Merge pull request #16 from fedepaol/buildinci

Build and push the image from CI
metallb · Jul 10, 2023 · 739112b · 739112b
2 parents 1670618 + 6f81cae
commit 739112b
Show file tree

Hide file tree

Showing 4 changed files with 165 additions and 42 deletions.
diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml
@@ -0,0 +1,110 @@
+name: Publish
+on:
+  push:
+    branches:
+      - "main"
+      - v*
+    tags:
+      - v*
+
+jobs:
+  unit-tests:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Cancel Previous Runs
+        uses: styfle/[email protected]
+        with:
+          access_token: ${{ github.token }}
+
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - uses: actions/setup-go@v4
+        with:
+          go-version-file: "go.mod"
+          cache: true
+
+      - uses: actions/setup-go@v4
+        with:
+          go-version-file: "go.mod"
+          cache: true
+
+      - name: Unit Tests
+        run: |
+          make test
+
+      - name: Lint
+        run: |
+          ENV=host make lint
+          make bumplicense
+          go mod tidy
+          pushd e2etests
+          go mod tidy
+          popd
+          make manifests
+          make checkuncommitted
+
+
+  publish-images:
+    runs-on: ubuntu-22.04
+    needs: [unit-tests]
+    permissions:
+      contents: read
+      id-token: write # needed for signing the images with GitHub OIDC Token
+    steps:
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+
+      - name: Install Cosign
+        uses: sigstore/cosign-installer@main
+        with:
+          cosign-release: "v1.13.1"
+
+      - name: Code checkout
+        uses: actions/checkout@v3
+
+      - name: Setup docker buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Log into Quay
+        uses: docker/login-action@v2
+        with:
+          registry: quay.io
+          username: ${{ secrets.QUAY_USER }}
+          password: ${{ secrets.QUAY_PASSWORD }}
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: |
+            quay.io/metallb/frr-k8s
+          # generate Docker tags based on the following events/attributes
+          tags: |
+            type=ref,event=branch
+            type=semver,pattern={{raw}}
+          labels: |
+            org.opencontainers.image.title=frr-k8s
+            org.opencontainers.image.description=frr-k8s, a cloud native wrapper of some frr features
+
+      - name: Build and push
+        uses: docker/build-push-action@v4
+        id: build-and-push
+        with:
+          context: .
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          file: Dockerfile
+          platforms: linux/amd64,linux/arm64,linux/s390x,linux/ppc64le,linux/arm/v7
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          push: true
+          build-args: |
+            GIT_BRANCH: ${{ github.ref_name }}
+            GIT_COMMIT: ${{ github.sha }}
+
+      - name: Cosign sign tags
+        run: cosign sign ${TAGS}
+        env:
+          TAGS: ${{ steps.meta.outputs.tags }}@${{ steps.build-and-push.outputs.digest }}
+          COSIGN_EXPERIMENTAL: 1
diff --git a/Dockerfile b/Dockerfile
@@ -1,34 +1,60 @@
-# Build the frr-k8s binary
-FROM golang:1.19 as builder
-ARG TARGETOS
-ARG TARGETARCH
+# syntax=docker/dockerfile:1.2
+
+FROM --platform=$BUILDPLATFORM docker.io/golang:1.19.5 AS builder
+ARG GIT_COMMIT=dev
+ARG GIT_BRANCH=dev
+WORKDIR $GOPATH/frr-k8s
 
-WORKDIR /workspace
-# Copy the Go Modules manifests
-COPY go.mod go.mod
-COPY go.sum go.sum
-# cache deps before building and copying source so that we don't need to re-download as much
-# and so that source changes don't invalidate our downloaded layer
+# Cache the downloads
+COPY go.mod go.sum ./
 RUN go mod download
 
-# Copy the go source
 COPY cmd/main.go cmd/main.go
 COPY api/ api/
 COPY internal/ internal/
 COPY frr-tools/metrics ./frr-tools/metrics/
 
