diff --git a/.github/workflows/a-pr-scanner.yaml b/.github/workflows/a-pr-scanner.yaml index bf1ed9f8..9a83a31a 100644 --- a/.github/workflows/a-pr-scanner.yaml +++ b/.github/workflows/a-pr-scanner.yaml @@ -89,90 +89,13 @@ jobs: reactions: 'eyes' basic-tests: needs: scanners - name: Create cross-platform build - runs-on: ${{ matrix.os }} - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + uses: ./.github/workflows/b-binary-build-and-e2e-tests.yaml + with: + COMPONENT_NAME: kubescape + CGO_ENABLED: 1 + GO111MODULE: "" + GO_VERSION: "1.19" RELEASE: ${{ inputs.RELEASE }} CLIENT: ${{ inputs.CLIENT }} - strategy: - matrix: - os: [ubuntu-20.04, macos-latest, windows-latest] - steps: - - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # ratchet:actions/checkout@v3 - with: - submodules: recursive - - name: Cache Go modules (Linux) - if: matrix.os == 'ubuntu-latest' - uses: actions/cache@69d9d449aced6a2ede0bc19182fadc3a0a42d2b0 # ratchet:actions/cache@v3 - with: - path: | - ~/.cache/go-build - ~/go/pkg/mod - key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} - restore-keys: | - ${{ runner.os }}-go- - - name: Cache Go modules (macOS) - if: matrix.os == 'macos-latest' - uses: actions/cache@69d9d449aced6a2ede0bc19182fadc3a0a42d2b0 # ratchet:actions/cache@v3 - with: - path: | - ~/Library/Caches/go-build - ~/go/pkg/mod - key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} - restore-keys: | - ${{ runner.os }}-go- - - name: Cache Go modules (Windows) - if: matrix.os == 'windows-latest' - uses: actions/cache@69d9d449aced6a2ede0bc19182fadc3a0a42d2b0 # ratchet:actions/cache@v3 - with: - path: | - ~\AppData\Local\go-build - ~\go\pkg\mod - key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} - restore-keys: | - ${{ runner.os }}-go- - - name: Set up Go - uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # ratchet:actions/setup-go@v3 - with: - go-version: 1.19 - - name: Install MSYS2 & libgit2 (Windows) - shell: cmd - run: .\build.bat all - if: matrix.os == 'windows-latest' - - name: Install pkg-config (macOS) - run: brew install pkg-config - if: matrix.os == 'macos-latest' - - name: Install libgit2 (Linux/macOS) - run: make libgit2 - if: matrix.os != 'windows-latest' - - name: Test core pkg - run: go test "-tags=static,gitenabled" -v ./... - - name: Test httphandler pkg - run: cd httphandler && go test "-tags=static,gitenabled" -v ./... - - name: Build - env: - RELEASE: ${{ inputs.RELEASE }} - CLIENT: ${{ inputs.CLIENT }} - CGO_ENABLED: 1 - run: python3 --version && python3 build.py - - name: Smoke Testing (Windows / MacOS) - env: - RELEASE: ${{ inputs.RELEASE }} - KUBESCAPE_SKIP_UPDATE_CHECK: "true" - run: python3 smoke_testing/init.py ${PWD}/build/kubescape-${{ matrix.os }} - if: matrix.os != 'ubuntu-20.04' - - name: Smoke Testing (Linux) - env: - RELEASE: ${{ inputs.RELEASE }} - KUBESCAPE_SKIP_UPDATE_CHECK: "true" - run: python3 smoke_testing/init.py ${PWD}/build/kubescape-ubuntu-latest - if: matrix.os == 'ubuntu-20.04' - - name: golangci-lint - if: matrix.os == 'ubuntu-20.04' - continue-on-error: true - uses: golangci/golangci-lint-action@08e2f20817b15149a52b5b3ebe7de50aff2ba8c5 # ratchet:golangci/golangci-lint-action@v3 - with: - version: latest - args: --timeout 10m --build-tags=static - only-new-issues: true + CHECKOUT_REPO: ${{ github.repository }} + secrets: inherit diff --git a/.github/workflows/b-binary-build-and-e2e-tests.yaml b/.github/workflows/b-binary-build-and-e2e-tests.yaml index a9f25448..4edfc12e 100644 --- a/.github/workflows/b-binary-build-and-e2e-tests.yaml +++ b/.github/workflows/b-binary-build-and-e2e-tests.yaml @@ -61,10 +61,15 @@ jobs: name: Create cross-platform build env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GOARCH: ${{ matrix.arch }} runs-on: ${{ matrix.os }} strategy: matrix: os: [ubuntu-20.04, macos-latest, windows-latest] + arch: ["", arm64] + exclude: + - os: windows-latest + arch: arm64 steps: - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # ratchet:actions/checkout@v3 @@ -112,6 +117,22 @@ jobs: go-version: ${{ inputs.GO_VERSION }} cache: true + - name: start ${{ matrix.arch }} environment in container + run: | + sudo apt-get install -y binfmt-support qemu-user-static + sudo docker run --platform linux/${{ matrix.arch }} -e RELEASE=${{ inputs.RELEASE }} \ + -e CLIENT=${{ inputs.CLIENT }} -e CGO_ENABLED=${{ inputs.CGO_ENABLED }} \ + -e KUBESCAPE_SKIP_UPDATE_CHECK=true -e GOARCH=${{ matrix.arch }} -v ${PWD}:/work \ + -w /work -v ~/go/pkg/mod:/root/go/pkg/mod -v ~/.cache/go-build:/root/.cache/go-build \ + -d --name build golang:${{ inputs.GO_VERSION }}-bullseye sleep 21600 + sudo docker ps + DOCKER_CMD="sudo docker exec build" + ${DOCKER_CMD} apt update + ${DOCKER_CMD} apt install -y cmake python3 + ${DOCKER_CMD} git config --global --add safe.directory '*' + echo "DOCKER_CMD=${DOCKER_CMD}" >> $GITHUB_ENV; + if: matrix.os == 'ubuntu-20.04' && matrix.arch != '' + - name: Install MSYS2 & libgit2 (Windows) shell: cmd run: .\build.bat all @@ -122,35 +143,44 @@ jobs: if: matrix.os == 'macos-latest' - name: Install libgit2 (Linux/macOS) - run: make libgit2 + run: ${{ env.DOCKER_CMD }} make libgit2${{ matrix.arch }} if: matrix.os != 'windows-latest' - name: Test core pkg - run: go test "-tags=static,gitenabled" -v ./... + run: ${{ env.DOCKER_CMD }} go test "-tags=static,gitenabled" -v ./... + if: "!startsWith(github.ref, 'refs/tags') && matrix.os == 'ubuntu-20.04' && matrix.arch == '' || startsWith(github.ref, 'refs/tags') && (matrix.os != 'macos-latest' || matrix.arch != 'arm64')" - name: Test httphandler pkg - run: cd httphandler && go test "-tags=static,gitenabled" -v ./... + run: ${{ env.DOCKER_CMD }} sh -c 'cd httphandler && go test "-tags=static,gitenabled" -v ./...' + if: "!startsWith(github.ref, 'refs/tags') && matrix.os == 'ubuntu-20.04' && matrix.arch == '' || startsWith(github.ref, 'refs/tags') && (matrix.os != 'macos-latest' || matrix.arch != 'arm64')" - name: Build env: RELEASE: ${{ inputs.RELEASE }} CLIENT: ${{ inputs.CLIENT }} CGO_ENABLED: ${{ inputs.CGO_ENABLED }} - run: python3 --version && python3 build.py + run: ${{ env.DOCKER_CMD }} python3 --version && ${{ env.DOCKER_CMD }} python3 build.py - name: Smoke Testing (Windows / MacOS) env: RELEASE: ${{ inputs.RELEASE }} KUBESCAPE_SKIP_UPDATE_CHECK: "true" run: python3 smoke_testing/init.py ${PWD}/build/kubescape-${{ matrix.os }} - if: matrix.os != 'ubuntu-20.04' + if: startsWith(github.ref, 'refs/tags') && matrix.os != 'ubuntu-20.04' && matrix.arch == '' - - name: Smoke Testing (Linux) + - name: Smoke Testing (Linux amd64) env: RELEASE: ${{ inputs.RELEASE }} KUBESCAPE_SKIP_UPDATE_CHECK: "true" - run: python3 smoke_testing/init.py ${PWD}/build/kubescape-ubuntu-latest - if: matrix.os == 'ubuntu-20.04' + run: ${{ env.DOCKER_CMD }} python3 smoke_testing/init.py ${PWD}/build/kubescape-ubuntu-latest + if: matrix.os == 'ubuntu-20.04' && matrix.arch == '' + + - name: Smoke Testing (Linux ${{ matrix.arch }}) + env: + RELEASE: ${{ inputs.RELEASE }} + KUBESCAPE_SKIP_UPDATE_CHECK: "true" + run: ${{ env.DOCKER_CMD }} python3 smoke_testing/init.py ./build/kubescape-${{ matrix.arch }}-ubuntu-latest + if: startsWith(github.ref, 'refs/tags') && matrix.os == 'ubuntu-20.04' && matrix.arch != '' - name: golangci-lint if: matrix.os == 'ubuntu-20.04' @@ -165,7 +195,7 @@ jobs: name: Upload artifact (Linux) if: matrix.os == 'ubuntu-20.04' with: - name: kubescape-ubuntu-latest + name: kubescape${{ matrix.arch }}-ubuntu-latest path: build/ if-no-files-found: error @@ -173,7 +203,7 @@ jobs: name: Upload artifact (MacOS, Win) if: matrix.os != 'ubuntu-20.04' with: - name: kubescape-${{ matrix.os }} + name: kubescape${{ matrix.arch }}-${{ matrix.os }} path: build/ if-no-files-found: error diff --git a/.github/workflows/c-create-release.yaml b/.github/workflows/c-create-release.yaml index 325ba664..8398e37d 100644 --- a/.github/workflows/c-create-release.yaml +++ b/.github/workflows/c-create-release.yaml @@ -57,3 +57,9 @@ jobs: ./kubescape-${{ env.WINDOWS_OS }}/kubescape-${{ env.WINDOWS_OS }} ./kubescape-${{ env.WINDOWS_OS }}/kubescape-${{ env.WINDOWS_OS }}.sha256 ./kubescape-${{ env.WINDOWS_OS }}/kubescape-${{ env.WINDOWS_OS }}.tar.gz + ./kubescapearm64-${{ env.MAC_OS }}/kubescape-arm64-${{ env.MAC_OS }} + ./kubescapearm64-${{ env.MAC_OS }}/kubescape-arm64-${{ env.MAC_OS }}.sha256 + ./kubescapearm64-${{ env.MAC_OS }}/kubescape-arm64-${{ env.MAC_OS }}.tar.gz + ./kubescapearm64-${{ env.UBUNTU_OS }}/kubescape-arm64-${{ env.UBUNTU_OS }} + ./kubescapearm64-${{ env.UBUNTU_OS }}/kubescape-arm64-${{ env.UBUNTU_OS }}.sha256 + ./kubescapearm64-${{ env.UBUNTU_OS }}/kubescape-arm64-${{ env.UBUNTU_OS }}.tar.gz diff --git a/.krew.yaml b/.krew.yaml index 8405da8e..9a8f14cc 100644 --- a/.krew.yaml +++ b/.krew.yaml @@ -16,12 +16,24 @@ spec: arch: amd64 {{ addURIAndSha "https://github.com/kubescape/kubescape/releases/download/{{ .TagName }}/kubescape-macos-latest.tar.gz" .TagName }} bin: kubescape + - selector: + matchLabels: + os: darwin + arch: arm64 + {{ addURIAndSha "https://github.com/kubescape/kubescape/releases/download/{{ .TagName }}/kubescape-arm64-macos-latest.tar.gz" .TagName }} + bin: kubescape - selector: matchLabels: os: linux arch: amd64 {{ addURIAndSha "https://github.com/kubescape/kubescape/releases/download/{{ .TagName }}/kubescape-ubuntu-latest.tar.gz" .TagName }} bin: kubescape + - selector: + matchLabels: + os: linux + arch: arm64 + {{ addURIAndSha "https://github.com/kubescape/kubescape/releases/download/{{ .TagName }}/kubescape-arm64-ubuntu-latest.tar.gz" .TagName }} + bin: kubescape - selector: matchLabels: os: windows diff --git a/Makefile b/Makefile index 4801e37d..33eda247 100644 --- a/Makefile +++ b/Makefile @@ -10,6 +10,14 @@ libgit2: -git submodule update --init --recursive cd git2go; make install-static +# build and install libgit2 for macOS m1 +libgit2arm64: + git submodule update --init --recursive + if [ "$(shell uname -s)" = "Darwin" ]; then \ + sed -i '' 's/cmake -D/cmake -DCMAKE_OSX_ARCHITECTURES="arm64" -D/' git2go/script/build-libgit2.sh; \ + fi + cd git2go; make install-static + # go build tags TAGS = "gitenabled,static" diff --git a/build.py b/build.py index f1ccb765..b232acfa 100644 --- a/build.py +++ b/build.py @@ -27,7 +27,10 @@ def get_build_dir(): def get_package_name(): if CURRENT_PLATFORM not in platformSuffixes: raise OSError("Platform %s is not supported!" % (CURRENT_PLATFORM)) - return "kubescape-" + platformSuffixes[CURRENT_PLATFORM] + package_name = "kubescape-" + if os.getenv("GOARCH"): + package_name += os.getenv("GOARCH") + "-" + return package_name + platformSuffixes[CURRENT_PLATFORM] def main():