-
Notifications
You must be signed in to change notification settings - Fork 165
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
- Loading branch information
Showing
24 changed files
with
507 additions
and
309 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
/bin | ||
/coverage | ||
/release |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,96 @@ | ||
name: build | ||
|
||
on: | ||
workflow_dispatch: | ||
push: | ||
branches: | ||
- 'master' | ||
tags: | ||
- 'v*' | ||
pull_request: | ||
branches: | ||
- 'master' | ||
|
||
env: | ||
RELEASE_OUT: "./release" | ||
|
||
jobs: | ||
test: | ||
runs-on: ${{ matrix.os }} | ||
strategy: | ||
fail-fast: false | ||
matrix: | ||
os: | ||
- ubuntu-latest | ||
- macOS-latest | ||
- windows-latest | ||
steps: | ||
- | ||
name: Checkout | ||
uses: actions/checkout@v2 | ||
- | ||
name: Set up Go | ||
uses: actions/setup-go@v2 | ||
with: | ||
go-version: 1.16 | ||
- | ||
name: Install deps | ||
if: ${{ matrix.os == 'ubuntu-latest' }} | ||
run: | | ||
sudo apt-get update | ||
sudo apt-get install -y dbus-x11 gnome-keyring libsecret-1-dev pass | ||
- | ||
name: Test | ||
run: | | ||
go test -short -v -coverprofile=./coverage.txt -covermode=atomic ./... | ||
go tool cover -func=./coverage.txt | ||
shell: bash | ||
- | ||
name: Send to Codecov | ||
uses: codecov/codecov-action@v2 | ||
with: | ||
file: ./coverage.txt | ||
|
||
build: | ||
runs-on: ubuntu-latest | ||
needs: | ||
- test | ||
steps: | ||
- | ||
name: Checkout | ||
uses: actions/checkout@v2 | ||
- | ||
name: Set up QEMU | ||
uses: docker/setup-qemu-action@v1 | ||
- | ||
name: Set up Docker Buildx | ||
uses: docker/setup-buildx-action@v1 | ||
- | ||
name: Test | ||
run: | | ||
make test | ||
- | ||
name: Send to Codecov | ||
uses: codecov/codecov-action@v2 | ||
with: | ||
file: ./coverage/coverage.txt | ||
- | ||
name: Build | ||
run: | | ||
make release | ||
- | ||
name: Upload artifacts | ||
uses: actions/upload-artifact@v2 | ||
with: | ||
name: docker-credential-helpers | ||
path: ${{ env.RELEASE_OUT }}/* | ||
if-no-files-found: error | ||
# - | ||
# name: GitHub Release | ||
# if: startsWith(github.ref, 'refs/tags/v') | ||
# uses: softprops/action-gh-release@v1 | ||
# env: | ||
# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
# with: | ||
# draft: true | ||
# files: ${{ env.RELEASE_OUT }}/* |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
name: validate | ||
|
||
on: | ||
workflow_dispatch: | ||
push: | ||
branches: | ||
- 'master' | ||
tags: | ||
- 'v*' | ||
pull_request: | ||
branches: | ||
- 'master' | ||
|
||
jobs: | ||
validate: | ||
runs-on: ubuntu-latest | ||
strategy: | ||
fail-fast: false | ||
matrix: | ||
target: | ||
- lint | ||
- vendor-validate | ||
steps: | ||
- | ||
name: Checkout | ||
uses: actions/checkout@v2 | ||
- | ||
name: Run | ||
run: | | ||
make ${{ matrix.target }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,3 @@ | ||
bin | ||
release | ||
/bin | ||
/coverage | ||
/release |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
run: | ||
timeout: 10m | ||
modules-download-mode: vendor | ||
build-tags: | ||
|
||
linters: | ||
enable: | ||
- gofmt | ||
- govet | ||
- deadcode | ||
- goimports | ||
- ineffassign | ||
- misspell | ||
- unused | ||
- varcheck | ||
- golint | ||
- staticcheck | ||
- typecheck | ||
- structcheck | ||
disable-all: true | ||
|
||
issues: | ||
exclude-rules: | ||
- linters: | ||
- golint | ||
text: "stutters" |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,120 @@ | ||
# syntax=docker/dockerfile:1.3-labs | ||
ARG GO_VERSION=1.16 | ||
|
||
# xx is a helper for cross-compilation | ||
FROM --platform=$BUILDPLATFORM tonistiigi/xx:1.0.0-rc.2 AS xx | ||
|
||
FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-alpine AS gobase | ||
COPY --from=xx / / | ||
RUN apk add --no-cache clang file gcc git libsecret-dev lld musl-dev pass | ||
ENV GOFLAGS="-mod=vendor" | ||
ENV CGO_ENABLED="1" | ||
WORKDIR /src | ||
|
||
FROM gobase AS version | ||
RUN --mount=target=. \ | ||
PKG=github.com/docker/docker-credential-helpers VERSION=$(git describe --match 'v[0-9]*' --dirty='.m' --always --tags) REVISION=$(git rev-parse HEAD)$(if ! git diff --no-ext-diff --quiet --exit-code; then echo .m; fi); \ | ||
