diff --git a/.gitignore b/.gitignore index c4fd337..47ee427 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,7 @@ ddb.db ddbbolt +/bin +/.go +/.container-* +/.dockerfile-* +/vendor diff --git a/Dockerfile.in b/Dockerfile.in new file mode 100644 index 0000000..632f6b7 --- /dev/null +++ b/Dockerfile.in @@ -0,0 +1,23 @@ +# Copyright 2016 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +FROM {ARG_FROM} + +ADD bin/{ARG_OS}_{ARG_ARCH}/{ARG_BIN} /{ARG_BIN} + +# This would be nicer as `nobody:nobody` but distroless has no such entries. +USER 65535:65535 +ENV HOME / + +ENTRYPOINT ["/{ARG_BIN}"] diff --git a/Makefile b/Makefile new file mode 100755 index 0000000..5393ae2 --- /dev/null +++ b/Makefile @@ -0,0 +1,266 @@ +# Copyright 2016 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# The binaries to build (just the basenames). +BINS := ddbbolt + +# Where to push the docker image. +REGISTRY ?= r-push.lerch.org + +# This version-strategy uses git tags to set the version string +VERSION ?= $(shell git describe --tags --always --dirty) +# +# This version-strategy uses a manual value to set the version string +#VERSION ?= 1.2.3 + +### +### These variables should not need tweaking. +### + +SRC_DIRS := cmd pkg # directories which hold app source (not vendored) + +# Windows not working atm +ALL_PLATFORMS := linux/amd64 linux/arm linux/arm64 linux/ppc64le linux/s390x + +# Used internally. Users should pass GOOS and/or GOARCH. +# hacked this to at least guess if go isn't installed on the host +OS := $(if $(GOOS),$(GOOS),$(shell go env GOOS || uname -s | tr '[:upper:]' '[:lower:]')) +ARCH := $(if $(GOARCH),$(GOARCH),$(shell go env GOARCH || echo 'amd64')) + +BASEIMAGE ?= scratch # gcr.io/distroless/static + +TAG := $(VERSION)__$(OS)_$(ARCH) + +BUILD_IMAGE ?= golang:1.14-alpine + +BIN_EXTENSION := +ifeq ($(OS), windows) + BIN_EXTENSION := .exe +endif + +# If you want to build all binaries, see the 'all-build' rule. +# If you want to build all containers, see the 'all-container' rule. +# If you want to build AND push all containers, see the 'all-push' rule. +all: # @HELP builds binaries for one platform ($OS/$ARCH) +all: build + +# For the following OS/ARCH expansions, we transform OS/ARCH into OS_ARCH +# because make pattern rules don't match with embedded '/' characters. + +build-%: + @$(MAKE) build \ + --no-print-directory \ + GOOS=$(firstword $(subst _, ,$*)) \ + GOARCH=$(lastword $(subst _, ,$*)) + +container-%: + @$(MAKE) container \ + --no-print-directory \ + GOOS=$(firstword $(subst _, ,$*)) \ + GOARCH=$(lastword $(subst _, ,$*)) + +push-%: + @$(MAKE) push \ + --no-print-directory \ + GOOS=$(firstword $(subst _, ,$*)) \ + GOARCH=$(lastword $(subst _, ,$*)) + +all-build: # @HELP builds binaries for all platforms +all-build: $(addprefix build-, $(subst /,_, $(ALL_PLATFORMS))) + +all-container: # @HELP builds containers for all platforms +all-container: $(addprefix container-, $(subst /,_, $(ALL_PLATFORMS))) + +all-push: # @HELP pushes containers for all platforms to the defined registry +all-push: $(addprefix push-, $(subst /,_, $(ALL_PLATFORMS))) + +# The following structure defeats Go's (intentional) behavior to always touch +# result files, even if they have not changed. This will still run `go` but +# will not trigger further work if nothing has actually