diff --git a/.github/workflows/workflow.yml b/.github/workflows/workflow.yml index d59386ae..c0a0e705 100644 --- a/.github/workflows/workflow.yml +++ b/.github/workflows/workflow.yml @@ -19,10 +19,10 @@ jobs: name: Test runs-on: ubuntu-latest steps: - - name: Set up Go 1.15 - uses: actions/setup-go@v1 + - name: Set up Go 1.16 + uses: actions/setup-go@v2 with: - go-version: 1.15 + go-version: 1.16 id: go - name: Check out code into the Go module directory @@ -43,7 +43,7 @@ jobs: - name: Test & publish code coverage if: github.event_name != 'pull_request' - uses: paambaati/codeclimate-action@v2.3.0 + uses: paambaati/codeclimate-action@v2.7.5 env: CC_TEST_REPORTER_ID: ${{ secrets.codeClimateReporterID }} with: @@ -59,10 +59,10 @@ jobs: name: Build Image runs-on: ubuntu-latest steps: - - name: Set up Go 1.15 - uses: actions/setup-go@v1 + - name: Set up Go 1.16 + uses: actions/setup-go@v2 with: - go-version: 1.15 + go-version: 1.16 id: go - name: Check out code into the Go module directory @@ -80,10 +80,10 @@ jobs: needs: ['test', 'build'] if: github.ref == 'refs/heads/master' steps: - - name: Set up Go 1.15 - uses: actions/setup-go@v1 + - name: Set up Go 1.16 + uses: actions/setup-go@v2 with: - go-version: 1.15 + go-version: 1.16 id: go - name: Registry Login @@ -107,10 +107,10 @@ jobs: needs: ['test', 'build'] if: startsWith(github.ref, 'refs/tags/v') steps: - - name: Set up Go 1.15 - uses: actions/setup-go@v1 + - name: Set up Go 1.16 + uses: actions/setup-go@v2 with: - go-version: 1.15 + go-version: 1.16 id: go - name: Registry Login diff --git a/.gitignore b/.gitignore index e5339985..557d7924 100644 --- a/.gitignore +++ b/.gitignore @@ -77,3 +77,5 @@ tags # End of https://www.gitignore.io/api/go,vim,emacs,visualstudiocode .idea +vendor +bin \ No newline at end of file diff --git a/Makefile b/Makefile index e1fd1137..08b45a34 100644 --- a/Makefile +++ b/Makefile @@ -1,6 +1,9 @@ -SHELL=/bin/bash +SHELL=/usr/bin/env bash -o pipefail NAMESPACE=default KUBECONFIG=/tmp/kubeconfig +VERSION ?= latest +IMAGE_TAG_BASE ?= quay.io/mittwald/kubernetes-secret-generator +IMG ?= secret-generator:${VERSION} .PHONY: install install: ## Install all resources (RBAC and Operator) @@ -73,4 +76,4 @@ crd: kind .PHONY: build build: operator-sdk build --go-build-args "-ldflags -X=version.Version=${SECRET_OPERATOR_VERSION}" ${DOCKER_IMAGE} - @exit $(.SHELLSTATUS) + @exit $(.SHELLSTATUS) \ No newline at end of file diff --git a/build/Dockerfile b/build/Dockerfile index 38b84b2c..f183f9a9 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -1,15 +1,31 @@ -FROM registry.access.redhat.com/ubi8/ubi-minimal:latest +# Build the manager binary +FROM golang:1.16 as builder -ENV OPERATOR=/usr/local/bin/kubernetes-secret-generator \ - USER_UID=1001 \ - USER_NAME=kubernetes-secret-generator +WORKDIR /workdir +# ENV GOPATH=/go +# Copy the Go Modules manifests +COPY go.mod go.sum /workdir/ +# cache deps before building and copying source so that we don't need to re-download as much +# and so that source changes don't invalidate our downloaded layer +RUN go mod download -# install operator binary -COPY build/_output/bin/kubernetes-secret-generator ${OPERATOR} +RUN cat go.mod -COPY build/bin /usr/local/bin -RUN /usr/local/bin/user_setup +# Copy the go source +COPY cmd cmd +COPY pkg pkg +COPY version version -ENTRYPOINT ["/usr/local/bin/entrypoint"] +RUN ls -la /workdir -USER ${USER_UID} +# Build +RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -o /workspace/manager ./cmd/manager/main.go + +# Use distroless as minimal base image to package the manager binary +# Refer to https://github.com/GoogleContainerTools/distroless for more details +FROM gcr.io/distroless/static:nonroot +WORKDIR / +COPY --from=builder /workspace/manager . +USER 65532:65532 + +ENTRYPOINT ["/manager"] \ No newline at end of file diff --git a/go.mod b/go.mod index 18832655..57372e14 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/mittwald/kubernetes-secret-generator -go 1.13 +go 1.16 require ( github.com/go-logr/logr v0.1.0 diff --git a/go.sum b/go.sum index 8d1d3c1a..61a11be5 100644 --- a/go.sum +++ b/go.sum @@ -58,10 +58,8 @@ github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d/go.mod h1:H github.com/Shopify/sarama v1.19.0/go.mod h1:FVkBWblsNy7DGZRfXLU0O9RCGt5g3g3yEuWXgklEdEo= github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMxUHB2q5Ap20/P/eIdh4G0pI= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= -github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751 h1:JYp7IbQjafoB+tBA3gMyHYHrpOtNuDiK/uB5uXxq5wM= github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4 h1:Hs82Z41s6SdL1CELW+XaDYmOH4hkBN4/N9og/AsOv7E= github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/ant31/crd-validation v0.0.0-20180702145049-30f8a35d0ac2/go.mod h1:X0noFIik9YqfhGYBLEHg8LJKEwy7QIitLQuFMpKLcPk= github.com/antihax/optional v0.0.0-20180407024304-ca021399b1a6/go.mod h1:V8iCPQYkqmusNa815XgQio277wI47sdRh1dUOLdyC6Q= @@ -597,7 +595,6 @@ github.com/shopspring/decimal v0.0.0-20180709203117-cd690d0c9e24/go.mod h1:M+9Nz github.com/sirupsen/logrus v1.0.5/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= -github.com/sirupsen/logrus v1.4.2 h1:SPIRibHv4MatM3XXNO2BJeFLZwZ2LvZgfQ5+UNI2im4= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= @@ -841,7 +838,6 @@ google.golang.org/grpc v1.21.0/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ij google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.24.0/go.mod h1:XDChyiUovWa60DnaeDeZmSW86xtLtjtZbwvSiRnRtcA= gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4K+aSYdM/U= -gopkg.in/alecthomas/kingpin.v2 v2.2.6 h1:jMFz6MfLP0/4fUyZle81rXUoxOBFi19VUFKVDOQfozc= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=