From f1e33f31b5a20dd88880c1b04fef239f2503fef1 Mon Sep 17 00:00:00 2001 From: Luke Addison Date: Thu, 28 Dec 2023 09:21:53 +0000 Subject: [PATCH 01/10] Configure Go linting --- .dockerignore | 15 ++++++++++++--- .github/workflows/ci.yaml | 26 +++++++++----------------- Dockerfile | 14 +++++++++++++- Makefile | 4 ++-- 4 files changed, 36 insertions(+), 23 deletions(-) diff --git a/.dockerignore b/.dockerignore index fec1a0d..39f000a 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,3 +1,12 @@ -# Only allow access to cost-manager binary -* -!/bin/cost-manager +.dockerignore +Dockerfile + +.git/ +.gitignore + +bin/ + +LICENSE +README.md + +charts/ diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 62241ce..e56e947 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -2,7 +2,7 @@ name: ci on: push jobs: # https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-go - build: + test: runs-on: ubuntu-latest steps: - name: Checkout @@ -13,22 +13,19 @@ jobs: go-version: '1.21' - name: Download dependencies run: go mod download + - name: Lint + uses: golangci/golangci-lint-action@v3 + with: + version: v1.54 - name: Test run: make test - name: Build run: make build - - name: Upload binary - uses: actions/upload-artifact@v3 - with: - name: cost-manager - path: ./bin/cost-manager # https://docs.docker.com/build/ci/github-actions/multi-platform/ - release: - # Only build Docker image for repository PRs since secrets are not available to forks: - # https://github.com/orgs/community/discussions/25217#discussioncomment-3246904 + build: + # Do not build Docker images for forked repositories since Docker Hub secrets are not available: + # https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions#using-secrets-in-a-workflow if: ${{ ! github.event.pull_request.head.repo.fork }} - # We require the cost-manager binary artifact from the build job - needs: build runs-on: ubuntu-latest steps: - name: Checkout @@ -42,11 +39,6 @@ jobs: with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Download binary - uses: actions/download-artifact@v3 - with: - name: cost-manager - path: ./bin/cost-manager - name: Build and push uses: docker/build-push-action@v5 # https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable @@ -55,6 +47,6 @@ jobs: BRANCH: ${{ github.event.pull_request && github.head_ref || github.ref_name }} with: context: . - platforms: linux/amd64 + platforms: linux/amd64,linux/arm64 push: true tags: ${{ secrets.DOCKERHUB_USERNAME }}/cost-manager:${{ env.BRANCH == 'main' && 'latest' || env.BRANCH }} diff --git a/Dockerfile b/Dockerfile index fa925d0..ab4dbe7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,16 @@ +FROM golang:1.21 as build + +WORKDIR /go/src/cost-manager + +COPY go.mod go.sum ./ +RUN go mod download + +COPY . . + +# Build static cost-manager binary +RUN CGO_ENABLED=0 go build -ldflags="-s -w" -o /go/bin/cost-manager + FROM gcr.io/distroless/static-debian12:nonroot -COPY ./bin/cost-manager / +COPY --from=build /go/bin/cost-manager / ENTRYPOINT ["/cost-manager"] diff --git a/Makefile b/Makefile index 6be5c25..eddcf1f 100644 --- a/Makefile +++ b/Makefile @@ -2,10 +2,10 @@ test: go test -race ./... build: - CGO_ENABLED=0 go build -tags netgo -ldflags="-s -w" -o ./bin/cost-manager + go build -o ./bin/cost-manager run: build ./bin/cost-manager -image: build +image: docker build -t cost-manager . From 38c9d7cbe1dc1a9293fb4c27b5a3ff39ef70900c Mon Sep 17 00:00:00 2001 From: Luke Addison Date: Thu, 28 Dec 2023 09:24:44 +0000 Subject: [PATCH 02/10] Increase timeout --- .github/workflows/ci.