diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 00000000..24189948 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,25 @@ +.env +*.deb +*.rpm + +# Additional package locks +pnpm-lock.yaml +yarn.lock + +# Go binaries and test artifacts +main +*.test + +node_modules + +# MacOS +.DS_store + +# Intellij +.idea + +# how does this get here +doc/VERSION + +web/static/js/* +!web/static/js/.gitignore \ No newline at end of file diff --git a/.github/workflows/docker-pr.yml b/.github/workflows/docker-pr.yml index 12fc6512..b59cac81 100644 --- a/.github/workflows/docker-pr.yml +++ b/.github/workflows/docker-pr.yml @@ -2,7 +2,7 @@ name: Docker image builds (pull requests) on: pull_request: - branches: [ "main" ] + branches: ["main"] env: DOCKER_METADATA_SET_OUTPUT_ENV: "true" @@ -11,7 +11,32 @@ permissions: contents: read jobs: - build: + buildx-bake: + runs-on: ubuntu-24.04 + steps: + - name: Checkout code + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + fetch-tags: true + fetch-depth: 0 + persist-credentials: false + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0 + + - name: Build and push + id: build + uses: docker/bake-action@76f9fa3a758507623da19f6092dc4089a7e61592 # v6.6.0 + with: + source: . + push: true + cache-from: type=gha + cache-to: type=gha,mode=max + set: | + osiris.tags=ttl.sh/techaro/pr-${{ github.event.number }}/osiris + osiris.tags+=ttl.sh/techaro/pr-${{ github.event.number }}/osiris:24h + + containerbuild: runs-on: ubuntu-24.04 steps: - name: Checkout code diff --git a/docker-bake.hcl b/docker-bake.hcl new file mode 100644 index 00000000..ed922279 --- /dev/null +++ b/docker-bake.hcl @@ -0,0 +1,28 @@ +variable "ALPINE_VERSION" { default = "3.22" } +variable "GITHUB_SHA" { default = "devel" } + +group "default" { + targets = [ + "osiris", + ] +} + +target "osiris" { + args = { + ALPINE_VERSION = "3.22" + } + context = "." + dockerfile = "./docker/osiris.Dockerfile" + platforms = [ + "linux/amd64", + "linux/arm64", + "linux/arm/v7", + "linux/ppc64le", + "linux/riscv64", + ] + pull = true + tags = [ + "ghcr.io/techarohq/osiris:${GITHUB_SHA}", + "ghcr.io/techarohq/osiris:main" + ] +} \ No newline at end of file diff --git a/docker/osiris.Dockerfile b/docker/osiris.Dockerfile new file mode 100644 index 00000000..df79cabe --- /dev/null +++ b/docker/osiris.Dockerfile @@ -0,0 +1,29 @@ +ARG ALPINE_VERSION=edge +FROM --platform=${BUILDPLATFORM} alpine:${ALPINE_VERSION} AS build + +ARG TARGETOS +ARG TARGETARCH +ARG VERSION=devel-docker + +RUN apk -U add go nodejs git build-base git npm bash zstd brotli gzip + +WORKDIR /app + +COPY go.mod go.sum ./ +RUN go mod download + +COPY . . +RUN --mount=type=cache,target=/root/.cache npm ci && npm run assets +RUN --mount=type=cache,target=/root/.cache GOOS=${TARGETOS} GOARCH=${TARGETARCH} CGO_ENABLED=0 GOARM=7 go build -gcflags "all=-N -l" -o /app/bin/osiris -ldflags "-s -w -extldflags -static -X github.com/TecharoHQ/anubis.Version=${VERSION}" ./cmd/osiris + +FROM alpine:${ALPINE_VERSION} AS run +WORKDIR /app + +RUN apk -U add ca-certificates mailcap + +COPY --from=build /app/bin/osiris /app/bin/osiris + +CMD ["/app/bin/anubis"] +HEALTHCHECK --interval=30s --timeout=30s --start-period=5s --retries=3 CMD [ "/app/bin/anubis", "--healthcheck" ] + +LABEL org.opencontainers.image.source="https://github.com/TecharoHQ/anubis" \ No newline at end of file