Merge pull request coturn#746 from tyranron/docker-image

Official Docker image

.dockerignore

@@ -0,0 +1,19 @@
+*
+
+!docker/coturn/alpine/
+!docker/coturn/debian/
+
+!cmake/
+!CMakeLists.txt
+!configure
+!examples/
+!INSTALL
+!LICENSE
+!LICENSE.OpenSSL
+!make-man.sh
+!Makefile.in
+!man/
+!postinstall.txt
+!README.turn*
+!src/
+!turndb/

.github/workflows/docker.yml

@@ -0,0 +1,171 @@
+name: Docker CI
+
+on:
+  pull_request:
+  push:
+  schedule:
+    - cron: '13 13 * * 3'
+
+jobs:
+  buildx:
+    strategy:
+      matrix:
+        include:
+          - dockerfile: debian
+            cache: ${{ github.ref != 'refs/heads/master'
+                       && !startsWith(github.ref, 'refs/tags/docker/') }}
+            publish: ${{ github.event_name == 'push'
+                         && (startsWith(github.ref, 'refs/tags/docker/')
+                             || github.ref == 'refs/heads/master') }}
+            release: ${{ github.event_name == 'push'
+                         && startsWith(github.ref, 'refs/tags/docker/') }}
+
+          - dockerfile: alpine
+            cache: ${{ github.ref != 'refs/heads/master'
+                       && !startsWith(github.ref, 'refs/tags/docker/') }}
+            publish: ${{ github.event_name == 'push'
+                         && (startsWith(github.ref, 'refs/tags/docker/')
+                             || github.ref == 'refs/heads/master') }}
+            release: ${{ github.event_name == 'push'
+                         && startsWith(github.ref, 'refs/tags/docker/') }}
+
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: docker/setup-qemu-action@v1
+      - uses: docker/setup-buildx-action@v1
+
+
+      - name: Detect correct Git ref for image build
+        id: git
+        uses: actions/github-script@v3
+        with:
+          script: |
+            let out = {ref: 'HEAD', ver: ''};
+            if ('${{ github.ref }}'.startsWith('refs/tags/docker/')) {
+              out.ref = '${{ github.ref }}'.substring(17).split('-')[0];
+              out.ver = out.ref;
+            }
+            return out;
+
+
+      - name: Pre-build fresh Docker images cache
+        run: make docker.build.cache no-cache=yes
+                  DOCKERFILE=${{ matrix.dockerfile }}
+                  ref=${{ fromJSON(steps.git.outputs.result).ref }}
+        working-directory: ./docker/coturn
+        if: ${{ !matrix.cache }}
+
+      - uses: satackey/[email protected]
+        with:
+          key: docker-${{ matrix.dockerfile }}-buildx-{hash}
+          restore-keys: docker-${{ matrix.dockerfile }}-buildx-
+        continue-on-error: true
+        timeout-minutes: 10
+        if: ${{ matrix.cache }}
+      - name: Pre-build Docker images cache
+        run: make docker.build.cache no-cache=no
+                  DOCKERFILE=${{ matrix.dockerfile }}
+                  ref=${{ fromJSON(steps.git.outputs.result).ref }}
+        working-directory: ./docker/coturn
+        if: ${{ matrix.cache }}
+
+      - name: Test Docker images
+        run: |
+          # Enable experimental features of Docker Daemon to run multi-arch images.
+          echo "$(cat /etc/docker/daemon.json)" '{"experimental": true}' \
+          | jq --slurp 'reduce .[] as $item ({}; . * $item)' \
+          | sudo tee /etc/docker/daemon.json
+          sudo systemctl restart docker
+
+          make npm.install
