diff --git a/.github/workflows/make.yml b/.github/workflows/make.yml index 27ab545e5..0cb83359d 100644 --- a/.github/workflows/make.yml +++ b/.github/workflows/make.yml @@ -46,6 +46,10 @@ jobs: # used to publish releases to GitHub by GoReleaser GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + # used to publish docker images + DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} + DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} + # used in Azure tests KOPIA_AZURE_TEST_CONTAINER: ${{ secrets.KOPIA_AZURE_TEST_CONTAINER }} KOPIA_AZURE_TEST_STORAGE_ACCOUNT: ${{ secrets.KOPIA_AZURE_TEST_STORAGE_ACCOUNT }} @@ -109,6 +113,12 @@ jobs: - name: Install macOS-specific packages run: "sudo xcode-select -r" if: ${{ contains(matrix.os, 'macos') }} + - name: Set up QEMU + uses: docker/setup-qemu-action@v1 + if: ${{ contains(matrix.os, 'ubuntu') }} + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + if: ${{ contains(matrix.os, 'ubuntu') }} - name: Check out code into the Go module directory uses: actions/checkout@v2 with: diff --git a/Makefile b/Makefile index 753fa72d7..17cc0079e 100644 --- a/Makefile +++ b/Makefile @@ -325,6 +325,8 @@ publish-packages: ifeq ($(REPO_OWNER)/$(GOOS)/$(GOARCH)/$(IS_PULL_REQUEST),kopia/linux/amd64/false) $(CURDIR)/tools/apt-publish.sh $(CURDIR)/dist $(CURDIR)/tools/rpm-publish.sh $(CURDIR)/dist + @echo $(DOCKERHUB_TOKEN) | docker login --username $(DOCKERHUB_USERNAME) --password-stdin + $(CURDIR)/tools/docker-publish.sh else @echo Not pushing to Linux repositories on pull request builds. endif diff --git a/tools/docker-publish.sh b/tools/docker-publish.sh new file mode 100755 index 000000000..386b82810 --- /dev/null +++ b/tools/docker-publish.sh @@ -0,0 +1,44 @@ +#!/bin/bash +set -e +DIST_DIR=dist +DOCKER_BUILD_DIR=tools/docker +DOCKERHUB_REPO=kopia/kopia + +cp -r "$DIST_DIR/kopia_linux_amd64/" "$DOCKER_BUILD_DIR/bin-amd64/" +cp -r "$DIST_DIR/kopia_linux_arm64/" "$DOCKER_BUILD_DIR/bin-arm64/" +cp -r "$DIST_DIR/kopia_linux_arm_6/" "$DOCKER_BUILD_DIR/bin-arm/" + +if [ "$KOPIA_VERSION_NO_PREFIX" == "" ]; then + echo KOPIA_VERSION_NO_PREFIX not set, not publishing. + exit 1 +fi + +major=$(echo $KOPIA_VERSION_NO_PREFIX | cut -f 1 -d .) +minor=$(echo $KOPIA_VERSION_NO_PREFIX | cut -f 2 -d .) +rev=$(echo $KOPIA_VERSION_NO_PREFIX | cut -f 3 -d .) + +# x.y.z +if [[ "$KOPIA_VERSION_NO_PREFIX" =~ [0-9]+\.[0-9]+\.[0-9]+$ ]]; then + extra_tags="latest testing $major $major.$minor" +fi + +# x.y.z-prerelease +if [[ "$KOPIA_VERSION_NO_PREFIX" =~ [0-9]+\.[0-9]+\.[0-9]+\-.*$ ]]; then + extra_tags="testing" +fi + +# yyyymmdd.0.hhmmss starts with 20 +if [[ "$KOPIA_VERSION_NO_PREFIX" =~ 20[0-9]+\.[0-9]+\.[0-9]+ ]]; then + extra_tags="unstable" +fi + +versioned_image=$DOCKERHUB_REPO:$KOPIA_VERSION_NO_PREFIX +tags="-t $versioned_image" +for t in $extra_tags; do + if [ "$t" != "0" ]; then + tags="$tags -t $DOCKERHUB_REPO:$t" + fi +done + +echo Building $versioned_image with tags [$tags]... +docker buildx build --platform linux/amd64,linux/arm64,linux/arm/v6 $tags --push $DOCKER_BUILD_DIR diff --git a/tools/docker/Dockerfile b/tools/docker/Dockerfile new file mode 100644 index 000000000..085498eea --- /dev/null +++ b/tools/docker/Dockerfile @@ -0,0 +1,6 @@ +FROM alpine +ARG TARGETARCH +RUN apk add --no-cache --verbose ca-certificates && adduser -D kopia && addgroup kopia kopia +USER kopia:kopia +ENTRYPOINT ["/kopia"] +COPY bin-${TARGETARCH}/kopia / diff --git a/tools/docker/Makefile b/tools/docker/Makefile new file mode 100644 index 000000000..f661483c6 --- /dev/null +++ b/tools/docker/Makefile @@ -0,0 +1,7 @@ +DOCKER_BUILD_DIR=. + +make: + cp -rv $(CURDIR)/../dist/kopia_linux_amd64/ $(DOCKER_BUILD_DIR)/bin-amd64 + cp -rv $(CURDIR)/../dist/kopia_linux_arm64/ $(DOCKER_BUILD_DIR)/bin-arm64 + cp -rv $(CURDIR)/../dist/kopia_linux_arm_6/ $(DOCKER_BUILD_DIR)/bin-arm + docker buildx build --platform linux/amd64,linux/arm64,linux/arm/v6 -t containers.jkowalski.net/kopia:latest --push $(DOCKER_BUILD_DIR) diff --git a/tools/docker/README.md b/tools/docker/README.md new file mode 100644 index 000000000..6284e7551 --- /dev/null +++ b/tools/docker/README.md @@ -0,0 +1 @@ +This is a directory for staging pre-built binaries from the `dist/` directory to prevent sending the entire codebase to the docker daemon.