Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(web): add dockerfiles #89

Merged
merged 18 commits into from
Nov 22, 2024
Merged

chore(web): add dockerfiles #89

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
d4659eb
faet: add dockerfiles
int-tt Sep 12, 2024
023c1c0
feat: align log format with cloud logging
int-tt Sep 19, 2024
3c5e5fd
feat: aligned with reearth-cms implementation
int-tt Oct 11, 2024
146a6c3
feat: support multiple cross-origin
int-tt Oct 16, 2024
829e89d
feat: update dockerignore
int-tt Oct 16, 2024
710bcd2
fix: typo
int-tt Nov 14, 2024
742f60d
feat: add web container deploy workflow
int-tt Nov 14, 2024
ed5a6e4
feat: delete unused files
int-tt Nov 14, 2024
5644baa
feat: update nodejs
int-tt Nov 22, 2024
a09045f
feat: add filed
int-tt Nov 22, 2024
3e60a78
fix: typo
int-tt Nov 22, 2024
94ccdcb
Update .github/workflows/deploy.yml
int-tt Nov 22, 2024
190efdf
Update .github/workflows/deploy.yml
int-tt Nov 22, 2024
1feed3b
Update .github/workflows/deploy.yml
int-tt Nov 22, 2024
2c2af73
Update .github/workflows/deploy.yml
int-tt Nov 22, 2024
c5aabb0
fix: env
int-tt Nov 22, 2024
8cecec3
fix: add auth, tag name
int-tt Nov 22, 2024
d1c05a1
Merge branch 'main' into feature/use-nginx
int-tt Nov 22, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 1 addition & 12 deletions .github/workflows/build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -155,17 +155,6 @@ jobs:
echo "::set-output name=platforms::$PLATFORMS"
echo "::set-output name=version::$VERSION"
echo "::set-output name=tags::$TAGS"
- name: Download web arfiacts
uses: dawidd6/action-download-artifact@v2
with:
github_token: ${{ steps.app-token.outputs.token }}
workflow: ci.yml
workflow_conclusion: success
branch: ${{ github.event.workflow_run.head_branch }}
name: reearth-marketplace-web
check_artifacts: true
- name: Extract
run: tar -xvf reearth-marketplace-web.tar.gz && mv reearth-marketplace-web server/web
- name: Build and load docker image
uses: docker/build-push-action@v3
with:
Expand All @@ -192,4 +181,4 @@ jobs:
# name: '[ -n $TAG ] && echo reearth-marketplace_$TAG || echo reearth-marketplace_$'
path: reearth-marketplace.tar.gz
if-no-files-found: error
# TODO: invoke deploy test env if name == "nightly" with workflow_call event
# TODO: invoke deploy test env if name == "nightly" with workflow_call event
47 changes: 21 additions & 26 deletions .github/workflows/deploy.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,38 +7,33 @@ on:
env:
REEARTH_MARKETPLACE_URL: marketplace.test.reearth.dev
REEARTH_API: "https://api.marketplace.test.reearth.dev/api"
GCS_DEST: gs://marketplace.test.reearth.dev
IMAGE_GCP: us-central1-docker.pkg.dev/reearth-oss/reearth/reearth-marketplace:nightly
SERVER_IMAGE_GCP: us-central1-docker.pkg.dev/reearth-oss/reearth/reearth-marketplace-api:nightly
WEB_IMAGE_GCP: us-central1-docker.pkg.dev/reearth-oss/reearth/reearth-marketplace-web:nightly
GCP_REGION: us-central1
jobs:
deploy_web:
runs-on: ubuntu-latest
if: github.event.workflow_run.conclusion != 'failure' && github.event.repository.full_name == 'reearth/reearth-marketplace' && github.event.workflow_run.head_branch == 'main'
steps:
- uses: actions/create-github-app-token@v1
id: app-token
with:
app-id: ${{ vars.GH_APP_ID }}
private-key: ${{ secrets.GH_APP_PRIVATE_KEY }}
- name: get latest web artifact
uses: dawidd6/action-download-artifact@v2
with:
github_token: ${{ steps.app-token.outputs.token }}
workflow: ci.yml
workflow_conclusion: success
branch: main
name: reearth-marketplace-web
check_artifacts: true
search_artifacts: true
- name: Extract
run: tar -xvf reearth-marketplace-web.tar.gz
- uses: google-github-actions/auth@v0
with:
credentials_json: "${{ secrets.GCP_SA_KEY }}"
credentials_json: ${{ secrets.GCP_SA_KEY }}
- name: Set up Cloud SDK
uses: google-github-actions/setup-gcloud@v0
- name: Deploy
run: gsutil -m -h "Cache-Control:no-store" rsync -x "^reearth_config\\.json$" -dr reearth-marketplace-web/ $GCS_DEST
- name: Configure docker
run: gcloud auth configure-docker us-central1-docker.pkg.dev --quiet
- name: docker build and push
run: |
cd web
docker build -t $WEB_IMAGE_GCP .
docker push $WEB_IMAGE_GCP
int-tt marked this conversation as resolved.
Show resolved Hide resolved
Comment on lines +23 to +29
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Fix shell script security issues

