Add config for goreleaser, document release process

2025-10-19 15:43:21 +00:00 · 2020-04-13 18:15:20 +02:00 · 2020-04-13 18:15:20 +02:00 · 6e44dd8eae
commit 6e44dd8eae
parent 20603b1622
5 changed files with 184 additions and 148 deletions
--- a/.goreleaser.yml
+++ b/.goreleaser.yml
@ -0,0 +1,107 @@
 ---
 before:
  # Run a few commands to check the state of things. When anything is changed
  # in files commited to the repo, goreleaser will abort before building
  # anything because the git checkout is dirty.
  hooks:
    # make sure all modules are available
    - go mod download
    # make sure all generated code is up to date
    - go generate ./...
    # check that $VERSION is set
    - test -n "{{ .Env.VERSION }}"
    # make sure the file VERSION contains the latest version (used for build.go)
    - bash -c 'echo "{{ .Env.VERSION }}" > VERSION'
    # make sure the file CHANGELOG.md is up to date
    - calens --output CHANGELOG.md
 # build a single binary
 builds:
  -
    # make sure everything is statically linked by disabling cgo altogether
    env:
      - CGO_ENABLED=0
    # set the package for the main binary
    main: ./cmd/rest-server
    flags:
      # don't include any paths to source files in the resulting binary
      - -trimpath
    ldflags:
      # set the version variable in the main package
      - "-s -w -X main.version={{ .Version }}"
    # list all operating systems and architectures we build binaries for
    goos:
      - linux
      - darwin
      - windows
      - freebsd
      - netbsd
      - openbsd
      - dragonfly
      - plan9
      - solaris
    goarch:
      - amd64
      - 386
      - arm
      - arm64
      - mips
      - mips64
      - mips64le
      - ppc64
      - ppc64le
    goarm:
      - 6
      - 7
 # configure the resulting archives to create
 archives:
  -
    # package a directory which contains the source file
    wrap_in_directory: true
    # add these files to all archives
    files:
      - LICENSE
      - README.md
      - CHANGELOG.md
 # also build an archive of the source code
 source:
  enabled: true
 # build a file containing the SHA256 hashes
 checksum:
  name_template: 'SHA256SUMS'
 # sign the checksum file
 signs:
  - artifacts: checksum
    signature: "${artifact}.asc"
    args:
      - "--armor"
      - "--output"
      - "${signature}"
      - "--detach-sign"
      - "${artifact}"
 # do not generate a changelog file, we're using calens for that
 changelog:
  skip: true
 # configure building the rest-server docker image
 dockers:
  - image_templates:
      - restic/rest-server:latest
      - restic/rest-server:{{ .Version }}
    build_flag_templates:
      - "--pull"
    extra_files:
      - docker/create_user
      - docker/delete_user
      - docker/entrypoint.sh
--- a/8
+++ b/8
@ -5,12 +5,12 @@ ENV PASSWORD_FILE /data/.htpasswd
 RUN apk add --no-cache --update apache2-utils
-COPY rest-server docker/*_user /usr/bin/
+COPY docker/create_user /usr/bin/
 COPY docker/delete_user /usr/bin/
 COPY docker/entrypoint.sh /entrypoint.sh
 COPY rest-server /usr/bin
 VOLUME /data
 EXPOSE 8000
 COPY docker/entrypoint.sh /entrypoint.sh
 CMD [ "/entrypoint.sh" ]
--- a/39
+++ b/39
@ -1,39 +0,0 @@
 # Copyright © 2017 Zlatko Čalušić
 #
 # Use of this source code is governed by an MIT-style license that can be found in the LICENSE file.
 #
 DOCKER_IMAGE ?= restic/rest-server
 REST_SERVER_VERSION := $(strip $(shell cat VERSION))
 .PHONY: default rest-server install uninstall docker_build docker_push clean
 default: rest-server
 rest-server:
 	@go run build.go
 install: rest-server
 	/usr/bin/install -m 755 rest-server /usr/local/bin/rest-server
 uninstall:
 	rm -f /usr/local/bin/rest-server
 docker_build:
 	docker pull golang:alpine
 	docker run --rm -it \
 		-v $(CURDIR):/go/src/github.com/restic/rest-server \
 		-w /go/src/github.com/restic/rest-server \
 		golang:alpine \
 		go run build.go
 	docker pull alpine
 	docker build -t $(DOCKER_IMAGE):$(REST_SERVER_VERSION) .
 	docker tag $(DOCKER_IMAGE):$(REST_SERVER_VERSION) $(DOCKER_IMAGE):latest
 docker_push:
 	docker push $(DOCKER_IMAGE):$(REST_SERVER_VERSION)
 	docker push $(DOCKER_IMAGE):latest
 clean:
 	rm -f rest-server
--- a/README.md
+++ b/README.md
@ -12,98 +12,73 @@ Rest Server is a high performance HTTP server that implements restic's [REST bac
 ## Requirements
-Rest Server requires Go 1.11 or higher to build.  The only tested compiler is the official Go compiler.  Building server with gccgo may work, but is not supported.
