From bbb8f836bf5514c9ab67128661ed4909e98a918c Mon Sep 17 00:00:00 2001
From: Ben Potter <ben@coder.com>
Date: Thu, 12 May 2022 12:59:34 -0500
Subject: [PATCH] feat: build & release cross-platform Docker images (#1178)

* feat: add dockerfile and docker-compose

* build docker images on release

* add Docker dependencies to release.yaml

* remove docker compose for now

* fix license mismatch

* add docker-compose

* rename volume

* add WF dispatch for debugging
---
 .github/workflows/release.yaml | 19 ++++++++++
 .goreleaser.yaml               | 66 ++++++++++++++++++++++++++++------
 Dockerfile                     |  6 ++++
 docker-compose.yaml            | 31 ++++++++++++++++
 4 files changed, 111 insertions(+), 11 deletions(-)
 create mode 100644 Dockerfile
 create mode 100644 docker-compose.yaml

diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index e025aa2a51..e289858b1d 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -3,13 +3,32 @@ on:
   push:
     tags:
       - "v*"
+  workflow_dispatch:
+
 jobs:
   goreleaser:
     runs-on: macos-latest
+    env:
+      # Necessary for Docker manifest
+      DOCKER_CLI_EXPERIMENTAL: "enabled"
     steps:
+      # Docker is not included on macos-latest
+      - uses: docker-practice/actions-setup-docker@v1
+
       - uses: actions/checkout@v3
         with:
           fetch-depth: 0
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+
+      - name: Docker Login
+        uses: docker/login-action@v1
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
       - uses: actions/setup-go@v3
         with:
           go-version: "~1.18"
diff --git a/.goreleaser.yaml b/.goreleaser.yaml
index 29bfb0341c..36ad5247f3 100644
--- a/.goreleaser.yaml
+++ b/.goreleaser.yaml
@@ -28,8 +28,7 @@ before:
 builds:
   - id: coder-slim
     dir: cmd/coder
-    ldflags:
-      ["-s -w -X github.com/coder/coder/buildinfo.tag={{ .Version }}"]
+    ldflags: ["-s -w -X github.com/coder/coder/buildinfo.tag={{ .Version }}"]
     env: [CGO_ENABLED=0]
     goos: [darwin, linux, windows]
     goarch: [amd64, arm, arm64]
@@ -37,9 +36,9 @@ builds:
     # Only build arm 7 for Linux
     ignore:
       - goos: windows
-        goarm: '7'
+        goarm: "7"
       - goos: darwin
-        goarm: '7'
+        goarm: "7"
     hooks:
       # The "trimprefix" appends ".exe" on Windows.
       post: |
@@ -48,8 +47,7 @@ builds:
   - id: coder-linux
     dir: cmd/coder
     flags: [-tags=embed]
-    ldflags:
-      ["-s -w -X github.com/coder/coder/buildinfo.tag={{ .Version }}"]
+    ldflags: ["-s -w -X github.com/coder/coder/buildinfo.tag={{ .Version }}"]
     env: [CGO_ENABLED=0]
     goos: [linux]
     goarch: [amd64, arm, arm64]
@@ -58,8 +56,7 @@ builds:
   - id: coder-windows
     dir: cmd/coder
     flags: [-tags=embed]
-    ldflags:
-      ["-s -w -X github.com/coder/coder/buildinfo.tag={{ .Version }}"]
+    ldflags: ["-s -w -X github.com/coder/coder/buildinfo.tag={{ .Version }}"]
     env: [CGO_ENABLED=0]
     goos: [windows]
     goarch: [amd64, arm64]
@@ -67,15 +64,14 @@ builds:
   - id: coder-darwin
     dir: cmd/coder
     flags: [-tags=embed]
-    ldflags:
-      ["-s -w -X github.com/coder/coder/buildinfo.tag={{ .Version }}"]
+    ldflags: ["-s -w -X github.com/coder/coder/buildinfo.tag={{ .Version }}"]
     env: [CGO_ENABLED=0]
     goos: [darwin]
     goarch: [amd64, arm64]
     hooks:
       # This signs the binary that will be located inside the zip.
       # MacOS requires the binary to be signed for notarization.
-      # 
+      #
       # If it doesn't successfully sign, the zip sign step will error.
       post: |
         sh -c 'codesign -s {{.Env.AC_APPLICATION_IDENTITY}} -f -v --timestamp --options runtime {{.Path}} || true'
@@ -107,6 +103,54 @@ nfpms:
       - src: coder.service
         dst: /usr/lib/systemd/system/coder.service
 