changed. +OUTBINS = $(foreach bin,$(BINS),bin/$(OS)_$(ARCH)/$(bin)$(BIN_EXTENSION)) + +build: $(OUTBINS) + +# Directories that we need created to build/test. +BUILD_DIRS := bin/$(OS)_$(ARCH) \ + .go/bin/$(OS)_$(ARCH) \ + .go/cache + +# Each outbin target is just a facade for the respective stampfile target. +# This `eval` establishes the dependencies for each. +$(foreach outbin,$(OUTBINS),$(eval \ + $(outbin): .go/$(outbin).stamp \ +)) +# This is the target definition for all outbins. +$(OUTBINS): + @true + +# Each stampfile target can reference an $(OUTBIN) variable. +$(foreach outbin,$(OUTBINS),$(eval $(strip \ + .go/$(outbin).stamp: OUTBIN = $(outbin) \ +))) +# This is the target definition for all stampfiles. +# This will build the binary under ./.go and update the real binary iff needed. +STAMPS = $(foreach outbin,$(OUTBINS),.go/$(outbin).stamp) +.PHONY: $(STAMPS) +$(STAMPS): go-build + @echo "binary: $(OUTBIN)" + @if ! cmp -s .go/$(OUTBIN) $(OUTBIN); then \ + mv .go/$(OUTBIN) $(OUTBIN); \ + date >$@; \ + fi + +# This runs the actual `go build` which updates all binaries. +go-build: $(BUILD_DIRS) + @echo + @echo "building for $(OS)/$(ARCH)" + @docker run \ + -i \ + --rm \ + -u $$(id -u):$$(id -g) \ + -v $$(pwd):/src \ + -w /src \ + -v $$(pwd)/.go/bin/$(OS)_$(ARCH):/go/bin \ + -v $$(pwd)/.go/bin/$(OS)_$(ARCH):/go/bin/$(OS)_$(ARCH) \ + -v $$(pwd)/.go/cache:/.cache \ + --env HOME=/ \ + --env HTTP_PROXY=$(HTTP_PROXY) \ + --env HTTPS_PROXY=$(HTTPS_PROXY) \ + $(BUILD_IMAGE) \ + /bin/sh -c " \ + ARCH=$(ARCH) \ + OS=$(OS) \ + VERSION=$(VERSION) \ + ./build/build.sh \ + " + +# Example: make shell CMD="-c 'date > datefile'" +shell: # @HELP launches a shell in the containerized build environment +shell: $(BUILD_DIRS) + @echo "launching a shell in the containerized build environment" + @docker run \ + -ti \ + --rm \ + -u $$(id -u):$$(id -g) \ + -v $$(pwd):/src \ + -w /src \ + -v $$(pwd)/.go/bin/$(OS)_$(ARCH):/go/bin \ + -v $$(pwd)/.go/bin/$(OS)_$(ARCH):/go/bin/$(OS)_$(ARCH) \ + -v $$(pwd)/.go/cache:/.cache \ + --env HTTP_PROXY=$(HTTP_PROXY) \ + --env HTTPS_PROXY=$(HTTPS_PROXY) \ + $(BUILD_IMAGE) \ + /bin/sh $(CMD) + +CONTAINER_DOTFILES = $(foreach bin,$(BINS),.container-$(subst /,_,$(REGISTRY)/$(bin))-$(TAG)) + +container containers: # @HELP builds containers for one platform ($OS/$ARCH) +container containers: $(CONTAINER_DOTFILES) + @for bin in $(BINS); do \ + echo "container: $(REGISTRY)/$$bin:$(TAG)"; \ + done + +# Each container-dotfile target can reference a $(BIN) variable. +# This is done in 2 steps to enable target-specific variables. +$(foreach bin,$(BINS),$(eval $(strip \ + .container-$(subst /,_,$(REGISTRY)/$(bin))-$(TAG): BIN = $(bin) \ +))) +$(foreach bin,$(BINS),$(eval \ + .container-$(subst /,_,$(REGISTRY)/$(bin))-$(TAG): bin/$(OS)_$(ARCH)/$(bin) Dockerfile.in \ +)) +# This is the target definition for all container-dotfiles. +# These are used to track build state in hidden files. +$(CONTAINER_DOTFILES): + @sed \ + -e 's|{ARG_BIN}|$(BIN)|g' \ + -e 's|{ARG_ARCH}|$(ARCH)|g' \ + -e 's|{ARG_OS}|$(OS)|g' \ + -e 's|{ARG_FROM}|$(BASEIMAGE)|g' \ + Dockerfile.in > .dockerfile-$(BIN)-$(OS)_$(ARCH) + @docker build -t $(REGISTRY)/$(BIN):$(TAG) -f .dockerfile-$(BIN)-$(OS)_$(ARCH) . + @docker images -q $(REGISTRY)/$(BIN):$(TAG) > $@ + @echo + +push: # @HELP pushes the