hcq/influx-cli
hcq/influx-cli
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: use fpm for packaging (#476)

Browse Source 
* chore: remove goreleaser configuration and scripts

* chore: replace goreleaser with fpm

goreleaser handled signing and uploading packages. So, that
functionality had to be implemented here as well.
This commit is contained in:
Brandon Pfeifer 2023-03-01 17:26:34 -05:00 committed by GitHub
parent 48e8f5b752
commit 1164ca57ff
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 378 additions and 236 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

234
.circleci/config.yml
View File

@ -26,13 +26,20 @@ executors:
resource_class: windows.medium
shell: bash.exe -eo pipefail
release_filter: &release_filter
filters:
tags:
only: /^v[0-9]+\.[0-9]+\.[0-9]+(-(rc|alpha|beta)[0-9]+)?$/
branches:
ignore: /.*/
workflows:
version: 2
build-and-test:
jobs:
- lint
- check-openapi
- build-all
- test-race:
name: test-linux-amd64
- test-build:
@ -70,6 +77,24 @@ workflows:
arch: amd64
requires:
- test-build-amd64-windows
- build:
name: build-<< matrix.os >>-<< matrix.arch >>
matrix:
parameters:
os: [ linux, darwin, windows ]
arch: [ amd64, arm64 ]
exclude:
- os: darwin
arch: arm64
- os: windows
arch: arm64
- build-packages:
sign: false
requires:
- build-darwin-amd64
- build-linux-amd64
- build-linux-arm64
- build-windows-amd64
release-nightly:
triggers:
- schedule:
@ -119,6 +144,24 @@ workflows:
arch: amd64
requires:
- test-build-amd64-windows
- build:
name: build-<< matrix.os >>-<< matrix.arch >>
matrix:
parameters:
os: [ linux, darwin, windows ]
arch: [ amd64, arm64 ]
exclude:
- os: darwin
arch: arm64
- os: windows
arch: arm64
- build-packages:
sign: true
requires:
- build-darwin-amd64
- build-linux-amd64
- build-linux-arm64
- build-windows-amd64
- release:
is-nightly: true
requires:
@ -129,39 +172,20 @@ workflows:
- test-linux-arm64
- test-mac
- test-windows
- build-packages
release-tag:
jobs:
- changelog:
filters:
branches:
ignore: /.*/
tags:
only: /^v[0-9]+\.[0-9]+\.[0-9]+(-(rc|alpha|beta)[0-9]+)?$/
<<: *release_filter
- lint:
filters:
branches:
ignore: /.*/
tags:
only: /^v[0-9]+\.[0-9]+\.[0-9]+(-(rc|alpha|beta)[0-9]+)?$/
<<: *release_filter
- check-openapi:
filters:
branches:
ignore: /.*/
tags:
only: /^v[0-9]+\.[0-9]+\.[0-9]+(-(rc|alpha|beta)[0-9]+)?$/
<<: *release_filter
- test-race:
name: test-linux-amd64
filters:
branches:
ignore: /.*/
tags:
only: /^v[0-9]+\.[0-9]+\.[0-9]+(-(rc|alpha|beta)[0-9]+)?$/
<<: *release_filter
- test-build:
filters:
branches:
ignore: /.*/
tags:
only: /^v[0-9]+\.[0-9]+\.[0-9]+(-(rc|alpha|beta)[0-9]+)?$/
<<: *release_filter
matrix:
parameters:
os: [ linux, darwin, windows ]
@ -176,47 +200,51 @@ workflows:
- os: linux
arch: amd64
- test-prebuilt:
<<: *release_filter
name: test-linux-arm64
filters:
branches:
ignore: /.*/
tags:
only: /^v[0-9]+\.[0-9]+\.[0-9]+(-(rc|alpha|beta)[0-9]+)?$/
executor: linux-arm64
os: linux
arch: arm64
requires:
- test-build-arm64-linux
- test-prebuilt:
<<: *release_filter
name: test-mac
filters:
branches:
ignore: /.*/
tags:
only: /^v[0-9]+\.[0-9]+\.[0-9]+(-(rc|alpha|beta)[0-9]+)?$/
executor: mac
os: darwin
arch: amd64
requires:
- test-build-amd64-darwin
- test-prebuilt:
<<: *release_filter
name: test-windows
filters:
branches:
ignore: /.*/
tags:
only: /^v[0-9]+\.[0-9]+\.[0-9]+(-(rc|alpha|beta)[0-9]+)?$/
executor: windows
os: windows
arch: amd64
requires:
- test-build-amd64-windows
- build:
<<: *release_filter
name: build-<< matrix.os >>-<< matrix.arch >>
matrix:
parameters:
os: [ linux, darwin, windows ]
arch: [ amd64, arm64 ]
exclude:
- os: darwin
arch: arm64
- os: windows
arch: arm64
- build-packages:
<<: *release_filter
sign: true
requires:
- build-darwin-amd64
