Compare commits

..

2 Commits

Author SHA1 Message Date
bagas 467d43641f ci: migrate docker build to multi-machine multi-arch matrix
Docker Build and Push / Run Tests (push) Successful in 2m6s
Docker Build and Push / Build (linux/amd64) (push) Failing after 1m55s
Docker Build and Push / Build (linux/arm64) (push) Failing after 2m10s
Docker Build and Push / Merge Multi-Arch Manifest (push) Has been skipped
2026-04-07 23:27:12 +07:00
bagas d029f9e93d chore: configure renovate to group and automerge dependencies
Tests / Run Tests (pull_request) Successful in 2m8s
2026-04-01 21:11:45 +07:00
3 changed files with 165 additions and 54 deletions
+161 -50
View File
@@ -9,7 +9,6 @@ jobs:
test: test:
name: Run Tests name: Run Tests
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Checkout repository - name: Checkout repository
uses: actions/checkout@v6 uses: actions/checkout@v6
@@ -29,27 +28,15 @@ jobs:
- name: Run tests - name: Run tests
run: go test -v -p 4 ./... run: go test -v -p 4 ./...
build-amd64:
build-and-push: name: Build (linux/amd64)
name: Build and Push Docker Image runs-on: [ubuntu-latest, amd64]
runs-on: ubuntu-latest
needs: test needs: test
steps: steps:
- name: Checkout repository - name: Checkout repository
uses: actions/checkout@v6 uses: actions/checkout@v6
- name: Set up Docker Buildx - name: Extract version
uses: docker/setup-buildx-action@v4
- name: Log in to Docker Registry
uses: docker/login-action@v3
with:
registry: git.fossy.my.id
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Extract version and determine release type
id: version id: version
run: | run: |
VERSION=${GITHUB_REF#refs/tags/v} VERSION=${GITHUB_REF#refs/tags/v}
@@ -58,18 +45,10 @@ jobs:
echo "COMMIT=${{ github.sha }}" >> $GITHUB_OUTPUT echo "COMMIT=${{ github.sha }}" >> $GITHUB_OUTPUT
if echo "$VERSION" | grep -qE '^[0-9]+\.[0-9]+\.[0-9]+(-[a-zA-Z0-9.]+)?$'; then if echo "$VERSION" | grep -qE '^[0-9]+\.[0-9]+\.[0-9]+(-[a-zA-Z0-9.]+)?$'; then
MAJOR=$(echo "$VERSION" | cut -d. -f1) echo "MAJOR=$(echo "$VERSION" | cut -d. -f1)" >> $GITHUB_OUTPUT
MINOR=$(echo "$VERSION" | cut -d. -f2) echo "MINOR=$(echo "$VERSION" | cut -d. -f2)" >> $GITHUB_OUTPUT
PATCH=$(echo "$VERSION" | cut -d. -f3 | cut -d- -f1)
echo "MAJOR=$MAJOR" >> $GITHUB_OUTPUT
echo "MINOR=$MINOR" >> $GITHUB_OUTPUT
echo "PATCH=$PATCH" >> $GITHUB_OUTPUT
if echo "$VERSION" | grep -q '-'; then if echo "$VERSION" | grep -q '-'; then
PRERELEASE_TAG=$(echo "$VERSION" | cut -d- -f2 | cut -d. -f1)
echo "IS_PRERELEASE=true" >> $GITHUB_OUTPUT echo "IS_PRERELEASE=true" >> $GITHUB_OUTPUT
echo "PRERELEASE_TAG=$PRERELEASE_TAG" >> $GITHUB_OUTPUT
else else
echo "IS_PRERELEASE=false" >> $GITHUB_OUTPUT echo "IS_PRERELEASE=false" >> $GITHUB_OUTPUT
fi fi
@@ -78,35 +57,167 @@ jobs:
exit 1 exit 1
fi fi
- name: Build and push Docker image (release) - name: Set up Docker Buildx
uses: docker/build-push-action@v6 uses: docker/setup-buildx-action@v3
with:
context: .
push: true
tags: |
git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:v${{ steps.version.outputs.VERSION }}
git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:release
git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:v${{ steps.version.outputs.MAJOR }}.${{ steps.version.outputs.MINOR }}
git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:v${{ steps.version.outputs.MAJOR }}
git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:latest
platforms: linux/amd64,linux/arm64
build-args: |
VERSION=${{ steps.version.outputs.VERSION }}
BUILD_DATE=${{ steps.version.outputs.BUILD_DATE }}
COMMIT=${{ steps.version.outputs.COMMIT }}
if: steps.version.outputs.IS_PRERELEASE == 'false'
- name: Build and push Docker image (pre-release) - name: Log in to Docker Registry
uses: docker/login-action@v3
with:
registry: git.fossy.my.id
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Build and push by digest
id: build
uses: docker/build-push-action@v6 uses: docker/build-push-action@v6
with: with:
context: . context: .
push: true platforms: linux/amd64
tags: | outputs: >-
git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:v${{ steps.version.outputs.VERSION }} type=image,name=git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please,push-by-digest=true,name-canonical=true,push=true
git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:staging
platforms: linux/amd64,linux/arm64
build-args: | build-args: |
VERSION=${{ steps.version.outputs.VERSION }} VERSION=${{ steps.version.outputs.VERSION }}
BUILD_DATE=${{ steps.version.outputs.BUILD_DATE }} BUILD_DATE=${{ steps.version.outputs.BUILD_DATE }}
COMMIT=${{ steps.version.outputs.COMMIT }} COMMIT=${{ steps.version.outputs.COMMIT }}
- name: Export digest
run: |
mkdir -p /tmp/digests
