diff --git a/.drone.yml b/.drone.yml index a5b16a91b6efc..c342976a76b78 100644 --- a/.drone.yml +++ b/.drone.yml @@ -1,6 +1,6 @@ --- kind: pipeline -type: kubernetes +type: docker name: update-docs-webhook trigger: @@ -30,7 +30,7 @@ steps: ################################################ # Generated using dronegen, do not edit by hand! # Use 'make dronegen' to update. -# Generated at dronegen/push.go:104 +# Generated at dronegen/push.go:103 ################################################ kind: pipeline @@ -62,11 +62,13 @@ steps: - name: Check out code image: docker:git commands: - - mkdir -p /go/src/github.com/gravitational/teleport /go/cache - - cd /go/src/github.com/gravitational/teleport - - git init && git remote add origin ${DRONE_REMOTE_URL} + - mkdir -pv "/go/src/github.com/gravitational/teleport" + - cd "/go/src/github.com/gravitational/teleport" + - git init + - git remote add origin ${DRONE_REMOTE_URL} - git fetch origin - - git checkout -qf ${DRONE_COMMIT_SHA} + - git checkout -qf "${DRONE_COMMIT_SHA}" + - mkdir -p /go/cache - git submodule update --init webassets || true - mkdir -m 0700 /root/.ssh && echo "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa && chmod 600 /root/.ssh/id_rsa @@ -133,7 +135,7 @@ volumes: ################################################ # Generated using dronegen, do not edit by hand! # Use 'make dronegen' to update. -# Generated at dronegen/push.go:104 +# Generated at dronegen/push.go:103 ################################################ kind: pipeline @@ -165,11 +167,13 @@ steps: - name: Check out code image: docker:git commands: - - mkdir -p /go/src/github.com/gravitational/teleport /go/cache - - cd /go/src/github.com/gravitational/teleport - - git init && git remote add origin ${DRONE_REMOTE_URL} + - mkdir -pv "/go/src/github.com/gravitational/teleport" + - cd "/go/src/github.com/gravitational/teleport" + - git init + - git remote add origin ${DRONE_REMOTE_URL} - git fetch origin - - git checkout -qf ${DRONE_COMMIT_SHA} + - git checkout -qf "${DRONE_COMMIT_SHA}" + - mkdir -p /go/cache - git submodule update --init webassets || true - mkdir -m 0700 /root/.ssh && echo "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa && chmod 600 /root/.ssh/id_rsa @@ -236,7 +240,7 @@ volumes: ################################################ # Generated using dronegen, do not edit by hand! # Use 'make dronegen' to update. -# Generated at dronegen/push.go:104 +# Generated at dronegen/push.go:103 ################################################ kind: pipeline @@ -268,11 +272,13 @@ steps: - name: Check out code image: docker:git commands: - - mkdir -p /go/src/github.com/gravitational/teleport /go/cache - - cd /go/src/github.com/gravitational/teleport - - git init && git remote add origin ${DRONE_REMOTE_URL} + - mkdir -pv "/go/src/github.com/gravitational/teleport" + - cd "/go/src/github.com/gravitational/teleport" + - git init + - git remote add origin ${DRONE_REMOTE_URL} - git fetch origin - - git checkout -qf ${DRONE_COMMIT_SHA} + - git checkout -qf "${DRONE_COMMIT_SHA}" + - mkdir -p /go/cache - git submodule update --init webassets || true - mkdir -m 0700 /root/.ssh && echo "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa && chmod 600 /root/.ssh/id_rsa @@ -343,7 +349,7 @@ volumes: ################################################ # Generated using dronegen, do not edit by hand! # Use 'make dronegen' to update. -# Generated at dronegen/push.go:104 +# Generated at dronegen/push.go:103 ################################################ kind: pipeline @@ -375,11 +381,13 @@ steps: - name: Check out code image: docker:git commands: - - mkdir -p /go/src/github.com/gravitational/teleport /go/cache - - cd /go/src/github.com/gravitational/teleport - - git init && git remote add origin ${DRONE_REMOTE_URL} + - mkdir -pv "/go/src/github.com/gravitational/teleport" + - cd "/go/src/github.com/gravitational/teleport" + - git init + - git remote add origin ${DRONE_REMOTE_URL} - git fetch origin - - git checkout -qf ${DRONE_COMMIT_SHA} + - git checkout -qf "${DRONE_COMMIT_SHA}" + - mkdir -p /go/cache - git submodule update --init webassets || true - mkdir -m 0700 /root/.ssh && echo "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa && chmod 600 /root/.ssh/id_rsa @@ -631,7 +639,7 @@ steps: ################################################ # Generated using dronegen, do not edit by hand! # Use 'make dronegen' to update. -# Generated at dronegen/push.go:104 +# Generated at dronegen/push.go:103 ################################################ kind: pipeline @@ -663,11 +671,13 @@ steps: - name: Check out code image: docker:git commands: - - mkdir -p /go/src/github.com/gravitational/teleport /go/cache - - cd /go/src/github.com/gravitational/teleport - - git init && git remote add origin ${DRONE_REMOTE_URL} + - mkdir -pv "/go/src/github.com/gravitational/teleport" + - cd "/go/src/github.com/gravitational/teleport" + - git init + - git remote add origin ${DRONE_REMOTE_URL} - git fetch origin - - git checkout -qf ${DRONE_COMMIT_SHA} + - git checkout -qf "${DRONE_COMMIT_SHA}" + - mkdir -p /go/cache - git submodule update --init webassets || true - mkdir -m 0700 /root/.ssh && echo "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa && chmod 600 /root/.ssh/id_rsa @@ -734,7 +744,7 @@ volumes: ################################################ # Generated using dronegen, do not edit by hand! # Use 'make dronegen' to update. -# Generated at dronegen/push.go:104 +# Generated at dronegen/push.go:103 ################################################ kind: pipeline @@ -766,11 +776,13 @@ steps: - name: Check out code image: docker:git commands: - - mkdir -p /go/src/github.com/gravitational/teleport /go/cache - - cd /go/src/github.com/gravitational/teleport - - git init && git remote add origin ${DRONE_REMOTE_URL} + - mkdir -pv "/go/src/github.com/gravitational/teleport" + - cd "/go/src/github.com/gravitational/teleport" + - git init + - git remote add origin ${DRONE_REMOTE_URL} - git fetch origin - - git checkout -qf ${DRONE_COMMIT_SHA} + - git checkout -qf "${DRONE_COMMIT_SHA}" + - mkdir -p /go/cache - git submodule update --init webassets || true - mkdir -m 0700 /root/.ssh && echo "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa && chmod 600 /root/.ssh/id_rsa @@ -835,451 +847,7 @@ volumes: --- kind: pipeline -type: kubernetes -name: teleport-docker-cron - -trigger: - cron: - - teleport-docker-cron - repo: - include: - - gravitational/teleport - -workspace: - path: /go - -clone: - disable: false - -steps: - - name: Set up variables and Dockerfile - image: docker:git - environment: - # increment these variables when a new major/minor version is released to bump the automatic builds - # this only needs to be done on the master branch, as that's the branch that the Drone cron is configured for - # build major version images which are just teleport:x - CURRENT_VERSION_ROOT: v10 - PREVIOUS_VERSION_ONE_ROOT: v9 - PREVIOUS_VERSION_TWO_ROOT: v8 - commands: - - apk --update --no-cache add curl go - - mkdir -p /go/build && cd /go/build - # CURRENT_VERSION - - (cd /go/build.assets/tooling && go run ./cmd/query-latest $CURRENT_VERSION_ROOT > /go/build/CURRENT_VERSION_TAG.txt) - - echo "$(cat /go/build/CURRENT_VERSION_TAG.txt | cut -d. -f1 | tr -d '^v')" > /go/build/CURRENT_VERSION_TAG_GENERIC.txt - # PREVIOUS_VERSION_ONE - - (cd /go/build.assets/tooling && go run ./cmd/query-latest $PREVIOUS_VERSION_ONE_ROOT > /go/build/PREVIOUS_VERSION_ONE_TAG.txt) - - echo "$(cat /go/build/PREVIOUS_VERSION_ONE_TAG.txt | cut -d. -f1 | tr -d '^v')" > /go/build/PREVIOUS_VERSION_ONE_TAG_GENERIC.txt - # PREVIOUS_VERSION_TWO - - (cd /go/build.assets/tooling && go run ./cmd/query-latest $PREVIOUS_VERSION_TWO_ROOT > /go/build/PREVIOUS_VERSION_TWO_TAG.txt) - - echo "$(cat /go/build/PREVIOUS_VERSION_TWO_TAG.txt | cut -d. -f1 | tr -d '^v')" > /go/build/PREVIOUS_VERSION_TWO_TAG_GENERIC.txt - # list versions - - for FILE in /go/build/*.txt; do echo $FILE; cat $FILE; done - # get Dockerfiles - - curl -Ls -o /go/build/Dockerfile-cron https://raw.githubusercontent.com/gravitational/teleport/${DRONE_SOURCE_BRANCH:-master}/build.assets/Dockerfile-cron - - curl -Ls -o /go/build/Dockerfile-cron-v8 https://raw.githubusercontent.com/gravitational/teleport/${DRONE_SOURCE_BRANCH:-master}/build.assets/Dockerfile-cron-v8 - - # wait for Docker to be ready - - sleep 3 - - - name: Build and push Teleport containers (CURRENT_VERSION) - image: docker - environment: - OS: linux - ARCH: amd64 - QUAY_USERNAME: - from_secret: PRODUCTION_QUAYIO_DOCKER_USERNAME - QUAY_PASSWORD: - from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD - volumes: - - name: dockersock - path: /var/run - commands: - - export VERSION_TAG=$(cat /go/build/CURRENT_VERSION_TAG.txt) - - export OSS_IMAGE_NAME="quay.io/gravitational/teleport:$(cat /go/build/CURRENT_VERSION_TAG_GENERIC.txt)" - - export ENT_IMAGE_NAME="quay.io/gravitational/teleport-ent:$(cat /go/build/CURRENT_VERSION_TAG_GENERIC.txt)" - - export ENT_FIPS_IMAGE_NAME="quay.io/gravitational/teleport-ent:$(cat /go/build/CURRENT_VERSION_TAG_GENERIC.txt)-fips" - - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" quay.io - # OSS - - docker build --target teleport --build-arg DOWNLOAD_TYPE=teleport --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $OSS_IMAGE_NAME -f /go/build/Dockerfile-cron /go/build - - docker push $OSS_IMAGE_NAME - # Enterprise - - docker build --target teleport --build-arg DOWNLOAD_TYPE=teleport-ent --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $ENT_IMAGE_NAME -f /go/build/Dockerfile-cron /go/build - - docker push $ENT_IMAGE_NAME - # Enterprise FIPS - - docker build --target teleport-fips --build-arg DOWNLOAD_TYPE=teleport-ent --build-arg EXTRA_DOWNLOAD_ARGS="-fips" --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $ENT_FIPS_IMAGE_NAME -f /go/build/Dockerfile-cron /go/build - - docker push $ENT_FIPS_IMAGE_NAME - - - name: Build and push Teleport containers (PREVIOUS_VERSION_ONE) - image: docker - environment: - OS: linux - ARCH: amd64 - QUAY_USERNAME: - from_secret: PRODUCTION_QUAYIO_DOCKER_USERNAME - QUAY_PASSWORD: - from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD - volumes: - - name: dockersock - path: /var/run - commands: - - export VERSION_TAG=$(cat /go/build/PREVIOUS_VERSION_ONE_TAG.txt) - - export OSS_IMAGE_NAME="quay.io/gravitational/teleport:$(cat /go/build/PREVIOUS_VERSION_ONE_TAG_GENERIC.txt)" - - export ENT_IMAGE_NAME="quay.io/gravitational/teleport-ent:$(cat /go/build/PREVIOUS_VERSION_ONE_TAG_GENERIC.txt)" - - export ENT_FIPS_IMAGE_NAME="quay.io/gravitational/teleport-ent:$(cat /go/build/PREVIOUS_VERSION_ONE_TAG_GENERIC.txt)-fips" - - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" quay.io - # OSS - - docker build --target teleport --build-arg DOWNLOAD_TYPE=teleport --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $OSS_IMAGE_NAME -f /go/build/Dockerfile-cron /go/build - - docker push $OSS_IMAGE_NAME - # Enterprise - - docker build --target teleport --build-arg DOWNLOAD_TYPE=teleport-ent --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $ENT_IMAGE_NAME -f /go/build/Dockerfile-cron /go/build - - docker push $ENT_IMAGE_NAME - # Enterprise FIPS - - docker build --target teleport-fips --build-arg DOWNLOAD_TYPE=teleport-ent --build-arg EXTRA_DOWNLOAD_ARGS="-fips" --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $ENT_FIPS_IMAGE_NAME -f /go/build/Dockerfile-cron /go/build - - docker push $ENT_FIPS_IMAGE_NAME - - - name: Build and push Teleport containers (PREVIOUS_VERSION_TWO) - image: docker - environment: - OS: linux - ARCH: amd64 - QUAY_USERNAME: - from_secret: PRODUCTION_QUAYIO_DOCKER_USERNAME - QUAY_PASSWORD: - from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD - volumes: - - name: dockersock - path: /var/run - commands: - - export VERSION_TAG=$(cat /go/build/PREVIOUS_VERSION_TWO_TAG.txt) - - export OSS_IMAGE_NAME="quay.io/gravitational/teleport:$(cat /go/build/PREVIOUS_VERSION_TWO_TAG_GENERIC.txt)" - - export ENT_IMAGE_NAME="quay.io/gravitational/teleport-ent:$(cat /go/build/PREVIOUS_VERSION_TWO_TAG_GENERIC.txt)" - - export ENT_FIPS_IMAGE_NAME="quay.io/gravitational/teleport-ent:$(cat /go/build/PREVIOUS_VERSION_TWO_TAG_GENERIC.txt)-fips" - - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" quay.io - # OSS - # TODO(logand22): Remove v8 when Teleport 11 is released - - docker build --target teleport --build-arg DOWNLOAD_TYPE=teleport --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $OSS_IMAGE_NAME -f /go/build/Dockerfile-cron-v8 /go/build - - docker push $OSS_IMAGE_NAME - # Enterprise - # TODO(logand22): Remove v8 when Teleport 11 is released - - docker build --target teleport --build-arg DOWNLOAD_TYPE=teleport-ent --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $ENT_IMAGE_NAME -f /go/build/Dockerfile-cron-v8 /go/build - - docker push $ENT_IMAGE_NAME - # Enterprise FIPS - # TODO(logand22): Remove v8 when Teleport 11 is released - - docker build --target teleport-fips --build-arg DOWNLOAD_TYPE=teleport-ent --build-arg EXTRA_DOWNLOAD_ARGS="-fips" --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $ENT_FIPS_IMAGE_NAME -f /go/build/Dockerfile-cron-v8 /go/build - - docker push $ENT_FIPS_IMAGE_NAME - - - name: Build/push Teleport Lab Docker image - image: docker:git - environment: - OS: linux - ARCH: amd64 - settings: - username: - from_secret: PRODUCTION_QUAYIO_DOCKER_USERNAME - password: - from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD - volumes: - - name: dockersock - path: /var/run - commands: - - export TELEPORT_TAG=$(cat /go/build/CURRENT_VERSION_TAG.txt | tr -d '^v') - - export TELEPORT_LAB_IMAGE_NAME="quay.io/gravitational/teleport-lab:$(cat /go/build/CURRENT_VERSION_TAG_GENERIC.txt)" - # Check out code - - mkdir -p /go/src/github.com/gravitational/teleport - - cd /go/src/github.com/gravitational/teleport - - git init && git remote add origin ${DRONE_REMOTE_URL} - - git fetch origin - - git checkout -qf ${DRONE_COMMIT_SHA} - # Build and push Teleport lab image - - docker login -u="$PLUGIN_USERNAME" -p="$PLUGIN_PASSWORD" quay.io - - docker build --build-arg TELEPORT_TAG=$TELEPORT_TAG -t $TELEPORT_LAB_IMAGE_NAME /go/src/github.com/gravitational/teleport/docker/sshd - - docker push $TELEPORT_LAB_IMAGE_NAME - -services: - - name: Start Docker - image: docker:dind - privileged: true - volumes: - - name: dockersock - path: /var/run - -volumes: - - name: dockersock - temp: {} - ---- -kind: pipeline -type: kubernetes -name: teleport-docker-cron-ecr - -trigger: - cron: - - teleport-docker-cron-ecr - repo: - include: - - gravitational/teleport - -workspace: - path: /go - -clone: - disable: false - -steps: - - name: Set up variables and Dockerfile - image: docker:git - environment: - # increment these variables when a new major/minor version is released to bump the automatic builds - # this only needs to be done on the master branch, as that's the branch that the Drone cron is configured for - # build major version images which are just teleport:x - CURRENT_VERSION_ROOT: v10 - PREVIOUS_VERSION_ONE_ROOT: v9 - PREVIOUS_VERSION_TWO_ROOT: v8 - commands: - - apk --update --no-cache add curl go - - mkdir -p /go/build && cd /go/build - # CURRENT_VERSION - - (cd /go/build.assets/tooling && go run ./cmd/query-latest $CURRENT_VERSION_ROOT > /go/build/CURRENT_VERSION_TAG.txt) - - echo "$(cat /go/build/CURRENT_VERSION_TAG.txt | cut -d. -f1 | tr -d '^v')" > /go/build/CURRENT_VERSION_TAG_GENERIC.txt - # PREVIOUS_VERSION_ONE - - (cd /go/build.assets/tooling && go run ./cmd/query-latest $PREVIOUS_VERSION_ONE_ROOT > /go/build/PREVIOUS_VERSION_ONE_TAG.txt) - - echo "$(cat /go/build/PREVIOUS_VERSION_ONE_TAG.txt | cut -d. -f1 | tr -d '^v')" > /go/build/PREVIOUS_VERSION_ONE_TAG_GENERIC.txt - # PREVIOUS_VERSION_TWO - - (cd /go/build.assets/tooling && go run ./cmd/query-latest $PREVIOUS_VERSION_TWO_ROOT > /go/build/PREVIOUS_VERSION_TWO_TAG.txt) - - echo "$(cat /go/build/PREVIOUS_VERSION_TWO_TAG.txt | cut -d. -f1 | tr -d '^v')" > /go/build/PREVIOUS_VERSION_TWO_TAG_GENERIC.txt - # list versions - - for FILE in /go/build/*.txt; do echo $FILE; cat $FILE; done - # get Dockerfiles - - curl -Ls -o /go/build/Dockerfile-cron https://raw.githubusercontent.com/gravitational/teleport/${DRONE_SOURCE_BRANCH:-master}/build.assets/Dockerfile-cron - - curl -Ls -o /go/build/Dockerfile-cron-v8 https://raw.githubusercontent.com/gravitational/teleport/${DRONE_SOURCE_BRANCH:-master}/build.assets/Dockerfile-cron-v8 - # wait for Docker to be ready - - sleep 3 - - - name: Build and push Teleport containers (CURRENT_VERSION) - image: docker - environment: - OS: linux - ARCH: amd64 - STAGING_AWS_ACCESS_KEY_ID: - from_secret: STAGING_TELEPORT_DRONE_USER_ECR_KEY - STAGING_AWS_SECRET_ACCESS_KEY: - from_secret: STAGING_TELEPORT_DRONE_USER_ECR_SECRET - PROD_AWS_ACCESS_KEY_ID: - from_secret: PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY - PROD_AWS_SECRET_ACCESS_KEY: - from_secret: PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET - volumes: - - name: dockersock - path: /var/run - commands: - - apk add --no-cache aws-cli - - export VERSION_TAG=$(cat /go/build/CURRENT_VERSION_TAG.txt) - - export CURRENT_DATE=$(date '+%Y%m%d%H%M') - # Staging image names - - export OSS_IMAGE_NAME_STAGE="146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat /go/build/CURRENT_VERSION_TAG_GENERIC.txt)-$CURRENT_DATE" - - export ENT_IMAGE_NAME_STAGE="146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat /go/build/CURRENT_VERSION_TAG_GENERIC.txt)-$CURRENT_DATE" - - export ENT_FIPS_IMAGE_NAME_STAGE="146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat /go/build/CURRENT_VERSION_TAG_GENERIC.txt)-fips-$CURRENT_DATE" - # Production image names - - export OSS_IMAGE_NAME_PROD="public.ecr.aws/gravitational/teleport:$(cat /go/build/CURRENT_VERSION_TAG_GENERIC.txt)" - - export ENT_IMAGE_NAME_PROD="public.ecr.aws/gravitational/teleport-ent:$(cat /go/build/CURRENT_VERSION_TAG_GENERIC.txt)" - - export ENT_FIPS_IMAGE_NAME_PROD="public.ecr.aws/gravitational/teleport-ent:$(cat /go/build/CURRENT_VERSION_TAG_GENERIC.txt)-fips" - # Authenticate to staging registry - - export AWS_ACCESS_KEY_ID="$STAGING_AWS_ACCESS_KEY_ID" - - export AWS_SECRET_ACCESS_KEY="$STAGING_AWS_SECRET_ACCESS_KEY" - - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com - # OSS - - docker build --target teleport --build-arg DOWNLOAD_TYPE=teleport --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $OSS_IMAGE_NAME_STAGE -f /go/build/Dockerfile-cron /go/build - - docker push $OSS_IMAGE_NAME_STAGE - # Enterprise - - docker build --target teleport --build-arg DOWNLOAD_TYPE=teleport-ent --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $ENT_IMAGE_NAME_STAGE -f /go/build/Dockerfile-cron /go/build - - docker push $ENT_IMAGE_NAME_STAGE - # Enterprise FIPS - - docker build --target teleport-fips --build-arg DOWNLOAD_TYPE=teleport-ent --build-arg EXTRA_DOWNLOAD_ARGS="-fips" --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $ENT_FIPS_IMAGE_NAME_STAGE -f /go/build/Dockerfile-cron /go/build - - docker push $ENT_FIPS_IMAGE_NAME_STAGE - # Authenticate to production registry - - docker logout 146628656107.dkr.ecr.us-west-2.amazonaws.com - - export AWS_ACCESS_KEY_ID="$PROD_AWS_ACCESS_KEY_ID" - - export AWS_SECRET_ACCESS_KEY="$PROD_AWS_SECRET_ACCESS_KEY" - - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws - # Retag images - - docker tag $OSS_IMAGE_NAME_STAGE $OSS_IMAGE_NAME_PROD - - docker tag $ENT_IMAGE_NAME_STAGE $ENT_IMAGE_NAME_PROD - - docker tag $ENT_FIPS_IMAGE_NAME_STAGE $ENT_FIPS_IMAGE_NAME_PROD - # Promote to production registry - - docker push $ENT_IMAGE_NAME_PROD - - docker push $OSS_IMAGE_NAME_PROD - - docker push $ENT_FIPS_IMAGE_NAME_PROD - - - name: Build and push Teleport containers (PREVIOUS_VERSION_ONE) - image: docker - environment: - OS: linux - ARCH: amd64 - STAGING_AWS_ACCESS_KEY_ID: - from_secret: STAGING_TELEPORT_DRONE_USER_ECR_KEY - STAGING_AWS_SECRET_ACCESS_KEY: - from_secret: STAGING_TELEPORT_DRONE_USER_ECR_SECRET - PROD_AWS_ACCESS_KEY_ID: - from_secret: PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY - PROD_AWS_SECRET_ACCESS_KEY: - from_secret: PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET - volumes: - - name: dockersock - path: /var/run - commands: - - apk add --no-cache aws-cli - - export VERSION_TAG=$(cat /go/build/PREVIOUS_VERSION_ONE_TAG.txt) - - export CURRENT_DATE=$(date '+%Y%m%d%H%M') - # Staging image names - - export OSS_IMAGE_NAME_STAGE="146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat /go/build/PREVIOUS_VERSION_ONE_TAG_GENERIC.txt)-$CURRENT_DATE" - - export ENT_IMAGE_NAME_STAGE="146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat /go/build/PREVIOUS_VERSION_ONE_TAG_GENERIC.txt)-$CURRENT_DATE" - - export ENT_FIPS_IMAGE_NAME_STAGE="146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat /go/build/PREVIOUS_VERSION_ONE_TAG_GENERIC.txt)-fips-$CURRENT_DATE" - # Production image names - - export OSS_IMAGE_NAME_PROD="public.ecr.aws/gravitational/teleport:$(cat /go/build/PREVIOUS_VERSION_ONE_TAG_GENERIC.txt)" - - export ENT_IMAGE_NAME_PROD="public.ecr.aws/gravitational/teleport-ent:$(cat /go/build/PREVIOUS_VERSION_ONE_TAG_GENERIC.txt)" - - export ENT_FIPS_IMAGE_NAME_PROD="public.ecr.aws/gravitational/teleport-ent:$(cat /go/build/PREVIOUS_VERSION_ONE_TAG_GENERIC.txt)-fips" - # Authenticate to staging registry - - export AWS_ACCESS_KEY_ID="$STAGING_AWS_ACCESS_KEY_ID" - - export AWS_SECRET_ACCESS_KEY="$STAGING_AWS_SECRET_ACCESS_KEY" - - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com - # OSS - - docker build --target teleport --build-arg DOWNLOAD_TYPE=teleport --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $OSS_IMAGE_NAME_STAGE -f /go/build/Dockerfile-cron /go/build - - docker push $OSS_IMAGE_NAME_STAGE - # Enterprise - - docker build --target teleport --build-arg DOWNLOAD_TYPE=teleport-ent --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $ENT_IMAGE_NAME_STAGE -f /go/build/Dockerfile-cron /go/build - - docker push $ENT_IMAGE_NAME_STAGE - # Enterprise FIPS - - docker build --target teleport-fips --build-arg DOWNLOAD_TYPE=teleport-ent --build-arg EXTRA_DOWNLOAD_ARGS="-fips" --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $ENT_FIPS_IMAGE_NAME_STAGE -f /go/build/Dockerfile-cron /go/build - - docker push $ENT_FIPS_IMAGE_NAME_STAGE - # Authenticate to production registry - - docker logout 146628656107.dkr.ecr.us-west-2.amazonaws.com - - export AWS_ACCESS_KEY_ID="$PROD_AWS_ACCESS_KEY_ID" - - export AWS_SECRET_ACCESS_KEY="$PROD_AWS_SECRET_ACCESS_KEY" - - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws - # Retag images - - docker tag $OSS_IMAGE_NAME_STAGE $OSS_IMAGE_NAME_PROD - - docker tag $ENT_IMAGE_NAME_STAGE $ENT_IMAGE_NAME_PROD - - docker tag $ENT_FIPS_IMAGE_NAME_STAGE $ENT_FIPS_IMAGE_NAME_PROD - # Promote to production registry - - docker push $ENT_IMAGE_NAME_PROD - - docker push $OSS_IMAGE_NAME_PROD - - docker push $ENT_FIPS_IMAGE_NAME_PROD - - - name: Build and push Teleport containers (PREVIOUS_VERSION_TWO) - image: docker - environment: - OS: linux - ARCH: amd64 - STAGING_AWS_ACCESS_KEY_ID: - from_secret: STAGING_TELEPORT_DRONE_USER_ECR_KEY - STAGING_AWS_SECRET_ACCESS_KEY: - from_secret: STAGING_TELEPORT_DRONE_USER_ECR_SECRET - PROD_AWS_ACCESS_KEY_ID: - from_secret: PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY - PROD_AWS_SECRET_ACCESS_KEY: - from_secret: PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET - volumes: - - name: dockersock - path: /var/run - commands: - - apk add --no-cache aws-cli - - export CURRENT_DATE=$(date '+%Y%m%d%H%M') - - export VERSION_TAG=$(cat /go/build/PREVIOUS_VERSION_TWO_TAG.txt) - # Staging image names - - export OSS_IMAGE_NAME_STAGE="146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$(cat /go/build/PREVIOUS_VERSION_TWO_TAG_GENERIC.txt)-$CURRENT_DATE" - - export ENT_IMAGE_NAME_STAGE="146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat /go/build/PREVIOUS_VERSION_TWO_TAG_GENERIC.txt)-$CURRENT_DATE" - - export ENT_FIPS_IMAGE_NAME_STAGE="146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$(cat /go/build/PREVIOUS_VERSION_TWO_TAG_GENERIC.txt)-fips-$CURRENT_DATE" - # Production image names - - export OSS_IMAGE_NAME_PROD="public.ecr.aws/gravitational/teleport:$(cat /go/build/PREVIOUS_VERSION_TWO_TAG_GENERIC.txt)" - - export ENT_IMAGE_NAME_PROD="public.ecr.aws/gravitational/teleport-ent:$(cat /go/build/PREVIOUS_VERSION_TWO_TAG_GENERIC.txt)" - - export ENT_FIPS_IMAGE_NAME_PROD="public.ecr.aws/gravitational/teleport-ent:$(cat /go/build/PREVIOUS_VERSION_TWO_TAG_GENERIC.txt)-fips" - # Authenticate to staging registry - - export AWS_ACCESS_KEY_ID="$STAGING_AWS_ACCESS_KEY_ID" - - export AWS_SECRET_ACCESS_KEY="$STAGING_AWS_SECRET_ACCESS_KEY" - - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com - # OSS - - docker build --target teleport --build-arg DOWNLOAD_TYPE=teleport --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $OSS_IMAGE_NAME_STAGE -f /go/build/Dockerfile-cron-v8 /go/build - - docker push $OSS_IMAGE_NAME_STAGE - # Enterprise - - docker build --target teleport --build-arg DOWNLOAD_TYPE=teleport-ent --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $ENT_IMAGE_NAME_STAGE -f /go/build/Dockerfile-cron-v8 /go/build - - docker push $ENT_IMAGE_NAME_STAGE - # Enterprise FIPS - - docker build --target teleport-fips --build-arg DOWNLOAD_TYPE=teleport-ent --build-arg EXTRA_DOWNLOAD_ARGS="-fips" --build-arg VERSION_TAG=$VERSION_TAG --build-arg OS=$OS --build-arg ARCH=$ARCH -t $ENT_FIPS_IMAGE_NAME_STAGE -f /go/build/Dockerfile-cron-v8 /go/build - - docker push $ENT_FIPS_IMAGE_NAME_STAGE - # Authenticate to production registry - - docker logout 146628656107.dkr.ecr.us-west-2.amazonaws.com - - export AWS_ACCESS_KEY_ID="$PROD_AWS_ACCESS_KEY_ID" - - export AWS_SECRET_ACCESS_KEY="$PROD_AWS_SECRET_ACCESS_KEY" - - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws - # Retag images - - docker tag $OSS_IMAGE_NAME_STAGE $OSS_IMAGE_NAME_PROD - - docker tag $ENT_IMAGE_NAME_STAGE $ENT_IMAGE_NAME_PROD - - docker tag $ENT_FIPS_IMAGE_NAME_STAGE $ENT_FIPS_IMAGE_NAME_PROD - # Promote to production registry - - docker push $ENT_IMAGE_NAME_PROD - - docker push $OSS_IMAGE_NAME_PROD - - docker push $ENT_FIPS_IMAGE_NAME_PROD - - - name: Build/push Teleport Lab Docker image - image: docker:git - environment: - OS: linux - ARCH: amd64 - STAGING_AWS_ACCESS_KEY_ID: - from_secret: STAGING_TELEPORT_DRONE_USER_ECR_KEY - STAGING_AWS_SECRET_ACCESS_KEY: - from_secret: STAGING_TELEPORT_DRONE_USER_ECR_SECRET - PROD_AWS_ACCESS_KEY_ID: - from_secret: PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY - PROD_AWS_SECRET_ACCESS_KEY: - from_secret: PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET - volumes: - - name: dockersock - path: /var/run - commands: - - apk add --no-cache aws-cli - - export CURRENT_DATE=$(date '+%Y%m%d%H%M') - - export TELEPORT_TAG=$(cat /go/build/CURRENT_VERSION_TAG.txt | tr -d '^v') - - export TELEPORT_LAB_IMAGE_NAME_STAGING="146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-lab:$(cat /go/build/CURRENT_VERSION_TAG_GENERIC.txt)-$CURRENT_DATE" - - export TELEPORT_LAB_IMAGE_NAME_PROD="public.ecr.aws/gravitational/teleport-lab:$(cat /go/build/CURRENT_VERSION_TAG_GENERIC.txt)" - # Check out code - - mkdir -p /go/src/github.com/gravitational/teleport - - cd /go/src/github.com/gravitational/teleport - - git init && git remote add origin ${DRONE_REMOTE_URL} - - git fetch origin - - git checkout -qf ${DRONE_COMMIT_SHA} - # Authenticate to staging registry - - export AWS_ACCESS_KEY_ID="$STAGING_AWS_ACCESS_KEY_ID" - - export AWS_SECRET_ACCESS_KEY="$STAGING_AWS_SECRET_ACCESS_KEY" - - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com - # Build and push image - - docker build --build-arg TELEPORT_TAG=$TELEPORT_TAG -t $TELEPORT_LAB_IMAGE_NAME_STAGING /go/src/github.com/gravitational/teleport/docker/sshd - - docker push $TELEPORT_LAB_IMAGE_NAME_STAGING - # Authenticate to production registry - - docker logout 146628656107.dkr.ecr.us-west-2.amazonaws.com - - export AWS_ACCESS_KEY_ID="$PROD_AWS_ACCESS_KEY_ID" - - export AWS_SECRET_ACCESS_KEY="$PROD_AWS_SECRET_ACCESS_KEY" - - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws - # Push to production registry - - docker tag $TELEPORT_LAB_IMAGE_NAME_STAGING $TELEPORT_LAB_IMAGE_NAME_PROD - - docker push $TELEPORT_LAB_IMAGE_NAME_PROD - -services: - - name: Start Docker - image: docker:dind - privileged: true - volumes: - - name: dockersock - path: /var/run - -volumes: - - name: dockersock - temp: {} - ---- -kind: pipeline -type: kubernetes +type: docker name: teleport-helm-cron trigger: @@ -5018,119 +4586,7 @@ volumes: --- kind: pipeline -type: kubernetes -name: build-docker-images - -environment: - BUILDBOX_VERSION: "teleport11" - RUNTIME: go1.17.9 - -trigger: - event: - - tag - ref: - include: - - refs/tags/v* - repo: - include: - - gravitational/* - -workspace: - path: /go - -clone: - disable: true - -steps: - - name: Check out code - image: docker:git - environment: - GITHUB_PRIVATE_KEY: - from_secret: GITHUB_PRIVATE_KEY - GOCACHE: /go/cache - commands: - - mkdir -p /go/src/github.com/gravitational/teleport - - cd /go/src/github.com/gravitational/teleport - - git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git . - - git checkout ${DRONE_TAG:-$DRONE_COMMIT} - # fetch enterprise submodules - - mkdir -m 0700 /root/.ssh && echo -n "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa && chmod 600 /root/.ssh/id_rsa - - ssh-keyscan -H github.com > /root/.ssh/known_hosts 2>/dev/null && chmod 600 /root/.ssh/known_hosts - - git submodule update --init e - # this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule - - git submodule update --init --recursive webassets || true - - rm -f /root/.ssh/id_rsa - # create necessary directories - - mkdir -p /go/artifacts $GOCACHE - # set version - - if [[ "${DRONE_TAG}" != "" ]]; then echo "${DRONE_TAG##v}" > /go/.version.txt; else egrep ^VERSION Makefile | cut -d= -f2 > /go/.version.txt; fi; cat /go/.version.txt - - - name: Build/push OSS/Enterprise Docker images - image: docker - environment: - UID: 1000 - GID: 1000 - GOCACHE: /go/cache - GOPATH: /go - OS: linux - ARCH: amd64 - AWS_ACCESS_KEY_ID: - from_secret: STAGING_TELEPORT_DRONE_USER_ECR_KEY - AWS_SECRET_ACCESS_KEY: - from_secret: STAGING_TELEPORT_DRONE_USER_ECR_SECRET - volumes: - - name: dockersock - path: /var/run - commands: - - apk add --no-cache make bash aws-cli - - chown -R $UID:$GID /go - - aws ecr get-login-password --region us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com - - cd /go/src/github.com/gravitational/teleport - - make image-ci publish-ci - - make publish-operator-ci - - - name: Build/push FIPS Docker image - image: docker - environment: - UID: 1000 - GID: 1000 - GOCACHE: /go/cache - GOPATH: /go - OS: linux - ARCH: amd64 - AWS_ACCESS_KEY_ID: - from_secret: STAGING_TELEPORT_DRONE_USER_ECR_KEY - AWS_SECRET_ACCESS_KEY: - from_secret: STAGING_TELEPORT_DRONE_USER_ECR_SECRET - volumes: - - name: dockersock - path: /var/run - commands: - - apk add --no-cache make aws-cli - - chown -R $UID:$GID /go - - aws ecr get-login-password --region us-west-2 | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com - - cd /go/src/github.com/gravitational/teleport - # VERSION needs to be set manually when running in the e directory. - # Normally, the version is set and exported by the root Makefile and then inherited, - # but this is not the case for FIPS builds (which only run in e/Makefile) - - export VERSION=$(cat /go/.version.txt) - - make -C e image-fips-ci publish-fips-ci - -services: - - name: Start Docker - image: docker:dind - privileged: true - volumes: - - name: dockersock - path: /var/run - -volumes: - - name: dockersock - temp: {} - ---- -kind: pipeline -type: kubernetes +type: docker name: build-oss-amis trigger: @@ -5231,7 +4687,7 @@ volumes: --- kind: pipeline -type: kubernetes +type: docker name: build-ent-amis trigger: @@ -5439,7 +4895,7 @@ volumes: ################################################ # Generated using dronegen, do not edit by hand! # Use 'make dronegen' to update. -# Generated at dronegen/os_repos.go:270 +# Generated at dronegen/os_repos.go:259 ################################################ kind: pipeline @@ -5467,7 +4923,7 @@ steps: ################################################ # Generated using dronegen, do not edit by hand! # Use 'make dronegen' to update. -# Generated at dronegen/os_repos.go:294 +# Generated at dronegen/os_repos.go:283 ################################################ kind: pipeline @@ -5493,19 +4949,27 @@ steps: commands: - '[ -n ${DRONE_TAG} ] || (echo ''DRONE_TAG is not set. Is the commit tagged?'' && exit 1)' +- name: Check if tag is prerelease + image: golang:1.18-alpine + commands: + - mkdir -pv "/tmp/repo" + - cd "/tmp/repo" + - git init + - git remote add origin ${DRONE_REMOTE_URL} + - git fetch origin + - git checkout -qf "${DRONE_TAG}" + - cd "/tmp/repo/build.assets/tooling" + - go run ./cmd/check -tag ${DRONE_TAG} -check prerelease || (echo '---> This is + a prerelease, not continuing promotion for ${DRONE_TAG}' && exit 78) - name: Check out code image: alpine/git:latest commands: - - mkdir -p "/go/src/github.com/gravitational/teleport" + - mkdir -pv "/go/src/github.com/gravitational/teleport" - cd "/go/src/github.com/gravitational/teleport" - - git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git . - - git checkout "${DRONE_TAG}" -- name: Check if tag is prerelease - image: golang:1.17-alpine - commands: - - cd "/go/src/github.com/gravitational/teleport/build.assets/tooling" - - go run ./cmd/check -tag ${DRONE_TAG} -check prerelease || (echo '---> This is - a prerelease, not publishing ${DRONE_TAG} packages to APT repos' && exit 78) + - git init + - git remote add origin ${DRONE_REMOTE_URL} + - git fetch origin + - git checkout -qf "${DRONE_TAG}" - name: Download artifacts for "${DRONE_TAG}" image: amazon/aws-cli commands: @@ -5523,8 +4987,8 @@ steps: from_secret: AWS_SECRET_ACCESS_KEY depends_on: - Verify build is tagged - - Check out code - Check if tag is prerelease + - Check out code - name: Publish debs to APT repos for "${DRONE_TAG}" image: golang:1.18.4-bullseye commands: @@ -5562,8 +5026,8 @@ steps: depends_on: - Download artifacts for "${DRONE_TAG}" - Verify build is tagged - - Check out code - Check if tag is prerelease + - Check out code volumes: - name: apt-persistence claim: @@ -5576,7 +5040,7 @@ volumes: ################################################ # Generated using dronegen, do not edit by hand! # Use 'make dronegen' to update. -# Generated at dronegen/os_repos.go:270 +# Generated at dronegen/os_repos.go:259 ################################################ kind: pipeline @@ -5604,7 +5068,7 @@ steps: ################################################ # Generated using dronegen, do not edit by hand! # Use 'make dronegen' to update. -# Generated at dronegen/os_repos.go:294 +# Generated at dronegen/os_repos.go:283 ################################################ kind: pipeline @@ -5630,19 +5094,27 @@ steps: commands: - '[ -n ${DRONE_TAG} ] || (echo ''DRONE_TAG is not set. Is the commit tagged?'' && exit 1)' +- name: Check if tag is prerelease + image: golang:1.18-alpine + commands: + - mkdir -pv "/tmp/repo" + - cd "/tmp/repo" + - git init + - git remote add origin ${DRONE_REMOTE_URL} + - git fetch origin + - git checkout -qf "${DRONE_TAG}" + - cd "/tmp/repo/build.assets/tooling" + - go run ./cmd/check -tag ${DRONE_TAG} -check prerelease || (echo '---> This is + a prerelease, not continuing promotion for ${DRONE_TAG}' && exit 78) - name: Check out code image: alpine/git:latest commands: - - mkdir -p "/go/src/github.com/gravitational/teleport" + - mkdir -pv "/go/src/github.com/gravitational/teleport" - cd "/go/src/github.com/gravitational/teleport" - - git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git . - - git checkout "${DRONE_TAG}" -- name: Check if tag is prerelease - image: golang:1.17-alpine - commands: - - cd "/go/src/github.com/gravitational/teleport/build.assets/tooling" - - go run ./cmd/check -tag ${DRONE_TAG} -check prerelease || (echo '---> This is - a prerelease, not publishing ${DRONE_TAG} packages to APT repos' && exit 78) + - git init + - git remote add origin ${DRONE_REMOTE_URL} + - git fetch origin + - git checkout -qf "${DRONE_TAG}" - name: Download artifacts for "${DRONE_TAG}" image: amazon/aws-cli commands: @@ -5660,8 +5132,8 @@ steps: from_secret: AWS_SECRET_ACCESS_KEY depends_on: - Verify build is tagged - - Check out code - Check if tag is prerelease + - Check out code - name: Publish rpms to YUM repos for "${DRONE_TAG}" image: golang:1.18.4-bullseye commands: @@ -5700,8 +5172,8 @@ steps: depends_on: - Download artifacts for "${DRONE_TAG}" - Verify build is tagged - - Check out code - Check if tag is prerelease + - Check out code volumes: - name: yum-persistence claim: @@ -5714,168 +5186,15330 @@ volumes: ################################################ # Generated using dronegen, do not edit by hand! # Use 'make dronegen' to update. -# Generated at dronegen/promote.go:28 +# Generated at dronegen/container_images.go:228 ################################################ kind: pipeline type: kubernetes -name: promote-docker-ecr +name: teleport-container-images-current-version-Test trigger on push +environment: + DEBIAN_FRONTEND: noninteractive trigger: event: include: - - promote - target: - include: - - production - - promote-docker - - promote-docker-ecr + - push repo: include: - - gravitational/* + - gravitational/teleport + branch: + include: + - fred/arm-container-images workspace: path: /go clone: disable: true steps: -- name: Verify build is tagged +- name: Find the latest available semver for v10 + image: golang:1.18 + commands: + - mkdir -pv "/tmp/teleport" + - cd "/tmp/teleport" + - git init + - git remote add origin ${DRONE_REMOTE_URL} + - git fetch origin + - git checkout -qf "branch/v10" + - mkdir -pv "/go/vars/full-version" + - cd "/tmp/teleport/build.assets/tooling/cmd/query-latest" + - go run . "v10" > "/go/vars/full-version/v10" + - echo Found full semver "$(cat "/go/vars/full-version/v10")" for major version + "v10" +- name: Wait for docker + image: docker + commands: + - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v10 +- name: Wait for docker registry + image: alpine + commands: + - apk add curl + - timeout 30s /bin/sh -c 'while [ "$(curl -s -o /dev/null -w %{http_code} http://drone-docker-registry:5000/)" + != "200" ]; do sleep 1; done' + depends_on: + - Find the latest available semver for v10 + - Wait for docker +- name: Check out code + image: alpine/git:latest + commands: + - mkdir -pv "/go/src/github.com/gravitational/teleport" + - cd "/go/src/github.com/gravitational/teleport" + - git init + - git remote add origin ${DRONE_REMOTE_URL} + - git fetch origin + - git checkout -qf "${DRONE_SOURCE_BRANCH}" + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry +- name: Download "teleport" Dockerfile and DEB artifacts from APT + image: ubuntu:22.04 + commands: + - PACKAGE_NAME="teleport" + - PACKAGE_VERSION="$(cat '/go/vars/full-version/v10')" + - apt update + - apt install --no-install-recommends -y ca-certificates curl + - update-ca-certificates + - mkdir -pv $(dirname "/go/build/Dockerfile") + - curl -Ls -o "/go/build/Dockerfile" "https://raw.githubusercontent.com/gravitational/teleport/${DRONE_SOURCE_BRANCH:-master}/build.assets/charts/Dockerfile" + - curl https://apt.releases.teleport.dev/gpg -o "/usr/share/keyrings/teleport-archive-keyring.asc" + - . /etc/os-release + - MAJOR_VERSION=$(echo $${PACKAGE_VERSION?} | cut -d'.' -f 1) + - echo "deb [signed-by=/usr/share/keyrings/teleport-archive-keyring.asc] https://apt.releases.teleport.dev/$${ID?} + $${VERSION_CODENAME?} stable/$${MAJOR_VERSION?}" > /etc/apt/sources.list.d/teleport.list + - END_TIME=$(( $(date +%s) + 1800 )) + - TRIMMED_VERSION=$(echo $${PACKAGE_VERSION} | cut -d'v' -f 2) + - TIMED_OUT=true + - while [ $(date +%s) -lt $${END_TIME?} ]; do + - echo 'Running apt update...' + - apt update > /dev/null || true + - '[ $(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION?} | wc -l) -ge + 1 ] && TIMED_OUT=false && break;' + - echo 'Package not found yet, waiting another 15 seconds...' + - sleep 15 + - done + - '[ $${TIMED_OUT?} = true ] && echo "Timed out while looking for APT package \"$${PACKAGE_NAME}\" + matching \"$${TRIMMED_VERSION}\"" && exit 1' + - FULL_VERSION=$(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION} | + cut -d'|' -f 2 | tr -d ' ' | head -n 1) + - echo "Found APT package, downloading \"$${PACKAGE_NAME}=$${FULL_VERSION}\" for + "amd64\", \"arm\", \"arm64"..." + - mkdir -pv "/tmp/apt-download" + - cd "/tmp/apt-download" + - dpkg --add-architecture "amd64" + - dpkg --add-architecture "armhf" + - dpkg --add-architecture "arm64" + - apt update &> /dev/null || true + - mkdir -pv "/go/build/artifacts/deb/teleport/amd64" + - apt download "teleport:amd64=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport/amd64/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport:amd64=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport/amd64/$(cat + '/go/vars/full-version/v10').deb" + - mkdir -pv "/go/build/artifacts/deb/teleport/arm" + - apt download "teleport:armhf=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport/arm/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport:armhf=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport/arm/$(cat + '/go/vars/full-version/v10').deb" + - mkdir -pv "/go/build/artifacts/deb/teleport/arm64" + - apt download "teleport:arm64=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport/arm64/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport:arm64=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport/arm64/$(cat + '/go/vars/full-version/v10').deb" + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code +- name: Build teleport image "teleport:v10-amd64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-v10-amd64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-v10-amd64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-v10-amd64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-v10-amd64-builder" --config "/tmp/teleport-v10-amd64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-v10-amd64-builder" --target "teleport" + --platform "linux/amd64" --tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-amd64" + --file "/go/build/Dockerfile" --build-arg "DEB_PATH=artifacts/deb/teleport/amd64/$(cat + '/go/vars/full-version/v10').deb" /go/build + - docker buildx rm "teleport-v10-amd64-builder" + - rm -rf "/tmp/teleport-v10-amd64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport" Dockerfile and DEB artifacts from APT +- name: Build teleport image "teleport:v10-arm" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-v10-arm-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-v10-arm-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-v10-arm-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-v10-arm-builder" --config "/tmp/teleport-v10-arm-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-v10-arm-builder" --target "teleport" + --platform "linux/arm" --tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm" + --file "/go/build/Dockerfile" --build-arg "DEB_PATH=artifacts/deb/teleport/arm/$(cat + '/go/vars/full-version/v10').deb" /go/build + - docker buildx rm "teleport-v10-arm-builder" + - rm -rf "/tmp/teleport-v10-arm-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport" Dockerfile and DEB artifacts from APT +- name: Build teleport image "teleport:v10-arm64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-v10-arm64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-v10-arm64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-v10-arm64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-v10-arm64-builder" --config "/tmp/teleport-v10-arm64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-v10-arm64-builder" --target "teleport" + --platform "linux/arm64" --tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm64" + --file "/go/build/Dockerfile" --build-arg "DEB_PATH=artifacts/deb/teleport/arm64/$(cat + '/go/vars/full-version/v10').deb" /go/build + - docker buildx rm "teleport-v10-arm64-builder" + - rm -rf "/tmp/teleport-v10-arm64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport" Dockerfile and DEB artifacts from APT +- name: Tag and push image "teleport:v10-amd64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-amd64" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') | sed + 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-amd64" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') | sed + 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-amd64" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') | sed + 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v10-amd64" +- name: Tag and push image "teleport:v10-arm" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') | sed + 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') | sed + 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') | sed + 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v10-arm" +- name: Tag and push image "teleport:v10-arm64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm64" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') | sed + 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm64" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') | sed + 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm64" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') | sed + 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v10-arm64" +- name: Create manifest and push "teleport:major" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)" --amend "quay.io/fred_heinecke/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') | sed + 's/v//' | cut -d'.' -f 1)-arm" --amend "quay.io/fred_heinecke/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v10-amd64" to Quay + - Tag and push image "teleport:v10-arm" to Quay + - Tag and push image "teleport:v10-arm64" to Quay +- name: Create manifest and push "teleport:minor" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "quay.io/fred_heinecke/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') | sed + 's/v//' | cut -d'.' -f 1,2)-arm" --amend "quay.io/fred_heinecke/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v10-amd64" to Quay + - Tag and push image "teleport:v10-arm" to Quay + - Tag and push image "teleport:v10-arm64" to Quay +- name: Create manifest and push "teleport:canonical" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "quay.io/fred_heinecke/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + --amend "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "quay.io/fred_heinecke/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v10-amd64" to Quay + - Tag and push image "teleport:v10-arm" to Quay + - Tag and push image "teleport:v10-arm64" to Quay +- name: Tag and push image "teleport:v10-amd64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v10-amd64" +- name: Tag and push image "teleport:v10-arm" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v10-arm" +- name: Tag and push image "teleport:v10-arm64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v10-arm64" +- name: Create manifest and push "teleport:major-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v10-amd64" to ECR - staging + - Tag and push image "teleport:v10-arm" to ECR - staging + - Tag and push image "teleport:v10-arm64" to ECR - staging +- name: Create manifest and push "teleport:minor-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v10-amd64" to ECR - staging + - Tag and push image "teleport:v10-arm" to ECR - staging + - Tag and push image "teleport:v10-arm64" to ECR - staging +- name: Create manifest and push "teleport:canonical-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v10-amd64" to ECR - staging + - Tag and push image "teleport:v10-arm" to ECR - staging + - Tag and push image "teleport:v10-arm64" to ECR - staging +- name: Tag and push image "teleport:v10-amd64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-amd64" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') | + sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-amd64" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') | + sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-amd64" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') | + sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v10-amd64" +- name: Tag and push image "teleport:v10-arm" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') | + sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') | + sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') | + sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v10-arm" +- name: Tag and push image "teleport:v10-arm64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm64" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') | + sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm64" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') | + sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm64" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') | + sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v10-arm64" +- name: Create manifest and push "teleport:major" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') | + sed 's/v//' | cut -d'.' -f 1)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v10-amd64" to ECR - production + - Tag and push image "teleport:v10-arm" to ECR - production + - Tag and push image "teleport:v10-arm64" to ECR - production +- name: Create manifest and push "teleport:minor" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') | + sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v10-amd64" to ECR - production + - Tag and push image "teleport:v10-arm" to ECR - production + - Tag and push image "teleport:v10-arm64" to ECR - production +- name: Create manifest and push "teleport:canonical" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v10-amd64" to ECR - production + - Tag and push image "teleport:v10-arm" to ECR - production + - Tag and push image "teleport:v10-arm64" to ECR - production +- name: Download "teleport-ent" Dockerfile and DEB artifacts from APT + image: ubuntu:22.04 + commands: + - PACKAGE_NAME="teleport-ent" + - PACKAGE_VERSION="$(cat '/go/vars/full-version/v10')" + - apt update + - apt install --no-install-recommends -y ca-certificates curl + - update-ca-certificates + - mkdir -pv $(dirname "/go/build/Dockerfile") + - curl -Ls -o "/go/build/Dockerfile" "https://raw.githubusercontent.com/gravitational/teleport/${DRONE_SOURCE_BRANCH:-master}/build.assets/charts/Dockerfile" + - curl https://apt.releases.teleport.dev/gpg -o "/usr/share/keyrings/teleport-archive-keyring.asc" + - . /etc/os-release + - MAJOR_VERSION=$(echo $${PACKAGE_VERSION?