Merge pull request 'update Dockerfile' (#5) from dockerfile-update into dev

Reviewed-on: #5

.dockerignore

@@ -0,0 +1,6 @@
+node_modules
+.git
+.next
+dist
+*.log
+.env.local

.gitea/workflows/docker-build.yaml

@@ -0,0 +1,64 @@
+# docker-build.yaml
+
+name: Docker Build
+
+on:
+  push:
+    branches:
+      - "**"
+    tags:
+      - "**"
+  pull_request:
+  workflow_dispatch:
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Extract tag name
+        if: startsWith(github.ref, 'refs/tags/')
+        run: echo "GIT_TAG=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV
+
+      - name: Log in to registry
+        if: secrets.REGISTRY != '' && secrets.REGISTRY_USER != '' && secrets.REGISTRY_PASSWORD != ''
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ secrets.REGISTRY }}
+          username: ${{ secrets.REGISTRY_USER }}
+          password: ${{ secrets.REGISTRY_PASSWORD }}
+
+      - name: Check if SHA image exists
+        if: env.GIT_TAG != '' && secrets.REGISTRY != ''
+        id: check_image
+        run: |
+          if docker manifest inspect ${{ secrets.REGISTRY }}5mdt/vitrify-me:${{ github.sha }} > /dev/null 2>&1; then
+            echo "image_exists=true" >> $GITHUB_OUTPUT
+          else
+            echo "image_exists=false" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Pull existing image
+        if: env.GIT_TAG != '' && steps.check_image.outputs.image_exists == 'true'
+        run: docker pull ${{ secrets.REGISTRY }}5mdt/vitrify-me:${{ github.sha }}
+
+      - name: Build Docker image
+        if: env.GIT_TAG == '' || steps.check_image.outputs.image_exists == 'false'
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64
+          push: ${{ secrets.REGISTRY != '' }}
+          tags: ${{ secrets.REGISTRY }}5mdt/vitrify-me:${{ github.sha }}
+
+      - name: Tag and push with git tag
+        if: env.GIT_TAG != '' && secrets.REGISTRY != ''
+        run: |
+          docker tag ${{ secrets.REGISTRY }}5mdt/vitrify-me:${{ github.sha }} ${{ secrets.REGISTRY }}5mdt/vitrify-me:${{ env.GIT_TAG }}
+          docker push ${{ secrets.REGISTRY }}5mdt/vitrify-me:${{ env.GIT_TAG }}

.pre-commit-config.yaml

@@ -0,0 +1,16 @@
+# .pre-commit-config.yaml
+
+repos:
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v4.5.0
+    hooks:
+      - id: trailing-whitespace
+      - id: end-of-file-fixer
+      - id: check-yaml
+      - id: check-merge-conflict
+      - id: detect-private-key
+      - id: check-added-large-files
+      - id: check-ast
+      - id: check-json
+      - id: check-toml
+      - id: check-xml

Dockerfile

@@ -0,0 +1,70 @@
+# Stage 1: Dependencies
+FROM node:20-alpine AS deps
+WORKDIR /app
+RUN npm install -g pnpm@9.0.0
+
+# Copy all package.json files for proper dependency resolution
+COPY package.json pnpm-lock.yaml turbo.json pnpm-workspace.yaml ./
+COPY apps/web/package.json ./apps/web/
+COPY apps/pocketbase/package.json ./apps/pocketbase/
+COPY packages/*/package.json ./packages/
+
+# Create the directory structure that might be missing
+RUN mkdir -p packages/ui packages/eslint-config packages/typescript-config
+
+# Copy package.json files to their correct locations
+COPY packages/ui/package.json ./packages/ui/
+COPY packages/eslint-config/package.json ./packages/eslint-config/
+COPY packages/typescript-config/package.json ./packages/typescript-config/
+
+RUN pnpm install --frozen-lockfile
+
+# Stage 2: Builder
+FROM node:20-alpine AS builder
+WORKDIR /app
+RUN npm install -g pnpm@9.0.0
+
+# Copy dependencies and source
+COPY --from=deps /app/node_modules ./node_modules
+COPY --from=deps /app/pnpm-lock.yaml ./
+COPY . .
+
+# Build only the web app
+RUN pnpm turbo build --filter=web
+
+# Stage 3: Runtime
+FROM node:20-alpine AS runtime
+WORKDIR /app
+
+RUN npm install -g pnpm@9.0.0
+
+# Copy package files for production install
+COPY package.json pnpm-lock.yaml turbo.json ./
+COPY apps/web/package.json ./apps/web/
+COPY packages/*/package.json ./packages/
+
+# Install only production dependencies
+RUN pnpm install --prod --frozen-lockfile
+
+# Copy built Next.js application
+COPY --from=builder /app/apps/web/.next ./apps/web/.next
+COPY --from=builder /app/apps/web/public ./apps/web/public
+COPY --from=builder /app/apps/web/next.config.js ./apps/web/
+COPY --from=builder /app/apps/web/package.json ./apps/web/
+
+# Copy other necessary files
+COPY --from=builder /app/apps/web/lib ./apps/web/lib
+COPY --from=builder /app/apps/web/messages ./apps/web/messages
+
+# Create non-root user
+RUN addgroup -g 1001 -S nodejs && \
+    adduser -S nextjs -u 1001
+
+# Change ownership of the app directory
+RUN chown -R nextjs:nodejs /app
+USER nextjs
+
+EXPOSE 3000
+
+# Use Next.js start command
+CMD ["pnpm", "--filter=web", "start"]

pnpm-lock.yaml

@@ -1,3 +1,5 @@
+# pnpm-lock.yaml
+
 lockfileVersion: '9.0'
 
 settings:

pnpm-workspace.yaml

@@ -1,3 +1,5 @@
+# pnpm-workspace.yaml
+
 packages:
   - "apps/*"
   - "packages/*"