Skip to content

Commit

Permalink
CI: Travis -> GitHub Actions; Create Release Binaries and Container I…
Browse files Browse the repository at this point in the history 
…mages (#444)

[![Checks](https://github.com/fastly/pebble/actions/workflows/checks.yml/badge.svg)](https://github.com/fastly/pebble/actions/workflows/checks.yml)

[![Tests](https://github.com/fastly/pebble/actions/workflows/tests.yml/badge.svg)](https://github.com/fastly/pebble/actions/workflows/tests.yml)

As a follow-on to #439 this
change request implements the first step of building a new CI system for
Pebble. As this is a testbed environment for Boulder, some of these
changes may prove to be useful in the latter context.

Per
#434 (comment),
GitHub Actions is a reasonable choice for a new CI implementation to
supersede Travis. Much, but not all, of the existing functionality is
present in this initial set of changes.

Items currently implemented include:
- Binary production of `pebble` and `challtestsrv` for platforms:
  - AMD64
    - darwin
    - linux
    - windows
  - ARM64
    - darwin
    - linux
    - windows
- Multiplatform docker images published on the GitHub Container Registry
for platforms:
  - linux/amd64
  - linux/arm64
  - windows/amd64
- Golang linting.
- Golang coverage.
- Local test scripts for Go and Docker:
  - `./build.sh`
  - `./docker.sh`
  - `./test.sh`

This PR also adds a `-version` flag to Pebble, which is set during
release build to the Git commit ref.

This change builds on earlier work done in
#379 and
#442.
  • Loading branch information
@sheurich
sheurich authored Mar 12, 2024
1 parent c449dc1 commit 235473c
Show file tree
Hide file tree
Showing 17 changed files with 307 additions and 320 deletions.
27 changes: 0 additions & 27 deletions .ci/publish_linux.sh
View file

This file was deleted.

28 changes: 0 additions & 28 deletions .ci/publish_windows.ps1
View file

This file was deleted.

5 changes: 2 additions & 3 deletions .dockerignore
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,2 @@
.git
pebble.exe
pebble
/pebble
/pebble.exe
65 changes: 30 additions & 35 deletions .github/workflows/checks.yml
View file
Original file line number Diff line number Diff line change
@@ -1,53 +1,48 @@
name: Checks

# Run on push to main and any pull request.
on:
push:
branches:
- main
pull_request:

permissions:
checks: write # Allow write access to checks to allow annotation of code in the PR.
contents: read
pull-requests: read

env:
CGO_ENABLED: 0
GO_VERSION: stable
GOLANGCI_LINT_VERSION: v1.56.2
SHELLCHECK_SCRIPTS: ./*.sh
jobs:

checks:
name: Check Process
go-lint-checks:
runs-on: ubuntu-latest
env:
GO_VERSION: oldstable
GOLANGCI_LINT_VERSION: v1.56.2
CGO_ENABLED: 0

steps:

- name: Check out code
uses: actions/checkout@v4
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
fetch-depth: 0

- name: Set up Go
uses: actions/setup-go@v5
go-version: ${{ env.GO_VERSION }}
- name: Run GolangCI-Lint
uses: golangci/golangci-lint-action@v4
with:
# skip cache because of flaky behaviors
skip-build-cache: true
skip-pkg-cache: true
version: ${{ env.GOLANGCI_LINT_VERSION }}
go-mod-checks:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}

- name: Check and get dependencies
- name: Check if go.mod is tidy
run: |
go mod tidy
git diff --exit-code go.mod
git diff --exit-code go.sum
- name: vendoring
run: go mod vendor

- name: vendoring diff
run: git diff --exit-code vendor/

# https://golangci-lint.run/usage/install#other-ci
- name: Install golangci-lint ${{ env.GOLANGCI_LINT_VERSION }}
git diff --exit-code go.mod go.sum ||
(echo "::error::go.mod and go.sum need to be tidy" && exit 1)
- name: Check if vendor directory is up to date
run: |
curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin ${GOLANGCI_LINT_VERSION}
golangci-lint run
go mod vendor
git diff --exit-code vendor ||
(echo "::error::vendor directory needs to be updated" && exit 1)
28 changes: 12 additions & 16 deletions .github/workflows/go-cross.yml
View file
Original file line number Diff line number Diff line change
@@ -1,38 +1,34 @@
name: Go Matrix
name: Go Build Matrix
on:
push:
branches:
- main
pull_request:

permissions:
contents: read
pull-requests: read

jobs:

cross:
name: Build
name: Build on ${{ matrix.os }} with Go ${{ matrix.go-version }}
runs-on: ${{ matrix.os }}
env:
CGO_ENABLED: 0

strategy:
matrix:
go-version: [ oldstable, stable ]
os: [ubuntu-latest, macos-latest, windows-latest]

go-version:
- oldstable
- stable
os:
- ubuntu-latest
- macos-14 # M1 runners
- macos-latest
- windows-latest
steps:
- name: Checkout code
uses: actions/checkout@v4

- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: ${{ matrix.go-version }}

- name: Build pebble
run: go build -v -ldflags "-s -w" -trimpath -o pebble ./cmd/pebble

- name: Build pebble-challtestsrv
run: go build -v -ldflags "-s -w" -trimpath -o pebble-challtestsrv ./cmd/pebble-challtestsrv
- name: Build the module
run: go build -v ./...
157 changes: 157 additions & 0 deletions .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,157 @@
name: Build Release
# Run on semver tags.
on:
push:
tags:
- "v[0-9]+.[0-9]+.[0-9]+"
permissions:
contents: read
packages: write # Allow docker/build-push-action to publish to GitHub Container Registry
env:
DOCKER_PLATFORMS: linux/amd64, linux/arm64, windows/amd64
DOCKER_IMAGE_BASENAME: ghcr.io/${{ github.repository_owner }}
jobs:
go-build:
env:
CGO_ENABLED: 0
GOARCH: ${{ matrix.go-arch }}
GOOS: ${{ matrix.go-os }}
LDFLAGS: -s -w -X 'main.version=${{ github.ref_name }} (${{ github.sha }})'
OUTPUTDIR: /tmp/dist/${{ matrix.go-os }}/${{ matrix.go-arch }}
runs-on: ubuntu-latest
strategy:
matrix:
app:
- pebble
- pebble-challtestsrv
go-arch:
- amd64
- arm64
go-os:
- darwin
- linux
- windows
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
check-latest: true
go-version-file: go.mod
- name: Build ${{ matrix.app }} for ${{ matrix.go-os }}/${{ matrix.go-arch }}
run: |
go build \
-ldflags="${LDFLAGS}" \
-o "${OUTPUTDIR}/" \
-trimpath \
-v \
./cmd/${{ matrix.app }}
- name: Display ${{ matrix.app }} artifacts
run: tree /tmp/dist
- name: Store ${{ matrix.app }} artifacts
uses: actions/upload-artifact@v4
with:
name: ${{ matrix.app }}-${{ matrix.go-os }}-${{ matrix.go-arch }}
path: /tmp/dist
docker-build:
needs:
- go-build
runs-on: ubuntu-latest
strategy:
matrix:
app:
- pebble
- pebble-challtestsrv
steps:
- uses: actions/checkout@v4
- name: Download ${{ matrix.app }} artifacts
uses: actions/download-artifact@v4
with:
merge-multiple: true
path: /tmp/dist
pattern: ${{ matrix.app }}-*-*
- name: Display ${{ matrix.app }} artifacts
run: tree /tmp/dist
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.DOCKER_IMAGE_BASENAME }}/${{ matrix.app }}
# generate Docker tags based on the following events/attributes
tags: |
type=semver,pattern={{major}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{version}}
type=sha
type=raw,value=latest
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push ${{ github.repository }}/${{ matrix.app }} for ${{ env.DOCKER_PLATFORMS }}
uses: docker/build-push-action@v5
with:
build-args: APP=${{ matrix.app }}
build-contexts: dist-files=/tmp/dist
cache-from: type=gha
cache-to: type=gha,mode=max
file: Dockerfile.release
labels: ${{ steps.meta.outputs.labels }}
platforms: ${{ env.DOCKER_PLATFORMS }}
push: true
tags: ${{ steps.meta.outputs.tags }}
docker-version:
needs:
- docker-build
runs-on: ${{ matrix.docker-os }}
strategy:
matrix:
docker-os:
- ubuntu-latest
- windows-latest
steps:
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Display pebble version in container image
run: docker run ${{ env.DOCKER_IMAGE_BASENAME }}/pebble:latest -version
create-release:
needs:
- go-build
permissions:
contents: write # Allow creation of a release
runs-on: ubuntu-latest
steps:
- name: Download build artifacts
uses: actions/download-artifact@v4
- name: Display build artifacts
run: tree .
- name: Create release
# https://cli.github.com/manual/gh_release_create
env:
GITHUB_TOKEN: ${{ github.token }}
run: |
gh release create ${{ github.ref_name }} \
--repo ${{ github.repository }} \
--title "${{ github.ref_name }}" \
--verify-tag
continue-on-error: true
- name: Upload release files
# https://cli.github.com/manual/gh_release_upload
env:
GITHUB_TOKEN: ${{ github.token }}
run: |
for artifact in *; do
tar czf ${artifact}.tar.gz ${artifact}
zip -r ${artifact}.zip ${artifact}
gh release upload ${{ github.ref_name }} ${artifact}.* \
--repo ${{ github.repository }};
done
Loading

0 comments on commit 235473c

Please sign in to comment.