Fix build

.dockerignore

@@ -1,12 +1,3 @@
-.dockerignore
-Dockerfile
-
-.git/
-.gitignore
-
-bin/
-
-LICENSE
-README.md
-
-charts/
+# Only allow access to cost-manager binary
+*
+!/bin/cost-manager

.github/workflows/ci.yaml

@@ -2,26 +2,31 @@
 name: ci
 on: push
 jobs:
-  test:
-    # if: ${{ github.event.pull_request.head.repo.full_name != github.repository }}
+  # https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-go
+  build:
     runs-on: ubuntu-latest
     steps:
     - name: Checkout
       uses: actions/checkout@v4
-    - name: Set up QEMU
-      uses: docker/setup-qemu-action@v3
-    - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@v3
-    - name: Build and push
-      uses: docker/build-push-action@v5
+    - name: Setup Go
+      uses: actions/setup-go@v4
       with:
-        context: .
-        platforms: linux/amd64
-        push: false
-  build:
-    # Only build Docker image for repository PRs since it requires Docker Hub credentials:
+        go-version: '1.21'
+    - name: Test
+      run: go test -race ./...
+    - name: Build
+      run: CGO_ENABLED=0 go build -tags netgo -ldflags="-s -w" -o cost-manager
+    - name: Upload binary
+      uses: actions/upload-artifact@v3
+      with:
+        name: cost-manager
+        path: cost-manager
+  release:
+    # Only build Docker image for repository PRs since secrets are not available to forks:
     # https://github.com/orgs/community/discussions/25217#discussioncomment-3246902
-    # if: ${{ github.event.pull_request.head.repo.full_name == github.repository }}
+    if: ${{ github.event.pull_request.head.repo.full_name == github.repository }}
+    # We require the cost-manager binary artifact from the build job
+    needs: build
     runs-on: ubuntu-latest
     steps:
     - name: Checkout
@@ -35,6 +40,10 @@ jobs:
       with:
         username: ${{ secrets.DOCKERHUB_USERNAME }}
         password: ${{ secrets.DOCKERHUB_TOKEN }}
+    - name: Download binary
+      uses: actions/download-artifact@v3
+      with:
+        name: cost-manager
     - name: Build and push
       uses: docker/build-push-action@v5
       # https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable
@@ -46,3 +55,6 @@ jobs:
         platforms: linux/amd64
         push: true
         tags: ${{ secrets.DOCKERHUB_USERNAME }}/cost-manager:${{ env.BRANCH == 'main' && 'latest' || env.BRANCH }}
+        # https://docs.docker.com/build/ci/github-actions/cache/#registry-cache
+        cache-from: type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/cost-manager:buildcache
+        cache-to: type=registry,ref=${{ secrets.DOCKERHUB_USERNAME }}/cost-manager:buildcache,mode=max

CODEOWNERS

@@ -0,0 +1 @@
+* @dippynark

Dockerfile

@@ -1,22 +1,4 @@
-FROM golang:1.21 as build
-
-WORKDIR /go/src/cost-manager
-
-COPY go.mod go.sum ./
-RUN go mod download
-
-COPY . .
-
-# Ensure Go files are formatted correctly
-RUN test -z "$(gofmt -l .)"
-
-# Run unit tests
-RUN go test -race ./...
-
-# Build static cost-manager binary
-RUN CGO_ENABLED=0 go build -tags netgo -ldflags="-s -w" -o /go/bin/cost-manager
-
 FROM gcr.io/distroless/static-debian12:nonroot
 
-COPY --from=build /go/bin/cost-manager /
+COPY ./bin/cost-manager /
 ENTRYPOINT ["/cost-manager"]

Makefile

@@ -2,13 +2,10 @@ test:
 	go test ./...
 
 build: test
-	go build -o ./bin/cost-manager
+	CGO_ENABLED=0 go build -tags netgo -ldflags="-s -w" -o ./bin/cost-manager
 
 run: build
 	./bin/cost-manager
 
-image:
-	docker buildx build \
-		-t cost-manager \
-		--platform linux/amd64 \
-		.
+image: build
+	docker build -t cost-manager .