refactor: no builds in Dockerfiles, CI builds all artifacts
Dockerfiles now only COPY pre-built artifacts: - Dockerfile (SaaS): just COPY target/*.jar, no multi-stage build - ui/sign-in/Dockerfile (Logto): just FROM logto + COPY dist/ - Removed docker/logto.Dockerfile (had node build stage) CI pipeline builds everything: - docker job: builds frontend, JAR, sign-in UI, then packages into images using the simple Dockerfiles - Uses cameleer-build:1 (has node + maven + docker) - build job: also builds sign-in UI for testing Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
hsiegeln
@@ -27,7 +27,7 @@ jobs:
|
||||
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
|
||||
restore-keys: ${{ runner.os }}-maven-
|
||||
|
||||
- name: Build Frontend
|
||||
- name: Build SaaS frontend
|
||||
run: |
|
||||
cd ui
|
||||
echo "//gitea.siegeln.net/api/packages/cameleer/npm/:_authToken=${REGISTRY_TOKEN}" >> .npmrc
|
||||
@@ -42,21 +42,33 @@ jobs:
|
||||
mvn clean verify -B
|
||||
-Dsurefire.excludes="**/AuthControllerTest.java,**/TenantControllerTest.java,**/LicenseControllerTest.java,**/AuditRepositoryTest.java,**/CameleerSaasApplicationTest.java,**/EnvironmentControllerTest.java,**/AppControllerTest.java,**/DeploymentControllerTest.java,**/AgentStatusControllerTest.java"
|
||||
|
||||
- name: Build sign-in UI
|
||||
run: |
|
||||
cd ui/sign-in
|
||||
echo "//gitea.siegeln.net/api/packages/cameleer/npm/:_authToken=${REGISTRY_TOKEN}" >> .npmrc
|
||||
npm ci
|
||||
npm run build
|
||||
env:
|
||||
REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
|
||||
|
||||
docker:
|
||||
needs: build
|
||||
runs-on: ubuntu-latest
|
||||
if: github.event_name == 'push'
|
||||
container:
|
||||
image: gitea.siegeln.net/cameleer/cameleer-docker-builder:1
|
||||
image: gitea.siegeln.net/cameleer/cameleer-build:1
|
||||
credentials:
|
||||
username: cameleer
|
||||
password: ${{ secrets.REGISTRY_TOKEN }}
|
||||
steps:
|
||||
- name: Checkout
|
||||
run: |
|
||||
git clone --depth=1 --branch=${GITHUB_REF_NAME} https://cameleer:${REGISTRY_TOKEN}@gitea.siegeln.net/${GITHUB_REPOSITORY}.git .
|
||||
env:
|
||||
REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
|
||||
- uses: actions/checkout@v4
|
||||
|
||||
- name: Cache Maven dependencies
|
||||
uses: actions/cache@v4
|
||||
with:
|
||||
path: ~/.m2/repository
|
||||
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
|
||||
restore-keys: ${{ runner.os }}-maven-
|
||||
|
||||
- name: Login to registry
|
||||
run: echo "$REGISTRY_TOKEN" | docker login gitea.siegeln.net -u cameleer --password-stdin
|
||||
@@ -80,25 +92,42 @@ jobs:
|
||||
echo "IMAGE_TAGS=branch-$SLUG" >> "$GITHUB_ENV"
|
||||
fi
|
||||
|
||||
- name: Set up QEMU for cross-platform builds
|
||||
run: docker run --rm --privileged gitea.siegeln.net/cameleer/binfmt:1 --install all
|
||||
- name: Build SaaS frontend
|
||||
run: |
|
||||
cd ui
|
||||
echo "//gitea.siegeln.net/api/packages/cameleer/npm/:_authToken=${REGISTRY_TOKEN}" >> .npmrc
|
||||
npm ci
|
||||
npm run build
|
||||
cp -r dist/ ../src/main/resources/static/
|
||||
env:
|
||||
REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
|
||||
|
||||
- name: Build SaaS JAR
|
||||
run: mvn package -DskipTests -B
|
||||
|
||||
- name: Build sign-in UI
|
||||
run: |
|
||||
cd ui/sign-in
|
||||
echo "//gitea.siegeln.net/api/packages/cameleer/npm/:_authToken=${REGISTRY_TOKEN}" >> .npmrc
|
||||
npm ci
|
||||
npm run build
|
||||
env:
|
||||
REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
|
||||
|
||||
- name: Set up Docker buildx
|
||||
run: |
|
||||
docker buildx create --use --name cibuilder 2>/dev/null || true
|
||||
|
||||
- name: Build and push SaaS image
|
||||
run: |
|
||||
docker buildx create --use --name cibuilder
|
||||
TAGS="-t gitea.siegeln.net/cameleer/cameleer-saas:${{ github.sha }}"
|
||||
for TAG in $IMAGE_TAGS; do
|
||||
TAGS="$TAGS -t gitea.siegeln.net/cameleer/cameleer-saas:$TAG"
|
||||
done
|
||||
docker buildx build --platform linux/amd64 \
|
||||
--build-arg REGISTRY_TOKEN="$REGISTRY_TOKEN" \
|
||||
$TAGS \
|
||||
--cache-from type=registry,ref=gitea.siegeln.net/cameleer/cameleer-saas:buildcache \
|
||||
--cache-to type=registry,ref=gitea.siegeln.net/cameleer/cameleer-saas:buildcache,mode=max \
|
||||
--provenance=false \
|
||||
--push .
