Add config for goreleaser, document release process

.goreleaser.yml

@@ -0,0 +1,107 @@
+---
+before:
+  # Run a few commands to check the state of things. When anything is changed
+  # in files commited to the repo, goreleaser will abort before building
+  # anything because the git checkout is dirty.
+  hooks:
+    # make sure all modules are available
+    - go mod download
+    # make sure all generated code is up to date
+    - go generate ./...
+    # check that $VERSION is set
+    - test -n "{{ .Env.VERSION }}"
+    # make sure the file VERSION contains the latest version (used for build.go)
+    - bash -c 'echo "{{ .Env.VERSION }}" > VERSION'
+    # make sure the file CHANGELOG.md is up to date
+    - calens --output CHANGELOG.md
+
+# build a single binary
+builds:
+  -
+    # make sure everything is statically linked by disabling cgo altogether
+    env:
+      - CGO_ENABLED=0
+
+    # set the package for the main binary
+    main: ./cmd/rest-server
+
+    flags:
+      # don't include any paths to source files in the resulting binary
+      - -trimpath
+
+    ldflags:
+      # set the version variable in the main package
+      - "-s -w -X main.version={{ .Version }}"
+
+    # list all operating systems and architectures we build binaries for
+    goos:
+      - linux
+      - darwin
+      - windows
+      - freebsd
+      - netbsd
+      - openbsd
+      - dragonfly
+      - plan9
+      - solaris
+
+    goarch:
+      - amd64
+      - 386
+      - arm
+      - arm64
+      - mips
+      - mips64
+      - mips64le
+      - ppc64
+      - ppc64le
+    goarm:
+      - 6
+      - 7
+
+# configure the resulting archives to create
+archives:
+  -
+    # package a directory which contains the source file
+    wrap_in_directory: true
+
+    # add these files to all archives
+    files:
+      - LICENSE
+      - README.md
+      - CHANGELOG.md
+
+# also build an archive of the source code
+source:
+  enabled: true
+
+# build a file containing the SHA256 hashes
+checksum:
+  name_template: 'SHA256SUMS'
+
+# sign the checksum file
+signs:
+  - artifacts: checksum
+    signature: "${artifact}.asc"
+    args:
+      - "--armor"
+      - "--output"
+      - "${signature}"
+      - "--detach-sign"
+      - "${artifact}"
+
+# do not generate a changelog file, we're using calens for that
+changelog:
+  skip: true
+
+# configure building the rest-server docker image
+dockers:
+  - image_templates:
+      - restic/rest-server:latest
+      - restic/rest-server:{{ .Version }}
+    build_flag_templates:
+      - "--pull"
+    extra_files:
+      - docker/create_user
+      - docker/delete_user
+      - docker/entrypoint.sh

Dockerfile

@@ -5,12 +5,12 @@ ENV PASSWORD_FILE /data/.htpasswd
 
 RUN apk add --no-cache --update apache2-utils
 
-COPY rest-server docker/*_user /usr/bin/
+COPY docker/create_user /usr/bin/
+COPY docker/delete_user /usr/bin/
+COPY docker/entrypoint.sh /entrypoint.sh
+COPY rest-server /usr/bin
 
 VOLUME /data
-
 EXPOSE 8000
 
-COPY docker/entrypoint.sh /entrypoint.sh
-
 CMD [ "/entrypoint.sh" ]

Makefile

@@ -1,39 +0,0 @@
-# Copyright © 2017 Zlatko Čalušić
-#
-# Use of this source code is governed by an MIT-style license that can be found in the LICENSE file.
-#
-
-DOCKER_IMAGE ?= restic/rest-server
-
-REST_SERVER_VERSION := $(strip $(shell cat VERSION))
-
-.PHONY: default rest-server install uninstall docker_build docker_push clean
-
-default: rest-server
-
-rest-server:
-	@go run build.go
-
-install: rest-server
-	/usr/bin/install -m 755 rest-server /usr/local/bin/rest-server
-
-uninstall:
-	rm -f /usr/local/bin/rest-server
-
-docker_build:
-	docker pull golang:alpine
-	docker run --rm -it \
-		-v $(CURDIR):/go/src/github.com/restic/rest-server \
-		-w /go/src/github.com/restic/rest-server \
-		golang:alpine \
-		go run build.go
-	docker pull alpine
-	docker build -t $(DOCKER_IMAGE):$(REST_SERVER_VERSION) .
-	docker tag $(DOCKER_IMAGE):$(REST_SERVER_VERSION) $(DOCKER_IMAGE):latest
-
-docker_push:
-	docker push $(DOCKER_IMAGE):$(REST_SERVER_VERSION)
-	docker push $(DOCKER_IMAGE):latest
-
-clean:
-	rm -f rest-server

