From 53c989462a1e6522f116ec2de005428b008f6c21 Mon Sep 17 00:00:00 2001 From: zias Date: Thu, 9 Apr 2026 09:17:03 +0200 Subject: [PATCH] Revert "fix(ci):consolidate dashboard build workflow changes" This reverts commit 58414f1035e67034a849245eb4f1a0e42b5137f2. --- .gitea/workflows/docker-build-api.yml | 2 +- .gitea/workflows/docker-build-dashboard.yml | 20 +- .gitea/workflows/docker-build-worker.yml | 2 +- .github/workflows/docker-build.yml | 265 ++++++++++++++++++++ apps/start/Dockerfile | 19 +- 5 files changed, 283 insertions(+), 25 deletions(-) create mode 100644 .github/workflows/docker-build.yml diff --git a/.gitea/workflows/docker-build-api.yml b/.gitea/workflows/docker-build-api.yml index a309a979..e59efcff 100644 --- a/.gitea/workflows/docker-build-api.yml +++ b/.gitea/workflows/docker-build-api.yml @@ -50,6 +50,6 @@ jobs: labels: ${{ steps.meta.outputs.labels }} provenance: false cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.OWNER }}/openpanel-api:buildcache - cache-to: ${{ github.event_name != 'pull_request' && format('type=registry,ref={0}/{1}/openpanel-api:buildcache,mode=min,image-manifest=true,oci-mediatypes=true', env.REGISTRY, env.OWNER) || '' }} + cache-to: ${{ github.event_name != 'pull_request' && format('type=registry,ref={0}/{1}/openpanel-api:buildcache,mode=max,image-manifest=true,oci-mediatypes=true', env.REGISTRY, env.OWNER) || '' }} build-args: |- DATABASE_URL=postgresql://postgres:postgres@localhost:5432/postgres diff --git a/.gitea/workflows/docker-build-dashboard.yml b/.gitea/workflows/docker-build-dashboard.yml index ce131536..9ff48e82 100644 --- a/.gitea/workflows/docker-build-dashboard.yml +++ b/.gitea/workflows/docker-build-dashboard.yml @@ -14,17 +14,11 @@ env: jobs: build-dashboard: runs-on: ubuntu-latest - timeout-minutes: 360 steps: - uses: actions/checkout@v4 - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - with: - driver: docker - name: Log in to registry if: github.event_name != 'pull_request' @@ -44,22 +38,16 @@ jobs: type=sha,prefix=sha-,format=short type=semver,pattern={{version}} - - name: Build image + - name: Build and push uses: docker/build-push-action@v6 with: context: . file: apps/start/Dockerfile target: runner platforms: linux/amd64 - push: false - load: true + push: ${{ github.event_name != 'pull_request' }} tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} provenance: false - - - name: Push image - if: github.event_name != 'pull_request' - run: |- - while IFS= read -r tag; do - [ -n "$tag" ] && docker push "$tag" - done <<< "${{ steps.meta.outputs.tags }}" + cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.OWNER }}/openpanel-dashboard:buildcache + cache-to: ${{ github.event_name != 'pull_request' && format('type=registry,ref={0}/{1}/openpanel-dashboard:buildcache,mode=max,image-manifest=true,oci-mediatypes=true', env.REGISTRY, env.OWNER) || '' }} diff --git a/.gitea/workflows/docker-build-worker.yml b/.gitea/workflows/docker-build-worker.yml index daa69574..60260252 100644 --- a/.gitea/workflows/docker-build-worker.yml +++ b/.gitea/workflows/docker-build-worker.yml @@ -50,6 +50,6 @@ jobs: labels: ${{ steps.meta.outputs.labels }} provenance: false cache-from: type=registry,ref=${{ env.REGISTRY }}/${{ env.OWNER }}/openpanel-worker:buildcache - cache-to: ${{ github.event_name != 'pull_request' && format('type=registry,ref={0}/{1}/openpanel-worker:buildcache,mode=min,image-manifest=true,oci-mediatypes=true', env.REGISTRY, env.OWNER) || '' }} + cache-to: ${{ github.event_name != 'pull_request' && format('type=registry,ref={0}/{1}/openpanel-worker:buildcache,mode=max,image-manifest=true,oci-mediatypes=true', env.REGISTRY, env.OWNER) || '' }} build-args: |- DATABASE_URL=postgresql://postgres:postgres@localhost:5432/postgres diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml new file mode 100644 index 00000000..fcfac62d --- /dev/null +++ b/.github/workflows/docker-build.yml @@ -0,0 +1,265 @@ +name: Docker Build and Push + +on: + workflow_dispatch: + push: + paths-ignore: + # README and docs + - "**/README*" + - "**/readme*" + - "**/*.md" + - "**/docs/**" + - "**/CHANGELOG*" + - "**/LICENSE*" + # Test files + - "**/*.test.