diff --git a/.ci/publish_linux.sh b/.ci/publish_linux.sh deleted file mode 100644 index 6b5d0f5e..00000000 --- a/.ci/publish_linux.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/usr/bin/env bash -set -e - -docker login -u "$DOCKER_USER" -p "$DOCKER_PASS" - -BASE_NAMES=(pebble pebble-challtestsrv) -for BASE_NAME in "${BASE_NAMES[@]}"; do - IMAGE_NAME="letsencrypt/${BASE_NAME}" - - echo "Updating docker ${IMAGE_NAME} image..." - - # create docker image - docker build -t "${IMAGE_NAME}:temp" -f "docker/${BASE_NAME}/linux.Dockerfile" . - - # push images - if [ -n "${TRAVIS_TAG}" ]; then - echo "Try to publish image: ${IMAGE_NAME}:${TRAVIS_TAG}" - docker tag "${IMAGE_NAME}:temp" "${IMAGE_NAME}:${TRAVIS_TAG}" - docker push "${IMAGE_NAME}:${TRAVIS_TAG}" - - echo "Try to publish rolling image: ${IMAGE_NAME}:latest" - docker tag "${IMAGE_NAME}:${TRAVIS_TAG}" "${IMAGE_NAME}:latest" - docker push "${IMAGE_NAME}:latest" - fi -done - -echo "Published" diff --git a/.ci/publish_windows.ps1 b/.ci/publish_windows.ps1 deleted file mode 100644 index b48c082f..00000000 --- a/.ci/publish_windows.ps1 +++ /dev/null @@ -1,28 +0,0 @@ -$ErrorActionPreference = 'Stop' -if ($env:APPVEYOR_REPO_TAG -ne "true") { - "Skipping publishing because this is not a tagged commit" -} else { - "Publishing the tagged commit..." - - $ErrorActionPreference = 'SilentlyContinue' - docker login -u="$env:DOCKER_USER" -p="$env:DOCKER_PASS" - $ErrorActionPreference = 'Stop' - - $basenames = @("pebble", "pebble-challtestsrv") - foreach ($basename in $basenames) { - $image_name = "letsencrypt/$basename" - $tag = "$env:APPVEYOR_REPO_TAG_NAME-nanoserver-sac2016" - - "Updating docker $basename image ..." - - docker build -t="$image_name`:temp" -f="docker/$basename/windows.Dockerfile" . - - "Try to publish image: $image_name`:$tag" - docker tag "$image_name`:temp" "$image_name`:$tag" - docker push "$image_name`:$tag" - - "Try to publish rolling image: $image_name`:nanoserver-sac2016" - docker tag "$image_name`:temp" "$image_name`:nanoserver-sac2016" - docker push "$image_name`:nanoserver-sac2016" - } -} diff --git a/.dockerignore b/.dockerignore index e8d3e41e..a0643715 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,3 +1,2 @@ -.git -pebble.exe -pebble +/pebble +/pebble.exe diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml index 6d623182..22e0a3f6 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/checks.yml @@ -1,53 +1,48 @@ name: Checks - +# Run on push to main and any pull request. on: push: branches: - main pull_request: - permissions: + checks: write # Allow write access to checks to allow annotation of code in the PR. contents: read pull-requests: read - +env: + CGO_ENABLED: 0 + GO_VERSION: stable + GOLANGCI_LINT_VERSION: v1.56.2 + SHELLCHECK_SCRIPTS: ./*.sh jobs: - - checks: - name: Check Process + go-lint-checks: runs-on: ubuntu-latest - env: - GO_VERSION: oldstable - GOLANGCI_LINT_VERSION: v1.56.2 - CGO_ENABLED: 0 - steps: - - - name: Check out code - uses: actions/checkout@v4 + - uses: actions/checkout@v4 + - uses: actions/setup-go@v5 with: - fetch-depth: 0 - - - name: Set up Go - uses: actions/setup-go@v5 + go-version: ${{ env.GO_VERSION }} + - name: Run GolangCI-Lint + uses: golangci/golangci-lint-action@v4 + with: + # skip cache because of flaky behaviors + skip-build-cache: true + skip-pkg-cache: true + version: ${{ env.GOLANGCI_LINT_VERSION }} + go-mod-checks: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-go@v5 with: go-version: ${{ env.GO_VERSION }} - - - name: Check and get dependencies + - name: Check if go.mod is tidy run: | go mod tidy - git diff --exit-code go.mod - git diff --exit-code go.sum - - - name: vendoring - run: go mod vendor - - - name: vendoring diff - run: git diff --exit-code vendor/ - - # https://golangci-lint.run/usage/install#other-ci - - name: Install golangci-lint ${{ env.GOLANGCI_LINT_VERSION }} + git diff --exit-code go.mod go.sum || + (echo "::error::go.mod and go.sum need to be tidy" && exit 1) + - name: Check if vendor directory is up to date run: | - curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin ${GOLANGCI_LINT_VERSION} - golangci-lint run - - + go mod vendor + git diff --exit-code vendor || + (echo "::error::vendor directory needs to be updated" && exit 1) diff --git a/.github/workflows/go-cross.yml b/.github/workflows/go-cross.yml index e28cc18a..d9c9c474 100644 --- a/.github/workflows/go-cross.yml +++ b/.github/workflows/go-cross.yml @@ -1,38 +1,34 @@ -name: Go Matrix +name: Go Build Matrix on: push: branches: - main pull_request: - permissions: contents: read pull-requests: read - jobs: - cross: - name: Build + name: Build on ${{ matrix.os }} with Go ${{ matrix.go-version }} runs-on: ${{ matrix.os }} env: CGO_ENABLED: 0 - strategy: matrix: - go-version: [ oldstable, stable ] - os: [ubuntu-latest, macos-latest, windows-latest] - + go-version: + - oldstable + - stable + os: + - ubuntu-latest + - macos-14 # M1 runners + - macos-latest + - windows-latest steps: - name: Checkout code uses: actions/checkout@v4 - - name: Set up Go uses: actions/setup-go@v5 with: go-version: ${{ matrix.go-version }} - - - name: Build pebble - run: go build -v -ldflags "-s -w" -trimpath -o pebble ./cmd/pebble - - - name: Build pebble-challtestsrv - run: go build -v -ldflags "-s -w" -trimpath -o pebble-challtestsrv ./cmd/pebble-challtestsrv + - name: Build the module + run: go build -v ./... diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 00000000..a756a8bc --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,157 @@ +name: Build Release +# Run on semver tags. +on: + push: + tags: + - "v[0-9]+.[0-9]+.[0-9]+" +permissions: + contents: read + packages: write # Allow docker/build-push-action to publish to GitHub Container Registry +env: + DOCKER_PLATFORMS: linux/amd64, linux/arm64, windows/amd64 + DOCKER_IMAGE_BASENAME: ghcr.io/${{ github.repository_owner }} +jobs: + go-build: + env: + CGO_ENABLED: 0 + GOARCH: ${{ matrix.go-arch }} + GOOS: ${{ matrix.go-os }} + LDFLAGS: -s -w -X 'main.version=${{ github.ref_name }} (${{ github.sha }})' + OUTPUTDIR: /tmp/dist/${{ matrix.go-os }}/${{ matrix.go-arch }} + runs-on: ubuntu-latest + strategy: + matrix: + app: + - pebble + - pebble-challtestsrv + go-arch: + - amd64 + - arm64 + go-os: + - darwin + - linux + - windows + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-go@v5 + with: + check-latest: true + go-version-file: go.mod + - name: Build ${{ matrix.app }} for ${{ matrix.go-os }}/${{ matrix.go-arch }} + run: | + go build \ + -ldflags="${LDFLAGS}" \ + -o "${OUTPUTDIR}/" \ + -trimpath \ + -v \ + ./cmd/${{ matrix.app }} + - name: Display ${{ matrix.app }} artifacts + run: tree /tmp/dist + - name: Store ${{ matrix.app }} artifacts + uses: actions/upload-artifact@v4 + with: + name: ${{ matrix.app }}-${{ matrix.go-os }}-${{ matrix.go-arch }} + path: /tmp/dist + docker-build: + needs: + - go-build + runs-on: ubuntu-latest + strategy: + matrix: + app: + - pebble + - pebble-challtestsrv + steps: + - uses: actions/checkout@v4 + - name: Download ${{ matrix.app }} artifacts + uses: actions/download-artifact@v4 + with: + merge-multiple: true + path: /tmp/dist + pattern: ${{ matrix.app }}-*-* + - name: Display ${{ matrix.app }} artifacts + run: tree /tmp/dist + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.DOCKER_IMAGE_BASENAME }}/${{ matrix.app }} + # generate Docker tags based on the following events/attributes + tags: | + type=semver,pattern={{major}} + type=semver,pattern={{major}}.