diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 0a3f56e..3cf2900 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -63,6 +63,18 @@ jobs: timeout-minutes: 25 steps: - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 + with: + go-version-file: go.mod + - name: Configure private Go modules for runtime image + env: + RELEASES_TOKEN: ${{ secrets.RELEASES_TOKEN || github.token }} + run: | + git config --global url."https://x-access-token:${RELEASES_TOKEN}@github.com/GoCodeAlone/".insteadOf "https://github.com/GoCodeAlone/" + go env -w GOPRIVATE=github.com/GoCodeAlone/* + go env -w GONOSUMDB=github.com/GoCodeAlone/* + - name: Build product capture provider binary + run: CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o docker/product-capture-browser/product-capture-provider ./cmd/product-capture-provider - uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4.1.0 - uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0 with: diff --git a/.gitignore b/.gitignore index 2a2ffd3..5fc7bd0 100644 --- a/.gitignore +++ b/.gitignore @@ -2,3 +2,4 @@ /tmp/ *.test coverage.out +docker/product-capture-browser/product-capture-provider diff --git a/docker/product-capture-browser/Dockerfile b/docker/product-capture-browser/Dockerfile index 48b07f7..75ec716 100644 --- a/docker/product-capture-browser/Dockerfile +++ b/docker/product-capture-browser/Dockerfile @@ -20,5 +20,8 @@ RUN set -eux; \ apt-get purge -y --auto-remove curl gnupg; \ rm -rf /var/lib/apt/lists/* +COPY docker/product-capture-browser/product-capture-provider /usr/local/bin/product-capture-provider + USER node WORKDIR /workspace +ENTRYPOINT ["/usr/local/bin/product-capture-provider"] diff --git a/release_workflow_test.go b/release_workflow_test.go index 778aaee..af17542 100644 --- a/release_workflow_test.go +++ b/release_workflow_test.go @@ -83,6 +83,44 @@ func TestRuntimeImageInstallsChromeAndPlaywrightWithoutBundledBrowser(t *testing } } +func TestRuntimeImageRunsProductCaptureProviderEntrypoint(t *testing.T) { + data, err := os.ReadFile("docker/product-capture-browser/Dockerfile") + if err != nil { + t.Fatal(err) + } + dockerfile := string(data) + for _, want := range []string{ + "COPY docker/product-capture-browser/product-capture-provider /usr/local/bin/product-capture-provider", + "ENTRYPOINT [\"/usr/local/bin/product-capture-provider\"]", + } { + if !strings.Contains(dockerfile, want) { + t.Fatalf("runtime image Dockerfile missing %q", want) + } + } +} + +func TestReleaseWorkflowBuildsRuntimeProviderBinaryBeforeImage(t *testing.T) { + data, err := os.ReadFile(".github/workflows/release.yml") + if err != nil { + t.Fatal(err) + } + workflow := string(data) + for _, want := range []string{ + "name: Configure private Go modules for runtime image", + "name: Build product capture provider binary", + "CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o docker/product-capture-browser/product-capture-provider ./cmd/product-capture-provider", + } { + if !strings.Contains(workflow, want) { + t.Fatalf("release workflow missing %q", want) + } + } + buildProviderIndex := strings.Index(workflow, "name: Build product capture provider binary") + buildImageIndex := strings.Index(workflow, "name: Build and push product capture browser image") + if buildProviderIndex < 0 || buildImageIndex < 0 || buildProviderIndex > buildImageIndex { + t.Fatal("release workflow must build the provider binary before building the runtime image") + } +} + func assertWorkflowUsesPinnedActions(t *testing.T, path, workflow string) { t.Helper() for _, line := range strings.Split(workflow, "\n") {