Unquoted variables in Docker commands could lead to word splitting or command injection issues.

Apply this fix:

  run: |
    cd web
-   docker build -t $WEB_IMAGE_GCP .
-   docker push $WEB_IMAGE_GCP
+   docker build -t "$WEB_IMAGE_GCP" .
+   docker push "$WEB_IMAGE_GCP"
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
- name: Configure docker
run: gcloud auth configure-docker us-central1-docker.pkg.dev --quiet
- name: docker build and push
run: |
cd web
docker build -t $WEB_IMAGE_GCP .
docker push $WEB_IMAGE_GCP
- name: Configure docker
run: gcloud auth configure-docker us-central1-docker.pkg.dev --quiet
- name: docker build and push
run: |
cd web
docker build -t "$WEB_IMAGE_GCP" .
docker push "$WEB_IMAGE_GCP"
🧰 Tools
🪛 actionlint (1.7.3)

26-26: shellcheck reported issue in this script: SC2086:info:2:17: Double quote to prevent globbing and word splitting

(shellcheck)

26-26: shellcheck reported issue in this script: SC2086:info:3:13: Double quote to prevent globbing and word splitting

(shellcheck)

- name: Deploy to Cloud Run
run: |
gcloud run deploy reearth-marketplace-web \
--image $WEB_IMAGE_GCP \
--region $GCP_REGION \
--platform managed \
--quiet
int-tt marked this conversation as resolved.
Show resolved Hide resolved
Comment on lines +31 to +36
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codebase verification

Missing health check endpoint and port configuration needs attention

The verification reveals important deployment prerequisites that need to be addressed:

  1. No health check endpoint is implemented in the server code, which is crucial for Cloud Run to monitor the service health
  2. While the nginx configuration properly handles the Cloud Run port (8080), the server's Dockerfile lacks both port exposure and health endpoint configuration

Required actions:

  • Implement a health check endpoint in the server code (e.g., /health or /healthz)
  • Add EXPOSE 8080 to the server's Dockerfile to explicitly document the port configuration
  • Consider adding readiness/liveness probe configurations in the deployment
🔗 Analysis chain

Verify deployment prerequisites

Before deploying, please verify:

  1. Health check endpoints are implemented
  2. Docker configurations align with Cloud Run parameters

Also applies to: 77-81

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check if health check endpoints and Docker configurations exist

# Check for health check endpoint in server code
echo "Checking server health endpoint..."
rg -l "health" --type go

# Check Docker port configurations
echo "Checking Docker port configurations..."
fd Dockerfile | xargs grep -l "EXPOSE"

Length of output: 229

Script:

#!/bin/bash
# Let's try a broader search for health-related endpoints and Docker configurations

# Check for any health-related routes or endpoints
echo "Checking for health endpoints in all files..."
rg -i "(/health|healthz|health-check|health_check)" -l

# Check for Docker configurations with different cases
echo "Checking Docker configurations..."
fd -i dockerfile
fd -i docker-compose

# Check for port-related configurations in Docker files
echo "Checking port configurations..."
fd -i docker | xargs cat

Length of output: 2798

Script:

#!/bin/bash
# Let's check the content of the nginx configuration and web Docker directory

# Check nginx configuration template
echo "Checking nginx configuration..."
cat web/docker/nginx.conf.template

# Check the web Docker directory for port and health check configurations
echo "Checking web Docker directory contents..."
ls -la web/docker/
cat web/docker/40-envsubst-on-reearth_config.sh

# Check for any health check related configurations in the server
echo "Checking server routes and configurations..."
rg -i "router|mux|handler.*health" --type go

