From acae23ebe25b1dd43329a82f066dea2217b92d9d Mon Sep 17 00:00:00 2001 From: Thomas Meire Date: Mon, 26 Aug 2024 09:42:58 +0200 Subject: [PATCH 01/10] Add version argument and push docker image to ghcr on semver tags --- .github/dependabot.yml | 4 ++++ .github/workflows/build.yml | 31 +++++++++++++++++++++++-------- README.md | 19 +++++++++++++++---- 3 files changed, 42 insertions(+), 12 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 636c25c..58a393f 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -10,6 +10,10 @@ updates: schedule: interval: "daily" - package-ecosystem: "docker" + directory: "/" + schedule: + interval: "daily" + - package-ecosystem: "github-actions" directory: "/" schedule: interval: "daily" \ No newline at end of file diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index eef88a3..36d889a 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -2,6 +2,9 @@ name: build on: push: + branches: + tags: + - v* pull_request: branches: - main @@ -14,6 +17,14 @@ jobs: docker: runs-on: ubuntu-latest steps: + - name: Detect version + run: |- + VERSION="development" + if [[ ${{ env.GITHUB_REF_TYPE }} == "tag" ]]; then + VERSION=${{ env.GITHUB_REF_NAME }} + fi + echo "VERSION=$VERSION" >> "$GITHUB_ENV" + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 @@ -22,17 +33,21 @@ jobs: with: target: test push: false + build-args: | + VERSION=${{ env.VERSION }} - # - name: Login to Docker Hub - # uses: docker/login-action@v3 - # with: - # username: ${{ secrets.DOCKERHUB_USERNAME }} - # password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{github.actor}} + password: ${{secrets.GITHUB_TOKEN}} - name: Build production image uses: docker/build-push-action@v6 with: target: production - push: false - # push: true - # tags: blackskad/go-web-scaffold:latest + push: ${{ env.GITHUB_REF_TYPE }} == "tag" + build-args: | + VERSION=${{ env.VERSION }} + tags: ghcr.io/blackskad/go-web-scaffold:${{ env.VERSION }} diff --git a/README.md b/README.md index dc60e59..4cdf7e0 100644 --- a/README.md +++ b/README.md @@ -22,14 +22,26 @@ While the app can be build and run with plain Go commands, it's intended to be b To allow you to easily run the service locally without much local config, a docker-compose.yaml file is included. This file will include everything to run a minimal stack. -### CI pipeline - GitHub only +### GitHub CI pipeline -The project contains a GitHub Actions configuration file to run the docker build stages on `push` and `pull_requests`. It will first run the `test` stage, then it run the `production` stage. +The project contains a GitHub Actions configuration file to run the docker build stages on `push` to any branch and semver tags, and on `pull_requests` against the `main` branch. It will first run the `test` stage, then it run the `production` stage. -While it will build the production image, the workflow is not configured to push the image to a docker image registry. You will have to uncomment the docker login job, change the `push` argument for the production job to `true`, and set a proper image tag. +When the pipeline runs for a semver tag, the tag will be embedded in the binary as the application version and the image will be pushed to ghcr. None of the other runs will push a docker image. + +While it is recommended to follow [trunk-based development](https://trunkbaseddevelopment.com/), it is not enforced by the build system in any way. In your GitHub repository, there is an option to configure rulesets for your main branch. Within the ruleset, the success of the build workflow can be made required for each pull requests. For more information, please see the [GitHub documentation](https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/available-rules-for-rulesets#require-status-checks-to-pass-before-merging). + +### Versioning + +The CI pipeline is set up to manage with a semantic versioning scheme. + +* The `main` branch, or trunk is where all the development happens for the next release. +* When a new release should be made, create a new branch `release-${MAJOR}.${MINOR}` and push it to GitHub. Once pushed, a new tag `v${MAJOR}.${MINOR}.0-rc.0` will automatically be created. Once tagged, a new build will kick off for that tag that publishes a docker image with the same tag. +* Every time a new release is made, push a new, empty commit with an incremented tag to the release branch. Every semver tag will kick off + + ### App configuration The main configuration will be done through environment variables. The environment package will parse the environment variables into a struct that can then be passed around through the service. @@ -38,7 +50,6 @@ The main configuration will be done through environment variables. The environme The service always runs with pprof enabled on port 6060. This allows you to fetch runtime profiling information on `http://localhost:6060/debug/pprof` - ### Observability #### Metrics From cca62090b8d5bd5c06e9a2eef8c889b9c94069ca Mon Sep 17 00:00:00 2001 From: Thomas Meire Date: Mon, 26 Aug 2024 10:10:01 +0200 Subject: [PATCH 02/10] Fix condition, group otel updates --- .github/dependabot.yml | 4 ++++ .github/workflows/build.yml | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 58a393f..eb99abb 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -9,6 +9,10 @@ updates: directory: "/" schedule: interval: "daily" + groups: + otel-dependencies: + patterns: + - "go.opentelemetry.io/*" - package-ecosystem: "docker" directory: "/" schedule: diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 36d889a..2eac662 