Add support for CentOS 6 builds in Docker

build.assets/Dockerfile-centos6

@@ -0,0 +1,48 @@
+# This Dockerfile makes the "build box": the container used to build official
+# releases of Teleport and its documentation.
+FROM centos:6
+
+ARG UID
+ARG GID
+ARG GO_BOOTSTRAP_RUNTIME=go1.9.7
+
+ENV LANGUAGE=en_US.UTF-8
+ENV LANG=en_US.UTF-8
+ENV LC_ALL=en_US.UTF-8
+ENV LC_CTYPE=en_US.UTF-8
+
+COPY pam/pam_teleport.so /lib/x86_64-linux-gnu/security
+COPY pam/teleport-acct-failure /etc/pam.d
+COPY pam/teleport-session-failure /etc/pam.d
+COPY pam/teleport-success /etc/pam.d
+
+RUN yum makecache fast && yum -y install gcc pam-devel glibc-devel net-tools tree git zip && yum clean all
+
+RUN (groupadd jenkins --gid=$GID -o && useradd jenkins --uid=$UID --gid=$GID --create-home --shell=/bin/sh ;\
+     mkdir -p /var/lib/teleport && chown -R jenkins /var/lib/teleport)
+
+# Install etcd.
+RUN (curl -L https://github.com/coreos/etcd/releases/download/v3.3.9/etcd-v3.3.9-linux-amd64.tar.gz | tar -xz ;\
+     cp etcd-v3.3.9-linux-amd64/etcd* /bin/)
+
+# 1) Install binary go runtime for bootstrapping
+# 2) Get source for the correct Go boringcrypto runtime and compile it with Go bootstrap runtime
+# 3) Erase Go bootstrap runtime and create build directories
+# 4) Print compiled Go version
+ARG RUNTIME
+RUN mkdir -p /go-bootstrap && cd /go-bootstrap && curl https://dl.google.com/go/${GO_BOOTSTRAP_RUNTIME}.linux-amd64.tar.gz | tar xz && \
+    mkdir -p /opt && cd /opt && curl https://dl.google.com/go/${RUNTIME}.src.tar.gz | tar xz && \
+    cd /opt/go/src && GOROOT_BOOTSTRAP=/go-bootstrap/go ./make.bash && \
+    rm -rf /go-bootstrap && \
+    mkdir -p /gopath/src/github.com/gravitational/teleport && \
+    chmod a+w /gopath && \
+    chmod a+w /var/lib && \
+    chmod a-w / && \
+    /opt/go/bin/go version
+
+ENV GOPATH="/gopath" \
+    GOROOT="/opt/go" \
+    PATH="$PATH:/opt/go/bin:/gopath/bin:/gopath/src/github.com/gravitational/teleport/build"
+
+VOLUME ["/gopath/src/github.com/gravitational/teleport"]
+EXPOSE 6600 2379 2380

build.assets/Dockerfile-centos6-fips

@@ -0,0 +1,49 @@
+# This Dockerfile makes the "build box": the container used to build official
+# releases of Teleport and its documentation.
+FROM centos:6
+
+ARG UID
+ARG GID
+ARG GO_BOOTSTRAP_RUNTIME=go1.9.7
+
+ENV LANGUAGE=en_US.UTF-8
+ENV LANG=en_US.UTF-8
+ENV LC_ALL=en_US.UTF-8
+ENV LC_CTYPE=en_US.UTF-8
+
+COPY pam/pam_teleport.so /lib/x86_64-linux-gnu/security
+COPY pam/teleport-acct-failure /etc/pam.d
+COPY pam/teleport-session-failure /etc/pam.d
+COPY pam/teleport-success /etc/pam.d
+
+RUN yum makecache fast && yum -y install gcc pam-devel glibc-devel net-tools tree git zip && yum clean all
+
+RUN (groupadd jenkins --gid=$GID -o && useradd jenkins --uid=$UID --gid=$GID --create-home --shell=/bin/sh ;\
+     mkdir -p /var/lib/teleport && chown -R jenkins /var/lib/teleport)
+
+# Install etcd.
+RUN (curl -L https://github.com/coreos/etcd/releases/download/v3.3.9/etcd-v3.3.9-linux-amd64.tar.gz | tar -xz ;\
+     cp etcd-v3.3.9-linux-amd64/etcd* /bin/)
+
+# 1) Install binary go runtime for bootstrapping
+# 2) Get source for the correct Go boringcrypto runtime and compile it with Go bootstrap runtime
+# 3) Erase Go bootstrap runtime and create build directories
+# 4) Print compiled Go version
+ARG RUNTIME
+#RUN mkdir -p /go-bootstrap && cd /go-bootstrap && curl https://go-boringcrypto.storage.googleapis.com/${GO_BOOTSTRAP_RUNTIME}b4.linux-amd64.tar.gz | tar xz && \
+RUN mkdir -p /go-bootstrap && cd /go-bootstrap && curl https://dl.google.com/go/${GO_BOOTSTRAP_RUNTIME}.linux-amd64.tar.gz | tar xz && \
+    mkdir -p /opt && cd /opt && curl https://go-boringcrypto.storage.googleapis.com/${RUNTIME}b4.src.tar.gz | tar xz && \
+    cd /opt/go/src && GOROOT_BOOTSTRAP=/go-bootstrap/go ./make.bash && \
+    rm -rf /go-bootstrap && \
+    mkdir -p /gopath/src/github.com/gravitational/teleport && \
+    chmod a+w /gopath && \
+    chmod a+w /var/lib && \
+    chmod a-w / && \
+    /opt/go/bin/go version
+
+ENV GOPATH="/gopath" \
+    GOROOT="/opt/go" \
+    PATH="$PATH:/opt/go/bin:/gopath/bin:/gopath/src/github.com/gravitational/teleport/build"
+
+VOLUME ["/gopath/src/github.com/gravitational/teleport"]
+EXPOSE 6600 2379 2380

