From 699ff76e4271f5f750a4609ae588da7d0d36fca8 Mon Sep 17 00:00:00 2001 From: David Allen Date: Tue, 30 Jul 2024 10:36:16 -0600 Subject: [PATCH 01/13] Added Dockerfile and Makefile rule --- Dockerfile | 14 ++++++++++++++ Makefile | 23 ++++++++++++++--------- 2 files changed, 28 insertions(+), 9 deletions(-) create mode 100644 Dockerfile diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..97d906e --- /dev/null +++ b/Dockerfile @@ -0,0 +1,14 @@ +FROM cgr.dev/chainguard/wolfi-base + +RUN apk add --no-cache tini bash + +# nobody 65534:65534 +USER 65534:65534 + +# copy the binary and all of the default plugins +COPY configurator /configurator +COPY lib/* /lib/* + +CMD ["/configurator"] + +ENTRYPOINT [ "/sbin/tini", "--" ] \ No newline at end of file diff --git a/Makefile b/Makefile index 0ca212f..49f7065 100644 --- a/Makefile +++ b/Makefile @@ -5,21 +5,26 @@ all: plugins exe test # build the main executable to make configs main: exe driver: exe +binaries: exe exe: go build --tags=all -o configurator + +docker: binaries plugins + docker build -t configurator:latest . + # build all of the generators into plugins plugins: mkdir -p lib - go build -buildmode=plugin -o lib/conman.so internal/generator/plugins/conman/conman.go - go build -buildmode=plugin -o lib/coredhcp.so internal/generator/plugins/coredhcp/coredhcp.go - go build -buildmode=plugin -o lib/dhcpd.so internal/generator/plugins/dhcpd/dhcpd.go - go build -buildmode=plugin -o lib/dnsmasq.so internal/generator/plugins/dnsmasq/dnsmasq.go - go build -buildmode=plugin -o lib/example.so internal/generator/plugins/example/example.go - go build -buildmode=plugin -o lib/hostfile.so internal/generator/plugins/hostfile/hostfile.go - go build -buildmode=plugin -o lib/powerman.so internal/generator/plugins/powerman/powerman.go - go build -buildmode=plugin -o lib/syslog.so internal/generator/plugins/syslog/syslog.go - go build -buildmode=plugin -o lib/warewulf.so internal/generator/plugins/warewulf/warewulf.go + go build -buildmode=plugin -o lib/conman.so pkg/generator/plugins/conman/conman.go + go build -buildmode=plugin -o lib/coredhcp.so pkg/generator/plugins/coredhcp/coredhcp.go + go build -buildmode=plugin -o lib/dhcpd.so pkg/generator/plugins/dhcpd/dhcpd.go + go build -buildmode=plugin -o lib/dnsmasq.so pkg/generator/plugins/dnsmasq/dnsmasq.go + go build -buildmode=plugin -o lib/example.so pkg/generator/plugins/example/example.go + go build -buildmode=plugin -o lib/hostfile.so pkg/generator/plugins/hostfile/hostfile.go + go build -buildmode=plugin -o lib/powerman.so pkg/generator/plugins/powerman/powerman.go + go build -buildmode=plugin -o lib/syslog.so pkg/generator/plugins/syslog/syslog.go + go build -buildmode=plugin -o lib/warewulf.so pkg/generator/plugins/warewulf/warewulf.go # remove executable and all built plugins clean: From 6f027fa7fb7813beffa061efc8ad60de4168d55a Mon Sep 17 00:00:00 2001 From: David Allen Date: Tue, 30 Jul 2024 10:47:39 -0600 Subject: [PATCH 02/13] Added goreleaser and GitHub workflow --- .github/workflows/main.yml | 39 +++++++++++++++++++++++++++++++++++ .goreleaser.yaml | 42 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 81 insertions(+) create mode 100644 .github/workflows/main.yml create mode 100644 .goreleaser.yaml diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml new file mode 100644 index 0000000..0b8ae48 --- /dev/null +++ b/.github/workflows/main.yml @@ -0,0 +1,39 @@ +name: Release with goreleaser + +on: + workflow_dispatch: + push: + tags: + - v* + +permissions: write-all # Necessary for the generate-build-provenance action with containers + +jobs: + + build: + + + runs-on: ubuntu-latest + + steps: + - name: Set up Go 1.21 + uses: actions/setup-go@v5 + with: + go-version: 1.21 + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-tags: 1 + fetch-depth: 0 + - name: Release with goreleaser + uses: goreleaser/goreleaser-action@v6 + env: + GITHUB_TOKEN: ${{ github.token }} + with: + version: latest + args: release --clean + id: goreleaser + - name: Attest Binaries + uses: actions/attest-build-provenance@v1 + with: + subject-path: '${{ github.workspace }}/dist/configurator_linux_amd64_v1/configurator' \ No newline at end of file diff --git a/.goreleaser.yaml b/.goreleaser.yaml new file mode 100644 index 0000000..d5592d1 --- /dev/null +++ b/.goreleaser.yaml @@ -0,0 +1,42 @@ +version: 2 + +before: + hooks: + - go mod download +builds: + - env: + - CGO_ENABLED=1 + goos: + - linux + goarch: + - amd64 +archives: + - format: tar.gz + # this name template makes the OS and Arch compatible with the results of uname. + name_template: >- + {{ .ProjectName }}_ + {{- title .Os }}_ + {{- if eq .Arch "amd64" }}x86_64 + {{- else if eq .Arch "386" }}i386 + {{- else }}{{ .Arch }}{{ end }} + {{- if .Arm }}v{{ .Arm }}{{ end }} + files: + - LICENSE + - CHANGELOG.md + - README.md + - configurator +checksum: + name_template: 'checksums.txt' +snapshot: + name_template: "{{ incpatch .Version }}-next" +changelog: + sort: asc + filters: + exclude: + - '^docs:' + - '^test:' +release: + github: + name_template: "{{.Version}}" + prerelease: auto + mode: append \ No newline at end of file From dbea108f74f0c011a9e960618313616d15d3146b Mon Sep 17 00:00:00 2001 From: David Allen Date: Tue, 30 Jul 2024 11:29:19 -0600 Subject: [PATCH 03/13] Updated Dockerfile and Makefile --- Dockerfile | 6 ++++-- Makefile | 2 +- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 97d906e..b36b37d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,13 +1,15 @@ FROM cgr.dev/chainguard/wolfi-base RUN apk add --no-cache tini bash +RUN mkdir -p /configurator +RUN mkdir -p /configurator/lib # nobody 65534:65534 USER 65534:65534 # copy the binary and all of the default plugins -COPY configurator /configurator -COPY lib/* /lib/* +COPY configurator /configurator/configurator +COPY lib/* /configurator/lib/* CMD ["/configurator"] diff --git a/Makefile b/Makefile index 49f7065..f58451d 100644 --- a/Makefile +++ b/Makefile @@ -11,7 +11,7 @@ exe: docker: binaries plugins - docker build -t configurator:latest . + docker build . --build-arg REGISTRY_HOST=${REGISTRY_HOST} --no-cache --pull --tag '${NAME}:${VERSION}' # build all of the generators into plugins plugins: From a0ee615d30cca7962abc96dbbf42551f74c22730 Mon Sep 17 00:00:00 2001 From: David Allen Date: Tue, 30 Jul 2024 11:32:21 -0600 Subject: [PATCH 04/13] Added local Docker container rule for testing locally --- Makefile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Makefile b/Makefile index f58451d..b5eba96 100644 --- a/Makefile +++ b/Makefile @@ -13,6 +13,9 @@ exe: docker: binaries plugins docker build . --build-arg REGISTRY_HOST=${REGISTRY_HOST} --no-cache --pull --tag '${NAME}:${VERSION}' +docker-testing: binaries plugins + docker build . --tag configurator:testing + # build all of the generators into plugins plugins: mkdir -p lib From 80ade5bf6fa6238bf08095627f7c9977faa13b55 Mon Sep 17 00:00:00 2001 From: David Allen Date: Thu, 1 Aug 2024 11:02:42 -0600 Subject: [PATCH 05/13] Updated README.md to include Docker section --- README.md | 26 +++++++++++++++++++++++++- 1 file changed, 25 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 3fe72a3..acfcb36 100644 --- a/README.md +++ b/README.md @@ -50,6 +50,30 @@ curl http://127.0.0.1:3334/generate?target=dnsmasq -H "Authorization: Bearer $AC This will do the same thing as the `generate` subcommand, but remotely. The access token is only required if the `CONFIGURATOR_JWKS_URL` environment variable is set. The `ACCESS_TOKEN` environment variable passed to `curl` and it's corresponding CLI argument both expects a token as a JWT. +### Docker + +New images can be built and tested using the `Dockerfile` provided in the project. However, the binary executable and the generator plugins must first be built before building the image since the Docker build copies the binary over. Therefore, build all of the binaries first by following the first section of ["Building and Usage"](#building-and-usage). If you run the `make docker`, this will be done for you. Otherwise, run the `docker build` command after building the executable and libraries. + +```bash +docker build -t configurator:testing path/to/configurator/Dockerfile +# ...or +make docker +``` + +Keep in mind that all plugins included in the project are build in the `lib/` directory and copied from there. If you want to easily include your own external generator plugins, you can build it and copy the `lib.so` file to that location. Make sure that the `Generator` interface is implemented correct as described in the ["Creating Generator Plugins"](#creating-generator-plugins) or the plugin will not load. Additionally, the name string returned from the `GetName()` method is used for looking up the plugin after all plugins have been loaded by the main driver. + +Alternatively, pull the latest existing image/container from the GitHub container repository. + +```bash +docker pull ghcr.io/openchami/configurator:latest +``` + +Then, run the container similarly to the binary. + +``` +docker run ghcr.io/openchami/configurator:latest configurator generate --config config.yaml --target dnsmasq +``` + ### Creating Generator Plugins The `configurator` uses generator plugins to define how config files are generated using a `Generator` interface. The interface is defined like so: @@ -64,7 +88,7 @@ type Generator interface { } ``` -A new plugin can be created by implementing the methods from interface and exporting a symbol with `Generator` as the name and the plugin struct as the type. The `GetName()` function returns the name that is used for looking up the corresponding template set in your config file. It can also be included in the templated files with the default plugins using the `{{ plugin_name }}` in your template. The `GetVersion()` and `GetDescription()` functions returns the version and description of the plugin which can be included in the templated files using `{{ plugin_version }}` and `{{ plugin_description }}` respectively with the default plugins. The `Generate` function is where the magic happens to build the config file from a template. +A new plugin can be created by implementing the methods from interface and exporting a symbol with `Generator` as the name and the plugin struct as the type. The `GetName()` function returns the name that is used for looking up the corresponding target set in your config file. It can also be included in the templated files with the default plugins using the `{{ plugin_name }}` in your template. The `GetVersion()` and `GetDescription()` functions returns the version and description of the plugin which can be included in the templated files using `{{ plugin_version }}` and `{{ plugin_description }}` respectively with the default plugins. The `Generate` function is where the magic happens to build the config file from a template. ```go package main From 73ca17dce6b0b7261e27248be48b79a07ff0130a Mon Sep 17 00:00:00 2001 From: David Allen Date: Thu, 1 Aug 2024 15:47:24 -0600 Subject: [PATCH 06/13] Updated Makefile with recommended changes --- Makefile | 50 +++++++++++++++++++++++++++++++------------------- 1 file changed, 31 insertions(+), 19 deletions(-) diff --git a/Makefile b/Makefile index b5eba96..5783752 100644 --- a/Makefile +++ b/Makefile @@ -1,39 +1,51 @@ +# Unless set otherwise, the container runtime is Docker +DOCKER ?