- build-linux-amd64
- build-linux-arm64
- build-windows-amd64
- release:
filters:
branches:
ignore: /.*/
tags:
only: /^v[0-9]+\.[0-9]+\.[0-9]+(-(rc|alpha|beta)[0-9]+)?$/
<<: *release_filter
is-nightly: false
requires:
- changelog
@ -226,6 +254,7 @@ workflows:
- test-linux-arm64
- test-mac
- test-windows
- build-packages
commands:
setup:
@ -247,11 +276,6 @@ commands:
echo 'export PATH=${GOPATH}/bin:${PATH}' >> $BASH_ENV
mkdir -p ${HOME}/.cache
echo 'export GOCACHE=${HOME}/.cache' >> $BASH_ENV
install-goreleaser:
steps:
- run:
name: Install goreleaser
command: ./scripts/ci/download-goreleaser.sh v1.14.0
jobs:
lint:
@ -289,23 +313,6 @@ jobs:
command: git submodule update --init --recursive
- run: make checkopenapi
build-all:
executor: linux-amd64
steps:
- checkout
- setup
- install-goreleaser
- run:
name: Make a pseudo-tag for the snapshot build
command: |
latest_tag=$(git describe --tags --abbrev=0)
git tag ${latest_tag}+SNAPSHOT.$(git rev-parse --short HEAD)
- run:
name: Cross-build all targets
command: IS_SNAPSHOT=1 goreleaser release --rm-dist --skip-publish --skip-sign --skip-validate
- store_artifacts:
path: dist
release:
parameters:
is-nightly:
@ -315,38 +322,25 @@ jobs:
- checkout
- attach_workspace:
at: .
- setup
- run:
name: Import GPG key
command: |
echo -e "$GPG_PRIVATE_KEY" > private.key
gpg --batch --import private.key
- install-goreleaser
export DEBIAN_FRONTEND=noninteractive
sudo apt-get update -y
sudo apt-get install -y awscli gnupg
gpg --import --batch \<<<"${GPG_PRIVATE_KEY//$'\\n'/$'\n'}"
- when:
condition: << parameters.is-nightly >>
steps:
- run:
name: Make a pseudo-tag for the nightly build
command: |
latest_tag=$(git describe --tags --abbrev=0)
git tag ${latest_tag}+nightly.$(date +%Y.%m.%d)
- run:
name: Publish nightly snapshot release
command: IS_NIGHTLY=1 goreleaser release --rm-dist
command: .circleci/scripts/upload-artifacts nightly
- unless:
condition: << parameters.is-nightly >>
steps:
- run:
name: Publish tagged release
command: goreleaser release --rm-dist
- run:
command: |
export DEBIAN_FRONTEND=noninteractive
sudo apt-get update
sudo apt-get install awscli
.circleci/scripts/upload-latest-artifacts
command: .circleci/scripts/upload-artifacts release
- store_artifacts:
path: dist
path: packages
test-build:
executor: cross-builder
@ -403,6 +397,68 @@ jobs:
- store_test_results:
path: ./test-results
build:
executor: cross-builder
parameters:
os:
type: string
arch:
type: string
steps:
- checkout
- run:
name: Build Binaries
command: |
GOOS=<<parameters.os>> GOARCH=<<parameters.arch>> make
- store_artifacts:
path: bin
- persist_to_workspace:
root: .
paths: bin
build-packages:
docker:
- image: ubuntu:latest
resource_class: small
parameters:
sign:
type: boolean
steps:
- attach_workspace:
at: /tmp/workspace
- checkout
- run:
name: Build Packages
command: |
export DEBIAN_FRONTEND=noninteractive
apt-get update
apt-get install --yes \
build-essential \
git \
gnupg \
rpm \
ruby-dev
gem install fpm
if [[ "<< parameters.sign >>" == "true" ]]
then
gpg --import --batch \<<<"${GPG_PRIVATE_KEY//$'\\n'/$'\n'}"
export SIGN_PACKAGES=1
fi
mkdir -p packages
OS=darwin ARCH=amd64 scripts/ci/build-packages /tmp/workspace/bin/darwin/amd64/influx "${PWD}/packages"
OS=linux ARCH=amd64 scripts/ci/build-packages /tmp/workspace/bin/linux/amd64/influx "${PWD}/packages"
OS=linux ARCH=arm64 scripts/ci/build-packages /tmp/workspace/bin/linux/arm64/influx "${PWD}/packages"
OS=windows ARCH=amd64 scripts/ci/build-packages /tmp/workspace/bin/windows/amd64/influx "${PWD}/packages"
- store_artifacts:
path: packages/
- persist_to_workspace:
root: .
paths:
- packages
changelog:
docker:
- image: quay.io/influxdb/changelogger:a20523cf8594eb93920e74d0189d6602a76a6146

