From 6c713e580403223d5968d0a4ee6c36bfa5b5a1c1 Mon Sep 17 00:00:00 2001 From: Tom Monaghan <62273348+t-monaghan@users.noreply.github.com> Date: Fri, 6 Sep 2024 14:24:15 +1000 Subject: [PATCH] removes bootstrap (#46) * removes bootstrap * bootstrap prints deprecation notice --- .github/workflows/ci.yaml | 32 +---- scripts/bootstrap.sh | 171 ++------------------------- test/bootstrap-agnostic.bats | 40 ------- test/bootstrap-bash.bats | 9 -- test/bootstrap-fish.bats | 9 -- test/bootstrap-zsh.bats | 9 -- test/docker-test-wrapper-agnostic.sh | 20 ---- test/docker-test-wrapper-bash.sh | 4 - test/docker-test-wrapper-fish.sh | 4 - test/docker-test-wrapper-zsh.sh | 4 - 10 files changed, 9 insertions(+), 293 deletions(-) delete mode 100644 test/bootstrap-agnostic.bats delete mode 100644 test/bootstrap-bash.bats delete mode 100644 test/bootstrap-fish.bats delete mode 100644 test/bootstrap-zsh.bats delete mode 100755 test/docker-test-wrapper-agnostic.sh delete mode 100755 test/docker-test-wrapper-bash.sh delete mode 100755 test/docker-test-wrapper-fish.sh delete mode 100755 test/docker-test-wrapper-zsh.sh diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 04d4c60..40a1896 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -3,36 +3,6 @@ name: "ci" on: pull_request jobs: - test-bootstrap-zsh: - name: zsh-integration - runs-on: ubuntu-latest - steps: - - name: Check out code - uses: actions/checkout@v3 - - name: Build docker image with bootstrap script - run: docker build -t bootstrap-script-test-zsh -f ./bootstrap-test.Dockerfile . --build-arg SHELL_VAR=zsh - - name: Run bats-zsh test via devbox - run: docker run bootstrap-script-test-zsh bats test/bootstrap-agnostic.bats test/bootstrap-zsh.bats - test-bootstrap-bash: - name: bash-integration - runs-on: ubuntu-latest - steps: - - name: Check out code - uses: actions/checkout@v3 - - name: Build docker image with bootstrap script - run: docker build -t bootstrap-script-test-bash -f ./bootstrap-test.Dockerfile . --build-arg SHELL_VAR=bash - - name: Run bats-bash test via devbox - run: docker run bootstrap-script-test-bash bats test/bootstrap-agnostic.bats test/bootstrap-bash.bats - test-bootstrap-fish: - name: fish-integration - runs-on: ubuntu-latest - steps: - - name: Check out code - uses: actions/checkout@v3 - - name: Build docker image with bootstrap script - run: docker build -t bootstrap-script-test-fish -f ./bootstrap-test.Dockerfile . --build-arg SHELL_VAR=fish - - name: Run bats-fish test via devbox - run: docker run bootstrap-script-test-fish bats test/bootstrap-agnostic.bats test/bootstrap-fish.bats check-linting-and-formatting: runs-on: ubuntu-latest steps: @@ -51,7 +21,7 @@ jobs: - name: run install script shell: bash run: | - ./scripts/install_hotel.sh "${{ secrets.HOTEL_ACCESS_TOKEN }}" + ./scripts/install_hotel.sh "${{ secrets.HOTEL_ACCESS_TOKEN }}" - name: verify hotel executable is available and working shell: bash run: hotel --version diff --git a/scripts/bootstrap.sh b/scripts/bootstrap.sh index f290723..a0c65ea 100755 --- a/scripts/bootstrap.sh +++ b/scripts/bootstrap.sh @@ -1,165 +1,10 @@ -#! /bin/sh - -set -e - -# Script to install `nix`, `devbox`, `direnv`, and `nix-direnv` and get them all working together - -NETSKOPE_DATA_DIR="/Library/Application Support/Netskope/STAgent/data" - -# This variable is set by docker in mock_functions.sh to provide the linux path rather than the typical MacOS path -NIX_FINAL_SSL_FILE="${NIX_FINAL_SSL_FILE:-$NETSKOPE_DATA_DIR/nscacert_combined.pem}" - -# Copy create Netskope combined cert and save to known location recommended by their docs: -# https://docs.netskope.com/en/netskope-help/data-security/netskope-secure-web-gateway/configuring-cli-based-tools-and-development-frameworks-to-work-with-netskope-ssl-interception/#mac-1 -generate_combined_netskope_cert() { - echo "=== generating combined CA certificate from system keychain..." - if [ "$TMPDIR" = "" ]; then - TMPDIR=$(getconf DARWIN_USER_TEMP_DIR) - fi - - security find-certificate -a -p \ - /System/Library/Keychains/SystemRootCertificates.keychain \ - /Library/Keychains/System.keychain \ - >"$TMPDIR/nscacert_combined.pem" - echo "=== combined CA certificate generated" - - echo "=== moving combined CA certificate to Netskope data folder (requires sudo)..." - sudo mkdir -p "$NETSKOPE_DATA_DIR" - sudo cp "$TMPDIR/nscacert_combined.pem" "$NETSKOPE_DATA_DIR" - echo "=== moved combined CA certificate" -} - -# Install nix using the determinate systems installer because it has good defaults and an uninstall script -# Also set current user as a trusted user so they can add substituters/caches -# And set the ssl cert file globally -install_nix() { - echo "=== installing nix (requires sudo)..." - # shellcheck disable=SC2086 - curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | - # $INSTALLER_EXTRA_ARGS below is required by docker as default install expects systemd for a linux install - # That alone is able to be set by an env var in the docker environment, - # however we also have to provide 'linux' as an argument for the installing script - sh -s -- install $INSTALLER_EXTRA_ARGS --no-confirm \ - --extra-conf "trusted-users = root @admin" \ - --ssl-cert-file "$NIX_FINAL_SSL_FILE" - echo "=== nix installed..." - - echo "=== sourcing nix daemon so we can use it in this script..." - export NIX_SSL_CERT_FILE="$NIX_FINAL_SSL_FILE" - # shellcheck source=/dev/null - . /nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh - echo "=== nix daemon sourced..." -} - -install_devbox() { - echo "=== installing devbox..." - curl -fsSL https://get.jetpack.io/devbox | FORCE=1 bash - echo "=== devbox installed..." -} - -add_current_user_to_admin_group() { - echo "=== add current user to admin group" - sudo dseditgroup -o edit -a "$(whoami)" -t user admin -} - -install_direnv() { - if command -v direnv >/dev/null 2>&1; then - echo "=== direnv is already installed, doing nothing" - DID_INSTALL_DIRENV=0 - else - echo "=== direnv is not installed, installing..." - nix profile install nixpkgs#direnv - echo "=== direnv installed" - DID_INSTALL_DIRENV=1 - fi -} - -shell_integrations() { - DIRENV_BIN="$(command -v direnv)" - DIRENV_BIN="${DIRENV_BIN:-$HOME/.nix-profile/bin/direnv}" - shell=$(basename "$SHELL") - case "$shell" in - *bash*) - rcfile="$HOME/.bashrc" - printf "\n" >>"$rcfile" - cat <<-EOF >>"$rcfile" - ### Do not edit. This was autogenerated by 'bootstrap.sh' ### - export DIRENV_BIN="$DIRENV_BIN" - eval "\$(\$DIRENV_BIN hook bash)" - export NIX_SSL_CERT_FILE='$NETSKOPE_DATA_DIR/nscacert_combined.pem' - EOF - ;; - *zsh*) - rcfile="${ZDOTDIR:-$HOME}/.zshrc" - printf "\n" >>"$rcfile" - cat <<-EOF >>"$rcfile" - ### Do not edit. This was autogenerated by 'bootstrap.sh' ### - export DIRENV_BIN="$DIRENV_BIN" - eval "\$(\$DIRENV_BIN hook zsh)" - export NIX_SSL_CERT_FILE='$NETSKOPE_DATA_DIR/nscacert_combined.pem' - EOF - ;; - *fish*) - rcfile="${XDG_DATA_HOME:-$HOME/.local/share}/fish/vendor_conf.d/direnv.fish" - mkdir -p "$(dirname "$rcfile")" - printf "\n" >>"$rcfile" - cat <<-EOF >>"$rcfile" - ### Do not edit. This was autogenerated by 'bootstrap.sh' ### - set -gx DIRENV_BIN "$DIRENV_BIN" - \$DIRENV_BIN hook fish | source - set -gx NIX_SSL_CERT_FILE '$NETSKOPE_DATA_DIR/nscacert_combined.pem' - EOF - ;; - *) - echo "Don't know how to setup for shell $SHELL. checkout https://direnv.net/docs/hook.html" - ;; - esac -} - -install_nix_direnv() { - echo "=== installing nix-direnv..." - nix profile install nixpkgs#nix-direnv - echo "=== nix-direnv installed" - - if [ ! -e "$HOME/.config/direnv/direnvrc" ]; then - echo "=== direnvrc doesn't exist, creating it with config" - mkdir -p "$HOME/.config/direnv" - echo "source \$HOME/.nix-profile/share/nix-direnv/direnvrc" >"$HOME/.config/direnv/direnvrc" - else - if grep -q "^source.*\/nix-direnv\/direnvrc$" "$HOME/.config/direnv/direnvrc"; then - echo "=== direnvrc exists and is configured to use nix-direnv, doing nothing" - else - echo "=== direnvrc exists but is not configured to use nix-direnv, updating..." - echo "source $HOME/.nix-profile/share/nix-direnv/direnvrc" >>"$HOME/.config/direnv/direnvrc" - echo "=== direnvrc updated to use nix-direnv" - fi - fi -} - -print_further_steps() { - echo "================================================================" - echo "Nix, direnv, and devbox have been installed and setup" - - if [ "$DID_INSTALL_DIRENV" ]; then - echo "You had direnv already installed, if you've already configured it you can skip the last step" - fi - - echo "direnv setup will only be activated if you start a new shell session (e.g. open a new tab on your terminal)" - echo "================================================================" - - echo "" - echo "If you've had any issues with this install process please reach out to #team_delivery_eng on slack" -} - -main() { - add_current_user_to_admin_group - generate_combined_netskope_cert - install_nix - install_devbox - install_direnv - shell_integrations - install_nix_direnv - print_further_steps +#!/usr/bin/env bash +logRed() { + printf >&2 "\033[31m" # red + echo >&2 "$@" + printf >&2 "\033[0m" # reset } -main +logRed "the bootstrap.sh install method has been deprecated." +echo "" +logRed "Please visit https://cultureamp.atlassian.net/wiki/x/IoA5xw and follow the instructions there for installing hotel." diff --git a/test/bootstrap-agnostic.bats b/test/bootstrap-agnostic.bats deleted file mode 100644 index 7108ec5..0000000 --- a/test/bootstrap-agnostic.bats +++ /dev/null @@ -1,40 +0,0 @@ -load "$DEVBOX_SHARE_DIR/bats/bats-support/load.bash" -load "$DEVBOX_SHARE_DIR/bats/bats-assert/load.bash" - -@test "installed-nix" { - run which nix - test "$status" -eq 0 -} - -@test "installed-devbox" { - run which devbox - test "$status" -eq 0 -} - -@test "installed-direnv" { - run which direnv - test "$status" -eq 0 -} - -@test "direnv-configured-to-nix" { - run cat ~/.config/direnv/direnvrc - assert_output "source \$HOME/.nix-profile/share/nix-direnv/direnvrc" -} - -@test "nix-ssl-cert-set" { - test -n "$NIX_SSL_CERT_FILE" -} - -@test "generated-netskope-cert" { - run cat /tmp/test-metadata/security.txt - assert_output "security ran with args: find-certificate -a -p /System/Library/Keychains/SystemRootCertificates.keychain /Library/Keychains/System.keychain" -} - -@test "netskope-cert-in-dir" { - test -n "/Library/Application