Skip to content

Commit

Permalink
feat(other): major improvement of deployment
Browse files Browse the repository at this point in the history
Motivation
----------

Kubernetes:
* backend becomes a statefulset (exclusive volume mount)
  See: https://spacelift.io/blog/statefulset-vs-deployment
* implement neo4j backup with job

Docker:
* consistent targets across all dockerfiles
* remove redundant labels
* remove unnecessary build args
* remove obsolete networks
* remove development dependencies for production

Rebranding:
* add image tags for local tagging and pulling
* use Github's docker build workflows
* use Github container registry
* ONBUILD to simplify caller Dockerfiles
* docker compose for branding

Tooling:
* same node --version as in dockerfile

Docs:
* missing step in README.md
  • Loading branch information
roschaefer committed Oct 27, 2024
1 parent 8df4330 commit 2f9bfce
Show file tree
Hide file tree
Showing 181 changed files with 805 additions and 6,046 deletions.
91 changes: 91 additions & 0 deletions .github/workflows/docker-push.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,91 @@
name: docker-push

on: push

jobs:
build-and-push-images:
strategy:
matrix:
app:
- name: neo4j
context: neo4j
file: neo4j/Dockerfile
target: community
- name: backend-base
context: backend
file: backend/Dockerfile
target: base
- name: backend-build
context: backend
file: backend/Dockerfile
target: build
- name: backend
context: backend
file: backend/Dockerfile
target: production
- name: webapp-base
context: webapp
file: webapp/Dockerfile
target: base
- name: webapp-build
context: webapp
file: webapp/Dockerfile
target: build
- name: webapp
context: webapp
file: webapp/Dockerfile
target: production
- name: maintenance-base
context: webapp
file: webapp/Dockerfile.maintenance
target: base
- name: maintenance-build
context: webapp
file: webapp/Dockerfile.maintenance
target: build
- name: maintenance
context: webapp
file: webapp/Dockerfile.maintenance
target: production
runs-on: ubuntu-latest
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}/${{ matrix.app.name }}
permissions:
contents: read
packages: write
attestations: write
id-token: write

steps:
- name: Checkout repository
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.1.7
- name: Log in to the Container registry
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@70b2cdc6480c1a8b86edf1777157f8f437de2166
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=schedule
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=ref,event=branch
type=ref,event=pr
type=sha
- name: Build and push Docker images
id: push
uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75
with:
context: ${{ matrix.app.context }}
target: ${{ matrix.app.target }}
file: ${{ matrix.app.file }}
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
12 changes: 0 additions & 12 deletions .github/workflows/mlc_config.json

This file was deleted.

80 changes: 0 additions & 80 deletions .github/workflows/test.lint_pr.yml

This file was deleted.

1 change: 1 addition & 0 deletions .tool-versions
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
nodejs 20.12.1
3 changes: 3 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -186,6 +186,9 @@ $ cp .env.template .env

