From 6ee7627ee975f5d566aac7713e2791756fb86096 Mon Sep 17 00:00:00 2001 From: Aaron Powell Date: Thu, 3 Apr 2025 14:17:19 +1100 Subject: [PATCH 01/11] Initial work for adding a Dockerfile and creating an image for inspector Fixes #237 --- .dockerignore | 35 +++++++++++++++++++++++++++++++++++ Dockerfile | 26 ++++++++++++++++++++++++++ 2 files changed, 61 insertions(+) create mode 100644 .dockerignore create mode 100644 Dockerfile diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 000000000..a3e960e3f --- /dev/null +++ b/.dockerignore @@ -0,0 +1,35 @@ +# Version control +.git +.gitignore + +# Node.js +node_modules +npm-debug.log + +# Build artifacts +client/dist +client/build +server/dist +server/build + +# Environment variables +.env +.env.local +.env.development +.env.test +.env.production + +# Editor files +.vscode +.idea + +# Logs +logs +*.log + +# Testing +coverage + +# Docker +Dockerfile +.dockerignore \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 000000000..2d318a333 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,26 @@ +FROM node:22-slim + +# Set working directory +WORKDIR /app + +# Copy files +COPY . . + +# Install dependencies +# Working around https://github.com/npm/cli/issues/4828 +# RUN npm ci +RUN npm install --no-package-lock + +# Build the application +RUN npm run build + +ENV CLIENT_PORT=6274 +ENV SERVER_PORT=6277 + +# Expose the CLIENT_PORT and SERVER_PORT +EXPOSE $CLIENT_PORT +EXPOSE $SERVER_PORT + +# Use ENTRYPOINT with CMD for arguments +ENTRYPOINT ["npm", "start"] +CMD [] \ No newline at end of file From 6d561a0e0df804dfcf2b5b5c2c3909675846f5e4 Mon Sep 17 00:00:00 2001 From: Aaron Powell Date: Tue, 8 Apr 2025 11:45:39 +1000 Subject: [PATCH 02/11] Updating workflow to publish to GitHub Container Registry Using guide from https://docs.github.com/en/actions/use-cases-and-examples/publishing-packages/publishing-docker-images --- .github/workflows/main.yml | 40 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 1f1344403..ad23a17ab 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -58,3 +58,43 @@ jobs: - run: npm run publish-all env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + + publish-github-container-registry: + runs-on: ubuntu-latest + if: github.event_name == 'release' + environment: release + needs: build + permissions: + contents: write + id-token: write + steps: + - uses: actions/checkout@v4 + + - name: Log in to the Container registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v5 + with: + images: ghcr.io/${{ github.repository }} + + - name: Build and push Docker image + id: push + uses: docker/build-push-action@v6 + with: + context: . + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + + - name: Generate artifact attestation + uses: actions/attest-build-provenance@v2 + with: + subject-name: ghcr.io/${{ github.repository }} + subject-digest: ${{ steps.push.outputs.digest }} + push-to-registry: true \ No newline at end of file From ad8d0579c4286c473c8c2a51edd2766f694d20be Mon Sep 17 00:00:00 2001 From: Aaron Powell Date: Thu, 24 Apr 2025 15:12:19 +1000 Subject: [PATCH 03/11] Fixing prettier error --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index d3a31bedd..769f41976 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -99,4 +99,4 @@ jobs: with: subject-name: ghcr.io/${{ github.repository }} subject-digest: ${{ steps.push.outputs.digest }} - push-to-registry: true \ No newline at end of file + push-to-registry: true From 890f6fdba2b83aa5e49d0d6a91e4ff77b6f88d38 Mon Sep 17 00:00:00 2001 From: Aaron Powell Date: Thu, 24 Apr 2025 15:28:30 +1000 Subject: [PATCH 04/11] Dockerfile (#1) * Initial work for adding a Dockerfile and creating an image for inspector Fixes #237 * Updating workflow to publish to GitHub Container Registry Using guide from https://docs.github.com/en/actions/use-cases-and-examples/publishing-packages/publishing-docker-images --- .dockerignore | 35 +++++++++++++++++++++++++++++++++ .github/workflows/main.yml | 40 ++++++++++++++++++++++++++++++++++++++ Dockerfile | 26 +++++++++++++++++++++++++ 3 files changed, 101 insertions(+) create mode 100644 .dockerignore create mode 100644 Dockerfile diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 000000000..a3e960e3f --- /dev/null +++ b/.dockerignore @@ -0,0 +1,35 @@ +# Version control +.git +.gitignore + +# Node.js +node_modules +npm-debug.log + +# Build artifacts +client/dist +client/build +server/dist +server/build + +# Environment variables +.env +.env.local +.env.development +.env.test +.env.production + +# Editor files +.vscode +.idea + +# Logs +logs +*.log + +# Testing +coverage + +# Docker +Dockerfile +.dockerignore \ No newline at end of file diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 9621e313d..d3a31bedd 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -60,3 +60,43 @@ jobs: - run: npm run publish-all env: NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + + publish-github-container-registry: + runs-on: ubuntu-latest + if: github.event_name == 'release' + environment: release + needs: build + permissions: + contents: write + id-token: write + steps: + - uses: actions/checkout@v4 + + - name: Log in to the Container registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v5 + with: + images: ghcr.io/${{ github.repository }} + + - name: Build and push Docker image + id: push + uses: docker/build-push-action@v6 + with: + context: . + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + + - name: Generate artifact attestation + uses: actions/attest-build-provenance@v2 + with: + subject-name: ghcr.io/${{ github.repository }} + subject-digest: ${{ steps.push.outputs.digest }} + push-to-registry: true \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 000000000..2d318a333 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,26 @@ +FROM node:22-slim + +# Set working directory +WORKDIR /app + +# Copy files +COPY . . + +# Install dependencies +# Working around https://github.com/npm/cli/issues/4828 +# RUN npm ci +RUN npm install --no-package-lock + +# Build the application +RUN npm run build + +ENV CLIENT_PORT=6274 +ENV SERVER_PORT=6277 + +# Expose the CLIENT_PORT and SERVER_PORT +EXPOSE $CLIENT_PORT +EXPOSE $SERVER_PORT + +# Use ENTRYPOINT with CMD for arguments +ENTRYPOINT ["npm", "start"] +CMD [] \ No newline at end of file From 9e186e3b1b76427fbf1d4b09cec450957f0c0a46 Mon Sep 17 00:00:00 2001 From: Aaron Powell Date: Thu, 24 Apr 2025 15:31:37 +1000 Subject: [PATCH 05/11] ci fix (#2) --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index d3a31bedd..769f41976 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -99,4 +99,4 @@ jobs: with: subject-name: ghcr.io/${{ github.repository }} subject-digest: ${{ steps.push.outputs.digest }} - push-to-registry: true \ No newline at end of file + push-to-registry: true From b0031d0b6f705e465b196da89567a6572af78778 Mon Sep 17 00:00:00 2001 From: Aaron Powell Date: Thu, 24 Apr 2025 15:41:40 +1000 Subject: [PATCH 06/11] Fixing permissions (#3) --- .github/workflows/main.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 769f41976..3c9e08dca 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -67,7 +67,9 @@ jobs: environment: release needs: build permissions: - contents: write + contents: read + packages: write + attestations: write id-token: write steps: - uses: actions/checkout@v4 From 243fd1494e672df968321fe4f3bdf33185e37991 Mon Sep 17 00:00:00 2001 From: Aaron Powell Date: Thu, 24 Apr 2025 15:46:22 +1000 Subject: [PATCH 07/11] Fixing permissions --- .github/workflows/main.