+Rest Server requires Go 1.11 or higher to build.  The only tested compiler is the official Go compiler.  Building server with `gccgo` may work, but is not supported.
-The required version of restic backup client to use with Rest Server is [v0.7.1](https://github.com/restic/restic/releases/tag/v0.7.1) or higher.
+The required version of restic backup client to use with `rest-server` is [v0.7.1](https://github.com/restic/restic/releases/tag/v0.7.1) or higher.
-## Installation
+## Build
-### From source
+For building the `rest-server` binary run `CGO_ENABLED=0 go build -o rest-server ./cmd/rest-server`
-#### Build
+## Docker
-```make```
+### Build image
-or
+Put the `rest-server` binary in the current directory, then run:
-```go run build.go```
+    docker build -t restic/rest-server:latest .
 If all goes well, you'll find the binary in the current directory.
-Alternatively, you can compile and install it in your $GOBIN with a standard `go install ./cmd/rest-server`.  But, beware, you won't have version info built into binary when compiled that way!
+### Pull image
-#### Install
+    docker pull restic/rest-server
 ```make install```
 Installs the binary as `/usr/local/bin/rest-server`.
 Alternatively, you can install it manually anywhere you want.  It's a single binary, there are no dependencies.
 ### Docker
 #### Build image
 ```make docker_build```
 #### Pull image 
 ```docker pull restic/rest-server```
 ## Usage
 To learn how to use restic backup client with REST backend, please consult [restic manual](http://restic.readthedocs.io/en/latest/030_preparing_a_new_repo.html#rest-server).
-```
+    $ rest-server --help
 rest-server --help
-Run a REST server for use with restic
+    Run a REST server for use with restic
-Usage:
+    Usage:
-  rest-server [flags]
+      rest-server [flags]
-Flags:
+    Flags:
-      --append-only         enable append only mode
+          --append-only          enable append only mode
-      --cpu-profile string  write CPU profile to file
+          --cpu-profile string   write CPU profile to file
-      --debug               output debug messages
+          --debug                output debug messages
-  -h, --help                help for rest-server
+      -h, --help                 help for rest-server
-      --listen string       listen address (default ":8000")
+          --listen string        listen address (default ":8000")
-      --log string          log HTTP requests in the combined log format
+          --log string           log HTTP requests in the combined log format
-      --no-auth             disable .htpasswd authentication
+          --max-size int         the maximum size of the repository in bytes
-      --path string         data directory (default "/tmp/restic")
+          --no-auth              disable .htpasswd authentication
-      --private-repos       users can only access their private repo
+          --path string          data directory (default "/tmp/restic")
-      --prometheus          enable Prometheus metrics
+          --private-repos        users can only access their private repo
-      --tls                 turn on TLS support
+          --prometheus           enable Prometheus metrics
-      --tls-cert string     TLS certificate path
+          --tls                  turn on TLS support
-      --tls-key string      TLS key path
+          --tls-cert string      TLS certificate path
-  -V, --version             show version and quit
+          --tls-key string       TLS key path
-
+      -V, --version              output version and exit
 ```
 By default the server persists backup data in `/tmp/restic`.  To start the server with a custom persistence directory and with authentication disabled:
-```
+    rest-server --path /user/home/backup --no-auth
 rest-server --path /user/home/backup --no-auth
 ```
 To authenticate users (for access to the rest-server), the server supports using a `.htpasswd` file to specify users. You can create such a file at the root of the persistence directory by executing the following command (note that you need the `htpasswd` program from Apache's http-tools).  In order to append new user to the file, just omit the `-c` argument.  Only bcrypt and SHA encryption methods are supported, so use -B (very secure) or -s (insecure by today's standards) when adding/changing passwords.
