From 109e8d6e8aefb7da6262a2f9dcabd4bcbc3b0897 Mon Sep 17 00:00:00 2001
From: Rico <d-Rickyy-b@users.noreply.github.com>
Date: Thu, 14 Dec 2023 03:13:13 +0100
Subject: [PATCH] ci: update goreleaser config to build docker images

This might be broken - fixing CI stuff is annoying.
---
 .github/goreleaser.yml              | 54 +++++++++++++++++++++++++++--
 .github/workflows/docker_build.yml  | 26 --------------
 .github/workflows/release_build.yml | 16 +++++++--
 Dockerfile                          | 35 +++----------------
 Dockerfile_multistage               | 52 +++++++++++++++++++++++++++
 5 files changed, 123 insertions(+), 60 deletions(-)
 delete mode 100644 .github/workflows/docker_build.yml
 create mode 100644 Dockerfile_multistage

diff --git a/.github/goreleaser.yml b/.github/goreleaser.yml
index 11389c4..80c766a 100644
--- a/.github/goreleaser.yml
+++ b/.github/goreleaser.yml
@@ -6,7 +6,7 @@ before:
 
 builds:
   - main: ./cmd/main.go
-    ldflags: -s -w
+    ldflags: -s -w -X github.com/d-Rickyy-b/certstream-server-go/internal/config.Version={{.Version}}
     env:
       - CGO_ENABLED=0
     goos:
@@ -30,10 +30,60 @@ builds:
       - goos: windows
         goarch: 386
 checksum:
-  name_template: '{{ .ProjectName }}_{{.Version}}_checksums.txt'
+  name_template: '{{.ProjectName}}_{{.Version}}_checksums.txt'
 changelog:
   skip: true
 
+dockers:
+  - image_templates:
+      - '0rickyy0/{{.ProjectName}}:{{.Tag}}-amd64'
+      - '0rickyy0/{{.ProjectName}}:{{.Tag}}'
+      - 'ghcr.io/0rickyy0/{{.ProjectName}}:{{.Tag}}-amd64'
+      - 'ghcr.io/0rickyy0/{{.ProjectName}}:latest-amd64'
+    goarch: amd64
+    use: buildx
+    build_flag_templates:
+      - "--pull"
+      - "--label=org.opencontainers.image.title={{.ProjectName}}"
+      - "--label=org.opencontainers.image.description=Certstream server written in Go"
+      - "--label=org.opencontainers.image.created={{.Date}}"
+      - "--label=org.opencontainers.image.source=https://github.com/0Rickyy0/certstream-server-go"
+      - "--label=org.opencontainers.image.revision={{.FullCommit}}"
+      - "--label=org.opencontainers.image.version={{.Version}}"
+      - "--platform=linux/amd64"
+
+  - image_templates:
+      - '0rickyy0/{{.ProjectName}}:{{.Tag}}-arm64'
+      - '0rickyy0/{{.ProjectName}}:latest-arm64'
+      - 'ghcr.io/0rickyy0/{{.ProjectName}}:{{.Tag}}-arm64'
+      - 'ghcr.io/0rickyy0/{{.ProjectName}}:latest-arm64'
+    goarch: arm64
+    use: buildx
+    build_flag_templates:
+      - "--pull"
+      - "--label=org.opencontainers.image.title={{.ProjectName}}"
+      - "--label=org.opencontainers.image.description=Certstream server written in Go"
+      - "--label=org.opencontainers.image.created={{.Date}}"
+      - "--label=org.opencontainers.image.source=https://github.com/0Rickyy0/certstream-server-go"
+      - "--label=org.opencontainers.image.revision={{.FullCommit}}"
+      - "--label=org.opencontainers.image.version={{.Version}}"
+      - "--platform=linux/arm64"
+
+docker_manifests:
+  - name_template: '0rickyy0/{{.ProjectName}}:{{.Tag}}'
+    image_templates:
+      - '0rickyy0/{{.ProjectName}}:{{.Tag}}-amd64'
+      - '0rickyy0/{{.ProjectName}}:{{.Tag}}-arm64'
+      - 'ghcr.io/0rickyy0/{{.ProjectName}}:{{.Tag}}-amd64'
+      - 'ghcr.io/0rickyy0/{{.ProjectName}}:{{.Tag}}-arm64'
+
+  - name_template: '{{ if not .Prerelease }}0rickyy0/{{.ProjectName}}:latest{{ end }}'
+    image_templates:
+      - '0rickyy0/{{.ProjectName}}:{{.Tag}}-amd64'
+      - '0rickyy0/{{.ProjectName}}:{{.Tag}}-arm64'
+      - 'ghcr.io/0rickyy0/{{.ProjectName}}:{{.Tag}}-amd64'
+      - 'ghcr.io/0rickyy0/{{.ProjectName}}:{{.Tag}}-arm64'
+
 archives:
   - format: binary
     name_template: >-
diff --git a/.github/workflows/docker_build.yml b/.github/workflows/docker_build.yml
deleted file mode 100644
index 8154289..0000000
--- a/.github/workflows/docker_build.yml
+++ /dev/null
@@ -1,26 +0,0 @@
-name: Docker Image CI
-
-on:
-  push:
-    tags:
-      - "v*.*.*"
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Check out code into the Go module directory
-        uses: actions/checkout@v3
-
-      - name: Set build tag as env var
-        run: echo "TAG=${GITHUB_REF#refs/*/v}" >> $GITHUB_ENV
-
-      - name: Docker login
-        run: docker login -u ${{ secrets.DOCKERHUB_USERNAME }} -p ${{ secrets.DOCKERHUB_TOKEN }}
-
-      - name: Build the Docker image
-        run: docker build . --file Dockerfile --tag ${{ secrets.DOCKERHUB_USERNAME }}/certstream-server-go:latest --tag ${{ secrets.DOCKERHUB_USERNAME }}/certstream-server-go:${{ env.TAG }}
-
-      - name: Push the Docker image
-        run: docker push ${{ secrets.DOCKERHUB_USERNAME }}/certstream-server-go --all-tags
diff --git a/.github/workflows/release_build.yml b/.github/workflows/release_build.yml
index 3a24366..6eebe5a 100644
--- a/.github/workflows/release_build.yml
+++ b/.github/workflows/release_build.yml
@@ -11,10 +11,10 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - name: Set up Go 1.18
+      - name: Set up Go 1.21
         uses: actions/setup-go@v3
         with:
-          go-version: ^1.18
+          go-version: ^1.21
         id: go
 