container for one platform ($OS/$ARCH) to the defined registry +push: $(CONTAINER_DOTFILES) + @for bin in $(BINS); do \ + docker push $(REGISTRY)/$$bin:$(TAG); \ + done + +# TODO: Upstream was using manifest-tool and gcloud commands. Needs update +manifest-list: # @HELP builds a manifest list of containers for all platforms +manifest-list: all-push + @for bin in $(BINS); do \ + platforms=$$(echo $(ALL_PLATFORMS) | sed 's/ /,/g'); \ + manifest-tool \ + push from-args \ + --platforms "$$platforms" \ + --template $(REGISTRY)/$$bin:$(VERSION)__OS_ARCH \ + --target $(REGISTRY)/$$bin:$(VERSION); \ + done + +version: # @HELP outputs the version string +version: + @echo $(VERSION) + +test: # @HELP runs tests, as defined in ./build/test.sh +test: $(BUILD_DIRS) + @docker run \ + -i \ + --rm \ + -u $$(id -u):$$(id -g) \ + -v $$(pwd):/src \ + -w /src \ + -v $$(pwd)/.go/bin/$(OS)_$(ARCH):/go/bin \ + -v $$(pwd)/.go/bin/$(OS)_$(ARCH):/go/bin/$(OS)_$(ARCH) \ + -v $$(pwd)/.go/cache:/.cache \ + --env HTTP_PROXY=$(HTTP_PROXY) \ + --env HTTPS_PROXY=$(HTTPS_PROXY) \ + $(BUILD_IMAGE) \ + /bin/sh -c " \ + ARCH=$(ARCH) \ + OS=$(OS) \ + VERSION=$(VERSION) \ + ./build/test.sh $(SRC_DIRS) \ + " + +$(BUILD_DIRS): + @mkdir -p $@ + +clean: # @HELP removes built binaries and temporary files +clean: container-clean bin-clean + +container-clean: + rm -rf .container-* .dockerfile-* + +bin-clean: + rm -rf .go bin + +help: # @HELP prints this message +help: + @echo "VARIABLES:" + @echo " BINS = $(BINS)" + @echo " OS = $(OS)" + @echo " ARCH = $(ARCH)" + @echo " REGISTRY = $(REGISTRY)" + @echo + @echo "TARGETS:" + @grep -E '^.*: *# *@HELP' $(MAKEFILE_LIST) \ + | awk ' \ + BEGIN {FS = ": *# *@HELP"}; \ + { printf " %-30s %s\n", $$1, $$2 }; \ + ' + +#!/bin/sh +# CGO_ENABLED=0 go build -ldflags="-s -w" diff --git a/build b/build deleted file mode 100755 index 6e6da2b..0000000 --- a/build +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/sh -CGO_ENABLED=0 go build -ldflags="-s -w" diff --git a/build/build.sh b/build/build.sh new file mode 100755 index 0000000..295b5bb --- /dev/null +++ b/build/build.sh @@ -0,0 +1,43 @@ +#!/bin/sh + +# Copyright 2016 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +set -o errexit +set -o nounset +set -o pipefail + +if [ -z "${OS:-}" ]; then + echo "OS must be set" + exit 1 +fi +if [ -z "${ARCH:-}" ]; then + echo "ARCH must be set" + exit 1 +fi +if [ -z "${VERSION:-}" ]; then + echo "VERSION must be set" + exit 1 +fi + +export CGO_ENABLED=0 +export GOARCH="${ARCH}" +export GOOS="${OS}" +export GO111MODULE=on +export GOFLAGS="-mod=vendor" + +go install \ + -installsuffix "static" \ + -ldflags "-s -w -X $(go list -m)/pkg/version.Version=${VERSION}" \ + ./... diff --git a/go.sum b/go.sum index 2f25559..4fff978 100644 --- a/go.sum +++ b/go.sum @@ -64,6 +64,7 @@ golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5h golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190626221950-04f50cda93cb h1:fgwFCsaw9buMuxNd6+DQfAuSFqbNiQZpcgJQAgJsK6k= golang.org/x/sys v0.0.0-20190626221950-04f50cda93cb/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191026070338-33540a1f6037 h1:YyJpGZS1sBuBCzLAR1VEpK193GlqGZbnPFnPV/5Rsb4= golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/term v0.0.0-20201113234701-d7a72108b828/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=