diff --git a/.gitea/workflows/docker-build.yaml b/.gitea/workflows/docker-build.yaml new file mode 100644 index 0000000..0ee14b1 --- /dev/null +++ b/.gitea/workflows/docker-build.yaml @@ -0,0 +1,64 @@ +# docker-build.yaml + +name: Docker Build + +on: + push: + branches: + - "**" + tags: + - "**" + pull_request: + workflow_dispatch: + +jobs: + docker: + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Extract tag name + if: startsWith(github.ref, 'refs/tags/') + run: echo "GIT_TAG=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV + + - name: Log in to registry + if: secrets.REGISTRY != '' && secrets.REGISTRY_USER != '' && secrets.REGISTRY_PASSWORD != '' + uses: docker/login-action@v3 + with: + registry: ${{ secrets.REGISTRY }} + username: ${{ secrets.REGISTRY_USER }} + password: ${{ secrets.REGISTRY_PASSWORD }} + + - name: Check if SHA image exists + if: env.GIT_TAG != '' && secrets.REGISTRY != '' + id: check_image + run: | + if docker manifest inspect ${{ secrets.REGISTRY }}5mdt/vitrify-me:${{ github.sha }} > /dev/null 2>&1; then + echo "image_exists=true" >> $GITHUB_OUTPUT + else + echo "image_exists=false" >> $GITHUB_OUTPUT + fi + + - name: Pull existing image + if: env.GIT_TAG != '' && steps.check_image.outputs.image_exists == 'true' + run: docker pull ${{ secrets.REGISTRY }}5mdt/vitrify-me:${{ github.sha }} + + - name: Build Docker image + if: env.GIT_TAG == '' || steps.check_image.outputs.image_exists == 'false' + uses: docker/build-push-action@v6 + with: + context: . + platforms: linux/amd64,linux/arm64 + push: ${{ secrets.REGISTRY != '' }} + tags: ${{ secrets.REGISTRY }}5mdt/vitrify-me:${{ github.sha }} + + - name: Tag and push with git tag + if: env.GIT_TAG != '' && secrets.REGISTRY != '' + run: | + docker tag ${{ secrets.REGISTRY }}5mdt/vitrify-me:${{ github.sha }} ${{ secrets.REGISTRY }}5mdt/vitrify-me:${{ env.GIT_TAG }} + docker push ${{ secrets.REGISTRY }}5mdt/vitrify-me:${{ env.GIT_TAG }} diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..47f118b --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,16 @@ +# .pre-commit-config.yaml + +repos: + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v4.5.0 + hooks: + - id: trailing-whitespace + - id: end-of-file-fixer + - id: check-yaml + - id: check-merge-conflict + - id: detect-private-key + - id: check-added-large-files + - id: check-ast + - id: check-json + - id: check-toml + - id: check-xml diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..fa7abae --- /dev/null +++ b/Dockerfile @@ -0,0 +1,53 @@ +# Stage 1: Dependencies +FROM node:20-alpine AS deps +WORKDIR /app +RUN npm install -g pnpm@9.0.0 + +# Copy dependency files first for better caching +COPY package.json pnpm-lock.yaml turbo.json ./ +COPY apps/web/package.json ./apps/web/ +# Add other app package.json files as needed + +RUN pnpm install --frozen-lockfile + +# Stage 2: Builder +FROM node:20-alpine AS builder +WORKDIR /app +RUN npm install -g pnpm@9.0.0 + +# Copy dependencies from previous stage +COPY --from=deps /app/node_modules ./node_modules +COPY --from=deps /app/package.json /app/pnpm-lock.yaml /app/turbo.json ./ + +# Copy source code +COPY . . + +# Build the application +RUN pnpm build + +# Stage 3: Runtime +FROM node:20-alpine AS runtime +WORKDIR /app + +# Install pnpm for production +RUN npm install -g pnpm@9.0.0 + +# Copy package files +COPY package.json pnpm-lock.yaml turbo.json ./ +COPY apps/web/package.json ./apps/web/ + +# Install only production dependencies +RUN pnpm install --prod --frozen-lockfile + +# Copy built application from builder +COPY --from=builder /app/apps/web/dist ./apps/web/dist +COPY --from=builder /app/apps/web/server.js ./apps/web/ +# Copy other necessary runtime files + +# Create non-root user for security +RUN addgroup -g 1001 -S nodejs && \ + adduser -S nextjs -u 1001 +USER nextjs + +EXPOSE 3000 +CMD ["node", "apps/web/server.js"] diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 088ae00..b1289c9 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -1,3 +1,5 @@ +# pnpm-lock.yaml + lockfileVersion: '9.0' settings: diff --git a/pnpm-workspace.yaml b/pnpm-workspace.yaml index 3ff5faa..8465e20 100644 --- a/pnpm-workspace.yaml +++ b/pnpm-workspace.yaml @@ -1,3 +1,5 @@ +# pnpm-workspace.yaml + packages: - "apps/*" - "packages/*"