From dd1b76e7228acf65f6f0478a71291693725fe1f2 Mon Sep 17 00:00:00 2001 From: PoAn Yang Date: Thu, 11 Apr 2024 17:13:48 +0800 Subject: [PATCH] ci: add build GitHub action (#90) Signed-off-by: PoAn Yang --- .github/workflows/build.yml | 77 +++++++++++++++++++++++++++++++++++++ Dockerfile.dapper | 11 ++++-- package/Dockerfile | 14 +++++-- scripts/build | 3 +- scripts/package | 31 ++++++++++----- scripts/version | 13 ------- 6 files changed, 117 insertions(+), 32 deletions(-) create mode 100644 .github/workflows/build.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 00000000..5ba2581f --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,77 @@ +name: build +on: + push: + branches: + - master + - v* + tags: + - v* + pull_request: +jobs: + build: + name: Build images + runs-on: ubuntu-latest + permissions: + contents: read + id-token: write # for reading credential https://github.com/rancher-eio/read-vault-secrets + container: + image: rancher/dapper:v0.6.0 + steps: + # Git is not in Dapper container image. Add it manually for dirty check. + - name: Add Git + run: apk add -U git + - name: Checkout code + uses: actions/checkout@v4 + - name: Declare branch + run: | + echo "branch=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" >> "$GITHUB_ENV" + + # For multi-platform support + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + # Build binaries + - name: Run dapper ci + run: dapper ci + - name: Copy bin folder to package + run: | + cp -r ./bin/* ./package/ + + - name: Read Secrets + if: ${{ startsWith(github.ref, 'refs/heads/') || startsWith(github.ref, 'refs/tags/') }} + uses: rancher-eio/read-vault-secrets@main + with: + secrets: | + secret/data/github/repo/${{ github.repository }}/dockerhub/rancher/credentials username | DOCKER_USERNAME ; + secret/data/github/repo/${{ github.repository }}/dockerhub/rancher/credentials password | DOCKER_PASSWORD + + - name: Login to Docker Hub + if: ${{ startsWith(github.ref, 'refs/heads/') || startsWith(github.ref, 'refs/tags/') }} + uses: docker/login-action@v3 + with: + username: ${{ env.DOCKER_USERNAME }} + password: ${{ env.DOCKER_PASSWORD }} + + # rancher/terraform-provider-harvester image + - name: docker-publish + if: ${{ startsWith(github.ref, 'refs/heads/') }} + uses: docker/build-push-action@v5 + with: + context: package/ + push: true + platforms: linux/amd64,linux/arm64 + tags: rancher/terraform-provider-harvester:${{ env.branch }}-head + file: package/Dockerfile + - name: docker-publish-with-tag + if: ${{ startsWith(github.ref, 'refs/tags/') }} + uses: docker/build-push-action@v5 + with: + context: package/ + push: true + platforms: linux/amd64,linux/arm64 + tags: rancher/terraform-provider-harvester:${{ github.ref_name }} + file: package/Dockerfile + build-args: | + VERSION=${{ github.ref_name }} diff --git a/Dockerfile.dapper b/Dockerfile.dapper index c0bc8336..3fea444e 100644 --- a/Dockerfile.dapper +++ b/Dockerfile.dapper @@ -10,11 +10,14 @@ RUN zypper -n rm container-suseconnect && \ RUN GO111MODULE=on go install golang.org/x/tools/cmd/goimports@v0.1.11 ## install golangci-lint -RUN if [ "${ARCH}" = "amd64" ]; then \ - curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s v1.57.1; \ - fi +RUN curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s v1.57.1 -ENV DAPPER_ENV REPO TAG DRONE_TAG CROSS +# The docker version in dapper is too old to have buildx. Install it manually. +RUN wget https://github.com/docker/buildx/releases/download/v0.13.1/buildx-v0.13.1.linux-${ARCH} && \ + chmod +x buildx-v0.13.1.linux-${ARCH} && \ + mv buildx-v0.13.1.linux-${ARCH} /usr/local/bin/buildx + +ENV DAPPER_ENV REPO TAG DRONE_TAG ENV DAPPER_SOURCE /go/src/github.com/harvester/terraform-provider-harvester ENV DAPPER_OUTPUT ./bin ./dist ENV DAPPER_DOCKER_SOCKET true diff --git a/package/Dockerfile b/package/Dockerfile