feat: Add the sm-k6-gsm binary for secrets #1234
Conversation
| @@ -24,6 +24,7 @@ ARG HOST_DIST=$TARGETOS-$TARGETARCH | |||
| RUN adduser -D -u 12345 -g 12345 sm | |||
|
|
|||
| ADD --chown=sm:sm --chmod=0500 https://github.com/grafana/xk6-sm/releases/download/v0.0.3-pre/sm-k6-${TARGETOS}-${TARGETARCH} /usr/local/bin/sm-k6 | |||
| ADD --chown=sm:sm --chmod=0500 https://github.com/grafana/xk6-sm/releases/download/v0.4.0/sm-k6-${TARGETOS}-${TARGETARCH}-gsm /usr/local/bin/sm-k6-gsm | |||
There was a problem hiding this comment.
Upgrading this past the above binary is intentional. These will be out of sync for a while until the default binary is updated and then we can drop the second one.
There was a problem hiding this comment.
Just to make sure this is intended, renovate will update both URLs:
| $(DISTDIR)/$(1)-$(2)/sm-k6-gsm: | ||
| mkdir -p "$(DISTDIR)/$(1)-$(2)" | ||
| # Renovate updates the following line. Keep its syntax as it is. | ||
| curl -sSL https://github.com/grafana/xk6-sm/releases/download/v0.4.0/sm-k6-$(1)-$(2)-gsm -o "$$@" | ||
| chmod +x "$$@" | ||
|
|
||
| sm-k6: $(DISTDIR)/$(1)-$(2)/sm-k6 $(DISTDIR)/$(1)-$(2)/sm-k6-gsm |
There was a problem hiding this comment.
In practice, this will only be used by the pipeline that packages the agent for Debian/Fedora (and derivatives). Container images rely on the ADD instruction (which you added).
However, since you haven't added that file to nfpm:
This means this is effectively ignored. make package* will download this but it won't be included in any package. If we do not intend to ship this in linux packages, I'd suggest getting rid of the make-related changes. If we do want to ship this binary in linux packages, then we should edit the nfpm config.
There was a problem hiding this comment.
Good spot, thanks. Adding this to images only is probably enough for now.
There was a problem hiding this comment.
Although, that could become problematic so its probably better to add it everywhere 🤔
There was a problem hiding this comment.
Updated, hopefully I understood correctly
| @@ -24,6 +24,7 @@ ARG HOST_DIST=$TARGETOS-$TARGETARCH | |||
| RUN adduser -D -u 12345 -g 12345 sm | |||
|
|
|||
| ADD --chown=sm:sm --chmod=0500 https://github.com/grafana/xk6-sm/releases/download/v0.0.3-pre/sm-k6-${TARGETOS}-${TARGETARCH} /usr/local/bin/sm-k6 | |||
| ADD --chown=sm:sm --chmod=0500 https://github.com/grafana/xk6-sm/releases/download/v0.4.0/sm-k6-${TARGETOS}-${TARGETARCH}-gsm /usr/local/bin/sm-k6-gsm | |||
There was a problem hiding this comment.
Just to make sure this is intended, renovate will update both URLs:
This depends on grafana/xk6-sm#75 and therefore the release: grafana/xk6-sm#74To support secrets in the short term we need to add a second k6 binary which tracks the upstream secrets work. This means it is an unreleased k6 version.
This binary will only be used when secret source configuration is provided from the API. This will start to happen with #1179