Merge pull request #5 from offen/multiarch

Build image for arm architectures
build image for arm architectures
2025-12-05 09:08:02 +01:00 · 2021-07-01 14:22:54 +02:00 · 2021-07-01 14:19:55 +02:00 · 2021-06-28 20:25:21 +02:00 · 2021-06-26 21:19:35 +02:00 · 2021-06-26 21:16:22 +02:00
6 changed files with 86 additions and 26 deletions
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -1,40 +1,70 @@
 version: 2.1

 jobs:
-  build:
+  canary:
    docker:
      - image: cimg/base:2020.06
    working_directory: ~/docker-volume-backup
    steps:
      - checkout
-      - setup_remote_docker
+      - setup_remote_docker:
+          version: 20.10.6
      - run:
          name: Build
-          command: make build
-      - run:
-          name: Check if image needs to be pushed
          command: |
-            if [[ -z "$CIRCLE_TAG" ]]; then
-              echo "Not a git tag, nothing to do ..."
-              circleci-agent step halt
+            docker build . -t offen/docker-volume-backup:canary
+      - run:
+          name: Create container from image
+          command: |
+            docker run -d offen/docker-volume-backup:canary
+            echo "Sleeping for 30s before checking if container is still running."
+            sleep 30
+            count=$(docker ps -q | wc -l)
+            if [[ $count != "1" ]]; then
+              echo "Expected one container to be running, found $count."
+              exit 1
            fi
+            docker stop $(docker ps -q)
+
+  build:
+    docker:
+      - image: cimg/base:2020.06
+        environment:
+          DOCKER_BUILDKIT: '1'
+          DOCKER_CLI_EXPERIMENTAL: enabled
+    working_directory: ~/docker-volume-backup
+    steps:
+      - checkout
+      - setup_remote_docker:
+          version: 20.10.6
      - docker/install-docker-credential-helper
      - docker/configure-docker-credentials-store
      - run:
          name: Push to Docker Hub
          command: |
            echo "$DOCKER_ACCESSTOKEN" | docker login --username offen --password-stdin
-            docker tag offen/docker-volume-backup:local offen/docker-volume-backup:$CIRCLE_TAG
-            docker tag offen/docker-volume-backup:local offen/docker-volume-backup:latest
-            docker push offen/docker-volume-backup:$CIRCLE_TAG
-            docker push offen/docker-volume-backup:latest
+            # This is required for building ARM: https://gitlab.alpinelinux.org/alpine/aports/-/issues/12406
+            docker run --rm --privileged linuxkit/binfmt:v0.8
+            docker context create docker-volume-backup
+            docker buildx create docker-volume-backup --name docker-volume-backup --use
+            docker buildx inspect --bootstrap
+            docker buildx build --platform linux/arm64,linux/amd64 \
+              -t offen/docker-volume-backup:$CIRCLE_TAG \
+              -t offen/docker-volume-backup:latest \
+              . --push

 workflows:
  version: 2
-  deploy:
+  docker_image:
    jobs:
+      - canary:
+          filters:
+            tags:
+              ignore: /^v.*/
      - build:
          filters:
+            branches:
+              ignore: /.*/
            tags:
              only: /^v.*/

--- a/6
+++ b/6
@@ -1,14 +1,16 @@
 # Copyright 2021 - Offen Authors <hioffen@posteo.de>
 # SPDX-License-Identifier: MIT

-FROM alpine:3.13
+FROM alpine:3.14

 WORKDIR /root

 RUN apk add --update ca-certificates docker openrc gnupg
+RUN update-ca-certificates
 RUN rc-update add docker boot

-RUN wget https://dl.min.io/client/mc/release/linux-amd64/mc && \
+ARG TARGETARCH=amd64
+RUN wget https://dl.min.io/client/mc/release/linux-$TARGETARCH/mc && \
  chmod +x mc && \
  mv mc /usr/bin/mc

