From e4dd168dc2c9550f7258fffa8f46f4e866a6bb46 Mon Sep 17 00:00:00 2001 From: Muthu Date: Fri, 18 Jul 2025 12:31:58 +0530 Subject: [PATCH 01/23] Initial Github Action Changes Signed-off-by: Muthu --- .github/workflows/image-build-pr.yaml | 58 +++++++++++++++++++++ .github/workflows/image.build.yml | 21 ++++++++ Makefile | 74 +++++++++++++++++++++++++++ 3 files changed, 153 insertions(+) create mode 100644 .github/workflows/image-build-pr.yaml create mode 100644 .github/workflows/image.build.yml create mode 100644 Makefile diff --git a/.github/workflows/image-build-pr.yaml b/.github/workflows/image-build-pr.yaml new file mode 100644 index 0000000..f12bb64 --- /dev/null +++ b/.github/workflows/image-build-pr.yaml @@ -0,0 +1,58 @@ +# +# Copyright contributors to the Hyperledger Fabric Operator project +# +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +name: Chaincode Builder Image Build and Checks + +on: + push: + branches: [main] + pull_request: + branches: [main] + workflow_dispatch: + +env: + GO_VER: "1.24" + GOPROXY: "https://proxy.golang.org,direct" # Bypass all proxies to avoid TLS issues + GO111MODULE: on # Ensure module-aware mode +jobs: + build-image: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Set up go + uses: actions/setup-go@v5 + with: + go-version: ${{ env.GO_VER }} + - name: Ensure Go is in PATH + run: | + echo "GOPATH: $GOPATH" + echo "PATH: $PATH" + - name: Check Go version + run: | + echo "*********************Go version:***************************" + go version + echo "************************************************************" + - name: unit-tests + run: go test `go list ./... | grep -v integration` + - name: checks + run: make checks + - name: gosec + run: make go-sec + - name: build + run: make image + \ No newline at end of file diff --git a/.github/workflows/image.build.yml b/.github/workflows/image.build.yml new file mode 100644 index 0000000..a807383 --- /dev/null +++ b/.github/workflows/image.build.yml @@ -0,0 +1,21 @@ +name: Build and Push Chaincode Builder image + +on: + push: + branches: [main] + workflow_dispatch: + +jobs: + image: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + + - name: Build + run: | + scripts/install-tools.sh + make image + - name: Push + run: | + echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u $GITHUB_ACTOR --password-stdin + make image-push image-push-latest \ No newline at end of file diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..498aebf --- /dev/null +++ b/Makefile @@ -0,0 +1,74 @@ +# +# Copyright contributors to the Hyperledger Fabric Operator project +# +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + + +IMAGE ?= ghcr.io/hyperledger-labs/chaincode-builder +TAG ?= $(shell git rev-parse --short HEAD) +ARCH ?= $(shell go env GOARCH) +BRANCH ?= $(shell git branch --show-current) +DOCKER_IMAGE_REPO ?= ghcr.io +REGISTRY ?= $(DOCKER_IMAGE_REPO)/ibp-golang +GO_VER ?= 1.24.3 +BUILD_DATE = $(shell date -u +"%Y-%m-%dT%H:%M:%SZ") +GOOS ?