fix: the usage is not compatible with old version

Added a lock file to hold make sure that it's safe to rebuild socket file

.github/workflows/pr.yaml

@@ -16,6 +16,4 @@ jobs:
       - name: Commitsar check
         uses: aevea/commitsar@v0.20.2
       - name: Build to test
-        env:
-          SKIP_COMPRESS: "true"
         run: make ci

.github/workflows/push.yaml

@@ -3,9 +3,14 @@ name: Push to Master
 on:
   push:
     branches:
+      - release/v*
       - main
+      - "release/v*"
     tags:
-      - 'v*.*.*'  # Matches any tag that starts with 'v' and follows semantic versioning
+      - "v*.*.*" # Matches any tag that starts with 'v' and follows semantic versioning
+
+env:
+  ALIYUN_REGISTRY: ${{ vars.ALIYUN_REGISTRY || '' }}
 
 jobs:
   build-and-deploy:
@@ -15,63 +20,69 @@ jobs:
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
+      - name: CI
+        env:
+          SKIP_PACKAGE: "true"
+        run: make ci
+      - name: Prepare for packaging image
+        run: cp dist/* package/
+      # aliyun image to test the docker build is ok
       - name: Login to Aliyun ACR
+        if: ${{ vars.ALIYUN_REGISTRY != '' }}
         uses: docker/login-action@v3
         with:
-          registry: registry.cn-shenzhen.aliyuncs.com
+          registry: ${{ env.ALIYUN_REGISTRY }}
           username: ${{ secrets.ACR_USERNAME }}
           password: ${{ secrets.ACR_TOKEN }}
-        if: ${{ vars.ALIYUN == 'true' }}
+      - name: Aliyun image docker meta
+        if: ${{ vars.ALIYUN_REGISTRY != '' }}
+        id: aliyun-meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.ALIYUN_REGISTRY }}/${{ vars.REPO || 'cnrancher' }}/${{ vars.IMAGE || 'kube-explorer' }}
+          tags: |
+            type=ref,event=tag
+            type=ref,event=branch,suffix=-head
+      - name: Build to Aliyun
+        if: ${{ vars.ALIYUN_REGISTRY != '' }}
+        uses: docker/build-push-action@v6
+        with:
+          labels: ${{ steps.aliyun-meta.outputs.labels }}
+          tags: "${{ steps.aliyun-meta.outputs.tags }}"
+          context: package
+          push: true
+      
+      # docker hub multi-arch image
       - name: Login to Dockerhub
         uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
-      - name: CI
+      - name: Docker meta
-        if: startsWith(github.ref, 'refs/heads/')
+        id: meta
-        env: 
+        uses: docker/metadata-action@v5
-          CROSS: push
+        with:
-        run: make github_ci
+          images: ${{ vars.REPO || 'cnrancher' }}/${{ vars.IMAGE || 'kube-explorer' }}
-
+          tags: |
-      - name: CI
+            type=ref,event=tag
-        if: startsWith(github.ref, 'refs/tags/')
+            type=ref,event=branch,suffix=-head
-        env: 
+      - name: Set up QEMU
-          CROSS: tag
-        run: |
-          make github_ci
-          make release-note
-
-      - name: Prepare for packaging image
-        run: cp dist/* package/
-      - name: Set docker iamge name
-        id: image-name
-        env:
-          REPO_OVERRIDE: ${{ vars.REPO || 'cnrancher' }}
-          IMAGE_OVERRIDE: ${{ vars.IMAGE || 'kube-explorer' }}
-        run: |
-          tag_name=latest;
-          if [[ ${GITHUB_REF} == refs/tags/* ]]; then tag_name=${GITHUB_REF#refs/tags/}; fi; 
-          echo "image_name=${REPO_OVERRIDE}/${IMAGE_OVERRIDE}:${tag_name}" >> $GITHUB_OUTPUT;
-      -
-        name: Set up QEMU
         uses: docker/setup-qemu-action@v3
-      -
+      - name: Set up Docker Buildx
-        name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
       - name: Build to Dockerhub
         uses: docker/build-push-action@v6
         with:
           platforms: linux/amd64,linux/arm64/v8
-          tags: "${{ steps.image-name.outputs.image_name }}"
+          labels: ${{ steps.meta.outputs.labels }}
+          tags: "${{ steps.meta.outputs.tags }}"
           context: package
           push: true
-      - name: Build to Aliyun
+
-        uses: docker/build-push-action@v6
+      - name: Make release note
-        with:
+        if: startsWith(github.ref, 'refs/tags/')
-          tags: registry.cn-shenzhen.aliyuncs.com/${{ steps.image-name.outputs.image_name }}
+        run: |
-          context: package
+          make release-note
-          push: true
-        if: ${{ vars.ALIYUN == 'true' }}
       - name: Release
         uses: softprops/action-gh-release@v2
         if: startsWith(github.ref, 'refs/tags/')

