From 460e0e47f5f6c1157c059927b4e18e980c400044 Mon Sep 17 00:00:00 2001
From: CrazyMax <crazy-max@users.noreply.github.com>
Date: Sun, 28 Mar 2021 16:43:51 +0200
Subject: [PATCH] Enhance workflow

Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
---
 .dockerignore                                 |  3 +-
 .github/CONTRIBUTING.md                       | 35 ++++-------
 .github/ISSUE_TEMPLATE/bug_report.md          |  2 +-
 .github/workflows/ci.yml                      | 10 ++--
 .github/workflows/e2e.yml                     |  2 +-
 .github/workflows/test.yml                    | 29 +++------
 Dockerfile                                    | 52 ----------------
 docker-bake.hcl                               | 59 +++++++++++++------
 hack/build.Dockerfile                         | 42 +++++++++++++
 hack/test.Dockerfile                          | 23 ++++++++
 hack/vendor.Dockerfile                        | 23 ++++++++
 ...rfile-multi-sudo => multi-sudo.Dockerfile} |  0
 test/{Dockerfile-multi => multi.Dockerfile}   |  0
 13 files changed, 159 insertions(+), 121 deletions(-)
 delete mode 100644 Dockerfile
 create mode 100644 hack/build.Dockerfile
 create mode 100644 hack/test.Dockerfile
 create mode 100644 hack/vendor.Dockerfile
 rename test/{Dockerfile-multi-sudo => multi-sudo.Dockerfile} (100%)
 rename test/{Dockerfile-multi => multi.Dockerfile} (100%)

diff --git a/.dockerignore b/.dockerignore
index 3c3629e..ccc2930 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -1 +1,2 @@
-node_modules
+/coverage
+/node_modules
diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md
index 97a2567..048ec53 100644
--- a/.github/CONTRIBUTING.md
+++ b/.github/CONTRIBUTING.md
@@ -2,33 +2,20 @@
 
 Hi there! We're thrilled that you'd like to contribute to this project. Your help is essential for keeping it great.
 
-Contributions to this project are [released](https://help.github.com/articles/github-terms-of-service/#6-contributions-under-repository-license) to the public under the [project's open source license](LICENSE).
+Contributions to this project are [released](https://docs.github.com/en/github/site-policy/github-terms-of-service#6-contributions-under-repository-license)
+to the public under the [project's open source license](LICENSE).
 
 ## Submitting a pull request
 
 1. [Fork](https://github.com/docker/build-push-action/fork) and clone the repository
 2. Configure and install the dependencies: `yarn install`
-3. Make sure the tests pass on your machine: `yarn run test`
-4. Create a new branch: `git checkout -b my-branch-name`
-5. Make your change, add tests, and make sure the tests still pass
-6. Run pre-checkin: `yarn run pre-checkin`
-7. Push to your fork and [submit a pull request](https://github.com/docker/build-push-action/compare)
-8. Pat your self on the back and wait for your pull request to be reviewed and merged.
-
-## Container based developer flow
-
-If you don't want to maintain a Node developer environment that fits this project you can use containerized commands instead of invoking yarn directly.
-
-```
-# format code and build javascript artifacts
-docker buildx bake pre-checkin
-
-# validate all code has correctly formatted and built
-docker buildx bake validate
-
-# run tests
-docker buildx bake test
-```
+3. Create a new branch: `git checkout -b my-branch-name`
+4. Make your changes
+5. Make sure the tests pass: `docker buildx bake test`
+6. Format code and build javascript artifacts: `docker buildx bake pre-checkin`
+7. Validate all code has correctly formatted and built: `docker buildx bake validate`
+8. Push to your fork and [submit a pull request](https://github.com/docker/build-push-action/compare)
+9. Pat your self on the back and wait for your pull request to be reviewed and merged.
 
