diff --git a/.goreleaser.yaml b/.goreleaser.yaml index 283a24cab74b5..964c275c4d3e9 100644 --- a/.goreleaser.yaml +++ b/.goreleaser.yaml @@ -21,7 +21,7 @@ builds: - -X github.com/argoproj/argo-cd/v3/common.gitCommit={{ .FullCommit }} - -X github.com/argoproj/argo-cd/v3/common.gitTreeState={{ .Env.GIT_TREE_STATE }} - -X github.com/argoproj/argo-cd/v3/common.kubectlVersion={{ .Env.KUBECTL_VERSION }} - - '{{ if or (eq .Runtime.Goos "linux") (eq .Runtime.Goos "windows") }}-extldflags="-static"{{ end }}' + - -extldflags="-static" goos: - linux - windows @@ -42,15 +42,6 @@ builds: goarch: ppc64le - goos: windows goarch: arm64 - overrides: - - goos: darwin - goarch: amd64 - env: - - CGO_ENABLED=1 - - goos: darwin - goarch: arm64 - env: - - CGO_ENABLED=1 archives: - id: argocd-archive diff --git a/cmd/argocd-k8s-auth/commands/azure.go b/cmd/argocd-k8s-auth/commands/azure_cgo.go similarity index 96% rename from cmd/argocd-k8s-auth/commands/azure.go rename to cmd/argocd-k8s-auth/commands/azure_cgo.go index 357144c5ad586..a3cfe7254076f 100644 --- a/cmd/argocd-k8s-auth/commands/azure.go +++ b/cmd/argocd-k8s-auth/commands/azure_cgo.go @@ -1,3 +1,5 @@ +//go:build !darwin || (cgo && darwin) + package commands import ( diff --git a/cmd/argocd-k8s-auth/commands/azure_no_cgo.go b/cmd/argocd-k8s-auth/commands/azure_no_cgo.go new file mode 100644 index 0000000000000..f68fbbd51f780 --- /dev/null +++ b/cmd/argocd-k8s-auth/commands/azure_no_cgo.go @@ -0,0 +1,25 @@ +//go:build darwin && !cgo + +// Package commands +// This file is used when the GOOS is darwin and CGO is not enabled. +// It provides a no-op implementation of newAzureCommand to allow goreleaser to build +// a darwin binary on a linux machine. +package commands + +import ( + "log" + + "github.com/spf13/cobra" + + "github.com/argoproj/argo-cd/v3/util/workloadidentity" +) + +func newAzureCommand() *cobra.Command { + command := &cobra.Command{ + Use: "azure", + Run: func(c *cobra.Command, _ []string) { + log.Fatalf(workloadidentity.CGOError) + }, + } + return command +} diff --git a/util/workloadidentity/workloadidentity.go b/util/workloadidentity/workloadidentity.go index 08482b3ba6bdc..e49ae7cd7d0f1 100644 --- a/util/workloadidentity/workloadidentity.go +++ b/util/workloadidentity/workloadidentity.go @@ -1,12 +1,7 @@ package workloadidentity import ( - "context" "time" - - "github.com/Azure/azure-sdk-for-go/sdk/azcore" - "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" - "github.com/Azure/azure-sdk-for-go/sdk/azidentity" ) const ( @@ -22,34 +17,9 @@ type TokenProvider interface { GetToken(scope string) (*Token, error) } -type WorkloadIdentityTokenProvider struct { - tokenCredential azcore.TokenCredential -} - // Used to propagate initialization error if any var initError error -func NewWorkloadIdentityTokenProvider() TokenProvider { - cred, err := azidentity.NewDefaultAzureCredential(&azidentity.DefaultAzureCredentialOptions{}) - initError = err - return WorkloadIdentityTokenProvider{tokenCredential: cred} -} - -func (c WorkloadIdentityTokenProvider) GetToken(scope string) (*Token, error) { - if initError != nil { - return nil, initError - } - - token, err := c.tokenCredential.GetToken(context.Background(), policy.TokenRequestOptions{ - Scopes: []string{scope}, - }) - if err != nil { - return nil, err - } - - return &Token{AccessToken: token.Token, ExpiresOn: token.ExpiresOn}, nil -} - func CalculateCacheExpiryBasedOnTokenExpiry(tokenExpiry time.Time) time.Duration { // Calculate the cache expiry as 5 minutes before the token expires cacheExpiry := time.Until(tokenExpiry) - time.Minute*5 diff --git a/util/workloadidentity/workloadidentity_cgo.go b/util/workloadidentity/workloadidentity_cgo.go new file mode 100644 index 0000000000000..87a2e209c4c00 --- /dev/null +++ b/util/workloadidentity/workloadidentity_cgo.go @@ -0,0 +1,36 @@ +//go:build !darwin || (cgo && darwin) + +package workloadidentity + +import ( + "context" + + "github.com/Azure/azure-sdk-for-go/sdk/azcore" + "github.com/Azure/azure-sdk-for-go/sdk/azcore/policy" + "github.com/Azure/azure-sdk-for-go/sdk/azidentity" +) + +type WorkloadIdentityTokenProvider struct { + tokenCredential azcore.TokenCredential +} + +func NewWorkloadIdentityTokenProvider() TokenProvider { + cred, err := azidentity.NewDefaultAzureCredential(&azidentity.DefaultAzureCredentialOptions{}) + initError = err + return WorkloadIdentityTokenProvider{tokenCredential: cred} +} + +func (c WorkloadIdentityTokenProvider) GetToken(scope string) (*Token, error) { + if initError != nil { + return nil, initError + } + + token, err := c.tokenCredential.GetToken(context.Background(), policy.TokenRequestOptions{ + Scopes: []string{scope}, + }) + if err != nil { + return nil, err + } + + return &Token{AccessToken: token.Token, ExpiresOn: token.ExpiresOn}, nil +} diff --git a/util/workloadidentity/workloadidentity_no_cgo.go b/util/workloadidentity/workloadidentity_no_cgo.go new file mode 100644 index 0000000000000..53cad763ed4bd --- /dev/null +++ b/util/workloadidentity/workloadidentity_no_cgo.go @@ -0,0 +1,25 @@ +//go:build darwin && !cgo + +// Package workloadidentity +// This file is used when the GOOS is darwin and CGO is not enabled. +// It provides a no-op implementation of the WorkloadIdentityTokenProvider to allow goreleaser to build +// a darwin binary on a linux machine. +package workloadidentity + +import ( + "errors" +) + +type WorkloadIdentityTokenProvider struct { +} + +const CGOError = "CGO is not enabled, cannot use workload identity token provider" + +// Code that does not require CGO +func NewWorkloadIdentityTokenProvider() TokenProvider { + panic(CGOError) +} + +func (c WorkloadIdentityTokenProvider) GetToken(scope string) (*Token, error) { + return nil, errors.New(CGOError) +}