From e24ad72cf3a65dc2e7e6fb8bfebc6de7b327b44b Mon Sep 17 00:00:00 2001 From: Moritz Clasmeier Date: Mon, 15 Dec 2025 14:28:38 +0100 Subject: [PATCH 01/11] Derive roxie version from git tags, use that version as docker tag --- Makefile | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/Makefile b/Makefile index e79486c..9dee017 100644 --- a/Makefile +++ b/Makefile @@ -18,11 +18,25 @@ BUILD_DIR := . BINARY := $(BUILD_DIR)/$(BINARY_NAME) # Version information -VERSION := 0.1 -GIT_COMMIT := $(shell git rev-parse --short HEAD 2>/dev/null || echo "unknown") +GIT_COMMIT := $(shell git rev-parse HEAD 2>/dev/null || echo "unknown") +# Convention is that the git tags are of the form +# v..--[-dirty] +# or v.. +# +# We use sed to drop the initial 'v' in case the whole tag matches any of the above patterns. +# Hence, the resulting version string will simply be +# +# .. or ..--[-dirty] +# +# This will also become the tag of the docker images. +VERSION := $(shell git describe --tags --always --dirty | sed -E 's/^v([0-9]+\.[0-9]+\.[0-9]+-[0-9]+-[a-z0-9]+(-dirty)?$$)/\1/') BUILD_DATE := $(shell date -u '+%Y-%m-%dT%H:%M:%SZ') LDFLAGS := -X main.version=$(VERSION) -X main.gitCommit=$(GIT_COMMIT) -X main.buildDate=$(BUILD_DATE) +.PHONY: version +version: + @echo $(VERSION) + # Build targets .PHONY: build build: ## Build the roxie binary @@ -147,9 +161,8 @@ all: clean deps check test build ## Run full development workflow # Docker/Container targets DOCKER_IMAGE := roxie DOCKER_TAG := latest -DOCKER_VERSION_TAG := $(VERSION)-$(GIT_COMMIT) DOCKER_FULL_IMAGE := $(DOCKER_IMAGE):$(DOCKER_TAG) -DOCKER_VERSION_IMAGE := $(DOCKER_IMAGE):$(DOCKER_VERSION_TAG) +DOCKER_VERSION_IMAGE := $(DOCKER_IMAGE):$(VERSION) CONTAINER_RUNTIME ?= $(shell command -v podman 2>/dev/null || command -v docker 2>/dev/null) # Multi-architecture support From 5067cdaf9971c8e5cea20dab5447f7ade0bc4e68 Mon Sep 17 00:00:00 2001 From: Moritz Clasmeier Date: Mon, 15 Dec 2025 13:55:02 +0100 Subject: [PATCH 02/11] GHA: Docker image building job --- .github/workflows/docker-build.yml | 83 ++++++++++++++++++++++++++++++ 1 file changed, 83 insertions(+) create mode 100644 .github/workflows/docker-build.yml diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml new file mode 100644 index 0000000..d4140d8 --- /dev/null +++ b/.github/workflows/docker-build.yml @@ -0,0 +1,83 @@ +name: Docker Build and Push + +on: + push: + branches: [ main ] + tags: + - 'v*' + pull_request: + branches: [ main ] + workflow_dispatch: + +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + +jobs: + docker-build-push: + name: Build and Push Multi-arch Image + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version: '1.22' + cache: true + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log in to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Get build metadata + id: build-meta + run: | + echo "version=$(make version)" >> $GITHUB_OUTPUT + echo "git_commit=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT + echo "build_date=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_OUTPUT + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + tags: | + # Tag with 'latest' for main branch. + type=raw,value=latest,enable={{is_default_branch}} + # Tag with version