= docker + +prog ?= configurator +sources := main.go $(wildcard cmd/*.go) +plugin_source_prefix := pkg/generator/plugins +plugin_sources := $(filter-out %_test.go,$(wildcard $(plugin_source_prefix)/*/*.go)) +plugin_binaries := $(addprefix lib/,$(patsubst %.go,%.so,$(notdir $(plugin_sources)))) # build everything at once +.PHONY: all all: plugins exe test # build the main executable to make configs +.PHONY: main driver binaries exe main: exe driver: exe binaries: exe -exe: - go build --tags=all -o configurator +exe: $(prog) +# build named executable from go sources +$(prog): $(sources) + go build --tags=all -o $(prog) -docker: binaries plugins - docker build . --build-arg REGISTRY_HOST=${REGISTRY_HOST} --no-cache --pull --tag '${NAME}:${VERSION}' +.PHONY: container +container: binaries plugins + $(DOCKER) build . --build-arg --no-cache --pull --tag 'configurator:testing' -docker-testing: binaries plugins - docker build . --tag configurator:testing +.PHONY: container-testing +container-testing: binaries plugins + $(DOCKER) build . --tag configurator:testing # build all of the generators into plugins -plugins: +.PHONY: plugins +plugins: $(plugin_binaries) + +# how to make each plugin +lib/%.so: pkg/generator/plugins/%/*.go mkdir -p lib - go build -buildmode=plugin -o lib/conman.so pkg/generator/plugins/conman/conman.go - go build -buildmode=plugin -o lib/coredhcp.so pkg/generator/plugins/coredhcp/coredhcp.go - go build -buildmode=plugin -o lib/dhcpd.so pkg/generator/plugins/dhcpd/dhcpd.go - go build -buildmode=plugin -o lib/dnsmasq.so pkg/generator/plugins/dnsmasq/dnsmasq.go - go build -buildmode=plugin -o lib/example.so pkg/generator/plugins/example/example.go - go build -buildmode=plugin -o lib/hostfile.so pkg/generator/plugins/hostfile/hostfile.go - go build -buildmode=plugin -o lib/powerman.so pkg/generator/plugins/powerman/powerman.go - go build -buildmode=plugin -o lib/syslog.so pkg/generator/plugins/syslog/syslog.go - go build -buildmode=plugin -o lib/warewulf.so pkg/generator/plugins/warewulf/warewulf.go + go build -buildmode=plugin -o $@ $< # remove executable and all built plugins +.PHONY: clean clean: - rm configurator - rm lib/* + rm -f configurator + rm -f lib/* # run all of the unit tests +.PHONY: test test: - go test ./tests/generate_test.go --tags=all + go test ./tests/generate_test.go --tags=all \ No newline at end of file From 7a1b57931e29445dbf41091fdf15002f72836e91 Mon Sep 17 00:00:00 2001 From: David Allen Date: Thu, 1 Aug 2024 16:02:58 -0600 Subject: [PATCH 07/13] Updated Makefile with changes to container rules --- Makefile | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 5783752..900909f 100644 --- a/Makefile +++ b/Makefile @@ -2,6 +2,7 @@ DOCKER ?= docker prog ?