= $(shell go env GOOS) + + +BUILD_ARGS=--build-arg ARCH=$(ARCH) +BUILD_ARGS+=--build-arg REGISTRY=$(REGISTRY) +BUILD_ARGS+=--build-arg BUILD_ID=$(TAG) +BUILD_ARGS+=--build-arg BUILD_DATE=$(BUILD_DATE) +BUILD_ARGS+=--build-arg GO_VER=$(GO_VER) + + +.PHONY: build login + +int-tests: + @ginkgo -v ./integration + +build: + GOOS=$(GOOS) GOARCH=$(ARCH) go build -o build/chaincode-builder ./cmd/ibp-builder + GOOS=$(GOOS) GOARCH=$(ARCH) go build -o build/chaincode-builder-client ./cmd/ibp-builder-client + +image: login + @go mod vendor + docker build --rm . -f Dockerfile $(BUILD_ARGS) -t $(IMAGE):$(TAG)-$(ARCH) + docker tag $(IMAGE):$(TAG)-$(ARCH) $(IMAGE):latest-$(ARCH) + +image-nologin: + @go mod vendor + docker build --rm . -f Dockerfile $(BUILD_ARGS) -t $(IMAGE):$(TAG)-$(ARCH) + docker tag $(IMAGE):$(TAG)-$(ARCH) $(IMAGE):latest-$(ARCH) + +login: + echo $(DOCKER_PASSWORD) | docker login -u $(DOCKER_USERNAME) --password-stdin $(DOCKER_IMAGE_REPO) + +image-push: login + docker push $(IMAGE):$(TAG)-$(ARCH) + +unit-tests: + go test `go list ./... | grep -v integration` + +gosec: + @scripts/go-sec.sh + +checks: license + @scripts/checks + +.PHONY: license +license: + @scripts/check-license.sh From eab7f5903c9778584c236e1c3bac5b0b81367a29 Mon Sep 17 00:00:00 2001 From: Muthu Date: Fri, 18 Jul 2025 14:12:39 +0530 Subject: [PATCH 02/23] GitHub Action Intial Draft Signed-off-by: Muthu --- .github/workflows/image-build-pr.yaml | 2 +- .github/workflows/image.build.yml | 9 ++------- Makefile | 8 ++------ 3 files changed, 5 insertions(+), 14 deletions(-) diff --git a/.github/workflows/image-build-pr.yaml b/.github/workflows/image-build-pr.yaml index f12bb64..53ad09b 100644 --- a/.github/workflows/image-build-pr.yaml +++ b/.github/workflows/image-build-pr.yaml @@ -52,7 +52,7 @@ jobs: - name: checks run: make checks - name: gosec - run: make go-sec + run: make gosec - name: build run: make image \ No newline at end of file diff --git a/.github/workflows/image.build.yml b/.github/workflows/image.build.yml index a807383..1b97e2c 100644 --- a/.github/workflows/image.build.yml +++ b/.github/workflows/image.build.yml @@ -9,13 +9,8 @@ jobs: image: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - - name: Build - run: | - scripts/install-tools.sh - make image + - uses: actions/checkout@v4 - name: Push run: | echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u $GITHUB_ACTOR --password-stdin - make image-push image-push-latest \ No newline at end of file + make image image-push \ No newline at end of file diff --git a/Makefile b/Makefile index 498aebf..d9f8e6e 100644 --- a/Makefile +++ b/Makefile @@ -44,7 +44,7 @@ build: GOOS=$(GOOS) GOARCH=$(ARCH) go build -o build/chaincode-builder ./cmd/ibp-builder GOOS=$(GOOS) GOARCH=$(ARCH) go build -o build/chaincode-builder-client ./cmd/ibp-builder-client -image: login +image: ## Builds a x86 based image @go mod vendor docker build --rm . -f Dockerfile $(BUILD_ARGS) -t $(IMAGE):$(TAG)-$(ARCH) docker tag $(IMAGE):$(TAG)-$(ARCH) $(IMAGE):latest-$(ARCH) @@ -53,11 +53,7 @@ image-nologin: @go mod vendor docker build --rm . -f Dockerfile $(BUILD_ARGS) -t $(IMAGE):$(TAG)-$(ARCH) docker tag $(IMAGE):$(TAG)-$(ARCH) $(IMAGE):latest-$(ARCH) - -login: - echo $(DOCKER_PASSWORD) | docker login -u $(DOCKER_USERNAME) --password-stdin $(DOCKER_IMAGE_REPO) - -image-push: login +image-push: docker push $(IMAGE):$(TAG)-$(ARCH) unit-tests: From a460216829208d0a594432940e7753ff56b602fd Mon Sep 17 00:00:00 2001 From: Muthu Date: Fri, 18 Jul 2025 14:32:32 +0530 Subject: [PATCH 03/23] License Scripts Added Signed-off-by: Muthu --- .DS_Store | Bin 0 -> 6148 bytes scripts/check-license.sh | 138 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 138 insertions(+) create mode 100644 .DS_Store create mode 100644 scripts/check-license.sh diff --git a/.DS_Store b/.DS_Store new file mode 100644 index 0000000000000000000000000000000000000000..bee9105109b8afab5c9b2cbdd9a0abfbaa5205eb