feat: add initial implementation

go-vela · Jul 12, 2024 · 44a91db · 44a91db
2 parents 4add9d8 + 89e2806
commit 44a91db
Show file tree

Hide file tree

Showing 27 changed files with 1,859 additions and 20 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -13,7 +13,7 @@ jobs:
 
     steps:
     - name: clone
-      uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
+      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
 
     - name: install go
       uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -35,11 +35,11 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
+      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@ccf74c947955fd1cf117aef6a0e4e66191ef6f61 # v3.25.4
+      uses: github/codeql-action/init@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -50,7 +50,7 @@ jobs:
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
     - name: Autobuild
-      uses: github/codeql-action/autobuild@ccf74c947955fd1cf117aef6a0e4e66191ef6f61 # v3.25.4
+      uses: github/codeql-action/autobuild@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 https://git.io/JvXDl
@@ -64,4 +64,4 @@ jobs:
     #   make release
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@ccf74c947955fd1cf117aef6a0e4e66191ef6f61 # v3.25.4
+      uses: github/codeql-action/analyze@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
diff --git a/.github/workflows/prerelease.yml b/.github/workflows/prerelease.yml
@@ -14,7 +14,7 @@ jobs:
 
     steps:
     - name: clone
-      uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
+      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
       with:
         # ensures we fetch tag history for the repository
         fetch-depth: 0

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -13,7 +13,7 @@ jobs:
 
     steps:
     - name: clone
-      uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
+      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
       with:
         # ensures we fetch tag history for the repository
         fetch-depth: 0

diff --git a/.github/workflows/reviewdog.yml b/.github/workflows/reviewdog.yml
@@ -12,7 +12,7 @@ jobs:
 
     steps:
     - name: clone
-      uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
+      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
 
     - name: install go
       uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
@@ -23,7 +23,7 @@ jobs:
         check-latest: true
 
     - name: golangci-lint
-      uses: reviewdog/action-golangci-lint@00311c26a97213f93f2fd3a3524d66762e956ae0 # v2.6.1
+      uses: reviewdog/action-golangci-lint@7708105983c614f7a2725e2172908b7709d1c3e4 # v2.6.2
       with:
         github_token: ${{ secrets.github_token }}
         golangci_lint_flags: "--config=.golangci.yml"
@@ -36,7 +36,7 @@ jobs:
 
     steps:
     - name: clone
-      uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
+      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
 
     - name: install go
       uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
@@ -47,7 +47,7 @@ jobs:
         check-latest: true
 
     - name: golangci-lint
-      uses: reviewdog/action-golangci-lint@00311c26a97213f93f2fd3a3524d66762e956ae0 # v2.6.1
+      uses: reviewdog/action-golangci-lint@7708105983c614f7a2725e2172908b7709d1c3e4 # v2.6.2
       with:
         github_token: ${{ secrets.github_token }}
         golangci_lint_flags: "--config=.golangci.yml"

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -13,7 +13,7 @@ jobs:
 
     steps:
     - name: clone
-      uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
+      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
 
     - name: install go
       uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
@@ -28,7 +28,7 @@ jobs:
         go test -race -covermode=atomic -coverprofile=coverage.out ./...
 
     - name: coverage
-      uses: codecov/codecov-action@5ecb98a3c6b747ed38dc09f787459979aebb39be # v4.3.1
+      uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # v4.5.0
       with:
         token: ${{ secrets.CODECOV_TOKEN }}
         file: coverage.out
diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml
@@ -13,7 +13,7 @@ jobs:
 
     steps:
     - name: clone
-      uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
+      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
 
     - name: install go
       uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1

diff --git a/.gitignore b/.gitignore
@@ -34,4 +34,5 @@ release/
 
 # Local testing files
 
-.secrets.env 
+.secrets.env
+*~
diff --git a/.golangci.yml b/.golangci.yml
@@ -59,7 +59,6 @@ linters:
     - bidichk             # checks for dangerous unicode character sequences
     - bodyclose           # checks whether HTTP response body is closed successfully
     - contextcheck        # check the function whether use a non-inherited context
-    - deadcode            # finds unused code
     - dupl                # code clone detection
     - errcheck            # checks for unchecked errors
     - errorlint           # find misuses of errors
@@ -85,14 +84,12 @@ linters:
     - nolintlint          # reports ill-formed or insufficient nolint directives
     - revive              # linter for go
     - staticcheck         # applies static analysis checks, go vet on steroids
-    - structcheck         # finds unused struct fields
     - stylecheck          # replacement for golint
     - tenv                # analyzer that detects using os.Setenv instead of t.Setenv since Go1.17
     - typecheck           # parses and type-checks go code, like the front-end of a go compiler
     - unconvert           # remove unnecessary type conversions
     - unparam             # reports unused function parameters
     - unused              # checks for unused constants, variables, functions and types
-    - varcheck            # finds unused global variables and constants
     - whitespace          # detects leading and trailing whitespace
     - wsl                 # forces code to use empty lines
 

