diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..961d93a --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,99 @@ +name: Release Image +on: + push: + branches: + - main + - release + paths-ignore: + - 'README.md' + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +env: + SERVICE_NAME: uploads + CACHE_CONFIG: type=s3,region=${{ vars.AWS_REGION }},bucket=${{ vars.AWS_BUCKET }},access_key_id=${{ secrets.AWS_ACCESS_KEY_ID }},secret_access_key=${{ secrets.AWS_SECRET_ACCESS_KEY }} + DOCKERHUB_REPO: ${{ vars.DOCKERHUB_ORG }}/${{ github.event.repository.name }} + +jobs: + build: + strategy: + matrix: + arch: [amd64, arm64] + runs-on: ${{ matrix.arch }} + environment: release + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Login to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ vars.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + - run: | + docker context create ci + docker context use ci + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + with: + driver-opts: image=moby/buildkit:master + version: v0.11.2 + endpoint: ci + + - uses: aws-actions/configure-aws-credentials@v1 + with: + aws-region: ${{ vars.AWS_REGION }} + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + + - name: Build and push ${{ github.event.repository.name }} + uses: docker/build-push-action@v3 + with: + context: . + file: ./Dockerfile + + push: true + provenance: false + platforms: linux/${{ matrix.arch }} + tags: ${{ env.DOCKERHUB_REPO }}:latest-${{ matrix.arch }} + cache-from: ${{ env.CACHE_CONFIG }},prefix=buildx/${{ github.event.repository.name }}/${{ matrix.arch }}/ + cache-to: ${{ env.CACHE_CONFIG }},prefix=buildx/${{ github.event.repository.name }}/${{ matrix.arch }}/,mode=max + + finalize: + needs: build + environment: release + runs-on: ubuntu-latest + steps: + - name: Login to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ vars.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Merge image tags + uses: Noelware/docker-manifest-action@master + with: + inputs: ${{ env.DOCKERHUB_REPO }}:latest,${{ env.DOCKERHUB_REPO }}:${{ github.sha }} + images: ${{ env.DOCKERHUB_REPO }}:latest-amd64,${{ env.DOCKERHUB_REPO }}:latest-arm64 + push: true + + - name: Setup variables + id: vars + run: | + if [[ "${{ github.ref }}" == "refs/heads/release" ]]; then + echo "::set-output name=environment::prod" + else + echo "::set-output name=environment::stage" + fi + + - name: Invoke workflow in hub-kubes repo + uses: benc-uk/workflow-dispatch@v1 + with: + ref: main + token: ${{ secrets.ACTIONS_TOKEN }} + workflow: release.yml + repo: holaplex/hub-kubes + inputs: '{ "service": "${{ env.SERVICE_NAME }}", "environment": "${{ steps.vars.outputs.environment }}", "commit_hash": "${{ github.sha }}"}' diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..22a1f35 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,22 @@ +FROM node:20-alpine AS base +WORKDIR /app +RUN addgroup -g 10000 uploader && adduser -u 10000 -G uploader -s /bin/sh -D uploader +RUN chown -R uploader:uploader /app +USER uploader +COPY --chown=uploader:uploader package*.json ./ + +FROM base AS dependencies +RUN npm set progress=false && npm config set depth 0 && \ + npm install --only=production +RUN cp -R node_modules prod_node_modules +RUN npm install + +FROM dependencies AS build +ENV NODE_ENV=production +COPY --chown=uploader:uploader . . + +FROM base AS release +COPY --from=dependencies /app/prod_node_modules ./node_modules +COPY --chown=uploader:uploader . . +EXPOSE 3000 +CMD ["npm","start"] diff --git a/server.js b/server.js index 55ed97a..64cc56c 100644 --- a/server.js +++ b/server.js @@ -24,7 +24,7 @@ fastify.post("/uploads", async function handler(request, reply) { // Run the server! try { - await fastify.listen({ port: 3000 }); + await fastify.listen({ port: 3000, host: "0.0.0.0" }); } catch (err) { fastify.log.error(err); process.exit(1);