GIT binary patch literal 6148 zcmeHK%Wl&^6upzAi9-a+qDb8!Sz=p4XsZguCQXw?C16n_SO5xfY*H(ZC$b$P6h+D! z{()a$%a`yktl-R}Qao*0A%vp2(#)C1xp!vH*d7lNvF<#0MARfA2T5S%7P4zh^ow-G zO1k9^kck+4i!efB zc>OfIYV?fG=#={Of;{RM*`=|;cIY`G3k5zPdQ9Op{I46Dm7&dq#zhthWj9$>uu{x5 zN6HMYP;Zl4r*q8pgnF1sU#e*Ao78aAqlP^hA%28Wax=bE@egc&kkiX5qV|&W*uN|f{Z~=A7&LcJd6EyKBuu446ojC> zeH|qMUv&9A2{P&HsSc;^)CbMIb}3c? ztH9q;KztuuB!L}`YlZUDflOWjfE6@LLs|a(16|Po>}XsoL<@{5SD golang_copyright.txt +/* + * Copyright contributors to the Hyperledger Fabric Operations Console project + * + * SPDX-License-Identifier: Apache-2.0 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +EOB + +cat << EOB > shell_copyright.txt +# +# Copyright contributors to the Hyperledger Fabric Operations Console project +# +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +EOB + +function filterGeneratedFiles { + for f in $@; do + head -n5 $f | grep -qE 'Code generated by.*DO NOT EDIT' || echo $f + done +} + +function filterExcludedFiles { + CHECK=`echo "$CHECK" \ + | grep -v "^\.build/" \ + | grep -v "^\.git/" \ + | grep -v "^\.gitignore" \ + | grep -v "\.json$" \ + | grep -v "\.pem$" \ + | grep -v "\.crt$" \ + | grep -v "\.txt$" \ + | grep -v "\.md$" \ + | grep -v "_sk$" \ + | grep -v "\.key$" \ + | grep -v "\.gen\.go$" \ + | grep -v "tools/" \ + | grep -v "testdata/" \ + | grep -v "vendor/" \ + | grep -v "go.mod" \ + | grep -v "go.sum" \ + | grep -v .secrets.baseline \ + | grep -v .pre-commit-config.yaml \ + | sort -u` + + CHECK=$(filterGeneratedFiles "$CHECK") +} + +CHECK=$(git diff --name-only --diff-filter=ACMRTUXB HEAD) +filterExcludedFiles +if [[ -z "$CHECK" ]]; then + CHECK=$(git diff-tree --no-commit-id --name-only --diff-filter=ACMRTUXB -r "HEAD^..HEAD") + filterExcludedFiles +fi + +if [[ -z "$CHECK" ]]; then + echo "All files are excluded from having license headers" + exit 0 +fi + +missing=`echo "$CHECK" | xargs ls -d 2>/dev/null | xargs grep -L "SPDX-License-Identifier: Apache-2.0"` +if [[ -z "$missing" ]]; then + echo "All files have SPDX-License-Identifier: Apache-2.0" + exit 0 +fi + +TMPFILE="./tmpfile" + +for FILE in ${missing}; do + EXT="${FILE##*.}" + echo "Adding copyright notice to $FILE" + if [ "${EXT}" = "go" ]; then + cat golang_copyright.txt ${FILE} > ${TMPFILE} + cat ${TMPFILE} > ${FILE} + rm -f ${TMPFILE} + echo " ${FILE} copyright notice added" + elif [ "${EXT}" = "yaml" ]; then + cat shell_copyright.txt ${FILE} > ${TMPFILE} + cat ${TMPFILE} > ${FILE} + rm -f ${TMPFILE} + echo " ${FILE} copyright notice added" + elif [ "${EXT}" = "sh" ]; then + cat shell_copyright.txt ${FILE} > ${TMPFILE} + cat ${TMPFILE} > ${FILE} + rm -f ${TMPFILE} + echo " ${FILE} copyright notice added" + else + echo "invalid file extension" + fi +done + +rm golang_copyright.txt shell_copyright.txt + +exit 0 \ No newline at end of file From 4b1cc72cfeec961377b9e4c7bd6ec3b165be5caf Mon Sep 17 00:00:00 2001 From: Muthu Date: Fri, 18 Jul 2025 14:33:09 +0530 Subject: [PATCH 04/23] License Scripts Added Signed-off-by: Muthu --- .gitignore | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 13f2d8c..473a638 100644 --- a/.gitignore +++ b/.gitignore @@ -3,4 +3,5 @@ build/ .env golang_copyright.txt shell_copyright.txt -launch.json \ No newline at end of file +launch.json +.DS_Store \ No newline at end of file From 2b191cd0ddacaa6c5d1e285c05ca9b02c93726e3 Mon Sep 17 00:00:00 2001 From: Muthu Date: Fri, 18 Jul 2025 14:34:33 +0530 Subject: [PATCH 05/23] Removed the .DS_Store Signed-off-by: Muthu --- .DS_Store | Bin 6148 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 .DS_Store diff --git a/.DS_Store b/.DS_Store deleted file mode 100644 index bee9105109b8afab5c9b2cbdd9a0abfbaa5205eb..