Move ls, version, and checksum to own files

Signed-off-by: Nicholas Wilde <[email protected]>
nicholaswilde · May 22, 2021 · 137a473 · 137a473
1 parent 05edcb0
commit 137a473
Show file tree

Hide file tree

Showing 21 changed files with 781 additions and 60 deletions.
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -13,98 +13,211 @@ name: ci
 # or API.
 on:
   workflow_dispatch:
-    # Inputs the workflow accepts.
-    inputs:
-      version:
-        # Friendly description to be shown in the UI instead of 'name'
-        description: 'Version'
-        # Default value if no value is explicitly provided
-        default: '2.1.7'
-        # Input has to be provided for the workflow to run
-        required: true
-      ls:
-        description: 'ls'
-        default: 'ls5'
-        required: true
+  pull_request:
+    paths:
+      - 'Dockerfile'
+      - 'LS'
+      - 'VERSION'
+  push:
+    branches:
+      - main
+    paths:
+      - 'Dockerfile'
+      - 'LS'
+      - 'VERSION'
+
+env:
+  # How long to sleep before running the tests (gives the application time to start)
+  GOSS_SLEEP: 30
 
 jobs:
-  main:
+  prep:
+    runs-on: ubuntu-latest
+    outputs:
+      version: ${{ steps.prep.outputs.version }}
+      checksum: ${{ steps.prep.outputs.checksum }}
+      ls: ${{ steps.prep.outputs.ls }}
+      goss: ${{ steps.prep.outputs.goss }}
+      push: ${{ steps.prep.outputs.push }}
+      tag: ${{ steps.prep.outputs.version }}-ls${{ steps.prep.outputs.ls }}
+      repo_name: ${{ steps.prep.outputs.repo_name }}
+      date: ${{ steps.prep.outputs.date }}
+
+    steps:
+      - name: Checkout
+        uses: actions/[email protected]
+
+      # Define if tests and push should be run against which versions/platforms
+      - name: Prepare
+        id: prep
+        run: |
+          VERSION=$(cat ./VERSION)
+          echo ::set-output name=version::${VERSION}
+          LS=$(cat ./LS)
+          echo ::set-output name=ls::${LS}
+          REPO_NAME=$(echo "${{ github.event.repository.name }}" | sed 's/[^-]*-//')
+          echo ::set-output name=repo_name::${REPO_NAME}
+          DATE=$(date -u +%Y-%m-%dT%H%M%SZ)
+          echo ::set-output name=date::${DATE}
+          if test -f "./CHECKSUM"; then
+            CHECKSUM=$(cat ./CHECKSUM)
+            echo ::set-output name=checksum::${CHECKSUM}
+          else
+            echo ::set-output name=checksum::""
+          fi
+          if test -f "./goss.yaml"; then
+            echo ::set-output name=goss::true
+          else
+            echo ::set-output name=goss::false
+          fi
+          if [ "${{github.event_name}}" == "pull_request" ]; then
+            echo ::set-output name=push::false
+          else
+            echo ::set-output name=push::true
+          fi
+
+  tag-does-not-exist:
+    runs-on: ubuntu-latest
+    needs: prep
+    outputs:
+      exists: ${{ steps.checkTag.outputs.exists }}
+    steps:
+      - name: Check if tag already exists
+        uses: mukunku/[email protected]
+        id: checkTag
+        with:
+          tag: ${{ needs.prep.outputs.tag }}
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Fail if tag already exists
+        id: set
+        run: |
+          if ${{ steps.checkTag.outputs.exists }} == true; then
+            echo "${{needs.prep.outputs.tag}} already exists"
+            exit 1
+          fi
+
+  build:
     runs-on: ubuntu-latest
+    if: always() # Run regardless if tag-does-not-exist fails
+    needs:
+      - prep
+      - tag-does-not-exist
     steps:
-      -
-        name: Get tag
-        run: echo "tag=${{ github.event.inputs.version }}-${{ github.event.inputs.ls }}" >> $GITHUB_ENV
-      -
-        name: Remove docker from the repo name
-        run: echo "repo_name=$(echo "${{ github.event.repository.name }}" | sed 's/[^-]*-//')" >> $GITHUB_ENV
-      -
-        name: Get current date
-        run: echo "date=$(date -u +%Y-%m-%dT%H%M%SZ)" >> $GITHUB_ENV
-      -
-        name: Checkout
+      - name: Checkout
         uses: actions/[email protected]
-      -
-        name: Set up QEMU
+
+      - name: Set up QEMU
         uses: docker/[email protected]
-      -
-        name: Set up Docker Buildx
+
+      - name: Set up Docker Buildx
         uses: docker/[email protected]
         with:
           driver-opts: image=moby/buildkit:master
-      -
-        name: Cache Docker layers
+
+      - name: Cache Docker layers
         uses: actions/[email protected]
         with:
           path: /tmp/.buildx-cache
           key: ${{ runner.os }}-buildx-${{ github.sha }}
           restore-keys: |
             ${{ runner.os }}-buildx-
-      -
-        name: Login to DockerHub
+
+      # Install the GOSS testing framework
+      - name: Set up goss/dgoss
+        uses: e1himself/[email protected]
+        if: needs.prep.outputs.goss == 'true'
+        with:
+          version: 'v0.3.16'
+
+      # Creates a local build to run tests on
+      - name: Build and Load local test-container
+        uses: docker/build-push-action@v2
+        if: needs.prep.outputs.goss == 'true'
+        with:
+          build-args: |
+            VERSION=${{ needs.prep.outputs.version }}
+            CHECKSUM=${{ needs.prep.outputs.checksum }}
+          context: .
