From 802b93bdaf884556e6f2ded9791f2e522c041758 Mon Sep 17 00:00:00 2001 From: Phil Date: Mon, 7 Apr 2025 17:41:41 +0000 Subject: [PATCH] [CI Workflow] Improvments for next releses and logic (#11) - [X] Changed latest / dev builds (security) - [x] Changed logic behind build and tags (breaking) - [x] Make more checks and buildflags (feature) - [x] New releases for @renovate-bot (enhancement) Reviewed-on: https://git.hackmi.ch/Phil/goshorly/pulls/11 --- .woodpecker/0-pre.yml | 17 ++-- .woodpecker/1-build-check.yml | 48 +++++++++++ .woodpecker/10-build-dev.yml | 42 ++++++++++ .woodpecker/10-build-latest.yml | 41 ---------- .woodpecker/20-build-tag.yml | 41 ++++++++++ ...{50-release-bot.yml => 99-release-bot.yml} | 0 Dockerfile | 18 ++--- routes/gethome.go | 14 ++-- routes/posthome.go | 80 +++++++++---------- utils/build-vars.go | 14 ++-- utils/limiter.go | 8 +- views/home.html | 2 +- 12 files changed, 204 insertions(+), 121 deletions(-) create mode 100644 .woodpecker/1-build-check.yml create mode 100644 .woodpecker/10-build-dev.yml delete mode 100644 .woodpecker/10-build-latest.yml create mode 100644 .woodpecker/20-build-tag.yml rename .woodpecker/{50-release-bot.yml => 99-release-bot.yml} (100%) diff --git a/.woodpecker/0-pre.yml b/.woodpecker/0-pre.yml index ee5bd96..cfcd1af 100644 --- a/.woodpecker/0-pre.yml +++ b/.woodpecker/0-pre.yml @@ -7,10 +7,6 @@ steps: - go fmt $(go list ./... | grep -v /vendor/) - go vet $(go list ./... | grep -v /vendor/) - go test -race $(go list ./... | grep -v /vendor/) - when: - - event: [push, cron] - branch: [main, develop] - - event: pull_request - name: check-sec image: golang @@ -18,7 +14,12 @@ steps: - go install github.com/securego/gosec/v2/cmd/gosec@latest - go get -v -d . - gosec ./... - when: - - event: [push, cron] - branch: [main, develop] - - event: pull_request \ No newline at end of file + + + +when: + - event: [push, cron] + branch: [main, develop] + - event: pull_request + - event: tag + branch: main \ No newline at end of file diff --git a/.woodpecker/1-build-check.yml b/.woodpecker/1-build-check.yml new file mode 100644 index 0000000..b5b738a --- /dev/null +++ b/.woodpecker/1-build-check.yml @@ -0,0 +1,48 @@ +steps: + - name: test/build-binary/linux-amd64 + image: golang:1.24.2 + environment: + GOOS: "linux" + GOARCH: "amd64" + I_PACKAGE: "git.hackmi.ch/Phil/goshorly/utils" + CGO_ENABLED: 0 + commands: + - go build -a -installsuffix cgo -ldflags=" -X $I_PACKAGE.CI_COMMIT_SHA=$CI_COMMIT_SHA -X $I_PACKAGE.CI_COMMIT_BRANCH=$CI_COMMIT_BRANCH -X $I_PACKAGE.CI_COMMIT_TAG=$CI_COMMIT_TAG" -o app-amd64 . + + - name: test/build-binary/linux-arm64 + image: golang:1.24.2 + environment: + GOOS: "linux" + GOARCH: "arm64" + I_PACKAGE: "git.hackmi.ch/Phil/goshorly/utils" + CGO_ENABLED: 0 + commands: + - go build -a -installsuffix cgo -ldflags=" -X $I_PACKAGE.CI_COMMIT_SHA=$CI_COMMIT_SHA -X $I_PACKAGE.CI_COMMIT_BRANCH=$CI_COMMIT_BRANCH -X $I_PACKAGE.CI_COMMIT_TAG=$CI_COMMIT_TAG" -o app-arm64 . + + - name: test/build-docker/linux-amd64 + image: