Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

devops: modify GH actions and Dockerfile #100

Merged
merged 43 commits into from
Sep 3, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
43 commits
Select commit Hold shift + click to select a range
435aaab
devops: modify GH actions and Dockerfile
alexanderbira Sep 2, 2024
7e54678
devops: use new action to build
alexanderbira Sep 2, 2024
821f654
fix: change Dockerfile path in build file
alexanderbira Sep 2, 2024
b6f4dab
fix: change Dockerfile path in build file
alexanderbira Sep 2, 2024
ab65c38
fix: checkout repo in build file
alexanderbira Sep 2, 2024
03a3a95
devops: use cache for build and push
alexanderbira Sep 2, 2024
22aadfc
wip: doihfo
alexanderbira Sep 2, 2024
5b8cafa
wip: dfskjblsdf
alexanderbira Sep 2, 2024
5c70813
wip: ggggg
alexanderbira Sep 2, 2024
1a28b46
devops: fix tags in workflow
nick-bolas Sep 2, 2024
1bf234e
revert
nick-bolas Sep 2, 2024
f716814
devops: remove cachebust
nick-bolas Sep 2, 2024
989601a
fix: use ivan's thing
alexanderbira Sep 2, 2024
96cf163
fix: apply fixes
alexanderbira Sep 2, 2024
5ab6dbe
fix: apply further fixes
alexanderbira Sep 2, 2024
dde83a5
fix: apply jason fixes 🔨🐧
alexanderbira Sep 2, 2024
aebe9b5
wip: ls the uploads
alexanderbira Sep 2, 2024
af80587
wip: change upload dir to see if the directories are made
alexanderbira Sep 2, 2024
8375a4b
wip: more ls to see where the problem originates
alexanderbira Sep 2, 2024
399705d
wip: tag our thing as latest
alexanderbira Sep 2, 2024
5862948
wip: change upload dir to see if the directories are made
alexanderbira Sep 2, 2024
9bbc8f6
wip: combine CMDs
alexanderbira Sep 3, 2024
9267258
wip: install prisma from dockerfile
alexanderbira Sep 3, 2024
d5c25b3
wip: go back to installing prisma with npm
alexanderbira Sep 3, 2024
dda2e4c
wip: rename uploaded back to uploads
alexanderbira Sep 3, 2024
c5d6b97
wip: install prisma as root
alexanderbira Sep 3, 2024
0b11dd8
wip: set db url before build
alexanderbira Sep 3, 2024
0fbbc80
wip: copy over prisma
alexanderbira Sep 3, 2024
56ada09
devops: install prisma without dev dependencies in Dockerfile
nick-bolas Sep 3, 2024
fd29cda
wip: use another thing to install prisma packages separately
alexanderbira Sep 3, 2024
c3671a7
wip: set db url correctly
alexanderbira Sep 3, 2024
274e3fe
wip: try getting the echo result
alexanderbira Sep 3, 2024
25ee30a
wip: get the correct part of the echo result
alexanderbira Sep 3, 2024
be47c00
wip: retry
alexanderbira Sep 3, 2024
8b30e19
wip: retry
alexanderbira Sep 3, 2024
5602e0a
wip: retry
alexanderbira Sep 3, 2024
f90d28e
feat: create upload dirs
alexanderbira Sep 3, 2024
cd0bf8a
feat: set entra env vars
alexanderbira Sep 3, 2024
e4a9e98
feat: use multiline
alexanderbira Sep 3, 2024
ccc2f7e
feat: use more multiline
alexanderbira Sep 3, 2024
b1da2d6
wip: retry
alexanderbira Sep 3, 2024
e47c0c0
feat: done
alexanderbira Sep 3, 2024
9a2bf0b
chore: capitalise "AS"
alexanderbira Sep 3, 2024
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
29 changes: 24 additions & 5 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -76,8 +76,7 @@ jobs:
attestations: write
id-token: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
# Uses the `docker/login-action` action to log in to the Container registry using the account and password that will publish the packages. Once published, the packages are scoped to the account defined here.
Expand Down Expand Up @@ -111,7 +110,8 @@ jobs:
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
no-cache: true
cache-from: type=gha
cache-to: type=gha, mode=max