       - name: Check out code into the Go module directory
@@ -22,6 +22,18 @@ jobs:
         with:
           fetch-depth: 0 # See: https://goreleaser.com/ci/actions/
 
+      - name: Setup QEMU # Used for cross-compiling with goreleaser / docker
+        uses: docker/setup-qemu-action@v3
+
+      - name: Setup Docker Buildx # Used for cross-compiling with goreleaser / docker
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
       - name: Run GoReleaser
         uses: goreleaser/goreleaser-action@v4
         with:
diff --git a/Dockerfile b/Dockerfile
index b662bbd..faecb10 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,8 +1,6 @@
-# Thanks to https://chemidy.medium.com/create-the-smallest-and-secured-golang-docker-image-based-on-scratch-4752223b7324
-############################
-# STEP 1 build executable binary
-############################
-FROM golang:alpine AS builder
+FROM alpine
+
+WORKDIR /app
 
 ENV USER=certstreamserver
 ENV UID=10001
@@ -17,31 +15,8 @@ RUN adduser \
     --uid "${UID}" \
     "${USER}"
 
-# Install git. Git is required for fetching the dependencies.
-RUN apk update && apk add --no-cache git
-WORKDIR $GOPATH/src/certstream-server-go/
-COPY . .
-
-# Fetch dependencies.
-RUN go mod download
-
-# Build the binary.
-RUN go build -ldflags="-w -s" -o /go/bin/certstream-server-go $GOPATH/src/certstream-server-go/cmd
-RUN chown -R "${USER}:${USER}" /go/bin/certstream-server-go
-
-############################
-# STEP 2 build a small image
-############################
-FROM alpine
-
-WORKDIR /app
-
-# Import the user and group files from the builder.
-COPY --from=builder /etc/passwd /etc/passwd
-COPY --from=builder /etc/group /etc/group
-
 # Copy our static executable.
-COPY --from=builder /go/bin/certstream-server-go /app/certstream-server-go
+COPY certstream-server-go /app/certstream-server-go
 COPY ./config.sample.yaml /app/config.yaml
 
 # Use an unprivileged user.
@@ -49,4 +24,4 @@ USER certstreamserver:certstreamserver
 
 EXPOSE 8080
 
-ENTRYPOINT ["/app/certstream-server-go"]
+ENTRYPOINT ["/app/certstream-server-go"]
\ No newline at end of file
diff --git a/Dockerfile_multistage b/Dockerfile_multistage
new file mode 100644
index 0000000..b662bbd
--- /dev/null
+++ b/Dockerfile_multistage
@@ -0,0 +1,52 @@
+# Thanks to https://chemidy.medium.com/create-the-smallest-and-secured-golang-docker-image-based-on-scratch-4752223b7324
+############################
+# STEP 1 build executable binary
+############################
+FROM golang:alpine AS builder
+
+ENV USER=certstreamserver
+ENV UID=10001
+
+# Create user
+RUN adduser \
+    --disabled-password \
+    --gecos "" \
+    --home "/nonexistent" \
+    --shell "/sbin/nologin" \
+    --no-create-home \
+    --uid "${UID}" \
+    "${USER}"
+
+# Install git. Git is required for fetching the dependencies.
+RUN apk update && apk add --no-cache git
+WORKDIR $GOPATH/src/certstream-server-go/
+COPY . .
+
+# Fetch dependencies.
+RUN go mod download
+
+# Build the binary.
+RUN go build -ldflags="-w -s" -o /go/bin/certstream-server-go $GOPATH/src/certstream-server-go/cmd
+RUN chown -R "${USER}:${USER}" /go/bin/certstream-server-go
+
+############################
+# STEP 2 build a small image
+############################
+FROM alpine
+
+WORKDIR /app
+
+# Import the user and group files from the builder.
+COPY --from=builder /etc/passwd /etc/passwd
+COPY --from=builder /etc/group /etc/group
+
+# Copy our static executable.
+COPY --from=builder /go/bin/certstream-server-go /app/certstream-server-go
+COPY ./config.sample.yaml /app/config.yaml
+
+# Use an unprivileged user.
+USER certstreamserver:certstreamserver
+
+EXPOSE 8080
+
+ENTRYPOINT ["/app/certstream-server-go"]