} | cut -d'.' -f 1) + - echo "deb [signed-by=/usr/share/keyrings/teleport-archive-keyring.asc] https://apt.releases.teleport.dev/$${ID?} + $${VERSION_CODENAME?} stable/$${MAJOR_VERSION?}" > /etc/apt/sources.list.d/teleport.list + - END_TIME=$(( $(date +%s) + 1800 )) + - TRIMMED_VERSION=$(echo $${PACKAGE_VERSION} | cut -d'v' -f 2) + - TIMED_OUT=true + - while [ $(date +%s) -lt $${END_TIME?} ]; do + - echo 'Running apt update...' + - apt update > /dev/null || true + - '[ $(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION?} | wc -l) -ge + 1 ] && TIMED_OUT=false && break;' + - echo 'Package not found yet, waiting another 15 seconds...' + - sleep 15 + - done + - '[ $${TIMED_OUT?} = true ] && echo "Timed out while looking for APT package \"$${PACKAGE_NAME}\" + matching \"$${TRIMMED_VERSION}\"" && exit 1' + - FULL_VERSION=$(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION} | + cut -d'|' -f 2 | tr -d ' ' | head -n 1) + - echo "Found APT package, downloading \"$${PACKAGE_NAME}=$${FULL_VERSION}\" for + "amd64\", \"arm\", \"arm64"..." + - mkdir -pv "/tmp/apt-download" + - cd "/tmp/apt-download" + - dpkg --add-architecture "amd64" + - dpkg --add-architecture "armhf" + - dpkg --add-architecture "arm64" + - apt update &> /dev/null || true + - mkdir -pv "/go/build/artifacts/deb/teleport-ent/amd64" + - apt download "teleport-ent:amd64=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport-ent/amd64/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport-ent:amd64=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport-ent/amd64/$(cat + '/go/vars/full-version/v10').deb" + - mkdir -pv "/go/build/artifacts/deb/teleport-ent/arm" + - apt download "teleport-ent:armhf=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport-ent/arm/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport-ent:armhf=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport-ent/arm/$(cat + '/go/vars/full-version/v10').deb" + - mkdir -pv "/go/build/artifacts/deb/teleport-ent/arm64" + - apt download "teleport-ent:arm64=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport-ent/arm64/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport-ent:arm64=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport-ent/arm64/$(cat + '/go/vars/full-version/v10').deb" + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code +- name: Build teleport-ent image "teleport-ent:v10-amd64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-ent-v10-amd64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-ent-v10-amd64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-ent-v10-amd64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-ent-v10-amd64-builder" --config "/tmp/teleport-ent-v10-amd64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-ent-v10-amd64-builder" --target + "teleport" --platform "linux/amd64" --tag "drone-docker-registry:5000/teleport-ent:$(cat + '/go/vars/full-version/v10')-amd64" --file "/go/build/Dockerfile" --build-arg + "DEB_PATH=artifacts/deb/teleport-ent/amd64/$(cat '/go/vars/full-version/v10').deb" + /go/build + - docker buildx rm "teleport-ent-v10-amd64-builder" + - rm -rf "/tmp/teleport-ent-v10-amd64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport-ent" Dockerfile and DEB artifacts from APT +- name: Build teleport-ent image "teleport-ent:v10-arm" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-ent-v10-arm-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-ent-v10-arm-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-ent-v10-arm-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-ent-v10-arm-builder" --config "/tmp/teleport-ent-v10-arm-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-ent-v10-arm-builder" --target "teleport" + --platform "linux/arm" --tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm" + --file "/go/build/Dockerfile" --build-arg "DEB_PATH=artifacts/deb/teleport-ent/arm/$(cat + '/go/vars/full-version/v10').deb" /go/build + - docker buildx rm "teleport-ent-v10-arm-builder" + - rm -rf "/tmp/teleport-ent-v10-arm-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport-ent" Dockerfile and DEB artifacts from APT +- name: Build teleport-ent image "teleport-ent:v10-arm64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-ent-v10-arm64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-ent-v10-arm64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-ent-v10-arm64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-ent-v10-arm64-builder" --config "/tmp/teleport-ent-v10-arm64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-ent-v10-arm64-builder" --target + "teleport" --platform "linux/arm64" --tag "drone-docker-registry:5000/teleport-ent:$(cat + '/go/vars/full-version/v10')-arm64" --file "/go/build/Dockerfile" --build-arg + "DEB_PATH=artifacts/deb/teleport-ent/arm64/$(cat '/go/vars/full-version/v10').deb" + /go/build + - docker buildx rm "teleport-ent-v10-arm64-builder" + - rm -rf "/tmp/teleport-ent-v10-arm64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport-ent" Dockerfile and DEB artifacts from APT +- name: Tag and push image "teleport-ent:v10-amd64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-amd64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-amd64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-amd64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v10-amd64" +- name: Tag and push image "teleport-ent:v10-arm" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v10-arm" +- name: Tag and push image "teleport-ent:v10-arm64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v10-arm64" +- name: Create manifest and push "teleport-ent:major" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v10-amd64" to Quay + - Tag and push image "teleport-ent:v10-arm" to Quay + - Tag and push image "teleport-ent:v10-arm64" to Quay +- name: Create manifest and push "teleport-ent:minor" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v10-amd64" to Quay + - Tag and push image "teleport-ent:v10-arm" to Quay + - Tag and push image "teleport-ent:v10-arm64" to Quay +- name: Create manifest and push "teleport-ent:canonical" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + --amend "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v10-amd64" to Quay + - Tag and push image "teleport-ent:v10-arm" to Quay + - Tag and push image "teleport-ent:v10-arm64" to Quay +- name: Tag and push image "teleport-ent:v10-amd64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v10-amd64" +- name: Tag and push image "teleport-ent:v10-arm" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v10-arm" +- name: Tag and push image "teleport-ent:v10-arm64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v10-arm64" +- name: Create manifest and push "teleport-ent:major-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v10-amd64" to ECR - staging + - Tag and push image "teleport-ent:v10-arm" to ECR - staging + - Tag and push image "teleport-ent:v10-arm64" to ECR - staging +- name: Create manifest and push "teleport-ent:minor-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v10-amd64" to ECR - staging + - Tag and push image "teleport-ent:v10-arm" to ECR - staging + - Tag and push image "teleport-ent:v10-arm64" to ECR - staging +- name: Create manifest and push "teleport-ent:canonical-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v10-amd64" to ECR - staging + - Tag and push image "teleport-ent:v10-arm" to ECR - staging + - Tag and push image "teleport-ent:v10-arm64" to ECR - staging +- name: Tag and push image "teleport-ent:v10-amd64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v10-amd64" +- name: Tag and push image "teleport-ent:v10-arm" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v10-arm" +- name: Tag and push image "teleport-ent:v10-arm64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v10-arm64" +- name: Create manifest and push "teleport-ent:major" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v10-amd64" to ECR - production + - Tag and push image "teleport-ent:v10-arm" to ECR - production + - Tag and push image "teleport-ent:v10-arm64" to ECR - production +- name: Create manifest and push "teleport-ent:minor" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v10-amd64" to ECR - production + - Tag and push image "teleport-ent:v10-arm" to ECR - production + - Tag and push image "teleport-ent:v10-arm64" to ECR - production +- name: Create manifest and push "teleport-ent:canonical" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v10-amd64" to ECR - production + - Tag and push image "teleport-ent:v10-arm" to ECR - production + - Tag and push image "teleport-ent:v10-arm64" to ECR - production +- name: Download "teleport-ent-fips" Dockerfile and DEB artifacts from APT + image: ubuntu:22.04 + commands: + - PACKAGE_NAME="teleport-ent-fips" + - PACKAGE_VERSION="$(cat '/go/vars/full-version/v10')" + - apt update + - apt install --no-install-recommends -y ca-certificates curl + - update-ca-certificates + - mkdir -pv $(dirname "/go/build/Dockerfile") + - curl -Ls -o "/go/build/Dockerfile" "https://raw.githubusercontent.com/gravitational/teleport/${DRONE_SOURCE_BRANCH:-master}/build.assets/charts/Dockerfile" + - curl https://apt.releases.teleport.dev/gpg -o "/usr/share/keyrings/teleport-archive-keyring.asc" + - . /etc/os-release + - MAJOR_VERSION=$(echo $${PACKAGE_VERSION?} | cut -d'.' -f 1) + - echo "deb [signed-by=/usr/share/keyrings/teleport-archive-keyring.asc] https://apt.releases.teleport.dev/$${ID?} + $${VERSION_CODENAME?} stable/$${MAJOR_VERSION?}" > /etc/apt/sources.list.d/teleport.list + - END_TIME=$(( $(date +%s) + 1800 )) + - TRIMMED_VERSION=$(echo $${PACKAGE_VERSION} | cut -d'v' -f 2) + - TIMED_OUT=true + - while [ $(date +%s) -lt $${END_TIME?} ]; do + - echo 'Running apt update...' + - apt update > /dev/null || true + - '[ $(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION?} | wc -l) -ge + 1 ] && TIMED_OUT=false && break;' + - echo 'Package not found yet, waiting another 15 seconds...' + - sleep 15 + - done + - '[ $${TIMED_OUT?} = true ] && echo "Timed out while looking for APT package \"$${PACKAGE_NAME}\" + matching \"$${TRIMMED_VERSION}\"" && exit 1' + - FULL_VERSION=$(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION} | + cut -d'|' -f 2 | tr -d ' ' | head -n 1) + - echo "Found APT package, downloading \"$${PACKAGE_NAME}=$${FULL_VERSION}\" for + "amd64"..." + - mkdir -pv "/tmp/apt-download" + - cd "/tmp/apt-download" + - dpkg --add-architecture "amd64" + - apt update &> /dev/null || true + - mkdir -pv "/go/build/artifacts/deb/teleport-ent-fips/amd64" + - apt download "teleport-ent-fips:amd64=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport-ent-fips/amd64/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport-ent-fips:amd64=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport-ent-fips/amd64/$(cat + '/go/vars/full-version/v10').deb" + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code +- name: Build teleport-ent-fips image "teleport-ent-fips:v10-amd64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-ent-fips-v10-amd64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-ent-fips-v10-amd64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-ent-fips-v10-amd64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-ent-fips-v10-amd64-builder" --config "/tmp/teleport-ent-fips-v10-amd64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-ent-fips-v10-amd64-builder" --target + "teleport-fips" --platform "linux/amd64" --tag "drone-docker-registry:5000/teleport-ent-fips:$(cat + '/go/vars/full-version/v10')-amd64" --file "/go/build/Dockerfile" --build-arg + "DEB_PATH=artifacts/deb/teleport-ent-fips/amd64/$(cat '/go/vars/full-version/v10').deb" + /go/build + - docker buildx rm "teleport-ent-fips-v10-amd64-builder" + - rm -rf "/tmp/teleport-ent-fips-v10-amd64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport-ent-fips" Dockerfile and DEB artifacts from APT +- name: Tag and push image "teleport-ent-fips:v10-amd64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v10')-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v10')-amd64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-fips-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v10')-amd64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-fips-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v10')-amd64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-fips-amd64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-fips-amd64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-fips-amd64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-fips-amd64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent-fips image "teleport-ent-fips:v10-amd64" +- name: Create manifest and push "teleport-ent:major-fips" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-fips" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-fips-amd64" + - docker manifest push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-fips" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v10-amd64" to Quay +- name: Create manifest and push "teleport-ent:minor-fips" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-fips" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-fips-amd64" + - docker manifest push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-fips" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v10-amd64" to Quay +- name: Create manifest and push "teleport-ent:canonical-fips" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-fips" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-fips-amd64" + - docker manifest push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-fips" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v10-amd64" to Quay +- name: Tag and push image "teleport-ent-fips:v10-amd64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v10')-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v10')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-fips-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v10')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-fips-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v10')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-fips-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-fips-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-fips-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-fips-amd64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent-fips image "teleport-ent-fips:v10-amd64" +- name: Create manifest and push "teleport-ent:major-$TIMESTAMP-fips" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-fips" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-fips-amd64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-fips" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v10-amd64" to ECR - staging +- name: Create manifest and push "teleport-ent:minor-$TIMESTAMP-fips" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-fips" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-fips-amd64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-fips" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v10-amd64" to ECR - staging +- name: Create manifest and push "teleport-ent:canonical-$TIMESTAMP-fips" to ECR - + staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-fips" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-fips-amd64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-fips" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v10-amd64" to ECR - staging +- name: Tag and push image "teleport-ent-fips:v10-amd64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v10')-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v10')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-fips-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v10')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-fips-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v10')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-fips-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-fips-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-fips-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-fips-amd64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent-fips image "teleport-ent-fips:v10-amd64" +- name: Create manifest and push "teleport-ent:major-fips" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-fips" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-fips-amd64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-fips" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v10-amd64" to ECR - production +- name: Create manifest and push "teleport-ent:minor-fips" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-fips" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-fips-amd64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-fips" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v10-amd64" to ECR - production +- name: Create manifest and push "teleport-ent:canonical-fips" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-fips" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-fips-amd64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-fips" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v10-amd64" to ECR - production +- name: Build teleport-lab image "teleport-lab:v10-amd64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/src/github.com/gravitational/teleport/docker/sshd" && cd "/go/src/github.com/gravitational/teleport/docker/sshd" + - mkdir -pv "/tmp/teleport-lab-v10-amd64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-lab-v10-amd64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-lab-v10-amd64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-lab-v10-amd64-builder" --config "/tmp/teleport-lab-v10-amd64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-lab-v10-amd64-builder" --platform + "linux/amd64" --tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-amd64" + --file "/go/src/github.com/gravitational/teleport/docker/sshd/Dockerfile" --build-arg + "BASE_IMAGE=drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-amd64" + /go/src/github.com/gravitational/teleport/docker/sshd + - docker buildx rm "teleport-lab-v10-amd64-builder" + - rm -rf "/tmp/teleport-lab-v10-amd64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code + - Build teleport image "teleport:v10-amd64" +- name: Build teleport-lab image "teleport-lab:v10-arm" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/src/github.com/gravitational/teleport/docker/sshd" && cd "/go/src/github.com/gravitational/teleport/docker/sshd" + - mkdir -pv "/tmp/teleport-lab-v10-arm-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-lab-v10-arm-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-lab-v10-arm-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-lab-v10-arm-builder" --config "/tmp/teleport-lab-v10-arm-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-lab-v10-arm-builder" --platform + "linux/arm" --tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm" + --file "/go/src/github.com/gravitational/teleport/docker/sshd/Dockerfile" --build-arg + "BASE_IMAGE=drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm" + /go/src/github.com/gravitational/teleport/docker/sshd + - docker buildx rm "teleport-lab-v10-arm-builder" + - rm -rf "/tmp/teleport-lab-v10-arm-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code + - Build teleport image "teleport:v10-arm" +- name: Build teleport-lab image "teleport-lab:v10-arm64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/src/github.com/gravitational/teleport/docker/sshd" && cd "/go/src/github.com/gravitational/teleport/docker/sshd" + - mkdir -pv "/tmp/teleport-lab-v10-arm64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-lab-v10-arm64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-lab-v10-arm64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-lab-v10-arm64-builder" --config "/tmp/teleport-lab-v10-arm64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-lab-v10-arm64-builder" --platform + "linux/arm64" --tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm64" + --file "/go/src/github.com/gravitational/teleport/docker/sshd/Dockerfile" --build-arg + "BASE_IMAGE=drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm64" + /go/src/github.com/gravitational/teleport/docker/sshd + - docker buildx rm "teleport-lab-v10-arm64-builder" + - rm -rf "/tmp/teleport-lab-v10-arm64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code + - Build teleport image "teleport:v10-arm64" +- name: Tag and push image "teleport-lab:v10-amd64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-amd64" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-amd64" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-amd64" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v10-amd64" +- name: Tag and push image "teleport-lab:v10-arm" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v10-arm" +- name: Tag and push image "teleport-lab:v10-arm64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm64" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm64" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm64" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v10-arm64" +- name: Create manifest and push "teleport-lab:major" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v10-amd64" to Quay + - Tag and push image "teleport-lab:v10-arm" to Quay + - Tag and push image "teleport-lab:v10-arm64" to Quay +- name: Create manifest and push "teleport-lab:minor" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v10-amd64" to Quay + - Tag and push image "teleport-lab:v10-arm" to Quay + - Tag and push image "teleport-lab:v10-arm64" to Quay +- name: Create manifest and push "teleport-lab:canonical" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + --amend "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v10-amd64" to Quay + - Tag and push image "teleport-lab:v10-arm" to Quay + - Tag and push image "teleport-lab:v10-arm64" to Quay +- name: Tag and push image "teleport-lab:v10-amd64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v10-amd64" +- name: Tag and push image "teleport-lab:v10-arm" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v10-arm" +- name: Tag and push image "teleport-lab:v10-arm64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v10-arm64" +- name: Create manifest and push "teleport-lab:major-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v10-amd64" to ECR - staging + - Tag and push image "teleport-lab:v10-arm" to ECR - staging + - Tag and push image "teleport-lab:v10-arm64" to ECR - staging +- name: Create manifest and push "teleport-lab:minor-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v10-amd64" to ECR - staging + - Tag and push image "teleport-lab:v10-arm" to ECR - staging + - Tag and push image "teleport-lab:v10-arm64" to ECR - staging +- name: Create manifest and push "teleport-lab:canonical-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v10-amd64" to ECR - staging + - Tag and push image "teleport-lab:v10-arm" to ECR - staging + - Tag and push image "teleport-lab:v10-arm64" to ECR - staging +- name: Tag and push image "teleport-lab:v10-amd64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v10-amd64" +- name: Tag and push image "teleport-lab:v10-arm" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v10-arm" +- name: Tag and push image "teleport-lab:v10-arm64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v10-arm64" +- name: Create manifest and push "teleport-lab:major" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v10-amd64" to ECR - production + - Tag and push image "teleport-lab:v10-arm" to ECR - production + - Tag and push image "teleport-lab:v10-arm64" to ECR - production +- name: Create manifest and push "teleport-lab:minor" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v10-amd64" to ECR - production + - Tag and push image "teleport-lab:v10-arm" to ECR - production + - Tag and push image "teleport-lab:v10-arm64" to ECR - production +- name: Create manifest and push "teleport-lab:canonical" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v10-amd64" to ECR - production + - Tag and push image "teleport-lab:v10-arm" to ECR - production + - Tag and push image "teleport-lab:v10-arm64" to ECR - production +- name: Build teleport-operator image "teleport-operator:v10-amd64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/src/github.com/gravitational/teleport" && cd "/go/src/github.com/gravitational/teleport" + - mkdir -pv "/tmp/teleport-operator-v10-amd64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-operator-v10-amd64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-operator-v10-amd64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-operator-v10-amd64-builder" --config "/tmp/teleport-operator-v10-amd64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-operator-v10-amd64-builder" --platform + "linux/amd64" --tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-amd64" + --file "/go/src/github.com/gravitational/teleport/operator/Dockerfile" --build-arg + "COMPILER_PACKAGE=gcc-x86-64-linux-gnu" --build-arg "COMPILER_NAME=x86_64-linux-gnu-gcc" + /go/src/github.com/gravitational/teleport + - docker buildx rm "teleport-operator-v10-amd64-builder" + - rm -rf "/tmp/teleport-operator-v10-amd64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code +- name: Build teleport-operator image "teleport-operator:v10-arm" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/src/github.com/gravitational/teleport" && cd "/go/src/github.com/gravitational/teleport" + - mkdir -pv "/tmp/teleport-operator-v10-arm-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-operator-v10-arm-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-operator-v10-arm-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-operator-v10-arm-builder" --config "/tmp/teleport-operator-v10-arm-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-operator-v10-arm-builder" --platform + "linux/arm" --tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm" + --file "/go/src/github.com/gravitational/teleport/operator/Dockerfile" --build-arg + "COMPILER_PACKAGE=gcc-arm-linux-gnueabihf" --build-arg "COMPILER_NAME=arm-linux-gnueabihf-gcc" + /go/src/github.com/gravitational/teleport + - docker buildx rm "teleport-operator-v10-arm-builder" + - rm -rf "/tmp/teleport-operator-v10-arm-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code +- name: Build teleport-operator image "teleport-operator:v10-arm64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/src/github.com/gravitational/teleport" && cd "/go/src/github.com/gravitational/teleport" + - mkdir -pv "/tmp/teleport-operator-v10-arm64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-operator-v10-arm64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-operator-v10-arm64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-operator-v10-arm64-builder" --config "/tmp/teleport-operator-v10-arm64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-operator-v10-arm64-builder" --platform + "linux/arm64" --tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm64" + --file "/go/src/github.com/gravitational/teleport/operator/Dockerfile" --build-arg + "COMPILER_PACKAGE=gcc-aarch64-linux-gnu" --build-arg "COMPILER_NAME=aarch64-linux-gnu-gcc" + /go/src/github.com/gravitational/teleport + - docker buildx rm "teleport-operator-v10-arm64-builder" + - rm -rf "/tmp/teleport-operator-v10-arm64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code +- name: Tag and push image "teleport-operator:v10-amd64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-amd64" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-amd64" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-amd64" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v10-amd64" +- name: Tag and push image "teleport-operator:v10-arm" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v10-arm" +- name: Tag and push image "teleport-operator:v10-arm64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm64" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm64" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm64" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v10-arm64" +- name: Create manifest and push "teleport-operator:major" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v10-amd64" to Quay + - Tag and push image "teleport-operator:v10-arm" to Quay + - Tag and push image "teleport-operator:v10-arm64" to Quay +- name: Create manifest and push "teleport-operator:minor" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v10-amd64" to Quay + - Tag and push image "teleport-operator:v10-arm" to Quay + - Tag and push image "teleport-operator:v10-arm64" to Quay +- name: Create manifest and push "teleport-operator:canonical" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + --amend "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v10-amd64" to Quay + - Tag and push image "teleport-operator:v10-arm" to Quay + - Tag and push image "teleport-operator:v10-arm64" to Quay +- name: Tag and push image "teleport-operator:v10-amd64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v10-amd64" +- name: Tag and push image "teleport-operator:v10-arm" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v10-arm" +- name: Tag and push image "teleport-operator:v10-arm64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v10-arm64" +- name: Create manifest and push "teleport-operator:major-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v10-amd64" to ECR - staging + - Tag and push image "teleport-operator:v10-arm" to ECR - staging + - Tag and push image "teleport-operator:v10-arm64" to ECR - staging +- name: Create manifest and push "teleport-operator:minor-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v10-amd64" to ECR - staging + - Tag and push image "teleport-operator:v10-arm" to ECR - staging + - Tag and push image "teleport-operator:v10-arm64" to ECR - staging +- name: Create manifest and push "teleport-operator:canonical-$TIMESTAMP" to ECR - + staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v10-amd64" to ECR - staging + - Tag and push image "teleport-operator:v10-arm" to ECR - staging + - Tag and push image "teleport-operator:v10-arm64" to ECR - staging +- name: Tag and push image "teleport-operator:v10-amd64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v10-amd64" +- name: Tag and push image "teleport-operator:v10-arm" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v10-arm" +- name: Tag and push image "teleport-operator:v10-arm64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v10-arm64" +- name: Create manifest and push "teleport-operator:major" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v10-amd64" to ECR - production + - Tag and push image "teleport-operator:v10-arm" to ECR - production + - Tag and push image "teleport-operator:v10-arm64" to ECR - production +- name: Create manifest and push "teleport-operator:minor" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v10-amd64" to ECR - production + - Tag and push image "teleport-operator:v10-arm" to ECR - production + - Tag and push image "teleport-operator:v10-arm64" to ECR - production +- name: Create manifest and push "teleport-operator:canonical" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v10-amd64" to ECR - production + - Tag and push image "teleport-operator:v10-arm" to ECR - production + - Tag and push image "teleport-operator:v10-arm64" to ECR - production +services: +- name: Start Docker + image: docker:dind + privileged: true + volumes: + - name: dockersock + path: /var/run +- name: drone-docker-registry + image: registry:2 + privileged: false + volumes: [] +volumes: +- name: dockersock + temp: {} + +--- +################################################ +# Generated using dronegen, do not edit by hand! +# Use 'make dronegen' to update. +# Generated at dronegen/container_images.go:228 +################################################ + +kind: pipeline +type: kubernetes +name: teleport-container-images-current-version-cron +environment: + DEBIAN_FRONTEND: noninteractive +trigger: + cron: + include: + - teleport-container-images-cron + repo: + include: + - gravitational/teleport +workspace: + path: /go +clone: + disable: true +steps: +- name: Find the latest available semver for v10 + image: golang:1.18 + commands: + - mkdir -pv "/tmp/teleport" + - cd "/tmp/teleport" + - git init + - git remote add origin ${DRONE_REMOTE_URL} + - git fetch origin + - git checkout -qf "branch/v10" + - mkdir -pv "/go/vars/full-version" + - cd "/tmp/teleport/build.assets/tooling/cmd/query-latest" + - go run . "v10" > "/go/vars/full-version/v10" + - echo Found full semver "$(cat "/go/vars/full-version/v10")" for major version + "v10" +- name: Wait for docker + image: docker + commands: + - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v10 +- name: Wait for docker registry + image: alpine + commands: + - apk add curl + - timeout 30s /bin/sh -c 'while [ "$(curl -s -o /dev/null -w %{http_code} http://drone-docker-registry:5000/)" + != "200" ]; do sleep 1; done' + depends_on: + - Find the latest available semver for v10 + - Wait for docker +- name: Check out code + image: alpine/git:latest + commands: + - mkdir -pv "/go/src/github.com/gravitational/teleport" + - cd "/go/src/github.com/gravitational/teleport" + - git init + - git remote add origin ${DRONE_REMOTE_URL} + - git fetch origin + - git checkout -qf "${DRONE_SOURCE_BRANCH}" + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry +- name: Download "teleport" Dockerfile and DEB artifacts from APT + image: ubuntu:22.04 + commands: + - PACKAGE_NAME="teleport" + - PACKAGE_VERSION="$(cat '/go/vars/full-version/v10')" + - apt update + - apt install --no-install-recommends -y ca-certificates curl + - update-ca-certificates + - mkdir -pv $(dirname "/go/build/Dockerfile") + - curl -Ls -o "/go/build/Dockerfile" "https://raw.githubusercontent.com/gravitational/teleport/${DRONE_SOURCE_BRANCH:-master}/build.assets/charts/Dockerfile" + - curl https://apt.releases.teleport.dev/gpg -o "/usr/share/keyrings/teleport-archive-keyring.asc" + - . /etc/os-release + - MAJOR_VERSION=$(echo $${PACKAGE_VERSION?} | cut -d'.' -f 1) + - echo "deb [signed-by=/usr/share/keyrings/teleport-archive-keyring.asc] https://apt.releases.teleport.dev/$${ID?} + $${VERSION_CODENAME?} stable/$${MAJOR_VERSION?}" > /etc/apt/sources.list.d/teleport.list + - END_TIME=$(( $(date +%s) + 1800 )) + - TRIMMED_VERSION=$(echo $${PACKAGE_VERSION} | cut -d'v' -f 2) + - TIMED_OUT=true + - while [ $(date +%s) -lt $${END_TIME?} ]; do + - echo 'Running apt update...' + - apt update > /dev/null || true + - '[ $(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION?} | wc -l) -ge + 1 ] && TIMED_OUT=false && break;' + - echo 'Package not found yet, waiting another 15 seconds...' + - sleep 15 + - done + - '[ $${TIMED_OUT?} = true ] && echo "Timed out while looking for APT package \"$${PACKAGE_NAME}\" + matching \"$${TRIMMED_VERSION}\"" && exit 1' + - FULL_VERSION=$(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION} | + cut -d'|' -f 2 | tr -d ' ' | head -n 1) + - echo "Found APT package, downloading \"$${PACKAGE_NAME}=$${FULL_VERSION}\" for + "amd64\", \"arm\", \"arm64"..." + - mkdir -pv "/tmp/apt-download" + - cd "/tmp/apt-download" + - dpkg --add-architecture "amd64" + - dpkg --add-architecture "armhf" + - dpkg --add-architecture "arm64" + - apt update &> /dev/null || true + - mkdir -pv "/go/build/artifacts/deb/teleport/amd64" + - apt download "teleport:amd64=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport/amd64/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport:amd64=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport/amd64/$(cat + '/go/vars/full-version/v10').deb" + - mkdir -pv "/go/build/artifacts/deb/teleport/arm" + - apt download "teleport:armhf=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport/arm/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport:armhf=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport/arm/$(cat + '/go/vars/full-version/v10').deb" + - mkdir -pv "/go/build/artifacts/deb/teleport/arm64" + - apt download "teleport:arm64=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport/arm64/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport:arm64=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport/arm64/$(cat + '/go/vars/full-version/v10').deb" + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code +- name: Build teleport image "teleport:v10-amd64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-v10-amd64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-v10-amd64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-v10-amd64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-v10-amd64-builder" --config "/tmp/teleport-v10-amd64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-v10-amd64-builder" --target "teleport" + --platform "linux/amd64" --tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-amd64" + --file "/go/build/Dockerfile" --build-arg "DEB_PATH=artifacts/deb/teleport/amd64/$(cat + '/go/vars/full-version/v10').deb" /go/build + - docker buildx rm "teleport-v10-amd64-builder" + - rm -rf "/tmp/teleport-v10-amd64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport" Dockerfile and DEB artifacts from APT +- name: Build teleport image "teleport:v10-arm" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-v10-arm-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-v10-arm-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-v10-arm-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-v10-arm-builder" --config "/tmp/teleport-v10-arm-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-v10-arm-builder" --target "teleport" + --platform "linux/arm" --tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm" + --file "/go/build/Dockerfile" --build-arg "DEB_PATH=artifacts/deb/teleport/arm/$(cat + '/go/vars/full-version/v10').deb" /go/build + - docker buildx rm "teleport-v10-arm-builder" + - rm -rf "/tmp/teleport-v10-arm-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport" Dockerfile and DEB artifacts from APT +- name: Build teleport image "teleport:v10-arm64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-v10-arm64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-v10-arm64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-v10-arm64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-v10-arm64-builder" --config "/tmp/teleport-v10-arm64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-v10-arm64-builder" --target "teleport" + --platform "linux/arm64" --tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm64" + --file "/go/build/Dockerfile" --build-arg "DEB_PATH=artifacts/deb/teleport/arm64/$(cat + '/go/vars/full-version/v10').deb" /go/build + - docker buildx rm "teleport-v10-arm64-builder" + - rm -rf "/tmp/teleport-v10-arm64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport" Dockerfile and DEB artifacts from APT +- name: Tag and push image "teleport:v10-amd64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-amd64" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') | sed + 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-amd64" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') | sed + 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-amd64" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') | sed + 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v10-amd64" +- name: Tag and push image "teleport:v10-arm" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') | sed + 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') | sed + 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') | sed + 's/v//' | cut -d'.' -f 1)-arm" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v10-arm" +- name: Tag and push image "teleport:v10-arm64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm64" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') | sed + 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm64" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') | sed + 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm64" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') | sed + 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v10-arm64" +- name: Create manifest and push "teleport:major" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)" --amend "quay.io/fred_heinecke/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') | sed + 's/v//' | cut -d'.' -f 1)-arm" --amend "quay.io/fred_heinecke/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v10-amd64" to Quay + - Tag and push image "teleport:v10-arm" to Quay + - Tag and push image "teleport:v10-arm64" to Quay +- name: Create manifest and push "teleport:minor" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "quay.io/fred_heinecke/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') | sed + 's/v//' | cut -d'.' -f 1,2)-arm" --amend "quay.io/fred_heinecke/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v10-amd64" to Quay + - Tag and push image "teleport:v10-arm" to Quay + - Tag and push image "teleport:v10-arm64" to Quay +- name: Create manifest and push "teleport:canonical" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "quay.io/fred_heinecke/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + --amend "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "quay.io/fred_heinecke/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v10-amd64" to Quay + - Tag and push image "teleport:v10-arm" to Quay + - Tag and push image "teleport:v10-arm64" to Quay +- name: Tag and push image "teleport:v10-amd64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v10-amd64" +- name: Tag and push image "teleport:v10-arm" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v10-arm" +- name: Tag and push image "teleport:v10-arm64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v10-arm64" +- name: Create manifest and push "teleport:major-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v10-amd64" to ECR - staging + - Tag and push image "teleport:v10-arm" to ECR - staging + - Tag and push image "teleport:v10-arm64" to ECR - staging +- name: Create manifest and push "teleport:minor-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v10-amd64" to ECR - staging + - Tag and push image "teleport:v10-arm" to ECR - staging + - Tag and push image "teleport:v10-arm64" to ECR - staging +- name: Create manifest and push "teleport:canonical-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v10-amd64" to ECR - staging + - Tag and push image "teleport:v10-arm" to ECR - staging + - Tag and push image "teleport:v10-arm64" to ECR - staging +- name: Tag and push image "teleport:v10-amd64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-amd64" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') | + sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-amd64" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') | + sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-amd64" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') | + sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v10-amd64" +- name: Tag and push image "teleport:v10-arm" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') | + sed 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') | + sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') | + sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v10-arm" +- name: Tag and push image "teleport:v10-arm64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm64" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') | + sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm64" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') | + sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm64" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') | + sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v10-arm64" +- name: Create manifest and push "teleport:major" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') | + sed 's/v//' | cut -d'.' -f 1)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v10-amd64" to ECR - production + - Tag and push image "teleport:v10-arm" to ECR - production + - Tag and push image "teleport:v10-arm64" to ECR - production +- name: Create manifest and push "teleport:minor" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') | + sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v10-amd64" to ECR - production + - Tag and push image "teleport:v10-arm" to ECR - production + - Tag and push image "teleport:v10-arm64" to ECR - production +- name: Create manifest and push "teleport:canonical" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v10-amd64" to ECR - production + - Tag and push image "teleport:v10-arm" to ECR - production + - Tag and push image "teleport:v10-arm64" to ECR - production +- name: Download "teleport-ent" Dockerfile and DEB artifacts from APT + image: ubuntu:22.04 + commands: + - PACKAGE_NAME="teleport-ent" + - PACKAGE_VERSION="$(cat '/go/vars/full-version/v10')" + - apt update + - apt install --no-install-recommends -y ca-certificates curl + - update-ca-certificates + - mkdir -pv $(dirname "/go/build/Dockerfile") + - curl -Ls -o "/go/build/Dockerfile" "https://raw.githubusercontent.com/gravitational/teleport/${DRONE_SOURCE_BRANCH:-master}/build.assets/charts/Dockerfile" + - curl https://apt.releases.teleport.dev/gpg -o "/usr/share/keyrings/teleport-archive-keyring.asc" + - . /etc/os-release + - MAJOR_VERSION=$(echo $${PACKAGE_VERSION?