# Deploy!
deploy-impaas:
Expand All @@ -133,9 +133,28 @@ jobs:
- name: Deploy to ImPaaS
run: |
tsuru app deploy -i ghcr.io/imperial/cpp-connect:latest -a cpp-connect
- name: Create upload directories
run: |
tsuru app run "mkdir -p \$UPLOAD_DIR && cd \$UPLOAD_DIR && mkdir -p banners cvs avatars logos attachments" -a cpp-connect
- name: Set database URL
run: |
tsuru app run "DATABASE_URL=postgres://\$PGUSER:\$PGPASSWORD@\$PGHOST:\$PGPORT/\$PGDATABASE && echo \$DATABASE_URL" -a cpp-connect \
| grep "^postgres://" \
| xargs -I {} tsuru env set -a cpp-connect DATABASE_URL={}
- name: Run migrations
run: |
tsuru app run "DATABASE_URL=postgres://\$PGUSER:\$PGPASSWORD@\$PGHOST:\$PGPORT/\$PGDATABASE npm exec prisma migrate deploy" -a cpp-connect
tsuru app run "npm exec prisma migrate deploy" -a cpp-connect
- name: Set environment variables
run: |
tsuru env set -a cpp-connect NEXTAUTH_URL=${{ vars.NEXTAUTH_URL }} EMAIL_SERVER_USER=${{ secrets.EMAIL_SERVER_USER }} EMAIL_SERVER_PASSWORD=${{ secrets.EMAIL_SERVER_PASSWORD }} EMAIL_SERVER_HOST=${{ secrets.EMAIL_SERVER_HOST }} EMAIL_SERVER_PORT=${{ secrets.EMAIL_SERVER_PORT }} EMAIL_FROM=${{ secrets.EMAIL_FROM }} AUTH_SECRET=${{ secrets.AUTH_SECRET }} AUTH_TRUST_HOST=true
tsuru env set -a cpp-connect \
NEXTAUTH_URL=${{ vars.NEXTAUTH_URL }} \
EMAIL_SERVER_USER=${{ secrets.EMAIL_SERVER_USER }} \
EMAIL_SERVER_PASSWORD=${{ secrets.EMAIL_SERVER_PASSWORD }} \
EMAIL_SERVER_HOST=${{ secrets.EMAIL_SERVER_HOST }} \
EMAIL_SERVER_PORT=${{ secrets.EMAIL_SERVER_PORT }} \
EMAIL_FROM=${{ secrets.EMAIL_FROM }} \
AUTH_SECRET=${{ secrets.AUTH_SECRET }} \
AUTH_TRUST_HOST=true \
MS_ENTRA_CLIENT_ID=${{ secrets.MS_ENTRA_CLIENT_ID }} \
MS_ENTRA_CLIENT_SECRET=${{ secrets.MS_ENTRA_CLIENT_SECRET }} \
MS_ENTRA_TENANT_ID=${{ secrets.MS_ENTRA_TENANT_ID }}
74 changes: 28 additions & 46 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,86 +1,68 @@
FROM node:18-alpine AS base

# Install dependencies only when needed
FROM base AS deps
FROM base AS app_base

# Make UPLOAD_DIRs
ENV UPLOAD_DIR=/uploads
RUN mkdir $UPLOAD_DIR
RUN mkdir $UPLOAD_DIR/banners $UPLOAD_DIR/cvs $UPLOAD_DIR/avatars $UPLOAD_DIR/logos $UPLOAD_DIR/attachments

# Prisma base image only for installing prisma
FROM base AS prisma_base
# Check https://github.com/nodejs/docker-node/tree/b4117f9333da4138b03a546ec926ef50a31506c3#nodealpine to understand why libc6-compat might be needed.
RUN apk add --no-cache libc6-compat
WORKDIR /app
COPY package.json package-lock.json* ./
RUN npm install prisma --omit=dev

