diff --git a/.github/workflows/actions.yaml b/.github/workflows/actions.yaml index 5c5df98..5b05e00 100644 --- a/.github/workflows/actions.yaml +++ b/.github/workflows/actions.yaml @@ -1,38 +1,34 @@ +name: Build Bridgeless Signer docker image on: workflow_dispatch: - push: - branches: - - 'master' - - 'main' env: - CI_JOB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + CI_ACCESS_TOKEN: ${{ secrets.CI_ACCESS_TOKEN }} jobs: - converge: - name: Converge - runs-on: ubuntu-latest + converge-github: + name: Skaffold Build To Github + runs-on: ubuntu-22.04 steps: - - name: Checkout code uses: actions/checkout@v3 with: fetch-depth: 0 - - name: Install werf - uses: werf/actions/install@v1.2 - - name: Log in to registry - # This is where you will update the personal access token to GITHUB_TOKEN run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u $ --password-stdin - - name: Run echo - run: | - werf version - docker version - echo $GITHUB_REPOSITORY - echo $GITHUB_SHA - - name: Run Build - run: | - . $(werf ci-env github --as-file) - werf export service --tag ghcr.io/$GITHUB_REPOSITORY:$GITHUB_SHA + - name: Cache layers + uses: actions/cache@v3 + with: + path: "${{ github.workspace }}/.skaffold/cache" + key: skaffold-${{ hashFiles('**/cache') }} + restore-keys: | + skaffold- + + - name: Run Skaffold pipeline as command + uses: hiberbee/github-action-skaffold@latest + id: build + with: + command: build --tag ${{ github.sha }} + repository: ghcr.io/${{ github.repository_owner }} \ No newline at end of file diff --git a/.github/workflows/actions_only_main.yml b/.github/workflows/actions_only_main.yml new file mode 100644 index 0000000..b49e52d --- /dev/null +++ b/.github/workflows/actions_only_main.yml @@ -0,0 +1,39 @@ +name: Build Bridgeless Signer docker image +on: + push: + branches: + - 'main' + - 'master' + - 'chains/mainnet' + - 'chains/mainnet-beta' + +env: + CI_ACCESS_TOKEN: ${{ secrets.CI_ACCESS_TOKEN }} + +jobs: + converge-github: + name: Skaffold Build To Github + runs-on: ubuntu-22.04 + steps: + - name: Checkout code + uses: actions/checkout@v3 + with: + fetch-depth: 0 + + - name: Log in to registry + run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u $ --password-stdin + + - name: Cache layers + uses: actions/cache@v3 + with: + path: "${{ github.workspace }}/.skaffold/cache" + key: skaffold-${{ hashFiles('**/cache') }} + restore-keys: | + skaffold- + + - name: Run Skaffold pipeline as command + uses: hiberbee/github-action-skaffold@latest + id: build + with: + command: build --tag ${{ github.sha }} + repository: ghcr.io/${{ github.repository_owner }} \ No newline at end of file diff --git a/.github/workflows/tag.yaml b/.github/workflows/tag.yaml index 78397e7..5add435 100644 --- a/.github/workflows/tag.yaml +++ b/.github/workflows/tag.yaml @@ -1,37 +1,61 @@ +name: Build Bridgeless Signer docker image tag on: - workflow_dispatch: push: tags: - 'v[0-9]+.[0-9]+.[0-9]+' + - 'v[0-9]+.[0-9]+.