diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f2baee495..d528f1b42 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -41,15 +41,20 @@ jobs: debvers: 'ubuntu/xenial ubuntu/bionic ubuntu/focal ubuntu/jammy debian/jessie debian/buster debian/bullseye debian/bookworm' outputs: tags: ${{ steps.ci_metadata.outputs.tags }} - commit_author: ${{ steps.fetch-author.outputs.commit_author}} + commit_author: ${{ steps.set_outputs.outputs.commit_author}} steps: - name: Checkout of tyk-pump uses: actions/checkout@v4 with: fetch-depth: 1 - - name: Get commit author - id: fetch-author - run: echo "commit_author=$(git show -s --format='%ae' HEAD)" >> $GITHUB_OUTPUT + - name: Set some outputs for later + id: set_outputs + shell: bash + env: + HEAD_REF: ${{github.head_ref}} + run: | + echo "commit_author=$(git show -s --format='%ae' HEAD)" >> $GITHUB_OUTPUT + echo "branch=${HEAD_REF##*/}" >> $GITHUB_OUTPUT - uses: docker/setup-qemu-action@v3 - uses: docker/setup-buildx-action@v3 - name: Login to DockerHub @@ -75,7 +80,7 @@ jobs: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} - name: Build env: - NFPM_STD_PASSPHRASE: ${{ secrets.SIGNING_KEY_PASSPHRASE }} + NFPM_PASSPHRASE: ${{ secrets.SIGNING_KEY_PASSPHRASE }} PKG_SIGNING_KEY: ${{ secrets.SIGNING_KEY }} PACKAGECLOUD_TOKEN: ${{ secrets.PACKAGECLOUD_TOKEN }} run: | @@ -90,7 +95,7 @@ jobs: -e DEBVERS='${{ matrix.debvers }}' \ -e RPMVERS='${{ matrix.rpmvers }}' \ -e CGO_ENABLED=${{ matrix.cgo }} \ - -e NFPM_STD_PASSPHRASE="$NFPM_STD_PASSPHRASE" \ + -e NFPM_PASSPHRASE="$NFPM_PASSPHRASE" \ -e GPG_FINGERPRINT=12B5D62C28F57592D1575BD51ED14C59E37DAC20 \ -e PKG_SIGNING_KEY="$PKG_SIGNING_KEY" \ -e PACKAGECLOUD_TOKEN=$PACKAGECLOUD_TOKEN \ @@ -128,23 +133,56 @@ jobs: type=ref,event=branch type=ref,event=pr type=sha,format=long - type=semver,pattern=v{{major}}.{{minor}},prefix=v - type=semver,pattern=v{{version}},prefix=v - - name: CI push + type=semver,pattern={{major}},prefix=v + type=semver,pattern={{major}}.{{minor}},prefix=v + type=semver,pattern={{version}},prefix=v + - name: push image to CI if: ${{ matrix.golang_cross == '1.21-bookworm' }} - shell: bash - env: - t: ${{ steps.ci_metadata.outputs.tags }} - build_tag: ${{ startswith(github.ref, 'refs/tags') && github.ref_name || 'v0.0.0' }} - run: | - set +e - IFS=$'\n' tags=($t) - for tag in "${tags[@]}"; do - for arch in amd64 arm64; do - docker tag tykio/tyk-pump-docker-pub:${build_tag}-${arch} ${tag}-${arch} && docker push ${tag}-${arch} - done - docker manifest create ${tag} ${tag}-amd64 ${tag}-arm64 && docker manifest push ${tag} - done + uses: docker/build-push-action@v5 + with: + context: "dist" + platforms: linux/amd64,linux/arm64 + file: ci/Dockerfile.distroless + provenance: mode=max + sbom: true + push: true + cache-from: type=gha + cache-to: type=gha,mode=max + tags: ${{ steps.ci_metadata.outputs.tags }} + labels: ${{ steps.tag_metadata.outputs.labels }} + - name: Docker metadata for tag push + id: tag_metadata + uses: docker/metadata-action@v5 + with: + images: | + tykio/tyk-pump-docker-pub + docker.tyk.io/tyk-pump/tyk-pump + flavor: | + latest=false + prefix=v + tags: | + type=semver,pattern={{major}} + type=semver,pattern={{major}}.