Skip to content

Commit

Permalink
ci: build and push container for api (#303)
Browse files Browse the repository at this point in the history
  • Loading branch information
JSPRH authored Aug 9, 2023
1 parent 88943e7 commit 355cbd2
Show file tree
Hide file tree
Showing 6 changed files with 87 additions and 4 deletions.
3 changes: 3 additions & 0 deletions .dockerignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
/.angular
/node_modules
/.git
40 changes: 36 additions & 4 deletions .github/actions/build-and-deploy-api/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,15 @@ inputs:
sentryAuthToken:
required: true
description: "Sentry Auth Token"
containerRegistryUrl:
required: true
description: "Container registry url"
containerRegistryUsername:
required: true
description: "Container registry username"
containerRegistryPassword:
required: true
description: "Container registry password"
outputs:
url:
description: "API URL"
Expand All @@ -25,18 +34,41 @@ outputs:
runs:
using: "composite"
steps:
- run: envsubst < apps/api/src/.env.template > apps/api/src/.env
- name: Set environment
run: envsubst < apps/api/src/.env.template > apps/api/src/.env
env:
MONGODB_URI: ${{ inputs.mongoUri }}
ENVIRONMENT_NAME: ${{ inputs.slot }}
RELEASE_VERSION: ${{ inputs.releaseVersion }}
SENTRY_KEY: ${{ inputs.sentryKey }}
shell: bash
- run: |
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ${{ inputs.containerRegistryUrl }}
username: ${{ inputs.containerRegistryUsername }}
password: ${{ inputs.containerRegistryPassword }}
- name: Build app
run: |
npx nx build api --prod
cd dist/apps/api
npm i --omit=dev --ignore-scripts
shell: bash
- id: node-version-check
run: echo "node-version=$(cat .nvmrc | tr -cd '[:digit:].')" >> $GITHUB_OUTPUT
shell: bash
- name: Build and push image
uses: docker/build-push-action@v4
with:
context: ./
file: ./apps/api/Dockerfile
build-args: |
NODE_VERSION=${{ steps.node-version-check.outputs.node-version}}
push: true
tags: |
ghcr.io/kordis-leitstelle/kordis-api:${{ inputs.releaseVersion}}
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Deploy API
id: wa-deployment
uses: azure/webapps-deploy@v2
Expand Down
7 changes: 7 additions & 0 deletions .github/workflows/next-deployment.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,10 @@ jobs:
url: ${{ steps.spa-deployment.outputs.url }}
outputs:
spaUrl: ${{ steps.spa-deployment.outputs.url }}
permissions:
contents: read
packages: write
pull-requests: write
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
Expand All @@ -34,6 +38,9 @@ jobs:
mongoUri: ${{ secrets.DEV_MONGODB_URI }}
sentryKey: ${{ secrets.API_SENTRY_KEY }}
sentryAuthToken: ${{ secrets.SENTRY_AUTH_TOKEN }}
containerRegistryUrl: ghcr.io
containerRegistryUsername: ${{ github.actor }}
containerRegistryPassword: ${{ secrets.GITHUB_TOKEN }}
- name: Apply Database Migrations
run: ./tools/db/kordis-db.sh apply-pending-migrations
env:
Expand Down
14 changes: 14 additions & 0 deletions .github/workflows/preview-deployment.yml
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,10 @@ jobs:
if: |
(github.event_name == 'issue_comment' && github.event.issue.pull_request && startsWith(github.event.comment.body, '/deploy-preview')) &&
(needs.comment-handler.outputs.is-admin == 'true')
permissions:
contents: read
packages: write
pull-requests: write
steps:
- uses: actions/checkout@v3
with:
Expand Down Expand Up @@ -97,6 +101,9 @@ jobs:
releaseVersion: ${{ github.sha }}
sentryKey: ${{ secrets.API_SENTRY_KEY }}
sentryAuthToken: ${{ secrets.SENTRY_AUTH_TOKEN }}
containerRegistryUrl: ghcr.io
containerRegistryUsername: ${{ github.actor }}
containerRegistryPassword: ${{ secrets.GITHUB_TOKEN }}
- name: Build and Deploy SPA
id: spa-deployment
uses: ./.github/actions/build-and-deploy-spa
Expand Down Expand Up @@ -141,6 +148,10 @@ jobs:
if: |
(github.event_name == 'pull_request' && github.event.action == 'synchronize') &&
(needs.has-deployment.outputs.has-swa == 'true' || needs.has-deployment.outputs.has-wa == 'true')
permissions:
contents: read
packages: write
pull-requests: write
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
Expand Down Expand Up @@ -177,6 +188,9 @@ jobs:
releaseVersion: ${{ github.sha }}
sentryKey: ${{ secrets.API_SENTRY_KEY }}
sentryAuthToken: ${{ secrets.SENTRY_AUTH_TOKEN }}
containerRegistryUrl: ghcr.io
containerRegistryUsername: ${{ github.actor }}
containerRegistryPassword: ${{ secrets.GITHUB_TOKEN }}
- name: Build and Deploy SPA
id: spa-deployment
uses: ./.github/actions/build-and-deploy-spa
Expand Down
23 changes: 23 additions & 0 deletions apps/api/Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
ARG NODE_VERSION

FROM docker.io/node:${NODE_VERSION}-alpine AS builder

WORKDIR /app

# Install dependencies separately for caching
COPY ./dist/apps/api/package.json ./dist/apps/api/package-lock.json ./
RUN npm --omit=dev -f install

COPY ./dist/apps/api ./

# Use distroless for maximum security: https://github.com/GoogleContainerTools/distroless
FROM gcr.io/distroless/nodejs${NODE_VERSION}-debian11

COPY --from=builder /app /app
WORKDIR /app

ENV PORT=3333
EXPOSE ${PORT}


CMD ["./main.js"]
4 changes: 4 additions & 0 deletions apps/api/project.json
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,10 @@
"codeCoverage": true
}
}
},
"docker-build": {
"dependsOn": ["build"],
"command": "docker build --build-arg NODE_VERSION=$(cat .nvmrc | tr -cd [:digit:].) -f apps/api/Dockerfile . -t api"
}
},
"tags": []
Expand Down

0 comments on commit 355cbd2

Please sign in to comment.