README.md

@@ -12,63 +12,46 @@ Rest Server is a high performance HTTP server that implements restic's [REST bac
 
 ## Requirements
 
-Rest Server requires Go 1.11 or higher to build.  The only tested compiler is the official Go compiler.  Building server with gccgo may work, but is not supported.
+Rest Server requires Go 1.11 or higher to build.  The only tested compiler is the official Go compiler.  Building server with `gccgo` may work, but is not supported.
 
-The required version of restic backup client to use with Rest Server is [v0.7.1](https://github.com/restic/restic/releases/tag/v0.7.1) or higher.
+The required version of restic backup client to use with `rest-server` is [v0.7.1](https://github.com/restic/restic/releases/tag/v0.7.1) or higher.
 
-## Installation
+## Build
 
-### From source
+For building the `rest-server` binary run `CGO_ENABLED=0 go build -o rest-server ./cmd/rest-server`
 
-#### Build
+## Docker
 
-```make```
+### Build image
 
-or
+Put the `rest-server` binary in the current directory, then run:
 
-```go run build.go```
+    docker build -t restic/rest-server:latest .
 
-If all goes well, you'll find the binary in the current directory.
 
-Alternatively, you can compile and install it in your $GOBIN with a standard `go install ./cmd/rest-server`.  But, beware, you won't have version info built into binary when compiled that way!
+### Pull image
 
-#### Install
-
-```make install```
-
-Installs the binary as `/usr/local/bin/rest-server`.
-
-Alternatively, you can install it manually anywhere you want.  It's a single binary, there are no dependencies.
-
-### Docker
-
-#### Build image
-
-```make docker_build```
-
-#### Pull image 
-
-```docker pull restic/rest-server```
+    docker pull restic/rest-server
 
 ## Usage
 
 To learn how to use restic backup client with REST backend, please consult [restic manual](http://restic.readthedocs.io/en/latest/030_preparing_a_new_repo.html#rest-server).
 
-```
-rest-server --help
+    $ rest-server --help
 
-Run a REST server for use with restic
+    Run a REST server for use with restic
 
-Usage:
+    Usage:
       rest-server [flags]
 
-Flags:
+    Flags:
           --append-only          enable append only mode
           --cpu-profile string   write CPU profile to file
           --debug                output debug messages
       -h, --help                 help for rest-server
           --listen string        listen address (default ":8000")
           --log string           log HTTP requests in the combined log format
+          --max-size int         the maximum size of the repository in bytes
           --no-auth              disable .htpasswd authentication
           --path string          data directory (default "/tmp/restic")
           --private-repos        users can only access their private repo
@@ -76,34 +59,26 @@ Flags:
           --tls                  turn on TLS support
           --tls-cert string      TLS certificate path
           --tls-key string       TLS key path
-  -V, --version             show version and quit
-
-```
+      -V, --version              output version and exit
 
 By default the server persists backup data in `/tmp/restic`.  To start the server with a custom persistence directory and with authentication disabled:
 
-```
-rest-server --path /user/home/backup --no-auth
-```
+    rest-server --path /user/home/backup --no-auth
 
 To authenticate users (for access to the rest-server), the server supports using a `.htpasswd` file to specify users. You can create such a file at the root of the persistence directory by executing the following command (note that you need the `htpasswd` program from Apache's http-tools).  In order to append new user to the file, just omit the `-c` argument.  Only bcrypt and SHA encryption methods are supported, so use -B (very secure) or -s (insecure by today's standards) when adding/changing passwords.
 
-```
-htpasswd -B -c .htpasswd username
-```
+    htpasswd -B -c .htpasswd username
 
 If you want to disable authentication, you must add the `--no-auth` flag. If this flag is not specified and the `.htpasswd` cannot be opened, rest-server will refuse to start.
 
