From 709fb144f1042bd92b9bd04f58ce9352ed6a9124 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Markus=20Viitam=C3=A4ki?= Date: Wed, 22 Jul 2020 16:33:37 +0200 Subject: [PATCH] CI Overhaul (#83) Multiple changes made to the CI workflow. Docker images are now built for AMD64, ARM64 and ARMv7 Docker images are now built for each release and published on docker hub Release workflow now successfully create release and upload assets Added ARM64 to list of binaries compiled during release --- .github/workflows/pull_request.yaml | 45 +++--- .github/workflows/push_master.yaml | 216 +++++++++++++--------------- .github/workflows/release.yaml | 154 ++++++++++++++++++++ 3 files changed, 278 insertions(+), 137 deletions(-) create mode 100644 .github/workflows/release.yaml diff --git a/.github/workflows/pull_request.yaml b/.github/workflows/pull_request.yaml index 4175f94..f65e637 100644 --- a/.github/workflows/pull_request.yaml +++ b/.github/workflows/pull_request.yaml @@ -1,4 +1,4 @@ -name: Review & Build +name: PR on: push: branches-ignore: master @@ -7,10 +7,10 @@ on: - master jobs: review: - name: Review code + name: Code Review runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@master + - uses: actions/checkout@v2 - name: Use Node.js uses: actions/setup-node@v1 @@ -40,7 +40,7 @@ jobs: - name: Check suspicious constructs (1) uses: "cedrickring/golang-action@1.5.2" with: - args: go get honnef.co/go/tools/cmd/staticcheck; staticcheck -checks all,-ST1003,-U1000,-ST1005 ./... # have to disable ST1003,U1000,ST1005 due to the generated code + args: go get -u honnef.co/go/tools/cmd/staticcheck; staticcheck -checks all,-ST1003,-U1000,-ST1005 ./... # have to disable ST1003,U1000,ST1005 due to the generated code - name: Check suspicious constructs (2) uses: "cedrickring/golang-action@1.5.2" @@ -51,27 +51,30 @@ jobs: uses: "cedrickring/golang-action@1.5.2" with: # TODO: remove `-exclude=G110` once https://github.com/go-bindata/go-bindata/pull/50 is merged and released - args: go get github.com/securego/gosec/cmd/gosec; gosec -exclude=G110 ./... # https://github.com/securego/gosec + args: go get -u github.com/securego/gosec/cmd/gosec; gosec -exclude=G110 ./... # https://github.com/securego/gosec build: - name: Build code + name: Build wg-ui runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@master + - name: Checkout + uses: actions/checkout@v2 - - name: Clean out old builds from disk - run: | - df -h / && df -h /mnt - sudo apt-get clean -qq - sudo apt-get autoclean -qq - docker rmi $(docker image ls -aq) - df -h / && df -h /mnt + - name: Setup NodeJS + uses: actions/setup-node@v1 + with: + node-verison: '12.x' - - name: Install buildah - run: | - sudo apt-get install -qq -y software-properties-common - sudo apt-get update -qq - sudo apt-get -qq -y install buildah + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: '1.14' - - name: Build the Docker image - run: buildah bud --format=docker --layers -f Dockerfile . + - name: Build binary + run: make build + + - name: Check binary + run: file bin/wireguard-ui + + - name: Cleanup + run: rm -rf bin/ diff --git a/.github/workflows/push_master.yaml b/.github/workflows/push_master.yaml index d338420..0637672 100644 --- a/.github/workflows/push_master.yaml +++ b/.github/workflows/push_master.yaml @@ -1,127 +1,111 @@ -name: Build & Release +name: Main + on: push: branches: - master + jobs: - build: - name: Build + docker-build: + name: Docker runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@v1 - - name: Install buildah - run: | - sudo apt-get