Skip to content

Commit

Permalink
added docker build process for multi-platform builds
Browse files Browse the repository at this point in the history
  • Loading branch information
na4ma4 committed Jan 9, 2024
1 parent 89a7e71 commit c3c2eb3
Show file tree
Hide file tree
Showing 16 changed files with 218 additions and 143 deletions.
10 changes: 0 additions & 10 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,13 +13,3 @@ jobs:
name: "Unit Test"
uses: na4ma4/actions/.github/workflows/unit-test.yml@main

goreleaser:
name: "Goreleaser"
if: startsWith(github.ref, 'refs/tags/v')
needs:
- unit-test
uses: na4ma4/actions/.github/workflows/goreleaser.yml@main
secrets:
token: ${{ secrets.GITHUB_TOKEN }}
with:
docker: true
77 changes: 77 additions & 0 deletions .github/workflows/docker.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,77 @@
name: "Docker Release"

env:
DOCKER_IMAGE: 'ghcr.io/na4ma4/traefik-acme'
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
PLATFORMS: linux/amd64,linux/arm64

on:
pull_request:
push:
branches:
- main

jobs:
docker:
name: Docker
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Checkout
uses: actions/checkout@v4

- name: Docker metadata
id: meta
uses: docker/metadata-action@v5
with:
images: |
${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
flavor: |
latest=auto
tags: |
type=sha
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=raw,value=latest,enable={{is_default_branch}}
- name: Set up QEMU
if: ${{ steps.meta.outputs.tags != '' }}
uses: docker/setup-qemu-action@v3
with:
platforms: ${{ env.PLATFORMS }}

- name: Set up Docker Buildx
if: ${{ steps.meta.outputs.tags != '' }}
uses: docker/setup-buildx-action@v3
with:
platforms: ${{ env.PLATFORMS }}

- name: Docker Login
if: ${{ steps.meta.outputs.tags != '' }}
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Build and Push Docker image
if: ${{ steps.meta.outputs.tags != '' }}
uses: docker/build-push-action@v5
with:
context: ./
file: ./Dockerfile
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}

- name: Adding Docker Image Markdown Summary
if: ${{ steps.meta.outputs.tags != '' }}
run: |
echo "### Docker Image Deployed to Registry 🚀" >> "${GITHUB_STEP_SUMMARY}"
echo "" >> "${GITHUB_STEP_SUMMARY}"
echo "${{ steps.meta.outputs.tags }}" >> "${GITHUB_STEP_SUMMARY}"
2 changes: 1 addition & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -3,4 +3,4 @@
/artifacts/
/vendor/
/dist/
test/issue-52/*.pem
testdata/issue-52/*.pem
59 changes: 52 additions & 7 deletions .golangci.yml
Original file line number Diff line number Diff line change
@@ -1,12 +1,14 @@
# This code is licensed under the terms of the MIT license.
# This code is licensed under the terms of the MIT license https://opensource.org/license/mit
# Copyright (c) 2021 Marat Reymers

## Golden config for golangci-lint v1.52.1
## Golden config for golangci-lint v1.55.2
#
# This is the best config for golangci-lint based on my experience and opinion.
# It is very strict, but not extremely strict.
# Feel free to adopt and change it for your needs.
# Feel free to adapt and change it for your needs.
#
# Imported from https://gist.github.com/maratori/47a4d00457a92aa426dbd48a18776322
# Modified for na4ma4 repositories.
#

run:
Expand All @@ -32,6 +34,10 @@ linters-settings:
# Such cases aren't reported by default.
# Default: false
check-type-assertions: true
# List of functions to exclude from checking, where each entry is a single function to exclude.
# See https://github.com/kisielk/errcheck#excluding-functions for details.
exclude-functions:
- (*go.uber.org/zap.Logger).Sync

exhaustive:
# Program elements to check for exhaustiveness.
Expand Down Expand Up @@ -77,6 +83,9 @@ linters-settings:
# If lower than 0, disable the check.
# Default: 40
statements: 50
# Ignore comments when counting lines.
# Default false
ignore-comments: true

gocognit:
# Minimal code complexity to report.
Expand Down Expand Up @@ -104,14 +113,22 @@ linters-settings:
# `strconv.ParseInt`, `strconv.ParseUint`, `strconv.ParseFloat`.
# Default: []
ignored-functions:
- flag.Arg
- flag.Duration.*
- flag.Float.*
- flag.Int.*
- flag.Uint.*
- os.Chmod
- os.Mkdir
- os.MkdirAll
- os.Mkdir.*
- os.OpenFile
- os.WriteFile
- prometheus.ExponentialBuckets
- prometheus.ExponentialBucketsRange
- prometheus.ExponentialBuckets.*
- prometheus.LinearBuckets
- cobra.MinimumNArgs

