Skip to content
This repository has been archived by the owner on May 3, 2024. It is now read-only.

Commit

Permalink
Merge pull request #11 from hexa-solutions/big-updates
Browse files Browse the repository at this point in the history
Big updates, Thank for the "big" PR. Merged.
  • Loading branch information
bwolf authored Oct 21, 2021
2 parents e1e7f46 + a54c83f commit e544607
Show file tree
Hide file tree
Showing 30 changed files with 1,943 additions and 483 deletions.
11 changes: 9 additions & 2 deletions .dockerignore
Original file line number Diff line number Diff line change
@@ -1,14 +1,21 @@
.git
.gitignore
.idea
LICENSE
.dockerignore
.github
Makefile
README.*
__main__
LICENSE
CHANGELOG.*
_test
_out
apiserver.local.config
cert-manager-webhook-gandi
deploy
main_test.go
scripts
testdata
examples
*.yaml
Dockerfile
charts
180 changes: 168 additions & 12 deletions .github/workflows/main.yml
Original file line number Diff line number Diff line change
@@ -1,16 +1,172 @@
name: Container-image
on: [push]
name: CI

on:
push:
tags:
- 'v*.*.*'
- '!v0.1.*'

jobs:
base:
runs-on: ubuntu-latest

outputs:
go_version: ${{ steps.get_versions.outputs.go_version }}
build_version: ${{ steps.get_versions.outputs.build_version }}
chart_version: ${{ steps.get_versions.outputs.chart_version }}
go_updated: ${{ steps.file_updates.outputs.go }}
yaml_updated: ${{ steps.file_updates.outputs.yaml }}

steps:
- name: Check out repo
uses: actions/checkout@v2
with:
fetch-depth: 0

- name: Get versions
id: get_versions
run: |
echo ::set-output name=go_version::$(go mod edit -json | grep -Po '"Go":\s+"([0-9.]+)"' | sed -E 's/.+"([0-9.]+)"/\1/')
echo ::set-output name=build_version::${GITHUB_REF#refs/tags/v}
echo ::set-output name=chart_version::${GITHUB_REF#refs/tags/}
- name: Get last release
id: last_release
shell: bash
run: |
tag=$(gh release list | sed -n '1 p' | awk '{print $(NF -1);}')
sha=$(git show-ref --tags | grep $tag | awk '{print $1;}')
echo ::set-output name=sha::$sha
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- name: Check updated files
id: file_updates
uses: dorny/paths-filter@v2
with:
base: ${{ steps.last_release.outputs.sha }}
filters: |
go:
- '*.go'
- 'go.*'
yaml:
- 'deploy/cert-manager-webhook-gandi/*.yaml'
- 'deploy/cert-manager-webhook-gandi/templates/*.yaml'
build:
name: Build docker image
needs: base
if: ${{ needs.base.outputs.go_updated == 'true' }}

runs-on: ubuntu-latest

outputs:
tag_commit: ${{ steps.update_image.outputs.commit }}

steps:
- name: Check out repo
uses: actions/checkout@v2

- name: Login to Docker Hub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}

- name: Set up Docker buildx
uses: docker/setup-buildx-action@v1

- name: Cache Docker layers
uses: actions/cache@v2
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Build and push
uses: docker/build-push-action@v2
with:
context: ./
file: ./Dockerfile
platforms: linux/amd64
target: image
push: true
build-args: GO_VERSION=${{ needs.base.outputs.go_version }}
tags: bwolf/cert-manager-webhook-gandi:latest,bwolf/cert-manager-webhook-gandi:${{ needs.base.outputs.build_version }}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max

