From aff5d458c7b21409c51cca765223f9ed1a72a7f7 Mon Sep 17 00:00:00 2001 From: Daichi Sakaue Date: Wed, 23 Oct 2024 17:32:28 +0900 Subject: [PATCH] Reflect comments Signed-off-by: Daichi Sakaue --- .github/workflows/ci.yaml | 17 ++++++++++++++++- .github/workflows/release.yaml | 16 +++++++++------- Dockerfile | 5 +++-- Makefile | 12 +++++++++--- e2e/testdata/cilium-agent-proxy.yaml | 1 + 5 files changed, 38 insertions(+), 13 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index df33b35..447a007 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -27,11 +27,26 @@ jobs: with: github_token: ${{ secrets.GITHUB_TOKEN }} - name: Setup tools - run: make setup + run: make setup download-cilium-cli - name: Run code check run: make check-generate - name: Run lint run: make lint + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Build cilium-agent-proxy + uses: docker/build-push-action@v6 + with: + context: . + file: ./Dockerfile + push: false + tags: cilium-agent-proxy:dev - name: Run environment working-directory: e2e run: | diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 8da5898..a0c6d04 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -24,6 +24,15 @@ jobs: echo "Tag v${{ inputs.tag }} already exists" exit 1 fi + - uses: actions/setup-go@v4 + with: + go-version-file: go.mod + - name: Build + run: | + make build + cd bin; tar -czvf npv_v${{ inputs.tag }}_amd64.tar.gz npv + - name: Download Cilium CLI + run: make download-cilium-cli - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Login to GitHub Container Registry @@ -39,13 +48,6 @@ jobs: file: ./Dockerfile push: true tags: ghcr.io/cybozu-go/cilium-agent-proxy:${{ inputs.tag }} - - uses: actions/setup-go@v4 - with: - go-version-file: go.mod - - name: Build - run: | - make build - cd bin; tar -czvf npv_v${{ inputs.tag }}_amd64.tar.gz npv - name: Setup Git Config run: | git config --global user.name github-actions diff --git a/Dockerfile b/Dockerfile index bd9d8d8..98b9d17 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,9 +10,10 @@ RUN go mod download # Copy the go source COPY cmd/cilium-agent-proxy/ cmd/cilium-agent-proxy/ +COPY Makefile Makefile # Build -RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags="-w -s" -o cilium-agent-proxy ./cmd/cilium-agent-proxy +RUN make build-proxy # Compose the manager container FROM ghcr.io/cybozu/ubuntu:22.04 @@ -20,6 +21,6 @@ LABEL org.opencontainers.image.source=https://github.com/cybozu-go/network-polic WORKDIR / COPY bin/download/cilium / -COPY --from=builder /work/cilium-agent-proxy / +COPY --from=builder /work/bin/cilium-agent-proxy / ENTRYPOINT ["/cilium-agent-proxy"] diff --git a/Makefile b/Makefile index e7137d2..d66a83a 100644 --- a/Makefile +++ b/Makefile @@ -19,7 +19,7 @@ help: ## Display this help @awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n make \033[36m\033[0m\n"} /^[a-zA-Z_0-9-]+:.*?##/ { printf " \033[36m%-15s\033[0m %s\n", $$1, $$2 } /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) } ' $(MAKEFILE_LIST) .PHONY: setup -setup: $(CILIUM_CLI) $(CUSTOMCHECKER) $(STATICCHECK) ## Install necessary tools +setup: $(CUSTOMCHECKER) $(STATICCHECK) ## Install necessary tools if ! which aqua; then \ echo 'setup needs aqua.'; \ exit 1; \ @@ -28,7 +28,8 @@ setup: $(CILIUM_CLI) $(CUSTOMCHECKER) $(STATICCHECK) ## Install necessary tools $(HELM) repo add cilium https://helm.cilium.io/ $(HELM) repo update cilium -$(CILIUM_CLI): +.PHONY: download-cilium-cli +download-cilium-cli: mkdir -p $(TOOLS_DIR) CONTAINER_ID=$$(docker run --detach --entrypoint pause ghcr.io/cybozu/cilium:$(CILIUM_IMAGE_VERSION)); \ docker cp $${CONTAINER_ID}:/usr/bin/cilium $(CILIUM_CLI); \ @@ -51,7 +52,12 @@ clean: .PHONY: build build: ## Build network-policy-viewer mkdir -p $(BIN_DIR) - go build -trimpath -ldflags "-w -s" -o $(BIN_DIR)/npv ./cmd/npv + CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -trimpath -ldflags "-w -s" -o $(BIN_DIR)/npv ./cmd/npv + +.PHONY: build-proxy +build-proxy: ## Build cilium-agent-proxy + mkdir -p $(BIN_DIR) + CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -trimpath -ldflags="-w -s" -o $(BIN_DIR)/cilium-agent-proxy ./cmd/cilium-agent-proxy .PHONY: check-generate check-generate: diff --git a/e2e/testdata/cilium-agent-proxy.yaml b/e2e/testdata/cilium-agent-proxy.yaml index 401248a..0727244 100644 --- a/e2e/testdata/cilium-agent-proxy.yaml +++ b/e2e/testdata/cilium-agent-proxy.yaml @@ -30,6 +30,7 @@ spec: - name: cilium-socket hostPath: path: /var/run/cilium + # "cilium bpf policy get" reads from /sys/fs/bpf - name: bpf hostPath: path: /sys/fs/bpf