string from 'make version'. + type=raw,value=${{ steps.build-meta.outputs.version }} + + - name: Build and push Docker image + id: docker_build + uses: docker/build-push-action@v5 + with: + context: . + platforms: linux/amd64,linux/arm64 + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + build-args: | + VERSION=${{ steps.build-meta.outputs.version }} + GIT_COMMIT=${{ steps.build-meta.outputs.git_commit }} + BUILD_DATE=${{ steps.build-meta.outputs.build_date }} + cache-from: | + type=gha + type=registry,ref=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:buildcache + cache-to: type=gha,mode=max + + - name: Image digest + run: echo "Image pushed with digest ${{ steps.docker_build.outputs.digest }}" From 704a8a85afcd611b77b546b87bd6f78757f7ec5f Mon Sep 17 00:00:00 2001 From: Moritz Clasmeier Date: Thu, 11 Dec 2025 13:50:44 +0100 Subject: [PATCH 03/11] Updated README with current docker related information --- README.md | 84 ++++++++++++++++++++++++------------------------------- 1 file changed, 37 insertions(+), 47 deletions(-) diff --git a/README.md b/README.md index 7b0b6e9..4727c86 100644 --- a/README.md +++ b/README.md @@ -22,77 +22,67 @@ roxie has been authored with significant AI contributions. ## Quick start -### Option 1: Container Image (Recommended for non-developers) +### Option 1: Deploying using Docker image (Recommended for non-developers) -**Requirements:** Only Docker/Podman and a kubeconfig! +**Requirements:** +* Working Docker setup +* kubeconfig configuration file +* quay.io registry credentials in the environment variables REGISTRY_USERNAME and REGISTRY_PASSWORD. -```bash -# Build the image (current platform) -make docker-build +Note that **Podman is currently not supported** for running +containerized roxie due to incomplete mapping of user IDs on macOS. This prevents the passing-in of the gcloud +configuration directory to be functional within the container, which is required for interacting with GKE clusters. -# This creates two tags: -# - roxie:latest -# - roxie:0.1- (e.g., roxie:0.1-4469692) - -# Build for multiple architectures (amd64 + arm64) -make docker-build-multiarch +Example for deploying Central and SecuredCluster to the current Kubernetes cluster context: +```bash +docker run --rm -it --privileged \ + -v ~/.config/gcloud:/.config/gcloud \ + -v $KUBECONFIG:/kubeconfig \ + -e REGISTRY_USERNAME=$REGISTRY_USERNAME \ + -e REGISTRY_PASSWORD=$REGISTRY_PASSWORD \ + ghcr.io/stackrox/roxie:latest deploy +``` -# Deploy ACS -make docker-deploy COMPONENT=both +A new roxie image for the current platform can be built using: -# Deploy with specific version tag (recommended for production) -make docker-deploy DOCKER_TAG=0.1-4469692 COMPONENT=both +```bash +make docker-build ``` -**Supported architectures:** linux/amd64, linux/arm64 +This creates two tags: +- `localhost/roxie:latest` +- `localhost/roxie:` -**Version Tags:** Every build automatically creates a version-tagged image (VERSION-COMMIT format) alongside `latest`. This enables: -- **Reproducible deployments** - Pin exact versions in CI/CD -- **Easy rollbacks** - Revert to any previous build -- **Version tracking** - Know exactly what code is running +Docker images can be built for the platforms `linux/amd64` and `linux/arm64`. See the `Makefile` for more +docker related targets. -### Option 2: Local Build (For development) +### Option 2: Deploying using local build Prerequisites: - `kubectl` configured to point at your target cluster -- The `roxctl` CLI installed +- `podman` is set up and available +- The `roxctl` CLI - The `roxie` branch forked and cloned to your local machine - -Get help: -```bash -./bin/roxie --help -``` - -Deploy Central (via operator): +Built using: ```bash -./bin/roxie deploy central +make build ``` -Deploy Secured Cluster (via operator): -```bash -# Ensure Central is reachable; roxie discovers and wires the endpoint -./bin/roxie deploy secured-cluster -``` - -Deploy both in one go: +Get help: ```bash -./bin/roxie deploy both +./roxie --help ``` -Use Helm instead of Operator: +Deploy using: ```bash -./bin/roxie deploy central --helm -./bin/roxie deploy secured-cluster --helm -# or -./bin/roxie deploy both --helm +./roxie deploy [ ] ``` +where `component` can be `central` or `sensor`. If not specified, both components will be deployed. -Teardown: +Similarly, the deployment(s) can be torn down using: ```bash -./bin/roxie teardown central -./bin/roxie teardown secured-cluster -./bin/roxie teardown both +./bin/roxie teardown [ ] ``` ## Development From 4cdef1a3c7193996abcb936a4c90a81dc9a9d782 Mon Sep 17 00:00:00 2001 From: Moritz Clasmeier Date: Thu, 11 Dec 2025 13:51:53 +0100 Subject: [PATCH 04/11] Added Makefile to dockerignore --- .dockerignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.dockerignore b/.dockerignore index 30442dc..ff85bf9 100644 --- a/.dockerignore +++ b/.dockerignore @@ -33,6 +33,7 @@ vendor/ tests/ # Configuration +Makefile .envrc *.yaml *.yml From 66739ff4e95c7ced5d4cbb7890e3519c9880b8bf Mon Sep 17 00:00:00 2001 From: Moritz Clasmeier Date: Thu, 11 Dec 2025 13:54:24 +0100 Subject: [PATCH 05/11] Dockerfile: Set KUBECONFIG in env --- Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/Dockerfile b/Dockerfile index 984789a..d8f1baf 100644 --- a/Dockerfile +++ b/Dockerfile @@ -176,6 +176,7 @@ USER roxie # Set environment variables ENV HOME=/ \ + KUBECONFIG=/kubeconfig \ PATH=/usr/local/bin:$PATH # Display version information on container start From 7e8b8898fddb18cf5172a519180f95ad56b1bcb5 Mon Sep 17 00:00:00 2001 From: Moritz Clasmeier Date: Mon, 15 Dec 2025 14:32:02 +0100 Subject: [PATCH 06/11] Add dummy 'localhost' repo for image to be built. Otherwise -- if not present -- docker will prepend some docker.io/.... registry automatically. This change makes the resulting image be the same when using docker or podman. --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 9dee017..be58ee5 100644 --- a/Makefile +++ b/Makefile @@ -159,7 +159,7 @@ validate: ## Validate go.mod and check for issues all: clean deps check test build ## Run full development workflow # Docker/Container targets -DOCKER_IMAGE := roxie +DOCKER_IMAGE := localhost/roxie DOCKER_TAG := latest DOCKER_FULL_IMAGE := $(DOCKER_IMAGE):$(DOCKER_TAG) DOCKER_VERSION_IMAGE := $(DOCKER_IMAGE):$(VERSION) From d948f1c5ac70dd1ce131e1e85962e04177ebfceb Mon Sep 17 00:00:00 2001 From: Moritz Clasmeier Date: Tue, 16 Dec 2025 12:57:46 +0100 Subject: [PATCH 07/11] Makefile: Removed a couple of DOCKER_ variable