Length of output: 2851

🧰 Tools
🪛 actionlint (1.7.3)

31-31: shellcheck reported issue in this script: SC2086:info:2:11: Double quote to prevent globbing and word splitting

(shellcheck)

31-31: shellcheck reported issue in this script: SC2086:info:3:12: Double quote to prevent globbing and word splitting

(shellcheck)

deploy_server:
runs-on: ubuntu-latest
if: github.event.workflow_run.conclusion != 'failure' && github.event.repository.full_name == 'reearth/reearth-marketplace' && github.event.workflow_run.head_branch == 'main'
Expand Down Expand Up @@ -75,12 +70,12 @@ jobs:
run: docker load < reearth-marketplace.tar.gz
- name: docker push
run: |
docker tag reearth/reearth-marketplace:nightly $IMAGE_GCP
docker push $IMAGE_GCP
docker tag reearth/reearth-marketplace-api:nightly $SERVER_IMAGE_GCP
docker push $SERVER_IMAGE_GCP
- name: Deploy to Cloud Run
run: |
gcloud run deploy reearth-marketplace-backend \
--image $IMAGE_GCP \
gcloud run deploy reearth-marketplace-api \
--image $SERVER_IMAGE_GCP \
--region $GCP_REGION \
--platform managed \
--quiet
Comment on lines +73 to 81
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Fix variable inconsistency and enhance deployment configuration

Multiple issues need to be addressed in the server deployment section:

  1. Incorrect variable name in docker tag command
  2. Unquoted variables in shell commands
  3. Missing recommended Cloud Run parameters

Apply these fixes:

-   docker tag reearth/reearth-marketplace-api:nightly $SERVER_GCP
-   docker push $SERVER_IMAGE_GCP
+   docker tag reearth/reearth-marketplace-api:nightly "$SERVER_IMAGE_GCP"
+   docker push "$SERVER_IMAGE_GCP"

    gcloud run deploy reearth-marketplace-api \
-     --image $SERVER_IMAGE_GCP \
-     --region $GCP_REGION \
-     --platform managed \
-     --quiet
+     --image "$SERVER_IMAGE_GCP" \
+     --region "$GCP_REGION" \
+     --platform managed \
+     --port 8080 \
+     --allow-unauthenticated \
+     --min-instances 1 \
+     --max-instances 10 \
+     --memory 1Gi \
+     --cpu 1 \
+     --timeout 300s \
+     --health-check-path /api/health \
+     --quiet

Committable suggestion skipped: line range outside the PR's diff.

🧰 Tools
🪛 actionlint (1.7.3)

76-76: shellcheck reported issue in this script: SC2086:info:2:11: Double quote to prevent globbing and word splitting

(shellcheck)

76-76: shellcheck reported issue in this script: SC2086:info:3:12: Double quote to prevent globbing and word splitting

(shellcheck)

105 changes: 105 additions & 0 deletions .github/workflows/web_build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,105 @@

name: web-build
on:
workflow_run:
workflows: [ci-web]
types: [completed]
branches: [main, release]
concurrency:
group: ${{ github.workflow }}-${{ github.event.workflow_run.head_branch }}
cancel-in-progress: true

jobs:
info:
name: Collect information
runs-on: ubuntu-latest
if: github.event.workflow_run.conclusion != 'failure' && github.event.repository.full_name == 'reearth/reearth-marketplace' && (github.event.workflow_run.head_branch == 'release' || !startsWith(github.event.head_commit.message, 'v'))
outputs:
sha_short: ${{ steps.info.outputs.sha_short }}
new_tag: ${{ steps.info.outputs.new_tag }}
new_tag_short: ${{ steps.info.outputs.new_tag_short }}
name: ${{ steps.info.outputs.name }}
steps:
- name: checkout
uses: actions/checkout@v4
- name: Fetch tags
run: git fetch --prune --unshallow --tags
- name: Get info
id: info
# The tag name should be retrieved lazily, as tagging may be delayed.
env:
BRANCH: ${{ github.event.workflow_run.head_branch }}
run: |
echo "::set-output name=sha_short::$(git rev-parse --short HEAD)"
if [[ "$BRANCH" = "release" ]]; then
TAG=$(git tag --points-at HEAD)
if [[ ! -z "$TAG" ]]; then
echo "::set-output name=new_tag::$TAG"
echo "::set-output name=new_tag_short::${TAG#v}"
else
echo "::set-output name=name::rc"
fi
else
echo "::set-output name=name::nightly"
fi
- name: Show info
env:
SHA_SHORT: ${{ steps.info.outputs.sha_short }}
NEW_TAG: ${{ steps.info.outputs.new_tag }}
NEW_TAG_SHORT: ${{ steps.info.outputs.new_tag_short }}
NAME: ${{ steps.info.outputs.name }}
run: echo "sha_short=$SHA_SHORT, new_tag=$NEW_TAG, new_tag_short=$NEW_TAG_SHORT, name=$NAME"
Comment on lines +23 to +51
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Update deprecated GitHub Actions commands and improve shell script