{{minor}} + type=semver,pattern={{version}} + type=sha + type=raw,value=latest + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Build and push ${{ github.repository }}/${{ matrix.app }} for ${{ env.DOCKER_PLATFORMS }} + uses: docker/build-push-action@v5 + with: + build-args: APP=${{ matrix.app }} + build-contexts: dist-files=/tmp/dist + cache-from: type=gha + cache-to: type=gha,mode=max + file: Dockerfile.release + labels: ${{ steps.meta.outputs.labels }} + platforms: ${{ env.DOCKER_PLATFORMS }} + push: true + tags: ${{ steps.meta.outputs.tags }} + docker-version: + needs: + - docker-build + runs-on: ${{ matrix.docker-os }} + strategy: + matrix: + docker-os: + - ubuntu-latest + - windows-latest + steps: + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Display pebble version in container image + run: docker run ${{ env.DOCKER_IMAGE_BASENAME }}/pebble:latest -version + create-release: + needs: + - go-build + permissions: + contents: write # Allow creation of a release + runs-on: ubuntu-latest + steps: + - name: Download build artifacts + uses: actions/download-artifact@v4 + - name: Display build artifacts + run: tree . + - name: Create release + # https://cli.github.com/manual/gh_release_create + env: + GITHUB_TOKEN: ${{ github.token }} + run: | + gh release create ${{ github.ref_name }} \ + --repo ${{ github.repository }} \ + --title "${{ github.ref_name }}" \ + --verify-tag + continue-on-error: true + - name: Upload release files + # https://cli.github.com/manual/gh_release_upload + env: + GITHUB_TOKEN: ${{ github.token }} + run: | + for artifact in *; do + tar czf ${artifact}.tar.gz ${artifact} + zip -r ${artifact}.zip ${artifact} + gh release upload ${{ github.ref_name }} ${artifact}.* \ + --repo ${{ github.repository }}; + done diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 5c1ac6f5..26f81bda 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -1,70 +1,74 @@ name: Tests - on: push: branches: - main pull_request: - permissions: contents: read pull-requests: read - jobs: - - test-linux: - name: Test on Linux + certbot-linux: + name: Run Certbot tests on Linux runs-on: ubuntu-latest - env: - GO_VERSION: oldstable steps: - - name: Setup /etc/hosts run: | echo "127.0.0.1 example.letsencrypt.org" | sudo tee -a /etc/hosts echo "127.0.0.1 elpmaxe.letsencrypt.org" | sudo tee -a /etc/hosts - # https://github.com/marketplace/actions/checkout - name: Check out code uses: actions/checkout@v4 - with: - fetch-depth: 0 - # https://github.com/marketplace/actions/setup-go-environment - name: Set up Go uses: actions/setup-go@v5 with: - go-version: ${{ env.GO_VERSION }} - - - name: apt install + go-version-file: go.mod + - name: Install packages run: sudo apt-get install snapd python3-acme python3-josepy - - - name: snap install + - name: Setup snap run: sudo snap install core && sudo snap refresh core - - - name: snap install certbot + - name: Install certbot run: sudo snap install --classic certbot && sudo ln -s /snap/bin/certbot /usr/bin/certbot - - - name: go install tools - run: go install golang.org/x/tools/cmd/cover@latest - - - name: go install goveralls - run: go install github.com/mattn/goveralls@latest - - - name: go install pebble - run: go install -v -race ./... - + - name: go install commands + run: go install -v -race ./cmd/... - name: launch pebble run: GORACE="halt_on_error=1" PEBBLE_WFE_NONCEREJECT=0 pebble & - - # Run project unit tests (with the race detector enabled and atomic coverage profile collection) - - name: unittests - run: go test -v -race -covermode=atomic -coverprofile=coverage.out ./... - -# # Upload collected coverage profile to goveralls -# - name: goveralls -# run: goveralls -coverprofile=coverage.out -service=github - # Perform a test issuance with chisel2.py - name: chisel run: REQUESTS_CA_BUNDLE=./test/certs/pebble.minica.pem python ./test/chisel2.py example.letsencrypt.org elpmaxe.letsencrypt.org + eggsampler-linux: + name: Run eggsampler/acme tests on Linux + runs-on: ubuntu-latest + steps: + - name: Check out code + uses: actions/checkout@v4 + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version-file: go.mod + - name: go install commands + run: go install -v -race ./cmd/... + - name: launch pebble + run: GORACE="halt_on_error=1" PEBBLE_WFE_NONCEREJECT=0 pebble -dnsserver localhost:8053 & + - name: launch challtestsrv for integration tests + run: pebble-challtestsrv & + - name: run eggsampler/acme tests + env: + PEBBLE_PATH: ${{ github.workspace }} + run: | + git clone https://github.com/eggsampler/acme.git /tmp/eggsampler-acme + cd /tmp/eggsampler-acme && make test + go-linux: + name: Run Go tests on Linux + runs-on: ubuntu-latest + steps: + - name: Check out code + uses: actions/checkout@v4 + # Run project unit tests (with the race detector enabled and atomic coverage profile collection) + - name: unittests + run: go test -v -race -covermode=atomic -coverprofile=profile.cov ./... + # Upload collected coverage profile to goveralls + - uses: shogo82148/actions-goveralls@v1 + with: + path-to-profile: profile.cov diff --git a/.gitignore b/.gitignore index b2d61ffe..4863306d 100644 --- a/.gitignore +++ b/.gitignore @@ -37,3 +37,5 @@ tags .idea .vscode/* +/profile.cov +/dist/ diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 3dc1c19a..00000000 --- a/.travis.yml +++ /dev/null @@ -1,89 +0,0 @@ -language: go - -sudo: true -dist: focal -addons: - hosts: - - example.letsencrypt.org - - elpmaxe.letsencrypt.org - -cache: - directories: - - $GOPATH/pkg/mod - -go: - - "1.21.x" - -services: - - docker - -before_install: - # snap for installing cerbot, python3-acme and python3-josepy for chisel2.py - - sudo apt-get install snapd python3-acme python3-josepy - - sudo snap install core - - sudo snap refresh core - - sudo snap install --classic certbot - - sudo ln -s /snap/bin/certbot /usr/bin/certbot - -# Override the base install phase so that the project can be installed using -# `-mod=vendor` to use the vendored dependencies -install: - # Install `golangci-lint` using their installer script - - curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.56.2 - # Install tools without `GO111MODULE` enabled so that we - # don't download Pebble's deps and just put the tools in our - # gobin. - - GO111MODULE=off go get github.com/mattn/goveralls - - GO111MODULE=off go get github.com/letsencrypt/boulder/test/load-generator - - go mod tidy - - git diff --exit-code go.mod - - git diff --exit-code go.sum - - go