From 1f5b78256ae802e997bf4b4e3510e26e8026923d Mon Sep 17 00:00:00 2001 From: Sean McCaffery Date: Thu, 10 Oct 2024 16:20:43 -0400 Subject: [PATCH 01/30] feat: add Dockerized building, and registry push for prod --- ...js_build.yml => nextjs_build_and_push.yml} | 72 +++++++++---------- Dockerfile | 68 ++++++++++++++++++ 2 files changed, 102 insertions(+), 38 deletions(-) rename .github/workflows/{nextjs_build.yml => nextjs_build_and_push.yml} (62%) create mode 100644 Dockerfile diff --git a/.github/workflows/nextjs_build.yml b/.github/workflows/nextjs_build_and_push.yml similarity index 62% rename from .github/workflows/nextjs_build.yml rename to .github/workflows/nextjs_build_and_push.yml index 0a5e3bfbb..22537f1eb 100644 --- a/.github/workflows/nextjs_build.yml +++ b/.github/workflows/nextjs_build_and_push.yml @@ -2,6 +2,9 @@ name: nextjs on: push +permissions: + packages: write + # Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued. # However, do NOT cancel in-progress runs as we want to allow these production deployments to complete. concurrency: @@ -9,49 +12,23 @@ concurrency: cancel-in-progress: false jobs: - # Build job build: runs-on: ubuntu-latest steps: - - name: Checkout - uses: actions/checkout@v4 - - name: Detect package manager - id: detect-package-manager + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Set short git commit SHA + id: vars run: | - if [ -f "${{ github.workspace }}/yarn.lock" ]; then - echo "manager=yarn" >> $GITHUB_OUTPUT - echo "command=install" >> $GITHUB_OUTPUT - echo "runner=yarn" >> $GITHUB_OUTPUT - exit 0 - elif [ -f "${{ github.workspace }}/package.json" ]; then - echo "manager=npm" >> $GITHUB_OUTPUT - echo "command=ci" >> $GITHUB_OUTPUT - echo "runner=npx --no-install" >> $GITHUB_OUTPUT - exit 0 - else - echo "Unable to determine package manager" - exit 1 - fi - - name: Setup Node - uses: actions/setup-node@v4 - with: - node-version: "20" - cache: ${{ steps.detect-package-manager.outputs.manager }} - - name: Restore cache - uses: actions/cache@v4 + calculatedSha=$(git rev-parse --short ${{ github.sha }}) + echo "COMMIT_SHORT_SHA=$calculatedSha" >> $GITHUB_ENV + + - name: Build Docker image + uses: docker/build-push-action@v3 with: - path: | - .next/cache - # Generate a new cache whenever packages or source files change. - key: ${{ runner.os }}-nextjs-${{ hashFiles('**/package-lock.json', '**/yarn.lock') }}-${{ hashFiles('**.[jt]s', '**.[jt]sx') }} - # If source files changed but packages didn't, rebuild from a prior cache. - restore-keys: | - ${{ runner.os }}-nextjs-${{ hashFiles('**/package-lock.json', '**/yarn.lock') }}- - - name: Install dependencies - run: yarn install --production - - name: Build with Next.js - run: yarn build - env: + context: . + build-args: | NEXT_PUBLIC_SUPABASE_URL: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_SUPABASE_URL || secrets.DEV_NEXT_PUBLIC_SUPABASE_URL }} NEXT_PUBLIC_SUPABASE_ANON_KEY: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_SUPABASE_ANON_KEY || secrets.DEV_NEXT_PUBLIC_SUPABASE_ANON_KEY }} NEXT_PUBLIC_WALLETCONNECT_PROJECT_ID: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_WALLETCONNECT_PROJECT_ID || secrets.DEV_NEXT_PUBLIC_WALLETCONNECT_PROJECT_ID }} @@ -64,3 +41,22 @@ jobs: NEXT_PUBLIC_QUICKNODE_SLUG: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_QUICKNODE_SLUG || secrets.DEV_NEXT_PUBLIC_QUICKNODE_SLUG }} NEXT_PUBLIC_QUICKNODE_KEY: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_QUICKNODE_KEY || secrets.DEV_NEXT_PUBLIC_QUICKNODE_KEY }} NEXT_PUBLIC_ALCHEMY_KEY: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_ALCHEMY_KEY || secrets.DEV_NEXT_PUBLIC_ALCHEMY_KEY }} + + push-image: + if: ${{ github.ref == 'refs/heads/main' }} + needs: build + runs-on: ubuntu-latest + steps: + - name: Log in to the Container registry + uses: docker/login-action@v3 + with: + registry: https://ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Push Docker image to registry + uses: docker/build-push-action@v3 + with: + context: . + push: true + tags: ghcr.io/seanmc9/mask-bloc-bot:prod diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 000000000..074d54337 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,68 @@ +FROM node:18-alpine AS base + +# Install dependencies only when needed +FROM base AS deps +# Check https://github.com/nodejs/docker-node/tree/b4117f9333da4138b03a546ec926ef50a31506c3#nodealpine to understand why libc6-compat might be needed. +RUN apk add --no-cache libc6-compat +WORKDIR /app + +# Install dependencies based on the preferred package manager +COPY package.json yarn.lock* package-lock.json* pnpm-lock.yaml* ./ +RUN \ + if [ -f yarn.lock ]; then yarn --frozen-lockfile; \ + elif [ -f package-lock.json ]; then npm ci; \ + elif [ -f pnpm-lock.yaml ]; then corepack enable pnpm && pnpm i --frozen-lockfile; \ + else echo "Lockfile not found." && exit 1; \ + fi + + +# Rebuild the source code only when needed +FROM base AS builder +WORKDIR /app +COPY --from=deps /app/node_modules ./node_modules +COPY . . + +# Next.js collects completely anonymous telemetry data about general usage. +# Learn more here: https://nextjs.org/telemetry +# Uncomment the following line in case you want to disable telemetry during the build. +ENV NEXT_TELEMETRY_DISABLED=1 + +RUN \ + if [ -f yarn.lock ]; then yarn run build; \ + elif [ -f package-lock.json ]; then npm run build; \ + elif [ -f pnpm-lock.yaml ]; then corepack enable pnpm && pnpm run build; \ + else echo "Lockfile not found." && exit 1; \ + fi + +# Production image, copy all the files and run next +FROM base AS runner +WORKDIR /app + +ENV NODE_ENV=production +# Uncomment the following line in case you want to disable telemetry during runtime. +ENV NEXT_TELEMETRY_DISABLED=1 + +RUN addgroup --system --gid 1001 nodejs +RUN adduser --system --uid 1001 nextjs + +COPY --from=builder /app/public ./public + +# Set the correct permission for prerender cache +RUN mkdir .next +RUN chown nextjs:nodejs .next + +# Automatically leverage output traces to reduce image size +# https://nextjs.org/docs/advanced-features/output-file-tracing +COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./ +COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static + +USER nextjs + +EXPOSE 3000 + +ENV PORT=3000 + +# server.js is created by next build from the standalone output +# https://nextjs.org/docs/pages/api-reference/next-config-js/output +ENV HOSTNAME="0.0.0.0" +CMD ["node", "server.js"] From 6194a52d19300fa1d47d740bb071971026fe362e Mon Sep 17 00:00:00 2001 From: Sean McCaffery Date: Thu, 10 Oct 2024 16:24:25 -0400 Subject: [PATCH 02/30] chore: correct syntax --- .github/workflows/nextjs_build_and_push.yml | 26 ++++++++++----------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/nextjs_build_and_push.yml b/.github/workflows/nextjs_build_and_push.yml index 22537f1eb..d9a4562c7 100644 --- a/.github/workflows/nextjs_build_and_push.yml +++ b/.github/workflows/nextjs_build_and_push.yml @@ -28,19 +28,19 @@ jobs: uses: docker/build-push-action@v3 with: context: . - build-args: | - NEXT_PUBLIC_SUPABASE_URL: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_SUPABASE_URL || secrets.DEV_NEXT_PUBLIC_SUPABASE_URL }} - NEXT_PUBLIC_SUPABASE_ANON_KEY: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_SUPABASE_ANON_KEY || secrets.DEV_NEXT_PUBLIC_SUPABASE_ANON_KEY }} - NEXT_PUBLIC_WALLETCONNECT_PROJECT_ID: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_WALLETCONNECT_PROJECT_ID || secrets.DEV_NEXT_PUBLIC_WALLETCONNECT_PROJECT_ID }} - NEXT_PUBLIC_R2_ACCOUNT_ID: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_R2_ACCOUNT_ID || secrets.DEV_NEXT_PUBLIC_R2_ACCOUNT_ID }} - NEXT_PUBLIC_R2_ACCESS_KEY_ID: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_R2_ACCESS_KEY_ID || secrets.DEV_NEXT_PUBLIC_R2_ACCESS_KEY_ID }} - NEXT_PUBLIC_R2_SECRET_ACCESS_KEY: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_R2_SECRET_ACCESS_KEY || secrets.DEV_NEXT_PUBLIC_R2_SECRET_ACCESS_KEY }} - NEXT_PUBLIC_MERKLE_TREES_BUCKET: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_MERKLE_TREES_BUCKET || secrets.DEV_NEXT_PUBLIC_MERKLE_TREES_BUCKET }} - NEXT_PUBLIC_IMAGE_UPLOAD_BUCKET: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_IMAGE_UPLOAD_BUCKET || secrets.DEV_NEXT_PUBLIC_IMAGE_UPLOAD_BUCKET }} - NEXT_PUBLIC_ETHERSCAN_KEY: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_ETHERSCAN_KEY || secrets.DEV_NEXT_PUBLIC_ETHERSCAN_KEY }} - NEXT_PUBLIC_QUICKNODE_SLUG: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_QUICKNODE_SLUG || secrets.DEV_NEXT_PUBLIC_QUICKNODE_SLUG }} - NEXT_PUBLIC_QUICKNODE_KEY: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_QUICKNODE_KEY || secrets.DEV_NEXT_PUBLIC_QUICKNODE_KEY }} - NEXT_PUBLIC_ALCHEMY_KEY: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_ALCHEMY_KEY || secrets.DEV_NEXT_PUBLIC_ALCHEMY_KEY }} + build-args: | + NEXT_PUBLIC_SUPABASE_URL: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_SUPABASE_URL || secrets.DEV_NEXT_PUBLIC_SUPABASE_URL }} + NEXT_PUBLIC_SUPABASE_ANON_KEY: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_SUPABASE_ANON_KEY || secrets.DEV_NEXT_PUBLIC_SUPABASE_ANON_KEY }} + NEXT_PUBLIC_WALLETCONNECT_PROJECT_ID: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_WALLETCONNECT_PROJECT_ID || secrets.DEV_NEXT_PUBLIC_WALLETCONNECT_PROJECT_ID }} + NEXT_PUBLIC_R2_ACCOUNT_ID: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_R2_ACCOUNT_ID || secrets.DEV_NEXT_PUBLIC_R2_ACCOUNT_ID }} + NEXT_PUBLIC_R2_ACCESS_KEY_ID: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_R2_ACCESS_KEY_ID || secrets.DEV_NEXT_PUBLIC_R2_ACCESS_KEY_ID }} + NEXT_PUBLIC_R2_SECRET_ACCESS_KEY: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_R2_SECRET_ACCESS_KEY || secrets.DEV_NEXT_PUBLIC_R2_SECRET_ACCESS_KEY }} + NEXT_PUBLIC_MERKLE_TREES_BUCKET: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_MERKLE_TREES_BUCKET || secrets.DEV_NEXT_PUBLIC_MERKLE_TREES_BUCKET }} + NEXT_PUBLIC_IMAGE_UPLOAD_BUCKET: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_IMAGE_UPLOAD_BUCKET || secrets.DEV_NEXT_PUBLIC_IMAGE_UPLOAD_BUCKET }} + NEXT_PUBLIC_ETHERSCAN_KEY: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_ETHERSCAN_KEY || secrets.DEV_NEXT_PUBLIC_ETHERSCAN_KEY }} + NEXT_PUBLIC_QUICKNODE_SLUG: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_QUICKNODE_SLUG || secrets.DEV_NEXT_PUBLIC_QUICKNODE_SLUG }} + NEXT_PUBLIC_QUICKNODE_KEY: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_QUICKNODE_KEY || secrets.DEV_NEXT_PUBLIC_QUICKNODE_KEY }} + NEXT_PUBLIC_ALCHEMY_KEY: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_ALCHEMY_KEY || secrets.DEV_NEXT_PUBLIC_ALCHEMY_KEY }} push-image: if: ${{ github.ref == 'refs/heads/main' }} From cc649b367eed013968e1061ec61504812f850d76 Mon Sep 17 00:00:00 2001 From: Sean McCaffery Date: Thu, 10 Oct 2024 17:11:40 -0400 Subject: [PATCH 03/30] chore: try deps and builder together --- Dockerfile | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/Dockerfile b/Dockerfile index 074d54337..c8a1adec1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,13 +1,13 @@ FROM node:18-alpine AS base # Install dependencies only when needed -FROM base AS deps +FROM base AS builder # Check https://github.com/nodejs/docker-node/tree/b4117f9333da4138b03a546ec926ef50a31506c3#nodealpine to understand why libc6-compat might be needed. RUN apk add --no-cache libc6-compat WORKDIR /app # Install dependencies based on the preferred package manager -COPY package.json yarn.lock* package-lock.json* pnpm-lock.yaml* ./ +COPY . . RUN \ if [ -f yarn.lock ]; then yarn --frozen-lockfile; \ elif [ -f package-lock.json ]; then npm ci; \ @@ -15,13 +15,6 @@ RUN \ else echo "Lockfile not found." && exit 1; \ fi - -# Rebuild the source code only when needed -FROM base AS builder -WORKDIR /app -COPY --from=deps /app/node_modules ./node_modules -COPY . . - # Next.js collects completely anonymous telemetry data about general usage. # Learn more here: https://nextjs.org/telemetry # Uncomment the following line in case you want to disable telemetry during the build. From 4e49f96a92d765afe0faaed7e6ed48642260900a Mon Sep 17 00:00:00 2001 From: Sean McCaffery Date: Thu, 10 Oct 2024 17:36:01 -0400 Subject: [PATCH 04/30] chore: add env vars --- Dockerfile | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/Dockerfile b/Dockerfile index c8a1adec1..9148edb9c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -20,6 +20,19 @@ RUN \ # Uncomment the following line in case you want to disable telemetry during the build. ENV NEXT_TELEMETRY_DISABLED=1 +ENV NEXT_PUBLIC_SUPABASE_URL=${NEXT_PUBLIC_SUPABASE_URL} +ENV NEXT_PUBLIC_SUPABASE_ANON_KEY=${NEXT_PUBLIC_SUPABASE_ANON_KEY} +ENV NEXT_PUBLIC_R2_ACCOUNT_ID=${NEXT_PUBLIC_R2_ACCOUNT_ID} +ENV NEXT_PUBLIC_R2_ACCESS_KEY_ID=${NEXT_PUBLIC_R2_ACCESS_KEY_ID} +ENV NEXT_PUBLIC_R2_SECRET_ACCESS_KEY=${NEXT_PUBLIC_R2_SECRET_ACCESS_KEY} +ENV NEXT_PUBLIC_WALLETCONNECT_PROJECT_ID=${NEXT_PUBLIC_WALLETCONNECT_PROJECT_ID} +ENV NEXT_PUBLIC_MERKLE_TREES_BUCKET=${NEXT_PUBLIC_MERKLE_TREES_BUCKET} +ENV NEXT_PUBLIC_IMAGE_UPLOAD_BUCKET=${NEXT_PUBLIC_IMAGE_UPLOAD_BUCKET} +ENV NEXT_PUBLIC_ETHERSCAN_KEY=${NEXT_PUBLIC_ETHERSCAN_KEY} +ENV NEXT_PUBLIC_QUICKNODE_SLUG=${NEXT_PUBLIC_QUICKNODE_SLUG} +ENV NEXT_PUBLIC_QUICKNODE_KEY=${NEXT_PUBLIC_QUICKNODE_KEY} +ENV NEXT_PUBLIC_ALCHEMY_KEY=${NEXT_PUBLIC_ALCHEMY_KEY} + RUN \ if [ -f yarn.lock ]; then yarn run build; \ elif [ -f package-lock.json ]; then npm run build; \ From 7e8223783f82c7a185ddc035ebece6cb09b52299 Mon Sep 17 00:00:00 2001 From: Sean McCaffery Date: Thu, 10 Oct 2024 18:08:57 -0400 Subject: [PATCH 05/30] chore: add args --- Dockerfile | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/Dockerfile b/Dockerfile index 9148edb9c..fa453422f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -20,6 +20,19 @@ RUN \ # Uncomment the following line in case you want to disable telemetry during the build. ENV NEXT_TELEMETRY_DISABLED=1 +ARG NEXT_PUBLIC_SUPABASE_URL +ARG NEXT_PUBLIC_SUPABASE_ANON_KEY +ARG NEXT_PUBLIC_R2_ACCOUNT_ID +ARG NEXT_PUBLIC_R2_ACCESS_KEY_ID +ARG NEXT_PUBLIC_R2_SECRET_ACCESS_KEY +ARG NEXT_PUBLIC_WALLETCONNECT_PROJECT_ID +ARG NEXT_PUBLIC_MERKLE_TREES_BUCKET +ARG NEXT_PUBLIC_IMAGE_UPLOAD_BUCKET +ARG NEXT_PUBLIC_ETHERSCAN_KEY +ARG NEXT_PUBLIC_QUICKNODE_SLUG +ARG NEXT_PUBLIC_QUICKNODE_KEY +ARG NEXT_PUBLIC_ALCHEMY_KEY + ENV NEXT_PUBLIC_SUPABASE_URL=${NEXT_PUBLIC_SUPABASE_URL} ENV NEXT_PUBLIC_SUPABASE_ANON_KEY=${NEXT_PUBLIC_SUPABASE_ANON_KEY} ENV NEXT_PUBLIC_R2_ACCOUNT_ID=${NEXT_PUBLIC_R2_ACCOUNT_ID} From 5a95245c36ed04797d425d01b2445006f2f5035b Mon Sep 17 00:00:00 2001 From: Sean McCaffery Date: Thu, 10 Oct 2024 18:26:55 -0400 Subject: [PATCH 06/30] chore: try args and only dollar --- Dockerfile | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/Dockerfile b/Dockerfile index fa453422f..b7c45a069 100644 --- a/Dockerfile +++ b/Dockerfile @@ -33,18 +33,18 @@ ARG NEXT_PUBLIC_QUICKNODE_SLUG ARG NEXT_PUBLIC_QUICKNODE_KEY ARG NEXT_PUBLIC_ALCHEMY_KEY -ENV NEXT_PUBLIC_SUPABASE_URL=${NEXT_PUBLIC_SUPABASE_URL} -ENV NEXT_PUBLIC_SUPABASE_ANON_KEY=${NEXT_PUBLIC_SUPABASE_ANON_KEY} -ENV NEXT_PUBLIC_R2_ACCOUNT_ID=${NEXT_PUBLIC_R2_ACCOUNT_ID} -ENV NEXT_PUBLIC_R2_ACCESS_KEY_ID=${NEXT_PUBLIC_R2_ACCESS_KEY_ID} -ENV NEXT_PUBLIC_R2_SECRET_ACCESS_KEY=${NEXT_PUBLIC_R2_SECRET_ACCESS_KEY} -ENV NEXT_PUBLIC_WALLETCONNECT_PROJECT_ID=${NEXT_PUBLIC_WALLETCONNECT_PROJECT_ID} -ENV NEXT_PUBLIC_MERKLE_TREES_BUCKET=${NEXT_PUBLIC_MERKLE_TREES_BUCKET} -ENV NEXT_PUBLIC_IMAGE_UPLOAD_BUCKET=${NEXT_PUBLIC_IMAGE_UPLOAD_BUCKET} -ENV NEXT_PUBLIC_ETHERSCAN_KEY=${NEXT_PUBLIC_ETHERSCAN_KEY} -ENV NEXT_PUBLIC_QUICKNODE_SLUG=${NEXT_PUBLIC_QUICKNODE_SLUG} -ENV NEXT_PUBLIC_QUICKNODE_KEY=${NEXT_PUBLIC_QUICKNODE_KEY} -ENV NEXT_PUBLIC_ALCHEMY_KEY=${NEXT_PUBLIC_ALCHEMY_KEY} +ENV NEXT_PUBLIC_SUPABASE_URL=$NEXT_PUBLIC_SUPABASE_URL +ENV NEXT_PUBLIC_SUPABASE_ANON_KEY=$NEXT_PUBLIC_SUPABASE_ANON_KEY +ENV NEXT_PUBLIC_R2_ACCOUNT_ID=$NEXT_PUBLIC_R2_ACCOUNT_ID +ENV NEXT_PUBLIC_R2_ACCESS_KEY_ID=$NEXT_PUBLIC_R2_ACCESS_KEY_ID +ENV NEXT_PUBLIC_R2_SECRET_ACCESS_KEY=$NEXT_PUBLIC_R2_SECRET_ACCESS_KEY +ENV NEXT_PUBLIC_WALLETCONNECT_PROJECT_ID=$NEXT_PUBLIC_WALLETCONNECT_PROJECT_ID +ENV NEXT_PUBLIC_MERKLE_TREES_BUCKET=$NEXT_PUBLIC_MERKLE_TREES_BUCKET +ENV NEXT_PUBLIC_IMAGE_UPLOAD_BUCKET=$NEXT_PUBLIC_IMAGE_UPLOAD_BUCKET +ENV NEXT_PUBLIC_ETHERSCAN_KEY=$NEXT_PUBLIC_ETHERSCAN_KEY +ENV NEXT_PUBLIC_QUICKNODE_SLUG=$NEXT_PUBLIC_QUICKNODE_SLUG +ENV NEXT_PUBLIC_QUICKNODE_KEY=$NEXT_PUBLIC_QUICKNODE_KEY +ENV NEXT_PUBLIC_ALCHEMY_KEY=$NEXT_PUBLIC_ALCHEMY_KEY RUN \ if [ -f yarn.lock ]; then yarn run build; \ From c40975b9d152d384b8ea3e33beb11abbdeca4e63 Mon Sep 17 00:00:00 2001 From: Sean McCaffery Date: Thu, 10 Oct 2024 19:13:00 -0400 Subject: [PATCH 07/30] chore: correctly set build-args in github action --- .github/workflows/nextjs_build_and_push.yml | 24 ++++++++++----------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/nextjs_build_and_push.yml b/.github/workflows/nextjs_build_and_push.yml index d9a4562c7..694d36581 100644 --- a/.github/workflows/nextjs_build_and_push.yml +++ b/.github/workflows/nextjs_build_and_push.yml @@ -29,18 +29,18 @@ jobs: with: context: . build-args: | - NEXT_PUBLIC_SUPABASE_URL: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_SUPABASE_URL || secrets.DEV_NEXT_PUBLIC_SUPABASE_URL }} - NEXT_PUBLIC_SUPABASE_ANON_KEY: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_SUPABASE_ANON_KEY || secrets.DEV_NEXT_PUBLIC_SUPABASE_ANON_KEY }} - NEXT_PUBLIC_WALLETCONNECT_PROJECT_ID: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_WALLETCONNECT_PROJECT_ID || secrets.DEV_NEXT_PUBLIC_WALLETCONNECT_PROJECT_ID }} - NEXT_PUBLIC_R2_ACCOUNT_ID: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_R2_ACCOUNT_ID || secrets.DEV_NEXT_PUBLIC_R2_ACCOUNT_ID }} - NEXT_PUBLIC_R2_ACCESS_KEY_ID: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_R2_ACCESS_KEY_ID || secrets.DEV_NEXT_PUBLIC_R2_ACCESS_KEY_ID }} - NEXT_PUBLIC_R2_SECRET_ACCESS_KEY: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_R2_SECRET_ACCESS_KEY || secrets.DEV_NEXT_PUBLIC_R2_SECRET_ACCESS_KEY }} - NEXT_PUBLIC_MERKLE_TREES_BUCKET: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_MERKLE_TREES_BUCKET || secrets.DEV_NEXT_PUBLIC_MERKLE_TREES_BUCKET }} - NEXT_PUBLIC_IMAGE_UPLOAD_BUCKET: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_IMAGE_UPLOAD_BUCKET || secrets.DEV_NEXT_PUBLIC_IMAGE_UPLOAD_BUCKET }} - NEXT_PUBLIC_ETHERSCAN_KEY: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_ETHERSCAN_KEY || secrets.DEV_NEXT_PUBLIC_ETHERSCAN_KEY }} - NEXT_PUBLIC_QUICKNODE_SLUG: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_QUICKNODE_SLUG || secrets.DEV_NEXT_PUBLIC_QUICKNODE_SLUG }} - NEXT_PUBLIC_QUICKNODE_KEY: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_QUICKNODE_KEY || secrets.DEV_NEXT_PUBLIC_QUICKNODE_KEY }} - NEXT_PUBLIC_ALCHEMY_KEY: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_ALCHEMY_KEY || secrets.DEV_NEXT_PUBLIC_ALCHEMY_KEY }} + NEXT_PUBLIC_SUPABASE_URL= ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_SUPABASE_URL || secrets.DEV_NEXT_PUBLIC_SUPABASE_URL }} + NEXT_PUBLIC_SUPABASE_ANON_KEY= ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_SUPABASE_ANON_KEY || secrets.DEV_NEXT_PUBLIC_SUPABASE_ANON_KEY }} + NEXT_PUBLIC_WALLETCONNECT_PROJECT_ID= ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_WALLETCONNECT_PROJECT_ID || secrets.DEV_NEXT_PUBLIC_WALLETCONNECT_PROJECT_ID }} + NEXT_PUBLIC_R2_ACCOUNT_ID= ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_R2_ACCOUNT_ID || secrets.DEV_NEXT_PUBLIC_R2_ACCOUNT_ID }} + NEXT_PUBLIC_R2_ACCESS_KEY_ID= ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_R2_ACCESS_KEY_ID || secrets.DEV_NEXT_PUBLIC_R2_ACCESS_KEY_ID }} + NEXT_PUBLIC_R2_SECRET_ACCESS_KEY= ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_R2_SECRET_ACCESS_KEY || secrets.DEV_NEXT_PUBLIC_R2_SECRET_ACCESS_KEY }} + NEXT_PUBLIC_MERKLE_TREES_BUCKET= ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_MERKLE_TREES_BUCKET || secrets.DEV_NEXT_PUBLIC_MERKLE_TREES_BUCKET }} + NEXT_PUBLIC_IMAGE_UPLOAD_BUCKET= ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_IMAGE_UPLOAD_BUCKET || secrets.DEV_NEXT_PUBLIC_IMAGE_UPLOAD_BUCKET }} + NEXT_PUBLIC_ETHERSCAN_KEY= ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_ETHERSCAN_KEY || secrets.DEV_NEXT_PUBLIC_ETHERSCAN_KEY }} + NEXT_PUBLIC_QUICKNODE_SLUG= ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_QUICKNODE_SLUG || secrets.DEV_NEXT_PUBLIC_QUICKNODE_SLUG }} + NEXT_PUBLIC_QUICKNODE_KEY= ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_QUICKNODE_KEY || secrets.DEV_NEXT_PUBLIC_QUICKNODE_KEY }} + NEXT_PUBLIC_ALCHEMY_KEY= ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_ALCHEMY_KEY || secrets.DEV_NEXT_PUBLIC_ALCHEMY_KEY }} push-image: if: ${{ github.ref == 'refs/heads/main' }} From 335d7ea3bcf77ff4ce1778122ac470e159736ce6 Mon Sep 17 00:00:00 2001 From: Sean McCaffery Date: Thu, 10 Oct 2024 21:06:02 -0400 Subject: [PATCH 08/30] chore: don't use standalone --- Dockerfile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index b7c45a069..4547fe351 100644 --- a/Dockerfile +++ b/Dockerfile @@ -72,8 +72,7 @@ RUN chown nextjs:nodejs .next # Automatically leverage output traces to reduce image size # https://nextjs.org/docs/advanced-features/output-file-tracing -COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./ -COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static +COPY --from=builder --chown=nextjs:nodejs /app/.next ./ USER nextjs From 5a0a226f83b10fbf48fd4a8f251651fe8f57620e Mon Sep 17 00:00:00 2001 From: Sean McCaffery Date: Thu, 10 Oct 2024 21:18:57 -0400 Subject: [PATCH 09/30] chore: reintro deps layer --- Dockerfile | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 4547fe351..96818622d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,13 +1,13 @@ FROM node:18-alpine AS base # Install dependencies only when needed -FROM base AS builder +FROM base AS deps # Check https://github.com/nodejs/docker-node/tree/b4117f9333da4138b03a546ec926ef50a31506c3#nodealpine to understand why libc6-compat might be needed. RUN apk add --no-cache libc6-compat WORKDIR /app # Install dependencies based on the preferred package manager -COPY . . +COPY packages/react-app-revamp/package.json yarn.lock* ./ RUN \ if [ -f yarn.lock ]; then yarn --frozen-lockfile; \ elif [ -f package-lock.json ]; then npm ci; \ @@ -15,6 +15,11 @@ RUN \ else echo "Lockfile not found." && exit 1; \ fi +FROM base AS builder +WORKDIR /app +COPY --from=deps /app/node_modules ./node_modules +COPY . . + # Next.js collects completely anonymous telemetry data about general usage. # Learn more here: https://nextjs.org/telemetry # Uncomment the following line in case you want to disable telemetry during the build. From 1ac539f52c30996ec1966b3ae0333eb0bd0f5b25 Mon Sep 17 00:00:00 2001 From: Sean McCaffery Date: Thu, 10 Oct 2024 21:25:57 -0400 Subject: [PATCH 10/30] chore: rm extra and use just regular .next --- Dockerfile | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index 96818622d..97dd13471 100644 --- a/Dockerfile +++ b/Dockerfile @@ -69,15 +69,11 @@ ENV NEXT_TELEMETRY_DISABLED=1 RUN addgroup --system --gid 1001 nodejs RUN adduser --system --uid 1001 nextjs -COPY --from=builder /app/public ./public - # Set the correct permission for prerender cache RUN mkdir .next RUN chown nextjs:nodejs .next -# Automatically leverage output traces to reduce image size -# https://nextjs.org/docs/advanced-features/output-file-tracing -COPY --from=builder --chown=nextjs:nodejs /app/.next ./ +COPY --from=builder --chown=nextjs:nodejs /app/.next ./.next USER nextjs From d3a733a7f11b5ab7ae9aeef2e8c9d392d940d996 Mon Sep 17 00:00:00 2001 From: Sean McCaffery Date: Thu, 10 Oct 2024 21:27:05 -0400 Subject: [PATCH 11/30] Revert "chore: reintro deps layer" This reverts commit 5a0a226f83b10fbf48fd4a8f251651fe8f57620e. --- Dockerfile | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/Dockerfile b/Dockerfile index 97dd13471..7ee1e7370 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,13 +1,13 @@ FROM node:18-alpine AS base # Install dependencies only when needed -FROM base AS deps +FROM base AS builder # Check https://github.com/nodejs/docker-node/tree/b4117f9333da4138b03a546ec926ef50a31506c3#nodealpine to understand why libc6-compat might be needed. RUN apk add --no-cache libc6-compat WORKDIR /app # Install dependencies based on the preferred package manager -COPY packages/react-app-revamp/package.json yarn.lock* ./ +COPY . . RUN \ if [ -f yarn.lock ]; then yarn --frozen-lockfile; \ elif [ -f package-lock.json ]; then npm ci; \ @@ -15,11 +15,6 @@ RUN \ else echo "Lockfile not found." && exit 1; \ fi -FROM base AS builder -WORKDIR /app -COPY --from=deps /app/node_modules ./node_modules -COPY . . - # Next.js collects completely anonymous telemetry data about general usage. # Learn more here: https://nextjs.org/telemetry # Uncomment the following line in case you want to disable telemetry during the build. From c8d767251971c061a16a173a88c847a2b43b57d4 Mon Sep 17 00:00:00 2001 From: Sean McCaffery