From 804ddc1055b6405271c3516bcb0d6842c3519d88 Mon Sep 17 00:00:00 2001 From: Bojan Zelic Date: Sun, 15 Dec 2024 22:13:17 -0700 Subject: [PATCH 1/5] create docker container --- .../workflows/docker-publish-njsPC-linux.yml | 50 ------------------- .github/workflows/push-docker.yaml | 49 ++++++++++++++++++ Dockerfile | 32 ++++++++---- 3 files changed, 70 insertions(+), 61 deletions(-) delete mode 100644 .github/workflows/docker-publish-njsPC-linux.yml create mode 100644 .github/workflows/push-docker.yaml diff --git a/.github/workflows/docker-publish-njsPC-linux.yml b/.github/workflows/docker-publish-njsPC-linux.yml deleted file mode 100644 index eb767ab..0000000 --- a/.github/workflows/docker-publish-njsPC-linux.yml +++ /dev/null @@ -1,50 +0,0 @@ -name: Publish Docker Image - Ubuntu - -on: - push: - branches: - - master - tags: - - "v*.*.*" - workflow_dispatch: - -jobs: - build-and-push: - runs-on: ubuntu-latest - steps: - - name: Docker meta - id: meta - uses: docker/metadata-action@v5 - with: - # list of Docker images to use as base name for tags - images: | - tagyoureit/njspc-dashpanel - # generate Docker tags based on the following events/attributes - tags: | - type=schedule - type=ref,event=branch - type=ref,event=pr - type=semver,pattern={{version}} - type=semver,pattern={{major}}.{{minor}} - type=semver,pattern={{major}} - type=sha - - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Login to Docker Hub - uses: docker/login-action@v3 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - - name: Build and push combined Docker image - uses: docker/build-push-action@v6 - with: - push: true - platforms: linux/amd64,linux/arm64,linux/arm/v7 - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} diff --git a/.github/workflows/push-docker.yaml b/.github/workflows/push-docker.yaml new file mode 100644 index 0000000..b02bcc9 --- /dev/null +++ b/.github/workflows/push-docker.yaml @@ -0,0 +1,49 @@ +name: Build and Push Docker Image + +on: + push: + branches: [ "main" ] + # Allows manual workflow runs from the Actions tab + workflow_dispatch: + +env: + REGISTRY: ghcr.io + # github.repository as / + IMAGE_NAME: ${{ github.repository }} + +jobs: + build-and-push: + runs-on: ubuntu-latest + # Sets the permissions granted to the GITHUB_TOKEN for this job + permissions: + contents: read + packages: write + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Log in to the Container registry + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + tags: | + type=sha,format=long + type=ref,event=branch + latest + + - name: Build and push Docker image + uses: docker/build-push-action@v5 + with: + context: . + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index fcdb880..48757dc 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,18 +1,28 @@ -FROM node:18-alpine as build -RUN apk add --no-cache make gcc g++ python3 linux-headers udev tzdata +FROM node:23-alpine AS builder + WORKDIR /app + COPY package*.json ./ + RUN npm ci + COPY . . + RUN npm run build -RUN npm ci --production -FROM node:18-alpine -RUN apk add git -RUN mkdir /app && chown node:node /app && mkdir /app/data && chown node:node /app/data +FROM node:23-alpine AS runner + WORKDIR /app -COPY --chown=node:node --from=build /app . -USER node -ENV NODE_ENV=production -EXPOSE 4200 -ENTRYPOINT ["node", "dist/app.js"] + +RUN addgroup -g 1001 -S nodejs && \ + adduser -S nodejs -u 1001 -G nodejs \ + && apk add git + +ENV NODE_ENV production + +COPY --from=builder --chown=nodejs:nodejs /app ./ +USER nodejs + +EXPOSE 5150 + +CMD ["node", "dist/app.js"] From 4e05125cf51699897cc101a26602ee78530b84cb Mon Sep 17 00:00:00 2001 From: Bojan Zelic Date: Sun, 15 Dec 2024 22:18:56 -0700 Subject: [PATCH 2/5] multiarch build --- .github/workflows/push-docker.yaml | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/.github/workflows/push-docker.yaml b/.github/workflows/push-docker.yaml index b02bcc9..cac4684 100644 --- a/.github/workflows/push-docker.yaml +++ b/.github/workflows/push-docker.yaml @@ -1,20 +1,17 @@ -name: Build and Push Docker Image +name: Build and Push Multi-arch Docker Image on: push: - branches: [ "main" ] - # Allows manual workflow runs from the Actions tab + branches: [ "master" ] workflow_dispatch: env: REGISTRY: ghcr.io - # github.repository as / IMAGE_NAME: ${{ github.repository }} jobs: build-and-push: runs-on: ubuntu-latest - # Sets the permissions granted to the GITHUB_TOKEN for this job permissions: contents: read packages: write @@ -23,6 +20,12 @@ jobs: - name: Checkout repository uses: actions/checkout@v4 + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Log in to the Container registry uses: docker/login-action@v3 with: @@ -30,7 +33,7 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Extract metadata (tags, labels) for Docker + - name: Extract metadata id: meta uses: docker/metadata-action@v5 with: @@ -44,6 +47,9 @@ jobs: uses: docker/build-push-action@v5 with: context: . + platforms: linux/amd64,linux/arm64 push: true tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} \ No newline at end of file + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max \ No newline at end of file From 44a71dd52b5cbe1fc0ec32f329361ee6f1f63d1a Mon Sep 17 00:00:00 2001 From: Bojan Zelic Date: Sun, 15 Dec 2024 22:28:26 -0700 Subject: [PATCH 3/5] fix permissions --- Dockerfile | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 48757dc..28d82fa 100644 --- a/Dockerfile +++ b/Dockerfile @@ -21,7 +21,10 @@ RUN addgroup -g 1001 -S nodejs && \ ENV NODE_ENV production COPY --from=builder --chown=nodejs:nodejs /app ./ -USER nodejs +#hacky way to fix permissions +USER root +RUN chown nodejs:nodejs /app +USER nodejs EXPOSE 5150 From f5c561206439edd1d60dbb50cdba5a266cfd8b76 Mon Sep 17 00:00:00 2001 From: Bojan Zelic Date: Thu, 20 Feb 2025 20:10:51 -0700 Subject: [PATCH 4/5] add tzdata --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 28d82fa..d8a2a44 100644 --- a/Dockerfile +++ b/Dockerfile @@ -16,7 +16,7 @@ WORKDIR /app RUN addgroup -g 1001 -S nodejs && \ adduser -S nodejs -u 1001 -G nodejs \ - && apk add git + && apk add git tzdata ENV NODE_ENV production From b289f9624ffac7cb4879afc5b47019d8947436e8 Mon Sep 17 00:00:00 2001 From: Bojan Zelic Date: Thu, 20 Feb 2025 20:34:12 -0700 Subject: [PATCH 5/5] Update push-docker.yaml --- .github/workflows/push-docker.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/push-docker.yaml b/.github/workflows/push-docker.yaml index cac4684..a71d86e 100644 --- a/.github/workflows/push-docker.yaml +++ b/.github/workflows/push-docker.yaml @@ -3,6 +3,8 @@ name: Build and Push Multi-arch Docker Image on: push: branches: [ "master" ] + tags: + - "v*.*.*" workflow_dispatch: env: @@ -52,4 +54,4 @@ jobs: tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} cache-from: type=gha - cache-to: type=gha,mode=max \ No newline at end of file + cache-to: type=gha,mode=max