Merge pull request #82 from appuio/local-dev-improvements

`local-dev` improvements
appuio · Jan 4, 2023 · 2c19579 · 2c19579
2 parents b878a2c + da3b6cb
commit 2c19579
Show file tree

Hide file tree

Showing 4 changed files with 51 additions and 19 deletions.
diff --git a/.goreleaser.yml b/.goreleaser.yml
@@ -1,11 +1,18 @@
 builds:
-- binary: control-api
-  env:
-    - CGO_ENABLED=0 # this is needed otherwise the Docker image build is faulty
-  goarch:
-    - amd64
-  goos:
-    - linux
+  - binary: control-api
+    env:
+      - CGO_ENABLED=0 # this is needed otherwise the Docker image build is faulty
+    goarch:
+      - amd64
+      - arm64
+    goos:
+      - linux
+    goarm:
+      - "8"
+
+archives:
+  - format: binary
+    name_template: "{{ .Binary }}_{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}"
 
 checksum:
   name_template: 'checksums.txt'
@@ -14,12 +21,32 @@ snapshot:
   name_template: "{{ incpatch .Version }}-snapshot"
 
 dockers:
-  - image_templates:
-      - "ghcr.io/appuio/control-api:v{{ .Version }}"
+  - goarch: amd64
+    use: buildx
+    build_flag_templates:
+      - "--platform=linux/amd64"
+    image_templates:
+      - "ghcr.io/appuio/control-api:v{{ .Version }}-amd64"
+
+  - goarch: arm64
+    use: buildx
+    build_flag_templates:
+      - "--platform=linux/arm64/v8"
+    image_templates:
+      - "ghcr.io/appuio/control-api:v{{ .Version }}-arm64"
+
+docker_manifests:
+  # For prereleases, updating `latest` does not make sense.
+  # Only the image for the exact version should be pushed.
+  - name_template: "{{ if not .Prerelease }}ghcr.io/appuio/control-api:latest{{ end }}"
+    image_templates:
+      - "ghcr.io/appuio/control-api:v{{ .Version }}-amd64"
+      - "ghcr.io/appuio/control-api:v{{ .Version }}-arm64"
 
-      # For prereleases, updating `latest` and the floating tags of the major version does not make sense.
-      # Only the image for the exact version should be pushed.
-      - "{{ if not .Prerelease }}ghcr.io/appuio/control-api:latest{{ end }}"
+  - name_template: "ghcr.io/appuio/control-api:v{{ .Version }}"
+    image_templates:
+      - "ghcr.io/appuio/control-api:v{{ .Version }}-amd64"
+      - "ghcr.io/appuio/control-api:v{{ .Version }}-arm64"
 
 release:
   prerelease: auto

diff --git a/Makefile.vars.mk b/Makefile.vars.mk
@@ -16,7 +16,7 @@ localenv_dir ?= $(CURDIR)/$(PROJECT_ROOT_DIR)/local-env
 localenv_dir_created = $(localenv_dir)/.created
 
 # Kind config
-KIND_NODE_VERSION ?= v1.22.1
+KIND_NODE_VERSION ?= v1.25.3
 KIND ?= go run sigs.k8s.io/kind
 KIND_KUBECONFIG ?= $(localenv_dir)/kind-kubeconfig-$(KIND_NODE_VERSION)
 KIND_CLUSTER ?= control-api-$(KIND_NODE_VERSION)
diff --git a/README.md b/README.md
@@ -61,7 +61,7 @@ When running kind on Linux you can find it with `docker inspect`.
 On some docker distributions the host IP is accessible via `host.docker.internal`.
 
 ```bash
-HOSTIP=$(docker inspect control-api-v1.22.1-control-plane | jq '.[0].NetworkSettings.Networks.kind.Gateway')
+HOSTIP=$(docker inspect control-api-v1.25.3-control-plane | jq '.[0].NetworkSettings.Networks.kind.Gateway')
 # HOSTIP=host.docker.internal # On some docker distributions
 
 cat <<EOF | sed -e "s/172.21.0.1/$HOSTIP/g" | kubectl apply -f -
@@ -128,7 +128,7 @@ To access the locally running controller webhook server, you need to register it
 You can do this by applying the following manifests:
 
 ```
-HOSTIP=$(docker inspect control-api-v1.22.1-control-plane | jq '.[0].NetworkSettings.Networks.kind.Gateway')
+HOSTIP=$(docker inspect control-api-v1.25.3-control-plane | jq '.[0].NetworkSettings.Networks.kind.Gateway')
 
 cat <<EOF | sed -e "s/172.21.0.1/$HOSTIP/g" | kubectl apply -f -
 apiVersion: v1

diff --git a/local-env/setup-kind.sh b/local-env/setup-kind.sh
@@ -6,7 +6,7 @@ set -euo pipefail
 readonly script_dir=$(dirname "$0")
 readonly kind_cmd="${1:-kind}"
 readonly kind_cluster="${2:-control-api-localenv}"
-readonly kind_node_version="${3:-v1.22.1}"
+readonly kind_node_version="${3:-v1.25.3}"
 readonly kind_kubeconfig="${4:-"${script_dir}/control-api.kubeconfig"}"
 
 export KUBECONFIG="${kind_kubeconfig}"
@@ -46,16 +46,21 @@ sed -e "s/REPLACEME/${realm_name}/g" "${script_dir}/templates/realm.json.tpl" >
 
 echo -e "\033[1mUsing '${realm_name}' as your local-dev Keycloak realm\033[0m"
 
-step "Navigate to ${keycloak_url} and create a new realm by importing the '$(realpath "${script_dir}/realm.json")' file."
+step "Navigate to ${keycloak_url}/auth/admin/ and create a new realm by importing the '$(realpath "${script_dir}/realm.json")' file."
 
-step "Create a user in the new realm, grant it realm role 'admin'.\nMake sure the user has an email configured and 'Email Verified' is set to 'On'."
+step "Create a user in the new realm, grant it 'local-dev' client role 'admin'.\nMake sure the user has an email configured and 'Email Verified' is set to 'On'."
 
 echo ""
 echo -e "\033[1m================================================================================"
 echo "Note: After the cluster is created, a browser window will open where you have to sign in to Keycloak with the user you've created in the previous step."
 echo -e "================================================================================\033[0m"
 echo ""
 
+base64_no_wrap='base64'
+if [[ "$OSTYPE" == "linux"* ]]; then
+  base64_no_wrap='base64 --wrap 0'
+fi
+
 sed -e "s#ISSUER_KEYCLOAK#${keycloak_url}#; s/REALM/${realm_name}/g" "${script_dir}/templates/kind-oidc.yaml.tpl" > "${script_dir}/.kind-oidc.yaml"
 ${kind_cmd} create cluster \
   --name "${kind_cluster}" \
@@ -130,7 +135,7 @@ kubectl patch validatingwebhookconfiguration validating-webhook-configuration \
       {
         "name": "validate-users.appuio.io",
         "clientConfig": {
-          "caBundle": "'"$(base64 -w0 "${script_dir}"/webhook-certs/tls.crt)"'"
+          "caBundle": "'"$(eval $base64_no_wrap < "${script_dir}"/webhook-certs/tls.crt)"'"
         }
       }
     ]