-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
135 lines (113 loc) · 7.01 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
# syntax=docker.io/docker/dockerfile:1
# Usage:
# buildctl build --frontend gateway.v0 --opt source=docker.io/docker/dockerfile:1 --local context=. --local dockerfile=. --output type=image,name=localhost:5000/borgbackup:1.1.18,push=true --opt build-arg:version=1.1.18 --opt platform="linux/amd64,linux/arm64,linux/arm/v7"
# podman build --file Dockerfile --build-arg version=1.1.18 --tag localhost:5000/borgbackup:1.1.18
# Default to Debian 12, which is the latest platform for the BorgBackup standalone binary releases
# the 'offical' python image provides a standalone python build under /usr/local
# the 'slim' variant comes with pip, setuptools and wheel pre-installed
ARG base_image=docker.io/python:3-slim-bookworm
ARG version
# Build environment and defaults
ARG BORG_BASE_DIR=/borg
ARG BORG_FUSE_IMPL=none
ARG BORG_VERSION=${version}
ARG BORG_SRC_DIR=/usr/local/src/borgbackup-${BORG_VERSION}-${TARGETARCH}${TARGETVARIANT}
ARG BORG_WHEEL_DIR=${BORG_SRC_DIR}/wheels
ARG PIP_CACHE_DIR=/var/local/cache/borg-${BORG_VERSION}/${TARGETARCH}${TARGETVARIANT}/pip
ARG PIP_CONSTRAINT=${BORG_SRC_DIR}/requirements.d/development.lock.txt
ARG PIP_DISABLE_PIP_VERSION_CHECK=1
ARG PIP_ROOT_USER_ACTION=ignore
### Download source (to cache as layer)
FROM scratch as source
# Signing Key: Thomas Waldmann <tw@waldmann-edv.de>
ADD https://keys.openpgp.org/vks/v1/by-fingerprint/6D5BEF9ADD2075805747B70F9F88FB52FAF7B393 signing_key.asc
ARG BORG_VERSION
ADD https://github.com/borgbackup/borg/releases/download/${BORG_VERSION}/borgbackup-${BORG_VERSION}.tar.gz borgbackup-${BORG_VERSION}.tar.gz
ADD https://github.com/borgbackup/borg/releases/download/${BORG_VERSION}/borgbackup-${BORG_VERSION}.tar.gz.asc borgbackup-${BORG_VERSION}.tar.gz.asc
### Build stage ###
FROM ${base_image} as build
# Install OS build dependencies (https://borgbackup.readthedocs.io/en/stable/installation.html#dependencies)
ARG DEBIAN_FRONTEND=noninteractive
RUN --mount=type=tmpfs,target=/var/cache/apt --mount=type=tmpfs,target=/var/lib/apt \
apt-get -y -qq update && \
apt-get -y -qq --no-install-recommends install \
build-essential \
libacl1-dev libffi-dev libssl-dev liblz4-dev libzstd-dev libxxhash-dev \
pkg-config \
sqv
# Extract into build layer (verify gpg key)
ARG BORG_BASE_DIR BORG_FUSE_IMPL BORG_SRC_DIR BORG_VERSION BORG_WHEEL_DIR
WORKDIR ${BORG_SRC_DIR}
RUN --mount=type=bind,from=source,target=/mnt/source \
sqv /mnt/source/borgbackup-${BORG_VERSION}.tar.gz.asc /mnt/source/borgbackup-${BORG_VERSION}.tar.gz --keyring /mnt/source/signing_key.asc && \
tar --extract --auto-compress --file=/mnt/source/borgbackup-${BORG_VERSION}.tar.gz --strip-components=1
# Build and Install: Wheel for BorgBackup from source (and cache PIP and GIT repo across builds)
ARG PIP_CACHE_DIR PIP_CONSTRAINT PIP_DISABLE_PIP_VERSION_CHECK PIP_ROOT_USER_ACTION
ARG PIP_NO_BINARY=:all:
ARG PIP_USE_FEATURE=no-binary-enable-wheel-cache
ARG NO_CYTHON_COMPILE=true
# Borg 1.2.7 depends on Cython==0.29.36 and 'msgpack >=0.5.6, <=1.0.7, !=1.0.1' but msgpack=>1.0.6 requires Cython~=3.0.0
# append a pinned msgpack==1.0.5 to development.lock.txt
RUN --mount=type=cache,target=${PIP_CACHE_DIR} --mount=type=tmpfs,target=/tmp \
test "${BORG_VERSION}" != "1.2.7" || echo "msgpack==1.0.5" >> ${PIP_CONSTRAINT}
# Borg 1.2.8 depends on Cython==0.29.37 and 'msgpack >=0.5.6, <=1.0.8, !=1.0.1' but msgpack=>1.0.6 requires Cython~=3.0.0
# append a pinned msgpack==1.0.5 to development.lock.txt
RUN --mount=type=cache,target=${PIP_CACHE_DIR} --mount=type=tmpfs,target=/tmp \
