Skip to content

Commit

Permalink
added docker-build
Browse files Browse the repository at this point in the history
  • Loading branch information
vladimirvshivkov committed Oct 7, 2024
1 parent 0ce5d2a commit a73c130
Show file tree
Hide file tree
Showing 4 changed files with 236 additions and 0 deletions.
32 changes: 32 additions & 0 deletions .dockerignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
# Include any files or directories that you don't want to be copied to your
# container here (e.g., local build artifacts, temporary files, etc.).
#
# For more help, visit the .dockerignore file reference guide at
# https://docs.docker.com/go/build-context-dockerignore/

**/.DS_Store
**/.classpath
**/.dockerignore
**/.env
**/.git
**/.gitignore
**/.project
**/.settings
**/.toolstarget
**/.vs
**/.vscode
**/*.*proj.user
**/*.dbmdl
**/*.jfm
**/bin
**/charts
**/docker-compose*
**/compose.y*ml
**/Dockerfile*
**/node_modules
**/npm-debug.log
**/obj
**/secrets.dev.yaml
**/values.dev.yaml
LICENSE
README.md
55 changes: 55 additions & 0 deletions .github/workflows/docker-build-push-on-tag-or-release.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,55 @@
name: Docker Image Build on tag or release

on:
push:
tags:
- '*'
release:
types: [published]

env:
ORG: opentelekomcloud
PROJECT: status-dashboard-v3-api

jobs:
push_if_tag:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v4

- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: |
"${{ secrets.REGISTRY }}/${{ env.ORG }}/${{ env.PROJECT }}"
tags: |
type=schedule
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Login to Container Registry
uses: docker/login-action@v3
with:
registry: ${{ secrets.REGISTRY }}
username: ${{ secrets.REGISTRY_USER }}
password: ${{ secrets.REGISTRY_PASSWORD }}

- name: Build and push
uses: docker/build-push-action@v5
with:
context: .
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
push: true
build-args: |
BASE_URL=${{ secrets.BASE_URL }}
AUTH_TOKEN=${{ secrets.AUTH_TOKEN }}
95 changes: 95 additions & 0 deletions .github/workflows/docker-build.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,95 @@
name: Docker Image Build

on:
pull_request:
types:
- opened
- closed
- edited
- reopened
- synchronize

env:
ORG: opentelekomcloud
PROJECT: status-dashboard-v3-api

jobs:

build:
if: github.event.pull_request.merged == false
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v4

- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: |
"${{ secrets.REGISTRY }}/${{ env.ORG }}/${{ env.PROJECT }}"
tags: |
type=schedule
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Build and push
uses: docker/build-push-action@v5
with:
context: .
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
push: false
build-args: |
BASE_URL=${{ secrets.BASE_URL }}
AUTH_TOKEN=${{ secrets.AUTH_TOKEN }}
push_if_merged:
if: github.event.pull_request.merged == true
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v4

- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: |
"${{ secrets.REGISTRY }}/${{ env.ORG }}/${{ env.PROJECT }}"
tags: |
type=schedule
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Login to Container Registry
uses: docker/login-action@v3
with:
registry: ${{ secrets.REGISTRY }}
username: ${{ secrets.REGISTRY_USER }}
password: ${{ secrets.REGISTRY_PASSWORD }}

- name: Build and push
uses: docker/build-push-action@v5
with:
context: .
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
push: true
build-args: |
BASE_URL=${{ secrets.BASE_URL }}
AUTH_TOKEN=${{ secrets.AUTH_TOKEN }}
54 changes: 54 additions & 0 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
# syntax=docker/dockerfile:1

# Create a stage for building the application.
ARG GO_VERSION=1.22
FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-alpine AS build
WORKDIR /usr/src/app

# Cache dependencies
RUN --mount=type=cache,target=/go/pkg/mod/ \
--mount=type=bind,source=go.sum,target=go.sum \
--mount=type=bind,source=go.mod,target=go.mod \
go mod download -x

ARG TARGETARCH

# Build the application
RUN --mount=type=cache,target=/go/pkg/mod/ \
--mount=type=bind,target=. \
CGO_ENABLED=0 GOARCH=$TARGETARCH go build -o /usr/local/bin/app cmd/main.go

# Stage 2: Create a minimal production image
FROM alpine:3.20 AS final

# Install necessary packages
RUN --mount=type=cache,target=/var/cache/apk \
apk --update add \
ca-certificates \
tzdata \
&& \
update-ca-certificates

# Create a non-privileged user
ARG UID=1001
RUN adduser \
--disabled-password \
--gecos "" \
--home "/nonexistent" \
--shell "/sbin/nologin" \
--no-create-home \
--uid "${UID}" \
appuser

USER appuser

WORKDIR /usr/src/app

# Copy the binary from the build stage
COPY --from=build --chown=appuser:appuser /usr/local/bin/app .

# Expose the port
EXPOSE 8000

# Define the command to run
ENTRYPOINT [ "/usr/src/app/app" ]

0 comments on commit a73c130

Please sign in to comment.