{{minor}} + type=semver,pattern={{version}} + labels: | + org.opencontainers.image.title=tyk-pump (distroless) + org.opencontainers.image.description=Tyk Analytics Pump to move analytics data from Redis to any supported back end (multiple back ends can be written to at once). + org.opencontainers.image.vendor=tyk.io + org.opencontainers.image.version=${{ github.ref_name }} + - name: build multiarch image + if: ${{ matrix.golang_cross == '1.21-bookworm' }} + uses: docker/build-push-action@v5 + with: + context: "dist" + platforms: linux/amd64,linux/arm64 + file: ci/Dockerfile.distroless + provenance: mode=max + sbom: true + cache-from: type=gha + cache-to: type=gha,mode=max + push: ${{ startsWith(github.ref, 'refs/tags') }} + tags: ${{ steps.tag_metadata.outputs.tags }} + labels: ${{ steps.tag_metadata.outputs.labels }} - uses: actions/upload-artifact@v4 if: ${{ matrix.golang_cross == '1.21-bookworm' }} with: @@ -163,30 +201,35 @@ jobs: !dist/*PAYG*.rpm test-controller-api: needs: goreleaser - runs-on: ubuntu-latest-m-2 - container: tykio/gromit:v1.7 + runs-on: ubuntu-latest outputs: - conf: ${{ steps.params.outputs.api_conf }} - db: ${{ steps.params.outputs.api_db }} + envfiles: ${{ steps.params.outputs.envfiles }} pump: ${{ steps.params.outputs.pump }} sink: ${{ steps.params.outputs.sink }} - gd_tag: ${{ steps.params.outputs.gd_tag }} - versions: ${{ steps.params.outputs.versions }} - exclude: ${{ steps.params.outputs.exclude }} steps: - name: set params id: params + shell: bash env: - REPO: ${{ github.repository }} # Cover pull_request_target too BASE_REF: ${{startsWith(github.event_name, 'pull_request') && github.base_ref || github.ref}} - TAGS: ${{ needs.goreleaser.outputs.tags }} - IS_PR: ${{startsWith(github.event_name, 'pull_request') && 'yes' }} - IS_TAG: ${{startsWith(github.ref, 'refs/tags') && 'yes' }} - JOB: api - run: gromit policy controller --loglevel debug | tee -a "$GITHUB_OUTPUT" + run: | + set -eo pipefail + endpoint="http://tui.internal.dev.tyk.technology/api/tyk-pump/$BASE_REF/${{ github.event_name}}/api" + curl="curl -s --retry 5 --retry-delay 10 --fail-with-body --retry-all-errors" + echo "pump<versions.env + echo '# alfa and beta have to come after the override + tyk_alfa_image=$tyk_image + tyk_beta_image=$tyk_image + ECR=${{steps.ecr.outputs.registry}} tyk_sink_image=${{matrix.sink}} confs_dir=./pro-ha - env_file=local-${{ matrix.db }}.env" > versions.env + env_file=local-${{ matrix.envfiles.db }}.env' >> versions.env echo "::group::versions" cat versions.env echo "::endgroup::" # Add Tyk component config variations to $env_file - cat confs/${{ matrix.conf }}.env >> local-${{ matrix.db }}.env + cat confs/${{ matrix.envfiles.config }}.env >> local-${{ matrix.envfiles.db }}.env # bring up env, the project name is important - docker compose -p auto -f pro-ha.yml -f deps_pro-ha.yml -f ${{ matrix.db }}.yml --env-file versions.env --profile master-datacenter up --quiet-pull -d + docker compose -p auto -f pro-ha.yml -f deps_pro-ha.yml -f ${{ matrix.envfiles.db }}.yml -f ${{ matrix.envfiles.cache }}.yml --env-file versions.env --profile master-datacenter up --quiet-pull -d ./dash-bootstrap.sh http://localhost:3000 - docker compose -p auto -f pro-ha.yml -f deps_pro-ha.yml -f ${{ matrix.db }}.yml --env-file versions.env --profile slave-datacenter up --quiet-pull -d + docker compose -p auto -f pro-ha.yml -f deps_pro-ha.yml -f ${{ matrix.envfiles.db }}.yml -f ${{ matrix.envfiles.cache }}.yml --env-file versions.env --profile slave-datacenter up --quiet-pull -d - name: Run tests working-directory: auto id: test_execution + env: + # Cover pull_request_target too + BASE_REF: ${{startsWith(github.event_name, 'pull_request') && github.base_ref || github.ref}} run: | # Generate report id echo "id=$(date +%s%N)" >> $GITHUB_OUTPUT # Run tests set -o pipefail - echo "### API tests ${{ matrix.db }} ${{ matrix.conf }}" >> $GITHUB_STEP_SUMMARY + echo "### API tests ${{ matrix.envfiles.db }} ${{ matrix.envfiles.conf }}" >> $GITHUB_STEP_SUMMARY if docker run --rm --network auto_default --env-file pytest.env -v ${{ github.workspace }}/reports:/app/reports \ - ${{ steps.ecr.outputs.registry }}/tyk-automated-tests:${{ needs.test-controller-api.outputs.gd_tag }} \ + ${{ steps.ecr.outputs.registry }}/tyk-automated-tests:$BASE_REF \ pytest -c pytest_ci.ini --junitxml=./${XUNIT_REPORT_PATH#"${{ github.workspace }}"} --ci -m "not local and not dind ${{ matrix.markers }}" | tee tests.out; then echo "All tests passed!" >> $GITHUB_STEP_SUMMARY else - echo "::error title=API tests ${{ matrix.db }} ${{ matrix.conf }}::Test execution failed" + echo "::error title=API tests ${{ matrix.envfiles.db }} ${{ matrix.envfiles.conf }}::Test execution failed" cat tests.out >> $GITHUB_STEP_SUMMARY exit 1 fi @@ -276,6 +323,7 @@ jobs: if: always() && steps.test_execution.outcome != 'skipped' id: metadata_report env: + BASE_REF: ${{startsWith(github.event_name, 'pull_request') && github.base_ref || github.ref}} REPORT_NAME: ${{ github.repository }}_${{ github.run_id }}_${{ github.run_attempt }}-${{steps.test_execution.outputs.id}} run: | # Generate metadata report @@ -283,11 +331,12 @@ jobs: repo = ${{ github.repository }} branch = ${{ github.ref }} commit = ${{ github.sha }} - test_suite_version = ${{ needs.test-controller-api.outputs.gd_tag }} + test_suite_version = $BASE_REF test_suite_name = ${{ github.job }} test_suite_run = ${{ github.run_id }}-${{ github.run_attempt }} - db = ${{ matrix.db }} - conf = ${{ matrix.conf }} + db = ${{ matrix.envfiles.db }} + conf = ${{ matrix.envfiles.config }} + cache = ${{ matrix.envfiles.cache }} pump_compatibility = ${{ matrix.pump }} sink_compatibility = ${{ matrix.sink }} " > ${METADATA_REPORT_PATH} @@ -310,9 +359,8 @@ jobs: TYK_DB_LICENSEKEY: ${{ secrets.DASH_LICENSE }} TYK_MDCB_LICENSE: ${{ secrets.MDCB_LICENSE }} ECR: ${{ steps.ecr.outputs.registry }} - VERSIONS: ${{ needs.test-controller-api.outputs.versions }} run: | - docker compose -p auto -f pro-ha.yml -f deps_pro-ha.yml -f ${{ matrix.db }}.yml --env-file versions.env --profile all logs | sort > ${{ github.workspace }}/docker-compose.log + docker compose -p auto -f pro-ha.yml -f deps_pro-ha.yml -f ${{ matrix.envfiles.db }}.yml -f ${{ matrix.envfiles.cache }}.yml --env-file versions.env --profile all logs | sort > ${{ github.workspace }}/docker-compose.log echo "::group::DockerLogs" cat ${{ github.workspace }}/docker-compose.log echo "::endgroup::" @@ -320,7 +368,7 @@ jobs: uses: actions/upload-artifact@v4 if: failure() && (steps.test_execution.outcome != 'success' || steps.env_up.outcome != 'success') with: - name: docker-compose-logs-${{ github.job }}-${{ matrix.db }}-${{ matrix.conf }}-${{ github.run_id }} + name: docker-compose-logs-${{ github.job }}-${{ matrix.envfiles.db }}-${{ matrix.envfiles.conf }}-${{ github.run_id }} path: ${{ github.workspace }}/docker-compose.log retention-days: 3 overwrite: true @@ -328,84 +376,10 @@ jobs: if: always() uses: actions/upload-artifact@v4 with: - name: api-test-report-${{ matrix.db }}-${{ matrix.conf }}-${{ github.run_id }} + name: api-test-report-${{ matrix.envfiles.db }}-${{ matrix.envfiles.conf }}-${{ github.run_id }} retention-days: 3 path: ${{ github.workspace }}/reports overwrite: true - - name: Fetch commit author - if: failure() && steps.test_execution.outcome != 'success' && github.event_name == 'push' - env: - USER_EMAIL: ${{ needs.goreleaser.outputs.commit_author }} - run: echo "GIT_USER_EMAIL=$USER_EMAIL" >> $GITHUB_ENV - - name: Fetch slack user - if: failure() && steps.test_execution.outcome != 'success' && github.event_name == 'push' - id: fetch_slack_user - uses: TykTechnologies/github-actions/.github/actions/github-to-slack@main - with: - github_email: ${{ env.GIT_USER_EMAIL }} - - name: Notify slack - if: failure() && steps.test_execution.outcome != 'success' && github.event_name == 'push' - uses: rtCamp/action-slack-notify@v2 - env: - SLACK_WEBHOOK: ${{ secrets.API_TEST_ALERT_SLACK_WEBHOOK }} - SLACK_COLOR: ${{ job.status }} - SLACK_TITLE: "Result: ${{ steps.test_execution.outcome }}" - SLACK_USERNAME: API INTEGRATION TESTS - SLACK_MESSAGE: "*Test*: ${{ matrix.db }}-${{ matrix.conf }}, *Author*: ${{ steps.fetch_slack_user.outputs.slack-user-name }}" - SLACK_FOOTER: "" - distroless: - runs-on: ubuntu-latest - needs: goreleaser - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 1 - - uses: actions/download-artifact@v4 - with: - name: deb - - uses: docker/setup-qemu-action@v3 - - uses: docker/setup-buildx-action@v3 - - name: Login to DockerHub - if: startsWith(github.ref, 'refs/tags') - uses: docker/login-action@v3 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - - name: Login to Cloudsmith - if: startsWith(github.ref, 'refs/tags') - uses: docker/login-action@v3 - with: - registry: docker.tyk.io - username: ${{ secrets.CLOUDSMITH_USERNAME }} - password: ${{ secrets.CLOUDSMITH_API_KEY }} - - name: Docker metadata for distroless - id: distroless_metadata - uses: docker/metadata-action@v5 - with: - images: | - tykio/tyk-pump-docker-pub - docker.tyk.io/tyk-pump/tyk-pump - flavor: | - latest=false - prefix=s - tags: | - type=semver,pattern={{major}} - type=semver,pattern={{major}}.{{minor}} - type=semver,pattern={{version}} - labels: | - org.opencontainers.image.title=tyk-pump (distroless) - org.opencontainers.image.description=Tyk Analytics Pump to move analytics data from Redis to any supported back end (multiple back ends can be written to at once). - org.opencontainers.image.vendor=tyk.io - org.opencontainers.image.version=${{ github.ref_name }} - - name: build distroless image - uses: docker/build-push-action@v5 - with: - context: "." - platforms: linux/amd64,linux/arm64 - file: ci/Dockerfile.distroless - push: ${{ startsWith(github.ref, 'refs/tags') }} - tags: ${{ steps.distroless_metadata.outputs.tags }} - labels: ${{ steps.distroless_metadata.outputs.labels }} upgrade-deb: services: httpbin.org: @@ -496,4 +470,4 @@ jobs: secrets: DEPDASH_URL: ${{ secrets.DEPDASH_URL }} DEPDASH_KEY: ${{ secrets.DEPDASH_KEY }} - ORG_GH_TOKEN: ${{ secrets.ORG_GH_TOKEN }} \ No newline at end of file + ORG_GH_TOKEN: ${{ secrets.ORG_GH_TOKEN }} diff --git a/ci/Dockerfile.distroless b/ci/Dockerfile.distroless index 28aba2543..f134fb32f 100644 --- a/ci/Dockerfile.distroless +++ b/ci/Dockerfile.distroless @@ -6,7 +6,7 @@ ARG TARGETARCH ENV DEBIAN_FRONTEND=noninteractive COPY *${TARGETARCH}.deb / -RUN dpkg -i /tyk-pump*${TARGETARCH}.deb && rm /*.deb +RUN rm -f /*fips*.deb && dpkg -i /tyk-pump*${TARGETARCH}.deb && rm /*.deb FROM gcr.io/distroless/static-debian12:nonroot @@ -16,5 +16,6 @@ ARG PORTS EXPOSE $PORTS WORKDIR /opt/tyk-pump/ + ENTRYPOINT ["/opt/tyk-pump/tyk-pump" ] -CMD [ "--conf=/opt/tyk-pump/pump.conf" ] \ No newline at end of file +CMD [ "--conf=/opt/tyk-pump/pump.conf" ] diff --git a/ci/Dockerfile.std b/ci/Dockerfile.std index ce385acb0..0c3bcb34b 100644 --- a/ci/Dockerfile.std +++ b/ci/Dockerfile.std @@ -21,7 +21,7 @@ RUN rm -rf /root/.cache \ # Comment this to test in dev COPY *${TARGETARCH}.deb / -RUN dpkg -i /tyk-pump*${TARGETARCH}.deb && rm /*.deb +RUN rm -f /*fips*.deb && dpkg -i /tyk-pump*${TARGETARCH}.deb && rm /*.deb ARG PORTS diff --git a/ci/bin/unlock-agent.sh b/ci/bin/unlock-agent.sh index 3b58a58d4..ba9d64077 100755 --- a/ci/bin/unlock-agent.sh +++ b/ci/bin/unlock-agent.sh @@ -3,8 +3,8 @@ # Generated by: gromit policy # Get the GPG fingerprint with gpg --with-keygrip --list-secret-keys -if [[ -z "${PKG_SIGNING_KEY}" || -z "${NFPM_STD_PASSPHRASE}" || -z "${GPG_FINGERPRINT}" ]]; then - echo "No private key set, packages cannnot be signed. Set PKG_SIGNING_KEY, NFPM_STD_PASSPHRASE and GPG_FINGERPRINT" +if [[ -z "${PKG_SIGNING_KEY}" || -z "${NFPM_PASSPHRASE}" || -z "${GPG_FINGERPRINT}" ]]; then + echo "No private key set, packages cannnot be signed. Set PKG_SIGNING_KEY, NFPM_PASSPHRASE and GPG_FINGERPRINT" exit 1 fi @@ -33,5 +33,5 @@ echo "$PKG_SIGNING_KEY" > tyk.io.signing.key chmod 400 tyk.io.signing.key # archive signing can work with gpg -/usr/lib/gnupg2/gpg-preset-passphrase --passphrase $NFPM_STD_PASSPHRASE --preset $GPG_FINGERPRINT +/usr/lib/gnupg2/gpg-preset-passphrase --passphrase $NFPM_PASSPHRASE --preset $GPG_FINGERPRINT gpg --import --batch --yes tyk.io.signing.key || ( cat /gpg-agent.log; exit 1 ) diff --git a/ci/goreleaser/goreleaser.yml b/ci/goreleaser/goreleaser.yml index 21a124249..b5f78e94d 100644 --- a/ci/goreleaser/goreleaser.yml +++ b/ci/goreleaser/goreleaser.yml @@ -18,77 +18,23 @@ builds: - arm64 - s390x binary: tyk-pump - -dockers: - # Build tykio/tyk-pump-docker-pub, docker.tyk.io/tyk-pump/tyk-pump (amd64) - - ids: - - std - image_templates: - - "tykio/tyk-pump-docker-pub:{{.Tag}}-amd64" - - "docker.tyk.io/tyk-pump/tyk-pump:{{.Tag}}-amd64" - build_flag_templates: - - "--build-arg=PORTS=80" - - "--platform=linux/amd64" - - "--label=org.opencontainers.image.created={{.Date}}" - - "--label=org.opencontainers.image.title={{.ProjectName}}" - - "--label=org.opencontainers.image.revision={{.FullCommit}}" - - "--label=org.opencontainers.image.version={{.Version}}" - use: buildx - goarch: amd64 - goos: linux - dockerfile: ci/Dockerfile.std - extra_files: - - "ci/install/" - - "README.md" - - "LICENSE.md" - - "pump.example.conf" - # Build tykio/tyk-pump-docker-pub, docker.tyk.io/tyk-pump/tyk-pump (arm64) - - ids: - - std - image_templates: - - "tykio/tyk-pump-docker-pub:{{.Tag}}-arm64" - - "docker.tyk.io/tyk-pump/tyk-pump:{{.Tag}}-arm64" - build_flag_templates: - - "--build-arg=PORTS=80" - - "--platform=linux/arm64" - - "--label=org.opencontainers.image.created={{.Date}}" - - "--label=org.opencontainers.image.title={{.ProjectName}}" - - "--label=org.opencontainers.image.revision={{.FullCommit}}" - - "--label=org.opencontainers.image.version={{.Version}}" - use: buildx - goarch: arm64 - goos: linux - dockerfile: ci/Dockerfile.std - extra_files: - - "ci/install/" - - "README.md" - - "LICENSE.md" - - "pump.example.conf" - -docker_manifests: - - name_template: tykio/tyk-pump-docker-pub:{{ .Tag }} - image_templates: - - tykio/tyk-pump-docker-pub:{{ .Tag }}-amd64 - - tykio/tyk-pump-docker-pub:{{ .Tag }}-arm64 - - name_template: tykio/tyk-pump-docker-pub:v{{ .Major }}.