Merge branch 'v1.5' into podman

spiffe · Dec 19, 2023 · d90a086 · d90a086
2 parents 03c1adc + 41c6f0d
commit d90a086
Show file tree

Hide file tree

Showing 133 changed files with 37,930 additions and 21,679 deletions.
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -15,24 +15,24 @@ jobs:
           EOF
 
       - name: Check out repository code
-        uses: actions/checkout@v3.5.3
+        uses: actions/checkout@v4.1.1
 
       - name: Install Golang
-        uses: actions/setup-go@v4.0.1
+        uses: actions/setup-go@v5.0.0
         with:
           go-version-file: go.mod
           check-latest: true
           cache: true
 
-      - uses: actions/setup-node@v3.7.0
+      - uses: actions/setup-node@v4.0.0
         with:
           node-version: '18'
 
       - name: Download modules
         run: go mod download
 
       - name: golangci-lint
-        uses: golangci/golangci-lint-action@v3.6.0
+        uses: golangci/golangci-lint-action@v3.7.0
         with:
           version: v1.53
           args: --timeout 7m

diff --git a/.github/workflows/master-build.yaml b/.github/workflows/master-build.yaml
@@ -3,7 +3,7 @@ on:
   push:
     branches:
     - main
-    - v1.4
+    - v1.5
 jobs:
   tornjak-build:
     runs-on: ubuntu-latest
@@ -19,10 +19,10 @@ jobs:
           EOF
 
       - name: Check out repository code
-        uses: actions/checkout@v3.5.3
+        uses: actions/checkout@v4.1.1
 
       - name: Install Golang
-        uses: actions/setup-go@v4.0.1
+        uses: actions/setup-go@v5.0.0
         with:
           go-version-file: go.mod
           check-latest: true
@@ -31,21 +31,21 @@ jobs:
       - name: Download modules
         run: go mod download
 
-      - uses: actions/setup-node@v3.7.0
+      - uses: actions/setup-node@v4.0.0
         with:
           node-version: '18'
 
       - name: Download modules
         run: go mod download
 
       - name: golangci-lint
-        uses: golangci/golangci-lint-action@v3.6.0
+        uses: golangci/golangci-lint-action@v3.7.0
         with:
           version: v1.53
           args: --timeout 7m
 
       - name: Log in to GHCR.io
-        uses: docker/login-action@v2.2.0
+        uses: docker/login-action@v3.0.0
         with:
           registry: ghcr.io
           username: ${{ github.repository_owner }}
@@ -59,17 +59,19 @@ jobs:
         run: echo "REPO=ghcr.io/${{ github.repository_owner }}" >> $GITHUB_ENV
 
       # build and push images tagged with GITHUB_SHA, version, and latest
-      - name: Build and push tornjak backend image
-        run: make release-tornjak-backend
+      - name: Build and push tornjak images
+        run: make release-images
 
-      - name: Build and push tornjak frontend image
-        run: make release-tornjak-frontend
+      # build and push UBI images
+      - name: Add ubi prefix
+        run: echo "IMAGE_TAG_PREFIX=ubi-" >> $GITHUB_ENV
+      - name: Set frontend Dockerfile
+        run: echo "DOCKERFILE_FRONTEND=frontend/Dockerfile.frontend-container.ubi" >> $GITHUB_ENV
+      - name: Set backend Dockerfile
+        run: echo "DOCKERFILE_BACKEND=Dockerfile.backend-container.ubi" >> $GITHUB_ENV
 
-      - name: Build and push tornjak image (frontend+backend)
-        run: make release-tornjak
-
-      - name: Build and push tornjak manager image
-        run: make release-tornjak-manager
+      - name: Build and push UBI images
+        run: make release-images
 
       - name: Print job result
         run: |

diff --git a/.gitignore b/.gitignore
@@ -8,15 +8,15 @@
 vendor
 
 # dependencies
-tornjak-frontend/node_modules
-tornjak-frontend/.pnp
-tornjak-frontend/.pnp.js
+frontend/node_modules
+frontend/.pnp
+frontend/.pnp.js
 
