diff --git a/.github/workflows/PRBuild.yml b/.github/workflows/PRBuild.yml new file mode 100644 index 0000000..cc8af89 --- /dev/null +++ b/.github/workflows/PRBuild.yml @@ -0,0 +1,46 @@ +name: Build PR with goreleaser + +on: + pull_request: + branches: + - main + types: [opened, synchronize, reopened, edited] + +jobs: + build: + runs-on: ubuntu-latest + steps: + - name: Set up Go 1.23 + uses: actions/setup-go@v5 + with: + go-version: 1.23 + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Docker Login + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-tags: 1 + fetch-depth: 1 + + # Set environment variables required by GoReleaser + - name: Set build environment variables + run: | + echo "GIT_STATE=$(if git diff-index --quiet HEAD --; then echo 'clean'; else echo 'dirty'; fi)" >> $GITHUB_ENV + echo "BUILD_HOST=$(hostname)" >> $GITHUB_ENV + echo "GO_VERSION=$(go version | awk '{print $3}')" >> $GITHUB_ENV + echo "BUILD_USER=$(whoami)" >> $GITHUB_ENV + + - name: Build with goreleaser + uses: goreleaser/goreleaser-action@v6 + env: + GITHUB_TOKEN: ${{ github.token }} + with: + version: '~> v2' + args: build --clean --snapshot + id: goreleaser \ No newline at end of file diff --git a/.github/workflows/goreleaser.yml b/.github/workflows/Release.yml similarity index 85% rename from .github/workflows/goreleaser.yml rename to .github/workflows/Release.yml index 768ba28..21751c4 100644 --- a/.github/workflows/goreleaser.yml +++ b/.github/workflows/Release.yml @@ -10,12 +10,11 @@ permissions: write-all # Necessary for the generate-build-provenance action with jobs: build: runs-on: ubuntu-latest - steps: - - name: Set up Go 1.21 + - name: Set up Go 1.23 uses: actions/setup-go@v5 with: - go-version: 1.21 + go-version: 1.23 - name: Set up QEMU uses: docker/setup-qemu-action@v3 - name: Docker Login @@ -39,11 +38,11 @@ jobs: echo "BUILD_USER=$(whoami)" >> $GITHUB_ENV - name: Release with goreleaser - uses: goreleaser/goreleaser-action@v5 + uses: goreleaser/goreleaser-action@v6 env: GITHUB_TOKEN: ${{ github.token }} with: - version: latest + version: '~> v2' args: release --clean id: goreleaser @@ -59,22 +58,22 @@ jobs: echo "digest=$(cat digest.txt)" >> $GITHUB_OUTPUT - name: Attest smd binary - uses: github-early-access/generate-build-provenance@main + uses: actions/attest-build-provenance@v1 with: subject-path: dist/smd - name: Attest smd-init binary - uses: github-early-access/generate-build-provenance@main + uses: actions/attest-build-provenance@v1 with: subject-path: dist/smd-init - name: Attest smd-loader binary - uses: github-early-access/generate-build-provenance@main + uses: actions/attest-build-provenance@v1 with: subject-path: dist/smd-loader - name: generate build provenance - uses: github-early-access/generate-build-provenance@main + uses: actions/attest-build-provenance@v1 with: subject-name: ghcr.io/openchami/smd subject-digest: ${{ steps.process_goreleaser_output.outputs.digest }} diff --git a/.goreleaser.yaml b/.goreleaser.yaml index 07a2f85..1104530 100644 --- a/.goreleaser.yaml +++ b/.goreleaser.yaml @@ -62,26 +62,63 @@ builds: - dynamic dockers: - - - image_templates: - - ghcr.io/openchami/{{.ProjectName}}:latest - - ghcr.io/openchami/{{.ProjectName}}:{{ .Tag }} - - ghcr.io/openchami/{{.ProjectName}}:{{ .Major }} - - ghcr.io/openchami/{{.ProjectName}}:{{ .Major }}.{{ .Minor }} + - image_templates: + - &amd64_linux_image ghcr.io/openchami/{{.ProjectName}}:{{ .Tag }}-amd64 + - ghcr.io/openchami/{{.ProjectName}}:{{ .Major }}-amd64 + - ghcr.io/openchami/{{.ProjectName}}:{{ .Major }}.{{ .Minor }}-amd64 + use: buildx build_flag_templates: - "--pull" + - "--platform=linux/amd64" - "--label=org.opencontainers.image.created={{.Date}}" - "--label=org.opencontainers.image.title={{.ProjectName}}" - "--label=org.opencontainers.image.revision={{.FullCommit}}" - "--label=org.opencontainers.image.version={{.Version}}" + goarch: amd64 extra_files: - LICENSE - CHANGELOG.md - README.md - migrations/ + - image_templates: + - &arm64v8_linux_image ghcr.io/openchami/{{.ProjectName}}:{{ .Tag }}-arm64 + - ghcr.io/openchami/{{.ProjectName}}:{{ .Major }}-arm64 + - ghcr.io/openchami/{{.ProjectName}}:{{ .Major }}.{{ .Minor }}-arm64 + use: buildx + build_flag_templates: + - "--pull" + - "--platform=linux/arm64" + - "--label=org.opencontainers.image.created={{.Date}}" + - "--label=org.opencontainers.image.title={{.ProjectName}}" + - "--label=org.opencontainers.image.revision={{.FullCommit}}" + - "--label=org.opencontainers.image.version={{.Version}}" + extra_files: + - LICENSE + - CHANGELOG.md + - README.md + - migrations/ + goarch: arm64 + +docker_manifests: + - name_template: "ghcr.io/openchami/{{.ProjectName}}:latest" + image_templates: + - *amd64_linux_image + - *arm64v8_linux_image + - name_template: "ghcr.io/openchami/{{.ProjectName}}:{{ .Tag }}" + image_templates: + - *amd64_linux_image + - *arm64v8_linux_image + - name_template: "ghcr.io/openchami/{{.ProjectName}}:{{ .Major }}" + image_templates: + - *amd64_linux_image + - *arm64v8_linux_image + - name_template: "ghcr.io/openchami/{{.ProjectName}}:{{ .Major }}.{{ .Minor }}" + image_templates: + - *amd64_linux_image + - *arm64v8_linux_image archives: - format: tar.gz @@ -103,7 +140,7 @@ archives: checksum: name_template: 'checksums.txt' snapshot: - name_template: "{{ incpatch .Version }}-next" + version_template: "{{ incpatch .Version }}-next" changelog: sort: asc filters: diff --git a/Dockerfile b/Dockerfile index 471982a..f9d1394 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM cgr.dev/chainguard/wolfi-base +FROM alpine:3.20 RUN apk add --no-cache tini