From ebdd5eb8b7a13ba2d31a0234fd63e825ec0eb84d Mon Sep 17 00:00:00 2001
From: Dmytro Bondar <git@bonddim.com>
Date: Wed, 5 Oct 2022 15:04:50 +0300
Subject: [PATCH 1/4] Bump actions and enable dependabot

* Enable dependabot for actions and go
* Bump actions
---
 .github/{workflows => }/dependabot.yml | 15 ++++++++++++---
 .github/workflows/dockerimage.yml      | 12 ++++++------
 2 files changed, 18 insertions(+), 9 deletions(-)
 rename .github/{workflows => }/dependabot.yml (59%)

diff --git a/.github/workflows/dependabot.yml b/.github/dependabot.yml
similarity index 59%
rename from .github/workflows/dependabot.yml
rename to .github/dependabot.yml
index ac6621f..8fb0ff5 100644
--- a/.github/workflows/dependabot.yml
+++ b/.github/dependabot.yml
@@ -5,7 +5,16 @@
 
 version: 2
 updates:
-  - package-ecosystem: "" # See documentation for possible values
-    directory: "/" # Location of package manifests
+  - package-ecosystem: 'github-actions'
+    directory: '/'
     schedule:
-      interval: "weekly"
+      interval: 'weekly'
+    groups:
+      github-actions:
+        patterns:
+          - '*'
+
+  - package-ecosystem: 'gomod'
+    directory: '/'
+    schedule:
+      interval: 'weekly'
diff --git a/.github/workflows/dockerimage.yml b/.github/workflows/dockerimage.yml
index cd998ab..ff8ca7d 100644
--- a/.github/workflows/dockerimage.yml
+++ b/.github/workflows/dockerimage.yml
@@ -16,7 +16,7 @@ jobs:
     steps:
       -
         name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
       -
         name: Set Prepare
         id: prep
@@ -41,19 +41,19 @@ jobs:
           echo ::set-output name=sha_short::$(git rev-parse --short HEAD)
       -
         name: Set up QEMU
-        uses: docker/setup-qemu-action@v1
+        uses: docker/setup-qemu-action@v3
       -
         name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
+        uses: docker/setup-buildx-action@v3
       -
         name: Login to DockerHub
-        uses: docker/login-action@v1
+        uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKER_LOGIN_USERNAME }}
           password: ${{ secrets.DOCKER_LOGIN_PASSWORD }}
       -
         name: Build and push
-        uses: docker/build-push-action@v2
+        uses: docker/build-push-action@v5
         with:
           context: .
           platforms: linux/amd64,linux/arm64,linux/arm/v7
@@ -64,4 +64,4 @@ jobs:
             org.opencontainers.image.created=${{ steps.prep.outputs.created }}
             org.opencontainers.image.revision=${{ github.sha }}
           build-args: |
-            COMMIT=${{ steps.prep.outputs.sha_short }}
\ No newline at end of file
+            COMMIT=${{ steps.prep.outputs.sha_short }}

From af7c29f21a9d9353492b45d2b7f4d02160afec3c Mon Sep 17 00:00:00 2001
From: Dmytro Bondar <git@bonddim.com>
Date: Wed, 20 Sep 2023 21:15:55 +0200
Subject: [PATCH 2/4] Refactor workflow:

- Replace `prep` step by `docker/metadata-action`
- Use vars and secrets to support customizations for:
      - registry name
      - registry user
      - registry password
      - image name
      - image platforms

Signed-off-by: Dmytro Bondar <git@bonddim.com>
---
 .github/workflows/dockerimage.yml | 88 ++++++++++++++-----------------
 Dockerfile                        |  2 +-
 2 files changed, 41 insertions(+), 49 deletions(-)

diff --git a/.github/workflows/dockerimage.yml b/.github/workflows/dockerimage.yml
index ff8ca7d..253617c 100644
--- a/.github/workflows/dockerimage.yml
+++ b/.github/workflows/dockerimage.yml
@@ -1,4 +1,4 @@
-name: Build multi-platform docker images via buildx
+name: Docker Build
 
 on:
   pull_request:
@@ -10,58 +10,50 @@ on:
     tags:
       - 'v*.*.*'
 
