Add custom Docker image offering (#130)

Co-authored-by: Patrick D'appollonio <[email protected]>
patrickdappollonio · Oct 16, 2024 · b5bf93c · b5bf93c
1 parent cffc74d
commit b5bf93c
Show file tree

Hide file tree

Showing 3 changed files with 103 additions and 0 deletions.
diff --git a/.github/workflows/releasing.yaml b/.github/workflows/releasing.yaml
@@ -4,6 +4,9 @@ on:
     tags:
       - "*"
 
+permissions:
+  packages: write
+
 jobs:
   goreleaser:
     name: Release Application
@@ -23,6 +26,14 @@ jobs:
           version: latest
       - name: Test application
         run: go test -v ./...
+      - name: Set up QEMU
+        uses: docker/login-action@v3
+        with:
+          registry: "ghcr.io"
+          username: ${{ github.repository_owner}}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Set up QEMU
+        uses: docker/setup-qemu-actions@v3
       - name: Release application to Github
         uses: goreleaser/goreleaser-action@v6
         with:
@@ -33,3 +44,4 @@ jobs:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       - name: Update new version in krew-index
         uses: rajatjindal/[email protected]
+
diff --git a/.goreleaser.yml b/.goreleaser.yml
@@ -16,6 +16,52 @@ builds:
       - -trimpath
     ldflags:
       - -s -w -X main.version={{.Version}} -extldflags "-static"
+
+dockers:
+  - image_templates:
+      - "ghcr.io/patrickdappollonio/kubectl-slice:{{ .Tag }}-amd64"
+    goos: linux
+    goarch: amd64
+    use: buildx
+    build_flag_templates:
+      - "--platform=linux/amd64"
+      - "--label=org.opencontainers.image.title={{ .ProjectName }}"
+      - "--label=org.opencontainers.image.description={{ .ProjectName }} version {{ .Version }}. See release notes at https://github.com/patrickdappollonio/{{ .ProjectName }}/releases/tag/v{{ .RawVersion }}"
+      - "--label=org.opencontainers.image.url=https://github.com/patrickdappollonio/{{ .ProjectName }}"
+      - "--label=org.opencontainers.image.source=https://github.com/patrickdappollonio/{{ .ProjectName }}"
+      - "--label=org.opencontainers.image.version={{ .Version }}"
+      - '--label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }}'
+      - "--label=org.opencontainers.image.revision={{ .FullCommit }}"
+
+  - image_templates:
+      - "ghcr.io/patrickdappollonio/kubectl-slice:{{ .Tag }}-arm64"
+    goos: linux
+    goarch: arm64
+    use: buildx
+    build_flag_templates:
+      - "--platform=linux/arm64"
+      - "--label=org.opencontainers.image.title={{ .ProjectName }}"
+      - "--label=org.opencontainers.image.description={{ .ProjectName }} version {{ .Version }}. See release notes at https://github.com/patrickdappollonio/{{ .ProjectName }}/releases/tag/v{{ .RawVersion }}"
+      - "--label=org.opencontainers.image.url=https://github.com/patrickdappollonio/{{ .ProjectName }}"
+      - "--label=org.opencontainers.image.source=https://github.com/patrickdappollonio/{{ .ProjectName }}"
+      - "--label=org.opencontainers.image.version={{ .Version }}"
+      - '--label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }}'
+      - "--label=org.opencontainers.image.revision={{ .FullCommit }}"
+
+docker_manifests:
+  - name_template: "ghcr.io/patrickdappollonio/kubectl-slice:v{{ .RawVersion }}"
+    image_templates:
+      - "ghcr.io/patrickdappollonio/kubectl-slice:{{ .Tag }}-amd64"
+      - "ghcr.io/patrickdappollonio/kubectl-slice:{{ .Tag }}-arm64"
+  - name_template: "ghcr.io/patrickdappollonio/kubectl-slice:v{{ .Major }}"
+    image_templates:
+      - "ghcr.io/patrickdappollonio/kubectl-slice:{{ .Tag }}-amd64"
+      - "ghcr.io/patrickdappollonio/kubectl-slice:{{ .Tag }}-arm64"
+  - name_template: "ghcr.io/patrickdappollonio/kubectl-slice:latest"
+    image_templates:
+      - "ghcr.io/patrickdappollonio/kubectl-slice:{{ .Tag }}-amd64"
+      - "ghcr.io/patrickdappollonio/kubectl-slice:{{ .Tag }}-arm64"
+
 archives:
   - name_template: >-
       {{ .ProjectName }}_

diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,45 @@
+ARG KUBECTL_VERSION=1.31.1
+ARG YQ_VERSION=v4.44.3
+
+# Stage 1: Download binaries
+FROM debian:12-slim as download_binary
+
+ARG KUBECTL_VERSION
+ARG YQ_VERSION
+
+# Install curl and certificates, and clean up in one layer to reduce image size
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    curl \
+    ca-certificates \
+    && rm -rf /var/lib/apt/lists*
+
+# Download kubectl binary
+RUN curl -sSL -o /kubectl "https://dl.k8s.io/release/v${KUBECTL_VERSION}/bin/linux/amd64/kubectl" \
+  && chmod +x /kubectl
+
+# Download yq binary
+RUN curl -sSL -o /yq "https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_linux_amd64" \
+  && chmod +x /yq
+
+# Stage 2
+FROM debian:12-slim 
+
+ARG DEBIAN_FRONTEND=noninteractive
+
+RUN apt-get update && apt-get install -y --no-install-recommends \
+  sudo \
+  && useradd -m -s /bin/bash slice \
+  && echo 'slice ALL=(ALL) NOPASSWD:ALL' > /etc/sudoers.d/slice \
+  && chmod 0440 /etc/sudoers.d/slice \
+  && rm -rf /var/lib/apt/lists/*
+
+# Copy binaries from the download_binary stage
+COPY --from=download_binary /kubectl /usr/local/bin/kubectl
+COPY --from=download_binary /yq /usr/local/bin/yq
+COPY --from=download_binary /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
+
+# Copy kubectl-slice from local filesystem
+COPY kubectl-slice /usr/local/bin/kubectl-slice
+
+USER slice
+WORKDIR /home/slice