Date: Thu, 10 Oct 2024 21:55:54 -0400 Subject: [PATCH 12/30] chore: try basic version --- Dockerfile | 57 +++++++++--------------------------------------------- 1 file changed, 9 insertions(+), 48 deletions(-) diff --git a/Dockerfile b/Dockerfile index 7ee1e7370..d8927cdfb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,24 +1,13 @@ FROM node:18-alpine AS base -# Install dependencies only when needed -FROM base AS builder -# Check https://github.com/nodejs/docker-node/tree/b4117f9333da4138b03a546ec926ef50a31506c3#nodealpine to understand why libc6-compat might be needed. -RUN apk add --no-cache libc6-compat WORKDIR /app - -# Install dependencies based on the preferred package manager COPY . . -RUN \ - if [ -f yarn.lock ]; then yarn --frozen-lockfile; \ - elif [ -f package-lock.json ]; then npm ci; \ - elif [ -f pnpm-lock.yaml ]; then corepack enable pnpm && pnpm i --frozen-lockfile; \ - else echo "Lockfile not found." && exit 1; \ - fi -# Next.js collects completely anonymous telemetry data about general usage. -# Learn more here: https://nextjs.org/telemetry -# Uncomment the following line in case you want to disable telemetry during the build. -ENV NEXT_TELEMETRY_DISABLED=1 +# Install +RUN yarn --production + +# Build +ENV NEXT_TELEMETRY_DISABLED=1 # disable telemetry during the build ARG NEXT_PUBLIC_SUPABASE_URL ARG NEXT_PUBLIC_SUPABASE_ANON_KEY @@ -46,37 +35,9 @@ ENV NEXT_PUBLIC_QUICKNODE_SLUG=$NEXT_PUBLIC_QUICKNODE_SLUG ENV NEXT_PUBLIC_QUICKNODE_KEY=$NEXT_PUBLIC_QUICKNODE_KEY ENV NEXT_PUBLIC_ALCHEMY_KEY=$NEXT_PUBLIC_ALCHEMY_KEY -RUN \ - if [ -f yarn.lock ]; then yarn run build; \ - elif [ -f package-lock.json ]; then npm run build; \ - elif [ -f pnpm-lock.yaml ]; then corepack enable pnpm && pnpm run build; \ - else echo "Lockfile not found." && exit 1; \ - fi - -# Production image, copy all the files and run next -FROM base AS runner -WORKDIR /app - -ENV NODE_ENV=production -# Uncomment the following line in case you want to disable telemetry during runtime. -ENV NEXT_TELEMETRY_DISABLED=1 - -RUN addgroup --system --gid 1001 nodejs -RUN adduser --system --uid 1001 nextjs - -# Set the correct permission for prerender cache -RUN mkdir .next -RUN chown nextjs:nodejs .next - -COPY --from=builder --chown=nextjs:nodejs /app/.next ./.next - -USER nextjs - -EXPOSE 3000 +RUN yarn build -ENV PORT=3000 +# Serve +ENV NEXT_TELEMETRY_DISABLED=1 # disable telemetry during runtime. -# server.js is created by next build from the standalone output -# https://nextjs.org/docs/pages/api-reference/next-config-js/output -ENV HOSTNAME="0.0.0.0" -CMD ["node", "server.js"] +CMD ["yarn", "start"] From c5dfd13e764ebf7431e2c6d0e7c2c3a068cb0b26 Mon Sep 17 00:00:00 2001 From: Sean McCaffery Date: Thu, 10 Oct 2024 21:58:25 -0400 Subject: [PATCH 13/30] chore: fix syntax --- Dockerfile | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index d8927cdfb..2c6880d06 100644 --- a/Dockerfile +++ b/Dockerfile @@ -7,7 +7,9 @@ COPY . . RUN yarn --production # Build -ENV NEXT_TELEMETRY_DISABLED=1 # disable telemetry during the build + +# disable telemetry during the build +ENV NEXT_TELEMETRY_DISABLED=1 ARG NEXT_PUBLIC_SUPABASE_URL ARG NEXT_PUBLIC_SUPABASE_ANON_KEY @@ -38,6 +40,8 @@ ENV NEXT_PUBLIC_ALCHEMY_KEY=$NEXT_PUBLIC_ALCHEMY_KEY RUN yarn build # Serve -ENV NEXT_TELEMETRY_DISABLED=1 # disable telemetry during runtime. + +# disable telemetry during runtime. +ENV NEXT_TELEMETRY_DISABLED=1 CMD ["yarn", "start"] From f5e7767cdbced44c7543fe932481773bf2951ec8 Mon Sep 17 00:00:00 2001 From: Sean McCaffery Date: Thu, 10 Oct 2024 23:49:44 -0400 Subject: [PATCH 14/30] chore: ensure yarn install works everywhere --- Dockerfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Dockerfile b/Dockerfile index 2c6880d06..cadd8a894 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,7 @@ FROM node:18-alpine AS base +RUN apk add --update python3 make g++\ + && rm -rf /var/cache/apk/* WORKDIR /app COPY . . From 8cfe1dc2f8d36c84b2654482ffefef7670fd49c6 Mon Sep 17 00:00:00 2001 From: Sean McCaffery Date: Thu, 10 Oct 2024 23:51:53 -0400 Subject: [PATCH 15/30] chore: make a dev image for testing --- .github/workflows/nextjs_build_and_push.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/nextjs_build_and_push.yml b/.github/workflows/nextjs_build_and_push.yml index 694d36581..a7eefce0c 100644 --- a/.github/workflows/nextjs_build_and_push.yml +++ b/.github/workflows/nextjs_build_and_push.yml @@ -43,7 +43,6 @@ jobs: NEXT_PUBLIC_ALCHEMY_KEY= ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_ALCHEMY_KEY || secrets.DEV_NEXT_PUBLIC_ALCHEMY_KEY }} push-image: - if: ${{ github.ref == 'refs/heads/main' }} needs: build runs-on: ubuntu-latest steps: @@ -59,4 +58,5 @@ jobs: with: context: . push: true - tags: ghcr.io/seanmc9/mask-bloc-bot:prod + tags: ghcr.io/seanmc9/mask-bloc-bot:${{ github.ref == 'refs/heads/main' && "prod" || "dev" }} + From ec4878167d05b79b3a91924a78ced6daf3dac8ac Mon Sep 17 00:00:00 2001 From: Sean McCaffery Date: Thu, 10 Oct 2024 23:52:28 -0400 Subject: [PATCH 16/30] chore: expose 3000 --- Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/Dockerfile b/Dockerfile index cadd8a894..29372208c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -46,4 +46,5 @@ RUN yarn build # disable telemetry during runtime. ENV NEXT_TELEMETRY_DISABLED=1 +EXPOSE 3000 CMD ["yarn", "start"] From 2577e77cee30cc9010e51a8b38f740ff6c67902d Mon Sep 17 00:00:00 2001 From: Sean McCaffery Date: Thu, 10 Oct 2024 23:53:33 -0400 Subject: [PATCH 17/30] chore: fix syntax --- .github/workflows/nextjs_build_and_push.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/nextjs_build_and_push.yml b/.github/workflows/nextjs_build_and_push.yml index a7eefce0c..cc93a51a4 100644 --- a/.github/workflows/nextjs_build_and_push.yml +++ b/.github/workflows/nextjs_build_and_push.yml @@ -58,5 +58,5 @@ jobs: with: context: . push: true - tags: ghcr.io/seanmc9/mask-bloc-bot:${{ github.ref == 'refs/heads/main' && "prod" || "dev" }} + tags: ghcr.io/seanmc9/mask-bloc-bot:${{ github.ref == 'refs/heads/main' && prod || dev }} From 4dee3e74ad91dd57d1ecabc939519cee49a78ef9 Mon Sep 17 00:00:00 2001 From: Sean McCaffery Date: Thu, 10 Oct 2024 23:55:11 -0400 Subject: [PATCH 18/30] chore: syntax 2 --- .github/workflows/nextjs_build_and_push.