Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

refactor: Dockerfile and CI #69

Open
wants to merge 25 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from 12 commits
Commits
Show all changes
25 commits
Select commit Hold shift + click to select a range
4a0e2d0
refactor(dockerfile): cache friendly and ...
pratikbin Dec 18, 2021
3f28432
ci: use buildx for better caching with gha support
pratikbin Dec 18, 2021
93a2e2d
refactor: dockerfile and CI (#1)
pratikbin Dec 30, 2021
d81ff96
ci: undo release ci
pratikbin Dec 30, 2021
1b908e9
fix: bump dep
pratikbin Dec 31, 2021
fd4b628
feat: docker bake based image and bin creation
pratikbin Jan 13, 2022
2f3d680
Merge branch 'main' into feat/ci-and-dockerfile
pratikbin Jan 13, 2022
421a5f8
fix: download screenshot without browser
pratikbin Jan 13, 2022
c1c3ed2
fix: bake targets
pratikbin Jan 14, 2022
94c398a
docs: add slim image build time warning
pratikbin Jan 14, 2022
fa6757d
fix: container label title
pratikbin Jan 15, 2022
1ade628
Merge branch 'main' into feat/ci-and-dockerfile
im2nguyen Jan 24, 2022
01612ee
Update README.md
pratikbin Jan 25, 2022
d7b479c
Update README.md
pratikbin Jan 25, 2022
c11871a
Update README.md
pratikbin Jan 25, 2022
890110a
Merge branch 'main' into feat/ci-and-dockerfile
pratikbin Jan 25, 2022
96fc305
fix(ci): add id to outputs, qemu image is default so removed it
pratikbin Jan 25, 2022
8149140
chore: use keyword standard instead of fat, use inherits instead of t…
pratikbin Jan 25, 2022
8296921
feat(ui): npm build testing
pratikbin Jan 25, 2022
1e70ee9
docs: create docker.md, refactor README
pratikbin Jan 25, 2022
3a589a3
docs(docker): faq for notusing `distroless/static`
pratikbin Jan 25, 2022
c8580bd
docs: fix platforms
pratikbin Feb 9, 2022
cfaf54a
Merge branch 'main' into feat/ci-and-dockerfile
Feb 23, 2022
2090580
fix: artifact target
pratikbin Feb 23, 2022
badcedd
Merge branch 'main' into feat/ci-and-dockerfile
pratikbin Mar 16, 2022
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
45 changes: 31 additions & 14 deletions .github/workflows/publishDockerImage.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,25 +13,42 @@ jobs:
steps:
- name: Check out the repo
uses: actions/checkout@v2

- name: Log in to Docker Hub
if: ${{ github.event_name != 'pull_request' }}
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}

- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v3
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
with:
images: im2nguyen/rover

- name: Build and push Docker image
uses: docker/build-push-action@v2
image: tonistiigi/binfmt:latest
platforms: all

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1

- name: Set outputs
run: |
echo ::set-output name=version::$(cat ${GITHUB_EVENT_PATH} | jq -r '.release.tag_name')
echo ::set-output name=sha_short::${GITHUB_SHA::7}

- name: Build and push
uses: docker/bake-action@master
env:
TF_VERSION: "1.1.2"
NODE_VERSION: "16"
GO_VERSION: "1.17"
VERSION: ${{ steps.vars.outputs.version }}
GIT_SHA: ${{ steps.vars.outputs.sha_short }}
with:
context: .
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args:
TF_VERSION=1.1.2
targets: |
image-all
image-slim-all
push: ${{ github.event_name != 'pull_request' }}
files: docker-bake.hcl
set: |
*.cache-from=type=gha
*.cache-to=type=gha,mode=max
8 changes: 6 additions & 2 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,24 +14,28 @@ on:
push:
tags:
- "v*"

jobs:
goreleaser:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Unshallow
run: git fetch --prune --unshallow
with:
fetch-depth: 0

- name: Set up Go
uses: actions/setup-go@v2
with:
go-version: 1.17

- name: Import GPG key
id: import_gpg
uses: hashicorp/[email protected]
env:
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
PASSPHRASE: ${{ secrets.PASSPHRASE }}

- name: Run GoReleaser
uses: goreleaser/goreleaser-action@v2
with:
Expand Down
5 changes: 3 additions & 2 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,9 @@ rover
.DS_Store
rover.zip
plan.out
Dockerfile.test
.dist

# Ignore generated terraform files
.terraform**

.idea/
.idea/
5 changes: 4 additions & 1 deletion .goreleaser.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@ before:
hooks:
# this is just an example and not a requirement for provider building/publishing
- go mod tidy
- go mod download

builds:
- env:
# goreleaser does not work with CGO, it could also complicate
Expand All @@ -14,7 +16,7 @@ builds:
flags:
- -trimpath
ldflags:
- "-s -w -X main.version={{.Version}} -X main.commit={{.Commit}}"
- "-s -w"
goos:
- freebsd
- windows
Expand All @@ -29,6 +31,7 @@ builds:
- goos: darwin
goarch: "386"
binary: "{{ .ProjectName }}_v{{ .Version }}"

archives:
- format: zip
name_template: "{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}"
Expand Down
126 changes: 94 additions & 32 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,44 +1,106 @@
# Prep base stage
ARG TF_VERSION=light
# syntax = docker/dockerfile:1.3

