diff --git a/.github/workflows/build-multiarch.yml b/.github/workflows/build-multiarch.yml index bcc9ce09..ceb33931 100644 --- a/.github/workflows/build-multiarch.yml +++ b/.github/workflows/build-multiarch.yml @@ -13,13 +13,14 @@ on: jobs: build: - if: github.repository == 'itzg/docker-minecraft-server' strategy: fail-fast: false matrix: variant: - java17 - java17-openj9 + - java17-alpine + - java8 - java8-multiarch - java8-openj9 - java11 @@ -27,47 +28,54 @@ jobs: include: - variant: java17 baseImage: eclipse-temurin:17 - tagPrefix: java17- platforms: linux/amd64,linux/arm/v7,linux/arm64 mcVersion: LATEST - variant: java17-openj9 baseImage: ibm-semeru-runtimes:open-17-jdk - tagPrefix: java17-openj9- platforms: linux/amd64,linux/arm64 mcVersion: LATEST + - variant: java17-alpine + baseImage: eclipse-temurin:17-jdk-alpine + platforms: linux/amd64 + mcVersion: LATEST + - variant: java8 + baseImage: openjdk:8-jdk-alpine3.8 + platforms: linux/amd64 + mcVersion: 1.12.2 - variant: java8-multiarch baseImage: eclipse-temurin:8-jdk - tagPrefix: java8- platforms: linux/amd64,linux/arm64 mcVersion: 1.12.2 - variant: java8-openj9 baseImage: ibm-semeru-runtimes:open-8-jdk - tagPrefix: java8-openj9- platforms: linux/amd64,linux/arm64 mcVersion: 1.12.2 - variant: java11 baseImage: adoptopenjdk:11-jdk-hotspot - tagPrefix: java11- platforms: linux/amd64,linux/arm/v7,linux/arm64 mcVersion: 1.16.5 - variant: java11-openj9 baseImage: ibm-semeru-runtimes:open-11-jdk - tagPrefix: java11-openj9- platforms: linux/amd64,linux/arm64 mcVersion: 1.16.5 env: - IMAGE_TO_TEST: itzg/minecraft-server:test-${{ matrix.variant }}-${{ github.run_id }} + IMAGE_TO_TEST: ${{ github.repository_owner }}/minecraft-server:test-${{ matrix.variant }}-${{ github.run_id }} runs-on: ubuntu-20.04 steps: - name: Checkout uses: actions/checkout@v2.4.0 + with: + # for build-files step + fetch-depth: 0 - name: Docker meta id: meta uses: docker/metadata-action@v3 with: + # NOTE for forks: if your Docker Hub organization doesn't match your Github repo's, + # then the use of ${{ github.repository_owner }} will need to be replaced. images: | - itzg/minecraft-server + ${{ github.repository_owner }}/minecraft-server tags: | type=ref,event=tag,enable=${{ matrix.variant == 'java17' }} type=ref,event=tag,suffix=-${{ matrix.variant }} @@ -89,6 +97,11 @@ jobs: username: ${{ secrets.DOCKER_USER }} password: ${{ secrets.DOCKER_PASSWORD }} + - name: Calculate build files revision + id: build-files + run: | + echo "::set-output name=REV::$(git log -1 --format=%H build)" + - name: Build for test uses: docker/build-push-action@v2.9.0 with: @@ -101,6 +114,7 @@ jobs: push: false build-args: | BASE_IMAGE=${{ matrix.baseImage }} + BUILD_FILES_REV=${{ steps.build-files.outputs.REV }} cache-from: type=gha,scope=${{ matrix.variant }} # no cache-to to avoid cross-cache update from next build step @@ -122,5 +136,6 @@ jobs: labels: ${{ steps.meta.outputs.labels }} build-args: | BASE_IMAGE=${{ matrix.baseImage }} + BUILD_FILES_REV=${{ steps.build-files-rev.outputs.REV }} cache-from: type=gha,scope=${{ matrix.variant }} cache-to: type=gha,mode=max,scope=${{ matrix.variant }} diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml deleted file mode 100644 index 621af08a..00000000 --- a/.github/workflows/main.yml +++ /dev/null @@ -1,97 +0,0 @@ -name: Build and Publish - -on: - push: - branches: - - java8 - - openj9 - - openj9-11 - - adopt11 - - test/alpine/* - tags: - - "[0-9]+.[0-9]+.[0-9]+-java8" - - "[0-9]+.[0-9]+.[0-9]+-openj9" - - "[0-9]+.[0-9]+.[0-9]+-openj9-11" - - "[0-9]+.[0-9]+.[0-9]+-openj9-nightly" - - "[0-9]+.[0-9]+.