gomoddirectives:
replace-allow-list:
- k8s.io/kube-openapi

gomodguard:
blocked:
Expand Down Expand Up @@ -205,6 +222,7 @@ linters:
- gocheckcompilerdirectives # validates go compiler directive comments (//go:)
- gochecknoglobals # checks that no global variables exist
- gochecknoinits # checks that no init functions are present in Go code
- gochecksumtype # checks exhaustiveness on Go "sum types"
- gocognit # computes and checks the cognitive complexity of functions
- goconst # finds repeated strings that could be replaced by a constant
- gocritic # provides diagnostics that check for bugs, performance and style issues
Expand All @@ -219,6 +237,7 @@ linters:
- lll # reports long lines
- loggercheck # checks key value pairs for common logger libraries (kitlog,klog,logr,zap)
- makezero # finds slice declarations with non-zero initial length
- mirror # reports wrong mirror patterns of bytes/strings usage
- musttag # enforces field tags in (un)marshaled structs
- nakedret # finds naked returns in functions greater than a specified function length
- nestif # reports deeply nested if statements
Expand All @@ -228,15 +247,19 @@ linters:
- nolintlint # reports ill-formed or insufficient nolint directives
- nonamedreturns # reports all named returns
- nosprintfhostport # checks for misuse of Sprintf to construct a host with port in a URL
- perfsprint # checks that fmt.Sprintf can be replaced with a faster alternative
- predeclared # finds code that shadows one of Go's predeclared identifiers
- promlinter # checks Prometheus metrics naming via promlint
- protogetter # reports direct reads from proto message fields when getters should be used
- reassign # checks that package variables are not reassigned
- revive # fast, configurable, extensible, flexible, and beautiful linter for Go, drop-in replacement of golint
- rowserrcheck # checks whether Err of rows is checked successfully
- sloglint # ensure consistent code style when using log/slog
- sqlclosecheck # checks that sql.Rows and sql.Stmt are closed
- stylecheck # is a replacement for golint
- tenv # detects using os.Setenv instead of t.Setenv since Go1.17
- testableexamples # checks if examples are testable (have an expected output)
- testifylint # checks usage of github.com/stretchr/testify
- testpackage # makes you use a separate _test package
- tparallel # detects inappropriate usage of t.Parallel() method in your Go test codes
- unconvert # removes unnecessary type conversions
Expand All @@ -252,11 +275,14 @@ linters:
#- ginkgolinter # [if you use ginkgo/gomega] enforces standards of using ginkgo and gomega
#- godox # detects FIXME, TODO and other comment keywords
#- goheader # checks is file header matches to pattern
#- inamedparam # [great idea, but too strict, need to ignore a lot of cases by default] reports interfaces with unnamed method parameters
#- interfacebloat # checks the number of methods inside an interface
#- ireturn # accept interfaces, return concrete types
#- prealloc # [premature optimization, but can be used in some cases] finds slice declarations that could potentially be preallocated
#- tagalign # checks that struct tags are well aligned
#- varnamelen # [great idea, but too many false positives] checks that the length of a variable's name matches its scope
#- wrapcheck # checks that errors returned from external packages are wrapped
#- zerologlint # detects the wrong usage of zerolog that a user forgets to dispatch zerolog.Event

## disabled
#- containedctx # detects struct contained context.Context field
Expand All @@ -269,6 +295,7 @@ linters:
#- goerr113 # [too strict] checks the errors handling expressions
#- gofmt # [replaced by goimports] checks whether code was gofmt-ed
#- gofumpt # [replaced by goimports, gofumports is not available yet] checks whether code was gofumpt-ed
#- gosmopolitan # reports certain i18n/l10n anti-patterns in your Go codebase
#- grouper # analyzes expression groups
#- importas # enforces consistent import aliases
#- maintidx # measures the maintainability index of each function
Expand Down Expand Up @@ -312,6 +339,24 @@ issues:
- gosec
- noctx
- wrapcheck
- linters: [ staticcheck ]
text: "options.AndFrom is deprecated"
- linters: [ staticcheck ]
text: "The component config package has been deprecated and will be removed in a future release."
- path: "cmd/"
linters:
- gochecknoinits
- gochecknoglobals
# Exclude `lll` issues for long lines with `go:generate`.
- linters:
- lll
source: '^//\s*\+kubebuilder:'
- linters:
- godot
source: '^//\s*\+optional'
- path: "api/v1/"
linters:
- gochecknoinits
# Allow dot imports for ginkgo and gomega
- source: ginkgo|gomega
linters:
Expand Down
71 changes: 0 additions & 71 deletions .goreleaser.yml

This file was deleted.

36 changes: 32 additions & 4 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,5 +1,33 @@
FROM scratch
ARG DOCKER_PLATFORM=linux/amd64
LABEL org.opencontainers.image.source https://github.com/na4ma4/traefik-acme
COPY artifacts/build/release/${DOCKER_PLATFORM}/traefik-acme /
# Build the manager binary
FROM golang:1.21 as builder
ARG TARGETOS
ARG TARGETARCH

WORKDIR /workspace
# Copy the Go Modules manifests
COPY go.mod go.mod
COPY go.sum go.sum
# cache deps before building and copying source so that we don't need to re-download as much
# and so that source changes don't invalidate our downloaded layer
RUN go mod download

# Copy the go source
COPY cmd cmd
COPY testdata testdata
COPY traefik traefik

# Build
# the GOARCH has not a default value to allow the binary be built according to the host where the command
# was called. For example, if we call make docker-build in a local env which has the Apple Silicon M1 SO
# the docker BUILDPLATFORM arg will be linux/arm64 when for Apple x86 it will be linux/amd64. Therefore,
# by leaving it empty we can ensure that the container and binary shipped on it will have the same platform.
RUN CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} go build -a -o traefik-acme ./cmd/traefik-acme/...

# Use distroless as minimal base image to package the manager binary
# Refer to https://github.com/GoogleContainerTools/distroless for more details
FROM gcr.io/distroless/static:nonroot
WORKDIR /
COPY --from=builder /workspace/traefik-acme .
USER 65532:65532

ENTRYPOINT [ "/traefik-acme" ]
4 changes: 0 additions & 4 deletions Dockerfile.goreleaser

This file was deleted.

Loading

0 comments on commit c3c2eb3

Please sign in to comment.