-03-22 19:45:25 +00:00
cthuang 0292727a95 TUN-5650: Fix pynacl version to 1.4.0 and pygithub version to 1.55 so release doesn't break unexpectedly 2022-01-13 11:34:13 +00:00
cthuang ef3152f334 TUN-5631: Build everything with go 1.17.5 2022-01-10 12:34:04 +00:00
Nuno Diegues ead93e9f26 TUN-5551: Internally published debian artifacts are now named just cloudflared even though they are FIPS compliant
This way we will force the adoption of FIPS compliant cloudflared without having
to handle the transition for systems that already have it installed (since we
were previously using new artifacts with fips suffix)  nor without having to
segregate the resulting binary name (since we were always generating a binary
just called cloudflared from the unpacked debian archive to avoid having to change
any automation that assumes the binary to be called just that).
2022-01-05 08:24:58 +00:00
Nuno Diegues 01ad2785ee TUN-5551: Change internally published debian package to be FIPS compliant
This changes existing Makefile targets to make it obvious that they are
used to publish debian packages for internal Cloudflare usage. Those are
now FIPS compliant, with no alternative provided. This only affects amd64
builds (and we only publish internally for Linux).

This new Makefile target is used by all internal builds (including nightly
that is used for e2e tests).

Note that this Makefile target renames the artifact to be just `cloudflared`
so that this is used "as is" internally, without expecting people to opt-in
to the new `cloudflared-fips` package (as we are giving them no alternative).
2021-12-28 19:01:03 +00:00
Nuno Diegues 70e675f42c TUN-5551: Reintroduce FIPS compliance for linux amd64 now as separate binaries
This is a cherry-pick of 157f5d1412
followed by build/CI changes so that amd64/linux FIPS compliance is
provided by new/separate binaries/artifacts/packages.

The reasoning being that FIPS compliance places excessive requirements
in the encryption algorithms used for regular users that do not care
about that. This can cause cloudflared to reject HTTPS origins that
would otherwise be accepted without FIPS checks.

This way, by having separate binaries, existing ones remain as they
were, and only FIPS-needy users will opt-in to the new FIPS binaries.
2021-12-20 21:50:42 +00:00
Nuno Diegues 2dc5f6ec8c TUN-5549: Revert "TUN-5277: Ensure cloudflared binary is FIPS compliant on linux amd64"
This reverts commit 157f5d1412.

FIPS compliant binaries (for linux/amd64) are causing HTTPS origins to not
be reachable by cloudflared in certain cases (e.g. with Let's Encrypt certificates).

Origins that are not HTTPS for cloudflared are not affected.
2021-12-16 00:29:01 +00:00
Nuno Diegues 157f5d1412 TUN-5277: Ensure cloudflared binary is FIPS compliant on linux amd64 2021-11-10 21:27:25 +00:00
Nuno Diegues 794635fb54 TUN-5397: Log cloudflared output when it fails to connect tunnel 2021-11-10 10:34:34 +00:00
Nuno Diegues d9636c73b4 TUN-5257: Fix more cfsetup targets that were broken by recent package changes 2021-10-14 16:47:34 +01:00
Nuno Diegues 997f2cf612 TUN-5250: Add missing packages for cfsetup to succeed in github release pkgs target 2021-10-14 08:56:21 +00:00
Nuno Diegues c51879b17f TUN-5003: Fix cfsetup for non-FIPS golang version 2021-08-27 19:14:22 +01:00
Sudarsan Reddy 414cb12f02 TUN-4961: Update quic-go to latest
- Updates fips-go to be the latest on cfsetup.yaml
- Updates sumtype's x/tools to be latest to avoid Internal: nil pkg
  errors with fips.
2021-08-27 12:26:00 +01:00
Sudarsan Reddy b8333b44a2 TUN-4795: Remove Equinox releases 2021-08-05 08:24:36 +00:00