install -qq -y software-properties-common - sudo apt-get update -qq - sudo apt-get -qq -y install buildah - - name: Free disk space - run: | - df -h / && df -h /mnt - sudo apt-get clean -qq - sudo apt-get autoclean -qq - docker rmi $(docker image ls -aq) - df -h / && df -h /mnt - - name: Build & push the Docker image - env: - DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - run: | - buildah bud --format=docker --layers -t embarkstudios/wireguard-ui:latest -t embarkstudios/wireguard-ui:$GITHUB_SHA -f Dockerfile . - buildah push --creds $DOCKER_USERNAME:$DOCKER_PASSWORD --format=v2s2 embarkstudios/wireguard-ui + - + name: Checkout + uses: actions/checkout@v2 + - + name: Prepare + id: prepare + run: | + DOCKER_IMAGE=embarkstudios/wireguard-ui + DOCKER_PLATFORMS=linux/amd64,linux/arm64,linux/arm/v7 + VERSION=latest - release: - name: Release - needs: build - if: startsWith(github.ref, 'refs/tags/') + TAGS="--tag ${DOCKER_IMAGE}:${VERSION}" + echo ::set-output name=docker_image::${DOCKER_IMAGE} + echo ::set-output name=version::${VERSION} + echo ::set-output name=buildx_args::--platform ${DOCKER_PLATFORMS} \ + --build-arg VERSION=${VERSION} \ + ${TAGS} --file Dockerfile . + - + name: Set up Docker Buildx + uses: crazy-max/ghaction-docker-buildx@master + - + name: Docker Buildx (build) + run: | + docker buildx build --output "type=image,push=false" ${{ steps.prepare.outputs.buildx_args }} + - + name: Docker Login + if: success() + env: + DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} + DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} + run: | + echo "${DOCKER_PASSWORD}" | docker login --username "${DOCKER_USERNAME}" --password-stdin + - + name: Docker Buildx (push) + if: success() + run: | + docker buildx build --output "type=image,push=true" ${{ steps.prepare.outputs.buildx_args }} + - + name: Docker Check Manifest + if: always() + run: | + docker run --rm mplatform/mquery ${{ steps.prepare.outputs.docker_image }}:${{ steps.prepare.outputs.version }} + - + name: Clear + if: always() + run: | + rm -f ${HOME}/.docker/config.json + + docker-debug: + name: Debug runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@master + - + name: Checkout + uses: actions/checkout@v2 + - + name: Prepare + id: prepare + run: | + DOCKER_IMAGE=embarkstudios/wireguard-ui + DOCKER_PLATFORMS=linux/amd64,linux/arm64,linux/arm/v7 + VERSION=debug - - name: Setup NodeJS - uses: actions/setup-node@v1 - with: - node-verison: '12.x' - - - name: npm install & build - run: | - make ui - - - name: Setup Go - uses: actions/setup-go@v2 - with: - go-version: '1.14' - - - name: Insert assets into go - run: | - make assets - - - name: Build wg-ui for Linux (AMD64) - run: | - name=wg-ui - tag=$(git describe --tags --abbrev=0) - target=linux-amd64 - release_name="$name-$tag-$target" - release_tar="$release_name.tar.gz" - env CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o "$release_name" - tar czvf "$release_tar" "$release_name" - echo -n "$(shasum -ba 256 "${release_tar}" | cut -d " " -f 1)" > "${release_tar}.sha256" - rm "$release_name" - - - name: Build wg-ui for Linux (ARMv5) - run: | - name=wg-ui - tag=$(git describe --tags --abbrev=0) - target=linux-armv5 - release_name="$name-$tag-$target" - release_tar="$release_name.tar.gz" - env CGO_ENABLED=0 GOOS=linux GOARCH=arm GOARM=5 go build -o "$release_name" - tar czvf "$release_tar" "$release_name" - echo -n "$(shasum -ba 256 "${release_tar}" | cut -d " " -f 1)" > "${release_tar}.sha256" - rm "$release_name" - - - name: Build wg-ui for Linux (ARMv6) - run: | - name=wg-ui - tag=$(git describe --tags --abbrev=0) - target=linux-armv6 - release_name="$name-$tag-$target" - release_tar="$release_name.tar.gz" - env CGO_ENABLED=0 GOOS=linux GOARCH=arm GOARM=6 go build -o "$release_name" - tar czvf "$release_tar" "$release_name" - echo -n "$(shasum -ba 256 "${release_tar}" | cut -d " " -f 1)" > "${release_tar}.sha256" - rm "$release_name" - - - name: Build wg-ui for Linux (ARMv7) - run: | - name=wg-ui - tag=$(git describe --tags --abbrev=0) - target=linux-armv7 - release_name="$name-$tag-$target" - release_tar="$release_name.tar.gz" - env CGO_ENABLED=0 GOOS=linux GOARCH=arm GOARM=7 go build -o "$release_name" - tar czvf "$release_tar" "$release_name" - echo -n "$(shasum -ba 256 "${release_tar}" | cut -d " " -f 1)" > "${release_tar}.sha256" - rm "$release_name" - - - name: Install buildah - run: | - sudo apt-get install -qq -y software-properties-common - sudo apt-get update -qq - sudo apt-get -qq -y install buildah - - - name: Build & push wg-ui to docker hub - env: - DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - run: | - tag=$(git describe --tags --abbrev=0) - buildah bud --format=docker --layers -t embarkstudios/wireguard-ui:$tag -t embarkstudios/wireguard-ui:$GITHUB_SHA -f Dockerfile . - buildah push --creds $DOCKER_USERNAME:$DOCKER_PASSWORD --format=v2s2 embarkstudios/wireguard-ui - - - name: Publish release - uses: softprops/action-gh-release@v1 - with: - draft: true - files: "wg-ui*" - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + TAGS="--tag ${DOCKER_IMAGE}:${VERSION}" + echo ::set-output name=docker_image::${DOCKER_IMAGE} + echo ::set-output name=version::${VERSION} + echo ::set-output name=buildx_args::--platform ${DOCKER_PLATFORMS} \ + --build-arg VERSION=${VERSION} \ + ${TAGS} --file Dockerfile.debug . + - + name: Set up Buildx + uses: crazy-max/ghaction-docker-buildx@master + - + name: Bocker Buildx (build) + run: | + docker buildx build --output "type=image,push=false" ${{ steps.prepare.outputs.buildx_args }} + - + name: Docker Login + if: success() + env: + DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} + DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} + run: | + echo "${DOCKER_PASSWORD}" | docker login --username "${DOCKER_USERNAME}" --password-stdin + - + name: Docker Buildx (push) + if: success() + run: | + docker buildx build --output "type=image,push=true" ${{ steps.prepare.outputs.buildx_args }} + - + name: Docker Check Manifest + if: always() + run: | + docker run --rm mplatform/mquery ${{ steps.prepare.outputs.docker_image }}:${{ steps.prepare.outputs.version }} + - + name: Clear + if: always() + run: | + rm -f ${HOME}/.docker/config.json diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml new file mode 100644 index 0000000..ee35d52 --- /dev/null +++ b/.github/workflows/release.yaml @@ -0,0 +1,154 @@ +name: Release + +on: + push: + branches: + - master + tags: + - v* + +jobs: + release-docker: + name: Docker + if: startsWith(github.ref, 'refs/tags/') + runs-on: ubuntu-20.04 + steps: + - + name: Checkout + uses: actions/checkout@v2 + - + name: Prepare + id: prepare + run: | + DOCKER_IMAGE=embarkstudios/wireguard-ui + DOCKER_PLATFORMS=linux/amd64,linux/arm64,linux/arm/v7 + VERSION=${GITHUB_REF#refs/tags/v} + + TAGS="--tag ${DOCKER_IMAGE}:${VERSION}" + echo ::set-output name=docker_image::${DOCKER_IMAGE} + echo ::set-output name=version::${VERSION} + echo ::set-output name=buildx_args::--platform ${DOCKER_PLATFORMS} \ + --build-arg VERSION=${VERSION} \ + ${TAGS} --file Dockerfile . + - + name: Set up Docker Buildx + uses: crazy-max/ghaction-docker-buildx@master + - + name: Docker Buildx (build) + run: | + docker buildx build --output "type=image,push=false" ${{ steps.prepare.outputs.buildx_args }} + - + name: Docker Login + if: success() + env: + DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} + DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} + run: | + echo "${DOCKER_PASSWORD}" | docker login --username "${DOCKER_USERNAME}" --password-stdin + - + name: Docker Buildx (push) + if: success() + run: | + docker buildx build --output "type=image,push=true" ${{ steps.prepare.outputs.buildx_args }} + - + name: Docker Check Manifest + if: always() + run: | + docker run --rm mplatform/mquery ${{ steps.prepare.outputs.docker_image }}:${{ steps.prepare.outputs.version }} + - + name: Clear + if: always() + run: | + rm -f ${HOME}/.docker/config.json + + release-binary: + name: Binary + if: startsWith(github.ref, 'refs/tags/') + runs-on: ubuntu-20.04 + steps: + - uses: actions/checkout@v2 + + - name: Setup NodeJS + uses: actions/setup-node@v1 + with: + node-verison: '12.x' + + - name: npm install & build + run: | + make ui + + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: '1.14' + + - name: Insert assets into go + run: | + make assets + + - name: Build wg-ui for Linux (AMD64) + run: | + name=wg-ui + target=linux-amd64 + release_name="$name-${GITHUB_REF#refs/tags/v}-$target" + release_tar="$release_name.tar.gz" + env CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o "$release_name" + tar czvf "$release_tar" "$release_name" + echo -n "$(shasum -ba 256 "${release_tar}" | cut -d " " -f 1)" > "${release_tar}.sha256" + rm "$release_name" + + - name: Build wg-ui for Linux (ARMv5) + run: | + name=wg-ui + target=linux-armv5 + release_name="$name-${GITHUB_REF#refs/tags/v}-$target" + release_tar="$release_name.tar.gz" + env CGO_ENABLED=0 GOOS=linux GOARCH=arm GOARM=5 go build -o "$release_name" + tar czvf "$release_tar" "$release_name" + echo -n "$(shasum -ba 256 "${release_tar}" | cut -d " " -f 1)" > "${release_tar}.sha256" + rm "$release_name" + + - name: Build wg-ui for Linux (ARMv6) + run: | + name=wg-ui + target=linux-armv6 + release_name="$name-${GITHUB_REF#refs/tags/v}-$target" + release_tar="$release_name.tar.gz" + env CGO_ENABLED=0 GOOS=linux GOARCH=arm GOARM=6 go build -o "$release_name" + tar czvf "$release_tar" "$release_name" + echo -n "$(shasum -ba 256 "${release_tar}" | cut -d " " -f 1)" > "${release_tar}.sha256" + rm "$release_name" + + - name: Build wg-ui for Linux (ARMv7) + run: | + name=wg-ui + target=linux-armv7 + release_name="$name-${GITHUB_REF#refs/tags/v}-$target" + release_tar="$release_name.tar.gz" + env CGO_ENABLED=0 GOOS=linux GOARCH=arm GOARM=7 go build -o "$release_name" + tar czvf "$release_tar" "$release_name" + echo -n "$(shasum -ba 256 "${release_tar}" | cut -d " " -f 1)" > "${release_tar}.sha256" + rm "$release_name" + + - name: Build wg-ui for Linux (ARM64) + run: | + name=wg-ui + target=linux-arm64 + release_name="$name-${GITHUB_REF#refs/tags/v}-$target" + release_tar="$release_name.tar.gz" + env CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -o "$release_name" + tar czvf "$release_tar" "$release_name" + echo -n "$(shasum -ba 256 "${release_tar}" | cut -d " " -f 1)" > "${release_tar}.sha256" + rm "$release_name" + + - name: List content + run: | + ls -lah wg-ui* + + - name: GitHub Release + uses: softprops/action-gh-release@master + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + draft: true + files: "wg-ui-*"