} | cut -d'.' -f 1) + - echo "deb [signed-by=/usr/share/keyrings/teleport-archive-keyring.asc] https://apt.releases.teleport.dev/$${ID?} + $${VERSION_CODENAME?} stable/$${MAJOR_VERSION?}" > /etc/apt/sources.list.d/teleport.list + - END_TIME=$(( $(date +%s) + 1800 )) + - TRIMMED_VERSION=$(echo $${PACKAGE_VERSION} | cut -d'v' -f 2) + - TIMED_OUT=true + - while [ $(date +%s) -lt $${END_TIME?} ]; do + - echo 'Running apt update...' + - apt update > /dev/null || true + - '[ $(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION?} | wc -l) -ge + 1 ] && TIMED_OUT=false && break;' + - echo 'Package not found yet, waiting another 15 seconds...' + - sleep 15 + - done + - '[ $${TIMED_OUT?} = true ] && echo "Timed out while looking for APT package \"$${PACKAGE_NAME}\" + matching \"$${TRIMMED_VERSION}\"" && exit 1' + - FULL_VERSION=$(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION} | + cut -d'|' -f 2 | tr -d ' ' | head -n 1) + - echo "Found APT package, downloading \"$${PACKAGE_NAME}=$${FULL_VERSION}\" for + "amd64\", \"arm\", \"arm64"..." + - mkdir -pv "/tmp/apt-download" + - cd "/tmp/apt-download" + - dpkg --add-architecture "amd64" + - dpkg --add-architecture "armhf" + - dpkg --add-architecture "arm64" + - apt update &> /dev/null || true + - mkdir -pv "/go/build/artifacts/deb/teleport-ent/amd64" + - apt download "teleport-ent:amd64=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport-ent/amd64/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport-ent:amd64=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport-ent/amd64/$(cat + '/go/vars/full-version/v10').deb" + - mkdir -pv "/go/build/artifacts/deb/teleport-ent/arm" + - apt download "teleport-ent:armhf=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport-ent/arm/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport-ent:armhf=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport-ent/arm/$(cat + '/go/vars/full-version/v10').deb" + - mkdir -pv "/go/build/artifacts/deb/teleport-ent/arm64" + - apt download "teleport-ent:arm64=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport-ent/arm64/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport-ent:arm64=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport-ent/arm64/$(cat + '/go/vars/full-version/v10').deb" + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code +- name: Build teleport-ent image "teleport-ent:v10-amd64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-ent-v10-amd64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-ent-v10-amd64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-ent-v10-amd64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-ent-v10-amd64-builder" --config "/tmp/teleport-ent-v10-amd64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-ent-v10-amd64-builder" --target + "teleport" --platform "linux/amd64" --tag "drone-docker-registry:5000/teleport-ent:$(cat + '/go/vars/full-version/v10')-amd64" --file "/go/build/Dockerfile" --build-arg + "DEB_PATH=artifacts/deb/teleport-ent/amd64/$(cat '/go/vars/full-version/v10').deb" + /go/build + - docker buildx rm "teleport-ent-v10-amd64-builder" + - rm -rf "/tmp/teleport-ent-v10-amd64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport-ent" Dockerfile and DEB artifacts from APT +- name: Build teleport-ent image "teleport-ent:v10-arm" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-ent-v10-arm-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-ent-v10-arm-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-ent-v10-arm-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-ent-v10-arm-builder" --config "/tmp/teleport-ent-v10-arm-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-ent-v10-arm-builder" --target "teleport" + --platform "linux/arm" --tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm" + --file "/go/build/Dockerfile" --build-arg "DEB_PATH=artifacts/deb/teleport-ent/arm/$(cat + '/go/vars/full-version/v10').deb" /go/build + - docker buildx rm "teleport-ent-v10-arm-builder" + - rm -rf "/tmp/teleport-ent-v10-arm-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport-ent" Dockerfile and DEB artifacts from APT +- name: Build teleport-ent image "teleport-ent:v10-arm64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-ent-v10-arm64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-ent-v10-arm64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-ent-v10-arm64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-ent-v10-arm64-builder" --config "/tmp/teleport-ent-v10-arm64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-ent-v10-arm64-builder" --target + "teleport" --platform "linux/arm64" --tag "drone-docker-registry:5000/teleport-ent:$(cat + '/go/vars/full-version/v10')-arm64" --file "/go/build/Dockerfile" --build-arg + "DEB_PATH=artifacts/deb/teleport-ent/arm64/$(cat '/go/vars/full-version/v10').deb" + /go/build + - docker buildx rm "teleport-ent-v10-arm64-builder" + - rm -rf "/tmp/teleport-ent-v10-arm64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport-ent" Dockerfile and DEB artifacts from APT +- name: Tag and push image "teleport-ent:v10-amd64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-amd64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-amd64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-amd64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v10-amd64" +- name: Tag and push image "teleport-ent:v10-arm" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v10-arm" +- name: Tag and push image "teleport-ent:v10-arm64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v10-arm64" +- name: Create manifest and push "teleport-ent:major" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v10-amd64" to Quay + - Tag and push image "teleport-ent:v10-arm" to Quay + - Tag and push image "teleport-ent:v10-arm64" to Quay +- name: Create manifest and push "teleport-ent:minor" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v10-amd64" to Quay + - Tag and push image "teleport-ent:v10-arm" to Quay + - Tag and push image "teleport-ent:v10-arm64" to Quay +- name: Create manifest and push "teleport-ent:canonical" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + --amend "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v10-amd64" to Quay + - Tag and push image "teleport-ent:v10-arm" to Quay + - Tag and push image "teleport-ent:v10-arm64" to Quay +- name: Tag and push image "teleport-ent:v10-amd64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v10-amd64" +- name: Tag and push image "teleport-ent:v10-arm" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v10-arm" +- name: Tag and push image "teleport-ent:v10-arm64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v10-arm64" +- name: Create manifest and push "teleport-ent:major-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v10-amd64" to ECR - staging + - Tag and push image "teleport-ent:v10-arm" to ECR - staging + - Tag and push image "teleport-ent:v10-arm64" to ECR - staging +- name: Create manifest and push "teleport-ent:minor-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v10-amd64" to ECR - staging + - Tag and push image "teleport-ent:v10-arm" to ECR - staging + - Tag and push image "teleport-ent:v10-arm64" to ECR - staging +- name: Create manifest and push "teleport-ent:canonical-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v10-amd64" to ECR - staging + - Tag and push image "teleport-ent:v10-arm" to ECR - staging + - Tag and push image "teleport-ent:v10-arm64" to ECR - staging +- name: Tag and push image "teleport-ent:v10-amd64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v10-amd64" +- name: Tag and push image "teleport-ent:v10-arm" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v10-arm" +- name: Tag and push image "teleport-ent:v10-arm64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v10')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v10-arm64" +- name: Create manifest and push "teleport-ent:major" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v10-amd64" to ECR - production + - Tag and push image "teleport-ent:v10-arm" to ECR - production + - Tag and push image "teleport-ent:v10-arm64" to ECR - production +- name: Create manifest and push "teleport-ent:minor" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v10-amd64" to ECR - production + - Tag and push image "teleport-ent:v10-arm" to ECR - production + - Tag and push image "teleport-ent:v10-arm64" to ECR - production +- name: Create manifest and push "teleport-ent:canonical" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v10-amd64" to ECR - production + - Tag and push image "teleport-ent:v10-arm" to ECR - production + - Tag and push image "teleport-ent:v10-arm64" to ECR - production +- name: Download "teleport-ent-fips" Dockerfile and DEB artifacts from APT + image: ubuntu:22.04 + commands: + - PACKAGE_NAME="teleport-ent-fips" + - PACKAGE_VERSION="$(cat '/go/vars/full-version/v10')" + - apt update + - apt install --no-install-recommends -y ca-certificates curl + - update-ca-certificates + - mkdir -pv $(dirname "/go/build/Dockerfile") + - curl -Ls -o "/go/build/Dockerfile" "https://raw.githubusercontent.com/gravitational/teleport/${DRONE_SOURCE_BRANCH:-master}/build.assets/charts/Dockerfile" + - curl https://apt.releases.teleport.dev/gpg -o "/usr/share/keyrings/teleport-archive-keyring.asc" + - . /etc/os-release + - MAJOR_VERSION=$(echo $${PACKAGE_VERSION?} | cut -d'.' -f 1) + - echo "deb [signed-by=/usr/share/keyrings/teleport-archive-keyring.asc] https://apt.releases.teleport.dev/$${ID?} + $${VERSION_CODENAME?} stable/$${MAJOR_VERSION?}" > /etc/apt/sources.list.d/teleport.list + - END_TIME=$(( $(date +%s) + 1800 )) + - TRIMMED_VERSION=$(echo $${PACKAGE_VERSION} | cut -d'v' -f 2) + - TIMED_OUT=true + - while [ $(date +%s) -lt $${END_TIME?} ]; do + - echo 'Running apt update...' + - apt update > /dev/null || true + - '[ $(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION?} | wc -l) -ge + 1 ] && TIMED_OUT=false && break;' + - echo 'Package not found yet, waiting another 15 seconds...' + - sleep 15 + - done + - '[ $${TIMED_OUT?} = true ] && echo "Timed out while looking for APT package \"$${PACKAGE_NAME}\" + matching \"$${TRIMMED_VERSION}\"" && exit 1' + - FULL_VERSION=$(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION} | + cut -d'|' -f 2 | tr -d ' ' | head -n 1) + - echo "Found APT package, downloading \"$${PACKAGE_NAME}=$${FULL_VERSION}\" for + "amd64"..." + - mkdir -pv "/tmp/apt-download" + - cd "/tmp/apt-download" + - dpkg --add-architecture "amd64" + - apt update &> /dev/null || true + - mkdir -pv "/go/build/artifacts/deb/teleport-ent-fips/amd64" + - apt download "teleport-ent-fips:amd64=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport-ent-fips/amd64/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport-ent-fips:amd64=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport-ent-fips/amd64/$(cat + '/go/vars/full-version/v10').deb" + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code +- name: Build teleport-ent-fips image "teleport-ent-fips:v10-amd64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-ent-fips-v10-amd64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-ent-fips-v10-amd64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-ent-fips-v10-amd64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-ent-fips-v10-amd64-builder" --config "/tmp/teleport-ent-fips-v10-amd64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-ent-fips-v10-amd64-builder" --target + "teleport-fips" --platform "linux/amd64" --tag "drone-docker-registry:5000/teleport-ent-fips:$(cat + '/go/vars/full-version/v10')-amd64" --file "/go/build/Dockerfile" --build-arg + "DEB_PATH=artifacts/deb/teleport-ent-fips/amd64/$(cat '/go/vars/full-version/v10').deb" + /go/build + - docker buildx rm "teleport-ent-fips-v10-amd64-builder" + - rm -rf "/tmp/teleport-ent-fips-v10-amd64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport-ent-fips" Dockerfile and DEB artifacts from APT +- name: Tag and push image "teleport-ent-fips:v10-amd64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v10')-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v10')-amd64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-fips-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v10')-amd64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-fips-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v10')-amd64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-fips-amd64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-fips-amd64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-fips-amd64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-fips-amd64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent-fips image "teleport-ent-fips:v10-amd64" +- name: Create manifest and push "teleport-ent:major-fips" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-fips" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-fips-amd64" + - docker manifest push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-fips" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v10-amd64" to Quay +- name: Create manifest and push "teleport-ent:minor-fips" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-fips" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-fips-amd64" + - docker manifest push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-fips" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v10-amd64" to Quay +- name: Create manifest and push "teleport-ent:canonical-fips" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-fips" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-fips-amd64" + - docker manifest push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-fips" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v10-amd64" to Quay +- name: Tag and push image "teleport-ent-fips:v10-amd64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v10')-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v10')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-fips-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v10')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-fips-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v10')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-fips-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-fips-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-fips-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-fips-amd64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent-fips image "teleport-ent-fips:v10-amd64" +- name: Create manifest and push "teleport-ent:major-$TIMESTAMP-fips" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-fips" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-fips-amd64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-fips" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v10-amd64" to ECR - staging +- name: Create manifest and push "teleport-ent:minor-$TIMESTAMP-fips" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-fips" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-fips-amd64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-fips" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v10-amd64" to ECR - staging +- name: Create manifest and push "teleport-ent:canonical-$TIMESTAMP-fips" to ECR - + staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-fips" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-fips-amd64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-fips" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v10-amd64" to ECR - staging +- name: Tag and push image "teleport-ent-fips:v10-amd64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v10')-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v10')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-fips-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v10')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-fips-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v10')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-fips-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-fips-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-fips-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-fips-amd64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent-fips image "teleport-ent-fips:v10-amd64" +- name: Create manifest and push "teleport-ent:major-fips" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-fips" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-fips-amd64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-fips" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v10-amd64" to ECR - production +- name: Create manifest and push "teleport-ent:minor-fips" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-fips" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-fips-amd64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-fips" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v10-amd64" to ECR - production +- name: Create manifest and push "teleport-ent:canonical-fips" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-fips" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-fips-amd64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-fips" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v10-amd64" to ECR - production +- name: Build teleport-lab image "teleport-lab:v10-amd64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/src/github.com/gravitational/teleport/docker/sshd" && cd "/go/src/github.com/gravitational/teleport/docker/sshd" + - mkdir -pv "/tmp/teleport-lab-v10-amd64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-lab-v10-amd64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-lab-v10-amd64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-lab-v10-amd64-builder" --config "/tmp/teleport-lab-v10-amd64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-lab-v10-amd64-builder" --platform + "linux/amd64" --tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-amd64" + --file "/go/src/github.com/gravitational/teleport/docker/sshd/Dockerfile" --build-arg + "BASE_IMAGE=drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-amd64" + /go/src/github.com/gravitational/teleport/docker/sshd + - docker buildx rm "teleport-lab-v10-amd64-builder" + - rm -rf "/tmp/teleport-lab-v10-amd64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code + - Build teleport image "teleport:v10-amd64" +- name: Build teleport-lab image "teleport-lab:v10-arm" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/src/github.com/gravitational/teleport/docker/sshd" && cd "/go/src/github.com/gravitational/teleport/docker/sshd" + - mkdir -pv "/tmp/teleport-lab-v10-arm-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-lab-v10-arm-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-lab-v10-arm-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-lab-v10-arm-builder" --config "/tmp/teleport-lab-v10-arm-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-lab-v10-arm-builder" --platform + "linux/arm" --tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm" + --file "/go/src/github.com/gravitational/teleport/docker/sshd/Dockerfile" --build-arg + "BASE_IMAGE=drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm" + /go/src/github.com/gravitational/teleport/docker/sshd + - docker buildx rm "teleport-lab-v10-arm-builder" + - rm -rf "/tmp/teleport-lab-v10-arm-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code + - Build teleport image "teleport:v10-arm" +- name: Build teleport-lab image "teleport-lab:v10-arm64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/src/github.com/gravitational/teleport/docker/sshd" && cd "/go/src/github.com/gravitational/teleport/docker/sshd" + - mkdir -pv "/tmp/teleport-lab-v10-arm64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-lab-v10-arm64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-lab-v10-arm64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-lab-v10-arm64-builder" --config "/tmp/teleport-lab-v10-arm64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-lab-v10-arm64-builder" --platform + "linux/arm64" --tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm64" + --file "/go/src/github.com/gravitational/teleport/docker/sshd/Dockerfile" --build-arg + "BASE_IMAGE=drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v10')-arm64" + /go/src/github.com/gravitational/teleport/docker/sshd + - docker buildx rm "teleport-lab-v10-arm64-builder" + - rm -rf "/tmp/teleport-lab-v10-arm64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code + - Build teleport image "teleport:v10-arm64" +- name: Tag and push image "teleport-lab:v10-amd64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-amd64" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-amd64" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-amd64" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v10-amd64" +- name: Tag and push image "teleport-lab:v10-arm" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v10-arm" +- name: Tag and push image "teleport-lab:v10-arm64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm64" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm64" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm64" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v10-arm64" +- name: Create manifest and push "teleport-lab:major" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v10-amd64" to Quay + - Tag and push image "teleport-lab:v10-arm" to Quay + - Tag and push image "teleport-lab:v10-arm64" to Quay +- name: Create manifest and push "teleport-lab:minor" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v10-amd64" to Quay + - Tag and push image "teleport-lab:v10-arm" to Quay + - Tag and push image "teleport-lab:v10-arm64" to Quay +- name: Create manifest and push "teleport-lab:canonical" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + --amend "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v10-amd64" to Quay + - Tag and push image "teleport-lab:v10-arm" to Quay + - Tag and push image "teleport-lab:v10-arm64" to Quay +- name: Tag and push image "teleport-lab:v10-amd64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v10-amd64" +- name: Tag and push image "teleport-lab:v10-arm" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v10-arm" +- name: Tag and push image "teleport-lab:v10-arm64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v10-arm64" +- name: Create manifest and push "teleport-lab:major-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v10-amd64" to ECR - staging + - Tag and push image "teleport-lab:v10-arm" to ECR - staging + - Tag and push image "teleport-lab:v10-arm64" to ECR - staging +- name: Create manifest and push "teleport-lab:minor-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v10-amd64" to ECR - staging + - Tag and push image "teleport-lab:v10-arm" to ECR - staging + - Tag and push image "teleport-lab:v10-arm64" to ECR - staging +- name: Create manifest and push "teleport-lab:canonical-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v10-amd64" to ECR - staging + - Tag and push image "teleport-lab:v10-arm" to ECR - staging + - Tag and push image "teleport-lab:v10-arm64" to ECR - staging +- name: Tag and push image "teleport-lab:v10-amd64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v10-amd64" +- name: Tag and push image "teleport-lab:v10-arm" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v10-arm" +- name: Tag and push image "teleport-lab:v10-arm64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v10')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v10-arm64" +- name: Create manifest and push "teleport-lab:major" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v10-amd64" to ECR - production + - Tag and push image "teleport-lab:v10-arm" to ECR - production + - Tag and push image "teleport-lab:v10-arm64" to ECR - production +- name: Create manifest and push "teleport-lab:minor" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v10-amd64" to ECR - production + - Tag and push image "teleport-lab:v10-arm" to ECR - production + - Tag and push image "teleport-lab:v10-arm64" to ECR - production +- name: Create manifest and push "teleport-lab:canonical" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v10-amd64" to ECR - production + - Tag and push image "teleport-lab:v10-arm" to ECR - production + - Tag and push image "teleport-lab:v10-arm64" to ECR - production +- name: Build teleport-operator image "teleport-operator:v10-amd64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/src/github.com/gravitational/teleport" && cd "/go/src/github.com/gravitational/teleport" + - mkdir -pv "/tmp/teleport-operator-v10-amd64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-operator-v10-amd64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-operator-v10-amd64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-operator-v10-amd64-builder" --config "/tmp/teleport-operator-v10-amd64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-operator-v10-amd64-builder" --platform + "linux/amd64" --tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-amd64" + --file "/go/src/github.com/gravitational/teleport/operator/Dockerfile" --build-arg + "COMPILER_PACKAGE=gcc-x86-64-linux-gnu" --build-arg "COMPILER_NAME=x86_64-linux-gnu-gcc" + /go/src/github.com/gravitational/teleport + - docker buildx rm "teleport-operator-v10-amd64-builder" + - rm -rf "/tmp/teleport-operator-v10-amd64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code +- name: Build teleport-operator image "teleport-operator:v10-arm" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/src/github.com/gravitational/teleport" && cd "/go/src/github.com/gravitational/teleport" + - mkdir -pv "/tmp/teleport-operator-v10-arm-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-operator-v10-arm-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-operator-v10-arm-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-operator-v10-arm-builder" --config "/tmp/teleport-operator-v10-arm-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-operator-v10-arm-builder" --platform + "linux/arm" --tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm" + --file "/go/src/github.com/gravitational/teleport/operator/Dockerfile" --build-arg + "COMPILER_PACKAGE=gcc-arm-linux-gnueabihf" --build-arg "COMPILER_NAME=arm-linux-gnueabihf-gcc" + /go/src/github.com/gravitational/teleport + - docker buildx rm "teleport-operator-v10-arm-builder" + - rm -rf "/tmp/teleport-operator-v10-arm-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code +- name: Build teleport-operator image "teleport-operator:v10-arm64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/src/github.com/gravitational/teleport" && cd "/go/src/github.com/gravitational/teleport" + - mkdir -pv "/tmp/teleport-operator-v10-arm64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-operator-v10-arm64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-operator-v10-arm64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-operator-v10-arm64-builder" --config "/tmp/teleport-operator-v10-arm64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-operator-v10-arm64-builder" --platform + "linux/arm64" --tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm64" + --file "/go/src/github.com/gravitational/teleport/operator/Dockerfile" --build-arg + "COMPILER_PACKAGE=gcc-aarch64-linux-gnu" --build-arg "COMPILER_NAME=aarch64-linux-gnu-gcc" + /go/src/github.com/gravitational/teleport + - docker buildx rm "teleport-operator-v10-arm64-builder" + - rm -rf "/tmp/teleport-operator-v10-arm64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v10 + - Wait for docker + - Wait for docker registry + - Check out code +- name: Tag and push image "teleport-operator:v10-amd64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-amd64" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-amd64" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-amd64" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v10-amd64" +- name: Tag and push image "teleport-operator:v10-arm" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v10-arm" +- name: Tag and push image "teleport-operator:v10-arm64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm64" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm64" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm64" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v10-arm64" +- name: Create manifest and push "teleport-operator:major" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v10-amd64" to Quay + - Tag and push image "teleport-operator:v10-arm" to Quay + - Tag and push image "teleport-operator:v10-arm64" to Quay +- name: Create manifest and push "teleport-operator:minor" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v10-amd64" to Quay + - Tag and push image "teleport-operator:v10-arm" to Quay + - Tag and push image "teleport-operator:v10-arm64" to Quay +- name: Create manifest and push "teleport-operator:canonical" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + --amend "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v10-amd64" to Quay + - Tag and push image "teleport-operator:v10-arm" to Quay + - Tag and push image "teleport-operator:v10-arm64" to Quay +- name: Tag and push image "teleport-operator:v10-amd64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v10-amd64" +- name: Tag and push image "teleport-operator:v10-arm" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v10-arm" +- name: Tag and push image "teleport-operator:v10-arm64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v10-arm64" +- name: Create manifest and push "teleport-operator:major-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v10-amd64" to ECR - staging + - Tag and push image "teleport-operator:v10-arm" to ECR - staging + - Tag and push image "teleport-operator:v10-arm64" to ECR - staging +- name: Create manifest and push "teleport-operator:minor-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v10-amd64" to ECR - staging + - Tag and push image "teleport-operator:v10-arm" to ECR - staging + - Tag and push image "teleport-operator:v10-arm64" to ECR - staging +- name: Create manifest and push "teleport-operator:canonical-$TIMESTAMP" to ECR - + staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v10-amd64" to ECR - staging + - Tag and push image "teleport-operator:v10-arm" to ECR - staging + - Tag and push image "teleport-operator:v10-arm64" to ECR - staging +- name: Tag and push image "teleport-operator:v10-amd64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v10-amd64" +- name: Tag and push image "teleport-operator:v10-arm" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v10-arm" +- name: Tag and push image "teleport-operator:v10-arm64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v10')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v10-arm64" +- name: Create manifest and push "teleport-operator:major" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v10-amd64" to ECR - production + - Tag and push image "teleport-operator:v10-arm" to ECR - production + - Tag and push image "teleport-operator:v10-arm64" to ECR - production +- name: Create manifest and push "teleport-operator:minor" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v10-amd64" to ECR - production + - Tag and push image "teleport-operator:v10-arm" to ECR - production + - Tag and push image "teleport-operator:v10-arm64" to ECR - production +- name: Create manifest and push "teleport-operator:canonical" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat + '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v10') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v10') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v10-amd64" to ECR - production + - Tag and push image "teleport-operator:v10-arm" to ECR - production + - Tag and push image "teleport-operator:v10-arm64" to ECR - production +services: +- name: Start Docker + image: docker:dind + privileged: true + volumes: + - name: dockersock + path: /var/run +- name: drone-docker-registry + image: registry:2 + privileged: false + volumes: [] +volumes: +- name: dockersock + temp: {} + +--- +################################################ +# Generated using dronegen, do not edit by hand! +# Use 'make dronegen' to update. +# Generated at dronegen/container_images.go:228 +################################################ + +kind: pipeline +type: kubernetes +name: teleport-container-images-previous-version-1-cron +environment: + DEBIAN_FRONTEND: noninteractive +trigger: + cron: + include: + - teleport-container-images-cron + repo: + include: + - gravitational/teleport +workspace: + path: /go +clone: + disable: true +steps: +- name: Find the latest available semver for v9 + image: golang:1.18 + commands: + - mkdir -pv "/tmp/teleport" + - cd "/tmp/teleport" + - git init + - git remote add origin ${DRONE_REMOTE_URL} + - git fetch origin + - git checkout -qf "branch/v9" + - mkdir -pv "/go/vars/full-version" + - cd "/tmp/teleport/build.assets/tooling/cmd/query-latest" + - go run . "v9" > "/go/vars/full-version/v9" + - echo Found full semver "$(cat "/go/vars/full-version/v9")" for major version "v9" +- name: Wait for docker + image: docker + commands: + - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v9 +- name: Wait for docker registry + image: alpine + commands: + - apk add curl + - timeout 30s /bin/sh -c 'while [ "$(curl -s -o /dev/null -w %{http_code} http://drone-docker-registry:5000/)" + != "200" ]; do sleep 1; done' + depends_on: + - Find the latest available semver for v9 + - Wait for docker +- name: Check out code + image: alpine/git:latest + commands: + - mkdir -pv "/go/src/github.com/gravitational/teleport" + - cd "/go/src/github.com/gravitational/teleport" + - git init + - git remote add origin ${DRONE_REMOTE_URL} + - git fetch origin + - git checkout -qf "$(cat '/go/vars/full-version/v9')" + depends_on: + - Find the latest available semver for v9 + - Wait for docker + - Wait for docker registry +- name: Download "teleport" Dockerfile and DEB artifacts from APT + image: ubuntu:22.04 + commands: + - PACKAGE_NAME="teleport" + - PACKAGE_VERSION="$(cat '/go/vars/full-version/v9')" + - apt update + - apt install --no-install-recommends -y ca-certificates curl + - update-ca-certificates + - mkdir -pv $(dirname "/go/build/Dockerfile") + - curl -Ls -o "/go/build/Dockerfile" "https://raw.githubusercontent.com/gravitational/teleport/${DRONE_SOURCE_BRANCH:-master}/build.assets/charts/Dockerfile" + - curl https://apt.releases.teleport.dev/gpg -o "/usr/share/keyrings/teleport-archive-keyring.asc" + - . /etc/os-release + - MAJOR_VERSION=$(echo $${PACKAGE_VERSION?} | cut -d'.' -f 1) + - echo "deb [signed-by=/usr/share/keyrings/teleport-archive-keyring.asc] https://apt.releases.teleport.dev/$${ID?} + $${VERSION_CODENAME?} stable/$${MAJOR_VERSION?}" > /etc/apt/sources.list.d/teleport.list + - END_TIME=$(( $(date +%s) + 1800 )) + - TRIMMED_VERSION=$(echo $${PACKAGE_VERSION} | cut -d'v' -f 2) + - TIMED_OUT=true + - while [ $(date +%s) -lt $${END_TIME?} ]; do + - echo 'Running apt update...' + - apt update > /dev/null || true + - '[ $(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION?} | wc -l) -ge + 1 ] && TIMED_OUT=false && break;' + - echo 'Package not found yet, waiting another 15 seconds...' + - sleep 15 + - done + - '[ $${TIMED_OUT?} = true ] && echo "Timed out while looking for APT package \"$${PACKAGE_NAME}\" + matching \"$${TRIMMED_VERSION}\"" && exit 1' + - FULL_VERSION=$(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION} | + cut -d'|' -f 2 | tr -d ' ' | head -n 1) + - echo "Found APT package, downloading \"$${PACKAGE_NAME}=$${FULL_VERSION}\" for + "amd64\", \"arm\", \"arm64"..." + - mkdir -pv "/tmp/apt-download" + - cd "/tmp/apt-download" + - dpkg --add-architecture "amd64" + - dpkg --add-architecture "armhf" + - dpkg --add-architecture "arm64" + - apt update &> /dev/null || true + - mkdir -pv "/go/build/artifacts/deb/teleport/amd64" + - apt download "teleport:amd64=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport/amd64/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport:amd64=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport/amd64/$(cat + '/go/vars/full-version/v9').deb" + - mkdir -pv "/go/build/artifacts/deb/teleport/arm" + - apt download "teleport:armhf=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport/arm/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport:armhf=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport/arm/$(cat + '/go/vars/full-version/v9').deb" + - mkdir -pv "/go/build/artifacts/deb/teleport/arm64" + - apt download "teleport:arm64=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport/arm64/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport:arm64=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport/arm64/$(cat + '/go/vars/full-version/v9').deb" + depends_on: + - Find the latest available semver for v9 + - Wait for docker + - Wait for docker registry + - Check out code +- name: Build teleport image "teleport:v9-amd64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-v9-amd64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-v9-amd64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-v9-amd64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-v9-amd64-builder" --config "/tmp/teleport-v9-amd64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-v9-amd64-builder" --target "teleport" + --platform "linux/amd64" --tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-amd64" + --file "/go/build/Dockerfile" --build-arg "DEB_PATH=artifacts/deb/teleport/amd64/$(cat + '/go/vars/full-version/v9').deb" /go/build + - docker buildx rm "teleport-v9-amd64-builder" + - rm -rf "/tmp/teleport-v9-amd64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v9 + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport" Dockerfile and DEB artifacts from APT +- name: Build teleport image "teleport:v9-arm" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-v9-arm-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-v9-arm-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-v9-arm-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-v9-arm-builder" --config "/tmp/teleport-v9-arm-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-v9-arm-builder" --target "teleport" + --platform "linux/arm" --tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-arm" + --file "/go/build/Dockerfile" --build-arg "DEB_PATH=artifacts/deb/teleport/arm/$(cat + '/go/vars/full-version/v9').deb" /go/build + - docker buildx rm "teleport-v9-arm-builder" + - rm -rf "/tmp/teleport-v9-arm-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v9 + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport" Dockerfile and DEB artifacts from APT +- name: Build teleport image "teleport:v9-arm64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-v9-arm64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-v9-arm64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-v9-arm64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-v9-arm64-builder" --config "/tmp/teleport-v9-arm64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-v9-arm64-builder" --target "teleport" + --platform "linux/arm64" --tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-arm64" + --file "/go/build/Dockerfile" --build-arg "DEB_PATH=artifacts/deb/teleport/arm64/$(cat + '/go/vars/full-version/v9').deb" /go/build + - docker buildx rm "teleport-v9-arm64-builder" + - rm -rf "/tmp/teleport-v9-arm64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v9 + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport" Dockerfile and DEB artifacts from APT +- name: Tag and push image "teleport:v9-amd64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-amd64" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v9') | sed + 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-amd64" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v9') | sed + 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-amd64" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v9') | sed + 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v9-amd64" +- name: Tag and push image "teleport:v9-arm" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-arm" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v9') | sed + 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-arm" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v9') | sed + 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-arm" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v9') | sed + 's/v//' | cut -d'.' -f 1)-arm" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v9-arm" +- name: Tag and push image "teleport:v9-arm64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-arm64" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v9') | sed + 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-arm64" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v9') | sed + 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-arm64" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v9') | sed + 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v9-arm64" +- name: Create manifest and push "teleport:major" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)" --amend "quay.io/fred_heinecke/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v9') | sed + 's/v//' | cut -d'.' -f 1)-arm" --amend "quay.io/fred_heinecke/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v9-amd64" to Quay + - Tag and push image "teleport:v9-arm" to Quay + - Tag and push image "teleport:v9-arm64" to Quay +- name: Create manifest and push "teleport:minor" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "quay.io/fred_heinecke/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v9') | sed + 's/v//' | cut -d'.' -f 1,2)-arm" --amend "quay.io/fred_heinecke/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v9-amd64" to Quay + - Tag and push image "teleport:v9-arm" to Quay + - Tag and push image "teleport:v9-arm64" to Quay +- name: Create manifest and push "teleport:canonical" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "quay.io/fred_heinecke/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" --amend + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v9') | sed + 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "quay.io/fred_heinecke/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v9-amd64" to Quay + - Tag and push image "teleport:v9-arm" to Quay + - Tag and push image "teleport:v9-arm64" to Quay +- name: Tag and push image "teleport:v9-amd64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v9-amd64" +- name: Tag and push image "teleport:v9-arm" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v9-arm" +- name: Tag and push image "teleport:v9-arm64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v9-arm64" +- name: Create manifest and push "teleport:major-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v9-amd64" to ECR - staging + - Tag and push image "teleport:v9-arm" to ECR - staging + - Tag and push image "teleport:v9-arm64" to ECR - staging +- name: Create manifest and push "teleport:minor-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v9-amd64" to ECR - staging + - Tag and push image "teleport:v9-arm" to ECR - staging + - Tag and push image "teleport:v9-arm64" to ECR - staging +- name: Create manifest and push "teleport:canonical-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v9-amd64" to ECR - staging + - Tag and push image "teleport:v9-arm" to ECR - staging + - Tag and push image "teleport:v9-arm64" to ECR - staging +- name: Tag and push image "teleport:v9-amd64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-amd64" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') | sed + 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-amd64" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') | sed + 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-amd64" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') | sed + 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v9-amd64" +- name: Tag and push image "teleport:v9-arm" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-arm" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') | sed + 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-arm" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') | sed + 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-arm" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') | sed + 's/v//' | cut -d'.' -f 1)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v9-arm" +- name: Tag and push image "teleport:v9-arm64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-arm64" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') | sed + 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-arm64" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') | sed + 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-arm64" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') | sed + 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v9-arm64" +- name: Create manifest and push "teleport:major" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') | sed + 's/v//' | cut -d'.' -f 1)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v9-amd64" to ECR - production + - Tag and push image "teleport:v9-arm" to ECR - production + - Tag and push image "teleport:v9-arm64" to ECR - production +- name: Create manifest and push "teleport:minor" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') | sed + 's/v//' | cut -d'.' -f 1,2)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v9-amd64" to ECR - production + - Tag and push image "teleport:v9-arm" to ECR - production + - Tag and push image "teleport:v9-arm64" to ECR - production +- name: Create manifest and push "teleport:canonical" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') | sed + 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v9-amd64" to ECR - production + - Tag and push image "teleport:v9-arm" to ECR - production + - Tag and push image "teleport:v9-arm64" to ECR - production +- name: Download "teleport-ent" Dockerfile and DEB artifacts from APT + image: ubuntu:22.04 + commands: + - PACKAGE_NAME="teleport-ent" + - PACKAGE_VERSION="$(cat '/go/vars/full-version/v9')" + - apt update + - apt install --no-install-recommends -y ca-certificates curl + - update-ca-certificates + - mkdir -pv $(dirname "/go/build/Dockerfile") + - curl -Ls -o "/go/build/Dockerfile" "https://raw.githubusercontent.com/gravitational/teleport/${DRONE_SOURCE_BRANCH:-master}/build.assets/charts/Dockerfile" + - curl https://apt.releases.teleport.dev/gpg -o "/usr/share/keyrings/teleport-archive-keyring.asc" + - . /etc/os-release + - MAJOR_VERSION=$(echo $${PACKAGE_VERSION?