Improve action workflow + Fix Node version + Cleanup Compose file

.github/workflows/build.yml

@@ -1,11 +1,8 @@
 name: XEN Orchestra Container
 
 on:
-  schedule:
-    - cron: "0 10 * * *"
   push:
     branches: ["main"]
-    tags: ["v*.*.*"]
   pull_request:
     branches: ["main"]
   release:
@@ -19,15 +16,22 @@ env:
 jobs:
   build:
     runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        platform:
+          - linux/amd64
+          # - linux/arm64
+
     steps:
       - name: Get xo-server version
         id: xo-server
         run: |
-          echo "XO_SERVER=$(curl -s https://raw.githubusercontent.com/vatesfr/xen-orchestra/master/packages/xo-server/package.json | jq -r .version)" >> $GITHUB_ENV
+          echo "XO_SERVER="$(curl -s https://raw.githubusercontent.com/vatesfr/xen-orchestra/master/packages/xo-server/package.json | jq -r ".version") >> $GITHUB_ENV
       - name: Get xo-web version
         id: xo-web
         run: |
-          echo "XO_WEB=$(curl -s https://raw.githubusercontent.com/vatesfr/xen-orchestra/master/packages/xo-web/package.json | jq -r .version)" >> $GITHUB_ENV
+          echo "XO_WEB="$(curl -s https://raw.githubusercontent.com/vatesfr/xen-orchestra/master/packages/xo-web/package.json | jq -r ".version") >> $GITHUB_ENV
       - name: Checkout
         uses: actions/checkout@v4
       - name: Docker meta
@@ -37,31 +41,23 @@ jobs:
           images: |
             ghcr.io/${{ env.IMAGE_NAME }}
           tags: |
-            type=schedule
             type=semver,pattern={{version}}
             type=semver,pattern={{major}}.{{minor}}
             type=semver,pattern={{major}}
-            type=ref,event=pr
             type=raw,latest
           labels: |
             --label "org.opencontainers.image.source=${{ env.PROJECT_URL }}"
             --label "org.opencontainers.image.url=${{ env.PROJECT_URL }}"
-            --label "org.opencontainers.image.description=XEN Orchestra As a Container\nBased on XO-Server v${{ env.XO_SERVER }} and XO-Web v${{ env.XO_WEB }}"
             --label "org.opencontainers.image.title=XOA-Container"
-      # - name: Install cosign
-      #   if: github.event_name == 'release'
-      #   uses: sigstore/cosign-installer@v3
-      #   with:
-      #     cosign-release: 'v2.1.1'
+            --label "org.opencontainers.image.description=XEN Orchestra As a Container: Build from XO-Server v$XO_SERVER and XO-Web v$XO_WEB"
+            --label "org.opencontainers.image.licenses=CC-BY-NC"
+      - name: Install cosign
+        if: github.event_name == 'release'
+        uses: sigstore/cosign-installer@v3
+        with:
+          cosign-release: 'v2.1.1'
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
-      - name: Build and export to Docker
-        uses: docker/build-push-action@v5
-        with:
-          context: "."
-          file: "./Containerfile"
-          load: true
-          tags: ${{ env.TEST_TAG }}
       - name: Login to Registry
         uses: docker/login-action@v3
         with:
@@ -74,18 +70,19 @@ jobs:
         uses: docker/build-push-action@v5
         with:
           context: "."
-          # platforms: linux/amd64,linux/arm64
+          platforms: ${{ matrix.platform }}
           file: "./Containerfile"
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
           build-args: |
-            XOWEB=${{ env.XO_WEB }}
-            XOSERVER=${{ env.XO_SERVER }}
-          push: true
+            XOWEB=$XO_WEB
+            XOSERVER=$XO_SERVER
+          push: ${{ github.event_name == 'release' }}
+      - name: Sign the published container images
         if: github.event_name == 'release'
-      # - name: Sign the published container image
-      #   if: github.event_name == 'release'
-      #   env:
-      #     TAGS: ${{ steps.meta.outputs.tags }}
-      #     DIGEST: ${{ steps.build-and-push.outputs.digest }}
-      #   run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}
+        env:
+          DIGEST: ${{ steps.build-and-push.outputs.digest }}
+          TAGS: ${{ steps.meta.outputs.tags }}
+        run: cosign sign --yes "${TAGS}@${DIGEST}"

