From 0170969c7a31e07293cde03121bcfd67867dc30a Mon Sep 17 00:00:00 2001 From: Richard Hillmann Date: Fri, 24 Mar 2023 10:33:16 +0100 Subject: [PATCH 1/7] feat: Publish multi-arch docker image (amd64 and arm64) --- .github/workflows/build-push-image.yaml | 39 +++++++++++++++++++++++++ .github/workflows/release.canary.yml | 26 ++++------------- .github/workflows/release.latest.yml | 25 +++++++++------- cmd/proxy/Dockerfile | 17 ++++++++--- 4 files changed, 72 insertions(+), 35 deletions(-) create mode 100644 .github/workflows/build-push-image.yaml diff --git a/.github/workflows/build-push-image.yaml b/.github/workflows/build-push-image.yaml new file mode 100644 index 000000000..23543c98b --- /dev/null +++ b/.github/workflows/build-push-image.yaml @@ -0,0 +1,39 @@ +on: + workflow_call: + inputs: + version: + required: true + type: string + tags: + required: true + type: string + labels: + required: false + type: string + +jobs: + docker-push: + name: Build and publish docker image + runs-on: ubuntu-latest + steps: + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Login to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_USER }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: Build and push images + uses: docker/build-push-action@v4 + with: + file: cmd/proxy/Dockerfile + build-args: VERSION=${{ inputs.version }} + tags: ${{ inputs.tags }} + labels: ${{ inputs.labels }} + push: true + platforms: linux/amd64,linux/arm64 diff --git a/.github/workflows/release.canary.yml b/.github/workflows/release.canary.yml index 210aacd66..669af0198 100644 --- a/.github/workflows/release.canary.yml +++ b/.github/workflows/release.canary.yml @@ -8,27 +8,13 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - name: Login to Docker Hub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKER_USER }} - password: ${{ secrets.DOCKER_PASSWORD }} - - name: Build and push canary tag - uses: docker/build-push-action@v4 - with: - file: cmd/proxy/Dockerfile - build-args: VERSION=${{github.sha}} - tags: gomods/athens:canary - push: true + - name: Set Short SHA id: vars run: echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT - - name: Build and push commit tag - uses: docker/build-push-action@v4 + + - name: Build and push canary image + uses: ./.github/workflows/build-push-image.yaml with: - file: cmd/proxy/Dockerfile - build-args: VERSION=${{github.sha}} - tags: gomods/athens-dev:${{ steps.vars.outputs.sha_short }} - push: true + tags: gomods/athens:canary,gomods/athens-dev:${{ steps.vars.outputs.sha_short }} + version: ${{ github.sha }} \ No newline at end of file diff --git a/.github/workflows/release.latest.yml b/.github/workflows/release.latest.yml index 236b0619a..331ad92ac 100644 --- a/.github/workflows/release.latest.yml +++ b/.github/workflows/release.latest.yml @@ -8,17 +8,20 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - name: Login to Docker Hub - uses: docker/login-action@v2 + + - name: Docker meta + id: meta + uses: docker/metadata-action@v4 with: - username: ${{ secrets.DOCKER_USER }} - password: ${{ secrets.DOCKER_PASSWORD }} + images: | + gomods/athens + tags: | + type=raw,value=${{ github.ref_name }} + type=raw,value=latest + - name: Build and push latest tag - uses: docker/build-push-action@v4 + uses: ./.github/workflows/build-push-image.yaml with: - file: cmd/proxy/Dockerfile - build-args: VERSION=${{ github.ref_name }} - tags: gomods/athens:latest,gomods/athens:${{ github.ref_name }} - push: true + tags: {{ steps.meta.outputs.tags }} + labels: {{ steps.meta.outputs.labels }} + version: ${{ github.ref_name }} diff --git a/cmd/proxy/Dockerfile b/cmd/proxy/Dockerfile index ce788bf5b..3eff07e2b 100644 --- a/cmd/proxy/Dockerfile +++ b/cmd/proxy/Dockerfile @@ -8,15 +8,24 @@ ARG GOLANG_VERSION=1.20 ARG ALPINE_VERSION=3.17 -FROM golang:${GOLANG_VERSION}-alpine AS builder +FROM --platform=$BUILDPLATFORM golang:${GOLANG_VERSION}-alpine AS builder + +ARG VERSION="unset" \ + TARGETARCH + +ENV GOARCH=${TARGETARCH} \ + GO111MODULE=on \ + CGO_ENABLED=0 \ + GOPROXY="https://proxy.golang.org" WORKDIR $GOPATH/src/github.com/gomods/athens COPY . . -ARG VERSION="unset" - -RUN DATE="$(date -u +%Y-%m-%d-%H:%M:%S-%Z)" && GO111MODULE=on CGO_ENABLED=0 GOPROXY="https://proxy.golang.org" go build -ldflags "-X github.com/gomods/athens/pkg/build.version=$VERSION -X github.com/gomods/athens/pkg/build.buildDate=$DATE -s -w" -o /bin/athens-proxy ./cmd/proxy +RUN DATE="$(date -u +%Y-%m-%d-%H:%M:%S-%Z)" && \ + go build \ + -ldflags "-X github.com/gomods/athens/pkg/build.version=$VERSION -X github.com/gomods/athens/pkg/build.buildDate=$DATE -s -w" \ + -o /bin/athens-proxy ./cmd/proxy FROM alpine:${ALPINE_VERSION} From 136c95169714773eb13ea6ed5ad5ce95d9e86786 Mon Sep 17 00:00:00 2001 From: Richard Hillmann Date: Wed, 3 May 2023 08:51:00 +0200 Subject: [PATCH 2/7] review --- .github/workflows/release.latest.yml | 4 ++-- cmd/proxy/Dockerfile | 16 ++++++++-------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/release.latest.yml b/.github/workflows/release.latest.yml index 331ad92ac..b421ad268 100644 --- a/.github/workflows/release.latest.yml +++ b/.github/workflows/release.latest.yml @@ -22,6 +22,6 @@ jobs: - name: Build and push latest tag uses: ./.github/workflows/build-push-image.yaml with: - tags: {{ steps.meta.outputs.tags }} - labels: {{ steps.meta.outputs.labels }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} version: ${{ github.ref_name }} diff --git a/cmd/proxy/Dockerfile b/cmd/proxy/Dockerfile index 3eff07e2b..5a3a848cd 100644 --- a/cmd/proxy/Dockerfile +++ b/cmd/proxy/Dockerfile @@ -11,21 +11,21 @@ ARG ALPINE_VERSION=3.17 FROM --platform=$BUILDPLATFORM golang:${GOLANG_VERSION}-alpine AS builder ARG VERSION="unset" \ - TARGETARCH + TARGETARCH ENV GOARCH=${TARGETARCH} \ - GO111MODULE=on \ - CGO_ENABLED=0 \ - GOPROXY="https://proxy.golang.org" + GO111MODULE=on \ + CGO_ENABLED=0 \ + GOPROXY="https://proxy.golang.org" WORKDIR $GOPATH/src/github.com/gomods/athens COPY . . RUN DATE="$(date -u +%Y-%m-%d-%H:%M:%S-%Z)" && \ - go build \ - -ldflags "-X github.com/gomods/athens/pkg/build.version=$VERSION -X github.com/gomods/athens/pkg/build.buildDate=$DATE -s -w" \ - -o /bin/athens-proxy ./cmd/proxy + go build \ + -ldflags "-X github.com/gomods/athens/pkg/build.version=$VERSION -X github.com/gomods/athens/pkg/build.buildDate=$DATE -s -w" \ + -o /bin/athens-proxy ./cmd/proxy FROM alpine:${ALPINE_VERSION} @@ -39,7 +39,7 @@ RUN chmod 644 /config/config.toml # Add tini, see https://github.com/gomods/athens/issues/1155 for details. RUN apk add --update git git-lfs mercurial openssh-client subversion procps fossil tini && \ - mkdir -p /usr/local/go + mkdir -p /usr/local/go ARG USER=athens RUN adduser -D -h /home/$USER $USER From e5defae65d270c8b4332058128fec6e3e9ab9329 Mon Sep 17 00:00:00 2001 From: Richard Hillmann Date: Wed, 3 May 2023 13:20:31 +0200 