From b5bf93ce4161956f59d3527afd9e2d2873135461 Mon Sep 17 00:00:00 2001 From: Rishi <117034340+jokestax@users.noreply.github.com> Date: Thu, 17 Oct 2024 01:05:38 +0530 Subject: [PATCH] Add custom Docker image offering (#130) Co-authored-by: Patrick D'appollonio <930925+patrickdappollonio@users.noreply.github.com> --- .github/workflows/releasing.yaml | 12 +++++++++ .goreleaser.yml | 46 ++++++++++++++++++++++++++++++++ Dockerfile | 45 +++++++++++++++++++++++++++++++ 3 files changed, 103 insertions(+) create mode 100644 Dockerfile diff --git a/.github/workflows/releasing.yaml b/.github/workflows/releasing.yaml index 72ce6e0..f19bfc6 100644 --- a/.github/workflows/releasing.yaml +++ b/.github/workflows/releasing.yaml @@ -4,6 +4,9 @@ on: tags: - "*" +permissions: + packages: write + jobs: goreleaser: name: Release Application @@ -23,6 +26,14 @@ jobs: version: latest - name: Test application run: go test -v ./... + - name: Set up QEMU + uses: docker/login-action@v3 + with: + registry: "ghcr.io" + username: ${{ github.repository_owner}} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Set up QEMU + uses: docker/setup-qemu-actions@v3 - name: Release application to Github uses: goreleaser/goreleaser-action@v6 with: @@ -33,3 +44,4 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Update new version in krew-index uses: rajatjindal/krew-release-bot@v0.0.46 + diff --git a/.goreleaser.yml b/.goreleaser.yml index dc5663f..4301343 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -16,6 +16,52 @@ builds: - -trimpath ldflags: - -s -w -X main.version={{.Version}} -extldflags "-static" + +dockers: + - image_templates: + - "ghcr.io/patrickdappollonio/kubectl-slice:{{ .Tag }}-amd64" + goos: linux + goarch: amd64 + use: buildx + build_flag_templates: + - "--platform=linux/amd64" + - "--label=org.opencontainers.image.title={{ .ProjectName }}" + - "--label=org.opencontainers.image.description={{ .ProjectName }} version {{ .Version }}. See release notes at https://github.com/patrickdappollonio/{{ .ProjectName }}/releases/tag/v{{ .RawVersion }}" + - "--label=org.opencontainers.image.url=https://github.com/patrickdappollonio/{{ .ProjectName }}" + - "--label=org.opencontainers.image.source=https://github.com/patrickdappollonio/{{ .ProjectName }}" + - "--label=org.opencontainers.image.version={{ .Version }}" + - '--label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }}' + - "--label=org.opencontainers.image.revision={{ .FullCommit }}" + + - image_templates: + - "ghcr.io/patrickdappollonio/kubectl-slice:{{ .Tag }}-arm64" + goos: linux + goarch: arm64 + use: buildx + build_flag_templates: + - "--platform=linux/arm64" + - "--label=org.opencontainers.image.title={{ .ProjectName }}" + - "--label=org.opencontainers.image.description={{ .ProjectName }} version {{ .Version }}. See release notes at https://github.com/patrickdappollonio/{{ .ProjectName }}/releases/tag/v{{ .RawVersion }}" + - "--label=org.opencontainers.image.url=https://github.com/patrickdappollonio/{{ .ProjectName }}" + - "--label=org.opencontainers.image.source=https://github.com/patrickdappollonio/{{ .ProjectName }}" + - "--label=org.opencontainers.image.version={{ .Version }}" + - '--label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }}' + - "--label=org.opencontainers.image.revision={{ .FullCommit }}" + +docker_manifests: + - name_template: "ghcr.io/patrickdappollonio/kubectl-slice:v{{ .RawVersion }}" + image_templates: + - "ghcr.io/patrickdappollonio/kubectl-slice:{{ .Tag }}-amd64" + - "ghcr.io/patrickdappollonio/kubectl-slice:{{ .Tag }}-arm64" + - name_template: "ghcr.io/patrickdappollonio/kubectl-slice:v{{ .Major }}" + image_templates: + - "ghcr.io/patrickdappollonio/kubectl-slice:{{ .Tag }}-amd64" + - "ghcr.io/patrickdappollonio/kubectl-slice:{{ .Tag }}-arm64" + - name_template: "ghcr.io/patrickdappollonio/kubectl-slice:latest" + image_templates: + - "ghcr.io/patrickdappollonio/kubectl-slice:{{ .Tag }}-amd64" + - "ghcr.io/patrickdappollonio/kubectl-slice:{{ .Tag }}-arm64" + archives: - name_template: >- {{ .ProjectName }}_ diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..2c7d284 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,45 @@ +ARG KUBECTL_VERSION=1.31.1 +ARG YQ_VERSION=v4.44.3 + +# Stage 1: Download binaries +FROM debian:12-slim as download_binary + +ARG KUBECTL_VERSION +ARG YQ_VERSION + +# Install curl and certificates, and clean up in one layer to reduce image size +RUN apt-get update && apt-get install -y --no-install-recommends \ + curl \ + ca-certificates \ + && rm -rf /var/lib/apt/lists* + +# Download kubectl binary +RUN curl -sSL -o /kubectl "https://dl.k8s.io/release/v${KUBECTL_VERSION}/bin/linux/amd64/kubectl" \ + && chmod +x /kubectl + +# Download yq binary +RUN curl -sSL -o /yq "https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_linux_amd64" \ + && chmod +x /yq + +# Stage 2 +FROM debian:12-slim + +ARG DEBIAN_FRONTEND=noninteractive + +RUN apt-get update && apt-get install -y --no-install-recommends \ + sudo \ + && useradd -m -s /bin/bash slice \ + && echo 'slice ALL=(ALL) NOPASSWD:ALL' > /etc/sudoers.d/slice \ + && chmod 0440 /etc/sudoers.d/slice \ + && rm -rf /var/lib/apt/lists/* + +# Copy binaries from the download_binary stage +COPY --from=download_binary /kubectl /usr/local/bin/kubectl +COPY --from=download_binary /yq /usr/local/bin/yq +COPY --from=download_binary /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt + +# Copy kubectl-slice from local filesystem +COPY kubectl-slice /usr/local/bin/kubectl-slice + +USER slice +WORKDIR /home/slice