.gitignore

@@ -23,3 +23,7 @@
 /.vscode
 /vendor
 /internal/ui/ui/
+**/Dockerfile.dapper*
+!**/Dockerfile.dapper
+
+dist/

.goreleaser.yaml

@@ -0,0 +1,75 @@
+# This is an example .goreleaser.yml file with some sensible defaults.
+# Make sure to check the documentation at https://goreleaser.com
+
+# The lines below are called `modelines`. See `:help modeline`
+# Feel free to remove those if you don't want/need to use them.
+# yaml-language-server: $schema=https://goreleaser.com/static/schema.json
+# vim: set ts=2 sw=2 tw=0 fo=cnqoj
+
+version: 2
+
+dist: bin
+
+before:
+  hooks:
+    # You may remove this if you don't use go modules.
+    - go mod tidy
+
+builds:
+  - id: prod
+    env:
+      - CGO_ENABLED=0
+    targets:
+      - "darwin_amd64"
+      - "darwin_arm64"
+      - "linux_amd64"
+      - "linux_arm64"
+      - "linux_arm"
+      - "windows_amd64"
+    flags:
+      - -tags=embed
+    binary: '{{ .ProjectName }}-{{ .Os }}-{{ .Arch }}'
+    ldflags: |
+      {{ if ne .Os "darwin" }}
+      -extldflags -static -s
+      {{ else }}
+      -s -w
+      {{ end }}
+      -X github.com/cnrancher/kube-explorer/internal/version.Version={{ .Env.VERSION }}
+      -X github.com/cnrancher/kube-explorer/internal/version.GitCommit={{ .Env.COMMIT }}
+      -X github.com/cnrancher/kube-explorer/internal/config.APIUIVersion={{ .Env.CATTLE_API_UI_VERSION }}
+    no_unique_dist_dir: true
+  - id: dev
+    env:
+      - CGO_ENABLED=0
+    targets:
+      - "linux_amd64"
+      - "linux_arm64"
+    flags:
+      - -tags=embed
+    binary: '{{ .ProjectName }}-{{ .Os }}-{{ .Arch }}'
+    ldflags: |
+      {{ if ne .Os "darwin" }}
+      -extldflags -static -s
+      {{ else }}
+      -s -w
+      {{ end }}
+      -X github.com/cnrancher/kube-explorer/internal/version.Version={{ .Env.VERSION }}
+      -X github.com/cnrancher/kube-explorer/internal/version.GitCommit={{ .Env.COMMIT }}
+      -X github.com/cnrancher/kube-explorer/internal/config.APIUIVersion={{ .Env.CATTLE_API_UI_VERSION }}
+    no_unique_dist_dir: true
+upx:
+  - compress: "5"
+    ids:
+      - prod
+    enabled: true
+    goos:
+      - linux
+      - windows
+
+changelog:
+  sort: asc
+  filters:
+    exclude:
+      - "^docs:"
+      - "^test:"