  1. The set-output command is deprecated. Use GITHUB_OUTPUT instead.
  2. Shell script style can be improved.

Apply these changes:

  run: |
-    echo "::set-output name=sha_short::$(git rev-parse --short HEAD)"
+    echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
     if [[ "$BRANCH" = "release" ]]; then
       TAG=$(git tag --points-at HEAD)
-      if [[ ! -z "$TAG" ]]; then
+      if [[ -n "$TAG" ]]; then
-        echo "::set-output name=new_tag::$TAG"
-        echo "::set-output name=new_tag_short::${TAG#v}"
+        echo "new_tag=$TAG" >> $GITHUB_OUTPUT
+        echo "new_tag_short=${TAG#v}" >> $GITHUB_OUTPUT
       else
-        echo "::set-output name=name::rc"
+        echo "name=rc" >> $GITHUB_OUTPUT
       fi
     else
-      echo "::set-output name=name::nightly"
+      echo "name=nightly" >> $GITHUB_OUTPUT
     fi
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
- name: checkout
uses: actions/checkout@v4
- name: Fetch tags
run: git fetch --prune --unshallow --tags
- name: Get info
id: info
# The tag name should be retrieved lazily, as tagging may be delayed.
env:
BRANCH: ${{ github.event.workflow_run.head_branch }}
run: |
echo "::set-output name=sha_short::$(git rev-parse --short HEAD)"
if [[ "$BRANCH" = "release" ]]; then
TAG=$(git tag --points-at HEAD)
if [[ ! -z "$TAG" ]]; then
echo "::set-output name=new_tag::$TAG"
echo "::set-output name=new_tag_short::${TAG#v}"
else
echo "::set-output name=name::rc"
fi
else
echo "::set-output name=name::nightly"
fi
- name: Show info
env:
SHA_SHORT: ${{ steps.info.outputs.sha_short }}
NEW_TAG: ${{ steps.info.outputs.new_tag }}
NEW_TAG_SHORT: ${{ steps.info.outputs.new_tag_short }}
NAME: ${{ steps.info.outputs.name }}
run: echo "sha_short=$SHA_SHORT, new_tag=$NEW_TAG, new_tag_short=$NEW_TAG_SHORT, name=$NAME"
- name: checkout
uses: actions/checkout@v4
- name: Fetch tags
run: git fetch --prune --unshallow --tags
- name: Get info
id: info
# The tag name should be retrieved lazily, as tagging may be delayed.
env:
BRANCH: ${{ github.event.workflow_run.head_branch }}
run: |
echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
if [[ "$BRANCH" = "release" ]]; then
TAG=$(git tag --points-at HEAD)
if [[ -n "$TAG" ]]; then
echo "new_tag=$TAG" >> $GITHUB_OUTPUT
echo "new_tag_short=${TAG#v}" >> $GITHUB_OUTPUT
else
echo "name=rc" >> $GITHUB_OUTPUT
fi
else
echo "name=nightly" >> $GITHUB_OUTPUT
fi
- name: Show info
env:
SHA_SHORT: ${{ steps.info.outputs.sha_short }}
NEW_TAG: ${{ steps.info.outputs.new_tag }}
NEW_TAG_SHORT: ${{ steps.info.outputs.new_tag_short }}
NAME: ${{ steps.info.outputs.name }}
run: echo "sha_short=$SHA_SHORT, new_tag=$NEW_TAG, new_tag_short=$NEW_TAG_SHORT, name=$NAME"
🧰 Tools
🪛 actionlint

32-32: shellcheck reported issue in this script: SC2236:style:4:9: Use -n instead of ! -z

(shellcheck)