 Here are a few things you can do that will increase the likelihood of your pull request being accepted:
 
@@ -40,5 +27,5 @@ Here are a few things you can do that will increase the likelihood of your pull
 ## Resources
 
 - [How to Contribute to Open Source](https://opensource.guide/how-to-contribute/)
-- [Using Pull Requests](https://help.github.com/articles/about-pull-requests/)
-- [GitHub Help](https://help.github.com)
+- [Using Pull Requests](https://docs.github.com/en/github/collaborating-with-issues-and-pull-requests/about-pull-requests)
+- [GitHub Help](https://docs.github.com/en)
diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md
index 192a23a..5a66152 100644
--- a/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@@ -34,4 +34,4 @@ Before sumbitting a bug report please read the [Troubleshooting doc](https://git
 
 ### Logs
 
-> Download the [log file of your build](https://help.github.com/en/actions/configuring-and-managing-workflows/managing-a-workflow-run#downloading-logs) and [attach it](https://help.github.com/en/github/managing-your-work-on-github/file-attachments-on-issues-and-pull-requests) to this issue.
+> Download the [log file of your build](https://docs.github.com/en/actions/managing-workflow-runs/using-workflow-run-logs#downloading-logs) and [attach it](https://docs.github.com/en/github/managing-your-work-on-github/file-attachments-on-issues-and-pull-requests) to this issue.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index a325331..bb6d5df 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -326,7 +326,7 @@ jobs:
         uses: ./
         with:
           context: ./test
-          file: ./test/Dockerfile-${{ matrix.dockerfile }}
+          file: ./test/${{ matrix.dockerfile }}.Dockerfile
           builder: ${{ steps.buildx.outputs.name }}
           platforms: linux/amd64,linux/arm64
           push: true
@@ -379,7 +379,7 @@ jobs:
         uses: ./
         with:
           context: ./test
-          file: ./test/Dockerfile-multi
+          file: ./test/multi.Dockerfile
           builder: ${{ steps.buildx.outputs.name }}
           platforms: linux/amd64,linux/arm64
           push: true
@@ -412,7 +412,7 @@ jobs:
         uses: ./
         with:
           context: ./test
-          file: ./test/Dockerfile-multi
+          file: ./test/multi.Dockerfile
           builder: ${{ steps.buildx.outputs.name }}
           platforms: linux/amd64,linux/arm64
           push: true
@@ -489,7 +489,7 @@ jobs:
         uses: ./
         with:
           context: ./test
-          file: ./test/Dockerfile-multi
+          file: ./test/multi.Dockerfile
           builder: ${{ steps.buildx.outputs.name }}
           platforms: linux/amd64,linux/arm64
           push: true
@@ -554,7 +554,7 @@ jobs:
         uses: ./
         with:
           context: ./test
-          file: ./test/Dockerfile-multi
+          file: ./test/multi.Dockerfile
           builder: ${{ steps.buildx.outputs.name }}
           platforms: linux/amd64,linux/arm64
           push: true
diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml
index 808d788..a318606 100644
--- a/.github/workflows/e2e.yml
+++ b/.github/workflows/e2e.yml
@@ -81,7 +81,7 @@ jobs:
         uses: ./
         with:
           context: ./test
-          file: ./test/Dockerfile-multi
+          file: ./test/multi.Dockerfile
           platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/ppc64le,linux/s390x
           push: ${{ github.event_name != 'pull_request' }}
           tags: ${{ steps.docker_meta.outputs.tags }}
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index b3bbf5a..5fbd710 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -3,25 +3,12 @@ name: test
 on:
   push:
     branches:
-      - master
+      - 'master'
   pull_request:
     branches:
-      - master
+      - 'master'
 