# Temp fix
# https://github.com/docker/build-push-action/issues/252
# https://github.com/moby/buildkit/issues/1896
- name: Move cache
run: |
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
- name: Update Helm image tag
id: update_image
uses: fjogeleit/yaml-update-action@master
with:
valueFile: 'deploy/cert-manager-webhook-gandi/values.yaml'
propertyPath: 'image.tag'
value: ${{ needs.base.outputs.build_version }}
message: 'Update image tag to ${{ needs.base.outputs.build_version }}'
token: ${{ secrets.GITHUB_TOKEN }}

release:
needs:
- base
- build

if: |
always() && needs.base.result == 'success' &&
((needs.build.result == 'success' && needs.build.outputs.tag_commit != '' ) || (needs.build.result == 'skipped' && needs.base.outputs.yaml_updated == 'true'))
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v1
- name: Build and Publish to Registry
uses: elgohr/Publish-Docker-Github-Action@master
with:
name: bwolf/cert-manager-webhook-gandi
username: '${{ secrets.DOCKER_USERNAME }}'
password: '${{ secrets.DOCKER_PASSWORD }}'
buildoptions: "--compress --force-rm"
tag_names: true
- name: Retrieve commit ref
id: commit_ref
run: |
if [[ '${{ needs.build.outputs.tag_commit }}' = '' ]]; then
sha=${{ github.sha }}
else
sha=${{ needs.build.outputs.tag_commit }}
fi
echo ::set-output name=sha::$sha
- name: Check out repo
uses: actions/checkout@v2
with:
fetch-depth: 0
ref: ${{ steps.commit_ref.outputs.sha }}

- name: Configure Git
run: |
git config user.name github-actions
git config user.email [email protected]
- name: Update Helm chart version
uses: fjogeleit/yaml-update-action@master
with:
valueFile: 'deploy/cert-manager-webhook-gandi/Chart.yaml'
propertyPath: 'version'
value: ${{ needs.base.outputs.chart_version }}
message: 'Update chart version to ${{ needs.base.outputs.chart_version }}'
token: ${{ secrets.GITHUB_TOKEN }}
updateFile: true

- name: Install Helm
uses: azure/setup-helm@v1
with:
version: v3.4.0

- name: Run chart-releaser
uses: helm/[email protected]
with:
charts_dir: deploy
env:
CR_RELEASE_NAME_TEMPLATE: '{{ .Version }}'
CR_TOKEN: ${{ secrets.GITHUB_TOKEN }}
8 changes: 7 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@

# Test binary, build with `go test -c`
*.test
/__main__/
/_test/
/apiserver.local.config/
/_out/

Expand All @@ -16,3 +16,9 @@

# Ignore the built binary
cert-manager-webhook-gandi

# Ignore the Helm chart
/charts/

# JetBrains
.idea
7 changes: 7 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
# CHANGELOG
| Date | Version | Description |
| ------ | ------ | ------ |
| 2021-10-11 | v0.2.0 | add chart-releaser GitHub action |
| 2021-10-06 | v0.2.0 | update cert-manager to 1.5.4<br>update k8s API version to 0.22.2<br>migrate to new LiveDNS API (https://api.gandi.net)<br>add Helm repo with GitHub pages<br>simplify Dockerfile & switch to Buildx<br>update make test target (remove shell script)<br>update README.md with changes made<br>update GitHub workflow with Buildx<br>add k8s APF support (k8s >= 1.20) |
| 2020-02-26 | v0.1.1 | switch to Docker Hub |
| 2020-02-26 | v0.1.0 | initial release |
4 changes: 0 additions & 4 deletions ChangeLog.md

This file was deleted.

36 changes: 17 additions & 19 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,25 +1,23 @@
FROM golang:1.13-alpine AS build_deps
# syntax=docker/dockerfile:1.3
ARG GO_VERSION
FROM --platform=${TARGETPLATFORM} golang:${GO_VERSION}-alpine AS base

RUN apk add --no-cache git bzr
WORKDIR /go/src/cert-manager-webhook-gandi
COPY go.* .

WORKDIR /workspace
ENV GO111MODULE=on
RUN --mount=type=cache,target=/go/pkg/mod \
apk add --no-cache git ca-certificates && \
go mod download

COPY go.mod .
COPY go.sum .
FROM base AS build
ARG TARGETOS
ARG TARGETARCH

RUN go mod download
RUN --mount=readonly,target=. --mount=type=cache,target=/go/pkg/mod \
GOOS=${TARGETOS} GOARCH=${TARGETARCH} CGO_ENABLED=0 go build -a -o /go/bin/webhook -ldflags '-w -extldflags "-static"' .

