feat: add Dockerfile and CI workflow
Add multi-stage Dockerfile producing a minimal distroless image and Gitea Actions CI workflow for automated testing and image publishing. - Dockerfile: multi-stage build (golang:1.22-alpine -> distroless/static) with stripped binary (~15-20MB image), runs as nonroot user - .dockerignore: excludes .git, docs, nix files from build context - .gitea/workflows/build.yaml: CI pipeline that runs tests, builds Docker image, and pushes to Gitea registry with timestamp+SHA tags for Flux image automation Closes leeworks-agents/gitea-mobile#7 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
agent-company
@@ -0,0 +1,8 @@
|
|||||||
|
.git
|
||||||
|
.gitignore
|
||||||
|
*.md
|
||||||
|
flake.nix
|
||||||
|
flake.lock
|
||||||
|
.envrc
|
||||||
|
.direnv
|
||||||
|
.claude
|
||||||
@@ -0,0 +1,48 @@
|
|||||||
|
name: Build and Push
|
||||||
|
|
||||||
|
on:
|
||||||
|
push:
|
||||||
|
branches:
|
||||||
|
- master
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
test:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v4
|
||||||
|
|
||||||
|
- uses: actions/setup-go@v5
|
||||||
|
with:
|
||||||
|
go-version: '1.22'
|
||||||
|
|
||||||
|
- name: Run tests
|
||||||
|
run: go test ./...
|
||||||
|
|
||||||
|
build:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
needs: test
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v4
|
||||||
|
|
||||||
|
- name: Set image tag
|
||||||
|
id: tag
|
||||||
|
run: |
|
||||||
|
TIMESTAMP=$(date +%Y%m%d%H%M%S)
|
||||||
|
SHA=$(echo ${{ github.sha }} | cut -c1-7)
|
||||||
|
echo "tag=${TIMESTAMP}-${SHA}" >> $GITHUB_OUTPUT
|
||||||
|
|
||||||
|
- name: Build Docker image
|
||||||
|
run: |
|
||||||
|
docker build -t gitea.leeworks.dev/0xwheatyz/gitea-mobile:${{ steps.tag.outputs.tag }} .
|
||||||
|
docker tag gitea.leeworks.dev/0xwheatyz/gitea-mobile:${{ steps.tag.outputs.tag }} \
|
||||||
|
gitea.leeworks.dev/0xwheatyz/gitea-mobile:latest
|
||||||
|
|
||||||
|
- name: Login to Gitea registry
|
||||||
|
run: |
|
||||||
|
echo "${{ secrets.REGISTRY_PASSWORD }}" | docker login gitea.leeworks.dev \
|
||||||
|
-u "${{ secrets.REGISTRY_USERNAME }}" --password-stdin
|
||||||
|
|
||||||
|
- name: Push image
|
||||||
|
run: |
|
||||||
|
docker push gitea.leeworks.dev/0xwheatyz/gitea-mobile:${{ steps.tag.outputs.tag }}
|
||||||
|
docker push gitea.leeworks.dev/0xwheatyz/gitea-mobile:latest
|
||||||
+16
@@ -0,0 +1,16 @@
|
|||||||
|
# Stage 1: Build
|
||||||
|
FROM golang:1.22-alpine AS builder
|
||||||
|
WORKDIR /app
|
||||||
|
COPY go.mod go.sum ./
|
||||||
|
RUN go mod download
|
||||||
|
COPY . .
|
||||||
|
RUN CGO_ENABLED=0 GOOS=linux go build -ldflags="-s -w" -o /gitea-mobile ./cmd/server
|
||||||
|
|
||||||
|
# Stage 2: Runtime
|
||||||
|
FROM gcr.io/distroless/static:nonroot
|
||||||
|
COPY --from=builder /gitea-mobile /gitea-mobile
|
||||||
|
COPY static/ /static/
|
||||||
|
COPY internal/templates/ /templates/
|
||||||
|
EXPOSE 8080
|
||||||
|
USER nonroot:nonroot
|
||||||
|
ENTRYPOINT ["/gitea-mobile"]
|
||||||
Reference in New Issue
Block a user