Merge pull request 'feature/add-docker-build' (#4) from feature/add-docker-build into dev
Some checks failed
Docker Build / docker (push) Failing after 40s
Some checks failed
Docker Build / docker (push) Failing after 40s
Reviewed-on: #4
This commit was merged in pull request #4.
This commit is contained in:
64
.gitea/workflows/docker-build.yaml
Normal file
64
.gitea/workflows/docker-build.yaml
Normal file
@@ -0,0 +1,64 @@
|
||||
# docker-build.yaml
|
||||
|
||||
name: Docker Build
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- "**"
|
||||
tags:
|
||||
- "**"
|
||||
pull_request:
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
docker:
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
|
||||
- name: Extract tag name
|
||||
if: startsWith(github.ref, 'refs/tags/')
|
||||
run: echo "GIT_TAG=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV
|
||||
|
||||
- name: Log in to registry
|
||||
if: secrets.REGISTRY != '' && secrets.REGISTRY_USER != '' && secrets.REGISTRY_PASSWORD != ''
|
||||
uses: docker/login-action@v3
|
||||
with:
|
||||
registry: ${{ secrets.REGISTRY }}
|
||||
username: ${{ secrets.REGISTRY_USER }}
|
||||
password: ${{ secrets.REGISTRY_PASSWORD }}
|
||||
|
||||
- name: Check if SHA image exists
|
||||
if: env.GIT_TAG != '' && secrets.REGISTRY != ''
|
||||
id: check_image
|
||||
run: |
|
||||
if docker manifest inspect ${{ secrets.REGISTRY }}5mdt/vitrify-me:${{ github.sha }} > /dev/null 2>&1; then
|
||||
echo "image_exists=true" >> $GITHUB_OUTPUT
|
||||
else
|
||||
echo "image_exists=false" >> $GITHUB_OUTPUT
|
||||
fi
|
||||
|
||||
- name: Pull existing image
|
||||
if: env.GIT_TAG != '' && steps.check_image.outputs.image_exists == 'true'
|
||||
run: docker pull ${{ secrets.REGISTRY }}5mdt/vitrify-me:${{ github.sha }}
|
||||
|
||||
- name: Build Docker image
|
||||
if: env.GIT_TAG == '' || steps.check_image.outputs.image_exists == 'false'
|
||||
uses: docker/build-push-action@v6
|
||||
with:
|
||||
context: .
|
||||
platforms: linux/amd64,linux/arm64
|
||||
push: ${{ secrets.REGISTRY != '' }}
|
||||
tags: ${{ secrets.REGISTRY }}5mdt/vitrify-me:${{ github.sha }}
|
||||
|
||||
- name: Tag and push with git tag
|
||||
if: env.GIT_TAG != '' && secrets.REGISTRY != ''
|
||||
run: |
|
||||
docker tag ${{ secrets.REGISTRY }}5mdt/vitrify-me:${{ github.sha }} ${{ secrets.REGISTRY }}5mdt/vitrify-me:${{ env.GIT_TAG }}
|
||||
docker push ${{ secrets.REGISTRY }}5mdt/vitrify-me:${{ env.GIT_TAG }}
|
||||
16
.pre-commit-config.yaml
Normal file
16
.pre-commit-config.yaml
Normal file
@@ -0,0 +1,16 @@
|
||||
# .pre-commit-config.yaml
|
||||
|
||||
repos:
|
||||
- repo: https://github.com/pre-commit/pre-commit-hooks
|
||||
rev: v4.5.0
|
||||
hooks:
|
||||
- id: trailing-whitespace
|
||||
- id: end-of-file-fixer
|
||||
- id: check-yaml
|
||||
- id: check-merge-conflict
|
||||
- id: detect-private-key
|
||||
- id: check-added-large-files
|
||||
- id: check-ast
|
||||
- id: check-json
|
||||
- id: check-toml
|
||||
- id: check-xml
|
||||
53
Dockerfile
Normal file
53
Dockerfile
Normal file
@@ -0,0 +1,53 @@
|
||||
# Stage 1: Dependencies
|
||||
FROM node:20-alpine AS deps
|
||||
WORKDIR /app
|
||||
RUN npm install -g pnpm@9.0.0
|
||||
|
||||
# Copy dependency files first for better caching
|
||||
COPY package.json pnpm-lock.yaml turbo.json ./
|
||||
COPY apps/web/package.json ./apps/web/
|
||||
# Add other app package.json files as needed
|
||||
|
||||
RUN pnpm install --frozen-lockfile
|
||||
|
||||
# Stage 2: Builder
|
||||
FROM node:20-alpine AS builder
|
||||
WORKDIR /app
|
||||
RUN npm install -g pnpm@9.0.0
|
||||
|
||||
# Copy dependencies from previous stage
|
||||
COPY --from=deps /app/node_modules ./node_modules
|
||||
COPY --from=deps /app/package.json /app/pnpm-lock.yaml /app/turbo.json ./
|
||||
|
||||
# Copy source code
|
||||
COPY . .
|
||||
|
||||
# Build the application
|
||||
RUN pnpm build
|
||||
|
||||
# Stage 3: Runtime
|
||||
FROM node:20-alpine AS runtime
|
||||
WORKDIR /app
|
||||
|
||||
# Install pnpm for production
|
||||
RUN npm install -g pnpm@9.0.0
|
||||
|
||||
# Copy package files
|
||||
COPY package.json pnpm-lock.yaml turbo.json ./
|
||||
COPY apps/web/package.json ./apps/web/
|
||||
|
||||
# Install only production dependencies
|
||||
RUN pnpm install --prod --frozen-lockfile
|
||||
|
||||
# Copy built application from builder
|
||||
COPY --from=builder /app/apps/web/dist ./apps/web/dist
|
||||
COPY --from=builder /app/apps/web/server.js ./apps/web/
|
||||
# Copy other necessary runtime files
|
||||
|
||||
# Create non-root user for security
|
||||
RUN addgroup -g 1001 -S nodejs && \
|
||||
adduser -S nextjs -u 1001
|
||||
USER nextjs
|
||||
|
||||
EXPOSE 3000
|
||||
CMD ["node", "apps/web/server.js"]
|
||||
2
pnpm-lock.yaml
generated
2
pnpm-lock.yaml
generated
@@ -1,3 +1,5 @@
|
||||
# pnpm-lock.yaml
|
||||
|
||||
lockfileVersion: '9.0'
|
||||
|
||||
settings:
|
||||
|
||||
@@ -1,3 +1,5 @@
|
||||
# pnpm-workspace.yaml
|
||||
|
||||
packages:
|
||||
- "apps/*"
|
||||
- "packages/*"
|
||||
|
||||
Reference in New Issue
Block a user