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/nextjs_build_and_push.yml b/.github/workflows/nextjs_build_and_push.yml index cc93a51a4..557642e24 100644 --- a/.github/workflows/nextjs_build_and_push.yml +++ b/.github/workflows/nextjs_build_and_push.yml @@ -58,5 +58,5 @@ jobs: with: context: . push: true - tags: ghcr.io/seanmc9/mask-bloc-bot:${{ github.ref == 'refs/heads/main' && prod || dev }} + tags: ghcr.io/seanmc9/mask-bloc-bot:${{ github.ref == 'refs/heads/main' && 'prod' || 'dev' }} From f1b6c77e64cf25b392bfbfc47edea2bcc6d82c46 Mon Sep 17 00:00:00 2001 From: Sean McCaffery Date: Fri, 11 Oct 2024 00:03:10 -0400 Subject: [PATCH 19/30] chore: make one step --- .github/workflows/nextjs_build_and_push.yml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/.github/workflows/nextjs_build_and_push.yml b/.github/workflows/nextjs_build_and_push.yml index 557642e24..a18b64333 100644 --- a/.github/workflows/nextjs_build_and_push.yml +++ b/.github/workflows/nextjs_build_and_push.yml @@ -12,7 +12,7 @@ concurrency: cancel-in-progress: false jobs: - build: + build-and-push: runs-on: ubuntu-latest steps: - name: Checkout repository @@ -42,10 +42,6 @@ jobs: NEXT_PUBLIC_QUICKNODE_KEY= ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_QUICKNODE_KEY || secrets.DEV_NEXT_PUBLIC_QUICKNODE_KEY }} NEXT_PUBLIC_ALCHEMY_KEY= ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_ALCHEMY_KEY || secrets.DEV_NEXT_PUBLIC_ALCHEMY_KEY }} - push-image: - needs: build - runs-on: ubuntu-latest - steps: - name: Log in to the Container registry uses: docker/login-action@v3 with: From dc57d468581d65e3d0aacb8f9ff22a952f4c3b25 Mon Sep 17 00:00:00 2001 From: Sean McCaffery Date: Fri, 11 Oct 2024 00:11:13 -0400 Subject: [PATCH 20/30] chore: further consolidate --- .github/workflows/nextjs_build_and_push.yml | 25 +++++++++------------ 1 file changed, 10 insertions(+), 15 deletions(-) diff --git a/.github/workflows/nextjs_build_and_push.yml b/.github/workflows/nextjs_build_and_push.yml index a18b64333..b90727622 100644 --- a/.github/workflows/nextjs_build_and_push.yml +++ b/.github/workflows/nextjs_build_and_push.yml @@ -24,10 +24,19 @@ jobs: calculatedSha=$(git rev-parse --short ${{ github.sha }}) echo "COMMIT_SHORT_SHA=$calculatedSha" >> $GITHUB_ENV - - name: Build Docker image + - name: Log in to the Container registry + uses: docker/login-action@v3 + with: + registry: https://ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push Docker image uses: docker/build-push-action@v3 with: context: . + push: true + tags: ghcr.io/seanmc9/mask-bloc-bot:${{ github.ref == 'refs/heads/main' && 'prod' || 'dev' }} build-args: | NEXT_PUBLIC_SUPABASE_URL= ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_SUPABASE_URL || secrets.DEV_NEXT_PUBLIC_SUPABASE_URL }} NEXT_PUBLIC_SUPABASE_ANON_KEY= ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_SUPABASE_ANON_KEY || secrets.DEV_NEXT_PUBLIC_SUPABASE_ANON_KEY }} @@ -42,17 +51,3 @@ jobs: NEXT_PUBLIC_QUICKNODE_KEY= ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_QUICKNODE_KEY || secrets.DEV_NEXT_PUBLIC_QUICKNODE_KEY }} NEXT_PUBLIC_ALCHEMY_KEY= ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_ALCHEMY_KEY || secrets.DEV_NEXT_PUBLIC_ALCHEMY_KEY }} - - name: Log in to the Container registry - uses: docker/login-action@v3 - with: - registry: https://ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Push Docker image to registry - uses: docker/build-push-action@v3 - with: - context: . - push: true - tags: ghcr.io/seanmc9/mask-bloc-bot:${{ github.ref == 'refs/heads/main' && 'prod' || 'dev' }} - From 89c1747807eb0033177bd580e5390ba0865b7b31 Mon Sep 17 00:00:00 2001 From: Sean McCaffery Date: Fri, 11 Oct 2024 00:18:17 -0400 Subject: [PATCH 21/30] chore: correct registry name --- .github/workflows/nextjs_build_and_push.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/nextjs_build_and_push.yml b/.github/workflows/nextjs_build_and_push.yml index b90727622..9de67f179 100644 --- a/.github/workflows/nextjs_build_and_push.yml +++ b/.github/workflows/nextjs_build_and_push.yml @@ -36,7 +36,7 @@ jobs: with: context: . push: true - tags: ghcr.io/seanmc9/mask-bloc-bot:${{ github.ref == 'refs/heads/main' && 'prod' || 'dev' }} + tags: ghcr.io/jk-labs-inc/jokerace:${{ github.ref == 'refs/heads/main' && 'prod' || 'dev' }} build-args: | NEXT_PUBLIC_SUPABASE_URL= ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_SUPABASE_URL || secrets.DEV_NEXT_PUBLIC_SUPABASE_URL }} NEXT_PUBLIC_SUPABASE_ANON_KEY= ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_SUPABASE_ANON_KEY || secrets.DEV_NEXT_PUBLIC_SUPABASE_ANON_KEY }} From bd32560b77c37269b1991307105c899320e265fe Mon Sep 17 00:00:00 2001 From: Sean McCaffery Date: Fri, 11 Oct 2024 00:57:02 -0400 Subject: [PATCH 22/30] chore: try standalone --- Dockerfile | 33 +++++++++++++++++++++--- packages/react-app-revamp/next.config.js | 11 ++++---- 2 files changed, 35 insertions(+), 9 deletions(-) diff --git a/Dockerfile b/Dockerfile index 29372208c..dccb68634 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,6 @@ FROM node:18-alpine AS base +FROM base AS builder RUN apk add --update python3 make g++\ && rm -rf /var/cache/apk/* WORKDIR /app @@ -41,10 +42,34 @@ ENV NEXT_PUBLIC_ALCHEMY_KEY=$NEXT_PUBLIC_ALCHEMY_KEY RUN yarn build -# Serve +FROM base AS runner +WORKDIR /app -# disable telemetry during runtime. -ENV NEXT_TELEMETRY_DISABLED=1 +ENV NODE_ENV=production +# Uncomment the following line in case you want to disable telemetry during runtime. +ENV NEXT_TELEMETRY_DISABLED=1 + +RUN addgroup --system --gid 1001 nodejs +RUN adduser --system --uid 1001 nextjs + +COPY --from=builder /app/public ./packages/react-app-revamp/public + +# Set the correct permission for prerender cache +RUN mkdir .next +RUN chown nextjs:nodejs .next + +# Automatically leverage output traces to reduce image size +# https://nextjs.org/docs/advanced-features/output-file-tracing +COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./ +COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static + +USER nextjs EXPOSE 3000 -CMD ["yarn", "start"] + +ENV PORT=3000 + +# server.js is created by next build from the standalone output +# https://nextjs.org/docs/pages/api-reference/next-config-js/output +ENV HOSTNAME="0.0.0.0" +CMD ["node", "server.js"] diff --git a/packages/react-app-revamp/next.config.js b/packages/react-app-revamp/next.config.js index 8f908b84f..e23b73378 100644 --- a/packages/react-app-revamp/next.config.js +++ b/packages/react-app-revamp/next.config.js @@ -34,12 +34,13 @@ const nextConfig = { ], }, transpilePackages: ["react-tweet"], + output: "standalone", }; module.exports = withPWA({ - dest: "public", - register: true, - skipWaiting: true, - disable: process.env.NODE_ENV === "development", - maximumFileSizeToCacheInBytes: 10 * 1024 * 1024, // 5mb + dest: "public", + register: true, + skipWaiting: true, + disable: process.env.NODE_ENV === "development", + maximumFileSizeToCacheInBytes: 10 * 1024 * 1024, // 5mb })(nextConfig); From aa29ea5e55294304950dcfd87effad0b53d2a580 Mon Sep 17 00:00:00 2001 From: Sean McCaffery Date: Fri, 11 Oct 2024 11:20:20 -0400 Subject: [PATCH 23/30] chore: build working --- Dockerfile | 23 ++++++++++------------- 1 file changed, 10 insertions(+), 13 deletions(-) diff --git a/Dockerfile b/Dockerfile index dccb68634..d7014ee4f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,16 +1,16 @@ FROM node:18-alpine AS base FROM base AS builder + +# Install RUN apk add --update python3 make g++\ && rm -rf /var/cache/apk/* WORKDIR /app COPY . . -# Install RUN yarn --production # Build - # disable telemetry during the build ENV NEXT_TELEMETRY_DISABLED=1 @@ -49,27 +49,24 @@ ENV NODE_ENV=production # Uncomment the following line in case you want to disable telemetry during runtime. ENV NEXT_TELEMETRY_DISABLED=1 -RUN addgroup --system --gid 1001 nodejs -RUN adduser --system --uid 1001 nextjs - -COPY --from=builder /app/public ./packages/react-app-revamp/public - # Set the correct permission for prerender cache +RUN addgroup nodejs +RUN adduser -SDH nextjs RUN mkdir .next RUN chown nextjs:nodejs .next # Automatically leverage output traces to reduce image size # https://nextjs.org/docs/advanced-features/output-file-tracing -COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./ -COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static +COPY --from=builder --chown=nextjs:nodejs /app/packages/react-app-revamp/.next/standalone ./ +COPY --from=builder --chown=nextjs:nodejs /app/packages/react-app-revamp/.next/static ./.next/static +COPY --from=builder /app/packages/react-app-revamp/public ./public USER nextjs +# Exposed port (for orchestrators and dynamic reverse proxies) EXPOSE 3000 - ENV PORT=3000 - -# server.js is created by next build from the standalone output -# https://nextjs.org/docs/pages/api-reference/next-config-js/output ENV HOSTNAME="0.0.0.0" +HEALTHCHECK --interval=30s --timeout=30s --start-period=5s --retries=3 CMD [ "wget", "-q0", "http://localhost:3000/health" ] + CMD ["node", "server.js"] From 63e34758a07b4350b14bb3a6d7a1e657a2a54626 Mon Sep 17 00:00:00 2001 From: Sean McCaffery Date: Fri, 11 Oct 2024 21:30:01 -0400 Subject: [PATCH 24/30] feat: container successfully runs --- Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index d7014ee4f..689fc5c82 100644 --- a/Dockerfile +++ b/Dockerfile @@ -57,7 +57,8 @@ RUN chown nextjs:nodejs .next # Automatically leverage output traces to reduce image size # https://nextjs.org/docs/advanced-features/output-file-tracing -COPY --from=builder --chown=nextjs:nodejs /app/packages/react-app-revamp/.next/standalone ./ +COPY --from=builder --chown=nextjs:nodejs /app/packages/react-app-revamp/.next/standalone/packages/react-app-revamp ./ +COPY --from=builder --chown=nextjs:nodejs /app/packages/react-app-revamp/.next/standalone/node_modules ./node_modules COPY --from=builder --chown=nextjs:nodejs /app/packages/react-app-revamp/.next/static ./.next/static COPY --from=builder /app/packages/react-app-revamp/public ./public From b2c43b822ec0728554029c9da43c531b3e108f20 Mon Sep 17 00:00:00 2001 From: Sean McCaffery Date: Fri, 11 Oct 2024 21:38:45 -0400 Subject: [PATCH 25/30] chore: reorganize github workflows --- .github/workflows/nextjs_build.yml | 66 +++++++++++++++++++ ...s_build_and_push.yml => nextjs_docker.yml} | 2 +- 2 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/nextjs_build.yml rename .github/workflows/{nextjs_build_and_push.yml => nextjs_docker.yml} (99%) diff --git a/.github/workflows/nextjs_build.yml b/.github/workflows/nextjs_build.yml new file mode 100644 index 000000000..0a5e3bfbb --- /dev/null +++ b/.github/workflows/nextjs_build.yml @@ -0,0 +1,66 @@ +name: nextjs + +on: push + +# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued. +# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete. +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: false + +jobs: + # Build job + build: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + - name: Detect package manager + id: detect-package-manager + run: | + if [ -f "${{ github.workspace }}/yarn.lock" ]; then + echo "manager=yarn" >> $GITHUB_OUTPUT + echo "command=install" >> $GITHUB_OUTPUT + echo "runner=yarn" >> $GITHUB_OUTPUT + exit 0 + elif [ -f "${{ github.workspace }}/package.json" ]; then + echo "manager=npm" >> $GITHUB_OUTPUT + echo "command=ci" >> $GITHUB_OUTPUT + echo "runner=npx --no-install" >> $GITHUB_OUTPUT + exit 0 + else + echo "Unable to determine package manager" + exit 1 + fi + - name: Setup Node + uses: actions/setup-node@v4 + with: + node-version: "20" + cache: ${{ steps.detect-package-manager.outputs.manager }} + - name: Restore cache + uses: actions/cache@v4 + with: + path: | + .next/cache + # Generate a new cache whenever packages or source files change. + key: ${{ runner.os }}-nextjs-${{ hashFiles('**/package-lock.json', '**/yarn.lock') }}-${{ hashFiles('**.[jt]s', '**.