-```
+    htpasswd -B -c .htpasswd username
 htpasswd -B -c .htpasswd username
 ```
-If you want to disable authentication, you must add the `--no-auth` flag. If this flag is not specified and the `.htpasswd` cannot be opened, rest-server will refuse to start. 
+If you want to disable authentication, you must add the `--no-auth` flag. If this flag is not specified and the `.htpasswd` cannot be opened, rest-server will refuse to start.
 NOTE: In older versions of rest-server (up to 0.9.7), this flag does not exist and the server disables authentication if `.htpasswd` is missing or cannot be opened.
-By default the server uses HTTP protocol.  This is not very secure since with Basic Authentication, username and passwords will travel in cleartext in every request.  In order to enable TLS support just add the `--tls` argument and add a private and public key at the root of your persistence directory. You may also specify private and public keys by `--tls-cert` and `--tls-key`.
+By default the server uses HTTP protocol.  This is not very secure since with Basic Authentication, user name and passwords will be sent in clear text in every request.  In order to enable TLS support just add the `--tls` argument and add a private and public key at the root of your persistence directory. You may also specify private and public keys by `--tls-cert` and `--tls-key`.
 Signed certificate is required by the restic backend, but if you just want to test the feature you can generate unsigned keys with the following commands:
-```
+    openssl genrsa -out private_key 2048
-openssl genrsa -out private_key 2048
+    openssl req -new -x509 -key private_key -out public_key -days 365
 openssl req -new -x509 -key private_key -out public_key -days 365
 ```
 The `--append-only` mode allows creation of new backups but prevents deletion and modification of existing backups. This can be useful when backing up systems that have a potential of being hacked.
@ -123,9 +98,7 @@ Persistent data volume is located to `/data`.
 #### Start server
-```
+    docker run -p 8000:8000 -v /my/data:/data --name rest_server restic/rest-server
 docker run -p 8000:8000 -v /my/data:/data --name rest_server restic/rest-server
 ```
 It's suggested to set a container name to more easily manage users (see next section).
@ -135,21 +108,15 @@ You can set environment variable `OPTIONS` to any extra flags you'd like to pass
 ##### Add user
-```
+    docker exec -it rest_server create_user myuser
 docker exec -it rest_server create_user myuser
 ```
 or
-```
+    docker exec -it rest_server create_user myuser mypassword
 docker exec -it rest_server create_user myuser mypassword
 ```
 ##### Delete user
-```
+    docker exec -it rest_server delete_user myuser
 docker exec -it rest_server delete_user myuser
 ```
 ## Prometheus support and Grafana dashboard
@ -170,35 +137,3 @@ Finally, the Rest Server implementation is really simple and as such could be us
 ## Contributors
 Contributors are welcome, just open a new issue / pull request.
 ## License
 ```
 The BSD 2-Clause License
 Copyright © 2015, Bertil Chapuis
 Copyright © 2016, Zlatko Čalušić, Alexander Neumann
 Copyright © 2017, The Rest Server Authors
 All rights reserved.
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are met:
 * Redistributions of source code must retain the above copyright notice, this
  list of conditions and the following disclaimer.
 * Redistributions in binary form must reproduce the above copyright notice,
  this list of conditions and the following disclaimer in the documentation
  and/or other materials provided with the distribution.
 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
 DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
 FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
 SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
 CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
 OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 ```
--- a/Release.md
+++ b/Release.md
@ -0,0 +1,33 @@
 1. Export `$VERSION`:
      export VERSION=0.10.0
 2. Add new version to file VERSION:
      echo "${VERSION}" | tee VERSION && git commit -m "Update VERSION file for ${VERSION}" VERSION
 3. Move changelog files for `calens`:
      mv changelog/unreleased "changelog/${VERSION}_$(date +%Y-%m-%d)"
      git add "changelog/${VERSION}"*
      git rm -r changelog/unreleased
      git commit -m "Move changelog files for ${VERSION}" changelog/{unreleased,"${VERSION}"*}
 4. Generate changelog:
      calens > CHANGELOG.md
      git add CHANGELOG.md
      git commit -m "Generate CHANGELOG.md for ${VERSION}" CHANGELOG.md
 5. Tag new version and push the tag:
      git tag -a -s -m "v${VERSION}" "v${VERSION}"
      git push --tags
 6. Build the project (use `--skip-publish` for testing):
      goreleaser \
        release \
        --config ../.goreleaser.yml \
        --release-notes <(calens --template changelog/CHANGELOG-GitHub.tmpl --version "${VERSION}")