--- a/5
+++ b/5
@@ -1,5 +0,0 @@
-DOCKER_TAG ?= local
-
-.PHONY: build
-build:
-	@docker build -t offen/docker-volume-backup:$(DOCKER_TAG) .
--- a/README.md
+++ b/README.md
@@ -38,11 +38,39 @@ AWS_S3_BUCKET_NAME="<xxx>"

 # BACKUP_RETENTION_DAYS="7"

+# In case the duration a backup takes fluctuates noticeably in your setup
+# you can adjust this setting to make sure there are no race conditions
+# between the backup finishing and the pruning not deleting backups that
+# sit on the very edge of the time window. Set this value to a duration
+# that is expected to be bigger than the maximum difference of backups.
+# Valid values have a suffix of (s)econds, (m)inutes, (h)ours, or (d)ays.
+
+# BACKUP_PRUNING_LEEWAY="10m"
+
 ########### BACKUP ENCRYPTION

 # Backups can be encrypted using gpg in case a passphrase is given

 # GPG_PASSPHRASE="<xxx>"
+
+########### STOPPING CONTAINERS DURING BACKUP
+
+# Containers can be stopped by applying a
+# `docker-volume-backup.stop-during-backup` label. By default, all containers
+# that are labeled with `true` will be stopped. If you need more fine grained
+# control (e.g. when running multiple containers based on this image), you can
+# override this default by specifying a different value here.
+
+# BACKUP_STOP_CONTAINER_LABEL="service1"
+
+########### MINIO CLIENT CONFIGURATION
+
+# Pass these additional flags to all MinIO client `mc` invocations.
+# This can be used for example to pass `--insecure` when using self
+# signed certificates, or passing `--debug` to gain insights on
+# unexpected behavior.
+
+# MC_GLOBAL_OPTIONS="<xxx>"
 ```

 ## Example in a docker-compose setup
@@ -86,3 +114,4 @@ This image is heavily inspired by the `futurice/docker-volume-backup`. We decide
 - This image makes use of the MinIO client `mc` instead of the full blown AWS CLI for uploading backups.
 - The original image proposed to handle backup rotation through AWS S3 lifecycle policies. This image adds the option to rotate old backups through the same script so this functionality can also be offered for non-AWS storage backends like MinIO.
 - InfluxDB specific functionality was removed.
+- `arm64` Architecture is supported.
--- a/src/backup.sh
+++ b/src/backup.sh
@@ -19,7 +19,7 @@ if [ -S "$DOCKER_SOCK" ]; then
  TEMPFILE="$(mktemp)"
  docker ps \
    --format "{{.ID}}" \
-    --filter "label=docker-volume-backup.stop-during-backup=true" \
+    --filter "label=docker-volume-backup.stop-during-backup=$BACKUP_STOP_CONTAINER_LABEL" \
    > "$TEMPFILE"
  CONTAINERS_TO_STOP="$(cat $TEMPFILE | tr '\n' ' ')"
  CONTAINERS_TO_STOP_TOTAL="$(cat $TEMPFILE | wc -l)"
@@ -58,7 +58,7 @@ fi
 if [ ! -z "$AWS_S3_BUCKET_NAME" ]; then
  info "Uploading backup to remote storage"
  echo "Will upload to bucket \"$AWS_S3_BUCKET_NAME\"."
-  mc cp "$BACKUP_FILENAME" "backup-target/$AWS_S3_BUCKET_NAME"
+  mc cp $MC_GLOBAL_OPTIONS "$BACKUP_FILENAME" "backup-target/$AWS_S3_BUCKET_NAME"
  echo "Upload finished."
 fi

