From 669b6585de42e109e458bc8a010f183f9ac2cb27 Mon Sep 17 00:00:00 2001 From: Trent Clarke Date: Tue, 7 Mar 2023 14:32:45 +1100 Subject: [PATCH] [v11] Backport dockerhub login --- .drone.yml | 990 ++++++++++++++++++++- dronegen/buildbox.go | 4 +- dronegen/common.go | 30 +- dronegen/push.go | 4 +- dronegen/relcli.go | 17 +- dronegen/tag.go | 12 +- examples/chart/teleport-cluster/Chart.yaml | 2 +- 7 files changed, 980 insertions(+), 79 deletions(-) diff --git a/.drone.yml b/.drone.yml index 8b2b5ff959d5a..6bb124132067f 100644 --- a/.drone.yml +++ b/.drone.yml @@ -81,9 +81,17 @@ steps: image: docker commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Build artifacts image: docker commands: @@ -103,6 +111,8 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Send Slack notification image: plugins/slack settings: @@ -130,6 +140,8 @@ services: volumes: - name: dockersock temp: {} +- name: dockerConfig + temp: {} --- ################################################ @@ -186,9 +198,17 @@ steps: image: docker commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Build artifacts image: docker commands: @@ -206,6 +226,8 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Send Slack notification image: plugins/slack settings: @@ -233,6 +255,8 @@ services: volumes: - name: dockersock temp: {} +- name: dockerConfig + temp: {} --- ################################################ @@ -291,9 +315,17 @@ steps: image: docker commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Build artifacts image: docker commands: @@ -313,6 +345,8 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Send Slack notification image: plugins/slack settings: @@ -340,6 +374,8 @@ services: volumes: - name: dockersock temp: {} +- name: dockerConfig + temp: {} --- ################################################ @@ -396,9 +432,17 @@ steps: image: docker commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Build artifacts image: docker commands: @@ -416,6 +460,8 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Send Slack notification image: plugins/slack settings: @@ -443,6 +489,8 @@ services: volumes: - name: dockersock temp: {} +- name: dockerConfig + temp: {} --- ################################################ @@ -820,9 +868,17 @@ steps: image: docker commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Assume AWS Role image: amazon/aws-cli commands: @@ -856,10 +912,12 @@ steps: environment: AWS_DEFAULT_REGION: us-west-2 volumes: - - name: dockersock - path: /var/run - name: awsconfig path: /root/.aws + - name: dockersock + path: /var/run + - name: dockerConfig + path: /root/.docker - name: Clean up previously built artifacts image: docker:git commands: @@ -880,12 +938,14 @@ steps: RELEASES_KEY: from_secret: RELEASES_KEY volumes: - - name: dockersock - path: /var/run - name: tmpfs path: /tmpfs - name: awsconfig path: /root/.aws + - name: dockersock + path: /var/run + - name: dockerConfig + path: /root/.docker services: - name: Start Docker image: docker:dind @@ -896,13 +956,15 @@ services: - name: dockersock path: /var/run volumes: -- name: dockersock - temp: {} - name: tmpfs temp: medium: memory - name: awsconfig temp: {} +- name: dockersock + temp: {} +- name: dockerConfig + temp: {} --- ################################################ @@ -1162,9 +1224,17 @@ steps: image: docker commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Build artifacts image: docker commands: @@ -1182,6 +1252,8 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Send Slack notification image: plugins/slack settings: @@ -1209,6 +1281,8 @@ services: volumes: - name: dockersock temp: {} +- name: dockerConfig + temp: {} --- ################################################ @@ -1684,9 +1758,17 @@ steps: image: docker commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Build artifacts image: docker commands: @@ -1704,6 +1786,8 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Copy artifacts image: docker commands: @@ -1872,9 +1956,17 @@ steps: image: docker commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Build artifacts image: docker commands: @@ -1894,6 +1986,8 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Copy artifacts image: docker commands: @@ -2059,9 +2153,17 @@ steps: image: docker commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Build artifacts image: docker commands: @@ -2081,6 +2183,8 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Copy artifacts image: docker commands: @@ -2253,9 +2357,17 @@ steps: image: docker commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Build artifacts image: docker commands: @@ -2275,6 +2387,8 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Copy artifacts image: docker commands: @@ -2436,9 +2550,17 @@ steps: image: docker commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Assume Download AWS Role image: amazon/aws-cli commands: @@ -2527,10 +2649,12 @@ steps: OSS_TARBALL_PATH: /go/artifacts TMPDIR: /go volumes: - - name: dockersock - path: /var/run - name: awsconfig path: /root/.aws + - name: dockersock + path: /var/run + - name: dockerConfig + path: /root/.docker - name: tmpfs path: /tmpfs - name: Copy artifacts @@ -2636,9 +2760,11 @@ services: - name: dockersock path: /var/run volumes: +- name: awsconfig + temp: {} - name: dockersock temp: {} -- name: awsconfig +- name: dockerConfig temp: {} - name: tmpfs temp: @@ -2699,9 +2825,17 @@ steps: image: docker commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Assume Download AWS Role image: amazon/aws-cli commands: @@ -2789,10 +2923,12 @@ steps: RUNTIME: fips TMPDIR: /go volumes: - - name: dockersock - path: /var/run - name: awsconfig path: /root/.aws + - name: dockersock + path: /var/run + - name: dockerConfig + path: /root/.docker - name: tmpfs path: /tmpfs - name: Copy artifacts @@ -2896,9 +3032,11 @@ services: - name: dockersock path: /var/run volumes: +- name: awsconfig + temp: {} - name: dockersock temp: {} -- name: awsconfig +- name: dockerConfig temp: {} - name: tmpfs temp: @@ -2959,9 +3097,17 @@ steps: image: docker commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Assume Download AWS Role image: amazon/aws-cli commands: @@ -3043,10 +3189,12 @@ steps: OSS_TARBALL_PATH: /go/artifacts TMPDIR: /go volumes: - - name: dockersock - path: /var/run - name: awsconfig path: /root/.aws + - name: dockersock + path: /var/run + - name: dockerConfig + path: /root/.docker - name: Copy artifacts image: docker commands: @@ -3148,9 +3296,11 @@ services: - name: dockersock path: /var/run volumes: +- name: awsconfig + temp: {} - name: dockersock temp: {} -- name: awsconfig +- name: dockerConfig temp: {} --- @@ -3208,9 +3358,17 @@ steps: image: docker commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Assume Download AWS Role image: amazon/aws-cli commands: @@ -3291,10 +3449,12 @@ steps: RUNTIME: fips TMPDIR: /go volumes: - - name: dockersock - path: /var/run - name: awsconfig path: /root/.aws + - name: dockersock + path: /var/run + - name: dockerConfig + path: /root/.docker - name: Copy artifacts image: docker commands: @@ -3394,9 +3554,11 @@ services: - name: dockersock path: /var/run volumes: +- name: awsconfig + temp: {} - name: dockersock temp: {} -- name: awsconfig +- name: dockerConfig temp: {} --- @@ -3456,9 +3618,17 @@ steps: image: docker commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Build artifacts image: docker commands: @@ -3476,6 +3646,8 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Copy artifacts image: docker commands: @@ -3639,9 +3811,17 @@ steps: image: docker commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Assume Download AWS Role image: amazon/aws-cli commands: @@ -3730,10 +3910,12 @@ steps: OSS_TARBALL_PATH: /go/artifacts TMPDIR: /go volumes: - - name: dockersock - path: /var/run - name: awsconfig path: /root/.aws + - name: dockersock + path: /var/run + - name: dockerConfig + path: /root/.docker - name: tmpfs path: /tmpfs - name: Copy artifacts @@ -3839,9 +4021,11 @@ services: - name: dockersock path: /var/run volumes: +- name: awsconfig + temp: {} - name: dockersock temp: {} -- name: awsconfig +- name: dockerConfig temp: {} - name: tmpfs temp: @@ -3902,9 +4086,17 @@ steps: image: docker commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Assume Download AWS Role image: amazon/aws-cli commands: @@ -3986,10 +4178,12 @@ steps: OSS_TARBALL_PATH: /go/artifacts TMPDIR: /go volumes: - - name: dockersock - path: /var/run - name: awsconfig path: /root/.aws + - name: dockersock + path: /var/run + - name: dockerConfig + path: /root/.docker - name: Copy artifacts image: docker commands: @@ -4091,9 +4285,11 @@ services: - name: dockersock path: /var/run volumes: +- name: awsconfig + temp: {} - name: dockersock temp: {} -- name: awsconfig +- name: dockerConfig temp: {} --- @@ -4803,9 +4999,17 @@ steps: image: docker commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Build artifacts image: docker commands: @@ -4823,6 +5027,8 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Copy artifacts image: docker commands: @@ -5294,9 +5500,17 @@ steps: image: docker commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Assume Download AWS Role image: amazon/aws-cli commands: @@ -5378,10 +5592,12 @@ steps: OSS_TARBALL_PATH: /go/artifacts TMPDIR: /go volumes: - - name: dockersock - path: /var/run - name: awsconfig path: /root/.aws + - name: dockersock + path: /var/run + - name: dockerConfig + path: /root/.docker - name: Copy artifacts image: docker commands: @@ -5483,9 +5699,11 @@ services: - name: dockersock path: /var/run volumes: +- name: awsconfig + temp: {} - name: dockersock temp: {} -- name: awsconfig +- name: dockerConfig temp: {} --- @@ -5806,9 +6024,17 @@ steps: image: docker commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Assume Download AWS Role image: amazon/aws-cli commands: @@ -5897,10 +6123,12 @@ steps: OSS_TARBALL_PATH: /go/artifacts TMPDIR: /go volumes: - - name: dockersock - path: /var/run - name: awsconfig path: /root/.aws + - name: dockersock + path: /var/run + - name: dockerConfig + path: /root/.docker - name: tmpfs path: /tmpfs - name: Copy artifacts @@ -6006,9 +6234,11 @@ services: - name: dockersock path: /var/run volumes: +- name: awsconfig + temp: {} - name: dockersock temp: {} -- name: awsconfig +- name: dockerConfig temp: {} - name: tmpfs temp: @@ -6071,9 +6301,17 @@ steps: image: docker commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Build artifacts image: docker commands: @@ -6095,6 +6333,8 @@ steps: volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Copy artifacts image: docker commands: @@ -6591,9 +6831,17 @@ steps: image: docker commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Configure Staging AWS Profile image: amazon/aws-cli commands: @@ -6657,10 +6905,12 @@ steps: login -u="AWS" --password-stdin public.ecr.aws - docker push public.ecr.aws/gravitational/teleport-buildbox:$BUILDBOX_VERSION volumes: - - name: dockersock - path: /var/run - name: awsconfig path: /root/.aws + - name: dockersock + path: /var/run + - name: dockerConfig + path: /root/.docker - name: Build and push buildbox-fips image: docker commands: @@ -6677,10 +6927,12 @@ steps: login -u="AWS" --password-stdin public.ecr.aws - docker push public.ecr.aws/gravitational/teleport-buildbox-fips:$BUILDBOX_VERSION volumes: - - name: dockersock - path: /var/run - name: awsconfig path: /root/.aws + - name: dockersock + path: /var/run + - name: dockerConfig + path: /root/.docker - name: Build and push buildbox-arm image: docker commands: @@ -6697,10 +6949,12 @@ steps: login -u="AWS" --password-stdin public.ecr.aws - docker push public.ecr.aws/gravitational/teleport-buildbox-arm:$BUILDBOX_VERSION volumes: - - name: dockersock - path: /var/run - name: awsconfig path: /root/.aws + - name: dockersock + path: /var/run + - name: dockerConfig + path: /root/.docker - name: Build and push buildbox-centos7 image: docker commands: @@ -6717,10 +6971,12 @@ steps: login -u="AWS" --password-stdin public.ecr.aws - docker push public.ecr.aws/gravitational/teleport-buildbox-centos7:$BUILDBOX_VERSION volumes: - - name: dockersock - path: /var/run - name: awsconfig path: /root/.aws + - name: dockersock + path: /var/run + - name: dockerConfig + path: /root/.docker - name: Build and push buildbox-centos7-fips image: docker commands: @@ -6737,10 +6993,12 @@ steps: login -u="AWS" --password-stdin public.ecr.aws - docker push public.ecr.aws/gravitational/teleport-buildbox-centos7-fips:$BUILDBOX_VERSION volumes: - - name: dockersock - path: /var/run - name: awsconfig path: /root/.aws + - name: dockersock + path: /var/run + - name: dockerConfig + path: /root/.docker services: - name: Start Docker image: docker:dind @@ -6749,9 +7007,11 @@ services: - name: dockersock path: /var/run volumes: +- name: awsconfig + temp: {} - name: dockersock temp: {} -- name: awsconfig +- name: dockerConfig temp: {} --- @@ -7965,9 +8225,17 @@ steps: image: docker commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Wait for docker registry image: alpine commands: @@ -8146,6 +8414,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Download "teleport_v11-tag_amd64.deb" artifacts from S3 @@ -8207,6 +8477,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Download "teleport_v11-tag_arm.deb" artifacts from S3 @@ -8268,6 +8540,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Download "teleport_v11-tag_arm64.deb" artifacts from S3 @@ -8293,6 +8567,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport image "teleport:v11-amd64" - name: Tag and push image "teleport:v11-arm" to ECR - staging @@ -8316,6 +8592,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport image "teleport:v11-arm" - name: Tag and push image "teleport:v11-arm64" to ECR - staging @@ -8340,6 +8618,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport image "teleport:v11-arm64" - name: Create manifest and push "teleport:full" to ECR - staging @@ -8364,6 +8644,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v11-amd64" to ECR - staging - Tag and push image "teleport:v11-arm" to ECR - staging @@ -8475,6 +8757,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Download "teleport-ent_v11-tag_amd64.deb" artifacts from S3 @@ -8536,6 +8820,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Download "teleport-ent_v11-tag_arm.deb" artifacts from S3 @@ -8597,6 +8883,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Download "teleport-ent_v11-tag_arm64.deb" artifacts from S3 @@ -8622,6 +8910,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent image "teleport-ent:v11-amd64" - name: Tag and push image "teleport-ent:v11-arm" to ECR - staging @@ -8646,6 +8936,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent image "teleport-ent:v11-arm" - name: Tag and push image "teleport-ent:v11-arm64" to ECR - staging @@ -8670,6 +8962,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent image "teleport-ent:v11-arm64" - name: Create manifest and push "teleport-ent:full" to ECR - staging @@ -8694,6 +8988,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-amd64" to ECR - staging - Tag and push image "teleport-ent:v11-arm" to ECR - staging @@ -8807,6 +9103,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Download "teleport-ent_v11-tag-fips_amd64.deb" artifacts from S3 @@ -8832,6 +9130,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent-fips image "teleport-ent:v11-fips-amd64" - name: Create manifest and push "teleport-ent:full-fips" to ECR - staging @@ -8854,6 +9154,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-fips-amd64" to ECR - staging - name: Build teleport-operator image "teleport-operator:v11-amd64" @@ -8885,6 +9187,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Wait for docker @@ -8922,6 +9226,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Wait for docker @@ -8959,6 +9265,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Wait for docker @@ -8989,6 +9297,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-operator image "teleport-operator:v11-amd64" - name: Tag and push image "teleport-operator:v11-arm" to ECR - staging @@ -9013,6 +9323,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-operator image "teleport-operator:v11-arm" - name: Tag and push image "teleport-operator:v11-arm64" to ECR - staging @@ -9037,6 +9349,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-operator image "teleport-operator:v11-arm64" - name: Create manifest and push "teleport-operator:full" to ECR - staging @@ -9061,6 +9375,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-operator:v11-amd64" to ECR - staging - Tag and push image "teleport-operator:v11-arm" to ECR - staging @@ -9081,6 +9397,8 @@ volumes: temp: {} - name: dockersock temp: {} +- name: dockerConfig + temp: {} --- ################################################ @@ -9135,9 +9453,17 @@ steps: image: docker commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Verify build is tagged - Record if tag ($DRONE_TAG) is prerelease @@ -9251,6 +9577,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Verify build is tagged - Record if tag ($DRONE_TAG) is prerelease @@ -9279,6 +9607,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Verify build is tagged - Record if tag ($DRONE_TAG) is prerelease @@ -9307,6 +9637,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Verify