test "${BORG_VERSION}" != "1.2.8" || echo "msgpack==1.0.5" >> ${PIP_CONSTRAINT}
# Borg 1.4.0 depends on setuptools==69.0.3 and 'msgpack<=1.1.0,>=1.0.3' but msgpack>=1.1.0 requires setuptools>=69.5.1
# append a pinned msgpack==1.0.8 to development.lock.txt
RUN --mount=type=cache,target=${PIP_CACHE_DIR} --mount=type=tmpfs,target=/tmp \
test "${BORG_VERSION}" != "1.4.0" || echo "msgpack==1.0.8" >> ${PIP_CONSTRAINT}
WORKDIR ${BORG_WHEEL_DIR}
RUN --mount=type=cache,target=${PIP_CACHE_DIR} --mount=type=tmpfs,target=/tmp \
pip install pkgconfig && \
pip wheel Cython --use-pep517 --config-setting="--build-option=--no-cython-compile" && \
pip wheel ${BORG_SRC_DIR} && \
pip install --no-index --no-cache-dir --find-links=${BORG_WHEEL_DIR} --only-binary=:all: borgbackup==${BORG_VERSION}
# Test: Run self-tests
RUN --mount=type=tmpfs,target=/tmp --mount=type=tmpfs,target=${BORG_BASE_DIR} \
borg --version | grep --silent --fixed-strings "borg ${BORG_VERSION}" && \
borg debug info --debug
### Test stage (pytest) ###
FROM ${base_image} as test
ARG BORG_BASE_DIR BORG_FUSE_IMPL BORG_SRC_DIR BORG_VERSION BORG_WHEEL_DIR
ARG PIP_CACHE_DIR PIP_CONSTRAINT PIP_DISABLE_PIP_VERSION_CHECK PIP_ROOT_USER_ACTION
RUN --mount=type=bind,from=build,source=${BORG_SRC_DIR},target=${BORG_SRC_DIR} --mount=type=cache,target=${PIP_CACHE_DIR} \
pip install pytest pytest-benchmark pytest-xdist python-dateutil && \
pip install --no-index --no-cache-dir --find-links=${BORG_WHEEL_DIR} --only-binary=:all: borgbackup==${BORG_VERSION}
ARG XDISTN=auto
ARG PYTHONFAULTHANDLER=1
WORKDIR ${BORG_SRC_DIR}
# Skip readonly tests as CAP_LINUX_IMMUTABLE is disabled by default in Docker
RUN --mount=type=bind,from=build,source=${BORG_SRC_DIR},target=${BORG_SRC_DIR} --mount=type=tmpfs,target=/tmp --mount=type=tmpfs,target=${BORG_BASE_DIR} \
pytest --quiet -n ${XDISTN} --disable-warnings --exitfirst --benchmark-skip -k 'not test_readonly' --pyargs borg.testsuite
### Final stage (publish target image) ###
FROM ${base_image} as final
ARG base_image
# Install a ssh client to support remote repositories
ARG DEBIAN_FRONTEND=noninteractive
RUN --mount=type=tmpfs,target=/var/cache/apt --mount=type=tmpfs,target=/var/lib/apt \
apt-get -y -qq update && \
apt-get -y -qq --no-install-recommends install openssh-client && \
ssh -V
# Persist ENV into image
ARG BORG_BASE_DIR BORG_FUSE_IMPL BORG_SRC_DIR BORG_VERSION BORG_WHEEL_DIR
ENV BORG_VERSION=${BORG_VERSION} BORG_BASE_DIR=${BORG_BASE_DIR} BORG_FUSE_IMPL=${BORG_FUSE_IMPL}
ENV PYTHONDONTWRITEBYTECODE=1 PYTHONUNBUFFERED=1
VOLUME /borg
# Install the wheel and execute once
ARG PIP_CACHE_DIR PIP_CONSTRAINT PIP_DISABLE_PIP_VERSION_CHECK PIP_ROOT_USER_ACTION
RUN --mount=type=bind,from=build,source=${BORG_SRC_DIR},target=${BORG_SRC_DIR} \
pip install --no-index --no-cache-dir --find-links=${BORG_WHEEL_DIR} --only-binary=:all: --no-compile borgbackup==${BORG_VERSION} && \
borg debug info --debug
ENTRYPOINT ["borg"]
# Labeling https://github.com/opencontainers/image-spec/blob/main/annotations.md
LABEL\
org.opencontainers.image.title="BorgBackup" \
org.opencontainers.image.description="BorgBackup is a deduplicating backup program with support for compression and authenticated encryption." \
org.opencontainers.image.licenses="BSD-3-Clause" \
org.opencontainers.image.vendor="BorgBackup Community (unofficial)" \
org.opencontainers.image.version=${BORG_VERSION} \
org.opencontainers.image.source="https://github.com/bbx0/container-borgbackup" \
org.opencontainers.image.authors="Philipp Micheel <bbx0+borgbackup at bitdevs dot de>" \
org.opencontainers.image.base.name=${base_image}