Fix build automation and linter errors. Add LDFLAG- supported version…

… information.
OpenCHAMI · Oct 30, 2024 · 83f28d0 · 83f28d0
1 parent 63a232c
commit 83f28d0
Show file tree

Hide file tree

Showing 8 changed files with 209 additions and 45 deletions.
diff --git a/.github/workflows/PRTest.yml b/.github/workflows/PRTest.yml
@@ -0,0 +1,41 @@
+name: Test build
+on: [push, pull_request]
+
+jobs:
+  test_build:
+    defaults:
+      run:
+        working-directory: ./cmd
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-tags: 1
+          fetch-depth: 1
+
+      - name: Set up latest stable Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: stable
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+
+      # Set environment variables required by GoReleaser
+      - name: Set build environment variables
+        run: |
+          echo "GIT_STATE=$(if git diff-index --quiet HEAD --; then echo 'clean'; else echo 'dirty'; fi)" >> $GITHUB_ENV
+          echo "BUILD_HOST=$(hostname)" >> $GITHUB_ENV
+          echo "GO_VERSION=$(go version | awk '{print $3}')" >> $GITHUB_ENV
+          echo "BUILD_USER=$(whoami)" >> $GITHUB_ENV
+          echo "CGO_ENABLED=1" >> $GITHUB_ENV
+
+      - name: Build with goreleaser
+        uses: goreleaser/goreleaser-action@v6
+        with:
+          version: '~> v2'
+          args: release --snapshot
+        id: goreleaser
diff --git a/.github/workflows/ochami.yml b/.github/workflows/ochami.yml
@@ -1,5 +1,4 @@
 name: Release with goreleaser
-
 on:
   workflow_dispatch:
   push:
@@ -16,23 +15,27 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - name: Set up Go 1.21
+      - name: Set up latest stable Go
         uses: actions/setup-go@v5
         with:
-          go-version: 1.21
+          go-version: stable
+
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v3
+
       - name: Docker Login
         uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
+
       - name: Checkout
         uses: actions/checkout@v4
         with:
           fetch-tags: 1
           fetch-depth: 0
+
       - name: Release with goreleaser
         uses: goreleaser/goreleaser-action@v5
         env:
@@ -41,6 +44,7 @@ jobs:
           version: latest
           args: release --clean
         id: goreleaser
+
       - name: Process goreleaser output
         id: process_goreleaser_output
         run: |
@@ -51,10 +55,12 @@ jobs:
           echo "fs.writeFileSync('digest.txt', firstNonNullDigest);" >> process.js
           node process.js
           echo "digest=$(cat digest.txt)" >> $GITHUB_OUTPUT
+
       - name: Attest Binaries
         uses: actions/attest-build-provenance@v1
         with:
           subject-path: dist/cloud-init*
+
       - name: generate build provenance
         uses: actions/attest-build-provenance@v1
         with:

diff --git a/.goreleaser.yaml b/.goreleaser.yaml
@@ -1,41 +1,96 @@
-# This is an example .goreleaser.yml file with some sensible defaults.
-# Make sure to check the documentation at https://goreleaser.com
-
+version: 2
 project_name: cloud-init
 before:
   hooks:
-    # You may remove this if you don't use go modules.
     - go mod tidy
 
 builds:
   - id: cloud-init
     main: ./cmd/cloud-init-server
-    binary: cloud-init-server
     goos:
       - linux
+      - darwin
     goarch:
       - amd64
-    no_unique_dist_dir: true
-    tags:
-      - dynamic
+      - arm64
+    goamd64:
+      - v3
+
+    # export GIT_STATE=$(if git diff-index --quiet HEAD --; then echo 'clean'; else echo 'dirty'; fi)
+    # export BUILD_HOST=$(hostname)
+    # export GO_VERSION=$(go version | awk '{print $3}')
+    # export BUILD_USER=$(whoami)
+    ldflags:
+      - "-s -w -X main.GitCommit={{.Commit}} \
+         -X main.BuildTime={{.Timestamp}} \
+         -X main.Version={{.Version}} \
+         -X main.GitBranch={{.Branch}} \
+         -X main.GitTag={{.Tag}} \
+         -X main.GitState={{ .Env.GIT_STATE }} \
+         -X main.BuildHost={{ .Env.BUILD_HOST }} \
+         -X main.GoVersion={{ .Env.GO_VERSION }} \
+         -X main.BuildUser={{ .Env.BUILD_USER }} "
+    binary: cloud-init-server
+    env:
+      - CGO_ENABLED=0
 
