Merge pull request #223 from j-fuentes/multiarch

j-fuentes · web-flow · commit b2384c5add50 · 2021-04-13T19:26:08.000+02:00
Move to Github actions and add support for arm
diff --git a/.github/workflows/release-master.yml b/.github/workflows/release-master.yml
@@ -0,0 +1,57 @@
+# if changing this name, also update promotion.yaml
+name: release-master
+
+on:
+  push:
+    branches:
+      - master
+
+jobs:
+  golint:
+    name: vet fmt and lint
+    runs-on: ubuntu-20.04
+    container: golang:1.13.7
+    steps:
+    - uses: actions/checkout@v2.3.3
+    - name: Install golint
+      run: go get -u golang.org/x/lint/golint
+    - run: make lint
+      shell: bash
+  gotest:
+    name: go test
+    runs-on: ubuntu-20.04
+    container: golang:1.13.7
+    steps:
+    - uses: actions/checkout@v2.3.3
+    - run: make test
+  docker_build:
+    name: docker_build
+    runs-on: ubuntu-20.04
+    container:
+      image: docker:20.10.5
+      options: -t
+    # Setting up dind service container
+    services:
+      docker:
+        image: docker:20.10.5-dind
+        env:
+          DOCKER_DRIVER: overlay
+          DOCKER_HOST: tcp://localhost:2375
+    steps:
+    - name: Install Tools
+      run: apk add --update make git jq rsync curl
+    - uses: actions/checkout@v2.3.3
+    - name: Set up QEMU
+      uses: docker/setup-qemu-action@v1
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v1
+    - name: Login to registry
+      uses: docker/login-action@v1
+      with:
+        registry: quay.io
+        username: ${{ secrets.QUAY_USER }}
+        password: ${{ secrets.QUAY_PASSWORD }}
+    - name: Build and push
+      run: make push-docker-image
+    - name: Tag
+      run: make create-docker-image-tag NEW_TAG=canary
diff --git a/.github/workflows/release-tag.yml b/.github/workflows/release-tag.yml
@@ -0,0 +1,42 @@
+# if changing this name, also update promotion.yaml
+name: release-tag
+
+on:
+  push:
+    tags:
+      - v*
+
+jobs:
+  docker_tag:
+    name: docker_build
+    runs-on: ubuntu-20.04
+    container:
+      image: docker:20.10.5
+      options: -t
+    # Setting up dind service container
+    services:
+      docker:
+        image: docker:20.10.5-dind
+        env:
+          DOCKER_DRIVER: overlay
+          DOCKER_HOST: tcp://localhost:2375
+    steps:
+    - name: Install Tools
+      run: apk add --update make git jq rsync curl
+    - uses: actions/checkout@v2.3.3
+    - name: Capture tag in env
+      run: echo "TAG_LABEL=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
+    - name: Set up QEMU
+      uses: docker/setup-qemu-action@v1
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v1
+    - name: Login to registry
+      uses: docker/login-action@v1
+      with:
+        registry: quay.io
+        username: ${{ secrets.QUAY_USER }}
+        password: ${{ secrets.QUAY_PASSWORD }}
+    - name: Tag latest
+      run: make create-docker-image-tag NEW_TAG=latest
+    - name: Tag with git tag
+      run: make create-docker-image-tag NEW_TAG=${{ env.TAG_LEVEL }}
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -0,0 +1,52 @@
+# if changing this name, also update promotion.yaml
+name: test
+
+on:
+  push:
+    branches-ignore:
+      - master
+  pull_request:
+    branches:
+      - "*"
+
+jobs:
+  golint:
+    name: vet fmt and lint
+    runs-on: ubuntu-20.04
+    container: golang:1.13.7
+    steps:
+    - uses: actions/checkout@v2.3.3
+    - name: Install golint
+      run: go get -u golang.org/x/lint/golint
+    - run: make lint
+      shell: bash
+  gotest:
+    name: go test
+    runs-on: ubuntu-20.04
+    container: golang:1.13.7
+    steps:
+    - uses: actions/checkout@v2.3.3
+    - run: make test
+  docker_build:
+    name: docker_build
+    runs-on: ubuntu-20.04
+    container:
+      image: docker:20.10.5
+      options: -t
+    # Setting up dind service container
+    services:
+      docker:
+        image: docker:20.10.5-dind
+        env:
+          DOCKER_DRIVER: overlay
+          DOCKER_HOST: tcp://localhost:2375
+    steps:
+    - name: Install Tools
+      run: apk add --update make git jq rsync curl
+    - uses: actions/checkout@v2.3.3
+    - name: Set up QEMU
+      uses: docker/setup-qemu-action@v1
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v1
+    - name: Build images
+      run: make build-docker-image
diff --git a/Dockerfile b/Dockerfile
@@ -1,31 +1,10 @@
-# STAGE 1
-FROM golang:1.13.4 as builder
-
-WORKDIR /go/github.com/jetstack/preflight
-
-# Run a dependency resolve with just the go mod files present for
-# better caching
-COPY ./go.mod .
-COPY ./go.sum .
-
-RUN go mod download
-
-## Bring in everything else and build an amd64 image
-COPY . .
-
-ARG oauth_client_id
-ARG oauth_client_secret
-ARG oauth_auth_server_domain
+FROM gcr.io/distroless/base:nonroot
 
