APIGOV-27565 - major refactor of docker

Axway · May 9, 2024 · 9399d34 · 9399d34
1 parent b1e9634
commit 9399d34
Show file tree

Hide file tree

Showing 3 changed files with 88 additions and 91 deletions.
diff --git a/.github/workflows/build-docker-images.yml b/.github/workflows/build-docker-images.yml
@@ -21,10 +21,13 @@ jobs:
     steps:
       - uses: actions/checkout@v4
 
-      - name: Create commit_id & version environment variables
+      - name: Set outputs
+        id: vars
         run: |
-          commitId=$(git rev-parse --short HEAD)
-          echo "commitId=$commitId" >> $GITHUB_ENV
+          echo "date=$(date +'%Y%m%d%H%M%S')" >> $GITHUB_OUTPUT
+          echo "tag=${{github.ref_name }}" >> $GITHUB_OUTPUT
+          echo "sdkversion=$(grep github.com/Axway/agent-sdk go.mod |  awk '{print $2}')" >> $GITHUB_OUTPUT
+          echo "commit=$(git rev-parse --short ${{ github.sha }})" >> $GITHUB_OUTPUT
       
       - name: Log in to the Container registry
         uses: docker/login-action@v3
@@ -49,54 +52,64 @@ jobs:
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
           build-args: |
-              VERSION=${{ github.ref_name }}
-              COMMIT_ID=${{ env.commitId }}
+            time=${{ steps.vars.outputs.date }}
+            CGO_ENABLED=0
+            version=${{ steps.vars.outputs.tag }}
+            sdk_version=${{ steps.vars.outputs.sdkversion }}
+            commit_id=${{ steps.vars.outputs.commit }}
 
-  buildTraceabilityAgentDocker:
-    needs: testAgents
-    env:
-      GOFLAGS: "-mod=mod"
-      GOWORK: "off"
-      IMAGE_NAME: webmethods_traceability_agent
-      ORG_NAME: Axway
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
+  # buildTraceabilityAgentDocker:
+  #   needs: testAgents
+  #   env:
+  #     GOFLAGS: "-mod=mod"
+  #     GOWORK: "off"
+  #     IMAGE_NAME: webmethods_traceability_agent
+  #     ORG_NAME: Axway
+  #   runs-on: ubuntu-latest
+  #   steps:
+  #     - uses: actions/checkout@v4
 
-      - name: Create commit_id & version environment variables
-        run: |
-          commitId=$(git rev-parse --short HEAD)
-          echo "commitId=$commitId" >> $GITHUB_ENV
+  #     - name: Set outputs
+  #       id: vars
+  #       run: |
+  #         echo "date=$(date +'%Y%m%d%H%M%S')" >> $GITHUB_OUTPUT
+  #         echo "tag=${{github.ref_name }}" >> $GITHUB_OUTPUT
+  #         echo "sdkversion=$(grep github.com/Axway/agent-sdk go.mod |  awk '{print $2}')" >> $GITHUB_OUTPUT
+  #         echo "commit=$(git rev-parse --short ${{ github.sha }})" >> $GITHUB_OUTPUT
 
-      - name: Log in to the Container registry
-        uses: docker/login-action@v3
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
+  #     - name: Log in to the Container registry
+  #       uses: docker/login-action@v3
+  #       with:
+  #         registry: ghcr.io
+  #         username: ${{ github.actor }}
+  #         password: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Extract metadata (tags, labels) for Docker
-        id: meta
-        uses: docker/metadata-action@v5
-        with:
-          flavor: latest=false
-          images: ghcr.io/${{ env.ORG_NAME }}/${{ env.IMAGE_NAME }}
+  #     - name: Extract metadata (tags, labels) for Docker
+  #       id: meta
+  #       uses: docker/metadata-action@v5
+  #       with:
+  #         flavor: latest=false
+  #         images: ghcr.io/${{ env.ORG_NAME }}/${{ env.IMAGE_NAME }}
 
-      - name: Build and push Docker image
-        uses: docker/build-push-action@v5
-        with:
-          context: .
-          file: build/traceability.Dockerfile
-          push: true
-          tags: ${{ steps.meta.outputs.tags }}
-          labels: ${{ steps.meta.outputs.labels }}
-          build-args: | 
-              VERSION=${{ github.ref_name }}
-              COMMIT_ID=${{ env.commitId }}
+  #     - name: Build and push Docker image
+  #       uses: docker/build-push-action@v5
+  #       with:
+  #         context: .
+  #         file: build/traceability.Dockerfile
+  #         push: true
+  #         tags: ${{ steps.meta.outputs.tags }}
+  #         labels: ${{ steps.meta.outputs.labels }}
+  #         build-args: | 
+  #           time=${{ steps.vars.outputs.date }}
+  #           CGO_ENABLED=0
+  #           version=${{ steps.vars.outputs.tag }}
+  #           sdk_version=${{ steps.vars.outputs.sdkversion }}
+  #           commit_id=${{ steps.vars.outputs.commit }}
 