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 6148 zcmeHK%Wl&^6upzAi9-a+qDb8!Sz=p4XsZguCQXw?C16n_SO5xfY*H(ZC$b$P6h+D! z{()a$%a`yktl-R}Qao*0A%vp2(#)C1xp!vH*d7lNvF<#0MARfA2T5S%7P4zh^ow-G zO1k9^kck+4i!efB zc>OfIYV?fG=#={Of;{RM*`=|;cIY`G3k5zPdQ9Op{I46Dm7&dq#zhthWj9$>uu{x5 zN6HMYP;Zl4r*q8pgnF1sU#e*Ao78aAqlP^hA%28Wax=bE@egc&kkiX5qV|&W*uN|f{Z~=A7&LcJd6EyKBuu446ojC> zeH|qMUv&9A2{P&HsSc;^)CbMIb}3c? ztH9q;KztuuB!L}`YlZUDflOWjfE6@LLs|a(16|Po>}XsoL<@{5SD Date: Mon, 21 Jul 2025 11:06:16 +0530 Subject: [PATCH 06/23] Permission changes Signed-off-by: Muthu --- .github/workflows/image-build-pr.yaml | 2 +- Makefile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/image-build-pr.yaml b/.github/workflows/image-build-pr.yaml index 53ad09b..6d99839 100644 --- a/.github/workflows/image-build-pr.yaml +++ b/.github/workflows/image-build-pr.yaml @@ -35,7 +35,7 @@ jobs: steps: - uses: actions/checkout@v4 - name: Set up go - uses: actions/setup-go@v5 + uses: actions/setup-go@v4 with: go-version: ${{ env.GO_VER }} - name: Ensure Go is in PATH diff --git a/Makefile b/Makefile index d9f8e6e..5d2e778 100644 --- a/Makefile +++ b/Makefile @@ -67,4 +67,4 @@ checks: license .PHONY: license license: - @scripts/check-license.sh + chmod +x @scripts/check-license.sh From 0e54839968009ee36c9693e43b7f3d864ea7a095 Mon Sep 17 00:00:00 2001 From: Muthu Date: Mon, 21 Jul 2025 11:09:37 +0530 Subject: [PATCH 07/23] Permission changes Signed-off-by: Muthu --- .github/workflows/image-build-pr.yaml | 5 ++++- Makefile | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/image-build-pr.yaml b/.github/workflows/image-build-pr.yaml index 6d99839..52adfd0 100644 --- a/.github/workflows/image-build-pr.yaml +++ b/.github/workflows/image-build-pr.yaml @@ -50,7 +50,10 @@ jobs: - name: unit-tests run: go test `go list ./... | grep -v integration` - name: checks - run: make checks + run: | + echo "*********************Running checks*************************" + la -al + make checks - name: gosec run: make gosec - name: build diff --git a/Makefile b/Makefile index 5d2e778..d9f8e6e 100644 --- a/Makefile +++ b/Makefile @@ -67,4 +67,4 @@ checks: license .PHONY: license license: - chmod +x @scripts/check-license.sh + @scripts/check-license.sh From a526012c894d0f32aa3d941c813c0ba120ef60f5 Mon Sep 17 00:00:00 2001 From: Muthu Date: Mon, 21 Jul 2025 11:11:16 +0530 Subject: [PATCH 08/23] Permission changes Signed-off-by: Muthu --- .github/workflows/image-build-pr.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/image-build-pr.yaml b/.github/workflows/image-build-pr.yaml index 52adfd0..7ba7319 100644 --- a/.github/workflows/image-build-pr.yaml +++ b/.github/workflows/image-build-pr.yaml @@ -52,7 +52,7 @@ jobs: - name: checks run: | echo "*********************Running checks*************************" - la -al + ls -al make checks - name: gosec run: make gosec From 9b7aed5aa7302a45798757442fb70e237a81a87f Mon Sep 17 00:00:00 2001 From: Muthu Date: Mon, 21 Jul 2025 11:31:14 +0530 Subject: [PATCH 09/23] Permission changes Signed-off-by: Muthu --- .github/workflows/image-build-pr.