+env:
+  IMAGE_NAME: ${{ vars.IMAGE_NAME || github.repository }}
+  IMAGE_PLATFORMS: ${{ vars.IMAGE_PLATFORMS || 'linux/amd64,linux/arm64,linux/arm/v7' }}
+  REGISTRY: ${{ vars.REGISTRY_NAME || secrets.REGISTRY_NAME || 'docker.io' }}
+
 jobs:
   docker:
     runs-on: ubuntu-latest
     steps:
-      -
-        name: Checkout
-        uses: actions/checkout@v4
-      -
-        name: Set Prepare
-        id: prep
-        run: |
-          DOCKER_IMAGE=vx3r/wg-gen-web
-          VERSION=edge
-          if [[ $GITHUB_REF == refs/tags/* ]]; then
-          VERSION=${GITHUB_REF#refs/tags/}
-          elif [[ $GITHUB_REF == refs/heads/* ]]; then
-          VERSION=$(echo ${GITHUB_REF#refs/heads/} | sed -r 's#/+#-#g')
-          elif [[ $GITHUB_REF == refs/pull/* ]]; then
-          VERSION=pr-${{ github.event.number }}
-          fi
-          TAGS="${DOCKER_IMAGE}:${VERSION}"
-          if [ "${{ github.event_name }}" = "push" ]; then
-          TAGS="$TAGS,${DOCKER_IMAGE}:sha-${GITHUB_SHA::8}"
-          fi
-          TAGS="$TAGS,${DOCKER_IMAGE}:latest"
-          echo ::set-output name=version::${VERSION}
-          echo ::set-output name=tags::${TAGS}
-          echo ::set-output name=created::$(date -u +'%Y-%m-%dT%H:%M:%SZ')
-          echo ::set-output name=sha_short::$(git rev-parse --short HEAD)
-      -
-        name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
-      -
-        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-      -
-        name: Login to DockerHub
-        uses: docker/login-action@v3
+      # https://github.com/actions/checkout
+      - uses: actions/checkout@v4
+
+      # https://github.com/docker/login-action
+      - uses: docker/login-action@v3
+        if: ${{ github.event_name != 'pull_request' }}
         with:
-          username: ${{ secrets.DOCKER_LOGIN_USERNAME }}
-          password: ${{ secrets.DOCKER_LOGIN_PASSWORD }}
-      -
-        name: Build and push
-        uses: docker/build-push-action@v5
+          registry: ${{ env.REGISTRY }}
+          username: ${{ secrets.DOCKER_LOGIN_USERNAME || secrets.REGISTRY_USERNAME || github.actor }}
+          password: ${{ secrets.DOCKER_LOGIN_PASSWORD || secrets.REGISTRY_PASSWORD || github.token }}
+
+      # https://github.com/docker/setup-buildx-action
+      - uses: docker/setup-buildx-action@v3
+
+      # https://github.com/docker/setup-qemu-action
+      - uses: docker/setup-qemu-action@v3
+
+      # https://github.com/docker/metadata-action
+      - uses: docker/metadata-action@v5
+        id: meta
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=ref,event=branch
+            type=ref,event=tag
+            type=ref,event=pr
+            type=raw,value=latest,enable={{is_default_branch}}
+            type=sha
+
+      # https://github.com/docker/build-push-action
+      - uses: docker/build-push-action@v5
         with:
           context: .
-          platforms: linux/amd64,linux/arm64,linux/arm/v7
+          platforms: ${{ env.IMAGE_PLATFORMS }}
           push: ${{ github.event_name != 'pull_request' }}
-          tags: ${{ steps.prep.outputs.tags }}
-          labels: |
-            org.opencontainers.image.source=${{ github.event.repository.html_url }}
-            org.opencontainers.image.created=${{ steps.prep.outputs.created }}
-            org.opencontainers.image.revision=${{ github.sha }}
-          build-args: |
-            COMMIT=${{ steps.prep.outputs.sha_short }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          build-args: COMMIT=${{ github.sha }}
diff --git a/Dockerfile b/Dockerfile
index 223a788..af0950c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -4,7 +4,7 @@ FROM golang:alpine AS build-back
 WORKDIR /app
 ARG COMMIT
 COPY . .
-RUN go build -o wg-gen-web-linux -ldflags="-X 'github.com/vx3r/wg-gen-web/version.Version=${COMMIT}'" github.com/vx3r/wg-gen-web/cmd/wg-gen-web
+RUN go build -o wg-gen-web-linux -ldflags="-X 'github.com/vx3r/wg-gen-web/version.Version=${COMMIT::7}'" github.com/vx3r/wg-gen-web/cmd/wg-gen-web
 
 FROM node:18.13.0-alpine AS build-front
 WORKDIR /app

From cafa72d86427cd9127cd81e75611611fd9d9f46a Mon Sep 17 00:00:00 2001
From: Dmytro Bondar <git@bonddim.com>
Date: Thu, 21 Sep 2023 13:37:27 +0200
Subject: [PATCH 3/4] Refactor Dockerfile