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 769f41976..3c9e08dca 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -67,7 +67,9 @@ jobs: environment: release needs: build permissions: - contents: write + contents: read + packages: write + attestations: write id-token: write steps: - uses: actions/checkout@v4 From ef6d84933aa686e236341cf03d007749ac5ba85a Mon Sep 17 00:00:00 2001 From: Aaron Powell Date: Mon, 2 Jun 2025 13:49:38 +1000 Subject: [PATCH 08/11] Apply suggestions from code review Co-authored-by: John McBride --- .github/workflows/main.yml | 1 + Dockerfile | 8 +++----- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index b68890f32..45f2c6804 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -95,6 +95,7 @@ jobs: with: context: . push: true + platforms: linux/amd64,linux/arm64 tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} diff --git a/Dockerfile b/Dockerfile index 2d318a333..f5c491d47 100644 --- a/Dockerfile +++ b/Dockerfile @@ -14,12 +14,10 @@ RUN npm install --no-package-lock # Build the application RUN npm run build -ENV CLIENT_PORT=6274 -ENV SERVER_PORT=6277 +ARG CLIENT_PORT=6274 +ARG SERVER_PORT=6277 -# Expose the CLIENT_PORT and SERVER_PORT -EXPOSE $CLIENT_PORT -EXPOSE $SERVER_PORT +EXPOSE ${CLIENT_PORT} ${SERVER_PORT} # Use ENTRYPOINT with CMD for arguments ENTRYPOINT ["npm", "start"] From 769d045c16ea3fbf89cff3baef975dbdc614f2f8 Mon Sep 17 00:00:00 2001 From: Aaron Powell Date: Wed, 4 Jun 2025 12:18:43 +1000 Subject: [PATCH 09/11] Converting to multi-stage dockerfile --- Dockerfile | 46 +++++++++++++++++++++++++++++++++++----------- 1 file changed, 35 insertions(+), 11 deletions(-) diff --git a/Dockerfile b/Dockerfile index f5c491d47..5d7724d03 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,24 +1,48 @@ -FROM node:22-slim +# Build stage +FROM node:24-slim AS builder # Set working directory WORKDIR /app -# Copy files -COPY . . +# Copy package files for installation +COPY package*.json ./ +COPY .npmrc ./ +COPY client/package*.json ./client/ +COPY server/package*.json ./server/ +COPY cli/package*.json ./cli/ # Install dependencies -# Working around https://github.com/npm/cli/issues/4828 -# RUN npm ci -RUN npm install --no-package-lock +RUN npm ci --ignore-scripts + +# Copy source files +COPY . . # Build the application RUN npm run build -ARG CLIENT_PORT=6274 -ARG SERVER_PORT=6277 +# Production stage +FROM node:24-slim + +WORKDIR /app + +# Copy package files for production +COPY package*.json ./ +COPY .npmrc ./ +COPY client/package*.json ./client/ +COPY server/package*.json ./server/ +COPY cli/package*.json ./cli/ + +# Install only production dependencies +RUN npm ci --omit=dev --ignore-scripts + +# Copy built files from builder stage +COPY --from=builder /app/client/dist ./client/dist +COPY --from=builder /app/client/bin ./client/bin +COPY --from=builder /app/server/build ./server/build +COPY --from=builder /app/cli/build ./cli/build -EXPOSE ${CLIENT_PORT} ${SERVER_PORT} +# Document which ports the application uses internally +EXPOSE 6274 6277 # Use ENTRYPOINT with CMD for arguments -ENTRYPOINT ["npm", "start"] -CMD [] \ No newline at end of file +ENTRYPOINT ["npm", "start"] \ No newline at end of file From f73894fbf083c044a861b639976fb2b2c2eadbf4 Mon Sep 17 00:00:00 2001 From: Aaron Powell Date: Wed, 4 Jun 2025 12:30:44 +1000 Subject: [PATCH 10/11] Allowing setting of the ports at the environment variable level so the apps are aware of them --- Dockerfile | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 5d7724d03..f36fb8bb7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -41,8 +41,12 @@ COPY --from=builder /app/client/bin ./client/bin COPY --from=builder /app/server/build ./server/build COPY --from=builder /app/cli/build ./cli/build +# Set default port values as environment variables +ENV CLIENT_PORT=6274 +ENV SERVER_PORT=6277 + # Document which ports the application uses internally -EXPOSE 6274 6277 +EXPOSE ${CLIENT_PORT} ${SERVER_PORT} # Use ENTRYPOINT with CMD for arguments ENTRYPOINT ["npm", "start"] \ No newline at end of file From 37bd103cdbbf24c91a9257a8f3ad7ff69d2d2634 Mon Sep 17 00:00:00 2001 From: Aaron Powell Date: Thu, 5 Jun 2025 10:30:09 +1000 Subject: [PATCH 11/11] Support for multi-platform builds --- .github/workflows/main.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 45f2c6804..dd0b5e405 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -89,6 +89,12 @@ jobs: with: images: ghcr.io/${{ github.repository }} + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Build and push Docker image id: push uses: docker/build-push-action@v6