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/image-build-pr.yaml b/.github/workflows/image-build-pr.yaml index 7ba7319..faa2a48 100644 --- a/.github/workflows/image-build-pr.yaml +++ b/.github/workflows/image-build-pr.yaml @@ -52,7 +52,7 @@ jobs: - name: checks run: | echo "*********************Running checks*************************" - ls -al + ls -l scripts/check-license.sh make checks - name: gosec run: make gosec From 805ba62e0c1db9547f22edf94285ef6958fc6253 Mon Sep 17 00:00:00 2001 From: Muthu Date: Mon, 21 Jul 2025 11:34:59 +0530 Subject: [PATCH 10/23] Permission changes Signed-off-by: Muthu --- .github/workflows/image-build-pr.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/image-build-pr.yaml b/.github/workflows/image-build-pr.yaml index faa2a48..785d7b5 100644 --- a/.github/workflows/image-build-pr.yaml +++ b/.github/workflows/image-build-pr.yaml @@ -52,6 +52,7 @@ jobs: - name: checks run: | echo "*********************Running checks*************************" + chmod +x scripts/check-license.sh ls -l scripts/check-license.sh make checks - name: gosec From 6351253f54170d02c49062825f283fb1b7801531 Mon Sep 17 00:00:00 2001 From: Muthu Date: Mon, 21 Jul 2025 11:41:05 +0530 Subject: [PATCH 11/23] Permission changes Signed-off-by: Muthu --- .github/workflows/image-build-pr.yaml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/image-build-pr.yaml b/.github/workflows/image-build-pr.yaml index 785d7b5..fbcaaef 100644 --- a/.github/workflows/image-build-pr.yaml +++ b/.github/workflows/image-build-pr.yaml @@ -51,10 +51,9 @@ jobs: run: go test `go list ./... | grep -v integration` - name: checks run: | - echo "*********************Running checks*************************" - chmod +x scripts/check-license.sh - ls -l scripts/check-license.sh - make checks + echo "*********************Running checks*************************" + chmod +x scripts/* + make checks - name: gosec run: make gosec - name: build From ed2b4fcd578fa8f0c5224ba0ec09d5ed85cda38e Mon Sep 17 00:00:00 2001 From: Muthu Date: Mon, 21 Jul 2025 12:01:15 +0530 Subject: [PATCH 12/23] Permission changes Signed-off-by: Muthu --- .github/workflows/image-build-pr.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/image-build-pr.yaml b/.github/workflows/image-build-pr.yaml index fbcaaef..bc4a61d 100644 --- a/.github/workflows/image-build-pr.yaml +++ b/.github/workflows/image-build-pr.yaml @@ -26,9 +26,10 @@ on: workflow_dispatch: env: - GO_VER: "1.24" + GO_VER: 1.24 GOPROXY: "https://proxy.golang.org,direct" # Bypass all proxies to avoid TLS issues GO111MODULE: on # Ensure module-aware mode + GOPATH: /opt/go jobs: build-image: runs-on: ubuntu-latest From 9bd39d09a042e3c3a0865bef243ae7eaa75070cd Mon Sep 17 00:00:00 2001 From: Muthu Date: Mon, 21 Jul 2025 12:40:25 +0530 Subject: [PATCH 13/23] Docker File Add Signed-off-by: Muthu --- Dockerfile | 55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 55 insertions(+) create mode 100644 Dockerfile diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..3305762 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,55 @@ +# +# Copyright contributors to the Hyperledger Fabric Operations Console project +# +# SPDX-License-Identifier: Apache-2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at: +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +ARG ARCH +ARG REGISTRY +ARG GO_VER + +FROM registry.access.redhat.com/ubi9/ubi-minimal as builder +COPY . /go/src/github.ibm.com/fabric/fabric-chaincode-builder +WORKDIR /go/src/github.ibm.com/fabric/fabric-chaincode-builder +RUN GOOS=linux GOARCH=$(go env GOARCH) go build -o