+          file: ./Dockerfile
+          load: true
+          tags: |
+            ghcr.io/${{ github.repository_owner }}/${{needs.prep.outputs.repo_name}}:test
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-new
+
+      # Run GOSS tests if included with the container
+      - name: Run GOSS tests
+        if: needs.prep.outputs.goss == 'true'
+        env:
+          GOSS_FILE: ./goss.yaml
+        run: |
+          dgoss run ghcr.io/${{ github.repository_owner }}/${{needs.prep.outputs.repo_name}}:test
+
+      - name: Login to DockerHub
         uses: docker/[email protected]
+        if: github.event_name != 'pull_request' && needs.tag-does-not-exist.outputs.exists == 'false'
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
-      -
-        name: Login to GitHub Container Registry
+
+      - name: Login to GitHub Container Registry
         uses: docker/[email protected]
+        if: github.event_name != 'pull_request'  && needs.tag-does-not-exist.outputs.exists == 'false'
         with:
           registry: ghcr.io
           username: ${{ github.repository_owner }}
           password: ${{ secrets.CR_PAT }}
-      -
-        name: Login to Quay Registry
+
+      - name: Login to Quay Registry
         uses: docker/[email protected]
+        if: github.event_name != 'pull_request' && needs.tag-does-not-exist.outputs.exists == 'false'
         with:
           registry: quay.io
           username: ${{ secrets.QUAY_USERNAME }}
           password: ${{ secrets.QUAY_TOKEN }}
-      -
-        name: Build and push
+
+      - name: Build and push
         uses: docker/[email protected]
         with:
           context: .
           file: ./Dockerfile
           platforms: linux/amd64,linux/arm/v7,linux/arm64
-          push: true
+          push: ${{ needs.prep.outputs.push }}
           build-args: |
-            BUILD_DATE=${{ env.date }}
-            VERSION=${{ github.event.inputs.version }}
+            BUILD_DATE=${{ needs.prep.outputs.date }}
+            VERSION=${{ needs.prep.outputs.version }}
+            CHECKSUM=${{ needs.prep.outputs.checksum }}
           tags: |
-            ${{ github.repository_owner }}/${{ env.repo_name }}:latest
-            ${{ github.repository_owner }}/${{ env.repo_name }}:${{ env.tag }}
-            ghcr.io/${{ github.repository_owner }}/${{ env.repo_name }}:latest
-            ghcr.io/${{ github.repository_owner }}/${{ env.repo_name }}:${{ env.tag }}
-            quay.io/${{ github.repository_owner }}/${{ env.repo_name }}:latest
-            quay.io/${{ github.repository_owner }}/${{ env.repo_name }}:${{ env.tag }}
-      -
-        name: Create Release
+            ${{ github.repository_owner }}/${{needs.prep.outputs.repo_name}}:latest
+            ${{ github.repository_owner }}/${{needs.prep.outputs.repo_name}}:${{needs.prep.outputs.tag}}
+            ghcr.io/${{ github.repository_owner }}/${{needs.prep.outputs.repo_name}}:latest
+            ghcr.io/${{ github.repository_owner }}/${{needs.prep.outputs.repo_name}}:${{needs.prep.outputs.tag}}
+            quay.io/${{ github.repository_owner }}/${{needs.prep.outputs.repo_name}}:latest
+            quay.io/${{ github.repository_owner }}/${{needs.prep.outputs.repo_name}}:${{needs.prep.outputs.tag}}
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-new
+
+      # This ugly bit is necessary if you don't want your cache to grow forever
+      # till it hits GitHub's limit of 5GB.