} | cut -d'.' -f 1) + - echo "deb [signed-by=/usr/share/keyrings/teleport-archive-keyring.asc] https://apt.releases.teleport.dev/$${ID?} + $${VERSION_CODENAME?} stable/$${MAJOR_VERSION?}" > /etc/apt/sources.list.d/teleport.list + - END_TIME=$(( $(date +%s) + 1800 )) + - TRIMMED_VERSION=$(echo $${PACKAGE_VERSION} | cut -d'v' -f 2) + - TIMED_OUT=true + - while [ $(date +%s) -lt $${END_TIME?} ]; do + - echo 'Running apt update...' + - apt update > /dev/null || true + - '[ $(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION?} | wc -l) -ge + 1 ] && TIMED_OUT=false && break;' + - echo 'Package not found yet, waiting another 15 seconds...' + - sleep 15 + - done + - '[ $${TIMED_OUT?} = true ] && echo "Timed out while looking for APT package \"$${PACKAGE_NAME}\" + matching \"$${TRIMMED_VERSION}\"" && exit 1' + - FULL_VERSION=$(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION} | + cut -d'|' -f 2 | tr -d ' ' | head -n 1) + - echo "Found APT package, downloading \"$${PACKAGE_NAME}=$${FULL_VERSION}\" for + "amd64\", \"arm\", \"arm64"..." + - mkdir -pv "/tmp/apt-download" + - cd "/tmp/apt-download" + - dpkg --add-architecture "amd64" + - dpkg --add-architecture "armhf" + - dpkg --add-architecture "arm64" + - apt update &> /dev/null || true + - mkdir -pv "/go/build/artifacts/deb/teleport-ent/amd64" + - apt download "teleport-ent:amd64=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport-ent/amd64/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport-ent:amd64=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport-ent/amd64/$(cat + '/go/vars/full-version/v9').deb" + - mkdir -pv "/go/build/artifacts/deb/teleport-ent/arm" + - apt download "teleport-ent:armhf=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport-ent/arm/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport-ent:armhf=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport-ent/arm/$(cat + '/go/vars/full-version/v9').deb" + - mkdir -pv "/go/build/artifacts/deb/teleport-ent/arm64" + - apt download "teleport-ent:arm64=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport-ent/arm64/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport-ent:arm64=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport-ent/arm64/$(cat + '/go/vars/full-version/v9').deb" + depends_on: + - Find the latest available semver for v9 + - Wait for docker + - Wait for docker registry + - Check out code +- name: Build teleport-ent image "teleport-ent:v9-amd64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-ent-v9-amd64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-ent-v9-amd64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-ent-v9-amd64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-ent-v9-amd64-builder" --config "/tmp/teleport-ent-v9-amd64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-ent-v9-amd64-builder" --target + "teleport" --platform "linux/amd64" --tag "drone-docker-registry:5000/teleport-ent:$(cat + '/go/vars/full-version/v9')-amd64" --file "/go/build/Dockerfile" --build-arg "DEB_PATH=artifacts/deb/teleport-ent/amd64/$(cat + '/go/vars/full-version/v9').deb" /go/build + - docker buildx rm "teleport-ent-v9-amd64-builder" + - rm -rf "/tmp/teleport-ent-v9-amd64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v9 + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport-ent" Dockerfile and DEB artifacts from APT +- name: Build teleport-ent image "teleport-ent:v9-arm" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-ent-v9-arm-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-ent-v9-arm-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-ent-v9-arm-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-ent-v9-arm-builder" --config "/tmp/teleport-ent-v9-arm-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-ent-v9-arm-builder" --target "teleport" + --platform "linux/arm" --tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-arm" + --file "/go/build/Dockerfile" --build-arg "DEB_PATH=artifacts/deb/teleport-ent/arm/$(cat + '/go/vars/full-version/v9').deb" /go/build + - docker buildx rm "teleport-ent-v9-arm-builder" + - rm -rf "/tmp/teleport-ent-v9-arm-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v9 + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport-ent" Dockerfile and DEB artifacts from APT +- name: Build teleport-ent image "teleport-ent:v9-arm64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-ent-v9-arm64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-ent-v9-arm64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-ent-v9-arm64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-ent-v9-arm64-builder" --config "/tmp/teleport-ent-v9-arm64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-ent-v9-arm64-builder" --target + "teleport" --platform "linux/arm64" --tag "drone-docker-registry:5000/teleport-ent:$(cat + '/go/vars/full-version/v9')-arm64" --file "/go/build/Dockerfile" --build-arg "DEB_PATH=artifacts/deb/teleport-ent/arm64/$(cat + '/go/vars/full-version/v9').deb" /go/build + - docker buildx rm "teleport-ent-v9-arm64-builder" + - rm -rf "/tmp/teleport-ent-v9-arm64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v9 + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport-ent" Dockerfile and DEB artifacts from APT +- name: Tag and push image "teleport-ent:v9-amd64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-amd64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') | + sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-amd64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') | + sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-amd64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') | + sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v9-amd64" +- name: Tag and push image "teleport-ent:v9-arm" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-arm" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') | + sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-arm" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') | + sed 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-arm" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') | + sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v9-arm" +- name: Tag and push image "teleport-ent:v9-arm64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-arm64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') | + sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-arm64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') | + sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-arm64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') | + sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v9-arm64" +- name: Create manifest and push "teleport-ent:major" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') | + sed 's/v//' | cut -d'.' -f 1)-arm" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v9-amd64" to Quay + - Tag and push image "teleport-ent:v9-arm" to Quay + - Tag and push image "teleport-ent:v9-arm64" to Quay +- name: Create manifest and push "teleport-ent:minor" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') | + sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v9-amd64" to Quay + - Tag and push image "teleport-ent:v9-arm" to Quay + - Tag and push image "teleport-ent:v9-arm64" to Quay +- name: Create manifest and push "teleport-ent:canonical" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" --amend + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') | + sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v9-amd64" to Quay + - Tag and push image "teleport-ent:v9-arm" to Quay + - Tag and push image "teleport-ent:v9-arm64" to Quay +- name: Tag and push image "teleport-ent:v9-amd64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v9-amd64" +- name: Tag and push image "teleport-ent:v9-arm" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v9-arm" +- name: Tag and push image "teleport-ent:v9-arm64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v9-arm64" +- name: Create manifest and push "teleport-ent:major-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v9-amd64" to ECR - staging + - Tag and push image "teleport-ent:v9-arm" to ECR - staging + - Tag and push image "teleport-ent:v9-arm64" to ECR - staging +- name: Create manifest and push "teleport-ent:minor-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v9-amd64" to ECR - staging + - Tag and push image "teleport-ent:v9-arm" to ECR - staging + - Tag and push image "teleport-ent:v9-arm64" to ECR - staging +- name: Create manifest and push "teleport-ent:canonical-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v9-amd64" to ECR - staging + - Tag and push image "teleport-ent:v9-arm" to ECR - staging + - Tag and push image "teleport-ent:v9-arm64" to ECR - staging +- name: Tag and push image "teleport-ent:v9-amd64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v9-amd64" +- name: Tag and push image "teleport-ent:v9-arm" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-arm" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-arm" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-arm" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v9-arm" +- name: Tag and push image "teleport-ent:v9-arm64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v9')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v9-arm64" +- name: Create manifest and push "teleport-ent:major" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v9-amd64" to ECR - production + - Tag and push image "teleport-ent:v9-arm" to ECR - production + - Tag and push image "teleport-ent:v9-arm64" to ECR - production +- name: Create manifest and push "teleport-ent:minor" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v9-amd64" to ECR - production + - Tag and push image "teleport-ent:v9-arm" to ECR - production + - Tag and push image "teleport-ent:v9-arm64" to ECR - production +- name: Create manifest and push "teleport-ent:canonical" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v9-amd64" to ECR - production + - Tag and push image "teleport-ent:v9-arm" to ECR - production + - Tag and push image "teleport-ent:v9-arm64" to ECR - production +- name: Download "teleport-ent-fips" Dockerfile and DEB artifacts from APT + image: ubuntu:22.04 + commands: + - PACKAGE_NAME="teleport-ent-fips" + - PACKAGE_VERSION="$(cat '/go/vars/full-version/v9')" + - apt update + - apt install --no-install-recommends -y ca-certificates curl + - update-ca-certificates + - mkdir -pv $(dirname "/go/build/Dockerfile") + - curl -Ls -o "/go/build/Dockerfile" "https://raw.githubusercontent.com/gravitational/teleport/${DRONE_SOURCE_BRANCH:-master}/build.assets/charts/Dockerfile" + - curl https://apt.releases.teleport.dev/gpg -o "/usr/share/keyrings/teleport-archive-keyring.asc" + - . /etc/os-release + - MAJOR_VERSION=$(echo $${PACKAGE_VERSION?} | cut -d'.' -f 1) + - echo "deb [signed-by=/usr/share/keyrings/teleport-archive-keyring.asc] https://apt.releases.teleport.dev/$${ID?} + $${VERSION_CODENAME?} stable/$${MAJOR_VERSION?}" > /etc/apt/sources.list.d/teleport.list + - END_TIME=$(( $(date +%s) + 1800 )) + - TRIMMED_VERSION=$(echo $${PACKAGE_VERSION} | cut -d'v' -f 2) + - TIMED_OUT=true + - while [ $(date +%s) -lt $${END_TIME?} ]; do + - echo 'Running apt update...' + - apt update > /dev/null || true + - '[ $(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION?} | wc -l) -ge + 1 ] && TIMED_OUT=false && break;' + - echo 'Package not found yet, waiting another 15 seconds...' + - sleep 15 + - done + - '[ $${TIMED_OUT?} = true ] && echo "Timed out while looking for APT package \"$${PACKAGE_NAME}\" + matching \"$${TRIMMED_VERSION}\"" && exit 1' + - FULL_VERSION=$(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION} | + cut -d'|' -f 2 | tr -d ' ' | head -n 1) + - echo "Found APT package, downloading \"$${PACKAGE_NAME}=$${FULL_VERSION}\" for + "amd64"..." + - mkdir -pv "/tmp/apt-download" + - cd "/tmp/apt-download" + - dpkg --add-architecture "amd64" + - apt update &> /dev/null || true + - mkdir -pv "/go/build/artifacts/deb/teleport-ent-fips/amd64" + - apt download "teleport-ent-fips:amd64=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport-ent-fips/amd64/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport-ent-fips:amd64=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport-ent-fips/amd64/$(cat + '/go/vars/full-version/v9').deb" + depends_on: + - Find the latest available semver for v9 + - Wait for docker + - Wait for docker registry + - Check out code +- name: Build teleport-ent-fips image "teleport-ent-fips:v9-amd64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-ent-fips-v9-amd64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-ent-fips-v9-amd64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-ent-fips-v9-amd64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-ent-fips-v9-amd64-builder" --config "/tmp/teleport-ent-fips-v9-amd64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-ent-fips-v9-amd64-builder" --target + "teleport-fips" --platform "linux/amd64" --tag "drone-docker-registry:5000/teleport-ent-fips:$(cat + '/go/vars/full-version/v9')-amd64" --file "/go/build/Dockerfile" --build-arg "DEB_PATH=artifacts/deb/teleport-ent-fips/amd64/$(cat + '/go/vars/full-version/v9').deb" /go/build + - docker buildx rm "teleport-ent-fips-v9-amd64-builder" + - rm -rf "/tmp/teleport-ent-fips-v9-amd64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v9 + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport-ent-fips" Dockerfile and DEB artifacts from APT +- name: Tag and push image "teleport-ent-fips:v9-amd64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v9')-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v9')-amd64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') | + sed 's/v//' | cut -d'.' -f 1)-fips-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v9')-amd64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') | + sed 's/v//' | cut -d'.' -f 1,2)-fips-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v9')-amd64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') | + sed 's/v//' | cut -d'.' -f 1,2,3)-fips-amd64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-fips-amd64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-fips-amd64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-fips-amd64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent-fips image "teleport-ent-fips:v9-amd64" +- name: Create manifest and push "teleport-ent:major-fips" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-fips" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-fips-amd64" + - docker manifest push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-fips" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v9-amd64" to Quay +- name: Create manifest and push "teleport-ent:minor-fips" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-fips" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-fips-amd64" + - docker manifest push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-fips" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v9-amd64" to Quay +- name: Create manifest and push "teleport-ent:canonical-fips" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-fips" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-fips-amd64" + - docker manifest push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-fips" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v9-amd64" to Quay +- name: Tag and push image "teleport-ent-fips:v9-amd64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v9')-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v9')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-fips-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v9')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-fips-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v9')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-fips-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-fips-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-fips-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-fips-amd64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent-fips image "teleport-ent-fips:v9-amd64" +- name: Create manifest and push "teleport-ent:major-$TIMESTAMP-fips" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-fips" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-fips-amd64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-fips" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v9-amd64" to ECR - staging +- name: Create manifest and push "teleport-ent:minor-$TIMESTAMP-fips" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-fips" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-fips-amd64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-fips" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v9-amd64" to ECR - staging +- name: Create manifest and push "teleport-ent:canonical-$TIMESTAMP-fips" to ECR - + staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-fips" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-fips-amd64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-fips" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v9-amd64" to ECR - staging +- name: Tag and push image "teleport-ent-fips:v9-amd64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v9')-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v9')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-fips-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v9')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-fips-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v9')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-fips-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-fips-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-fips-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-fips-amd64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent-fips image "teleport-ent-fips:v9-amd64" +- name: Create manifest and push "teleport-ent:major-fips" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-fips" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-fips-amd64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-fips" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v9-amd64" to ECR - production +- name: Create manifest and push "teleport-ent:minor-fips" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-fips" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-fips-amd64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-fips" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v9-amd64" to ECR - production +- name: Create manifest and push "teleport-ent:canonical-fips" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-fips" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-fips-amd64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-fips" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v9-amd64" to ECR - production +- name: Build teleport-lab image "teleport-lab:v9-amd64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/src/github.com/gravitational/teleport/docker/sshd" && cd "/go/src/github.com/gravitational/teleport/docker/sshd" + - mkdir -pv "/tmp/teleport-lab-v9-amd64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-lab-v9-amd64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-lab-v9-amd64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-lab-v9-amd64-builder" --config "/tmp/teleport-lab-v9-amd64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-lab-v9-amd64-builder" --platform + "linux/amd64" --tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-amd64" + --file "/go/src/github.com/gravitational/teleport/docker/sshd/Dockerfile" --build-arg + "BASE_IMAGE=drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-amd64" + /go/src/github.com/gravitational/teleport/docker/sshd + - docker buildx rm "teleport-lab-v9-amd64-builder" + - rm -rf "/tmp/teleport-lab-v9-amd64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v9 + - Wait for docker + - Wait for docker registry + - Check out code + - Build teleport image "teleport:v9-amd64" +- name: Build teleport-lab image "teleport-lab:v9-arm" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/src/github.com/gravitational/teleport/docker/sshd" && cd "/go/src/github.com/gravitational/teleport/docker/sshd" + - mkdir -pv "/tmp/teleport-lab-v9-arm-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-lab-v9-arm-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-lab-v9-arm-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-lab-v9-arm-builder" --config "/tmp/teleport-lab-v9-arm-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-lab-v9-arm-builder" --platform + "linux/arm" --tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-arm" + --file "/go/src/github.com/gravitational/teleport/docker/sshd/Dockerfile" --build-arg + "BASE_IMAGE=drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-arm" + /go/src/github.com/gravitational/teleport/docker/sshd + - docker buildx rm "teleport-lab-v9-arm-builder" + - rm -rf "/tmp/teleport-lab-v9-arm-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v9 + - Wait for docker + - Wait for docker registry + - Check out code + - Build teleport image "teleport:v9-arm" +- name: Build teleport-lab image "teleport-lab:v9-arm64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/src/github.com/gravitational/teleport/docker/sshd" && cd "/go/src/github.com/gravitational/teleport/docker/sshd" + - mkdir -pv "/tmp/teleport-lab-v9-arm64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-lab-v9-arm64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-lab-v9-arm64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-lab-v9-arm64-builder" --config "/tmp/teleport-lab-v9-arm64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-lab-v9-arm64-builder" --platform + "linux/arm64" --tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-arm64" + --file "/go/src/github.com/gravitational/teleport/docker/sshd/Dockerfile" --build-arg + "BASE_IMAGE=drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v9')-arm64" + /go/src/github.com/gravitational/teleport/docker/sshd + - docker buildx rm "teleport-lab-v9-arm64-builder" + - rm -rf "/tmp/teleport-lab-v9-arm64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v9 + - Wait for docker + - Wait for docker registry + - Check out code + - Build teleport image "teleport:v9-arm64" +- name: Tag and push image "teleport-lab:v9-amd64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-amd64" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') | + sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-amd64" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') | + sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-amd64" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') | + sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v9-amd64" +- name: Tag and push image "teleport-lab:v9-arm" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-arm" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') | + sed 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-arm" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') | + sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-arm" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') | + sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v9-arm" +- name: Tag and push image "teleport-lab:v9-arm64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-arm64" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') | + sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-arm64" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') | + sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-arm64" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') | + sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v9-arm64" +- name: Create manifest and push "teleport-lab:major" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') | + sed 's/v//' | cut -d'.' -f 1)-arm" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v9-amd64" to Quay + - Tag and push image "teleport-lab:v9-arm" to Quay + - Tag and push image "teleport-lab:v9-arm64" to Quay +- name: Create manifest and push "teleport-lab:minor" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') | + sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v9-amd64" to Quay + - Tag and push image "teleport-lab:v9-arm" to Quay + - Tag and push image "teleport-lab:v9-arm64" to Quay +- name: Create manifest and push "teleport-lab:canonical" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" --amend + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') | + sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v9-amd64" to Quay + - Tag and push image "teleport-lab:v9-arm" to Quay + - Tag and push image "teleport-lab:v9-arm64" to Quay +- name: Tag and push image "teleport-lab:v9-amd64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v9-amd64" +- name: Tag and push image "teleport-lab:v9-arm" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v9-arm" +- name: Tag and push image "teleport-lab:v9-arm64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v9-arm64" +- name: Create manifest and push "teleport-lab:major-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v9-amd64" to ECR - staging + - Tag and push image "teleport-lab:v9-arm" to ECR - staging + - Tag and push image "teleport-lab:v9-arm64" to ECR - staging +- name: Create manifest and push "teleport-lab:minor-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v9-amd64" to ECR - staging + - Tag and push image "teleport-lab:v9-arm" to ECR - staging + - Tag and push image "teleport-lab:v9-arm64" to ECR - staging +- name: Create manifest and push "teleport-lab:canonical-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v9-amd64" to ECR - staging + - Tag and push image "teleport-lab:v9-arm" to ECR - staging + - Tag and push image "teleport-lab:v9-arm64" to ECR - staging +- name: Tag and push image "teleport-lab:v9-amd64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v9-amd64" +- name: Tag and push image "teleport-lab:v9-arm" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-arm" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-arm" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-arm" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v9-arm" +- name: Tag and push image "teleport-lab:v9-arm64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v9')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v9-arm64" +- name: Create manifest and push "teleport-lab:major" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v9-amd64" to ECR - production + - Tag and push image "teleport-lab:v9-arm" to ECR - production + - Tag and push image "teleport-lab:v9-arm64" to ECR - production +- name: Create manifest and push "teleport-lab:minor" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v9-amd64" to ECR - production + - Tag and push image "teleport-lab:v9-arm" to ECR - production + - Tag and push image "teleport-lab:v9-arm64" to ECR - production +- name: Create manifest and push "teleport-lab:canonical" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v9-amd64" to ECR - production + - Tag and push image "teleport-lab:v9-arm" to ECR - production + - Tag and push image "teleport-lab:v9-arm64" to ECR - production +- name: Build teleport-operator image "teleport-operator:v9-amd64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/src/github.com/gravitational/teleport" && cd "/go/src/github.com/gravitational/teleport" + - mkdir -pv "/tmp/teleport-operator-v9-amd64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-operator-v9-amd64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-operator-v9-amd64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-operator-v9-amd64-builder" --config "/tmp/teleport-operator-v9-amd64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-operator-v9-amd64-builder" --platform + "linux/amd64" --tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-amd64" + --file "/go/src/github.com/gravitational/teleport/operator/Dockerfile" --build-arg + "COMPILER_PACKAGE=gcc-x86-64-linux-gnu" --build-arg "COMPILER_NAME=x86_64-linux-gnu-gcc" + /go/src/github.com/gravitational/teleport + - docker buildx rm "teleport-operator-v9-amd64-builder" + - rm -rf "/tmp/teleport-operator-v9-amd64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v9 + - Wait for docker + - Wait for docker registry + - Check out code +- name: Build teleport-operator image "teleport-operator:v9-arm" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/src/github.com/gravitational/teleport" && cd "/go/src/github.com/gravitational/teleport" + - mkdir -pv "/tmp/teleport-operator-v9-arm-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-operator-v9-arm-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-operator-v9-arm-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-operator-v9-arm-builder" --config "/tmp/teleport-operator-v9-arm-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-operator-v9-arm-builder" --platform + "linux/arm" --tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-arm" + --file "/go/src/github.com/gravitational/teleport/operator/Dockerfile" --build-arg + "COMPILER_PACKAGE=gcc-arm-linux-gnueabihf" --build-arg "COMPILER_NAME=arm-linux-gnueabihf-gcc" + /go/src/github.com/gravitational/teleport + - docker buildx rm "teleport-operator-v9-arm-builder" + - rm -rf "/tmp/teleport-operator-v9-arm-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v9 + - Wait for docker + - Wait for docker registry + - Check out code +- name: Build teleport-operator image "teleport-operator:v9-arm64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/src/github.com/gravitational/teleport" && cd "/go/src/github.com/gravitational/teleport" + - mkdir -pv "/tmp/teleport-operator-v9-arm64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-operator-v9-arm64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-operator-v9-arm64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-operator-v9-arm64-builder" --config "/tmp/teleport-operator-v9-arm64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-operator-v9-arm64-builder" --platform + "linux/arm64" --tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-arm64" + --file "/go/src/github.com/gravitational/teleport/operator/Dockerfile" --build-arg + "COMPILER_PACKAGE=gcc-aarch64-linux-gnu" --build-arg "COMPILER_NAME=aarch64-linux-gnu-gcc" + /go/src/github.com/gravitational/teleport + - docker buildx rm "teleport-operator-v9-arm64-builder" + - rm -rf "/tmp/teleport-operator-v9-arm64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v9 + - Wait for docker + - Wait for docker registry + - Check out code +- name: Tag and push image "teleport-operator:v9-amd64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-amd64" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-amd64" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-amd64" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v9-amd64" +- name: Tag and push image "teleport-operator:v9-arm" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-arm" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-arm" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-arm" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v9-arm" +- name: Tag and push image "teleport-operator:v9-arm64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-arm64" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-arm64" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-arm64" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v9-arm64" +- name: Create manifest and push "teleport-operator:major" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-arm" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v9-amd64" to Quay + - Tag and push image "teleport-operator:v9-arm" to Quay + - Tag and push image "teleport-operator:v9-arm64" to Quay +- name: Create manifest and push "teleport-operator:minor" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v9-amd64" to Quay + - Tag and push image "teleport-operator:v9-arm" to Quay + - Tag and push image "teleport-operator:v9-arm64" to Quay +- name: Create manifest and push "teleport-operator:canonical" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" --amend + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v9-amd64" to Quay + - Tag and push image "teleport-operator:v9-arm" to Quay + - Tag and push image "teleport-operator:v9-arm64" to Quay +- name: Tag and push image "teleport-operator:v9-amd64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v9-amd64" +- name: Tag and push image "teleport-operator:v9-arm" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v9-arm" +- name: Tag and push image "teleport-operator:v9-arm64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v9-arm64" +- name: Create manifest and push "teleport-operator:major-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v9-amd64" to ECR - staging + - Tag and push image "teleport-operator:v9-arm" to ECR - staging + - Tag and push image "teleport-operator:v9-arm64" to ECR - staging +- name: Create manifest and push "teleport-operator:minor-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v9-amd64" to ECR - staging + - Tag and push image "teleport-operator:v9-arm" to ECR - staging + - Tag and push image "teleport-operator:v9-arm64" to ECR - staging +- name: Create manifest and push "teleport-operator:canonical-$TIMESTAMP" to ECR - + staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v9-amd64" to ECR - staging + - Tag and push image "teleport-operator:v9-arm" to ECR - staging + - Tag and push image "teleport-operator:v9-arm64" to ECR - staging +- name: Tag and push image "teleport-operator:v9-amd64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v9-amd64" +- name: Tag and push image "teleport-operator:v9-arm" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-arm" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-arm" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-arm" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v9-arm" +- name: Tag and push image "teleport-operator:v9-arm64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v9')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v9-arm64" +- name: Create manifest and push "teleport-operator:major" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat + '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v9-amd64" to ECR - production + - Tag and push image "teleport-operator:v9-arm" to ECR - production + - Tag and push image "teleport-operator:v9-arm64" to ECR - production +- name: Create manifest and push "teleport-operator:minor" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat + '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v9-amd64" to ECR - production + - Tag and push image "teleport-operator:v9-arm" to ECR - production + - Tag and push image "teleport-operator:v9-arm64" to ECR - production +- name: Create manifest and push "teleport-operator:canonical" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat + '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v9') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v9') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v9-amd64" to ECR - production + - Tag and push image "teleport-operator:v9-arm" to ECR - production + - Tag and push image "teleport-operator:v9-arm64" to ECR - production +services: +- name: Start Docker + image: docker:dind + privileged: true + volumes: + - name: dockersock + path: /var/run +- name: drone-docker-registry + image: registry:2 + privileged: false + volumes: [] +volumes: +- name: dockersock + temp: {} + +--- +################################################ +# Generated using dronegen, do not edit by hand! +# Use 'make dronegen' to update. +# Generated at dronegen/container_images.go:228 +################################################ + +kind: pipeline +type: kubernetes +name: teleport-container-images-previous-version-2-cron +environment: + DEBIAN_FRONTEND: noninteractive +trigger: + cron: + include: + - teleport-container-images-cron + repo: + include: + - gravitational/teleport +workspace: + path: /go +clone: + disable: true +steps: +- name: Find the latest available semver for v8 + image: golang:1.18 + commands: + - mkdir -pv "/tmp/teleport" + - cd "/tmp/teleport" + - git init + - git remote add origin ${DRONE_REMOTE_URL} + - git fetch origin + - git checkout -qf "branch/v8" + - mkdir -pv "/go/vars/full-version" + - cd "/tmp/teleport/build.assets/tooling/cmd/query-latest" + - go run . "v8" > "/go/vars/full-version/v8" + - echo Found full semver "$(cat "/go/vars/full-version/v8")" for major version "v8" +- name: Wait for docker + image: docker + commands: + - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v8 +- name: Wait for docker registry + image: alpine + commands: + - apk add curl + - timeout 30s /bin/sh -c 'while [ "$(curl -s -o /dev/null -w %{http_code} http://drone-docker-registry:5000/)" + != "200" ]; do sleep 1; done' + depends_on: + - Find the latest available semver for v8 + - Wait for docker +- name: Check out code + image: alpine/git:latest + commands: + - mkdir -pv "/go/src/github.com/gravitational/teleport" + - cd "/go/src/github.com/gravitational/teleport" + - git init + - git remote add origin ${DRONE_REMOTE_URL} + - git fetch origin + - git checkout -qf "$(cat '/go/vars/full-version/v8')" + depends_on: + - Find the latest available semver for v8 + - Wait for docker + - Wait for docker registry +- name: Download "teleport" Dockerfile and DEB artifacts from APT + image: ubuntu:22.04 + commands: + - PACKAGE_NAME="teleport" + - PACKAGE_VERSION="$(cat '/go/vars/full-version/v8')" + - apt update + - apt install --no-install-recommends -y ca-certificates curl + - update-ca-certificates + - mkdir -pv $(dirname "/go/build/Dockerfile") + - curl -Ls -o "/go/build/Dockerfile" "https://raw.githubusercontent.com/gravitational/teleport/${DRONE_SOURCE_BRANCH:-master}/build.assets/charts/Dockerfile" + - curl https://apt.releases.teleport.dev/gpg -o "/usr/share/keyrings/teleport-archive-keyring.asc" + - . /etc/os-release + - MAJOR_VERSION=$(echo $${PACKAGE_VERSION?} | cut -d'.' -f 1) + - echo "deb [signed-by=/usr/share/keyrings/teleport-archive-keyring.asc] https://apt.releases.teleport.dev/$${ID?} + $${VERSION_CODENAME?} stable/$${MAJOR_VERSION?}" > /etc/apt/sources.list.d/teleport.list + - END_TIME=$(( $(date +%s) + 1800 )) + - TRIMMED_VERSION=$(echo $${PACKAGE_VERSION} | cut -d'v' -f 2) + - TIMED_OUT=true + - while [ $(date +%s) -lt $${END_TIME?} ]; do + - echo 'Running apt update...' + - apt update > /dev/null || true + - '[ $(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION?} | wc -l) -ge + 1 ] && TIMED_OUT=false && break;' + - echo 'Package not found yet, waiting another 15 seconds...' + - sleep 15 + - done + - '[ $${TIMED_OUT?