fix: release ci

Signed-off-by: wangyizhi1 <[email protected]>

Author: wangyizhi1

.github/workflows/docker.yml

@@ -10,20 +10,24 @@ on:
         required: true
 
 permissions:
+  packages: write
   contents: read
 
 jobs:
   docker-release:
     runs-on: ubuntu-latest
     env:
-      DOCKER_LOGIN: ${{ secrets.DOCKERHUB_USERNAME }}
-      DOCKER_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }}
       RELEASE: ${{ github.event.inputs.release || github.event.release.tag_name }}
     steps:
       - uses: actions/checkout@v4
       - name: Build Docker Images
-        run: make VERSION=${RELEASE:1} DOCKER=coredns -f Makefile.docker release
+        run: make VERSION=${RELEASE:1} GITHUB_USER=${{ github.actor }} -f Makefile.docker release
+      - name: Set up qemu
+        uses: docker/setup-qemu-action@v2
+      - name: Login registry
+        run: |
+          echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
       - name: Show Docker Images
         run: docker images
       - name: Publish Docker Images
-        run: make VERSION=${RELEASE:1} DOCKER=coredns -f Makefile.docker docker-push
+        run: make VERSION=${RELEASE:1} GITHUB_USER=${{ github.actor }} -f Makefile.docker docker-push

.github/workflows/push-images.yml

@@ -1,6 +1,5 @@
 ARG DEBIAN_IMAGE=debian:stable-slim
-ARG BASE=gcr.io/distroless/static-debian11:nonroot
-FROM --platform=$BUILDPLATFORM ${DEBIAN_IMAGE} AS build
+FROM --platform=$BUILDPLATFORM ${DEBIAN_IMAGE}
 SHELL [ "/bin/sh", "-ec" ]
 
 RUN export DEBCONF_NONINTERACTIVE_SEEN=true \
@@ -9,14 +8,12 @@ RUN export DEBCONF_NONINTERACTIVE_SEEN=true \
            TERM=linux ; \
     apt-get -qq update ; \
     apt-get -yyqq upgrade ; \
-    apt-get -yyqq install ca-certificates libcap2-bin; \
+    apt-get -yyqq install ca-certificates ; \
     apt-get clean
-COPY coredns /coredns
-RUN setcap cap_net_bind_service=+ep /coredns
 
-FROM --platform=$TARGETPLATFORM ${BASE}
-COPY --from=build /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
-COPY --from=build /coredns /coredns
-USER nonroot:nonroot
+FROM --platform=$TARGETPLATFORM scratch
+COPY --from=0 /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
+ADD coredns /coredns
+
 EXPOSE 53 53/udp
 ENTRYPOINT ["/coredns"]

Dockerfile

@@ -7,27 +7,13 @@ BUILDOPTS:=-v
 GOPATH?=$(HOME)/go
 MAKEPWD:=$(dir $(realpath $(firstword $(MAKEFILE_LIST))))
 CGO_ENABLED?=0
-GOOS?=linux
-GOARCH?=amd64
-VERSION?=latest
-REGISTRY?="ghcr.io/kosmos-io"
 
 .PHONY: all
 all: coredns
 
 .PHONY: coredns
 coredns: $(CHECKS)
-	CGO_ENABLED=$(CGO_ENABLED) GOOS=${GOOS} GOARCH=${GOARCH} go build $(BUILDOPTS) -ldflags="-s -w -X github.com/coredns/coredns/coremain.GitCommit=$(GITCOMMIT)" -o $(BINARY)
-
-.PHONY: images
-images: coredns
-	set -e;\
-	docker buildx build --output=type=docker --platform ${GOOS}/${GOARCH} --tag ${REGISTRY}/coredns:${VERSION} .
-
-.PHONY: push-images
-upload-images: images
-	@echo "push images to $(REGISTRY)"
-	docker push ${REGISTRY}/coredns:${VERSION}
+	CGO_ENABLED=$(CGO_ENABLED) $(SYSTEM) go build $(BUILDOPTS) -ldflags="-s -w -X github.com/coredns/coredns/coremain.GitCommit=$(GITCOMMIT)" -o $(BINARY)
 
 .PHONY: check
 check: core/plugin/zplugin.go core/dnsserver/zdirectives.go

Makefile

@@ -25,14 +25,16 @@ ifeq (, $(shell which jq))
     $(error "No jq in $$PATH, please install")
 endif
 
