From a37d89318643680504f9fc6736cc3770ffe8e32a Mon Sep 17 00:00:00 2001 From: Spencer Smith Date: Fri, 8 Sep 2023 08:45:49 -0400 Subject: [PATCH] chore: enable github actions with rekres This PR rekreses to enable actions and bumps some versions along the way. Signed-off-by: Spencer Smith --- .dockerignore | 4 +- .drone.yml | 350 -------------------------------------- .github/workflows/ci.yaml | 82 ++++++++- .golangci.yml | 23 ++- .kres.yaml | 6 + Dockerfile | 78 ++++++--- Makefile | 87 +++++++--- 7 files changed, 220 insertions(+), 410 deletions(-) delete mode 100644 .drone.yml diff --git a/.dockerignore b/.dockerignore index f913e553..f50e4211 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,8 +1,8 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2021-09-01T21:21:54Z by kres 5ca7963. +# Generated on 2023-09-08T12:45:27Z by kres latest. -** +* !cmd !internal !go.mod diff --git a/.drone.yml b/.drone.yml deleted file mode 100644 index 6a943e53..00000000 --- a/.drone.yml +++ /dev/null @@ -1,350 +0,0 @@ ---- -# THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. -# -# Generated on 2022-09-19T19:52:38Z by kres 255fc05. - -kind: pipeline -type: kubernetes -name: default - -platform: - os: linux - arch: amd64 - -steps: -- name: setup-ci - pull: always - image: autonomy/build-container:latest - commands: - - sleep 5 - - git fetch --tags - - install-ci-key - - docker buildx create --driver docker-container --platform linux/amd64 --name local --use unix:///var/outer-run/docker.sock - - docker buildx inspect --bootstrap - environment: - SSH_KEY: - from_secret: ssh_key - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - -- name: base - pull: always - image: autonomy/build-container:latest - commands: - - make base - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - depends_on: - - setup-ci - -- name: unit-tests - pull: always - image: autonomy/build-container:latest - commands: - - make unit-tests - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - depends_on: - - base - -- name: unit-tests-race - pull: always - image: autonomy/build-container:latest - commands: - - make unit-tests-race - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - depends_on: - - base - -- name: coverage - pull: always - image: autonomy/build-container:latest - commands: - - make coverage - environment: - CODECOV_TOKEN: - from_secret: CODECOV_TOKEN - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - depends_on: - - unit-tests - -- name: conform - pull: always - image: autonomy/build-container:latest - commands: - - make conform - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - depends_on: - - base - -- name: lint - pull: always - image: autonomy/build-container:latest - commands: - - make lint - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - depends_on: - - base - -- name: image-conform - pull: always - image: autonomy/build-container:latest - commands: - - make image-conform - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - depends_on: - - conform - - lint - - unit-tests - -- name: push-conform - pull: always - image: autonomy/build-container:latest - commands: - - docker login ghcr.io --username "$${GHCR_USERNAME}" --password "$${GHCR_PASSWORD}" - - make image-conform - environment: - GHCR_PASSWORD: - from_secret: ghcr_token - GHCR_USERNAME: - from_secret: ghcr_username - PUSH: true - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - when: - event: - exclude: - - pull_request - depends_on: - - image-conform - -- name: push-conform-latest - pull: always - image: autonomy/build-container:latest - commands: - - docker login ghcr.io --username "$${GHCR_USERNAME}" --password "$${GHCR_PASSWORD}" - - make image-conform TAG=latest - environment: - GHCR_PASSWORD: - from_secret: ghcr_token - GHCR_USERNAME: - from_secret: ghcr_username - PUSH: true - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - when: - branch: - - main - event: - exclude: - - pull_request - depends_on: - - push-conform - -- name: release-notes - pull: always - image: autonomy/build-container:latest - commands: - - make release-notes - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - when: - event: - - tag - depends_on: - - unit-tests - - coverage - - conform - - image-conform - - lint - -- name: release - pull: always - image: plugins/github-release - settings: - api_key: - from_secret: github_token - checksum: - - sha256 - - sha512 - draft: true - files: - - _out/* - note: _out/RELEASE_NOTES.md - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - when: - event: - - tag - depends_on: - - release-notes - -services: -- name: docker - image: docker:20.10-dind - entrypoint: - - dockerd - commands: - - --dns=8.8.8.8 - - --dns=8.8.4.4 - - --mtu=1500 - - --log-level=error - privileged: true - volumes: - - name: outer-docker-socket - path: /var/outer-run - - name: docker-socket - path: /var/run - - name: buildx - path: /root/.docker/buildx - - name: ssh - path: /root/.ssh - -volumes: -- name: outer-docker-socket - host: - path: /var/ci-docker -- name: docker-socket - temp: - medium: memory -- name: buildx - temp: - medium: memory -- name: ssh - temp: - medium: memory - -trigger: - branch: - exclude: - - renovate/* - - dependabot/* - ---- -kind: pipeline -type: kubernetes -name: notify - -platform: - os: linux - arch: amd64 - -clone: - disable: true - -steps: -- name: slack - image: plugins/slack - settings: - channel: proj-talos-maintainers - link_names: true - template: "{{#if build.pull }}\n*{{#success build.status}}✓ Success{{else}}✕ Fail{{/success}}*: {{ repo.owner }}/{{ repo.name }} - \n{{else}}\n*{{#success build.status}}✓ Success{{else}}✕ Fail{{/success}}: {{ repo.owner }}/{{ repo.name }} - Build #{{ build.number }}* (type: `{{ build.event }}`)\n{{/if}}\nCommit: \nBranch: \nAuthor: {{ build.author }}\n<{{ build.link }}|Visit build page>" - webhook: - from_secret: slack_webhook - when: - status: - - success - - failure - -trigger: - branch: - exclude: - - renovate/* - - dependabot/* - status: - - success - - failure - -depends_on: -- default - -... diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index f69c9248..2d40df03 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -13,7 +13,85 @@ jobs: permissions: contents: write packages: write - runs-on: self-hosted + runs-on: + - self-hosted + - X64 steps: - name: checkout - uses: actions/checkout@v3 \ No newline at end of file + uses: actions/checkout@v3 + - name: Unshallow + run: | + git fetch --prune --unshallow + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + with: + config-inline: | + [worker.oci] + gc = true + gckeepstorage = 100000 # 100 GiB + + [[worker.oci.gcpolicy]] + keepBytes = 32212254720 # 30 GiB + keepDuration = 604800 + filters = [ "type==source.local", "type==exec.cachemount", "type==source.git.checkout"] + [[worker.oci.gcpolicy]] + all = true + keepBytes = 107374182400 # 100 GiB + - name: base + run: | + make base + - name: unit-tests + run: | + make unit-tests + - name: unit-tests-race + run: | + make unit-tests-race + - name: coverage + run: | + make coverage + - name: conform + run: | + make conform + - name: lint + run: | + make lint + - name: Login to registry + if: github.event_name != 'pull_request' + uses: docker/login-action@v2 + with: + password: ${{ secrets.GITHUB_TOKEN }} + registry: ghcr.io + username: ${{ github.repository_owner }} + - name: image-conform + run: | + make image-conform + - name: push-conform + if: github.event_name != 'pull_request' + env: + PUSH: "true" + run: | + make image-conform + - name: push-conform-latest + if: github.event_name != 'pull_request' + env: + PUSH: "true" + run: | + make image-conform TAG=latest + - name: Generate Checksums + if: startsWith(github.ref, 'refs/tags/') + run: | + sha256sum _out/conform-* > _out/sha256sum.txt + sha512sum _out/conform-* > _out/sha512sum.txt + - name: release-notes + if: startsWith(github.ref, 'refs/tags/') + run: | + make release-notes + - name: Release + if: startsWith(github.ref, 'refs/tags/') + uses: crazy-max/ghaction-github-release@v1 + with: + body_path: _out/RELEASE_NOTES.md + draft: "true" + files: |- + _out/conform-* + _out/sha*.txt diff --git a/.golangci.yml b/.golangci.yml index db4c80db..725e9332 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -1,6 +1,6 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2022-09-19T13:49:50Z by kres 9ea8a33. +# Generated on 2023-09-08T12:45:27Z by kres latest. # options for analysis running run: @@ -36,7 +36,7 @@ linters-settings: lines: 60 statements: 40 gci: - local-prefixes: github.com/siderolabs/conform + local-prefixes: github.com/siderolabs/conform/ gocognit: min-complexity: 30 ireturn: @@ -65,7 +65,7 @@ linters-settings: gofmt: simplify: true goimports: - local-prefixes: github.com/siderolabs/conform + local-prefixes: github.com/siderolabs/conform/ golint: min-confidence: 0.8 gomnd: @@ -74,9 +74,8 @@ linters-settings: govet: check-shadowing: true enable-all: true - depguard: - list-type: blacklist - include-go-root: false + disable: + - loopclosure lll: line-length: 200 tab-width: 4 @@ -118,6 +117,10 @@ linters-settings: cyclop: # the maximal code complexity to report max-complexity: 20 + # depguard: + # Main: + # deny: + # - github.com/OpenPeeDeeP/depguard # this is just an example linters: enable-all: true @@ -145,11 +148,19 @@ linters: - typecheck - varnamelen - wrapcheck + - depguard # Disabled because starting with golangci-lint 1.53.0 it doesn't allow denylist alone anymore + - tagalign # abandoned linters for which golangci shows the warning that the repo is archived by the owner - interfacer - maligned - golint - scopelint + - varcheck + - deadcode + - structcheck + - ifshort + # disabled as it seems to be broken - goes into imported libraries and reports issues there + - musttag issues: exclude: [] diff --git a/.kres.yaml b/.kres.yaml index 222bd243..7a08ad45 100644 --- a/.kres.yaml +++ b/.kres.yaml @@ -18,3 +18,9 @@ kind: golang.Toolchain spec: extraPackages: - git +--- +kind: common.Release +name: release +spec: + artifacts: + - conform-* \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index 7e6adb19..9948a40b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,22 +1,22 @@ -# syntax = docker/dockerfile-upstream:1.2.0-labs +# syntax = docker/dockerfile-upstream:1.6.0-labs # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2022-09-19T13:49:50Z by kres 9ea8a33. +# Generated on 2023-09-08T12:45:27Z by kres latest. ARG TOOLCHAIN # cleaned up specs and compiled versions FROM scratch AS generate -FROM ghcr.io/siderolabs/ca-certificates:v1.2.0 AS image-ca-certificates +FROM ghcr.io/siderolabs/ca-certificates:v1.6.0-alpha.0-10-gd3d7d29 AS image-ca-certificates -FROM ghcr.io/siderolabs/fhs:v1.2.0 AS image-fhs +FROM ghcr.io/siderolabs/fhs:v1.6.0-alpha.0-10-gd3d7d29 AS image-fhs # runs markdownlint -FROM docker.io/node:18.9.0-alpine3.16 AS lint-markdown +FROM docker.io/node:20.5.1-alpine3.18 AS lint-markdown WORKDIR /src -RUN npm i -g markdownlint-cli@0.32.2 +RUN npm i -g markdownlint-cli@0.35.0 RUN npm i sentences-per-line@0.2.1 COPY .markdownlint.json . COPY ./CHANGELOG.md ./CHANGELOG.md @@ -30,26 +30,34 @@ RUN apk --update --no-cache add bash curl build-base protoc protobuf-dev git # build tools FROM --platform=${BUILDPLATFORM} toolchain AS tools ENV GO111MODULE on -ENV CGO_ENABLED 0 +ARG CGO_ENABLED +ENV CGO_ENABLED ${CGO_ENABLED} +ARG GOTOOLCHAIN +ENV GOTOOLCHAIN ${GOTOOLCHAIN} +ARG GOEXPERIMENT +ENV GOEXPERIMENT ${GOEXPERIMENT} ENV GOPATH /go +ARG DEEPCOPY_VERSION +RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg go install github.com/siderolabs/deep-copy@${DEEPCOPY_VERSION} \ + && mv /go/bin/deep-copy /bin/deep-copy ARG GOLANGCILINT_VERSION -RUN go install github.com/golangci/golangci-lint/cmd/golangci-lint@${GOLANGCILINT_VERSION} \ +RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg go install github.com/golangci/golangci-lint/cmd/golangci-lint@${GOLANGCILINT_VERSION} \ && mv /go/bin/golangci-lint /bin/golangci-lint +RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg go install golang.org/x/vuln/cmd/govulncheck@latest \ + && mv /go/bin/govulncheck /bin/govulncheck +ARG GOIMPORTS_VERSION +RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg go install golang.org/x/tools/cmd/goimports@${GOIMPORTS_VERSION} \ + && mv /go/bin/goimports /bin/goimports ARG GOFUMPT_VERSION RUN go install mvdan.cc/gofumpt@${GOFUMPT_VERSION} \ && mv /go/bin/gofumpt /bin/gofumpt -ARG GOIMPORTS_VERSION -RUN go install golang.org/x/tools/cmd/goimports@${GOIMPORTS_VERSION} \ - && mv /go/bin/goimports /bin/goimports -ARG DEEPCOPY_VERSION -RUN go install github.com/siderolabs/deep-copy@${DEEPCOPY_VERSION} \ - && mv /go/bin/deep-copy /bin/deep-copy # tools and sources FROM tools AS base WORKDIR /src -COPY ./go.mod . -COPY ./go.sum . +COPY go.mod go.mod +COPY go.sum go.sum +RUN cd . RUN --mount=type=cache,target=/go/pkg go mod download RUN --mount=type=cache,target=/go/pkg go mod verify COPY ./cmd ./cmd @@ -59,38 +67,50 @@ RUN --mount=type=cache,target=/go/pkg go list -mod=readonly all >/dev/null # builds conform-darwin-amd64 FROM base AS conform-darwin-amd64-build COPY --from=generate / / +COPY --from=embed-generate / / WORKDIR /src/cmd/conform +ARG GO_BUILDFLAGS +ARG GO_LDFLAGS ARG VERSION_PKG="github.com/siderolabs/conform/internal/version" ARG SHA ARG TAG -RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg GOARCH=amd64 GOOS=darwin go build -ldflags "-s -w -X ${VERSION_PKG}.Name=conform -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /conform-darwin-amd64 +RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg GOARCH=amd64 GOOS=darwin go build ${GO_BUILDFLAGS} -ldflags "${GO_LDFLAGS} -X ${VERSION_PKG}.Name=conform -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /conform-darwin-amd64 # builds conform-darwin-arm64 FROM base AS conform-darwin-arm64-build COPY --from=generate / / +COPY --from=embed-generate / / WORKDIR /src/cmd/conform +ARG GO_BUILDFLAGS +ARG GO_LDFLAGS ARG VERSION_PKG="github.com/siderolabs/conform/internal/version" ARG SHA ARG TAG -RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg GOARCH=arm64 GOOS=darwin go build -ldflags "-s -w -X ${VERSION_PKG}.Name=conform -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /conform-darwin-arm64 +RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg GOARCH=arm64 GOOS=darwin go build ${GO_BUILDFLAGS} -ldflags "${GO_LDFLAGS} -X ${VERSION_PKG}.Name=conform -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /conform-darwin-arm64 # builds conform-linux-amd64 FROM base AS conform-linux-amd64-build COPY --from=generate / / +COPY --from=embed-generate / / WORKDIR /src/cmd/conform +ARG GO_BUILDFLAGS +ARG GO_LDFLAGS ARG VERSION_PKG="github.com/siderolabs/conform/internal/version" ARG SHA ARG TAG -RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg GOARCH=amd64 GOOS=linux go build -ldflags "-s -w -X ${VERSION_PKG}.Name=conform -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /conform-linux-amd64 +RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg GOARCH=amd64 GOOS=linux go build ${GO_BUILDFLAGS} -ldflags "${GO_LDFLAGS} -X ${VERSION_PKG}.Name=conform -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /conform-linux-amd64 # builds conform-linux-arm64 FROM base AS conform-linux-arm64-build COPY --from=generate / / +COPY --from=embed-generate / / WORKDIR /src/cmd/conform +ARG GO_BUILDFLAGS +ARG GO_LDFLAGS ARG VERSION_PKG="github.com/siderolabs/conform/internal/version" ARG SHA ARG TAG -RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg GOARCH=arm64 GOOS=linux go build -ldflags "-s -w -X ${VERSION_PKG}.Name=conform -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /conform-linux-arm64 +RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg GOARCH=arm64 GOOS=linux go build ${GO_BUILDFLAGS} -ldflags "${GO_LDFLAGS} -X ${VERSION_PKG}.Name=conform -X ${VERSION_PKG}.SHA=${SHA} -X ${VERSION_PKG}.Tag=${TAG}" -o /conform-linux-arm64 # runs gofumpt FROM base AS lint-gofumpt @@ -98,21 +118,29 @@ RUN FILES="$(gofumpt -l .)" && test -z "${FILES}" || (echo -e "Source code is no # runs goimports FROM base AS lint-goimports -RUN FILES="$(goimports -l -local github.com/siderolabs/conform .)" && test -z "${FILES}" || (echo -e "Source code is not formatted with 'goimports -w -local github.com/siderolabs/conform .':\n${FILES}"; exit 1) +RUN FILES="$(goimports -l -local github.com/siderolabs/conform/ .)" && test -z "${FILES}" || (echo -e "Source code is not formatted with 'goimports -w -local github.com/siderolabs/conform/ .':\n${FILES}"; exit 1) # runs golangci-lint FROM base AS lint-golangci-lint +WORKDIR /src COPY .golangci.yml . ENV GOGC 50 RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/root/.cache/golangci-lint --mount=type=cache,target=/go/pkg golangci-lint run --config .golangci.yml +# runs govulncheck +FROM base AS lint-govulncheck +WORKDIR /src +RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg govulncheck ./... + # runs unit-tests with race