Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add a ghcr.io container artifact for metal-cli releases #252

Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open

feat: add a ghcr.io container artifact for metal-cli releases #252

wants to merge 6 commits into from

Conversation

displague
Copy link
Member

fixes #122

displague
displague commented Feb 23, 2023
View reviewed changes
.goreleaser.yml Outdated
- image_templates:
- 'ghcr.io/{{ .Env.GITHUB_REPOSITORY }}:{{ .Tag }}-{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}'
dockerfile: Dockerfile
use: buildx
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It looks like there may be an alternative approach where goreleaser copies the binaries it built into images without needing a redundant buildx build.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can consider that in the future.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It seems like it won't work without that functionality, actually. Working on converting now.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why Can't we use the same container for local building purposes, we observed a couple issue in golang version compatibility issue ?

@displague displague marked this pull request as ready for review March 16, 2023 00:28
@displague
Copy link
Member Author

Build failed when I tried this in my fork:

Downloading https://github.com/goreleaser/goreleaser/releases/download/v1.16.1
/goreleaser_Linux_x86_64.tar.gz
Extracting GoReleaser
/usr/bin/tar xz --warning=no-unknown-keyword --overwrite -C /home/runner/work/_temp/203907ad-7430-4da4-b891-e0af8a7f4e18 -f /home/runner/work/_temp/d7ee0456-6a5e-42ef-aee9-254637a19c44
GoReleaser latest installed successfully
/opt/hostedtoolcache/goreleaser-action/1.16.1/x64/goreleaser release --clean
  • starting release...
  • loading config file                              file=.goreleaser.yml
  • loading environment variables
    • using token from "$GITHUB_TOKEN"
  • getting and validating git state
    • building...                                    commit=0e[14](https://github.com/displague/metal-cli/actions/runs/4432294054/jobs/7776174127#step:4:15)9420170219adabaec082ff82de9520f17a43 latest tag=v0.0.9
  • parsing tag
  • setting defaults
  • running before hooks
    • running                                        hook=go mod download
    • running                                        hook=go generate ./...
    • took: 10s
  • checking distribution directory
  • loading go mod information
  • build prerequisites
  • writing effective config file
    • writing                                        config=dist/config.yaml
  • building binaries
    • building                                       binary=dist/metal-cli_freebsd_arm_6/metal
    • building                                       binary=dist/metal-cli_freebsd_amd64_v1/metal
    • building                                       binary=dist/metal-cli_freebsd_arm_7/metal
    • building                                       binary=dist/metal-cli_freebsd_arm64/metal
    • building                                       binary=dist/metal-cli_linux_amd64_v1/metal
    • building                                       binary=dist/metal-cli_linux_arm_6/metal
    • building                                       binary=dist/metal-cli_linux_arm_7/metal
    • building                                       binary=dist/metal-cli_linux_arm64/metal
    • building                                       binary=dist/metal-cli_windows_amd64_v1/metal.exe
    • building                                       binary=dist/metal-cli_windows_arm_6/metal.exe
    • building                                       binary=dist/metal-cli_windows_arm_7/metal.exe
    • building                                       binary=dist/metal-cli_windows_arm64/metal.exe
    • building                                       binary=dist/metal-cli_darwin_amd64_v1/metal
    • building                                       binary=dist/metal-cli_darwin_arm64/metal
    • took: 4m33s
  • generating changelog
    • writing                                        changelog=dist/CHANGELOG.md
  • archives
    • skip archiving                                 binary=metal.exe name=metal-windows-armv6.exe
    • skip archiving                                 binary=metal name=metal-linux-armv6
    • skip archiving                                 binary=metal name=metal-freebsd-armv7
    • skip archiving                                 binary=metal name=metal-freebsd-arm64
    • skip archiving                                 binary=metal.exe name=metal-windows-amd64.exe
    • skip archiving                                 binary=metal name=metal-linux-arm64
    • skip archiving                                 binary=metal.exe name=metal-windows-arm64.exe
    • skip archiving                                 binary=metal name=metal-linux-amd64
    • skip archiving                                 binary=metal name=metal-linux-armv7
    • skip archiving                                 binary=metal.exe name=metal-windows-armv7.exe
    • skip archiving                                 binary=metal name=metal-darwin-amd64
    • skip archiving                                 binary=metal name=metal-darwin-arm64
    • skip archiving                                 binary=metal name=metal-freebsd-armv6
    • skip archiving                                 binary=metal name=metal-freebsd-amd64
  • calculating checksums
  • docker images
  ⨯ release failed after 4m[43](https://github.com/displague/metal-cli/actions/runs/4432294054/jobs/7776174127#step:4:44)s               error=docker build failed: failed to execute image template 'ghcr.io/{{ .Env.GITHUB_REPOSITORY }}:{{ .Tag }}-{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}': template: tmpl:1:[51](https://github.com/displague/metal-cli/actions/runs/4432294054/jobs/7776174127#step:4:52): executing "tmpl" at <.Arch>: map has no entry for key "Arch"
Learn more at https://goreleaser.com/errors/docker-build

cprivitere
cprivitere previously approved these changes Oct 9, 2023
View reviewed changes
@cprivitere cprivitere dismissed their stale review October 9, 2023 17:43

didn't see comment from marques about build failing

@cprivitere
Copy link
Contributor

Needs fix for whatever build failure Marques hit.
Needs title in line with new standards.

@cprivitere cprivitere changed the title add a ghcr.io container artifact for metal-cli relesaes feat: add a ghcr.io container artifact for metal-cli relesaes Jan 24, 2024
@cprivitere cprivitere changed the title feat: add a ghcr.io container artifact for metal-cli relesaes feat: add a ghcr.io container artifact for metal-cli releases Jan 24, 2024
cprivitere
cprivitere reviewed Jan 26, 2024
View reviewed changes
Copy link
Contributor

@cprivitere cprivitere left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok, i have configured the following:

  • Use goreleaser's builtin ko functionality to build mutliplatform image for linux/amd64, linux/arm64, linux/arm/7
  • Add opencontainer labels to the images
  • Update the github action to login to the docker hub, ghcr.io, and quay.io registries
  • Did a lot of testing with manual runs of goreleaser to validate syntax

Things that could still happen either in this PR or future PRs:

  • Add a gomod section and leverage goreleaser's support to create a verifiable build
  • use the built-in ko's functionality to create a SBOM for our images
  • Configure docker manifest signing to sign the above SBOM
  • Add windows images built on nanoserver (biggest barrier is a way to test them on our end as we all have Macs and no windows servers)

Things we need to do after accepting this PR

  • Define the secrets referenced in the release.yml file, aka the quay.io and dockerhub logins. Similar formatting and naming as used in the cluster-api repository.

cprivitere

This comment was marked as duplicate.

Sign in to view

cprivitere

This comment was marked as duplicate.

Sign in to view

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@codinja1188 codinja1188 codinja1188 left review comments

@cprivitere cprivitere cprivitere left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Containerize packet-cli and publish updates on releases
3 participants
@displague @cprivitere @codinja1188