From 95964e70add90a777666137640de7acabc3e524f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Corentin=20N=C3=A9au?= Date: Mon, 12 Feb 2024 09:57:35 +0100 Subject: [PATCH] Add goreleaser workflow from #1019 This adds a new CI workflow for releasing Fleet via GoReleaser, with configuration inherited from a previous pull request and extended. This runs linters, then unit and integration tests, after which it builds then releases all needed binaries and Docker images for Fleet. Dockerfiles are adapted to GoReleaser's particularity of building Docker images using the build directory as context. In this case, we configure GoReleaser to output all binaries to a common root `dist/` directory, so that all binaries are available to all Docker image build processes. This is useful to include eg. both `gitjob` and `gitcloner` binaries in the `rancher/gitjob` image. Windows-based images are not supported, and should not be needed anyway as the Fleet agent is only ever deployed to Linux k8s nodes. --- .github/workflows/release-fleet.yml | 110 ++++++++++++ .goreleaser.yml | 268 ++++++++++++++++++++++++++++ package/Dockerfile | 7 +- package/Dockerfile.agent | 8 +- package/Dockerfile.gitjob | 8 +- 5 files changed, 398 insertions(+), 3 deletions(-) create mode 100644 .github/workflows/release-fleet.yml create mode 100644 .goreleaser.yml diff --git a/.github/workflows/release-fleet.yml b/.github/workflows/release-fleet.yml new file mode 100644 index 0000000000..77dde14578 --- /dev/null +++ b/.github/workflows/release-fleet.yml @@ -0,0 +1,110 @@ +# Fleet release workflow +name: Fleet release + +on: + push: + tags: + - v** + +permissions: + contents: write + packages: write + +env: + GOARCH: amd64 + CGO_ENABLED: 0 + SETUP_K3D_VERSION: 'v5.5.1' + +jobs: + build-fleet: + runs-on: ubuntu-latest + steps: + - name: Check out Fleet + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version-file: 'go.mod' + check-latest: true + + - name: Run golangci-lint + uses: golangci/golangci-lint-action@v4.0.0 + with: + # Required: the version of golangci-lint is required and must be specified without patch version: we always + # use the latest patch version. + version: v1.55 + args: --timeout=10m --config=.golangci.json + + - name: Run FOSSA scan + uses: fossas/fossa-action@v1.3.1 + with: + api-key: ${{ secrets.FOSSA_API_KEY }} + + - name: Run FOSSA tests + uses: fossas/fossa-action@v1.3.1 + with: + api-key: ${{ secrets.FOSSA_API_KEY }} + run-tests: true + + - name: Check for code changes + run: | + ./.github/scripts/check-for-auto-generated-changes.sh + go mod verify + + - name: Run unit tests + run: go test -cover -tags=test $(go list ./... | grep -v -e /e2e -e /integrationtests) + + - name: Run integration tests + env: + SETUP_ENVTEST_VER: v0.0.0-20240115093953-9e6e3b144a69 + ENVTEST_K8S_VERSION: 1.28 + run: ./.github/scripts/run-integration-tests.sh + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log into Container registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Run GoReleaser + uses: goreleaser/goreleaser-action@v5 + with: + distribution: goreleaser + version: v1.24.0 + args: release --clean --verbose + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Upload charts to release + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + repo: "ghcr.io/rancher/fleet" + tag: "${GITHUB_REF_NAME}" + run: | + sed -i \ + -e "s@repository:.*@repository: $repo@" \ + -e "s/tag:.*/tag: ${VERSION}/" \ + charts/fleet/values.yaml + + sed -i \ + -e "s@repository:.