From 99cfe62700f82b3768b92a62ec7e53f8da64a345 Mon Sep 17 00:00:00 2001 From: Spencer Smith Date: Fri, 8 Sep 2023 08:45:49 -0400 Subject: [PATCH] chore: enable github actions with rekres This PR rekreses to enable actions and bumps some versions along the way. Signed-off-by: Spencer Smith Signed-off-by: Noel Georgi --- .dockerignore | 4 +- .drone.yml | 350 ------------------------------------ .github/workflows/ci.yaml | 87 ++++++++- .golangci.yml | 23 ++- .kres.yaml | 10 ++ Dockerfile | 157 ++++++++++------ Makefile | 90 +++++++--- cmd/conform/version.go | 11 +- internal/version/data/sha | 1 + internal/version/data/tag | 1 + internal/version/version.go | 83 +++------ 11 files changed, 314 insertions(+), 503 deletions(-) delete mode 100644 .drone.yml create mode 100644 internal/version/data/sha create mode 100644 internal/version/data/tag diff --git a/.dockerignore b/.dockerignore index f913e553..f50e4211 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,8 +1,8 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2021-09-01T21:21:54Z by kres 5ca7963. +# Generated on 2023-09-08T12:45:27Z by kres latest. -** +* !cmd !internal !go.mod diff --git a/.drone.yml b/.drone.yml deleted file mode 100644 index 6a943e53..00000000 --- a/.drone.yml +++ /dev/null @@ -1,350 +0,0 @@ ---- -# THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. -# -# Generated on 2022-09-19T19:52:38Z by kres 255fc05. - -kind: pipeline -type: kubernetes -name: default - -platform: - os: linux - arch: amd64 - -steps: -- name: setup-ci - pull: always - image: autonomy/build-container:latest - commands: - - sleep 5 - - git fetch --tags - - install-ci-key - - docker buildx create --driver docker-container --platform linux/amd64 --name local --use unix:///var/outer-run/docker.sock - - docker buildx inspect --bootstrap - environment: - SSH_KEY: - from_secret: ssh_key - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - -- name: base - pull: always - image: autonomy/build-container:latest - commands: - - make base - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - depends_on: - - setup-ci - -- name: unit-tests - pull: always - image: autonomy/build-container:latest - commands: - - make unit-tests - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - depends_on: - - base - -- name: unit-tests-race - pull: always - image: autonomy/build-container:latest - commands: - - make unit-tests-race - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - depends_on: - - base - -- name: coverage - pull: always - image: autonomy/build-container:latest - commands: - - make coverage - environment: - CODECOV_TOKEN: - from_secret: CODECOV_TOKEN - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - depends_on: - - unit-tests - -- name: conform - pull: always - image: autonomy/build-container:latest - commands: - - make conform - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - depends_on: - - base - -- name: lint - pull: always - image: autonomy/build-container:latest - commands: - - make lint - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - depends_on: - - base - -- name: image-conform - pull: always - image: autonomy/build-container:latest - commands: - - make image-conform - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - depends_on: - - conform - - lint - - unit-tests - -- name: push-conform - pull: always - image: autonomy/build-container:latest - commands: - - docker login ghcr.io --username "$${GHCR_USERNAME}" --password "$${GHCR_PASSWORD}" - - make image-conform - environment: - GHCR_PASSWORD: - from_secret: ghcr_token - GHCR_USERNAME: - from_secret: ghcr_username - PUSH: true - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - when: - event: - exclude: - - pull_request - depends_on: - - image-conform - -- name: push-conform-latest - pull: always - image: autonomy/build-container:latest - commands: - - docker login ghcr.io --username "$${GHCR_USERNAME}" --password "$${GHCR_PASSWORD}" - - make image-conform TAG=latest - environment: - GHCR_PASSWORD: - from_secret: ghcr_token - GHCR_USERNAME: - from_secret: ghcr_username - PUSH: true - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - when: - branch: - - main - event: - exclude: - - pull_request - depends_on: - - push-conform - -- name: release-notes - pull: always - image: autonomy/build-container:latest - commands: - - make release-notes - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - when: - event: - - tag - depends_on: - - unit-tests - - coverage - - conform - - image-conform - - lint - -- name: release - pull: always - image: plugins/github-release - settings: - api_key: - from_secret: github_token - checksum: - - sha256 - - sha512 - draft: true - files: - - _out/* - note: _out/RELEASE_NOTES.md - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - when: - event: - - tag - depends_on: - - release-notes - -services: -- name: docker - image: docker:20.10-dind - entrypoint: - - dockerd - commands: - - --dns=8.8.8.8 - - --dns=8.8.4.4 - - --mtu=1500 - - --log-level=error - privileged: true - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - -volumes: -- name: outer-docker-socket - host: - path: /var/ci-docker -- name: docker-socket - temp: - medium: memory -- name: buildx - temp: - medium: memory -- name: ssh - temp: - medium: memory - -trigger: - branch: - exclude: - - renovate/* - - dependabot/* - ---- -kind: pipeline -type: kubernetes -name: notify - -platform: - os: linux - arch: amd64 - -clone: - disable: true - -steps: -- name: slack - image: plugins/slack - settings: - channel: proj-talos-maintainers - link_names: true - template: "{{#if build.pull }}\n*{{#success build.status}}✓ Success{{else}}✕ Fail{{/success}}*: {{ repo.owner }}/{{ repo.name }} - \n{{else}}\n*{{#success build.status}}✓ Success{{else}}✕ Fail{{/success}}: {{ repo.owner }}/{{ repo.name }} - Build #{{ build.number }}* (type: `{{ build.event }}`)\n{{/if}}\nCommit: \nBranch: \nAuthor: {{ build.author }}\n<{{ build.link }}|Visit build page>" - webhook: - from_secret: slack_webhook - when: - status: - - success - - failure - -trigger: - branch: - exclude: - - renovate/* - - dependabot/* - status: - - success - - failure - -depends_on: -- default - -... diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index f69c9248..f5bf3d21 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -1,3 +1,7 @@ +# THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. +# +# Generated on 2023-09-12T10:28:41Z by kres f9e39ef-dirty. + name: default "on": push: @@ -13,7 +17,86 @@ jobs: permissions: contents: write packages: write - runs-on: self-hosted + runs-on: + - self-hosted + - X64 + if: ${{ !startsWith(github.head_ref, 'renovate/') || !startsWith(github.head_ref, 'renovate/') }} steps: - name: checkout - uses: actions/checkout@v3 \ No newline at end of file + uses: actions/checkout@v3 + - name: Unshallow + run: | + git fetch --prune --unshallow + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + with: + config-inline: | + [worker.oci] + gc = true + gckeepstorage = 100000 # 100 GiB + + [[worker.oci.gcpolicy]] + keepBytes = 32212254720 # 30 GiB + keepDuration = 604800 + filters = [ "type==source.local", "type==exec.cachemount", "type==source.git.checkout"] + [[worker.oci.gcpolicy]] + all = true + keepBytes = 107374182400 # 100 GiB + - name: base + run: | + make base + - name: unit-tests + run: | + make unit-tests + - name: unit-tests-race + run: | + make unit-tests-race + - name: coverage + run: | + make coverage + - name: conform + run: | + make