detector FROM base AS unit-tests-race +WORKDIR /src ARG TESTPKGS RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg --mount=type=cache,target=/tmp CGO_ENABLED=1 go test -v -race -count 1 ${TESTPKGS} # runs unit-tests FROM base AS unit-tests-run +WORKDIR /src ARG TESTPKGS RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=cache,target=/go/pkg --mount=type=cache,target=/tmp go test -v -covermode=atomic -coverprofile=coverage.txt -coverpkg=${TESTPKGS} -count 1 ${TESTPKGS} @@ -129,10 +157,16 @@ FROM scratch AS conform-linux-arm64 COPY --from=conform-linux-arm64-build /conform-linux-arm64 /conform-linux-arm64 FROM scratch AS unit-tests -COPY --from=unit-tests-run /src/coverage.txt /coverage.txt +COPY --from=unit-tests-run /src/coverage.txt /coverage-unit-tests.txt FROM conform-linux-${TARGETARCH} AS conform +FROM scratch AS conform-all +COPY --from=conform-darwin-amd64 / / +COPY --from=conform-darwin-arm64 / / +COPY --from=conform-linux-amd64 / / +COPY --from=conform-linux-arm64 / / + FROM scratch AS image-conform ARG TARGETARCH COPY --from=conform conform-linux-${TARGETARCH} /conform diff --git a/Makefile b/Makefile index a2019701..f079e9f7 100644 --- a/Makefile +++ b/Makefile @@ -1,25 +1,33 @@ # THIS FILE WAS AUTOMATICALLY GENERATED, PLEASE DO NOT EDIT. # -# Generated on 2022-09-19T13:49:50Z by kres 9ea8a33. +# Generated on 2023-09-08T12:45:27Z by kres latest. # common variables SHA := $(shell git describe --match=none --always --abbrev=8 --dirty) TAG := $(shell git describe --tag --always --dirty) +ABBREV_TAG := $(shell git describe --tags >/dev/null 2>/dev/null && git describe --tag --always --match v[0-9]\* --abbrev=0 || echo 'undefined') BRANCH := $(shell git rev-parse --abbrev-ref HEAD) ARTIFACTS := _out +WITH_DEBUG ?= false +WITH_RACE ?= false REGISTRY ?= ghcr.io USERNAME ?= siderolabs REGISTRY_AND_USERNAME ?= $(REGISTRY)/$(USERNAME) -GOLANGCILINT_VERSION ?= v1.49.0 -GOFUMPT_VERSION ?= v0.3.1 -GO_VERSION ?= 1.19 -GOIMPORTS_VERSION ?= v0.1.12 -PROTOBUF_GO_VERSION ?= 1.28.1 -GRPC_GO_VERSION ?= 1.2.0 -GRPC_GATEWAY_VERSION ?= 2.11.3 -VTPROTOBUF_VERSION ?= 0.3.0 +PROTOBUF_GO_VERSION ?= 1.31.0 +GRPC_GO_VERSION ?= 1.3.0 +GRPC_GATEWAY_VERSION ?= 2.17.1 +VTPROTOBUF_VERSION ?= 0.4.0 DEEPCOPY_VERSION ?= v0.5.5 +GOLANGCILINT_VERSION ?= v1.54.2 +GOFUMPT_VERSION ?= v0.5.0 +GO_VERSION ?= 1.21 +GOIMPORTS_VERSION ?= v0.12.0 +GO_BUILDFLAGS ?= +GO_LDFLAGS ?= +CGO_ENABLED ?= 0 +GOTOOLCHAIN ?= local +GOEXPERIMENT ?= loopvar TESTPKGS ?= ./... KRES_IMAGE ?= ghcr.io/siderolabs/kres:latest CONFORMANCE_IMAGE ?= ghcr.io/siderolabs/conform:latest @@ -32,25 +40,32 @@ PROGRESS ?= auto PUSH ?= false CI_ARGS ?= COMMON_ARGS = --file=Dockerfile +COMMON_ARGS += --provenance=false COMMON_ARGS += --progress=$(PROGRESS) COMMON_ARGS += --platform=$(PLATFORM) COMMON_ARGS += --push=$(PUSH) -COMMON_ARGS += --build-arg=ARTIFACTS=$(ARTIFACTS) -COMMON_ARGS += --build-arg=SHA=$(SHA) -COMMON_ARGS += --build-arg=TAG=$(TAG) -COMMON_ARGS += --build-arg=USERNAME=$(USERNAME) -COMMON_ARGS += --build-arg=REGISTRY=$(REGISTRY) -COMMON_ARGS += --build-arg=TOOLCHAIN=$(TOOLCHAIN) -COMMON_ARGS += --build-arg=GOLANGCILINT_VERSION=$(GOLANGCILINT_VERSION) -COMMON_ARGS += --build-arg=GOFUMPT_VERSION=$(GOFUMPT_VERSION) -COMMON_ARGS += --build-arg=GOIMPORTS_VERSION=$(GOIMPORTS_VERSION) -COMMON_ARGS += --build-arg=PROTOBUF_GO_VERSION=$(PROTOBUF_GO_VERSION) -COMMON_ARGS += --build-arg=GRPC_GO_VERSION=$(GRPC_GO_VERSION) -COMMON_ARGS += --build-arg=GRPC_GATEWAY_VERSION=$(GRPC_GATEWAY_VERSION) -COMMON_ARGS += --build-arg=VTPROTOBUF_VERSION=$(VTPROTOBUF_VERSION) -COMMON_ARGS += --build-arg=DEEPCOPY_VERSION=$(DEEPCOPY_VERSION) -COMMON_ARGS += --build-arg=TESTPKGS=$(TESTPKGS) -TOOLCHAIN ?