= configurator +git_tag := $(git describe --abbrev=0 --tags) sources := main.go $(wildcard cmd/*.go) plugin_source_prefix := pkg/generator/plugins plugin_sources := $(filter-out %_test.go,$(wildcard $(plugin_source_prefix)/*/*.go)) @@ -24,11 +25,11 @@ $(prog): $(sources) .PHONY: container container: binaries plugins - $(DOCKER) build . --build-arg --no-cache --pull --tag 'configurator:testing' + $(DOCKER) build . --build-arg --no-cache --pull --tag '$(prog):$(git_tag)-dirty' .PHONY: container-testing container-testing: binaries plugins - $(DOCKER) build . --tag configurator:testing + $(DOCKER) build . --tag $(prog):testing # build all of the generators into plugins .PHONY: plugins From 49fd6fb8926aa1dc3de432ff5125c3029096af4a Mon Sep 17 00:00:00 2001 From: David Allen Date: Thu, 1 Aug 2024 16:10:35 -0600 Subject: [PATCH 08/13] Changed space indentations to tabs in Makefile --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 900909f..5273190 100644 --- a/Makefile +++ b/Makefile @@ -21,7 +21,7 @@ exe: $(prog) # build named executable from go sources $(prog): $(sources) - go build --tags=all -o $(prog) + go build --tags=all -o $(prog) .PHONY: container container: binaries plugins From dcff41dd4350e52422d82b05638e3892735094e0 Mon Sep 17 00:00:00 2001 From: David Allen Date: Thu, 1 Aug 2024 16:14:47 -0600 Subject: [PATCH 09/13] Add shell directive to git_tag --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 5273190..af99754 100644 --- a/Makefile +++ b/Makefile @@ -2,7 +2,7 @@ DOCKER ?= docker prog ?= configurator -git_tag := $(git describe --abbrev=0 --tags) +git_tag := $(shell git describe --abbrev=0 --tags) sources := main.go $(wildcard cmd/*.go) plugin_source_prefix := pkg/generator/plugins plugin_sources := $(filter-out %_test.go,$(wildcard $(plugin_source_prefix)/*/*.go)) From be9db173a395d1f22bdc4211ccfeb3403bbb4cda Mon Sep 17 00:00:00 2001 From: David Allen Date: Thu, 1 Aug 2024 16:40:28 -0600 Subject: [PATCH 10/13] Made building pluging and executable prereqs for test rule --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index af99754..e3bb1a4 100644 --- a/Makefile +++ b/Makefile @@ -48,5 +48,5 @@ clean: # run all of the unit tests .PHONY: test -test: +test: $(prog) $(plugin_binaries) go test ./tests/generate_test.go --tags=all \ No newline at end of file From e05bd58ef6281d3678dd4d1e2b66b48e6359efb0 Mon Sep 17 00:00:00 2001 From: "David J. Allen" Date: Mon, 23 Sep 2024 11:28:53 -0600 Subject: [PATCH 11/13] Changed binaries rule to include build plugins --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index e3bb1a4..6b63ac2 100644 --- a/Makefile +++ b/Makefile @@ -16,7 +16,7 @@ all: plugins exe test .PHONY: main driver binaries exe main: exe driver: exe -binaries: exe +binaries: exe plugins exe: $(prog) # build named executable from go sources From bc6e8561790933f248db3eac665ef4fb779698d8 Mon Sep 17 00:00:00 2001 From: "David J. Allen" Date: Mon, 23 Sep 2024 11:29:38 -0600 Subject: [PATCH 12/13] Removed plugins rule that have binaries rule --- Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 6b63ac2..2c18932 100644 --- a/Makefile +++ b/Makefile @@ -24,11 +24,11 @@ $(prog): $(sources) go build --tags=all -o $(prog) .PHONY: container -container: binaries plugins +container: binaries $(DOCKER) build . --build-arg --no-cache --pull --tag '$(prog):$(git_tag)-dirty' .PHONY: container-testing -container-testing: binaries plugins +container-testing: binaries $(DOCKER) build . --tag $(prog):testing # build all of the generators into plugins From e14a8565df6c19af626f6e92eb82276ce3027195 Mon Sep 17 00:00:00 2001 From: "David J. Allen" Date: Wed, 25 Sep 2024 18:09:25 -0600 Subject: [PATCH 13/13] Added --always flag to git_tag to prevent erroring out --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 2c18932..2279b8a 100644 --- a/Makefile +++ b/Makefile @@ -2,7 +2,7 @@ DOCKER ?= docker prog ?= configurator -git_tag := $(shell git describe --abbrev=0 --tags) +git_tag := $(shell git describe --abbrev=0 --tags --always) sources := main.go $(wildcard cmd/*.go) plugin_source_prefix := pkg/generator/plugins plugin_sources := $(filter-out %_test.go,$(wildcard $(plugin_source_prefix)/*/*.go))