woodpeckerci/plugin-docker-buildx:5.2.2 + settings: + platforms: linux/amd64 + dry-run: true + repo: git.hackmi.ch/phil/goshorly + registry: git.hackmi.ch + depends_on: + - test/build-binary/linux-amd64 + + - name: test/build-docker/linux-arm64 + image: woodpeckerci/plugin-docker-buildx:5.2.2 + settings: + platforms: linux/arm64 + dry-run: true + repo: git.hackmi.ch/phil/goshorly + registry: git.hackmi.ch + depends_on: + - test/build-binary/linux-arm64 + +when: + - event: [push, cron] + branch: [main, develop] + - event: pull_request + +depends_on: + - 0-pre \ No newline at end of file diff --git a/.woodpecker/10-build-dev.yml b/.woodpecker/10-build-dev.yml new file mode 100644 index 0000000..f225713 --- /dev/null +++ b/.woodpecker/10-build-dev.yml @@ -0,0 +1,42 @@ +steps: + - name: dev/build-binary/linux-amd64 + image: golang:1.24.2 + environment: + GOOS: "linux" + GOARCH: "amd64" + I_PACKAGE: "git.hackmi.ch/Phil/goshorly/utils" + CGO_ENABLED: 0 + commands: + - go build -a -installsuffix cgo -ldflags=" -X $I_PACKAGE.CI_COMMIT_SHA=$CI_COMMIT_SHA -X $I_PACKAGE.CI_COMMIT_BRANCH=$CI_COMMIT_BRANCH -X $I_PACKAGE.CI_COMMIT_TAG=$CI_COMMIT_TAG" -o app-linux-amd64 . + + - name: dev/build-binary/linux-arm64 + image: golang:1.24.2 + environment: + GOOS: "linux" + GOARCH: "arm64" + I_PACKAGE: "git.hackmi.ch/Phil/goshorly/utils" + CGO_ENABLED: 0 + commands: + - go build -a -installsuffix cgo -ldflags=" -X $I_PACKAGE.CI_COMMIT_SHA=$CI_COMMIT_SHA -X $I_PACKAGE.CI_COMMIT_BRANCH=$CI_COMMIT_BRANCH -X $I_PACKAGE.CI_COMMIT_TAG=$CI_COMMIT_TAG" -o app-linux-arm64 . + + - name: dev/build-docker/linux-multiarch + image: woodpeckerci/plugin-docker-buildx:5.2.2 + settings: + platforms: linux/amd64,linux/arm64 + repo: git.hackmi.ch/phil/goshorly + registry: git.hackmi.ch + tags: dev + username: + from_secret: reg-user + password: + from_secret: reg-pass + depends_on: + - dev/build-binary/linux-amd64 + - dev/build-binary/linux-arm64 + +when: + - event: [push, cron] + branch: main + +depends_on: + - 0-pre \ No newline at end of file diff --git a/.woodpecker/10-build-latest.yml b/.woodpecker/10-build-latest.yml deleted file mode 100644 index b6c6a82..0000000 --- a/.woodpecker/10-build-latest.yml +++ /dev/null @@ -1,41 +0,0 @@ -steps: - - name: build-binary - image: golang:1.24.2 - commands: - - export CI_COMMIT_SHORT_SHA=${CI_COMMIT_SHA:0:10} - - go build -ldflags="-X main.CommitSHA=${CI_COMMIT_SHORT_SHA}" -o linux-amd64 . - when: - - event: [push, cron] - branch: main - - - name: build-and-push-docker-dev - image: woodpeckerci/plugin-docker-buildx:5.2.2 - settings: - platforms: linux/amd64,linux/arm/v6,linux/arm64/v8 - repo: git.hackmi.ch/phil/goshorly - registry: git.hackmi.ch - tags: dev - username: - from_secret: reg-user - password: - from_secret: reg-pass - build_args: - - CI_COMMIT_BRANCH=${CI_COMMIT_BRANCH} - - CI_COMMIT_SHORT_SHA=${CI_COMMIT_SHA:0:10} - depends_on: - - build-binary - when: - - event: [push, cron] - branch: main - -services: - docker-daemon: - image: docker:28.0-dind-rootless - commands: - - dockerd --tls=false --host=tcp://0.0.0.0:2376 - privileged: true - when: - - event: [push, cron] - -depends_on: - - 0-pre \ No newline at end of file diff --git a/.woodpecker/20-build-tag.yml b/.woodpecker/20-build-tag.yml new file mode 100644 index 0000000..f94e6f4 --- /dev/null +++ b/.woodpecker/20-build-tag.yml @@ -0,0 +1,41 @@ +steps: + - name: prod/build-binary/linux-amd64 + image: golang:1.24.2 + environment: + GOOS: "linux" + GOARCH: "amd64" + I_PACKAGE: "git.hackmi.ch/Phil/goshorly/utils" + CGO_ENABLED: 0 + commands: + - go build -a -installsuffix cgo -ldflags=" -X $I_PACKAGE.CI_COMMIT_SHA=$CI_COMMIT_SHA -X $I_PACKAGE.CI_COMMIT_BRANCH=$CI_COMMIT_BRANCH -X $I_PACKAGE.CI_COMMIT_TAG=$CI_COMMIT_TAG" -o app-linux-amd64 . + + - name: prod/build-binary/linux-arm64 + image: golang:1.24.2 + environment: + GOOS: "linux" + GOARCH: "arm64" + I_PACKAGE: "git.hackmi.ch/Phil/goshorly/utils" + CGO_ENABLED: 0 + commands: + - go build -a -installsuffix cgo -ldflags=" -X $I_PACKAGE.CI_COMMIT_SHA=$CI_COMMIT_SHA -X $I_PACKAGE.CI_COMMIT_BRANCH=$CI_COMMIT_BRANCH -X $I_PACKAGE.CI_COMMIT_TAG=$CI_COMMIT_TAG" -o app-linux-arm64 . + + - name: prod/build-docker/linux-multiarch + image: woodpeckerci/plugin-docker-buildx:5.2.2 + settings: + platforms: linux/amd64,linux/arm64 + repo: git.hackmi.ch/phil/goshorly + registry: git.hackmi.ch + auto_tag: true + username: + from_secret: reg-user + password: + from_secret: reg-pass + depends_on: + - prod/build-binary/linux-amd64 + - prod/build-binary/linux-arm64 + +when: + - event: tag + +depends_on: + - 0-pre \ No newline at end of file diff --git a/.woodpecker/50-release-bot.yml b/.woodpecker/99-release-bot.yml similarity index 100% rename from .woodpecker/50-release-bot.yml rename to .woodpecker/99-release-bot.yml diff --git a/Dockerfile b/Dockerfile index 41f0b19..29cbc0a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,26 +1,18 @@ -FROM golang:alpine as builder - -RUN apk add --no-cache git make build-base - -ARG CI_COMMIT_BRANCH -ARG CI_COMMIT_SHORT_SHA -ARG CI_COMMIT_TAG - -ENV CI_COMMIT_BRANCH=$CI_COMMIT_BRANCH -ENV CI_COMMIT_SHORT_SHA=$CI_COMMIT_SHORT_SHA -ENV CI_COMMIT_TAG=$CI_COMMIT_TAG +FROM golang:1.24.2-alpine AS builder ENV I_PACKAGE="git.hackmi.ch/Phil/goshorly/utils" ENV CGO_ENABLED=0 +RUN apk add --no-cache git make build-base + WORKDIR /go/src/git.hackmi.ch/goshorly COPY . . RUN go get -d -v ./... -RUN go build -a -installsuffix cgo -ldflags=" -X $I_PACKAGE.CI_COMMIT_SHORT_SHA=$CI_COMMIT_SHORT_SHA -X $I_PACKAGE.CI_COMMIT_BRANCH=$CI_COMMIT_BRANCH -X $I_PACKAGE.CI_COMMIT_TAG=$CI_COMMIT_TAG" -o app . +RUN go build -a -installsuffix cgo -ldflags=" -X $I_PACKAGE.CI_COMMIT_SHA=$CI_COMMIT_SHA -X $I_PACKAGE.CI_COMMIT_BRANCH=$CI_COMMIT_BRANCH -X $I_PACKAGE.CI_COMMIT_TAG=$CI_COMMIT_TAG" -o app . -FROM scratch as production +FROM scratch AS production WORKDIR / COPY --from=builder /go/src/git.hackmi.ch/goshorly/app /app ENTRYPOINT [ "/app" ] \ No newline at end of file diff --git a/routes/gethome.go b/routes/gethome.go index 46bfd36..ac9a63d 100644 --- a/routes/gethome.go +++ b/routes/gethome.go @@ -8,12 +8,12 @@ import ( func Gethome(c *fiber.Ctx) error { return c.Render("views/home", fiber.Map{ - "CI_COMMIT_SHORT_SHA": utils.CI_COMMIT_SHORT_SHA, - "CI_COMMIT_BRANCH": utils.CI_COMMIT_BRANCH, - "CI_COMMIT_TAG": utils.CI_COMMIT_TAG, - "CI_TAGGED": utils.CI_TAGGED, - "CI_BUILD": utils.CI_BUILD, - "TotalLinks": db.GetTotalLinks(), - "TotalViews": db.GetTotalViews(), + "CI_COMMIT_SHA": utils.CI_COMMIT_SHA, + "CI_COMMIT_BRANCH": utils.CI_COMMIT_BRANCH, + "CI_COMMIT_TAG": utils.CI_COMMIT_TAG, + "CI_TAGGED": utils.CI_TAGGED, + "CI_BUILD": utils.CI_BUILD, + "TotalLinks": db.GetTotalLinks(), + "TotalViews": db.GetTotalViews(), }) } diff --git a/routes/posthome.go b/routes/posthome.go index 8b9f5ab..a568222 100644 --- a/routes/posthome.go +++ b/routes/posthome.go @@ -28,14 +28,14 @@ func Posthome(c *fiber.Ctx) error { } return c.Status(500).Render("views/home", fiber.Map{ - "ERR": "Parsing Error", - "CI_COMMIT_SHORT_SHA": utils.CI_COMMIT_SHORT_SHA, - "CI_COMMIT_BRANCH": utils.CI_COMMIT_BRANCH, - "CI_COMMIT_TAG": utils.CI_COMMIT_TAG, - "CI_TAGGED": utils.CI_TAGGED, - "CI_BUILD": utils.CI_BUILD, - "TotalLinks": db.GetTotalLinks(), - "TotalViews": db.GetTotalViews(), + "ERR": "Parsing Error", + "CI_COMMIT_SHA": utils.CI_COMMIT_SHA, + "CI_COMMIT_BRANCH": utils.CI_COMMIT_BRANCH, + "CI_COMMIT_TAG": utils.CI_COMMIT_TAG, + "CI_TAGGED": utils.CI_TAGGED, + "CI_BUILD": utils.CI_BUILD, + "TotalLinks": db.GetTotalLinks(), + "TotalViews": db.GetTotalViews(), }) } @@ -49,14 +49,14 @@ func Posthome(c *fiber.Ctx) error { } return c.Status(424).Render("views/home", fiber.Map{ - "ERR": "Invalid URL, please check and try again.", - "CI_COMMIT_SHORT_SHA": utils.CI_COMMIT_SHORT_SHA, - "CI_COMMIT_BRANCH": utils.CI_COMMIT_BRANCH, - "CI_COMMIT_TAG": utils.CI_COMMIT_TAG, - "CI_TAGGED": utils.CI_TAGGED, - "CI_BUILD": utils.CI_BUILD, - "TotalLinks": db.GetTotalLinks(), - "TotalViews": db.GetTotalViews(), + "ERR": "Invalid URL, please check and try again.", + "CI_COMMIT_SHA": utils.CI_COMMIT_SHA, + "CI_COMMIT_BRANCH": utils.CI_COMMIT_BRANCH, + "CI_COMMIT_TAG": utils.CI_COMMIT_TAG, + "CI_TAGGED": utils.CI_TAGGED, + "CI_BUILD": utils.CI_BUILD, + "TotalLinks": db.GetTotalLinks(), + "TotalViews": db.GetTotalViews(), }) } @@ -72,14 +72,14 @@ func Posthome(c *fiber.Ctx) error { } return c.Status(500).Render("views/home", fiber.Map{ - "ERR": err.Error(), - "CI_COMMIT_SHORT_SHA": utils.CI_COMMIT_SHORT_SHA, - "CI_COMMIT_BRANCH": utils.CI_COMMIT_BRANCH, - "CI_COMMIT_TAG": utils.CI_COMMIT_TAG, - "CI_TAGGED": utils.CI_TAGGED, - "CI_BUILD": utils.CI_BUILD, - "TotalLinks": db.GetTotalLinks(), - "TotalViews": db.GetTotalViews(), + "ERR": err.Error(), + "CI_COMMIT_SHA": utils.CI_COMMIT_SHA, + "CI_COMMIT_BRANCH": utils.CI_COMMIT_BRANCH, + "CI_COMMIT_TAG": utils.CI_COMMIT_TAG, + "CI_TAGGED": utils.CI_TAGGED, + "CI_BUILD": utils.CI_BUILD, + "TotalLinks": db.GetTotalLinks(), + "TotalViews": db.GetTotalViews(), }) } @@ -94,14 +94,14 @@ func Posthome(c *fiber.Ctx) error { } return c.Status(500).Render("views/home", fiber.Map{ - "ERR": err.Error(), - "CI_COMMIT_SHORT_SHA": utils.CI_COMMIT_SHORT_SHA, - "CI_COMMIT_BRANCH": utils.CI_COMMIT_BRANCH, - "CI_COMMIT_TAG": utils.CI_COMMIT_TAG, - "CI_TAGGED": utils.CI_TAGGED, - "CI_BUILD": utils.CI_BUILD, - "TotalLinks": db.GetTotalLinks(), - "TotalViews": db.GetTotalViews(), + "ERR": err.Error(), + "CI_COMMIT_SHA": utils.CI_COMMIT_SHA, + "CI_COMMIT_BRANCH": utils.CI_COMMIT_BRANCH, + "CI_COMMIT_TAG": utils.CI_COMMIT_TAG, + "CI_TAGGED": utils.CI_TAGGED, + "CI_BUILD": utils.CI_BUILD, + "TotalLinks": db.GetTotalLinks(), + "TotalViews": db.GetTotalViews(), }) } @@ -122,13 +122,13 @@ func Posthome(c *fiber.Ctx) error { } return c.Status(201).Render("views/home", fiber.Map{ - "URL": fURL, - "CI_COMMIT_SHORT_SHA": utils.CI_COMMIT_SHORT_SHA, - "CI_COMMIT_BRANCH": utils.CI_COMMIT_BRANCH, - "CI_COMMIT_TAG": utils.CI_COMMIT_TAG, - "CI_TAGGED": utils.CI_TAGGED, - "CI_BUILD": utils.CI_BUILD, - "TotalLinks": db.GetTotalLinks(), - "TotalViews": db.GetTotalViews(), + "URL": fURL, + "CI_COMMIT_SHA": utils.CI_COMMIT_SHA, + "CI_COMMIT_BRANCH": utils.CI_COMMIT_BRANCH, + "CI_COMMIT_TAG": utils.CI_COMMIT_TAG, + "CI_TAGGED": utils.CI_TAGGED, + "CI_BUILD": utils.CI_BUILD, + "TotalLinks": db.GetTotalLinks(), + "TotalViews": db.GetTotalViews(), }) } diff --git a/utils/build-vars.go b/utils/build-vars.go index 0bce1ca..f62ad43 100644 --- a/utils/build-vars.go +++ b/utils/build-vars.go @@ -6,15 +6,15 @@ import ( ) var ( - CI_COMMIT_SHORT_SHA string - CI_COMMIT_BRANCH string - CI_COMMIT_TAG string - CI_TAGGED bool - CI_BUILD bool + CI_COMMIT_SHA string + CI_COMMIT_BRANCH string + CI_COMMIT_TAG string + CI_TAGGED bool + CI_BUILD bool ) func Init_build_vars() { - CI_BUILD = CI_COMMIT_SHORT_SHA != "" || CI_COMMIT_BRANCH != "" + CI_BUILD = CI_COMMIT_SHA != "" || CI_COMMIT_BRANCH != "" CI_TAGGED = CI_COMMIT_TAG != "" } @@ -23,7 +23,7 @@ func Print_Starting_Screen() { if CI_TAGGED { version = CI_COMMIT_TAG } else if CI_BUILD { - version = CI_COMMIT_SHORT_SHA + version = CI_COMMIT_SHA } fmt.Println("---- Starting goshorly " + version + " ----") time.Sleep(1 * time.Second) diff --git a/utils/limiter.go b/utils/limiter.go index 79b4e72..69b3122 100644 --- a/utils/limiter.go +++ b/utils/limiter.go @@ -18,10 +18,10 @@ var ConfigLimiter limiter.Config = limiter.Config{ }) } return c.Render("views/home", fiber.Map{ - "ERR": "You have reached the limit of requests! Please check back later. (1 minute)", - "CI_COMMIT_SHORT_SHA": CI_COMMIT_SHORT_SHA, - "CI_COMMIT_BRANCH": CI_COMMIT_BRANCH, - "CI_BUILD": CI_BUILD, + "ERR": "You have reached the limit of requests! Please check back later. (1 minute)", + "CI_COMMIT_SHA": CI_COMMIT_SHA, + "CI_COMMIT_BRANCH": CI_COMMIT_BRANCH, + "CI_BUILD": CI_BUILD, }) }, } diff --git a/views/home.html b/views/home.html index 31275f1..7a64b09 100644 --- a/views/home.html +++ b/views/home.html @@ -82,7 +82,7 @@ {{ if .CI_COMMIT_TAG }} | {{ .CI_COMMIT_TAG }} {{ else }} - | {{ .CI_COMMIT_SHORT_SHA }}/{{ .CI_COMMIT_BRANCH }} + | {{ .CI_COMMIT_SHA }}/{{ .CI_COMMIT_BRANCH }} {{ end }} {{ end }}