-
Notifications
You must be signed in to change notification settings - Fork 14
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Publish binaries and multi-arch docker images
**What** - Create a multiarch docker image that pre-compiles the certifier tests so that the tests are more portable - Update vendor folder to use latest openfaas projects - Add Github Actions workflow to publish Docker images and binaries on tags - reorganize CI scripts Signed-off-by: Lucas Roesler <[email protected]>
- Loading branch information
1 parent
30c5ee5
commit 9e0becf
Showing
63 changed files
with
11,321 additions
and
897 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,74 @@ | ||
name: publish | ||
|
||
on: | ||
push: | ||
tags: | ||
- '*' | ||
|
||
jobs: | ||
publish: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- | ||
uses: actions/checkout@master | ||
with: | ||
fetch-depth: 1 | ||
- | ||
name: Docker meta | ||
id: meta | ||
uses: crazy-max/ghaction-docker-meta@v1 | ||
with: | ||
images: "ghcr.io/${{ github.repository }}" | ||
- | ||
name: Set up QEMU | ||
uses: docker/setup-qemu-action@v1 | ||
- | ||
name: Set up Docker Buildx | ||
uses: docker/setup-buildx-action@v1 | ||
- | ||
name: Docker Login | ||
uses: docker/login-action@v1 | ||
with: | ||
registry: ghcr.io | ||
username: ${{ github.repository_owner }} | ||
password: ${{ secrets.DOCKER_PASSWORD }} | ||
- | ||
name: Docker Build and Push | ||
uses: docker/build-push-action@v2 | ||
with: | ||
context: . | ||
file: ./Dockerfile | ||
platforms: linux/amd64,linux/arm/v7,linux/arm64 | ||
target: release | ||
build-args: | | ||
VERSION=${{ steps.meta.outputs.version }} | ||
GIT_COMMIT=${{ github.sha }} | ||
push: true | ||
tags: ${{ steps.meta.outputs.tags }} | ||
labels: ${{ steps.meta.outputs.labels }} | ||
- | ||
name: Build binaries | ||
uses: docker/build-push-action@v2 | ||
with: | ||
context: . | ||
file: ./Dockerfile.redist | ||
platforms: linux/amd64 | ||
build-args: | | ||
VERSION=${{ steps.meta.outputs.version }} | ||
GIT_COMMIT=${{ github.sha }} | ||
load: true | ||
push: false | ||
tags: ghcr.io/openfaas/certifier:latest | ||
- | ||
name: Copy binaries to host | ||
run: ./ci/copy_redist.sh | ||
- | ||
name: Create SHA of binaries | ||
run: ./ci/hashgen.sh | ||
- | ||
name: Upload binaries and their SHA to Github Release | ||
uses: alexellis/[email protected] | ||
env: | ||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
with: | ||
asset_paths: '["./bin/certifier*"]' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,4 @@ | ||
.idea | ||
functions/build | ||
functions/template | ||
bin |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
ARG goversion=1.14 | ||
ARG alpineversion=3.11 | ||
|
||
FROM teamserverless/license-check:0.3.9 as license-check | ||
|
||
FROM --platform=${BUILDPLATFORM:-linux/amd64} golang:$goversion as builder | ||
|
||
ARG TARGETPLATFORM | ||
ARG BUILDPLATFORM | ||
ARG TARGETOS | ||
ARG TARGETARCH | ||
ARG GIT_COMMIT="000000" | ||
ARG VERSION="dev" | ||
|
||
ENV CGO_ENABLED=0 | ||
ENV GO111MODULE=on | ||
ENV GOFLAGS=-mod=vendor | ||
|
||
COPY --from=license-check /license-check /usr/bin/ | ||
|
||
WORKDIR /app | ||
COPY go.mod . | ||
COPY go.sum . | ||
COPY tests ./tests | ||
COPY version ./version | ||
COPY vendor ./vendor | ||
|
||
RUN license-check -path /app --verbose=false "Alex Ellis" "OpenFaaS Author(s)" | ||
RUN gofmt -l -d $(find . -type f -name '*.go' -not -path "./vendor/*") | ||
RUN CGO_ENABLED=${CGO_ENABLED} GOOS=${TARGETOS} GOARCH=${TARGETARCH} \ | ||
go test -c -o certifier \ | ||
-ldflags "\ | ||
-X github.com/openfaas/certifier/version.Commit=$GIT_COMMIT \ | ||
-X github.com/openfaas/certifier/version.Version=$VERSION" \ | ||
./tests | ||
|
||
FROM --platform=${TARGETPLATFORM:-linux/amd64} alpine:$alpineversion as release | ||
LABEL org.label-schema.license="MIT" \ | ||
org.label-schema.vcs-url="https://github.com/openfaas/certifier" \ | ||
org.label-schema.vcs-type="Git" \ | ||
org.label-schema.name="openfaas/certifier" \ | ||
org.label-schema.vendor="openfaas" \ | ||