build is tagged - Record if tag ($DRONE_TAG) is prerelease @@ -9343,6 +9675,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Pull teleport:v11-amd64 and push it to Local Registry - name: Tag and push image "teleport:v11-arm" to Quay @@ -9371,6 +9705,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Pull teleport:v11-arm and push it to Local Registry - name: Tag and push image "teleport:v11-arm64" to Quay @@ -9400,6 +9736,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Pull teleport:v11-arm64 and push it to Local Registry - name: Create manifest and push "teleport:major" to Quay @@ -9426,6 +9764,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v11-amd64" to Quay - Tag and push image "teleport:v11-arm" to Quay @@ -9454,6 +9794,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v11-amd64" to Quay - Tag and push image "teleport:v11-arm" to Quay @@ -9479,6 +9821,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v11-amd64" to Quay - Tag and push image "teleport:v11-arm" to Quay @@ -9509,6 +9853,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Pull teleport:v11-amd64 and push it to Local Registry - name: Tag and push image "teleport:v11-arm" to ECR - production @@ -9536,6 +9882,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Pull teleport:v11-arm and push it to Local Registry - name: Tag and push image "teleport:v11-arm64" to ECR - production @@ -9564,6 +9912,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Pull teleport:v11-arm64 and push it to Local Registry - name: Create manifest and push "teleport:major" to ECR - production @@ -9589,6 +9939,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v11-amd64" to ECR - production - Tag and push image "teleport:v11-arm" to ECR - production @@ -9616,6 +9968,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v11-amd64" to ECR - production - Tag and push image "teleport:v11-arm" to ECR - production @@ -9641,6 +9995,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v11-amd64" to ECR - production - Tag and push image "teleport:v11-arm" to ECR - production @@ -9664,6 +10020,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Verify build is tagged - Record if tag ($DRONE_TAG) is prerelease @@ -9692,6 +10050,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Verify build is tagged - Record if tag ($DRONE_TAG) is prerelease @@ -9720,6 +10080,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Verify build is tagged - Record if tag ($DRONE_TAG) is prerelease @@ -9756,6 +10118,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Pull teleport-ent:v11-amd64 and push it to Local Registry - name: Tag and push image "teleport-ent:v11-arm" to Quay @@ -9785,6 +10149,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Pull teleport-ent:v11-arm and push it to Local Registry - name: Tag and push image "teleport-ent:v11-arm64" to Quay @@ -9814,6 +10180,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Pull teleport-ent:v11-arm64 and push it to Local Registry - name: Create manifest and push "teleport-ent:major" to Quay @@ -9840,6 +10208,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-amd64" to Quay - Tag and push image "teleport-ent:v11-arm" to Quay @@ -9868,6 +10238,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-amd64" to Quay - Tag and push image "teleport-ent:v11-arm" to Quay @@ -9894,6 +10266,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-amd64" to Quay - Tag and push image "teleport-ent:v11-arm" to Quay @@ -9925,6 +10299,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Pull teleport-ent:v11-amd64 and push it to Local Registry - name: Tag and push image "teleport-ent:v11-arm" to ECR - production @@ -9953,6 +10329,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Pull teleport-ent:v11-arm and push it to Local Registry - name: Tag and push image "teleport-ent:v11-arm64" to ECR - production @@ -9982,6 +10360,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Pull teleport-ent:v11-arm64 and push it to Local Registry - name: Create manifest and push "teleport-ent:major" to ECR - production @@ -10007,6 +10387,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-amd64" to ECR - production - Tag and push image "teleport-ent:v11-arm" to ECR - production @@ -10034,6 +10416,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-amd64" to ECR - production - Tag and push image "teleport-ent:v11-arm" to ECR - production @@ -10059,6 +10443,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-amd64" to ECR - production - Tag and push image "teleport-ent:v11-arm" to ECR - production @@ -10083,6 +10469,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Verify build is tagged - Record if tag ($DRONE_TAG) is prerelease @@ -10119,6 +10507,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Pull teleport-ent:v11-fips-amd64 and push it to Local Registry - name: Create manifest and push "teleport-ent:major-fips" to Quay @@ -10143,6 +10533,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-fips-amd64" to Quay - name: Create manifest and push "teleport-ent:minor-fips" to Quay @@ -10167,6 +10559,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-fips-amd64" to Quay - name: Create manifest and push "teleport-ent:full-fips" to Quay @@ -10189,6 +10583,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-fips-amd64" to Quay - name: Tag and push image "teleport-ent:v11-fips-amd64" to ECR - production @@ -10218,6 +10614,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Pull teleport-ent:v11-fips-amd64 and push it to Local Registry - name: Create manifest and push "teleport-ent:major-fips" to ECR - production @@ -10241,6 +10639,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-fips-amd64" to ECR - production - name: Create manifest and push "teleport-ent:minor-fips" to ECR - production @@ -10264,6 +10664,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-fips-amd64" to ECR - production - name: Create manifest and push "teleport-ent:full-fips" to ECR - production @@ -10285,6 +10687,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-fips-amd64" to ECR - production - name: Pull teleport-operator:v11-amd64 and push it to Local Registry @@ -10307,6 +10711,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Verify build is tagged - Record if tag ($DRONE_TAG) is prerelease @@ -10336,6 +10742,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Verify build is tagged - Record if tag ($DRONE_TAG) is prerelease @@ -10365,6 +10773,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Verify build is tagged - Record if tag ($DRONE_TAG) is prerelease @@ -10401,6 +10811,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Pull teleport-operator:v11-amd64 and push it to Local Registry - name: Tag and push image "teleport-operator:v11-arm" to Quay @@ -10430,6 +10842,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Pull teleport-operator:v11-arm and push it to Local Registry - name: Tag and push image "teleport-operator:v11-arm64" to Quay @@ -10459,6 +10873,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Pull teleport-operator:v11-arm64 and push it to Local Registry - name: Create manifest and push "teleport-operator:major" to Quay @@ -10485,6 +10901,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-operator:v11-amd64" to Quay - Tag and push image "teleport-operator:v11-arm" to Quay @@ -10513,6 +10931,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-operator:v11-amd64" to Quay - Tag and push image "teleport-operator:v11-arm" to Quay @@ -10539,6 +10959,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-operator:v11-amd64" to Quay - Tag and push image "teleport-operator:v11-arm" to Quay @@ -10570,6 +10992,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Pull teleport-operator:v11-amd64 and push it to Local Registry - name: Tag and push image "teleport-operator:v11-arm" to ECR - production @@ -10599,6 +11023,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Pull teleport-operator:v11-arm and push it to Local Registry - name: Tag and push image "teleport-operator:v11-arm64" to ECR - production @@ -10628,6 +11054,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Pull teleport-operator:v11-arm64 and push it to Local Registry - name: Create manifest and push "teleport-operator:major" to ECR - production @@ -10653,6 +11081,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-operator:v11-amd64" to ECR - production - Tag and push image "teleport-operator:v11-arm" to ECR - production @@ -10680,6 +11110,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-operator:v11-amd64" to ECR - production - Tag and push image "teleport-operator:v11-arm" to ECR - production @@ -10705,6 +11137,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-operator:v11-amd64" to ECR - production - Tag and push image "teleport-operator:v11-arm" to ECR - production @@ -10725,6 +11159,8 @@ volumes: temp: {} - name: dockersock temp: {} +- name: dockerConfig + temp: {} --- ################################################ @@ -10768,9 +11204,17 @@ steps: image: docker commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Find the latest available semver for v11 - name: Wait for docker registry @@ -10998,6 +11442,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Download "teleport_v11-tag_amd64.deb" artifacts from S3 @@ -11059,6 +11505,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Download "teleport_v11-tag_arm.deb" artifacts from S3 @@ -11120,6 +11568,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Download "teleport_v11-tag_arm64.deb" artifacts from S3 @@ -11158,6 +11608,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport image "teleport:v11-amd64" - name: Tag and push image "teleport:v11-arm" to ECR - staging @@ -11194,6 +11646,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport image "teleport:v11-arm" - name: Tag and push image "teleport:v11-arm64" to ECR - staging @@ -11231,6 +11685,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport image "teleport:v11-arm64" - name: Create manifest and push "teleport:major-$TIMESTAMP" to ECR - staging @@ -11256,6 +11712,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v11-amd64" to ECR - staging - Tag and push image "teleport:v11-arm" to ECR - staging @@ -11283,6 +11741,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v11-amd64" to ECR - staging - Tag and push image "teleport:v11-arm" to ECR - staging @@ -11310,6 +11770,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v11-amd64" to ECR - staging - Tag and push image "teleport:v11-arm" to ECR - staging @@ -11341,6 +11803,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport image "teleport:v11-amd64" - name: Tag and push image "teleport:v11-arm" to Quay @@ -11369,6 +11833,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport image "teleport:v11-arm" - name: Tag and push image "teleport:v11-arm64" to Quay @@ -11398,6 +11864,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport image "teleport:v11-arm64" - name: Create manifest and push "teleport:major" to Quay @@ -11420,6 +11888,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v11-amd64" to Quay - Tag and push image "teleport:v11-arm" to Quay @@ -11444,6 +11914,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v11-amd64" to Quay - Tag and push image "teleport:v11-arm" to Quay @@ -11469,6 +11941,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v11-amd64" to Quay - Tag and push image "teleport:v11-arm" to Quay @@ -11499,6 +11973,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport image "teleport:v11-amd64" - name: Tag and push image "teleport:v11-arm" to ECR - production @@ -11526,6 +12002,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport image "teleport:v11-arm" - name: Tag and push image "teleport:v11-arm64" to ECR - production @@ -11554,6 +12032,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport image "teleport:v11-arm64" - name: Create manifest and push "teleport:major" to ECR - production @@ -11575,6 +12055,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v11-amd64" to ECR - production - Tag and push image "teleport:v11-arm" to ECR - production @@ -11598,6 +12080,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v11-amd64" to ECR - production - Tag and push image "teleport:v11-arm" to ECR - production @@ -11623,6 +12107,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v11-amd64" to ECR - production - Tag and push image "teleport:v11-arm" to ECR - production @@ -11738,6 +12224,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Download "teleport-ent_v11-tag_amd64.deb" artifacts from S3 @@ -11799,6 +12287,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Download "teleport-ent_v11-tag_arm.deb" artifacts from S3 @@ -11860,6 +12350,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Download "teleport-ent_v11-tag_arm64.deb" artifacts from S3 @@ -11898,6 +12390,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent image "teleport-ent:v11-amd64" - name: Tag and push image "teleport-ent:v11-arm" to ECR - staging @@ -11935,6 +12429,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent image "teleport-ent:v11-arm" - name: Tag and push image "teleport-ent:v11-arm64" to ECR - staging @@ -11972,6 +12468,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent image "teleport-ent:v11-arm64" - name: Create manifest and push "teleport-ent:major-$TIMESTAMP" to ECR - staging @@ -11997,6 +12495,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-amd64" to ECR - staging - Tag and push image "teleport-ent:v11-arm" to ECR - staging @@ -12024,6 +12524,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-amd64" to ECR - staging - Tag and push image "teleport-ent:v11-arm" to ECR - staging @@ -12051,6 +12553,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-amd64" to ECR - staging - Tag and push image "teleport-ent:v11-arm" to ECR - staging @@ -12082,6 +12586,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent image "teleport-ent:v11-amd64" - name: Tag and push image "teleport-ent:v11-arm" to Quay @@ -12111,6 +12617,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent image "teleport-ent:v11-arm" - name: Tag and push image "teleport-ent:v11-arm64" to Quay @@ -12140,6 +12648,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent image "teleport-ent:v11-arm64" - name: Create manifest and push "teleport-ent:major" to Quay @@ -12162,6 +12672,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-amd64" to Quay - Tag and push image "teleport-ent:v11-arm" to Quay @@ -12186,6 +12698,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-amd64" to Quay - Tag and push image "teleport-ent:v11-arm" to Quay @@ -12212,6 +12726,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-amd64" to Quay - Tag and push image "teleport-ent:v11-arm" to Quay @@ -12243,6 +12759,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent image "teleport-ent:v11-amd64" - name: Tag and push image "teleport-ent:v11-arm" to ECR - production @@ -12271,6 +12789,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent image "teleport-ent:v11-arm" - name: Tag and push image "teleport-ent:v11-arm64" to ECR - production @@ -12300,6 +12820,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent image "teleport-ent:v11-arm64" - name: Create manifest and push "teleport-ent:major" to ECR - production @@ -12321,6 +12843,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-amd64" to ECR - production - Tag and push image "teleport-ent:v11-arm" to ECR - production @@ -12344,6 +12868,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-amd64" to ECR - production - Tag and push image "teleport-ent:v11-arm" to ECR - production @@ -12369,6 +12895,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-amd64" to ECR - production - Tag and push image "teleport-ent:v11-arm" to ECR - production @@ -12486,6 +13014,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Download "teleport-ent_v11-tag-fips_amd64.deb" artifacts from S3 @@ -12524,6 +13054,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent-fips image "teleport-ent:v11-fips-amd64" - name: Create manifest and push "teleport-ent:major-$TIMESTAMP-fips" to ECR - staging @@ -12547,6 +13079,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-fips-amd64" to ECR - staging - name: Create manifest and push "teleport-ent:minor-$TIMESTAMP-fips" to ECR - staging @@ -12570,6 +13104,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-fips-amd64" to ECR - staging - name: Create manifest and push "teleport-ent:full-$TIMESTAMP-fips" to ECR - staging @@ -12593,6 +13129,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-fips-amd64" to ECR - staging - name: Tag and push image "teleport-ent:v11-fips-amd64" to Quay @@ -12622,6 +13160,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent-fips image "teleport-ent:v11-fips-amd64" - name: Create manifest and push "teleport-ent:major-fips" to Quay @@ -12642,6 +13182,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-fips-amd64" to Quay - name: Create manifest and push "teleport-ent:minor-fips" to Quay @@ -12662,6 +13204,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-fips-amd64" to Quay - name: Create manifest and push "teleport-ent:full-fips" to Quay @@ -12684,6 +13228,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-fips-amd64" to Quay - name: Tag and