Dockerfile.dapper

@@ -1,6 +1,7 @@
+FROM goreleaser/goreleaser:v2.3.2 as goreleaser
 FROM aevea/release-notary:0.9.2 as tools
 
-FROM registry.suse.com/bci/golang:1.22
+FROM registry.suse.com/bci/golang:1.23
 ARG PROXY
 ARG GOPROXY
 ARG DAPPER_HOST_ARCH
@@ -8,21 +9,21 @@ ENV HOST_ARCH=${DAPPER_HOST_ARCH} ARCH=${DAPPER_HOST_ARCH}
 ENV https_proxy=${PROXY} \
     http_proxy=${PROXY}
 
-RUN zypper -n install ca-certificates git-core wget curl unzip tar vim less file xz
+RUN zypper -n install ca-certificates git-core wget curl unzip tar vim less file xz cosign docker
-RUN zypper install -y -f docker
 
 ENV UPX_VERSION 4.2.1
 RUN curl -sL https://github.com/upx/upx/releases/download/v${UPX_VERSION}/upx-${UPX_VERSION}-${ARCH}_linux.tar.xz | tar xvJf - --strip-components=1 -C /tmp && \
     mv /tmp/upx /usr/bin/
 
 RUN if [ "${ARCH}" == "amd64" ]; then \
-    curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s v1.54.2; \
+    curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s v1.61.0; \
     fi
+COPY --from=goreleaser /usr/bin/goreleaser /usr/bin/goreleaser 
 COPY --from=tools /app/release-notary /usr/local/bin/
-ENV CATTLE_DASHBOARD_UI_VERSION="v2.8.0-kube-explorer-ui-rc3"
+ENV CATTLE_DASHBOARD_UI_VERSION="v2.9.2-kube-explorer-ui-rc1"
 ENV CATTLE_API_UI_VERSION="1.1.11"
 
-ENV DAPPER_ENV REPO TAG DRONE_TAG CROSS GOPROXY SKIP_COMPRESS GITHUB_REPOSITORY GITHUB_TOKEN
+ENV DAPPER_ENV REPO TAG DRONE_TAG CROSS GOPROXY GITHUB_TOKEN GITHUB_REF GITHUB_REF_NAME BUILD_TARGET SKIP_PACKAGE
 ENV DAPPER_SOURCE /go/src/github.com/cnrancher/kube-explorer
 ENV DAPPER_OUTPUT ./bin ./dist
 ENV DAPPER_DOCKER_SOCKET true

README.md

@@ -10,7 +10,7 @@ Please download the binary from the [release page](https://github.com/cnrancher/
 
 To run an HTTP only server:
 
-```
+```bash
 ./kube-explorer --kubeconfig=xxxx --http-listen-port=9898 --https-listen-port=0
 ```
 
@@ -22,20 +22,47 @@ Then, open the browser to visit http://x.x.x.x:9898 .
 
 To debug on an AMD64 Linux host:
 
-```
+```bash
 make dev
 
 # $basedir=/opt/ui/dist/
 # prepare the file trees like this
 # $basedir/dashboard/
+# $basedir/api-ui/
 # $basedir/index.html
 
 # good to go!
-./kube-explorer --debug  --ui-path /opt/ui/dist/ --http-listen-port=9898 --https-listen-port=0
+./bin/kube-explorer --debug  --ui-path /opt/ui/dist/ --http-listen-port=9898 --https-listen-port=0
 ```
 
 To build all cross-platform binaries:
 