   notifyTeamsChannel:
     runs-on: ubuntu-latest
-    needs: [buildDiscoveryAgentDocker, buildTraceabilityAgentDocker]
+    # needs: [buildDiscoveryAgentDocker, buildTraceabilityAgentDocker]
+    needs: [buildDiscoveryAgentDocker]
     steps:
       - uses: actions/checkout@v4
       - name: Notify Teams channel

diff --git a/build/discovery.Dockerfile b/build/discovery.Dockerfile
@@ -2,60 +2,52 @@
 # golang:1.21.6-alpine3.19 linux/amd64
 FROM docker.io/golang@sha256:2523a6f68a0f515fe251aad40b18545155135ca6a5b2e61da8254df9153e3648 AS builder
 
-ARG VERSION
-ARG COMMIT_ID
+ARG commit_id
+ARG version
+ARG sdk_version
+ARG time
+ARG CGO_ENABLED
 
-ENV APP_HOME /go/src/github.com/Axway/agents-webmethods
+ENV BASEPATH /go/src/github.com/Axway/agents-webmethods
 ENV APP_USER axway
-ENV AGENT=${APP_HOME}/cmd/discovery
 
-
-RUN mkdir -p $APP_HOME
-WORKDIR $APP_HOME
+RUN mkdir -p ${BASEPATH}
+WORKDIR ${BASEPATH}
 
 # Copy necessary files
 COPY . .
 
-RUN export time=`date +%Y%m%d%H%M%S` && \
-  export commit_id=${COMMIT_ID} && \
-  export version=${VERSION} && \
-  export sdk_version=`go list -m github.com/Axway/agent-sdk | awk '{print $2}' | awk -F'-' '{print substr($1, 2)}'` && \
-  export GOOS=linux && \
-  export CGO_ENABLED=0 && \
-  export GOARCH=amd64 && \
+RUN --mount=type=cache,target=/root/.cache/go-build \ 
   go build -tags static_all \
   -ldflags="-X 'github.com/Axway/agent-sdk/pkg/cmd.BuildTime=${time}' \
   -X 'github.com/Axway/agent-sdk/pkg/cmd.BuildVersion=${version}' \
   -X 'github.com/Axway/agent-sdk/pkg/cmd.BuildCommitSha=${commit_id}' \
   -X 'github.com/Axway/agent-sdk/pkg/cmd.SDKBuildVersion=${sdk_version}' \
   -X 'github.com/Axway/agent-sdk/pkg/cmd.BuildAgentName=webMethodsDiscoveryAgent'" \
-  -a -o ${APP_HOME}/bin/webmethods_discovery_agent ${AGENT}/main.go
+  -a -o webmethods_discovery_agent ${BASEPATH}cmd/discovery/main.go
 
 # Create non-root user
-RUN addgroup -g 2500 $APP_USER && adduser -u 2500 -D -G $APP_USER $APP_USER
-RUN chown -R $APP_USER:$APP_USER  ${APP_HOME}/bin/webmethods_discovery_agent
-
-USER $APP_USER
+RUN addgroup -g 2500 ${APP_USER} && adduser -u 2500 -D -G ${APP_USER} ${APP_USER}
+RUN chown -R $APP_USER:$APP_USER  /webmethods_discovery_agent
+USER ${APP_USER}
 
 # alpine 3.19 linux/amd64 
 FROM docker.io/alpine@sha256:13b7e62e8df80264dbb747995705a986aa530415763a6c58f84a3ca8af9a5bcd
 
 ENV APP_USER axway
-ENV APP_HOME /go/src/github.com/Axway/agents-webmethods
 
 # Copy binary, user, config file and certs from previous build step
 COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
 COPY --from=builder /etc/passwd /etc/passwd
-COPY --from=builder $APP_HOME/build/webmethods_discovery_agent.yml /webmethods_discovery_agent.yml
 COPY --from=builder ${APP_HOME}/bin/webmethods_discovery_agent /webmethods_discovery_agent
+COPY /webmethods_discovery_agent.yml /webmethods_discovery_agent.yml
 
 RUN mkdir /keys && \
   chown -R axway /keys && \
   apk --no-cache add openssl libssl3 libcrypto3 musl musl-utils libc6-compat busybox curl && \
   find / -perm /6000 -type f -exec chmod a-s {} \; || true
 