 dockers:
-  - 
-    image_templates:
-      - ghcr.io/openchami/{{.ProjectName}}:latest
-      - ghcr.io/openchami/{{.ProjectName}}:{{ .Tag }}
-      - ghcr.io/openchami/{{.ProjectName}}:v{{ .Major }}
-      - ghcr.io/openchami/{{.ProjectName}}:v{{ .Major }}.{{ .Minor }}
+  - image_templates:
+      - &amd64_linux_image ghcr.io/openchami/{{.ProjectName}}:{{ .Tag }}-amd64
+      - ghcr.io/openchami/{{.ProjectName}}:{{ .Major }}-amd64
+      - ghcr.io/openchami/{{.ProjectName}}:{{ .Major }}.{{ .Minor }}-amd64
+    use: buildx
     build_flag_templates:
       - "--pull"
+      - "--platform=linux/amd64"
       - "--label=org.opencontainers.image.created={{.Date}}"
       - "--label=org.opencontainers.image.title={{.ProjectName}}"
       - "--label=org.opencontainers.image.revision={{.FullCommit}}"
       - "--label=org.opencontainers.image.version={{.Version}}"
+    goarch: amd64
+    goamd64: v3
     extra_files:
       - LICENSE
+      - README.md
       - CHANGELOG.md
+
+  - image_templates:
+      - &arm64v8_linux_image ghcr.io/openchami/{{.ProjectName}}:{{ .Tag }}-arm64
+      - ghcr.io/openchami/{{.ProjectName}}:{{ .Major }}-arm64
+      - ghcr.io/openchami/{{.ProjectName}}:{{ .Major }}.{{ .Minor }}-arm64
+    use: buildx
+    build_flag_templates:
+      - "--pull"
+      - "--platform=linux/arm64"
+      - "--label=org.opencontainers.image.created={{.Date}}"
+      - "--label=org.opencontainers.image.title={{.ProjectName}}"
+      - "--label=org.opencontainers.image.revision={{.FullCommit}}"
+      - "--label=org.opencontainers.image.version={{.Version}}"
+    extra_files:
       - README.md
+      - LICENSE
+    goarch: arm64
+
+docker_manifests:
+  - name_template: "ghcr.io/openchami/{{.ProjectName}}:latest"
+    image_templates:
+      - *amd64_linux_image
+      - *arm64v8_linux_image
+
+  - name_template: "ghcr.io/openchami/{{.ProjectName}}:{{ .Tag }}"
+    image_templates:
+      - *amd64_linux_image
+      - *arm64v8_linux_image
+
+  - name_template: "ghcr.io/openchami/{{.ProjectName}}:{{ .Major }}"
+    image_templates:
+      - *amd64_linux_image
+      - *arm64v8_linux_image
+
+  - name_template: "ghcr.io/openchami/{{.ProjectName}}:{{ .Major }}.{{ .Minor }}"
+    image_templates:
+      - *amd64_linux_image
+      - *arm64v8_linux_image
 
 archives:
   - format: tar.gz
@@ -56,7 +111,7 @@ archives:
 checksum:
   name_template: 'checksums.txt'
 snapshot:
-  name_template: "{{ incpatch .Version }}-next"
+  version_template: "{{ incpatch .Version }}-next"
 changelog:
   sort: asc
   filters:

diff --git a/Dockerfile b/Dockerfile
@@ -20,20 +20,17 @@
 # ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
 # OTHER DEALINGS IN THE SOFTWARE.
 
-FROM cgr.dev/chainguard/wolfi-base
+FROM chainguard/wolfi-base:latest
 STOPSIGNAL SIGTERM
 
-RUN apk add --no-cache tini
-
-# Setup environment variables.
 
 # Include curl in the final image.
 RUN set -ex \
     && apk -U upgrade \
-    && apk add --no-cache curl
+    && apk add --no-cache curl tini
 
 # Get the boot-script-service from the builder stage.
-COPY cloud-init-server /usr/local/bin/
+COPY cloud-init-server /cloud-init-server
 
 ENV TOKEN_URL="http://opaal:3333/token"
 ENV SMD_URL="http://smd:27779"
@@ -44,7 +41,7 @@ ENV JWKS_URL=""
 USER 65534:65534
 
 # Set up the command to start the service.
-CMD /usr/local/bin/cloud-init-server --listen ${LISTEN_ADDR} --smd-url ${SMD_URL} --token-url ${TOKEN_URL} --jwks-url ${JWKS_URL:-""}
+CMD cloud-init-server --listen ${LISTEN_ADDR} --smd-url ${SMD_URL} --token-url ${TOKEN_URL} --jwks-url ${JWKS_URL:-""}
 
