-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[BN-1133]: Add Dockerfile and Set Up CI/CD (#4)
Prepare Faucet for production deployment. This is largely based off the flutter_annulus repo. * Add Dockerfile * Add CI/CD GitHub actions
- Loading branch information
1 parent
506cda3
commit 01fecb2
Showing
7 changed files
with
244 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
name: Build | ||
|
||
on: | ||
workflow_call: | ||
|
||
jobs: | ||
build: | ||
name: Build ${{ matrix.target }} | ||
runs-on: ubuntu-latest | ||
strategy: | ||
fail-fast: false | ||
matrix: | ||
target: [web] #TODO: Add android, ios, linux, macos, windows. | ||
steps: | ||
- name: Set up JDK 11 | ||
uses: actions/setup-java@v3 | ||
with: | ||
java-version: 11 | ||
distribution: temurin | ||
# Set up Flutter. | ||
- name: Set up Flutter | ||
uses: subosito/flutter-action@v2 | ||
with: | ||
# flutter-version: '' TODO: Pin this to a version. | ||
channel: stable | ||
- run: flutter doctor -v | ||
- name: Checkout | ||
uses: actions/checkout@v3 | ||
- run: flutter pub get | ||
- run: flutter packages pub run build_runner build --delete-conflicting-outputs | ||
- run: flutter build ${{ matrix.target }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,66 @@ | ||
name: Publish Docker Images (Private) | ||
|
||
on: | ||
workflow_call: | ||
inputs: | ||
registry-auth-location: | ||
description: 'Name of the GCP managed Artifact Registry.' | ||
default: "us-central1-docker.pkg.dev" | ||
required: false | ||
type: string | ||
remote-docker-image: | ||
description: 'Remote Docker image. ex: toplprotocol/faucet' | ||
default: "us-central1-docker.pkg.dev/topl-shared-project-dev/topl-artifacts-dev/faucet" | ||
required: false | ||
type: string | ||
|
||
jobs: | ||
publish_docker_images: | ||
name: Publish Docker Images | ||
runs-on: ubuntu-latest | ||
permissions: | ||
id-token: write | ||
contents: read | ||
steps: | ||
- name: Checkout current branch | ||
uses: actions/checkout@v3 | ||
with: | ||
fetch-depth: 0 | ||
submodules: true | ||
|
||
- id: 'auth' | ||
name: Authenticate to Google Cloud | ||
uses: google-github-actions/auth@v1 | ||
with: | ||
workload_identity_provider: ${{ secrets.GCP_OIDC_PROVIDER_NAME }} | ||
service_account: ${{ secrets.GCP_OIDC_SERVICE_ACCOUNT_EMAIL }} | ||
|
||
- name: Set up gcloud | ||
uses: google-github-actions/setup-gcloud@v1 | ||
|
||
- name: Auth Artifact Registry | ||
run: gcloud auth configure-docker ${{ inputs.registry-auth-location }} --quiet | ||
|
||
- name: Extract metadata (tags, labels) for Docker | ||
id: meta | ||
uses: docker/[email protected] | ||
with: | ||
images: ${{ inputs.remote-docker-image }} | ||
tags: | | ||
type=ref,event=branch | ||
type=ref,event=tag | ||
type=ref,event=pr | ||
type=sha,enable=true,prefix=, | ||
- name: Echo metadata | ||
run: | | ||
echo "tags: ${{ steps.meta.outputs.tags }}" | ||
echo "labels: ${{ steps.meta.outputs.labels }}" | ||
- name: Build and push Docker image | ||
uses: docker/[email protected] | ||
with: | ||
context: . | ||
push: ${{ github.event_name != 'pull_request' }} | ||
tags: ${{ steps.meta.outputs.tags }} | ||
labels: ${{ steps.meta.outputs.labels }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
name: Publish Docker Images (Public) | ||
|
||
on: | ||
workflow_call: | ||
inputs: | ||
remote-docker-image: | ||
description: 'Remote Docker image. ex: toplprotocol/faucet' | ||
default: "toplprotocol/faucet" | ||
required: false | ||
type: string | ||
|
||
jobs: | ||
publish_docker_images: | ||
name: Publish Docker Images | ||
runs-on: ubuntu-latest | ||
permissions: | ||
id-token: write | ||
contents: read | ||
packages: write | ||
steps: | ||
- name: Checkout current branch | ||
uses: actions/checkout@v3 | ||
with: | ||