[jt]sx') }} + # If source files changed but packages didn't, rebuild from a prior cache. + restore-keys: | + ${{ runner.os }}-nextjs-${{ hashFiles('**/package-lock.json', '**/yarn.lock') }}- + - name: Install dependencies + run: yarn install --production + - name: Build with Next.js + run: yarn build + env: + NEXT_PUBLIC_SUPABASE_URL: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_SUPABASE_URL || secrets.DEV_NEXT_PUBLIC_SUPABASE_URL }} + NEXT_PUBLIC_SUPABASE_ANON_KEY: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_SUPABASE_ANON_KEY || secrets.DEV_NEXT_PUBLIC_SUPABASE_ANON_KEY }} + NEXT_PUBLIC_WALLETCONNECT_PROJECT_ID: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_WALLETCONNECT_PROJECT_ID || secrets.DEV_NEXT_PUBLIC_WALLETCONNECT_PROJECT_ID }} + NEXT_PUBLIC_R2_ACCOUNT_ID: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_R2_ACCOUNT_ID || secrets.DEV_NEXT_PUBLIC_R2_ACCOUNT_ID }} + NEXT_PUBLIC_R2_ACCESS_KEY_ID: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_R2_ACCESS_KEY_ID || secrets.DEV_NEXT_PUBLIC_R2_ACCESS_KEY_ID }} + NEXT_PUBLIC_R2_SECRET_ACCESS_KEY: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_R2_SECRET_ACCESS_KEY || secrets.DEV_NEXT_PUBLIC_R2_SECRET_ACCESS_KEY }} + NEXT_PUBLIC_MERKLE_TREES_BUCKET: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_MERKLE_TREES_BUCKET || secrets.DEV_NEXT_PUBLIC_MERKLE_TREES_BUCKET }} + NEXT_PUBLIC_IMAGE_UPLOAD_BUCKET: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_IMAGE_UPLOAD_BUCKET || secrets.DEV_NEXT_PUBLIC_IMAGE_UPLOAD_BUCKET }} + NEXT_PUBLIC_ETHERSCAN_KEY: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_ETHERSCAN_KEY || secrets.DEV_NEXT_PUBLIC_ETHERSCAN_KEY }} + NEXT_PUBLIC_QUICKNODE_SLUG: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_QUICKNODE_SLUG || secrets.DEV_NEXT_PUBLIC_QUICKNODE_SLUG }} + NEXT_PUBLIC_QUICKNODE_KEY: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_QUICKNODE_KEY || secrets.DEV_NEXT_PUBLIC_QUICKNODE_KEY }} + NEXT_PUBLIC_ALCHEMY_KEY: ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_ALCHEMY_KEY || secrets.DEV_NEXT_PUBLIC_ALCHEMY_KEY }} diff --git a/.github/workflows/nextjs_build_and_push.yml b/.github/workflows/nextjs_docker.yml similarity index 99% rename from .github/workflows/nextjs_build_and_push.yml rename to .github/workflows/nextjs_docker.yml index 9de67f179..17ab57833 100644 --- a/.github/workflows/nextjs_build_and_push.yml +++ b/.github/workflows/nextjs_docker.yml @@ -1,4 +1,4 @@ -name: nextjs +name: nextjs-docker on: push From c2e7e4cd4ce31509edbf4071c240eec5b5a4d2c9 Mon Sep 17 00:00:00 2001 From: Sean McCaffery Date: Fri, 11 Oct 2024 22:59:11 -0400 Subject: [PATCH 26/30] chore: clean up spaces --- packages/react-app-revamp/next.config.js | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/packages/react-app-revamp/next.config.js b/packages/react-app-revamp/next.config.js index e23b73378..51bc31063 100644 --- a/packages/react-app-revamp/next.config.js +++ b/packages/react-app-revamp/next.config.js @@ -38,9 +38,9 @@ const nextConfig = { }; module.exports = withPWA({ - dest: "public", - register: true, - skipWaiting: true, - disable: process.env.NODE_ENV === "development", - maximumFileSizeToCacheInBytes: 10 * 1024 * 1024, // 5mb + dest: "public", + register: true, + skipWaiting: true, + disable: process.env.NODE_ENV === "development", + maximumFileSizeToCacheInBytes: 10 * 1024 * 1024, // 5mb })(nextConfig); From 4bd3cb7290aef8c36dc5d895181c0b380223823c Mon Sep 17 00:00:00 2001 From: Sean McCaffery Date: Fri, 11 Oct 2024 23:13:16 -0400 Subject: [PATCH 27/30] chore: only push image for prod --- .github/workflows/nextjs_docker.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/nextjs_docker.yml b/.github/workflows/nextjs_docker.yml index 17ab57833..b8bb50b5c 100644 --- a/.github/workflows/nextjs_docker.yml +++ b/.github/workflows/nextjs_docker.yml @@ -35,8 +35,8 @@ jobs: uses: docker/build-push-action@v3 with: context: . - push: true - tags: ghcr.io/jk-labs-inc/jokerace:${{ github.ref == 'refs/heads/main' && 'prod' || 'dev' }} + push: ${{ github.ref == 'refs/heads/main' }} + tags: ghcr.io/jk-labs-inc/jokerace:prod build-args: | NEXT_PUBLIC_SUPABASE_URL= ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_SUPABASE_URL || secrets.DEV_NEXT_PUBLIC_SUPABASE_URL }} NEXT_PUBLIC_SUPABASE_ANON_KEY= ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_SUPABASE_ANON_KEY || secrets.DEV_NEXT_PUBLIC_SUPABASE_ANON_KEY }} From ed521971ad18a0a9c4abfcc56a869501e82e6c6d Mon Sep 17 00:00:00 2001 From: Sean McCaffery Date: Sat, 12 Oct 2024 10:47:26 -0400 Subject: [PATCH 28/30] chore: rename to branch name --- .github/workflows/nextjs_docker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/nextjs_docker.yml b/.github/workflows/nextjs_docker.yml index b8bb50b5c..d0e37d961 100644 --- a/.github/workflows/nextjs_docker.yml +++ b/.github/workflows/nextjs_docker.yml @@ -36,7 +36,7 @@ jobs: with: context: . push: ${{ github.ref == 'refs/heads/main' }} - tags: ghcr.io/jk-labs-inc/jokerace:prod + tags: ghcr.io/jk-labs-inc/jokerace:main build-args: | NEXT_PUBLIC_SUPABASE_URL= ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_SUPABASE_URL || secrets.DEV_NEXT_PUBLIC_SUPABASE_URL }} NEXT_PUBLIC_SUPABASE_ANON_KEY= ${{ github.ref == 'refs/heads/main' && secrets.PROD_NEXT_PUBLIC_SUPABASE_ANON_KEY || secrets.DEV_NEXT_PUBLIC_SUPABASE_ANON_KEY }} From 8f5dd372649132fa66cca2313bcf3780218dc1ef Mon Sep 17 00:00:00 2001 From: Sean McCaffery Date: Sat, 12 Oct 2024 10:47:47 -0400 Subject: [PATCH 29/30] chore: add compose file --- compose.yml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 compose.yml diff --git a/compose.yml b/compose.yml new file mode 100644 index 000000000..ccb6620c2 --- /dev/null +++ b/compose.yml @@ -0,0 +1,24 @@ +services: + jokerace-main: + container_name: jokerace-main + image: ghcr.io/jk-labs-inc/jokerace:main + deploy: + mode: replicated + replicas: 3 + restart: always + + watchtower: + container_name: jokerace-watchtower + image: containrrr/watchtower + command: + - "jokerace-main" + - "--interval" + - "30" + - "--cleanup" + - "true" + volumes: + - /var/run/docker.sock:/var/run/docker.sock + deploy: + mode: global + restart: always + From 81fd37deda0bb52cbb41a845f5b859fe5f7a6a4a Mon Sep 17 00:00:00 2001 From: Sean McCaffery Date: Sat, 12 Oct 2024 10:50:41 -0400 Subject: [PATCH 30/30] chore: change container naming --- compose.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/compose.yml b/compose.yml index ccb6620c2..40a69a939 100644 --- a/compose.yml +++ b/compose.yml @@ -1,6 +1,6 @@ services: - jokerace-main: - container_name: jokerace-main + main-jokerace: + container_name: main-jokerace image: ghcr.io/jk-labs-inc/jokerace:main deploy: mode: replicated @@ -11,7 +11,7 @@ services: container_name: jokerace-watchtower image: containrrr/watchtower command: - - "jokerace-main" + - "main-jokerace" - "--interval" - "30" - "--cleanup"