 
 ENTRYPOINT ["/sbin/tini", "--"]
diff --git a/cmd/cloud-init-server/handlers.go b/cmd/cloud-init-server/handlers.go
@@ -156,7 +156,7 @@ func (h CiHandler) getData(id string, dataKind ciDataKind, w http.ResponseWriter
 	var data *map[string]interface{}
 	switch dataKind {
 	case UserData:
-		w.Write([]byte("#cloud-config\n"))
+		w.Write([]byte("#cloud-config\n")) //nolint:errcheck
 		data = &ci.CIData.UserData
 	case MetaData:
 		data = &ci.CIData.MetaData
@@ -169,7 +169,7 @@ func (h CiHandler) getData(id string, dataKind ciDataKind, w http.ResponseWriter
 		fmt.Print(err)
 	}
 	w.Header().Set("Content-Type", "text/yaml")
-	w.Write([]byte(ydata))
+	w.Write([]byte(ydata)) //nolint:errcheck
 }
 
 func (h CiHandler) UpdateEntry(w http.ResponseWriter, r *http.Request) {
@@ -215,7 +215,7 @@ func (h CiHandler) DeleteEntry(w http.ResponseWriter, r *http.Request) {
 	render.JSON(w, r, map[string]string{"status": "success"})
 }
 
-func parseData(w http.ResponseWriter, r *http.Request) (citypes.GroupData, error) {
+func parseData(r *http.Request) (citypes.GroupData, error) {
 	var (
 		body []byte
 		err  error
@@ -242,7 +242,7 @@ func (h CiHandler) AddGroups(w http.ResponseWriter, r *http.Request) {
 		err  error
 	)
 
-	data, err = parseData(w, r)
+	data, err = parseData(r)
 	if err != nil {
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
@@ -277,7 +277,7 @@ func (h CiHandler) GetGroups(w http.ResponseWriter, r *http.Request) {
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
-	w.Write(bytes)
+	w.Write(bytes) //nolint:errcheck
 
 }
 
@@ -292,7 +292,7 @@ func (h CiHandler) UpdateGroups(w http.ResponseWriter, r *http.Request) {
 		err  error
 	)
 
-	data, err = parseData(w, r)
+	data, err = parseData(r)
 	if err != nil {
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
@@ -315,19 +315,14 @@ func (h CiHandler) RemoveGroups(w http.ResponseWriter, r *http.Request) {
 	}
 }
 
-func writeInternalError(w http.ResponseWriter, err string) {
-	http.Error(w, err, http.StatusInternalServerError)
-	// log.Error().Err(err)
-}
-
 func (h CiHandler) AddGroupData(w http.ResponseWriter, r *http.Request) {
 	var (
 		id   string = chi.URLParam(r, "id")
 		data citypes.GroupData
 		err  error
 	)
 
-	data, err = parseData(w, r)
+	data, err = parseData(r)
 	if err != nil {
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
@@ -360,7 +355,7 @@ func (h CiHandler) GetGroupData(w http.ResponseWriter, r *http.Request) {
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
-	w.Write(bytes)
+	w.Write(bytes) //nolint:errcheck
 }
 func (h CiHandler) UpdateGroupData(w http.ResponseWriter, r *http.Request) {
 	var (
@@ -369,7 +364,7 @@ func (h CiHandler) UpdateGroupData(w http.ResponseWriter, r *http.Request) {
 		err  error
 	)
 
-	data, err = parseData(w, r)
+	data, err = parseData(r)
 	if err != nil {
 		http.Error(w, err.Error(), http.StatusInternalServerError)
 		return

diff --git a/cmd/cloud-init-server/main.go b/cmd/cloud-init-server/main.go
@@ -3,6 +3,7 @@ package main
 import (
 	"flag"
 	"fmt"
+	"log"
 	"net/http"
 	"os"
 	"time"
@@ -33,6 +34,8 @@ func main() {
 	flag.StringVar(&jwksUrl, "jwks-url", jwksUrl, "JWT keyserver URL, required to enable secure route")
 	flag.Parse()
 
+	PrintVersionInfo()
+
 	// Set up JWT verification via the specified URL, if any
 	var keyset *jwtauth.JWTAuth
 	secureRouteEnable := false
@@ -87,7 +90,7 @@ func main() {
 	}
 
 	// Serve all routes
-	http.ListenAndServe(ciEndpoint, router)
+	log.Fatal(http.ListenAndServe(ciEndpoint, router))
 }
 
 func initCiRouter(router chi.Router, handler *CiHandler) {