+dockers:
+  - image_templates: ["ghcr.io/coder/coder:{{ .Tag }}-amd64"]
+    id: coder-linux
+    dockerfile: Dockerfile
+    use: buildx
+    build_flag_templates:
+      - --platform=linux/amd64
+      - --label=org.opencontainers.image.title=Coder
+      - --label=org.opencontainers.image.description=A tool for provisioning self-hosted development environments with Terraform.
+      - --label=org.opencontainers.image.url=https://github.com/coder/coder
+      - --label=org.opencontainers.image.source=https://github.com/coder/coder
+      - --label=org.opencontainers.image.version={{ .Version }}
+      - --label=org.opencontainers.image.revision={{ .FullCommit }}
+      - --label=org.opencontainers.image.licenses=AGPL-3.0
+  - image_templates: ["ghcr.io/coder/coder:{{ .Tag }}-arm64"]
+    goarch: arm64
+    dockerfile: Dockerfile
+    use: buildx
+    build_flag_templates:
+      - --platform=linux/arm64/v8
+      - --label=org.opencontainers.image.title=coder
+      - --label=org.opencontainers.image.description=A tool for provisioning self-hosted development environments with Terraform.
+      - --label=org.opencontainers.image.url=https://github.com/coder/coder
+      - --label=org.opencontainers.image.source=https://github.com/coder/coder
+      - --label=org.opencontainers.image.version={{ .Tag }}
+      - --label=org.opencontainers.image.revision={{ .FullCommit }}
+      - --label=org.opencontainers.image.licenses=AGPL-3.0
+  - image_templates: ["ghcr.io/coder/coder:{{ .Tag }}-armv7"]
+    goarch: arm
+    goarm: "7"
+    dockerfile: Dockerfile
+    use: buildx
+    build_flag_templates:
+      - --platform=linux/arm/v7
+      - --label=org.opencontainers.image.title=Coder
+      - --label=org.opencontainers.image.description=A tool for provisioning self-hosted development environments with Terraform.
+      - --label=org.opencontainers.image.url=https://github.com/coder/coder
+      - --label=org.opencontainers.image.source=https://github.com/coder/coder
+      - --label=org.opencontainers.image.version={{ .Tag }}
+      - --label=org.opencontainers.image.revision={{ .FullCommit }}
+      - --label=org.opencontainers.image.licenses=AGPL-3.0
+docker_manifests:
+  - name_template: ghcr.io/coder/coder:{{ .Tag }}
+    image_templates:
+      - ghcr.io/coder/coder:{{ .Tag }}-amd64
+      - ghcr.io/coder/coder:{{ .Tag }}-arm64
+      - ghcr.io/coder/coder:{{ .Tag }}-armv7
+
 release:
   ids: [coder-linux, coder-darwin, coder-windows, packages]
 
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000000..8bbcbe8488
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,6 @@
+FROM alpine
+
+# Generated by goreleaser on `goreleaser release`
+ADD coder /opt/coder
+
+ENTRYPOINT [ "/opt/coder", "server" ]
diff --git a/docker-compose.yaml b/docker-compose.yaml
new file mode 100644
index 0000000000..f512c5ca69
--- /dev/null
+++ b/docker-compose.yaml
@@ -0,0 +1,31 @@
+version: "3.9"
+services:
+  coder:
+    image: ghcr.io/coder/coder:v${CODER_VERSION:-0.5.5}-${ARCH:-amd64}
+    ports:
+      - "7080:7080"
+    environment:
+      CODER_PG_CONNECTION_URL: "postgresql://username:password@database/coder?sslmode=disable"
+      CODER_ADDRESS: "0.0.0.0:7080"
+    depends_on:
+      database:
+        condition: service_healthy
+  database:
+    image: "postgres:14.2"
+    environment:
+      POSTGRES_USER: ${POSTGRES_USER:-username} # The PostgreSQL user (useful to connect to the database)
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-password} # The PostgreSQL password (useful to connect to the database)
+      POSTGRES_DB: ${POSTGRES_DB:-coder} # The PostgreSQL default database (automatically created at first launch)
+    volumes:
+      - coder_data:/var/lib/postgresql/data # Use "docker volume rm coder_coder_data" to reset Coder
+    healthcheck:
+      test:
+        [
+          "CMD-SHELL",
+          "pg_isready -U ${POSTGRES_USER:-username} -d ${POSTGRES_DB:-coder}",
+        ]
+      interval: 5s
+      timeout: 5s
+      retries: 5
+volumes:
+  coder_data: