Build configuration

Dockerfile

@@ -0,0 +1,32 @@
+# This stage is parametrized to replicate the same environment GlooE was built in.
+# All ARGs need to be set via the docker `--build-arg` flags.
+ARG GO_BUILD_IMAGE
+FROM $GO_BUILD_IMAGE AS build-env
+
+ARG GC_FLAGS
+ARG VERIFY_SCRIPT
+
+# Fail if VERIFY_SCRIPT not set
+RUN if [[ ! $VERIFY_SCRIPT ]]; then echo "Required VERIFY_SCRIPT build argument not set" && exit 1; fi
+
+RUN apk add --no-cache gcc musl-dev
+
+ADD . /go/src/github.com/solo-io/ext-auth-plugins/
+WORKDIR /go/src/github.com/solo-io/ext-auth-plugins
+
+# De-vendor all the dependencies and move them to the GOPATH.
+# We need this so that the import paths for any library shared between the plugins and Gloo are the same.
+RUN cp -a vendor/. /go/src/ && rm -rf vendor
+
+# Build plugins with CGO enabled
+RUN CGO_ENABLED=1 GOARCH=amd64 GOOS=linux go build -buildmode=plugin -gcflags="$GC_FLAGS" -o examples/RequiredHeader.so examples/required_header/plugin.go
+
+# Verify that plugins can be loaded by GlooE
+RUN chmod +x $VERIFY_SCRIPT
+RUN $VERIFY_SCRIPT -pluginDir examples -manifest examples/plugin_manifest.yaml
+
+# This stage builds the final image containing just the plugin .so files
+FROM alpine:3.10.1
+RUN mkdir /compiled-auth-plugins
+COPY --from=build-env /go/src/github.com/solo-io/ext-auth-plugins/examples/RequiredHeader.so /compiled-auth-plugins/
+CMD cp /compiled-auth-plugins/* /auth-plugins/

Makefile

@@ -0,0 +1,73 @@
+GLOOE_VERSION := 0.18.12
+BUILD_ID := $(BUILD_ID)
+RELEASE := "true"
+ifeq ($(TAGGED_VERSION),)
+	TAGGED_VERSION := v$(BUILD_ID)
+	RELEASE := "false"
+endif
+VERSION ?= $(shell echo $(TAGGED_VERSION) | cut -c 2-)
+
+#----------------------------------------------------------------------------------
+# Retrieve GlooE build information
+#----------------------------------------------------------------------------------
+GLOOE_DIR := _glooe
+_ := $(shell mkdir -p $(GLOOE_DIR))
+
+.PHONY: get-glooe-info
+get-glooe-info: $(GLOOE_DIR)/Gopkg.lock $(GLOOE_DIR)/verify-plugins-linux-amd64 $(GLOOE_DIR)/build_env
+
+$(GLOOE_DIR)/Gopkg.lock:
+	curl -o $@ http://storage.googleapis.com/gloo-ee-dependencies/$(GLOOE_VERSION)/Gopkg.lock
+
+$(GLOOE_DIR)/verify-plugins-linux-amd64:
+	curl -o $@ http://storage.googleapis.com/gloo-ee-dependencies/$(GLOOE_VERSION)/verify-plugins-linux-amd64
+
+$(GLOOE_DIR)/build_env:
+	curl -o $@ http://storage.googleapis.com/gloo-ee-dependencies/$(GLOOE_VERSION)/build_env
+
+
+#----------------------------------------------------------------------------------
+# Compare dependencies against GlooE
+#----------------------------------------------------------------------------------
+
+.PHONY: compare-deps
+compare-deps: Gopkg.lock $(GLOOE_DIR)/Gopkg.lock
+	go run scripts/compare_dependencies.go Gopkg.lock $(GLOOE_DIR)/Gopkg.lock
+
+
+#----------------------------------------------------------------------------------
+# Build plugins
+#----------------------------------------------------------------------------------
+EXAMPLES_DIR := examples
+SOURCES := $(shell find . -name "*.go" | grep -v test)
+
+define get_glooe_var
+$(shell grep $(1) $(GLOOE_DIR)/build_env | cut -d '=' -f 2-)
+endef
+
+.PHONY: build-plugins
+build-plugins: $(GLOOE_DIR)/build_env $(GLOOE_DIR)/verify-plugins-linux-amd64
+	docker build --no-cache -t quay.io/solo-io/ext-auth-plugins:$(VERSION) \
+		--build-arg GO_BUILD_IMAGE=$(call get_glooe_var,GO_BUILD_IMAGE) \
+		--build-arg GC_FLAGS=$(call get_glooe_var,GC_FLAGS) \
+		--build-arg VERIFY_SCRIPT=$(GLOOE_DIR)/verify-plugins-linux-amd64 \
+		.
+
+.PHONY: build-plugins-for-tests
+build-plugins-for-tests: $(EXAMPLES_DIR)/required_header/RequiredHeader.so
+
+$(EXAMPLES_DIR)/required_header/RequiredHeader.so: $(SOURCES)
+	go build -buildmode=plugin -o $(EXAMPLES_DIR)/required_header/RequiredHeader.so $(EXAMPLES_DIR)/required_header/plugin.go
+
+
+#----------------------------------------------------------------------------------
+# Release plugins
+#----------------------------------------------------------------------------------
+
+.PHONY: release-plugins
+release-plugins: build-plugins
+ifeq ($(RELEASE),"true")
+	docker push quay.io/solo-io/ext-auth-plugins:$(VERSION)
+else
+	@echo This is not a release build. Example plugins will not be published.
+endif