*@repository: $repo@" \ + -e "s/tag: dev/tag: ${VERSION}/" \ + charts/fleet-agent/values.yaml + + helm package --version="$VERSION" --app-version="$VERSION" -d ./dist ./charts/fleet + helm package --version="$VERSION" --app-version="$VERSION" -d ./dist ./charts/fleet-crd + helm package --version="$VERSION" --app-version="$VERSION" -d ./dist ./charts/fleet-agent + + for f in $(find dist/artifacts/ -name '*.tgz'); do + gh release upload $tag $f + done diff --git a/.goreleaser.yml b/.goreleaser.yml new file mode 100644 index 0000000000..a3e1e38802 --- /dev/null +++ b/.goreleaser.yml @@ -0,0 +1,268 @@ +--- +project_name: fleet + +before: + hooks: + - go mod download + +archives: + - id: fleet-controller + format: binary + name_template: "{{ .Binary }}" + builds: + - fleet-controller + + - id: fleet-agent + format: binary + name_template: "{{ .Binary }}" + builds: + - fleet-agent + + - id: fleet-gitcloner + format: binary + name_template: "{{ .Binary }}" + builds: + - fleet-gitcloner + + - id: fleet-gitjob + format: binary + name_template: "{{ .Binary }}" + builds: + - fleet-gitjob + + - id: fleet-cli + format: binary + name_template: "{{ .Binary }}" + builds: + - fleet-cli + +builds: + - + id: fleet-controller + main: ./cmd/fleetcontroller + binary: fleetcontroller-{{ .Os }}-{{ .Arch }}{{ if .Arm }}64{{ end }} + no_unique_dist_dir: true + # gcflags: + # - all="-N -l" + ldflags: + - -w -s + - -X github.com/rancher/fleet/pkg/version.GitCommit={{ .Commit }} + - -X github.com/rancher/fleet/pkg/version.Version={{ .Tag }} + targets: + - linux_amd64_v1 + - linux_arm64 + - + id: fleet-agent + main: ./cmd/fleetagent + binary: fleetagent-{{ .Os }}-{{ .Arch }}{{ if .Arm }}64{{ end }} + no_unique_dist_dir: true + ldflags: + - -w -s + - -X github.com/rancher/fleet/pkg/version.GitCommit={{ .Commit }} + - -X github.com/rancher/fleet/pkg/version.Version={{ .Tag }} + targets: + - linux_amd64_v1 + - linux_arm64 + - windows_amd64 + - + id: fleet-gitcloner + main: ./cmd/gitcloner + binary: gitcloner-{{ .Os }}-{{ .Arch }}{{ if .Arm }}64{{ end }} + no_unique_dist_dir: true + ldflags: + - -w -s + - -X github.com/rancher/fleet/pkg/version.GitCommit={{ .Commit }} + - -X github.com/rancher/fleet/pkg/version.Version={{ .Tag }} + targets: + - linux_amd64_v1 + - linux_arm64 + - + id: fleet-gitjob + main: ./cmd/gitjob + binary: gitjob-{{ .Os }}-{{ .Arch }}{{ if .Arm }}64{{ end }} + no_unique_dist_dir: true + ldflags: + - -w -s + - -X github.com/rancher/fleet/pkg/version.GitCommit={{ .Commit }} + - -X github.com/rancher/fleet/pkg/version.Version={{ .Tag }} + targets: + - linux_amd64_v1 + - linux_arm64 + - + id: fleet-cli + main: ./cmd/fleetcli + binary: fleet-{{ .Os }}-{{ .Arch }}{{ if .Arm }}64{{ end }} + no_unique_dist_dir: true + ldflags: + - -w -s + - -X github.com/rancher/fleet/pkg/version.GitCommit={{ .Commit }} + - -X github.com/rancher/fleet/pkg/version.Version={{ .Tag }} + targets: + - linux_amd64_v1 + - linux_arm64 + - windows_amd64 + +changelog: + ## Delegate Changelog to release-drafter + disable: false + use: github + +env: + - CGO_ENABLED=0 + +snapshot: + name_template: "{{ .Tag }}-next" + +dockers: + # fleet-controller images + - + use: buildx + + # GOOS of the built binaries/packages that should be used. + goos: linux + + # GOARCH of the built binaries/packages that should be used. + goarch: amd64 + + # IDs to filter the binaries/packages. + ids: + - fleet-controller + + # Templates of the Docker image names. + image_templates: + - "ghcr.io/rancher/fleet:{{ .Tag }}-linux-amd64" + + # Path