Support/Netskope/STAgent/data/nscacert_combined.pem" -} - -@test "user-added-to-admin-group" { - run cat /tmp/test-metadata/dseditgroup.txt - assert_output "dseditgroup ran with args: -o edit -a $(whoami) -t user admin" -} diff --git a/test/bootstrap-bash.bats b/test/bootstrap-bash.bats deleted file mode 100644 index 9f62480..0000000 --- a/test/bootstrap-bash.bats +++ /dev/null @@ -1,9 +0,0 @@ -load "$DEVBOX_SHARE_DIR/bats/bats-support/load.bash" -load "$DEVBOX_SHARE_DIR/bats/bats-assert/load.bash" - -@test "direnv-integrated-to-bash" { - run cat ~/.bashrc - assert_output --partial "export DIRENV_BIN=" - assert_output --partial "eval \"\$(\$DIRENV_BIN hook bash)\"" - assert_output --partial "export NIX_SSL_CERT_FILE=" -} diff --git a/test/bootstrap-fish.bats b/test/bootstrap-fish.bats deleted file mode 100644 index 64a8b93..0000000 --- a/test/bootstrap-fish.bats +++ /dev/null @@ -1,9 +0,0 @@ -load "$DEVBOX_SHARE_DIR/bats/bats-support/load.bash" -load "$DEVBOX_SHARE_DIR/bats/bats-assert/load.bash" - -@test "direnv-integrated-to-fish" { - run cat /root/.local/share/fish/vendor_conf.d/direnv.fish - assert_output --partial "set -gx DIRENV_BIN" - assert_output --partial "\$DIRENV_BIN hook fish | source" - assert_output --partial "set -gx NIX_SSL_CERT_FILE " -} diff --git a/test/bootstrap-zsh.bats b/test/bootstrap-zsh.bats deleted file mode 100644 index 1609105..0000000 --- a/test/bootstrap-zsh.bats +++ /dev/null @@ -1,9 +0,0 @@ -load "$DEVBOX_SHARE_DIR/bats/bats-support/load.bash" -load "$DEVBOX_SHARE_DIR/bats/bats-assert/load.bash" - -@test "direnv-integrated-to-zsh" { - run cat ~/.zshrc - assert_output --partial "export DIRENV_BIN=" - assert_output --partial "eval \"\$(\$DIRENV_BIN hook zsh)\"" - assert_output --partial "export NIX_SSL_CERT_FILE=" -} diff --git a/test/docker-test-wrapper-agnostic.sh b/test/docker-test-wrapper-agnostic.sh deleted file mode 100755 index c5edbde..0000000 --- a/test/docker-test-wrapper-agnostic.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/sh -# Mocking MacOS programs for linux based docker container - -mkdir -p /tmp/test-metadata - -export TMPDIR="/tmp" -export INSTALLER_EXTRA_ARGS="linux --init none" -export NIX_FINAL_SSL_FILE="/etc/ssl/certs/ca-certificates.crt" - -echo ' -#!/bin/sh -echo "dseditgroup ran with args: $@" > /tmp/test-metadata/dseditgroup.txt' | sudo tee -a /bin/dseditgroup -sudo chmod a+x /bin/dseditgroup - -echo ' -#!/bin/sh -echo "security ran with args: $@" > /tmp/test-metadata/security.txt' | sudo tee -a /bin/security -sudo chmod a+x /bin/security - -. ./scripts/bootstrap.sh diff --git a/test/docker-test-wrapper-bash.sh b/test/docker-test-wrapper-bash.sh deleted file mode 100755 index d4d0f42..0000000 --- a/test/docker-test-wrapper-bash.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/sh - -export SHELL="/bin/bash" -. ./test/docker-test-wrapper-agnostic.sh diff --git a/test/docker-test-wrapper-fish.sh b/test/docker-test-wrapper-fish.sh deleted file mode 100755 index 9cf819b..0000000 --- a/test/docker-test-wrapper-fish.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/sh - -export SHELL="/bin/fish" -. ./test/docker-test-wrapper-agnostic.sh diff --git a/test/docker-test-wrapper-zsh.sh b/test/docker-test-wrapper-zsh.sh deleted file mode 100755 index 164e5de..0000000 --- a/test/docker-test-wrapper-zsh.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/sh -export SHELL="/bin/zsh" - -. ./test/docker-test-wrapper-agnostic.sh