52
.circleci/scripts/upload-artifacts Executable file
View File

@ -0,0 +1,52 @@
#!/bin/bash
set -o errexit \
-o nounset \
-o pipefail
# Determine if "${CIRCLE_TAG}" matches the semantic version regex. Otherwise,
# assume that "${CIRCLE_TAG}" is not intended to tag a release. The regex is
# permissive of what occurs after the semantic version. This allows for
# alphas, betas, and release candidates.
if [[ "${CIRCLE_TAG:-}" =~ ^v[0-9]+.[0-9]+.[0-9]+ ]]
then
VERSION_REGEX="${CIRCLE_TAG/#v/}"
else
# When "${CIRCLE_TAG}" cannot be used to construct the package version,
# use "${CIRCLE_SHA1}". Since "${CIRCLE_SHA1}" can start with an alpha
# (non-numeric) character, prefix it with "2.x-".
VERSION_REGEX="2.x[-_]${CIRCLE_SHA1:0:8}"
fi
REGEX='^packages/influxdb2-client[-_]'"${VERSION_REGEX}"'(.*)'
for target in packages/*
do
if [[ "${target}" =~ ${REGEX} ]]
then
# After renaming the artifact to the "latest/nightly" version, append
# the artifact to the `invalidations` file. Since `dl.influxdata.com`
# contains many 100GBs, this should only invalidate artifacts
# that have changed.
case ${1} in
nightly)
mv -v "${target}" "packages/influxdb2-client-nightly${BASH_REMATCH[1]}"
printf '/platform/nightlies/influxdb2-client-nightly%s\n' "${BASH_REMATCH[1]}" >>invalidations
;;
release)
cp -v "${target}" "packages/influxdb2-client-latest${BASH_REMATCH[1]}"
printf '/influxdb/releases/influxdb2-client-latest%s\n' "${BASH_REMATCH[1]}" >>invalidations
;;
esac
fi
done
case ${1} in
nightly)
aws s3 sync packages s3://dl.influxdata.com/platform/nightlies
;;
release)
aws s3 sync packages s3://dl.influxdata.com/influxdb/releases
;;
esac
aws cloudfront create-invalidation --distribution-id "${AWS_DISTRIBUTION_ID}" --paths $(<invalidations)