# in folder backend/
$ cp .env.template .env

# in folder frontend/
$ cp .env.template .env
```

For Development:
Expand Down
105 changes: 21 additions & 84 deletions backend/Dockerfile
Original file line number Diff line number Diff line change
@@ -1,103 +1,40 @@
##################################################################################
# BASE (Is pushed to DockerHub for rebranding) ###################################
##################################################################################
FROM node:20.12.1-alpine3.19 AS base

# ENVs
## DOCKER_WORKDIR would be a classical ARG, but that is not multi layer persistent - shame
ENV DOCKER_WORKDIR="/app"
## We Cannot do `$(date -u +'%Y-%m-%dT%H:%M:%SZ')` here so we use unix timestamp=0
ARG BBUILD_DATE="1970-01-01T00:00:00.00Z"
ENV BUILD_DATE=$BBUILD_DATE
## We cannot do $(yarn run version)-${BUILD_NUMBER} here so we default to 0.0.0-0
ARG BBUILD_VERSION="0.0.0-0"
ENV BUILD_VERSION=$BBUILD_VERSION
## We cannot do `$(git rev-parse --short HEAD)` here so we default to 0000000
ARG BBUILD_COMMIT="0000000"
ENV BUILD_COMMIT=$BBUILD_COMMIT
## SET NODE_ENV
ENV NODE_ENV="production"
## App relevant Envs
ENV PORT="4000"

# Labels
LABEL org.label-schema.build-date="${BUILD_DATE}"
LABEL org.label-schema.name="ocelot.social:backend"
LABEL org.label-schema.description="Backend of the Social Network Software ocelot.social"
LABEL org.label-schema.usage="https://github.com/Ocelot-Social-Community/Ocelot-Social/blob/master/README.md"
LABEL org.label-schema.url="https://ocelot.social"
LABEL org.label-schema.vcs-url="https://github.com/Ocelot-Social-Community/Ocelot-Social/tree/master/backend"
LABEL org.label-schema.vcs-ref="${BUILD_COMMIT}"
LABEL org.label-schema.vendor="ocelot.social Community"
LABEL org.label-schema.version="${BUILD_VERSION}"
LABEL org.label-schema.schema-version="1.0"
LABEL maintainer="[email protected]"

# Install Additional Software
## install: git
RUN apk --no-cache add git python3 make g++

# Settings
## Expose Container Port
ENV NODE_ENV="production"
ENV PORT="4000"
EXPOSE ${PORT}
RUN apk --no-cache add git python3 make g++ bash
RUN mkdir -p /app
WORKDIR /app
CMD ["/bin/bash", "-c", "yarn run start"]

## Workdir
RUN mkdir -p ${DOCKER_WORKDIR}
WORKDIR ${DOCKER_WORKDIR}

##################################################################################
# DEVELOPMENT (Connected to the local environment, to reload on demand) ##########
##################################################################################
FROM base AS development
CMD ["/bin/sh", "-c", "yarn install && yarn run dev"]

# We don't need to copy or build anything since we gonna bind to the
# local filesystem which will need a rebuild anyway

# Run command
# (for development we need to execute yarn install since the
# node_modules are on another volume and need updating)
CMD /bin/sh -c "yarn install && yarn run dev"

##################################################################################
# CODE (Does contain all code files and is pushed to DockerHub for rebranding) ###
##################################################################################
FROM base AS code

# copy everything, but do not build.
FROM base AS build
COPY . .
ONBUILD COPY ./branding/constants/ src/config/tmp
ONBUILD RUN tools/replace-constants.sh
ONBUILD COPY ./branding/email/ src/middleware/helpers/email/
ONBUILD RUN yarn install --production=false --frozen-lockfile --non-interactive
ONBUILD RUN yarn run build
ONBUILD RUN mkdir /build
ONBUILD RUN cp -r ./build /build
ONBUILD RUN cp -r ./public /build/build
ONBUILD RUN cp -r ./package.json yarn.lock /build
ONBUILD RUN cd /build && yarn install --production=true --frozen-lockfile --non-interactive

##################################################################################
# BUILD (Does contain all files and the compilate and is therefore bloated) ######
##################################################################################
FROM code AS build

# yarn install
RUN yarn install --production=false --frozen-lockfile --non-interactive
# yarn build
RUN /bin/sh -c "yarn run build"

##################################################################################
# TEST ###########################################################################
##################################################################################
FROM build AS test
CMD ["/bin/bash", "-c", "yarn run dev"]

# Run command
CMD /bin/sh -c "yarn run dev"
FROM build AS production_build

##################################################################################
# PRODUCTION (Does contain only "binary"- and static-files to reduce image size) #
##################################################################################
FROM base AS production

# Copy "binary"-files from build image
COPY --from=build ${DOCKER_WORKDIR}/build ./build
COPY --from=build ${DOCKER_WORKDIR}/node_modules ./node_modules
# Copy static files
# TODO - externalize the uploads so we can copy the whole folder
COPY --from=build ${DOCKER_WORKDIR}/public/img/ ./public/img/
COPY --from=build ${DOCKER_WORKDIR}/public/providers.json ./public/providers.json
# Copy package.json for script definitions (lock file should not be needed)
COPY --from=build ${DOCKER_WORKDIR}/package.json ./package.json

# Run command
CMD /bin/sh -c "yarn run start"
COPY --from=production_build /build .
File renamed without changes.
File renamed without changes.
2 changes: 1 addition & 1 deletion backend/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -57,8 +57,8 @@
"ioredis": "^4.16.1",
"jsonwebtoken": "~8.5.1",
"languagedetect": "^2.0.0",
"linkifyjs": "^4.1.3",
"linkify-html": "^4.1.3",
"linkifyjs": "^4.1.3",
"lodash": "~4.17.21",
"merge-graphql-schemas": "^1.7.8",
"metascraper": "^5.33.5",
Expand Down
7 changes: 7 additions & 0 deletions backend/tools/replace-constants.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
#!/bin/bash

# TODO: this is a hack, we should find a better way to share files between backend and webapp
[ -f src/config/tmp/emails.js ] && mv src/config/tmp/emails.js src/config/emails.ts
[ -f src/config/tmp/logos.js ] && mv src/config/tmp/logos.js src/config/logos.ts
[ -f src/config/tmp/metadata.js ] && mv src/config/tmp/metadata.js src/config/metadata.ts
exit 0
7 changes: 0 additions & 7 deletions deployment/.env.dist

This file was deleted.

27 changes: 0 additions & 27 deletions deployment/DOCKER_MORE_CLOSELY.md

This file was deleted.

Loading

0 comments on commit 2f9bfce

Please sign in to comment.