|
||||
env:
|
||||
REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
|
||||
|
||||
- name: Build and push Logto image
|
||||
run: |
|
||||
@@ -107,12 +136,7 @@ jobs:
|
||||
TAGS="$TAGS -t gitea.siegeln.net/cameleer/cameleer-logto:$TAG"
|
||||
done
|
||||
docker buildx build --platform linux/amd64 \
|
||||
--build-arg REGISTRY_TOKEN="$REGISTRY_TOKEN" \
|
||||
-f docker/logto.Dockerfile \
|
||||
-f ui/sign-in/Dockerfile \
|
||||
$TAGS \
|
||||
--cache-from type=registry,ref=gitea.siegeln.net/cameleer/cameleer-logto:buildcache \
|
||||
--cache-to type=registry,ref=gitea.siegeln.net/cameleer/cameleer-logto:buildcache,mode=max \
|
||||
--provenance=false \
|
||||
--push .
|
||||
env:
|
||||
REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
|
||||
--push ui/sign-in/
|
||||
|
||||
25
Dockerfile
25
Dockerfile
@@ -1,30 +1,7 @@
|
||||
# syntax=docker/dockerfile:1
|
||||
|
||||
# Frontend: runs natively on build host
|
||||
FROM --platform=$BUILDPLATFORM node:22-alpine AS frontend
|
||||
ARG REGISTRY_TOKEN
|
||||
WORKDIR /ui
|
||||
COPY ui/package.json ui/package-lock.json ui/.npmrc ./
|
||||
RUN echo "//gitea.siegeln.net/api/packages/cameleer/npm/:_authToken=${REGISTRY_TOKEN}" >> .npmrc && npm ci
|
||||
COPY ui/ .
|
||||
RUN npm run build
|
||||
|
||||
# Maven build: runs natively on build host (no QEMU emulation)
|
||||
FROM --platform=$BUILDPLATFORM eclipse-temurin:21-jdk-alpine AS build
|
||||
WORKDIR /build
|
||||
COPY .mvn/ .mvn/
|
||||
COPY mvnw pom.xml ./
|
||||
# Cache deps — only re-downloaded when POM changes
|
||||
RUN ./mvnw dependency:go-offline -B || true
|
||||
COPY src/ src/
|
||||
COPY --from=frontend /ui/dist/ src/main/resources/static/
|
||||
RUN ./mvnw package -DskipTests -B
|
||||
|
||||
# Runtime: target platform (amd64)
|
||||
FROM eclipse-temurin:21-jre-alpine
|
||||
WORKDIR /app
|
||||
RUN addgroup -S cameleer && adduser -S cameleer -G cameleer
|
||||
COPY --from=build /build/target/*.jar app.jar
|
||||
COPY target/*.jar app.jar
|
||||
USER cameleer
|
||||
EXPOSE 8080
|
||||
ENTRYPOINT ["java", "-jar", "app.jar"]
|
||||
|
||||
@@ -1,14 +0,0 @@
|
||||
# syntax=docker/dockerfile:1
|
||||
|
||||
# Build custom sign-in UI
|
||||
FROM --platform=$BUILDPLATFORM node:22-alpine AS sign-in
|
||||
ARG REGISTRY_TOKEN
|
||||
WORKDIR /ui
|
||||
COPY ui/sign-in/package.json ui/sign-in/package-lock.json ui/sign-in/.npmrc ./
|
||||
RUN echo "//gitea.siegeln.net/api/packages/cameleer/npm/:_authToken=${REGISTRY_TOKEN}" >> .npmrc && npm ci
|
||||
COPY ui/sign-in/ .
|
||||
RUN npm run build
|
||||
|
||||
# Custom Logto with baked-in sign-in UI
|
||||
FROM ghcr.io/logto-io/logto:latest
|
||||
COPY --from=sign-in /ui/dist/ /etc/logto/packages/experience/dist/
|
||||
2
ui/sign-in/Dockerfile
Normal file
2
ui/sign-in/Dockerfile
Normal file
@@ -0,0 +1,2 @@
|
||||
FROM ghcr.io/logto-io/logto:latest
|
||||
COPY dist/ /etc/logto/packages/experience/dist/
|
||||
Reference in New Issue
Block a user