-RUN make install \
-  OAUTH_CLIENT_ID=${oauth_client_id} \
-  OAUTH_CLIENT_SECRET=${oauth_client_secret} \
-  OAUTH_AUTH_SERVER_DOMAIN=${oauth_auth_server_domain}
+# TARGETPLATFORM comes from the buildx context and it will be something like `linux/arm64/v8` or `linux/amd64`.
+# Ref: https://docs.docker.com/buildx/working-with-buildx/
+ARG TARGETPLATFORM
 
-# STAGE 2
-# Use a distroless nonroot base image for just our executable
-FROM gcr.io/distroless/base:nonroot
-COPY --from=builder /go/bin/preflight /bin/preflight
+COPY ./builds/${TARGETPLATFORM}/preflight /bin/preflight
 # load in an example config file
 ADD ./agent.yaml /etc/preflight/agent.yaml
 ENTRYPOINT ["preflight"]
diff --git a/Makefile b/Makefile
@@ -7,8 +7,13 @@ GOVERSION:=$(shell go version | awk '{print $$3 " " $$4}')
 GOOS:=$(shell go env GOOS)
 GOARCH:=$(shell go env GOARCH)
 
+BIN_NAME:=preflight
+
 DOCKER_IMAGE?=quay.io/jetstack/preflight
-DOCKER_IMAGE_TAG?=$(DOCKER_IMAGE):$(VERSION)
+DOCKER_IMAGE_TAG?=$(DOCKER_IMAGE):$(COMMIT)
+
+# BUILD_IN decides if the binaries will be built in `docker` or in the `host`.
+BUILD_IN?=docker
 
 # OAuth2 config for the agent to work with platform.jetstack.io
 OAUTH_CLIENT_ID?=k3TrDbfLhCgnpAbOiiT2kIE1AbovKzjo
@@ -52,57 +57,69 @@ vet:
 lint: vet
 	cd $(ROOT_DIR) && golint
 
-.PHONY: ./builds/preflight-$(GOOS)-$(GOARCH)
-./builds/preflight-$(GOOS)-$(GOARCH):
-	GOOS=$(GOOS) GOARCH=$(GOARCH) $(GO_BUILD) -o ./builds/preflight-$(GOOS)-$(GOARCH) .
-
-build-all-platforms:
-	$(MAKE) GOOS=linux   GOARCH=amd64 ./builds/preflight-linux-amd64
-	$(MAKE) GOOS=darwin  GOARCH=amd64 ./builds/preflight-darwin-amd64
-	$(MAKE) GOOS=windows GOARCH=amd64 ./builds/preflight-windows-amd64
 
-# Bundles
-
-./bundles/preflight-bundle-$(GOOS)-$(GOARCH).tgz: ./builds/preflight-$(GOOS)-$(GOARCH)
-	cd $(ROOT_DIR) && \
-	mkdir -p ./bundles && \
-	tar --transform "s/builds\/preflight-$(GOOS)-$(GOARCH)/preflight/" -rvf $@.tmp $< && \
-	gzip < $@.tmp > $@ && \
-	rm $@.tmp
-
-bundle-all-platforms:
-	$(MAKE) GOOS=linux   GOARCH=amd64 ./bundles/preflight-bundle-linux-amd64.tgz
-	$(MAKE) GOOS=darwin  GOARCH=amd64 ./bundles/preflight-bundle-darwin-amd64.tgz
-	$(MAKE) GOOS=windows GOARCH=amd64 ./bundles/preflight-bundle-windows-amd64.tgz
+.PHONY: ./builds/$(GOOS)/$(GOARCH)/$(BIN_NAME)
+./builds/$(GOOS)/$(GOARCH)/$(BIN_NAME):
+	GOOS=$(GOOS) GOARCH=$(GOARCH) $(GO_BUILD) -o ./builds/$(GOOS)/$(GOARCH)/$(BIN_NAME) .
+.PHONY: ./builds/$(GOOS)/$(GOARCH)/v$(GOARM)/$(BIN_NAME)
+./builds/$(GOOS)/$(GOARCH)/v$(GOARM)/$(BIN_NAME):
+	GOOS=$(GOOS) GOARCH=$(GOARCH) GOARM=$(GOARM) $(GO_BUILD) -o ./builds/$(GOOS)/$(GOARCH)/v$(GOARM)/$(BIN_NAME) .
+
+build-all-platforms: build-all-platforms-in-$(BUILD_IN)
+
+build-all-platforms-in-host:
+	$(MAKE) GOOS=linux   GOARCH=amd64       ./builds/linux/amd64/$(BIN_NAME)
+	$(MAKE) GOOS=linux   GOARCH=arm64       ./builds/linux/arm64/$(BIN_NAME)
+	$(MAKE) GOOS=linux   GOARCH=arm GOARM=7 ./builds/linux/arm/v7/$(BIN_NAME)
+	$(MAKE) GOOS=darwin  GOARCH=amd64       ./builds/darwin/amd64/$(BIN_NAME)
+	$(MAKE) GOOS=windows GOARCH=amd64       ./builds/windows/amd64/$(BIN_NAME)
+
+build-all-platforms-in-docker:
+	rm -rf ./builds
+	docker build --rm -t preflight-bin -f ./builder.dockerfile \
+		--build-arg oauth_client_id=$(OAUTH_CLIENT_ID) \
+		--build-arg oauth_client_secret=$(OAUTH_CLIENT_SECRET) \
+		--build-arg oauth_auth_server_domain=$(OAUTH_AUTH_SERVER_DOMAIN) \
+		.
+	docker create --rm --name=preflight-bin-container preflight-bin
+	docker cp preflight-bin-container:/go/github.com/jetstack/preflight/builds ./builds
+	docker rm preflight-bin-container
+	docker rmi preflight-bin
 