digest="${{ steps.build.outputs.digest }}"
touch "/tmp/digests/${digest#sha256:}"
- name: Upload digest
uses: actions/upload-artifact@v4
with:
name: digests-linux-amd64
path: /tmp/digests/*
if-no-files-found: error
retention-days: 1
build-arm64:
name: Build (linux/arm64)
runs-on: [ubuntu-latest, arm64]
needs: test
steps:
- name: Checkout repository
uses: actions/checkout@v6
- name: Extract version
id: version
run: |
VERSION=${GITHUB_REF#refs/tags/v}
echo "VERSION=$VERSION" >> $GITHUB_OUTPUT
echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_OUTPUT
echo "COMMIT=${{ github.sha }}" >> $GITHUB_OUTPUT
if echo "$VERSION" | grep -qE '^[0-9]+\.[0-9]+\.[0-9]+(-[a-zA-Z0-9.]+)?$'; then
echo "MAJOR=$(echo "$VERSION" | cut -d. -f1)" >> $GITHUB_OUTPUT
echo "MINOR=$(echo "$VERSION" | cut -d. -f2)" >> $GITHUB_OUTPUT
if echo "$VERSION" | grep -q '-'; then
echo "IS_PRERELEASE=true" >> $GITHUB_OUTPUT
else
echo "IS_PRERELEASE=false" >> $GITHUB_OUTPUT
fi
else
echo "Invalid version format: $VERSION"
exit 1
fi
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to Docker Registry
uses: docker/login-action@v3
with:
registry: git.fossy.my.id
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Build and push by digest
id: build
uses: docker/build-push-action@v6
with:
context: .
platforms: linux/arm64
outputs: >-
type=image,name=git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please,push-by-digest=true,name-canonical=true,push=true
build-args: |
VERSION=${{ steps.version.outputs.VERSION }}
BUILD_DATE=${{ steps.version.outputs.BUILD_DATE }}
COMMIT=${{ steps.version.outputs.COMMIT }}
- name: Export digest
run: |
mkdir -p /tmp/digests
digest="${{ steps.build.outputs.digest }}"
touch "/tmp/digests/${digest#sha256:}"
- name: Upload digest
uses: actions/upload-artifact@v4
with:
name: digests-linux-arm64
path: /tmp/digests/*
if-no-files-found: error
retention-days: 1
merge:
name: Merge Multi-Arch Manifest
runs-on: ubuntu-latest
needs: [build-amd64, build-arm64]
steps:
- name: Download all digests
uses: actions/download-artifact@v4
with:
path: /tmp/digests
pattern: digests-*
merge-multiple: true
- name: Extract version
id: version
run: |
VERSION=${GITHUB_REF#refs/tags/v}
echo "VERSION=$VERSION" >> $GITHUB_OUTPUT
if echo "$VERSION" | grep -qE '^[0-9]+\.[0-9]+\.[0-9]+(-[a-zA-Z0-9.]+)?$'; then
echo "MAJOR=$(echo "$VERSION" | cut -d. -f1)" >> $GITHUB_OUTPUT
echo "MINOR=$(echo "$VERSION" | cut -d. -f2)" >> $GITHUB_OUTPUT
if echo "$VERSION" | grep -q '-'; then
echo "IS_PRERELEASE=true" >> $GITHUB_OUTPUT
else
echo "IS_PRERELEASE=false" >> $GITHUB_OUTPUT
fi
else
echo "Invalid version format: $VERSION"
exit 1
fi
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log in to Docker Registry
uses: docker/login-action@v3
with:
registry: git.fossy.my.id
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Create and push manifest (release)
working-directory: /tmp/digests
if: steps.version.outputs.IS_PRERELEASE == 'false'
run: |
docker buildx imagetools create \
-t git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:v${{ steps.version.outputs.VERSION }} \
-t git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:release \
-t git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:v${{ steps.version.outputs.MAJOR }}.${{ steps.version.outputs.MINOR }} \
-t git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:v${{ steps.version.outputs.MAJOR }} \
-t git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:latest \
$(printf 'git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please@sha256:%s ' *)
- name: Create and push manifest (pre-release)
working-directory: /tmp/digests
if: steps.version.outputs.IS_PRERELEASE == 'true' if: steps.version.outputs.IS_PRERELEASE == 'true'
run: |
docker buildx imagetools create \
-t git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:v${{ steps.version.outputs.VERSION }} \
-t git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please:staging \
$(printf 'git.fossy.my.id/${{ secrets.DOCKER_USERNAME }}/tunnel-please@sha256:%s ' *)
+1 -1
View File
@@ -43,7 +43,7 @@ jobs:
--output.checkstyle.path=golangci-lint-report.xml --output.checkstyle.path=golangci-lint-report.xml
- name: SonarQube Scan - name: SonarQube Scan
uses: SonarSource/sonarqube-scan-action@v7.1.0 uses: SonarSource/sonarqube-scan-action@v7.0.0
env: env:
SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }} SONAR_HOST_URL: ${{ secrets.SONARQUBE_HOST }}
SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }} SONAR_TOKEN: ${{ secrets.SONARQUBE_TOKEN }}
+1 -1
View File
@@ -1,4 +1,4 @@
FROM golang:1.26.1-alpine AS go_builder FROM golang:1.26.0-alpine AS go_builder
ARG VERSION=dev ARG VERSION=dev
ARG BUILD_DATE=unknown ARG BUILD_DATE=unknown