{{ .Minor }}{{.Prerelease}} - image_templates: - - tykio/tyk-pump-docker-pub:{{ .Tag }}-amd64 - - tykio/tyk-pump-docker-pub:{{ .Tag }}-arm64 - - name_template: tykio/tyk-pump-docker-pub:v{{ .Major }}{{.Prerelease}} - image_templates: - - tykio/tyk-pump-docker-pub:{{ .Tag }}-amd64 - - tykio/tyk-pump-docker-pub:{{ .Tag }}-arm64 - - name_template: docker.tyk.io/tyk-pump/tyk-pump:{{ .Tag }} - image_templates: - - docker.tyk.io/tyk-pump/tyk-pump:{{ .Tag }}-amd64 - - docker.tyk.io/tyk-pump/tyk-pump:{{ .Tag }}-arm64 - + - id: fips + ldflags: + - -X github.com/TykTechnologies/tyk-pump/pumps.Version={{.Version}} + - -X github.com/TykTechnologies/tyk-pump/pumps.Commit={{.FullCommit}} + - -X github.com/TykTechnologies/tyk-pump/pumps.BuildDate={{.Date}} + - -X github.com/TykTechnologies/tyk-pump/pumps.BuiltBy=goreleaser + goos: + - linux + goarch: + - amd64 + binary: tyk-pump nfpms: - id: std vendor: "Tyk Technologies Ltd" homepage: "https://tyk.io" maintainer: "Tyk " - description: Tyk Analytics Pump to move analytics data from Redis to any supported backend (multiple backends can be written to at once). + description: Tyk Analytics Pump to move analytics data from Redis to any supported back end (multiple back ends can be written to at once). package_name: tyk-pump file_name_template: "{{ .ConventionalFileName }}" builds: @@ -102,13 +48,53 @@ nfpms: - src: "ci/install/*" dst: "/opt/tyk-pump/install" - src: ci/install/inits/systemd/system/tyk-pump.service - dst: "/lib/systemd/system/tyk-pump.service" + dst: /lib/systemd/system/tyk-pump.service - src: ci/install/inits/sysv/init.d/tyk-pump - dst: "/etc/init.d/tyk-pump" + dst: /etc/init.d/tyk-pump - src: "LICENSE.md" dst: "/opt/share/docs/tyk-pump/LICENSE.md" - src: pump.example.conf - dst: "/opt/tyk-pump/pump.conf" + dst: /opt/tyk-pump/pump.conf + type: "config|noreplace" + scripts: + preinstall: "ci/install/before_install.sh" + postinstall: "ci/install/post_install.sh" + postremove: "ci/install/post_remove.sh" + bindir: "/opt/tyk-pump" + rpm: + scripts: + posttrans: ci/install/post_trans.sh + signature: + key_file: tyk.io.signing.key + deb: + signature: + key_file: tyk.io.signing.key + type: origin + - id: fips + vendor: "Tyk Technologies Ltd" + homepage: "https://tyk.io" + maintainer: "Tyk " + description: Tyk Analytics Pump to move analytics data from Redis to any supported back end (multiple back ends can be written to at once). + package_name: tyk-pump-fips + file_name_template: "{{ .ConventionalFileName }}" + builds: + - fips + formats: + - deb + - rpm + contents: + - src: "README.md" + dst: "/opt/share/docs/tyk-pump/README.md" + - src: "ci/install/*" + dst: "/opt/tyk-pump/install" + - src: ci/install/inits/systemd/system/tyk-pump.service + dst: /lib/systemd/system/tyk-pump.service + - src: ci/install/inits/sysv/init.d/tyk-pump + dst: /etc/init.d/tyk-pump + - src: "LICENSE.md" + dst: "/opt/share/docs/tyk-pump/LICENSE.md" + - src: pump.example.conf + dst: /opt/tyk-pump/pump.conf type: "config|noreplace" scripts: preinstall: "ci/install/before_install.sh" @@ -129,7 +115,6 @@ publishers: env: - PACKAGECLOUD_TOKEN={{ .Env.PACKAGECLOUD_TOKEN }} cmd: packagecloud publish --debvers "{{ .Env.DEBVERS }}" --rpmvers "{{ .Env.RPMVERS }}" tyk/tyk-pump-unstable {{ .ArtifactPath }} - # This disables archives archives: - format: binary