test build

maamokun · maamokun · commit 3fea2d35e5f0 · 2024-07-23T19:00:52.000+09:00
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -0,0 +1,38 @@
+name: Build and Push Docker Image
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    env:
+      IMAGE_NAME: safetychecker
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GH_NPM_TOKEN }}
+
+      - name: Build and push
+        uses: docker/build-push-action@v4
+        with:
+          secrets: |
+            GH_NPM_TOKEN=${{ secrets.GH_NPM_TOKEN }}
+          platforms: linux/amd64,linux/arm64
+          context: .
+          push: true
+          tags: |
+            ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:latest
+            ghcr.io/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:${{ github.sha }}
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,52 @@
+# syntax = docker/dockerfile:1
+
+# Adjust BUN_VERSION as desired
+ARG BUN_VERSION=1.1.20
+FROM oven/bun:${BUN_VERSION}-slim as base
+
+# Next.js app lives here
+WORKDIR /app
+
+# Set production environment
+ENV NODE_ENV="production"
+
+# Throw-away build stage to reduce size of final image
+FROM base as build
+
+# Install packages needed to build node modules
+RUN apt-get update -qq && \
+    apt-get install --no-install-recommends -y build-essential pkg-config python-is-python3
+
+# Mount the GH_NPM_TOKEN secret and use it to create bunfig.toml
+RUN --mount=type=secret,id=GH_NPM_TOKEN \
+    echo '[install.scopes]' > bunfig.toml && \
+    echo 'neodyland = { token = "'$(cat /run/secrets/GH_NPM_TOKEN)'", url = "https://npm.pkg.github.com/" }' >> bunfig.toml
+
+# Install node modules
+COPY --link bun.lockb package.json ./
+RUN bun install
+
+# Copy application code
+COPY --link . .
+
+# Build application
+RUN bun run build
+
+# Remove development dependencies
+RUN rm -rf node_modules && \
+    bun install --ci
+
+# Remove bunfig.toml to avoid token leakage
+RUN rm -f bunfig.toml
+
+# Final stage for app image
+FROM base
+
+# Copy built application
+COPY --from=build /app/.next/standalone /app
+COPY --from=build /app/.next/static /app/.next/static
+COPY --from=build /app/public /app/public
+
+# Start the server by default, this can be overwritten at runtime
+EXPOSE 3000
+CMD [ "bun", "server.js" ]
