Unify docker build and drop support for linux/arm/v7

.cosign/README.md

@@ -2,31 +2,31 @@
 
 Podinfo release assets (container image, Helm chart, Flux artifact, Timoni module)
 are published to GitHub Container Registry and are signed with
-[Cosign v2](https://github.com/sigstore/cosign) keyless & GitHub Actions OIDC.
+[Cosign v3](https://github.com/sigstore/cosign) keyless & GitHub Actions OIDC.
 
 ## Verify podinfo with cosign
 
 Install the [cosign](https://github.com/sigstore/cosign) CLI:
 
 ```sh
-brew install sigstore/tap/cosign
+brew install cosign
 ```
 
 ### Container image
 
 Verify the podinfo container image hosted on GHCR:
 
 ```sh
-cosign verify ghcr.io/stefanprodan/podinfo:6.5.0 \
---certificate-identity-regexp="^https://github.com/stefanprodan/podinfo.*$" \
+cosign verify ghcr.io/stefanprodan/podinfo:6.12.0 \
+--certificate-identity-regexp="^https://github\.com/stefanprodan/.*$" \
 --certificate-oidc-issuer=https://token.actions.githubusercontent.com
 ```
 
 Verify the podinfo container image hosted on Docker Hub:
 
 ```sh
-cosign verify docker.io/stefanprodan/podinfo:6.5.0 \
---certificate-identity-regexp="^https://github.com/stefanprodan/podinfo.*$" \
+cosign verify docker.io/stefanprodan/podinfo:6.12.0 \
+--certificate-identity-regexp="^https://github\.com/stefanprodan/.*$" \
 --certificate-oidc-issuer=https://token.actions.githubusercontent.com
 ```
 
@@ -35,8 +35,8 @@ cosign verify docker.io/stefanprodan/podinfo:6.5.0 \
 Verify the podinfo [Helm](https://helm.sh) chart hosted on GHCR:
 
 ```sh
-cosign verify ghcr.io/stefanprodan/charts/podinfo:6.5.0 \
---certificate-identity-regexp="^https://github.com/stefanprodan/podinfo.*$" \
+cosign verify ghcr.io/stefanprodan/charts/podinfo:6.12.0 \
+--certificate-identity-regexp="^https://github\.com/stefanprodan/.*$" \
 --certificate-oidc-issuer=https://token.actions.githubusercontent.com
 ```
 
@@ -45,8 +45,8 @@ cosign verify ghcr.io/stefanprodan/charts/podinfo:6.5.0 \
 Verify the podinfo [Flux](https://fluxcd.io) artifact hosted on GHCR:
 
 ```sh
-cosign verify ghcr.io/stefanprodan/manifests/podinfo:6.5.0 \
---certificate-identity-regexp="^https://github.com/stefanprodan/podinfo.*$" \
+cosign verify ghcr.io/stefanprodan/manifests/podinfo:6.12.0 \
+--certificate-identity-regexp="^https://github\.com/stefanprodan/.*$" \
 --certificate-oidc-issuer=https://token.actions.githubusercontent.com
 ```
 
@@ -55,7 +55,7 @@ cosign verify ghcr.io/stefanprodan/manifests/podinfo:6.5.0 \
 Verify the podinfo [Timoni](https://timoni.sh) module hosted on GHCR:
 
 ```sh
-cosign verify ghcr.io/stefanprodan/modules/podinfo:6.5.0 \
---certificate-identity-regexp="^https://github.com/stefanprodan/podinfo.*$" \
+cosign verify ghcr.io/stefanprodan/modules/podinfo:6.12.0 \
+--certificate-identity-regexp="^https://github\.com/stefanprodan/.*$" \
 --certificate-oidc-issuer=https://token.actions.githubusercontent.com
 ```

.github/workflows/e2e.yml

@@ -17,22 +17,16 @@ jobs:
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Disk Cleanup
         uses: ./.github/actions/runner-cleanup
-      - name: Setup Kubernetes
-        uses: helm/kind-action@ef37e7f390d99f746eb8b610417061a60e82a6cc # v1.14.0
-        with:
-          cluster_name: kind
-      - name: Build container image
-        run: |
-          ./test/build.sh
-          kind load docker-image test/podinfo:latest
       - name: Setup Helm
         uses: azure/setup-helm@dda3372f752e03dde6b3237bc9431cdc2f7a02a2 # v5.0.0
         with:
           version: v4.1.0
-      - name: Deploy
-        run: ./test/deploy.sh
+      - name: Setup Kubernetes
+        uses: helm/kind-action@ef37e7f390d99f746eb8b610417061a60e82a6cc # v1.14.0
+        with:
+          cluster_name: kind
       - name: Run integration tests
-        run: ./test/test.sh
+        run: ./test/e2e.sh
       - name: Debug failure
         if: failure()
         run: |
@@ -59,7 +53,7 @@ jobs:
           cluster_name: kind
       - name: Build container
         run: |
-          docker build -t ${PODINFO_IMAGE_URL}:${PODINFO_VERSION} --build-arg "REVISION=${GITHUB_SHA}"  -f Dockerfile.xx .
+          docker build -t ${PODINFO_IMAGE_URL}:${PODINFO_VERSION} --build-arg "REVISION=${GITHUB_SHA}"  -f Dockerfile .
           kind load docker-image ${PODINFO_IMAGE_URL}:${PODINFO_VERSION}
       - name: Vet module
         run: |

