-
Notifications
You must be signed in to change notification settings - Fork 30
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
a2281b5
commit 9052201
Showing
7 changed files
with
279 additions
and
307 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
version: 2 | ||
updates: | ||
# version updates: enabled | ||
# security updates: enabled | ||
- package-ecosystem: github-actions | ||
directory: / | ||
schedule: | ||
interval: weekly | ||
- package-ecosystem: docker | ||
directory: /cicd | ||
schedule: | ||
interval: daily | ||
ignore: | ||
- dependency-name: golang | ||
update-types: | ||
- version-update:semver-major | ||
- dependency-name: node | ||
update-types: | ||
- version-update:semver-major | ||
|
||
# version updates: disabled | ||
# security updates: enabled | ||
# https://docs.github.com/en/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates#overriding-the-default-behavior-with-a-configuration-file | ||
# ./go | ||
- package-ecosystem: gomod | ||
directory: / | ||
schedule: | ||
interval: daily | ||
open-pull-requests-limit: 0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,41 +1,58 @@ | ||
#syntax=docker/dockerfile-upstream:1.4 | ||
ARG GO_APP | ||
|
||
FROM base as deps | ||
#syntax=docker/dockerfile-upstream:1.6 | ||
FROM goreleaser as deps | ||
|
||
ARG GO_APP | ||
ARG APP_USER=root | ||
|
||
ARG TARGETOS | ||
ARG TARGETARCH | ||
ARG TARGETVARIANT | ||
|
||
RUN mkdir -p /go/bin /go/src | ||
RUN mkdir -p /go/bin /go/src/dist | ||
|
||
WORKDIR /go/src | ||
|
||
COPY --from=build /go/src/dist /go/src/dist | ||
RUN <<EOT | ||
# If not built, build for current platform | ||
if [ -z "$(ls -A dist)" ]; then | ||
if [ ${TARGETARCH} = "arm" ]; then VARIANT=$(echo ${TARGETVARIANT} | sed 's/^v//'); fi | ||
GOOS=${TARGETOS} GOARCH=${TARGETARCH} GOARM=${VARIANT} TAGS=${TAGS} goreleaser build --single-target --snapshot -f ${GORELEASER_CONFIG} | ||
fi | ||
EOT | ||
|
||
RUN <<EOT | ||
set -e | ||
apk add --no-cache ca-certificates jq | ||
if [[ ${TARGETARCH} == "arm" ]]; then VARIANT=$(echo ${TARGETVARIANT} | sed 's/^v//'); fi | ||
|
||
GORELEASER_DIST_DIR="/go/src/dist" | ||
# If --single-target, artifacts.json only exists in os_arch target directory | ||
if [ ! -f ${GORELEASER_DIST_DIR}/artifacts.json ]; then | ||
GORELEASER_DIST_DIR="${GORELEASER_DIST_DIR}/${TARGETOS}_${TARGETARCH}" | ||
fi | ||
|
||
if [ ${TARGETARCH} = "arm" ]; then VARIANT=$(echo ${TARGETVARIANT} | sed 's/^v//'); fi | ||
BIN_PATH=$(jq -r ".[] |select(.type == \"Binary\" and \ | ||
.name == \"${GO_APP}\" and \ | ||
.goos == \"${TARGETOS}\" and \ | ||
.goarch == \"${TARGETARCH}\" and \ | ||
(.goarm == \"${VARIANT}\" or .goarm == null)) | .path" < /go/src/dist/artifacts.json) | ||
(.goarm == \"${VARIANT}\" or .goarm == null)) | .path" < ${GORELEASER_DIST_DIR}/artifacts.json) | ||
|
||
if [ -z ${BIN_PATH} ]; then | ||
exit 1 | ||
fi | ||
|
||
cp ${BIN_PATH} /go/bin | ||
EOT | ||
|
||
FROM base | ||
FROM alpine:3.19.0 | ||
|
||
ARG GO_APP | ||
ENV GO_APP ${GO_APP} | ||
|
||
COPY --from=deps --chmod=755 /go/bin/${GO_APP} /usr/local/bin/${GO_APP} | ||
|
||
COPY --from=deps /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ | ||
COPY --from=deps --chmod=0755 --chown=$APP_USR:$APP_USER /go/bin/${GO_APP} /usr/local/bin/${GO_APP} | ||
COPY --from=assets --chmod=0755 entrypoint.sh /entrypoint.sh | ||
|
||
COPY --from=assets entrypoint.sh /entrypoint.sh | ||
RUN apk add --no-cache ca-certificates && ln -s /usr/local/bin/${GO_APP} /${GO_APP} | ||
|
||
RUN ln -s /usr/local/bin/${GO_APP} /${GO_APP} && chmod +x /entrypoint.sh | ||
USER $APP_USER:$APP_USER | ||
|
||
ENTRYPOINT ["/entrypoint.sh"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,19 +1,54 @@ | ||
#syntax=docker/dockerfile-upstream:1.4 | ||
FROM --platform=$BUILDPLATFORM goreleaser | ||
FROM --platform=$BUILDPLATFORM golang:1.21.6-bullseye as goreleaser | ||
|
||
ARG GORELEASER_KEY | ||
ENV GORELEASER_KEY=$GORELEASER_KEY | ||
|
||
ARG GORELEASER_CONFIG=".goreleaser.yaml" | ||
ENV GORELEASER_CONFIG=$GORELEASER_CONFIG | ||
|
||
RUN <<EOT | ||
set -e | ||
|
||
echo 'deb [trusted=yes] https://repo.goreleaser.com/apt/ /' > /etc/apt/sources.list.d/goreleaser.list | ||
apt-key adv --keyserver keyserver.ubuntu.com --recv-key C99B11DEB97541F0 | ||
|
||
curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg > /usr/share/keyrings/githubcli-archive-keyring.gpg | ||
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" > /etc/apt/sources.list.d/github-cli.list | ||
|
||
GORELEASER_DEB="goreleaser" | ||
|
||
apt-get update | ||
if [ -n "${GORELEASER_KEY}" ]; then | ||
GORELEASER_DEB="goreleaser-pro" | ||
fi | ||
apt-get install -y \ | ||
gh \ | ||
jq \ | ||
"${GORELEASER_DEB}" | ||
rm -rf /var/lib/apt/lists/* | ||
EOT | ||
|
||
FROM goreleaser | ||
|
||
ARG CI | ||
ARG GITHUB_TOKEN | ||
|
||
COPY --from=src . /go/src | ||
COPY --from=src / /go/src | ||
|
||
WORKDIR /go/src | ||
|
||
RUN <<EOT | ||
set -e | ||
cd /go/src | ||
FLAGS="--rm-dist" | ||
if [[ -z ${GITHUB_TOKEN} ]]; then | ||
if [[ ${CI} != "true" ]]; then FLAGS="${FLAGS} --skip-validate --single-target"; fi | ||
goreleaser build ${FLAGS} | ||
|
||
GORELEASER_CMD="build" | ||
FLAGS="--clean" | ||
if [ -n "${GITHUB_TOKEN}" ]; then | ||
GORELEASER_CMD="release" | ||
else | ||
goreleaser release ${FLAGS} | ||
FLAGS="${FLAGS} --snapshot" | ||
fi | ||
if [ "${CI}" != "true" ]; then | ||
FLAGS="${FLAGS} --single-target" | ||
fi | ||
|
||
goreleaser ${GORELEASER_CMD} -f ${GORELEASER_CONFIG} ${FLAGS} | ||
EOT |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.