} = true ] && echo "Timed out while looking for APT package \"$${PACKAGE_NAME}\" + matching \"$${TRIMMED_VERSION}\"" && exit 1' + - FULL_VERSION=$(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION} | + cut -d'|' -f 2 | tr -d ' ' | head -n 1) + - echo "Found APT package, downloading \"$${PACKAGE_NAME}=$${FULL_VERSION}\" for + "amd64\", \"arm\", \"arm64"..." + - mkdir -pv "/tmp/apt-download" + - cd "/tmp/apt-download" + - dpkg --add-architecture "amd64" + - dpkg --add-architecture "armhf" + - dpkg --add-architecture "arm64" + - apt update &> /dev/null || true + - mkdir -pv "/go/build/artifacts/deb/teleport/amd64" + - apt download "teleport:amd64=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport/amd64/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport:amd64=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport/amd64/$(cat + '/go/vars/full-version/v8').deb" + - mkdir -pv "/go/build/artifacts/deb/teleport/arm" + - apt download "teleport:armhf=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport/arm/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport:armhf=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport/arm/$(cat + '/go/vars/full-version/v8').deb" + - mkdir -pv "/go/build/artifacts/deb/teleport/arm64" + - apt download "teleport:arm64=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport/arm64/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport:arm64=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport/arm64/$(cat + '/go/vars/full-version/v8').deb" + depends_on: + - Find the latest available semver for v8 + - Wait for docker + - Wait for docker registry + - Check out code +- name: Build teleport image "teleport:v8-amd64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-v8-amd64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-v8-amd64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-v8-amd64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-v8-amd64-builder" --config "/tmp/teleport-v8-amd64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-v8-amd64-builder" --target "teleport" + --platform "linux/amd64" --tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-amd64" + --file "/go/build/Dockerfile" --build-arg "DEB_PATH=artifacts/deb/teleport/amd64/$(cat + '/go/vars/full-version/v8').deb" /go/build + - docker buildx rm "teleport-v8-amd64-builder" + - rm -rf "/tmp/teleport-v8-amd64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v8 + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport" Dockerfile and DEB artifacts from APT +- name: Build teleport image "teleport:v8-arm" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-v8-arm-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-v8-arm-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-v8-arm-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-v8-arm-builder" --config "/tmp/teleport-v8-arm-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-v8-arm-builder" --target "teleport" + --platform "linux/arm" --tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-arm" + --file "/go/build/Dockerfile" --build-arg "DEB_PATH=artifacts/deb/teleport/arm/$(cat + '/go/vars/full-version/v8').deb" /go/build + - docker buildx rm "teleport-v8-arm-builder" + - rm -rf "/tmp/teleport-v8-arm-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v8 + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport" Dockerfile and DEB artifacts from APT +- name: Build teleport image "teleport:v8-arm64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-v8-arm64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-v8-arm64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-v8-arm64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-v8-arm64-builder" --config "/tmp/teleport-v8-arm64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-v8-arm64-builder" --target "teleport" + --platform "linux/arm64" --tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-arm64" + --file "/go/build/Dockerfile" --build-arg "DEB_PATH=artifacts/deb/teleport/arm64/$(cat + '/go/vars/full-version/v8').deb" /go/build + - docker buildx rm "teleport-v8-arm64-builder" + - rm -rf "/tmp/teleport-v8-arm64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v8 + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport" Dockerfile and DEB artifacts from APT +- name: Tag and push image "teleport:v8-amd64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-amd64" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v8') | sed + 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-amd64" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v8') | sed + 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-amd64" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v8') | sed + 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v8-amd64" +- name: Tag and push image "teleport:v8-arm" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-arm" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v8') | sed + 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-arm" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v8') | sed + 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-arm" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v8') | sed + 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v8-arm" +- name: Tag and push image "teleport:v8-arm64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-arm64" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v8') | sed + 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-arm64" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v8') | sed + 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-arm64" + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v8') | sed + 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v8-arm64" +- name: Create manifest and push "teleport:major" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)" --amend "quay.io/fred_heinecke/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v8') | sed + 's/v//' | cut -d'.' -f 1)-arm" --amend "quay.io/fred_heinecke/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v8-amd64" to Quay + - Tag and push image "teleport:v8-arm" to Quay + - Tag and push image "teleport:v8-arm64" to Quay +- name: Create manifest and push "teleport:minor" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "quay.io/fred_heinecke/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v8') | sed + 's/v//' | cut -d'.' -f 1,2)-arm" --amend "quay.io/fred_heinecke/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v8-amd64" to Quay + - Tag and push image "teleport:v8-arm" to Quay + - Tag and push image "teleport:v8-arm64" to Quay +- name: Create manifest and push "teleport:canonical" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "quay.io/fred_heinecke/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" --amend + "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v8') | sed + 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "quay.io/fred_heinecke/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v8-amd64" to Quay + - Tag and push image "teleport:v8-arm" to Quay + - Tag and push image "teleport:v8-arm64" to Quay +- name: Tag and push image "teleport:v8-amd64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v8-amd64" +- name: Tag and push image "teleport:v8-arm" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v8-arm" +- name: Tag and push image "teleport:v8-arm64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v8-arm64" +- name: Create manifest and push "teleport:major-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v8-amd64" to ECR - staging + - Tag and push image "teleport:v8-arm" to ECR - staging + - Tag and push image "teleport:v8-arm64" to ECR - staging +- name: Create manifest and push "teleport:minor-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v8-amd64" to ECR - staging + - Tag and push image "teleport:v8-arm" to ECR - staging + - Tag and push image "teleport:v8-arm64" to ECR - staging +- name: Create manifest and push "teleport:canonical-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v8-amd64" to ECR - staging + - Tag and push image "teleport:v8-arm" to ECR - staging + - Tag and push image "teleport:v8-arm64" to ECR - staging +- name: Tag and push image "teleport:v8-amd64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-amd64" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') | sed + 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-amd64" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') | sed + 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-amd64" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') | sed + 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v8-amd64" +- name: Tag and push image "teleport:v8-arm" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-arm" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') | sed + 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-arm" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') | sed + 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-arm" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') | sed + 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v8-arm" +- name: Tag and push image "teleport:v8-arm64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-arm64" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') | sed + 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-arm64" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') | sed + 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-arm64" + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') | sed + 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v8-arm64" +- name: Create manifest and push "teleport:major" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') | sed + 's/v//' | cut -d'.' -f 1)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v8-amd64" to ECR - production + - Tag and push image "teleport:v8-arm" to ECR - production + - Tag and push image "teleport:v8-arm64" to ECR - production +- name: Create manifest and push "teleport:minor" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') | sed + 's/v//' | cut -d'.' -f 1,2)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v8-amd64" to ECR - production + - Tag and push image "teleport:v8-arm" to ECR - production + - Tag and push image "teleport:v8-arm64" to ECR - production +- name: Create manifest and push "teleport:canonical" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') | sed + 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v8-amd64" to ECR - production + - Tag and push image "teleport:v8-arm" to ECR - production + - Tag and push image "teleport:v8-arm64" to ECR - production +- name: Download "teleport-ent" Dockerfile and DEB artifacts from APT + image: ubuntu:22.04 + commands: + - PACKAGE_NAME="teleport-ent" + - PACKAGE_VERSION="$(cat '/go/vars/full-version/v8')" + - apt update + - apt install --no-install-recommends -y ca-certificates curl + - update-ca-certificates + - mkdir -pv $(dirname "/go/build/Dockerfile") + - curl -Ls -o "/go/build/Dockerfile" "https://raw.githubusercontent.com/gravitational/teleport/${DRONE_SOURCE_BRANCH:-master}/build.assets/charts/Dockerfile" + - curl https://apt.releases.teleport.dev/gpg -o "/usr/share/keyrings/teleport-archive-keyring.asc" + - . /etc/os-release + - MAJOR_VERSION=$(echo $${PACKAGE_VERSION?} | cut -d'.' -f 1) + - echo "deb [signed-by=/usr/share/keyrings/teleport-archive-keyring.asc] https://apt.releases.teleport.dev/$${ID?} + $${VERSION_CODENAME?} stable/$${MAJOR_VERSION?}" > /etc/apt/sources.list.d/teleport.list + - END_TIME=$(( $(date +%s) + 1800 )) + - TRIMMED_VERSION=$(echo $${PACKAGE_VERSION} | cut -d'v' -f 2) + - TIMED_OUT=true + - while [ $(date +%s) -lt $${END_TIME?} ]; do + - echo 'Running apt update...' + - apt update > /dev/null || true + - '[ $(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION?} | wc -l) -ge + 1 ] && TIMED_OUT=false && break;' + - echo 'Package not found yet, waiting another 15 seconds...' + - sleep 15 + - done + - '[ $${TIMED_OUT?} = true ] && echo "Timed out while looking for APT package \"$${PACKAGE_NAME}\" + matching \"$${TRIMMED_VERSION}\"" && exit 1' + - FULL_VERSION=$(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION} | + cut -d'|' -f 2 | tr -d ' ' | head -n 1) + - echo "Found APT package, downloading \"$${PACKAGE_NAME}=$${FULL_VERSION}\" for + "amd64\", \"arm\", \"arm64"..." + - mkdir -pv "/tmp/apt-download" + - cd "/tmp/apt-download" + - dpkg --add-architecture "amd64" + - dpkg --add-architecture "armhf" + - dpkg --add-architecture "arm64" + - apt update &> /dev/null || true + - mkdir -pv "/go/build/artifacts/deb/teleport-ent/amd64" + - apt download "teleport-ent:amd64=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport-ent/amd64/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport-ent:amd64=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport-ent/amd64/$(cat + '/go/vars/full-version/v8').deb" + - mkdir -pv "/go/build/artifacts/deb/teleport-ent/arm" + - apt download "teleport-ent:armhf=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport-ent/arm/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport-ent:armhf=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport-ent/arm/$(cat + '/go/vars/full-version/v8').deb" + - mkdir -pv "/go/build/artifacts/deb/teleport-ent/arm64" + - apt download "teleport-ent:arm64=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport-ent/arm64/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport-ent:arm64=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport-ent/arm64/$(cat + '/go/vars/full-version/v8').deb" + depends_on: + - Find the latest available semver for v8 + - Wait for docker + - Wait for docker registry + - Check out code +- name: Build teleport-ent image "teleport-ent:v8-amd64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-ent-v8-amd64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-ent-v8-amd64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-ent-v8-amd64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-ent-v8-amd64-builder" --config "/tmp/teleport-ent-v8-amd64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-ent-v8-amd64-builder" --target + "teleport" --platform "linux/amd64" --tag "drone-docker-registry:5000/teleport-ent:$(cat + '/go/vars/full-version/v8')-amd64" --file "/go/build/Dockerfile" --build-arg "DEB_PATH=artifacts/deb/teleport-ent/amd64/$(cat + '/go/vars/full-version/v8').deb" /go/build + - docker buildx rm "teleport-ent-v8-amd64-builder" + - rm -rf "/tmp/teleport-ent-v8-amd64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v8 + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport-ent" Dockerfile and DEB artifacts from APT +- name: Build teleport-ent image "teleport-ent:v8-arm" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-ent-v8-arm-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-ent-v8-arm-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-ent-v8-arm-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-ent-v8-arm-builder" --config "/tmp/teleport-ent-v8-arm-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-ent-v8-arm-builder" --target "teleport" + --platform "linux/arm" --tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-arm" + --file "/go/build/Dockerfile" --build-arg "DEB_PATH=artifacts/deb/teleport-ent/arm/$(cat + '/go/vars/full-version/v8').deb" /go/build + - docker buildx rm "teleport-ent-v8-arm-builder" + - rm -rf "/tmp/teleport-ent-v8-arm-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v8 + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport-ent" Dockerfile and DEB artifacts from APT +- name: Build teleport-ent image "teleport-ent:v8-arm64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-ent-v8-arm64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-ent-v8-arm64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-ent-v8-arm64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-ent-v8-arm64-builder" --config "/tmp/teleport-ent-v8-arm64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-ent-v8-arm64-builder" --target + "teleport" --platform "linux/arm64" --tag "drone-docker-registry:5000/teleport-ent:$(cat + '/go/vars/full-version/v8')-arm64" --file "/go/build/Dockerfile" --build-arg "DEB_PATH=artifacts/deb/teleport-ent/arm64/$(cat + '/go/vars/full-version/v8').deb" /go/build + - docker buildx rm "teleport-ent-v8-arm64-builder" + - rm -rf "/tmp/teleport-ent-v8-arm64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v8 + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport-ent" Dockerfile and DEB artifacts from APT +- name: Tag and push image "teleport-ent:v8-amd64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-amd64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') | + sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-amd64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') | + sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-amd64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') | + sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v8-amd64" +- name: Tag and push image "teleport-ent:v8-arm" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-arm" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') | + sed 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-arm" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') | + sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-arm" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') | + sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v8-arm" +- name: Tag and push image "teleport-ent:v8-arm64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-arm64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') | + sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-arm64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') | + sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-arm64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') | + sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v8-arm64" +- name: Create manifest and push "teleport-ent:major" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') | + sed 's/v//' | cut -d'.' -f 1)-arm" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v8-amd64" to Quay + - Tag and push image "teleport-ent:v8-arm" to Quay + - Tag and push image "teleport-ent:v8-arm64" to Quay +- name: Create manifest and push "teleport-ent:minor" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') | + sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v8-amd64" to Quay + - Tag and push image "teleport-ent:v8-arm" to Quay + - Tag and push image "teleport-ent:v8-arm64" to Quay +- name: Create manifest and push "teleport-ent:canonical" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" --amend + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') | + sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v8-amd64" to Quay + - Tag and push image "teleport-ent:v8-arm" to Quay + - Tag and push image "teleport-ent:v8-arm64" to Quay +- name: Tag and push image "teleport-ent:v8-amd64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v8-amd64" +- name: Tag and push image "teleport-ent:v8-arm" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v8-arm" +- name: Tag and push image "teleport-ent:v8-arm64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v8-arm64" +- name: Create manifest and push "teleport-ent:major-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v8-amd64" to ECR - staging + - Tag and push image "teleport-ent:v8-arm" to ECR - staging + - Tag and push image "teleport-ent:v8-arm64" to ECR - staging +- name: Create manifest and push "teleport-ent:minor-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v8-amd64" to ECR - staging + - Tag and push image "teleport-ent:v8-arm" to ECR - staging + - Tag and push image "teleport-ent:v8-arm64" to ECR - staging +- name: Create manifest and push "teleport-ent:canonical-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v8-amd64" to ECR - staging + - Tag and push image "teleport-ent:v8-arm" to ECR - staging + - Tag and push image "teleport-ent:v8-arm64" to ECR - staging +- name: Tag and push image "teleport-ent:v8-amd64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v8-amd64" +- name: Tag and push image "teleport-ent:v8-arm" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-arm" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-arm" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-arm" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v8-arm" +- name: Tag and push image "teleport-ent:v8-arm64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$(cat '/go/vars/full-version/v8')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v8-arm64" +- name: Create manifest and push "teleport-ent:major" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v8-amd64" to ECR - production + - Tag and push image "teleport-ent:v8-arm" to ECR - production + - Tag and push image "teleport-ent:v8-arm64" to ECR - production +- name: Create manifest and push "teleport-ent:minor" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v8-amd64" to ECR - production + - Tag and push image "teleport-ent:v8-arm" to ECR - production + - Tag and push image "teleport-ent:v8-arm64" to ECR - production +- name: Create manifest and push "teleport-ent:canonical" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v8-amd64" to ECR - production + - Tag and push image "teleport-ent:v8-arm" to ECR - production + - Tag and push image "teleport-ent:v8-arm64" to ECR - production +- name: Download "teleport-ent-fips" Dockerfile and DEB artifacts from APT + image: ubuntu:22.04 + commands: + - PACKAGE_NAME="teleport-ent-fips" + - PACKAGE_VERSION="$(cat '/go/vars/full-version/v8')" + - apt update + - apt install --no-install-recommends -y ca-certificates curl + - update-ca-certificates + - mkdir -pv $(dirname "/go/build/Dockerfile") + - curl -Ls -o "/go/build/Dockerfile" "https://raw.githubusercontent.com/gravitational/teleport/${DRONE_SOURCE_BRANCH:-master}/build.assets/charts/Dockerfile" + - curl https://apt.releases.teleport.dev/gpg -o "/usr/share/keyrings/teleport-archive-keyring.asc" + - . /etc/os-release + - MAJOR_VERSION=$(echo $${PACKAGE_VERSION?} | cut -d'.' -f 1) + - echo "deb [signed-by=/usr/share/keyrings/teleport-archive-keyring.asc] https://apt.releases.teleport.dev/$${ID?} + $${VERSION_CODENAME?} stable/$${MAJOR_VERSION?}" > /etc/apt/sources.list.d/teleport.list + - END_TIME=$(( $(date +%s) + 1800 )) + - TRIMMED_VERSION=$(echo $${PACKAGE_VERSION} | cut -d'v' -f 2) + - TIMED_OUT=true + - while [ $(date +%s) -lt $${END_TIME?} ]; do + - echo 'Running apt update...' + - apt update > /dev/null || true + - '[ $(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION?} | wc -l) -ge + 1 ] && TIMED_OUT=false && break;' + - echo 'Package not found yet, waiting another 15 seconds...' + - sleep 15 + - done + - '[ $${TIMED_OUT?} = true ] && echo "Timed out while looking for APT package \"$${PACKAGE_NAME}\" + matching \"$${TRIMMED_VERSION}\"" && exit 1' + - FULL_VERSION=$(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION} | + cut -d'|' -f 2 | tr -d ' ' | head -n 1) + - echo "Found APT package, downloading \"$${PACKAGE_NAME}=$${FULL_VERSION}\" for + "amd64"..." + - mkdir -pv "/tmp/apt-download" + - cd "/tmp/apt-download" + - dpkg --add-architecture "amd64" + - apt update &> /dev/null || true + - mkdir -pv "/go/build/artifacts/deb/teleport-ent-fips/amd64" + - apt download "teleport-ent-fips:amd64=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport-ent-fips/amd64/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport-ent-fips:amd64=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport-ent-fips/amd64/$(cat + '/go/vars/full-version/v8').deb" + depends_on: + - Find the latest available semver for v8 + - Wait for docker + - Wait for docker registry + - Check out code +- name: Build teleport-ent-fips image "teleport-ent-fips:v8-amd64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-ent-fips-v8-amd64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-ent-fips-v8-amd64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-ent-fips-v8-amd64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-ent-fips-v8-amd64-builder" --config "/tmp/teleport-ent-fips-v8-amd64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-ent-fips-v8-amd64-builder" --target + "teleport-fips" --platform "linux/amd64" --tag "drone-docker-registry:5000/teleport-ent-fips:$(cat + '/go/vars/full-version/v8')-amd64" --file "/go/build/Dockerfile" --build-arg "DEB_PATH=artifacts/deb/teleport-ent-fips/amd64/$(cat + '/go/vars/full-version/v8').deb" /go/build + - docker buildx rm "teleport-ent-fips-v8-amd64-builder" + - rm -rf "/tmp/teleport-ent-fips-v8-amd64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v8 + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport-ent-fips" Dockerfile and DEB artifacts from APT +- name: Tag and push image "teleport-ent-fips:v8-amd64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v8')-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v8')-amd64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') | + sed 's/v//' | cut -d'.' -f 1,2)-fips-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v8')-amd64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') | + sed 's/v//' | cut -d'.' -f 1,2,3)-fips-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v8')-amd64" + "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') | + sed 's/v//' | cut -d'.' -f 1)-fips-amd64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-fips-amd64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-fips-amd64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-fips-amd64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent-fips image "teleport-ent-fips:v8-amd64" +- name: Create manifest and push "teleport-ent:major-fips" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-fips" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-fips-amd64" + - docker manifest push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-fips" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v8-amd64" to Quay +- name: Create manifest and push "teleport-ent:minor-fips" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-fips" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-fips-amd64" + - docker manifest push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-fips" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v8-amd64" to Quay +- name: Create manifest and push "teleport-ent:canonical-fips" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-fips" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-fips-amd64" + - docker manifest push "quay.io/fred_heinecke/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-fips" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v8-amd64" to Quay +- name: Tag and push image "teleport-ent-fips:v8-amd64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v8')-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v8')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-fips-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v8')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-fips-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v8')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo $(cat + '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-fips-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-fips-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-fips-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-fips-amd64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent-fips image "teleport-ent-fips:v8-amd64" +- name: Create manifest and push "teleport-ent:major-$TIMESTAMP-fips" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-fips" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-fips-amd64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-fips" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v8-amd64" to ECR - staging +- name: Create manifest and push "teleport-ent:minor-$TIMESTAMP-fips" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-fips" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-fips-amd64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-fips" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v8-amd64" to ECR - staging +- name: Create manifest and push "teleport-ent:canonical-$TIMESTAMP-fips" to ECR - + staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-fips" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-fips-amd64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-fips" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v8-amd64" to ECR - staging +- name: Tag and push image "teleport-ent-fips:v8-amd64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v8')-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v8')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-fips-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v8')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-fips-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$(cat '/go/vars/full-version/v8')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-fips-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-fips-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-fips-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-fips-amd64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent-fips image "teleport-ent-fips:v8-amd64" +- name: Create manifest and push "teleport-ent:major-fips" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-fips" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-fips-amd64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-fips" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v8-amd64" to ECR - production +- name: Create manifest and push "teleport-ent:minor-fips" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-fips" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-fips-amd64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-fips" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v8-amd64" to ECR - production +- name: Create manifest and push "teleport-ent:canonical-fips" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-fips" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-fips-amd64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-fips" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v8-amd64" to ECR - production +- name: Build teleport-lab image "teleport-lab:v8-amd64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/src/github.com/gravitational/teleport/docker/sshd" && cd "/go/src/github.com/gravitational/teleport/docker/sshd" + - mkdir -pv "/tmp/teleport-lab-v8-amd64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-lab-v8-amd64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-lab-v8-amd64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-lab-v8-amd64-builder" --config "/tmp/teleport-lab-v8-amd64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-lab-v8-amd64-builder" --platform + "linux/amd64" --tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-amd64" + --file "/go/src/github.com/gravitational/teleport/docker/sshd/Dockerfile" --build-arg + "BASE_IMAGE=drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-amd64" + /go/src/github.com/gravitational/teleport/docker/sshd + - docker buildx rm "teleport-lab-v8-amd64-builder" + - rm -rf "/tmp/teleport-lab-v8-amd64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v8 + - Wait for docker + - Wait for docker registry + - Check out code + - Build teleport image "teleport:v8-amd64" +- name: Build teleport-lab image "teleport-lab:v8-arm" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/src/github.com/gravitational/teleport/docker/sshd" && cd "/go/src/github.com/gravitational/teleport/docker/sshd" + - mkdir -pv "/tmp/teleport-lab-v8-arm-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-lab-v8-arm-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-lab-v8-arm-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-lab-v8-arm-builder" --config "/tmp/teleport-lab-v8-arm-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-lab-v8-arm-builder" --platform + "linux/arm" --tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-arm" + --file "/go/src/github.com/gravitational/teleport/docker/sshd/Dockerfile" --build-arg + "BASE_IMAGE=drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-arm" + /go/src/github.com/gravitational/teleport/docker/sshd + - docker buildx rm "teleport-lab-v8-arm-builder" + - rm -rf "/tmp/teleport-lab-v8-arm-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v8 + - Wait for docker + - Wait for docker registry + - Check out code + - Build teleport image "teleport:v8-arm" +- name: Build teleport-lab image "teleport-lab:v8-arm64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/src/github.com/gravitational/teleport/docker/sshd" && cd "/go/src/github.com/gravitational/teleport/docker/sshd" + - mkdir -pv "/tmp/teleport-lab-v8-arm64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-lab-v8-arm64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-lab-v8-arm64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-lab-v8-arm64-builder" --config "/tmp/teleport-lab-v8-arm64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-lab-v8-arm64-builder" --platform + "linux/arm64" --tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-arm64" + --file "/go/src/github.com/gravitational/teleport/docker/sshd/Dockerfile" --build-arg + "BASE_IMAGE=drone-docker-registry:5000/teleport:$(cat '/go/vars/full-version/v8')-arm64" + /go/src/github.com/gravitational/teleport/docker/sshd + - docker buildx rm "teleport-lab-v8-arm64-builder" + - rm -rf "/tmp/teleport-lab-v8-arm64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v8 + - Wait for docker + - Wait for docker registry + - Check out code + - Build teleport image "teleport:v8-arm64" +- name: Tag and push image "teleport-lab:v8-amd64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-amd64" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') | + sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-amd64" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') | + sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-amd64" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') | + sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v8-amd64" +- name: Tag and push image "teleport-lab:v8-arm" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-arm" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') | + sed 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-arm" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') | + sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-arm" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') | + sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v8-arm" +- name: Tag and push image "teleport-lab:v8-arm64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-arm64" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') | + sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-arm64" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') | + sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-arm64" + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') | + sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v8-arm64" +- name: Create manifest and push "teleport-lab:major" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') | + sed 's/v//' | cut -d'.' -f 1)-arm" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v8-amd64" to Quay + - Tag and push image "teleport-lab:v8-arm" to Quay + - Tag and push image "teleport-lab:v8-arm64" to Quay +- name: Create manifest and push "teleport-lab:minor" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') | + sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v8-amd64" to Quay + - Tag and push image "teleport-lab:v8-arm" to Quay + - Tag and push image "teleport-lab:v8-arm64" to Quay +- name: Create manifest and push "teleport-lab:canonical" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" --amend + "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') | + sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v8-amd64" to Quay + - Tag and push image "teleport-lab:v8-arm" to Quay + - Tag and push image "teleport-lab:v8-arm64" to Quay +- name: Tag and push image "teleport-lab:v8-amd64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v8-amd64" +- name: Tag and push image "teleport-lab:v8-arm" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v8-arm" +- name: Tag and push image "teleport-lab:v8-arm64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo $(cat + '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v8-arm64" +- name: Create manifest and push "teleport-lab:major-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v8-amd64" to ECR - staging + - Tag and push image "teleport-lab:v8-arm" to ECR - staging + - Tag and push image "teleport-lab:v8-arm64" to ECR - staging +- name: Create manifest and push "teleport-lab:minor-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v8-amd64" to ECR - staging + - Tag and push image "teleport-lab:v8-arm" to ECR - staging + - Tag and push image "teleport-lab:v8-arm64" to ECR - staging +- name: Create manifest and push "teleport-lab:canonical-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v8-amd64" to ECR - staging + - Tag and push image "teleport-lab:v8-arm" to ECR - staging + - Tag and push image "teleport-lab:v8-arm64" to ECR - staging +- name: Tag and push image "teleport-lab:v8-amd64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v8-amd64" +- name: Tag and push image "teleport-lab:v8-arm" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-arm" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-arm" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-arm" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v8-arm" +- name: Tag and push image "teleport-lab:v8-arm64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$(cat '/go/vars/full-version/v8')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v8-arm64" +- name: Create manifest and push "teleport-lab:major" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v8-amd64" to ECR - production + - Tag and push image "teleport-lab:v8-arm" to ECR - production + - Tag and push image "teleport-lab:v8-arm64" to ECR - production +- name: Create manifest and push "teleport-lab:minor" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v8-amd64" to ECR - production + - Tag and push image "teleport-lab:v8-arm" to ECR - production + - Tag and push image "teleport-lab:v8-arm64" to ECR - production +- name: Create manifest and push "teleport-lab:canonical" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v8-amd64" to ECR - production + - Tag and push image "teleport-lab:v8-arm" to ECR - production + - Tag and push image "teleport-lab:v8-arm64" to ECR - production +- name: Build teleport-operator image "teleport-operator:v8-amd64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/src/github.com/gravitational/teleport" && cd "/go/src/github.com/gravitational/teleport" + - mkdir -pv "/tmp/teleport-operator-v8-amd64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-operator-v8-amd64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-operator-v8-amd64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-operator-v8-amd64-builder" --config "/tmp/teleport-operator-v8-amd64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-operator-v8-amd64-builder" --platform + "linux/amd64" --tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-amd64" + --file "/go/src/github.com/gravitational/teleport/operator/Dockerfile" --build-arg + "COMPILER_PACKAGE=gcc-x86-64-linux-gnu" --build-arg "COMPILER_NAME=x86_64-linux-gnu-gcc" + /go/src/github.com/gravitational/teleport + - docker buildx rm "teleport-operator-v8-amd64-builder" + - rm -rf "/tmp/teleport-operator-v8-amd64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v8 + - Wait for docker + - Wait for docker registry + - Check out code +- name: Build teleport-operator image "teleport-operator:v8-arm" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/src/github.com/gravitational/teleport" && cd "/go/src/github.com/gravitational/teleport" + - mkdir -pv "/tmp/teleport-operator-v8-arm-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-operator-v8-arm-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-operator-v8-arm-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-operator-v8-arm-builder" --config "/tmp/teleport-operator-v8-arm-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-operator-v8-arm-builder" --platform + "linux/arm" --tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-arm" + --file "/go/src/github.com/gravitational/teleport/operator/Dockerfile" --build-arg + "COMPILER_PACKAGE=gcc-arm-linux-gnueabihf" --build-arg "COMPILER_NAME=arm-linux-gnueabihf-gcc" + /go/src/github.com/gravitational/teleport + - docker buildx rm "teleport-operator-v8-arm-builder" + - rm -rf "/tmp/teleport-operator-v8-arm-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v8 + - Wait for docker + - Wait for docker registry + - Check out code +- name: Build teleport-operator image "teleport-operator:v8-arm64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/src/github.com/gravitational/teleport" && cd "/go/src/github.com/gravitational/teleport" + - mkdir -pv "/tmp/teleport-operator-v8-arm64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-operator-v8-arm64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-operator-v8-arm64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-operator-v8-arm64-builder" --config "/tmp/teleport-operator-v8-arm64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-operator-v8-arm64-builder" --platform + "linux/arm64" --tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-arm64" + --file "/go/src/github.com/gravitational/teleport/operator/Dockerfile" --build-arg + "COMPILER_PACKAGE=gcc-aarch64-linux-gnu" --build-arg "COMPILER_NAME=aarch64-linux-gnu-gcc" + /go/src/github.com/gravitational/teleport + - docker buildx rm "teleport-operator-v8-arm64-builder" + - rm -rf "/tmp/teleport-operator-v8-arm64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Find the latest available semver for v8 + - Wait for docker + - Wait for docker registry + - Check out code +- name: Tag and push image "teleport-operator:v8-amd64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-amd64" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-amd64" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-amd64" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v8-amd64" +- name: Tag and push image "teleport-operator:v8-arm" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-arm" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-arm" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-arm" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v8-arm" +- name: Tag and push image "teleport-operator:v8-arm64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-arm64" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-arm64" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-arm64" + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v8-arm64" +- name: Create manifest and push "teleport-operator:major" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-arm" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v8-amd64" to Quay + - Tag and push image "teleport-operator:v8-arm" to Quay + - Tag and push image "teleport-operator:v8-arm64" to Quay +- name: Create manifest and push "teleport-operator:minor" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v8-amd64" to Quay + - Tag and push image "teleport-operator:v8-arm" to Quay + - Tag and push image "teleport-operator:v8-arm64" to Quay +- name: Create manifest and push "teleport-operator:canonical" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" --amend + "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v8-amd64" to Quay + - Tag and push image "teleport-operator:v8-arm" to Quay + - Tag and push image "teleport-operator:v8-arm64" to Quay +- name: Tag and push image "teleport-operator:v8-amd64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-amd64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v8-amd64" +- name: Tag and push image "teleport-operator:v8-arm" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-arm" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v8-arm" +- name: Tag and push image "teleport-operator:v8-arm64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-arm64" + "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v8-arm64" +- name: Create manifest and push "teleport-operator:major-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v8-amd64" to ECR - staging + - Tag and push image "teleport-operator:v8-arm" to ECR - staging + - Tag and push image "teleport-operator:v8-arm64" to ECR - staging +- name: Create manifest and push "teleport-operator:minor-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v8-amd64" to ECR - staging + - Tag and push image "teleport-operator:v8-arm" to ECR - staging + - Tag and push image "teleport-operator:v8-arm64" to ECR - staging +- name: Create manifest and push "teleport-operator:canonical-$TIMESTAMP" to ECR - + staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v8-amd64" to ECR - staging + - Tag and push image "teleport-operator:v8-arm" to ECR - staging + - Tag and push image "teleport-operator:v8-arm64" to ECR - staging +- name: Tag and push image "teleport-operator:v8-amd64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-amd64" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v8-amd64" +- name: Tag and push image "teleport-operator:v8-arm" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-arm" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-arm" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-arm" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v8-arm" +- name: Tag and push image "teleport-operator:v8-arm64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$(cat '/go/vars/full-version/v8')-arm64" + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v8-arm64" +- name: Create manifest and push "teleport-operator:major" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat + '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v8-amd64" to ECR - production + - Tag and push image "teleport-operator:v8-arm" to ECR - production + - Tag and push image "teleport-operator:v8-arm64" to ECR - production +- name: Create manifest and push "teleport-operator:minor" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat + '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v8-amd64" to ECR - production + - Tag and push image "teleport-operator:v8-arm" to ECR - production + - Tag and push image "teleport-operator:v8-arm64" to ECR - production +- name: Create manifest and push "teleport-operator:canonical" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat + '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" --amend + "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $(cat '/go/vars/full-version/v8') | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $(cat '/go/vars/full-version/v8') + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v8-amd64" to ECR - production + - Tag and push image "teleport-operator:v8-arm" to ECR - production + - Tag and push image "teleport-operator:v8-arm64" to ECR - production +services: +- name: Start Docker + image: docker:dind + privileged: true + volumes: + - name: dockersock + path: /var/run +- name: drone-docker-registry + image: registry:2 + privileged: false + volumes: [] +volumes: +- name: dockersock + temp: {} + +--- +################################################ +# Generated using dronegen, do not edit by hand! +# Use 'make dronegen' to update. +# Generated at dronegen/container_images.go:228 +################################################ + +kind: pipeline +type: kubernetes +name: teleport-container-images-drone-tag-promote +environment: + DEBIAN_FRONTEND: noninteractive +trigger: + event: + include: + - promote + target: + include: + - production + - promote-docker + repo: + include: + - gravitational/teleport +workspace: + path: /go +clone: + disable: true +steps: +- name: Verify build is tagged image: alpine:latest commands: - - '[ -n ${DRONE_TAG} ] || (echo ''DRONE_TAG is not set. Is the commit tagged?'' - && exit 1)' -- name: Wait for docker + - '[ -n ${DRONE_TAG} ] || (echo ''DRONE_TAG is not set. Is the commit tagged?'' + && exit 1)' +- name: Check if tag is prerelease + image: golang:1.18-alpine + commands: + - mkdir -pv "/tmp/repo" + - cd "/tmp/repo" + - git init + - git remote add origin ${DRONE_REMOTE_URL} + - git fetch origin + - git checkout -qf "${DRONE_TAG}" + - cd "/tmp/repo/build.assets/tooling" + - go run ./cmd/check -tag ${DRONE_TAG} -check prerelease || (echo '---> This is + a prerelease, not continuing promotion for ${DRONE_TAG}' && exit 78) +- name: Wait for docker + image: docker + commands: + - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + volumes: + - name: dockersock + path: /var/run + depends_on: + - Verify build is tagged + - Check if tag is prerelease +- name: Wait for docker registry + image: alpine + commands: + - apk add curl + - timeout 30s /bin/sh -c 'while [ "$(curl -s -o /dev/null -w %{http_code} http://drone-docker-registry:5000/)" + != "200" ]; do sleep 1; done' + depends_on: + - Verify build is tagged + - Check if tag is prerelease + - Wait for docker +- name: Check out code + image: alpine/git:latest + commands: + - mkdir -pv "/go/src/github.com/gravitational/teleport" + - cd "/go/src/github.com/gravitational/teleport" + - git init + - git remote add origin ${DRONE_REMOTE_URL} + - git fetch origin + - git checkout -qf "$DRONE_TAG" + depends_on: + - Verify build is tagged + - Check if tag is prerelease + - Wait for docker + - Wait for docker registry +- name: Download "teleport" Dockerfile and DEB artifacts from APT + image: ubuntu:22.04 + commands: + - PACKAGE_NAME="teleport" + - PACKAGE_VERSION="$DRONE_TAG" + - apt update + - apt install --no-install-recommends -y ca-certificates curl + - update-ca-certificates + - mkdir -pv $(dirname "/go/build/Dockerfile") + - curl -Ls -o "/go/build/Dockerfile" "https://raw.githubusercontent.com/gravitational/teleport/${DRONE_SOURCE_BRANCH:-master}/build.assets/charts/Dockerfile" + - curl https://apt.releases.teleport.dev/gpg -o "/usr/share/keyrings/teleport-archive-keyring.asc" + - . /etc/os-release + - MAJOR_VERSION=$(echo $${PACKAGE_VERSION?} | cut -d'.' -f 1) + - echo "deb [signed-by=/usr/share/keyrings/teleport-archive-keyring.asc] https://apt.releases.teleport.dev/$${ID?} + $${VERSION_CODENAME?} stable/$${MAJOR_VERSION?}" > /etc/apt/sources.list.d/teleport.list + - END_TIME=$(( $(date +%s) + 1800 )) + - TRIMMED_VERSION=$(echo $${PACKAGE_VERSION} | cut -d'v' -f 2) + - TIMED_OUT=true + - while [ $(date +%s) -lt $${END_TIME?} ]; do + - echo 'Running apt update...' + - apt update > /dev/null || true + - '[ $(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION?} | wc -l) -ge + 1 ] && TIMED_OUT=false && break;' + - echo 'Package not found yet, waiting another 15 seconds...' + - sleep 15 + - done + - '[ $${TIMED_OUT?} = true ] && echo "Timed out while looking for APT package \"$${PACKAGE_NAME}\" + matching \"$${TRIMMED_VERSION}\"" && exit 1' + - FULL_VERSION=$(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION} | + cut -d'|' -f 2 | tr -d ' ' | head -n 1) + - echo "Found APT package, downloading \"$${PACKAGE_NAME}=$${FULL_VERSION}\" for + "amd64\", \"arm\", \"arm64"..." + - mkdir -pv "/tmp/apt-download" + - cd "/tmp/apt-download" + - dpkg --add-architecture "amd64" + - dpkg --add-architecture "armhf" + - dpkg --add-architecture "arm64" + - apt update &> /dev/null || true + - mkdir -pv "/go/build/artifacts/deb/teleport/amd64" + - apt download "teleport:amd64=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport/amd64/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport:amd64=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport/amd64/$DRONE_TAG.deb" + - mkdir -pv "/go/build/artifacts/deb/teleport/arm" + - apt download "teleport:armhf=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport/arm/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport:armhf=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport/arm/$DRONE_TAG.deb" + - mkdir -pv "/go/build/artifacts/deb/teleport/arm64" + - apt download "teleport:arm64=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport/arm64/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport:arm64=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport/arm64/$DRONE_TAG.deb" + depends_on: + - Verify build is tagged + - Check if tag is prerelease + - Wait for docker + - Wait for docker registry + - Check out code +- name: Build teleport image "teleport:v10-amd64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-v10-amd64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-v10-amd64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-v10-amd64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-v10-amd64-builder" --config "/tmp/teleport-v10-amd64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-v10-amd64-builder" --target "teleport" + --platform "linux/amd64" --tag "drone-docker-registry:5000/teleport:$DRONE_TAG-amd64" + --file "/go/build/Dockerfile" --build-arg "DEB_PATH=artifacts/deb/teleport/amd64/$DRONE_TAG.deb" + /go/build + - docker buildx rm "teleport-v10-amd64-builder" + - rm -rf "/tmp/teleport-v10-amd64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Verify build is tagged + - Check if tag is prerelease + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport" Dockerfile and DEB artifacts from APT +- name: Build teleport image "teleport:v10-arm" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-v10-arm-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-v10-arm-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-v10-arm-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-v10-arm-builder" --config "/tmp/teleport-v10-arm-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-v10-arm-builder" --target "teleport" + --platform "linux/arm" --tag "drone-docker-registry:5000/teleport:$DRONE_TAG-arm" + --file "/go/build/Dockerfile" --build-arg "DEB_PATH=artifacts/deb/teleport/arm/$DRONE_TAG.deb" + /go/build + - docker buildx rm "teleport-v10-arm-builder" + - rm -rf "/tmp/teleport-v10-arm-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Verify build is tagged + - Check if tag is prerelease + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport" Dockerfile and DEB artifacts from APT +- name: Build teleport image "teleport:v10-arm64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-v10-arm64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-v10-arm64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-v10-arm64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-v10-arm64-builder" --config "/tmp/teleport-v10-arm64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-v10-arm64-builder" --target "teleport" + --platform "linux/arm64" --tag "drone-docker-registry:5000/teleport:$DRONE_TAG-arm64" + --file "/go/build/Dockerfile" --build-arg "DEB_PATH=artifacts/deb/teleport/arm64/$DRONE_TAG.deb" + /go/build + - docker buildx rm "teleport-v10-arm64-builder" + - rm -rf "/tmp/teleport-v10-arm64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Verify build is tagged + - Check if tag is prerelease + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport" Dockerfile and DEB artifacts from APT +- name: Tag and push image "teleport:v10-amd64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport:$DRONE_TAG-amd64" + - docker tag "drone-docker-registry:5000/teleport:$DRONE_TAG-amd64" "quay.io/fred_heinecke/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport:$DRONE_TAG-amd64" "quay.io/fred_heinecke/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport:$DRONE_TAG-amd64" "quay.io/fred_heinecke/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "quay.io/fred_heinecke/teleport:$(echo $DRONE_TAG | sed 's/v//' | + cut -d'.' -f 1)-amd64" + - docker push "quay.io/fred_heinecke/teleport:$(echo $DRONE_TAG | sed 's/v//' | + cut -d'.' -f 1,2)-amd64" + - docker push "quay.io/fred_heinecke/teleport:$(echo $DRONE_TAG | sed 's/v//' | + cut -d'.' -f 1,2,3)-amd64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v10-amd64" +- name: Tag and push image "teleport:v10-arm" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport:$DRONE_TAG-arm" + - docker tag "drone-docker-registry:5000/teleport:$DRONE_TAG-arm" "quay.io/fred_heinecke/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport:$DRONE_TAG-arm" "quay.io/fred_heinecke/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport:$DRONE_TAG-arm" "quay.io/fred_heinecke/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "quay.io/fred_heinecke/teleport:$(echo $DRONE_TAG | sed 's/v//' | + cut -d'.' -f 1)-arm" + - docker push "quay.io/fred_heinecke/teleport:$(echo $DRONE_TAG | sed 's/v//' | + cut -d'.' -f 1,2)-arm" + - docker push "quay.io/fred_heinecke/teleport:$(echo $DRONE_TAG | sed 's/v//' | + cut -d'.' -f 1,2,3)-arm" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v10-arm" +- name: Tag and push image "teleport:v10-arm64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport:$DRONE_TAG-arm64" + - docker tag "drone-docker-registry:5000/teleport:$DRONE_TAG-arm64" "quay.io/fred_heinecke/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport:$DRONE_TAG-arm64" "quay.io/fred_heinecke/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport:$DRONE_TAG-arm64" "quay.io/fred_heinecke/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "quay.io/fred_heinecke/teleport:$(echo $DRONE_TAG | sed 's/v//' | + cut -d'.' -f 1)-arm64" + - docker push "quay.io/fred_heinecke/teleport:$(echo $DRONE_TAG | sed 's/v//' | + cut -d'.' -f 1,2)-arm64" + - docker push "quay.io/fred_heinecke/teleport:$(echo $DRONE_TAG | sed 's/v//' | + cut -d'.' -f 1,2,3)-arm64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v10-arm64" +- name: Create manifest and push "teleport:major" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport:$(echo $DRONE_TAG | sed + 's/v//' | cut -d'.' -f 1)" --amend "quay.io/fred_heinecke/teleport:$(echo $DRONE_TAG + | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend "quay.io/fred_heinecke/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm" --amend "quay.io/fred_heinecke/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v10-amd64" to Quay + - Tag and push image "teleport:v10-arm" to Quay + - Tag and push image "teleport:v10-arm64" to Quay +- name: Create manifest and push "teleport:minor" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport:$(echo $DRONE_TAG | sed + 's/v//' | cut -d'.' -f 1,2)" --amend "quay.io/fred_heinecke/teleport:$(echo $DRONE_TAG + | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend "quay.io/fred_heinecke/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "quay.io/fred_heinecke/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v10-amd64" to Quay + - Tag and push image "teleport:v10-arm" to Quay + - Tag and push image "teleport:v10-arm64" to Quay +- name: Create manifest and push "teleport:canonical" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport:$(echo $DRONE_TAG | sed + 's/v//' | cut -d'.' -f 1,2,3)" --amend "quay.io/fred_heinecke/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" --amend "quay.io/fred_heinecke/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "quay.io/fred_heinecke/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2,3)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v10-amd64" to Quay + - Tag and push image "teleport:v10-arm" to Quay + - Tag and push image "teleport:v10-arm64" to Quay +- name: Tag and push image "teleport:v10-amd64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport:$DRONE_TAG-amd64" + - docker tag "drone-docker-registry:5000/teleport:$DRONE_TAG-amd64" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport:$DRONE_TAG-amd64" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport:$DRONE_TAG-amd64" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v10-amd64" +- name: Tag and push image "teleport:v10-arm" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport:$DRONE_TAG-arm" + - docker tag "drone-docker-registry:5000/teleport:$DRONE_TAG-arm" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport:$DRONE_TAG-arm" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport:$DRONE_TAG-arm" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v10-arm" +- name: Tag and push image "teleport:v10-arm64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport:$DRONE_TAG-arm64" + - docker tag "drone-docker-registry:5000/teleport:$DRONE_TAG-arm64" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport:$DRONE_TAG-arm64" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport:$DRONE_TAG-arm64" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v10-arm64" +- name: Create manifest and push "teleport:major-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v10-amd64" to ECR - staging + - Tag and push image "teleport:v10-arm" to ECR - staging + - Tag and push image "teleport:v10-arm64" to ECR - staging +- name: Create manifest and push "teleport:minor-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v10-amd64" to ECR - staging + - Tag and push image "teleport:v10-arm" to ECR - staging + - Tag and push image "teleport:v10-arm64" to ECR - staging +- name: Create manifest and push "teleport:canonical-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v10-amd64" to ECR - staging + - Tag and push image "teleport:v10-arm" to ECR - staging + - Tag and push image "teleport:v10-arm64" to ECR - staging +- name: Tag and push image "teleport:v10-amd64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport:$DRONE_TAG-amd64" + - docker tag "drone-docker-registry:5000/teleport:$DRONE_TAG-amd64" "public.ecr.aws/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker tag "drone-docker-registry:5000/teleport:$DRONE_TAG-amd64" "public.ecr.aws/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport:$DRONE_TAG-amd64" "public.ecr.aws/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2,3)-amd64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v10-amd64" +- name: Tag and push image "teleport:v10-arm" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport:$DRONE_TAG-arm" + - docker tag "drone-docker-registry:5000/teleport:$DRONE_TAG-arm" "public.ecr.aws/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport:$DRONE_TAG-arm" "public.ecr.aws/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport:$DRONE_TAG-arm" "public.ecr.aws/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2,3)-arm" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v10-arm" +- name: Tag and push image "teleport:v10-arm64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport:$DRONE_TAG-arm64" + - docker tag "drone-docker-registry:5000/teleport:$DRONE_TAG-arm64" "public.ecr.aws/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport:$DRONE_TAG-arm64" "public.ecr.aws/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport:$DRONE_TAG-arm64" "public.ecr.aws/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2,3)-arm64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport image "teleport:v10-arm64" +- name: Create manifest and push "teleport:major" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport:$(echo $DRONE_TAG | sed + 's/v//' | cut -d'.' -f 1)" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo $DRONE_TAG + | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport:$(echo $DRONE_TAG | sed + 's/v//' | cut -d'.' -f 1)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v10-amd64" to ECR - production + - Tag and push image "teleport:v10-arm" to ECR - production + - Tag and push image "teleport:v10-arm64" to ECR - production +- name: Create manifest and push "teleport:minor" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport:$(echo $DRONE_TAG | sed + 's/v//' | cut -d'.' -f 1,2)" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport:$(echo $DRONE_TAG | sed + 's/v//' | cut -d'.' -f 1,2)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v10-amd64" to ECR - production + - Tag and push image "teleport:v10-arm" to ECR - production + - Tag and push image "teleport:v10-arm64" to ECR - production +- name: Create manifest and push "teleport:canonical" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport:$(echo $DRONE_TAG | sed + 's/v//' | cut -d'.' -f 1,2,3)" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport:$(echo $DRONE_TAG | sed + 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport:v10-amd64" to ECR - production + - Tag and push image "teleport:v10-arm" to ECR - production + - Tag and push image "teleport:v10-arm64" to ECR - production +- name: Download "teleport-ent" Dockerfile and DEB artifacts from APT + image: ubuntu:22.04 + commands: + - PACKAGE_NAME="teleport-ent" + - PACKAGE_VERSION="$DRONE_TAG" + - apt update + - apt install --no-install-recommends -y ca-certificates curl + - update-ca-certificates + - mkdir -pv $(dirname "/go/build/Dockerfile") + - curl -Ls -o "/go/build/Dockerfile" "https://raw.githubusercontent.com/gravitational/teleport/${DRONE_SOURCE_BRANCH:-master}/build.assets/charts/Dockerfile" + - curl https://apt.releases.teleport.dev/gpg -o "/usr/share/keyrings/teleport-archive-keyring.asc" + - . /etc/os-release + - MAJOR_VERSION=$(echo $${PACKAGE_VERSION?} | cut -d'.' -f 1) + - echo "deb [signed-by=/usr/share/keyrings/teleport-archive-keyring.asc] https://apt.releases.teleport.dev/$${ID?} + $${VERSION_CODENAME?} stable/$${MAJOR_VERSION?}" > /etc/apt/sources.list.d/teleport.list + - END_TIME=$(( $(date +%s) + 1800 )) + - TRIMMED_VERSION=$(echo $${PACKAGE_VERSION} | cut -d'v' -f 2) + - TIMED_OUT=true + - while [ $(date +%s) -lt $${END_TIME?} ]; do + - echo 'Running apt update...' + - apt update > /dev/null || true + - '[ $(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION?} | wc -l) -ge + 1 ] && TIMED_OUT=false && break;' + - echo 'Package not found yet, waiting another 15 seconds...' + - sleep 15 + - done + - '[ $${TIMED_OUT?} = true ] && echo "Timed out while looking for APT package \"$${PACKAGE_NAME}\" + matching \"$${TRIMMED_VERSION}\"" && exit 1' + - FULL_VERSION=$(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION} | + cut -d'|' -f 2 | tr -d ' ' | head -n 1) + - echo "Found APT package, downloading \"$${PACKAGE_NAME}=$${FULL_VERSION}\" for + "amd64\", \"arm\", \"arm64"..." + - mkdir -pv "/tmp/apt-download" + - cd "/tmp/apt-download" + - dpkg --add-architecture "amd64" + - dpkg --add-architecture "armhf" + - dpkg --add-architecture "arm64" + - apt update &> /dev/null || true + - mkdir -pv "/go/build/artifacts/deb/teleport-ent/amd64" + - apt download "teleport-ent:amd64=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport-ent/amd64/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport-ent:amd64=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport-ent/amd64/$DRONE_TAG.deb" + - mkdir -pv "/go/build/artifacts/deb/teleport-ent/arm" + - apt download "teleport-ent:armhf=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport-ent/arm/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport-ent:armhf=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport-ent/arm/$DRONE_TAG.deb" + - mkdir -pv "/go/build/artifacts/deb/teleport-ent/arm64" + - apt download "teleport-ent:arm64=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport-ent/arm64/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport-ent:arm64=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport-ent/arm64/$DRONE_TAG.deb" + depends_on: + - Verify build is tagged + - Check if tag is prerelease + - Wait for docker + - Wait for docker registry + - Check out code +- name: Build teleport-ent image "teleport-ent:v10-amd64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-ent-v10-amd64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-ent-v10-amd64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-ent-v10-amd64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-ent-v10-amd64-builder" --config "/tmp/teleport-ent-v10-amd64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-ent-v10-amd64-builder" --target + "teleport" --platform "linux/amd64" --tag "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-amd64" + --file "/go/build/Dockerfile" --build-arg "DEB_PATH=artifacts/deb/teleport-ent/amd64/$DRONE_TAG.deb" + /go/build + - docker buildx rm "teleport-ent-v10-amd64-builder" + - rm -rf "/tmp/teleport-ent-v10-amd64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Verify build is tagged + - Check if tag is prerelease + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport-ent" Dockerfile and DEB artifacts from APT +- name: Build teleport-ent image "teleport-ent:v10-arm" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-ent-v10-arm-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-ent-v10-arm-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-ent-v10-arm-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-ent-v10-arm-builder" --config "/tmp/teleport-ent-v10-arm-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-ent-v10-arm-builder" --target "teleport" + --platform "linux/arm" --tag "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-arm" + --file "/go/build/Dockerfile" --build-arg "DEB_PATH=artifacts/deb/teleport-ent/arm/$DRONE_TAG.deb" + /go/build + - docker buildx rm "teleport-ent-v10-arm-builder" + - rm -rf "/tmp/teleport-ent-v10-arm-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Verify build is tagged + - Check if tag is prerelease + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport-ent" Dockerfile and DEB artifacts from APT +- name: Build teleport-ent image "teleport-ent:v10-arm64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-ent-v10-arm64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-ent-v10-arm64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-ent-v10-arm64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-ent-v10-arm64-builder" --config "/tmp/teleport-ent-v10-arm64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-ent-v10-arm64-builder" --target + "teleport" --platform "linux/arm64" --tag "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-arm64" + --file "/go/build/Dockerfile" --build-arg "DEB_PATH=artifacts/deb/teleport-ent/arm64/$DRONE_TAG.deb" + /go/build + - docker buildx rm "teleport-ent-v10-arm64-builder" + - rm -rf "/tmp/teleport-ent-v10-arm64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Verify build is tagged + - Check if tag is prerelease + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport-ent" Dockerfile and DEB artifacts from APT +- name: Tag and push image "teleport-ent:v10-amd64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-amd64" "quay.io/fred_heinecke/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-amd64" "quay.io/fred_heinecke/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-amd64" "quay.io/fred_heinecke/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1)-amd64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2)-amd64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2,3)-amd64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v10-amd64" +- name: Tag and push image "teleport-ent:v10-arm" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-arm" "quay.io/fred_heinecke/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-arm" "quay.io/fred_heinecke/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-arm" "quay.io/fred_heinecke/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1)-arm" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2)-arm" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2,3)-arm" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v10-arm" +- name: Tag and push image "teleport-ent:v10-arm64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-arm64" "quay.io/fred_heinecke/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-arm64" "quay.io/fred_heinecke/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-arm64" "quay.io/fred_heinecke/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2,3)-arm64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1)-arm64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2)-arm64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v10-arm64" +- name: Create manifest and push "teleport-ent:major" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-ent:$(echo $DRONE_TAG | + sed 's/v//' | cut -d'.' -f 1)" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-ent:$(echo $DRONE_TAG | sed + 's/v//' | cut -d'.' -f 1)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v10-amd64" to Quay + - Tag and push image "teleport-ent:v10-arm" to Quay + - Tag and push image "teleport-ent:v10-arm64" to Quay +- name: Create manifest and push "teleport-ent:minor" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-ent:$(echo $DRONE_TAG | + sed 's/v//' | cut -d'.' -f 1,2)" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-ent:$(echo $DRONE_TAG | sed + 's/v//' | cut -d'.' -f 1,2)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v10-amd64" to Quay + - Tag and push image "teleport-ent:v10-arm" to Quay + - Tag and push image "teleport-ent:v10-arm64" to Quay +- name: Create manifest and push "teleport-ent:canonical" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-ent:$(echo $DRONE_TAG | + sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-ent:$(echo $DRONE_TAG | sed + 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v10-amd64" to Quay + - Tag and push image "teleport-ent:v10-arm" to Quay + - Tag and push image "teleport-ent:v10-arm64" to Quay +- name: Tag and push image "teleport-ent:v10-amd64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-amd64" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-amd64" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-amd64" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v10-amd64" +- name: Tag and push image "teleport-ent:v10-arm" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-arm" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-arm" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-arm" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v10-arm" +- name: Tag and push image "teleport-ent:v10-arm64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-arm64" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-arm64" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-arm64" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v10-arm64" +- name: Create manifest and push "teleport-ent:major-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v10-amd64" to ECR - staging + - Tag and push image "teleport-ent:v10-arm" to ECR - staging + - Tag and push image "teleport-ent:v10-arm64" to ECR - staging +- name: Create manifest and push "teleport-ent:minor-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v10-amd64" to ECR - staging + - Tag and push image "teleport-ent:v10-arm" to ECR - staging + - Tag and push image "teleport-ent:v10-arm64" to ECR - staging +- name: Create manifest and push "teleport-ent:canonical-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v10-amd64" to ECR - staging + - Tag and push image "teleport-ent:v10-arm" to ECR - staging + - Tag and push image "teleport-ent:v10-arm64" to ECR - staging +- name: Tag and push image "teleport-ent:v10-amd64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-amd64" "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-amd64" "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-amd64" "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2,3)-amd64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v10-amd64" +- name: Tag and push image "teleport-ent:v10-arm" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-arm" "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-arm" "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-arm" "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2,3)-arm" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v10-arm" +- name: Tag and push image "teleport-ent:v10-arm64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-arm64" "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-arm64" "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport-ent:$DRONE_TAG-arm64" "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2,3)-arm64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent image "teleport-ent:v10-arm64" +- name: Create manifest and push "teleport-ent:major" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $DRONE_TAG + | sed 's/v//' | cut -d'.' -f 1)" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $DRONE_TAG | + sed 's/v//' | cut -d'.' -f 1)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v10-amd64" to ECR - production + - Tag and push image "teleport-ent:v10-arm" to ECR - production + - Tag and push image "teleport-ent:v10-arm64" to ECR - production +- name: Create manifest and push "teleport-ent:minor" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $DRONE_TAG + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $DRONE_TAG | + sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v10-amd64" to ECR - production + - Tag and push image "teleport-ent:v10-arm" to ECR - production + - Tag and push image "teleport-ent:v10-arm64" to ECR - production +- name: Create manifest and push "teleport-ent:canonical" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $DRONE_TAG + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $DRONE_TAG | + sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent:v10-amd64" to ECR - production + - Tag and push image "teleport-ent:v10-arm" to ECR - production + - Tag and push image "teleport-ent:v10-arm64" to ECR - production +- name: Download "teleport-ent-fips" Dockerfile and DEB artifacts from APT + image: ubuntu:22.04 + commands: + - PACKAGE_NAME="teleport-ent-fips" + - PACKAGE_VERSION="$DRONE_TAG" + - apt update + - apt install --no-install-recommends -y ca-certificates curl + - update-ca-certificates + - mkdir -pv $(dirname "/go/build/Dockerfile") + - curl -Ls -o "/go/build/Dockerfile" "https://raw.githubusercontent.com/gravitational/teleport/${DRONE_SOURCE_BRANCH:-master}/build.assets/charts/Dockerfile" + - curl https://apt.releases.teleport.dev/gpg -o "/usr/share/keyrings/teleport-archive-keyring.asc" + - . /etc/os-release + - MAJOR_VERSION=$(echo $${PACKAGE_VERSION?} | cut -d'.' -f 1) + - echo "deb [signed-by=/usr/share/keyrings/teleport-archive-keyring.asc] https://apt.releases.teleport.dev/$${ID?} + $${VERSION_CODENAME?} stable/$${MAJOR_VERSION?}" > /etc/apt/sources.list.d/teleport.list + - END_TIME=$(( $(date +%s) + 1800 )) + - TRIMMED_VERSION=$(echo $${PACKAGE_VERSION} | cut -d'v' -f 2) + - TIMED_OUT=true + - while [ $(date +%s) -lt $${END_TIME?} ]; do + - echo 'Running apt update...' + - apt update > /dev/null || true + - '[ $(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION?} | wc -l) -ge + 1 ] && TIMED_OUT=false && break;' + - echo 'Package not found yet, waiting another 15 seconds...' + - sleep 15 + - done + - '[ $${TIMED_OUT?} = true ] && echo "Timed out while looking for APT package \"$${PACKAGE_NAME}\" + matching \"$${TRIMMED_VERSION}\"" && exit 1' + - FULL_VERSION=$(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION} | + cut -d'|' -f 2 | tr -d ' ' | head -n 1) + - echo "Found APT package, downloading \"$${PACKAGE_NAME}=$${FULL_VERSION}\" for + "amd64"..." + - mkdir -pv "/tmp/apt-download" + - cd "/tmp/apt-download" + - dpkg --add-architecture "amd64" + - apt update &> /dev/null || true + - mkdir -pv "/go/build/artifacts/deb/teleport-ent-fips/amd64" + - apt download "teleport-ent-fips:amd64=$${FULL_VERSION}" + - FILENAME=$(ls) + - echo "Downloaded file \"$${FILENAME}\"" + - mv "$${FILENAME}" "/go/build/artifacts/deb/teleport-ent-fips/amd64/$${PACKAGE_VERSION}.deb" + - echo Downloaded "teleport-ent-fips:amd64=$${FULL_VERSION}" to "/go/build/artifacts/deb/teleport-ent-fips/amd64/$DRONE_TAG.deb" + depends_on: + - Verify build is tagged + - Check if tag is prerelease + - Wait for docker + - Wait for docker registry + - Check out code +- name: Build teleport-ent-fips image "teleport-ent-fips:v10-amd64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/build" && cd "/go/build" + - mkdir -pv "/tmp/teleport-ent-fips-v10-amd64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-ent-fips-v10-amd64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-ent-fips-v10-amd64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-ent-fips-v10-amd64-builder" --config "/tmp/teleport-ent-fips-v10-amd64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-ent-fips-v10-amd64-builder" --target + "teleport-fips" --platform "linux/amd64" --tag "drone-docker-registry:5000/teleport-ent-fips:$DRONE_TAG-amd64" + --file "/go/build/Dockerfile" --build-arg "DEB_PATH=artifacts/deb/teleport-ent-fips/amd64/$DRONE_TAG.deb" + /go/build + - docker buildx rm "teleport-ent-fips-v10-amd64-builder" + - rm -rf "/tmp/teleport-ent-fips-v10-amd64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Verify build is tagged + - Check if tag is prerelease + - Wait for docker + - Wait for docker registry + - Check out code + - Download "teleport-ent-fips" Dockerfile and DEB artifacts from APT +- name: Tag and push image "teleport-ent-fips:v10-amd64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-ent-fips:$DRONE_TAG-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$DRONE_TAG-amd64" "quay.io/fred_heinecke/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-fips-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$DRONE_TAG-amd64" "quay.io/fred_heinecke/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-fips-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$DRONE_TAG-amd64" "quay.io/fred_heinecke/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-fips-amd64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2,3)-fips-amd64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1)-fips-amd64" + - docker push "quay.io/fred_heinecke/teleport-ent:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2)-fips-amd64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent-fips image "teleport-ent-fips:v10-amd64" +- name: Create manifest and push "teleport-ent:major-fips" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-ent:$(echo $DRONE_TAG | + sed 's/v//' | cut -d'.' -f 1)-fips" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-fips-amd64" + - docker manifest push "quay.io/fred_heinecke/teleport-ent:$(echo $DRONE_TAG | sed + 's/v//' | cut -d'.' -f 1)-fips" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v10-amd64" to Quay +- name: Create manifest and push "teleport-ent:minor-fips" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-ent:$(echo $DRONE_TAG | + sed 's/v//' | cut -d'.' -f 1,2)-fips" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-fips-amd64" + - docker manifest push "quay.io/fred_heinecke/teleport-ent:$(echo $DRONE_TAG | sed + 's/v//' | cut -d'.' -f 1,2)-fips" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v10-amd64" to Quay +- name: Create manifest and push "teleport-ent:canonical-fips" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-ent:$(echo $DRONE_TAG | + sed 's/v//' | cut -d'.' -f 1,2,3)-fips" --amend "quay.io/fred_heinecke/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-fips-amd64" + - docker manifest push "quay.io/fred_heinecke/teleport-ent:$(echo $DRONE_TAG | sed + 's/v//' | cut -d'.' -f 1,2,3)-fips" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v10-amd64" to Quay +- name: Tag and push image "teleport-ent-fips:v10-amd64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-ent-fips:$DRONE_TAG-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$DRONE_TAG-amd64" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-fips-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$DRONE_TAG-amd64" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-fips-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$DRONE_TAG-amd64" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-fips-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-fips-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-fips-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-fips-amd64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent-fips image "teleport-ent-fips:v10-amd64" +- name: Create manifest and push "teleport-ent:major-$TIMESTAMP-fips" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-fips" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-fips-amd64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-fips" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v10-amd64" to ECR - staging +- name: Create manifest and push "teleport-ent:minor-$TIMESTAMP-fips" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-fips" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-fips-amd64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-fips" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v10-amd64" to ECR - staging +- name: Create manifest and push "teleport-ent:canonical-$TIMESTAMP-fips" to ECR - + staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-fips" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-fips-amd64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-fips" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v10-amd64" to ECR - staging +- name: Tag and push image "teleport-ent-fips:v10-amd64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-ent-fips:$DRONE_TAG-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$DRONE_TAG-amd64" "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-fips-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$DRONE_TAG-amd64" "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-fips-amd64" + - docker tag "drone-docker-registry:5000/teleport-ent-fips:$DRONE_TAG-amd64" "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-fips-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1)-fips-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2)-fips-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2,3)-fips-amd64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-ent-fips image "teleport-ent-fips:v10-amd64" +- name: Create manifest and push "teleport-ent:major-fips" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $DRONE_TAG + | sed 's/v//' | cut -d'.' -f 1)-fips" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-fips-amd64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $DRONE_TAG | + sed 's/v//' | cut -d'.' -f 1)-fips" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v10-amd64" to ECR - production +- name: Create manifest and push "teleport-ent:minor-fips" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $DRONE_TAG + | sed 's/v//' | cut -d'.' -f 1,2)-fips" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-fips-amd64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $DRONE_TAG | + sed 's/v//' | cut -d'.' -f 1,2)-fips" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v10-amd64" to ECR - production +- name: Create manifest and push "teleport-ent:canonical-fips" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $DRONE_TAG + | sed 's/v//' | cut -d'.' -f 1,2,3)-fips" --amend "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-fips-amd64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-ent:$(echo $DRONE_TAG | + sed 's/v//' | cut -d'.' -f 1,2,3)-fips" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-ent-fips:v10-amd64" to ECR - production +- name: Build teleport-lab image "teleport-lab:v10-amd64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/src/github.com/gravitational/teleport/docker/sshd" && cd "/go/src/github.com/gravitational/teleport/docker/sshd" + - mkdir -pv "/tmp/teleport-lab-v10-amd64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-lab-v10-amd64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-lab-v10-amd64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-lab-v10-amd64-builder" --config "/tmp/teleport-lab-v10-amd64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-lab-v10-amd64-builder" --platform + "linux/amd64" --tag "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-amd64" + --file "/go/src/github.com/gravitational/teleport/docker/sshd/Dockerfile" --build-arg + "BASE_IMAGE=drone-docker-registry:5000/teleport:$DRONE_TAG-amd64" /go/src/github.com/gravitational/teleport/docker/sshd + - docker buildx rm "teleport-lab-v10-amd64-builder" + - rm -rf "/tmp/teleport-lab-v10-amd64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Verify build is tagged + - Check if tag is prerelease + - Wait for docker + - Wait for docker registry + - Check out code + - Build teleport image "teleport:v10-amd64" +- name: Build teleport-lab image "teleport-lab:v10-arm" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/src/github.com/gravitational/teleport/docker/sshd" && cd "/go/src/github.com/gravitational/teleport/docker/sshd" + - mkdir -pv "/tmp/teleport-lab-v10-arm-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-lab-v10-arm-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-lab-v10-arm-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-lab-v10-arm-builder" --config "/tmp/teleport-lab-v10-arm-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-lab-v10-arm-builder" --platform + "linux/arm" --tag "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-arm" --file + "/go/src/github.com/gravitational/teleport/docker/sshd/Dockerfile" --build-arg + "BASE_IMAGE=drone-docker-registry:5000/teleport:$DRONE_TAG-arm" /go/src/github.com/gravitational/teleport/docker/sshd + - docker buildx rm "teleport-lab-v10-arm-builder" + - rm -rf "/tmp/teleport-lab-v10-arm-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Verify build is tagged + - Check if tag is prerelease + - Wait for docker + - Wait for docker registry + - Check out code + - Build teleport image "teleport:v10-arm" +- name: Build teleport-lab image "teleport-lab:v10-arm64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/src/github.com/gravitational/teleport/docker/sshd" && cd "/go/src/github.com/gravitational/teleport/docker/sshd" + - mkdir -pv "/tmp/teleport-lab-v10-arm64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-lab-v10-arm64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-lab-v10-arm64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-lab-v10-arm64-builder" --config "/tmp/teleport-lab-v10-arm64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-lab-v10-arm64-builder" --platform + "linux/arm64" --tag "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-arm64" + --file "/go/src/github.com/gravitational/teleport/docker/sshd/Dockerfile" --build-arg + "BASE_IMAGE=drone-docker-registry:5000/teleport:$DRONE_TAG-arm64" /go/src/github.com/gravitational/teleport/docker/sshd + - docker buildx rm "teleport-lab-v10-arm64-builder" + - rm -rf "/tmp/teleport-lab-v10-arm64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Verify build is tagged + - Check if tag is prerelease + - Wait for docker + - Wait for docker registry + - Check out code + - Build teleport image "teleport:v10-arm64" +- name: Tag and push image "teleport-lab:v10-amd64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-amd64" "quay.io/fred_heinecke/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-amd64" "quay.io/fred_heinecke/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-amd64" "quay.io/fred_heinecke/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1)-amd64" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2)-amd64" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2,3)-amd64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v10-amd64" +- name: Tag and push image "teleport-lab:v10-arm" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-arm" "quay.io/fred_heinecke/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-arm" "quay.io/fred_heinecke/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-arm" "quay.io/fred_heinecke/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1)-arm" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2)-arm" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2,3)-arm" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v10-arm" +- name: Tag and push image "teleport-lab:v10-arm64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-arm64" "quay.io/fred_heinecke/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-arm64" "quay.io/fred_heinecke/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-arm64" "quay.io/fred_heinecke/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1)-arm64" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2)-arm64" + - docker push "quay.io/fred_heinecke/teleport-lab:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2,3)-arm64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v10-arm64" +- name: Create manifest and push "teleport-lab:major" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-lab:$(echo $DRONE_TAG | + sed 's/v//' | cut -d'.' -f 1)" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-lab:$(echo $DRONE_TAG | sed + 's/v//' | cut -d'.' -f 1)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v10-amd64" to Quay + - Tag and push image "teleport-lab:v10-arm" to Quay + - Tag and push image "teleport-lab:v10-arm64" to Quay +- name: Create manifest and push "teleport-lab:minor" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-lab:$(echo $DRONE_TAG | + sed 's/v//' | cut -d'.' -f 1,2)" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-lab:$(echo $DRONE_TAG | sed + 's/v//' | cut -d'.' -f 1,2)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v10-amd64" to Quay + - Tag and push image "teleport-lab:v10-arm" to Quay + - Tag and push image "teleport-lab:v10-arm64" to Quay +- name: Create manifest and push "teleport-lab:canonical" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-lab:$(echo $DRONE_TAG | + sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "quay.io/fred_heinecke/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-lab:$(echo $DRONE_TAG | sed + 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v10-amd64" to Quay + - Tag and push image "teleport-lab:v10-arm" to Quay + - Tag and push image "teleport-lab:v10-arm64" to Quay +- name: Tag and push image "teleport-lab:v10-amd64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-amd64" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-amd64" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-amd64" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v10-amd64" +- name: Tag and push image "teleport-lab:v10-arm" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-arm" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-arm" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-arm" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v10-arm" +- name: Tag and push image "teleport-lab:v10-arm64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-arm64" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-arm64" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-arm64" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v10-arm64" +- name: Create manifest and push "teleport-lab:major-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v10-amd64" to ECR - staging + - Tag and push image "teleport-lab:v10-arm" to ECR - staging + - Tag and push image "teleport-lab:v10-arm64" to ECR - staging +- name: Create manifest and push "teleport-lab:minor-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v10-amd64" to ECR - staging + - Tag and push image "teleport-lab:v10-arm" to ECR - staging + - Tag and push image "teleport-lab:v10-arm64" to ECR - staging +- name: Create manifest and push "teleport-lab:canonical-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v10-amd64" to ECR - staging + - Tag and push image "teleport-lab:v10-arm" to ECR - staging + - Tag and push image "teleport-lab:v10-arm64" to ECR - staging +- name: Tag and push image "teleport-lab:v10-amd64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-amd64" "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-amd64" "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker tag "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-amd64" "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2,3)-amd64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v10-amd64" +- name: Tag and push image "teleport-lab:v10-arm" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-arm" "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-arm" "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-arm" "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2,3)-arm" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v10-arm" +- name: Tag and push image "teleport-lab:v10-arm64" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-arm64" "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-arm64" "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport-lab:$DRONE_TAG-arm64" "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2,3)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1)-arm64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-lab image "teleport-lab:v10-arm64" +- name: Create manifest and push "teleport-lab:major" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $DRONE_TAG + | sed 's/v//' | cut -d'.' -f 1)" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $DRONE_TAG | + sed 's/v//' | cut -d'.' -f 1)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v10-amd64" to ECR - production + - Tag and push image "teleport-lab:v10-arm" to ECR - production + - Tag and push image "teleport-lab:v10-arm64" to ECR - production +- name: Create manifest and push "teleport-lab:minor" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $DRONE_TAG + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $DRONE_TAG | + sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v10-amd64" to ECR - production + - Tag and push image "teleport-lab:v10-arm" to ECR - production + - Tag and push image "teleport-lab:v10-arm64" to ECR - production +- name: Create manifest and push "teleport-lab:canonical" to ECR - production image: docker commands: - - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $DRONE_TAG + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-lab:$(echo $DRONE_TAG | + sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-lab:v10-amd64" to ECR - production + - Tag and push image "teleport-lab:v10-arm" to ECR - production + - Tag and push image "teleport-lab:v10-arm64" to ECR - production +- name: Build teleport-operator image "teleport-operator:v10-amd64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/src/github.com/gravitational/teleport" && cd "/go/src/github.com/gravitational/teleport" + - mkdir -pv "/tmp/teleport-operator-v10-amd64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-operator-v10-amd64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-operator-v10-amd64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-operator-v10-amd64-builder" --config "/tmp/teleport-operator-v10-amd64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-operator-v10-amd64-builder" --platform + "linux/amd64" --tag "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-amd64" + --file "/go/src/github.com/gravitational/teleport/operator/Dockerfile" --build-arg + "COMPILER_PACKAGE=gcc-x86-64-linux-gnu" --build-arg "COMPILER_NAME=x86_64-linux-gnu-gcc" + /go/src/github.com/gravitational/teleport + - docker buildx rm "teleport-operator-v10-amd64-builder" + - rm -rf "/tmp/teleport-operator-v10-amd64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Verify build is tagged + - Check if tag is prerelease + - Wait for docker + - Wait for docker registry + - Check out code +- name: Build teleport-operator image "teleport-operator:v10-arm" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/src/github.com/gravitational/teleport" && cd "/go/src/github.com/gravitational/teleport" + - mkdir -pv "/tmp/teleport-operator-v10-arm-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-operator-v10-arm-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-operator-v10-arm-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-operator-v10-arm-builder" --config "/tmp/teleport-operator-v10-arm-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-operator-v10-arm-builder" --platform + "linux/arm" --tag "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-arm" + --file "/go/src/github.com/gravitational/teleport/operator/Dockerfile" --build-arg + "COMPILER_PACKAGE=gcc-arm-linux-gnueabihf" --build-arg "COMPILER_NAME=arm-linux-gnueabihf-gcc" + /go/src/github.com/gravitational/teleport + - docker buildx rm "teleport-operator-v10-arm-builder" + - rm -rf "/tmp/teleport-operator-v10-arm-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Verify build is tagged + - Check if tag is prerelease + - Wait for docker + - Wait for docker registry + - Check out code +- name: Build teleport-operator image "teleport-operator:v10-arm64" + image: docker + commands: + - docker run --privileged --rm tonistiigi/binfmt --install all + - mkdir -pv "/go/src/github.com/gravitational/teleport" && cd "/go/src/github.com/gravitational/teleport" + - mkdir -pv "/tmp/teleport-operator-v10-arm64-builder" + - echo '[registry."drone-docker-registry:5000"]' > "/tmp/teleport-operator-v10-arm64-builder/buildkitd.toml" + - echo ' http = true' >> "/tmp/teleport-operator-v10-arm64-builder/buildkitd.toml" + - docker buildx create --driver "docker-container" --driver-opt "network=host" --name + "teleport-operator-v10-arm64-builder" --config "/tmp/teleport-operator-v10-arm64-builder/buildkitd.toml" + - docker buildx build --push --builder "teleport-operator-v10-arm64-builder" --platform + "linux/arm64" --tag "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-arm64" + --file "/go/src/github.com/gravitational/teleport/operator/Dockerfile" --build-arg + "COMPILER_PACKAGE=gcc-aarch64-linux-gnu" --build-arg "COMPILER_NAME=aarch64-linux-gnu-gcc" + /go/src/github.com/gravitational/teleport + - docker buildx rm "teleport-operator-v10-arm64-builder" + - rm -rf "/tmp/teleport-operator-v10-arm64-builder" + environment: + DOCKER_BUILDKIT: "1" + volumes: + - name: dockersock + path: /var/run + depends_on: + - Verify build is tagged + - Check if tag is prerelease + - Wait for docker + - Wait for docker registry + - Check out code +- name: Tag and push image "teleport-operator:v10-amd64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-amd64" "quay.io/fred_heinecke/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-amd64" "quay.io/fred_heinecke/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-amd64" "quay.io/fred_heinecke/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1)-amd64" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2)-amd64" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2,3)-amd64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v10-amd64" +- name: Tag and push image "teleport-operator:v10-arm" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-arm" "quay.io/fred_heinecke/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-arm" "quay.io/fred_heinecke/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-arm" "quay.io/fred_heinecke/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2)-arm" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2,3)-arm" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1)-arm" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v10-arm" +- name: Tag and push image "teleport-operator:v10-arm64" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker pull "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-arm64" "quay.io/fred_heinecke/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-arm64" "quay.io/fred_heinecke/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-arm64" "quay.io/fred_heinecke/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1)-arm64" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2)-arm64" + - docker push "quay.io/fred_heinecke/teleport-operator:$(echo $DRONE_TAG | sed 's/v//' + | cut -d'.' -f 1,2,3)-arm64" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v10-arm64" +- name: Create manifest and push "teleport-operator:major" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-operator:$(echo $DRONE_TAG + | sed 's/v//' | cut -d'.' -f 1)" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-operator:$(echo $DRONE_TAG + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v10-amd64" to Quay + - Tag and push image "teleport-operator:v10-arm" to Quay + - Tag and push image "teleport-operator:v10-arm64" to Quay +- name: Create manifest and push "teleport-operator:minor" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-operator:$(echo $DRONE_TAG + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-operator:$(echo $DRONE_TAG + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v10-amd64" to Quay + - Tag and push image "teleport-operator:v10-arm" to Quay + - Tag and push image "teleport-operator:v10-arm64" to Quay +- name: Create manifest and push "teleport-operator:canonical" to Quay + image: docker + commands: + - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" "quay.io" + - docker manifest create "quay.io/fred_heinecke/teleport-operator:$(echo $DRONE_TAG + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "quay.io/fred_heinecke/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "quay.io/fred_heinecke/teleport-operator:$(echo $DRONE_TAG + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "quay.io" + environment: + QUAY_PASSWORD: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_PASSWORD + QUAY_USERNAME: + from_secret: TEST_PRODUCTION_QUAYIO_DOCKER_USERNAME + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v10-amd64" to Quay + - Tag and push image "teleport-operator:v10-arm" to Quay + - Tag and push image "teleport-operator:v10-arm64" to Quay +- name: Tag and push image "teleport-operator:v10-amd64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-amd64" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-amd64" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-amd64" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v10-amd64" +- name: Tag and push image "teleport-operator:v10-arm" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-arm" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-arm" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-arm" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v10-arm" +- name: Tag and push image "teleport-operator:v10-arm64" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker pull "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-arm64" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-arm64" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-arm64" "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v10-arm64" +- name: Create manifest and push "teleport-operator:major-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-amd64" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v10-amd64" to ECR - staging + - Tag and push image "teleport-operator:v10-arm" to ECR - staging + - Tag and push image "teleport-operator:v10-arm64" to ECR - staging +- name: Create manifest and push "teleport-operator:minor-$TIMESTAMP" to ECR - staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-amd64" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET volumes: - name: dockersock path: /var/run -- name: Pull/retag Docker images + depends_on: + - Tag and push image "teleport-operator:v10-amd64" to ECR - staging + - Tag and push image "teleport-operator:v10-arm" to ECR - staging + - Tag and push image "teleport-operator:v10-arm64" to ECR - staging +- name: Create manifest and push "teleport-operator:canonical-$TIMESTAMP" to ECR - + staging + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr get-login-password --region=us-east-2 | docker login -u="AWS" --password-stdin + 278576220453.dkr.ecr.us-east-2.amazonaws.com + - docker manifest create "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-amd64" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm" --amend "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP-arm64" + - docker manifest push "278576220453.dkr.ecr.us-east-2.amazonaws.com/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-$TIMESTAMP" + - docker logout "278576220453.dkr.ecr.us-east-2.amazonaws.com" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_STAGING_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v10-amd64" to ECR - staging + - Tag and push image "teleport-operator:v10-arm" to ECR - staging + - Tag and push image "teleport-operator:v10-arm64" to ECR - staging +- name: Tag and push image "teleport-operator:v10-amd64" to ECR - production image: docker commands: - apk add --no-cache aws-cli - - export VERSION=${DRONE_TAG##v} - - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin - 146628656107.dkr.ecr.us-west-2.amazonaws.com - - echo "---> Pulling images for $${VERSION}" - - docker pull 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$${VERSION} - - docker pull 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$${VERSION} - - docker pull 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$${VERSION}-fips - - docker pull 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$${VERSION} - - echo "---> Tagging images for $${VERSION}" - - docker tag 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$${VERSION} - public.ecr.aws/gravitational/teleport:$${VERSION} - - docker tag 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$${VERSION} - public.ecr.aws/gravitational/teleport-ent:$${VERSION} - - docker tag 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$${VERSION}-fips - public.ecr.aws/gravitational/teleport-ent:$${VERSION}-fips - - docker tag 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$${VERSION} - public.ecr.aws/gravitational/teleport-operator:$${VERSION} - - docker logout 146628656107.dkr.ecr.us-west-2.amazonaws.com + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin public.ecr.aws - - echo "---> Pushing images for $${VERSION}" - - docker push public.ecr.aws/gravitational/teleport:$${VERSION} - - docker push public.ecr.aws/gravitational/teleport-ent:$${VERSION} - - docker push public.ecr.aws/gravitational/teleport-ent:$${VERSION}-fips - - docker push public.ecr.aws/gravitational/teleport-operator:$${VERSION} + - docker pull "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-amd64" "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-amd64" "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-amd64" + - docker tag "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-amd64" "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $DRONE_TAG | sed + 's/v//' | cut -d'.' -f 1)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $DRONE_TAG | sed + 's/v//' | cut -d'.' -f 1,2)-amd64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $DRONE_TAG | sed + 's/v//' | cut -d'.' -f 1,2,3)-amd64" + - docker logout "public.ecr.aws" environment: AWS_ACCESS_KEY_ID: - from_secret: PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY AWS_SECRET_ACCESS_KEY: - from_secret: PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET volumes: - name: dockersock path: /var/run -services: -- name: Start Docker - image: docker:dind - privileged: true + depends_on: + - Build teleport-operator image "teleport-operator:v10-amd64" +- name: Tag and push image "teleport-operator:v10-arm" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-arm" "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-arm" "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm" + - docker tag "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-arm" "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $DRONE_TAG | sed + 's/v//' | cut -d'.' -f 1)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $DRONE_TAG | sed + 's/v//' | cut -d'.' -f 1,2)-arm" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $DRONE_TAG | sed + 's/v//' | cut -d'.' -f 1,2,3)-arm" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET volumes: - name: dockersock path: /var/run -volumes: -- name: dockersock - temp: {} - ---- -################################################ -# Generated using dronegen, do not edit by hand! -# Use 'make dronegen' to update. -# Generated at dronegen/promote.go:85 -################################################ - -kind: pipeline -type: kubernetes -name: promote-docker-quay -trigger: - event: - include: - - promote - target: - include: - - production - - promote-docker - - promote-docker-quay - repo: - include: - - gravitational/* -workspace: - path: /go -clone: - disable: true -steps: -- name: Verify build is tagged - image: alpine:latest + depends_on: + - Build teleport-operator image "teleport-operator:v10-arm" +- name: Tag and push image "teleport-operator:v10-arm64" to ECR - production + image: docker commands: - - '[ -n ${DRONE_TAG} ] || (echo ''DRONE_TAG is not set. Is the commit tagged?'' - && exit 1)' -- name: Wait for docker + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker pull "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-arm64" "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-arm64" "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker tag "drone-docker-registry:5000/teleport-operator:$DRONE_TAG-arm64" "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $DRONE_TAG | sed + 's/v//' | cut -d'.' -f 1)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $DRONE_TAG | sed + 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $DRONE_TAG | sed + 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Build teleport-operator image "teleport-operator:v10-arm64" +- name: Create manifest and push "teleport-operator:major" to ECR - production image: docker commands: - - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $DRONE_TAG + | sed 's/v//' | cut -d'.' -f 1)" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-amd64" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $DRONE_TAG + | sed 's/v//' | cut -d'.' -f 1)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET volumes: - name: dockersock path: /var/run -- name: Pull/retag Docker images + depends_on: + - Tag and push image "teleport-operator:v10-amd64" to ECR - production + - Tag and push image "teleport-operator:v10-arm" to ECR - production + - Tag and push image "teleport-operator:v10-arm64" to ECR - production +- name: Create manifest and push "teleport-operator:minor" to ECR - production image: docker commands: - apk add --no-cache aws-cli - - export VERSION=${DRONE_TAG##v} - - aws ecr get-login-password --region=us-west-2 | docker login -u="AWS" --password-stdin - 146628656107.dkr.ecr.us-west-2.amazonaws.com - - echo "---> Pulling images for $${VERSION}" - - docker pull 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$${VERSION} - - docker pull 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$${VERSION} - - docker pull 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$${VERSION}-fips - - docker pull 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$${VERSION} - - echo "---> Tagging images for $${VERSION}" - - docker tag 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport:$${VERSION} - quay.io/gravitational/teleport:$${VERSION} - - docker tag 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$${VERSION} - quay.io/gravitational/teleport-ent:$${VERSION} - - docker tag 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-ent:$${VERSION}-fips - quay.io/gravitational/teleport-ent:$${VERSION}-fips - - docker tag 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator:$${VERSION} - quay.io/gravitational/teleport-operator:$${VERSION} - - docker logout 146628656107.dkr.ecr.us-west-2.amazonaws.com - - docker login -u="$QUAY_USERNAME" -p="$QUAY_PASSWORD" quay.io - - echo "---> Pushing images for $${VERSION}" - - docker push quay.io/gravitational/teleport:$${VERSION} - - docker push quay.io/gravitational/teleport-ent:$${VERSION} - - docker push quay.io/gravitational/teleport-ent:$${VERSION}-fips - - docker push quay.io/gravitational/teleport-operator:$${VERSION} + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $DRONE_TAG + | sed 's/v//' | cut -d'.' -f 1,2)" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-amd64" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $DRONE_TAG + | sed 's/v//' | cut -d'.' -f 1,2)" + - docker logout "public.ecr.aws" environment: AWS_ACCESS_KEY_ID: - from_secret: STAGING_TELEPORT_DRONE_USER_ECR_KEY + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY AWS_SECRET_ACCESS_KEY: - from_secret: STAGING_TELEPORT_DRONE_USER_ECR_SECRET - QUAY_PASSWORD: - from_secret: PRODUCTION_QUAYIO_DOCKER_PASSWORD - QUAY_USERNAME: - from_secret: PRODUCTION_QUAYIO_DOCKER_USERNAME + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET + volumes: + - name: dockersock + path: /var/run + depends_on: + - Tag and push image "teleport-operator:v10-amd64" to ECR - production + - Tag and push image "teleport-operator:v10-arm" to ECR - production + - Tag and push image "teleport-operator:v10-arm64" to ECR - production +- name: Create manifest and push "teleport-operator:canonical" to ECR - production + image: docker + commands: + - apk add --no-cache aws-cli + - TIMESTAMP=$(date -d @"$DRONE_BUILD_CREATED" '+%Y%m%d%H%M') + - aws ecr-public get-login-password --region=us-east-1 | docker login -u="AWS" --password-stdin + public.ecr.aws + - docker manifest create "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $DRONE_TAG + | sed 's/v//' | cut -d'.' -f 1,2,3)" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-amd64" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm" --amend "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo + $DRONE_TAG | sed 's/v//' | cut -d'.' -f 1,2,3)-arm64" + - docker manifest push "public.ecr.aws/u8j2q1d9/teleport-operator:$(echo $DRONE_TAG + | sed 's/v//' | cut -d'.' -f 1,2,3)" + - docker logout "public.ecr.aws" + environment: + AWS_ACCESS_KEY_ID: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY + AWS_SECRET_ACCESS_KEY: + from_secret: TEST_PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET volumes: - name: dockersock path: /var/run + depends_on: + - Tag and push image "teleport-operator:v10-amd64" to ECR - production + - Tag and push image "teleport-operator:v10-arm" to ECR - production + - Tag and push image "teleport-operator:v10-arm64" to ECR - production services: - name: Start Docker image: docker:dind @@ -5883,13 +20517,17 @@ services: volumes: - name: dockersock path: /var/run +- name: drone-docker-registry + image: registry:2 + privileged: false + volumes: [] volumes: - name: dockersock temp: {} --- kind: pipeline -type: kubernetes +type: docker name: promote-build trigger: @@ -6278,7 +20916,7 @@ volumes: name: drone-s3-debrepo-pvc --- kind: pipeline -type: kubernetes +type: docker name: publish-rlz environment: @@ -6365,6 +21003,6 @@ volumes: medium: memory --- kind: signature -hmac: 435e18755866e12d1b6cc018ea75e457c1d6aa4054cdce89f0ffeac9119841f4 +hmac: 168551abcefd3da93f6a8857f37633cdc98b1590a55088a769d0153f092ff976 ... diff --git a/Makefile b/Makefile index 112490634051c..1d6980333bbb6 100644 --- a/Makefile +++ b/Makefile @@ -13,12 +13,9 @@ # Master/dev branch: "1.0.0-dev" VERSION=11.0.0-dev -DOCKER_IMAGE_QUAY ?= quay.io/gravitational/teleport -DOCKER_IMAGE_ECR ?= public.ecr.aws/gravitational/teleport -DOCKER_IMAGE_STAGING ?= 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport +DOCKER_IMAGE ?= teleport DOCKER_IMAGE_OPERATOR_STAGING ?= 146628656107.dkr.ecr.us-west-2.amazonaws.com/gravitational/teleport-operator - GOPATH ?= $(shell go env GOPATH) # These are standard autotools variables, don't change them please @@ -368,11 +365,10 @@ release-arm64: $(MAKE) release ARCH=arm64 # -# make release-unix - Produces a binary release tarball containing teleport, -# tctl, and tsh. +# make build-archive - Packages the results of a build into a release tarball # -.PHONY: -release-unix: clean full +.PHONY: build-archive +build-archive: @echo "---> Creating OSS release archive." mkdir teleport cp -rf $(BUILDDIR)/* \ @@ -385,6 +381,13 @@ release-unix: clean full tar $(TAR_FLAGS) -c teleport | gzip -n > $(RELEASE).tar.gz rm -rf teleport @echo "---> Created $(RELEASE).tar.gz." + +# +# make release-unix - Produces a binary release tarball containing teleport, +# tctl, and tsh. +# +.PHONY: +release-unix: clean full build-archive @if [ -f e/Makefile ]; then \ rm -fr $(ASSETS_BUILDDIR)/webassets; \ $(MAKE) -C e release; \ @@ -982,52 +985,17 @@ install: build cp -f $(BUILDDIR)/teleport $(BINDIR)/ mkdir -p $(DATADIR) - # Docker image build. Always build the binaries themselves within docker (see # the "docker" rule) to avoid dependencies on the host libc version. .PHONY: image -image: clean docker-binaries +image: OS=linux +image: TARBALL_PATH_SECTION:=-s "$(shell pwd)" +image: clean docker-binaries build-archive oss-deb cp ./build.assets/charts/Dockerfile $(BUILDDIR)/ - cd $(BUILDDIR) && docker build --no-cache . -t $(DOCKER_IMAGE_QUAY):$(VERSION) + cd $(BUILDDIR) && docker build --no-cache . -t $(DOCKER_IMAGE):$(VERSION) --target teleport \ + --build-arg DEB_PATH="./teleport_$(VERSION)_$(ARCH).deb" if [ -f e/Makefile ]; then $(MAKE) -C e image; fi -.PHONY: publish -publish: image - docker push $(DOCKER_IMAGE_QUAY):$(VERSION) - if [ -f e/Makefile ]; then $(MAKE) -C e publish; fi - -.PHONY: publish-ecr -publish-ecr: image - docker tag $(DOCKER_IMAGE_QUAY) $(DOCKER_IMAGE_ECR) - docker push $(DOCKER_IMAGE_ECR):$(VERSION) - if [ -f e/Makefile ]; then $(MAKE) -C e publish-ecr; fi - -# Docker image build in CI. -# This is run to build and push Docker images to a private repository as part of the build process. -# When we are ready to make the images public after testing (i.e. when publishing a release), we pull these -# images down, retag them and push them up to the production repo so they're available for use. -# This job can be removed/consolidated after we switch over completely from using Jenkins to using Drone. -.PHONY: image-ci -image-ci: clean docker-binaries - cp ./build.assets/charts/Dockerfile $(BUILDDIR)/ - cd $(BUILDDIR) && docker build --no-cache . -t $(DOCKER_IMAGE_STAGING):$(VERSION) - if [ -f e/Makefile ]; then $(MAKE) -C e image-ci; fi - - -# DOCKER_CLI_EXPERIMENTAL=enabled is set to allow inspecting the manifest for present images. -# https://docs.docker.com/engine/reference/commandline/cli/#experimental-features -# The internal staging images use amazon ECR's immutable repository settings. This makes overwrites impossible currently. -# This can cause issues when drone tagging pipelines must be re-run due to failures. -# Currently the work around for this is to not attempt to push to the image when it already exists. -.PHONY: publish-ci -publish-ci: image-ci - @if DOCKER_CLI_EXPERIMENTAL=enabled docker manifest inspect "$(DOCKER_IMAGE_STAGING):$(VERSION)" >/dev/null 2>&1; then\ - echo "$(DOCKER_IMAGE_STAGING):$(VERSION) already exists. "; \ - else \ - docker push "$(DOCKER_IMAGE_STAGING):$(VERSION)"; \ - fi - if [ -f e/Makefile ]; then $(MAKE) -C e publish-ci; fi - # Docker image build for Teleport Operator .PHONY: image-operator-ci image-operator-ci: @@ -1098,13 +1066,17 @@ rpm: rpm-unsigned: $(MAKE) UNSIGNED_RPM=true rpm -# build .deb -.PHONY: deb -deb: +# build open source .deb only +.PHONY: oss-deb +oss-deb: mkdir -p $(BUILDDIR)/ cp ./build.assets/build-package.sh ./build.assets/build-common.sh $(BUILDDIR)/ chmod +x $(BUILDDIR)/build-package.sh cd $(BUILDDIR) && ./build-package.sh -t oss -v $(VERSION) -p deb -a $(ARCH) $(RUNTIME_SECTION) $(TARBALL_PATH_SECTION) + +# build .deb +.PHONY: deb +deb: oss-deb if [ -f e/Makefile ]; then $(MAKE) -C e deb; fi # check binary compatibility with different OSes diff --git a/build.assets/Dockerfile-cron b/build.assets/Dockerfile-cron deleted file mode 100644 index e5230361bf696..0000000000000 --- a/build.assets/Dockerfile-cron +++ /dev/null @@ -1,45 +0,0 @@ -# First stage downloads pre-compiled Teleport archive from get.gravitational.com -# and extracts binaries from the archive. -FROM alpine AS download - -ARG DOWNLOAD_TYPE=teleport -ARG VERSION_TAG -ARG OS -ARG ARCH -ARG EXTRA_DOWNLOAD_ARGS="" - -WORKDIR /tmp -# Install dependencies. -RUN apk --update --no-cache add curl tar - -# Download the appropriate binary tarball from get.gravitational.com and extract the binaries into -# a temporary directory for us to use in the second stage. -RUN mkdir -p build && \ - curl -Ls https://get.gravitational.com/${DOWNLOAD_TYPE}-${VERSION_TAG}-${OS}-${ARCH}${EXTRA_DOWNLOAD_ARGS}-bin.tar.gz | tar -xzf - && \ - cp $DOWNLOAD_TYPE/teleport $DOWNLOAD_TYPE/tctl $DOWNLOAD_TYPE/tsh $DOWNLOAD_TYPE/tbot build - -# Second stage builds final container with teleport binaries. -FROM ubuntu:20.04 AS teleport - -# Install ca-certificates, dumb-init and libelf1, then clean up. -RUN apt-get update && \ - DEBIAN_FRONTEND=noninteractive apt-get upgrade -y && \ - DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y ca-certificates dumb-init libelf1 && \ - update-ca-certificates && \ - apt-get -y clean && \ - rm -rf /var/lib/apt/lists/* - -# Copy "teleport", "tctl", "tbot", and "tsh" binaries from the previous stage. -COPY --from=download /tmp/build/teleport /usr/local/bin/teleport -COPY --from=download /tmp/build/tctl /usr/local/bin/tctl -COPY --from=download /tmp/build/tsh /usr/local/bin/tsh -COPY --from=download /tmp/build/tbot /usr/local/bin/tbot - -# Run Teleport inside the image with a default config file location. -ENTRYPOINT ["/usr/bin/dumb-init", "teleport", "start", "-c", "/etc/teleport/teleport.yaml"] - -# Optional third stage which is only run when building the FIPS image. -FROM teleport AS teleport-fips - -# Override the standard entrypoint set in the previous image with the --fips argument to start in FIPS mode. -ENTRYPOINT ["/usr/bin/dumb-init", "teleport", "start", "-c", "/etc/teleport/teleport.yaml", "--fips"] diff --git a/build.assets/Dockerfile-cron-v8 b/build.assets/Dockerfile-cron-v8 deleted file mode 100644 index 80e48c82b35f7..0000000000000 --- a/build.assets/Dockerfile-cron-v8 +++ /dev/null @@ -1,44 +0,0 @@ -# First stage downloads pre-compiled Teleport archive from get.gravitational.com -# and extracts binaries from the archive. -FROM alpine AS download - -ARG DOWNLOAD_TYPE=teleport -ARG VERSION_TAG -ARG OS -ARG ARCH -ARG EXTRA_DOWNLOAD_ARGS="" - -WORKDIR /tmp -# Install dependencies. -RUN apk --update --no-cache add curl tar - -# Download the appropriate binary tarball from get.gravitational.com and extract the binaries into -# a temporary directory for us to use in the second stage. -RUN mkdir -p build && \ - curl -Ls https://get.gravitational.com/${DOWNLOAD_TYPE}-${VERSION_TAG}-${OS}-${ARCH}${EXTRA_DOWNLOAD_ARGS}-bin.tar.gz | tar -xzf - && \ - cp $DOWNLOAD_TYPE/teleport $DOWNLOAD_TYPE/tctl $DOWNLOAD_TYPE/tsh build - -# Second stage builds final container with teleport binaries. -FROM ubuntu:20.04 AS teleport - -# Install ca-certificates, dumb-init and libelf1, then clean up. -RUN apt-get update && \ - DEBIAN_FRONTEND=noninteractive apt-get upgrade -y && \ - DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y ca-certificates dumb-init libelf1 && \ - update-ca-certificates && \ - apt-get -y clean && \ - rm -rf /var/lib/apt/lists/* - -# Copy "teleport", "tctl", and "tsh" binaries from the previous stage. -COPY --from=download /tmp/build/teleport /usr/local/bin/teleport -COPY --from=download /tmp/build/tctl /usr/local/bin/tctl -COPY --from=download /tmp/build/tsh /usr/local/bin/tsh - -# Run Teleport inside the image with a default config file location. -ENTRYPOINT ["/usr/bin/dumb-init", "teleport", "start", "-c", "/etc/teleport/teleport.yaml"] - -# Optional third stage which is only run when building the FIPS image. -FROM teleport AS teleport-fips - -# Override the standard entrypoint set in the previous image with the --fips argument to start in FIPS mode. -ENTRYPOINT ["/usr/bin/dumb-init", "teleport", "start", "-c", "/etc/teleport/teleport.yaml", "--fips"] diff --git a/build.assets/charts/Dockerfile b/build.assets/charts/Dockerfile index cbf32c8f1fa03..f132eaae7379c 100644 --- a/build.assets/charts/Dockerfile +++ b/build.assets/charts/Dockerfile @@ -1,4 +1,9 @@ -FROM ubuntu:20.04 +# Stage to build the image, without FIPS entrypoint argument +FROM ubuntu:20.04 AS teleport + +# Copy the deb archive +ARG DEB_PATH +COPY ${DEB_PATH?} /tmp/teleport.deb # Install dumb-init and ca-certificates. The dumb-init package is to ensure # signals and orphaned processes are are handled correctly. The ca-certificate @@ -35,22 +40,23 @@ FROM ubuntu:20.04 # * vi # * wget -# Note that /var/lib/apt/lists/* is cleaned up in the same RUN command as -# "apt-get update" to reduce the size of the image. + # Update the base image RUN apt-get update && \ DEBIAN_FRONTEND=noninteractive apt-get upgrade -y && \ + # Install dependencies DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y ca-certificates dumb-init libelf1 && \ + update-ca-certificates && \ + # Install tools DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y net-tools iputils-ping inetutils-telnet netcat tcpdump busybox && \ busybox --install -s && \ - update-ca-certificates && \ + # Install Teleport + dpkg -i /tmp/teleport.deb && \ + # Cleanup apt-get -y clean && \ rm -rf /var/lib/apt/lists/* -# Bundle "teleport", "tctl", "tbot", and "tsh" binaries into image. -COPY teleport /usr/local/bin/teleport -COPY tctl /usr/local/bin/tctl -COPY tsh /usr/local/bin/tsh -COPY tbot /usr/local/bin/tbot - # By setting this entry point, we expose make target as command. ENTRYPOINT ["/usr/bin/dumb-init", "teleport", "start", "-c", "/etc/teleport/teleport.yaml"] + +FROM teleport AS teleport-fips +ENTRYPOINT ["/usr/bin/dumb-init", "teleport", "start", "-c", "/etc/teleport/teleport.yaml", "--fips"] diff --git a/build.assets/charts/Dockerfile-fips b/build.assets/charts/Dockerfile-fips deleted file mode 100644 index 46bf9d3a0aa15..0000000000000 --- a/build.assets/charts/Dockerfile-fips +++ /dev/null @@ -1,56 +0,0 @@ -FROM ubuntu:20.04 - -# Install dumb-init and ca-certificates. The dumb-init package is to ensure -# signals and orphaned processes are are handled correctly. The ca-certificate -# package is installed because the base Ubuntu image does not come with any -# certificate authorities. libelf1 is a dependency introduced by Teleport 7.0. -# -# The below packages are provided for debug purposes. Installing them adds around -# six megabytes to the image size. The packages include the following commands: -# * net-tools -# * netstat -# * ifconfig -# * ipmaddr -# * iptunnel -# * mii-tool -# * nameif -# * plipconfig -# * rarp -# * route -# * slattach -# * arp -# * iputils-ping -# * ping -# * ping4 -# * ping6 -# * inetutils-telnet -# * telnet -# * netcat -# * netcat -# * tcpdump -# * tcpdump -# * busybox (see "busybox --list" for all provided utils) -# * less -# * nslookup -# * vi -# * wget -# -# Note that /var/lib/apt/lists/* is cleaned up in the same RUN command as -# "apt-get update" to reduce the size of the image. -RUN apt-get update && \ - DEBIAN_FRONTEND=noninteractive apt-get upgrade -y && \ - DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y ca-certificates dumb-init libelf1 && \ - DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y net-tools iputils-ping inetutils-telnet netcat tcpdump busybox && \ - busybox --install -s && \ - update-ca-certificates && \ - apt-get -y clean && \ - rm -rf /var/lib/apt/lists/* - -# Bundle "teleport", "tctl", "tbot", and "tsh" binaries into image. -COPY teleport /usr/local/bin/teleport -COPY tctl /usr/local/bin/tctl -COPY tsh /usr/local/bin/tsh -COPY tbot /usr/local/bin/tbot - -# By setting this entry point, we expose make target as command. -ENTRYPOINT ["/usr/bin/dumb-init", "teleport", "start", "-c", "/etc/teleport/teleport.yaml", "--fips"] diff --git a/docker/sshd/Dockerfile b/docker/sshd/Dockerfile index 65462514fe9ab..0e139ef3e141f 100644 --- a/docker/sshd/Dockerfile +++ b/docker/sshd/Dockerfile @@ -1,5 +1,5 @@ -ARG TELEPORT_TAG -FROM quay.io/gravitational/teleport:${TELEPORT_TAG} +ARG BASE_IMAGE +FROM $BASE_IMAGE # Demo ansible, ssh, htop RUN apt-get update && apt-get install -y ansible ssh inetutils-syslogd htop diff --git a/docs/postrelease.md b/docs/postrelease.md index 5f9f3b2f79dac..9feed055d5598 100644 --- a/docs/postrelease.md +++ b/docs/postrelease.md @@ -12,7 +12,7 @@ This checklist is to be run after cutting a release. ### Major releases only - [ ] Update support matrix in docs FAQ page -- [ ] Update `CURRENT_VERSION_ROOT` and other previous versions in Drone `teleport-docker-cron` job +- [ ] Update `teleportVersions` and other previous versions in Dronegen `/dronegen/container_images.go buildContainerImagePipelines` function - Example: https://github.com/gravitational/teleport/pull/4602 - [ ] Create PR to update default Teleport image referenced in docker/teleport-quickstart.yml and docker/teleport-ent-quickstart.yml - Example: https://github.com/gravitational/teleport/pull/4655 diff --git a/dronegen/common.go b/dronegen/common.go index 586f8214c2852..d13bac435413f 100644 --- a/dronegen/common.go +++ b/dronegen/common.go @@ -19,6 +19,7 @@ import ( "fmt" "log" "os/exec" + "path" "strings" ) @@ -48,7 +49,7 @@ var ( triggerPromote = trigger{ Event: triggerRef{Include: []string{"promote"}}, Target: triggerRef{Include: []string{"production"}}, - Repo: triggerRef{Include: []string{"gravitational/*"}}, + Repo: triggerRef{Include: []string{"gravitational/teleport"}}, } volumeDocker = volume{ @@ -96,6 +97,24 @@ func pushTriggerForBranch(branches ...string) trigger { return t } +func cronTrigger(cronJobNames []string) trigger { + return trigger{ + Cron: triggerRef{Include: cronJobNames}, + Repo: triggerRef{Include: []string{"gravitational/teleport"}}, + } +} + +func cloneRepoCommands(cloneDirectory, commit string) []string { + return []string{ + fmt.Sprintf("mkdir -pv %q", cloneDirectory), + fmt.Sprintf("cd %q", cloneDirectory), + "git init", + "git remote add origin ${DRONE_REMOTE_URL}", + "git fetch origin", + fmt.Sprintf("git checkout -qf %q", commit), + } +} + type buildType struct { os string arch string @@ -105,9 +124,10 @@ type buildType struct { } // Description provides a human-facing description of the artifact, e.g.: -// Windows 64-bit (tsh client only) -// Linux ARMv7 (32-bit) -// MacOS Intel .pkg installer +// +// Windows 64-bit (tsh client only) +// Linux ARMv7 (32-bit) +// MacOS Intel .pkg installer func (b *buildType) Description(packageType string, extraQualifications ...string) string { var result string @@ -194,6 +214,19 @@ func dockerService(v ...volumeRef) service { } } +// Starts a container registry service at `drone-docker-registry:5000` +// This can be pushed/pulled to via `docker push/pull drone-docker-registry:5000/image:tag` +func dockerRegistryService() service { + // The name of this service must match k8s.io/apimachinery/pkg/util/validation `IsDNS1123Subdomain` + // so that it is resolvable + // See https://github.com/drone-runners/drone-runner-kube/blob/master/engine/compiler/compiler.go#L398 + // for details + return service{ + Name: "drone-docker-registry", + Image: "registry:2", + } +} + // dockerVolumes returns a slice of volumes // It includes the Docker socket volume by default, plus any extra volumes passed in func dockerVolumes(v ...volume) []volume { @@ -241,3 +274,54 @@ func waitForDockerStep() step { Volumes: dockerVolumeRefs(), } } + +// waitForDockerStep returns a step which checks that the Docker registry is ready +func waitForDockerRegistryStep() step { + return step{ + Name: "Wait for docker registry", + Image: "alpine", + Commands: []string{ + "apk add curl", + `timeout 30s /bin/sh -c 'while [ "$(curl -s -o /dev/null -w %{http_code} http://drone-docker-registry:5000/)" != "200" ]; do sleep 1; done'`, + }, + } +} + +func verifyValidPromoteRunSteps() []step { + tagStep := verifyTaggedStep() + verifyStep := verifyNotPrereleaseStep() + + return []step{tagStep, verifyStep} +} + +func verifyTaggedStep() step { + return step{ + Name: "Verify build is tagged", + Image: "alpine:latest", + Commands: []string{ + "[ -n ${DRONE_TAG} ] || (echo 'DRONE_TAG is not set. Is the commit tagged?' && exit 1)", + }, + } +} + +// Note that tags are also valid here as a tag refers to a specific commit +func cloneRepoStep(clonePath, commit string) step { + return step{ + Name: "Check out code", + Image: "alpine/git:latest", + Commands: cloneRepoCommands(clonePath, commit), + } +} + +func verifyNotPrereleaseStep() step { + clonePath := "/tmp/repo" + return step{ + Name: "Check if tag is prerelease", + Image: "golang:1.18-alpine", + Commands: append( + cloneRepoCommands(clonePath, "${DRONE_TAG}"), + fmt.Sprintf("cd %q", path.Join(clonePath, "build.assets", "tooling")), + "go run ./cmd/check -tag ${DRONE_TAG} -check prerelease || (echo '---> This is a prerelease, not continuing promotion for ${DRONE_TAG}' && exit 78)", + ), + } +} diff --git a/dronegen/container_images.go b/dronegen/container_images.go new file mode 100644 index 0000000000000..83d815738c812 --- /dev/null +++ b/dronegen/container_images.go @@ -0,0 +1,953 @@ +// Copyright 2021 Gravitational, Inc +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package main + +// To run one of these pipelines locally: +// # Drone requires certain variables to be set +// export DRONE_REMOTE_URL="https://github.com/gravitational/teleport" +// export DRONE_SOURCE_BRANCH="$(git branch --show-current)" +// # `drone exec` does not support `exec` or `kubernetes` pipelines +// sed -i '' 's/type\: kubernetes/type\: docker/' .drone.yml && sed -i '' 's/type\: exec/type\: docker/' .drone.yml +// # Drone has a bug where "workspace" is appended to "/drone/src". This fixes that by updating references +// sed -i '' 's~/go/~/drone/src/go/~g' .drone.yml +// # Pull the current branch instead of v10 +// sed -i '' "s~git checkout -qf \"\$(cat '/go/vars/full-version/v10')\"~git checkout -qf \"${DRONE_SOURCE_BRANCH}\"~" .drone.yml +// # `drone exec` does not properly map the workspace path. This creates a volume to be shared between steps +// # at the correct path +// DOCKER_VOLUME_NAME="go" +// docker volume create "$DOCKER_VOLUME_NAME" +// drone exec --trusted --pipeline teleport-container-images-current-version-cron --clone=false --volume "${DOCKER_VOLUME_NAME}:/go" +// # Cleanup +// docker volume rm "$DOCKER_VOLUME_NAME" + +import ( + "fmt" + "path" + "regexp" + "strings" +) + +// If you are working on a PR/testing changes to this file you should configure the following for Drone testing: +// 1. Publish the branch you're working on +// 2. Set `PRBranch` to the name of the branch in (1) +// 3. Set `ConfigureForPRTestingOnly` to true +// 4. Create a public and private ECR, Quay repos for "teleport", "teleport-ent", "teleport-operator", "teleport-lab" +// 5. Set `TestingQuayRegistryOrg` and `TestingECRRegistryOrg` to the org name(s) used in (4) +// 6. Set the `ECRTestingDomain` to the domain used for the private ECR repos +// 7. Create two separate IAM users, each with full access to either the public ECR repo OR the private ECR repo +// 8. Create a Quay "robot account" with write permissions for the created Quay repos +// 9. Set the Drone secrets for the secret names listed in "GetContainerRepos" to the credentials in (7, 8), prefixed by the value of `TestingSecretPrefix` +// +// On each commit, after running `make dronegen``, run the following commands and resign the file: +// # Pull the current branch instead of v10 so the appropriate dockerfile gets loaded +// sed -i '' "s~git checkout -qf \"\$(cat '/go/vars/full-version/v10')\"~git checkout -qf \"${DRONE_SOURCE_BRANCH}\"~" .drone.yml +// +// When finishing up your PR check the following: +// * The testing secrets added to Drone have been removed +// * `ConfigureForPRTestingOnly` has been set to false, and `make dronegen` has been reran afterwords + +const ( + ConfigureForPRTestingOnly bool = true + TestingSecretPrefix string = "TEST_" + TestingQuayRegistryOrg string = "fred_heinecke" + TestingECRRegistryOrg string = "u8j2q1d9" + TestingECRRegion string = "us-east-2" + PRBranch string = "fred/arm-container-images" + TestingECRDomain string = "278576220453.dkr.ecr.us-east-2.amazonaws.com" +) + +const ( + ProductionRegistryOrg string = "gravitational" + PublicEcrRegion string = "us-east-1" + StagingEcrRegion string = "us-west-2" + + LocalRegistry string = "drone-docker-registry:5000" +) + +func buildContainerImagePipelines() []pipeline { + // ************************************************************* + // ****** These need to be updated on each major release. ****** + // ************************************************************* + latestMajorVersions := []string{"v10", "v9", "v8"} + branchMajorVersion := "v10" + + triggers := []*TriggerInfo{ + NewPromoteTrigger(branchMajorVersion), + NewCronTrigger(latestMajorVersions), + } + + if ConfigureForPRTestingOnly { + triggers = append(triggers, NewTestTrigger(PRBranch, branchMajorVersion)) + } + + pipelines := make([]pipeline, 0, len(triggers)) + for _, trigger := range triggers { + pipelines = append(pipelines, trigger.buildPipelines()...) + } + + return pipelines +} + +type TriggerInfo struct { + Trigger trigger + Name string + SupportedVersions []*releaseVersion + SetupSteps []step +} + +func NewTestTrigger(triggerBranch, testMajorVersion string) *TriggerInfo { + baseTrigger := NewCronTrigger([]string{testMajorVersion}) + baseTrigger.Name = "Test trigger on push" + baseTrigger.Trigger = trigger{ + Repo: triggerRef{Include: []string{"gravitational/teleport"}}, + Event: triggerRef{Include: []string{"push"}}, + Branch: triggerRef{Include: []string{triggerBranch}}, + } + + return baseTrigger +} + +func NewPromoteTrigger(branchMajorVersion string) *TriggerInfo { + promoteTrigger := triggerPromote + promoteTrigger.Target.Include = append(promoteTrigger.Target.Include, "promote-docker") + + return &TriggerInfo{ + Trigger: promoteTrigger, + Name: "promote", + SupportedVersions: []*releaseVersion{ + { + MajorVersion: branchMajorVersion, + ShellVersion: "$DRONE_TAG", + RelativeVersionName: "drone-tag", + }, + }, + SetupSteps: verifyValidPromoteRunSteps(), + } +} + +func NewCronTrigger(latestMajorVersions []string) *TriggerInfo { + if len(latestMajorVersions) == 0 { + return nil + } + + majorVersionVarDirectory := "/go/vars/full-version" + + supportedVersions := make([]*releaseVersion, 0, len(latestMajorVersions)) + if len(latestMajorVersions) > 0 { + latestMajorVersion := latestMajorVersions[0] + supportedVersions = append(supportedVersions, &releaseVersion{ + MajorVersion: latestMajorVersion, + ShellVersion: readCronShellVersionCommand(majorVersionVarDirectory, latestMajorVersion), + RelativeVersionName: "current-version", + SetupSteps: []step{getLatestSemverStep(latestMajorVersion, majorVersionVarDirectory)}, + }) + + if len(latestMajorVersions) > 1 { + for i, majorVersion := range latestMajorVersions[1:] { + supportedVersions = append(supportedVersions, &releaseVersion{ + MajorVersion: majorVersion, + ShellVersion: readCronShellVersionCommand(majorVersionVarDirectory, majorVersion), + RelativeVersionName: fmt.Sprintf("previous-version-%d", i+1), + SetupSteps: []step{getLatestSemverStep(majorVersion, majorVersionVarDirectory)}, + }) + } + } + } + + return &TriggerInfo{ + Trigger: cronTrigger([]string{"teleport-container-images-cron"}), + Name: "cron", + SupportedVersions: supportedVersions, + } +} + +func getLatestSemverStep(majorVersion string, majorVersionVarDirectory string) step { + // We don't use "/go/src/github.com/gravitational/teleport" here as a later stage + // may need to clone a different version, and "/go" persists between steps + cloneDirectory := "/tmp/teleport" + majorVersionVarPath := path.Join(majorVersionVarDirectory, majorVersion) + return step{ + Name: fmt.Sprintf("Find the latest available semver for %s", majorVersion), + Image: "golang:1.18", + Commands: append( + cloneRepoCommands(cloneDirectory, fmt.Sprintf("branch/%s", majorVersion)), + fmt.Sprintf("mkdir -pv %q", majorVersionVarDirectory), + fmt.Sprintf("cd %q", path.Join(cloneDirectory, "build.assets", "tooling", "cmd", "query-latest")), + fmt.Sprintf("go run . %q > %q", majorVersion, majorVersionVarPath), + fmt.Sprintf("echo Found full semver \"$(cat %q)\" for major version %q", majorVersionVarPath, majorVersion), + ), + } +} + +func readCronShellVersionCommand(majorVersionDirectory, majorVersion string) string { + return fmt.Sprintf("$(cat '%s')", path.Join(majorVersionDirectory, majorVersion)) +} + +// Drone triggers must all evaluate to "true" for a pipeline to be executed. +// As a result these pipelines are duplicated for each trigger. +// See https://docs.drone.io/pipeline/triggers/ for details. +func (ti *TriggerInfo) buildPipelines() []pipeline { + pipelines := make([]pipeline, 0, len(ti.SupportedVersions)) + for _, teleportVersion := range ti.SupportedVersions { + pipeline := teleportVersion.buildVersionPipeline(ti.SetupSteps) + pipeline.Name += "-" + ti.Name + pipeline.Trigger = ti.Trigger + + pipelines = append(pipelines, pipeline) + } + + return pipelines +} + +type releaseVersion struct { + MajorVersion string // This is the major version of a given build. `SearchVersion` should match this when evaluated. + ShellVersion string // This value will be evaluated by the shell in the context of a Drone step + RelativeVersionName string // The set of values for this should not change between major releases + SetupSteps []step // Version-specific steps that must be ran before executing build and push steps +} + +func (rv *releaseVersion) buildVersionPipeline(triggerSetupSteps []step) pipeline { + pipelineName := fmt.Sprintf("teleport-container-images-%s", rv.RelativeVersionName) + + setupSteps, dependentStepNames := rv.getSetupStepInformation(triggerSetupSteps) + + pipeline := newKubePipeline(pipelineName) + pipeline.Workspace = workspace{Path: "/go"} + pipeline.Services = []service{ + dockerService(), + dockerRegistryService(), + } + pipeline.Volumes = dockerVolumes() + pipeline.Environment = map[string]value{ + "DEBIAN_FRONTEND": { + raw: "noninteractive", + }, + } + pipeline.Steps = append(setupSteps, rv.buildSteps(dependentStepNames)...) + + return pipeline +} + +func (rv *releaseVersion) getSetupStepInformation(triggerSetupSteps []step) ([]step, []string) { + triggerSetupStepNames := make([]string, 0, len(triggerSetupSteps)) + for _, triggerSetupStep := range triggerSetupSteps { + triggerSetupStepNames = append(triggerSetupStepNames, triggerSetupStep.Name) + } + + nextStageSetupStepNames := triggerSetupStepNames + if len(rv.SetupSteps) > 0 { + versionSetupStepNames := make([]string, 0, len(rv.SetupSteps)) + for _, versionSetupStep := range rv.SetupSteps { + versionSetupStep.DependsOn = append(versionSetupStep.DependsOn, triggerSetupStepNames...) + versionSetupStepNames = append(versionSetupStepNames, versionSetupStep.Name) + } + + nextStageSetupStepNames = versionSetupStepNames + } + + setupSteps := append(triggerSetupSteps, rv.SetupSteps...) + + return setupSteps, nextStageSetupStepNames +} + +func (rv *releaseVersion) buildSteps(setupStepNames []string) []step { + clonedRepoPath := "/go/src/github.com/gravitational/teleport" + steps := make([]step, 0) + + setupSteps := []step{ + waitForDockerStep(), + waitForDockerRegistryStep(), + cloneRepoStep(clonedRepoPath, rv.ShellVersion), + } + for _, setupStep := range setupSteps { + setupStep.DependsOn = append(setupStep.DependsOn, setupStepNames...) + steps = append(steps, setupStep) + setupStepNames = append(setupStepNames, setupStep.Name) + } + + for _, product := range rv.getProducts(clonedRepoPath) { + steps = append(steps, product.buildSteps(rv, setupStepNames)...) + } + + return steps +} + +func (rv *releaseVersion) getProducts(clonedRepoPath string) []*Product { + ossTeleport := NewTeleportProduct(false, false, rv) + teleportProducts := []*Product{ + ossTeleport, // OSS + NewTeleportProduct(true, false, rv), // Enterprise + NewTeleportProduct(true, true, rv), // Enterprise/FIPS + } + teleportLabProducts := []*Product{ + // If we want to add Enterprise and/or Enterprise/FIPS Teleport Lab support in the future + // it should be configured here + NewTeleportLabProduct(clonedRepoPath, rv, ossTeleport), + } + teleportOperatorProduct := NewTeleportOperatorProduct(clonedRepoPath) + + products := make([]*Product, 0, len(teleportProducts)+len(teleportLabProducts)+1) + products = append(products, teleportProducts...) + products = append(products, teleportLabProducts...) + products = append(products, teleportOperatorProduct) + + return products +} + +func (rv *releaseVersion) getTagsForVersion() []*imageTag { + return []*imageTag{ + { + ShellBaseValue: fmt.Sprintf("$(echo %s | sed 's/v//' | cut -d'.' -f 1)", rv.ShellVersion), + DisplayBaseValue: "major", + }, + { + ShellBaseValue: fmt.Sprintf("$(echo %s | sed 's/v//' | cut -d'.' -f 1,2)", rv.ShellVersion), + DisplayBaseValue: "minor", + }, + { + ShellBaseValue: fmt.Sprintf("$(echo %s | sed 's/v//' | cut -d'.' -f 1,2,3)", rv.ShellVersion), + DisplayBaseValue: "canonical", + }, + } +} + +type image struct { + Repo string + Name string + Tag *imageTag +} + +func (i *image) GetShellName() string { + repo := "" + if !i.IsLocalImage() { + // Ensure one and only one "/" + repo = strings.TrimSuffix(i.Repo, "/") + repo += "/" + } + + return fmt.Sprintf("%s%s:%s", repo, i.Name, i.Tag.GetShellValue()) +} + +func (i *image) GetDisplayName() string { + return fmt.Sprintf("%s:%s", i.Name, i.Tag.GetDisplayValue()) +} + +func (i *image) IsLocalImage() bool { + return i.Repo == "" +} + +type Product struct { + Name string + DockerfilePath string + WorkingDirectory string + DockerfileTarget string + SupportedArchs []string + SetupSteps []step + DockerfileArgBuilder func(arch string) []string + ImageBuilder func(repo string, tag *imageTag) *image + GetRequiredStepNames func(arch string) []string +} + +func NewTeleportProduct(isEnterprise, isFips bool, version *releaseVersion) *Product { + workingDirectory := "/go/build" + downloadURL := "https://raw.githubusercontent.com/gravitational/teleport/${DRONE_SOURCE_BRANCH:-master}/build.assets/charts/Dockerfile" + name := "teleport" + dockerfileTarget := "teleport" + supportedArches := []string{"amd64"} + + if isEnterprise { + name += "-ent" + } + if isFips { + dockerfileTarget += "-fips" + name += "-fips" + } else { + supportedArches = append(supportedArches, "arm", "arm64") + } + + setupStep, debPaths, dockerfilePath := teleportSetupStep(version.ShellVersion, name, workingDirectory, downloadURL, supportedArches) + + return &Product{ + Name: name, + DockerfilePath: dockerfilePath, + WorkingDirectory: workingDirectory, + DockerfileTarget: dockerfileTarget, + SupportedArchs: supportedArches, + SetupSteps: []step{setupStep}, + DockerfileArgBuilder: func(arch string) []string { + return []string{ + fmt.Sprintf("DEB_PATH=%s", debPaths[arch]), + } + }, + ImageBuilder: func(repo string, tag *imageTag) *image { + imageProductName := "teleport" + if isEnterprise { + imageProductName += "-ent" + } + + if isFips { + tag.AppendString("fips") + } + + return &image{ + Repo: repo, + Name: imageProductName, + Tag: tag, + } + }, + } +} + +func NewTeleportLabProduct(cloneDirectory string, version *releaseVersion, teleport *Product) *Product { + workingDirectory := path.Join(cloneDirectory, "docker", "sshd") + dockerfile := path.Join(cloneDirectory, "docker", "sshd", "Dockerfile") + name := "teleport-lab" + + return &Product{ + Name: name, + DockerfilePath: dockerfile, + WorkingDirectory: workingDirectory, + SupportedArchs: teleport.SupportedArchs, + DockerfileArgBuilder: func(arch string) []string { + return []string{ + fmt.Sprintf("BASE_IMAGE=%s", teleport.GetLocalRegistryImage(arch, version).GetShellName()), + } + }, + ImageBuilder: func(repo string, tag *imageTag) *image { + return &image{ + Repo: repo, + Name: name, + Tag: tag, + } + }, + GetRequiredStepNames: func(arch string) []string { + return []string{teleport.GetBuildStepName(arch, version)} + }, + } +} + +func NewTeleportOperatorProduct(cloneDirectory string) *Product { + name := "teleport-operator" + return &Product{ + Name: name, + DockerfilePath: path.Join(cloneDirectory, "operator", "Dockerfile"), + WorkingDirectory: cloneDirectory, + SupportedArchs: []string{"amd64", "arm", "arm64"}, + ImageBuilder: func(repo string, tag *imageTag) *image { + return &image{ + Repo: repo, + Name: name, + Tag: tag, + } + }, + DockerfileArgBuilder: func(arch string) []string { + gccPackage := "" + compilerName := "" + switch arch { + case "x86_64": + fallthrough + case "amd64": + gccPackage = "gcc-x86-64-linux-gnu" + compilerName = "x86_64-linux-gnu-gcc" + case "i686": + fallthrough + case "i386": + gccPackage = "gcc-multilib-i686-linux-gnu" + compilerName = "i686-linux-gnu-gcc" + case "aarch64": + fallthrough + case "arm64": + gccPackage = "gcc-aarch64-linux-gnu" + compilerName = "aarch64-linux-gnu-gcc" + // We may want to add additional arm ISAs in the future to support devices without hardware FPUs + case "armhf": + case "arm": + gccPackage = "gcc-arm-linux-gnueabihf" + compilerName = "arm-linux-gnueabihf-gcc" + } + + return []string{ + fmt.Sprintf("COMPILER_PACKAGE=%s", gccPackage), + fmt.Sprintf("COMPILER_NAME=%s", compilerName), + } + }, + } +} + +func teleportSetupStep(shellVersion, packageName, workingPath, downloadURL string, archs []string) (step, map[string]string, string) { + keyPath := "/usr/share/keyrings/teleport-archive-keyring.asc" + downloadDirectory := "/tmp/apt-download" + timeout := 30 * 60 // 30 minutes in seconds + sleepTime := 15 // 15 seconds + dockerfilePath := path.Join(workingPath, "Dockerfile") + + commands := []string{ + // Setup the environment + fmt.Sprintf("PACKAGE_NAME=%q", packageName), + fmt.Sprintf("PACKAGE_VERSION=%q", shellVersion), + "apt update", + "apt install --no-install-recommends -y ca-certificates curl", + "update-ca-certificates", + // Download the dockerfile + fmt.Sprintf("mkdir -pv $(dirname %q)", dockerfilePath), + fmt.Sprintf("curl -Ls -o %q %q", dockerfilePath, downloadURL), + // Add the Teleport APT repo + fmt.Sprintf("curl https://apt.releases.teleport.dev/gpg -o %q", keyPath), + ". /etc/os-release", + // Per https://docs.drone.io/pipeline/environment/syntax/#common-problems I'm using '$$' here to ensure + // That the shell variable is not expanded until runtime, preventing drone from erroring on the + // drone-unsupported '?' + "MAJOR_VERSION=$(echo $${PACKAGE_VERSION?} | cut -d'.' -f 1)", + fmt.Sprintf("echo \"deb [signed-by=%s] https://apt.releases.teleport.dev/$${ID?} $${VERSION_CODENAME?} stable/$${MAJOR_VERSION?}\""+ + " > /etc/apt/sources.list.d/teleport.list", keyPath), + fmt.Sprintf("END_TIME=$(( $(date +%%s) + %d ))", timeout), + "TRIMMED_VERSION=$(echo $${PACKAGE_VERSION} | cut -d'v' -f 2)", + "TIMED_OUT=true", + // Poll APT until the timeout is reached or the package becomes available + "while [ $(date +%s) -lt $${END_TIME?} ]; do", + "echo 'Running apt update...'", + // This will error on new major versions where the "stable/$${MAJOR_VERSION}" component doesn't exist yet, so we ignore it here. + "apt update > /dev/null || true", + "[ $(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION?} | wc -l) -ge 1 ] && TIMED_OUT=false && break;", + fmt.Sprintf("echo 'Package not found yet, waiting another %d seconds...'", sleepTime), + fmt.Sprintf("sleep %d", sleepTime), + "done", + // Log success or failure and record full version string + "[ $${TIMED_OUT?} = true ] && echo \"Timed out while looking for APT package \\\"$${PACKAGE_NAME}\\\" matching \\\"$${TRIMMED_VERSION}\\\"\" && exit 1", + "FULL_VERSION=$(apt-cache madison $${PACKAGE_NAME} | grep $${TRIMMED_VERSION} | cut -d'|' -f 2 | tr -d ' ' | head -n 1)", + fmt.Sprintf("echo \"Found APT package, downloading \\\"$${PACKAGE_NAME}=$${FULL_VERSION}\\\" for %q...\"", strings.Join(archs, "\", \"")), + fmt.Sprintf("mkdir -pv %q", downloadDirectory), + fmt.Sprintf("cd %q", downloadDirectory), + } + + for _, arch := range archs { + // Our built debs are listed as ISA "armhf" not "arm", so we account for that here + if arch == "arm" { + arch = "armhf" + } + + commands = append(commands, []string{ + // This will allow APT to download other architectures + fmt.Sprintf("dpkg --add-architecture %q", arch), + }...) + } + + // This will error due to Ubuntu's APT repo structure but it doesn't matter here + commands = append(commands, "apt update &> /dev/null || true") + + archDestFileMap := make(map[string]string, len(archs)) + for _, arch := range archs { + relArchDir := path.Join(".", "/artifacts/deb/", packageName, arch) + archDir := path.Join(workingPath, relArchDir) + // Example: `./artifacts/deb/teleport-ent/arm64/v10.1.4.deb` + relDestPath := path.Join(relArchDir, fmt.Sprintf("%s.deb", shellVersion)) + // Example: `/go/./artifacts/deb/teleport-ent/arm64/v10.1.4.deb` + destPath := path.Join(workingPath, relDestPath) + + archDestFileMap[arch] = relDestPath + + // Our built debs are listed as ISA "armhf" not "arm", so we account for that here + if arch == "arm" { + arch = "armhf" + } + + // This could probably be parallelized to slightly reduce runtime + fullPackageName := fmt.Sprintf("%s:%s=$${FULL_VERSION}", packageName, arch) + commands = append(commands, []string{ + fmt.Sprintf("mkdir -pv %q", archDir), + fmt.Sprintf("apt download %q", fullPackageName), + "FILENAME=$(ls)", // This will only return the download file as it is the only file in that directory + "echo \"Downloaded file \\\"$${FILENAME}\\\"\"", + fmt.Sprintf("mv \"$${FILENAME}\" %q", path.Join(archDir, "$${PACKAGE_VERSION}.deb")), + fmt.Sprintf("echo Downloaded %q to %q", fullPackageName, destPath), + }...) + } + + return step{ + Name: fmt.Sprintf("Download %q Dockerfile and DEB artifacts from APT", packageName), + Image: "ubuntu:22.04", + Commands: commands, + }, archDestFileMap, dockerfilePath +} + +func (p *Product) GetLocalRegistryImage(arch string, version *releaseVersion) *image { + return &image{ + Repo: LocalRegistry, + Name: p.Name, + Tag: &imageTag{ + ShellBaseValue: version.ShellVersion, + DisplayBaseValue: version.MajorVersion, + Arch: arch, + }, + } +} + +func (p *Product) buildSteps(version *releaseVersion, setupStepNames []string) []step { + containerRepos := GetContainerRepos() + + steps := make([]step, 0) + + for _, setupStep := range p.SetupSteps { + setupStep.DependsOn = append(setupStep.DependsOn, setupStepNames...) + steps = append(steps, setupStep) + setupStepNames = append(setupStepNames, setupStep.Name) + } + + archBuildStepDetails := make([]*buildStepOutput, 0, len(p.SupportedArchs)) + for _, supportedArch := range p.SupportedArchs { + archBuildStep, archBuildStepDetail := p.createBuildStep(supportedArch, version) + + archBuildStep.DependsOn = append(archBuildStep.DependsOn, setupStepNames...) + if p.GetRequiredStepNames != nil { + archBuildStep.DependsOn = append(archBuildStep.DependsOn, p.GetRequiredStepNames(supportedArch)...) + } + + steps = append(steps, archBuildStep) + archBuildStepDetails = append(archBuildStepDetails, archBuildStepDetail) + } + + for _, containerRepo := range containerRepos { + steps = append(steps, containerRepo.buildSteps(archBuildStepDetails)...) + } + + return steps +} + +func (p *Product) GetBuildStepName(arch string, version *releaseVersion) string { + telportImageName := p.GetLocalRegistryImage(arch, version) + return fmt.Sprintf("Build %s image %q", p.Name, telportImageName.GetDisplayName()) +} + +func cleanBuilderName(builderName string) string { + var invalidBuildxCharExpression = regexp.MustCompile(`[^a-zA-Z0-9._-]+`) + return invalidBuildxCharExpression.ReplaceAllString(builderName, "-") +} + +func (p *Product) createBuildStep(arch string, version *releaseVersion) (step, *buildStepOutput) { + localRegistryImage := p.GetLocalRegistryImage(arch, version) + builderName := cleanBuilderName(fmt.Sprintf("%s-builder", localRegistryImage.GetDisplayName())) + + buildxConfigFileDir := path.Join("/tmp", builderName) + buildxConfigFilePath := path.Join(buildxConfigFileDir, "buildkitd.toml") + + buildxCreateCommand := "docker buildx create" + buildxCreateCommand += fmt.Sprintf(" --driver %q", "docker-container") + // This is set so that buildx can reach the local registry + buildxCreateCommand += fmt.Sprintf(" --driver-opt %q", "network=host") + buildxCreateCommand += fmt.Sprintf(" --name %q", builderName) + buildxCreateCommand += fmt.Sprintf(" --config %q", buildxConfigFilePath) + + buildCommand := "docker buildx build" + buildCommand += " --push" + buildCommand += fmt.Sprintf(" --builder %q", builderName) + if p.DockerfileTarget != "" { + buildCommand += fmt.Sprintf(" --target %q", p.DockerfileTarget) + } + buildCommand += fmt.Sprintf(" --platform %q", "linux/"+arch) + buildCommand += fmt.Sprintf(" --tag %q", localRegistryImage.GetShellName()) + buildCommand += fmt.Sprintf(" --file %q", p.DockerfilePath) + if p.DockerfileArgBuilder != nil { + for _, buildArg := range p.DockerfileArgBuilder(arch) { + buildCommand += fmt.Sprintf(" --build-arg %q", buildArg) + } + } + buildCommand += " " + p.WorkingDirectory + + step := step{ + Name: p.GetBuildStepName(arch, version), + Image: "docker", + Volumes: dockerVolumeRefs(), + Environment: map[string]value{ + "DOCKER_BUILDKIT": { + raw: "1", + }, + }, + Commands: []string{ + "docker run --privileged --rm tonistiigi/binfmt --install all", + fmt.Sprintf("mkdir -pv %q && cd %q", p.WorkingDirectory, p.WorkingDirectory), + fmt.Sprintf("mkdir -pv %q", buildxConfigFileDir), + fmt.Sprintf("echo '[registry.%q]' > %q", LocalRegistry, buildxConfigFilePath), + fmt.Sprintf("echo ' http = true' >> %q", buildxConfigFilePath), + buildxCreateCommand, + buildCommand, + fmt.Sprintf("docker buildx rm %q", builderName), + fmt.Sprintf("rm -rf %q", buildxConfigFileDir), + }, + } + + return step, &buildStepOutput{ + StepName: step.Name, + BuiltImage: localRegistryImage, + Version: version, + Product: p, + } +} + +// The `step` struct doesn't contain enough information to setup +// dependent steps so we add that via this struct +type buildStepOutput struct { + StepName string + BuiltImage *image + Version *releaseVersion + Product *Product +} + +type ContainerRepo struct { + Name string + Environment map[string]value + RegistryDomain string + RegistryOrg string + LoginCommands []string + TagBuilder func(baseTag *imageTag) *imageTag // Postprocessor for tags that append CR-specific suffixes +} + +func NewEcrContainerRepo(accessKeyIDSecret, secretAccessKeySecret, domain string, isStaging bool) *ContainerRepo { + nameSuffix := "production" + ecrRegion := PublicEcrRegion + loginSubcommand := "ecr-public" + if isStaging { + nameSuffix = "staging" + ecrRegion = StagingEcrRegion + loginSubcommand = "ecr" + } + + registryOrg := ProductionRegistryOrg + if ConfigureForPRTestingOnly { + accessKeyIDSecret = TestingSecretPrefix + accessKeyIDSecret + secretAccessKeySecret = TestingSecretPrefix + secretAccessKeySecret + registryOrg = TestingECRRegistryOrg + + if isStaging { + domain = TestingECRDomain + ecrRegion = TestingECRRegion + } + } + + return &ContainerRepo{ + Name: fmt.Sprintf("ECR - %s", nameSuffix), + Environment: map[string]value{ + "AWS_ACCESS_KEY_ID": { + fromSecret: accessKeyIDSecret, + }, + "AWS_SECRET_ACCESS_KEY": { + fromSecret: secretAccessKeySecret, + }, + }, + RegistryDomain: domain, + RegistryOrg: registryOrg, + LoginCommands: []string{ + "apk add --no-cache aws-cli", + "TIMESTAMP=$(date -d @\"$DRONE_BUILD_CREATED\" '+%Y%m%d%H%M')", + fmt.Sprintf("aws %s get-login-password --region=%s | docker login -u=\"AWS\" --password-stdin %s", loginSubcommand, ecrRegion, domain), + }, + TagBuilder: func(tag *imageTag) *imageTag { + if isStaging { + tag.AppendString("$TIMESTAMP") + } + + return tag + }, + } +} + +func NewQuayContainerRepo(dockerUsername, dockerPassword string) *ContainerRepo { + registryOrg := ProductionRegistryOrg + if ConfigureForPRTestingOnly { + dockerUsername = TestingSecretPrefix + dockerUsername + dockerPassword = TestingSecretPrefix + dockerPassword + registryOrg = TestingQuayRegistryOrg + } + + return &ContainerRepo{ + Name: "Quay", + Environment: map[string]value{ + "QUAY_USERNAME": { + fromSecret: dockerUsername, + }, + "QUAY_PASSWORD": { + fromSecret: dockerPassword, + }, + }, + RegistryDomain: ProductionRegistryQuay, + RegistryOrg: registryOrg, + LoginCommands: []string{ + fmt.Sprintf("docker login -u=\"$QUAY_USERNAME\" -p=\"$QUAY_PASSWORD\" %q", ProductionRegistryQuay), + }, + } +} + +func GetContainerRepos() []*ContainerRepo { + return []*ContainerRepo{ + NewQuayContainerRepo("PRODUCTION_QUAYIO_DOCKER_USERNAME", "PRODUCTION_QUAYIO_DOCKER_PASSWORD"), + NewEcrContainerRepo("STAGING_TELEPORT_DRONE_USER_ECR_KEY", "STAGING_TELEPORT_DRONE_USER_ECR_SECRET", StagingRegistry, true), + NewEcrContainerRepo("PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY", "PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET", ProductionRegistry, false), + } +} + +func (cr *ContainerRepo) buildSteps(buildStepDetails []*buildStepOutput) []step { + if len(buildStepDetails) == 0 { + return nil + } + + steps := make([]step, 0) + + imageTags := cr.BuildImageTags(buildStepDetails[0].Version) + pushedImages := make(map[*imageTag][]*image, len(imageTags)) + pushStepNames := make([]string, 0, len(buildStepDetails)) + for _, buildStepDetail := range buildStepDetails { + pushStep, pushedArchImages := cr.tagAndPushStep(buildStepDetail, imageTags) + pushStepNames = append(pushStepNames, pushStep.Name) + for _, imageTag := range imageTags { + pushedImages[imageTag] = append(pushedImages[imageTag], pushedArchImages[imageTag]) + } + + steps = append(steps, pushStep) + } + + imageRepo := cr.BuildImageRepo() + for _, imageTag := range imageTags { + multiarchImageTag := *imageTag + multiarchImageTag.Arch = "" + manifestImage := buildStepDetails[0].Product.ImageBuilder(imageRepo, &multiarchImageTag) + manifestStepName := cr.createAndPushManifestStep(manifestImage, pushStepNames, pushedImages[imageTag]) + steps = append(steps, manifestStepName) + } + + return steps +} + +func (cr *ContainerRepo) logoutCommand() string { + return fmt.Sprintf("docker logout %q", cr.RegistryDomain) +} + +func (cr *ContainerRepo) buildCommandsWithLogin(wrappedCommands []string) []string { + commands := make([]string, 0) + commands = append(commands, cr.LoginCommands...) + commands = append(commands, wrappedCommands...) + commands = append(commands, cr.logoutCommand()) + + return commands +} + +func (cr *ContainerRepo) BuildImageRepo() string { + return fmt.Sprintf("%s/%s/", cr.RegistryDomain, cr.RegistryOrg) +} + +type imageTag struct { + ShellBaseValue string // Should evaluate in a shell context to the tag's value + DisplayBaseValue string // Should be set to a human-readable version of ShellTag + Arch string +} + +func NewLatestTag() *imageTag { + return &imageTag{ + ShellBaseValue: "latest", + DisplayBaseValue: "latest", + } +} + +func (it *imageTag) AppendString(s string) { + it.ShellBaseValue += fmt.Sprintf("-%s", s) + it.DisplayBaseValue += fmt.Sprintf("-%s", s) +} + +func (it *imageTag) IsMultArch() bool { + return it.Arch != "" +} + +func (it *imageTag) GetShellValue() string { + return it.getValue(it.ShellBaseValue) +} + +func (it *imageTag) GetDisplayValue() string { + return it.getValue(it.DisplayBaseValue) +} + +func (it *imageTag) getValue(baseValue string) string { + if it.Arch == "" { + return baseValue + } + + return fmt.Sprintf("%s-%s", baseValue, it.Arch) +} + +func (cr *ContainerRepo) BuildImageTags(version *releaseVersion) []*imageTag { + tags := version.getTagsForVersion() + + if cr.TagBuilder != nil { + for i, tag := range tags { + tags[i] = cr.TagBuilder(tag) + } + } + + return tags +} + +func (cr *ContainerRepo) tagAndPushStep(buildStepDetails *buildStepOutput, imageTags []*imageTag) (step, map[*imageTag]*image) { + imageRepo := cr.BuildImageRepo() + + archImages := make(map[*imageTag]*image, len(imageTags)) + for _, imageTag := range imageTags { + archTag := *imageTag + archTag.Arch = buildStepDetails.BuiltImage.Tag.Arch + archImages[imageTag] = buildStepDetails.Product.ImageBuilder(imageRepo, &archTag) + } + + commands := []string{ + fmt.Sprintf("docker pull %q", buildStepDetails.BuiltImage.GetShellName()), // This will pull from the local registry + } + for _, archImage := range archImages { + commands = append(commands, fmt.Sprintf("docker tag %q %q", buildStepDetails.BuiltImage.GetShellName(), archImage.GetShellName())) + } + for _, archImage := range archImages { + commands = append(commands, fmt.Sprintf("docker push %q", archImage.GetShellName())) + } + + step := step{ + Name: fmt.Sprintf("Tag and push image %q to %s", buildStepDetails.BuiltImage.GetDisplayName(), cr.Name), + Image: "docker", + Volumes: dockerVolumeRefs(), + Environment: cr.Environment, + Commands: cr.buildCommandsWithLogin(commands), + DependsOn: []string{ + buildStepDetails.StepName, + }, + } + + return step, archImages +} + +func (cr *ContainerRepo) createAndPushManifestStep(manifestImage *image, pushStepNames []string, pushedImages []*image) step { + if len(pushStepNames) == 0 { + return step{} + } + + manifestCommandArgs := make([]string, 0, len(pushedImages)) + for _, pushedImage := range pushedImages { + manifestCommandArgs = append(manifestCommandArgs, fmt.Sprintf("--amend %q", pushedImage.GetShellName())) + } + + return step{ + Name: fmt.Sprintf("Create manifest and push %q to %s", manifestImage.GetDisplayName(), cr.Name), + Image: "docker", + Volumes: dockerVolumeRefs(), + Environment: cr.Environment, + Commands: cr.buildCommandsWithLogin([]string{ + fmt.Sprintf("docker manifest create %q %s", manifestImage.GetShellName(), strings.Join(manifestCommandArgs, " ")), + fmt.Sprintf("docker manifest push %q", manifestImage.GetShellName()), + }), + DependsOn: pushStepNames, + } +} diff --git a/dronegen/main.go b/dronegen/main.go index 489dabb72019a..a6e9c916ba919 100644 --- a/dronegen/main.go +++ b/dronegen/main.go @@ -32,10 +32,10 @@ func main() { pipelines = append(pipelines, pushPipelines()...) pipelines = append(pipelines, tagPipelines()...) pipelines = append(pipelines, cronPipelines()...) - pipelines = append(pipelines, artifactMigrationPipeline()...) - pipelines = append(pipelines, promoteBuildPipelines()...) + pipelines = append(pipelines, buildOsRepoPipelines()...) pipelines = append(pipelines, updateDocsPipeline()) pipelines = append(pipelines, buildboxPipeline()) + pipelines = append(pipelines, buildContainerImagePipelines()...) if err := writePipelines(".drone.yml", pipelines); err != nil { fmt.Println("failed writing drone pipelines:", err) diff --git a/dronegen/misc.go b/dronegen/misc.go index c477382a4eb12..f7cc2da0dac42 100644 --- a/dronegen/misc.go +++ b/dronegen/misc.go @@ -18,13 +18,3 @@ func updateDocsPipeline() pipeline { // TODO: migrate return pipeline{} } - -func verifyTaggedBuildStep() step { - return step{ - Name: "Verify build is tagged", - Image: "alpine:latest", - Commands: []string{ - "[ -n ${DRONE_TAG} ] || (echo 'DRONE_TAG is not set. Is the commit tagged?' && exit 1)", - }, - } -} diff --git a/dronegen/os_repos.go b/dronegen/os_repos.go index 8df081ba37b59..01b2791d6b1a7 100644 --- a/dronegen/os_repos.go +++ b/dronegen/os_repos.go @@ -20,6 +20,13 @@ import ( "strings" ) +func buildOsRepoPipelines() []pipeline { + pipelines := promoteBuildOsRepoPipelines() + pipelines = append(pipelines, artifactMigrationPipeline()...) + + return pipelines +} + func promoteBuildOsRepoPipelines() []pipeline { aptPipeline := promoteAptPipeline() yumPipeline := promoteYumPipeline() @@ -31,11 +38,11 @@ func promoteBuildOsRepoPipelines() []pipeline { // Used for one-off migrations of older versions. // Use cases include: -// * We want to support another OS while providing backwards compatibility -// * We want to support another OS version while providing backwards compatibility -// * A customer wants to be able to install an older version via APT/YUM even if we -// no longer support it -// * RPM migrations after new YUM pipeline is done +// - We want to support another OS while providing backwards compatibility +// - We want to support another OS version while providing backwards compatibility +// - A customer wants to be able to install an older version via APT/YUM even if we +// no longer support it +// - RPM migrations after new YUM pipeline is done func artifactMigrationPipeline() []pipeline { migrationVersions := []string{ // These versions were migrated as a part of the new `promoteAptPipeline` @@ -186,31 +193,14 @@ func (optpb *OsPackageToolPipelineBuilder) buildPromoteOsPackagePipeline() pipel pipelineName := fmt.Sprintf("publish-%s", optpb.pipelineNameSuffix) checkoutPath := "/go/src/github.com/gravitational/teleport" commitName := "${DRONE_TAG}" - checkoutStepName := "Check out code" - p := optpb.buildBaseOsPackagePipeline(pipelineName, checkoutStepName, checkoutPath, commitName) + p := optpb.buildBaseOsPackagePipeline(pipelineName, checkoutPath, commitName) p.Trigger = triggerPromote p.Trigger.Repo.Include = []string{"gravitational/teleport"} - setupSteps := []step{ - { - Name: "Verify build is tagged", - Image: "alpine:latest", - Commands: []string{ - "[ -n ${DRONE_TAG} ] || (echo 'DRONE_TAG is not set. Is the commit tagged?' && exit 1)", - }, - }, - } - setupSteps = append(setupSteps, p.Steps...) - setupSteps = append(setupSteps, - step{ - Name: "Check if tag is prerelease", - Image: "golang:1.17-alpine", - Commands: []string{ - fmt.Sprintf("cd %q", path.Join(checkoutPath, "build.assets", "tooling")), - "go run ./cmd/check -tag ${DRONE_TAG} -check prerelease || (echo '---> This is a prerelease, not publishing ${DRONE_TAG} packages to APT repos' && exit 78)", - }, - }, + setupSteps := append( + verifyValidPromoteRunSteps(), + cloneRepoStep(checkoutPath, commitName), ) setupStepNames := make([]string, 0, len(setupSteps)) @@ -240,14 +230,13 @@ func (optpb *OsPackageToolPipelineBuilder) buildMigrateOsPackagePipeline(trigger // DRONE_TAG is not available outside of promotion pipelines and will cause drone to fail with a // "migrate-apt-new-repos: bad substitution" error if used here commitName := "${DRONE_COMMIT}" - checkoutStepName := "Check out code" // If migrations are not configured then don't run if triggerBranch == "" || len(migrationVersions) == 0 { return buildNeverTriggerPipeline(pipelineName) } - p := optpb.buildBaseOsPackagePipeline(pipelineName, checkoutStepName, checkoutPath, commitName) + p := optpb.buildBaseOsPackagePipeline(pipelineName, checkoutPath, commitName) p.Trigger = trigger{ Repo: triggerRef{Include: []string{"gravitational/teleport"}}, Event: triggerRef{Include: []string{"push"}}, @@ -290,7 +279,7 @@ func buildNeverTriggerPipeline(pipelineName string) pipeline { // Functions that use this method should add at least: // * a Trigger // * Steps for checkout -func (optpb *OsPackageToolPipelineBuilder) buildBaseOsPackagePipeline(pipelineName, checkoutStepName, checkoutPath, commit string) pipeline { +func (optpb *OsPackageToolPipelineBuilder) buildBaseOsPackagePipeline(pipelineName, checkoutPath, commit string) pipeline { p := newKubePipeline(pipelineName) p.Workspace = workspace{Path: "/go"} p.Volumes = []volume{ @@ -302,13 +291,7 @@ func (optpb *OsPackageToolPipelineBuilder) buildBaseOsPackagePipeline(pipelineNa }, volumeTmpfs, } - p.Steps = []step{ - { - Name: checkoutStepName, - Image: "alpine/git:latest", - Commands: toolCheckoutCommands(checkoutPath, commit), - }, - } + p.Steps = []step{cloneRepoStep(checkoutPath, commit)} setStepResourceLimits(p.Steps) return p @@ -331,17 +314,6 @@ func setStepResourceLimits(steps []step) { // } } -// Note that tags are also valid here as a tag refers to a specific commit -func toolCheckoutCommands(checkoutPath, commit string) []string { - commands := []string{ - fmt.Sprintf("mkdir -p %q", checkoutPath), - fmt.Sprintf("cd %q", checkoutPath), - `git clone https://github.com/gravitational/${DRONE_REPO_NAME}.git .`, - fmt.Sprintf("git checkout %q", commit), - } - return commands -} - func (optpb *OsPackageToolPipelineBuilder) getDroneTagVersionSteps(codePath string) []step { return optpb.getVersionSteps(codePath, "${DRONE_TAG}", true) } diff --git a/dronegen/promote.go b/dronegen/promote.go deleted file mode 100644 index c9b38099ba397..0000000000000 --- a/dronegen/promote.go +++ /dev/null @@ -1,140 +0,0 @@ -// Copyright 2021 Gravitational, Inc -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package main - -import "fmt" - -func promoteBuildPipelines() []pipeline { - promotePipelines := make([]pipeline, 0) - promotePipelines = append(promotePipelines, promoteBuildOsRepoPipelines()...) - promotePipelines = append(promotePipelines, buildDockerPromotionPipelineECR(), buildDockerPromotionPipelineQuay()) - - return promotePipelines -} - -func buildDockerPromotionPipelineECR() pipeline { - dockerPipeline := newKubePipeline("promote-docker-ecr") - dockerPipeline.Trigger = triggerPromote - dockerPipeline.Trigger.Target.Include = append(dockerPipeline.Trigger.Target.Include, "promote-docker", "promote-docker-ecr") - dockerPipeline.Workspace = workspace{Path: "/go"} - - // Add docker service - dockerPipeline.Services = []service{ - dockerService(), - } - dockerPipeline.Volumes = dockerVolumes() - - dockerPipeline.Steps = append(dockerPipeline.Steps, verifyTaggedBuildStep()) - dockerPipeline.Steps = append(dockerPipeline.Steps, waitForDockerStep()) - - // Pull/Push Steps - dockerPipeline.Steps = append(dockerPipeline.Steps, step{ - Name: "Pull/retag Docker images", - Image: "docker", - Environment: map[string]value{ - "AWS_ACCESS_KEY_ID": {fromSecret: "PRODUCTION_TELEPORT_DRONE_USER_ECR_KEY"}, - "AWS_SECRET_ACCESS_KEY": {fromSecret: "PRODUCTION_TELEPORT_DRONE_USER_ECR_SECRET"}, - }, - Volumes: dockerVolumeRefs(), - Commands: []string{ - "apk add --no-cache aws-cli", - "export VERSION=${DRONE_TAG##v}", - // authenticate with staging credentials - "aws ecr get-login-password --region=us-west-2 | docker login -u=\"AWS\" --password-stdin " + StagingRegistry, - // pull staging images - "echo \"---> Pulling images for $${VERSION}\"", - fmt.Sprintf("docker pull %s/gravitational/teleport:$${VERSION}", StagingRegistry), - fmt.Sprintf("docker pull %s/gravitational/teleport-ent:$${VERSION}", StagingRegistry), - fmt.Sprintf("docker pull %s/gravitational/teleport-ent:$${VERSION}-fips", StagingRegistry), - fmt.Sprintf("docker pull %s/gravitational/teleport-operator:$${VERSION}", StagingRegistry), - // retag images to production naming - "echo \"---> Tagging images for $${VERSION}\"", - fmt.Sprintf("docker tag %s/gravitational/teleport:$${VERSION} %s/gravitational/teleport:$${VERSION}", StagingRegistry, ProductionRegistry), - fmt.Sprintf("docker tag %s/gravitational/teleport-ent:$${VERSION} %s/gravitational/teleport-ent:$${VERSION}", StagingRegistry, ProductionRegistry), - fmt.Sprintf("docker tag %s/gravitational/teleport-ent:$${VERSION}-fips %s/gravitational/teleport-ent:$${VERSION}-fips", StagingRegistry, ProductionRegistry), - fmt.Sprintf("docker tag %s/gravitational/teleport-operator:$${VERSION} %s/gravitational/teleport-operator:$${VERSION}", StagingRegistry, ProductionRegistry), - // authenticate with production credentials - "docker logout " + StagingRegistry, - "aws ecr-public get-login-password --region=us-east-1 | docker login -u=\"AWS\" --password-stdin " + ProductionRegistry, - // push production images - "echo \"---> Pushing images for $${VERSION}\"", - // push production images ECR - fmt.Sprintf("docker push %s/gravitational/teleport:$${VERSION}", ProductionRegistry), - fmt.Sprintf("docker push %s/gravitational/teleport-ent:$${VERSION}", ProductionRegistry), - fmt.Sprintf("docker push %s/gravitational/teleport-ent:$${VERSION}-fips", ProductionRegistry), - fmt.Sprintf("docker push %s/gravitational/teleport-operator:$${VERSION}", ProductionRegistry), - }, - }) - - return dockerPipeline -} - -func buildDockerPromotionPipelineQuay() pipeline { - dockerPipeline := newKubePipeline("promote-docker-quay") - dockerPipeline.Trigger = triggerPromote - dockerPipeline.Trigger.Target.Include = append(dockerPipeline.Trigger.Target.Include, "promote-docker", "promote-docker-quay") - dockerPipeline.Workspace = workspace{Path: "/go"} - - // Add docker service - dockerPipeline.Services = []service{ - dockerService(), - } - dockerPipeline.Volumes = dockerVolumes() - - dockerPipeline.Steps = append(dockerPipeline.Steps, verifyTaggedBuildStep()) - dockerPipeline.Steps = append(dockerPipeline.Steps, waitForDockerStep()) - - // Pull/Push Steps - dockerPipeline.Steps = append(dockerPipeline.Steps, step{ - Name: "Pull/retag Docker images", - Image: "docker", - Environment: map[string]value{ - "QUAY_USERNAME": {fromSecret: "PRODUCTION_QUAYIO_DOCKER_USERNAME"}, - "QUAY_PASSWORD": {fromSecret: "PRODUCTION_QUAYIO_DOCKER_PASSWORD"}, - "AWS_ACCESS_KEY_ID": {fromSecret: "STAGING_TELEPORT_DRONE_USER_ECR_KEY"}, - "AWS_SECRET_ACCESS_KEY": {fromSecret: "STAGING_TELEPORT_DRONE_USER_ECR_SECRET"}, - }, - Volumes: dockerVolumeRefs(), - Commands: []string{ - "apk add --no-cache aws-cli", - "export VERSION=${DRONE_TAG##v}", - // authenticate with staging credentials - "aws ecr get-login-password --region=us-west-2 | docker login -u=\"AWS\" --password-stdin " + StagingRegistry, - // pull staging images - "echo \"---> Pulling images for $${VERSION}\"", - fmt.Sprintf("docker pull %s/gravitational/teleport:$${VERSION}", StagingRegistry), - fmt.Sprintf("docker pull %s/gravitational/teleport-ent:$${VERSION}", StagingRegistry), - fmt.Sprintf("docker pull %s/gravitational/teleport-ent:$${VERSION}-fips", StagingRegistry), - fmt.Sprintf("docker pull %s/gravitational/teleport-operator:$${VERSION}", StagingRegistry), - // retag images to production naming - "echo \"---> Tagging images for $${VERSION}\"", - fmt.Sprintf("docker tag %s/gravitational/teleport:$${VERSION} %s/gravitational/teleport:$${VERSION}", StagingRegistry, ProductionRegistryQuay), - fmt.Sprintf("docker tag %s/gravitational/teleport-ent:$${VERSION} %s/gravitational/teleport-ent:$${VERSION}", StagingRegistry, ProductionRegistryQuay), - fmt.Sprintf("docker tag %s/gravitational/teleport-ent:$${VERSION}-fips %s/gravitational/teleport-ent:$${VERSION}-fips", StagingRegistry, ProductionRegistryQuay), - fmt.Sprintf("docker tag %s/gravitational/teleport-operator:$${VERSION} %s/gravitational/teleport-operator:$${VERSION}", StagingRegistry, ProductionRegistryQuay), - // authenticate with production credentials - "docker logout " + StagingRegistry, - "docker login -u=\"$QUAY_USERNAME\" -p=\"$QUAY_PASSWORD\" " + ProductionRegistryQuay, - // push production images - "echo \"---> Pushing images for $${VERSION}\"", - fmt.Sprintf("docker push %s/gravitational/teleport:$${VERSION}", ProductionRegistryQuay), - fmt.Sprintf("docker push %s/gravitational/teleport-ent:$${VERSION}", ProductionRegistryQuay), - fmt.Sprintf("docker push %s/gravitational/teleport-ent:$${VERSION}-fips", ProductionRegistryQuay), - fmt.Sprintf("docker push %s/gravitational/teleport-operator:$${VERSION}", ProductionRegistryQuay), - }, - }) - - return dockerPipeline -} diff --git a/dronegen/push.go b/dronegen/push.go index 3f918001bd40e..e4c16da2bd782 100644 --- a/dronegen/push.go +++ b/dronegen/push.go @@ -18,12 +18,11 @@ import "fmt" // pushCheckoutCommands builds a list of commands for Drone to check out a git commit on a push build func pushCheckoutCommands(fips bool) []string { - commands := []string{ - `mkdir -p /go/src/github.com/gravitational/teleport /go/cache`, - `cd /go/src/github.com/gravitational/teleport`, - `git init && git remote add origin ${DRONE_REMOTE_URL}`, - `git fetch origin`, - `git checkout -qf ${DRONE_COMMIT_SHA}`, + cloneDirectory := "/go/src/github.com/gravitational/teleport" + commands := make([]string, 0) + commands = append(commands, cloneRepoCommands(cloneDirectory, "${DRONE_COMMIT_SHA}")...) + commands = append(commands, + `mkdir -p /go/cache`, // this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule `git submodule update --init webassets || true`, `mkdir -m 0700 /root/.ssh && echo "$GITHUB_PRIVATE_KEY" > /root/.ssh/id_rsa && chmod 600 /root/.ssh/id_rsa`, @@ -33,7 +32,7 @@ func pushCheckoutCommands(fips bool) []string { // this is allowed to fail because pre-4.3 Teleport versions don't use the webassets submodule `git submodule update --init --recursive webassets || true`, `rm -f /root/.ssh/id_rsa`, - } + ) if fips { commands = append(commands, `if [[ "${DRONE_TAG}" != "" ]]; then echo "${DRONE_TAG##v}" > /go/.version.txt; else egrep ^VERSION Makefile | cut -d= -f2 > /go/.version.txt; fi; cat /go/.version.txt`) } diff --git a/dronegen/types.go b/dronegen/types.go index f86596547555e..bfa00e43384ec 100644 --- a/dronegen/types.go +++ b/dronegen/types.go @@ -19,8 +19,6 @@ import ( "fmt" "runtime" "strings" - - "k8s.io/apimachinery/pkg/api/resource" ) // Types to mirror the YAML fields of the drone config. @@ -42,6 +40,10 @@ type pipeline struct { Steps []step `yaml:"steps"` Services []service `yaml:"services,omitempty"` Volumes []volume `yaml:"volumes,omitempty"` + // This is currently overridden by the Drone policy config + // See https://github.com/gravitational/ops/blob/main/drone/drone-runner-kube-policy-configmap.yaml + // for details + Resources pipelineResources `yaml:"resources,omitempty"` } func newKubePipeline(name string) pipeline { @@ -161,17 +163,16 @@ type volumeRef struct { } type step struct { - Name string `yaml:"name"` - Image string `yaml:"image,omitempty"` - Commands []string `yaml:"commands,omitempty"` - Environment map[string]value `yaml:"environment,omitempty"` - Volumes []volumeRef `yaml:"volumes,omitempty"` - Settings map[string]value `yaml:"settings,omitempty"` - Template []string `yaml:"template,omitempty"` - When *condition `yaml:"when,omitempty"` - Failure string `yaml:"failure,omitempty"` - Resources *containerResources `yaml:"resources,omitempty"` - DependsOn []string `yaml:"depends_on,omitempty"` + Name string `yaml:"name"` + Image string `yaml:"image,omitempty"` + Commands []string `yaml:"commands,omitempty"` + Environment map[string]value `yaml:"environment,omitempty"` + Volumes []volumeRef `yaml:"volumes,omitempty"` + Settings map[string]value `yaml:"settings,omitempty"` + Template []string `yaml:"template,omitempty"` + When *condition `yaml:"when,omitempty"` + Failure string `yaml:"failure,omitempty"` + DependsOn []string `yaml:"depends_on,omitempty"` } type condition struct { @@ -215,10 +216,8 @@ func (v *value) UnmarshalYAML(unmarshal func(interface{}) error) error { return errors.New("can't unmarshal the value as either string or from_secret reference") } -type containerResources struct { - Limits *resourceSet `yaml:"limits,omitempty"` - // Not currently supported - // Requests *resourceSet `yaml:"requests,omitempty"` +type pipelineResources struct { + Requests resourceSet `yaml:"requests,omitempty"` } type resourceSet struct { @@ -227,30 +226,6 @@ type resourceSet struct { // https://docs.drone.io/pipeline/kubernetes/syntax/steps/#resources // CPU *resourceQuantity `yaml:"cpu,omitempty"` - CPU float64 `yaml:"cpu,omitempty"` - Memory *resourceQuantity `yaml:"memory,omitempty"` -} - -// This is a workaround to get resource.Quantity to unmarshal correctly -type resourceQuantity resource.Quantity - -func (rq *resourceQuantity) MarshalYAML() (interface{}, error) { - return ((*resource.Quantity)(rq)).String(), nil -} - -func (rq *resourceQuantity) UnmarshalYAML(unmarshal func(interface{}) error) error { - var value string - if err := unmarshal(&value); err != nil { - return errors.New("failed to unmarshal the value into a string") - } - - parsedValue, err := resource.ParseQuantity(value) - if err != nil { - return fmt.Errorf("failed to unmarshal string %q into resource quantity", value) - } - - q := ((*resource.Quantity)(rq)) - q.Add(parsedValue) - - return nil + CPU float64 `yaml:"cpu,omitempty"` + Memory string `yaml:"memory,omitempty"` } diff --git a/e b/e index 393cd15422b15..918cf9becf9fb 160000 --- a/e +++ b/e @@ -1 +1 @@ -Subproject commit 393cd15422b155ce1b1f2fbe56ddb3e1b567136a +Subproject commit 918cf9becf9fbd11515ef1add8a35621d82e960a diff --git a/operator/Dockerfile b/operator/Dockerfile index b909f4d19491f..d67f7d4b0c507 100644 --- a/operator/Dockerfile +++ b/operator/Dockerfile @@ -1,16 +1,27 @@ -# Build the manager binary -FROM golang:1.18 as builder +# Cross-compile the operator binary +# This is significantly faster than emulation of $TARGETPLATFORM with buildkit +# See https://github.com/moby/buildkit/blob/master/docs/multi-platform.md for details +FROM --platform=$BUILDPLATFORM golang:1.18 as builder + +# GCC Compiler package should be of the form "gcc--linux-" +# Compiler package should use host-triplet-agnostic name (i.e. "x86-64-linux-gnu-gcc" instead of "gcc") +ARG TARGETOS TARGETARCH COMPILER_PACKAGE COMPILER_NAME WORKDIR /workspace + +# Install build dependencies +RUN export DEBIAN_FRONTEND=noninteractive && apt update && apt install -y "$COMPILER_PACKAGE" + # Copy the Go Modules manifests COPY go.mod go.mod COPY go.sum go.sum -# we have to copy the API before `go mod download` because go.mod has a replace directive for it +# We have to copy the API before `go mod download` because go.mod has a replace directive for it COPY api/ api/ -# cache deps before building and copying source -# this way we don't need to re-download deps when the deps are the same +# Download and Cache dependencies before building and copying source +# This will prevent re-downloading the operator's dependencies if they have not changed as this +# `run` layer will be cached RUN go mod download COPY *.go ./ @@ -21,10 +32,14 @@ COPY operator/sidecar/ operator/sidecar/ COPY operator/main.go operator/main.go COPY operator/namespace.go operator/namespace.go -# Build -RUN GOOS=linux GOARCH=amd64 go build -a -o teleport-operator github.com/gravitational/teleport/operator +# CGO is required for github.com/gravitational/teleport/lib/system +RUN echo "Targeting $TARGETOS/$TARGETARCH with CC=$COMPILER_NAME" && \ + CGO_ENABLED=1 CC=$COMPILER_NAME GOOS=$TARGETOS GOARCH=$TARGETARCH \ + go build -a -o teleport-operator github.com/gravitational/teleport/operator -FROM gcr.io/distroless/cc +# Create the image with the build operator on the $TARGETPLATFORM +# FROM gcr.io/distroless/cc +FROM --platform=$TARGETPLATFORM gcr.io/distroless/cc WORKDIR / COPY --from=builder /workspace/teleport-operator . diff --git a/webassets b/webassets index 614306f1095be..55ad296b39fd2 160000 --- a/webassets +++ b/webassets @@ -1 +1 @@ -Subproject commit 614306f1095be9da0893dd8d6a4e3c1d94799a39 +Subproject commit 55ad296b39fd272549a45536ee127306805434a8