naming. Streamline setup. Remove coupled of unneeded Makefile targets. --- Makefile | 121 ++++++++----------------------------------------------- 1 file changed, 17 insertions(+), 104 deletions(-) diff --git a/Makefile b/Makefile index be58ee5..9d23ffb 100644 --- a/Makefile +++ b/Makefile @@ -159,10 +159,11 @@ validate: ## Validate go.mod and check for issues all: clean deps check test build ## Run full development workflow # Docker/Container targets -DOCKER_IMAGE := localhost/roxie -DOCKER_TAG := latest -DOCKER_FULL_IMAGE := $(DOCKER_IMAGE):$(DOCKER_TAG) -DOCKER_VERSION_IMAGE := $(DOCKER_IMAGE):$(VERSION) +IMAGE_DEFAULT_REGISTRY := localhost +IMAGE_REGISTRY := $(shell if [ -z "$(IMAGE_REGISTRY)" ]; then echo $(IMAGE_DEFAULT_REGISTRY); else echo $(IMAGE_REGISTRY); fi) +IMAGE_NAME := roxie +IMAGE_LATEST_TAG := $(IMAGE_REGISTRY)/$(IMAGE_NAME):latest +IMAGE_VERSION_TAG := $(IMAGE_REGISTRY)/$(IMAGE_NAME):$(VERSION) CONTAINER_RUNTIME ?= $(shell command -v podman 2>/dev/null || command -v docker 2>/dev/null) # Multi-architecture support @@ -180,67 +181,13 @@ docker-build: ## Build roxie Docker image for current platform --build-arg VERSION=$(VERSION) \ --build-arg GIT_COMMIT=$(GIT_COMMIT) \ --build-arg BUILD_DATE=$(BUILD_DATE) \ - -t $(DOCKER_FULL_IMAGE) \ - -t $(DOCKER_VERSION_IMAGE) \ + -t $(IMAGE_LATEST_TAG) \ + -t $(IMAGE_VERSION_TAG) \ -f Dockerfile . @echo "โœ… Built container images:" - @echo " - $(DOCKER_FULL_IMAGE)" - @echo " - $(DOCKER_VERSION_IMAGE)" + @echo " - $(IMAGE_LATEST_TAG)" + @echo " - $(IMAGE_VERSION_TAG)" -.PHONY: docker-build-multiarch -docker-build-multiarch: ## Build multi-architecture images (amd64, arm64) using buildx - @echo "๐Ÿ—๏ธ Building multi-architecture roxie container images..." - @if ! command -v docker >/dev/null 2>&1; then \ - echo "โŒ Docker is required for multi-arch builds (buildx)"; \ - exit 1; \ - fi - @if ! docker buildx version >/dev/null 2>&1; then \ - echo "โŒ Docker buildx is required for multi-arch builds"; \ - echo "Install: docker buildx install"; \ - exit 1; \ - fi - @echo "Creating/using buildx builder..." - @docker buildx create --name roxie-builder --use 2>/dev/null || docker buildx use roxie-builder - @echo "Building for platforms: $(PLATFORMS)" - docker buildx build \ - --platform $(PLATFORMS) \ - --build-arg VERSION=$(VERSION) \ - --build-arg GIT_COMMIT=$(GIT_COMMIT) \ - --build-arg BUILD_DATE=$(BUILD_DATE) \ - -t $(DOCKER_FULL_IMAGE) \ - -t $(DOCKER_VERSION_IMAGE) \ - --load \ - -f Dockerfile . - @echo "โœ… Built multi-arch images:" - @echo " - $(DOCKER_FULL_IMAGE)" - @echo " - $(DOCKER_VERSION_IMAGE)" - -.PHONY: docker-build-push-multiarch -docker-build-push-multiarch: ## Build and push multi-arch images to registry (requires DOCKER_REGISTRY) - @echo "๐Ÿš€ Building and pushing multi-architecture images..." - @if [ -z "$(DOCKER_REGISTRY)" ]; then \ - echo "โŒ DOCKER_REGISTRY is required. Example: make docker-build-push-multiarch DOCKER_REGISTRY=ghcr.io/myorg"; \ - exit 1; \ - fi - @if ! docker buildx version >/dev/null 2>&1; then \ - echo "โŒ Docker buildx is required for multi-arch builds"; \ - exit 1; \ - fi - @docker buildx create --name roxie-builder --use 2>/dev/null || docker buildx use roxie-builder - docker buildx build \ - --platform $(PLATFORMS) \ - --build-arg VERSION=$(VERSION) \ - --build-arg GIT_COMMIT=$(GIT_COMMIT) \ - --build-arg BUILD_DATE=$(BUILD_DATE) \ - -t $(DOCKER_REGISTRY)/$(DOCKER_IMAGE):$(DOCKER_TAG) \ - -t $(DOCKER_REGISTRY)/$(DOCKER_IMAGE):$(DOCKER_VERSION_TAG) \ - -t $(DOCKER_REGISTRY)/$(DOCKER_IMAGE):$(VERSION) \ - --push \ - -f Dockerfile . - @echo "โœ… Pushed multi-arch images:" - @echo " - $(DOCKER_REGISTRY)/$(DOCKER_IMAGE):$(DOCKER_TAG)" - @echo " - $(DOCKER_REGISTRY)/$(DOCKER_IMAGE):$(DOCKER_VERSION_TAG)" - @echo " - $(DOCKER_REGISTRY)/$(DOCKER_IMAGE):$(VERSION)" .PHONY: docker-build-arm64 docker-build-arm64: ## Build roxie Docker image for arm64 @@ -254,12 +201,12 @@ docker-build-arm64: ## Build roxie Docker image for arm64 --build-arg VERSION=$(VERSION) \ --build-arg GIT_COMMIT=$(GIT_COMMIT) \ --build-arg BUILD_DATE=$(BUILD_DATE) \ - -t $(DOCKER_IMAGE):$(DOCKER_TAG)-arm64 \ - -t $(DOCKER_IMAGE):$(DOCKER_VERSION_TAG)-arm64 \ + -t $(IMAGE_LATEST_TAG)-arm64 \ + -t $(IMAGE_VERSION_TAG)-arm64 \ -f Dockerfile . @echo "โœ… Built arm64 images:" - @echo " - $(DOCKER_IMAGE):$(DOCKER_TAG)-arm64" - @echo " - $(DOCKER_IMAGE):$(DOCKER_VERSION_TAG)-arm64" + @echo " - $(IMAGE_LATEST_TAG)-arm64" + @echo " - $(IMAGE_VERSION_TAG)-arm64" .PHONY: docker-build-amd64 docker-build-amd64: ## Build roxie Docker image for amd64 @@ -273,46 +220,12 @@ docker-build-amd64: ## Build roxie Docker image for amd64 --build-arg VERSION=$(VERSION) \ --build-arg GIT_COMMIT=$(GIT_COMMIT) \ --build-arg BUILD_DATE=$(BUILD_DATE) \ - -t $(DOCKER_IMAGE):$(DOCKER_TAG)-amd64 \ - -t $(DOCKER_IMAGE):$(DOCKER_VERSION_TAG)-amd64 \ + -t $(IMAGE_LATEST_TAG)-amd64 \ + -t $(IMAGE_VERSION_TAG)-amd64 \ -f Dockerfile . @echo "โœ… Built amd64 images:" - @echo " - $(DOCKER_IMAGE):$(DOCKER_TAG)-amd64" - @echo " - $(DOCKER_IMAGE):$(DOCKER_VERSION_TAG)-amd64" - -.PHONY: docker-test-podman -docker-test-podman: ## Test podman functionality inside the roxie container - @echo "๐Ÿงช Testing podman inside roxie container..." - @echo "" - @echo "1. Testing podman pull (operator bundle)..." - @$(CONTAINER_RUNTIME) run --rm \ - --entrypoint podman \ - $(DOCKER_FULL_IMAGE) \ - pull quay.io/rhacs-eng/stackrox-operator-bundle:v4.4.3 - @echo "" - @echo "2. Testing podman inspect..." - @$(CONTAINER_RUNTIME) run --rm \ - --entrypoint podman \ - $(DOCKER_FULL_IMAGE) \ - inspect quay.io/rhacs-eng/stackrox-operator-bundle:v4.4.3 > /dev/null - @echo "โœ“ Podman can pull and inspect images successfully" - @echo "" - @echo "3. Cleaning up test image..." - @$(CONTAINER_RUNTIME) run --rm \ - --entrypoint podman \ - $(DOCKER_FULL_IMAGE) \ - rmi quay.io/rhacs-eng/stackrox-operator-bundle:v4.4.3 - @echo "โœ“ Podman test complete" - -.PHONY: docker-clean -docker-clean: ## Remove roxie Docker images - @echo "๐Ÿงน Cleaning up roxie container images..." - @if [ -z "$(CONTAINER_RUNTIME)" ]; then \ - echo "โŒ No container runtime found. Please install docker or podman."; \ - exit 1; \ - fi - $(CONTAINER_RUNTIME) rmi $(DOCKER_FULL_IMAGE) 2>/dev/null || true - @echo "โœ… Cleanup complete" + @echo " - $(IMAGE_LATEST_TAG)-amd64" + @echo " - $(IMAGE_VERSION_TAG)-amd64" # Quick targets .PHONY: quick From 55f7aa737f5dc4af66258201cb097a831c420c2d Mon Sep 17 00:00:00 2001 From: Moritz Clasmeier Date: Tue, 