Docker Push Github Action

.github/workflows/build_and_test.yaml

@@ -16,31 +16,51 @@ on:
       - "**/*.png"
 env:
   GO_VERSION: 1.18.2
+  ENVOY_GATEWAY_DEV_IMAGE: envoyproxy/gateway-dev
+  ENVOY_GATEWAY_DEV_TAG: latest
 jobs:
-  build:
+  build-and-test:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
       - uses: actions/setup-go@v3
         with:
           go-version: ${{ env.GO_VERSION }}
           cache: true
-      - name: build
-        run: make build
-  test:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-go@v3
-        with:
-          go-version: ${{ env.GO_VERSION }}
-          cache: true
-      - name: test and report coverage
+      - name: Test and report coverage
         run: go test ./... -race -coverprofile=coverage.xml -covermode=atomic
       - name: Upload coverage to Codecov
         uses: codecov/codecov-action@v2
         with:
           fail_ci_if_error: true
           files: ./coverage.xml
           name: codecov-envoy-gateway
-          verbose: true
+          verbose: true
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+      - name: Build
+        uses: docker/build-push-action@v3
+        with:
+          context: .
+          platforms: linux/amd64
+          tags: ${{ env.ENVOY_GATEWAY_DEV_IMAGE }}:${{ github.sha }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+      - name: Login to DockerHub
+        if: github.event_name == 'push'
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_PASSWORD }}
+      - name: Push to envoyproxy/gateway-dev
+        if: github.event_name == 'push' && github.ref == 'refs/heads/main'
+        uses: docker/build-push-action@v3
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: ${{ env.ENVOY_GATEWAY_DEV_IMAGE }}:${{ env.ENVOY_GATEWAY_DEV_TAG }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max

Dockerfile

@@ -0,0 +1,24 @@
+FROM golang:1.18.2 as builder
+
+WORKDIR /workspace
+# Copy the Go Modules manifests
+COPY go.mod go.mod
+COPY go.sum go.sum
+# cache deps before building and copying source so that we don't need to re-download as much
+# and so that source changes don't invalidate our downloaded layer
+RUN go mod download
+
+# Copy the go source
+COPY . /workspace
+
+# Build
+RUN make build
+
+# Use distroless as minimal base image to package the manager binary
+# Refer to https://github.com/GoogleContainerTools/distroless for more details
+FROM gcr.io/distroless/static:nonroot
+WORKDIR /
+COPY --from=builder /workspace/bin/envoy-gateway .
+USER 65532:65532
+
+ENTRYPOINT ["/envoy-gateway"]

Makefile

@@ -1,8 +1,25 @@
+# REGISTRY is the image registry to use for build and push image targets.
+REGISTRY ?= docker.io/envoyproxy
+# IMAGE is the image URL for build and push image targets.
+IMAGE ?= ${REGISTRY}/gateway-dev
+# REV is the short git sha of latest commit.
+REV=$(shell git rev-parse --short HEAD)
+# Tag is the tag to use for build and push image targets.
+TAG ?= $(REV)
+
 .PHONY: build
 build:
-	@go build -o ./bin/ github.com/envoyproxy/gateway/cmd/envoy-gateway
+	@CGO_ENABLED=0 go build -a -o ./bin/ github.com/envoyproxy/gateway/cmd/envoy-gateway
 
 .PHONY: test
 test:
 	@go test ./...
 
+.PHONY: docker-build
+docker-build: test ## Build the envoy-gateway docker image.
+	docker build -t $(IMAGE):$(TAG) -f Dockerfile . 
+
+.PHONY: docker-push
+docker-push: ## Push the docker image for envoy-gateway.
+	docker push $(IMAGE):$(TAG)
+