+          make test.docker platforms=@all build=yes \
+               DOCKERFILE=${{ matrix.dockerfile }} \
+               ref=${{ fromJSON(steps.git.outputs.result).ref }}
+        env:
+          COTURN_VERSION: ${{ fromJSON(steps.git.outputs.result).ver }}
+        working-directory: ./docker/coturn
+
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v1
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GCR_BOT_PAT }}
+        if: ${{ matrix.publish }}
+
+      - name: Login to Quay.io
+        uses: docker/login-action@v1
+        with:
+          registry: quay.io
+          username: ${{ secrets.QUAYIO_ROBOT_USERNAME }}
+          password: ${{ secrets.QUAYIO_ROBOT_TOKEN }}
+        if: ${{ matrix.publish }}
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKERHUB_BOT_USER }}
+          password: ${{ secrets.DOCKERHUB_BOT_PASS }}
+        if: ${{ matrix.publish }}
+
+      - name: Publish version Docker tags
+        run: make docker.push
+                  DOCKERFILE=${{ matrix.dockerfile }}
+                  ref=${{ fromJSON(steps.git.outputs.result).ref }}
+        working-directory: ./docker/coturn
+        if: ${{ matrix.release }}
+
+      - name: Publish edge Docker tags
+        run: make docker.push tags=edge-${{ matrix.dockerfile }}
+                  DOCKERFILE=${{ matrix.dockerfile }}
+                  ref=${{ fromJSON(steps.git.outputs.result).ref }}
+        working-directory: ./docker/coturn
+        if: ${{ matrix.publish && !matrix.release }}
+
+
+      # On GitHub Container Registry README is automatically updated on pushes.
+      - name: Update README on Quay.io
+        uses: christian-korneck/update-container-description-action@v1
+        env:
+          DOCKER_APIKEY: ${{ secrets.QUAYIO_API_TOKEN }}
+        with:
+          provider: quay
+          destination_container_repo: quay.io/coturn/coturn
+          readme_file: docker/coturn/README.md
+        if: ${{ matrix.publish }}
+
+      - name: Update README on Docker Hub
+        uses: christian-korneck/update-container-description-action@v1
+        env:
+          DOCKER_USER: ${{ secrets.DOCKERHUB_BOT_USER }}
+          DOCKER_PASS: ${{ secrets.DOCKERHUB_BOT_PASS }}
+        with:
+          provider: dockerhub
+          destination_container_repo: coturn/coturn
+          readme_file: docker/coturn/README.md
+        if: ${{ matrix.publish }}
+
+
+      - name: Parse release version from Git tag
+        id: release
+        run: echo ::set-output name=VERSION::${GITHUB_REF#refs/tags/docker/}
+        if: ${{ matrix.release }}
+
+      - name: Parse CHANGELOG link
+        id: changelog
+        run: echo ::set-output name=LINK::https://github.com/${{ github.repository }}/blob/docker/${{ steps.release.outputs.VERSION }}/docker/coturn/CHANGELOG.md#$(sed -n '/^## \[${{ steps.release.outputs.VERSION }}\]/{s/^## \[\(.*\)\][^0-9]*\([0-9].*\)/\1--\2/;s/[^0-9a-z-]*//g;p;}' CHANGELOG.md)
+        working-directory: ./docker/coturn
+        if: ${{ matrix.release }}
+
+      - name: Release on GitHub
+        uses: actions/create-release@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          tag_name: docker/${{ steps.release.outputs.VERSION }}
+          release_name: ${{ steps.release.outputs.VERSION }}
+          body: |
+            [Changelog](${{ steps.changelog.outputs.LINK }})
+        if: ${{ matrix.release }}