[0-9]+-adopt11" - -env: - IMAGE_TO_TEST: itzg/minecraft-server:test-${{ github.repository_owner }}-${{ github.run_id }} - -jobs: - build: - runs-on: ubuntu-20.04 - - steps: - - uses: actions/checkout@v2.4.0 - - - name: Prepare - id: prep - run: | - DOCKER_IMAGE=itzg/minecraft-server - VERSION=edge - if [[ $GITHUB_REF == refs/tags/* ]]; then - VERSION=${GITHUB_REF#refs/tags/} - fi - if [[ $GITHUB_REF == refs/heads/* ]]; then - VERSION=${GITHUB_REF#refs/heads/} - if [[ $VERSION == master ]]; then - VERSION=latest - fi - fi - TAGS="${DOCKER_IMAGE}:${VERSION//\//-}" - echo ::set-output name=tags::${TAGS} - echo ::set-output name=version::${VERSION//\//-} - - - name: Setup Docker Buildx - uses: docker/setup-buildx-action@v1 - - - name: Login to DockerHub - uses: docker/login-action@v1 - with: - username: ${{ secrets.DOCKER_USER }} - password: ${{ secrets.DOCKER_PASSWORD }} - - - name: Build for test - uses: docker/build-push-action@v2.9.0 - if: github.ref_name == 'java8' - with: - context: . - platforms: linux/amd64 - tags: ${{ env.IMAGE_TO_TEST }} - # ensure latest base image is used - pull: true - load: true - push: false - cache-from: type=gha - cache-to: type=gha,mode=max - - - name: Run tests - if: github.ref_name == 'java8' - run: | - tests/test.sh - env: - MINECRAFT_VERSION: 1.12.2 - - - name: Build and push - id: docker_build - uses: docker/build-push-action@v2.9.0 - with: - context: . - file: ./Dockerfile - # ensure latest base image is used - pull: true - # publish - push: true - # tags determined by prep step - tags: ${{ steps.prep.outputs.tags }} - cache-from: type=gha - cache-to: type=gha,mode=max - labels: | - org.opencontainers.image.documentation=https://github.com/itzg/docker-minecraft-server - org.opencontainers.image.version=${{ steps.prep.outputs.version }} - org.opencontainers.image.source=https://github.com/itzg/docker-minecraft-server - org.opencontainers.image.revision=${{ github.sha }} - - - name: Image digest - run: echo ${{ steps.docker_build.outputs.digest }} diff --git a/DEVELOPMENT.md b/DEVELOPMENT.md index b6782122..fd9db8eb 100644 --- a/DEVELOPMENT.md +++ b/DEVELOPMENT.md @@ -83,31 +83,6 @@ Note the port that was selected by http-server and pass the build arguments, suc Now the image can be built like normal and it will install mc-image-helper from the locally built copy. -## Multi-base-image variants - -Several base-image variants are maintained in order to offer choices in JDK provider and version. The variants are maintained in their respective branches: -- openj9 -- openj9-nightly -- adopt11 -- adopt13 -- multiarch - -The [docker-versions-create.sh](docker-versions-create.sh) script is configured with the branches to maintain and is used to merge changes from the master branch into the mulit-base variant branches. The script also manages git tagging the master branch along with the merged branches. So a typical use of the script would be like: - -```shell script -./docker-versions-create.sh -s -t 1.2.0 -``` - -> Most often the major version will be bumped unless a bug or hotfix needs to be published in which case the patch version should be incremented. - -> The build and publishing of those branches and their tags is currently performed within Docker Hub. - -## multiarch support - -The [multiarch branch](https://github.com/itzg/docker-minecraft-server/tree/multiarch) supports running the image on amd64, arm64, and armv7 (aka RaspberryPi). Unlike the mainline branches, it is based on Ubuntu 18.04 since the openjdk package provided by Ubuntu includes full JIT support on all of the processor types. - -The multiarch images are built and published by [a Github action](https://github.com/itzg/docker-minecraft-server/actions?query=workflow%3A%22Build+and+publish+multiarch%22), which [is configured in that branch](https://github.com/itzg/docker-minecraft-server/blob/multiarch/.github/workflows/build-multiarch.yml). - ## Generating release notes The following git command can be used to provide the bulk of release notes content: @@ -115,25 +90,3 @@ The following git command can be used to provide the bulk of release notes conte ```shell script git log --invert-grep --grep "^ci:" --grep "^misc:" --grep "^docs:" --pretty="* %s" 1.1.0..1.2.0 ``` -## Tracking changes from master without content - -The following