-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Dockerizing the image of codebase and Establishing CI/CD pipeline
- The image is a multi-stage build - The docker-compose file is also included - The containerization requires a bit of configuration because there NextAuth issue and trustHost: true as a workaround - The CI/CD pipeline is established using Github Actions and the workflow is defined in the build.yaml file
- Loading branch information
1 parent
2b1710c
commit 4ec36c2
Showing
8 changed files
with
557 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,68 @@ | ||
# Dependencies | ||
node_modules | ||
.pnpm-store | ||
.npm | ||
npm-debug.log* | ||
yarn-debug.log* | ||
yarn-error.log* | ||
|
||
# Testing | ||
/coverage | ||
*.test.js | ||
*.spec.js | ||
|
||
# Next.js | ||
.next | ||
out | ||
|
||
# Production | ||
/build | ||
|
||
# Misc | ||
.DS_Store | ||
*.pem | ||
.env.local | ||
.env.development.local | ||
.env.test.local | ||
.env.production.local | ||
|
||
# Debug | ||
npm-debug.log* | ||
yarn-debug.log* | ||
yarn-error.log* | ||
.pnpm-debug.log* | ||
|
||
# IDEs and editors | ||
.idea | ||
.vscode | ||
*.swp | ||
*.swo | ||
*.swn | ||
*.bak | ||
|
||
# Version control | ||
.git | ||
.gitignore | ||
.gitattributes | ||
.github | ||
|
||
# Project specific | ||
README.md | ||
CHANGELOG.md | ||
contributing.md | ||
LICENSE | ||
ProjectInfo/ | ||
*.md | ||
!next.config.mjs | ||
|
||
# Docker | ||
Dockerfile | ||
.dockerignore | ||
docker-compose* | ||
|
||
# Other | ||
.husky | ||
.eslintrc | ||
.prettierrc | ||
.prettierignore | ||
*.log |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
name: Build and Push Docker Image | ||
|
||
on: | ||
push: | ||
branches: ["master"] | ||
pull_request: | ||
branches: ["master"] | ||
workflow_dispatch: # Allows you to run this workflow manually | ||
|
||
jobs: | ||
build-and-push: | ||
runs-on: ubuntu-latest | ||
|
||
steps: | ||
# Step 1: Check out the repository code | ||
- name: Checkout code | ||
uses: actions/checkout@v3 | ||
|
||
# Step 2: Set up Docker Buildx (allows multi-platform builds and advanced features) | ||
- name: Set up Docker Buildx | ||
uses: docker/setup-buildx-action@v2 | ||
|
||
# Step 3: Log in to Docker Hub using GitHub Secrets | ||
- name: Log in to Docker Hub | ||
uses: docker/login-action@v2 | ||
with: | ||
username: ${{ secrets.DOCKERHUB_USERNAME }} | ||
password: ${{ secrets.DOCKERHUB_TOKEN }} | ||
|
||
# Step 4: Build and push the Docker image | ||
- name: Build and Push Docker Image | ||
uses: docker/build-push-action@v4 | ||
with: | ||
# Path to your Dockerfile context (the directory containing Dockerfile) | ||
context: . | ||
# Explicitly specify the Dockerfile if it's not in the root | ||
file: ./Dockerfile | ||
# The image(s) to push. Replace "YOUR_DOCKERHUB_USERNAME" and "YOUR_IMAGE_NAME". | ||
# You can add multiple tags, for example, "latest" and one that references the commit SHA. | ||
tags: | | ||
${{ secrets.DOCKERHUB_USERNAME }}/codeshard:latest | ||
${{ secrets.DOCKERHUB_USERNAME }}/codeshard:${{ github.sha }} | ||
push: true | ||
# (Optional) If you want multi-platform images, e.g., for amd64 & arm64, add: | ||
# platforms: linux/amd64,linux/arm64 | ||
|
||
# Optional: If you want to confirm the image was successfully built/pushed, | ||
# you can add steps such as "docker pull" or other testing steps here. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1,9 @@ | ||
export { GET, POST } from "@/auth"; | ||
import NextAuth from "next-auth"; | ||
|
||
const handler = NextAuth({ | ||
providers: [], // No external providers | ||
secret: process.env.AUTH_SECRET, // Required even in development | ||
trustHost: true, // Set to true for development mode | ||
}); | ||
|
||
export { handler as GET, handler as POST }; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
version: "3.8" | ||
|
||
services: | ||
nextjs: | ||
# This uses either a pre-built image (if IMAGE_NAME is defined) | ||
# or builds locally using the Dockerfile if IMAGE_NAME is unset | ||
image: ${IMAGE_NAME:-} | ||
build: . | ||
container_name: nextjs | ||
ports: | ||
- "3000:3000" | ||
environment: | ||
- AUTH_SECRET=${AUTH_SECRET} | ||
- NEXTAUTH_URL=${NEXTAUTH_URL} | ||
- NEXTAUTH_TRUST_HOST=${NEXTAUTH_TRUST_HOST} | ||
- AUTH_SECRET=${AUTH_SECRET} | ||
- MONGODB_URI=${MONGODB_URI} | ||
- HOST_URL=${HOST_URL} | ||
- NEXT_PUBLIC_BACKEND_URL=${NEXT_PUBLIC_BACKEND_URL} | ||
|
||
restart: unless-stopped | ||
healthcheck: | ||
test: | ||
[ | ||
"CMD", | ||
"wget", | ||
"--no-verbose", | ||
"--tries=1", | ||
"--spider", | ||
"http://localhost:3000", | ||
] | ||
interval: 30s | ||
timeout: 10s | ||
retries: 3 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
# Stage 1: Dependencies | ||
FROM node:18-alpine AS deps | ||
RUN corepack enable && corepack prepare pnpm@latest --activate | ||
|
||
WORKDIR /app | ||
COPY package.json pnpm-lock.yaml ./ | ||
# Make sure sharp is in your package.json if you need image optimization | ||
RUN pnpm install --frozen-lockfile | ||
|
||
# Stage 2: Builder | ||
FROM node:18-alpine AS builder | ||
RUN corepack enable && corepack prepare pnpm@latest --activate | ||
|
||
WORKDIR /app | ||
COPY --from=deps /app/node_modules ./node_modules | ||
COPY . . | ||
|
||
# Build the Next.js application (standalone mode) | ||
RUN pnpm build | ||
|
||
# Stage 3: Runner | ||
FROM node:18-alpine AS runner | ||
RUN corepack enable && corepack prepare pnpm@latest --activate | ||
|
||
WORKDIR /app | ||
|
||
ENV NODE_ENV=production | ||
|
||
# Create a non-root user and group | ||
RUN addgroup --system --gid 1001 nodejs | ||
RUN adduser --system --uid 1001 nextjs | ||
|
||
# Copy only the necessary files from the builder stage | ||
COPY --from=builder /app/public ./public | ||
COPY --from=builder /app/.next/standalone ./ | ||
COPY --from=builder /app/.next/static ./.next/static | ||
|
||
# -- Create and set permissions for the cache directory -- | ||
# Although standalone mode might not always strictly need it, | ||
# Next.js at runtime may still try to access .next/cache | ||
RUN mkdir -p .next/cache && chown -R nextjs:nodejs .next | ||
|
||
# Switch to the non-root user | ||
USER nextjs | ||
|
||
# Expose the port | ||
EXPOSE 3000 | ||
ENV PORT=3000 | ||
ENV HOSTNAME="0.0.0.0" | ||
|
||
# Command to start the application | ||
CMD ["node", "server.js"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.