From 6146076a141d675fda16f357564b7bbf5269de06 Mon Sep 17 00:00:00 2001 From: Giles Westwood Date: Tue, 8 Oct 2024 15:21:17 +0100 Subject: [PATCH 1/2] feat: docker builds with separate dockerfiles from dev --- .github/workflows/bld_all_docker.yml | 89 +++++++++++ .github/workflows/bld_docker.yml | 149 +++++++++++++++++++ .github/workflows/build_test_release.yml | 17 +++ .github/workflows/build_test_release_tag.yml | 18 +++ Dockerfile.build | 36 +++++ build-docker.sh | 3 + docker-compose.build.yml | 12 ++ 7 files changed, 324 insertions(+) create mode 100644 .github/workflows/bld_all_docker.yml create mode 100644 .github/workflows/bld_docker.yml create mode 100644 Dockerfile.build create mode 100755 build-docker.sh create mode 100644 docker-compose.build.yml diff --git a/.github/workflows/bld_all_docker.yml b/.github/workflows/bld_all_docker.yml new file mode 100644 index 0000000000..3dd354d64c --- /dev/null +++ b/.github/workflows/bld_all_docker.yml @@ -0,0 +1,89 @@ +name: bld_all_docker + +permissions: + checks: write + contents: read + issues: read + pull-requests: write + +on: + workflow_call: + inputs: + version_tag: + description: 'Version tag to use: (bump must also be set to none to keep a specific version' + required: false + default: 'latest' + type: string + bump: + description: 'whether to bump the version number by a major minor patch' + required: false + default: 'patch' + type: string + ref: + description: 'git reference to use with the checkout use default_branch to have that calculated' + required: false + default: "default" + type: string + + workflow_dispatch: + inputs: + version_tag: + description: 'Version tag to use: (bump must also be set to none to keep a specific version' + required: false + default: 'latest' + type: string + bump: + description: 'whether to bump the version number by a major minor patch' + required: false + default: 'patch' + type: string + ref: + description: 'git reference to use with the checkout use default_branch to have that calculated' + required: false + default: "default" + type: string + +jobs: + + bld_angular_prod: + uses: ./.github/workflows/bld_docker.yml + secrets: inherit # pass all secrets + with: + docker_name: orcid/registry/orcid-web-frontend-prod + context: . + version_tag: ${{ inputs.version_tag }} + bump: ${{ inputs.bump }} + build_args: "build_env=prod" + file: Dockerfile.build + bld_angular_sandbox: + uses: ./.github/workflows/bld_docker.yml + secrets: inherit # pass all secrets + with: + docker_name: orcid/registry/orcid-web-frontend-sandbox + context: . + version_tag: ${{ inputs.version_tag }} + bump: ${{ inputs.bump }} + build_args: "build_env=sandbox" + file: Dockerfile.build + bld_angular_qa: + uses: ./.github/workflows/bld_docker.yml + secrets: inherit # pass all secrets + with: + docker_name: orcid/registry/orcid-web-frontend-qa + context: . + version_tag: ${{ inputs.version_tag }} + bump: ${{ inputs.bump }} + build_args: "build_env=qa" + file: Dockerfile.build + bld_angular_int: + uses: ./.github/workflows/bld_docker.yml + secrets: inherit # pass all secrets + with: + docker_name: orcid/registry/orcid-web-frontend-int + context: . + version_tag: ${{ inputs.version_tag }} + bump: ${{ inputs.bump }} + build_args: "build_env=int" + file: Dockerfile.build + + diff --git a/.github/workflows/bld_docker.yml b/.github/workflows/bld_docker.yml new file mode 100644 index 0000000000..8402339f60 --- /dev/null +++ b/.github/workflows/bld_docker.yml @@ -0,0 +1,149 @@ +name: bld_docker +run-name: ${{ inputs.docker_name }} + +permissions: + checks: write + contents: read + issues: read + pull-requests: write + +on: + workflow_call: + inputs: + docker_name: + description: 'Name of the docker image to build' + required: false + default: "orcid/version-bumping-test" + type: string + context: + description: 'Name of the context in the repo' + required: false + default: "." + type: string + build_args: + description: 'arguments' + required: false + default: "" + type: string + file: + description: 'specify a custom dockerfile' + required: false + default: "" + type: string + version_tag: + description: 'Name of the tag to build' + required: false + default: 'latest' + type: string + bump: + description: 'whether to bump the version number by a major minor patch amount or none' + required: false + default: 'patch' + type: string + ref: + description: 'git reference to use with the checkout use default_branch to have that calculated' + required: false + default: "default" + type: string + + workflow_dispatch: + inputs: + docker_name: + description: 'Name of the docker image to build' + required: false + default: "orcid/version-bumping-test" + type: string + context: + description: 'Name of the context in the repo' + required: false + default: "." + type: string + build_args: + description: 'arguments' + required: false + default: "" + type: string + file: + description: 'specify a custom dockerfile' + required: false + default: "" + type: string + version_tag: + description: 'Name of the tag to build' + required: false + default: 'latest' + type: string + bump: + description: 'whether to bump the version number by a major minor patch amount or none' + required: false + default: 'patch' + type: string + ref: + description: 'git reference to use with the checkout use default_branch to have that calculated' + required: false + default: "default" + type: string + + +jobs: + bld_docker: + runs-on: ubuntu-latest + steps: + - name: git-checkout-ref-action + id: ref + uses: ORCID/git-checkout-ref-action@main + with: + default_branch: ${{ github.event.repository.default_branch }} + ref: ${{ inputs.ref }} + + - uses: actions/checkout@v3 + with: + ref: ${{ steps.ref.outputs.ref }} + # checkout some history so we can scan commits for bump messages + # NOTE: history does not include tags! + fetch-depth: 100 + + - name: find next version + id: version + uses: ORCID/version-bump-action@main + with: + version_tag: ${{ inputs.version_tag }} + bump: ${{ inputs.bump }} + + - uses: docker/setup-buildx-action@v2 + - uses: actions/cache@v3 + with: + path: /tmp/.buildx-cache + # each cache needs a unique key for the job + key: ${{ runner.os }}-buildx-${{ hashFiles(inputs.context) }} + # Alternative restore keys if no exact match is found + # I /think/ this means that other docker buildx jobs could help out here + restore-keys: | + ${{ runner.os }}-buildx- + - name: Login to private registry + uses: docker/login-action@v2 + with: + registry: ${{ secrets.DOCKER_REG_PRIVATE }} + username: ${{ secrets.DOCKER_USER }} + password: ${{ secrets.DOCKER_PASSWORD }} + + - name: nasty hack to allow dynamic defaults + id: dynamic_defaults + run: | + FILE="${{ github.event.inputs.file }}" + echo "default_file=${FILE:-${{ inputs.context }}/Dockerfile}" >> "$GITHUB_OUTPUT" + + - name: show the dynamic defaults + run: | + echo ${{ steps.dynamic_defaults.outputs.default_file }} + + - uses: docker/build-push-action@v3 + with: + push: true + tags: ${{ secrets.DOCKER_REG_PRIVATE }}/${{ inputs.docker_name}}:${{ steps.version.outputs.version_tag_numeric }} + context: ${{ inputs.context }} + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache + build-args: ${{ inputs.build_args }} + file: ${{ steps.dynamic_defaults.outputs.default_file }} + diff --git a/.github/workflows/build_test_release.yml b/.github/workflows/build_test_release.yml