FROM build_deps AS build
FROM scratch AS image
COPY --from=build /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
COPY --from=build /go/bin/webhook /usr/local/bin/webhook

COPY . .

RUN CGO_ENABLED=0 go build -o webhook -ldflags '-w -extldflags "-static"' .

FROM alpine:3.9

RUN apk add --no-cache ca-certificates

COPY --from=build /workspace/webhook /usr/local/bin/webhook

ENTRYPOINT ["webhook"]
ENTRYPOINT ["/usr/local/bin/webhook"]
50 changes: 41 additions & 9 deletions Makefile
Original file line number Diff line number Diff line change
@@ -1,20 +1,52 @@
IMAGE_NAME := "cert-manager-webhook-gandi"
IMAGE_TAG := "latest"
OS ?= $(shell go env GOOS)
ARCH ?= $(shell go env GOARCH)

ifeq (Darwin, $(shell uname))
GREP_PREGEX_FLAG := E
else
GREP_PREGEX_FLAG := P
endif

GO_VERSION ?= $(shell go mod edit -json | grep -${GREP_PREGEX_FLAG}o '"Go":\s+"([0-9.]+)"' | sed -E 's/.+"([0-9.]+)"/\1/')

IMAGE_NAME := bwolf/cert-manager-webhook-gandi
IMAGE_TAG := 0.2.0

OUT := $(shell pwd)/_out

$(shell mkdir -p "$(OUT)")
KUBEBUILDER_VERSION=2.3.2

$(shell mkdir -p "${OUT}")

verify:
test: _test/kubebuilder
TEST_ASSET_ETCD=_test/kubebuilder/bin/etcd \
TEST_ASSET_KUBE_APISERVER=_test/kubebuilder/bin/kube-apiserver \
TEST_ASSET_KUBECTL=_test/kubebuilder/bin/kubectl \
go test -v .

_test/kubebuilder:
curl -fsSL https://github.com/kubernetes-sigs/kubebuilder/releases/download/v${KUBEBUILDER_VERSION}/kubebuilder_${KUBEBUILDER_VERSION}_${OS}_${ARCH}.tar.gz -o kubebuilder-tools.tar.gz
mkdir -p _test/kubebuilder
tar -xvf kubebuilder-tools.tar.gz
mv kubebuilder_${KUBEBUILDER_VERSION}_${OS}_${ARCH}/bin _test/kubebuilder/
rm kubebuilder-tools.tar.gz
rm -R kubebuilder_${KUBEBUILDER_VERSION}_${OS}_${ARCH}

clean: clean-kubebuilder

clean-kubebuilder:
rm -Rf _test/kubebuilder

build:
docker build --rm -t "$(IMAGE_NAME):$(IMAGE_TAG)" .
docker buildx build --target=image --platform=linux/amd64 --output=type=docker,name=${IMAGE_NAME}:${IMAGE_TAG} --tag=${IMAGE_NAME}:latest --build-arg=GO_VERSION=${GO_VERSION} .

package:
helm package deploy/cert-manager-webhook-gandi -d charts/
helm repo index charts/ --url https://bwolf.github.io/cert-manager-webhook-gandi

.PHONY: rendered-manifest.yaml
rendered-manifest.yaml:
# --name cert-manager-webhook-gandi $BACKSLASH
helm template \
--set image.repository=$(IMAGE_NAME) \
--set image.tag=$(IMAGE_TAG) \
deploy/cert-manager-webhook-gandi > "$(OUT)/rendered-manifest.yaml"
--set image.repository=${IMAGE_NAME} \
--set image.tag=${IMAGE_TAG} \
deploy/cert-manager-webhook-gandi > "${OUT}/rendered-manifest.yaml"
Loading

0 comments on commit e544607

Please sign in to comment.