to the Dockerfile (from the project root). + dockerfile: package/Dockerfile + + # Template of the docker build flags. + build_flag_templates: + - "--pull" + - "--label=org.opencontainers.image.created={{.Date}}" + - "--label=org.opencontainers.image.title={{.ProjectName}}" + - "--label=org.opencontainers.image.revision={{.FullCommit}}" + - "--label=org.opencontainers.image.version={{.Version}}" + - "--label=org.opencontainers.image.source=https://github.com/rancher/fleet" + - "--build-arg=ARCH=amd64" + - "--build-arg=BUILD_ENV=goreleaser" + - "--platform=linux/amd64" + - + use: buildx + goos: linux + goarch: arm64 + ids: + - fleet-controller + image_templates: + - "ghcr.io/rancher/fleet:{{ .Tag }}-linux-arm64" + dockerfile: package/Dockerfile + build_flag_templates: + - "--pull" + - "--label=org.opencontainers.image.created={{.Date}}" + - "--label=org.opencontainers.image.title={{.ProjectName}}" + - "--label=org.opencontainers.image.revision={{.FullCommit}}" + - "--label=org.opencontainers.image.version={{.Version}}" + - "--label=org.opencontainers.image.source=https://github.com/rancher/fleet" + - "--build-arg=ARCH=arm64" + - "--build-arg=BUILD_ENV=goreleaser" + - "--platform=linux/arm64/v8" + # fleet-agent images + - + use: buildx + goos: linux + goarch: amd64 + ids: + - fleet-agent + - fleet-cli + image_templates: + - "ghcr.io/rancher/fleet-agent:{{ .Tag }}-linux-amd64" + dockerfile: package/Dockerfile.agent + build_flag_templates: + - "--pull" + - "--label=org.opencontainers.image.created={{.Date}}" + - "--label=org.opencontainers.image.title={{.ProjectName}}" + - "--label=org.opencontainers.image.revision={{.FullCommit}}" + - "--label=org.opencontainers.image.version={{.Version}}" + - "--label=org.opencontainers.image.source=https://github.com/rancher/fleet" + - "--build-arg=ARCH=amd64" + - "--build-arg=BUILD_ENV=goreleaser" + - "--platform=linux/amd64" + extra_files: [ "package/log.sh" ] + - + use: buildx + goos: linux + goarch: arm64 + ids: + - fleet-agent + - fleet-cli + image_templates: + - "ghcr.io/rancher/fleet-agent:{{ .Tag }}-linux-arm64" + dockerfile: package/Dockerfile.agent + build_flag_templates: + - "--pull" + - "--label=org.opencontainers.image.created={{.Date}}" + - "--label=org.opencontainers.image.title={{.ProjectName}}" + - "--label=org.opencontainers.image.revision={{.FullCommit}}" + - "--label=org.opencontainers.image.version={{.Version}}" + - "--label=org.opencontainers.image.source=https://github.com/rancher/fleet" + - "--build-arg=ARCH=arm64" + - "--build-arg=BUILD_ENV=goreleaser" + - "--platform=linux/arm64/v8" + extra_files: [ "package/log.sh" ] + # fleet-gitjob images + - + use: buildx + goos: linux + goarch: amd64 + ids: + - fleet-gitcloner + - fleet-gitjob + image_templates: + - "ghcr.io/rancher/fleet-gitjob:{{ .Tag }}-linux-amd64" + dockerfile: package/Dockerfile.gitjob + build_flag_templates: + - "--pull" + - "--label=org.opencontainers.image.created={{.Date}}" + - "--label=org.opencontainers.image.title={{.ProjectName}}" + - "--label=org.opencontainers.image.revision={{.FullCommit}}" + - "--label=org.opencontainers.image.version={{.Version}}" + - "--label=org.opencontainers.image.source=https://github.com/rancher/fleet" + - "--build-arg=ARCH=amd64" + - "--build-arg=BUILD_ENV=goreleaser" + - "--platform=linux/amd64" + - + use: buildx + goos: linux + goarch: arm64 + ids: + - fleet-gitcloner + - fleet-gitjob + image_templates: + - "ghcr.io/rancher/fleet-gitjob:{{ .Tag }}-linux-arm64" + dockerfile: package/Dockerfile.gitjob + build_flag_templates: + - "--pull" + - "--label=org.opencontainers.image.created={{.Date}}" + - "--label=org.opencontainers.image.title={{.ProjectName}}" + - "--label=org.opencontainers.image.revision={{.FullCommit}}" + - "--label=org.opencontainers.image.version={{.Version}}" + - "--label=org.opencontainers.image.source=https://github.com/rancher/fleet" + - "--build-arg=ARCH=arm64" + - "--build-arg=BUILD_ENV=goreleaser" + - "--platform=linux/arm64/v8" + +docker_manifests: + # https://goreleaser.com/customization/docker_manifest/ + - name_template: "ghcr.io/rancher/fleet:{{ .Tag }}" + image_templates: + - "ghcr.io/rancher/fleet:{{ .Tag }}-linux-amd64" + - "ghcr.io/rancher/fleet:{{ .Tag }}-linux-arm64" + + - name_template: "ghcr.io/rancher/fleet-agent:{{ .Tag }}" + image_templates: + - "ghcr.io/rancher/fleet-agent:{{ .Tag }}-linux-amd64" + - "ghcr.io/rancher/fleet-agent:{{ .Tag }}-linux-arm64" + + - name_template: "ghcr.io/rancher/fleet-gitjob:{{ .Tag }}" + image_templates: + - "ghcr.io/rancher/fleet-gitjob:{{ .Tag }}-linux-amd64" + - "ghcr.io/rancher/fleet-gitjob:{{ .Tag }}-linux-arm64" diff --git a/package/Dockerfile b/package/Dockerfile index ae8541345a..d40ac46466 100644 --- a/package/Dockerfile +++ b/package/Dockerfile @@ -1,6 +1,7 @@ ARG BUILD_ENV=dapper +ARG ARCH -FROM registry.suse.com/bci/bci-busybox:15.5 AS base +FROM --platform=linux/$ARCH registry.suse.com/bci/bci-busybox:15.5 AS base FROM base AS copy_dapper ONBUILD ARG ARCH @@ -10,6 +11,10 @@ FROM base AS copy_buildx ONBUILD ARG TARGETARCH ONBUILD COPY bin/fleetcontroller-linux-${TARGETARCH} /usr/bin/fleetcontroller +FROM base AS copy_goreleaser +ONBUILD ARG ARCH +ONBUILD COPY fleetcontroller-linux-${ARCH} /usr/bin/fleetcontroller + FROM copy_${BUILD_ENV} RUN addgroup -g 1000 fleet-apply && adduser -u 1000 -G fleet-apply -D fleet-apply USER 1000 diff --git a/package/Dockerfile.agent b/package/Dockerfile.agent index 32a193537e..98f8922941 100644 --- a/package/Dockerfile.agent +++ b/package/Dockerfile.agent @@ -1,6 +1,7 @@ ARG BUILD_ENV=dapper +ARG ARCH -FROM registry.suse.com/suse/git:2.35 AS base +FROM --platform=linux/$ARCH registry.suse.com/suse/git:2.35 AS base COPY package/log.sh /usr/bin/ # Create non-root user and group RUN echo "fleet-apply:x:1000:1000::/home/fleet-apply:/bin/bash" >> /etc/passwd && \ @@ -18,6 +19,11 @@ ONBUILD ARG TARGETARCH ONBUILD COPY bin/fleetagent-linux-$TARGETARCH /usr/bin/fleetagent ONBUILD COPY bin/fleet-linux-$TARGETARCH /usr/bin/fleet +FROM base AS copy_goreleaser +ONBUILD ARG ARCH +ONBUILD COPY fleetagent-linux-$ARCH /usr/bin/fleetagent +ONBUILD COPY fleet-linux-$ARCH /usr/bin/fleet + FROM copy_${BUILD_ENV} USER 1000 CMD ["fleetagent"] diff --git a/package/Dockerfile.gitjob b/package/Dockerfile.gitjob index 83b32dccc9..2829cc6106 100644 --- a/package/Dockerfile.gitjob +++ b/package/Dockerfile.gitjob @@ -1,6 +1,7 @@ ARG BUILD_ENV=dapper +ARG ARCH -FROM registry.suse.com/bci/bci-base:15.5 AS base +FROM --platform=linux/$ARCH registry.suse.com/bci/bci-base:15.5 AS base RUN zypper -n update && \ zypper -n install openssh catatonit git-core && \ zypper -n clean -a @@ -16,6 +17,11 @@ ONBUILD ARG TARGETARCH ONBUILD COPY bin/gitjob-linux-$TARGETARCH /usr/bin/gitjob ONBUILD COPY bin/gitcloner-linux-$TARGETARCH /usr/bin/gitcloner +FROM base AS copy_goreleaser +ONBUILD ARG ARCH +ONBUILD COPY gitjob-linux-$ARCH /usr/bin/gitjob +ONBUILD COPY gitcloner-linux-$ARCH /usr/bin/gitcloner + FROM copy_${BUILD_ENV} USER 1000 ENTRYPOINT ["catatonit", "--"]