fetch-depth: 0 | ||
submodules: true | ||
|
||
- name: Log in to Docker Hub | ||
uses: docker/login-action@v2 | ||
with: | ||
username: ${{ secrets.DOCKERHUB_USERNAME }} | ||
password: ${{ secrets.DOCKERHUB_TOKEN }} | ||
|
||
- name: Log in to the Github Container registry | ||
uses: docker/login-action@v2 | ||
with: | ||
registry: ghcr.io | ||
username: ${{ github.actor }} | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
- name: Extract metadata (tags, labels) for Docker | ||
id: meta | ||
uses: docker/[email protected] | ||
with: | ||
images: ${{ inputs.remote-docker-image }} | ||
|
||
- name: Echo metadata | ||
run: | | ||
echo "tags: ${{ steps.meta.outputs.tags }}" | ||
echo "labels: ${{ steps.meta.outputs.labels }}" | ||
- name: Build and push Docker image | ||
uses: docker/[email protected] | ||
with: | ||
context: . | ||
push: ${{ github.event_name != 'pull_request' }} | ||
tags: ${{ steps.meta.outputs.tags }} | ||
labels: ${{ steps.meta.outputs.labels }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
name: PR | ||
on: | ||
pull_request: | ||
|
||
jobs: | ||
build: | ||
uses: ./.github/workflows/_build.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
# This workflow uses actions that are not certified by GitHub. | ||
# They are provided by a third-party and are governed by | ||
# separate terms of service, privacy policy, and support | ||
# documentation. | ||
|
||
# GitHub recommends pinning actions to a commit SHA. | ||
# To get a newer version, you will need to update the SHA. | ||
# You can also reference a tag or branch, but the action may change without warning. | ||
|
||
name: CI | ||
|
||
on: | ||
push: | ||
branches: | ||
- main | ||
- dev | ||
|
||
jobs: | ||
build: | ||
uses: ./.github/workflows/_build.yml | ||
|
||
publish_private: | ||
uses: ./.github/workflows/_docker_publish_private.yml | ||
needs: [build] | ||
secrets: inherit | ||
with: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
# This workflow uses actions that are not certified by GitHub. | ||
# They are provided by a third-party and are governed by | ||
# separate terms of service, privacy policy, and support | ||
# documentation. | ||
|
||
# GitHub recommends pinning actions to a commit SHA. | ||
# To get a newer version, you will need to update the SHA. | ||
# You can also reference a tag or branch, but the action may change without warning. | ||
|
||
name: Release | ||
|
||
on: | ||
push: | ||
tags: ['*'] | ||
|
||
jobs: | ||
build: | ||
uses: ./.github/workflows/_build.yml | ||
|
||
publish_dockerhub: | ||
uses: ./.github/workflows/_docker_publish_public.yml | ||
needs: [build] | ||
secrets: inherit | ||
with: | ||
remote-docker-image: "toplprotocol/faucet" | ||
|
||
publish_ghcr: | ||
uses: ./.github/workflows/_docker_publish_public.yml | ||
needs: [build] | ||
secrets: inherit | ||
with: | ||
remote-docker-image: "ghcr.io/topl/faucet" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
# Stage 1: Build the Flutter app | ||
FROM ghcr.io/cirruslabs/flutter:3.10.6 AS build | ||
|
||
# Set the working directory to /app | ||
WORKDIR /app | ||
|
||
# Copy the entire Flutter project to the container | ||
COPY . . | ||
|
||
# Run the necessary Flutter commands to build the app | ||
RUN flutter pub get && \ | ||
flutter packages pub run build_runner build --delete-conflicting-outputs && \ | ||
flutter build web --release | ||
|
||
# Stage 2: Create a minimal image to run the built app | ||
FROM nginx:stable-alpine3.17 | ||
|
||
# Copy the built app from the previous stage to the nginx html directory | ||
COPY --from=build /app/build/web /usr/share/nginx/html | ||
|
||
# Expose port 80 for the web server to listen on | ||
EXPOSE 80 | ||
|
||
# Start Nginx | ||
CMD ["nginx", "-g", "daemon off;"] |