push image "teleport-ent:v11-fips-amd64" to ECR - production @@ -12713,6 +13259,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent-fips image "teleport-ent:v11-fips-amd64" - name: Create manifest and push "teleport-ent:major-fips" to ECR - production @@ -12732,6 +13280,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-fips-amd64" to ECR - production - name: Create manifest and push "teleport-ent:minor-fips" to ECR - production @@ -12751,6 +13301,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-fips-amd64" to ECR - production - name: Create manifest and push "teleport-ent:full-fips" to ECR - production @@ -12772,6 +13324,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v11-fips-amd64" to ECR - production - name: Build teleport-operator image "teleport-operator:v11-amd64" @@ -12803,6 +13357,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Find the latest available semver for v11 @@ -12842,6 +13398,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Find the latest available semver for v11 @@ -12881,6 +13439,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Find the latest available semver for v11 @@ -12926,6 +13486,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-operator image "teleport-operator:v11-amd64" - name: Tag and push image "teleport-operator:v11-arm" to ECR - staging @@ -12963,6 +13525,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-operator image "teleport-operator:v11-arm" - name: Tag and push image "teleport-operator:v11-arm64" to ECR - staging @@ -13000,6 +13564,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-operator image "teleport-operator:v11-arm64" - name: Create manifest and push "teleport-operator:major-$TIMESTAMP" to ECR - staging @@ -13025,6 +13591,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-operator:v11-amd64" to ECR - staging - Tag and push image "teleport-operator:v11-arm" to ECR - staging @@ -13052,6 +13620,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-operator:v11-amd64" to ECR - staging - Tag and push image "teleport-operator:v11-arm" to ECR - staging @@ -13079,6 +13649,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-operator:v11-amd64" to ECR - staging - Tag and push image "teleport-operator:v11-arm" to ECR - staging @@ -13110,6 +13682,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-operator image "teleport-operator:v11-amd64" - name: Tag and push image "teleport-operator:v11-arm" to Quay @@ -13139,6 +13713,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-operator image "teleport-operator:v11-arm" - name: Tag and push image "teleport-operator:v11-arm64" to Quay @@ -13168,6 +13744,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-operator image "teleport-operator:v11-arm64" - name: Create manifest and push "teleport-operator:major" to Quay @@ -13190,6 +13768,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-operator:v11-amd64" to Quay - Tag and push image "teleport-operator:v11-arm" to Quay @@ -13214,6 +13794,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-operator:v11-amd64" to Quay - Tag and push image "teleport-operator:v11-arm" to Quay @@ -13240,6 +13822,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-operator:v11-amd64" to Quay - Tag and push image "teleport-operator:v11-arm" to Quay @@ -13271,6 +13855,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-operator image "teleport-operator:v11-amd64" - name: Tag and push image "teleport-operator:v11-arm" to ECR - production @@ -13300,6 +13886,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-operator image "teleport-operator:v11-arm" - name: Tag and push image "teleport-operator:v11-arm64" to ECR - production @@ -13329,6 +13917,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-operator image "teleport-operator:v11-arm64" - name: Create manifest and push "teleport-operator:major" to ECR - production @@ -13350,6 +13940,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-operator:v11-amd64" to ECR - production - Tag and push image "teleport-operator:v11-arm" to ECR - production @@ -13373,6 +13965,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-operator:v11-amd64" to ECR - production - Tag and push image "teleport-operator:v11-arm" to ECR - production @@ -13398,6 +13992,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-operator:v11-amd64" to ECR - production - Tag and push image "teleport-operator:v11-arm" to ECR - production @@ -13418,6 +14014,8 @@ volumes: temp: {} - name: dockersock temp: {} +- name: dockerConfig + temp: {} --- ################################################ @@ -13461,9 +14059,17 @@ steps: image: docker commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Find the latest available semver for v10 - name: Wait for docker registry @@ -13691,6 +14297,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Download "teleport_v10-tag_amd64.deb" artifacts from S3 @@ -13752,6 +14360,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Download "teleport_v10-tag_arm.deb" artifacts from S3 @@ -13813,6 +14423,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Download "teleport_v10-tag_arm64.deb" artifacts from S3 @@ -13851,6 +14463,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport image "teleport:v10-amd64" - name: Tag and push image "teleport:v10-arm" to ECR - staging @@ -13887,6 +14501,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport image "teleport:v10-arm" - name: Tag and push image "teleport:v10-arm64" to ECR - staging @@ -13924,6 +14540,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport image "teleport:v10-arm64" - name: Create manifest and push "teleport:major-$TIMESTAMP" to ECR - staging @@ -13949,6 +14567,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v10-amd64" to ECR - staging - Tag and push image "teleport:v10-arm" to ECR - staging @@ -13976,6 +14596,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v10-amd64" to ECR - staging - Tag and push image "teleport:v10-arm" to ECR - staging @@ -14003,6 +14625,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v10-amd64" to ECR - staging - Tag and push image "teleport:v10-arm" to ECR - staging @@ -14034,6 +14658,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport image "teleport:v10-amd64" - name: Tag and push image "teleport:v10-arm" to Quay @@ -14062,6 +14688,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport image "teleport:v10-arm" - name: Tag and push image "teleport:v10-arm64" to Quay @@ -14091,6 +14719,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport image "teleport:v10-arm64" - name: Create manifest and push "teleport:major" to Quay @@ -14113,6 +14743,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v10-amd64" to Quay - Tag and push image "teleport:v10-arm" to Quay @@ -14137,6 +14769,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v10-amd64" to Quay - Tag and push image "teleport:v10-arm" to Quay @@ -14162,6 +14796,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v10-amd64" to Quay - Tag and push image "teleport:v10-arm" to Quay @@ -14192,6 +14828,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport image "teleport:v10-amd64" - name: Tag and push image "teleport:v10-arm" to ECR - production @@ -14219,6 +14857,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport image "teleport:v10-arm" - name: Tag and push image "teleport:v10-arm64" to ECR - production @@ -14247,6 +14887,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport image "teleport:v10-arm64" - name: Create manifest and push "teleport:major" to ECR - production @@ -14268,6 +14910,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v10-amd64" to ECR - production - Tag and push image "teleport:v10-arm" to ECR - production @@ -14291,6 +14935,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v10-amd64" to ECR - production - Tag and push image "teleport:v10-arm" to ECR - production @@ -14316,6 +14962,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v10-amd64" to ECR - production - Tag and push image "teleport:v10-arm" to ECR - production @@ -14431,6 +15079,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Download "teleport-ent_v10-tag_amd64.deb" artifacts from S3 @@ -14492,6 +15142,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Download "teleport-ent_v10-tag_arm.deb" artifacts from S3 @@ -14553,6 +15205,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Download "teleport-ent_v10-tag_arm64.deb" artifacts from S3 @@ -14591,6 +15245,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent image "teleport-ent:v10-amd64" - name: Tag and push image "teleport-ent:v10-arm" to ECR - staging @@ -14628,6 +15284,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent image "teleport-ent:v10-arm" - name: Tag and push image "teleport-ent:v10-arm64" to ECR - staging @@ -14665,6 +15323,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent image "teleport-ent:v10-arm64" - name: Create manifest and push "teleport-ent:major-$TIMESTAMP" to ECR - staging @@ -14690,6 +15350,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v10-amd64" to ECR - staging - Tag and push image "teleport-ent:v10-arm" to ECR - staging @@ -14717,6 +15379,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v10-amd64" to ECR - staging - Tag and push image "teleport-ent:v10-arm" to ECR - staging @@ -14744,6 +15408,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v10-amd64" to ECR - staging - Tag and push image "teleport-ent:v10-arm" to ECR - staging @@ -14775,6 +15441,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent image "teleport-ent:v10-amd64" - name: Tag and push image "teleport-ent:v10-arm" to Quay @@ -14804,6 +15472,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent image "teleport-ent:v10-arm" - name: Tag and push image "teleport-ent:v10-arm64" to Quay @@ -14833,6 +15503,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent image "teleport-ent:v10-arm64" - name: Create manifest and push "teleport-ent:major" to Quay @@ -14855,6 +15527,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v10-amd64" to Quay - Tag and push image "teleport-ent:v10-arm" to Quay @@ -14879,6 +15553,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v10-amd64" to Quay - Tag and push image "teleport-ent:v10-arm" to Quay @@ -14905,6 +15581,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v10-amd64" to Quay - Tag and push image "teleport-ent:v10-arm" to Quay @@ -14936,6 +15614,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent image "teleport-ent:v10-amd64" - name: Tag and push image "teleport-ent:v10-arm" to ECR - production @@ -14964,6 +15644,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent image "teleport-ent:v10-arm" - name: Tag and push image "teleport-ent:v10-arm64" to ECR - production @@ -14993,6 +15675,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent image "teleport-ent:v10-arm64" - name: Create manifest and push "teleport-ent:major" to ECR - production @@ -15014,6 +15698,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v10-amd64" to ECR - production - Tag and push image "teleport-ent:v10-arm" to ECR - production @@ -15037,6 +15723,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v10-amd64" to ECR - production - Tag and push image "teleport-ent:v10-arm" to ECR - production @@ -15062,6 +15750,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v10-amd64" to ECR - production - Tag and push image "teleport-ent:v10-arm" to ECR - production @@ -15179,6 +15869,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Download "teleport-ent_v10-tag-fips_amd64.deb" artifacts from S3 @@ -15217,6 +15909,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent-fips image "teleport-ent:v10-fips-amd64" - name: Create manifest and push "teleport-ent:major-$TIMESTAMP-fips" to ECR - staging @@ -15240,6 +15934,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v10-fips-amd64" to ECR - staging - name: Create manifest and push "teleport-ent:minor-$TIMESTAMP-fips" to ECR - staging @@ -15263,6 +15959,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v10-fips-amd64" to ECR - staging - name: Create manifest and push "teleport-ent:full-$TIMESTAMP-fips" to ECR - staging @@ -15286,6 +15984,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v10-fips-amd64" to ECR - staging - name: Tag and push image "teleport-ent:v10-fips-amd64" to Quay @@ -15315,6 +16015,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent-fips image "teleport-ent:v10-fips-amd64" - name: Create manifest and push "teleport-ent:major-fips" to Quay @@ -15335,6 +16037,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v10-fips-amd64" to Quay - name: Create manifest and push "teleport-ent:minor-fips" to Quay @@ -15355,6 +16059,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v10-fips-amd64" to Quay - name: Create manifest and push "teleport-ent:full-fips" to Quay @@ -15377,6 +16083,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v10-fips-amd64" to Quay - name: Tag and push image "teleport-ent:v10-fips-amd64" to ECR - production @@ -15406,6 +16114,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent-fips image "teleport-ent:v10-fips-amd64" - name: Create manifest and push "teleport-ent:major-fips" to ECR - production @@ -15425,6 +16135,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v10-fips-amd64" to ECR - production - name: Create manifest and push "teleport-ent:minor-fips" to ECR - production @@ -15444,6 +16156,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v10-fips-amd64" to ECR - production - name: Create manifest and push "teleport-ent:full-fips" to ECR - production @@ -15465,6 +16179,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v10-fips-amd64" to ECR - production - name: Build teleport-operator image "teleport-operator:v10-amd64" @@ -15496,6 +16212,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Find the latest available semver for v10 @@ -15535,6 +16253,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Find the latest available semver for v10 @@ -15574,6 +16294,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Find the latest available semver for v10 @@ -15619,6 +16341,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-operator image "teleport-operator:v10-amd64" - name: Tag and push image "teleport-operator:v10-arm" to ECR - staging @@ -15656,6 +16380,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-operator image "teleport-operator:v10-arm" - name: Tag and push image "teleport-operator:v10-arm64" to ECR - staging @@ -15693,6 +16419,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-operator image "teleport-operator:v10-arm64" - name: Create manifest and push "teleport-operator:major-$TIMESTAMP" to ECR - staging @@ -15718,6 +16446,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-operator:v10-amd64" to ECR - staging - Tag and push image "teleport-operator:v10-arm" to ECR - staging @@ -15745,6 +16475,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-operator:v10-amd64" to ECR - staging - Tag and push image "teleport-operator:v10-arm" to ECR - staging @@ -15772,6 +16504,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-operator:v10-amd64" to ECR - staging - Tag and push image "teleport-operator:v10-arm" to ECR - staging @@ -15803,6 +16537,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-operator image "teleport-operator:v10-amd64" - name: Tag and push image "teleport-operator:v10-arm" to Quay @@ -15832,6 +16568,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-operator image "teleport-operator:v10-arm" - name: Tag and push image "teleport-operator:v10-arm64" to Quay @@ -15861,6 +16599,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-operator image "teleport-operator:v10-arm64" - name: Create manifest and push "teleport-operator:major" to Quay @@ -15883,6 +16623,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-operator:v10-amd64" to Quay - Tag and push image "teleport-operator:v10-arm" to Quay @@ -15907,6 +16649,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-operator:v10-amd64" to Quay - Tag and push image "teleport-operator:v10-arm" to Quay @@ -15933,6 +16677,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-operator:v10-amd64" to Quay - Tag and push image "teleport-operator:v10-arm" to Quay @@ -15964,6 +16710,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-operator image "teleport-operator:v10-amd64" - name: Tag and push image "teleport-operator:v10-arm" to ECR - production @@ -15993,6 +16741,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-operator image "teleport-operator:v10-arm" - name: Tag and push image "teleport-operator:v10-arm64" to ECR - production @@ -16022,6 +16772,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-operator image "teleport-operator:v10-arm64" - name: Create manifest and push "teleport-operator:major" to ECR - production @@ -16043,6 +16795,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-operator:v10-amd64" to ECR - production - Tag and push image "teleport-operator:v10-arm" to ECR - production @@ -16066,6 +16820,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-operator:v10-amd64" to ECR - production - Tag and push image "teleport-operator:v10-arm" to ECR - production @@ -16091,6 +16847,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-operator:v10-amd64" to ECR - production - Tag and push image "teleport-operator:v10-arm" to ECR - production @@ -16111,6 +16869,8 @@ volumes: temp: {} - name: dockersock temp: {} +- name: dockerConfig + temp: {} --- ################################################ @@ -16153,9 +16913,17 @@ steps: image: docker commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Find the latest available semver for v9 - name: Wait for docker registry @@ -16382,6 +17150,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Download "teleport_v9-tag_amd64.deb" artifacts from S3 @@ -16443,6 +17213,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Download "teleport_v9-tag_arm.deb" artifacts from S3 @@ -16504,6 +17276,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Download "teleport_v9-tag_arm64.deb" artifacts from S3 @@ -16542,6 +17316,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport image "teleport:v9-amd64" - name: Tag and push image "teleport:v9-arm" to ECR - staging @@ -16578,6 +17354,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport image "teleport:v9-arm" - name: Tag and push image "teleport:v9-arm64" to ECR - staging @@ -16615,6 +17393,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport image "teleport:v9-arm64" - name: Create manifest and push "teleport:major-$TIMESTAMP" to ECR - staging @@ -16640,6 +17420,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v9-amd64" to ECR - staging - Tag and push image "teleport:v9-arm" to ECR - staging @@ -16667,6 +17449,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v9-amd64" to ECR - staging - Tag and push image "teleport:v9-arm" to ECR - staging @@ -16694,6 +17478,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v9-amd64" to ECR - staging - Tag and push image "teleport:v9-arm" to ECR - staging @@ -16725,6 +17511,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport image "teleport:v9-amd64" - name: Tag and push image "teleport:v9-arm" to Quay @@ -16753,6 +17541,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport image "teleport:v9-arm" - name: Tag and push image "teleport:v9-arm64" to Quay @@ -16782,6 +17572,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport image "teleport:v9-arm64" - name: Create manifest and push "teleport:major" to Quay @@ -16804,6 +17596,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v9-amd64" to Quay - Tag and push image "teleport:v9-arm" to Quay @@ -16828,6 +17622,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v9-amd64" to Quay - Tag and push image "teleport:v9-arm" to Quay @@ -16853,6 +17649,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v9-amd64" to Quay - Tag and push image "teleport:v9-arm" to Quay @@ -16883,6 +17681,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport image "teleport:v9-amd64" - name: Tag and push image "teleport:v9-arm" to ECR - production @@ -16910,6 +17710,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport image "teleport:v9-arm" - name: Tag and push image "teleport:v9-arm64" to ECR - production @@ -16938,6 +17740,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport image "teleport:v9-arm64" - name: Create manifest and push "teleport:major" to ECR - production @@ -16959,6 +17763,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v9-amd64" to ECR - production - Tag and push image "teleport:v9-arm" to ECR - production @@ -16982,6 +17788,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v9-amd64" to ECR - production - Tag and push image "teleport:v9-arm" to ECR - production @@ -17007,6 +17815,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport:v9-amd64" to ECR - production - Tag and push image "teleport:v9-arm" to ECR - production @@ -17122,6 +17932,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Download "teleport-ent_v9-tag_amd64.deb" artifacts from S3 @@ -17183,6 +17995,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Download "teleport-ent_v9-tag_arm.deb" artifacts from S3 @@ -17244,6 +18058,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Download "teleport-ent_v9-tag_arm64.deb" artifacts from S3 @@ -17282,6 +18098,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent image "teleport-ent:v9-amd64" - name: Tag and push image "teleport-ent:v9-arm" to ECR - staging @@ -17319,6 +18137,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent image "teleport-ent:v9-arm" - name: Tag and push image "teleport-ent:v9-arm64" to ECR - staging @@ -17356,6 +18176,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent image "teleport-ent:v9-arm64" - name: Create manifest and push "teleport-ent:major-$TIMESTAMP" to ECR - staging @@ -17381,6 +18203,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v9-amd64" to ECR - staging - Tag and push image "teleport-ent:v9-arm" to ECR - staging @@ -17408,6 +18232,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v9-amd64" to ECR - staging - Tag and push image "teleport-ent:v9-arm" to ECR - staging @@ -17435,6 +18261,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v9-amd64" to ECR - staging - Tag and push image "teleport-ent:v9-arm" to ECR - staging @@ -17466,6 +18294,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent image "teleport-ent:v9-amd64" - name: Tag and push image "teleport-ent:v9-arm" to Quay @@ -17495,6 +18325,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent image "teleport-ent:v9-arm" - name: Tag and push image "teleport-ent:v9-arm64" to Quay @@ -17524,6 +18356,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent image "teleport-ent:v9-arm64" - name: Create manifest and push "teleport-ent:major" to Quay @@ -17546,6 +18380,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v9-amd64" to Quay - Tag and push image "teleport-ent:v9-arm" to Quay @@ -17570,6 +18406,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v9-amd64" to Quay - Tag and push image "teleport-ent:v9-arm" to Quay @@ -17596,6 +18434,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v9-amd64" to Quay - Tag and push image "teleport-ent:v9-arm" to Quay @@ -17627,6 +18467,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent image "teleport-ent:v9-amd64" - name: Tag and push image "teleport-ent:v9-arm" to ECR - production @@ -17655,6 +18497,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent image "teleport-ent:v9-arm" - name: Tag and push image "teleport-ent:v9-arm64" to ECR - production @@ -17684,6 +18528,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent image "teleport-ent:v9-arm64" - name: Create manifest and push "teleport-ent:major" to ECR - production @@ -17705,6 +18551,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v9-amd64" to ECR - production - Tag and push image "teleport-ent:v9-arm" to ECR - production @@ -17728,6 +18576,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v9-amd64" to ECR - production - Tag and push image "teleport-ent:v9-arm" to ECR - production @@ -17753,6 +18603,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v9-amd64" to ECR - production - Tag and push image "teleport-ent:v9-arm" to ECR - production @@ -17870,6 +18722,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Assume ECR - authenticated-pull AWS Role - Download "teleport-ent_v9-tag-fips_amd64.deb" artifacts from S3 @@ -17908,6 +18762,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent-fips image "teleport-ent:v9-fips-amd64" - name: Create manifest and push "teleport-ent:major-$TIMESTAMP-fips" to ECR - staging @@ -17931,6 +18787,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v9-fips-amd64" to ECR - staging - name: Create manifest and push "teleport-ent:minor-$TIMESTAMP-fips" to ECR - staging @@ -17954,6 +18812,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v9-fips-amd64" to ECR - staging - name: Create manifest and push "teleport-ent:full-$TIMESTAMP-fips" to ECR - staging @@ -17977,6 +18837,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v9-fips-amd64" to ECR - staging - name: Tag and push image "teleport-ent:v9-fips-amd64" to Quay @@ -18006,6 +18868,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent-fips image "teleport-ent:v9-fips-amd64" - name: Create manifest and push "teleport-ent:major-fips" to Quay @@ -18026,6 +18890,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v9-fips-amd64" to Quay - name: Create manifest and push "teleport-ent:minor-fips" to Quay @@ -18046,6 +18912,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v9-fips-amd64" to Quay - name: Create manifest and push "teleport-ent:full-fips" to Quay @@ -18068,6 +18936,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v9-fips-amd64" to Quay - name: Tag and push image "teleport-ent:v9-fips-amd64" to ECR - production @@ -18097,6 +18967,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Build