-
Notifications
You must be signed in to change notification settings - Fork 160
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #413 from chef/nikhil-CHEF-14471-chef-vault-hab-pa…
…ckage Package chef-vault as an hab package
- Loading branch information
Showing
3 changed files
with
183 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,92 @@ | ||
| $ErrorActionPreference = "Stop" | ||
| $PSDefaultParameterValues['*:ErrorAction']='Stop' | ||
|
|
||
| $env:HAB_BLDR_CHANNEL = "LTS-2024" | ||
| $pkg_name="chef-vault" | ||
| $pkg_origin="chef" | ||
| $pkg_version=$(Get-Content "$PLAN_CONTEXT/../VERSION") | ||
| $pkg_maintainer="The Chef Maintainers <[email protected]>" | ||
|
|
||
| $pkg_deps=@( | ||
| "chef/ruby31-plus-devkit" | ||
| "core/git" | ||
| ) | ||
| $pkg_bin_dirs=@("bin" | ||
| "vendor/bin") | ||
| $project_root= (Resolve-Path "$PLAN_CONTEXT/../").Path | ||
|
|
||
| function pkg_version { | ||
| Get-Content "$SRC_PATH/VERSION" | ||
| } | ||
|
|
||
| function Invoke-Before { | ||
| Set-PkgVersion | ||
| } | ||
| function Invoke-SetupEnvironment { | ||
| Push-RuntimeEnv -IsPath GEM_PATH "$pkg_prefix/vendor" | ||
|
|
||
| Set-RuntimeEnv APPBUNDLER_ALLOW_RVM "true" # prevent appbundler from clearing out the carefully constructed runtime GEM_PATH | ||
| Set-RuntimeEnv FORCE_FFI_YAJL "ext" | ||
| Set-RuntimeEnv LANG "en_US.UTF-8" | ||
| Set-RuntimeEnv LC_CTYPE "en_US.UTF-8" | ||
| } | ||
|
|
||
| function Invoke-Build { | ||
| try { | ||
| $env:Path += ";c:\\Program Files\\Git\\bin" | ||
| Push-Location $project_root | ||
| $env:GEM_HOME = "$HAB_CACHE_SRC_PATH/$pkg_dirname/vendor" | ||
|
|
||
| Write-BuildLine " ** Configuring bundler for this build environment" | ||
| bundle config --local without integration deploy maintenance | ||
| bundle config --local jobs 4 | ||
| bundle config --local retry 5 | ||
| bundle config --local silence_root_warning 1 | ||
| Write-BuildLine " ** Using bundler to retrieve the Ruby dependencies" | ||
| bundle install | ||
|
|
||
| gem build chef-vault.gemspec | ||
| Write-BuildLine " ** Using gem to install" | ||
| gem install chef-vault*.gem --no-document | ||
|
|
||
| If ($lastexitcode -ne 0) { Exit $lastexitcode } | ||
| } finally { | ||
| Pop-Location | ||
| } | ||
| } | ||
|
|
||
| function Invoke-Install { | ||
| Write-BuildLine "** Copy built & cached gems to install directory" | ||
| Copy-Item -Path "$HAB_CACHE_SRC_PATH/$pkg_dirname/*" -Destination $pkg_prefix -Recurse -Force -Exclude @("gem_make.out", "mkmf.log", "Makefile", | ||
| "*/latest", "latest", | ||
| "*/JSON-Schema-Test-Suite", "JSON-Schema-Test-Suite") | ||
|
|
||
| try { | ||
| Push-Location $pkg_prefix | ||
| bundle config --local gemfile $project_root/Gemfile | ||
| Write-BuildLine "** generating binstubs for chef-vault with precise version pins" | ||
| Write-BuildLine "** generating binstubs for chef-vault with precise version pins $project_root $pkg_prefix/bin " | ||
| Invoke-Expression -Command "appbundler.bat $project_root $pkg_prefix/bin chef-vault" | ||
| If ($lastexitcode -ne 0) { Exit $lastexitcode } | ||
| Write-BuildLine " ** Running the chef-vault project's 'rake install' to install the path-based gems so they look like any other installed gem." | ||
|
|
||
| If ($lastexitcode -ne 0) { Exit $lastexitcode } | ||
| } finally { | ||
| Pop-Location | ||
| } | ||
| } | ||
|
|
||
| function Invoke-After { | ||
| # We don't need the cache of downloaded .gem files ... | ||
| Remove-Item $pkg_prefix/vendor/cache -Recurse -Force | ||
| # We don't need the gem docs. | ||
| Remove-Item $pkg_prefix/vendor/doc -Recurse -Force | ||
| # We don't need to ship the test suites for every gem dependency, | ||
| # only inspec's for package verification. | ||
| Get-ChildItem $pkg_prefix/vendor/gems -Filter "spec" -Directory -Recurse -Depth 1 ` | ||
| | Where-Object -FilterScript { $_.FullName -notlike "*chef-vault*" } ` | ||
| | Remove-Item -Recurse -Force | ||
| # Remove the byproducts of compiling gems with extensions | ||
| Get-ChildItem $pkg_prefix/vendor/gems -Include @("gem_make.out", "mkmf.log", "Makefile") -File -Recurse ` | ||
| | Remove-Item -Force | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,90 @@ | ||
| export HAB_BLDR_CHANNEL="LTS-2024" | ||
| _chef_client_ruby="core/ruby3_1" | ||
| pkg_name="chef-vault" | ||
| pkg_origin="chef" | ||
| pkg_maintainer="The Chef Maintainers <[email protected]>" | ||
| pkg_description="Gem that allows you to encrypt a Chef Data Bag Item using the public keys of a list of chef nodes. This allows only those chef nodes to decrypt the encrypted values." | ||
| pkg_license=('Apache-2.0') | ||
| pkg_bin_dirs=( | ||
| bin | ||
| vendor/bin | ||
| ) | ||
| pkg_build_deps=( | ||
| core/make | ||
| core/bash | ||
| core/gcc | ||
| core/libarchive | ||
| ) | ||
| pkg_deps=( | ||
| $_chef_client_ruby | ||
| core/coreutils | ||
| core/git | ||
| ) | ||
| pkg_svc_user=root | ||
|
|
||
| pkg_version() { | ||
| cat "$SRC_PATH/VERSION" | ||
| } | ||
|
|
||
| do_before() { | ||
| update_pkg_version | ||
| } | ||
|
|
||
| do_unpack() { | ||
| mkdir -pv "$HAB_CACHE_SRC_PATH/$pkg_dirname" | ||
| cp -RT "$PLAN_CONTEXT"/.. "$HAB_CACHE_SRC_PATH/$pkg_dirname/" | ||
| } | ||
|
|
||
| do_build() { | ||
| echo $(pkg_path_for $_chef_client_ruby) | ||
| export GEM_HOME="$pkg_prefix/vendor/gems" | ||
|
|
||
| build_line "Setting GEM_PATH=$GEM_HOME" | ||
| export GEM_PATH="$GEM_HOME" | ||
| bundle config --local without integration deploy maintenance | ||
| bundle config --local jobs 4 | ||
| bundle config --local retry 5 | ||
| bundle config --local silence_root_warning 1 | ||
| bundle install | ||
| gem build chef-vault.gemspec | ||
| } | ||
|
|
||
| do_install() { | ||
| export GEM_HOME="$pkg_prefix/vendor/gems" | ||
|
|
||
| build_line "Setting GEM_PATH=$GEM_HOME" | ||
| export GEM_PATH="$GEM_HOME" | ||
| gem install chef-vault-*.gem --no-document | ||
| wrap_ruby_chef_vault | ||
| set_runtime_env "GEM_PATH" "${pkg_prefix}/vendor/gems" | ||
| } | ||
|
|
||
| wrap_ruby_chef_vault() { | ||
| local bin="$pkg_prefix/bin/chef-vault" | ||
| local real_bin="$GEM_HOME/gems/chef-vault-${pkg_version}/bin/chef-vault" | ||
| wrap_bin_with_ruby "$bin" "$real_bin" | ||
| } | ||
|
|
||
| wrap_bin_with_ruby() { | ||
| local bin="$1" | ||
| local real_bin="$2" | ||
| build_line "Adding wrapper $bin to $real_bin" | ||
| cat <<EOF > "$bin" | ||
| #!$(pkg_path_for core/bash)/bin/bash | ||
| set -e | ||
| # Set binary path that allows chef-vault to use non-Hab pkg binaries | ||
| export PATH="/sbin:/usr/sbin:/usr/local/sbin:/usr/local/bin:/usr/bin:/bin:\$PATH" | ||
| # Set Ruby paths defined from 'do_setup_environment()' | ||
| export GEM_HOME="$pkg_prefix/vendor/gems" | ||
| export GEM_PATH="\$GEM_HOME" | ||
| exec $(pkg_path_for $_chef_client_ruby)/bin/ruby $real_bin \$@ | ||
| EOF | ||
| chmod -v 755 "$bin" | ||
| } | ||
|
|
||
| do_strip() { | ||
| return 0 | ||
| } |