From a65ce6dbb27ee7f5989f490554456a3d349a755e Mon Sep 17 00:00:00 2001
From: aksel-skaar-leirvaag <aksel-skaar.leirvaag@telenor.no>
Date: Sat, 9 Mar 2024 08:25:11 +0100
Subject: [PATCH] tilt: speed up compiling of binaries

---
 .dockerignore          |  3 ++
 Dockerfile.dev         | 23 +++++++++++++
 Tiltfile               | 74 +++++++++++++++++++++++++++++++++---------
 planner.Dockerfile.dev | 23 +++++++++++++
 runner.Dockerfile.dev  | 44 +++++++++++++++++++++++++
 5 files changed, 151 insertions(+), 16 deletions(-)
 create mode 100644 Dockerfile.dev
 create mode 100644 planner.Dockerfile.dev
 create mode 100644 runner.Dockerfile.dev

diff --git a/.dockerignore b/.dockerignore
index 0f046820f..838b5b9a7 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -2,3 +2,6 @@
 # Ignore build and test binaries.
 bin/
 testbin/
+!bin/tf-runner
+!bin/tofu-controller
+!bin/branch-planner
\ No newline at end of file
diff --git a/Dockerfile.dev b/Dockerfile.dev
new file mode 100644
index 000000000..aad93460e
--- /dev/null
+++ b/Dockerfile.dev
@@ -0,0 +1,23 @@
+FROM alpine:3.19
+
+LABEL org.opencontainers.image.source="https://github.com/flux-iac/tofu-controller"
+
+ARG LIBCRYPTO_VERSION
+
+RUN apk update && \
+    apk add --no-cache \
+    libcrypto3=${LIBCRYPTO_VERSION} \
+    libssl3=${LIBCRYPTO_VERSION} \
+    ca-certificates tini git openssh-client gnupg \
+    libretls \
+    busybox
+
+COPY bin/tofu-controller /usr/local/bin/
+
+RUN addgroup --gid 65532 -S controller && adduser --uid 65532 -S controller -G controller
+
+USER 65532:65532
+
+ENV GNUPGHOME=/tmp
+
+ENTRYPOINT [ "/sbin/tini", "--", "tofu-controller" ]
diff --git a/Tiltfile b/Tiltfile
index a54744d0d..162b37555 100644
--- a/Tiltfile
+++ b/Tiltfile
@@ -58,44 +58,86 @@ k8s_yaml(namespace_inject(secret_from_dict("bbp-token", inputs = {
 # Add configMap
 k8s_yaml(namespace_inject("./config/tilt/configMap.yaml", namespace))
 
+local_resource(
+  'manager-compile',
+  'CGO_ENABLED=0 GOOS=linux GOARCH=$(go env GOARCH) go build -o bin/tofu-controller ./cmd/manager',
+  deps=[
+    'api/',
+    'tfctl/',
+    'cmd/manager/',
+    'controllers/',
+    'mtls/',
+    'runner/',
+    'internal/',
+    'utils/',
+    'go.mod',
+    'go.sum'
+  ],
+  labels = ['native-processes'],
+)
+
 # Images
 docker_build(
   "ghcr.io/flux-iac/tofu-controller",
   "",
-  dockerfile="Dockerfile",
+  dockerfile="Dockerfile.dev",
   build_args={
     'BUILD_SHA': buildSHA,
     'BUILD_VERSION': buildVersion,
     'LIBCRYPTO_VERSION': LIBCRYPTO_VERSION,
-  })
+  }
+)
+
+local_resource(
+  'branch-planner-compile',
+  'CGO_ENABLED=0 GOOS=linux GOARCH=$(go env GOARCH) go build -o bin/branch-planner ./cmd/branch-planner',
+  deps=[
+    'api/',
+    'tfctl/',
+    'cmd/branch-planner/',
+    'internal/',
+    'utils/',
+    'go.mod',
+    'go.sum'
+  ],
+  labels = ['native-processes'],
+)
 
 docker_build(
   "ghcr.io/flux-iac/branch-planner",
   "",
-  dockerfile="planner.Dockerfile",
+  dockerfile="planner.Dockerfile.dev",
   build_args={
     'BUILD_SHA': buildSHA,
     'BUILD_VERSION': buildVersion,
     'LIBCRYPTO_VERSION': LIBCRYPTO_VERSION,
-  })
+  }
+)
 