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index e56e947..77fedc9 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -17,6 +17,7 @@ jobs: uses: golangci/golangci-lint-action@v3 with: version: v1.54 + args: --timeout=1h - name: Test run: make test - name: Build From ab47850dbb245811040c0bb6da231ed3883dff22 Mon Sep 17 00:00:00 2001 From: Luke Addison Date: Thu, 28 Dec 2023 09:27:50 +0000 Subject: [PATCH 03/10] Ignore error --- .github/workflows/ci.yaml | 2 ++ pkg/controller/spot_migrator.go | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 77fedc9..82b5e97 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -27,6 +27,8 @@ jobs: # Do not build Docker images for forked repositories since Docker Hub secrets are not available: # https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions#using-secrets-in-a-workflow if: ${{ ! github.event.pull_request.head.repo.fork }} + # Make sure the tests have passed before building + needs: test runs-on: ubuntu-latest steps: - name: Checkout diff --git a/pkg/controller/spot_migrator.go b/pkg/controller/spot_migrator.go index 5baccbd..296b0ac 100644 --- a/pkg/controller/spot_migrator.go +++ b/pkg/controller/spot_migrator.go @@ -217,7 +217,7 @@ func (sm *SpotMigrator) drainAndDeleteNode(ctx context.Context, node *corev1.Nod // the Kubernetes API server by the node controller: // https://kubernetes.io/docs/concepts/architecture/cloud-controller/#node-controller logger.Info("Waiting for Node object to be deleted") - err = kubernetes.WaitForNodeToBeDeleted(ctx, sm.Clientset, node.Name) + kubernetes.WaitForNodeToBeDeleted(ctx, sm.Clientset, node.Name) if err != nil { return err } From 0a6c7b1f261d7ccae4f7c4624e1d48cd7c651594 Mon Sep 17 00:00:00 2001 From: Luke Addison Date: Thu, 28 Dec 2023 09:31:43 +0000 Subject: [PATCH 04/10] Reorder --- .github/workflows/ci.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 82b5e97..1548d5b 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -11,13 +11,13 @@ jobs: uses: actions/setup-go@v4 with: go-version: '1.21' - - name: Download dependencies - run: go mod download - name: Lint uses: golangci/golangci-lint-action@v3 with: version: v1.54 args: --timeout=1h + - name: Download dependencies + run: go mod download - name: Test run: make test - name: Build From 59053384d2b50cf9091ed89f84516afd0cc08cba Mon Sep 17 00:00:00 2001 From: Luke Addison Date: Thu, 28 Dec 2023 09:38:03 +0000 Subject: [PATCH 05/10] Disable Go caching --- .github/workflows/ci.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 1548d5b..0f67210 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -1,5 +1,10 @@ name: ci on: push +# https://github.com/golangci/golangci-lint-action?tab=readme-ov-file#comments-and-annotations +permissions: + contents: read + pull-requests: read + checks: write jobs: # https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-go test: @@ -11,6 +16,7 @@ jobs: uses: actions/setup-go@v4 with: go-version: '1.21' + cache: false - name: Lint uses: golangci/golangci-lint-action@v3 with: From 54349f1b7b685fe2dab10ca4b023d878e661ab02 Mon Sep 17 00:00:00 2001 From: Luke Addison Date: Thu, 28 Dec 2023 09:39:07 +0000 Subject: [PATCH 06/10] Fix error check --- pkg/controller/spot_migrator.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/controller/spot_migrator.go b/pkg/controller/spot_migrator.go index 296b0ac..5baccbd 100644 --- a/pkg/controller/spot_migrator.go +++ b/pkg/controller/spot_migrator.go @@ -217,7 +217,7 @@ func (sm *SpotMigrator) drainAndDeleteNode(ctx context.Context, node *corev1.Nod // the Kubernetes API server by the node controller: // https://kubernetes.io/docs/concepts/architecture/cloud-controller/#node-controller logger.Info("Waiting for Node object to be deleted") - kubernetes.WaitForNodeToBeDeleted(ctx, sm.Clientset, node.Name) + err = kubernetes.WaitForNodeToBeDeleted(ctx, sm.Clientset, node.Name) if err != nil { return err } From 7baa4ad3063a631ffc8ed5f9bc8cef64cf0552d0 Mon Sep 17 00:00:00 2001 From: Luke Addison Date: Thu, 28 Dec 2023 09:44:39 +0000 Subject: [PATCH 07/10] Improve