+```bash
+CROSS=tag make
 ```
-CROSS=1 make
+
-```
+## Supported features
+
+- Specified system default registry for shell image, e.g. `--system-default-registry`
+- Specified shell image name, e.g. `--pod-image`
+- Deployed behind proxy
+  - [Behind ingress with dns name](./deploy/kubectl/README.md)
+  - [Behind ingress with dns name and path prefix](./deploy/kubectl/path-prefix/Readme.md)
+  - Base auth via ingress such as [nginx](./deploy/kubectl/nginx-auth/README.md), [traefik-v1](./deploy/kubectl/traefik-v1-auth/README.md) and [traefik-v2](./deploy/kubectl/traefik-v2-auth/README.md)
+
+## Support Matrix
+
+Currently, there are several major versions under maintenance, each tailored to different Kubernetes version ranges due to the use of varying steve and client-go versions.
+
+| Major | Target Rancher Branch | K8s version range |
+| ----- | --------------------- | ----------------- |
+| v0.4  | v2.8.x                | >= 1.25 <= 1.28   |
+| v0.5  | v2.9.x                | >= 1.27 <= 1.30   |
+
+Please use the proper kube-explorer version for your k8s setup.
+
+## Related Projects
+
+- kube-explorer ui([https://github.com/cnrancher/kube-explorer-ui](https://github.com/cnrancher/kube-explorer-ui))
+- autok3s([https://github.com/cnrancher/autok3s](https://github.com/cnrancher/autok3s))
+- api-ui([https://github.com/rancher/api-ui](https://github.com/rancher/api-ui))

go.mod

@@ -5,9 +5,11 @@ go 1.22.0
 replace k8s.io/client-go => k8s.io/client-go v0.30.1
 
 require (
+	github.com/Microsoft/go-winio v0.6.2
 	github.com/gorilla/mux v1.8.1
 	github.com/rancher/apiserver v0.0.0-20240708202538-39a6f2535146
-	github.com/rancher/steve v0.0.0-20240709130809-47871606146c
+	github.com/rancher/dynamiclistener v0.6.0-rc2
+	github.com/rancher/steve v0.0.0-20240911190153-79304d93b49b
 	github.com/rancher/wrangler/v3 v3.0.0
 	github.com/sirupsen/logrus v1.9.3
 	github.com/urfave/cli v1.22.15
@@ -62,7 +64,6 @@ require (
 	github.com/prometheus/client_model v0.4.0 // indirect
 	github.com/prometheus/common v0.44.0 // indirect
 	github.com/prometheus/procfs v0.10.1 // indirect
-	github.com/rancher/dynamiclistener v0.6.0-rc2 // indirect
 	github.com/rancher/kubernetes-provider-detector v0.1.5 // indirect
 	github.com/rancher/lasso v0.0.0-20240705194423-b2a060d103c1 // indirect
 	github.com/rancher/norman v0.0.0-20240708202514-a0127673d1b9 // indirect

go.sum

@@ -601,6 +601,8 @@ github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03
 github.com/BurntSushi/toml v1.3.2/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
 github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
 github.com/JohnCGriffin/overflow v0.0.0-20211019200055-46fa312c352c/go.mod h1:X0CRv0ky0k6m906ixxpzmDRLvX58TFUKS2eePweuyxk=
+github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY=
+github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU=
 github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ=
 github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