teleport-ent-fips image "teleport-ent:v9-fips-amd64" - name: Create manifest and push "teleport-ent:major-fips" to ECR - production @@ -18116,6 +18988,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v9-fips-amd64" to ECR - production - name: Create manifest and push "teleport-ent:minor-fips" to ECR - production @@ -18135,6 +19009,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v9-fips-amd64" to ECR - production - name: Create manifest and push "teleport-ent:full-fips" to ECR - production @@ -18156,6 +19032,8 @@ steps: path: /root/.aws - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker depends_on: - Tag and push image "teleport-ent:v9-fips-amd64" to ECR - production services: @@ -18174,6 +19052,8 @@ volumes: temp: {} - name: dockersock temp: {} +- name: dockerConfig + temp: {} --- ################################################ @@ -18214,9 +19094,17 @@ steps: image: docker commands: - timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done' + - printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin + environment: + DOCKERHUB_PASSWORD: + from_secret: DOCKERHUB_READONLY_TOKEN + DOCKERHUB_USERNAME: + from_secret: DOCKERHUB_USERNAME volumes: - name: dockersock path: /var/run + - name: dockerConfig + path: /root/.docker - name: Assume AWS Role image: amazon/aws-cli commands: @@ -18250,10 +19138,12 @@ steps: environment: AWS_DEFAULT_REGION: us-west-2 volumes: - - name: dockersock - path: /var/run - name: awsconfig path: /root/.aws + - name: dockersock + path: /var/run + - name: dockerConfig + path: /root/.docker - name: Publish in Release API image: docker:git commands: @@ -18274,12 +19164,14 @@ steps: RELEASES_KEY: from_secret: RELEASES_KEY volumes: - - name: dockersock - path: /var/run - name: tmpfs path: /tmpfs - name: awsconfig path: /root/.aws + - name: dockersock + path: /var/run + - name: dockerConfig + path: /root/.docker services: - name: Start Docker image: docker:dind @@ -18290,15 +19182,17 @@ services: - name: dockersock path: /var/run volumes: -- name: dockersock - temp: {} - name: tmpfs temp: medium: memory - name: awsconfig temp: {} +- name: dockersock + temp: {} +- name: dockerConfig + temp: {} --- kind: signature -hmac: 60f27fed9d0e5786d54bd22e6b07f18d62225d78be34cdfce01a391360249d9d +hmac: 539d88e2c56363ce9d171aaeb52b99b72e2fb67a0ffcc14679ba5c5b3d51d7f8 ... diff --git a/dronegen/buildbox.go b/dronegen/buildbox.go index 75aa73db5e018..e557378ed6d82 100644 --- a/dronegen/buildbox.go +++ b/dronegen/buildbox.go @@ -69,7 +69,7 @@ func buildboxPipelineStep(buildboxName string, fips bool) step { return step{ Name: "Build and push " + buildboxName, Image: "docker", - Volumes: []volumeRef{volumeRefDocker, volumeRefAwsConfig}, + Volumes: dockerVolumeRefs(volumeRefAwsConfig), Commands: []string{ `apk add --no-cache make aws-cli`, `chown -R $UID:$GID /go`, @@ -101,7 +101,7 @@ func buildboxPipeline() pipeline { // only on master for now; add the release branch name when forking a new release series. p.Trigger = pushTriggerForBranch("master", "branch/*") p.Workspace = workspace{Path: "/go/src/github.com/gravitational/teleport"} - p.Volumes = []volume{volumeDocker, volumeAwsConfig} + p.Volumes = dockerVolumes(volumeAwsConfig) p.Services = []service{ dockerService(), } diff --git a/dronegen/common.go b/dronegen/common.go index 63ac021f026fd..326b80a2841c1 100644 --- a/dronegen/common.go +++ b/dronegen/common.go @@ -86,6 +86,25 @@ var ( Name: "awsconfig", Path: "/root/.aws", } + + // volumeDockerConfig is a temporary volume for storing docker + // credentials for use with the Docker-in-Docker service we use + // to isolate the host machines docker daemon from the one used + // during the build. Mount this any tome you use `volumeDocker` + // + // Drone claims to destroy the the temp volumes after a workflow + // has run, so it should be safe to write credentials etc. + volumeDockerConfig = volume{ + Name: "dockerConfig", + Temp: &volumeTemp{}, + } + + // volumeRefDockerConfig is how you reference the docker config + // volume in a workflow step + volumeRefDockerConfig = volumeRef{ + Name: "dockerConfig", + Path: "/root/.docker", + } ) var buildboxVersion value @@ -245,13 +264,13 @@ func dockerRegistryService() service { // dockerVolumes returns a slice of volumes // It includes the Docker socket volume by default, plus any extra volumes passed in func dockerVolumes(v ...volume) []volume { - return append(v, volumeDocker) + return append(v, volumeDocker, volumeDockerConfig) } // dockerVolumeRefs returns a slice of volumeRefs // It includes the Docker socket volumeRef as a default, plus any extra volumeRefs passed in func dockerVolumeRefs(v ...volumeRef) []volumeRef { - return append(v, volumeRefDocker) + return append(v, volumeRefDocker, volumeRefDockerConfig) } // releaseMakefileTarget gets the correct Makefile target for a given arch/fips/centos combo @@ -285,8 +304,13 @@ func waitForDockerStep() step { Image: "docker", Commands: []string{ `timeout 30s /bin/sh -c 'while [ ! -S /var/run/docker.sock ]; do sleep 1; done'`, + `printenv DOCKERHUB_PASSWORD | docker login -u="$DOCKERHUB_USERNAME" --password-stdin`, + }, + Volumes: dockerVolumeRefs(), + Environment: map[string]value{ + "DOCKERHUB_USERNAME": {fromSecret: "DOCKERHUB_USERNAME"}, + "DOCKERHUB_PASSWORD": {fromSecret: "DOCKERHUB_READONLY_TOKEN"}, }, - Volumes: []volumeRef{volumeRefDocker}, } } diff --git a/dronegen/push.go b/dronegen/push.go index 566f20a639fea..8ee61fc105e57 100644 --- a/dronegen/push.go +++ b/dronegen/push.go @@ -121,7 +121,7 @@ func pushPipeline(b buildType) pipeline { } p.Trigger = triggerPush p.Workspace = workspace{Path: "/go"} - p.Volumes = []volume{volumeDocker} + p.Volumes = dockerVolumes() p.Services = []service{ dockerService(), } @@ -139,7 +139,7 @@ func pushPipeline(b buildType) pipeline { Name: "Build artifacts", Image: "docker", Environment: pushEnvironment, - Volumes: []volumeRef{volumeRefDocker}, + Volumes: dockerVolumeRefs(), Commands: pushBuildCommands(b), }, sendErrorToSlackStep(), diff --git a/dronegen/relcli.go b/dronegen/relcli.go index c119bb7132215..c93b0fc8899a0 100644 --- a/dronegen/relcli.go +++ b/dronegen/relcli.go @@ -44,11 +44,7 @@ func relcliPipeline(trigger trigger, name string, stepName string, command strin } p.Services = []service{dockerService(volumeRefTmpfs)} - p.Volumes = []volume{ - volumeDocker, - volumeTmpfs, - volumeAwsConfig, - } + p.Volumes = dockerVolumes(volumeTmpfs, volumeAwsConfig) return p } @@ -60,10 +56,7 @@ func pullRelcliStep(awsConfigVolumeRef volumeRef) step { Environment: map[string]value{ "AWS_DEFAULT_REGION": {raw: "us-west-2"}, }, - Volumes: []volumeRef{ - volumeRefDocker, - volumeRefAwsConfig, - }, + Volumes: dockerVolumeRefs(volumeRefAwsConfig), Commands: []string{ `apk add --no-cache aws-cli`, `aws ecr get-login-password | docker login -u="AWS" --password-stdin 146628656107.dkr.ecr.us-west-2.amazonaws.com`, @@ -83,11 +76,7 @@ func executeRelcliStep(name string, command string) step { "RELCLI_CERT": {raw: "/tmpfs/creds/releases.crt"}, "RELCLI_KEY": {raw: "/tmpfs/creds/releases.key"}, }, - Volumes: []volumeRef{ - volumeRefDocker, - volumeRefTmpfs, - volumeRefAwsConfig, - }, + Volumes: dockerVolumeRefs(volumeRefTmpfs, volumeRefAwsConfig), Commands: []string{ `mkdir -p /tmpfs/creds`, `echo "$RELEASES_CERT" | base64 -d > "$RELCLI_CERT"`, diff --git a/dronegen/tag.go b/dronegen/tag.go index d361fdfb7745b..a5199770fc922 100644 --- a/dronegen/tag.go +++ b/dronegen/tag.go @@ -272,7 +272,7 @@ func tagPipeline(b buildType) pipeline { Name: "Build artifacts", Image: "docker", Environment: tagEnvironment, - Volumes: []volumeRef{volumeRefDocker}, + Volumes: dockerVolumeRefs(), Commands: tagBuildCommands(b), }, { @@ -445,14 +445,8 @@ func tagPackagePipeline(packageType string, b buildType) pipeline { environment["OSS_TARBALL_PATH"] = value{raw: "/go/artifacts"} } - packageDockerVolumes := []volume{ - volumeDocker, - volumeAwsConfig, - } - packageDockerVolumeRefs := []volumeRef{ - volumeRefDocker, - volumeRefAwsConfig, - } + packageDockerVolumes := dockerVolumes(volumeAwsConfig) + packageDockerVolumeRefs := dockerVolumeRefs(volumeRefAwsConfig) packageDockerService := dockerService() switch packageType { diff --git a/examples/chart/teleport-cluster/Chart.yaml b/examples/chart/teleport-cluster/Chart.yaml index 46b46ee968fad..eb565ca9f7cc4 100644 --- a/examples/chart/teleport-cluster/Chart.yaml +++ b/examples/chart/teleport-cluster/Chart.yaml @@ -12,4 +12,4 @@ keywords: dependencies: - name: teleport-operator version: *version - condition: installCRDs,operator.enabled \ No newline at end of file + condition: installCRDs,operator.enabled