mod download - - go mod vendor - - git diff --exit-code vendor/ - - go install -v -race -mod=vendor ./... - - GOOS=darwin GOARCH=arm64 go install -v -mod=vendor ./... - -before_script: - - GORACE="halt_on_error=1" PEBBLE_WFE_NONCEREJECT=0 pebble & - -script: - # Vet Go source code using the linter config (see .golang-ci.yml) - - golangci-lint run - # Run project unit tests (with the race detector enabled and atomic - # coverage profile collection) - - go test -mod=vendor -v -race -covermode=atomic -coverprofile=coverage.out ./... - # Upload collected coverage profile to goveralls - - goveralls -coverprofile=coverage.out -service=travis-ci - # Perform a test issuance with chisel2.py - - pip install -r test/requirements.txt - - REQUESTS_CA_BUNDLE=./test/certs/pebble.minica.pem python ./test/chisel2.py example.letsencrypt.org elpmaxe.letsencrypt.org - # Run the load-generator briefly - note, because Pebble isn't using the - # load-generator's mock DNS server none of the issuances will succeed. This - # step is performed just to shake out data races with concurrent requests. - - load-generator -config ./test/config/load-generator-config.json > /dev/null - -before_deploy: - - mkdir -p deploy - - cp $(go env GOPATH)/bin/pebble deploy/pebble_linux-amd64 - - cp $(go env GOPATH)/bin/pebble-challtestsrv deploy/pebble-challtestsrv_linux-amd64 - - cp $(go env GOPATH)/bin/darwin_arm64/pebble deploy/pebble_darwin-arm64 - - cp $(go env GOPATH)/bin/darwin_arm64/pebble-challtestsrv deploy/pebble-challtestsrv_darwin-arm64 - -deploy: - - provider: script - script: bash .ci/publish_linux.sh - skip_cleanup: true - on: - repo: letsencrypt/pebble - tags: true - - provider: releases - name: Pebble $TRAVIS_TAG - api_key: $GITHUB_AUTH_TOKEN - file_glob: true - file: deploy/* - skip_cleanup: true - draft: true - on: - repo: letsencrypt/pebble - tags: true diff --git a/Dockerfile.release b/Dockerfile.release new file mode 100644 index 00000000..71df3841 --- /dev/null +++ b/Dockerfile.release @@ -0,0 +1,31 @@ +# syntax=docker/dockerfile:1 + +# The build argument `APP` is used to select the appropriate binary +# for the target OS. +# The binary specified by `APP` must exist in the `dist-files` stage. +ARG APP=${APP:-pebble} + +# Set the base image dynamically based on the target OS +FROM --platform=${TARGETPLATFORM} scratch AS linux-base +FROM --platform=${TARGETPLATFORM} mcr.microsoft.com/windows/nanoserver:ltsc2022 AS windows-base + +# Use build arguments to select the appropriate binary for Linux +FROM linux-base AS linux +ARG APP +ARG TARGETOS +ARG TARGETARCH +COPY --from=dist-files --chmod=0755 /${TARGETOS}/${TARGETARCH}/${APP} /app +ENTRYPOINT [ "/app" ] + +# Use build arguments to select the appropriate binary for Windows +FROM windows-base AS windows +ARG APP +ARG TARGETOS +ARG TARGETARCH +COPY --from=dist-files /${TARGETOS}/${TARGETARCH}/${APP}.exe /app.exe +ENTRYPOINT [ "/app.exe" ] + +# Final stage: dynamically select between Linux and Windows stages based on TARGETOS argument +FROM ${TARGETOS} AS final +# Add test configuration files +COPY ./test/ /test/ diff --git a/README.md b/README.md index 645468d1..0567e892 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,9 @@ # Pebble -[![Build Status](https://travis-ci.org/letsencrypt/pebble.svg?branch=master)](https://travis-ci.org/letsencrypt/pebble) -[![Coverage