build/fabric-chaincode-builder ./cmd/ibp-builder + +FROM registry.access.redhat.com/ubi9/ubi-minimal +ARG IBP_VER +ARG BUILD_ID +ARG BUILD_DATE + + +ENV BUILDER=/usr/local/bin/fabric-chaincode-builder \ + USER_UID=1001 \ + USER_NAME=fabric-chaincode-builder \ + CLIENT_TIMEOUT=5m \ + FILE_SERVER_LISTEN_IP=0.0.0.0 \ + FILE_SERVER_LISTEN_PORT=22222 \ + SHARED_VOLUME_PATH=/data \ + SIDECAR_LISTEN_ADDRESS=0.0.0.0:11111 + +RUN microdnf update -y +RUN microdnf install -y shadow-utils iputils +RUN groupadd -g 7051 ibp-user \ + && useradd -u 7051 -g ibp-user -s /bin/bash ibp-user \ + && microdnf remove -y shadow-utils \ + && microdnf clean -y all; + +COPY --from=builder /go/src/github.ibm.com/ibp/chaincode-builder/build/fabric-chaincode-builder ${BUILDER} +COPY docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh + +USER ibp-user + +ENTRYPOINT ["docker-entrypoint.sh"] +CMD [ "sh", "-c", "fabric-chaincode-builder --kubeconfig \"${KUBECONFIG}\" --kubeNamespace \"${KUBE_NAMESPACE}\" --clientTimeout \"${CLIENT_TIMEOUT}\" --peerID \"${PEER_ID}\" --sharedVolumePath \"${SHARED_VOLUME_PATH}\" --fileServerListenAddress \"${FILE_SERVER_LISTEN_IP}:${FILE_SERVER_LISTEN_PORT}\" --sidecarListenAddress \"${SIDECAR_LISTEN_ADDRESS}\" --fileServerBaseURL \"${FILE_SERVER_BASE_URL}\"" ] From eb52df8b589accefead7991772cb5fe5fe78099c Mon Sep 17 00:00:00 2001 From: Muthu Date: Mon, 21 Jul 2025 12:56:27 +0530 Subject: [PATCH 14/23] Docker File Add Signed-off-by: Muthu --- .github/workflows/image-build-pr.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/image-build-pr.yaml b/.github/workflows/image-build-pr.yaml index bc4a61d..ac32696 100644 --- a/.github/workflows/image-build-pr.yaml +++ b/.github/workflows/image-build-pr.yaml @@ -52,7 +52,7 @@ jobs: run: go test `go list ./... | grep -v integration` - name: checks run: | - echo "*********************Running checks*************************" + echo "*********************Running checks*************************" chmod +x scripts/* make checks - name: gosec From d9c94fbe37e143538154d2bc6dfd630fd4190c6e Mon Sep 17 00:00:00 2001 From: Muthu Date: Mon, 21 Jul 2025 13:03:11 +0530 Subject: [PATCH 15/23] Docker File Add Signed-off-by: Muthu --- Dockerfile | 7 ++++++- Makefile | 6 +++--- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 3305762..740e25a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -20,9 +20,14 @@ ARG REGISTRY ARG GO_VER FROM registry.access.redhat.com/ubi9/ubi-minimal as builder +# gcc required for cgo +RUN microdnf install -y tar gzip gcc + +RUN curl -sL https://go.dev/dl/go${GO_VER}.linux-${ARCH}.tar.gz | tar zxf - -C /usr/local +ENV PATH="/usr/local/go/bin:$PATH" COPY . /go/src/github.ibm.com/fabric/fabric-chaincode-builder WORKDIR /go/src/github.ibm.com/fabric/fabric-chaincode-builder -RUN GOOS=linux GOARCH=$(go env GOARCH) go build -o build/fabric-chaincode-builder ./cmd/ibp-builder +RUN GOOS=linux GOARCH=$(go env GOARCH) go build -o build/fabric-chaincode-builder ./cmd/fabric-builder FROM registry.access.redhat.com/ubi9/ubi-minimal ARG IBP_VER diff --git a/Makefile b/Makefile index d9f8e6e..f034ee3 100644 --- a/Makefile +++ b/Makefile @@ -17,7 +17,7 @@ # -IMAGE ?= ghcr.io/hyperledger-labs/chaincode-builder +IMAGE ?= ghcr.io/hyperledger-labs/fabric-chaincode-builder TAG ?= $(shell git rev-parse --short HEAD) ARCH ?= $(shell go env GOARCH) BRANCH ?