*" + - "**/*.spec.*" + - "**/__tests__/**" + - "**/tests/**" + # SDKs (published separately) + - "packages/sdks/**" + # Public app (docs/marketing, not part of Docker deploy) + - "apps/public/**" + # Dev / tooling + - "**/.vscode/**" + - "**/.cursor/**" + - "**/.env.example" + - "**/.env.*.example" + - "**/.gitignore" + - "**/.eslintignore" + - "**/.prettierignore" + +env: + repo_owner: "openpanel-dev" + +jobs: + lint-and-test: + runs-on: ubuntu-latest + services: + redis: + image: redis:7-alpine + ports: + - 6379:6379 + options: >- + --health-cmd "redis-cli ping || exit 1" + --health-interval 5s + --health-timeout 3s + --health-retries 20 + steps: + - uses: actions/checkout@v4 + + - name: Setup Node.js + uses: actions/setup-node@v4 + with: + node-version: "20" + + - name: Install pnpm + uses: pnpm/action-setup@v4 + + - name: Get pnpm store directory + shell: bash + run: | + echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV + + - name: Setup pnpm cache + uses: actions/cache@v3 + with: + path: ${{ env.STORE_PATH }} + key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }} + restore-keys: | + ${{ runner.os }}-pnpm-store- + + - name: Install dependencies + run: pnpm install + + - name: Codegen + run: pnpm codegen + + # - name: Run Biome + # run: pnpm lint + + # - name: Run TypeScript checks + # run: pnpm typecheck + + # - name: Run tests + # run: pnpm test + + build-and-push-api: + permissions: + packages: write + contents: write + needs: lint-and-test + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Generate tags + id: tags + run: | + # Sanitize branch name by replacing / with - + BRANCH_NAME=$(echo "${{ github.ref_name }}" | sed 's/\//-/g') + # Get first 4 characters of commit SHA + SHORT_SHA=$(echo "${{ github.sha }}" | cut -c1-4) + echo "branch_name=$BRANCH_NAME" >> $GITHUB_OUTPUT + echo "short_sha=$SHORT_SHA" >> $GITHUB_OUTPUT + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log in to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push Docker image + uses: docker/build-push-action@v6 + with: + context: . + file: apps/api/Dockerfile + push: true + cache-from: type=gha + cache-to: type=gha,mode=max + tags: | + ghcr.io/${{ env.repo_owner }}/api:${{ steps.tags.outputs.branch_name }}-${{ steps.tags.outputs.short_sha }} + build-args: | + DATABASE_URL=postgresql://dummy:dummy@localhost:5432/dummy + + - name: Create/Update API tag + if: github.ref == 'refs/heads/main' + run: | + # Delete existing tag if it exists + if git tag -l "api" | grep -q "api"; then + git tag -d "api" + echo "Deleted local tag: api" + fi + + # Create new tag + git tag "api" "${{ github.sha }}" + echo "Created tag: api" + + # Push tag to remote + git push origin "api" --force + echo "Pushed tag: api" + + build-and-push-worker: + permissions: + packages: write + contents: write + needs: lint-and-test + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Generate tags + id: tags + run: | + # Sanitize branch name by replacing / with - + BRANCH_NAME=$(echo "${{ github.ref_name }}" | sed 's/\//-/g') + # Get first 4 characters of commit SHA + SHORT_SHA=$(echo "${{ github.sha }}" | cut -c1-4) + echo "branch_name=$BRANCH_NAME" >> $GITHUB_OUTPUT + echo "short_sha=$SHORT_SHA" >> $GITHUB_OUTPUT + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log in to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push Docker image + uses: docker/build-push-action@v6 + with: + context: . + file: apps/worker/Dockerfile + push: true + cache-from: type=gha + cache-to: type=gha,mode=max + tags: | + ghcr.io/${{ env.repo_owner }}/worker:${{ steps.tags.outputs.branch_name }}-${{ steps.tags.outputs.short_sha }} + build-args: | + DATABASE_URL=postgresql://dummy:dummy@localhost:5432/dummy + + - name: Create/Update Worker tag + if: github.ref == 'refs/heads/main' + run: | + # Delete existing tag if it exists + if git tag -l "worker" | grep -q "worker"; then + git tag -d "worker" + echo "Deleted local tag: worker" + fi + + # Create new tag + git tag "worker" "${{ github.sha }}" + echo "Created tag: worker" + + # Push tag to remote + git push origin "worker" --force + echo "Pushed tag: worker" + + build-and-push-dashboard: + permissions: + packages: write + contents: write + needs: lint-and-test + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Generate tags + id: tags + run: | + # Sanitize branch name by replacing / with - + BRANCH_NAME=$(echo "${{ github.ref_name }}" | sed 's/\//-/g') + # Get first 4 characters of commit SHA + SHORT_SHA=$(echo "${{ github.sha }}" | cut -c1-4) + echo "branch_name=$BRANCH_NAME" >> $GITHUB_OUTPUT + echo "short_sha=$SHORT_SHA" >> $GITHUB_OUTPUT + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log in to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push Docker image + uses: docker/build-push-action@v6 + with: + context: . + file: apps/start/Dockerfile + push: true + cache-from: type=gha + cache-to: type=gha,mode=max + tags: | + ghcr.io/${{ env.repo_owner }}/dashboard:${{ steps.tags.outputs.branch_name }}-${{ steps.tags.outputs.short_sha }} + build-args: | + NO_CLOUDFLARE=1 + + - name: Create/Update Dashboard tag + if: github.ref == 'refs/heads/main' + run: | + # Delete existing tag if it exists + if git tag -l "dashboard" | grep -q "dashboard"; then + git tag -d "dashboard" + echo "Deleted local tag: dashboard" + fi + + # Create new tag + git tag "dashboard" "${{ github.sha }}" + echo "Created tag: dashboard" + + # Push tag to remote + git push origin "dashboard" --force + echo "Pushed tag: dashboard" diff --git a/apps/start/Dockerfile b/apps/start/Dockerfile index ad8be58b..533631cb 100644 --- a/apps/start/Dockerfile +++ b/apps/start/Dockerfile @@ -48,7 +48,6 @@ FROM --platform=$BUILDPLATFORM node:${NODE_VERSION}-slim AS base-build ENV COREPACK_INTEGRITY_KEYS=0 -# Keep C++ build tools ONLY in the native build stage RUN rm -f /usr/local/bin/pnpm /usr/local/bin/pnpx && npm install -g pnpm@10.6.2 && apt-get update && \ apt-get install -y --no-install-recommends \ ca-certificates \ @@ -97,16 +96,20 @@ COPY apps/start ./apps/start COPY packages ./packages COPY tooling ./tooling -# Generate Prisma client and build the app natively +# Generate Prisma client and build the app RUN pnpm --filter start run build # PROD - Install only production dependencies FROM base AS prod -# FIX: -# Removed `npm_config_build_from_source`, `python3`, `make`, `g++`, and `pnpm rebuild`. -# This allows pnpm to instantly download pre-compiled AMD64 binaries instead of forcing -# QEMU to cross-compile C++ code on your Raspberry Pi. +ENV npm_config_build_from_source=true + +RUN apt-get update && apt-get install -y --no-install-recommends \ + python3 \ + make \ + g++ && \ + apt-get clean && \ + rm -rf /var/lib/apt/lists/* WORKDIR /app COPY --from=build /app/package.json ./ @@ -128,14 +131,16 @@ COPY --from=build /app/packages/integrations/package.json ./packages/integration COPY --from=build /app/packages/sdks/_info/package.json ./packages/sdks/_info/ COPY --from=build /app/patches ./patches -# Install production dependencies only (fetches prebuilt binaries fast) +# Install production dependencies only RUN pnpm install --frozen-lockfile --prod && \ + pnpm rebuild && \ pnpm store prune # FINAL - Minimal runtime image FROM base AS runner ENV NODE_ENV=production +ENV npm_config_build_from_source=true WORKDIR /app