.github/workflows/release.yml

@@ -41,7 +41,7 @@ jobs:
       - name: Setup Helm
         uses: azure/setup-helm@dda3372f752e03dde6b3237bc9431cdc2f7a02a2 # v5.0.0
         with:
-          version: v4.1.1
+          version: v4.2.0
       - name: Setup QEMU
         uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4.0.0
         with:
@@ -88,10 +88,10 @@ jobs:
           push: true
           builder: ${{ steps.buildx.outputs.name }}
           context: .
-          file: ./Dockerfile.xx
+          file: ./Dockerfile
           build-args: |
             REVISION=${{ steps.prep.outputs.REVISION }}
-          platforms: linux/amd64,linux/arm/v7,linux/arm64
+          platforms: linux/amd64,linux/arm64
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
       - name: Publish Timoni module to GHCR
@@ -113,7 +113,7 @@ jobs:
           flux push artifact oci://ghcr.io/stefanprodan/manifests/podinfo:${{ steps.prep.outputs.VERSION }} \
             --path="./kustomize" \
             --source="${{ github.event.repository.html_url }}" \
-            --revision="${GITHUB_REF_NAME}/${GITHUB_SHA}"
+            --revision="${GITHUB_REF_NAME}@sha1:${GITHUB_SHA}"
           flux tag artifact oci://ghcr.io/stefanprodan/manifests/podinfo:${{ steps.prep.outputs.VERSION }} --tag latest
       - name: Sign artifacts with Cosign
         env:
@@ -123,15 +123,6 @@ jobs:
           cosign sign ghcr.io/stefanprodan/podinfo:${{ steps.prep.outputs.VERSION }} --yes
           cosign sign ghcr.io/stefanprodan/charts/podinfo:${{ steps.prep.outputs.VERSION }} --yes
           cosign sign ghcr.io/stefanprodan/manifests/podinfo:${{ steps.prep.outputs.VERSION }} --yes
-      - name: Publish base image
-        uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0
-        with:
-          push: true
-          builder: ${{ steps.buildx.outputs.name }}
-          context: .
-          platforms: linux/amd64
-          file: ./Dockerfile.base
-          tags: docker.io/stefanprodan/podinfo-base:latest
       - name: Publish helm chart
         uses: stefanprodan/helm-gh-pages@0ad2bb377311d61ac04ad9eb6f252fb68e207260 # v1.7.0
         with:
@@ -141,7 +132,7 @@ jobs:
           flux push artifact oci://ghcr.io/stefanprodan/podinfo-deploy:${{ steps.prep.outputs.VERSION }} \
             --path="./kustomize" \
             --source="${{ github.event.repository.html_url }}" \
-            --revision="${GITHUB_REF_NAME}/${GITHUB_SHA}"
+            --revision="${GITHUB_REF_NAME}@sha1:${GITHUB_SHA}"
           flux tag artifact oci://ghcr.io/stefanprodan/podinfo-deploy:${{ steps.prep.outputs.VERSION }} --tag latest
       - name: Sign config artifact with cso
         run: |

Makefile

@@ -39,35 +39,13 @@ build-charts:
 build-container:
 	docker build -t $(DOCKER_IMAGE_NAME):$(VERSION) .
 
-build-xx:
-	docker buildx build \
-	--platform=linux/amd64 \
-	-t $(DOCKER_IMAGE_NAME):$(VERSION) \
-	--load \
-	-f Dockerfile.xx .
-
-build-base:
-	docker build -f Dockerfile.base -t $(DOCKER_REPOSITORY)/podinfo-base:latest .
-
-push-base: build-base
-	docker push $(DOCKER_REPOSITORY)/podinfo-base:latest
-
 test-container:
 	@docker rm -f podinfo || true
 	@docker run -dp 9898:9898 --name=podinfo $(DOCKER_IMAGE_NAME):$(VERSION)
 	@docker ps
 	@TOKEN=$$(curl -sd 'test' localhost:9898/token | jq -r .token) && \
 	curl -sH "Authorization: Bearer $${TOKEN}" localhost:9898/token/validate | grep test
 
-push-container:
-	docker tag $(DOCKER_IMAGE_NAME):$(VERSION) $(DOCKER_IMAGE_NAME):latest
-	docker push $(DOCKER_IMAGE_NAME):$(VERSION)
-	docker push $(DOCKER_IMAGE_NAME):latest
-	docker tag $(DOCKER_IMAGE_NAME):$(VERSION) quay.io/$(DOCKER_IMAGE_NAME):$(VERSION)
-	docker tag $(DOCKER_IMAGE_NAME):$(VERSION) quay.io/$(DOCKER_IMAGE_NAME):latest
-	docker push quay.io/$(DOCKER_IMAGE_NAME):$(VERSION)
-	docker push quay.io/$(DOCKER_IMAGE_NAME):latest
-
 version-set:
 	@next="$(TAG)" && \
 	current="$(VERSION)" && \

charts/podinfo/Chart.yaml

@@ -2,7 +2,6 @@ apiVersion: v1
 version: 6.11.2
 appVersion: 6.11.2
 name: podinfo
-engine: gotpl
 description: Podinfo Helm chart for Kubernetes
 home: https://github.com/stefanprodan/podinfo
 maintainers: