-
Notifications
You must be signed in to change notification settings - Fork 14
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
c78d4ba
commit eb57bc2
Showing
3 changed files
with
50 additions
and
14 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,30 @@ | ||
| name: Build Docker Image on PR to ref main branch | ||
|
|
||
| on: | ||
| pull_request: | ||
| branches: | ||
| - 'master' | ||
|
|
||
| jobs: | ||
| build: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout out the repo | ||
| uses: actions/checkout@v2 | ||
|
|
||
| - name: Log into the Container registry | ||
| uses: docker/login-action@v2 | ||
| with: | ||
| username: ${{ secrets.DOCKER_HUB_USERNAME }} | ||
| password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} | ||
|
|
||
| - name: Set Docker tag as short commit sha | ||
| id: tag | ||
| run: echo "::set-output name=TAG::$(echo $GITHUB_SHA | head -c 8)" | ||
|
|
||
| - name: Build and push the Docker image | ||
| uses: docker/build-push-action@v4 | ||
| with: | ||
| context: . | ||
| push: true | ||
| tags: ${{ secrets.DOCKER_HUB_USERNAME }}/${{ secrets.DOCKER_HUB_REPO }}:${{ steps.tag.outputs.TAG }} |
File renamed without changes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,27 +1,33 @@ | ||
| # syntax = docker/dockerfile:1.3 | ||
|
|
||
| # Always add commit hash for reproducability | ||
| # Always add commit hash for reproducibility | ||
| FROM node:18-alpine@sha256:3482a20c97e401b56ac50ba8920cc7b5b2022bfc6aa7d4e4c231755770cf892f | ||
|
|
||
| # Enable prod optimizations | ||
| ENV NODE_ENV=production | ||
| ENV NODE_ENV=production \ | ||
| NPM_CONFIG_PRODUCTION=false | ||
|
|
||
| WORKDIR /app | ||
| RUN apk add --update --no-cache g++ make python3 && \ | ||
| ln -sf python3 /usr/bin/python && \ | ||
| apk add --update --no-cache yarn | ||
|
|
||
| # Install build dependencies and clean up | ||
| RUN apk add --update --no-cache \ | ||
| g++ \ | ||
| make \ | ||
| python3 \ | ||
| && ln -sf python3 /usr/bin/python \ | ||
| && apk add --update --no-cache yarn \ | ||
| && apk add --no-cache tini \ | ||
| && rm -rf /var/cache/apk/* | ||
|
|
||
| # Copy package.json and yarn.lock for optimised caching | ||
| COPY ["package.json", "yarn.lock", "./"] | ||
| RUN yarn install --frozen-lockfile --production | ||
| COPY . /app | ||
|
|
||
| # make sure we can write the data directory | ||
| RUN chown node:node data | ||
| # Make sure we can write the data directory | ||
| RUN mkdir -p data | ||
|
|
||
| # Install application dependencies | ||
| RUN yarn install --frozen-lockfile --production | ||
|
|
||
| # Add a simple init system so that Node would respect process signals | ||
| RUN apk add --no-cache tini | ||
| ENTRYPOINT ["/sbin/tini", "--"] | ||
|
|
||
| # Don't run as root | ||
| USER node | ||
| CMD ["node", "main.js" ] | ||
| CMD ["node", "main.js"] |