16 Dec 2025 12:58:41 +0100 Subject: [PATCH 08/11] GHA setup: address feedback. --- .github/workflows/docker-build.yml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml index d4140d8..96980f0 100644 --- a/.github/workflows/docker-build.yml +++ b/.github/workflows/docker-build.yml @@ -7,7 +7,6 @@ on: - 'v*' pull_request: branches: [ main ] - workflow_dispatch: env: REGISTRY: ghcr.io @@ -23,14 +22,14 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 - name: Set up Go - uses: actions/setup-go@v5 + uses: actions/setup-go@v6 with: - go-version: '1.22' + go-version-file: go.mod cache: true - name: Set up Docker Buildx @@ -63,7 +62,7 @@ jobs: - name: Build and push Docker image id: docker_build - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v6 with: context: . platforms: linux/amd64,linux/arm64 From 1a63cea043be5f2dfdad2332b5efff65218c3118 Mon Sep 17 00:00:00 2001 From: Moritz Clasmeier Date: Tue, 16 Dec 2025 13:04:34 +0100 Subject: [PATCH 09/11] Bump go version go.mod --- go.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 5481178..91f382c 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/stackrox/roxie -go 1.22 +go 1.25 require ( github.com/fatih/color v1.16.0 From 15f18bc7910ebd0214d96054a67875d3f7f14e21 Mon Sep 17 00:00:00 2001 From: Moritz Clasmeier Date: Tue, 16 Dec 2025 13:24:27 +0100 Subject: [PATCH 10/11] Makefile targets for build date and commit hash --- .github/workflows/docker-build.yml | 4 ++-- Makefile | 8 ++++++++ 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml index 96980f0..dbcefed 100644 --- a/.github/workflows/docker-build.yml +++ b/.github/workflows/docker-build.yml @@ -46,8 +46,8 @@ jobs: id: build-meta run: | echo "version=$(make version)" >> $GITHUB_OUTPUT - echo "git_commit=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT - echo "build_date=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_OUTPUT + echo "git_commit=$(make get-commit-hash)" >> $GITHUB_OUTPUT + echo "build_date=$(make get-build-date)" >> $GITHUB_OUTPUT - name: Extract metadata (tags, labels) for Docker id: meta diff --git a/Makefile b/Makefile index 9d23ffb..6f7330d 100644 --- a/Makefile +++ b/Makefile @@ -33,6 +33,14 @@ VERSION := $(shell git describe --tags --always --dirty | sed -E 's/^v([0-9]+\.[ BUILD_DATE := $(shell date -u '+%Y-%m-%dT%H:%M:%SZ') LDFLAGS := -X main.version=$(VERSION) -X main.gitCommit=$(GIT_COMMIT) -X main.buildDate=$(BUILD_DATE) +.PHONY: get-build-date +get-build-date: + @echo $(BUILD_DATE) + +.PHONY: get-commit-hash +get-commit-hash: + @echo $(GIT_COMMIT) + .PHONY: version version: @echo $(VERSION) From 9e8d165f6ebbb04d50b17bdd42b706d3a31724f4 Mon Sep 17 00:00:00 2001 From: Moritz Clasmeier Date: Tue, 16 Dec 2025 13:37:13 +0100 Subject: [PATCH 11/11] Dockerfile: bump to golang 1.25 --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index d8f1baf..c14b923 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,7 +3,7 @@ # Supports multi-architecture builds (amd64, arm64) # Stage 1: Build roxie binary -FROM --platform=$BUILDPLATFORM docker.io/library/golang:1.22-alpine AS builder +FROM --platform=$BUILDPLATFORM docker.io/library/golang:1.25-alpine AS builder # Build arguments for cross-compilation # These are automatically provided by Docker buildx