 github.com/PuerkitoBio/purell v1.0.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0=
@@ -1029,8 +1031,8 @@ github.com/rancher/norman v0.0.0-20240708202514-a0127673d1b9 h1:AlRMRs5mHJcdiK83
 github.com/rancher/norman v0.0.0-20240708202514-a0127673d1b9/go.mod h1:dyjfXBsNiroPWOdUZe7diUOUSLf6HQ/r2kEpwH/8zas=
 github.com/rancher/remotedialer v0.3.2 h1:kstZbRwPS5gPWpGg8VjEHT2poHtArs+Fc317YM8JCzU=
 github.com/rancher/remotedialer v0.3.2/go.mod h1:Ys004RpJuTLSm+k4aYUCoFiOOad37ubYev3TkOFg/5w=
-github.com/rancher/steve v0.0.0-20240709130809-47871606146c h1:PIaN0/KUyGcqEcT6GyjUidld2lgGkGxS4dmC3Je3dFs=
+github.com/rancher/steve v0.0.0-20240911190153-79304d93b49b h1:2DhkNKDgKPI2PcJRGacpJ9dX9SWgKuhwbz5GlpHS1No=
-github.com/rancher/steve v0.0.0-20240709130809-47871606146c/go.mod h1:Za4nSt0V6kIHRfUo6jTXKkv6ABMMCHINA8EzhzygCfk=
+github.com/rancher/steve v0.0.0-20240911190153-79304d93b49b/go.mod h1:cXF0TFURkjN98p/0nt7Y8F1IEtT1nZTSYrQu6HQqL14=
 github.com/rancher/wrangler/v3 v3.0.0 h1:IHHCA+vrghJDPxjtLk4fmeSCFhNe9fFzLFj3m2B0YpA=
 github.com/rancher/wrangler/v3 v3.0.0/go.mod h1:Dfckuuq7MJk2JWVBDywRlZXMxEyPxHy4XqGrPEzu5Eg=
 github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=

internal/config/flags.go

@@ -8,6 +8,7 @@ var InsecureSkipTLSVerify bool
 var SystemDefaultRegistry string
 var APIUIVersion = "1.1.11"
 var ShellPodImage string
+var BindAddress string
 
 func Flags() []cli.Flag {
 	return []cli.Flag{
@@ -30,5 +31,10 @@ func Flags() []cli.Flag {
 			Destination: &APIUIVersion,
 			Value:       APIUIVersion,
 		},
+		cli.StringFlag{
+			Name:        "bind-address",
+			Destination: &BindAddress,
+			Usage:       `Bind address with url format. The supported schemes are unix, tcp and namedpipe, e.g. unix:///path/to/kube-explorer.sock or namedpipe:/\.\pipe\kube-explorer`,
+		},
 	}
 }

internal/server/listener.go

@@ -0,0 +1,52 @@
+package server
+
+import (
+	"context"
+	"log"
+	"net"
+	"net/http"
+
+	"github.com/cnrancher/kube-explorer/internal/config"
+	dynamicserver "github.com/rancher/dynamiclistener/server"
+	"github.com/rancher/steve/pkg/server"
+	"github.com/sirupsen/logrus"
+)
+
+func Serve(ctx context.Context, server *server.Server) error {
+	listener, ipOrPath, err := ensureListener(ctx)
+	if err != nil {
+		return err
+	}
+	if listener != nil {
+		defer listener.Close()
+		return serveSocket(ctx, ipOrPath, listener, server)
+	}
+	return server.ListenAndServe(ctx, config.Steve.HTTPSListenPort, config.Steve.HTTPListenPort, &dynamicserver.ListenOpts{
+		BindHost: ipOrPath,
+	})
+}
+
+func serveSocket(ctx context.Context, socketPath string, listener net.Listener, handler http.Handler) error {
+	logger := logrus.StandardLogger()
+	errorLog := log.New(logger.WriterLevel(logrus.DebugLevel), "", log.LstdFlags)
+	socketServer := &http.Server{
+		Handler:  handler,
+		ErrorLog: errorLog,
+		BaseContext: func(_ net.Listener) context.Context {
+			return ctx
+		},
+	}
+	go func() {
+		logrus.Infof("Listening on %s", socketPath)
+		err := socketServer.Serve(listener)
+		if err != http.ErrServerClosed && err != nil {