+      # Temp fix
+      # https://github.com/docker/build-push-action/issues/252
+      # https://github.com/moby/buildkit/issues/1896
+      - name: Move cache
+        if: needs.prep.outputs.push == 'true'
+        run: |
+          rm -rf /tmp/.buildx-cache
+          mv /tmp/.buildx-cache-new /tmp/.buildx-cache
+
+      - name: Create Release
         id: create_release
         uses: actions/[email protected]
+        if: github.event_name != 'pull_request' && needs.tag-does-not-exist.outputs.exists == 'false'
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token
         with:
-          tag_name: ${{ env.tag }}
-          release_name: ${{ env.tag }}
+          tag_name: ${{needs.prep.outputs.tag}}
+          release_name: ${{needs.prep.outputs.tag}}
           draft: false
           prerelease: false
diff --git a/.taskfiles/build.yaml b/.taskfiles/build.yaml
@@ -0,0 +1,23 @@
+---
+version: '3'
+
+tasks:
+  all:
+    desc: Build all platforms
+    cmds:
+      - "{{ .BUILD }} {{ .TAG_VERSION }} {{ .PLATFORMS }} -f Dockerfile ."
+    deps:
+      - build-deps
+
+  latest:
+    desc: Build the latest Docker image
+    cmds:
+      - "{{ .BUILD }} {{ .TAG_LATEST }} -f Dockerfile ."
+    deps:
+      - build-deps
+
+  build-deps:
+    preconditions:
+      - sh: "docker buildx version"
+        msg: "buildx is not installed"
+    silent: true
diff --git a/.taskfiles/builder.yaml b/.taskfiles/builder.yaml
@@ -0,0 +1,34 @@
+---
+version: '3'
+
+vars:
+  BUILDER: "mybuilder"
+  BUILDER_NAME: "buildx_buildkit_{{ .BUILDER }}0"
+  BUILDER_PATH: "~/.docker/buildx/instances/{{ .BUILDER }}"
+
+tasks:
+  install:
+    desc: Install buildx builder, {{ .BUILDER }}
+    cmds:
+      - "docker run --rm --privileged multiarch/qemu-user-static --reset -p yes"
+    status:
+      - "test -f {{ .BUILDER_PATH }}"
+
+  create:
+    desc: Create buildx builder, {{ .BUILDER }}
+    cmds:
+      - task: install
+      - "export DOCKER_BUILDKIT=1"
+      - "docker buildx create --use --name {{ .BUILDER }}"
+      - "docker buildx use {{ .BUILDER }}"
+      - "docker buildx inspect --bootstrap"
+      - "docker buildx install"
+    status:
+      - "test -f {{ .BUILDER }}"
+
+  restart:
+    desc: Restart the builder container
+    cmds:
+      - "docker restart {{ .BUILDER_NAME }}"
+    preconditions:
+      - test -f {{ .BUILDER }}
diff --git a/.taskfiles/chk.yaml b/.taskfiles/chk.yaml
@@ -0,0 +1,74 @@
+---
+version: '3'
+
+tasks:
+  print:
+    desc: Get the checksum of the release or source package.
+    deps:
+      - _varcheck
+      - _release
+      - _source
+
+  export:
+    silent: true
+    desc: Export the checksum of the release or source package to CHECKSUM
+    deps:
+      - _varcheck
+      - _release-export
+      - _source-export
+
+  _release-export:
+    silent: true
+    cmds:
+      - task: _dl-export
+        vars:
+          URL: "https://github.com/{{ .SOURCE_ORG }}/{{ .SOURCE_REPO }}/releases/download/v{{ .VERSION }}/{{ .FILENAME }}"
+    status:
+      - test {{ .TYPE }} != "release"
+
+  _source-export:
+    silent: true
+    cmds:
+      - task: _dl-export
+        vars:
+          URL: "https://github.com/{{ .SOURCE_ORG }}/{{ .SOURCE_REPO }}/archive/{{ .VERSION }}.tar.gz"
+    status:
+      - test {{ .TYPE }} != "source"
+      - test {{ .TYPE }} != "commit"
+
+  _dl-export:
+    slient: true
+    cmds:
+      - |
+        SUM=$(wget -q {{ .URL }} -O- | sha256sum|awk '{print $1}')
+        printf "%s" "$SUM" > CHECKSUM
+        cat CHECKSUM
+
+  _release:
+    cmds:
+      - task: _dl
+        vars:
+          URL: "https://github.com/{{ .SOURCE_ORG }}/{{ .SOURCE_REPO }}/releases/download/v{{ .VERSION }}/{{ .FILENAME }}"
+    status:
+      - test {{ .TYPE }} != "release"
+
+  _source:
+    cmds:
+      - task: _dl
+        vars:
+          URL: "https://github.com/{{ .SOURCE_ORG }}/{{ .SOURCE_REPO }}/archive/{{ .VERSION }}.tar.gz"
+    status:
+      - test {{ .TYPE }} != "source"
+      - test {{ .TYPE }} != "commit"
+
+  _varcheck:
+    cmds:
+      - cmd: >
+          (test {{ .TYPE }} = "source" ||
+          test {{ .TYPE }} = "release" ||
+          test {{ .TYPE }} = "commit") ||
+          (echo "TYPE is not 'source','commit', or 'release'"; exit 1)
+    silent: true
+
+  _dl:
+    cmds: ["wget {{ .URL }} -O- | sha256sum"]