build.assets/Makefile

@@ -1,9 +1,6 @@
 #
 # This Makefile is used for producing official Teleport releases
 #
-BBOX=teleport-buildbox:latest
-BBOXFIPS=teleport-buildbox-fips:latest
-
 DOCSBOX=teleport-docsbox:latest
 DOCSHOST=teleport-docs
 DOCSDIR=/teleport
@@ -20,6 +17,11 @@ OS ?= linux
 ARCH ?= amd64
 RUNTIME ?= go1.13.2
 
+BBOX=teleport-buildbox:$(RUNTIME)
+BBOXFIPS=teleport-buildbox-fips:$(RUNTIME)
+BBOXCENTOS6=teleport-buildbox-centos6:$(RUNTIME)
+BBOXCENTOS6FIPS=teleport-buildbox-centos6-fips:$(RUNTIME)
+
 ifneq ("$(KUBECONFIG)","")
 DOCKERFLAGS := $(DOCKERFLAGS) -v $(KUBECONFIG):/mnt/kube/config -e KUBECONFIG=/mnt/kube/config -e TEST_KUBE=$(TEST_KUBE)
 endif
@@ -65,6 +67,28 @@ bbox-fips:
 		--build-arg RUNTIME=$(RUNTIME) \
 		--tag $(BBOXFIPS) -f Dockerfile-fips .
 
+#
+# Builds a Docker container for CentOS 6 builds 
+#
+.PHONY:bbox-centos6
+bbox-centos6:
+	docker build \
+		--build-arg UID=$$(id -u) \
+		--build-arg GID=$$(id -g) \
+		--build-arg RUNTIME=$(RUNTIME) \
+		--tag $(BBOXCENTOS6) -f Dockerfile-centos6 .
+
+#
+# Builds a Docker buildbox for CentOS 6 FIPS builds
+#
+.PHONY:bbox-centos6-fips
+bbox-centos6-fips:
+	docker build \
+		--build-arg UID=$$(id -u) \
+		--build-arg GID=$$(id -g) \
+		--build-arg RUNTIME=$(RUNTIME) \
+		--tag $(BBOXCENTOS6FIPS) -f Dockerfile-centos6-fips .
+
 #
 # Builds a Docker container for building mkdocs documentation
 #
@@ -163,6 +187,24 @@ release-fips: bbox-fips
 	docker run $(DOCKERFLAGS) -i $(NOROOT) $(BBOXFIPS) \
 		/usr/bin/make -C e release -e ADDFLAGS="$(ADDFLAGS)" OS=$(OS) ARCH=$(ARCH) RUNTIME=$(RUNTIME) FIPS=yes VERSION=$(VERSION) GITTAG=v$(VERSION)-fips
 
+#
+# Create a Teleport package for CentOS 6 using the build container.
+#
+.PHONY:release-centos6
+release-centos6: bbox-centos6
+	docker run $(DOCKERFLAGS) -i $(NOROOT) $(BBOXCENTOS6) \
+		/usr/bin/make release -e ADDFLAGS="$(ADDFLAGS)" OS=$(OS) ARCH=$(ARCH) RUNTIME=$(RUNTIME)
+
+#
+# Create a Teleport FIPS package using the build container.
+# This is a special case because it only builds and packages the Enterprise FIPS binaries, no OSS.
+#
+.PHONY:release-centos6-fips
+release-centos6-fips: bbox-centos6-fips
+	@if [ -z ${VERSION} ]; then echo "VERSION is not set"; exit 1; fi
+	docker run $(DOCKERFLAGS) -i $(NOROOT) $(BBOXCENTOS6FIPS) \
+		/usr/bin/make -C e release -e ADDFLAGS="$(ADDFLAGS)" OS=$(OS) ARCH=$(ARCH) RUNTIME=$(RUNTIME) FIPS=yes VERSION=$(VERSION) GITTAG=v$(VERSION)-fips
+
 #
 # Create a Windows Teleport package using the build container.
 #