 # Docker image
-
-build-docker-image:
-	docker build --tag $(DOCKER_IMAGE_TAG) \
-	--build-arg oauth_client_id=$(OAUTH_CLIENT_ID) \
-	--build-arg oauth_client_secret=$(OAUTH_CLIENT_SECRET) \
-	--build-arg oauth_auth_server_domain=$(OAUTH_AUTH_SERVER_DOMAIN) \
+PLATFORMS?=linux/arm/v7,linux/arm64/v8,linux/amd64
+BUILDX_EXTRA_ARGS?=
+
+push_buildx_args=--push $(BUILDX_EXTRA_ARGS)
+push-canary_buildx_args=--tag $(DOCKER_IMAGE):canary --push $(BUILDX_EXTRA_ARGS)
+build_buildx_args=$(BUILDX_EXTRA_ARGS)
+
+.PHONY: _docker-%
+_docker-%: build-all-platforms
+	docker buildx build --platform $(PLATFORMS) \
+	--tag $(DOCKER_IMAGE_TAG) \
+	$($*_buildx_args) \
 	.
 
-push-docker-image:
-	docker tag $(DOCKER_IMAGE_TAG) $(DOCKER_IMAGE):latest
-	docker push $(DOCKER_IMAGE_TAG)
-	docker push $(DOCKER_IMAGE):latest
+build-docker-image: _docker-build
+push-docker-image: _docker-push
 
-push-docker-image-canary:
-	docker tag $(DOCKER_IMAGE_TAG) $(DOCKER_IMAGE):canary
-	docker push $(DOCKER_IMAGE_TAG)
-	docker push $(DOCKER_IMAGE):canary
+NEW_TAG?=latest
+create-docker-image-tag:
+	docker buildx imagetools create $(DOCKER_IMAGE):$(COMMIT) --tag $(DOCKER_IMAGE):$(NEW_TAG)
 
 # CI
 
 export PATH:=$(GOPATH)/bin:$(PATH)
 
 ci-deps:
+	echo "ci-deps is going to be disabled. We are adopting Github actions"
 	go install golang.org/x/lint/golint
 
 ci-test: ci-deps test lint
 
 ci-build: ci-test build build-docker-image build-all-platforms bundle-all-platforms push-docker-image-canary
+	echo "ci-build is going to be disabled. We are adopting Github actions"
 
 ci-publish: ci-build push-docker-image
+	echo "ci-publish is going to be disabled. We are adopting Github actions"
diff --git a/builder.dockerfile b/builder.dockerfile
@@ -0,0 +1,23 @@
+FROM golang:1.13.4 as builder
+
+WORKDIR /go/github.com/jetstack/preflight
+
+# Run a dependency resolve with just the go mod files present for
+# better caching
+COPY ./go.mod .
+COPY ./go.sum .
+
+RUN go mod download
+
+## Bring in everything else
+COPY . .
+
+ARG oauth_client_id
+ARG oauth_client_secret
+ARG oauth_auth_server_domain
+
+RUN make build-all-platforms \
+    BUILD_IN=host \
+    OAUTH_CLIENT_ID=${oauth_client_id} \
+    OAUTH_CLIENT_SECRET=${oauth_client_secret} \
+    OAUTH_AUTH_SERVER_DOMAIN=${oauth_auth_server_domain}