index 602304b4ad..209d9196d2 100644 --- a/.github/workflows/build_test_release.yml +++ b/.github/workflows/build_test_release.yml @@ -98,3 +98,20 @@ jobs: bump: ${{ inputs.bump }} ref: ${{ inputs.ref }} + bld_all_docker: + uses: ./.github/workflows/bld_all_docker.yml + secrets: inherit # pass all secrets for uploading assets + needs: + - lint + - bld_all_yarn + - format_i18n + - format_prettier + permissions: + checks: write + contents: read + issues: read + pull-requests: write + with: + version_tag: ${{ inputs.version_tag }} + bump: ${{ inputs.bump }} + ref: ${{ inputs.ref }} diff --git a/.github/workflows/build_test_release_tag.yml b/.github/workflows/build_test_release_tag.yml index 179b1b0339..2bb93024de 100644 --- a/.github/workflows/build_test_release_tag.yml +++ b/.github/workflows/build_test_release_tag.yml @@ -98,6 +98,24 @@ jobs: bump: ${{ inputs.bump }} ref: ${{ inputs.ref }} + bld_all_docker: + uses: ./.github/workflows/bld_all_docker.yml + secrets: inherit # pass all secrets for uploading assets + needs: + - lint + - bld_all_yarn + - format_i18n + - format_prettier + permissions: + checks: write + contents: read + issues: read + pull-requests: write + with: + version_tag: ${{ inputs.version_tag }} + bump: ${{ inputs.bump }} + ref: ${{ inputs.ref }} + ############################################################################## rel_tag: diff --git a/Dockerfile.build b/Dockerfile.build new file mode 100644 index 0000000000..fe7a968c0b --- /dev/null +++ b/Dockerfile.build @@ -0,0 +1,36 @@ +# dependencies docker build + +# match version from .tool-versions +FROM maven:3.6.3-jdk-11 AS maven + +ARG build_env + +WORKDIR /build + +# copy only poms for max cachability of just dependency downloads +COPY pom.xml . + +# download maven dependencies and ignore that some components will fail +RUN mvn -T 1C --batch-mode dependency:resolve --fail-never -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn + +COPY ./scripts ./scripts +# for yarn build +COPY *.json . +COPY *.lock . + +COPY ./src ./src + +RUN mvn -T 1C --batch-mode \ + -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \ + --file "pom.xml" \ + --activate-profiles "${build_env}" -Dnodejs.workingDirectory=. \ + package -Dmaven.test.skip + + +# For Java 11 and Tomcat 9 +#FROM tomcat:9.0.93-jdk11-temurin-jammy +FROM tomcat:9.0.91-jdk11-temurin-focal + +# copy war file from build +COPY --from=maven /build/target/*.war /usr/local/tomcat/webapps/orcid-frontend.war + diff --git a/build-docker.sh b/build-docker.sh new file mode 100755 index 0000000000..68879e704b --- /dev/null +++ b/build-docker.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env bash + +docker compose -f docker-compose.build.yml build diff --git a/docker-compose.build.yml b/docker-compose.build.yml new file mode 100644 index 0000000000..e9d6ada9a4 --- /dev/null +++ b/docker-compose.build.yml @@ -0,0 +1,12 @@ +version: '2' +services: + angular: + image: ${DOCKER_REG_PRIVATE}/orcid/registry/orcid-angular:${TAG:-0.0.1} + #entrypoint: sleep infinity + build: + context: . + dockerfile: Dockerfile.build + args: + build_env: ${BUILD_ENV:-prod} + ports: + - 0.0.0.0:13005:8080 From 0c088a0f5a91eb8f74708a4eea719d4d864abeef Mon Sep 17 00:00:00 2001 From: Giles Westwood Date: Tue, 8 Oct 2024 16:25:43 +0100 Subject: [PATCH 2/2] match external port to current standard --- docker-compose.build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.build.yml b/docker-compose.build.yml index e9d6ada9a4..1836d1b619 100644 --- a/docker-compose.build.yml +++ b/docker-compose.build.yml @@ -9,4 +9,4 @@ services: args: build_env: ${BUILD_ENV:-prod} ports: - - 0.0.0.0:13005:8080 + - 0.0.0.0:13105:8080