 jobs:
-  test-containerized:
-    runs-on: ubuntu-latest
-    steps:
-      -
-        name: Checkout
-        uses: actions/checkout@v2
-      -
-        name: Validate
-        run: docker buildx bake validate
-      -
-        name: Test
-        run: docker buildx bake test
-
   test:
     runs-on: ubuntu-latest
     steps:
@@ -29,15 +16,17 @@ jobs:
         name: Checkout
         uses: actions/checkout@v2
       -
-        name: Install
-        run: yarn install
+        name: Validate
+        uses: docker/bake-action@v1
+        with:
+          targets: validate
       -
         name: Test
-        run: yarn run test
+        uses: docker/bake-action@v1
+        with:
+          targets: test
       -
         name: Upload coverage
         uses: codecov/codecov-action@v1
-        if: success()
         with:
-          token: ${{ secrets.CODECOV_TOKEN }}
           file: ./coverage/clover.xml
diff --git a/Dockerfile b/Dockerfile
deleted file mode 100644
index c49ccf8..0000000
--- a/Dockerfile
+++ /dev/null
@@ -1,52 +0,0 @@
-#syntax=docker/dockerfile:1.2
-
-FROM node:12 AS deps
-WORKDIR /src
-COPY package.json yarn.lock ./
-RUN --mount=type=cache,target=/usr/local/share/.cache/yarn \
-  yarn install
-
-FROM scratch AS update-yarn
-COPY --from=deps /src/yarn.lock /
-
-FROM deps AS validate-yarn
-COPY .git .git
-RUN status=$(git status --porcelain -- yarn.lock); if [ -n "$status" ]; then echo $status; exit 1; fi
-
-FROM deps AS base
-COPY . .
-
-FROM base AS build
-RUN yarn build
-
-FROM deps AS test
-COPY --from=docker /usr/local/bin/docker /usr/bin/
-ARG TARGETOS
-ARG TARGETARCH
-ARG BUILDX_VERSION=v0.5.1
-ENV RUNNER_TEMP=/tmp/github_runner
-ENV RUNNER_TOOL_CACHE=/tmp/github_tool_cache
-RUN mkdir -p /usr/local/lib/docker/cli-plugins && \
-  curl -fsSL https://github.com/docker/buildx/releases/download/$BUILDX_VERSION/buildx-$BUILDX_VERSION.$TARGETOS-$TARGETARCH > /usr/local/lib/docker/cli-plugins/docker-buildx && \
-  chmod +x /usr/local/lib/docker/cli-plugins/docker-buildx && \
-  docker buildx version
-COPY . .
-RUN yarn run test
-
-FROM base AS run-format
-RUN yarn run format
-
-FROM scratch AS format
-COPY --from=run-format /src/src/*.ts /src/
-
-FROM base AS validate-format
-RUN yarn run format-check
-
-FROM scratch AS dist
-COPY --from=build /src/dist/ /dist/
-
-FROM build AS validate-build
-RUN status=$(git status --porcelain -- dist); if [ -n "$status" ]; then echo $status; exit 1; fi
-
-FROM base AS dev
-ENTRYPOINT ["bash"]
diff --git a/docker-bake.hcl b/docker-bake.hcl
index e01c414..7054cf7 100644
--- a/docker-bake.hcl
+++ b/docker-bake.hcl
@@ -1,42 +1,67 @@
+variable "NODE_VERSION" {
+  default = "12"
+}
+
+target "node-version" {
+  args = {
+    NODE_VERSION = NODE_VERSION
+  }
+}
+
 group "default" {
   targets = ["build"]
 }
 
 group "pre-checkin" {
-  targets = ["update-yarn", "format", "build"]
+  targets = ["vendor-update", "format", "build"]
 }
 
 group "validate" {
-	targets = ["validate-format", "validate-build", "validate-yarn"]
-}
-
-target "update-yarn" {
-  target = "update-yarn"
-  output = ["."]
+  targets = ["format-validate", "build-validate", "vendor-validate"]
 }
 
 target "build" {
-  target = "dist"
+  inherits = ["node-version"]
+  dockerfile = "./hack/build.Dockerfile"
+  target = "build-update"
   output = ["."]
 }
 
-target "test" {
-  target = "test"
+target "build-validate" {
+  inherits = ["node-version"]
+  dockerfile = "./hack/build.Dockerfile"
+  target = "build-validate"
 }
 
 target "format" {
-  target = "format"
+  inherits = ["node-version"]
+  dockerfile = "./hack/build.Dockerfile"
+  target = "format-update"
   output = ["."]
 }
 
-target "validate-format" {
-  target = "validate-format"
+target "format-validate" {
+  inherits = ["node-version"]
+  dockerfile = "./hack/build.Dockerfile"
+  target = "format-validate"
 }
 
-target "validate-build" {
-  target = "validate-build"
+target "vendor-update" {
+  inherits = ["node-version"]
+  dockerfile = "./hack/vendor.Dockerfile"
+  target = "update"
+  output = ["."]
 }
 