@@ -76,14 +76,14 @@ if [ ! -z "$BACKUP_RETENTION_DAYS" ]; then
  sleep "$BACKUP_PRUNING_LEEWAY"
  bucket=$AWS_S3_BUCKET_NAME

-  rule_applies_to=$(mc rm --fake --recursive -force --older-than "${BACKUP_RETENTION_DAYS}d" "backup-target/$bucket" | wc -l)
+  rule_applies_to=$(mc rm $MC_GLOBAL_OPTIONS --fake --recursive -force --older-than "${BACKUP_RETENTION_DAYS}d" "backup-target/$bucket" | wc -l)
  if [ "$rule_applies_to" == "0" ]; then
    echo "No backups found older than the configured retention period of $BACKUP_RETENTION_DAYS days."
    echo "Doing nothing."
    exit 0
  fi

-  total=$(mc ls "backup-target/$bucket" | wc -l)
+  total=$(mc ls $MC_GLOBAL_OPTIONS "backup-target/$bucket" | wc -l)

  if [ "$rule_applies_to" == "$total" ]; then
    echo "Using a retention of ${BACKUP_RETENTION_DAYS} days would prune all currently existing backups, will not continue."
@@ -91,6 +91,6 @@ if [ ! -z "$BACKUP_RETENTION_DAYS" ]; then
    exit 1
  fi

-  mc rm --recursive -force --older-than "${BACKUP_RETENTION_DAYS}d" "backup-target/$bucket"
+  mc rm $MC_GLOBAL_OPTIONS --recursive -force --older-than "${BACKUP_RETENTION_DAYS}d" "backup-target/$bucket"
  echo "Successfully pruned ${rule_applies_to} backups older than ${BACKUP_RETENTION_DAYS} days."
 fi
--- a/src/entrypoint.sh
+++ b/src/entrypoint.sh
@@ -21,11 +21,15 @@ AWS_S3_BUCKET_NAME="${AWS_S3_BUCKET_NAME:-}"
 AWS_ENDPOINT="${AWS_ENDPOINT:-s3.amazonaws.com}"

 GPG_PASSPHRASE="${GPG_PASSPHRASE:-}"
+
+BACKUP_STOP_CONTAINER_LABEL="${BACKUP_STOP_CONTAINER_LABEL:-true}"
+
+MC_GLOBAL_OPTIONS="${MC_GLOBAL_OPTIONS:-}"
 EOF
 chmod a+x env.sh
 source env.sh

-mc alias set backup-target "https://$AWS_ENDPOINT" "$AWS_ACCESS_KEY_ID" "$AWS_SECRET_ACCESS_KEY"
+mc $MC_GLOBAL_OPTIONS alias set backup-target "https://$AWS_ENDPOINT" "$AWS_ACCESS_KEY_ID" "$AWS_SECRET_ACCESS_KEY"

 # Add our cron entry, and direct stdout & stderr to Docker commands stdout
 echo "Installing cron.d entry with expression $BACKUP_CRON_EXPRESSION."
Author	SHA1	Message	Date
Frederik Ring	c33ebc0c70	Merge pull request #5 from offen/multiarch Build image for arm architectures	2021-07-01 14:22:54 +02:00
Frederik Ring	23c287bfc7	build image for arm architectures	2021-07-01 14:19:55 +02:00
Frederik Ring	5be3c36040	update alpine base image to 3.14	2021-06-28 20:25:21 +02:00
Frederik Ring	57afad5727	Merge pull request #4 from offen/stop-label Allow for making container stop filter configurable	2021-06-26 21:19:35 +02:00
Frederik Ring	bafca7bb85	allow for making container stop filter configurable	2021-06-26 21:16:22 +02:00
Frederik Ring	84afc43fd8	Merge pull request #2 from offen/mc-extra-flags Allow passing custom arguments to minio client	2021-05-25 07:37:00 +02:00
Frederik Ring	1af345061c	use global options naming to be in line with minio docs	2021-05-25 07:35:21 +02:00
Frederik Ring	5368eb8c5e	allow passing custom arguments to minio client	2021-05-24 20:34:30 +02:00
Frederik Ring	5978a897ad	document leeway option when pruning	2021-04-08 17:24:44 +02:00