From 1084d11010ece3cf2c26b893e036a92a89a08670 Mon Sep 17 00:00:00 2001
From: Mircea-Pavel Anton <contact@mirceanton.com>
Date: Thu, 12 Sep 2024 10:18:02 +0300
Subject: [PATCH] ci: Use goreleaser to build docker images (#589)

* add yaml schema comment

* update dockerfile to just copy over the pre-compiled binary

* add docker config to goreleaser

* since goreleaser now pushes to GHCR, we need to authenticate before running gorelaeser

* we don't need the docker release workflow anymore
---
 .github/workflows/docker-build-and-push.yaml | 62 --------------------
 .github/workflows/release.yaml               | 12 +++-
 .goreleaser.yaml                             | 44 ++++++++++++++
 Dockerfile                                   | 24 +-------
 4 files changed, 56 insertions(+), 86 deletions(-)
 delete mode 100644 .github/workflows/docker-build-and-push.yaml

diff --git a/.github/workflows/docker-build-and-push.yaml b/.github/workflows/docker-build-and-push.yaml
deleted file mode 100644
index f4d4114c..00000000
--- a/.github/workflows/docker-build-and-push.yaml
+++ /dev/null
@@ -1,62 +0,0 @@
----
-name: Docker Build and Push
-
-on:
-  release:
-    types: [ "created" ]
-  pull_request:
-    branches: [ "main", "master" ]
-    paths:
-      - Dockerfile
-      - .github/workflows/docker-build-and-push.yaml
-  workflow_dispatch:
-    inputs:
-      tag:
-        description: Docker Tag
-        default: ""
-        required: false    
-      dryRun:
-        description: Dry Run
-        default: "true"
-        required: false
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Checkout the Repository
-        uses: actions/checkout@v4.1.7
-
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v3
-        with:
-          registry: ghcr.io
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Docker meta
-        id: meta
-        uses: docker/metadata-action@v5
-        with:
-          images: ghcr.io/${{ github.repository_owner }}/talhelper
-          tags: |
-            ${{ github.event.release.tag_name }}
-            ${{ github.event.inputs.tag }}
-            latest
-
-      - name: Build and push by digest
-        uses: docker/build-push-action@v6
-        with:
-          push: ${{ github.event_name == 'release' || github.event.inputs.dryRun == 'false' }}
-          platforms: linux/amd64, linux/arm64
-          labels: ${{ steps.meta.outputs.labels }}
-          tags: ${{ steps.meta.outputs.tags }}
-          build-args: |
-            VERSION=${{ github.event.release.tag_name }}
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index ca051bda..37410e18 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -39,10 +39,16 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
         with:
-          go-version: "stable"
+          go-version: stable
 
-      - name: Run GoReleaser
-        uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 # v6.0.0
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - uses: goreleaser/goreleaser-action@v6
         with:
           args: release --clean ${{ env.GORELEASER_DRY_RUN == 'true' && '--snapshot' || '' }}
         env:
diff --git a/.goreleaser.yaml b/.goreleaser.yaml
index a7537685..0225ccb4 100644
--- a/.goreleaser.yaml
+++ b/.goreleaser.yaml
@@ -1,4 +1,5 @@
 ---
+# yaml-language-server: $schema=https://goreleaser.com/static/schema.json
 version: 2
 project_name: talhelper
 builds:
@@ -72,3 +73,46 @@ scoops:
     license: BSD-3
     depends:
       - sops
+
+dockers:
+  - image_templates:
+      - "ghcr.io/budimanjojo/{{.ProjectName}}:v{{.Version}}-amd64"
+    use: buildx
+    dockerfile: Dockerfile
+    build_flag_templates:
+      - "--platform=linux/amd64"
+      - "--label=org.opencontainers.image.created={{.Date}}"
+      - "--label=org.opencontainers.image.title={{.ProjectName}}"
+      - "--label=org.opencontainers.image.revision={{.FullCommit}}"
+      - "--label=org.opencontainers.image.version={{.Version}}"
+      - "--label=org.opencontainers.image.url=https://github.com/budimanjojo/{{.ProjectName}}"
+      - "--label=org.opencontainers.image.source=https://github.com/budimanjojo/{{.ProjectName}}"
+      - "--label=org.opencontainers.image.licenses=BSD-3-Clause"
+      - "--label=org.opencontainers.image.authors=Budiman Jojo <budimanjojo@gmail.com>"
+      - "--label=org.opencontainers.image.description=A tool to help creating Talos kubernetes cluster"
+  - image_templates:
+      - "ghcr.io/budimanjojo/{{.ProjectName}}:v{{.Version}}-arm64v8"
+    use: buildx
+    goarch: arm64
+    dockerfile: Dockerfile
+    build_flag_templates:
+      - "--platform=linux/amd64"
+      - "--label=org.opencontainers.image.created={{.Date}}"
+      - "--label=org.opencontainers.image.title={{.ProjectName}}"
+      - "--label=org.opencontainers.image.revision={{.FullCommit}}"
+      - "--label=org.opencontainers.image.version={{.Version}}"
+      - "--label=org.opencontainers.image.url=https://github.com/budimanjojo/{{.ProjectName}}"
+      - "--label=org.opencontainers.image.source=https://github.com/budimanjojo/{{.ProjectName}}"
+      - "--label=org.opencontainers.image.licenses=BSD-3-Clause"
+      - "--label=org.opencontainers.image.authors=Budiman Jojo <budimanjojo@gmail.com>"
+      - "--label=org.opencontainers.image.description=A tool to help creating Talos kubernetes cluster"
+
+docker_manifests:
+  - name_template: "ghcr.io/budimanjojo/{{.ProjectName}}:v{{.Version}}"
+    image_templates:
+      - "ghcr.io/budimanjojo/{{.ProjectName}}:v{{.Version}}-amd64"
+      - "ghcr.io/budimanjojo/{{.ProjectName}}:v{{.Version}}-arm64v8"
+  - name_template: "ghcr.io/budimanjojo/{{.ProjectName}}:latest"
+    image_templates:
+      - "ghcr.io/budimanjojo/{{.ProjectName}}:v{{.Version}}-amd64"
+      - "ghcr.io/budimanjojo/{{.ProjectName}}:v{{.Version}}-arm64v8"
\ No newline at end of file
diff --git a/Dockerfile b/Dockerfile
index 3a740f8c..c631fa63 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,21 +1,3 @@
-ARG VERSION
-
-## ================================================================================================
-## Builder Stage -> creating the binary
-## ================================================================================================
-FROM golang:1.23.0-alpine AS builder
-ARG VERSION
-
-WORKDIR /build
-COPY . .
-RUN go build -ldflags="-s -w -X github.com/budimanjojo/talhelper/v3/cmd.version=${VERSION}" -o /usr/local/bin/talhelper
-
-
-## ================================================================================================
-## Serving/Production Stage
-## ================================================================================================
-FROM scratch
-COPY --from=builder /usr/local/bin/talhelper /usr/local/bin/talhelper
-COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
-WORKDIR /config
-ENTRYPOINT [ "/usr/local/bin/talhelper" ]
+FROM alpine:3.20.3@sha256:beefdbd8a1da6d2915566fde36db9db0b524eb737fc57cd1367effd16dc0d06d
+COPY talhelper /bin/talhelper
+ENTRYPOINT ["/bin/talhelper"]