Containerfile

@@ -1,20 +1,20 @@
 # Build base
-FROM node:lts as build_base
+FROM node:18 as build_base
 
 RUN apt-get update -y && \
     apt-get upgrade -y && \
     apt-get install -y build-essential libpng-dev git gettext libvhdi-utils \
         python3-minimal python3-jinja2 python3-vmdkstream lvm2 nfs-common cifs-utils curl ntfs-3g dmidecode \
-        apt-transport-https ca-certificates gnupg && \
+        apt-transport-https ca-certificates gnupg fuse3 && \
     apt-get clean
 
 
 # Run base
-FROM node:lts-slim as run_base
+FROM node:18-slim as run_base
 
 RUN apt-get update -y && \
     apt-get upgrade -y && \
-    apt-get install -y libpng-dev python3-minimal libvhdi-utils lvm2 cifs-utils nfs-common ntfs-3g && \
+    apt-get install -y libpng-dev python3-minimal libvhdi-utils lvm2 cifs-utils nfs-common ntfs-3g netbase curl && \
     apt-get clean
 
 # Build stage
@@ -55,8 +55,10 @@ LABEL xo-server=$XOSERVER \
     xo-web=$XOWEB
 
 # Send the logs to stdout
-RUN ln -sf /proc/1/fd/1 /var/log/xo-server.log && \
-    ln -sf /proc/1/fd/1 /var/log/syslog.log
+RUN ln -sf /proc/1/fd/1 /var/log/xo-server.log
+
+HEALTHCHECK --interval=30s --timeout=5s --start-period=30s --retries=3 \
+    CMD curl -s --fail http://127.0.0.1:8000 || exit 1
 
 WORKDIR /app/packages/xo-server
 

README.md

@@ -15,15 +15,17 @@ docker pull ghcr.io/soubinan/xoa-container:latest
 ### Execute
 
 ```bash
-docker run --rm -p 8080:80 -e -v <path/to/xo/config>:/etc/xo-server -v <path/to/xo/data>:/var/lib/xo-server -v <path/to/xo/backup>:/var/lib/xo-backup ghcr.io/soubinan/xoa-container:latest
+# You already have Redis running
+docker run --rm -p 8080:80 -v <path/to/xo/config>:/etc/xo-server -v <path/to/xo/data>:/var/lib/xo-server -v <path/to/xo/backup>:/var/lib/xo-backup ghcr.io/soubinan/xoa-container:latest
 ```
 
 or
 
 ```bash
+# Use the Compose file with Redis included
 docker network create frontnet
 docker network create redisnet
-docker-compose up
+docker-compose up [-d]
 ```
 
 ## Known issues

compose.yaml

@@ -4,20 +4,18 @@ services:
     restart: unless-stopped
     image: ghcr.io/soubinan/xoa-container:latest
     ports:
-      - 8080:80
+      - 8088:80
     depends_on:
       - redis
     cap_add:
       - SYS_ADMIN
-      - SYS_RESOURCE
       - DAC_READ_SEARCH
-      - IPC_LOCK
     security_opt:
       - apparmor:unconfined
     volumes:
       - ./example.config.toml:/etc/xo-server/config.toml:Z
-      - xo-data:/var/lib/xo-server
-      - xo-backup:/var/lib/xoa-backup
+      - xo-data:/var/lib/xo-server/data:Z
+      - xo-backup:/var/lib/xoa-backup:Z
     logging: &default_logging
       driver: "json-file"
       options:
@@ -31,10 +29,12 @@ services:
     restart: unless-stopped
     image: docker.io/library/redis:latest
     command: redis-server --appendonly yes
+    ports:
+      - 6379:6379
     expose:
       - 6379
     volumes:
-      - xo-redis:/data
+      - xo-redis:/data:Z
     logging:
       <<: *default_logging
     networks:

example.config.toml

@@ -91,7 +91,7 @@ hostname = '0.0.0.0'
 # Port on which the server is listening on.
 #
 # Default: undefined
-port = 8080
+port = 80
 
 # Instead of `host` and `port` a path to a UNIX socket may be specified
 # (overrides `host` and `port`).