script uses the [ours](https://git-scm.com/docs/merge-strategies#Documentation/merge-strategies.txt-ours) merging strategy to track the history from master into the other branches without actually bringing the changes over. It is useful when a change is specific to master only, such as bumping the base Java version for the `latest` image tag. - -```shell -branches=( - java8 - java8-multiarch - java8-openj9 - java11 - java11-openj9 - java16 - java16-openj9 - java17 -) - -for b in "${branches[@]}"; do - git checkout "$b" - git merge -s ours -m "Track latest from master" master - git push origin -done -``` diff --git a/Dockerfile b/Dockerfile index f5b32978..61a9a26e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,31 +1,16 @@ +# syntax = docker/dockerfile:1.3 + ARG BASE_IMAGE=eclipse-temurin:17-jdk FROM ${BASE_IMAGE} -RUN apt-get update \ - && DEBIAN_FRONTEND=noninteractive \ - apt-get install -y \ - imagemagick \ - file \ - gosu \ - sudo \ - net-tools \ - iputils-ping \ - curl \ - git \ - jq \ - dos2unix \ - mysql-client \ - tzdata \ - rsync \ - nano \ - unzip \ - zstd \ - knockd \ - ttf-dejavu \ - && apt-get clean +# CI system should set this to a hash or git revision of the build directory and it's contents to +# ensure consistent cache updates. +ARG BUILD_FILES_REV=1 +RUN --mount=target=/build,source=build \ + REV=${BUILD_FILES_REV} /build/run.sh install-packages -RUN addgroup --gid 1000 minecraft \ - && adduser --system --shell /bin/false --uid 1000 --ingroup minecraft --home /data minecraft +RUN --mount=target=/build,source=build \ + REV=${BUILD_FILES_REV} /build/run.sh setup-user COPY --chmod=644 files/sudoers* /etc/sudoers.d diff --git a/build/alpine/install-packages.sh b/build/alpine/install-packages.sh new file mode 100755 index 00000000..b567088a --- /dev/null +++ b/build/alpine/install-packages.sh @@ -0,0 +1,26 @@ +#!/bin/sh + +set -e + +apk add --no-cache -U \ + openssl \ + imagemagick \ + file \ + lsof \ + su-exec \ + coreutils \ + findutils \ + shadow \ + bash \ + curl iputils \ + git \ + jq \ + mysql-client \ + tzdata \ + rsync \ + nano \ + sudo \ + knock \ + ttf-dejavu \ + tar \ + zstd \ No newline at end of file diff --git a/build/alpine/setup-user.sh b/build/alpine/setup-user.sh new file mode 100755 index 00000000..c84bf861 --- /dev/null +++ b/build/alpine/setup-user.sh @@ -0,0 +1,6 @@ +#!/bin/sh + +set -e + +addgroup -g 1000 minecraft +adduser -Ss /bin/false -u 1000 -G minecraft -h /home/minecraft minecraft diff --git a/build/run.sh b/build/run.sh new file mode 100755 index 00000000..d2a41cb5 --- /dev/null +++ b/build/run.sh @@ -0,0 +1,7 @@ +#!/bin/sh + +set -e + +distro=$(cat /etc/os-release | grep -E "^ID=" | cut -d= -f2 | sed -e 's/"//g') + +"$(dirname "$0")/${distro}/$1".sh \ No newline at end of file diff --git a/build/ubuntu/install-packages.sh b/build/ubuntu/install-packages.sh new file mode 100755 index 00000000..f37d946d --- /dev/null +++ b/build/ubuntu/install-packages.sh @@ -0,0 +1,28 @@ +#!/bin/sh + +set -e + +apt-get update + +DEBIAN_FRONTEND=noninteractive \ +apt-get install -y \ + imagemagick \ + file \ + gosu \ + sudo \ + net-tools \ + iputils-ping \ + curl \ + git \ + jq \ + dos2unix \ + mysql-client \ + tzdata \ + rsync \ + nano \ + unzip \ + zstd \ + knockd \ + ttf-dejavu + +apt-get clean \ No newline at end of file diff --git a/build/ubuntu/setup-user.sh b/build/ubuntu/setup-user.sh new file mode 100755 index 00000000..462f56b3 --- /dev/null +++ b/build/ubuntu/setup-user.sh @@ -0,0 +1,6 @@ +#!/bin/sh + +set -e + +addgroup --gid 1000 minecraft +adduser --system --shell /bin/false --uid 1000 --ingroup minecraft --home /data minecraft \ No newline at end of file diff --git a/docker-versions-create.sh b/docker-versions-create.sh deleted file mode 100755 index 8eeb7310..00000000 --- a/docker-versions-create.sh +++ /dev/null @@ -1,151 +0,0 @@ -#!