naming and dependencies --- .github/workflows/ci.yaml | 39 ++++++++++++++++++++++----------------- 1 file changed, 22 insertions(+), 17 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 0f67210..22a46fb 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -6,39 +6,44 @@ permissions: pull-requests: read checks: write jobs: - # https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-go - test: + # https://github.com/golangci/golangci-lint-action?tab=readme-ov-file#how-to-use + golangci: + name: lint runs-on: ubuntu-latest steps: - - name: Checkout - uses: actions/checkout@v4 - - name: Setup Go - uses: actions/setup-go@v4 + - uses: actions/checkout@v4 + - uses: actions/setup-go@v4 with: go-version: '1.21' cache: false - - name: Lint + - name: golangci-lint uses: golangci/golangci-lint-action@v3 with: version: v1.54 - args: --timeout=1h - - name: Download dependencies - run: go mod download - - name: Test - run: make test - - name: Build - run: make build + args: --timeout=10m + # https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-go + test: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-go@v4 + with: + go-version: '1.21' + - run: go mod download + - run: make test + - run: make build # https://docs.docker.com/build/ci/github-actions/multi-platform/ build: # Do not build Docker images for forked repositories since Docker Hub secrets are not available: # https://docs.github.com/en/actions/security-guides/using-secrets-in-github-actions#using-secrets-in-a-workflow if: ${{ ! github.event.pull_request.head.repo.fork }} # Make sure the tests have passed before building - needs: test + needs: + - lint + - test runs-on: ubuntu-latest steps: - - name: Checkout - uses: actions/checkout@v4 + - uses: actions/checkout@v4 - name: Set up QEMU uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx From 74b463240cc4a9df3e624e17b7f276576df141c3 Mon Sep 17 00:00:00 2001 From: Luke Addison Date: Thu, 28 Dec 2023 09:45:54 +0000 Subject: [PATCH 08/10] Rename job --- .github/workflows/ci.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 22a46fb..ef93431 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -7,8 +7,7 @@ permissions: checks: write jobs: # https://github.com/golangci/golangci-lint-action?tab=readme-ov-file#how-to-use - golangci: - name: lint + lint: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 From 2587769e9a279a7aa8b1222e734c8a136881abae Mon Sep 17 00:00:00 2001 From: Luke Addison Date: Thu, 28 Dec 2023 09:50:14 +0000 Subject: [PATCH 09/10] Add registry cache --- .github/workflows/ci.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index ef93431..17b7af2 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -63,3 +63,6 @@ jobs: platforms: linux/amd64,linux/arm64 push: true tags: ${{ secrets.DOCKERHUB_USERNAME }}/cost-manager:${{ env.BRANCH == 'main' && 'latest' || env.BRANCH }} + # https://docs.docker.com/build/ci/github-actions/cache/#registry-cache + cache-from: type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/cost-manager:buildcache + cache-to: type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/cost-manager:buildcache,mode=max From 1f19896b5ad1f4e97c7d1e82d1912af4a92524ab Mon Sep 17 00:00:00 2001 From: Luke Addison Date: Thu, 28 Dec 2023 09:55:47 +0000 Subject: [PATCH 10/10] Disable ARM --- .github/workflows/ci.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 17b7af2..5c077e6 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -60,7 +60,7 @@ jobs: BRANCH: ${{ github.event.pull_request && github.head_ref || github.ref_name }} with: context: . - platforms: linux/amd64,linux/arm64 + platforms: linux/amd64 push: true tags: ${{ secrets.DOCKERHUB_USERNAME }}/cost-manager:${{ env.BRANCH == 'main' && 'latest' || env.BRANCH }} # https://docs.docker.com/build/ci/github-actions/cache/#registry-cache