= $(shell git branch --show-current) @@ -41,8 +41,8 @@ int-tests: @ginkgo -v ./integration build: - GOOS=$(GOOS) GOARCH=$(ARCH) go build -o build/chaincode-builder ./cmd/ibp-builder - GOOS=$(GOOS) GOARCH=$(ARCH) go build -o build/chaincode-builder-client ./cmd/ibp-builder-client + GOOS=$(GOOS) GOARCH=$(ARCH) go build -o build/fabric-chaincode-builder ./cmd/fabric-builder + GOOS=$(GOOS) GOARCH=$(ARCH) go build -o build/fabric-chaincode-builder-client ./cmd/fabric-builder-client image: ## Builds a x86 based image @go mod vendor From 8162b1d7f5758ab6ecba4a44123e35f192acafb6 Mon Sep 17 00:00:00 2001 From: Muthu Date: Mon, 21 Jul 2025 14:04:41 +0530 Subject: [PATCH 16/23] Docker File Add Signed-off-by: Muthu --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 740e25a..9d1877c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -22,7 +22,7 @@ ARG GO_VER FROM registry.access.redhat.com/ubi9/ubi-minimal as builder # gcc required for cgo RUN microdnf install -y tar gzip gcc - +RUN echo "GO_VER=${GO_VER}" && echo "ARCH=${ARCH}" RUN curl -sL https://go.dev/dl/go${GO_VER}.linux-${ARCH}.tar.gz | tar zxf - -C /usr/local ENV PATH="/usr/local/go/bin:$PATH" COPY . /go/src/github.ibm.com/fabric/fabric-chaincode-builder From be052e70600baf8bea60be757bec2af398585005 Mon Sep 17 00:00:00 2001 From: Muthu Date: Mon, 21 Jul 2025 14:09:31 +0530 Subject: [PATCH 17/23] Docker File Add Signed-off-by: Muthu --- Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 9d1877c..262b772 100644 --- a/Dockerfile +++ b/Dockerfile @@ -16,10 +16,11 @@ # limitations under the License. # ARG ARCH -ARG REGISTRY ARG GO_VER FROM registry.access.redhat.com/ubi9/ubi-minimal as builder +ARG GO_VER +ARG ARCH # gcc required for cgo RUN microdnf install -y tar gzip gcc RUN echo "GO_VER=${GO_VER}" && echo "ARCH=${ARCH}" From e6e9a0082146a23520bedce54fd2e932cff42946 Mon Sep 17 00:00:00 2001 From: Muthu Date: Mon, 21 Jul 2025 14:17:41 +0530 Subject: [PATCH 18/23] Docker File Add Signed-off-by: Muthu --- Dockerfile | 1 - 1 file changed, 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 262b772..9bae3f7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -22,7 +22,6 @@ FROM registry.access.redhat.com/ubi9/ubi-minimal as builder ARG GO_VER ARG ARCH # gcc required for cgo -RUN microdnf install -y tar gzip gcc RUN echo "GO_VER=${GO_VER}" && echo "ARCH=${ARCH}" RUN curl -sL https://go.dev/dl/go${GO_VER}.linux-${ARCH}.tar.gz | tar zxf - -C /usr/local ENV PATH="/usr/local/go/bin:$PATH" From b3fcd45f90dc81e85323b1b0856dc6667350ee39 Mon Sep 17 00:00:00 2001 From: Muthu Date: Mon, 21 Jul 2025 14:21:38 +0530 Subject: [PATCH 19/23] Docker File Add Signed-off-by: Muthu --- Dockerfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Dockerfile b/Dockerfile index 9bae3f7..5c47273 100644 --- a/Dockerfile +++ b/Dockerfile @@ -22,6 +22,8 @@ FROM registry.access.redhat.com/ubi9/ubi-minimal as builder ARG GO_VER ARG ARCH # gcc required for cgo + +RUN microdnf install -y make gcc tar gzip gcc-c++ && microdnf clean all RUN echo "GO_VER=${GO_VER}" && echo "ARCH=${ARCH}" RUN curl -sL https://go.dev/dl/go${GO_VER}.linux-${ARCH}.tar.gz | tar zxf - -C /usr/local ENV PATH="/usr/local/go/bin:$PATH" From 0f7c40534d3cf549a725fba67e0e96b316142a42 Mon Sep 17 00:00:00 2001 From: Muthu Date: Mon, 21 Jul 2025 14:31:06 +0530 Subject: [PATCH 20/23] Docker File Add Signed-off-by: Muthu --- Dockerfile | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 5c47273..f110701 100644 --- a/Dockerfile +++ b/Dockerfile @@ -22,10 +22,12 @@ FROM registry.access.redhat.com/ubi9/ubi-minimal as builder