From 990ea31566edc969aa12979e12076eb2af315b22 Mon Sep 17 00:00:00 2001 From: Richard Olsson Date: Thu, 6 Jun 2024 20:21:38 +0200 Subject: [PATCH 1/9] Move build step to Dockerfile from run script --- env/frontend/Dockerfile | 1 + run.sh | 1 - 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/env/frontend/Dockerfile b/env/frontend/Dockerfile index d75f1fd5ef..01c4771f8f 100644 --- a/env/frontend/Dockerfile +++ b/env/frontend/Dockerfile @@ -7,5 +7,6 @@ COPY yarn.lock /var/app/yarn.lock RUN yarn install --no-cache --frozen-lockfile COPY . /var/app +RUN yarn build CMD ./run.sh diff --git a/run.sh b/run.sh index 5611b5e268..b5408da0fb 100755 --- a/run.sh +++ b/run.sh @@ -2,7 +2,6 @@ if [[ "$NODE_ENV" == "production" ]]; then - yarn build yarn start else yarn dev From 7f3e32d765280dd5815bb6ba4a4c6e55dbcd63c8 Mon Sep 17 00:00:00 2001 From: Richard Olsson Date: Thu, 6 Jun 2024 20:25:48 +0200 Subject: [PATCH 2/9] Add boilerplate docker build and push workflow --- .github/workflows/delivery.yml | 45 ++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 .github/workflows/delivery.yml diff --git a/.github/workflows/delivery.yml b/.github/workflows/delivery.yml new file mode 100644 index 0000000000..984d0e1217 --- /dev/null +++ b/.github/workflows/delivery.yml @@ -0,0 +1,45 @@ +name: Build docker image + +on: + pull_request: + +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + +jobs: + build-and-push-image: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + attestations: write + id-token: write + steps: + - name: Checkout repository + uses: actions/checkout@v4 + - name: Log in to the Container registry + uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + - name: Build and push Docker image + id: push + uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4 + with: + context: . + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + - name: Generate artifact attestation + uses: actions/attest-build-provenance@v1 + with: + subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}} + subject-digest: ${{ steps.push.outputs.digest }} + push-to-registry: true From 59ed59014842f9cf37ebc7ecdacbfadd37923c6b Mon Sep 17 00:00:00 2001 From: Richard Olsson Date: Thu, 6 Jun 2024 20:31:58 +0200 Subject: [PATCH 3/9] Add date tags --- .github/workflows/delivery.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/delivery.yml b/.github/workflows/delivery.yml index 984d0e1217..fb5cd165e9 100644 --- a/.github/workflows/delivery.yml +++ b/.github/workflows/delivery.yml @@ -29,6 +29,9 @@ jobs: uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + tags: | + type=sha,prefix={{date 'YYMMDD'}}- + type=raw,value={{date 'YYMMDD'}} - name: Build and push Docker image id: push uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4 From e7987d62d2831d4a23ed98f96622d82357cda2bc Mon Sep 17 00:00:00 2001 From: Richard Olsson Date: Thu, 6 Jun 2024 20:37:38 +0200 Subject: [PATCH 4/9] Fix path to Dockerfile --- .github/workflows/delivery.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/delivery.yml b/.github/workflows/delivery.yml index fb5cd165e9..4123efa606 100644 --- a/.github/workflows/delivery.yml +++ b/.github/workflows/delivery.yml @@ -37,6 +37,7 @@ jobs: uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4 with: context: . + file: ./env/frontend/Dockerfile push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} From 234302685285070b928f1b849183555eed242f4e Mon Sep 17 00:00:00 2001 From: Richard Olsson Date: Fri, 7 Jun 2024 07:32:54 +0200 Subject: [PATCH 5/9] Enable caching for docker build --- .github/workflows/delivery.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/delivery.yml b/.github/workflows/delivery.yml index 4123efa606..ad34b391b8 100644 --- a/.github/workflows/delivery.yml +++ b/.github/workflows/delivery.yml @@ -18,6 +18,8 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v4 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 - name: Log in to the Container registry uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1 with: @@ -41,6 +43,8 @@ jobs: push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max - name: Generate artifact attestation uses: actions/attest-build-provenance@v1 with: From a6a3df2a9ee09dddcc49a98d477d5c702b1bae37 Mon Sep 17 00:00:00 2001 From: Richard Olsson Date: Fri, 7 Jun 2024 08:20:51 +0200 Subject: [PATCH 6/9] Make delivery GHA workflow file more readable --- .github/workflows/delivery.yml | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/.github/workflows/delivery.yml b/.github/workflows/delivery.yml index ad34b391b8..2b54b3b544 100644 --- a/.github/workflows/delivery.yml +++ b/.github/workflows/delivery.yml @@ -18,25 +18,32 @@ jobs: steps: - name: Checkout repository uses: actions/checkout@v4 + + # Buildx is necessary for GitHub Actions caching to work - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + - name: Log in to the Container registry - uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1 + uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} + - name: Extract metadata (tags, labels) for Docker id: meta - uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7 + uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + # The image will be tagged YYMMDD and YYMMDD-abcdef, + # where abcdef is the shortform hash of the last commit tags: | type=sha,prefix={{date 'YYMMDD'}}- type=raw,value={{date 'YYMMDD'}} + - name: Build and push Docker image id: push - uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4 + uses: docker/build-push-action@v5 with: context: . file: ./env/frontend/Dockerfile @@ -45,6 +52,7 @@ jobs: labels: ${{ steps.meta.outputs.labels }} cache-from: type=gha cache-to: type=gha,mode=max + - name: Generate artifact attestation uses: actions/attest-build-provenance@v1 with: From 77201990b2dbe109f1ecafaa192300a5550d3b16 Mon Sep 17 00:00:00 2001 From: Richard Olsson Date: Fri, 7 Jun 2024 08:33:31 +0200 Subject: [PATCH 7/9] Prevent .github config files from being added to docker --- .dockerignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.dockerignore b/.dockerignore index fd34177ee8..b43ae42eae 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,5 +1,6 @@ Dockerfile node_modules .git +.github .next env From 28125f1394b01b031be7207fdff3d92a3b90d088 Mon Sep 17 00:00:00 2001 From: Richard Olsson Date: Fri, 14 Jun 2024 17:08:16 +0200 Subject: [PATCH 8/9] Change so that workflow runs on push to the release branch --- .github/workflows/delivery.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/delivery.yml b/.github/workflows/delivery.yml index 2b54b3b544..c458263417 100644 --- a/.github/workflows/delivery.yml +++ b/.github/workflows/delivery.yml @@ -1,7 +1,9 @@ name: Build docker image on: - pull_request: + push: + branches: + - "release" env: REGISTRY: ghcr.io From 28f7027c8a17d795412477bf0b44b1107008c799 Mon Sep 17 00:00:00 2001 From: Richard Olsson Date: Sun, 16 Jun 2024 07:22:18 +0200 Subject: [PATCH 9/9] Explicitly add 'latest' tag to docker builds --- .github/workflows/delivery.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/delivery.yml b/.github/workflows/delivery.yml index c458263417..265204f75f 100644 --- a/.github/workflows/delivery.yml +++ b/.github/workflows/delivery.yml @@ -42,6 +42,7 @@ jobs: tags: | type=sha,prefix={{date 'YYMMDD'}}- type=raw,value={{date 'YYMMDD'}} + type=raw,value=latest - name: Build and push Docker image id: push