coracle/flotilla
1
6
Fork 24
Code Issues 43 Pull Requests 3 Actions Packages Projects 5 Releases Wiki Activity

feat(ci): minimize container size and caching #275

Open
npub15skvhry wants to merge 1 commits from npub15skvhry/flotilla:feat/minimize-container-size into dev
pull from: npub15skvhry/flotilla:feat/minimize-container-size
merge into: coracle:dev
Conversation 0 Commits 1 Files Changed 8
+192 -77
8 changed files with 192 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.forgejo
Symlink
+1
View File
@@ -0,0 +1 @@
.gitea
.gitea/workflows/container-publish.yml
+95
View File
@@ -0,0 +1,95 @@
name: Container Build and Publish
on:
push:
branches: [ master ]
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env:
REGISTRY: gitea.coracle.social
jobs:
build-and-push-image:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set Variables
id: set_variables
run: |
# convert everything to lowercase because ghcr repository name must be lowercase
ACTOR="${GITHUB_ACTOR,,}"
REPOSITORY="${GITHUB_REPOSITORY##*/}"
REPOSITORY="${REPOSITORY,,}"
echo "actor=${ACTOR}" >> $GITHUB_OUTPUT
echo "repository=${REPOSITORY}" >> $GITHUB_OUTPUT
shell: bash
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
driver: docker-container
- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.PACKAGE_TOKEN }}
- name: Extract metadata (tags, labels) for nodejs image
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ steps.set_variables.outputs.actor }}/${{ steps.set_variables.outputs.repository }}
tags: |
type=ref,event=branch
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=sha,prefix={{branch}}-
type=raw,value=latest,enable=${{ github.ref == 'refs/heads/master' }}
- name: Build and push nodejs-based image
id: push
uses: docker/build-push-action@v5
with:
context: .
file: ./Containerfile
push: true
target: production-nodejs
platforms: linux/amd64,linux/arm64
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
#cache-from: type=gha
#cache-to: type=gha,mode=max
#- name: Extract metadata (tags, labels) for nginx image
# id: meta
# uses: docker/metadata-action@v5
# with:
# images: ${{ env.REGISTRY }}/${{ steps.set_variables.outputs.actor }}/${{ steps.set_variables.outputs.repository }}-nginx
# tags: |
# type=ref,event=branch
# type=semver,pattern={{version}}
# type=semver,pattern={{major}}.{{minor}}
# type=sha,prefix={{branch}}-
# type=raw,value=latest,enable=${{ github.ref == 'refs/heads/master' }}
#- name: Build and push nginx-based image
# id: push
# uses: docker/build-push-action@v5
# with:
# context: .
# file: ./Containerfile
# push: true
# target: production-nginx
# platforms: linux/amd64,linux/arm64
# tags: ${{ steps.meta.outputs.tags }}
# labels: ${{ steps.meta.outputs.labels }}
# cache-from: type=gha
# cache-to: type=gha,mode=max
.gitea/workflows/docker-publish.yml
-50
View File
@@ -1,50 +0,0 @@
name: Docker
on:
push:
branches: [master]
env:
REGISTRY: gitea.coracle.social
IMAGE_NAME: coracle/flotilla
jobs:
build-and-push-image:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: hodlbod
password: ${{ secrets.PACKAGE_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=raw,value=latest,enable=${{ github.ref == 'refs/heads/master' }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
driver: docker-container
- name: Build and push Docker image
id: push
uses: docker/build-push-action@v5
with:
context: .
push: true
platforms: linux/amd64,linux/arm64
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
.github
Symlink
+1
View File
@@ -0,0 +1 @@
.gitea
Containerfile
+67
View File
@@ -0,0 +1,67 @@
# Build and run the Flotilla web server.
#
# docker build -t flotilla .
# docker run -p 3000:3000 flotilla
#
# Pass --build-arg VITE_BUILD_HASH=$(git rev-parse --short HEAD) to stamp the build.
# A .env in the build context is picked up by build.sh for branding config.
# https://pnpm.io/docker#example-3-build-on-cicd
FROM node:24-bookworm-slim AS builder
ENV PNPM_HOME="/pnpm"
ENV PATH="$PNPM_HOME:$PATH"
RUN corepack enable
WORKDIR /app
ENV NODE_OPTIONS=--max_old_space_size=16384
COPY package.json pnpm-lock.yaml ./
RUN pnpm i --frozen-lockfile
COPY . .
ARG VITE_BUILD_HASH
RUN pnpm run build
RUN pnpm run build:server
FROM nginx:alpine AS production-nginx
COPY --from=builder /app/build /usr/share/nginx/html
RUN cat > /etc/nginx/conf.d/default.conf << 'EOF'
server {
listen 3000;
server_name _;
root /usr/share/nginx/html;
index index.html;
# Enable gzip
gzip on;
gzip_vary on;
gzip_min_length 1024;
gzip_types text/plain text/css text/xml text/javascript application/javascript application/json;
# Security headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
# https://gist.github.com/dukedorje/01fd7ddbfc8cdac4e02c6105d26ca7fe
location ^~ /_app/immutable {
# gzip_static on;
try_files $uri =404;
expires 1y;
add_header Cache-Control "public, immutable";
etag on;
access_log off;
expires max;
}
location / {
try_files $uri $uri/ /index.html;
}
}
EOF
EXPOSE 3000
CMD ["nginx", "-g", "daemon off;"]
FROM node:lts-slim AS production-nodejs
ENV NODE_ENV=production
WORKDIR /app
COPY --from=builder /app/build /app/build
COPY --from=builder /app/dist-server/server.js /app/server.js
EXPOSE 3000
CMD ["node", "server.js"]
Dockerfile
-27
View File
@@ -1,27 +0,0 @@
# Build and run the Flotilla web server.
#
# docker build -t flotilla .
# docker run -p 3000:3000 flotilla
#
# Pass --build-arg VITE_BUILD_HASH=$(git rev-parse --short HEAD) to stamp the build.
# A .env in the build context is picked up by build.sh for branding config.
FROM node:22-bookworm
RUN npm install -g pnpm@10.33.0
WORKDIR /app
COPY package.json pnpm-lock.yaml ./
RUN pnpm i --frozen-lockfile
ENV NODE_OPTIONS=--max_old_space_size=16384
COPY . .
RUN pnpm run build
EXPOSE 3000
CMD ["node", "server.js"]
package.json
+1
View File
@@ -5,6 +5,7 @@
"scripts": {
"dev": "vite dev",
"build": "./build.sh",
"build:server": "vite build --config vite.config.server.ts",
"start": "node server.js",
"release:android": "./build.sh && cap build android --androidreleasetype APK --signing-type apksigner",
"tauri:dev": "tauri dev",
vite.config.server.ts
+27
View File
@@ -0,0 +1,27 @@
import { defineConfig } from "vite"
import { builtinModules } from 'module'
export default defineConfig({
ssr: {
noExternal: true, // bundle every dependency
},
build: {
target: 'node24', // match your Node.js version
outDir: 'dist-server',
emptyOutDir: false, // don't wipe the frontend build output
ssr: true, // tells Vite this is a server-side build
minify: 'esbuild', // minify the output
lib: {
entry: 'server.js', // your server entry point
formats: ['es'],
fileName: () => 'server.js',
},
rollupOptions: {
// Externalize only Node.js built-ins, bundle everything else
external: [
...builtinModules,
...builtinModules.map(m => `node:${m}`),
],
},
},
})