refactor(docker): multi-arch docker π³ build overhaul ποΈ #258
Conversation
* Switch to multi-stage build pattern for smaller image size * Add support for both Alpine and Debian variants via build args * Change default image base to `node:23-slim` instead of using `node:23` (no need for full Debian base present in `node:23` since now prioritization is given to production-ready builds) * Improve caching with --mount for npm dependencies * Separate build and runtime dependencies * Remove unnecessary Node.js packages in final stage * Fix permissions on uploads/database directories * Add proper scoping for build arguments * Set NODE_ENV=production for better performance This change reduces the final image size and improves build caching while adding flexibility to choose between Alpine and Debian base images. Original: ~1.2GB New Alpine: ~350MB New Debian: ~450MB
Streamlined the GitHub `publishImage.yml` workflow with the following functionality: * Handle both Alpine and Debian variants through matrix strategy * Push to both Docker Hub and GitHub Container Registry * Add comprehensive tagging strategy, handling both branches (aka release version, e.g. 1.0.0), semantic versions (major.minor and major), and latest versions (`latest` and `alpine`) * Add security aspects (cosign signing, proper permissions) * Add better caching and multi-platform build settings With this revised workflow, the following Docker image variants will be built for every successful release. As an example, if the release version is β3.0.9β, then the following Docker image variants will be built: Debian variants (default): - `kener:3.0.9` (Semver of current release) - `kener:latest` (Latest Debian release, βlatestβ label points to 3.0.9) - `kener:3.0` (major.minor version, major.minor β3.0β label points to 3.0.9) - `kener:3` (major version, major β3β label points to 3.0.9) Alpine variants (smallest filesize): - `kener:3.0.9-alpine` (Semver of current release) - `kener:alpine` (Latest Alpine release, βalpineβ label points to 3.0.9) - `kener:3.0-alpine` (major.minor version, major.minor β3.0-alpineβ label points to 3.0.9) - `kener:3-alpine` (major version, major β3-alpineβ label points to 3.0.9)
* add: version pinning (better stability) * remove: unnecessary KENER_BASE_PATH env. variable * update: reduce permissions of /uploads and /database directories * add: `entrypoint.sh` file * add: properly map container timezone and localtime * add: container healthcheck * change: restrict to non-root βnodeβ user
* Expanded upon existing Docker README section. * Created table which will contains version placeholder variables that will be replaced by new GitHub workflow job: βupdate_readmeβ. Job automatically runs after new images have been built & pushed to container registries.
add direct links to filtered image(s) on Docker Hub, based on whether Debian or Alpine Linux variant badges are clicked
|
Alright @rajnandan1, I was able to update and quickly test including only the files you mentioned in discussion #247. Please review and let me know if you have any questions! I'm happy to coordinate a time to jump on Discord if that's easier. I know you had mentioned the Docker side of things isn't necessarily something you're most comfortable with, so I'm happy to try and continuing to support as I have the time, if you would like. |
Noticed when doing some cleanup, that you had two awesome tags, but they both point to different URLs/repos. I added back in the one I had inadvertently removed.
kaffolder7
changed the title
|
Will merge this tonight IST |
|
Thanks @rajnandan1! This is so very exciting!! Thank you for trusting me with your project. I am very happy to support it. You've got a very good thing started. π |
I caught an issue where the README will only auto-update listed Docker versions the first time. Commenting out for now (in case this PR gets merged before I have time to fix this). Will revisit this and fix this week.
π Automate README Generation via Mustache Templating - Use Mustache to dynamically generate `README.md` from `README.template.md`. - Populate README with environment variables (e.g., `KENER_BUILD_FULL_VERSION`). - Prevent direct edits to `README.md` by enforcing updates via the template. - Enhance GitHub Actions workflow to auto-generate and commit the README. - Add GitHub Action workflow (`protect-readme.yml`) to prevent others from direct updates to `README.md` via PR.
|
@kaffolder7 the build seems to be broken https://github.com/rajnandan1/kener/actions/runs/13245732187 |
Yes, let me take a look here. |
It has something to do with your latest commit where mustache is used to create readme |
|
@rajnandan1 β Maybe issue as simple as me forgetting to push an updated |
Did :( |
Summary π
This PR includes multiple improvements and fixes related to Docker configuration, GitHub Actions workflows, and documentation. The key highlights are:
Changes Made
Docker Improvements π³
/uploadsand/database).entrypoint.shto handle startup behavior.GitHub Actions Workflow Enhancements βοΈ
Documentation & README Updates π
update_readme).Impact π
@rajnandan1 β I'm thinking this should probably be a new minor version bump (e.g. ver. 3.0.10 -> ver. 3.1.0)? Also, I did quite the overhaul on your existing GitHub Actions workflow. We'll probably wanna first test this as a βdry-runβ. π