 # testing
-tornjak-frontend/coverage
+frontend/coverage
 
 # production
-tornjak-frontend/build
+frontend/build
 
 # misc
 .DS_Store

diff --git a/Dockerfile.backend-container b/Dockerfile.backend-container
@@ -5,15 +5,32 @@ WORKDIR /opt/spire
 ENTRYPOINT ["/opt/spire/run_backend.sh"]
 
 # Add init
-COPY run_backend.sh run_backend.sh
+COPY scripts/run_backend.sh run_backend.sh
 COPY bin/tornjak-backend tornjak-backend
 
 # add a version link to the image description
 ARG version
 ARG github_sha
-LABEL org.opencontainers.image.description="Tornjak backend ($version): https://github.com/spiffe/tornjak/releases/tag/$version" \
+LABEL org.opencontainers.image.description="Tornjak backend ($version) Alpine based image: https://github.com/spiffe/tornjak/releases/tag/$version" \
       org.opencontainers.image.source="https://github.com/spiffe/tornjak" \
-      org.opencontainers.image.documentation="https://github.com/spiffe/tornjak/tree/main/docs" 
+      org.opencontainers.image.documentation="https://github.com/spiffe/tornjak/tree/main/docs"
+
+# Additional labels
+LABEL architecture="amd64" \
+      build-date="" \
+      description="Tornjak Backend" \ 
+      io.k8s.description="Tornjak Backend" \
+      io.k8s.display-name="tornjak-backend" \
+      maintainer="" \
+      name="spiffe/tornjak-backend" \
+      release="$version" \
+      summary="Tornjak backend image" \
+      url="" \
+      vcs-ref="" \
+      vcs-type="" \
+      vendor="" \
+      version="$version"
+
 # create env. variables with the build details
 ENV VERSION=$version
 ENV GITHUB_SHA=$github_sha
diff --git a/Dockerfile.backend-container.ubi b/Dockerfile.backend-container.ubi
@@ -0,0 +1,35 @@
+FROM registry.access.redhat.com/ubi8-micro:latest
+RUN mkdir -p /opt/spire
+
+WORKDIR /opt/spire
+ENTRYPOINT ["/opt/spire/run_backend.sh"]
+
+# Add init
+COPY scripts/run_backend.sh run_backend.sh
+COPY bin/tornjak-backend tornjak-backend
+
+# add a version link to the image description
+ARG version
+ARG github_sha
+LABEL org.opencontainers.image.description="Tornjak backend ($version) UBI based image: https://github.com/spiffe/tornjak/releases/tag/$version" \
+      org.opencontainers.image.source="https://github.com/spiffe/tornjak" \
+      org.opencontainers.image.documentation="https://github.com/spiffe/tornjak/tree/main/docs"
+# replace UBI labels
+LABEL architecture="amd64" \
+      build-date="" \
+      description="Tornjak Backend" \ 
+      io.k8s.description="Tornjak Backend" \
+      io.k8s.display-name="tornjak-backend" \
+      maintainer="" \
+      name="spiffe/tornjak-backend" \
+      release="$version" \
+      summary="Tornjak backend UBI image" \
+      url="" \
+      vcs-ref="" \
+      vcs-type="" \
+      vendor="" \
+      version="$version"
+
+# create env. variables with the build details
+ENV VERSION=$version
+ENV GITHUB_SHA=$github_sha
diff --git a/Dockerfile.tornjak-container b/Dockerfile.tornjak-container
diff --git a/Makefile b/Makefile
@@ -9,9 +9,14 @@ CONTAINER_TORNJAK_TAG ?= $(REPO)/tornjak
 CONTAINER_BACKEND_TAG ?= $(REPO)/tornjak-backend
 CONTAINER_FRONTEND_TAG ?= $(REPO)/tornjak-frontend
 CONTAINER_MANAGER_TAG ?= $(REPO)/tornjak-manager
+IMAGE_TAG_PREFIX ?= 
+
+## dockerfile for each container default to alpine base image
+DOCKERFILE_BACKEND ?= Dockerfile.backend-container
+DOCKERFILE_FRONTEND ?= frontend/Dockerfile.frontend-container
 