diff --git a/DOCS.md b/DOCS.md
@@ -1,5 +1,102 @@
 ## Description
 
-TODO: FILL ME
+This plugin enables you to build and publish [Docker Manifest List](https://www.docker.com/)
+or [OCI Image Index](https://github.com/opencontainers/image-spec/blob/main/image-index.md)
+in a Vela pipeline.
+
+Source Code: https://github.com/go-vela/vela-manifest-tool
+
+Registry: https://hub.docker.com/r/target/vela-manifest-tool
+
+## Usage
+
+> **NOTE:**
+>
+> Users should refrain from using latest as the tag for the Docker image.
+>
+> It is recommended to use a semantically versioned tag instead.
+
+Sample of building and publishing an image:
+
+```yaml
+steps:
+  - name: publish_hello-world
+    image: target/vela-manifest-tool:latest
+    pull: always
+    parameters:
+      registry: index.docker.io
+      repo: /octocat/hello-world
+      tags: [ "latest" ]
+      platforms:
+        - linux/amd64
+        - linux/arm64/v8
+      component_template: /octocat/hello-world:latest-{{ .Os }}-{{ .Arch }}{{ if .Variant }}-{{ .Variant }}{{ end }}
+```
+
+NOTE: For vela-manifest-tool, unlike for vela-kaniko, the `repo` argument excludes the `registry` value. Said another
+way, rather than using:
+
+```yaml
+parameters:
+  registry: index.docker.io
+  repo: index.docker.io/octocat/hello-world
+  ...
+  component_template: index.docker.io/octocat/hello-world:latest-{{ .Os }}-{{ .Arch }}{{ if .Variant }}-{{ .Variant }}{{ end }} 
+```
+
+You must instead use:
+
+```yaml
+parameters:
+  registry: index.docker.io
+  repo: /octocat/hello-world
+  ...
+  component_template: /octocat/hello-world:latest-{{ .Os }}-{{ .Arch }}{{ if .Variant }}-{{ .Variant }}{{ end }}
+```
+
+This is because manifest tool requires that all image repos referenced exist within the same registry. Resulting tags will
+all be the concatenation of the registry with the repo.
+
+Sample of building an image without publishing:
+
+```yaml
+steps:
+  - name: publish_hello-world
+    image: target/vela-manifest-tool:latest
+    pull: always
+    parameters:
++     dry_run: true
+      registry: index.docker.io
+      repo: /octocat/hello-world
+      tags: [ "latest" ]
+      platforms:
+        - linux/amd64
+        - linux/arm64/v8
+      component_template: /octocat/hello-world:latest-{{ .Os }}-{{ .Arch }}{{ if .Variant }}-{{ .Variant }}{{ end }}
+```
+
+For every element of `tags:`, one spec file will be generated and (unless `dry_run: true`) pushed to the `registry:`.
+For each manifest-tool spec file, the tag for the manifest list/image index will be `$registry$repo:$tag`. Then there will
+be one element   in the `manifests:` list of the spec file for each element of the `platform:` argument. Platform is assumed
+to be in `os/architecture/variant` format. Within the `component_template`, you can use Os, Arch, Variant (from the platform),
+or Tag (from the top level `tags:`).
+
+Note: The default component_template of `"{{.Repo}}:{{.Tag}}-{{.Os}}-{{.Arch}}{{if .Variant}}-{{.Variant}}{{end}}"` might
+be sufficient for most needs if you follow that tagging convention. For example, if the builds for /octocat/hello-world created
+the architecture specific image
+
+- index.docker.io/octocat/hello-world:latest-linux-amd64
+- index.docker.io/octocat/hello-world:latest-linux-arm64-v8
+
+Then the following configuration would be sufficient due to defaults for tags, platforms, and component_template:
+
+```yaml
+steps:
+  - name: publish_hello-world
+    image: target/vela-manifest-tool:latest
+    pull: always
+    parameters:
+      registry: index.docker.io
+      repo: /octocat/hello-world
+```
 
-see: https://github.com/go-vela/vela-kaniko/blob/main/DOCS.md
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,25 @@
+# SPDX-License-Identifier: Apache-2.0
+
+################################################################################
+##    docker build --no-cache --target certs -t vela-manifest-tool:certs .    ##
+################################################################################
+
+FROM alpine:3.19.1@sha256:c5b1261d6d3e43071626931fc004f70149baeba2c8ec672bd4f27761f8e1ad6b as certs
+
+RUN apk add --update --no-cache ca-certificates
+
+#################################################################
+##    docker build --no-cache -t vela-manifest-tool:local .    ##
+#################################################################
+
+FROM mplatform/manifest-tool:alpine-v2.1.6@sha256:96db9e944c50a5f7514394af4e44f764725645cfd2efef92d87095b0016a55ae
+
+COPY --from=certs /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
+
+WORKDIR /workspace
+
+RUN mkdir /root/.docker
+
+COPY release/vela-manifest-tool /bin/vela-manifest-tool
+
+ENTRYPOINT [ "/bin/vela-manifest-tool" ]