diff --git a/.github/actions/build-image/action.yaml b/.github/actions/build-image/action.yaml new file mode 100644 index 00000000..c6324520 --- /dev/null +++ b/.github/actions/build-image/action.yaml @@ -0,0 +1,48 @@ +name: Build multiarch image +description: Builds a multiarch image + +inputs: + image_tag: + description: The image tag + required: true + token: + description: Github token + required: true + +outputs: + image: + description: The full image name and tag + value: ghcr.io/${{ github.repository }}:${{ inputs.image_tag }} + +runs: + using: composite + + steps: + - uses: docker/setup-qemu-action@v1 + with: + image: tonistiigi/binfmt:latest + platforms: all + + - uses: wistia/parse-tool-versions@v1.0 + + - uses: earthly/actions-setup@v1 + with: { version: "v${{ env.EARTHLY_TOOL_VERSION }}" } + + - name: login to registry + uses: docker/login-action@v1 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ inputs.token }} + + - name: Build and push the Docker image + shell: bash + run: | + GIT_COMMIT=$(git rev-parse --short HEAD) + + earthly \ + --push \ + +build \ + --GIT_TAG=${{ inputs.image_tag }} \ + --GIT_COMMIT=${GIT_COMMIT} \ + --IMAGE_NAME=ghcr.io/${{ github.repository }}:${{ inputs.image_tag }} diff --git a/.github/workflows/on_pull_request.yaml b/.github/workflows/on_pull_request.yaml index 8995cd75..4cc4e68d 100644 --- a/.github/workflows/on_pull_request.yaml +++ b/.github/workflows/on_pull_request.yaml @@ -15,10 +15,8 @@ on: - synchronize env: - FS_IMAGE: ghcr.io/${{ github.repository }} FS_TAG: 0.0.0-pr${{ github.event.pull_request.number }} -# TODO: Move this to repo config jobs: build: runs-on: ubuntu-22.04 @@ -28,48 +26,16 @@ jobs: packages: write pull-requests: write - strategy: - matrix: - platform: - - linux/amd64 -# - linux/arm64 - steps: - - name: Set up QEMU - id: qemu - uses: docker/setup-qemu-action@v1 - with: - image: tonistiigi/binfmt:latest - platforms: all - if: matrix.platform == 'linux/arm64' - - uses: actions/checkout@v3 - - name: extract git sha - run: echo "GIT_SHA_SHORT=$(git rev-parse --short HEAD)" >> $GITHUB_ENV - - # Reads in .tools-versions and spits out env variables - - uses: wistia/parse-tool-versions@v1.0 - - - uses: docker/login-action@v2 + - uses: ./.github/actions/build-image + id: build-image with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - uses: earthly/actions-setup@v1 - with: { version: "v${{ env.EARTHLY_TOOL_VERSION }}" } - - - run: | - earthly \ - --push \ - --platform ${{ matrix.platform }} \ - +docker \ - --GIT_COMMIT=${{ env.GIT_SHA_SHORT }} \ - --GIT_TAG=${{ env.FS_TAG }} \ - --IMAGE_NAME=${{ env.FS_IMAGE }}:${{ env.FS_TAG }} + image_tag: ${{ env.FS_TAG }} + token: ${{ secrets.GITHUB_TOKEN }} - uses: mshick/add-pr-comment@v2 with: message: | - Temporary image available at `${{ env.FS_IMAGE }}:${{ env.FS_TAG }}`. + Temporary image available at `${{ steps.build-image.outputs.image }}`. diff --git a/.github/workflows/on_push_to_main.yaml b/.github/workflows/on_push_to_main.yaml index fc04a0f3..c226240e 100644 --- a/.github/workflows/on_push_to_main.yaml +++ b/.github/workflows/on_push_to_main.yaml @@ -7,112 +7,22 @@ env: FS_IMAGE: ghcr.io/${{ github.repository }} jobs: - set-version: - runs-on: ubuntu-22.04 - - steps: - - uses: actions/checkout@v3 - with: - # need to get everything so that 'git describe' works - fetch-depth: 0 - - - run: | - echo "export GIT_COMMIT=$(git rev-parse --short HEAD)" >> vars.sh - echo "export GIT_TAG=$(git describe)" >> vars.sh - - - uses: actions/upload-artifact@v3 - with: - name: vars.sh - path: vars.sh - release-docker: runs-on: ubuntu-22.04 - needs: - - set-version - permissions: contents: read packages: write - strategy: - matrix: - platform: -# - { earthly: linux/arm64, suffix: linux-arm64 } - - { earthly: linux/amd64, suffix: linux-amd64 } - steps: - - name: Set up QEMU - id: qemu - uses: docker/setup-qemu-action@v1 - with: - image: tonistiigi/binfmt:latest - platforms: all - if: matrix.platform == 'linux/arm64' - - uses: actions/checkout@v3 - - uses: wistia/parse-tool-versions@v1.0 - - - uses: earthly/actions-setup@v1 - with: { version: "v${{ env.EARTHLY_TOOL_VERSION }}" } - - - name: login to registry - uses: docker/login-action@v1 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} - - - uses: actions/download-artifact@v3 - with: - name: vars.sh - - - name: Build and push the Docker image - run: | - source vars.sh - - ./earthly \ - --platform ${{ matrix.platform.earthly }} \ - --push \ - +docker \ - --GIT_TAG=${GIT_TAG} \ - --GIT_COMMIT=${GIT_COMMIT} \ - --IMAGE_NAME=${{ env.FS_IMAGE }}:${GIT_TAG}-${{ matrix.platform.suffix }} - - release-multiarch: - runs-on: ubuntu-22.04 - - needs: - - release-docker - - permissions: - packages: write - - steps: - - name: login to registry - uses: docker/login-action@v1 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} - - - uses: actions/download-artifact@v3 - with: - name: vars.sh - - - name: extract sha - run: | - source vars.sh - echo "GIT_TAG=${GIT_TAG}" >> "$GITHUB_OUTPUT" - id: vars + - run: echo "GIT_TAG=$(git describe)" >> $GITHUB_ENV - - uses: int128/docker-manifest-create-action@v1 + - uses: ./.github/actions/build-image with: - tags: ghcr.io/${{ github.repository_owner }}/kubechecks:${{ steps.vars.outputs.GIT_TAG }} - suffixes: | - -linux-amd64 -# -linux-arm64 + image_tag: ${{ env.GIT_TAG }} + token: ${{ secrets.GITHUB_TOKEN }} release-helm: runs-on: ubuntu-22.04 diff --git a/.github/workflows/on_release_published.yaml b/.github/workflows/on_release_published.yaml index bceda9c8..599ec584 100644 --- a/.github/workflows/on_release_published.yaml +++ b/.github/workflows/on_release_published.yaml @@ -13,74 +13,10 @@ jobs: contents: read packages: write - strategy: - matrix: - platform: -# - { earthly: linux/arm64, suffix: linux-arm64 } - - { earthly: linux/amd64, suffix: linux-amd64 } - steps: - - name: Set up QEMU - id: qemu - uses: docker/setup-qemu-action@v1 - with: - image: tonistiigi/binfmt:latest - platforms: all - if: matrix.platform == 'linux/arm64' - - uses: actions/checkout@v3 - - uses: wistia/parse-tool-versions@v1.0 - - - uses: earthly/actions-setup@v1 - with: { version: "v${{ env.EARTHLY_TOOL_VERSION }}" } - - - name: extract tag and sha - run: | - echo "GIT_COMMIT=$(git rev-parse --short HEAD)" >> $GITHUB_ENV - echo "GIT_TAG=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV - - - name: login to registry - uses: docker/login-action@v1 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Build and push the Docker image - run: | - earthly \ - --platform ${{ matrix.platform.earthly }} \ - --push \ - +docker \ - --GIT_TAG=${{ env.GIT_TAG }} \ - --GIT_COMMIT=${{ env.GIT_COMMIT }} \ - --IMAGE_NAME=ghcr.io/${{ github.repository_owner }}/kubechecks:${{ env.GIT_TAG }}-${{ matrix.platform.suffix }} - - release-multiarch: - runs-on: ubuntu-22.04 - - needs: - - release-docker - - permissions: - packages: write - - steps: - - name: extract tag and sha - run: | - echo "GIT_RELEASE_TAG=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV - - - name: login to registry - uses: docker/login-action@v1 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} - - - uses: int128/docker-manifest-create-action@v1 + - uses: ./.github/actions/build-image with: - tags: ghcr.io/${{ github.repository_owner }}/kubechecks:${{ env.GIT_RELEASE_TAG }} - suffixes: | - -linux-amd64 -# -linux-arm64 + image_tag: ${{ github.ref }} + token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.tool-versions b/.tool-versions index 979531c6..8c5e94a5 100644 --- a/.tool-versions +++ b/.tool-versions @@ -1,4 +1,4 @@ -earthly 0.7.22 +earthly 0.7.23 golang 1.19.11 helm 3.12.2 helm-cr 1.6.1 diff --git a/Earthfile b/Earthfile index 9c0a8d58..f8ed5958 100644 --- a/Earthfile +++ b/Earthfile @@ -23,7 +23,10 @@ release: go-deps: ARG GOLANG_VERSION="1.19.3" - FROM golang:$GOLANG_VERSION-bullseye + ARG GOOS=linux + ARG GOARCH=amd64 + + FROM --platform=linux/amd64 golang:$GOLANG_VERSION-bullseye ENV GO111MODULE=on ENV CGO_ENABLED=0 @@ -58,24 +61,26 @@ test-golang: RUN go test ./... build-binary: - FROM +go-deps - ARG GOOS=linux ARG GOARCH=amd64 ARG VARIANT ARG --required GIT_TAG ARG --required GIT_COMMIT + FROM --platform=linux/amd64 +go-deps + WORKDIR /src COPY . /src RUN GOARM=${VARIANT#v} go build -ldflags "-X github.com/zapier/kubechecks/pkg.GitCommit=$GIT_COMMIT -X github.com/zapier/kubechecks/pkg.GitTag=$GIT_TAG" -o kubechecks SAVE ARTIFACT kubechecks docker: - FROM ubuntu:20.04 ARG --required IMAGE_NAME + ARG TARGETPLATFORM + ARG TARGETARCH ARG TARGETVARIANT + FROM --platform=$TARGETPLATFORM ubuntu:20.04 RUN apt update && apt install -y ca-certificates curl git WORKDIR /tmp @@ -110,7 +115,7 @@ docker: VOLUME /app/policies VOLUME /app/schemas - COPY (+build-binary/kubechecks --GOARCH=amd64 --VARIANT=$TARGETVARIANT) . + COPY (+build-binary/kubechecks --platform=linux/amd64 --GOARCH=$TARGETARCH --VARIANT=$TARGETVARIANT) . RUN ./kubechecks help CMD ["./kubechecks", "controller"]