Skip to content

chore: Revise utility install scripts + add Smallstep step CLI#4376

Merged
polarathene merged 6 commits intomasterfrom
chore/install-stepcli
Mar 3, 2025
Merged

chore: Revise utility install scripts + add Smallstep step CLI#4376
polarathene merged 6 commits intomasterfrom
chore/install-stepcli

Conversation

@polarathene
Copy link
Copy Markdown
Member

@polarathene polarathene commented Feb 17, 2025
edited
Loading

Description

step isn't used for anything yet, so no rush for this PR, but it won't introduce any breakage into DMS v15 😅

Changes:

  • jaq should probably live in /usr/local/bin with other third-party sourced binaries.
  • swaks install properly with just tar, no mv + rm needed.
  • Added Smallstep step CLI. This serves similar purpose to openssl commands, but is generally nicer for usage with generation and inspection of certs/keys. I've talked up using in DMS a few times in the past for our TLS helper and unifying DKIM support (instead of separate OpenDKIM/Rspamd generators).
  • Including step for both AMD64 / ARM64 archs needs the alternate naming convention that it's published to GH releases with.
  • Added commentary about the tar usage. The ownership is a common one, technically a non-issue when running as root 🤷‍♂️ Let me know if it's overkill and you prefer the mv + rm approach with a additional chown.

Type of change

  • Improvement (non-breaking change that does improve existing functionality)

Checklist

  • My code follows the style guidelines of this project
  • I have performed a self-review of my code
  • I have commented my code, particularly in hard-to-understand areas
  • New and existing unit tests pass locally with my changes
  • I have added information about changes made in this PR to CHANGELOG.md

@polarathene polarathene self-assigned this Feb 17, 2025
@polarathene polarathene changed the title chore: Install jaq to /usr/local/bin + install swaks via tar chore: Revise utility install scripts + add Smallstep step CLI Feb 17, 2025
@polarathene polarathene marked this pull request as ready for review February 17, 2025 05:08
@georglauterbach georglauterbach added the meta/feature freeze On hold due to upcoming release process label Feb 18, 2025
@georglauterbach
Copy link
Copy Markdown
Member

georglauterbach commented Feb 18, 2025
edited
Loading

step isn't used for anything yet

No need to cram this into v15.0.0.

I also lack background for this change, it seems. What's the rationale here?

@georglauterbach georglauterbach added the kind/new feature A new feature is requested in this issue or implemeted with this PR label Feb 18, 2025
@georglauterbach georglauterbach added this to the v15.1.0 milestone Feb 18, 2025
@polarathene
Copy link
Copy Markdown
Member Author

polarathene commented Feb 18, 2025

I also lack background for this change, it seems. What's the rationale here?

For step? I explained this in the "changes" list regarding it.

I think it's a more user friendly openssl alternative that we can use for both TLS/X.509 certs and public-key cryptography (DKIM/ARC). It'd be useful for docs, troubleshooting advice (nicer output vs openssl, can output results as JSON too), self-signed cert and key generation.

As such it can replace the separate opendkim/rspamd DKIM key generators. Your rspamd script for example appears to start rspamd in the background just to generate the keys.

We could technically not add step into the image, but given the image already weighs over 700MB, 13MB isn't a big ask for the convenience to users and our docs.

Or were you asking about the other changes unrelated to step? Those should also be explained under the "changes" list I provided?

@georglauterbach
Copy link
Copy Markdown
Member

georglauterbach commented Feb 18, 2025

Sorry, I was blind I guess... I somehow missed it in the PR description.

I really like these modern tools! And I also appreciate this replacing the horrible openssl command ❤️👍🏼

@casperklein
Copy link
Copy Markdown
Member

casperklein commented Feb 19, 2025
edited
Loading

LGTM 👍 If there are more tools in the future, we should put them in own functions.

casperklein
casperklein previously approved these changes Feb 19, 2025
View reviewed changes
@georglauterbach georglauterbach removed the meta/feature freeze On hold due to upcoming release process label Mar 1, 2025
@georglauterbach georglauterbach modified the milestones: v15.1.0, v15.0.1 Mar 3, 2025
@georglauterbach georglauterbach moved this from New Feature Request to Implementation Phase in DMS Features & Tasks Mar 3, 2025
@georglauterbach
Copy link
Copy Markdown
Member

georglauterbach commented Mar 3, 2025

IMO we can put this into v15.0.1 too @polarathene if you update CHANGELOG.md.

@polarathene polarathene enabled auto-merge (squash) March 3, 2025 21:38
@polarathene polarathene merged commit d0629f4 into master Mar 3, 2025
@polarathene polarathene deleted the chore/install-stepcli branch March 3, 2025 21:58
@github-project-automation github-project-automation Bot moved this from Implementation Phase to Done in DMS Features & Tasks Mar 3, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@georglauterbach georglauterbach georglauterbach approved these changes

@casperklein casperklein casperklein left review comments

Assignees

@polarathene polarathene

Labels

area/scripts kind/new feature A new feature is requested in this issue or implemeted with this PR

Projects

DMS Features & Tasks
Status: Done

Milestone

v15.0.1

Development

Successfully merging this pull request may close these issues.

3 participants

@polarathene @georglauterbach @casperklein