diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 00000000..1ca99a1b --- /dev/null +++ b/.dockerignore @@ -0,0 +1,42 @@ +# compiled output +dist +tmp +/out-tsc + +# dependencies +node_modules + +# IDEs and editors +/.idea +.project +.classpath +.c9/ +*.launch +.settings/ +*.sublime-workspace + +# IDE - VSCode +.vscode/* +!.vscode/settings.json +!.vscode/tasks.json +!.vscode/launch.json +!.vscode/extensions.json + +# misc +/.sass-cache +/connect.lock +/coverage +/libpeerconnection.log +npm-debug.log +yarn-error.log +testem.log +/typings + +# System Files +.DS_Store +Thumbs.db + +.nx/cache +.nx/workspace-data + +.angular diff --git a/.github/workflows/publish-dockerfile.yml b/.github/workflows/publish-dockerfile.yml new file mode 100644 index 00000000..3c840774 --- /dev/null +++ b/.github/workflows/publish-dockerfile.yml @@ -0,0 +1,44 @@ +name: Create and publish a Docker image for the backend +on: + push: + branches: [ "main" ] + +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + +jobs: + build-and-push-backend: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + attestations: write + id-token: write + steps: + - name: Checkout repository + uses: actions/checkout@v4 + - name: Log in to the Container registry + uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + - name: Build and push Docker image + id: push + uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4 + with: + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + - name: Generate artifact attestation + uses: actions/attest-build-provenance@v1 + with: + subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}} + subject-digest: ${{ steps.push.outputs.digest }} + push-to-registry: true diff --git a/backend/Dockerfile b/Dockerfile similarity index 54% rename from backend/Dockerfile rename to Dockerfile index 49fbdddb..c5ad9482 100644 --- a/backend/Dockerfile +++ b/Dockerfile @@ -1,18 +1,21 @@ +# Tdlib requires glibc, therefore alpine can't be used FROM node:22-bookworm-slim AS builder WORKDIR /build COPY . /build +# Enable the use of pnpm and compile the backend RUN corepack enable && corepack prepare pnpm@latest --activate RUN pnpm install -RUN pnpm build +RUN pnpx nx run backend:build FROM node:22-bookworm-slim +# Copy the compiled backend and the entry point script in a clean image WORKDIR /app -COPY ./entry_point.sh /entry_point.sh +COPY entry_point.sh /entry_point.sh RUN chmod +x /entry_point.sh -COPY --from=builder /build/dist /app +COPY --from=builder /build/dist/backend /app COPY --from=builder /build/node_modules /app/node_modules EXPOSE 3000 diff --git a/backend/project.json b/backend/project.json index 90e4ff78..451206fd 100644 --- a/backend/project.json +++ b/backend/project.json @@ -5,6 +5,11 @@ "projectType": "application", "tags": [], "targets": { + "build": { + "options": { + "generatePackageJson": true + } + }, "serve": { "executor": "@nx/js:node", "defaultConfiguration": "development", diff --git a/backend/entry_point.sh b/entry_point.sh similarity index 100% rename from backend/entry_point.sh rename to entry_point.sh diff --git a/shared-lib/project.json b/shared-lib/project.json index baa5716c..e94f3390 100644 --- a/shared-lib/project.json +++ b/shared-lib/project.json @@ -7,12 +7,17 @@ "targets": { "build": { "executor": "@nx/js:tsc", - "outputs": ["{options.outputPath}"], + "outputs": [ + "{options.outputPath}" + ], "options": { "outputPath": "dist/shared-lib", "main": "shared-lib/src/index.ts", "tsConfig": "shared-lib/tsconfig.lib.json", - "assets": ["shared-lib/*.md"] + "assets": [ + "shared-lib/*.md" + ], + "generatePackageJson": true } } }