[0-9]+-rc[0-9]+' env: - CI_JOB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + CI_ACCESS_TOKEN: ${{ secrets.CI_ACCESS_TOKEN }} jobs: - converge: - name: Converge - runs-on: ubuntu-latest + converge-github: + name: Skaffold Build To Github + runs-on: ubuntu-22.04 steps: - - name: Checkout code uses: actions/checkout@v3 with: fetch-depth: 0 - - name: Install werf - uses: werf/actions/install@v1.2 - - name: Log in to registry - # This is where you will update the personal access token to GITHUB_TOKEN run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u $ --password-stdin - - name: Run echo - run: | - werf version - docker version - echo $GITHUB_REPOSITORY - echo $GITHUB_REF_NAME - - name: Run Build - run: | - . $(werf ci-env github --as-file) - werf export service --tag ghcr.io/$GITHUB_REPOSITORY:$GITHUB_REF_NAME + - name: Cache layers + uses: actions/cache@v3 + with: + path: "${{ github.workspace }}/.skaffold/cache" + key: skaffold-${{ hashFiles('**/cache') }} + restore-keys: | + skaffold- + + - name: Run Skaffold pipeline as command + uses: hiberbee/github-action-skaffold@latest + id: build + with: + command: build --tag ${{ github.ref_name }} + repository: ghcr.io/${{ github.repository_owner }} + + - uses: shrink/actions-docker-extract@v3 + id: extract + with: + image: ghcr.io/$GITHUB_REPOSITORY:$GITHUB_REF_NAME + path: "/usr/local/bin/bridgeless-signer" + + - uses: ncipollo/release-action@v1 + id: create-release + with: + allowUpdates: true + tag: ${{ github.ref_name }} + name: Release ${{ github.ref_name }} + token: ${{ secrets.GITHUB_TOKEN }} + + - name: Upload Release Asset + uses: actions/upload-release-asset@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + upload_url: ${{ steps.create-release.outputs.upload_url }} + asset_path: ${{steps.extract.outputs.destination}}/bridgeless-signer + asset_name: bridgeless-signer-alpine-linux-amd64 + asset_content_type: application/octet-stream \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index 2c7f7f9..e96996d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,15 +3,30 @@ FROM golang:1.22-alpine as buildbase RUN apk add git build-base WORKDIR /go/src/github.com/hyle-team/bridgeless-signer -COPY vendor . + +ENV GO111MODULE="on" +ENV CGO_ENABLED=1 +ENV GOOS="linux" +ENV GOPRIVATE=github.com/* +ENV GONOSUMDB=github.com/* +ENV GONOPROXY=github.com/* + +COPY ./go.mod ./go.sum ./ +# Read the CI_ACCESS_TOKEN from the .env file +ARG CI_ACCESS_TOKEN +RUN git config --global url."https://olegfomenkodev:${CI_ACCESS_TOKEN}@github.com/".insteadOf "https://github.com/" +RUN go mod download + COPY . . -RUN GOOS=linux go build -o /usr/local/bin/bridgeless-signer /go/src/github.com/hyle-team/bridgeless-signer +RUN go mod vendor +RUN go build -o /usr/local/bin/bridgeless-signer /go/src/github.com/hyle-team/bridgeless-signer FROM alpine:3.9 COPY --from=buildbase /usr/local/bin/bridgeless-signer /usr/local/bin/bridgeless-signer + RUN apk add --no-cache ca-certificates ENTRYPOINT ["bridgeless-signer"] diff --git a/README.md b/README.md index 12df5e8..80ac118 100644 --- a/README.md +++ b/README.md @@ -138,7 +138,7 @@ services: signer: build: context: . - dockerfile: Dockerfile + dockerfile: Dockerfile.vendor hostname: signer container_name: signer restart: unless-stopped diff --git a/docker-compose.yml b/docker-compose.yml index 1bdd41e..71f6a0c 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -32,7 +32,7 @@ services: signer: build: context: . - dockerfile: Dockerfile + dockerfile: Dockerfile.vendor hostname: signer container_name: signer restart: unless-stopped diff --git a/scaffold.yaml b/scaffold.yaml new file mode 100644 index 0000000..dd492fc --- /dev/null +++ b/scaffold.yaml @@ -0,0 +1,77 @@ +apiVersion: skaffold/v2beta28 +kind: Config +build: + local: + useBuildkit: true + artifacts: + - image: bridgeless-signer + docker: + buildArgs: + CI_ACCESS_TOKEN: "{{.CI_ACCESS_TOKEN}}" + +# Uncomment the following lines if you want to deploy your application +# profiles: +# - name: dev +# deploy: +# helm: +# releases: +# - name: backend # Change it on your own repo-name +# setValueTemplates: +# image.repository: "{{.IMAGE_REPO_backend}}" +# image.tag: "{{.IMAGE_TAG_backend}}" +# namespace: dev # Change it on your own namespace +# createNamespace: true +# chartPath: ./backend # Change it on your own path to helm chart +# valuesFiles: +# - ./backend/values.yaml # Change it on your own path to helm chart values.yaml file +# skipBuildDependencies: true +# flags: +# upgrade: +# - -i +# portForward: +# - resourceType: deployment +# resourceName: backend # Change it on your own name in Chart.yaml +# port: 8000 +# localPort: 8000 + +# - name: stage +# patches: +# - op: remove +# path: /build +# deploy: +# helm: +# releases: +# - name: backend # Change it on your own repo-name +# setValueTemplates: +# image.repository: "{{.SKAFFOLD_DEFAULT_REPO}}/{{.GITHUB_REPOSITORY}}" +# image.tag: "{{.GITHUB_SHA}}" +# namespace: stage # Change it on your own namespace +# createNamespace: true +# chartPath: ./backend # Change it on your own path to helm chart +# valuesFiles: +# - ./backend/values.yaml # Change it on your own path to helm chart values.yaml file +# skipBuildDependencies: true +# flags: +# upgrade: +# - -i + +# - name: prod +# patches: +# - op: remove +# path: /build +# deploy: +# helm: +# releases: +# - name: backend # Change it on your own repo-name +# setValueTemplates: +# image.repository: "{{.SKAFFOLD_DEFAULT_REPO}}/{{.GITHUB_REPOSITORY}}" +# image.tag: "{{.GITHUB_REF_NAME}}" +# namespace: prod # Change it on your own namespace +# createNamespace: true +# chartPath: ./backend # Change it on your own path to helm chart +# valuesFiles: +# - ./backend/values.yaml # Change it on your own path to helm chart values.yaml file +# skipBuildDependencies: true +# flags: +# upgrade: +# - -i \ No newline at end of file diff --git a/werf-giterminism.yaml b/werf-giterminism.yaml deleted file mode 100644 index 30f1fdc..0000000 --- a/werf-giterminism.yaml +++ /dev/null @@ -1,4 +0,0 @@ -giterminismConfigVersion: 1 -config: - goTemplateRendering: - allowEnvVariables: ["CI_JOB_TOKEN"] diff --git a/werf.yaml b/werf.yaml deleted file mode 100644 index d13311c..0000000 --- a/werf.yaml +++ /dev/null @@ -1,45 +0,0 @@ -configVersion: 1 -project: 'backend' ---- -image: builder -from: golang:1.22-alpine -docker: - WORKDIR: /go/src/github.com/hyle-team/bridgeless-signer -git: - - add: / - to: /go/src/github.com/hyle-team/bridgeless-signer - stageDependencies: - install: - - go.mod - - go.sum - setup: - - "**/*" -shell: - beforeInstall: - - apk add git build-base - install: - - git config --global url."https://gitlab-ci-token:{{ env "CI_JOB_TOKEN" }}@gitlab.com/".insteadOf https://gitlab.com/ - - git config --global url."https://{{ env "CI_JOB_TOKEN" }}@github.com/".insteadOf https://github.com/ - - go env -w GOPRIVATE=github.com/*,gitlab.com/* - setup: - - export CGO_ENABLED=1 - - export GO111MODULE=on - - export GOOS=linux - - cd /go/src/github.com/hyle-team/bridgeless-signer - - go mod tidy - - go mod vendor - - go build -o /usr/local/bin/bridgeless-signer /go/src/github.com/hyle-team/bridgeless-signer - ---- -image: service -from: alpine:3.9 -docker: - ENTRYPOINT: bridgeless-signer -shell: - setup: - - apk add --no-cache ca-certificates -import: - - image: builder - add: /usr/local/bin/bridgeless-signer - to: /usr/local/bin/bridgeless-signer - after: setup