ci: Rework GitHub actions flow (#515)

* feat: separate test job into separate workflow * feat: add dependabot for github actions, docker and go * feat: new releaes workflow * feat: add docker build step * feat: add docker build step * chore: remove unused steps in the Dockerfile Since it is multistage, we don't need to remove stuff like `git` since we only copy the binary * refactor: Dockerfile now cache better The layers that have a less chance of being updated, is added earlier * build: use golang `1.17.2` as builder stage * build: use alpine `3.14.2` as runtime stage * chore: remove `gcc` from runtime stage * feat: add heroku step * chore: remove `main.yaml` workflow * fix: remove `latest` flavor, the action handles it
2021-10-19 18:17:21 +02:00 · 2021-10-19 18:17:21 +02:00 · 1401222528
parent 21b3de4c71
commit 1401222528
5 changed files with 187 additions and 101 deletions
--- a/.github/dependabot.yaml
+++ b/.github/dependabot.yaml
@ -0,0 +1,16 @@
+version: 2
+updates:
+  - package-ecosystem: github-actions
+    directory: "/"
+    schedule:
+      interval: "daily"
+
+  - package-ecosystem: docker
+    directory: /
+    schedule:
+      interval: daily
+
+  - package-ecosystem: gomod
+    directory: /
+    schedule:
+      interval: daily
--- a/.github/workflows/continuous-integration.yaml
+++ b/.github/workflows/continuous-integration.yaml
@ -0,0 +1,29 @@
+name: continuous-integration
+
+on:
+  push:
+  pull_request:
+
+jobs:
+  test:
+    strategy:
+      fail-fast: false
+      matrix:
+        go-version: [1.16.x, 1.17.x]
+        platform: [ubuntu-latest, macos-latest, windows-latest]
+    runs-on: ${{ matrix.platform }}
+    steps:
+    - name: Install Matrix Go
+      uses: actions/setup-go@v2.1.4
+      with:
+        go-version: ${{ matrix.go-version }}
+
+    - name: Checkout code
+      uses: actions/checkout@v2.3.5
+
+    - name: Test code
+      env:
+        GO111MODULE: on
+      run: |
+        go test ./pkg/...
+        go vet ./pkg/...
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@ -1,76 +0,0 @@
-on: [push, pull_request, create]
-
-name: Test
-
-jobs:
-  test:
-    strategy:
-      fail-fast: false
-      matrix:
-        go-version: [1.16.x, 1.17.x]
-        platform: [ubuntu-latest, macos-latest, windows-latest]
-    runs-on: ${{ matrix.platform }}
-    steps:
-    - name: Install Matrix Go
-      uses: actions/setup-go@v2
-      with:
-        go-version: ${{ matrix.go-version }}
-    - name: Checkout code
-      uses: actions/checkout@v2
-    - name: Test code
-      env:
-        GO111MODULE: on
-      run: |
-        go test ./pkg/...
-        go vet ./pkg/...
-  build:
-    runs-on: ubuntu-latest
-    if: github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/')
-    steps:
-    - name: Install Go 1.17.2
-      uses: actions/setup-go@v2
-      with:
-        go-version: '1.17.2'
-    - name: Checkout code
-      uses: actions/checkout@v2
-    - name: Build TUSD
-      if: startsWith(github.ref, 'refs/tags/')
-      env:
-        GO111MODULE: on
-      run: ./scripts/build_all.sh
-    - name: Release
-      uses: softprops/action-gh-release@v1
-      if: startsWith(github.ref, 'refs/tags/')
-      with:
-        files: tusd_*.*
-      env:
-        GITHUB_TOKEN: ${{ secrets.GH_RELEASE_TOKEN }}
-    - name: Deploy to heroku
-      uses: akhileshns/heroku-deploy@v3.4.6
-      with:
-        heroku_api_key: ${{secrets.HEROKU_API_KEY}}
-        heroku_app_name: ${{secrets.HEROKU_APP_NAME}}
-        heroku_email: ${{secrets.HEROKU_USER_EMAIL}}
-    - uses: azure/docker-login@v1
-      with:
-        username: ${{ secrets.DOCKER_USERNAME }}
-        password: ${{ secrets.DOCKER_PASSWORD }}
-    - name: Build and push docker image
-      run: |
-        docker build -t tusproject/tusd:$GITHUB_SHA .
-        docker push tusproject/tusd:$GITHUB_SHA
-    - name: Tag docker image with release tag
-      if: startsWith(github.ref, 'refs/tags/')
-      run: |
-        # Extract tag name: https://stackoverflow.com/a/58178121
-        TAG_NAME="${GITHUB_REF#refs/*/}"
-        docker tag tusproject/tusd:$GITHUB_SHA tusproject/tusd:$TAG_NAME
-        docker push tusproject/tusd:$TAG_NAME
-        # Create latest tag if we have no pre-release
-        if [[ $TAG_NAME =~ ^v[0-9]+\.[0-9]+\.[0-9]+$ ]];
-        then
-          docker tag tusproject/tusd:$GITHUB_SHA tusproject/tusd:latest
-          docker push tusproject/tusd:latest
-        fi
-      shell: bash
-        
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@ -0,0 +1,111 @@
+name: release
+
+on:
+  push:
+    branches:
+      - master
+    tags:
+      - "v*"
+
+jobs:
+  build-docker:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout code
+        uses: actions/checkout@v2.3.5
+
+      - run: |
+          echo "GIT_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
+
+      -
+        name: Docker meta
+        id: docker_meta
+        uses: docker/metadata-action@v3.5.0
+        with:
+          images: |
+            ghcr.io/tus/tusd
+            tusproject/tusd
+          tags: |
+            type=sha
+            type=semver,pattern=v{{version}}
+            type=semver,pattern=v{{major}}.{{minor}}
+            type=semver,pattern=v{{major}}
+
+      -
+        name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v1.6.0
+        with:
+          install: true
+
+      -
+        name: Login to GitHub Container Registry
+        uses: docker/login-action@v1.10.0
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ github.token }}
+
+      -
+        name: Login to Docker Container Registry
+        uses: docker/login-action@v1.10.0
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      -
+        name: Build and push
+        id: build
+        uses: docker/build-push-action@v2
+        with:
+          push: true
+          builder: ${{ steps.buildx.outputs.name }}
+          tags: ${{ steps.docker_meta.outputs.tags }}
+          labels: ${{ steps.docker_meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha
+          build-args: |
+            GIT_VERSION=${{ env.GIT_VERSION }}
+            GIT_COMMIT=${{ github.sha }}
+
+  build-binary:
+    runs-on: ubuntu-latest
+    if: startsWith(github.ref, 'refs/tags/')
+    env:
+      GO111MODULE: on
+    steps:
+      -
+        name: Checkout code
+        uses: actions/checkout@v2.3.5
+
+      -
+        name: Install Go 1.17.2
+        uses: actions/setup-go@v2
+        with:
+          go-version: '1.17.2'
+
+      -
+        name: Build TUSD
+        run: ./scripts/build_all.sh
+
+      -
+        name: GitHub Release
+        uses: softprops/action-gh-release@v0.1.13
+        with:
+          files: tusd_*.*
+
+  deploy-heroku:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout code
+        uses: actions/checkout@v2.3.5
+
+      -
+        name: Deploy to heroku
+        uses: akhileshns/heroku-deploy@v3.4.6
+        with:
+          heroku_api_key: ${{secrets.HEROKU_API_KEY}}
+          heroku_app_name: ${{secrets.HEROKU_APP_NAME}}
+          heroku_email: ${{secrets.HEROKU_USER_EMAIL}}
--- a/56
+++ b/56
@ -1,37 +1,43 @@
-FROM golang:1.16-alpine AS builder
-
-# Copy in the git repo from the build context
-COPY . /go/src/github.com/tus/tusd/
-
-# Create app directory
+FROM golang:1.17.2-alpine AS builder
 WORKDIR /go/src/github.com/tus/tusd

