Merge pull request #218 from tofuutils/feat/docker-build

feat: migrate docker build to goreleaser
tofuutils · Jul 25, 2024 · c903cd0 · c903cd0
2 parents 6b51325 + 53b5875
commit c903cd0
Show file tree

Hide file tree

Showing 3 changed files with 199 additions and 98 deletions.
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -8,18 +8,24 @@ on:
 
 jobs:
   goreleaser:
-    name: 'Build and release packages'
+    name: "Build and release packages"
     runs-on: ubuntu-latest
     permissions:
       id-token: write # For cosign
       packages: write # For GHCR
-      contents: read  # Not required for public repositories, but for clarity
+      contents: read # Not required for public repositories, but for clarity
     steps:
       - name: Checkout
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
 
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
       - name: Set up Go
         uses: actions/setup-go@v5
         with:
@@ -37,7 +43,7 @@ jobs:
           echo "${GPG_PRIVATE_KEY}" > "${GPG_KEY_FILE}"
           echo "GPG_KEY_FILE=${GPG_KEY_FILE}" >> "${GITHUB_ENV}"
         env:
-          GPG_TTY: /dev/ttys000  # Set the GPG_TTY to avoid issues with pinentry
+          GPG_TTY: /dev/ttys000 # Set the GPG_TTY to avoid issues with pinentry
           GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
           GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
 
@@ -65,62 +71,64 @@ jobs:
           GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
           GPG_FINGERPRINT: ${{ secrets.GPG_FINGERPRINT }}
 
-  docker-ghcr:
-    name: 'Build and release docker image to github container registry'
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      packages: write
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-
       - name: Login to GitHub Container Registry
         uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Build and push docker image
-        uses: docker/build-push-action@v6
-        with:
-          push: true
-          tags: ghcr.io/tofuutils/tenv:${{ github.ref_name }}, ghcr.io/tofuutils/tenv:latest
-
-  docker-dockerhub:
-    name: 'Build and release docker image to dockerhub'
-    runs-on: ubuntu-latest
-    env:
-      registry_url: "registry.hub.docker.com"
-      image_repo: "tofuutils/tenv"
-    permissions:
-      contents: read
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
+      - name: Push docker image to GitHub Container Registry
+        env:
+          docker_registry: "ghcr.io"
+        run: |
+          version=${GITHUB_REF#refs/*/v}
+          IFS='.' read -ra version_arr <<< "${version}"
+
+          architectures=("amd64" "arm64" "arm" "386")
+          versions=("latest", "${version_arr[0]}.${version_arr[1]}", "${version}")
+
+          for arch in "${architectures[@]}"; do
+            for version in "${versions[@]}"; do
+              IMAGE="${docker_registry}/tofuutils/tenv:${VERSION}-${ARCH}"
+              echo "Pushing ${IMAGE}..."
+              docker push ${IMAGE}
+              if [ ${?} -ne 0 ]; then
+                echo "Failed to push ${IMAGE}"
+                exit 1
+              fi
+            done
+          done
+
+          echo "All images pushed successfully to ${docker_registry}!"
 
       - name: Login to GitHub Container Registry
         uses: docker/login-action@v3
         with:
-          registry: ${{ env.registry_url }}
+          registry: registry.hub.docker.com
           username: ${{ secrets.REGISTRY_USER }}
           password: ${{ secrets.REGISTRY_PASSWORD }}
 
-      - name: Build and push docker image
-        uses: docker/build-push-action@v6
-        with:
-          push: true
-          tags: ${{ env.registry_url }}/${{ env.image_repo }}:latest, ${{ env.registry_url }}/${{ env.image_repo }}:${{ github.ref_name }}
+      - name: Push docker image to DockerHub
+        env:
+          docker_registry: "registry.hub.docker.com"
+        run: |
+          version=${GITHUB_REF#refs/*/v}
+          IFS='.' read -ra version_arr <<< "${version}"
+
+          architectures=("amd64" "arm64" "arm" "386")
+          versions=("latest", "${version_arr[0]}.${version_arr[1]}", "${version}")
+
+          for arch in "${architectures[@]}"; do
+            for version in "${versions[@]}"; do
+              IMAGE="${docker_registry}/tofuutils/tenv:${VERSION}-${ARCH}"
+              echo "Pushing ${IMAGE}..."
+              docker push ${IMAGE}
+              if [ ${?} -ne 0 ]; then
+                echo "Failed to push ${IMAGE}"
+                exit 1
+              fi
+            done
+          done
+
+          echo "All images pushed successfully to ${docker_registry}!"
diff --git a/.goreleaser.yml b/.goreleaser.yml
@@ -189,6 +189,125 @@ builds:
       - goos: solaris
         goarch: arm64
 