index 07d6a2b6..e5a14b33 100644 --- a/package/Dockerfile +++ b/package/Dockerfile @@ -1,11 +1,17 @@ -FROM registry.suse.com/bci/bci-base:15.4 +FROM registry.suse.com/bci/bci-base:15.5 + +ARG TARGETPLATFORM +RUN if [ "$TARGETPLATFORM" != "linux/amd64" ] && [ "$TARGETPLATFORM" != "linux/arm64" ]; then \ + echo "Error: Unsupported TARGETPLATFORM: $TARGETPLATFORM" && \ + exit 1; \ + fi # hadolint ignore=DL3037 RUN zypper -n rm container-suseconnect && \ zypper -n install unzip curl vim && \ zypper -n clean -a && rm -rf /tmp/* /var/tmp/* /usr/share/doc/packages/* -ARG ARCH=amd64 +ENV ARCH ${TARGETPLATFORM#linux/} ENV KERNEL_ARCH linux_${ARCH} # install terraform ENV TERRAFORM_VERSION 1.4.6 @@ -20,7 +26,7 @@ ARG PROVIDER_VERSION=0.0.0-dev ENV PROVIDERS_DIR /root/.terraform.d/plugins/terraform.local/local/harvester ENV PROVIDER_DIR ${PROVIDERS_DIR}/${PROVIDER_VERSION}/${KERNEL_ARCH} RUN mkdir -p ${PROVIDER_DIR} -COPY ./terraform-provider-harvester ${PROVIDER_DIR}/terraform-provider-harvester_v${PROVIDER_VERSION} +COPY ./terraform-provider-harvester-${ARCH} ${PROVIDER_DIR}/terraform-provider-harvester_v${PROVIDER_VERSION} RUN mkdir -p /data COPY ./provider.tf /data/provider.tf -WORKDIR /data \ No newline at end of file +WORKDIR /data diff --git a/scripts/build b/scripts/build index 35087e58..60a461d1 100755 --- a/scripts/build +++ b/scripts/build @@ -7,4 +7,5 @@ cd $(dirname $0)/.. mkdir -p bin [ "$(uname)" != "Darwin" ] && LINKFLAGS="-extldflags -static -s" -CGO_ENABLED=0 go build -ldflags "-X main.VERSION=$VERSION $LINKFLAGS" -o bin/terraform-provider-harvester +CGO_ENABLED=0 GOARCH=amd64 go build -ldflags "-X main.VERSION=$VERSION $LINKFLAGS" -o bin/terraform-provider-harvester-amd64 +CGO_ENABLED=0 GOARCH=arm64 go build -ldflags "-X main.VERSION=$VERSION $LINKFLAGS" -o bin/terraform-provider-harvester-arm64 diff --git a/scripts/package b/scripts/package index fc0716aa..4830d4c2 100755 --- a/scripts/package +++ b/scripts/package @@ -15,25 +15,36 @@ else PROVIDER_VERSION=${VERSION#"v"} fi -TAG=${TAG:-${VERSION}${SUFFIX}} +TAG=${TAG:-${VERSION}} if echo $TAG | grep -q dirty; then TAG=dev fi mkdir -p dist/artifacts -cp bin/terraform-provider-harvester dist/artifacts/terraform-provider-harvester${SUFFIX} +cp bin/terraform-provider-harvester-* dist/artifacts/ cd ${PACKAGE_DIR} +REPO=${REPO:-rancher} IMAGE=${REPO}/terraform-provider-harvester:${TAG} DOCKERFILE=Dockerfile -if [ -e ${DOCKERFILE}.${ARCH} ]; then - DOCKERFILE=${DOCKERFILE}.${ARCH} -fi - -rm -rf ./terraform-provider-harvester -cp ../bin/terraform-provider-harvester . -docker build --build-arg ARCH=${ARCH} --build-arg PROVIDER_VERSION=${PROVIDER_VERSION} -f ${DOCKERFILE} -t ${IMAGE} . -echo Built ${IMAGE} \ No newline at end of file +rm -rf ./terraform-provider-harvester-* +cp ../bin/terraform-provider-harvester-* . + +docker run --privileged --rm tonistiigi/binfmt --install all +buildx create --platform linux/arm64,linux/amd64 --use +buildx ls + +# In old docker version, it doesn't support multiple values in --platform with --load. +# So we only load image with current platform. +# Ref: https://github.com/docker/buildx/issues/59#issuecomment-616050491 +buildx build \ + --build-arg PROVIDER_VERSION=${PROVIDER_VERSION} \ + --platform linux/amd64,linux/arm64 \ + -f ${DOCKERFILE} -t ${IMAGE} . +buildx build --load \ + --build-arg PROVIDER_VERSION=${PROVIDER_VERSION} \ + -f ${DOCKERFILE} -t ${IMAGE} . +echo Built ${IMAGE} diff --git a/scripts/version b/scripts/version index 1646092e..a05b035f 100755 --- a/scripts/version +++ b/scripts/version @@ -12,16 +12,3 @@ if [[ -z "$DIRTY" && -n "$GIT_TAG" ]]; then else VERSION="${COMMIT}${DIRTY}" fi - -if [ -z "$ARCH" ]; then - ARCH=$(go env GOHOSTARCH) -fi - -SUFFIX="-${ARCH}" - -TAG=${TAG:-${VERSION}${SUFFIX}} -REPO=${REPO:-rancher} - -if echo $TAG | grep -q dirty; then - TAG=dev -fi