Status](https://coveralls.io/repos/github/letsencrypt/pebble/badge.svg?branch=cpu-goveralls)](https://coveralls.io/github/letsencrypt/pebble?branch=cpu-goveralls) +[![Checks](https://github.com/letsencrypt/pebble/actions/workflows/checks.yml/badge.svg)](https://github.com/letsencrypt/pebble/actions/workflows/checks.yml) +[![Tests](https://github.com/letsencrypt/pebble/actions/workflows/tests.yml/badge.svg)](https://github.com/letsencrypt/pebble/actions/workflows/tests.yml) + +[![Coverage Status](https://coveralls.io/repos/github/letsencrypt/pebble/badge.svg)](https://coveralls.io/github/letsencrypt/pebble) [![Go Report Card](https://goreportcard.com/badge/github.com/letsencrypt/pebble)](https://goreportcard.com/report/github.com/letsencrypt/pebble) A miniature version of [Boulder](https://github.com/letsencrypt/boulder), Pebble diff --git a/appveyor.yml b/appveyor.yml deleted file mode 100644 index acbbffb1..00000000 --- a/appveyor.yml +++ /dev/null @@ -1,51 +0,0 @@ -image: Visual Studio 2022 - -hosts: - example.letsencrypt.org: 127.0.0.1 - elpmaxe.letsencrypt.org: 127.0.0.1 - -environment: - PATH: C:\Python39-x64;C:\msys64\mingw64\bin;%USERPROFILE%\go\bin;%PATH% - PEBBLE_WFE_NONCEREJECT: 0 - -# Declare artifacts that can become release assets on GitHub -artifacts: - - path: deploy\pebble_windows-amd64.exe - name: Pebble - - path: deploy\pebble-challtestsrv_windows-amd64.exe - name: Pebble-Challtestsrv - -install: - - git clone --single-branch --depth=1 -b master https://github.com/certbot/certbot - - cd certbot - - python tools\venv.py - - venv\Scripts\activate.bat - - cd .. - -build_script: - - go install -v -mod=vendor ./... - -after_build: - - ps: $PebbleProcess = Start-Process pebble -PassThru - - mkdir deploy - # Two following lines are copying built executable to the proper artifacts folder - - copy %USERPROFILE%\go\bin\pebble.exe deploy\pebble_windows-amd64.exe - - copy %USERPROFILE%\go\bin\pebble-challtestsrv.exe deploy\pebble-challtestsrv_windows-amd64.exe - -test_script: - # Run project unit tests (with the race detector enabled) - - go test -mod=vendor -v -race ./... - # Perform a test issuance with chisel2.py - - cmd /c "set REQUESTS_CA_BUNDLE=./test/certs/pebble.minica.pem && python .\test\chisel2.py example.letsencrypt.org elpmaxe.letsencrypt.org" - -before_deploy: - - ps: .ci\publish_windows.ps1 - -deploy: - - provider: GitHub - auth_token: $(GITHUB_AUTH_TOKEN) - # References here correspond to artifacts name fields in artifacts section - artifact: Pebble,Pebble-Challtestsrv - draft: true - on: - APPVEYOR_REPO_TAG: true diff --git a/cmd/pebble/main.go b/cmd/pebble/main.go index 253a3022..9fb0886c 100644 --- a/cmd/pebble/main.go +++ b/cmd/pebble/main.go @@ -2,6 +2,7 @@ package main import ( "flag" + "fmt" "log" "net/http" "os" @@ -14,6 +15,8 @@ import ( "github.com/letsencrypt/pebble/v2/wfe" ) +var version = "dev" // Default value, to be overridden with ldflags + type config struct { Pebble struct { ListenAddress string @@ -50,12 +53,27 @@ func main() { "dnsserver", "", "Define a custom DNS server address (ex: 192.168.0.56:5053 or 8.8.8.8:53).") + versionFlag := flag.Bool( + "version", + false, + "Print the software version") flag.Parse() + + if *versionFlag { + // Print the version and exit + fmt.Printf("Pebble version: %s\n", version) + os.Exit(0) + } + if *configFile == "" { flag.Usage() os.Exit(1) } + if *strictMode { + fmt.Printf("Running in strict mode\n") + } + // Log to stdout logger := log.New(os.Stdout, "Pebble ", log.LstdFlags) logger.Printf("Starting Pebble ACME server") diff --git a/docker-compose.yml b/docker-compose.yml index