diff --git a/.gitea/workflows/build.yml b/.gitea/workflows/build.yml index 70136cb..5c54521 100644 --- a/.gitea/workflows/build.yml +++ b/.gitea/workflows/build.yml @@ -1,4 +1,4 @@ -name: Build and Push Docker Image +name: Build and Push Docker Images on: push: @@ -14,10 +14,9 @@ on: env: REGISTRY: code.letsbe.solutions - IMAGE_NAME: letsbe/monacousa-portal jobs: - build: + build-portal: runs-on: ubuntu-latest steps: - name: Checkout repository @@ -34,11 +33,11 @@ jobs: username: ${{ gitea.actor }} password: ${{ secrets.REGISTRY_TOKEN }} - - name: Extract metadata (tags, labels) + - name: Extract metadata id: meta uses: docker/metadata-action@v5 with: - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + images: ${{ env.REGISTRY }}/letsbe/monacousa-portal tags: | type=ref,event=branch type=ref,event=pr @@ -46,7 +45,7 @@ jobs: type=semver,pattern={{major}}.{{minor}} type=raw,value=latest,enable={{is_default_branch}} - - name: Build and push Docker image + - name: Build and push portal image uses: docker/build-push-action@v5 with: context: . @@ -57,3 +56,53 @@ jobs: PUBLIC_SUPABASE_URL=https://api.portal.monacousa.org PUBLIC_SUPABASE_ANON_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyb2xlIjoiYW5vbiIsImlzcyI6InN1cGFiYXNlIiwiaWF0IjoxNzA0MDY3MjAwLCJleHAiOjE4NjE4MzM2MDB9.placeholder SUPABASE_SERVICE_ROLE_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyb2xlIjoic2VydmljZV9yb2xlIiwiaXNzIjoic3VwYWJhc2UiLCJpYXQiOjE3MDQwNjcyMDAsImV4cCI6MTg2MTgzMzYwMH0.placeholder + + build-infra: + runs-on: ubuntu-latest + strategy: + matrix: + include: + - image: monacousa-db + context: docker/db + - image: monacousa-kong + context: docker/kong + - image: monacousa-migrate + context: docker/migrate + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Sync source files into build contexts + run: | + cp supabase/docker/00-init-schemas.sql docker/db/00-init-schemas.sql + cp supabase/docker/migrate.sh docker/db/migrate.sh + cp deploy/init.sql docker/migrate/init.sql + cp deploy/post-deploy.sql docker/migrate/post-deploy.sql + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log in to Gitea Container Registry + if: github.event_name != 'pull_request' + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ gitea.actor }} + password: ${{ secrets.REGISTRY_TOKEN }} + + - name: Extract metadata + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/letsbe/${{ matrix.image }} + tags: | + type=ref,event=branch + type=raw,value=latest,enable={{is_default_branch}} + + - name: Build and push ${{ matrix.image }} + uses: docker/build-push-action@v5 + with: + context: ${{ matrix.context }} + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} diff --git a/docker/kong/Dockerfile b/docker/kong/Dockerfile index 320f8fb..3f1468b 100644 --- a/docker/kong/Dockerfile +++ b/docker/kong/Dockerfile @@ -1,9 +1,9 @@ FROM kong:2.8.1 -# Embed the config template and wrapper script +USER root COPY kong.yml.template /var/lib/kong/kong.yml.template -COPY docker-entrypoint-wrapper.sh /docker-entrypoint-wrapper.sh -RUN chmod +x /docker-entrypoint-wrapper.sh +COPY --chmod=755 docker-entrypoint-wrapper.sh /docker-entrypoint-wrapper.sh +USER kong ENTRYPOINT ["/docker-entrypoint-wrapper.sh"] CMD ["kong", "docker-start"]