-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
31 changed files
with
2,465 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
# Images | ||
*.jpg filter=lfs diff=lfs merge=lfs -text | ||
*.jpeg filter=lfs diff=lfs merge=lfs -text | ||
*.png filter=lfs diff=lfs merge=lfs -text |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
name: comment | ||
on: | ||
pull_request: | ||
types: [opened] | ||
jobs: | ||
comment: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: circa10a/animal-action@main | ||
with: | ||
github_token: ${{ secrets.GITHUB_TOKEN }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
|
||
name: release | ||
on: | ||
workflow_run: | ||
workflows: ["Bump Git Version"] | ||
branches: [main] | ||
types: | ||
- completed | ||
jobs: | ||
goreleaser: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v2 | ||
- name: Unshallow | ||
run: git fetch --prune --unshallow | ||
- id: vars | ||
run: | | ||
echo ::set-output name=go_version::$(curl -s https://raw.githubusercontent.com/actions/go-versions/main/versions-manifest.json | grep -oE '"version": "[0-9]{1}.[0-9]{1,}(.[0-9]{1,})?"' | head -1 | cut -d':' -f2 | sed 's/ //g; s/"//g') | ||
echo "Using Go version ${{ steps.vars.outputs.go_version }}" | ||
- name: Install Go | ||
uses: actions/setup-go@v2 | ||
with: | ||
go-version: ${{ steps.vars.outputs.go_version }} | ||
- name: Run GoReleaser | ||
uses: goreleaser/goreleaser-action@v2 | ||
with: | ||
version: latest | ||
args: release --rm-dist | ||
env: | ||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
name: Bump Git Version | ||
on: | ||
push: | ||
branches: | ||
- main | ||
jobs: | ||
semver: | ||
runs-on: ubuntu-latest | ||
outputs: | ||
tag: ${{ steps.tagging.outputs.new_tag }} | ||
steps: | ||
- uses: actions/checkout@v2 | ||
with: | ||
fetch-depth: '0' | ||
- name: Bump version and push tag | ||
uses: anothrNick/[email protected] | ||
id: tagging | ||
env: | ||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
WITH_V: true | ||
RELEASE_BRANCHES: main | ||
DEFAULT_BUMP: minor |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
name: test | ||
on: [ | ||
push, | ||
pull_request | ||
] | ||
|
||
jobs: | ||
test: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Install Go | ||
uses: actions/setup-go@v2 | ||
with: | ||
go-version: '^1.16.6' | ||
- name: Checkout code | ||
uses: actions/checkout@v2 | ||
- name: Test | ||
run: make test | ||
golangci-lint: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@v2 | ||
- name: Install Go | ||
uses: actions/setup-go@v2 | ||
with: | ||
go-version: '^1.16.6' | ||
- name: golangci-lint | ||
uses: golangci/golangci-lint-action@v2 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
# Binaries for programs and plugins | ||
*.exe | ||
*.exe~ | ||
*.dll | ||
*.so | ||
*.dylib | ||
|
||
# Test binary, built with `go test -c` | ||
*.test | ||
|
||
# Output of the go coverage tool, specifically when used with LiteIDE | ||
*.out | ||
|
||
# Dependency directories (remove the comment below to include it) | ||
# vendor/ | ||
|
||
# Remove any built plugins | ||
vault/plugins | ||
|
||
|
||
!.vscode/launch.json |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
linters-settings: | ||
govet: | ||
enable: | ||
- fieldalignment |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