26
.circleci/scripts/upload-latest-artifacts
View File

@ -1,26 +0,0 @@
#!/bin/bash
set -o errexit \
-o nounset \
-o pipefail
REGEX='^dist/influxdb2-client-([[:digit:]]+\.[[:digit:]]+\.[[:digit:]]+)(.*)'
for target in dist/*
do
# `dist` contains more than just the packages. This will match
# only the artifacts with a "package" filename.
if [[ "${target}" =~ ${REGEX} ]]
then
mv -v "${target}" "dist/influxdb2-client-latest${BASH_REMATCH[2]}"
# After renaming the artifact to the "lastest" version, append the
# artifact to the `invalidations` file. Since `dl.influxdata.com`
# contains many 100GBs, this should only invalidate artifacts
# that have changed.
printf '/influxdb/releases/influxdb2-client-latest%s\n' "${BASH_REMATCH[2]}" >>invalidations
fi
done
aws s3 sync dist 's3://dl.influxdata.com/influxdb/releases/'
aws cloudfront create-invalidation --distribution-id "${AWS_DISTRIBUTION_ID}" --paths $(<invalidations)

93
.goreleaser.yml
View File

@ -1,93 +0,0 @@
project_name: influx-cli
# Do not make github release or generate a changelog
release:
disable: true
changelog:
skip: true
builds:
- id: influx
goos:
- linux
- darwin
- windows
goarch:
- amd64
- arm64
ignore:
- goos: darwin
goarch: arm64
- goos: windows
goarch: arm64
main: ./cmd/influx
env:
- CGO_ENABLED=0
flags:
- -tags={{if eq .Os "windows"}}timetzdata{{end}}
ldflags:
- -s -w -X main.version={{.Version}} -X main.commit={{.ShortCommit}} -X main.date={{.Date}}
binary: influx
nfpms:
- id: influx-cli
package_name: influxdb2-cli
formats:
- deb
- rpm
bindir: /usr/bin
conflicts:
- influxdb
overrides:
deb:
replaces:
# Tells the deb system that it's ok for this package to overwrite files from versions of the `influxdb2`
# package prior to 2.1.0. Needed to support installing `influxdb2-cli` next to `influxdb2` without upgrading
# the server.
- influxdb2 (<< 2.1.0)
file_name_template: influxdb2-client-{{if index .Env "IS_SNAPSHOT"}}SNAPSHOT{{else if index .Env "IS_NIGHTLY"}}nightly{{else}}{{.Version}}{{end}}-{{ .Arch }}
rpm:
conflicts:
# Tells the rpm system that this package can't be installed alongside versions of the `influxdb2` package
# prior to 2.1.0. This is as good as we can do for rpm; there's no equivalent to deb's "replaces" metadata.
- influxdb2 < 2.1.0
replacements:
amd64: x86_64
arm64: aarch64
armhf: armv7hl
file_name_template: influxdb2-client-{{if index .Env "IS_SNAPSHOT"}}SNAPSHOT{{else if index .Env "IS_NIGHTLY"}}nightly{{else}}{{.Version}}{{end}}.{{ .Arch }}
vendor: InfluxData
homepage: https://influxdata.com
maintainer: support@influxdata.com
description: CLI for managing resources in InfluxDB v2
license: MIT
archives:
- id: influx-cli
format: tar.gz
format_overrides:
- goos: windows
format: zip
wrap_in_directory: true
name_template: influxdb2-client-{{if index .Env "IS_SNAPSHOT"}}SNAPSHOT{{else if index .Env "IS_NIGHTLY"}}nightly{{else}}{{.Version}}{{end}}-{{ .Os }}-{{ .Arch }}
files:
- LICENSE
- README.md
checksum:
name_template: influxdb2-client-{{if index .Env "IS_SNAPSHOT"}}SNAPSHOT{{else if index .Env "IS_NIGHTLY"}}nightly{{else}}{{.Version}}{{end}}.sha256
algorithm: sha256
signs:
- signature: "${artifact}.asc"
cmd: gpg
args: [ --passphrase, "{{.Env.PASSPHRASE}}", --pinentry-mode=loopback, --batch, --armor, --detach-sign, "${artifact}"]
artifacts: all
blobs:
- provider: s3
bucket: dl.influxdata.com
region: us-east-1
folder: '{{if index .Env "IS_NIGHTLY"}}platform/nightlies/{{else}}influxdb/releases/{{end}}'
extra_files:
- glob: ./changelog_artifacts/CHANGELOG*.md