 BINARIES=tornjak-backend tornjak-manager
-IMAGES=$(BINARIES) tornjak-frontend tornjak
+IMAGES=$(BINARIES) tornjak-frontend 
 
 GO_VERSION ?= 1.20
 
@@ -58,22 +63,22 @@ vendor: tidy ## Vendor go modules
 PHONY: binaries
 binaries: $(addprefix bin/,$(BINARIES)) ## Build bin/tornjak-backend and bin/tornjak-manager binaries
 
-bin/tornjak-backend: tornjak-backend/cmd/agent $(GO_FILES) | vendor ## Build tornjak-backend binary
+bin/tornjak-backend: cmd/agent $(GO_FILES) | vendor ## Build tornjak-backend binary
 	# Build hack because of flake of imported go module
 	$(CMD) run --rm -v "${PWD}":/usr/src/myapp -w /usr/src/myapp -e GOOS=linux -e GOARCH=amd64 golang:$(GO_VERSION) \
 		/bin/sh -c "go build --tags 'sqlite_json' -o agent ./$</main.go; go build --tags 'sqlite_json' -mod=vendor -ldflags '-s -w -linkmode external -extldflags "-static"' -o $@ ./$</main.go"
 
-bin/tornjak-manager: tornjak-backend/cmd/manager $(GO_FILES) | vendor ## Build bin/tornjak-manager binary
+bin/tornjak-manager: cmd/manager $(GO_FILES) | vendor ## Build bin/tornjak-manager binary
 	# Build hack because of flake of imported go module
 	$(CMD) run --rm -v "${PWD}":/usr/src/myapp -w /usr/src/myapp -e GOOS=linux -e GOARCH=amd64 golang:$(GO_VERSION) \
 		/bin/sh -c "go build --tags 'sqlite_json' -o tornjak-manager ./$</main.go; go build --tags 'sqlite_json' -mod=vendor -ldflags '-s -w -linkmode external -extldflags "-static"' -o $@ ./$</main.go"
 
 frontend-local-build: ## Build tornjak-frontend
 	npm install --prefix tornjak-frontend
-	rm -rf tornjak-frontend/build
+	rm -rf frontend/build
 	npm run build --prefix tornjak-frontend
 	rm -rf frontend-local-build
-	cp -r tornjak-frontend/build frontend-local-build
+	cp -r frontend/build frontend-local-build
 
 ##@ Container images:
 
@@ -82,30 +87,25 @@ images: $(addprefix image-,$(IMAGES)) ## Build all images
 
 .PHONY: image-tornjak-backend
 image-tornjak-backend: bin/tornjak-backend ## Build image for bin/tornjak-backend 
-	$(CMD) build --no-cache -f $(CMD)file.backend-container --build-arg version=$(VERSION) \
-		--build-arg github_sha=$(GITHUB_SHA) -t $(CONTAINER_BACKEND_TAG):$(VERSION) .
+	$(CMD) build --no-cache -f $(DOCKERFILE_BACKEND) --build-arg version=$(VERSION) \
+		--build-arg github_sha=$(GITHUB_SHA) -t $(CONTAINER_BACKEND_TAG):$(IMAGE_TAG_PREFIX)$(VERSION) .
 
 .PHONY: image-tornjak-manager
 image-tornjak-manager: bin/tornjak-manager ## Build image for bin/tornjak-manager 
-	$(CMD) build --no-cache -f $(CMD)file.tornjak-manager --build-arg version=$(VERSION) \
-		--build-arg github_sha=$(GITHUB_SHA) -t $(CONTAINER_MANAGER_TAG):$(VERSION) .
+	$(CMD) build --no-cache -f Dockerfile.tornjak-manager --build-arg version=$(VERSION) \
+		--build-arg github_sha=$(GITHUB_SHA) -t $(CONTAINER_MANAGER_TAG):$(IMAGE_TAG_PREFIX)$(VERSION) .
 