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -20,7 +20,7 @@ jobs: - name: Detect version run: |- VERSION="development" - if [[ ${{ env.GITHUB_REF_TYPE }} == "tag" ]]; then + if [[ "${{ env.GITHUB_REF_TYPE }}" == "tag" ]]; then VERSION=${{ env.GITHUB_REF_NAME }} fi echo "VERSION=$VERSION" >> "$GITHUB_ENV" From 5edbcba6c136b7ee497132c760ec68e842bfb7b3 Mon Sep 17 00:00:00 2001 From: Thomas Meire Date: Mon, 26 Aug 2024 10:23:15 +0200 Subject: [PATCH 03/10] Put push condition within curly braces --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 2eac662..f73e19b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -47,7 +47,7 @@ jobs: uses: docker/build-push-action@v6 with: target: production - push: ${{ env.GITHUB_REF_TYPE }} == "tag" + push: ${{ env.GITHUB_REF_TYPE == "tag" }} build-args: | VERSION=${{ env.VERSION }} tags: ghcr.io/blackskad/go-web-scaffold:${{ env.VERSION }} From 5150a0f296f4131634ca3767cef5d4865e162479 Mon Sep 17 00:00:00 2001 From: Thomas Meire Date: Mon, 26 Aug 2024 10:33:56 +0200 Subject: [PATCH 04/10] Trigger build From aa5434720150282382d8d0fcbc5e4c2beff3885c Mon Sep 17 00:00:00 2001 From: Thomas Meire Date: Mon, 26 Aug 2024 10:39:58 +0200 Subject: [PATCH 05/10] Disable production build for debugging --- .github/workflows/build.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f73e19b..f9fb367 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -40,14 +40,14 @@ jobs: uses: docker/login-action@v3 with: registry: ghcr.io - username: ${{github.actor}} - password: ${{secrets.GITHUB_TOKEN}} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} - - name: Build production image - uses: docker/build-push-action@v6 - with: - target: production - push: ${{ env.GITHUB_REF_TYPE == "tag" }} - build-args: | - VERSION=${{ env.VERSION }} - tags: ghcr.io/blackskad/go-web-scaffold:${{ env.VERSION }} + # - name: Build production image + # uses: docker/build-push-action@v6 + # with: + # target: production + # push: ${{ env.GITHUB_REF_TYPE == "tag" }} + # build-args: | + # VERSION=${{ env.VERSION }} + # tags: ghcr.io/blackskad/go-web-scaffold:${{ env.VERSION }} From 21f1e20b137a3456049f14e5218320d0dc1876f9 Mon Sep 17 00:00:00 2001 From: Thomas Meire Date: Mon, 26 Aug 2024 10:44:10 +0200 Subject: [PATCH 06/10] Re-enable production build but remove push condition --- .github/workflows/build.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f9fb367..ae65752 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -43,11 +43,11 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - # - name: Build production image - # uses: docker/build-push-action@v6 - # with: - # target: production - # push: ${{ env.GITHUB_REF_TYPE == "tag" }} - # build-args: | - # VERSION=${{ env.VERSION }} - # tags: ghcr.io/blackskad/go-web-scaffold:${{ env.VERSION }} + - name: Build production image + uses: docker/build-push-action@v6 + with: + target: production + push: true #${{ env.GITHUB_REF_TYPE == "tag" }} + build-args: | + VERSION=${{ env.VERSION }} + tags: ghcr.io/blackskad/go-web-scaffold:${{ env.VERSION }} From e7e5da85cc3ac7b9f19424cd2dfc685a66bc752d Mon Sep 17 00:00:00 2001 From: Thomas Meire Date: Mon, 26 Aug 2024 13:23:37 +0200 Subject: [PATCH 07/10] Retry push only on tag ref type --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ae65752..c9f8938 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -47,7 +47,7 @@ jobs: uses: docker/build-push-action@v6 with: target: production - push: true #${{ env.GITHUB_REF_TYPE == "tag" }} + push: ${{ env.GITHUB_REF_TYPE == "tag" }} build-args: | VERSION=${{ env.VERSION }} tags: ghcr.io/blackskad/go-web-scaffold:${{ env.VERSION }} From 86dfe3147e55158021dea9eb4968bcd0bf770843 Mon Sep 17 00:00:00 2001 From: Thomas Meire Date: Mon, 26 Aug 2024 13:32:15 +0200 Subject: [PATCH 08/10] Change github vars --- .github/workflows/build.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index c9f8938..b08ec9c 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -20,8 +20,8 @@ jobs: - name: Detect version run: |- VERSION="development" - if [[ "${{ env.GITHUB_REF_TYPE }}" == "tag" ]]; then - VERSION=${{ env.GITHUB_REF_NAME }} + if [[ "${{ github.ref_type }}" == "tag" ]]; then + VERSION=${{ github.ref_name }} fi echo "VERSION=$VERSION" >> "$GITHUB_ENV" @@ -47,7 +47,7 @@ jobs: uses: docker/build-push-action@v6 with: target: production - push: ${{ env.GITHUB_REF_TYPE == "tag" }} + push: ${{ github.ref_type == "tag" }} build-args: | VERSION=${{ env.VERSION }} tags: ghcr.io/blackskad/go-web-scaffold:${{ env.VERSION }} From 2990fb6221e6259273e7eef8bdd3520a8d1c1c67 Mon Sep 17 00:00:00 2001 From: Thomas Meire Date: Mon, 26 Aug 2024 13:38:43 +0200 Subject: [PATCH 09/10] Change github vars --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index b08ec9c..9c3cb5b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -47,7 +47,7 @@ jobs: uses: docker/build-push-action@v6 with: target: production - push: ${{ github.ref_type == "tag" }} + push: ${{ github.ref_type }} build-args: | VERSION=${{ env.VERSION }} tags: ghcr.io/blackskad/go-web-scaffold:${{ env.VERSION }} From 8903a7076c077100604ff5c663be3ac705d6f142 Mon Sep 17 00:00:00 2001 From: Thomas Meire Date: Mon, 26 Aug 2024 13:40:46 +0200 Subject: [PATCH 10/10] try single quotes --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 9c3cb5b..0fe6942 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -47,7 +47,7 @@ jobs: uses: docker/build-push-action@v6 with: target: production - push: ${{ github.ref_type }} + push: ${{ github.ref_type == 'tag' }} build-args: | VERSION=${{ env.VERSION }} tags: ghcr.io/blackskad/go-web-scaffold:${{ env.VERSION }}