Skip to content

Commit

Permalink
fix local development documentation and setup
Browse files Browse the repository at this point in the history
Signed-off-by: Gabriel Bernal <[email protected]>
  • Loading branch information
jgbernalp committed Dec 19, 2024
1 parent 744e570 commit 02d0079
Show file tree
Hide file tree
Showing 4 changed files with 45 additions and 10 deletions.
35 changes: 35 additions & 0 deletions Dockerfile.dev
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
# Build the manager binary
FROM golang:1.23 as builder
ARG TARGETOS
ARG TARGETARCH

WORKDIR /workspace
# Copy the Go Modules manifests
COPY go.mod go.mod
COPY go.sum go.sum
# cache deps before building and copying source so that we don't need to re-download as much
# and so that source changes don't invalidate our downloaded layer
RUN go mod download

# Copy the go source
COPY main.go main.go
COPY api/ api/
COPY controllers/ controllers/
COPY internal/ internal/

# Build
# the GOARCH has not a default value to allow the binary be built according to the host where the command
# was called. For example, if we call make docker-build in a local env which has the Apple Silicon M1 SO
# the docker BUILDPLATFORM arg will be linux/arm64 when for Apple x86 it will be linux/amd64. Therefore,
# by leaving it empty we can ensure that the container and binary shipped on it will have the same platform.
RUN CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} go build -a -o manager main.go

FROM gcr.io/distroless/static:nonroot
WORKDIR /

COPY --from=builder /workspace/manager .
COPY --chown=nobody:nobody LICENSE /LICENSE

USER 65532:65532

ENTRYPOINT ["/manager"]
4 changes: 2 additions & 2 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -151,7 +151,7 @@ run: manifests generate fmt vet ## Run a controller from your host.
# More info: https://docs.docker.com/develop/develop-images/build_enhancements/
.PHONY: image-build
image-build: test ## Build docker image with the manager.
${CONTAINER_RUNTIME} build -t ${IMG} .
${CONTAINER_RUNTIME} build -f Dockerfile.dev -t ${IMG} .

.PHONY: image-push
image-push: ## Push docker image with the manager.
Expand Down Expand Up @@ -326,7 +326,7 @@ endef
generate-goreleaser:
go run ./scripts/generate-goreleaser/generate-goreleaser.go

## Cross build binaries for all platforms (Use "make build" in development)
## Cross build binaries for all platforms (Use "make image-build" in development)
.PHONY: cross-build
cross-build: generate-goreleaser manifests generate fmt vet ## Cross build binaries for all platforms (Use "make build" in development)
goreleaser release --snapshot --clean
Expand Down
8 changes: 7 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ kubectl apply -k config/samples
3. Build and push your image to the location specified by `IMG`:

```sh
make docker-build docker-push IMG=<some-registry>/perses-operator:tag
make image-build image-push IMG=<some-registry>/perses-operator:tag
```

4. Deploy the controller to the cluster with the image specified by `IMG`:
Expand All @@ -32,6 +32,12 @@ make docker-build docker-push IMG=<some-registry>/perses-operator:tag
make deploy IMG=<some-registry>/perses-operator:tag
```

6. Access the Perses UI at `http://localhost:8080`

```sh
kubectl port-forward svc/perses-sample 8080:8080
```

### Uninstall CRDs

To delete the CRDs from the cluster:
Expand Down
8 changes: 1 addition & 7 deletions config/manager/manager.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -58,19 +58,13 @@ spec:
# - linux
securityContext:
runAsNonRoot: true
# TODO(user): For common cases that do not require escalating privileges
# it is recommended to ensure that all your Pods/Containers are restrictive.
# More info: https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
# Please uncomment the following code if your project does NOT have to work on old Kubernetes
# versions < 1.19 or on vendors versions which do NOT support this field by default (i.e. Openshift < 4.11 ).
# seccompProfile:
# type: RuntimeDefault
containers:
- command:
- /manager
args:
- --leader-elect
image: controller:latest
imagePullPolicy: Always
name: manager
securityContext:
allowPrivilegeEscalation: false
Expand Down

0 comments on commit 02d0079

Please sign in to comment.