-RUN apk add --no-cache \
-        git gcc libc-dev \
-    && go get -d -v ./... \
-    && version="$(git tag -l --points-at HEAD)" \
-    && commit=$(git log --format="%H" -n 1) \
-    && GOOS=linux GOARCH=amd64 go build \
-        -ldflags="-X github.com/tus/tusd/cmd/tusd/cli.VersionName=${version} -X github.com/tus/tusd/cmd/tusd/cli.GitCommit=${commit} -X 'github.com/tus/tusd/cmd/tusd/cli.BuildDate=$(date --utc)'" \
-        -o "/go/bin/tusd" ./cmd/tusd/main.go \
-    && rm -r /go/src/* \
-    && apk del git
+# Add gcc and libc-dev early so it is cached
+RUN set -xe \
+	&& apk add --no-cache gcc libc-dev
+
+# Install dependencies earlier so they are cached between builds
+COPY go.mod go.sum ./
+RUN set -xe \
+	&& go mod download
+
+# Copy the source code, because directories are special, there are separate layers
+COPY cmd/ ./cmd/
+COPY internal/ ./internal/
+COPY pkg/ ./pkg/
+
+# Get the version name and git commit as a build argument
+ARG GIT_VERSION
+ARG GIT_COMMIT
+
+RUN set -xe \
+	&& GOOS=linux GOARCH=amd64 go build \
+        -ldflags="-X github.com/tus/tusd/cmd/tusd/cli.VersionName=${GIT_VERSION} -X github.com/tus/tusd/cmd/tusd/cli.GitCommit=${GIT_COMMIT} -X 'github.com/tus/tusd/cmd/tusd/cli.BuildDate=$(date --utc)'" \
+        -o /go/bin/tusd ./cmd/tusd/main.go

 # start a new stage that copies in the binary built in the previous stage
-FROM alpine:3.13
+FROM alpine:3.14.2
+WORKDIR /srv/tusd-data

-COPY --from=builder /go/bin/tusd /usr/local/bin/tusd
-
-RUN apk add --no-cache ca-certificates jq gcc \
+RUN apk add --no-cache ca-certificates jq \
    && addgroup -g 1000 tusd \
    && adduser -u 1000 -G tusd -s /bin/sh -D tusd \
    && mkdir -p /srv/tusd-hooks \
-    && mkdir -p /srv/tusd-data \
    && chown tusd:tusd /srv/tusd-data

-WORKDIR /srv/tusd-data
-EXPOSE 1080
-ENTRYPOINT ["tusd"]
-CMD ["--hooks-dir","/srv/tusd-hooks"]
+COPY --from=builder /go/bin/tusd /usr/local/bin/tusd

+EXPOSE 1080
 USER tusd
+
+ENTRYPOINT ["tusd"]
+CMD [ "--hooks-dir", "/srv/tusd-hooks" ]