.gitignore

@@ -1,5 +1,5 @@
-Makefile
-bin
+/Makefile
+/bin/
 build
 include
 lib
@@ -32,7 +32,7 @@ tags
 .DS_Store
 .directory
 *.debug
-Makefile*
+/Makefile*
 *.prl
 *.app
 moc_*.cpp

ChangeLog

@@ -19,8 +19,6 @@ Version 4.5.3 'dan Eider':
 		* Packaging scripts can miss out on these errors (exit code)
 	- merge PR #679 (by rubo77)
 		* Readme.turnserver: how to run server as a daemon
-	- merge PR # #718 (by dcharbonnier)
-		* mongoc version 1.17.4
 
 10/01/2021 Oleg Moskalenko <[email protected]> Mihály Mészáros <[email protected]>
 Version 4.5.2 'dan Eider':

docker/coturn/.gitignore

@@ -0,0 +1,7 @@
+/node_modules/
+/package-lock.json
+/yarn.lock
+/yarn-error.log
+
+/сert.pem
+/privkey.pem

docker/coturn/CHANGELOG.md

@@ -0,0 +1,31 @@
+Coturn TURN server Docker image changelog
+=========================================
+
+
+
+
+## [4.5.2-r0] · 2021-04-?? · To-be-done
+[4.5.2-r0]: /../../tree/docker/4.5.2-r0
+
+### Created
+
+- [Coturn] 4.5.2: <https://github.com/coturn/coturn/blob/upstream/4.5.2/ChangeLog> 
+- [Alpine Linux] 3.13: <https://alpinelinux.org/posts/Alpine-3.13.0-released.html>
+- [Debian Linux] "buster": <https://www.debian.org/releases/buster/releasenotes>
+- [mongo-c-driver] 1.17.5 (`debian` only): <https://github.com/mongodb/mongo-c-driver/releases/tag/1.17.5>
+- Supported platforms:
+    - `linux/amd64`
+    - `linux/arm64`
+    - `linux/arm/v6`
+    - `linux/arm/v7`
+    - `linux/ppc64le`
+    - `linux/s390x`
+
+
+
+
+
+[Alpine Linux]: https://www.alpinelinux.org
+[Coturn]: https://haraka.github.io
+[Debian Linux]: https://www.debian.org
+[mongo-c-driver]: https://github.com/mongodb/mongo-c-driver

docker/coturn/CONTRIBUTING.md

@@ -0,0 +1,65 @@
+Contribution Guide
+==================
+
+
+
+
+## Best practices
+
+1. Keep the image size as small as possible:
+    - Do not produce redundant layers in the final image.
+    - Cleanup temporary files and caches in the same layer were they were produced.
+    - Remove unnecessary man pages, examples and documentation.
+
+2. Build each project in its separate stage:
+    - Do use layers granularly in non-final stages for better caching of build results.
+    - Prepare all the final files as much as possible in their build stage before adding them to the final stage.
+
+
+
+
+## CI workflow
+
+At the moment `coturn/coturn` Docker image's [workflow is automated][1] via [GitHub Actions] in the following manner:
+
+- On each push the image is built and tested.  
+  This helps to track image regressions due to changes in codebase.
+
+- Image is built and tested automatically from `master` branch on weekly basis.  
+  This helps to track image regressions due to changes in parent OS images (`debian`, `alpine`), their system packages, and other dependencies.
+
+- On each push to `master` branch the image is published with `edge-debian` and `edge-alpine` tags.  
+  This helps to test and try the latest `master` branch and its changes for whoever needs this.
+
+- On each `docker/X.Y.Z-rN` tag creation the image is built using the `X.Y.Z` Coturn version (not the local sources), tested, and is published with all the version tags declared in [`Makefile`] (see `ALL_IMAGES`).  
+  An appropriate [GitHub Release] for the `docker/X.Y.Z-rN` Git tag is also created automatically.
+
+- Whenever the image is published, its description on container registries is automatically updated with its [README] file.
+
+
+
+
+## Releasing
+
+To produce a new release (version tag) of `coturn/coturn` Docker image, perform the following steps:
+
+1. Upgrade the image version correctly in [`Makefile`] by bumping up either the `COTURN_VER` (if Coturn has changed it version) or the `BUILD_REV` (if anything else in the image has been changed). If the `COTURN_VER` has changed, the `BUILD_REV` may be reset to `0`.
+
+2. Complete an existing [CHANGELOG] or fill up a new one for the new version declared in [`Makefile`].
+
+3. Update [README] with the new version declared in [`Makefile`].
+
+4. Perform a `make release` command inside the`docker/coturn/` directory.
+
+
+
+
+
+[CHANGELOG]: https://github.com/coturn/coturn/blob/master/docker/coturn/CHANGELOG.md
+[GitHub Actions]: https://docs.github.com/actions
+[GitHub Release]: https://github.com/coturn/coturn/releases
+[README]: https://github.com/coturn/coturn/blob/master/docker/coturn/README.md
+
+[`Makefile`]: https://github.com/coturn/coturn/blob/master/docker/coturn/Makefile
+
+[1]: https://github.com/coturn/coturn/blob/master/.github/workflows/docker.yml