+dockers:
+  - use: buildx
+    goarch: amd64
+    build_flag_templates:
+      - "--pull"
+      - "--platform=linux/amd64"
+      - "--label=org.opencontainers.image.title={{ .ProjectName }}"
+      - "--label=org.opencontainers.image.vendor=tofuutils"
+      - "--label=org.opencontainers.image.description=tenv {{ .Version }}"
+      - "--label=org.opencontainers.image.url=https://github.com/tofuutils/tenv"
+      - "--label=org.opencontainers.image.documentation=https://github.com/tofuutils/tenv/blob/main/README.md"
+      - "--label=org.opencontainers.image.source=https://github.com/tofuutils/tenv"
+      - "--label=org.opencontainers.image.licenses=Apache-2.0"
+      - "--label=org.opencontainers.image.version={{ .Version }}"
+      - "--label=org.opencontainers.image.revision={{ .FullCommit }}"
+      - '--label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }}'
+    image_templates:
+      - "ghcr.io/tofuutils/tenv:{{ .Version }}-amd64"
+
+  - use: buildx
+    goarch: arm64
+    build_flag_templates:
+      - "--pull"
+      - "--platform=linux/arm64"
+      - "--label=org.opencontainers.image.title={{ .ProjectName }}"
+      - "--label=org.opencontainers.image.vendor=tofuutils"
+      - "--label=org.opencontainers.image.description=tenv {{ .Version }}"
+      - "--label=org.opencontainers.image.url=https://github.com/tofuutils/tenv"
+      - "--label=org.opencontainers.image.documentation=https://github.com/tofuutils/tenv/blob/main/README.md"
+      - "--label=org.opencontainers.image.source=https://github.com/tofuutils/tenv"
+      - "--label=org.opencontainers.image.licenses=Apache-2.0"
+      - "--label=org.opencontainers.image.version={{ .Version }}"
+      - "--label=org.opencontainers.image.revision={{ .FullCommit }}"
+      - '--label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }}'
+    image_templates:
+      - "ghcr.io/tofuutils/tenv:{{ .Version }}-arm64"
+
+  - use: buildx
+    goarch: arm
+    build_flag_templates:
+      - "--pull"
+      - "--platform=linux/arm"
+      - "--label=org.opencontainers.image.title={{ .ProjectName }}"
+      - "--label=org.opencontainers.image.vendor=tofuutils"
+      - "--label=org.opencontainers.image.description=tenv {{ .Version }}"
+      - "--label=org.opencontainers.image.url=https://github.com/tofuutils/tenv"
+      - "--label=org.opencontainers.image.documentation=https://github.com/tofuutils/tenv/blob/main/README.md"
+      - "--label=org.opencontainers.image.source=https://github.com/tofuutils/tenv"
+      - "--label=org.opencontainers.image.licenses=Apache-2.0"
+      - "--label=org.opencontainers.image.version={{ .Version }}"
+      - "--label=org.opencontainers.image.revision={{ .FullCommit }}"
+      - '--label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }}'
+    image_templates:
+      - "ghcr.io/tofuutils/tenv:{{ .Version }}-arm"
+
+  - use: buildx
+    goarch: "386"
+    build_flag_templates:
+      - "--pull"
+      - "--platform=linux/386"
+      - "--label=org.opencontainers.image.title={{ .ProjectName }}"
+      - "--label=org.opencontainers.image.vendor=tofuutils"
+      - "--label=org.opencontainers.image.description=tenv {{ .Version }}"
+      - "--label=org.opencontainers.image.url=https://github.com/tofuutils/tenv"
+      - "--label=org.opencontainers.image.documentation=https://github.com/tofuutils/tenv/blob/main/README.md"
+      - "--label=org.opencontainers.image.source=https://github.com/tofuutils/tenv"
+      - "--label=org.opencontainers.image.licenses=Apache-2.0"
+      - "--label=org.opencontainers.image.version={{ .Version }}"
+      - "--label=org.opencontainers.image.revision={{ .FullCommit }}"
+      - '--label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }}'
+    image_templates:
+      - "ghcr.io/tofuutils/tenv:{{ .Version }}-386"
+
+docker_manifests:
+  - name_template: ghcr.io/tofuutils/tenv:{{ .Version }}
+    image_templates:
+      - ghcr.io/tofuutils/tenv:{{ .Version }}-amd64
+      - ghcr.io/tofuutils/tenv:{{ .Version }}-arm64
+      - ghcr.io/tofuutils/tenv:{{ .Version }}-arm
+      - ghcr.io/tofuutils/tenv:{{ .Version }}-386
+      - registry.hub.docker.com/tofuutils/tenv:{{ .Version }}-amd64
+      - registry.hub.docker.com/tofuutils/tenv:{{ .Version }}-arm64
+      - registry.hub.docker.com/tofuutils/tenv:{{ .Version }}-arm
+      - registry.hub.docker.com/tofuutils/tenv:{{ .Version }}-386
+    skip_push: true
+
+  - name_template: ghcr.io/tofuutils/tenv:{{ .Major }}.{{ .Minor }}
+    image_templates:
+      - ghcr.io/tofuutils/tenv:{{ .Version }}-amd64
+      - ghcr.io/tofuutils/tenv:{{ .Version }}-arm64
+      - ghcr.io/tofuutils/tenv:{{ .Version }}-arm
+      - ghcr.io/tofuutils/tenv:{{ .Version }}-386
+      - registry.hub.docker.com/tofuutils/tenv:{{ .Version }}-amd64
+      - registry.hub.docker.com/tofuutils/tenv:{{ .Version }}-arm64
+      - registry.hub.docker.com/tofuutils/tenv:{{ .Version }}-arm
+      - registry.hub.docker.com/tofuutils/tenv:{{ .Version }}-386
+    skip_push: true
+
+  - name_template: ghcr.io/tofuutils/tenv:latest
+    image_templates:
+      - ghcr.io/tofuutils/tenv:{{ .Version }}-amd64
+      - ghcr.io/tofuutils/tenv:{{ .Version }}-arm64
+      - ghcr.io/tofuutils/tenv:{{ .Version }}-arm
+      - ghcr.io/tofuutils/tenv:{{ .Version }}-386
+      - registry.hub.docker.com/tofuutils/tenv:{{ .Version }}-amd64
+      - registry.hub.docker.com/tofuutils/tenv:{{ .Version }}-arm64
+      - registry.hub.docker.com/tofuutils/tenv:{{ .Version }}-arm
+      - registry.hub.docker.com/tofuutils/tenv:{{ .Version }}-386
+    skip_push: true
+
+docker_signs:
+  - artifacts: all
+    args:
+      [
+        "sign",
+        "--oidc-issuer=https://token.actions.githubusercontent.com",
+        "${artifact}@${digest}",
+        "--yes",
+      ]
 