Subject: [PATCH 3/7] rename yaml suffix --- .../workflows/{build-push-image.yaml => build-push-image.yml} | 0 .github/workflows/release.canary.yml | 2 +- .github/workflows/release.latest.yml | 2 +- 3 files changed, 2 insertions(+), 2 deletions(-) rename .github/workflows/{build-push-image.yaml => build-push-image.yml} (100%) diff --git a/.github/workflows/build-push-image.yaml b/.github/workflows/build-push-image.yml similarity index 100% rename from .github/workflows/build-push-image.yaml rename to .github/workflows/build-push-image.yml diff --git a/.github/workflows/release.canary.yml b/.github/workflows/release.canary.yml index 669af0198..da7ed9e04 100644 --- a/.github/workflows/release.canary.yml +++ b/.github/workflows/release.canary.yml @@ -14,7 +14,7 @@ jobs: run: echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT - name: Build and push canary image - uses: ./.github/workflows/build-push-image.yaml + uses: ./.github/workflows/build-push-image.yml with: tags: gomods/athens:canary,gomods/athens-dev:${{ steps.vars.outputs.sha_short }} version: ${{ github.sha }} \ No newline at end of file diff --git a/.github/workflows/release.latest.yml b/.github/workflows/release.latest.yml index b421ad268..5280e4fcc 100644 --- a/.github/workflows/release.latest.yml +++ b/.github/workflows/release.latest.yml @@ -20,7 +20,7 @@ jobs: type=raw,value=latest - name: Build and push latest tag - uses: ./.github/workflows/build-push-image.yaml + uses: ./.github/workflows/build-push-image.yml with: tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} From c3f1f79b7bef4ccf97b1e68e99409f1f45bdecac Mon Sep 17 00:00:00 2001 From: Richard Hillmann Date: Wed, 3 May 2023 14:41:36 +0200 Subject: [PATCH 4/7] do not use re-usable actions it has some limitations with secrets etc.. --- .github/workflows/build-push-image.yml | 39 -------------------------- .github/workflows/release.canary.yml | 24 ++++++++++++++-- .github/workflows/release.latest.yml | 23 +++++++++++++-- 3 files changed, 41 insertions(+), 45 deletions(-) delete mode 100644 .github/workflows/build-push-image.yml diff --git a/.github/workflows/build-push-image.yml b/.github/workflows/build-push-image.yml deleted file mode 100644 index 23543c98b..000000000 --- a/.github/workflows/build-push-image.yml +++ /dev/null @@ -1,39 +0,0 @@ -on: - workflow_call: - inputs: - version: - required: true - type: string - tags: - required: true - type: string - labels: - required: false - type: string - -jobs: - docker-push: - name: Build and publish docker image - runs-on: ubuntu-latest - steps: - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - - name: Login to Docker Hub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKER_USER }} - password: ${{ secrets.DOCKER_PASSWORD }} - - - name: Build and push images - uses: docker/build-push-action@v4 - with: - file: cmd/proxy/Dockerfile - build-args: VERSION=${{ inputs.version }} - tags: ${{ inputs.tags }} - labels: ${{ inputs.labels }} - push: true - platforms: linux/amd64,linux/arm64 diff --git a/.github/workflows/release.canary.yml b/.github/workflows/release.canary.yml index da7ed9e04..991e6cca8 100644 --- a/.github/workflows/release.canary.yml +++ b/.github/workflows/release.canary.yml @@ -9,12 +9,30 @@ jobs: steps: - uses: actions/checkout@v3 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + with: + platforms: linux/amd64,linux/arm64 + + - name: Login to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_USER }} + password: ${{ secrets.DOCKER_PASSWORD }} + - name: Set Short SHA id: vars run: echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT - - name: Build and push canary image - uses: ./.github/workflows/build-push-image.yml + - name: Build and push images + uses: docker/build-push-action@v4 with: + file: cmd/proxy/Dockerfile + build-args: VERSION=${{ github.sha }} tags: gomods/athens:canary,gomods/athens-dev:${{ steps.vars.outputs.sha_short }} - version: ${{ github.sha }} \ No newline at end of file + labels: ${{ inputs.labels }} + push: true + platforms: linux/amd64,linux/arm64 diff --git a/.github/workflows/release.latest.yml b/.github/workflows/release.latest.yml index 5280e4fcc..cda99273b 100644 --- a/.github/workflows/release.latest.yml +++ b/.github/workflows/release.latest.yml @@ -9,6 +9,20 @@ jobs: steps: - uses: actions/checkout@v3 + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + with: + platforms: linux/amd64,linux/arm64 + + - name: Login to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_USER }} + password: ${{ secrets.DOCKER_PASSWORD }} + - name: Docker meta id: meta uses: docker/metadata-action@v4 @@ -19,9 +33,12 @@ jobs: type=raw,value=${{ github.ref_name }} type=raw,value=latest - - name: Build and push latest tag - uses: ./.github/workflows/build-push-image.yml + - name: Build and push images + uses: docker/build-push-action@v4 with: + file: cmd/proxy/Dockerfile + build-args: VERSION=${{ github.ref_name }} tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} - version: ${{ github.ref_name }} + push: true + platforms: linux/amd64,linux/arm64 From ba4e69b26821b484d13aeb70802052aa70cbf1d8 Mon Sep 17 00:00:00 2001 From: Richard Hillmann Date: Wed, 3 May 2023 14:57:20 +0200 Subject: [PATCH 5/7] remove dockerfile --- cmd/proxy/Dockerfile | 51 -------------------------------------------- 1 file changed, 51 deletions(-) delete mode 100644 cmd/proxy/Dockerfile diff --git a/cmd/proxy/Dockerfile b/cmd/proxy/Dockerfile deleted file mode 100644 index 5a3a848cd..000000000 --- a/cmd/proxy/Dockerfile +++ /dev/null @@ -1,51 +0,0 @@ -# Links to compare against to ensure we have all VCS's setup in this build -# https://github.com/docker-library/buildpack-deps/blob/1845b3f918f69b4c97912b0d4d68a5658458e84f/stretch/scm/Dockerfile -# https://github.com/golang/go/blob/f082dbfd4f23b0c95ee1de5c2b091dad2ff6d930/src/cmd/go/internal/get/vcs.go#L90 -# -# You can override the Go version used to build the image. -# See project Makefile if using make. -# See docker --build-arg if building directly. -ARG GOLANG_VERSION=1.20 -ARG ALPINE_VERSION=3.17 - -FROM --platform=$BUILDPLATFORM golang:${GOLANG_VERSION}-alpine AS builder - -ARG VERSION="unset" \ - TARGETARCH - -ENV GOARCH=${TARGETARCH} \ - GO111MODULE=on \ - CGO_ENABLED=0 \ - GOPROXY="https://proxy.golang.org" - -WORKDIR $GOPATH/src/github.com/gomods/athens - -COPY . . - -RUN DATE="$(date -u +%Y-%m-%d-%H:%M:%S-%Z)" && \ - go build \ - -ldflags "-X github.com/gomods/athens/pkg/build.version=$VERSION -X github.com/gomods/athens/pkg/build.buildDate=$DATE -s -w" \ - -o /bin/athens-proxy ./cmd/proxy - -FROM alpine:${ALPINE_VERSION} - -ENV GO111MODULE=on - -COPY --from=builder /bin/athens-proxy /bin/athens-proxy -COPY --from=builder /go/src/github.com/gomods/athens/config.dev.toml /config/config.toml -COPY --from=builder /usr/local/go/bin/go /bin/go - -RUN chmod 644 /config/config.toml - -# Add