= docker.io/golang:1.19-alpine +COMMON_ARGS += --build-arg=ARTIFACTS="$(ARTIFACTS)" +COMMON_ARGS += --build-arg=SHA="$(SHA)" +COMMON_ARGS += --build-arg=TAG="$(TAG)" +COMMON_ARGS += --build-arg=ABBREV_TAG="$(ABBREV_TAG)" +COMMON_ARGS += --build-arg=USERNAME="$(USERNAME)" +COMMON_ARGS += --build-arg=REGISTRY="$(REGISTRY)" +COMMON_ARGS += --build-arg=TOOLCHAIN="$(TOOLCHAIN)" +COMMON_ARGS += --build-arg=CGO_ENABLED="$(CGO_ENABLED)" +COMMON_ARGS += --build-arg=GO_BUILDFLAGS="$(GO_BUILDFLAGS)" +COMMON_ARGS += --build-arg=GO_LDFLAGS="$(GO_LDFLAGS)" +COMMON_ARGS += --build-arg=GOTOOLCHAIN="$(GOTOOLCHAIN)" +COMMON_ARGS += --build-arg=GOEXPERIMENT="$(GOEXPERIMENT)" +COMMON_ARGS += --build-arg=PROTOBUF_GO_VERSION="$(PROTOBUF_GO_VERSION)" +COMMON_ARGS += --build-arg=GRPC_GO_VERSION="$(GRPC_GO_VERSION)" +COMMON_ARGS += --build-arg=GRPC_GATEWAY_VERSION="$(GRPC_GATEWAY_VERSION)" +COMMON_ARGS += --build-arg=VTPROTOBUF_VERSION="$(VTPROTOBUF_VERSION)" +COMMON_ARGS += --build-arg=DEEPCOPY_VERSION="$(DEEPCOPY_VERSION)" +COMMON_ARGS += --build-arg=GOLANGCILINT_VERSION="$(GOLANGCILINT_VERSION)" +COMMON_ARGS += --build-arg=GOIMPORTS_VERSION="$(GOIMPORTS_VERSION)" +COMMON_ARGS += --build-arg=GOFUMPT_VERSION="$(GOFUMPT_VERSION)" +COMMON_ARGS += --build-arg=TESTPKGS="$(TESTPKGS)" +TOOLCHAIN ?= docker.io/golang:1.21-alpine # help menu @@ -85,6 +100,18 @@ respectively. endef +ifneq (, $(filter $(WITH_RACE), t true TRUE y yes 1)) +GO_BUILDFLAGS += -race +CGO_ENABLED := 1 +GO_LDFLAGS += -linkmode=external -extldflags '-static' +endif + +ifneq (, $(filter $(WITH_DEBUG), t true TRUE y yes 1)) +GO_BUILDFLAGS += -tags sidero.debug +else +GO_LDFLAGS += -s -w +endif + all: unit-tests conform image-conform lint .PHONY: clean @@ -106,10 +133,14 @@ lint-gofumpt: ## Runs gofumpt linter. .PHONY: fmt fmt: ## Formats the source code @docker run --rm -it -v $(PWD):/src -w /src golang:$(GO_VERSION) \ - bash -c "export GO111MODULE=on; export GOPROXY=https://proxy.golang.org; \ + bash -c "export GOEXPERIMENT=loopvar; export GOTOOLCHAIN=local; \ + export GO111MODULE=on; export GOPROXY=https://proxy.golang.org; \ go install mvdan.cc/gofumpt@$(GOFUMPT_VERSION) && \ gofumpt -w ." +lint-govulncheck: ## Runs govulncheck linter. + @$(MAKE) target-$@ + lint-goimports: ## Runs goimports linter. @$(MAKE) target-$@ @@ -127,7 +158,7 @@ unit-tests-race: ## Performs unit tests with race detection enabled. .PHONY: coverage coverage: ## Upload coverage data to codecov.io. - bash -c "bash <(curl -s https://codecov.io/bash) -f $(ARTIFACTS)/coverage.txt -X fix" + bash -c "bash <(curl -s https://codecov.io/bash) -f $(ARTIFACTS)/coverage-unit-tests.txt -X fix" .PHONY: $(ARTIFACTS)/conform-darwin-amd64 $(ARTIFACTS)/conform-darwin-amd64: @@ -165,7 +196,7 @@ lint-markdown: ## Runs markdownlint. @$(MAKE) target-$@ .PHONY: lint -lint: lint-golangci-lint lint-gofumpt lint-goimports lint-markdown ## Run all linters for the project. +lint: lint-golangci-lint lint-gofumpt lint-govulncheck lint-goimports lint-markdown ## Run all linters for the project. .PHONY: image-conform image-conform: ## Builds image for conform.