- Add stages for better layer caching
- Re-order layers in final image
- add .dockerignore
---
 .dockerignore |  5 +++++
 Dockerfile    | 38 +++++++++++++++++++++++---------------
 2 files changed, 28 insertions(+), 15 deletions(-)
 create mode 100644 .dockerignore

diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 0000000..b6b71a5
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,5 @@
+.git
+.github
+README.md
+ui/node_modules
+wireguard
diff --git a/Dockerfile b/Dockerfile
index af0950c..5c7724c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,25 +1,33 @@
+### Back-End
+FROM golang:alpine AS go-base
+ENV CGO_ENABLED=0
+WORKDIR /app
+COPY go.mod go.sum ./
+RUN go mod download
+
+FROM go-base AS build-back
 ARG COMMIT="N/A"
-
-FROM golang:alpine AS build-back
-WORKDIR /app
-ARG COMMIT
 COPY . .
-RUN go build -o wg-gen-web-linux -ldflags="-X 'github.com/vx3r/wg-gen-web/version.Version=${COMMIT::7}'" github.com/vx3r/wg-gen-web/cmd/wg-gen-web
+RUN go install -ldflags "-w -s -X 'github.com/vx3r/wg-gen-web/version.Version=${COMMIT::7}'" ./cmd/...
 
-FROM node:18.13.0-alpine AS build-front
+### Front-End
+FROM node:18-alpine AS node-base
 WORKDIR /app
-COPY ui/package*.json ./
-RUN npm install
-COPY ui/ ./
+COPY ui/package.json ui/package-lock.json ./
+RUN npm ci --no-fund
+
+FROM node-base AS build-front
+COPY ui/ .
 RUN npm run build
 
-FROM alpine
+### Final
+FROM alpine AS final-base
+RUN apk add -U --no-cache ca-certificates
 WORKDIR /app
-COPY --from=build-back /app/wg-gen-web-linux .
-COPY --from=build-front /app/dist ./ui/dist
 COPY .env .
-RUN chmod +x ./wg-gen-web-linux
-RUN apk add --no-cache ca-certificates
+COPY --from=build-back /go/bin/wg-gen-web .
+COPY --from=build-front /app/dist ./ui/dist
+RUN chmod +x ./wg-gen-web
 EXPOSE 8080
 
-CMD ["/app/wg-gen-web-linux"]
+CMD ["/app/wg-gen-web"]

From dd6a2cc39e3513845a55d321b9180b86e3fd4426 Mon Sep 17 00:00:00 2001
From: Dmytro Bondar <git@bonddim.com>
Date: Wed, 25 Oct 2023 15:24:57 +0200
Subject: [PATCH 4/4] Revert Dockerfile and enable cross-compilation

---
 Dockerfile | 28 ++++++++++++++--------------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 5c7724c..49b0b21 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,31 +1,31 @@
 ### Back-End
-FROM golang:alpine AS go-base
+FROM --platform=${BUILDPLATFORM} golang:alpine AS build-back
 ENV CGO_ENABLED=0
 WORKDIR /app
-COPY go.mod go.sum ./
-RUN go mod download
-
-FROM go-base AS build-back
 ARG COMMIT="N/A"
-COPY . .
-RUN go install -ldflags "-w -s -X 'github.com/vx3r/wg-gen-web/version.Version=${COMMIT::7}'" ./cmd/...
+RUN --mount=type=bind,source=go.sum,target=go.sum \
+    --mount=type=bind,source=go.mod,target=go.mod \
+    --mount=type=cache,target=/go/pkg \
+    go mod download
+ARG TARGETARCH TARGETOS
+RUN --mount=type=bind,target=. \
+    --mount=type=cache,target=/root/.cache/go-build \
+    --mount=type=cache,target=/go/pkg \
+    GOARCH=${TARGETARCH} GOOS=${TARGETOS} go build -o /out/wg-gen-web -ldflags "-w -s -X 'github.com/vx3r/wg-gen-web/version.Version=${COMMIT::7}'" ./cmd/wg-gen-web
 
 ### Front-End
-FROM node:18-alpine AS node-base
+FROM --platform=${BUILDPLATFORM} node:18-alpine AS build-front
 WORKDIR /app
 COPY ui/package.json ui/package-lock.json ./
 RUN npm ci --no-fund
-
-FROM node-base AS build-front
-COPY ui/ .
+COPY ui/ ./
 RUN npm run build
 
-### Final
-FROM alpine AS final-base
+FROM alpine
 RUN apk add -U --no-cache ca-certificates
 WORKDIR /app
 COPY .env .
-COPY --from=build-back /go/bin/wg-gen-web .
+COPY --from=build-back /out/wg-gen-web .
 COPY --from=build-front /app/dist ./ui/dist
 RUN chmod +x ./wg-gen-web
 EXPOSE 8080