diff --git a/.github/workflows/image.yml b/.github/workflows/build.yml similarity index 51% rename from .github/workflows/image.yml rename to .github/workflows/build.yml index 6705901..fab409a 100644 --- a/.github/workflows/image.yml +++ b/.github/workflows/build.yml @@ -1,40 +1,33 @@ + name: build docker image on: - workflow_dispatch: push: - branches: - - "**" tags: - "**" jobs: - test: - runs-on: ubuntu-22.04 - steps: - - name: Checkout the code - uses: actions/checkout@v3 - - name: Test Bash scripts - run: sudo apt-get -qq update && sudo apt-get install -y devscripts shellcheck && make test build: runs-on: ubuntu-22.04 - needs: test steps: - name: Checkout the code - uses: actions/checkout@v3 + uses: actions/checkout@v4 # https://github.com/docker/setup-qemu-action - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + uses: docker/setup-qemu-action@v3 # https://github.com/docker/setup-buildx-action - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Get latest release version number id: docker-tag uses: yuya-takeyama/docker-tag-from-github-ref-action@v1 - name: Login to Docker Hub - run: echo "${{ secrets.DOCKER_PASSWORD }}" | docker login --username "${{ secrets.DOCKER_USERNAME }}" --password-stdin + uses: docker/login-action@v3 + with: + username: fradelg + password: ${{ secrets.DOCKER_PASSWORD }} - name: Build multiarch image run: | docker buildx build --push \ --tag fradelg/mysql-cron-backup:${{ steps.docker-tag.outputs.tag }} \ - --platform linux/amd64,linux/arm/v7,linux/arm64 . \ No newline at end of file + --platform linux/amd64,linux/arm/v7,linux/arm64 . diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 0000000..4460983 --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,26 @@ +name: build docker image + +on: + workflow_dispatch: + push: + branches: + - "**" + +jobs: + test: + runs-on: ubuntu-22.04 + steps: + - name: Checkout the code + uses: actions/checkout@v4 + - name: Test Bash scripts + run: sudo apt-get -qq update && sudo apt-get install -y devscripts shellcheck && make test + - name: Test image + env: + VOLUME_PATH: /tmp/mariadb + DATABASE_NAME: foo + MARIADB_ROOT_PASSWORD: abcd + run: | + docker compose up -d mariadb + docker compose run backup /backup.sh + docker compose run backup /restore.sh /backup/latest.foo.sql.gz + docker compose stop diff --git a/Dockerfile b/Dockerfile index fdc2638..73a2588 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,27 +1,28 @@ -FROM golang:1.15.8-alpine3.12 AS binary +FROM golang:1.20.4-alpine3.18 AS binary RUN apk -U add openssl git -ARG DOCKERIZE_VERSION=v0.6.1 +ARG DOCKERIZE_VERSION=v0.7.0 WORKDIR /go/src/github.com/jwilder RUN git clone https://github.com/jwilder/dockerize.git && \ cd dockerize && \ git checkout ${DOCKERIZE_VERSION} WORKDIR /go/src/github.com/jwilder/dockerize -RUN go get github.com/robfig/glock -RUN glock sync -n < GLOCKFILE -RUN go install +ENV GO111MODULE=on +RUN go mod tidy +RUN CGO_ENABLED=0 GOOS=linux GO111MODULE=on go build -a -o /go/bin/dockerize . -FROM alpine:3.18.3 +FROM alpine:3.20.3 LABEL maintainer "Fco. Javier Delgado del Hoyo <frandelhoyo@gmail.com>" RUN apk add --update \ - tzdata \ - bash \ - mysql-client \ - gzip \ - openssl \ - mariadb-connector-c && \ + tzdata \ + bash \ + gzip \ + openssl \ + mysql-client=~10.11 \ + mariadb-connector-c \ + fdupes && \ rm -rf /var/cache/apk/* COPY --from=binary /go/bin/dockerize /usr/local/bin @@ -42,6 +43,6 @@ RUN mkdir /backup && \ VOLUME ["/backup"] HEALTHCHECK --interval=2s --retries=1800 \ - CMD stat /HEALTHY.status || exit 1 + CMD stat /HEALTHY.status || exit 1 -ENTRYPOINT dockerize -wait tcp://${MYSQL_HOST}:${MYSQL_PORT} -timeout ${TIMEOUT} /run.sh \ No newline at end of file +CMD dockerize -wait tcp://${MYSQL_HOST}:${MYSQL_PORT} -timeout ${TIMEOUT} /run.sh diff --git a/README.md b/README.md index 6627b0d..16a2d65 100644 --- a/README.md +++ b/README.md @@ -42,6 +42,7 @@ Container is **Healthy** after the database init phase, that is after `INIT_BACK - `GZIP_LEVEL`: Specify the level of gzip compression from 1 (quickest, least compressed) to 9 (slowest, most compressed), default is 6. - `USE_PLAIN_SQL`: If set, back up and restore plain SQL files without gzip. - `TZ`: Specify TIMEZONE in Container. E.g. "Europe/Berlin". Default is UTC. +- `REMOVE_DUPLICATES`: Use [fdupes](https://github.com/adrianlopezroche/fdupes) to remove duplicate database dumps If you want to make this image the perfect companion of your MySQL container, use [docker-compose](https://docs.docker.com/compose/). You can add more services that will be able to connect to the MySQL image using the name `my_mariadb`, note that you only expose the port `3306` internally to the servers and not to the host: @@ -80,6 +81,8 @@ services: - CRON_TIME=0 3 * * * # Make it small - GZIP_LEVEL=9 + # As of MySQL 8.0.21 this is needed + - MYSQLDUMP_OPTS=--no-tablespaces restart: unless-stopped volumes: diff --git a/backup.sh b/backup.sh index 747cd82..499575d 100755 --- a/backup.sh +++ b/backup.sh @@ -29,13 +29,18 @@ do echo "==> Dumping database: $db" FILENAME=/backup/$DATE.$db.sql LATEST=/backup/latest.$db.sql - if mysqldump --single-transaction $MYSQLDUMP_OPTS -h "$MYSQL_HOST" -P "$MYSQL_PORT" -u "$MYSQL_USER" -p"$MYSQL_PASS" $MYSQL_SSL_OPTS "$db" > "$FILENAME" + BASIC_OPTS="--single-transaction" + if [ -n "$REMOVE_DUPLICATES" ] + then + BASIC_OPTS="$BASIC_OPTS --skip-dump-date" + fi + if mysqldump $BASIC_OPTS $MYSQLDUMP_OPTS -h "$MYSQL_HOST" -P "$MYSQL_PORT" -u "$MYSQL_USER" -p"$MYSQL_PASS" $MYSQL_SSL_OPTS "$db" > "$FILENAME" then EXT= if [ -z "${USE_PLAIN_SQL}" ] then echo "==> Compressing $db with LEVEL $GZIP_LEVEL" - gzip "-$GZIP_LEVEL" -f "$FILENAME" + gzip "-$GZIP_LEVEL" -n -f "$FILENAME" EXT=.gz FILENAME=$FILENAME$EXT LATEST=$LATEST$EXT @@ -44,6 +49,11 @@ do echo "==> Creating symlink to latest backup: $BASENAME" rm "$LATEST" 2> /dev/null cd /backup || exit && ln -s "$BASENAME" "$(basename "$LATEST")" + if [ -n "$REMOVE_DUPLICATES" ] + then + echo "==> Removing duplicate database dumps" + fdupes -idN /backup/ + fi if [ -n "$MAX_BACKUPS" ] then # Execute the delete script, delete older backup or other custom delete script diff --git a/docker-compose.yaml b/docker-compose.yaml index d0b693f..5ac0e9d 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -1,8 +1,9 @@ -version: "2" services: mariadb: - image: mariadb:10 + image: mariadb:10.11 container_name: my_mariadb + security_opt: + - seccomp:unconfined expose: - 3306 volumes: @@ -11,13 +12,19 @@ services: environment: - MYSQL_DATABASE=${DATABASE_NAME} - MYSQL_ROOT_PASSWORD=${MARIADB_ROOT_PASSWORD} + - MYSQL_ALLOW_EMPTY_ROOT_PASSWORD=yes restart: unless-stopped + healthcheck: + test: [ "CMD", "healthcheck.sh", "--su-mysql", "--connect" ] + timeout: 5s + retries: 10 backup: build: . image: fradelg/mysql-cron-backup depends_on: - - mariadb + mariadb: + condition: service_healthy volumes: - ${VOLUME_PATH}/backup:/backup environment: @@ -28,6 +35,6 @@ services: - INIT_BACKUP=1 - CRON_TIME=0 0 * * * restart: unless-stopped - -volumes: - data: \ No newline at end of file + +volumes: + data: diff --git a/restore.sh b/restore.sh index 0607d6f..6c03634 100755 --- a/restore.sh +++ b/restore.sh @@ -13,6 +13,7 @@ if [ "$#" -ne 1 ] then echo "You must pass the path of the backup file to restore" + exit 1 fi set -o pipefail