diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..1856771 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,3 @@ +.git + +config.json diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index b31a442..d49c412 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -4,13 +4,9 @@ on: push: branches: [ "main" ] tags: 'v*' - pull_request: - branches: [ "main" ] jobs: - - build: - + build-and-publish: runs-on: ubuntu-latest steps: - name: Checkout diff --git a/Dockerfile b/Dockerfile index 14afd00..682fdaa 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,19 @@ # See https://hub.docker.com/r/denoland/deno/tags for available images FROM denoland/deno:alpine-1.36.1 -COPY . /opt/drand-bot -WORKDIR /opt/drand-bot +WORKDIR /app + +# Prefer not to run as root. +USER deno + +# Cache the dependencies as a layer (the following two steps are re-run only when deps.ts is modified). +# Ideally cache deps.ts will download and compile _all_ external files used in main.ts. +COPY deps.ts . +RUN deno cache deps.ts + +COPY . . + +# Compile the main app so that it doesn't need to be compiled each startup/entry. +RUN deno cache main.ts CMD deno run --allow-read --allow-net --allow-env main.ts diff --git a/README.md b/README.md index a97174d..45de33d 100644 --- a/README.md +++ b/README.md @@ -104,6 +104,6 @@ Start: ```sh docker run \ - -v $PWD/config.json:/opt/drand-bot/config.json \ + -v "$PWD/config.json":/app/config.json \ noislabs/nois-bot:nextgen ```