+			logrus.Fatalf("https server failed: %v", err)
+		}
+	}()
+	go func() {
+		<-ctx.Done()
+		_ = socketServer.Shutdown(context.Background())
+	}()
+	<-ctx.Done()
+	return ctx.Err()
+}

internal/server/listener_unix.go

@@ -0,0 +1,99 @@
+//go:build unix
+// +build unix
+
+package server
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"net"
+	"net/url"
+	"os"
+	"path/filepath"
+	"strings"
+	"syscall"
+
+	"github.com/cnrancher/kube-explorer/internal/config"
+	"github.com/sirupsen/logrus"
+)
+
+var _ net.Listener = &closerListener{}
+
+type closerListener struct {
+	listener net.Listener
+	lockFile *os.File
+}
+
+func (l *closerListener) Accept() (net.Conn, error) {
+	return l.listener.Accept()
+}
+
+func (l *closerListener) Close() error {
+	return errors.Join(
+		l.listener.Close(),
+		l.lockFile.Close(),
+		os.RemoveAll(l.lockFile.Name()),
+	)
+}
+
+func (l *closerListener) Addr() net.Addr {
+	return l.listener.Addr()
+}
+
+func ensureListener(ctx context.Context) (net.Listener, string, error) {
+	if config.BindAddress == "" {
+		return nil, "", nil
+	}
+	u, err := url.Parse(config.BindAddress)
+	if err != nil {
+		return nil, "", err
+	}
+	switch u.Scheme {
+	case "":
+		return nil, config.BindAddress, nil
+	case "tcp":
+		return nil, u.Host, nil
+	case "unix":
+		listener, err := createCloserListener(ctx, u.Path)
+		if err != nil {
+			return nil, "", err
+		}
+		return listener, u.Path, err
+	default:
+		return nil, "", fmt.Errorf("Unsupported scheme %s, only tcp and unix are supported in UNIX OS", u.Scheme)
+	}
+}
+
+func createCloserListener(ctx context.Context, socketPath string) (net.Listener, error) {
+	lockFilePath := getLockFileName(socketPath)
+	lockFile, err := os.OpenFile(lockFilePath, os.O_RDONLY|os.O_CREATE, 0600)
+	if err != nil {
+		return nil, err
+	}
+
+	lockErr := syscall.Flock(int(lockFile.Fd()), syscall.LOCK_EX|syscall.LOCK_NB)
+	if lockErr != nil {
+		return nil, fmt.Errorf("Socket file %s is in use, exiting", socketPath)
+	}
+
+	if _, err := os.Stat(socketPath); err == nil {
+		logrus.Infof("Removing stale socket file %s", socketPath)
+		_ = os.Remove(socketPath)
+	}
+
+	var lc net.ListenConfig
+	listener, err := lc.Listen(ctx, "unix", socketPath)
+	if err != nil {
+		return nil, err
+	}
+
+	return &closerListener{
+		listener: listener,
+		lockFile: lockFile,
+	}, nil
+}
+
+func getLockFileName(socketPath string) string {
+	return strings.TrimSuffix(socketPath, filepath.Ext(socketPath)) + ".lock"
+}

internal/server/listener_windows.go

@@ -0,0 +1,35 @@
+//go:build windows
+// +build windows
+
+package server
+
+import (
+	"context"
+	"fmt"
+	"net"
+	"net/url"
+
+	"github.com/Microsoft/go-winio"
+	"github.com/cnrancher/kube-explorer/internal/config"
+)
+
+func ensureListener(_ context.Context) (net.Listener, string, error) {
+	if config.BindAddress == "" {
+		return nil, "", nil
+	}
+	u, err := url.Parse(config.BindAddress)
+	if err != nil {
+		return nil, "", err
+	}
+	switch u.Scheme {
+	case "":
