Switch to using GitHub Actions for publishing Docker images. (#10365)

* Switch to using GitHub Actions for publishing Docker images.

This simplifies handling of multiarch images and publishing to multiple
registries, and unifies testing with the code actually being used to
build and publish the images.

This also removes a handful of scripts that are no longer needed due to
this change, and switches our Dockerfile to not needing an architecture
to be specified in a build argument, instead relying on proper multiarch
docker image support.

* Fix YAML syntax.

* Add separate tagging for nightly and stable builds.

* Correct YAML syntax errors.

4 files changed, 4 insertions, 243 deletions

diff --git a/packaging/docker/Dockerfile b/packaging/docker/Dockerfile
index 65171d55eb..41e8870012 100644
--- a/packaging/docker/Dockerfile
+++ b/packaging/docker/Dockerfile
@@ -1,11 +1,9 @@
 # SPDX-License-Identifier: GPL-3.0-or-later
 # author  : paulfantom
 
-# Cross-arch building is achieved by specifying ARCH as a build parameter with `--build-arg` option.
-# It is automated in `build.sh` script
-ARG ARCH=amd64
 # This image contains preinstalled dependecies
-FROM netdata/builder:${ARCH} as builder
+# hadolint ignore=DL3007
+FROM netdata/builder:latest as builder
 
 # One of 'nightly' or 'stable'
 ARG RELEASE_CHANNEL=nightly
@@ -54,9 +52,9 @@ RUN mkdir -p /app/usr/sbin/ \
     chmod +x /app/usr/sbin/run.sh
 
 #####################################################################
-ARG ARCH
 # This image contains preinstalled dependecies
-FROM netdata/base:${ARCH}
+# hadolint ignore=DL3007
+FROM netdata/base:latest as base
 
