certificates icon indicating copy to clipboard operation
certificates copied to clipboard

Published 20 hours ago verified publisher icon smallstep

Build .deb and .rpm from GoReleaser

Open tashian opened this issue 3 years ago • 8 comments
trafficstars

  • [ ] write build & nfpm config in GoReleaser
  • [ ] bundle the systemd service unit; should support systemd 229+

Here's a starting point for the nfpm configuration:

nfpms:
  - id: packages
    file_name_template: "{{ .ConventionalFileName }}"
    vendor: Smallstep Labs, Inc.
    homepage: https://github.com/smallstep/certificates
    maintainer: Smallstep Labs, Inc. <[email protected]>
    description: step-ca is the Smallstep Certificate Authority......
    formats:
      - rpm
    suggests:
      - step-cli
    bindir: /usr/bin
    release: 1
    contents:
      - src: ./systemd/step-ca.service
        dst: /usr/lib/systemd/system/step-ca.service
      - dst: /etc/step-ca
        type: dir
        file_info:
          mode: 0700

tashian avatar Dec 08 '21 22:12 tashian

an rpm package to install step would be great! Even better if you can add it to a repository that i can query for updates to step/step-ca.

charltonstanley avatar Apr 08 '22 14:04 charltonstanley

@tashian are there plans for smallstep to host their own rpm repository? Otherwise, in order to get step integrated upstream, we would need to include at least a simple spec file in order to get this on copr and eventually into fedoraproject if licensing and everything else would agree.

I have been gaining some basic knowledge about .spec and I think I can write a simple one if needed

LecrisUT avatar Aug 30 '22 13:08 LecrisUT

There are plans, yes, but we haven't prioritized them. @jdoss, do you have any update on this? @LecrisUT might help.

maraino avatar Aug 31 '22 00:08 maraino

I have a spec partially written and I will put it up on https://copr.fedorainfracloud.org/coprs/jdoss/smallstep/ as soon as I can. The biggest problem is step-cli has some circular golang deps that make building all of the dependency packages tough. Or at least the last time I was hacking on it.

jdoss avatar Aug 31 '22 05:08 jdoss

So the plan is to include the .spec file instead of using nfpm? I do support that just for the fact that we can have the packages pushed to distro packages, though we need to confirm that the licensing is ok for that.

Btw @jdoss it seems that we can make a fedora group like caddy did. If the copr can be linked to the group, that would be helpful for future maintenance.

LecrisUT avatar Aug 31 '22 08:08 LecrisUT

Heads up, there will be a naming clash with another repo called step which is a physics simulator. Maybe worth renaming the packages smallstep-cli and smallstep-ca?

LecrisUT avatar Jan 22 '23 19:01 LecrisUT

Heads up, there will be a naming clash with another repo called step which is a physics simulator. Maybe worth renaming the packages smallstep-cli and smallstep-ca?

We're aware, some distributions have been packaging as step-cli

maraino avatar Jan 23 '23 17:01 maraino

Indeed, but step-cli is rather confusing in that aspect as well

LecrisUT avatar Jan 23 '23 17:01 LecrisUT