+		return nil, config.BindAddress, nil
+	case "tcp":
+		return nil, u.Host, nil
+	case "namedpipe":
+		listener, err := winio.ListenPipe(u.Path, nil)
+		return listener, u.Path, err
+	default:
+		return nil, "", fmt.Errorf("Unsupported scheme %s, only tcp and namedpipe are supported in windows", u.Scheme)
+	}
+}

main.go

@@ -3,9 +3,9 @@ package main
 import (
 	"os"
 
+	"github.com/cnrancher/kube-explorer/internal/version"
 	"github.com/rancher/steve/pkg/debug"
 	stevecli "github.com/rancher/steve/pkg/server/cli"
-	"github.com/rancher/steve/pkg/version"
 	"github.com/rancher/wrangler/v3/pkg/signals"
 	"github.com/sirupsen/logrus"
 	"github.com/urfave/cli"
@@ -38,7 +38,7 @@ func run(_ *cli.Context) error {
 	if err != nil {
 		return err
 	}
-	return s.ListenAndServe(ctx, keconfig.Steve.HTTPSListenPort, keconfig.Steve.HTTPListenPort, nil)
+	return server.Serve(ctx, s)
 }
 
 func joinFlags(flags ...[]cli.Flag) []cli.Flag {

package/Dockerfile

@@ -4,5 +4,4 @@ ARG TARGETOS
 ENV ARCH=${TARGETARCH:-"amd64"} OS=${TARGETOS:-"linux"}
 RUN zypper install -y catatonit
 COPY kube-explorer-${OS}-${ARCH} /usr/bin/kube-explorer
-ENTRYPOINT [ "/usr/bin/catatonit", "--" ]
+ENTRYPOINT [ "/usr/bin/catatonit", "--", "kube-explorer" ]
-CMD [ "kube-explorer" ]

scripts/build

@@ -6,77 +6,33 @@ cd "$(dirname $0)/.."
 
 rm -rf ./bin/* ./dist/*
 
-OS_ARCH_ARG_LINUX="amd64 arm arm64"
+BUILD_TARGET="${BUILD_TARGET:-dev}"
-OS_ARCH_ARG_DARWIN="amd64 arm64"
+CROSS=${CROSS:-}
-OS_ARCH_ARG_WINDOWS="amd64"
 
-LD_INJECT_VALUES="-X github.com/cnrancher/kube-explorer/internal/version.Version=$VERSION
+if [[ ${GITHUB_REF} == refs/tags/* ]]; then
-                  -X github.com/cnrancher/kube-explorer/internal/version.GitCommit=$COMMIT
+    CROSS=tag
-                  -X github.com/cnrancher/kube-explorer/internal/config.APIUIVersion=$CATTLE_API_UI_VERSION"
+elif [ -n "${GITHUB_REF}"  ]; then
-
+    CROSS=push
-[ "$(uname)" != "Darwin" ] && LINKFLAGS="-extldflags -static -s"
+fi
 
 case "$CROSS" in
-    "push")
-        for ARCH in ${OS_ARCH_ARG_LINUX}; do
-            OUTPUT_BIN="bin/kube-explorer-linux-$ARCH"
-            echo "Building binary for linux/$ARCH..."
-            GOARCH=$ARCH GOOS=linux CGO_ENABLED=0 go build -tags embed \
-                    -ldflags \
-                    "$LD_INJECT_VALUES $LINKFLAGS" \
-                    -o ${OUTPUT_BIN}
-        done
-        ;;
     "tag")
-        for ARCH in ${OS_ARCH_ARG_LINUX}; do
+    BUILD_TARGET="prod"
-            OUTPUT_BIN="bin/kube-explorer-linux-$ARCH"
+    ;;
-            echo "Building binary for linux/$ARCH..."
+    "push")
-            GOARCH=$ARCH GOOS=linux CGO_ENABLED=0 go build -tags embed \
+    ;;
-                    -ldflags \
-                    "$LD_INJECT_VALUES $LINKFLAGS" \
-                    -o ${OUTPUT_BIN}
-        done
-
-        for ARCH in ${OS_ARCH_ARG_DARWIN}; do
-            OUTPUT_BIN="bin/kube-explorer-darwin-$ARCH"
-            echo "Building binary for darwin/$ARCH..."
-            GOARCH=$ARCH GOOS=darwin CGO_ENABLED=0 go build -tags embed \
