From 4f6db11a166ed98d432072a1d088cbcd593e4964 Mon Sep 17 00:00:00 2001 From: Akash LM Date: Thu, 16 May 2024 10:34:24 +0530 Subject: [PATCH 1/3] feat: Add separate dockerfiles for server and cli --- dockerfiles/cli/Dockerfile | 10 ++++++++++ Dockerfile => dockerfiles/server/Dockerfile | 4 ---- 2 files changed, 10 insertions(+), 4 deletions(-) create mode 100644 dockerfiles/cli/Dockerfile rename Dockerfile => dockerfiles/server/Dockerfile (55%) diff --git a/dockerfiles/cli/Dockerfile b/dockerfiles/cli/Dockerfile new file mode 100644 index 0000000..794c59d --- /dev/null +++ b/dockerfiles/cli/Dockerfile @@ -0,0 +1,10 @@ +FROM alpine + +WORKDIR /app + +COPY ./qualitytrace /app/qualitytrace + +# Adding /app folder on $PATH to allow users to call qualitytrace cli on docker +ENV PATH="$PATH:/app" + +ENTRYPOINT ["/app/qualitytrace"] diff --git a/Dockerfile b/dockerfiles/server/Dockerfile similarity index 55% rename from Dockerfile rename to dockerfiles/server/Dockerfile index f20ce6c..c9ceb37 100644 --- a/Dockerfile +++ b/dockerfiles/server/Dockerfile @@ -3,13 +3,9 @@ FROM alpine WORKDIR /app COPY ./qualitytrace-server /app/qualitytrace-server -COPY ./qualitytrace /app/qualitytrace # COPY ./web/build ./html -# Adding /app folder on $PATH to allow users to call qualitytrace cli on docker -ENV PATH="$PATH:/app" - EXPOSE 11633/tcp ENTRYPOINT ["/app/qualitytrace-server", "serve"] From 6d0244285de13e4cdd2df39f536a9a102b818344 Mon Sep 17 00:00:00 2001 From: Akash LM Date: Thu, 16 May 2024 10:40:20 +0530 Subject: [PATCH 2/3] config: updated workflows --- .github/workflows/cli_release.yaml | 16 ++++++++-------- .github/workflows/helm_release.yaml | 4 ---- ...race-cli-pr.yaml => qualitytrace-cli-pr.yaml} | 14 ++++++++------ ...elease.yaml => qualitytrace-cli-release.yaml} | 14 ++++++++------ ...lity-trace-cli.yaml => qualitytrace-cli.yaml} | 16 +++++++++------- ...ntainer-pr.yml => qualitytrace-server-pr.yml} | 15 ++++++++------- ...lease.yml => qualitytrace-server-release.yml} | 16 +++++++++------- ...e-container.yaml => qualitytrace-server.yaml} | 16 +++++++++------- 8 files changed, 59 insertions(+), 52 deletions(-) rename .github/workflows/{quality-trace-cli-pr.yaml => qualitytrace-cli-pr.yaml} (75%) rename .github/workflows/{quality-trace-cli-release.yaml => qualitytrace-cli-release.yaml} (79%) rename .github/workflows/{quality-trace-cli.yaml => qualitytrace-cli.yaml} (82%) rename .github/workflows/{quality-trace-container-pr.yml => qualitytrace-server-pr.yml} (74%) rename .github/workflows/{quality-trace-container-release.yml => qualitytrace-server-release.yml} (75%) rename .github/workflows/{quality-trace-container.yaml => qualitytrace-server.yaml} (82%) diff --git a/.github/workflows/cli_release.yaml b/.github/workflows/cli_release.yaml index 78e4a23..7e82013 100644 --- a/.github/workflows/cli_release.yaml +++ b/.github/workflows/cli_release.yaml @@ -1,4 +1,4 @@ -name: Build and publish quality-trace CLI +name: Build and publish qualitytrace CLI on: push: tags: @@ -14,16 +14,16 @@ jobs: - name: Set up Go environment uses: actions/setup-go@v4 with: - go-version: '1.20' + go-version: '1.23.0' - name: Build my CLI for Linux - run: go mod download && CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -o quality-trace-linux cli/main.go + run: go mod download && CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -o qualitytrace-linux cli/main.go - name: Build my CLI for macOS - run: go mod download && GOOS=darwin GOARCH=amd64 go build -o quality-trace-macos cli/main.go + run: go mod download && GOOS=darwin GOARCH=amd64 go build -o qualitytrace-macos cli/main.go - name: Build my CLI for Windows - run: go mod download && GOOS=windows GOARCH=amd64 go build -o quality-trace-windows.exe cli/main.go + run: go mod download && GOOS=windows GOARCH=amd64 go build -o qualitytrace-windows.exe cli/main.go - name: Get release name from tag id: release @@ -35,9 +35,9 @@ jobs: uses: softprops/action-gh-release@v1 with: files: | - quality-trace-linux - quality-trace-macos - quality-trace-windows.exe + qualitytrace-linux + qualitytrace-macos + qualitytrace-windows.exe tag_name: ${{ github.ref }} name: ${{ steps.release.outputs.name }} - Linux draft: false diff --git a/.github/workflows/helm_release.yaml b/.github/workflows/helm_release.yaml index e2bb0ca..315fec3 100644 --- a/.github/workflows/helm_release.yaml +++ b/.github/workflows/helm_release.yaml @@ -20,10 +20,6 @@ jobs: git config user.name "$GITHUB_ACTOR" git config user.email "$GITHUB_ACTOR@gmail.com" - - name: Add Helm repos - run: | - helm repo add bitnami https://charts.bitnami.com/bitnami - - name: Run chart-releaser uses: helm/chart-releaser-action@v1.5.0 env: diff --git a/.github/workflows/quality-trace-cli-pr.yaml b/.github/workflows/qualitytrace-cli-pr.yaml similarity index 75% rename from .github/workflows/quality-trace-cli-pr.yaml rename to .github/workflows/qualitytrace-cli-pr.yaml index b9b4f8d..326556c 100644 --- a/.github/workflows/quality-trace-cli-pr.yaml +++ b/.github/workflows/qualitytrace-cli-pr.yaml @@ -1,4 +1,4 @@ -name: Quality-Trace-Cli Docker Image CI - PR +name: qualitytrace-cli Docker Image CI - PR on: pull_request: @@ -11,6 +11,8 @@ jobs: env: REGISTRY: ghcr.io GH_URL: https://github.com + registry_username: ${{ github.actor }} + registry_password: ${{ secrets.GITHUB_TOKEN }} steps: - name: Checkout @@ -29,11 +31,11 @@ jobs: name: Set up Go environment uses: actions/setup-go@v4 with: - go-version: '1.21.1' + go-version: '1.23.0' - name: Build cli - run: make dist/quality-trace + run: make dist/qualitytrace env: GO111MODULE: on @@ -42,8 +44,8 @@ jobs: uses: docker/login-action@v2 with: registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} + username: ${{ env.registry_username }} + password: ${{ env.registry_password }} - @@ -56,5 +58,5 @@ jobs: push: true tags: ${{ env.REGISTRY }}/${{ github.repository }}/cli:pr-${{ github.event.pull_request.number }} build-args: | - "GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}" + "GITHUB_TOKEN=${{ env.registry_password }}" diff --git a/.github/workflows/quality-trace-cli-release.yaml b/.github/workflows/qualitytrace-cli-release.yaml similarity index 79% rename from .github/workflows/quality-trace-cli-release.yaml rename to .github/workflows/qualitytrace-cli-release.yaml index 184045f..11998d3 100644 --- a/.github/workflows/quality-trace-cli-release.yaml +++ b/.github/workflows/qualitytrace-cli-release.yaml @@ -1,4 +1,4 @@ -name: quality-trace-cli docker release +name: qualitytrace-cli docker release on: push: tags: @@ -16,6 +16,8 @@ jobs: env: REGISTRY: ghcr.io GH_URL: https://github.com + registry_username: ${{ github.actor }} + registry_password: ${{ secrets.GITHUB_TOKEN }} steps: - name: Set environment variable run: | @@ -28,7 +30,7 @@ jobs: uses: actions/checkout@v3 - name: Build cli - run: make dist/quality-trace + run: make dist/qualitytrace env: GO111MODULE: on @@ -36,8 +38,8 @@ jobs: uses: docker/login-action@v2 with: registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} + username: ${{ env.registry_username }} + password: ${{ env.registry_password }} - name: Build image and push to GitHub Container Registry uses: docker/build-push-action@v4 @@ -56,7 +58,7 @@ jobs: COSIGN_EXPERIMENTAL: 1 - name: Verify the pushed tags - run: cosign verify ${{ env.REGISTRY }}/${{ github.repository }}/cli:${{ env.RELEASE_VERSION }} --certificate-identity ${{ env.GH_URL }}/${{ github.repository }}/.github/workflows/quality-trace-cli-release.yaml@refs/tags/${{ env.RELEASE_VERSION }} --certificate-oidc-issuer