echo "-s -w -X ${PKG}/credentials.Version=${VERSION} -X ${PKG}/credentials.Revision=${REVISION} -X ${PKG}/credentials.Package=${PKG}" | tee /tmp/.ldflags; \ | ||
echo -n "${VERSION}" | tee /tmp/.version; | ||
|
||
FROM gobase AS build-linux | ||
ARG TARGETOS | ||
ARG TARGETPLATFORM | ||
RUN --mount=type=bind,target=. \ | ||
--mount=type=cache,target=/root/.cache \ | ||
--mount=type=cache,target=/go/pkg/mod \ | ||
--mount=type=bind,from=version,source=/tmp/.ldflags,target=/tmp/.ldflags <<EOT | ||
set -ex | ||
mkdir /out | ||
xx-go build -ldflags "$(cat /tmp/.ldflags)" -o /out/docker-credential-pass ./pass/cmd/main.go | ||
xx-verify /out/docker-credential-pass | ||
xx-go build -ldflags "$(cat /tmp/.ldflags)" -o /out/docker-credential-secretservice ./secretservice/cmd/main_linux.go | ||
xx-verify /out/docker-credential-secretservice | ||
EOT | ||
|
||
FROM gobase AS build-darwin | ||
ARG TARGETOS | ||
ARG TARGETPLATFORM | ||
RUN --mount=type=bind,target=. \ | ||
--mount=type=cache,target=/root/.cache \ | ||
--mount=type=cache,target=/go/pkg/mod \ | ||
--mount=type=bind,from=dockercore/golang-cross:xx-sdk-extras,src=/xx-sdk,target=/xx-sdk \ | ||
--mount=type=bind,from=version,source=/tmp/.ldflags,target=/tmp/.ldflags <<EOT | ||
set -ex | ||
mkdir /out | ||
xx-go install std | ||
xx-go build -ldflags "$(cat /tmp/.ldflags)" -o /out/docker-credential-osxkeychain ./osxkeychain/cmd/main_darwin.go | ||
xx-verify /out/docker-credential-osxkeychain | ||
EOT | ||
|
||
FROM gobase AS build-windows | ||
ARG TARGETOS | ||
ARG TARGETPLATFORM | ||
RUN --mount=type=bind,target=. \ | ||
--mount=type=cache,target=/root/.cache \ | ||
--mount=type=cache,target=/go/pkg/mod \ | ||
--mount=type=bind,from=version,source=/tmp/.ldflags,target=/tmp/.ldflags <<EOT | ||
set -ex | ||
mkdir /out | ||
xx-go build -ldflags "$(cat /tmp/.ldflags)" -o /out/docker-credential-wincred.exe ./wincred/cmd/main_windows.go | ||
xx-verify /out/docker-credential-wincred.exe | ||
EOT | ||
|
||
FROM build-$TARGETOS AS build | ||
|
||
FROM scratch AS binaries | ||
COPY --from=build /out / | ||
|
||
FROM debian:bullseye-slim AS build-deb | ||
RUN apt-get update && \ | ||
apt-get install -y debhelper dh-make libsecret-1-dev pass | ||
WORKDIR /build | ||
COPY --from=build /out/docker-credential-pass ./docker-credential-pass/usr/bin/ | ||
COPY --from=build /out/docker-credential-secretservice ./docker-credential-secretservice/usr/bin/ | ||
RUN --mount=type=bind,from=version,source=/tmp/.version,target=/tmp/.version <<EOT | ||
#!/usr/bin/env bash | ||
set -e | ||
version=$(cat /tmp/.version) | ||
if [ ${#version} = 7 ]; then | ||
version="v0.0.0+${version}" | ||
fi | ||
mkdir -p ./docker-credential-pass/DEBIAN | ||
cat > ./docker-credential-pass/DEBIAN/control <<EOL | ||
Package: docker-credential-pass | ||
Version: ${version:1} | ||
Architecture: any | ||
Depends: pass | ||
Maintainer: Docker <support@docker.com> | ||
Description: docker-credential-pass is a credential helper backend | ||
which uses the pass utility to keep Docker credentials safe. | ||
EOL | ||
mkdir -p ./docker-credential-secretservice/DEBIAN | ||
cat > ./docker-credential-secretservice/DEBIAN/control <<EOL | ||
Package: docker-credential-secretservice | ||
Version: ${version:1} | ||
Architecture: any | ||
Depends: libsecret-1-0 | ||
Maintainer: Docker <support@docker.com> | ||
Description: docker-credential-secretservice is a credential helper backend | ||
which uses libsecret to keep Docker credentials safe. | ||
EOL | ||
dpkg-deb --build docker-credential-pass | ||
dpkg-deb --build docker-credential-secretservice | ||
EOT | ||
|
||
FROM scratch AS deb | ||
COPY --from=build-deb /build/*.deb / | ||
|
||
FROM gobase AS test | ||
RUN --mount=type=bind,target=. \ | ||
--mount=type=cache,target=/root/.cache \ | ||
--mount=type=cache,target=/go/pkg/mod <<EOT | ||
set -e | ||
xx-go test -short -v -coverprofile=/tmp/coverage.txt -covermode=atomic ./... | ||
xx-go tool cover -func=/tmp/coverage.txt | ||
EOT | ||
|
||
FROM scratch AS test-coverage | ||
COPY --from=test /tmp/coverage.txt /coverage.txt | ||
|
||
FROM binaries |
This file was deleted.
Oops, something went wrong.
Oops, something went wrong.