-                    -ldflags \
-                    "$LD_INJECT_VALUES" \
-                    -o ${OUTPUT_BIN}
-        done
-
-        for ARCH in ${OS_ARCH_ARG_WINDOWS}; do
-            OUTPUT_BIN="bin/kube-explorer-windows-$ARCH.exe"
-            echo "Building binary for windows/$ARCH..."
-            GOARCH=$ARCH GOOS=windows CGO_ENABLED=0 go build -tags embed \
-                    -ldflags \
-                    "$LD_INJECT_VALUES" \
-                    -o ${OUTPUT_BIN}
-        done
-        ;;
     *)
-        # only build one for current platform
+    BUILD_ARG="${BUILD_ARG} --single-target"
-        CGO_ENABLED=0 go build -tags embed \
+    ;;
-            -ldflags \
-            "$LD_INJECT_VALUES $LINKFLAGS" \
-            -o "bin/kube-explorer-$(uname | tr '[:upper:]' '[:lower:]')-${ARCH}"
-        ;;
 esac
 
+BUILD_ARG="${BUILD_ARG:-} --skip validate --id ${BUILD_TARGET}"
+
 mkdir -p "./bin"
+
+# upx is handled  by goreleaser
+VERSION=${VERSION} COMMIT=${COMMIT} goreleaser build $BUILD_ARG
+
 mkdir -p "./dist"
 
-for f in ./bin/*; do
+cp -r bin/kube-explorer-* dist/
-    filename=$(basename "$f")
-    if [[ $filename != *darwin* && -z "$SKIP_COMPRESS" ]]; then
-        if upx -o "./dist/$filename" "$f"; then
-            echo "UPX done for $filename!"
-        else
-            echo "UPX failed for $filename, copying original file."
-            cp "$f" "./dist/$filename"
-        fi
-    else
-        cp "$f" "./dist/$filename"
-    fi
-done

scripts/ci

@@ -6,4 +6,6 @@ cd $(dirname $0)
 ./download
 ./validate
 ./build
-./package
+if [ -z "${SKIP_PACKAGE}" ]; then
+  ./package
+fi

scripts/dev

@@ -1,8 +1,10 @@
 #!/bin/bash
 set -e
 
-cd $(dirname $0)
+cd "$(dirname $0)/.."
-./download
+./scripts/download
+
+source $(dirname $0)/version
 
 [ "$(uname)" != "Darwin" ] && LINKFLAGS="-extldflags -static -s"
 

scripts/download

@@ -14,7 +14,7 @@ rm -rf internal/ui/ui/*
 
 mkdir -p internal/ui/ui/dashboard 
 cd internal/ui/ui/dashboard || exit 1;
-curl -sL https://pandaria-dashboard-ui.s3.ap-southeast-2.amazonaws.com/release-2.8-cn/kube-explorer-ui/${CATTLE_DASHBOARD_UI_VERSION}.tar.gz | $TAR_CMD xvzf - --strip-components=2
+curl -sL https://pandaria-dashboard-ui.s3.ap-southeast-2.amazonaws.com/release-2.9-cn/kube-explorer-ui/${CATTLE_DASHBOARD_UI_VERSION}.tar.gz | $TAR_CMD xvzf - --strip-components=2
 cp index.html ../index.html
 
 mkdir ../api-ui

scripts/github_ci

@@ -1,9 +0,0 @@
-#!/bin/bash
-set -e
-
-cd $(dirname $0)
-
-./download
-./validate
-./build
-

scripts/version

@@ -1,11 +1,15 @@
 #!/bin/bash
 
+if [[ ${GITHUB_REF} == refs/tags/* ]]; then
+    GIT_TAG=${GIT_TAG:-${GITHUB_REF_NAME}}
+fi
+
 if [ -n "$(git status --porcelain --untracked-files=no)" ]; then
     DIRTY="-dirty"
 fi
 
 COMMIT=$(git rev-parse --short HEAD)
-GIT_TAG=${DRONE_TAG:-$(git tag -l --contains HEAD | head -n 1)}
+GIT_TAG=${GIT_TAG:-$(git tag -l --contains HEAD | head -n 1)}
 
 if [[ -z "$DIRTY" && -n "$GIT_TAG" ]]; then
     VERSION=$GIT_TAG