org.label-schema.docker.schema-version="1.0" | ||
|
||
RUN apk --no-cache --update add ca-certificates | ||
|
||
ARG USER=default | ||
ENV HOME /home/$USER | ||
|
||
# install sudo as root | ||
RUN apk add --update sudo | ||
|
||
# add new user | ||
RUN adduser -D $USER | ||
USER $USER | ||
WORKDIR $HOME | ||
|
||
COPY --from=builder /app/certifier /bin/certifier | ||
|
||
ENTRYPOINT [ "/bin/certifier" ] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,80 @@ | ||
ARG goversion=1.14 | ||
ARG alpineversion=3.11 | ||
|
||
FROM teamserverless/license-check:0.3.9 as license-check | ||
|
||
# Build stage | ||
FROM golang:$goversion as builder | ||
|
||
ARG GIT_COMMIT="000000" | ||
ARG VERSION="dev" | ||
|
||
ENV CGO_ENABLED=0 | ||
ENV GO111MODULE=on | ||
ENV GOFLAGS=-mod=vendor | ||
|
||
COPY --from=license-check /license-check /usr/bin/ | ||
|
||
WORKDIR /app | ||
COPY go.mod . | ||
COPY go.sum . | ||
COPY tests ./tests | ||
COPY version ./version | ||
COPY vendor ./vendor | ||
|
||
RUN license-check -path /app --verbose=false "Alex Ellis" "OpenFaaS Author(s)" | ||
RUN gofmt -l -d $(find . -type f -name '*.go' -not -path "./vendor/*") | ||
|
||
|
||
# ldflags "-s -w" strips binary | ||
# ldflags -X injects commit version into binary | ||
|
||
# use multiple stages here because buildkit will run these in parallel, | ||
# if possible | ||
FROM builder as linux | ||
RUN CGO_ENABLED=0 GOOS=linux go test -c --ldflags "-s -w \ | ||
-X github.com/openfaas/certifier/version.Commit=${GIT_COMMIT} \ | ||
-X github.com/openfaas/certifier/version.Version=${VERSION}" \ | ||
-a -installsuffix cgo -o certifier \ | ||
./tests | ||
|
||
FROM builder as darwin | ||
RUN CGO_ENABLED=0 GOOS=darwin go test -c --ldflags "-s -w \ | ||
-X github.com/openfaas/certifier/version.Commit=${GIT_COMMIT} \ | ||
-X github.com/openfaas/certifier/version.Version=${VERSION}" \ | ||
-a -installsuffix cgo -o certifier-darwin \ | ||
./tests | ||
|
||
FROM builder as windows | ||
RUN CGO_ENABLED=0 GOOS=windows go test -c --ldflags "-s -w \ | ||
-X github.com/openfaas/certifier/version.Commit=${GIT_COMMIT} \ | ||
-X github.com/openfaas/certifier/version.Version=${VERSION}" \ | ||
-a -installsuffix cgo -o certifier.exe \ | ||
./tests | ||
|
||
FROM builder as arm | ||
RUN CGO_ENABLED=0 GOOS=linux GOARCH=arm GOARM=6 go test -c --ldflags "-s -w \ | ||
-X github.com/openfaas/certifier/version.Commit=${GIT_COMMIT} \ | ||
-X github.com/openfaas/certifier/version.Version=${VERSION}" \ | ||
-a -installsuffix cgo -o certifier-armhf \ | ||
./tests | ||
|
||
FROM builder as arm64 | ||
RUN CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go test -c --ldflags "-s -w \ | ||
-X github.com/openfaas/certifier/version.Commit=${GIT_COMMIT} \ | ||
-X github.com/openfaas/certifier/version.Version=${VERSION}" \ | ||
-a -installsuffix cgo -o certifier-arm64 \ | ||
./tests | ||
|
||
# Release stage | ||
FROM scratch | ||
|
||
WORKDIR /bin | ||
|
||
COPY --from=linux /app/certifier /bin | ||
COPY --from=darwin /app/certifier-darwin /bin | ||
COPY --from=arm /app/certifier-armhf /bin | ||
COPY --from=windows /app/certifier.exe /bin | ||
COPY --from=arm64 /app/certifier-arm64 /bin | ||
|
||
CMD ["/bin/certifier"] |
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
#!/bin/sh | ||
export NAME=certifier | ||
export IMAGE=ghcr.io/openfaas/certifier | ||
export eTAG="latest" | ||
echo "$1" | ||
if [ "$1" ] ; then | ||
eTAG=$1 | ||
fi | ||
|
||
docker create --name "$NAME" "${IMAGE}:${eTAG}" \ | ||
&& mkdir -p ./bin \ | ||
&& docker cp "$NAME":/bin . | ||
docker rm -f "$NAME" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
#!/bin/sh | ||
|
||
# ":" separated list of paths to folders that contain | ||
# executable binaries that should be shasum'd | ||
BINARIES=./bin | ||
|
||
IFS=':' | ||
for directory in $BINARIES; do | ||
cd "$directory" || exit 1 | ||
for f in * ; do # Scanning files in direcotry | ||
if [ -x $f ]; then | ||
shasum -a 256 $f > $f.sha256 | ||
fi | ||
done | ||
done |
Oops, something went wrong.