ARG GO_VER ARG ARCH # gcc required for cgo - RUN microdnf install -y make gcc tar gzip gcc-c++ && microdnf clean all RUN echo "GO_VER=${GO_VER}" && echo "ARCH=${ARCH}" -RUN curl -sL https://go.dev/dl/go${GO_VER}.linux-${ARCH}.tar.gz | tar zxf - -C /usr/local +RUN test -n "$GO_VER" && test -n "$ARCH" || (echo "GO_VER or ARCH not set!" && exit 1) + +RUN curl -sSL https://go.dev/dl/go${GO_VER}.linux-${ARCH}.tar.gz | tar zxf - -C /usr/local + ENV PATH="/usr/local/go/bin:$PATH" COPY . /go/src/github.ibm.com/fabric/fabric-chaincode-builder WORKDIR /go/src/github.ibm.com/fabric/fabric-chaincode-builder From b8c47d37b0dff0f5e40345cab8113cdb4e0ba269 Mon Sep 17 00:00:00 2001 From: Muthu Date: Mon, 21 Jul 2025 14:35:21 +0530 Subject: [PATCH 21/23] Gi Version Changes Signed-off-by: Muthu --- .github/workflows/image-build-pr.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/image-build-pr.yaml b/.github/workflows/image-build-pr.yaml index ac32696..3f999a1 100644 --- a/.github/workflows/image-build-pr.yaml +++ b/.github/workflows/image-build-pr.yaml @@ -26,7 +26,7 @@ on: workflow_dispatch: env: - GO_VER: 1.24 + GO_VER: 1.24.3 GOPROXY: "https://proxy.golang.org,direct" # Bypass all proxies to avoid TLS issues GO111MODULE: on # Ensure module-aware mode GOPATH: /opt/go From 34e8296101196f0a42187c7cfdff71f65e16a478 Mon Sep 17 00:00:00 2001 From: Muthu Date: Mon, 21 Jul 2025 14:47:21 +0530 Subject: [PATCH 22/23] Gi Version Changes Signed-off-by: Muthu --- Dockerfile | 2 +- Makefile | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index f110701..993fe4c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -31,7 +31,7 @@ RUN curl -sSL https://go.dev/dl/go${GO_VER}.linux-${ARCH}.tar.gz | tar zxf - -C ENV PATH="/usr/local/go/bin:$PATH" COPY . /go/src/github.ibm.com/fabric/fabric-chaincode-builder WORKDIR /go/src/github.ibm.com/fabric/fabric-chaincode-builder -RUN GOOS=linux GOARCH=$(go env GOARCH) go build -o build/fabric-chaincode-builder ./cmd/fabric-builder +RUN GOOS=linux GOARCH=$(go env GOARCH) go build -o build/fabric-chaincode-builder ./cmd/ibp-builder FROM registry.access.redhat.com/ubi9/ubi-minimal ARG IBP_VER diff --git a/Makefile b/Makefile index f034ee3..00b00aa 100644 --- a/Makefile +++ b/Makefile @@ -41,8 +41,8 @@ int-tests: @ginkgo -v ./integration build: - GOOS=$(GOOS) GOARCH=$(ARCH) go build -o build/fabric-chaincode-builder ./cmd/fabric-builder - GOOS=$(GOOS) GOARCH=$(ARCH) go build -o build/fabric-chaincode-builder-client ./cmd/fabric-builder-client + GOOS=$(GOOS) GOARCH=$(ARCH) go build -o build/fabric-chaincode-builder ./cmd/ibp-builder + GOOS=$(GOOS) GOARCH=$(ARCH) go build -o build/fabric-chaincode-builder-client ./cmd/ibp-builder-client image: ## Builds a x86 based image @go mod vendor From 2ec0e64aea6d217437f7aebd2769695eea4620c0 Mon Sep 17 00:00:00 2001 From: Muthu Date: Mon, 21 Jul 2025 14:58:00 +0530 Subject: [PATCH 23/23] Docker File Changes Signed-off-by: Muthu --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 993fe4c..ec4ba43 100644 --- a/Dockerfile +++ b/Dockerfile @@ -55,7 +55,7 @@ RUN groupadd -g 7051 ibp-user \ && microdnf remove -y shadow-utils \ && microdnf clean -y all; -COPY --from=builder /go/src/github.ibm.com/ibp/chaincode-builder/build/fabric-chaincode-builder ${BUILDER} +COPY --from=builder /go/src/github.ibm.com/fabric/fabric-chaincode-builder/build/fabric-chaincode-builder ${BUILDER} COPY docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh USER ibp-user