tini, see https://github.com/gomods/athens/issues/1155 for details. -RUN apk add --update git git-lfs mercurial openssh-client subversion procps fossil tini && \ - mkdir -p /usr/local/go - -ARG USER=athens -RUN adduser -D -h /home/$USER $USER - -EXPOSE 3000 - -ENTRYPOINT [ "/sbin/tini", "--" ] - -CMD ["athens-proxy", "-config_file=/config/config.toml"] From 14896216dbb6864c87b60cd8486d62f2270099cc Mon Sep 17 00:00:00 2001 From: Richard Hillmann Date: Wed, 3 May 2023 14:57:37 +0200 Subject: [PATCH 6/7] Add dockerfile with proper spaces --- cmd/proxy/Dockerfile | 51 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 cmd/proxy/Dockerfile diff --git a/cmd/proxy/Dockerfile b/cmd/proxy/Dockerfile new file mode 100644 index 000000000..00e0671f5 --- /dev/null +++ b/cmd/proxy/Dockerfile @@ -0,0 +1,51 @@ +# Links to compare against to ensure we have all VCS's setup in this build +# https://github.com/docker-library/buildpack-deps/blob/1845b3f918f69b4c97912b0d4d68a5658458e84f/stretch/scm/Dockerfile +# https://github.com/golang/go/blob/f082dbfd4f23b0c95ee1de5c2b091dad2ff6d930/src/cmd/go/internal/get/vcs.go#L90 +# +# You can override the Go version used to build the image. +# See project Makefile if using make. +# See docker --build-arg if building directly. +ARG GOLANG_VERSION=1.20 +ARG ALPINE_VERSION=3.17 + +FROM --platform=$BUILDPLATFORM golang:${GOLANG_VERSION}-alpine AS builder + +ARG VERSION="unset" \ + TARGETARCH + +ENV GOARCH=${TARGETARCH} \ + GO111MODULE=on \ + CGO_ENABLED=0 \ + GOPROXY="https://proxy.golang.org" + +WORKDIR $GOPATH/src/github.com/gomods/athens + +COPY . . + +RUN DATE="$(date -u +%Y-%m-%d-%H:%M:%S-%Z)" && \ + go build \ + -ldflags "-X github.com/gomods/athens/pkg/build.version=$VERSION -X github.com/gomods/athens/pkg/build.buildDate=$DATE -s -w" \ + -o /bin/athens-proxy ./cmd/proxy + +FROM alpine:${ALPINE_VERSION} + +ENV GO111MODULE=on + +COPY --from=builder /bin/athens-proxy /bin/athens-proxy +COPY --from=builder /go/src/github.com/gomods/athens/config.dev.toml /config/config.toml +COPY --from=builder /usr/local/go/bin/go /bin/go + +RUN chmod 644 /config/config.toml + +# Add tini, see https://github.com/gomods/athens/issues/1155 for details. +RUN apk add --update git git-lfs mercurial openssh-client subversion procps fossil tini && \ + mkdir -p /usr/local/go + +ARG USER=athens +RUN adduser -D -h /home/$USER $USER + +EXPOSE 3000 + +ENTRYPOINT [ "/sbin/tini", "--" ] + +CMD ["athens-proxy", "-config_file=/config/config.toml"] From 7e3a2df63f28dc0bcfaece0fa97827e0acc4eab8 Mon Sep 17 00:00:00 2001 From: Richard Hillmann Date: Thu, 4 May 2023 08:50:25 +0200 Subject: [PATCH 7/7] add arm64 to goreleaser --- .github/workflows/release.canary.yml | 1 - .goreleaser.yml | 1 + 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.canary.yml b/.github/workflows/release.canary.yml index 991e6cca8..50754c2c8 100644 --- a/.github/workflows/release.canary.yml +++ b/.github/workflows/release.canary.yml @@ -33,6 +33,5 @@ jobs: file: cmd/proxy/Dockerfile build-args: VERSION=${{ github.sha }} tags: gomods/athens:canary,gomods/athens-dev:${{ steps.vars.outputs.sha_short }} - labels: ${{ inputs.labels }} push: true platforms: linux/amd64,linux/arm64 diff --git a/.goreleaser.yml b/.goreleaser.yml index 120ecc612..cd268e72e 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -12,6 +12,7 @@ builds: - darwin goarch: - amd64 + - arm64 main: cmd/proxy/main.go binary: athens ldflags: