This commit is contained in:
70
.gitea/workflows/docker-build.yml
Normal file
70
.gitea/workflows/docker-build.yml
Normal file
@@ -0,0 +1,70 @@
|
|||||||
|
# docker-build.yml
|
||||||
|
|
||||||
|
---
|
||||||
|
name: Docker Build
|
||||||
|
|
||||||
|
on:
|
||||||
|
push:
|
||||||
|
branches:
|
||||||
|
- "**"
|
||||||
|
pull_request:
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
docker:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
env:
|
||||||
|
# Bring secrets into the job env so we can check them from shell steps
|
||||||
|
REGISTRY: ${{ secrets.REGISTRY }}
|
||||||
|
REGISTRY_USER: ${{ secrets.REGISTRY_USER }}
|
||||||
|
REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- name: Checkout
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
with:
|
||||||
|
fetch-depth: 0
|
||||||
|
|
||||||
|
- name: Show git status (debug)
|
||||||
|
run: |
|
||||||
|
echo "GIT dir: $(pwd)"
|
||||||
|
git --version
|
||||||
|
git rev-parse --abbrev-ref HEAD || true
|
||||||
|
git remote -v || true
|
||||||
|
|
||||||
|
- name: Set IMAGE env (uses $GITHUB_SHA)
|
||||||
|
run: |
|
||||||
|
if [ -n "${REGISTRY}" ]; then
|
||||||
|
echo "IMAGE=${REGISTRY}/vitrify.me:${GITHUB_SHA}" >> $GITHUB_ENV
|
||||||
|
else
|
||||||
|
echo "IMAGE=vitrify.me:${GITHUB_SHA}" >> $GITHUB_ENV
|
||||||
|
fi
|
||||||
|
echo "IMAGE computed: $IMAGE"
|
||||||
|
|
||||||
|
- name: Set up QEMU (for multi-platform builds)
|
||||||
|
uses: docker/setup-qemu-action@v2
|
||||||
|
|
||||||
|
- name: Set up Docker Buildx
|
||||||
|
uses: docker/setup-buildx-action@v3
|
||||||
|
|
||||||
|
- name: Login to registry (only if secrets present)
|
||||||
|
if: ${{ secrets.REGISTRY && secrets.REGISTRY_USER && secrets.REGISTRY_PASSWORD }}
|
||||||
|
uses: docker/login-action@v3
|
||||||
|
with:
|
||||||
|
registry: ${{ secrets.REGISTRY }}
|
||||||
|
username: ${{ secrets.REGISTRY_USER }}
|
||||||
|
password: ${{ secrets.REGISTRY_PASSWORD }}
|
||||||
|
|
||||||
|
- name: Build (and push only if logged in)
|
||||||
|
uses: docker/build-push-action@v6
|
||||||
|
with:
|
||||||
|
context: .
|
||||||
|
file: ./Dockerfile
|
||||||
|
platforms: linux/amd64,linux/arm64
|
||||||
|
push: ${{ secrets.REGISTRY && secrets.REGISTRY_USER && secrets.REGISTRY_PASSWORD }}
|
||||||
|
tags: ${{ env.IMAGE }}
|
||||||
|
|
||||||
|
- name: Inspect image (local)
|
||||||
|
if: ${{ ! (secrets.REGISTRY && secrets.REGISTRY_USER && secrets.REGISTRY_PASSWORD) }}
|
||||||
|
run: |
|
||||||
|
echo "Built local image ${IMAGE}"
|
||||||
|
docker images | grep vitrify.me || true
|
||||||
11
.pre-commit-config.yaml
Normal file
11
.pre-commit-config.yaml
Normal file
@@ -0,0 +1,11 @@
|
|||||||
|
repos:
|
||||||
|
|
||||||
|
# --- Basic sanity checks ---
|
||||||
|
- repo: https://github.com/pre-commit/pre-commit-hooks
|
||||||
|
rev: v5.0.0
|
||||||
|
hooks:
|
||||||
|
- id: trailing-whitespace
|
||||||
|
- id: end-of-file-fixer
|
||||||
|
- id: check-yaml
|
||||||
|
- id: check-json
|
||||||
|
- id: detect-private-key
|
||||||
26
Dockerfile
Normal file
26
Dockerfile
Normal file
@@ -0,0 +1,26 @@
|
|||||||
|
# Stage 1: Builder
|
||||||
|
FROM node:20-alpine AS builder
|
||||||
|
|
||||||
|
WORKDIR /app
|
||||||
|
|
||||||
|
# Install pnpm
|
||||||
|
RUN npm install -g pnpm@9.0.0
|
||||||
|
|
||||||
|
# Copy files
|
||||||
|
COPY pnpm-lock.yaml ./
|
||||||
|
COPY package.json ./
|
||||||
|
COPY turbo.json ./
|
||||||
|
COPY . .
|
||||||
|
|
||||||
|
# Install deps and build
|
||||||
|
RUN pnpm install --frozen-lockfile
|
||||||
|
RUN pnpm build
|
||||||
|
|
||||||
|
# Stage 2: Runtime
|
||||||
|
FROM node:20-alpine
|
||||||
|
|
||||||
|
WORKDIR /app
|
||||||
|
|
||||||
|
COPY --from=builder /app ./
|
||||||
|
|
||||||
|
CMD ["node", "apps/web/server.js"]
|
||||||
Reference in New Issue
Block a user