 # Configure system
 ARG NETDATA_UID=201
diff --git a/packaging/docker/build.sh b/packaging/docker/build.sh
deleted file mode 100755
index 4522936e8a..0000000000
--- a/packaging/docker/build.sh
+++ /dev/null
@@ -1,80 +0,0 @@
-#!/usr/bin/env bash
-#
-#
-# Copyright: SPDX-License-Identifier: GPL-3.0-or-later
-#
-# Author  : Pawel Krupa (paulfantom)
-# Author  : Pavlos Emm. Katsoulakis (paul@netdata.cloud)
-
-set -e
-
-if [ "${BASH_VERSINFO[0]}" -lt "4" ]; then
-	echo "This mechanism currently can only run on BASH version 4 and above"
-	exit 1
-fi
-
-VERSION="$1"
-
-if [ -z "${ARCH}" ]; then
-  echo "ARCH not set, build cannot proceed"
-  exit 1
-fi
-
-if [ "${RELEASE_CHANNEL}" != "nightly" ] && [ "${RELEASE_CHANNEL}" != "stable" ]; then
-  echo "RELEASE_CHANNEL must be set to either 'nightly' or 'stable' - build cannot proceed"
-  exit 1
-fi
-
-if [ -z ${REPOSITORY} ]; then
-	REPOSITORY="${TRAVIS_REPO_SLUG}"
-	if [ -z ${REPOSITORY} ]; then
-		echo "REPOSITORY not set, build cannot proceed"
-		exit 1
-	else
-		echo "REPOSITORY was not detected, attempted to use TRAVIS_REPO_SLUG setting: ${TRAVIS_REPO_SLUG}"
-	fi
-fi
-
-# Ensure there is a version, the most appropriate one
-if [ "${VERSION}" == "" ]; then
-    VERSION=$(git tag --points-at)
-    if [ "${VERSION}" == "" ]; then
-        VERSION="latest"
-    fi
-fi
-
-# If we are not in netdata git repo, at the top level directory, fail
-TOP_LEVEL=$(basename "$(git rev-parse --show-toplevel)")
-CWD=$(git rev-parse --show-cdup)
-if [ ! -z $CWD ] || [ ! "${TOP_LEVEL}" == "netdata" ]; then
-    echo "Run as ./packaging/docker/$(basename "$0") from top level directory of netdata git repository"
-    echo "Docker build process aborted"
-    exit 1
-fi
-
-case "${ARCH}" in
-  amd64) DOCKER_PLATFORM="linux/amd64" ;;
-  i386) DOCKER_PLATFORM="linux/i386" ;;
-  armhf) DOCKER_PLATFORM="linux/arm/v7" ;;
-  aarch64) DOCKER_PLATFORM="linux/arm64" ;;
-esac
-
-echo "Docker image build in progress.."
-echo "Version     : ${VERSION}"
-echo "Repository  : ${REPOSITORY}"
-echo "Architecture: ${ARCH}"
-
-docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
-
-# Build images using multi-arch Dockerfile.
-TAG="${REPOSITORY,,}:${VERSION}-${ARCH}"
-echo "Building tag ${TAG}.."
-docker build --no-cache                                  \
-	--build-arg ARCH="${ARCH}"                       \
-	--build-arg RELEASE_CHANNEL="${RELEASE_CHANNEL}" \
-	--platform "${DOCKER_PLATFORM}"                  \
-	--tag "${TAG}"                                   \
-	--file packaging/docker/Dockerfile .
-echo "..Done!"
-
-echo "Docker build process completed!"
diff --git a/packaging/docker/check_login.sh b/packaging/docker/check_login.sh
deleted file mode 100755
index 7cc8d4e50d..0000000000
--- a/packaging/docker/check_login.sh
+++ /dev/null
@@ -1,41 +0,0 @@
-#!/usr/bin/env bash
-#
-# This is a credential checker script, to help get early input on docker credentials status
-# If these are wrong, then build/publish has no point running
-#
-# Copyright: SPDX-License-Identifier: GPL-3.0-or-later
-#
-# Author  : Pavlos Emm. Katsoulakis (paul@netdata.cloud)
-
-set -e
-
-if [ "${BASH_VERSINFO[0]}" -lt "4" ]; then
-	echo "This mechanism currently can only run on BASH version 4 and above"
-	exit 1
-fi
-
-DOCKER_CMD="docker "
-
-# There is no reason to continue if we cannot log in to docker hub
-if [ -z ${DOCKER_USERNAME+x} ] || [ -z ${DOCKER_PWD+x} ]; then
-    echo "No docker hub username or password found, aborting without publishing"
-    exit 1
-fi
-
-# If we are not in netdata git repo, at the top level directory, fail
-TOP_LEVEL=$(basename "$(git rev-parse --show-toplevel)")
-CWD=$(git rev-parse --show-cdup)
-if [ -n "$CWD" ] || [ ! "${TOP_LEVEL}" == "netdata" ]; then
-    echo "Run as ./packaging/docker/$(basename "$0") from top level directory of netdata git repository"
-    echo "Docker build process aborted"
-    exit 1
-fi
-
-# Login to docker hub to allow futher operations
-echo "Attempting to login to docker"
-echo "$DOCKER_PWD" | $DOCKER_CMD login -u "$DOCKER_USERNAME" --password-stdin
-
-echo "Docker login successful!"
-$DOCKER_CMD logout
-
-echo "Docker login validation completed"
diff --git a/packaging/docker/publish.sh b/packaging/docker/publish.sh
deleted file mode 100755
index 172f8df45f..0000000000
--- a/packaging/docker/publish.sh
+++ /dev/null
@@ -1,116 +0,0 @@
-#!/usr/bin/env bash
-#
-# Cross-arch docker publish helper script
-# Needs docker in version >18.02 due to usage of manifests
-#
-# Copyright: SPDX-License-Identifier: GPL-3.0-or-later
-#
-# Author  : Pavlos Emm. Katsoulakis (paul@netdata.cloud)
-
-set -e
-
-if [ "${BASH_VERSINFO[0]}" -lt "4" ]; then
-	echo "This mechanism currently can only run on BASH version 4 and above"
-	exit 1
-fi
-
-WORKDIR="$(mktemp -d)" # Temporary folder, removed after script is done
-VERSION="$1"
-
-if [ -z "${ARCH}" ]; then
-  echo "ARCH not set, build cannot proceed"
-  exit 1
-fi
-
-DOCKER_CMD="docker --config ${WORKDIR}"
-GIT_MAIL=${GIT_MAIL:-"bot@netdata.cloud"}
-GIT_USER=${GIT_USER:-"netdatabot"}
-
-if [ -z ${REPOSITORY} ]; then
-	REPOSITORY="${TRAVIS_REPO_SLUG}"
-	if [ -z ${REPOSITORY} ]; then
-		echo "REPOSITORY not set, publish cannot proceed"
-		exit 1
-	else
-		echo "REPOSITORY was not detected, attempted to use TRAVIS_REPO_SLUG setting: ${TRAVIS_REPO_SLUG}"
-	fi
-fi
-
-# Ensure there is a version, the most appropriate one
-if [ "${VERSION}" == "" ]; then
-    VERSION=$(git tag --points-at)
-    if [ "${VERSION}" == "" ]; then
-        VERSION="latest"
-    fi
-fi
-MANIFEST_LIST="${REPOSITORY}:${VERSION}"
-
-# There is no reason to continue if we cannot log in to docker hub
-if [ -z ${DOCKER_USERNAME+x} ] || [ -z ${DOCKER_PWD+x} ]; then
-    echo "No docker hub username or password found, aborting without publishing"
-    exit 1
-fi
-
-# If we are not in netdata git repo, at the top level directory, fail
-TOP_LEVEL=$(basename "$(git rev-parse --show-toplevel)")
-CWD=$(git rev-parse --show-cdup)
-if [ ! -z $CWD ] || [ ! "${TOP_LEVEL}" == "netdata" ]; then
-    echo "Run as ./packaging/docker/$(basename "$0") from top level directory of netdata git repository"
-    echo "Docker build process aborted"
-    exit 1
-fi
-
-echo "Docker image publishing in progress.."
-echo "Version      : ${VERSION}"
-echo "Repository   : ${REPOSITORY}"
-echo "Architecture : ${ARCH}"
-echo "Manifest list: ${MANIFEST_LIST}"
-
-# Create temporary docker CLI config with experimental features enabled (manifests v2 need it)
-echo '{"experimental":"enabled"}' > "${WORKDIR}"/config.json
-
-# Login to docker hub to allow futher operations
-echo "$DOCKER_PWD" | $DOCKER_CMD login -u "$DOCKER_USERNAME" --password-stdin
-
-# Push images to registry
-TAG="${MANIFEST_LIST}-${ARCH}"
-echo "Publishing image ${TAG}.."
-$DOCKER_CMD push "${TAG}"
-
-published() {
-	curl -s "https://registry.hub.docker.com/v2/repositories/${REPOSITORY}/tags" | jq -e -r '.results[] | select(.name == "'"${VERSION}-${ARCH}"'")' > /dev/null
-}
-retry 5 published
-
-echo "Image ${TAG} published succesfully!"
-
-# Recreate docker manifest list
-echo "Getting tag list for version '${VERSION}'.."
-TAGS=($(curl -s https://registry.hub.docker.com/v2/repositories/${REPOSITORY}/tags/ | jq -r '.results[]["name"]' | grep "^${VERSION}-"))
-
-echo "Creating manifest list.."
-$DOCKER_CMD manifest create --amend "${MANIFEST_LIST}" "${TAGS[@]/#/${REPOSITORY}:}"
-
-# Annotate manifest with CPU architecture information
-declare -A ARCH_MAP
-ARCH_MAP=(["i386"]="386" ["amd64"]="amd64" ["armhf"]="arm" ["aarch64"]="arm64")
-
-echo "Executing manifest annotate.."
-for TAG in "${TAGS[@]}"; do
-     ARCH="${TAG#${VERSION}-}"
-     echo "Annotating manifest for $ARCH, with TAG: ${REPOSITORY}:${TAG} (Manifest list: ${MANIFEST_LIST})"
-     $DOCKER_CMD manifest annotate "${MANIFEST_LIST}" "${REPOSITORY}:${TAG}" --os linux --arch "${ARCH_MAP[$ARCH]}"
-done
-
-# Push manifest to docker hub
-echo "Pushing manifest list to docker.."
-$DOCKER_CMD manifest push -p "${MANIFEST_LIST}"
-
-# Show current manifest (debugging purpose only)
-echo "Evaluating manifest list entry"
-$DOCKER_CMD manifest inspect "${MANIFEST_LIST}"
-
-# Cleanup
-rm -r "${WORKDIR}"
-
-echo "Docker publishing process completed!"