16
Makefile
View File

@ -1,9 +1,19 @@
# TOP is the directory where Makefile lives (i.e. top-level project).
# This must be before any includes.
TOP := $(dir $(realpath $(lastword $(MAKEFILE_LIST))))
include $(TOP)/support.mk
### Environment setup
export GOPATH=$(shell go env GOPATH)
export GOOS=$(shell go env GOOS)
export GOARCH=$(shell go env GOARCH)
export GOVERSION=$(shell go list -m -f '{{.GoVersion}}')
ifeq ($(GOOS),windows)
GOTAGS += timetzdata,
endif
LDFLAGS := $(LDFLAGS) -X main.date=$(shell date -u +'%Y-%m-%dT%H:%M:%SZ')
ifdef VERSION
@ -20,7 +30,7 @@ ifneq ($(GCFLAGS),)
GCFLAGS := -gcflags "$(GCFLAGS)"
endif
export GO_BUILD=go build $(GCFLAGS) -ldflags "$(LDFLAGS)"
export GO_BUILD=go build $(call with-param,-tags ,$(GOTAGS)) $(GCFLAGS) -ldflags "$(LDFLAGS)"
# SOURCES are the files that affect building the main binary.
SOURCES := $(shell find . -name '*.go' -not -name '*_test.go') go.mod go.sum
@ -45,11 +55,11 @@ fmt: $(FMT_FILES)
# Format imports.
go run github.com/daixiang0/gci -w $^
bin/$(GOOS)/influx: $(SOURCES)
bin/$(GOOS)/$(GOARCH)/influx: $(SOURCES)
CGO_ENABLED=0 $(GO_BUILD) -o $@ ./cmd/$(shell basename "$@")
.DEFAULT_GOAL := influx
influx: bin/$(GOOS)/influx
influx: bin/$(GOOS)/$(GOARCH)/influx
clean:
$(RM) -r bin

151
scripts/ci/build-packages Executable file
View File

@ -0,0 +1,151 @@
#!/bin/bash
set -o errexit \
-o nounset \
-o pipefail
PKG_BIN_PATH="${1}"
PKG_OUT_PATH="${2}"
# Determine if "${CIRCLE_TAG}" matches the semantic version regex. Otherwise,
# assume that "${CIRCLE_TAG}" is not intended to tag a release. The regex is
# permissive of what occurs after the semantic version. This allows for
# alphas, betas, and release candidates.
if [[ "${CIRCLE_TAG:-}" =~ ^v[0-9]+.[0-9]+.[0-9]+ ]]
then
VERSION="${CIRCLE_TAG/#v/}"
RELEASE=1
else
# When "${CIRCLE_TAG}" cannot be used to construct the package version,
# use "${CIRCLE_SHA1}". Since "${CIRCLE_SHA1}" can start with an alpha
# (non-numeric) character, prefix it with "2.x-".
VERSION="2.x-${CIRCLE_SHA1:0:8}"
fi
build_archive()
{
local workspace="$(mktemp -d)"
cp LICENSE README.md "${PKG_BIN_PATH}" "${workspace}"
pushd "${workspace}"
local target="${PKG_OUT_PATH}/influxdb2-client-${VERSION}_${OS}_${ARCH}.tar.gz"
tar -czf "${target}" .
# generate signature and checksums
generate_signature "${target}"
generate_checksums "${target}"
popd
}
build_package_linux()
{
local workspace="$(mktemp -d)"
pushd "${workspace}"
mkdir -p fs/usr/bin
# copies binaries into package file system
cp "${PKG_BIN_PATH}" fs/usr/bin
fpm_wrapper deb
fpm_wrapper rpm
popd
}
fpm_wrapper()
{
# "${ARCH}" matches Debian architecture names. Therefore, when building an
# RPM, it needs to be converted into a Redhat architecture name. Currently,
# influxdb-cli only supports "x86_64" and "aarch64".
if [[ "${1}" == rpm ]]
then
case ${ARCH} in
amd64)
ARCH=x86_64
;;
arm64)
ARCH=aarch64
esac
fi
case ${1} in
rpm)
REPLACES='influxdb < 2.1.0'
;;
deb)
REPLACES='influxdb (<< 2.1.0)'
;;
esac
fpm \
--log error \
`# package description` \
--name influxdb2-client \
--vendor InfluxData \
--description 'CLI for managing resources in InfluxDB v2' \
--url https://influxdata.com \
--maintainer support@influxdb.com \
--license MIT \
--replaces "${REPLACES}" \
`# package configuration` \
--input-type dir \
--output-type "${1}" \
--architecture "${ARCH}" \
--version "${VERSION}" \
--iteration 1 \
`# package options` \
--chdir fs/ \
--package "${PKG_OUT_PATH}/"
# `goreleaser` removed the "package revision" from the package filename.
# Since the automation is based on the packages created by `goreleaser`,
# this will also remove the "package revision" to
# maintain compatibility.
case ${1} in
deb)
mv "${PKG_OUT_PATH}/influxdb2-client_${VERSION}-1_${ARCH}.deb" \
"${PKG_OUT_PATH}/influxdb2-client-${VERSION}-${ARCH}.deb"
# generate signature and checksums
generate_signature "${PKG_OUT_PATH}/influxdb2-client-${VERSION}-${ARCH}.deb"
generate_checksums "${PKG_OUT_PATH}/influxdb2-client-${VERSION}-${ARCH}.deb"
;;
rpm)
mv "${PKG_OUT_PATH}/influxdb2-client-${VERSION//-/_}-1.${ARCH}.rpm" \
"${PKG_OUT_PATH}/influxdb2-client-${VERSION//-/_}.${ARCH}.rpm"
# generate signature and checksums
generate_checksums "${PKG_OUT_PATH}/influxdb2-client-${VERSION//-/_}.${ARCH}.rpm"
generate_signature "${PKG_OUT_PATH}/influxdb2-client-${VERSION//-/_}.${ARCH}.rpm"
;;
esac
}
generate_signature()
{
if [[ ( "${SIGN_PACKAGES:-}" ) ]]
then
gpg --passphrase "${PASSPHRASE}" --pinentry-mode=loopback --batch --armor --detach-sign "${1}"
fi
}
generate_checksums()
{
md5sum "${1}" >"${1}.md5"
sha256sum "${1}" >"${1}.sha256"
}
case ${OS} in
linux)
build_archive
build_package_linux
;;
darwin)
build_archive
;;
esac