 .PHONY: image-tornjak-frontend
 image-tornjak-frontend: ## Build image for tornjak-frontend 
-	$(CMD) build --no-cache -f $(CMD)file.frontend-container --build-arg version=$(VERSION) \
-		--build-arg github_sha=$(GITHUB_SHA) -t $(CONTAINER_FRONTEND_TAG):$(VERSION) .
-
-.PHONY: image-tornjak
-image-tornjak: bin/tornjak-backend ## Build image for bin/tornjak-backend and tornjak-frontend bundled in single image
-	$(CMD) build --no-cache -f $(CMD)file.tornjak-container --build-arg version=$(VERSION) \
-		--build-arg github_sha=$(GITHUB_SHA) -t $(CONTAINER_TORNJAK_TAG):$(VERSION) .
+	$(CMD) build --no-cache -f $(DOCKERFILE_FRONTEND) --build-arg version=$(VERSION) \
+		--build-arg github_sha=$(GITHUB_SHA) -t $(CONTAINER_FRONTEND_TAG):$(IMAGE_TAG_PREFIX)$(VERSION) .
 
 ##@ Run:
 
 .PHONY: compose-frontend
-compose-frontend: ## Run frontend using $(CMD)-compose
-	$(CMD)-compose -f $(CMD)-compose-frontend.yml up --build --force-recreate -d
-	$(CMD) tag tornjak-public_tornjak-frontend:latest $(CONTAINER_FRONTEND_TAG):$(VERSION)
+compose-frontend: ## Run frontend using docker-compose
+	docker-compose -f examples/docker-compose/frontend.yml up --build --force-recreate -d
+	docker tag tornjak-public_tornjak-frontend:latest $(CONTAINER_FRONTEND_TAG):$(VERSION)
 
 ##@ Release:
 
@@ -114,24 +114,18 @@ release-images: $(addprefix release-,$(IMAGES)) ## Release all images
 
 .PHONY: release-tornjak-backend
 release-tornjak-backend: image-tornjak-backend ## Release tornjak-backend image
-	$(CMD) push $(CONTAINER_BACKEND_TAG):$(VERSION)
-	$(CMD) tag $(CONTAINER_BACKEND_TAG):$(VERSION) $(CONTAINER_BACKEND_TAG):$(GITHUB_SHA)
-	$(CMD) push $(CONTAINER_BACKEND_TAG):$(GITHUB_SHA)
+	$(CMD) push $(CONTAINER_BACKEND_TAG):$(IMAGE_TAG_PREFIX)$(VERSION)
+	$(CMD) tag $(CONTAINER_BACKEND_TAG):$(IMAGE_TAG_PREFIX)$(VERSION) $(CONTAINER_BACKEND_TAG):$(IMAGE_TAG_PREFIX)$(GITHUB_SHA)
+	$(CMD) push $(CONTAINER_BACKEND_TAG):$(IMAGE_TAG_PREFIX)$(GITHUB_SHA)
 
 .PHONY: release-tornjak-manager
 release-tornjak-manager: image-tornjak-manager ## Release tornjak-manager image
-	$(CMD) push $(CONTAINER_MANAGER_TAG):$(VERSION)
-	$(CMD) tag $(CONTAINER_MANAGER_TAG):$(VERSION) $(CONTAINER_MANAGER_TAG):$(GITHUB_SHA)
-	$(CMD) push $(CONTAINER_MANAGER_TAG):$(GITHUB_SHA)
+	$(CMD) push $(CONTAINER_MANAGER_TAG):$(IMAGE_TAG_PREFIX)$(VERSION)
+	$(CMD) tag $(CONTAINER_MANAGER_TAG):$(IMAGE_TAG_PREFIX)$(VERSION) $(CONTAINER_MANAGER_TAG):$(IMAGE_TAG_PREFIX)$(GITHUB_SHA)
+	$(CMD) push $(CONTAINER_MANAGER_TAG):$(IMAGE_TAG_PREFIX)$(GITHUB_SHA)
 