 archives:
   - format: tar.gz
@@ -292,42 +411,42 @@ snapcrafts:
     publish: true
     summary: OpenTofu, Terraform, Terragrunt, and Atmos version manager, written in Go.
     description: |
-      tenv is a versatile version manager for OpenTofu, Terraform, Terragrunt and Atmos, written in Go. 
-      Our tool simplifies the complexity of handling different versions of these powerful tools, 
-      ensuring developers and DevOps professionals 
+      tenv is a versatile version manager for OpenTofu, Terraform, Terragrunt and Atmos, written in Go.
+      Our tool simplifies the complexity of handling different versions of these powerful tools,
+      ensuring developers and DevOps professionals
       can focus on what matters most - building and deploying efficiently.
-    disable: 'false'
+    disable: "false"
     channel_templates:
-      - 'latest/stable'
-    grade: 'stable'
+      - "latest/stable"
+    grade: "stable"
     confinement: strict
     license: Apache-2.0
     base: core22
     apps:
       tenv:
         plugs: ["home", "network", "network-bind"]
         command: tenv
-        aliases: [ tenv ]
+        aliases: [tenv]
       tofu:
         plugs: ["home", "network", "network-bind"]
         command: tofu
-        aliases: [ tofu ]
+        aliases: [tofu]
       terraform:
         plugs: ["home", "network", "network-bind"]
         command: terraform
-        aliases: [ terraform ]
+        aliases: [terraform]
       terragrunt:
         plugs: ["home", "network", "network-bind"]
         command: terragrunt
-        aliases: [ terragrunt ]
+        aliases: [terragrunt]
       tf:
         plugs: ["home", "network", "network-bind"]
         command: tf
-        aliases: [ tf ]
+        aliases: [tf]
       atmos:
         plugs: ["home", "network", "network-bind"]
         command: atmos
-        aliases: [ atmos ]
+        aliases: [atmos]
 
 aurs:
   - name: tenv-bin
@@ -381,15 +500,15 @@ aurs:
       # license
       install -Dm 0644 "LICENSE" "${pkgdir}/usr/share/licenses/tenv/LICENSE"
       install -Dm 0644 "LICENSE" "${pkgdir}/usr/share/doc/tenv/LICENSE"
-      
+
       # readme
       install -Dm 0644 "README.md" "${pkgdir}/usr/share/doc/tenv/README.md"
 
       # completions
       mkdir -p "${pkgdir}/usr/share/bash-completion/completions/"
       mkdir -p "${pkgdir}/usr/share/zsh/site-functions/"
       mkdir -p "${pkgdir}/usr/share/fish/vendor_completions.d/"
-      
+
       for i in bash fish zsh; do
         ./tenv completion $i > ./tenv.$i
       done
@@ -408,7 +527,6 @@ aurs:
 
     url_template: "https://github.com/tofuutils/tenv/releases/download/{{ .Tag }}/{{ .ArtifactName }}"
     directory: "."
-
 # chocolateys:
 #   - name: tenv
 #     # Empty means all IDs.