convert package to use go/build and expand test coverage

Signed-off-by: Mark McCormick <[email protected]> Fix teleport build after refactor to go/build Signed-off-by: Mark McCormick <[email protected]> linter fixes Signed-off-by: Mark McCormick <[email protected]> bump to latest version and digest Signed-off-by: Mark McCormick <[email protected]> Expand functional test coverage Signed-off-by: Mark McCormick <[email protected]> removing duplicate test Signed-off-by: Mark McCormick <[email protected]> fix test Signed-off-by: Mark McCormick <[email protected]>
wolfi-dev · Nov 26, 2024 · d546a2e · d546a2e
1 parent ceb814e
commit d546a2e
Showing 1 changed file with 96 additions and 24 deletions.
diff --git a/teleport.yaml b/teleport.yaml
@@ -1,6 +1,6 @@
 package:
   name: teleport
-  version: 17.0.1
+  version: 17.0.2
   epoch: 0
   description: The easiest, and most secure way to access and protect all of your infrastructure.
   copyright:
@@ -18,6 +18,7 @@ environment:
       - build-base
       - busybox
       - ca-certificates-bundle
+      - cargo-auditable
       - corepack
       - go
       - node-gyp
@@ -26,6 +27,7 @@ environment:
       - openssl-dev
       - pnpm
       - python3
+      - rust
       - rustup
       - wasm-pack
       - yarn
@@ -35,32 +37,62 @@ pipeline:
   - uses: git-checkout
     with:
       repository: https://github.com/gravitational/teleport
-      expected-commit: dc5837102a82fdfc4807a8c760839f4ca4be08a9
+      expected-commit: a5c84e4b74f1da43a44bd6c18ae184f612fb26f6
       tag: v${{package.version}}
 
   - uses: go/bump
     with:
       deps: github.com/golang-jwt/jwt/[email protected]
 
   - runs: |
-      # https://github.com/gravitational/teleport#building-teleport
       mkdir -p "${{targets.contextdir}}"/var/lib/teleport
       mkdir -p "${{targets.contextdir}}"/usr/local/bin
 
-      # This build requires the stable version of rust, managed by rustup, because it requires a few other toolchains too.
       rustup install stable
+      rustup default stable
+      ARCH=$(uname -m)
+      export PATH="$HOME/.rustup/toolchains/stable-${ARCH}-unknown-linux-gnu/bin:$PATH"
       rustup target add wasm32-unknown-unknown
 
-      # This is a bit of a hack, but it's the easiest way to get the right version of rustc and cargo in the path.
-      export PATH="$HOME/.rustup/toolchains/stable-${{host.triplet.rust}}/bin:$PATH"
-      make full
+      pnpm config set package-import-method copy
 
-      # create me a for loop that iterates over the binaries in build/
-      # and installs them to "${{targets.contextdir}}"/usr/local/bin
-      for bin in build/*; do
-        echo "Installing $bin to /usr/local/bin"
-        install -Dm755 $bin -t "${{targets.contextdir}}"/usr/local/bin
-      done
+      # Install dependencies and build web assets
+      make ensure-js-deps
+      make ensure-webassets
+
+  - uses: go/build
+    with:
+      packages: ./tool/teleport
+      output: teleport
+      tags: webassets_embed,kustomize_disable_go_plugin_support
+
+  - uses: go/build
+    with:
+      packages: ./tool/tctl
+      output: tctl
+      tags: kustomize_disable_go_plugin_support
+
+  - uses: go/build
+    with:
+      packages: ./tool/tsh
+      output: tsh
+      tags: kustomize_disable_go_plugin_support
+
+  - uses: go/build
+    with:
+      packages: ./tool/tbot
+      output: tbot
+      tags: kustomize_disable_go_plugin_support
+
+  - uses: go/build
+    with:
+      packages: ./tool/teleport-update
+      output: teleport-update
+      tags: kustomize_disable_go_plugin_support
+
+  - runs: |
+      cd tool/fdpass-teleport && cargo build --release --locked
+      install -Dm755 target/release/fdpass-teleport "${{targets.contextdir}}"/usr/local/bin/
 
   - uses: strip
 
@@ -76,17 +108,8 @@ test:
       packages:
         - wait-for-it
   pipeline:
-    - runs: |
-        teleport configure -o file
-        teleport start -c /etc/teleport.yaml &
-
-        # wait for teleport to start :3080
-        wait-for-it localhost:3080 -t 10
-
-        echo "Teleport is running on port 3080!"
-
-        # create a user
-        tctl get roles --format=text
+    - name: Binary checks
+      runs: |
         tbot version
         tbot --help
         tctl version
@@ -95,3 +118,52 @@ test:
         teleport --help
         tsh version
         tsh --help
+    - name: Functionality test
+      runs: |
+        #!/bin/bash
+        set -e
+
+        # Create required directories
+        mkdir -p /tmp/teleport
+        mkdir -p /var/lib/teleport
+
+        # Create minimal config file for auth server
+        cat <<-EOF > /tmp/teleport-auth.yaml
+          version: v3
+          teleport:
+            data_dir: /tmp/teleport
+            log:
+              output: stderr
+              severity: DEBUG
+          auth_service:
+            enabled: "yes"
+            cluster_name: "test-cluster"
+            listen_addr: 127.0.0.1:3025
+            tokens:
+              - "proxy,node:test123"
+          proxy_service:
+            enabled: "no"
+          ssh_service:
+            enabled: "no"
+        EOF
+
+        # Initialize auth server with static UUID for tctl
+        echo "00000000-0000-0000-0000-000000000000" > /var/lib/teleport/host_uuid
+        chmod 644 /var/lib/teleport/host_uuid
+
+        # Start auth server
+        teleport start --config=/tmp/teleport-auth.yaml --roles=auth &
+        AUTH_PID=$!
+
+        # Wait for auth server
+        wait-for-it 127.0.0.1:3025 -t 30 || (kill $AUTH_PID; exit 1)
+
+        # Give auth server time to initialize
+        sleep 5
+
+        # Create base64 encoded config for tctl
+        TCTL_CONFIG=$(base64 /tmp/teleport-auth.yaml)
+        TELEPORT_CONFIG="$TCTL_CONFIG" tctl get roles --format=text
+
+        echo "Basic services test successful!"
+        kill $AUTH_PID