Skip to content

Commit

Permalink
initial commit (#1)
Browse files Browse the repository at this point in the history
  • Loading branch information
circa10a committed Dec 27, 2021
1 parent b714cb3 commit fbab64d
Show file tree
Hide file tree
Showing 31 changed files with 2,465 additions and 0 deletions.
4 changes: 4 additions & 0 deletions .gitattributes
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
# Images
*.jpg filter=lfs diff=lfs merge=lfs -text
*.jpeg filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
11 changes: 11 additions & 0 deletions .github/workflows/comment.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
name: comment
on:
pull_request:
types: [opened]
jobs:
comment:
runs-on: ubuntu-latest
steps:
- uses: circa10a/animal-action@main
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
32 changes: 32 additions & 0 deletions .github/workflows/release.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@

name: release
on:
workflow_run:
workflows: ["Bump Git Version"]
branches: [main]
types:
- completed
jobs:
goreleaser:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Unshallow
run: git fetch --prune --unshallow
- id: vars
run: |
echo ::set-output name=go_version::$(curl -s https://raw.githubusercontent.com/actions/go-versions/main/versions-manifest.json | grep -oE '"version": "[0-9]{1}.[0-9]{1,}(.[0-9]{1,})?"' | head -1 | cut -d':' -f2 | sed 's/ //g; s/"//g')
echo "Using Go version ${{ steps.vars.outputs.go_version }}"
- name: Install Go
uses: actions/setup-go@v2
with:
go-version: ${{ steps.vars.outputs.go_version }}
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@v2
with:
version: latest
args: release --rm-dist
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

22 changes: 22 additions & 0 deletions .github/workflows/tag.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
name: Bump Git Version
on:
push:
branches:
- main
jobs:
semver:
runs-on: ubuntu-latest
outputs:
tag: ${{ steps.tagging.outputs.new_tag }}
steps:
- uses: actions/checkout@v2
with:
fetch-depth: '0'
- name: Bump version and push tag
uses: anothrNick/[email protected]
id: tagging
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
WITH_V: true
RELEASE_BRANCHES: main
DEFAULT_BUMP: minor
28 changes: 28 additions & 0 deletions .github/workflows/test.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
name: test
on: [
push,
pull_request
]

jobs:
test:
runs-on: ubuntu-latest
steps:
- name: Install Go
uses: actions/setup-go@v2
with:
go-version: '^1.16.6'
- name: Checkout code
uses: actions/checkout@v2
- name: Test
run: make test
golangci-lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Install Go
uses: actions/setup-go@v2
with:
go-version: '^1.16.6'
- name: golangci-lint
uses: golangci/golangci-lint-action@v2
21 changes: 21 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
# Binaries for programs and plugins
*.exe
*.exe~
*.dll
*.so
*.dylib

# Test binary, built with `go test -c`
*.test

# Output of the go coverage tool, specifically when used with LiteIDE
*.out

# Dependency directories (remove the comment below to include it)
# vendor/

# Remove any built plugins
vault/plugins


!.vscode/launch.json
4 changes: 4 additions & 0 deletions .golangci.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
linters-settings:
govet:
enable:
- fieldalignment
34 changes: 34 additions & 0 deletions .goreleaser.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
# Visit https://goreleaser.com for documentation on how to customize this
# behavior.
before:
hooks:
- go mod tidy
builds:
- env:
# goreleaser does not work with CGO, it could also complicate
# usage by users in CI/CD systems like Terraform Cloud where
# they are unable to install libraries.
- CGO_ENABLED=0
mod_timestamp: '{{ .CommitTimestamp }}'
flags:
- -trimpath
ldflags:
- '-s -w -X main.version={{.Version}} -X main.commit={{.Commit}}'
goos:
- freebsd
- windows
- linux
- darwin
goarch:
- amd64
- arm64
binary: '{{ .ProjectName }}_v{{ .Version }}'
archives:
- format: zip
name_template: '{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}'
checksum:
name_template: '{{ .ProjectName }}_{{ .Version }}_SHA256SUMS'
algorithm: sha256
changelog:
skip: false
sort: asc
4 changes: 4 additions & 0 deletions Dockerfile.jenkins
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
FROM jenkins/jenkins:lts
COPY configs/jenkins/plugins.txt /usr/share/jenkins/ref/plugins.txt
COPY configs/jenkins/jenkins.yaml $JENKINS_HOME/jenkins.yaml
RUN /usr/local/bin/install-plugins.sh < /usr/share/jenkins/ref/plugins.txt
8 changes: 8 additions & 0 deletions Dockerfile.vault
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
FROM golang
WORKDIR /tmp/build
COPY . .
RUN GOOS=linux; go mod tidy && \
go build -ldflags="-s -w" -o vault-plugin-secrets-jenkins

FROM vault
COPY --from=0 --chown=vault /tmp/build/vault-plugin-secrets-jenkins /vault/plugins/
61 changes: 61 additions & 0 deletions Makefile
Original file line number Diff line number Diff line change
@@ -0,0 +1,61 @@
GOARCH = amd64

UNAME = $(shell uname -s)

ifndef OS
ifeq ($(UNAME), Linux)
OS = linux
else ifeq ($(UNAME), Darwin)
OS = darwin
endif
endif

.DEFAULT_GOAL := all

all: fmt build start

build:
GOOS="$(OS)" GOARCH="$(GOARCH)" go build -o vault/plugins/vault-plugin-secrets-jenkins
chmod 755 vault/plugins/*

start:
vault server -dev -dev-root-token-id=root -dev-plugin-dir=./vault/plugins

enable:
vault secrets enable -path=jenkins vault-plugin-secrets-jenkins

clean:
rm -f ./vault/plugins/vault-plugin-secrets-jenkins

fmt:
go fmt $$(go list ./...)

lint:
golangci-lint run -v

jenkins:
docker rm -f vault-jenkins
docker build -t vault-jenkins -f Dockerfile.jenkins .
docker run --name vault-jenkins -d --rm -p 8080:8080 vault-jenkins

test: jenkins
sleep 15
go test -v ./...

set-vault-var:
export VAULT_ADDR="http://localhost:8200"

enable-plugin: build
vault secrets enable vault-plugin-secrets-jenkins || exit 0
vault write sys/plugins/catalog/jenkins \
sha_256="$$(shasum -a 256 ./vault/plugins/vault-plugin-secrets-jenkins | cut -d " " -f1)" \
command="vault-plugin-secrets-jenkins"
vault write vault-plugin-secrets-jenkins/config url=http://localhost:8080 username=admin password=admin

token: set-vault-var enable-plugin
vault read vault-plugin-secrets-jenkins/tokens/mytoken ttl=30

user: set-vault-var enable-plugin
vault write vault-plugin-secrets-jenkins/users/myuser ttl=45 password=testpass fullname=fullname [email protected]

.PHONY: build clean fmt start enable
Loading

0 comments on commit fbab64d

Please sign in to comment.