# Build ui
FROM node:16-alpine as ui
ARG NODE_VERSION=16
ARG GO_VERSION=1.17

FROM --platform=$BUILDPLATFORM node:${NODE_VERSION}-alpine as ui
WORKDIR /src
# Copy specific package files
COPY ./ui/package-lock.json ./
COPY ./ui/package.json ./
COPY ./ui/babel.config.js ./
# Set Progress, Config and install
COPY ./ui/package*.json ./
RUN npm set progress=false && npm config set depth 0 && npm install
# Copy source
# Copy Specific Directories
COPY ./ui/public ./public
COPY ./ui/src ./src
# build (to dist folder)
RUN npm run build

# Build rover
FROM golang:1.17 AS rover
FROM --platform=$BUILDPLATFORM alpine:3.15 as terraform
SHELL ["/bin/sh", "-cex"]
ARG TF_VERSION="1.1.2"
ARG TARGETOS TARGETARCH
RUN wget -O tf.zip 'https://releases.hashicorp.com/terraform/'${TF_VERSION}'/terraform_'${TF_VERSION}'_'${TARGETOS}'_'${TARGETARCH}'.zip'; \
unzip tf.zip

FROM --platform=$BUILDPLATFORM crazymax/goreleaser-xx:latest AS goreleaser-xx
FROM --platform=$BUILDPLATFORM pratikimprowise/upx:3.96 AS upx
FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-alpine AS base
COPY --from=goreleaser-xx / /
COPY --from=upx / /
ENV CGO_ENABLED=0
RUN apk --update add --no-cache git ca-certificates && \
update-ca-certificates
WORKDIR /src
# Copy full source

FROM base AS vendored
RUN --mount=type=bind,target=.,rw \
--mount=type=cache,target=/go/pkg/mod \
go mod tidy && go mod download

FROM vendored AS binary
ARG TARGETPLATFORM
COPY --from=ui /src/dist /src/ui/dist
COPY . .
# Copy ui/dist from ui stage as it needs to embedded
COPY --from=ui ./src/dist ./ui/dist
# Build rover
RUN go get -d -v golang.org/x/net/html
RUN CGO_ENABLED=0 GOOS=linux go build -o rover .

# Release stage
FROM hashicorp/terraform:$TF_VERSION AS release
# Copy terraform binary to the rover's default terraform path
RUN cp /bin/terraform /usr/local/bin/terraform
# Copy rover binary
COPY --from=rover /src/rover /bin/rover
RUN chmod +x /bin/rover

# Install Google Chrome
RUN apk add chromium
RUN --mount=type=cache,target=/root/.cache \
--mount=type=cache,target=/go/pkg/mod \
goreleaser-xx --debug \
--name="rover" \
--main="." \
--dist="/out" \
--artifacts="bin" \
--artifacts="archive" \
--snapshot="no"

FROM scratch as fat
WORKDIR /tmp
WORKDIR /src
COPY --from=base /etc/ssl/certs/ /etc/ssl/certs/
COPY --from=terraform /terraform /usr/local/bin/terraform
COPY --from=binary /usr/local/bin/rover /usr/local/bin/rover
ENTRYPOINT ["/usr/local/bin/rover"]
##

## Slim image
FROM vendored AS binary-slim
COPY --from=ui /src/dist /src/ui/dist
COPY . .
ARG TARGETPLATFORM
RUN --mount=type=cache,target=/root/.cache \
--mount=type=cache,target=/go/pkg/mod \
goreleaser-xx --debug \
--name="rover-slim" \
--flags="-trimpath" \
--ldflags="-s -w" \
--main="." \
--dist="/out" \
--artifacts="bin" \
--artifacts="archive" \
--snapshot="no" \
--post-hooks="upx -v --ultra-brute --best /usr/local/bin/{{ .ProjectName }}{{ .Ext }}"

FROM terraform as slim-tf
COPY --from=upx / /
RUN upx -v --ultra-brute --best /terraform

FROM scratch as slim
WORKDIR /tmp
WORKDIR /src
COPY --from=base /etc/ssl/certs/ /etc/ssl/certs/
COPY --from=slim-tf /terraform /usr/local/bin/terraform
COPY --from=binary-slim /usr/local/bin/rover-slim /usr/local/bin/rover
ENTRYPOINT ["/usr/local/bin/rover"]
##

## get binary out
### non slim binary
FROM scratch AS artifact
COPY --from=binary /out /
###

### slim binary
FROM scratch AS artifact-slim
COPY --from=binary-slim /out /
###

ENTRYPOINT [ "/bin/rover" ]
### All binaries
FROM scratch AS artifact-all
COPY --from=binary /out /
COPY --from=binary-slim /out /
###
##
Loading