-# Build
-# the GOARCH has not a default value to allow the binary be built according to the host where the command
-# was called. For example, if we call make docker-build in a local env which has the Apple Silicon M1 SO
-# the docker BUILDPLATFORM arg will be linux/arm64 when for Apple x86 it will be linux/amd64. Therefore,
-# by leaving it empty we can ensure that the container and binary shipped on it will have the same platform.
-RUN CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} go build -a -o frr-k8s cmd/main.go
-RUN CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} go build -a -o /build/frr-metrics frr-tools/metrics/exporter.go
-
-FROM alpine:latest
-WORKDIR /
-COPY --from=builder /workspace/frr-k8s .
+ARG TARGETARCH
+ARG TARGETOS
+ARG TARGETPLATFORM
+
+# have to manually convert as building the different arms can cause issues
+# Extract variant
+RUN case ${TARGETPLATFORM} in \
+  "linux/arm/v6") export VARIANT="6" ;; \
+  "linux/arm/v7") export VARIANT="7" ;; \
+  *) export VARIANT="" ;; \
+  esac
+
+# Cache builds directory for faster rebuild
+RUN --mount=type=cache,target=/root/.cache/go-build \
+  --mount=type=cache,target=/go/pkg \
+  # build frr metrics
+  CGO_ENABLED=0 GOOS=$TARGETOS GOARCH=$TARGETARCH GOARM=$VARIANT \
+  go build -v -o /build/frr-metrics \
+  -ldflags "-X 'frr-k8s/internal/version.gitCommit=${GIT_COMMIT}' -X 'frr-k8s/metallb/internal/version.gitBranch=${GIT_BRANCH}'" \
+  frr-tools/metrics/exporter.go \
+  && \
+  CGO_ENABLED=0 GOOS=$TARGETOS GOARCH=$TARGETARCH GOARM=$VARIANT \
+  go build -v -o /build/frr-k8s \
+  -ldflags "-X 'frr-k8s/internal/version.gitCommit=${GIT_COMMIT}' -X 'frr-k8s/internal/version.gitBranch=${GIT_BRANCH}'" \
+  cmd/main.go
+
+FROM docker.io/alpine:latest
+
+
+COPY --from=builder /build/frr-k8s /frr-k8s
 COPY --from=builder /build/frr-metrics /frr-metrics
 COPY frr-tools/reloader/frr-reloader.sh /frr-reloader.sh
+COPY LICENSE /
+
+LABEL org.opencontainers.image.authors="metallb" \
+  org.opencontainers.image.url="https://github.com/metallb/frr-k8s" \
+  org.opencontainers.image.source="https://github.com/metallb/frr-k8s" \
+  org.opencontainers.image.vendor="metallb" \
+  org.opencontainers.image.licenses="Apache-2.0" \
+  org.opencontainers.image.description="FRR-K8s" \
+  org.opencontainers.image.title="frr-k8s" \
+  org.opencontainers.image.base.name="docker.io/alpine:latest"
 
 ENTRYPOINT ["/frr-k8s"]
diff --git a/Makefile b/Makefile
@@ -73,31 +73,17 @@ run: manifests generate fmt vet ## Run a controller from your host.
 # If you wish built the k8s-frr image targeting other platforms you can use the --platform flag.
 # (i.e. docker build --platform linux/arm64 ). However, you must enable docker buildKit for it.
 # More info: https://docs.docker.com/develop/develop-images/build_enhancements/
+COMMIT := $(shell git describe --dirty --always)
+BRANCH = $(shell git rev-parse --abbrev-ref HEAD)
+
 .PHONY: docker-build
-docker-build: test ## Build docker image with the k8s-frr.
-	docker build -t ${IMG} .
+docker-build: ## Build docker image with the k8s-frr.
+	docker build -t ${IMG} --build-arg GIT_COMMIT=$${COMMIT} --build-arg GIT_BRANCH=$${BRANCH} .
 
 .PHONY: docker-push
 docker-push: ## Push docker image with the k8s-frr.
 	docker push ${IMG}
 
-# PLATFORMS defines the target platforms for  the k8s-frr image be build to provide support to multiple
-# architectures. (i.e. make docker-buildx IMG=myregistry/mypoperator:0.0.1). To use this option you need to:
-# - able to use docker buildx . More info: https://docs.docker.com/build/buildx/
-# - have enable BuildKit, More info: https://docs.docker.com/develop/develop-images/build_enhancements/
-# - be able to push the image for your registry (i.e. if you do not inform a valid value via IMG=<myregistry/image:<tag>> then the export will fail)
-# To properly provided solutions that supports more than one platform you should use this option.
-PLATFORMS ?= linux/arm64,linux/amd64,linux/s390x,linux/ppc64le
-.PHONY: docker-buildx
-docker-buildx: test ## Build and push docker image for the k8s-frr for cross-platform support
-	# copy existing Dockerfile and insert --platform=${BUILDPLATFORM} into Dockerfile.cross, and preserve the original Dockerfile
-	sed -e '1 s/\(^FROM\)/FROM --platform=\$$\{BUILDPLATFORM\}/; t' -e ' 1,// s//FROM --platform=\$$\{BUILDPLATFORM\}/' Dockerfile > Dockerfile.cross
-	- docker buildx create --name project-v3-builder
-	docker buildx use project-v3-builder
-	- docker buildx build --push --platform=$(PLATFORMS) --tag ${IMG} -f Dockerfile.cross .
-	- docker buildx rm project-v3-builder
-	rm Dockerfile.cross
-
 ##@ Deployment
 
 ifndef ignore-not-found

diff --git a/cmd/main.go b/cmd/main.go
@@ -36,6 +36,7 @@ import (
 	"github.com/metallb/frrk8s/internal/controller"
 	"github.com/metallb/frrk8s/internal/frr"
 	"github.com/metallb/frrk8s/internal/logging"
+	"github.com/metallb/frrk8s/internal/version"
 	//+kubebuilder:scaffold:imports
 )
 
@@ -108,7 +109,7 @@ func main() {
 		os.Exit(1)
 	}
 
-	setupLog.Info("starting manager")
+	setupLog.Info("starting frr-k8s", "version", version.String())
 	if err := mgr.Start(ctx); err != nil {
 		setupLog.Error(err, "problem running manager")
 		os.Exit(1)