cloudbuild.yaml

@@ -0,0 +1,70 @@
+steps:
+# Using dep container from github.com/solo-io/cloud-builders/dep
+# This copies files into the proper workspace layout and so must be run before other tasks.
+# Subsequent steps must set the $GOPATH env variable.
+- name: 'gcr.io/$PROJECT_ID/dep'
+  id: 'dep'
+  args: ['ensure']
+  env:
+  - 'PROJECT_ROOT=github.com/solo-io/ext-auth-plugins'
+
+- name: 'gcr.io/$PROJECT_ID/go-make:0.1.12'
+  id: 'compare-dependencies'
+  args: ['compare-deps']
+  env:
+  - 'PROJECT_ROOT=github.com/solo-io/ext-auth-plugins'
+  - 'GOPATH=/workspace/gopath'
+  - 'TAGGED_VERSION=$TAG_NAME'
+  - 'BUILD_ID=$BUILD_ID'
+  dir: './gopath/src/github.com/solo-io/ext-auth-plugins'
+
+- name: 'gcr.io/$PROJECT_ID/go-make:0.1.12'
+  id: 'build-plugins-for-tests'
+  args: ['build-plugins-for-tests']
+  env:
+  - 'PROJECT_ROOT=github.com/solo-io/ext-auth-plugins'
+  - 'GOPATH=/workspace/gopath'
+  - 'TAGGED_VERSION=$TAG_NAME'
+  - 'BUILD_ID=$BUILD_ID'
+  dir: './gopath/src/github.com/solo-io/ext-auth-plugins'
+
+- name: 'gcr.io/$PROJECT_ID/ginkgo:0.1.12'
+  id: 'test-plugins'
+  args: ['-r']
+  env:
+  - 'PROJECT_ROOT=github.com/solo-io/ext-auth-plugins'
+  - 'GOPATH=/workspace/gopath'
+  - 'TAGGED_VERSION=$TAG_NAME'
+  - 'BUILD_ID=$BUILD_ID'
+  dir: './gopath/src/github.com/solo-io/ext-auth-plugins'
+
+- name: 'gcr.io/$PROJECT_ID/go-make:0.1.12'
+  id: 'build-plugins'
+  args: ['build-plugins']
+  env:
+  - 'PROJECT_ROOT=github.com/solo-io/ext-auth-plugins'
+  - 'GOPATH=/workspace/gopath'
+  - 'TAGGED_VERSION=$TAG_NAME'
+  - 'BUILD_ID=$BUILD_ID'
+  dir: './gopath/src/github.com/solo-io/ext-auth-plugins'
+
+- name: 'gcr.io/cloud-builders/docker'
+  entrypoint: 'bash'
+  args: ['-c', 'docker login quay.io --username "solo-io+solobot" --password $$QUAY_IO_PASSWORD']
+  secretEnv: ['QUAY_IO_PASSWORD']
+  id: 'docker-login'
+
+- name: 'gcr.io/$PROJECT_ID/go-make:0.1.12'
+  args: ['release-plugins']
+  env:
+  - 'PROJECT_ROOT=github.com/solo-io/ext-auth-plugins'
+  - 'GOPATH=/workspace/gopath'
+  - 'TAGGED_VERSION=$TAG_NAME'
+  - 'BUILD_ID=$BUILD_ID'
+  dir: './gopath/src/github.com/solo-io/ext-auth-plugins'
+  id: 'release-plugins'
+
+secrets:
+- kmsKeyName: projects/solo-public/locations/global/keyRings/build/cryptoKeys/build-key
+  secretEnv:
+    QUAY_IO_PASSWORD: CiQABlzmSRx5TcOqbldXa/d/+bkmAfpNAWa3PTS06WvuloZL+vASaQCCPGSGCogonVZVEUNx4G3YJtWi18gSuNx4PvLe08q8xAflTMFkjsyQirAOK3Y2oCvgYwiw/ITcuydjkpMjxDygFyENXS9FKFJoAXHlPQE5qidKr8xxmxF5ezhmjGB0gjyjXIIkbSEnBg==

solo-project.yaml

@@ -0,0 +1,2 @@
+gcloud:
+  projectId: solo-public