/bin/bash -#set -x -# Use this variable to indicate a list of branches that docker hub is watching -branches_list=( - 'java8' - ) - -function TrapExit { - echo "Checking out back in master" - git checkout master -} - -batchMode=false - -while getopts "hbt:s" arg -do - case $arg in - b) - batchMode=true - ;; - t) - tag=${OPTARG} - ;; - s) - tagArgs="-s -m 'Signed during docker-versions-create" - ;; - h) - echo " -Usage $0 [options] - -Options: - -b enable batch mode, which avoids interactive prompts and causes script to fail immediately - when any merge fails - -t TAG tag and push the current revision on master with the given tag - and apply respective tags to each branch - -s enable signed tags - -h display this help and exit -" - exit - ;; - *) - echo "Unsupported arg $arg" - exit 2 - ;; - esac -done - -${batchMode} && echo "Using batch mode" - -trap TrapExit EXIT SIGTERM - -test -d ./.git || { echo ".git folder was not found. Please start this script from root directory of the project!"; - exit 1; } - -# Making sure we are in master -git checkout master -git pull --all || { echo "Can't pull the repo!"; \ - exit 1; } -if [[ $tag ]]; then - git tag $tag - git push origin $tag -fi - -git_branches=$(git branch -a) - -for branch in "${branches_list[@]}"; do - if [[ "$git_branches" != *"$branch"* ]]; then - echo "Can't update $branch because I can't find it in the list of branches." - exit 1 - else - echo "Branch $branch found. Working with it." - git checkout "$branch" || { echo "Can't checkout into the branch. Don't know the cause."; \ - exit 1; } - proceed='False' - while [[ "$proceed" == "False" ]]; do - # Ensure local branch is aligned with remote since docker-versions-create may have been run elsewhere - git pull - - if git merge -m 'Auto-merging via docker-versions-create' master; then - proceed="True" - echo "Branch $branch updated to current master successfully" - # pushing changes to remote for this branch - git commit -m "Auto merge branch with master" -a - # push may fail if remote doesn't have this branch yet. In this case - sending branch - git push || git push -u origin "$branch" || { echo "Can't push changes to the origin."; exit 1; } - if [[ $tag ]]; then - git tag "$tag-$branch" - git push origin "$tag-$branch" - fi - elif ${batchMode}; then - status=$? - echo "Git merge failed in batch mode" - exit ${status} - # and trap exit gets us back to master - else - cat< /etc/nsswitch.conf fi - exec gosu ${runAsUser}:${runAsGroup} ${SCRIPTS:-/}start-configuration "$@" + distro=$(getDistro) + if [[ $distro == alpine ]]; then + exec su-exec ${runAsUser}:${runAsGroup} "${SCRIPTS:-/}start-configuration" "$@" + else + exec gosu ${runAsUser}:${runAsGroup} "${SCRIPTS:-/}start-configuration" "$@" + fi else - exec ${SCRIPTS:-/}start-configuration "$@" + exec "${SCRIPTS:-/}start-configuration" "$@" fi diff --git a/scripts/start-utils b/scripts/start-utils index 4ea08b08..5d1cf91a 100755 --- a/scripts/start-utils +++ b/scripts/start-utils @@ -227,7 +227,7 @@ function extract() { application/zip) unzip -q -d "${destDir}" "${src}" ;; - application/x-tar|application/gzip|application/x-gzip|application/x-bzip2|application/zstd) + application/x-tar|application/gzip|application/x-gzip|application/x-bzip2|application/zstd|application/x-zstd) tar -C "${destDir}" -xf "${src}" ;; *) @@ -237,11 +237,15 @@ function extract() { esac } +function getDistro() { + cat /etc/os-release | grep -E "^ID=" | cut -d= -f2 | sed -e 's/"//g' +} + function checkSum() { local sum_file=${1?} # Get distro - distro=$(cat /etc/os-release | grep -E "^ID=" | cut -d= -f2 | sed -e 's/"//g') + distro=$(getDistro) if [ "${distro}" == "debian" ] && sha1sum -c "${sum_file}" --status 2> /dev/null; then return 0 diff --git a/tests/setuponlytests/test.sh b/tests/setuponlytests/test.sh index 748b31ad..4c0ca279 100644 --- a/tests/setuponlytests/test.sh +++ b/tests/setuponlytests/test.sh @@ -40,7 +40,7 @@ $logs echo "${folder} PASS" fi - docker-compose down -v --remove-orphans + docker-compose down -v --remove-orphans > /dev/null cd .. return $result