32-32: workflow command "set-output" was deprecated. use echo "{name}={value}" >> $GITHUB_OUTPUT instead: https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions

(deprecated-commands)

32-32: workflow command "set-output" was deprecated. use echo "{name}={value}" >> $GITHUB_OUTPUT instead: https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions

(deprecated-commands)

32-32: workflow command "set-output" was deprecated. use echo "{name}={value}" >> $GITHUB_OUTPUT instead: https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions

(deprecated-commands)

32-32: workflow command "set-output" was deprecated. use echo "{name}={value}" >> $GITHUB_OUTPUT instead: https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions

(deprecated-commands)

32-32: workflow command "set-output" was deprecated. use echo "{name}={value}" >> $GITHUB_OUTPUT instead: https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions

(deprecated-commands)


docker:
name: Build and push Docker image
runs-on: ubuntu-latest
needs:
- info
if: needs.info.outputs.name || needs.info.outputs.new_tag
env:
IMAGE_NAME: reearth/reearth-marketplace-web
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Get options
id: options
env:
TAG: ${{ needs.info.outputs.tag_short }}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Fix incorrect output variable reference

The environment variable TAG is referencing a non-existent output variable 'tag_short'.

-          TAG: ${{ needs.info.outputs.tag_short }}
+          TAG: ${{ needs.info.outputs.new_tag_short }}
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
TAG: ${{ needs.info.outputs.tag_short }}
TAG: ${{ needs.info.outputs.new_tag_short }}
🧰 Tools
🪛 actionlint (1.7.3)

76-76: property "tag_short" is not defined in object type {name: string; new_tag: string; new_tag_short: string; sha_short: string}

(expression)

NAME: ${{ needs.info.outputs.name }}
SHA: ${{ needs.info.outputs.sha_short }}
run: |
if [[ -n $TAG ]]; then
PLATFORMS=linux/amd64,linux/arm64
VERSION=$TAG
TAGS=$IMAGE_NAME:$TAG
if [[ ! $TAG =~ '-' ]]; then
TAGS+=,${IMAGE_NAME}:${TAG%.*}
TAGS+=,${IMAGE_NAME}:${TAG%%.*}
TAGS+=,${IMAGE_NAME}:latest
fi
else
PLATFORMS=linux/amd64
VERSION=$SHA
TAGS=$IMAGE_NAME:$NAME
fi
echo "::set-output name=platforms::$PLATFORMS"
echo "::set-output name=version::$VERSION"
echo "::set-output name=tags::$TAGS"
- name: Build and push docker image
uses: docker/build-push-action@v6
with:
context: ./web
platforms: ${{ steps.options.outputs.platforms }}
push: true
tags: ${{ steps.options.outputs.new_tag_short }}
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Fix incorrect tags parameter in docker/build-push-action

The tags parameter is using new_tag_short instead of the tags output from the options step.

-          tags: ${{ steps.options.outputs.new_tag_short }}
+          tags: ${{ steps.options.outputs.tags }}
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
tags: ${{ steps.options.outputs.new_tag_short }}
tags: ${{ steps.options.outputs.tags }}

cache-from: type=gha
cache-to: type=gha,mode=max
1 change: 0 additions & 1 deletion server/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,6 @@ FROM debian:buster

COPY --from=build /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
COPY --from=build /app/reearth-marketplace /app/reearth-marketplace
COPY web* /app/

WORKDIR /app

Expand Down
14 changes: 14 additions & 0 deletions web/.dockerignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
*

!docker/
!src/

!index.html
!TEMP.js
!i18next-parser.config.js
!tsconfig.json
!tsconfig.node.json
!package.json
!vite.config.ts
!vite.config.ext.ts
!yarn.lock
48 changes: 48 additions & 0 deletions web/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,48 @@
FROM node:22.1-slim AS node
WORKDIR /work
int-tt marked this conversation as resolved.
Show resolved Hide resolved

RUN --mount=type=bind,source=package.json,target=package.json \
--mount=type=bind,source=yarn.lock,target=yarn.lock \
--mount=type=cache,target=/root/.yarn,sharing=locked \
yarn install

RUN --mount=type=bind,source=package.json,target=package.json \
--mount=type=bind,source=yarn.lock,target=yarn.lock \
--mount=type=bind,source=index.html,target=index.html \
--mount=type=bind,source=tsconfig.json,target=tsconfig.json \
--mount=type=bind,source=tsconfig.node.json,target=tsconfig.node.json \
--mount=type=bind,source=vite.config.ts,target=vite.config.ts \
--mount=type=bind,source=vite.config.ext.ts,target=vite.config.ext.ts \
--mount=type=bind,source=src,target=src \
--mount=type=bind,source=TEMP.js,target=TEMP.js \
--mount=type=cache,target=/root/.yarn,sharing=locked \
yarn build && yarn build:ext

FROM nginx:1.27-alpine

int-tt marked this conversation as resolved.
Show resolved Hide resolved
# Quite the Nginx startup logs.
ENV NGINX_ENTRYPOINT_QUIET_LOGS=true

# Default to Cloud Run port.
# Ref: https://cloud.google.com/run/docs/reference/container-contract#port
ENV PORT=8080

# Defaults Google Cloud Load Balancer header.
# Ref: https://cloud.google.com/load-balancing/docs/https#target-proxies
ENV REAL_IP_HEADER=X-Forwarded-For

# Default values.
ENV MARKETPLACE_API=
ENV AUTH_CLIENT_ID=
ENV AUTH_DOMAIN=
ENV AUTH_AUDIENCE=
ENV REPORT_URL=
ENV REEARTH_API=
ENV REEARTH_CLASSIC_WEB=
ENV CORS_ALLOWED_ORIGINS=
ENV REEARTH_VISUALIZER_WEB=

COPY --from=node /work/dist/ /usr/share/nginx/html
COPY --chown=nginx:nginx docker/reearth_config.json.template /tmp/reearth_config.json.template
COPY --chown=nginx:nginx docker/nginx.conf.template /etc/nginx/templates/nginx.conf.template
COPY --chown=nginx:nginx docker/40-envsubst-on-reearth_config.sh /docker-entrypoint.d/
int-tt marked this conversation as resolved.
Show resolved Hide resolved
8 changes: 8 additions & 0 deletions web/docker/40-envsubst-on-reearth_config.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
#!/bin/sh

set -e

TEMPLATE_FILE="/tmp/reearth_config.json.template"
OUTPUT_FILE="/usr/share/nginx/html/reearth_config.json"

envsubst < "$TEMPLATE_FILE" > "$OUTPUT_FILE"
52 changes: 52 additions & 0 deletions web/docker/nginx.conf.template
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
log_format json escape=json '{'
'"body_bytes_sent": "$body_bytes_sent",'
'"http_referer": "$http_referer",'
'"http_user_agent": "$http_user_agent",'
'"remote_ip": "$remote_addr",'
'"remote_user": "$remote_user",'
'"request": "$request",'
'"request_id": "$request_id",'
'"request_method": "$request_method",'
'"request_time": "$request_time",'
'"request_uri": "$request_uri",'
'"server_name": "$server_name",'
'"status": "$status",'
'"time": "$time_iso8601"'
'}';

real_ip_header ${REAL_IP_HEADER};

# CORS_ALLOWED_ORIGINS specifies multiple origins to which access is allowed.
# The delimiter is | and the regular expression or is used to match.
# example: CORS_ALLOWED_ORIGINS=https://example.com|http://localhosts:3000
map $http_origin $cors{
default '';
~^(${CORS_ALLOWED_ORIGINS})$ $http_origin;
}

server {
listen ${PORT};
root /usr/share/nginx/html;
server_name _;

access_log /dev/stdout json;
error_log /dev/stderr warn;

location / {
add_header 'Access-Control-Allow-Origin' "$cors";
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, PATCH, PUT, HEAD OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Origin, Authorization, Accept';

if ($request_method = 'OPTIONS') {
return 204;
}

try_files $uri /index.html =404;
}

error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
11 changes: 11 additions & 0 deletions web/docker/reearth_config.json.template
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
{
"marketplaceApi": "${MARKETPLACE_API}",
"authClientId": "${AUTH_CLIENT_ID}",
"authDomain": "${AUTH_DOMAIN}",
"authAudience": "${AUTH_AUDIENCE}",
"reportUrl": "${REPORT_URL}",
"reearthApi": "${REEARTH_API}",
"reearthClassicWeb": "${REEARTH_CLASSIC_WEB}",
"reearthVisualizerWeb": "${REEARTH_VISUALIZER_WEB}"
}

Loading
Loading