From 9e0f905c6862796adda208bbd454a5ce1dd3ffbb Mon Sep 17 00:00:00 2001
From: Seema Durrani <59551872+seemadurrani@users.noreply.github.com>
Date: Thu, 22 Jun 2023 18:40:13 +0530
Subject: [PATCH] Spectro cicd3 (#83)

* spectro-cicd

* spectro-cicd

* spectro-cicd3
---
 .github/workflows/spectro-release.yaml | 68 ++++++++++++++++++++++++++
 Dockerfile                             | 11 ++++-
 Makefile                               | 15 ++++--
 3 files changed, 88 insertions(+), 6 deletions(-)
 create mode 100644 .github/workflows/spectro-release.yaml

diff --git a/.github/workflows/spectro-release.yaml b/.github/workflows/spectro-release.yaml
new file mode 100644
index 0000000..483b6bc
--- /dev/null
+++ b/.github/workflows/spectro-release.yaml
@@ -0,0 +1,68 @@
+name: Spectro Release
+run-name: Release for Cluster API  Maas ${{ github.event.inputs.release_version }}
+on:
+  workflow_dispatch:
+    inputs:
+      release_version:
+        description: 'Cluster API Version to Build'
+        required: true
+        default: '0.0.0'
+jobs:
+  builder:
+    # edge-runner machine group is a bunch of machines in US Datacenter
+    runs-on: ubuntu-latest
+    # Initialize all secrets required for the job
+    # Ensure that the credentials are provided as encrypted secrets
+    env:
+      SPECTRO_VERSION: ${{ github.event.inputs.release_version }}
+    steps:
+      -
+        uses: mukunku/tag-exists-action@v1.2.0
+        id: checkTag
+        with:
+          tag: v${{ github.event.inputs.release_version }}-spectro
+      -
+        if: ${{ steps.checkTag.outputs.exists == 'true' }}
+        run: |
+          echo "Tag already exists for v${{ github.event.inputs.release_version }}-spectro..."
+          exit 1
+      -
+        uses: actions/checkout@v3
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+      -
+        name: Login to private registry
+        uses: docker/login-action@v1
+        with:
+          registry: ${{ secrets.REGISTRY_URL }}
+          username: ${{ secrets.REGISTRY_USERNAME }}
+          password: ${{ secrets.REGISTRY_PASSWORD }}
+      -
+        name: Build Image
+        env:
+          REGISTRY: gcr.io/spectro-images-public/release/cluster-api-maas
+        run: |
+          make docker-build
+          make docker-push
+      -
+        name: Build Image - FIPS Mode
+        env:
+          FIPS_ENABLE: yes
+          REGISTRY: gcr.io/spectro-images-public/release-fips/cluster-api-maas
+        run: |
+          make docker-build
+          make docker-push
+      -
+        name: Create Release
+        id: create_release
+        uses: actions/create-release@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          tag_name: v${{ github.event.inputs.release_version }}-spectro
+          release_name: Release v${{ github.event.inputs.release_version }}-spectro
+          body: |
+            Release version ${{ github.event.inputs.release_version }}
+          draft: false
+          prerelease: false
diff --git a/Dockerfile b/Dockerfile
index 552c3f7..a1cbdfc 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -8,7 +8,8 @@ COPY go.sum go.sum
 # cache deps before building and copying source so that we don't need to re-download as much
 # and so that source changes don't invalidate our downloaded layer
 RUN go mod download
-
+ARG CRYPTO_LIB
+ENV GOEXPERIMENT=${CRYPTO_LIB:+boringcrypto}
 # Copy the go source
 COPY main.go main.go
 COPY api/ api/
@@ -16,7 +17,13 @@ COPY pkg/ pkg/
 COPY controllers/ controllers/
 
 # Build
-RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 GO111MODULE=on go build -a -o manager main.go
+
+RUN if [ ${CRYPTO_LIB} ]; \
+    then \
+      CGO_ENABLED=1 GOOS=linux GOARCH=amd64 GO111MODULE=on go build  -ldflags "-linkmode=external -extldflags=-static" -a -o manager main.go ;\
+    else \
+      CGO_ENABLED=0 GOOS=linux GOARCH=amd64 GO111MODULE=on go build -a -o manager main.go ;\
+    fi
 
 # Use distroless as minimal base image to package the manager binary
 # Refer to https://github.com/GoogleContainerTools/distroless for more details
diff --git a/Makefile b/Makefile
index aec4b96..291aeee 100644
--- a/Makefile
+++ b/Makefile
@@ -12,12 +12,19 @@ BUILD_DIR :=_build
 RELEASE_DIR := _build/release
 DEV_DIR := _build/dev
 REPO_ROOT := $(shell git rev-parse --show-toplevel)
+FIPS_ENABLE ?= ""
+
+RELEASE_LOC := release
+ifeq ($(FIPS_ENABLE),yes)
+  RELEASE_LOC := release-fips
+endif
 
 # Image URL to use all building/pushing image targets
 IMAGE_NAME := cluster-api-provider-maas-controller
-IMG_URL ?= gcr.io/spectro-dev-public/release/cluster-api
-IMG_TAG ?= spectro-v0.2.0-v1beta1-20230517.0809
-IMG ?= ${IMG_URL}/${IMAGE_NAME}:${IMG_TAG}
+REGISTRY ?= gcr.io/spectro-dev-public/${RELEASE_LOC}/cluster-api
+SPECTRO_VERSION ?= 4.0.0-dev
+IMG_TAG ?= v0.2.0-spectro-${SPECTRO_VERSION}
+IMG ?= ${REGISTRY}/${IMAGE_NAME}:${IMG_TAG}
 
 # Set --output-base for conversion-gen if we are not within GOPATH
 ifneq ($(abspath $(REPO_ROOT)),$(shell go env GOPATH)/src/github.com/spectrocloud/cluster-api-provider-maas)
@@ -149,7 +156,7 @@ generate-manifests:  ## Generate manifests
 
 # Build the docker image
 docker-build: #test
-	docker build . -t ${IMG}
+	docker build --build-arg CRYPTO_LIB=${FIPS_ENABLE}  . -t ${IMG}
 
 # Push the docker image
 docker-push: ## Push the docker image to gcr