# Visit https://goreleaser.com for documentation on how to customize this | ||
# behavior. | ||
before: | ||
hooks: | ||
- go mod tidy | ||
builds: | ||
- env: | ||
# goreleaser does not work with CGO, it could also complicate | ||
# usage by users in CI/CD systems like Terraform Cloud where | ||
# they are unable to install libraries. | ||
- CGO_ENABLED=0 | ||
mod_timestamp: '{{ .CommitTimestamp }}' | ||
flags: | ||
- -trimpath | ||
ldflags: | ||
- '-s -w -X main.version={{.Version}} -X main.commit={{.Commit}}' | ||
goos: | ||
- freebsd | ||
- windows | ||
- linux | ||
- darwin | ||
goarch: | ||
- amd64 | ||
- arm64 | ||
binary: '{{ .ProjectName }}_v{{ .Version }}' | ||
archives: | ||
- format: zip | ||
name_template: '{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}' | ||
checksum: | ||
name_template: '{{ .ProjectName }}_{{ .Version }}_SHA256SUMS' | ||
algorithm: sha256 | ||
changelog: | ||
skip: false | ||
sort: asc |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
FROM jenkins/jenkins:lts | ||
COPY configs/jenkins/plugins.txt /usr/share/jenkins/ref/plugins.txt | ||
COPY configs/jenkins/jenkins.yaml $JENKINS_HOME/jenkins.yaml | ||
RUN /usr/local/bin/install-plugins.sh < /usr/share/jenkins/ref/plugins.txt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
FROM golang | ||
WORKDIR /tmp/build | ||
COPY . . | ||
RUN GOOS=linux; go mod tidy && \ | ||
go build -ldflags="-s -w" -o vault-plugin-secrets-jenkins | ||
|
||
FROM vault | ||
COPY --from=0 --chown=vault /tmp/build/vault-plugin-secrets-jenkins /vault/plugins/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,61 @@ | ||
GOARCH = amd64 | ||
|
||
UNAME = $(shell uname -s) | ||
|
||
ifndef OS | ||
ifeq ($(UNAME), Linux) | ||
OS = linux | ||
else ifeq ($(UNAME), Darwin) | ||
OS = darwin | ||
endif | ||
endif | ||
|
||
.DEFAULT_GOAL := all | ||
|
||
all: fmt build start | ||
|
||
build: | ||
GOOS="$(OS)" GOARCH="$(GOARCH)" go build -o vault/plugins/vault-plugin-secrets-jenkins | ||
chmod 755 vault/plugins/* | ||
|
||
start: | ||
vault server -dev -dev-root-token-id=root -dev-plugin-dir=./vault/plugins | ||
|
||
enable: | ||
vault secrets enable -path=jenkins vault-plugin-secrets-jenkins | ||
|
||
clean: | ||
rm -f ./vault/plugins/vault-plugin-secrets-jenkins | ||
|
||
fmt: | ||
go fmt $$(go list ./...) | ||
|
||
lint: | ||
golangci-lint run -v | ||
|
||
jenkins: | ||
docker rm -f vault-jenkins | ||
docker build -t vault-jenkins -f Dockerfile.jenkins . | ||
docker run --name vault-jenkins -d --rm -p 8080:8080 vault-jenkins | ||
|
||
test: jenkins | ||
sleep 15 | ||
go test -v ./... | ||
|
||
set-vault-var: | ||
export VAULT_ADDR="http://localhost:8200" | ||
|
||
enable-plugin: build | ||
vault secrets enable vault-plugin-secrets-jenkins || exit 0 | ||
vault write sys/plugins/catalog/jenkins \ | ||
sha_256="$$(shasum -a 256 ./vault/plugins/vault-plugin-secrets-jenkins | cut -d " " -f1)" \ | ||
command="vault-plugin-secrets-jenkins" | ||
vault write vault-plugin-secrets-jenkins/config url=http://localhost:8080 username=admin password=admin | ||
|
||
token: set-vault-var enable-plugin | ||
vault read vault-plugin-secrets-jenkins/tokens/mytoken ttl=30 | ||
|
||
user: set-vault-var enable-plugin | ||
vault write vault-plugin-secrets-jenkins/users/myuser ttl=45 password=testpass fullname=fullname [email protected] | ||
|
||
.PHONY: build clean fmt start enable |
Oops, something went wrong.