25
scripts/ci/download-goreleaser.sh
View File

@ -1,25 +0,0 @@
#!/bin/bash
set -o nounset \
-o errexit \
-o pipefail
case ${1} in
v1.14.0)
CHECKSUM=5f832026b88340318caaec5bd985951e7d363bd248bf49f25239ebb802304bcb
;;
v1.13.1)
CHECKSUM=136fecfb2e2f3a7965274ad5e2571985d8b2fa724b6536874f082e4b0bb9f344
;;
v1.13.0)
CHECKSUM=743dea6fa96f3acdf0fe99ce5f8c83f43afe72efedeb1506f88f5321a18f63f2
;;
*)
printf 'Could not validate goreleaser version %s...\n' "${1}" 1>&2 ; exit 1
;;
esac
curl -LO "https://github.com/goreleaser/goreleaser/releases/download/${1}/goreleaser_Linux_x86_64.tar.gz"
printf '%s goreleaser_Linux_x86_64.tar.gz' "${CHECKSUM}" | sha256sum --check
tar -xf goreleaser_Linux_x86_64.tar.gz -C "${GOPATH}/bin"

17
support.mk Normal file
View File

@ -0,0 +1,17 @@
# Add quotes to a string and escape any internal quotes.
# $(call with-quotes,alice bob) -> "alice bob"
# $(call with-quotes,) -> ""
# $(call with-quotes,Bobby "Drop Tables") -> "Bobby \"Drop Tables\""
define with-quotes
$(if $(1),"$(subst ",\",$(1))")
endef
# Generate a command line option in the form $(1)"$(2)", but only if $(2)
# is not empty.
# $(call with-param,-t=,) ->
# $(call with-param,-t=,Ralph Wiggum) -> -t="Ralph Wiggum"
# $(call with-param,-t=,Bobby "Drop Tables") -> -t="Bobby \"Drop Tables\""
define with-param
$(if $(2),$(1)$(call with-quotes,$(2)))
endef