Skip to content

Commit

Permalink
Initial implementation
Browse files Browse the repository at this point in the history
Signed-off-by: Takumi Yanagawa [email protected]
  • Loading branch information
yana1205 committed Apr 3, 2023
1 parent bad869f commit 4c7af1a
Show file tree
Hide file tree
Showing 210 changed files with 245,234 additions and 0 deletions.
4 changes: 4 additions & 0 deletions .dockerignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
# More info: https://docs.docker.com/engine/reference/builder/#dockerignore-file
# Ignore build and test binaries.
bin/
testbin/
40 changes: 40 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@

# Binaries for programs and plugins
*.exe
*.exe~
*.dll
*.so
*.dylib
bin
testbin/*
Dockerfile.cross

# Test binary, build with `go test -c`
*.test

# Output of the go coverage tool, specifically when used with LiteIDE
*.out

# Kubernetes Generated files - skip generated files, except for vendored files

!vendor/**/zz_generated.*

# editor and IDE paraphernalia
.idea
*.swp
*.swo
*~


# IDE
.vscode
.idea

# ignore output by test
/**/_test

#
policy-collection
out
work
kubeconfig.*
24 changes: 24 additions & 0 deletions .golangci.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
linters-settings:
misspell:
ignore-words:
- creater

linters:
enable:
- asciicheck
- bidichk
- durationcheck
- errname
- errorlint
- exportloopref
- gofmt
- gosimple
- govet
- importas
- ineffassign
- misspell
- nilerr
- unconvert
- unused
- errcheck
- nolintlint
48 changes: 48 additions & 0 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
# Build the manager binary
FROM golang:1.19 as builder
ARG TARGETOS
ARG TARGETARCH

WORKDIR /workspace
# Copy the Go Modules manifests
COPY go.mod go.mod
COPY go.sum go.sum
# cache deps before building and copying source so that we don't need to re-download as much
# and so that source changes don't invalidate our downloaded layer
RUN go mod download

# Copy the go source
COPY main.go main.go
COPY api/ api/
COPY controllers/ controllers/
COPY pkg/ pkg/

# Build
# the GOARCH has not a default value to allow the binary be built according to the host where the command
# was called. For example, if we call make docker-build in a local env which has the Apple Silicon M1 SO
# the docker BUILDPLATFORM arg will be linux/arm64 when for Apple x86 it will be linux/amd64. Therefore,
# by leaving it empty we can ensure that the container and binary shipped on it will have the same platform.
RUN CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} go build -a -o manager main.go

RUN wget https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v5.0.1/kustomize_v5.0.1_linux_${TARGETARCH}.tar.gz
RUN tar zxvf kustomize_v5.0.1_linux_${TARGETARCH}.tar.gz
RUN wget https://github.com/open-cluster-management-io/policy-generator-plugin/archive/refs/tags/v1.11.0.tar.gz
RUN tar zxvf v1.11.0.tar.gz
RUN cd policy-generator-plugin-1.11.0; CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} go build -o . ./cmd/PolicyGenerator

FROM busybox:1.35.0-uclibc as busybox

# Use distroless as minimal base image to package the manager binary
# Refer to https://github.com/GoogleContainerTools/distroless for more details
FROM gcr.io/distroless/static:nonroot
COPY --from=busybox /bin/sh /bin/sh
COPY --from=busybox /bin/mkdir /bin/mkdir

WORKDIR /
COPY --from=builder /workspace/manager .
COPY --from=builder /workspace/kustomize /bin/kustomize
RUN mkdir -p /home/nonroot/.config/kustomize/plugin/policy.open-cluster-management.io/v1/policygenerator
COPY --from=builder /workspace/policy-generator-plugin-1.11.0/PolicyGenerator /home/nonroot/.config/kustomize/plugin/policy.open-cluster-management.io/v1/policygenerator/PolicyGenerator
USER 65532:65532

ENTRYPOINT ["/manager"]
Loading

0 comments on commit 4c7af1a

Please sign in to comment.