Relocate Docker build and push process to GitHub Workflow

The Docker image creation and pushing procedures have been moved from the goreleaser.yaml file to a separate GitHub Workflow file docker.yml. This shift gives a more granular control over the Docker image build and push operations with specific GitHub Actions. Also, added the Dockerfile instructions and docker-files for image building to cope up with the changed Docker process.

.forgejo/workflows/docker.yml

@@ -0,0 +1,51 @@
+name: Build and Push Docker Image to Docker Hub
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+
+env:
+  REGISTRY: docker.io
+  IMAGE_NAME: wneessen/apg-go
+
+jobs:
+  build:
+    runs-on: docker
+    steps:
+    - uses: actions/checkout@v3
+    - name: Build the Docker image
+      run: docker-compose build --no-cache --force-rm
+  test:
+    runs-on: docker
+    steps:
+      - uses: actions/checkout@v2
+      - name: Test the Docker image
+        run: docker-compose up -d
+  push_to_registry:
+    name: Push Docker image to Docker Hub
+    runs-on: docker
+    steps:
+      - name: Check out the repo
+        uses: actions/checkout@v3
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+      - name: Log in to Docker Hub
+        uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v2
+        with:
+          context: "{{defaultContext}}"
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+

.goreleaser.yaml

@@ -93,14 +93,5 @@ gitea_urls:
   api: https://src.neessen.cloud/api/v1
   download: https://src.neessen.cloud
 
-dockers:
-  - image_templates:
-    - wneessen/apg-go
-
-docker_signs:
-  - artifacts: all
-    stdin: '{{ .Env.COSIGN_PWD }}'
-    cmd: cosign
-
 gomod:
   mod: mod

Dockerfile

@@ -1,7 +1,20 @@
-# SPDX-FileCopyrightText: 2021-2024 Winni Neessen <wn@neessen.dev>
-# 
-# SPDX-License-Identifier: MIT
+## Build first
+FROM golang:latest AS builder
+RUN mkdir /builddir
+ADD . /builddir/
+WORKDIR /builddir
+RUN CGO_ENABLED=0 go build -a -installsuffix cgo -ldflags '-w -s -extldflags "-static"' -o apg-go \
+    github.com/wneessen/apg-go/cmd/apg
 
+## Create scratch image
 FROM scratch
-ENTRYPOINT ["/apg"]
-COPY apg /
+LABEL maintainer="wn@neessen.dev"
+COPY ["docker-files/passwd", "/etc/passwd"]
+COPY ["docker-files/group", "/etc/group"]
+COPY --from=builder ["/etc/ssl/certs/ca-certificates.crt", "/etc/ssl/cert.pem"]
+COPY --chown=apg-go ["LICENSE", "/apg-go/LICENSE"]
+COPY --chown=apg-go ["README.md", "/apg-go/README.md"]
+COPY --from=builder --chown=apg-go ["/builddir/apg-go", "/apg-go/apg-go"]
+WORKDIR /apg-go
+USER apg-go
+ENTRYPOINT ["/apg-go/apg-go"]

docker-files/group

@@ -0,0 +1 @@
+apg-go:*:1000:apg-go

docker-files/passwd

@@ -0,0 +1 @@
+apg-go:*:1000:1000:Automated Password Generator User:/apg-go:/usr/bin/false