chore: add build workflow

2025-02-07 19:46:16 -03:00 · 2025-02-07 19:46:16 -03:00 · a017350d64
commit a017350d64
parent 6288969c4d
4 changed files with 139 additions and 2 deletions
--- a/.forgejo/workflows/build-docker-image.yaml
+++ b/.forgejo/workflows/build-docker-image.yaml
@ -0,0 +1,66 @@
+name: Publish image
+on:
+  push:
+    branches:
+      - main
+  workflow_dispatch:
+
+jobs:
+  create-docker-images:
+    runs-on: host
+    steps:
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          registry: git.alecodes.page
+          username: ${{ vars.CONTAINER_REGISTRY_USER }}
+          password: ${{ secrets.CONTAINER_REGISTRY_TOKEN }}
+
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          platforms: linux/amd64
+          push: true
+          file: ./docker/Dockerfile
+          tags: |
+            git.alecodes.page/alecodes/index:latest
+            git.alecodes.page/alecodes/index:${{ github.sha }}
+
+  deploy:
+    runs-on: ubuntu-latest
+    needs:
+      - create-docker-images
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: 'Docker Stack Deploy'
+        uses: https://github.com/cssnr/stack-deploy-action@v1
+        with:
+          host: ${{ vars.DOCKER_SWARM_HOST }}
+          port: ${{ vars.DOCKER_SWARM_PORT }}
+          user: ${{ secrets.DOCKER_SWARM_USER }}
+          ssh_key: '${{ secrets.DOCKER_SWARM_SSH_KEY }}'
+          file: 'docker/docker-stack.yaml'
+          name: 'index'
+
+  rebase:
+    runs-on: ubuntu-latest
+    needs: deploy
+    if: success()
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: '0'
+          ref: content-update
+
+      - name: Update branch
+        run: |
+          set -x
+          git config --global user.name "robo"
+          git config --global user.email "robo@alecodes.page"
+          git rebase origin/main
+          git push origin content-update --force-with-lease
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@ -1,12 +1,16 @@
 FROM ghcr.io/linuxcontainers/debian-slim:latest

-COPY --from=ghcr.io/amacneil/dbmate /usr/local/bin/dbmate /usr/local/bin/dbmate
-COPY --from=lovasoa/sqlpage:main /usr/local/bin/sqlpage /usr/local/bin/sqlpage
+COPY --from=ghcr.io/amacneil/dbmate:main /usr/local/bin/dbmate /usr/local/bin/dbmate
+COPY --from=lovasoa/sqlpage /usr/local/bin/sqlpage /usr/local/bin/sqlpage

 WORKDIR /app

 ENV SQLPAGE_WEB_ROOT=/app
 ENV SQLPAGE_CONFIGURATION_DIRECTORY=/app/sqlpage
+ENV DB_DRIVER=
+ENV DB_USER=
+ENV DB_NAME=
+ENV DB_PASSWORD_FILE=

 RUN addgroup --gid 1000 --system index_user && \
  adduser --uid 1000 --system --no-create-home --ingroup index_user index_user && \
@ -15,7 +19,12 @@ RUN addgroup --gid 1000 --system index_user && \
  chown -R index_user:index_user /etc/sqlpage/sqlpage.db

 COPY --chown=index_user:index_user ./src /app
+COPY --chown=index_user:index_user ./docker/entrypoint.sh /usr/bin/entrypoint.sh
+
+RUN chmod a+x /usr/bin/entrypoint.sh

 USER index_user

+ENTRYPOINT ["/usr/bin/entrypoint.sh"]
+
 CMD /usr/local/bin/sqlpage
--- a/docker/docker-stack.yaml
+++ b/docker/docker-stack.yaml
@ -0,0 +1,51 @@
+services:
+  index:
+    image: git.alecodes.page/alecodes/index:${GITHUB_SHA:-latest}
+    networks:
+      - reverse_proxy
+      - default
+    secrets:
+      - index_db_pass
+    environment:
+      SQLPAGE_WEB_ROOT: /app
+      DB_DRIVER: postgres
+      DB_HOST: task.db
+      DB_USER: index
+      DB_NAME: index
+      DB_PASSWORD_FILE: /run/secrets/index_db_pass
+    deploy:
+      rollback_config:
+        failure_action: continue
+      update_config:
+        delay: 2s
+        failure_action: rollback
+        order: start-first
+      placement:
+        constraints:
+          - node.labels.services_kind==projects
+      labels:
+        - traefik.enable=true
+        - traefik.http.routers.index.rule=Host(`alecodes.page`)
+        - traefik.http.services.index.loadbalancer.server.port=3000
+
+  db:
+    image: postgres:17
+    secrets:
+      - index_db_pass
+    environment:
+      POSTGRES_USER: index
+      POSTGRES_DB: index
+      POSTGRES_PASSWORD_FILE: /run/secrets/index_db_pass
+    volumes:
+      - db_data:/var/lib/postgresql/data
+
+volumes:
+  db_data:
+
+networks:
+  reverse_proxy:
+    external: true
+
+secrets:
+  index_db_pass:
+    external: true
--- a/docker/entrypoint.sh
+++ b/docker/entrypoint.sh
@ -0,0 +1,11 @@
+#!/bin/sh
+
+if [ -e $DB_PASSWORD_FILE ]; then
+  DB_PASSWORD=$(cat $DB_PASSWORD_FILE)
+fi
+
+export DATABASE_URL="postgres://${DB_USER}:${DB_PASSWORD}@${DB_HOST}:5432/${DB_DB}?sslmode=disable"
+
+dbmate migrate --wait
+
+exec "$@"