 NOTE: In older versions of rest-server (up to 0.9.7), this flag does not exist and the server disables authentication if `.htpasswd` is missing or cannot be opened.
 
-By default the server uses HTTP protocol.  This is not very secure since with Basic Authentication, username and passwords will travel in cleartext in every request.  In order to enable TLS support just add the `--tls` argument and add a private and public key at the root of your persistence directory. You may also specify private and public keys by `--tls-cert` and `--tls-key`.
+By default the server uses HTTP protocol.  This is not very secure since with Basic Authentication, user name and passwords will be sent in clear text in every request.  In order to enable TLS support just add the `--tls` argument and add a private and public key at the root of your persistence directory. You may also specify private and public keys by `--tls-cert` and `--tls-key`.
 
 Signed certificate is required by the restic backend, but if you just want to test the feature you can generate unsigned keys with the following commands:
 
-```
-openssl genrsa -out private_key 2048
-openssl req -new -x509 -key private_key -out public_key -days 365
-```
+    openssl genrsa -out private_key 2048
+    openssl req -new -x509 -key private_key -out public_key -days 365
 
 The `--append-only` mode allows creation of new backups but prevents deletion and modification of existing backups. This can be useful when backing up systems that have a potential of being hacked.
 
@@ -123,9 +98,7 @@ Persistent data volume is located to `/data`.
 
 #### Start server
 
-```
-docker run -p 8000:8000 -v /my/data:/data --name rest_server restic/rest-server
-```
+    docker run -p 8000:8000 -v /my/data:/data --name rest_server restic/rest-server
 
 It's suggested to set a container name to more easily manage users (see next section).
 
@@ -135,21 +108,15 @@ You can set environment variable `OPTIONS` to any extra flags you'd like to pass
 
 ##### Add user
 
-```
-docker exec -it rest_server create_user myuser
-```
+    docker exec -it rest_server create_user myuser
 
 or
 
-```
-docker exec -it rest_server create_user myuser mypassword
-```
+    docker exec -it rest_server create_user myuser mypassword
 
 ##### Delete user
 
-```
-docker exec -it rest_server delete_user myuser
-```
+    docker exec -it rest_server delete_user myuser
 
 
 ## Prometheus support and Grafana dashboard
@@ -170,35 +137,3 @@ Finally, the Rest Server implementation is really simple and as such could be us
 ## Contributors
 
 Contributors are welcome, just open a new issue / pull request.
-
-## License
-
-```
-The BSD 2-Clause License
-
-Copyright © 2015, Bertil Chapuis
-Copyright © 2016, Zlatko Čalušić, Alexander Neumann
-Copyright © 2017, The Rest Server Authors
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are met:
-
-* Redistributions of source code must retain the above copyright notice, this
-  list of conditions and the following disclaimer.
-
-* Redistributions in binary form must reproduce the above copyright notice,
-  this list of conditions and the following disclaimer in the documentation
-  and/or other materials provided with the distribution.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
-SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
-OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-```

Release.md

@@ -0,0 +1,33 @@
+1. Export `$VERSION`:
+
+      export VERSION=0.10.0
+
+2. Add new version to file VERSION:
+
+      echo "${VERSION}" | tee VERSION && git commit -m "Update VERSION file for ${VERSION}" VERSION
+
+3. Move changelog files for `calens`:
+
+      mv changelog/unreleased "changelog/${VERSION}_$(date +%Y-%m-%d)"
+      git add "changelog/${VERSION}"*
+      git rm -r changelog/unreleased
+      git commit -m "Move changelog files for ${VERSION}" changelog/{unreleased,"${VERSION}"*}
+
+4. Generate changelog:
+
+      calens > CHANGELOG.md
+      git add CHANGELOG.md
+      git commit -m "Generate CHANGELOG.md for ${VERSION}" CHANGELOG.md
+
+5. Tag new version and push the tag:
+
+      git tag -a -s -m "v${VERSION}" "v${VERSION}"
+      git push --tags
+
+6. Build the project (use `--skip-publish` for testing):
+
+      goreleaser \
+        release \
+        --config ../.goreleaser.yml \
+        --release-notes <(calens --template changelog/CHANGELOG-GitHub.tmpl --version "${VERSION}")
+