coredns(plugin+ci): Add build image job for coredns plugin

Adds a anew buid images github action for the kuadrant CoreDNS plugin.

Add coredns_plugin to branches (DO NOT MERGE)

Signed-off-by: Michael Nairn <[email protected]>

Author: mikenairn

.github/workflows/build-coredns-images.yaml

@@ -0,0 +1,68 @@
+name: Build and Publish CoreDNS Images
+
+on:
+  push:
+    branches:
+      - main
+      - coredns_plugin
+      - "release-*"
+  workflow_dispatch:
+
+env:
+  IMG_TAGS: ${{ github.sha }} ${{ github.ref_name }}
+  IMG_REGISTRY_HOST: quay.io
+  IMG_REGISTRY_ORG: kuadrant
+  IMG_REGISTRY_REPO: coredns-kuadrant
+  MAIN_BRANCH_NAME: main
+  COREDNS_PLUGIN_NAME: coredns-kuadrant
+
+jobs:
+  build:
+    name: Build and Push CoreDNS image
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+
+      - name: Add latest tag
+        if: ${{ github.ref_name == env.MAIN_BRANCH_NAME }}
+        id: add-latest-tag
+        run: |
+          echo "IMG_TAGS=latest ${{ env.IMG_TAGS }}" >> $GITHUB_ENV
+
+      - name: Install qemu dependency
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y qemu-user-static
+
+      - name: Run make coredns-generate-demo-geo-db
+        run: |
+          make coredns-generate-demo-geo-db
+
+      - name: Build Image
+        id: build-image
+        uses: redhat-actions/buildah-build@v2
+        with:
+          image: ${{ env.COREDNS_PLUGIN_NAME }}
+          tags: ${{ env.IMG_TAGS }}
+          platforms: linux/amd64,linux/arm64
+          context: ./coredns/plugin
+          dockerfiles: |
+            ./coredns/plugin/Dockerfile
+
+      - name: Print Build Info
+        run: echo "Image = ${{ steps.build-image.outputs.image }}, Tags = ${{ steps.build-image.outputs.tags }}"
+
+      - name: Push Image
+        if: github.repository_owner == 'kuadrant'
+        id: push-to-quay
+        uses: redhat-actions/push-to-registry@v2
+        with:
+          image: ${{ steps.build-image.outputs.image }}
+          tags: ${{ steps.build-image.outputs.tags }}
+          registry: ${{ env.IMG_REGISTRY_HOST }}/${{ env.IMG_REGISTRY_ORG }}
+          username: ${{ secrets.IMG_REGISTRY_USERNAME }}
+          password: ${{ secrets.IMG_REGISTRY_TOKEN }}
+
+      - name: Print Image URL
+        run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}"

coredns/plugin/Dockerfile

@@ -1,5 +1,39 @@
-FROM alpine:3.21.0
-COPY coredns /
+# Build the manager binary
+FROM mirror.gcr.io/library/golang:1.23 AS builder
+ARG TARGETOS
+ARG TARGETARCH
+
+WORKDIR /workspace
+# Copy the Go Modules manifests
+COPY go.mod go.mod
+COPY go.sum go.sum
+# cache deps before building and copying source so that we don't need to re-download as much
+# and so that source changes don't invalidate our downloaded layer
+RUN go mod download
+
+# Copy the go source
+COPY cmd/coredns.go cmd/coredns.go
+COPY dnsop/ dnsop/
+COPY k8s.go k8s.go
+COPY kuadrant.go kuadrant.go
+COPY setup.go setup.go
+COPY weighted.go weighted.go
+COPY zone.go zone.go
+
+# Build
+# the GOARCH has not a default value to allow the binary be built according to the host where the command
+# was called. For example, if we call make docker-build in a local env which has the Apple Silicon M1 SO
+# the docker BUILDPLATFORM arg will be linux/arm64 when for Apple x86 it will be linux/amd64. Therefore,
+# by leaving it empty we can ensure that the container and binary shipped on it will have the same platform.
+RUN CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} go build cmd/coredns.go
+
+# Use distroless as minimal base image to package the manager binary
+# Refer to https://github.com/GoogleContainerTools/distroless for more details
+FROM gcr.io/distroless/static:nonroot
+WORKDIR /
+COPY --from=builder /workspace/coredns .
+#Copy the demo geo db
 COPY geoip/GeoLite2-City-demo.mmdb /
-EXPOSE 53 53/udp
+USER 65532:65532
+
 ENTRYPOINT ["/coredns"]