-
-USER $APP_USER
+USER ${APP_USER}
 VOLUME ["/keys"]
 HEALTHCHECK --retries=1 CMD curl --fail http://localhost:${STATUS_PORT:-8989}/status || exit 1
 ENTRYPOINT ["/webmethods_discovery_agent"]
diff --git a/build/traceability.Dockerfile b/build/traceability.Dockerfile
@@ -1,61 +1,53 @@
 # Build image
 # golang:1.21.6-alpine3.19 linux/amd64
 FROM docker.io/golang@sha256:2523a6f68a0f515fe251aad40b18545155135ca6a5b2e61da8254df9153e3648 AS builder
-ENV APP_HOME /go/src/github.com/Axway/agents-webmethods
-ENV APP_USER axway
-ENV AGENT=${APP_HOME}/cmd/traceability
 
-ARG VERSION
-ARG COMMIT_ID
+ARG commit_id
+ARG version
+ARG sdk_version
+ARG time
+ARG CGO_ENABLED
 
+ENV BASEPATH /go/src/github.com/Axway/agents-webmethods
+ENV APP_USER axway
 
-RUN mkdir -p $APP_HOME
-WORKDIR $APP_HOME
+RUN mkdir -p ${BASEPATH}
+WORKDIR ${BASEPATH}
 
 # Copy necessary files
 COPY . .
 
-RUN export time=`date +%Y%m%d%H%M%S` && \
-    export commit_id=${COMMIT_ID} && \
-  export version=${VERSION} && \
-  export sdk_version=`go list -m github.com/Axway/agent-sdk | awk '{print $2}' | awk -F'-' '{print substr($1, 2)}'` && \
-  export GOOS=linux && \
-  export CGO_ENABLED=0 && \
-  export GOARCH=amd64 && \
+RUN --mount=type=cache,target=/root/.cache/go-build \ 
   go build -tags static_all \
   -ldflags="-X 'github.com/Axway/agent-sdk/pkg/cmd.BuildTime=${time}' \
   -X 'github.com/Axway/agent-sdk/pkg/cmd.BuildVersion=${version}' \
   -X 'github.com/Axway/agent-sdk/pkg/cmd.BuildCommitSha=${commit_id}' \
   -X 'github.com/Axway/agent-sdk/pkg/cmd.SDKBuildVersion=${sdk_version}' \
   -X 'github.com/Axway/agent-sdk/pkg/cmd.BuildAgentName=webMethodsTraceabilityAgent'" \
-  -a -o ${APP_HOME}/bin/webmethods_traceability_agent ${AGENT}/main.go
-
+  -a -o $webmethods_traceability_agent ${BASEPATH}/cmd/traceability/main.go
 
 # Create non-root user
-RUN addgroup -g 2500 $APP_USER && adduser -u 2500 -D -G $APP_USER $APP_USER
-RUN chown -R $APP_USER:$APP_USER  ${APP_HOME}/bin/webmethods_traceability_agent
-
-USER $APP_USER
+RUN addgroup -g 2500 ${APP_USER} && adduser -u 2500 -D -G ${APP_USER} ${APP_USER}
+RUN chown -R ${APP_USER}:${APP_USER}  /webmethods_traceability_agent
+USER ${APP_USER}
 
 # alpine 3.18 linux/amd64 
 FROM docker.io/alpine@sha256:d695c3de6fcd8cfe3a6222b0358425d40adfd129a8a47c3416faff1a8aece389
 
 ENV APP_USER axway
-ENV APP_HOME /go/src/github.com/Axway/agents-webmethods
 
 # Copy binary, user, config file and certs from previous build step
 COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
 COPY --from=builder /etc/passwd /etc/passwd
-COPY --from=builder $APP_HOME/build/webmethods_traceability_agent.yml /webmethods_traceability_agent.yml
-COPY --from=builder ${APP_HOME}/bin/webmethods_traceability_agent /webmethods_traceability_agent
+COPY --from=builder /webmethods_traceability_agent /webmethods_traceability_agent
+COPY /webmethods_traceability_agent.yml /webmethods_traceability_agent.yml
 
 RUN mkdir /keys /data && \
   chown -R axway /keys /data && \
   apk --no-cache add openssl libssl3 libcrypto3 musl musl-utils libc6-compat busybox curl && \
   find / -perm /6000 -type f -exec chmod a-s {} \; || true
 
-
-USER $APP_USER
+USER ${APP_USER}
 VOLUME ["/keys", "/data"]
 HEALTHCHECK --retries=1 CMD curl --fail http://localhost:${STATUS_PORT:-8989}/status || exit 1
 ENTRYPOINT ["/webmethods_traceability_agent"]