https://token.actions.githubusercontent.com + run: cosign verify ${{ env.REGISTRY }}/${{ github.repository }}/cli:${{ env.RELEASE_VERSION }} --certificate-identity ${{ env.GH_URL }}/${{ github.repository }}/.github/workflows/qualitytrace-cli-release.yaml@refs/tags/${{ env.RELEASE_VERSION }} --certificate-oidc-issuer https://token.actions.githubusercontent.com env: COSIGN_EXPERIMENTAL: 1 @@ -67,4 +69,4 @@ jobs: format: 'github' output: 'dependency-results.sbom.json' image-ref: '.' - github-pat: ${{ secrets.GITHUB_TOKEN }} # or ${{ secrets.github_pat_name }} if you're using a PAT + github-pat: ${{ env.registry_password }} # or ${{ secrets.github_pat_name }} if you're using a PAT diff --git a/.github/workflows/quality-trace-cli.yaml b/.github/workflows/qualitytrace-cli.yaml similarity index 82% rename from .github/workflows/quality-trace-cli.yaml rename to .github/workflows/qualitytrace-cli.yaml index b1e7854..8c09c96 100644 --- a/.github/workflows/quality-trace-cli.yaml +++ b/.github/workflows/qualitytrace-cli.yaml @@ -1,4 +1,4 @@ -name: Quality-Trace Cli Docker Image +name: qualitytrace Cli Docker Image on: push: @@ -22,6 +22,8 @@ jobs: env: REGISTRY: ghcr.io GH_URL: https://github.com + registry_username: ${{ github.actor }} + registry_password: ${{ secrets.GITHUB_TOKEN }} steps: - name: Checkout GitHub Action uses: actions/checkout@v3 @@ -33,10 +35,10 @@ jobs: - name: Set up Go environment uses: actions/setup-go@v4 with: - go-version: '1.21.1' + go-version: '1.23.0' - name: Build cli - run: make dist/quality-trace + run: make dist/qualitytrace env: GO111MODULE: on @@ -57,8 +59,8 @@ jobs: uses: docker/login-action@v2 with: registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} + username: ${{ env.registry_username }} + password: ${{ env.registry_password }} - name: Build image and push to GitHub Container Registry uses: docker/build-push-action@v4 @@ -82,7 +84,7 @@ jobs: COSIGN_EXPERIMENTAL: 1 - name: Verify the pushed tags - run: cosign verify ${{ env.REGISTRY }}/${{ github.repository }}/cli:${{ github.run_id }} --certificate-identity ${{ env.GH_URL }}/${{ github.repository }}/.github/workflows/quality-trace-cli.yaml@refs/heads/main --certificate-oidc-issuer https://token.actions.githubusercontent.com + run: cosign verify ${{ env.REGISTRY }}/${{ github.repository }}/cli:${{ github.run_id }} --certificate-identity ${{ env.GH_URL }}/${{ github.repository }}/.github/workflows/qualitytrace-cli.yaml@refs/heads/main --certificate-oidc-issuer https://token.actions.githubusercontent.com env: COSIGN_EXPERIMENTAL: 1 @@ -93,4 +95,4 @@ jobs: format: 'github' output: 'dependency-results.sbom.json' image-ref: '.' - github-pat: ${{ secrets.GITHUB_TOKEN }} + github-pat: ${{ env.registry_password }} diff --git a/.github/workflows/quality-trace-container-pr.yml b/.github/workflows/qualitytrace-server-pr.yml similarity index 74% rename from .github/workflows/quality-trace-container-pr.yml rename to .github/workflows/qualitytrace-server-pr.yml index 63318c0..e9d41c4 100644 --- a/.github/workflows/quality-trace-container-pr.yml +++ b/.github/workflows/qualitytrace-server-pr.yml @@ -1,4 +1,4 @@ -name: Quality-Trace Docker Image CI - PR +name: qualitytrace-server Docker Image CI - PR on: pull_request: @@ -11,6 +11,8 @@ jobs: env: REGISTRY: ghcr.io GH_URL: https://github.com + registry_username: ${{ github.actor }} + registry_password: ${{ secrets.GITHUB_TOKEN }} steps: - name: Checkout @@ -29,11 +31,11 @@ jobs: name: Set up Go environment uses: actions/setup-go@v4 with: - go-version: '1.21.1' + go-version: '1.23.0' - name: Build server - run: make dist/quality-trace-server + run: make dist/qualitytrace-server env: GO111MODULE: on @@ -42,9 +44,8 @@ jobs: uses: docker/login-action@v2 with: registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - + username: ${{ env.registry_username }} + password: ${{ env.registry_password }} - name: Build and push on PR @@ -56,5 +57,5 @@ jobs: push: true tags: ${{ env.REGISTRY }}/${{ github.repository }}:pr-${{ github.event.pull_request.number }} build-args: | - "GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}" + "GITHUB_TOKEN=${{ env.registry_password }}" diff --git a/.github/workflows/quality-trace-container-release.yml b/.github/workflows/qualitytrace-server-release.yml similarity index 75% rename from .github/workflows/quality-trace-container-release.yml rename to .github/workflows/qualitytrace-server-release.yml index 1073952..b1c4e54 100644 --- a/.github/workflows/quality-trace-container-release.yml +++ b/.github/workflows/qualitytrace-server-release.yml @@ -1,4 +1,4 @@ -name: quality-trace-release +name: qualitytrace-server release on: push: tags: @@ -6,7 +6,7 @@ on: jobs: push_to_registry: name: Build and push Docker image github container registry. - runs-on: ubuntu-20.04 + runs-on: ubuntu-latest permissions: packages: write id-token: write @@ -16,6 +16,8 @@ jobs: env: REGISTRY: ghcr.io GH_URL: https://github.com + registry_username: ${{ github.actor }} + registry_password: ${{ secrets.GITHUB_TOKEN }} steps: - name: Set environment variable run: | @@ -25,15 +27,15 @@ jobs: - name: Check out GitHub repo uses: actions/checkout@v3 - name: Build server - run: make dist/quality-trace-server + run: make dist/qualitytrace-server env: GO111MODULE: on - name: Login to GitHub Container Registry uses: docker/login-action@v2 with: registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} + username: ${{ env.registry_username }} + password: ${{ env.registry_password }} - name: Build image and push to GitHub Container Registry uses: docker/build-push-action@v4 with: @@ -49,7 +51,7 @@ jobs: env: COSIGN_EXPERIMENTAL: 1 - name: Verify the pushed tags - run: cosign verify ${{ env.REGISTRY }}/${{ github.repository }}:${{ env.RELEASE_VERSION }} --certificate-identity ${{ env.GH_URL }}/${{ github.repository }}/.github/workflows/quality-trace-container-release.yml@refs/tags/${{ env.RELEASE_VERSION }} --certificate-oidc-issuer https://token.actions.githubusercontent.com + run: cosign verify ${{ env.REGISTRY }}/${{ github.repository }}:${{ env.RELEASE_VERSION }} --certificate-identity ${{ env.GH_URL }}/${{ github.repository }}/.github/workflows/qualitytrace-container-release.yml@refs/tags/${{ env.RELEASE_VERSION }} --certificate-oidc-issuer https://token.actions.githubusercontent.com env: COSIGN_EXPERIMENTAL: 1 - name: Run Trivy in GitHub SBOM mode and submit results to Dependency Graph @@ -59,4 +61,4 @@ jobs: format: 'github' output: 'dependency-results.sbom.json' image-ref: '.' - github-pat: ${{ secrets.GITHUB_TOKEN }} # or ${{ secrets.github_pat_name }} if you're using a PAT + github-pat: ${{ env.registry_password }} # or ${{ secrets.github_pat_name }} if you're using a PAT diff --git a/.github/workflows/quality-trace-container.yaml b/.github/workflows/qualitytrace-server.yaml similarity index 82% rename from .github/workflows/quality-trace-container.yaml rename to .github/workflows/qualitytrace-server.yaml index e431013..93c2867 100644 --- a/.github/workflows/quality-trace-container.yaml +++ b/.github/workflows/qualitytrace-server.yaml @@ -1,4 +1,4 @@ -name: Quality-Trace Docker Image CI +name: qualitytrace-server Docker Image CI on: push: @@ -22,6 +22,8 @@ jobs: env: REGISTRY: ghcr.io GH_URL: https://github.com + registry_username: ${{ github.actor }} + registry_password: ${{ secrets.GITHUB_TOKEN }} steps: - name: Checkout GitHub Action uses: actions/checkout@v3 @@ -33,10 +35,10 @@ jobs: - name: Set up Go environment uses: actions/setup-go@v4 with: - go-version: '1.21.1' + go-version: '1.23.0' - name: Build server - run: make dist/quality-trace-server + run: make dist/qualitytrace-server env: GO111MODULE: on @@ -57,8 +59,8 @@ jobs: uses: docker/login-action@v2 with: registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} + username: ${{ env.registry_username }} + password: ${{ env.registry_password }} - name: Build image and push to GitHub Container Registry uses: docker/build-push-action@v4 @@ -82,7 +84,7 @@ jobs: COSIGN_EXPERIMENTAL: 1 - name: Verify the pushed tags - run: cosign verify ${{ env.REGISTRY }}/${{ github.repository }}:${{ github.run_id }} --certificate-identity ${{ env.GH_URL }}/${{ github.repository }}/.github/workflows/quality-trace-container.yaml@refs/heads/main --certificate-oidc-issuer https://token.actions.githubusercontent.com + run: cosign verify ${{ env.REGISTRY }}/${{ github.repository }}:${{ github.run_id }} --certificate-identity ${{ env.GH_URL }}/${{ github.repository }}/.github/workflows/qualitytrace-container.yaml@refs/heads/main --certificate-oidc-issuer https://token.actions.githubusercontent.com env: COSIGN_EXPERIMENTAL: 1 @@ -93,4 +95,4 @@ jobs: format: 'github' output: 'dependency-results.sbom.json' image-ref: '.' - github-pat: ${{ secrets.GITHUB_TOKEN }} + github-pat: ${{ env.registry_password }} From 7d8e28033f09acad7d02fe9209e542cc045ac1a2 Mon Sep 17 00:00:00 2001 From: Akash LM Date: Thu, 16 May 2024 10:53:45 +0530 Subject: [PATCH 3/3] fix: updated go version for build failure --- .github/workflows/cli_release.yaml | 2 +- .github/workflows/qualitytrace-cli-pr.yaml | 2 +- .github/workflows/qualitytrace-cli.yaml | 2 +- .github/workflows/qualitytrace-server-pr.yml | 2 +- .github/workflows/qualitytrace-server.yaml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/cli_release.yaml b/.github/workflows/cli_release.yaml index 7e82013..bc92384 100644 --- a/.github/workflows/cli_release.yaml +++ b/.github/workflows/cli_release.yaml @@ -14,7 +14,7 @@ jobs: - name: Set up Go environment uses: actions/setup-go@v4 with: - go-version: '1.23.0' + go-version: '1.21' - name: Build my CLI for Linux run: go mod download && CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -o qualitytrace-linux cli/main.go diff --git a/.github/workflows/qualitytrace-cli-pr.yaml b/.github/workflows/qualitytrace-cli-pr.yaml index 326556c..a931e22 100644 --- a/.github/workflows/qualitytrace-cli-pr.yaml +++ b/.github/workflows/qualitytrace-cli-pr.yaml @@ -31,7 +31,7 @@ jobs: name: Set up Go environment uses: actions/setup-go@v4 with: - go-version: '1.23.0' + go-version: '1.21' - name: Build cli diff --git a/.github/workflows/qualitytrace-cli.yaml b/.github/workflows/qualitytrace-cli.yaml index 8c09c96..a207394 100644 --- a/.github/workflows/qualitytrace-cli.yaml +++ b/.github/workflows/qualitytrace-cli.yaml @@ -35,7 +35,7 @@ jobs: - name: Set up Go environment uses: actions/setup-go@v4 with: - go-version: '1.23.0' + go-version: '1.21' - name: Build cli run: make dist/qualitytrace diff --git a/.github/workflows/qualitytrace-server-pr.yml b/.github/workflows/qualitytrace-server-pr.yml index e9d41c4..9a8f00e 100644 --- a/.github/workflows/qualitytrace-server-pr.yml +++ b/.github/workflows/qualitytrace-server-pr.yml @@ -31,7 +31,7 @@ jobs: name: Set up Go environment uses: actions/setup-go@v4 with: - go-version: '1.23.0' + go-version: '1.21' - name: Build server diff --git a/.github/workflows/qualitytrace-server.yaml b/.github/workflows/qualitytrace-server.yaml index 93c2867..9082229 100644 --- a/.github/workflows/qualitytrace-server.yaml +++ b/.github/workflows/qualitytrace-server.yaml @@ -35,7 +35,7 @@ jobs: - name: Set up Go environment uses: actions/setup-go@v4 with: - go-version: '1.23.0' + go-version: '1.21' - name: Build server run: make dist/qualitytrace-server