e5c2af74..93afa6e7 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,23 +1,22 @@ -version: '3' +version: "3" services: pebble: - image: letsencrypt/pebble:latest - command: pebble -config /test/config/pebble-config.json -strict -dnsserver 10.30.50.3:8053 + image: ghcr.io/letsencrypt/pebble:latest + command: -config test/config/pebble-config.json -strict -dnsserver 10.30.50.3:8053 ports: - - 14000:14000 # HTTPS ACME API - - 15000:15000 # HTTPS Management API + - 14000:14000 # HTTPS ACME API + - 15000:15000 # HTTPS Management API networks: acmenet: ipv4_address: 10.30.50.2 challtestsrv: - image: letsencrypt/pebble-challtestsrv:latest - command: pebble-challtestsrv -defaultIPv6 "" -defaultIPv4 10.30.50.3 + image: ghcr.io/letsencrypt/pebble-challtestsrv:latest + command: -defaultIPv6 "" -defaultIPv4 10.30.50.3 ports: - - 8055:8055 # HTTP Management API + - 8055:8055 # HTTP Management API networks: acmenet: ipv4_address: 10.30.50.3 - networks: acmenet: driver: bridge diff --git a/docker/pebble-challtestsrv/linux.Dockerfile b/docker/pebble-challtestsrv/linux.Dockerfile deleted file mode 100644 index 3afe24e5..00000000 --- a/docker/pebble-challtestsrv/linux.Dockerfile +++ /dev/null @@ -1,15 +0,0 @@ -FROM golang:1.21-alpine as builder - -ENV CGO_ENABLED=0 - -WORKDIR /pebble-src -COPY . . - -RUN go build -o /go/bin/pebble-challtestsrv ./cmd/pebble-challtestsrv - -## main -FROM alpine:3.16 - -COPY --from=builder /go/bin/pebble-challtestsrv /usr/bin/pebble-challtestsrv - -CMD [ "/usr/bin/pebble-challtestsrv" ] diff --git a/docker/pebble-challtestsrv/windows.Dockerfile b/docker/pebble-challtestsrv/windows.Dockerfile deleted file mode 100644 index 2e1e33f6..00000000 --- a/docker/pebble-challtestsrv/windows.Dockerfile +++ /dev/null @@ -1,17 +0,0 @@ -FROM golang:1.21-nanoserver-1809 as builder - -ENV CGO_ENABLED=0 - -WORKDIR /pebble-src -COPY . . - -RUN go install -v ./cmd/pebble-challtestsrv/... - -## main -FROM mcr.microsoft.com/windows/nanoserver:1809 - -COPY --from=builder /gopath/bin/pebble-challtestsrv.exe /gopath/bin/pebble-challtestsrv.exe - -RUN powershell.exe -Command $path = $env:path + ';c:\gopath\bin'; Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\' -Name Path -Value $path - -CMD [ "/pebble-challtestsrv" ] diff --git a/docker/pebble/linux.Dockerfile b/docker/pebble/linux.Dockerfile deleted file mode 100644 index cd386b89..00000000 --- a/docker/pebble/linux.Dockerfile +++ /dev/null @@ -1,19 +0,0 @@ -FROM golang:1.21-alpine as builder - -ENV CGO_ENABLED=0 - -WORKDIR /pebble-src -COPY . . - -RUN go build -o /go/bin/pebble ./cmd/pebble - -## main -FROM alpine:3.16 - -COPY --from=builder /go/bin/pebble /usr/bin/pebble -COPY --from=builder /pebble-src/test/ /test/ - -CMD [ "/usr/bin/pebble" ] - -EXPOSE 14000 -EXPOSE 15000 diff --git a/docker/pebble/windows.Dockerfile b/docker/pebble/windows.Dockerfile deleted file mode 100644 index 8d519124..00000000 --- a/docker/pebble/windows.Dockerfile +++ /dev/null @@ -1,21 +0,0 @@ -FROM golang:1.21-nanoserver-1809 as builder - -ENV CGO_ENABLED=0 - -WORKDIR /pebble-src -COPY . . - -RUN go install -v ./cmd/pebble/... - -## main -FROM mcr.microsoft.com/windows/nanoserver:1809 - -COPY --from=builder /gopath/bin/pebble.exe /gopath/bin/pebble.exe -COPY --from=builder /pebble-src/test/ /test/ - -RUN powershell.exe -Command $path = $env:path + ';c:\gopath\bin'; Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\' -Name Path -Value $path - -CMD [ "/pebble" ] - -EXPOSE 14000 -EXPOSE 15000