+# GITHUB_USER
+GITHUB_USER:=
 # VERSION is the version we should download and use.
 VERSION:=
 # DOCKER is the docker image repo we need to push to.
-DOCKER:=
+DOCKER:=ghcr.io/$(GITHUB_USER)
 NAME:=coredns
-GITHUB:=https://github.com/coredns/coredns/releases/download
+GITHUB:=https://github.com/$(GITHUB_USER)/coredns/releases/download
 # mips is not in LINUX_ARCH because it's not supported by docker manifest. Keep this list in sync with the one in Makefile.release
-LINUX_ARCH:=amd64 arm arm64 mips64le ppc64le s390x riscv64
+LINUX_ARCH:=amd64 arm arm64
 DOCKER_IMAGE_NAME:=$(DOCKER)/$(NAME)
 DOCKER_IMAGE_LIST_VERSIONED:=$(shell echo $(LINUX_ARCH) | sed -e "s~mips64le ~~g" | sed -e "s~[^ ]*~$(DOCKER_IMAGE_NAME):&\-$(VERSION)~g")
 
@@ -102,7 +104,6 @@ else
 	@# Pushes coredns/coredns-$arch:$version images
 	@# Creates manifest for multi-arch image
 	@# Pushes multi-arch image to coredns/coredns:$version
-	@echo $(DOCKER_PASSWORD) | docker login -u $(DOCKER_LOGIN) --password-stdin
 	@echo Pushing: $(VERSION) to $(DOCKER_IMAGE_NAME)
 	for arch in $(LINUX_ARCH); do \
 		docker push $(DOCKER_IMAGE_NAME):$${arch}-$(VERSION) ;\
@@ -111,8 +112,4 @@ else
 	docker manifest create --amend $(DOCKER_IMAGE_NAME):latest $(DOCKER_IMAGE_LIST_VERSIONED)
 	docker manifest push --purge $(DOCKER_IMAGE_NAME):$(VERSION)
 	docker manifest push --purge $(DOCKER_IMAGE_NAME):latest
-	TOKEN=$$(curl -s -H "Content-Type: application/json" -X POST -d "{\"username\":\"$(DOCKER_LOGIN)\",\"password\":\"$(DOCKER_PASSWORD)\"}" "https://hub.docker.com/v2/users/login/" | jq -r .token) ; \
-	for arch in $(LINUX_ARCH); do \
-		curl -X DELETE -H "Authorization: JWT $${TOKEN}" "https://hub.docker.com/v2/repositories/$(DOCKER_IMAGE_NAME)/tags/$${arch}-$(VERSION)/" ;\
-	done
 endif

Makefile.docker

@@ -51,7 +51,7 @@ endif
 NAME:=coredns
 VERSION:=$(shell grep 'CoreVersion' coremain/version.go | awk '{ print $$3 }' | tr -d '"')
 GITHUB:=coredns
-LINUX_ARCH:=amd64 arm arm64 mips64le ppc64le s390x mips riscv64
+LINUX_ARCH:=amd64 arm arm64
 
 all:
 	@echo Use the 'release' target to build a release

Makefile.release

@@ -2,7 +2,7 @@ package coremain
 
 // Various CoreDNS constants.
 const (
-	CoreVersion = "1.11.1"
+	CoreVersion = "1.11.2"
 	coreName    = "CoreDNS"
 	serverType  = "dns"
 )

coremain/version.go

@@ -0,0 +1,18 @@
++++
+title = "CoreDNS-1.11.2 Release"
+description = "CoreDNS-1.11.2 Release Notes."
+tags = ["Release", "1.11.2", "Notes"]
+release = "1.11.2"
+date = "2023-10-13T00:00:00+00:00"
+author = "kosmos"
++++
+
+This version is a customized version of Kosmos, with added multi-cluster support, allowing users to resolve cross-cluster services through CoreDNS.
+
+## Brought to You By
+
+wangyizhi1
+
+## Noteworthy Changes
+
+* multi-clusters support

notes/coredns-1.11.2.md

@@ -268,7 +268,7 @@ func (k *Kubernetes) InitKubeCache(ctx context.Context) (onStart func() error, o
 			k.APIConn.Run()
 		}()
 
-		timeout := 5 * time.Second
+		timeout := 30 * time.Second
 		timeoutTicker := time.NewTicker(timeout)
 		defer timeoutTicker.Stop()
 		logDelay := 500 * time.Millisecond