conform + - name: lint + run: | + make lint + - name: Login to registry + if: github.event_name != 'pull_request' + uses: docker/login-action@v2 + with: + password: ${{ secrets.GITHUB_TOKEN }} + registry: ghcr.io + username: ${{ github.repository_owner }} + - name: image-conform + run: | + make image-conform + - name: push-conform + if: github.event_name != 'pull_request' + env: + PUSH: "true" + run: | + make image-conform + - name: push-conform-latest + if: github.event_name != 'pull_request' + env: + PUSH: "true" + run: | + make image-conform TAG=latest + - name: Generate Checksums + if: startsWith(github.ref, 'refs/tags/') + run: | + sha256sum _out/conform-* > _out/sha256sum.txt + sha512sum _out/conform-* > _out/sha512sum.txt + - name: release-notes + if: startsWith(github.ref, 'refs/tags/') + run: | + make release-notes + - name: Release + if: startsWith(github.ref, 'refs/tags/') + uses: crazy-max/ghaction-github-release@v1 + with: + body_path: _out/RELEASE_NOTES.md + draft: "true" + files: |- + _out/conform-* + _out/sha*.txt diff --git a/.golangci.yml b/.golangci.yml index db4c80db..725e9332 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2022-09-19T13:49:50Z by kres 9ea8a33. +# Generated on 2023-09-08T12:45:27Z by kres latest. # options for analysis running run: @@ -36,7 +36,7 @@ linters-settings: lines: 60 statements: 40 gci: - local-prefixes: github.com/siderolabs/conform + local-prefixes: github.com/siderolabs/conform/ gocognit: min-complexity: 30 ireturn: @@ -65,7 +65,7 @@ linters-settings: gofmt: simplify: true goimports: - local-prefixes: github.com/siderolabs/conform + local-prefixes: github.com/siderolabs/conform/ golint: min-confidence: 0.8 gomnd: @@ -74,9 +74,8 @@ linters-settings: govet: check-shadowing: true enable-all: true - depguard: - list-type: blacklist - include-go-root: false + disable: + - loopclosure lll: line-length: 200 tab-width: 4 @@ -118,6 +117,10 @@ linters-settings: cyclop: # the maximal code complexity to report max-complexity: 20 + # depguard: + # Main: + # deny: + # - github.com/OpenPeeDeeP/depguard # this is just an example linters: enable-all: true @@ -145,11 +148,19 @@ linters: - typecheck - varnamelen - wrapcheck + - depguard # Disabled because starting with golangci-lint 1.53.0 it doesn't allow denylist alone anymore + - tagalign # abandoned linters for which golangci shows the warning that the repo is archived by the owner - interfacer - maligned - golint - scopelint + - varcheck + - deadcode + - structcheck + - ifshort + # disabled as it seems to be broken - goes into imported libraries and reports issues there + - musttag issues: exclude: [] diff --git a/.kres.yaml b/.kres.yaml index 222bd243..0af6d1a6 100644 --- a/.kres.yaml +++ b/.kres.yaml @@ -18,3 +18,13 @@ kind: golang.Toolchain spec: extraPackages: - git +--- +kind: golang.Generate +spec: + versionPackagePath: internal/version +--- +kind: common.Release +name: release +spec: + artifacts: + - conform-* \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index 7e6adb19..0aaafe4b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,22 +1,19 @@ -# syntax = docker/dockerfile-upstream:1.2.0-labs +# syntax = docker/dockerfile-upstream:1.6.0-labs # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2022-09-19T13:49:50Z by kres 9ea8a33. +# Generated on 2023-09-08T12:49:26Z by kres latest. ARG TOOLCHAIN -# cleaned up specs and compiled versions -FROM scratch AS generate - -FROM ghcr.io/siderolabs/ca-certificates:v1.2.0 AS image-ca-certificates +FROM ghcr.io/siderolabs/ca-certificates:v1.6.0-alpha.0-10-gd3d7d29 AS image-ca-certificates -FROM ghcr.io/siderolabs/fhs:v1.2.0 AS image-fhs +FROM ghcr.io/siderolabs/fhs:v1.6.0-alpha.0-10-gd3d7d29 AS image-fhs # runs markdownlint -FROM