-
Notifications
You must be signed in to change notification settings - Fork 16
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: Takumi Yanagawa [email protected]
- Loading branch information
Showing
210 changed files
with
245,234 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
# More info: https://docs.docker.com/engine/reference/builder/#dockerignore-file | ||
# Ignore build and test binaries. | ||
bin/ | ||
testbin/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
|
||
# Binaries for programs and plugins | ||
*.exe | ||
*.exe~ | ||
*.dll | ||
*.so | ||
*.dylib | ||
bin | ||
testbin/* | ||
Dockerfile.cross | ||
|
||
# Test binary, build with `go test -c` | ||
*.test | ||
|
||
# Output of the go coverage tool, specifically when used with LiteIDE | ||
*.out | ||
|
||
# Kubernetes Generated files - skip generated files, except for vendored files | ||
|
||
!vendor/**/zz_generated.* | ||
|
||
# editor and IDE paraphernalia | ||
.idea | ||
*.swp | ||
*.swo | ||
*~ | ||
|
||
|
||
# IDE | ||
.vscode | ||
.idea | ||
|
||
# ignore output by test | ||
/**/_test | ||
|
||
# | ||
policy-collection | ||
out | ||
work | ||
kubeconfig.* |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
linters-settings: | ||
misspell: | ||
ignore-words: | ||
- creater | ||
|
||
linters: | ||
enable: | ||
- asciicheck | ||
- bidichk | ||
- durationcheck | ||
- errname | ||
- errorlint | ||
- exportloopref | ||
- gofmt | ||
- gosimple | ||
- govet | ||
- importas | ||
- ineffassign | ||
- misspell | ||
- nilerr | ||
- unconvert | ||
- unused | ||
- errcheck | ||
- nolintlint |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
# Build the manager binary | ||
FROM golang:1.19 as builder | ||
ARG TARGETOS | ||
ARG TARGETARCH | ||
|
||
WORKDIR /workspace | ||
# Copy the Go Modules manifests | ||
COPY go.mod go.mod | ||
COPY go.sum go.sum | ||
# cache deps before building and copying source so that we don't need to re-download as much | ||
# and so that source changes don't invalidate our downloaded layer | ||
RUN go mod download | ||
|
||
# Copy the go source | ||
COPY main.go main.go | ||
COPY api/ api/ | ||
COPY controllers/ controllers/ | ||
COPY pkg/ pkg/ | ||
|
||
# Build | ||
# the GOARCH has not a default value to allow the binary be built according to the host where the command | ||
# was called. For example, if we call make docker-build in a local env which has the Apple Silicon M1 SO | ||
# the docker BUILDPLATFORM arg will be linux/arm64 when for Apple x86 it will be linux/amd64. Therefore, | ||
# by leaving it empty we can ensure that the container and binary shipped on it will have the same platform. | ||
RUN CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} go build -a -o manager main.go | ||
|
||
RUN wget https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v5.0.1/kustomize_v5.0.1_linux_${TARGETARCH}.tar.gz | ||
RUN tar zxvf kustomize_v5.0.1_linux_${TARGETARCH}.tar.gz | ||
RUN wget https://github.com/open-cluster-management-io/policy-generator-plugin/archive/refs/tags/v1.11.0.tar.gz | ||
RUN tar zxvf v1.11.0.tar.gz | ||
RUN cd policy-generator-plugin-1.11.0; CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} go build -o . ./cmd/PolicyGenerator | ||
|
||
FROM busybox:1.35.0-uclibc as busybox | ||
|
||
# Use distroless as minimal base image to package the manager binary | ||
# Refer to https://github.com/GoogleContainerTools/distroless for more details | ||
FROM gcr.io/distroless/static:nonroot | ||
COPY --from=busybox /bin/sh /bin/sh | ||
COPY --from=busybox /bin/mkdir /bin/mkdir | ||
|
||
WORKDIR / | ||
COPY --from=builder /workspace/manager . | ||
COPY --from=builder /workspace/kustomize /bin/kustomize | ||
RUN mkdir -p /home/nonroot/.config/kustomize/plugin/policy.open-cluster-management.io/v1/policygenerator | ||
COPY --from=builder /workspace/policy-generator-plugin-1.11.0/PolicyGenerator /home/nonroot/.config/kustomize/plugin/policy.open-cluster-management.io/v1/policygenerator/PolicyGenerator | ||
USER 65532:65532 | ||
|
||
ENTRYPOINT ["/manager"] |
Oops, something went wrong.