-target "validate-yarn" {
-	target = "validate-yarn"
+target "vendor-validate" {
+  inherits = ["node-version"]
+  dockerfile = "./hack/vendor.Dockerfile"
+  target = "validate"
+}
+
+target "test" {
+  inherits = ["node-version"]
+  dockerfile = "./hack/test.Dockerfile"
+  target = "test-coverage"
+  output = ["./coverage"]
 }
diff --git a/hack/build.Dockerfile b/hack/build.Dockerfile
new file mode 100644
index 0000000..a0796d7
--- /dev/null
+++ b/hack/build.Dockerfile
@@ -0,0 +1,42 @@
+# syntax=docker/dockerfile:1.2
+ARG NODE_VERSION
+
+FROM node:${NODE_VERSION}-alpine AS base
+RUN apk add --no-cache cpio findutils git
+WORKDIR /src
+
+FROM base AS deps
+RUN --mount=type=bind,target=.,rw \
+  --mount=type=cache,target=/src/node_modules \
+  yarn install
+
+FROM deps AS build
+RUN --mount=type=bind,target=.,rw \
+  --mount=type=cache,target=/src/node_modules \
+  yarn run build && mkdir /out && cp -Rf dist /out/
+
+FROM scratch AS build-update
+COPY --from=build /out /
+
+FROM build AS build-validate
+RUN --mount=type=bind,target=.,rw \
+  git add -A && cp -rf /out/* .; \
+  if [ -n "$(git status --porcelain -- dist)" ]; then \
+    echo >&2 'ERROR: Build result differs. Please build first with "docker buildx bake build"'; \
+    git status --porcelain -- dist; \
+    exit 1; \
+  fi
+
+FROM deps AS format
+RUN --mount=type=bind,target=.,rw \
+  --mount=type=cache,target=/src/node_modules \
+  yarn run format \
+  && mkdir /out && find . -name '*.ts' -not -path './node_modules/*' | cpio -pdm /out
+
+FROM scratch AS format-update
+COPY --from=format /out /
+
+FROM deps AS format-validate
+RUN --mount=type=bind,target=.,rw \
+  --mount=type=cache,target=/src/node_modules \
+  yarn run format-check \
diff --git a/hack/test.Dockerfile b/hack/test.Dockerfile
new file mode 100644
index 0000000..6a6c5d6
--- /dev/null
+++ b/hack/test.Dockerfile
@@ -0,0 +1,23 @@
+# syntax=docker/dockerfile:1.2
+ARG NODE_VERSION
+
+FROM node:${NODE_VERSION}-alpine AS base
+RUN apk add --no-cache git
+WORKDIR /src
+
+FROM base AS deps
+RUN --mount=type=bind,target=.,rw \
+  --mount=type=cache,target=/src/node_modules \
+  yarn install
+
+FROM deps AS test
+ENV RUNNER_TEMP=/tmp/github_runner
+ENV RUNNER_TOOL_CACHE=/tmp/github_tool_cache
+RUN --mount=type=bind,target=.,rw \
+  --mount=type=cache,target=/src/node_modules \
+  --mount=type=bind,from=crazymax/docker,source=/usr/libexec/docker/cli-plugins/docker-buildx,target=/usr/libexec/docker/cli-plugins/docker-buildx \
+  --mount=type=bind,from=crazymax/docker,source=/usr/local/bin/docker,target=/usr/bin/docker \
+  yarn run test --coverageDirectory=/tmp/coverage
+
+FROM scratch AS test-coverage
+COPY --from=test /tmp/coverage /
diff --git a/hack/vendor.Dockerfile b/hack/vendor.Dockerfile
new file mode 100644
index 0000000..dd7906b
--- /dev/null
+++ b/hack/vendor.Dockerfile
@@ -0,0 +1,23 @@
+# syntax=docker/dockerfile:1.2
+ARG NODE_VERSION
+
+FROM node:${NODE_VERSION}-alpine AS base
+RUN apk add --no-cache git
+WORKDIR /src
+
+FROM base AS vendored
+RUN --mount=type=bind,target=.,rw \
+  --mount=type=cache,target=/src/node_modules \
+  yarn install && mkdir /out && cp yarn.lock /out
+
+FROM scratch AS update
+COPY --from=vendored /out /
+
+FROM vendored AS validate
+RUN --mount=type=bind,target=.,rw \
+  git add -A && cp -rf /out/* .; \
+  if [ -n "$(git status --porcelain -- yarn.lock)" ]; then \
+    echo >&2 'ERROR: Vendor result differs. Please vendor your package with "docker buildx bake vendor-update"'; \
+    git status --porcelain -- yarn.lock; \
+    exit 1; \
+  fi
diff --git a/test/Dockerfile-multi-sudo b/test/multi-sudo.Dockerfile
similarity index 100%
rename from test/Dockerfile-multi-sudo
rename to test/multi-sudo.Dockerfile
diff --git a/test/Dockerfile-multi b/test/multi.Dockerfile
similarity index 100%
rename from test/Dockerfile-multi
rename to test/multi.Dockerfile