docker.io/node:18.9.0-alpine3.16 AS lint-markdown +FROM docker.io/node:20.5.1-alpine3.18 AS lint-markdown WORKDIR /src -RUN npm i -g markdownlint-cli@0.32.2 +RUN npm i -g markdownlint-cli@0.35.0 RUN npm i sentences-per-line@0.2.1 COPY .markdownlint.json . COPY ./CHANGELOG.md ./CHANGELOG.md @@ -30,91 +27,140 @@ RUN apk --update --no-cache add bash curl build-base protoc protobuf-dev git # build tools FROM --platform=${BUILDPLATFORM} toolchain AS tools ENV GO111MODULE on -ENV CGO_ENABLED 0 +ARG CGO_ENABLED +ENV CGO_ENABLED ${CGO_ENABLED} +ARG GOTOOLCHAIN +ENV GOTOOLCHAIN ${GOTOOLCHAIN} +ARG GOEXPERIMENT +ENV GOEXPERIMENT ${GOEXPERIMENT} ENV GOPATH /go +ARG DEEPCOPY_VERSION +RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg go install github.com/siderolabs/deep-copy@${DEEPCOPY_VERSION} \ + && mv /go/bin/deep-copy /bin/deep-copy ARG GOLANGCILINT_VERSION -RUN go install github.com/golangci/golangci-lint/cmd/golangci-lint@${GOLANGCILINT_VERSION} \ +RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg go install github.com/golangci/golangci-lint/cmd/golangci-lint@${GOLANGCILINT_VERSION} \ && mv /go/bin/golangci-lint /bin/golangci-lint +RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg go install golang.org/x/vuln/cmd/govulncheck@latest \ + && mv /go/bin/govulncheck /bin/govulncheck +ARG GOIMPORTS_VERSION +RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg go install golang.org/x/tools/cmd/goimports@${GOIMPORTS_VERSION} \ + && mv /go/bin/goimports /bin/goimports ARG GOFUMPT_VERSION RUN go install mvdan.cc/gofumpt@${GOFUMPT_VERSION} \ && mv /go/bin/gofumpt /bin/gofumpt -ARG GOIMPORTS_VERSION -RUN go install golang.org/x/tools/cmd/goimports@${GOIMPORTS_VERSION} \ - && mv /go/bin/goimports /bin/goimports -ARG DEEPCOPY_VERSION -RUN go install github.com/siderolabs/deep-copy@${DEEPCOPY_VERSION} \ - && mv /go/bin/deep-copy /bin/deep-copy # tools and sources FROM tools AS base WORKDIR /src -COPY ./go.mod . -COPY ./go.sum . +COPY go.mod go.mod +COPY go.sum go.sum +RUN cd . RUN --mount=type=cache,target=/go/pkg go mod download RUN --mount=type=cache,target=/go/pkg go mod verify COPY ./cmd ./cmd COPY ./internal ./internal RUN --mount=type=cache,target=/go/pkg go list -mod=readonly all >/dev/null +FROM tools AS embed-generate +ARG SHA +ARG TAG +WORKDIR /src +RUN mkdir -p internal/version/data && \ + echo -n ${SHA} > internal/version/data/sha && \ + echo -n ${TAG} > internal/version/data/tag + +# runs gofumpt +FROM base AS lint-gofumpt +RUN FILES="$(gofumpt -l .)" && test -z "${FILES}" || (echo -e "Source code is not formatted with 'gofumpt -w .':\n${FILES}"; exit 1) + +# runs goimports +FROM base AS lint-goimports +RUN FILES="$(goimports -l -local github.com/siderolabs/conform/ .)" && test -z "${FILES}" || (echo -e "Source code is not formatted with 'goimports -w -local github.com/siderolabs/conform/ .':\n${FILES}"; exit 1) + +# runs golangci-lint +FROM base AS lint-golangci-lint +WORKDIR /src +COPY .golangci.yml . +ENV GOGC 50 +RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/root/.cache/golangci-lint --mount=type=cache,target=/go/pkg golangci-lint run --config .golangci.yml + +# runs govulncheck +FROM base AS lint-govulncheck +WORKDIR /src +RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg govulncheck ./... + +# runs unit-tests with race detector +FROM base AS unit-tests-race +WORKDIR /src +ARG TESTPKGS +RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg --mount=type=cache,target=/tmp CGO_ENABLED=1 go test -v -race -count 1 ${TESTPKGS} + +# runs unit-tests +FROM base AS unit-tests-run +WORKDIR /src +ARG TESTPKGS +RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg --mount=type=cache,target=/tmp go test -v -covermode=atomic -coverprofile=coverage.txt -coverpkg=${TESTPKGS} -count 1 ${TESTPKGS} + +FROM embed-generate AS embed-abbrev-generate +WORKDIR /src +ARG ABBREV_TAG +RUN echo -n 'undefined' > internal/version/data/sha && \ + echo -n ${ABBREV_TAG} > internal/version/data/tag + +FROM scratch AS unit-tests +COPY --from=unit-tests-run /src/coverage.txt /coverage-unit-tests.txt + +# cleaned up specs and compiled versions +FROM scratch AS generate +COPY --from=embed-abbrev-generate /src/internal/version internal/version + # builds conform-darwin-amd64 FROM base AS conform-darwin-amd64-build COPY --from=generate / / +COPY --from=embed-generate / / WORKDIR /src/cmd/conform -ARG VERSION_PKG="github.com/siderolabs/conform/internal/version" +ARG GO_BUILDFLAGS +ARG GO_LDFLAGS +ARG VERSION_PKG="internal/version" ARG SHA ARG TAG -RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg GOARCH=amd64 GOOS=darwin go build -ldflags "-s -w -X ${VERSION_PKG}.Name=conform -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /conform-darwin-amd64 +RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg GOARCH=amd64 GOOS=darwin go build ${GO_BUILDFLAGS} -ldflags "${GO_LDFLAGS} -X ${VERSION_PKG}.Name=conform -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /conform-darwin-amd64 # builds conform-darwin-arm64 FROM base AS conform-darwin-arm64-build COPY --from=generate / / +COPY --from=embed-generate / / WORKDIR /src/cmd/conform -ARG VERSION_PKG="github.com/siderolabs/conform/internal/version" +ARG GO_BUILDFLAGS +ARG GO_LDFLAGS +ARG VERSION_PKG="internal/version" ARG SHA ARG TAG -RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg GOARCH=arm64 GOOS=darwin go build -ldflags "-s -w -X ${VERSION_PKG}.Name=conform -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /conform-darwin-arm64 +RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg GOARCH=arm64 GOOS=darwin go build ${GO_BUILDFLAGS} -ldflags "${GO_LDFLAGS} -X ${VERSION_PKG}.Name=conform -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /conform-darwin-arm64 # builds conform-linux-amd64 FROM base AS conform-linux-amd64-build COPY --from=generate / / +COPY --from=embed-generate / / WORKDIR /src/cmd/conform -ARG VERSION_PKG="github.com/siderolabs/conform/internal/version" +ARG GO_BUILDFLAGS +ARG GO_LDFLAGS +ARG VERSION_PKG="internal/version" ARG SHA ARG TAG -RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg GOARCH=amd64 GOOS=linux go build -ldflags "-s -w -X ${VERSION_PKG}.Name=conform -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /conform-linux-amd64 +RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg GOARCH=amd64 GOOS=linux go build ${GO_BUILDFLAGS} -ldflags "${GO_LDFLAGS} -X ${VERSION_PKG}.Name=conform -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /conform-linux-amd64 # builds conform-linux-arm64 FROM base AS conform-linux-arm64-build COPY --from=generate / / +COPY --from=embed-generate / / WORKDIR /src/cmd/conform -ARG VERSION_PKG="github.com/siderolabs/conform/internal/version" +ARG GO_BUILDFLAGS +ARG GO_LDFLAGS +ARG VERSION_PKG="internal/version" ARG SHA ARG TAG -RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg GOARCH=arm64 GOOS=linux go build -ldflags "-s -w -X ${VERSION_PKG}.Name=conform -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /conform-linux-arm64 - -# runs gofumpt -FROM base AS lint-gofumpt -RUN FILES="$(gofumpt -l .)" && test -z "${FILES}" || (echo -e "Source code is not formatted with 'gofumpt -w .':\n${FILES}"; exit 1) - -# runs goimports -FROM base AS lint-goimports -RUN FILES="$(goimports -l -local github.com/siderolabs/conform .)" && test -z "${FILES}" || (echo -e "Source code is not formatted with 'goimports -w -local github.com/siderolabs/conform .':\n${FILES}"; exit 1) - -# runs golangci-lint -FROM base AS lint-golangci-lint -COPY .golangci.yml . -ENV GOGC 50 -RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/root/.cache/golangci-lint --mount=type=cache,target=/go/pkg golangci-lint run --config .golangci.yml - -# runs unit-tests with race detector -FROM base AS unit-tests-race -ARG TESTPKGS -RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg --mount=type=cache,target=/tmp CGO_ENABLED=1 go test -v -race -count 1 ${TESTPKGS} - -# runs unit-tests -FROM base AS unit-tests-run -ARG TESTPKGS -RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg --mount=type=cache,target=/tmp go test -v -covermode=atomic -coverprofile=coverage.txt -coverpkg=${TESTPKGS} -count 1 ${TESTPKGS} +RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg GOARCH=arm64 GOOS=linux go build ${GO_BUILDFLAGS} -ldflags "${GO_LDFLAGS} -X ${VERSION_PKG}.Name=conform -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /conform-linux-arm64 FROM scratch AS conform-darwin-amd64 COPY --from=conform-darwin-amd64-build /conform-darwin-amd64 /conform-darwin-amd64 @@ -128,11 +174,14 @@ COPY --from=conform-linux-amd64-build /conform-linux-amd64 /conform-linux-amd64 FROM scratch AS conform-linux-arm64 COPY --from=conform-linux-arm64-build /conform-linux-arm64 /conform-linux-arm64 -FROM scratch AS unit-tests -COPY --from=unit-tests-run /src/coverage.txt /coverage.txt - FROM conform-linux-${TARGETARCH} AS conform +FROM scratch AS conform-all +COPY --from=conform-darwin-amd64 / / +COPY --from=conform-darwin-arm64 / / +COPY --from=conform-linux-amd64 / / +COPY --from=conform-linux-arm64 / / + FROM scratch AS image-conform ARG TARGETARCH COPY --from=conform conform-linux-${TARGETARCH} /conform diff --git a/Makefile b/Makefile index a2019701..f8d43bc1 100644 --- a/Makefile +++ b/Makefile @@ -1,25 +1,33 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2022-09-19T13:49:50Z by kres 9ea8a33. +# Generated on 2023-09-08T12:49:26Z by kres latest. # common variables SHA := $(shell git describe --match=none --always --abbrev=8 --dirty) TAG := $(shell git describe --tag --always --dirty) +ABBREV_TAG := $(shell git describe --tags >/dev/null 2>/dev/null && git describe --tag --always --match v[0-9]\* --abbrev=0 || echo 'undefined') BRANCH := $(shell git rev-parse --abbrev-ref HEAD) ARTIFACTS := _out +WITH_DEBUG ?= false +WITH_RACE ?= false REGISTRY ?= ghcr.io USERNAME ?= siderolabs REGISTRY_AND_USERNAME ?= $(REGISTRY)/$(USERNAME) -GOLANGCILINT_VERSION ?= v1.49.0 -GOFUMPT_VERSION ?= v0.3.1 -GO_VERSION ?= 1.19 -GOIMPORTS_VERSION ?= v0.1.12 -PROTOBUF_GO_VERSION ?= 1.28.1 -GRPC_GO_VERSION ?= 1.2.0 -GRPC_GATEWAY_VERSION ?= 2.11.3 -VTPROTOBUF_VERSION ?= 0.3.0 +PROTOBUF_GO_VERSION ?= 1.31.0 +GRPC_GO_VERSION ?= 1.3.0 +GRPC_GATEWAY_VERSION ?= 2.17.1 +VTPROTOBUF_VERSION ?= 0.4.0 DEEPCOPY_VERSION ?= v0.5.5 +GOLANGCILINT_VERSION ?= v1.54.2 +GOFUMPT_VERSION ?= v0.5.0 +GO_VERSION ?= 1.21 +GOIMPORTS_VERSION ?= v0.12.0 +GO_BUILDFLAGS ?= +GO_LDFLAGS ?= +CGO_ENABLED ?= 0 +GOTOOLCHAIN ?= local +GOEXPERIMENT ?= loopvar TESTPKGS ?= ./... KRES_IMAGE ?= ghcr.io/siderolabs/kres:latest CONFORMANCE_IMAGE ?= ghcr.io/siderolabs/conform:latest @@ -32,25 +40,32 @@ PROGRESS ?= auto PUSH ?= false CI_ARGS ?= COMMON_ARGS = --file=Dockerfile +COMMON_ARGS += --provenance=false COMMON_ARGS += --progress=$(PROGRESS) COMMON_ARGS += --platform=$(PLATFORM) COMMON_ARGS += --push=$(PUSH) -COMMON_ARGS += --build-arg=ARTIFACTS=$(ARTIFACTS) -COMMON_ARGS += --build-arg=SHA=$(SHA) -COMMON_ARGS += --build-arg=TAG=$(TAG) -COMMON_ARGS += --build-arg=USERNAME=$(USERNAME) -COMMON_ARGS += --build-arg=REGISTRY=$(REGISTRY) -COMMON_ARGS += --build-arg=TOOLCHAIN=$(TOOLCHAIN) -COMMON_ARGS += --build-arg=GOLANGCILINT_VERSION=$(GOLANGCILINT_VERSION) -COMMON_ARGS += --build-arg=GOFUMPT_VERSION=$(GOFUMPT_VERSION) -COMMON_ARGS += --build-arg=GOIMPORTS_VERSION=$(GOIMPORTS_VERSION) -COMMON_ARGS += --build-arg=PROTOBUF_GO_VERSION=$(PROTOBUF_GO_VERSION) -COMMON_ARGS += --build-arg=GRPC_GO_VERSION=$(GRPC_GO_VERSION) -COMMON_ARGS += --build-arg=GRPC_GATEWAY_VERSION=$(GRPC_GATEWAY_VERSION) -COMMON_ARGS += --build-arg=VTPROTOBUF_VERSION=$(VTPROTOBUF_VERSION) -COMMON_ARGS += --build-arg=DEEPCOPY_VERSION=$(DEEPCOPY_VERSION) -COMMON_ARGS += --build-arg=TESTPKGS=$(TESTPKGS) -TOOLCHAIN ?= docker.io/golang:1.19-alpine +COMMON_ARGS += --build-arg=ARTIFACTS="$(ARTIFACTS)" +COMMON_ARGS += --build-arg=SHA="$(SHA)" +COMMON_ARGS += --build-arg=TAG="$(TAG)" +COMMON_ARGS += --build-arg=ABBREV_TAG="$(ABBREV_TAG)" +COMMON_ARGS += --build-arg=USERNAME="$(USERNAME)" +COMMON_ARGS += --build-arg=REGISTRY="$(REGISTRY)" +COMMON_ARGS += --build-arg=TOOLCHAIN="$(TOOLCHAIN)" +COMMON_ARGS += --build-arg=CGO_ENABLED="$(CGO_ENABLED)" +COMMON_ARGS += --build-arg=GO_BUILDFLAGS="$(GO_BUILDFLAGS)" +COMMON_ARGS += --build-arg=GO_LDFLAGS="$(GO_LDFLAGS)" +COMMON_ARGS += --build-arg=GOTOOLCHAIN="$(GOTOOLCHAIN)" +COMMON_ARGS += --build-arg=GOEXPERIMENT="$(GOEXPERIMENT)" +COMMON_ARGS += --build-arg=PROTOBUF_GO_VERSION="$(PROTOBUF_GO_VERSION)" +COMMON_ARGS += --build-arg=GRPC_GO_VERSION="$(GRPC_GO_VERSION)" +COMMON_ARGS += --build-arg=GRPC_GATEWAY_VERSION="$(GRPC_GATEWAY_VERSION)" +COMMON_ARGS += --build-arg=VTPROTOBUF_VERSION="$(VTPROTOBUF_VERSION)" +COMMON_ARGS += --build-arg=DEEPCOPY_VERSION="$(DEEPCOPY_VERSION)" +COMMON_ARGS += --build-arg=GOLANGCILINT_VERSION="$(GOLANGCILINT_VERSION)" +COMMON_ARGS += --build-arg=GOIMPORTS_VERSION="$(GOIMPORTS_VERSION)" +COMMON_ARGS += --build-arg=GOFUMPT_VERSION="$(GOFUMPT_VERSION)" +COMMON_ARGS += --build-arg=TESTPKGS="$(TESTPKGS)" +TOOLCHAIN ?= docker.io/golang:1.21-alpine # help menu @@ -85,6 +100,18 @@ respectively. endef +ifneq (, $(filter $(WITH_RACE), t true TRUE y yes 1)) +GO_BUILDFLAGS += -race +CGO_ENABLED := 1 +GO_LDFLAGS += -linkmode=external -extldflags '-static' +endif + +ifneq (, $(filter $(WITH_DEBUG), t true TRUE y yes 1)) +GO_BUILDFLAGS += -tags sidero.debug +else +GO_LDFLAGS += -s -w +endif + all: unit-tests conform image-conform lint .PHONY: clean @@ -97,6 +124,9 @@ target-%: ## Builds the specified target defined in the Dockerfile. The build r local-%: ## Builds the specified target defined in the Dockerfile using the local output type. The build result will be output to the specified local destination. @$(MAKE) target-$* TARGET_ARGS="--output=type=local,dest=$(DEST) $(TARGET_ARGS)" +generate: ## Generate .proto definitions. + @$(MAKE) local-$@ DEST=./ + lint-golangci-lint: ## Runs golangci-lint linter. @$(MAKE) target-$@ @@ -106,10 +136,14 @@ lint-gofumpt: ## Runs gofumpt linter. .PHONY: fmt fmt: ## Formats the source code @docker run --rm -it -v $(PWD):/src -w /src golang:$(GO_VERSION) \ - bash -c "export GO111MODULE=on; export GOPROXY=https://proxy.golang.org; \ + bash -c "export GOEXPERIMENT=loopvar; export GOTOOLCHAIN=local; \ + export GO111MODULE=on; export GOPROXY=https://proxy.golang.org; \ go install mvdan.cc/gofumpt@$(GOFUMPT_VERSION) && \ gofumpt -w ." +lint-govulncheck: ## Runs govulncheck linter. + @$(MAKE) target-$@ + lint-goimports: ## Runs goimports linter. @$(MAKE) target-$@ @@ -127,7 +161,7 @@ unit-tests-race: ## Performs unit tests with race detection enabled. .PHONY: coverage coverage: ## Upload coverage data to codecov.io. - bash -c "bash <(curl -s https://codecov.io/bash) -f $(ARTIFACTS)/coverage.txt -X fix" + bash -c "bash <(curl -s https://codecov.io/bash) -f $(ARTIFACTS)/coverage-unit-tests.txt -X fix" .PHONY: $(ARTIFACTS)/conform-darwin-amd64 $(ARTIFACTS)/conform-darwin-amd64: @@ -165,7 +199,7 @@ lint-markdown: ## Runs markdownlint. @$(MAKE) target-$@ .PHONY: lint -lint: lint-golangci-lint lint-gofumpt lint-goimports lint-markdown ## Run all linters for the project. +lint: lint-golangci-lint lint-gofumpt lint-govulncheck lint-goimports lint-markdown ## Run all linters for the project. .PHONY: image-conform image-conform: ## Builds image for conform. diff --git a/cmd/conform/version.go b/cmd/conform/version.go index 5778c04d..0e67a9e3 100644 --- a/cmd/conform/version.go +++ b/cmd/conform/version.go @@ -5,6 +5,8 @@ package main import ( + "fmt" + "github.com/spf13/cobra" "github.com/siderolabs/conform/internal/version" @@ -17,12 +19,9 @@ var versionCmd = &cobra.Command{ Use: "version", Short: "Prints the version", Long: ``, - Run: func(cmd *cobra.Command, args []string) { - if shortVersion { - version.PrintShortVersion() - } else { - version.PrintLongVersion() - } + Run: func(cmd *cobra.Command, _ []string) { + line := fmt.Sprintf("%s version %s (%s)", version.Name, version.Tag, version.SHA) + fmt.Println(line) }, } diff --git a/internal/version/data/sha b/internal/version/data/sha new file mode 100644 index 00000000..66dc9051 --- /dev/null +++ b/internal/version/data/sha @@ -0,0 +1 @@ +undefined \ No newline at end of file diff --git a/internal/version/data/tag b/internal/version/data/tag new file mode 100644 index 00000000..a263804b --- /dev/null +++ b/internal/version/data/tag @@ -0,0 +1 @@ +v0.1.0-alpha.27 \ No newline at end of file diff --git a/internal/version/version.go b/internal/version/version.go index 806998cc..d27aa505 100644 --- a/internal/version/version.go +++ b/internal/version/version.go @@ -2,67 +2,40 @@ // License, v. 2.0. If a copy of the MPL was not distributed with this // file, You can obtain one at http://mozilla.org/MPL/2.0/. -// Package version provides version information. +// THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. +// +// Generated on 2023-09-12T10:42:20Z by kres f9e39ef-dirty. + +// Package version contains variables such as project name, tag and sha. It's a proper alternative to using +// -ldflags '-X ...'. package version import ( - "bytes" - "fmt" - "runtime" - "text/template" - - "github.com/siderolabs/conform/internal/constants" + _ "embed" + "runtime/debug" + "strings" ) var ( - // Tag is set at build time. + // Tag declares project git tag. + //go:embed data/tag Tag string - // SHA is set at build time. + // SHA declares project git SHA. + //go:embed data/sha SHA string + // Name declares project name. + Name = func() string { + info, ok := debug.ReadBuildInfo() + if !ok { + panic("cannot read build info, something is very wrong") + } + + // Check if siderolabs project + if strings.HasPrefix(info.Path, "github.com/siderolabs/") { + return info.Path[strings.LastIndex(info.Path, "/")+1:] + } + + // We could return a proper full path here, but it could be seen as a privacy violation. + return "community-project" + }() ) - -const versionTemplate = constants.AppName + `: - Tag: {{ .Tag }} - SHA: {{ .SHA }} - Go version: {{ .GoVersion }} - OS/Arch: {{ .Os }}/{{ .Arch }} -` - -// Version contains verbose version information. -type Version struct { - Tag string - SHA string - GoVersion string - Os string - Arch string -} - -// PrintLongVersion prints verbose version information. -func PrintLongVersion() { - v := Version{ - Tag: Tag, - SHA: SHA, - GoVersion: runtime.Version(), - Os: runtime.GOOS, - Arch: runtime.GOARCH, - } - - var wr bytes.Buffer - - tmpl, err := template.New("version").Parse(versionTemplate) - if err != nil { - fmt.Println(err) - } - - err = tmpl.Execute(&wr, v) - if err != nil { - fmt.Println(err) - } - - fmt.Println(wr.String()) -} - -// PrintShortVersion prints the tag and sha. -func PrintShortVersion() { - fmt.Printf("%s %s-%s\n", constants.AppName, Tag, SHA) -}