FROM prisma_base AS deps
WORKDIR /app

# Install dependencies based on the preferred package manager
COPY package.json yarn.lock* package-lock.json* pnpm-lock.yaml* ./
RUN \
if [ -f yarn.lock ]; then yarn --frozen-lockfile; \
elif [ -f package-lock.json ]; then npm ci; \
elif [ -f pnpm-lock.yaml ]; then corepack enable pnpm && pnpm i --frozen-lockfile; \
else echo "Lockfile not found." && exit 1; \
fi
# Won't need to re-install prisma, since it's already installed in the prisma_base image
RUN npm ci

# Rebuild the source code only when needed
FROM base AS builder
WORKDIR /app

# Add a dummy argument to force rebuild
ARG CACHEBUST=1
COPY --from=deps /app/node_modules ./node_modules
COPY . .

# Next.js collects completely anonymous telemetry data about general usage.
# Learn more here: https://nextjs.org/telemetry
# Uncomment the following line in case you want to disable telemetry during the build.
# ENV NEXT_TELEMETRY_DISABLED 1
# Disable telemetry during the build.
ENV NEXT_TELEMETRY_DISABLED 1

Check warning on line 30 in Dockerfile

View workflow job for this annotation

GitHub Actions / build-and-push-image

Legacy key/value format with whitespace separator should not be used

LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format More info: https://docs.docker.com/go/dockerfile/rule/legacy-key-value-format/

RUN \
if [ -f yarn.lock ]; then yarn run build; \
elif [ -f package-lock.json ]; then npm run build; \
elif [ -f pnpm-lock.yaml ]; then corepack enable pnpm && pnpm run build; \
else echo "Lockfile not found." && exit 1; \
fi
RUN npm run build

# Production image, copy all the files and run next
FROM base AS runner
FROM app_base AS runner
WORKDIR /app

# Make UPLOAD_DIRs
ENV UPLOAD_DIR=/uploads
RUN mkdir $UPLOAD_DIR
RUN mkdir $UPLOAD_DIR/banners $UPLOAD_DIR/cvs $UPLOAD_DIR/avatars $UPLOAD_DIR/logos $UPLOAD_DIR/attachments

ENV NODE_ENV=production
# Uncomment the following line in case you want to disable telemetry during runtime.
# ENV NEXT_TELEMETRY_DISABLED 1

# RUN addgroup --system --gid 1001 nodejs
# RUN adduser --system --uid 1001 nextjs
# Disable telemetry during runtime.
ENV NEXT_TELEMETRY_DISABLED 1

Check warning on line 39 in Dockerfile

View workflow job for this annotation

GitHub Actions / build-and-push-image

Legacy key/value format with whitespace separator should not be used

LegacyKeyValueFormat: "ENV key=value" should be used instead of legacy "ENV key value" format More info: https://docs.docker.com/go/dockerfile/rule/legacy-key-value-format/

COPY --from=builder /app/public ./public


# Set the correct permission for prerender cache
RUN mkdir .next
RUN chown node:node .next

# Copy prisma schema
COPY --from=builder --chown=node:node /app/prisma ./prisma

# Copy over the prisma client
COPY --from=prisma_base /app/node_modules ./node_modules

# Automatically leverage output traces to reduce image size
# https://nextjs.org/docs/advanced-features/output-file-tracing
COPY --from=builder --chown=node:node /app/.next/standalone ./
COPY --from=builder --chown=node:node /app/.next/static ./.next/static


# Take ownershuip of the app folder & upload
# Take ownership of the app folder and uploads
RUN chown node:node /app
RUN chown -R node:node /uploads
RUN chown -R node:node $UPLOAD_DIR

USER node

# Install prisma so this user can use it
RUN npm install prisma

EXPOSE 3000

ENV PORT=3000

# server.js is created by next build from the standalone output
# https://nextjs.org/docs/pages/api-reference/next-config-js/output
CMD HOSTNAME="0.0.0.0" node server.js
CMD HOSTNAME="0.0.0.0" node server.js

Check warning on line 68 in Dockerfile

View workflow job for this annotation

GitHub Actions / build-and-push-image

JSON arguments recommended for ENTRYPOINT/CMD to prevent unintended behavior related to OS signals

JSONArgsRecommended: JSON arguments recommended for CMD to prevent unintended behavior related to OS signals More info: https://docs.docker.com/go/dockerfile/rule/json-args-recommended/