 .PHONY: release-tornjak-frontend
 release-tornjak-frontend: image-tornjak-frontend ## Release tornjak-frontend image
-	$(CMD) push $(CONTAINER_FRONTEND_TAG):$(VERSION)
-	$(CMD) tag $(CONTAINER_FRONTEND_TAG):$(VERSION) $(CONTAINER_FRONTEND_TAG):$(GITHUB_SHA)
-	$(CMD) push $(CONTAINER_FRONTEND_TAG):$(GITHUB_SHA)
-
-.PHONY: release-tornjak
-release-tornjak: image-tornjak ## Release tornjak image (bundling frontend and backend)
-	$(CMD) push $(CONTAINER_TORNJAK_TAG):$(VERSION)
-	$(CMD) tag $(CONTAINER_TORNJAK_TAG):$(VERSION) $(CONTAINER_TORNJAK_TAG):$(GITHUB_SHA)
-	$(CMD) push $(CONTAINER_TORNJAK_TAG):$(GITHUB_SHA)
+	$(CMD) push $(CONTAINER_FRONTEND_TAG):$(IMAGE_TAG_PREFIX)$(VERSION)
+	$(CMD) tag $(CONTAINER_FRONTEND_TAG):$(IMAGE_TAG_PREFIX)$(VERSION) $(CONTAINER_FRONTEND_TAG):$(IMAGE_TAG_PREFIX)$(GITHUB_SHA)
+	$(CMD) push $(CONTAINER_FRONTEND_TAG):$(IMAGE_TAG_PREFIX)$(GITHUB_SHA)
diff --git a/tornjak-backend/api/agent/api.go → api/agent/api.go b/tornjak-backend/api/agent/api.go → api/agent/api.go
@@ -13,7 +13,7 @@ import (
 	types "github.com/spiffe/spire-api-sdk/proto/spire/api/types"
 	"google.golang.org/grpc/health/grpc_health_v1"
 
-	tornjakTypes "github.com/spiffe/tornjak/tornjak-backend/pkg/agent/types"
+	tornjakTypes "github.com/spiffe/tornjak/pkg/agent/types"
 )
 
 type HealthcheckRequest grpc_health_v1.HealthCheckRequest

diff --git a/tornjak-backend/api/agent/server.go → api/agent/server.go b/tornjak-backend/api/agent/server.go → api/agent/server.go
@@ -20,8 +20,8 @@ import (
 	"github.com/hashicorp/hcl/hcl/token"
 	"github.com/pkg/errors"
 
-	auth "github.com/spiffe/tornjak/tornjak-backend/pkg/agent/auth"
-	agentdb "github.com/spiffe/tornjak/tornjak-backend/pkg/agent/db"
+	auth "github.com/spiffe/tornjak/pkg/agent/auth"
+	agentdb "github.com/spiffe/tornjak/pkg/agent/db"
 )
 
 type Server struct {

diff --git a/tornjak-backend/api/agent/types.go → api/agent/types.go b/tornjak-backend/api/agent/types.go → api/agent/types.go
diff --git a/tornjak-backend/api/manager/api.go → api/manager/api.go b/tornjak-backend/api/manager/api.go → api/manager/api.go
@@ -1,7 +1,7 @@
 package managerapi
 
 import (
-	managertypes "github.com/spiffe/tornjak/tornjak-backend/pkg/manager/types"
+	managertypes "github.com/spiffe/tornjak/pkg/manager/types"
 
 	"github.com/pkg/errors"
 	//types "github.com/spiffe/spire/proto/spire/types"

diff --git a/tornjak-backend/api/manager/server.go → api/manager/server.go b/tornjak-backend/api/manager/server.go → api/manager/server.go
@@ -11,7 +11,7 @@ import (
 	"strings"
 
 	"github.com/gorilla/mux"
-	managerdb "github.com/spiffe/tornjak/tornjak-backend/pkg/manager/db"
+	managerdb "github.com/spiffe/tornjak/pkg/manager/db"
 )
 
 var (

diff --git a/tornjak-backend/cmd/agent/main.go → cmd/agent/main.go b/tornjak-backend/cmd/agent/main.go → cmd/agent/main.go
@@ -11,7 +11,7 @@ import (
 	"github.com/pkg/errors"
 	"github.com/spiffe/spire/cmd/spire-server/cli/run"
 	"github.com/spiffe/spire/pkg/common/catalog"
-	agentapi "github.com/spiffe/tornjak/tornjak-backend/api/agent"
+	agentapi "github.com/spiffe/tornjak/api/agent"
 	"github.com/urfave/cli/v2"
 )