 
-k8s_kind('Terraform', image_json_path='{.spec.runnerPodTemplate.spec.image}')
-docker_build(
-  'ghcr.io/flux-iac/tf-runner-base',
-  '',
-  dockerfile='runner-base.Dockerfile',
-  build_args={
-    'BUILD_SHA': buildSHA,
-    'BUILD_VERSION': buildVersion,
-    'LIBCRYPTO_VERSION': LIBCRYPTO_VERSION,
-  }
+local_resource(
+  'runner-compile',
+  'CGO_ENABLED=0 GOOS=linux GOARCH=$(go env GOARCH) go build -o bin/tf-runner ./cmd/runner/main.go',
+  deps=[
+    'api/',
+    'tfctl/',
+    'cmd/runner',
+    'controllers/',
+    'mtls/',
+    'runner/',
+    'internal/',
+    'utils/',
+    'go.mod',
+    'go.sum'
+  ],
+  labels = ['native-processes'],
 )
+k8s_kind('Terraform', image_json_path='{.spec.runnerPodTemplate.spec.image}')
 docker_build(
   'ghcr.io/flux-iac/tf-runner',
   '',
-  dockerfile='runner.Dockerfile',
+  dockerfile='runner.Dockerfile.dev',
   build_args={
-    'BASE_IMAGE': 'ghcr.io/flux-iac/tf-runner-base',
+    'LIBCRYPTO_VERSION': LIBCRYPTO_VERSION,
   }
 )
diff --git a/planner.Dockerfile.dev b/planner.Dockerfile.dev
new file mode 100644
index 000000000..a84d15113
--- /dev/null
+++ b/planner.Dockerfile.dev
@@ -0,0 +1,23 @@
+FROM alpine:3.19
+
+LABEL org.opencontainers.image.source="https://github.com/flux-iac/tofu-controller"
+
+ARG LIBCRYPTO_VERSION
+
+RUN apk update && \
+    apk add --no-cache \
+    libcrypto3=${LIBCRYPTO_VERSION} \
+    libssl3=${LIBCRYPTO_VERSION} \
+    ca-certificates tini git openssh-client gnupg \
+    libretls \
+    busybox
+
+COPY bin/branch-planner /usr/local/bin/
+
+RUN addgroup --gid 65532 -S controller && adduser --uid 65532 -S controller -G controller
+
+USER 65532:65532
+
+ENV GNUPGHOME=/tmp
+
+ENTRYPOINT [ "/sbin/tini", "--", "branch-planner" ]
diff --git a/runner.Dockerfile.dev b/runner.Dockerfile.dev
new file mode 100644
index 000000000..0b9de7739
--- /dev/null
+++ b/runner.Dockerfile.dev
@@ -0,0 +1,44 @@
+FROM alpine:3.19 as base
+
+LABEL org.opencontainers.image.source="https://github.com/flux-iac/tofu-controller"
+
+ARG LIBCRYPTO_VERSION
+
+RUN apk update && \
+    apk add --no-cache \
+    busybox \
+    ca-certificates \
+    git \
+    gnupg \
+    libcrypto3=${LIBCRYPTO_VERSION} \
+    libssl3=${LIBCRYPTO_VERSION} \
+    libretls \
+    openssh-client \
+    tini
+
+RUN addgroup --gid 65532 -S runner && adduser --uid 65532 -S runner -G runner
+
+USER 65532:65532
+
+ENV GNUPGHOME=/tmp
+
+ENTRYPOINT [ "/sbin/tini", "--", "tf-runner" ]
+
+FROM base
+
+ARG TARGETARCH
+ARG TF_VERSION=1.5.7
+
+# Switch to root to have permissions for operations
+USER root
+
+ADD https://releases.hashicorp.com/terraform/${TF_VERSION}/terraform_${TF_VERSION}_linux_${TARGETARCH}.zip /terraform_${TF_VERSION}_linux_${TARGETARCH}.zip
+RUN unzip -q /terraform_${TF_VERSION}_linux_${TARGETARCH}.zip -d /usr/local/bin/ && \
+    rm /terraform_${TF_VERSION}_linux_${TARGETARCH}.zip && \
+    chmod +x /usr/local/bin/terraform
+
+# Switch back to the non-root user after operations
+USER 65532:65532
+
+COPY bin/tf-runner /usr/local/bin/
+