From cf3a7804e993429cc2c2ec952f4d6769875c5591 Mon Sep 17 00:00:00 2001
From: bzp2010 <bzp2010@apache.org>
Date: Tue, 26 Nov 2024 11:49:50 +0800
Subject: [PATCH] feat: release docker image

---
 .dockerignore                                 |  5 ++
 .github/workflows/docker.yaml                 | 46 +++++++++++++++++++
 .../workflows/update-s3-and-cloudfront.yaml   | 11 +++--
 libs/tools/project.json                       |  8 ++++
 libs/tools/src/docker/Dockerfile              | 19 ++++++++
 {s3 => libs/tools/src/s3}/install             |  0
 package.json                                  |  2 +-
 7 files changed, 85 insertions(+), 6 deletions(-)
 create mode 100644 .dockerignore
 create mode 100644 .github/workflows/docker.yaml
 create mode 100644 libs/tools/project.json
 create mode 100644 libs/tools/src/docker/Dockerfile
 rename {s3 => libs/tools/src/s3}/install (100%)

diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 0000000..4f75c95
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,5 @@
+node_modules
+.git
+.gitignore
+*.md
+dist
diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml
new file mode 100644
index 0000000..8f1be70
--- /dev/null
+++ b/.github/workflows/docker.yaml
@@ -0,0 +1,46 @@
+name: Docker Release
+on:
+  push:
+    tags:
+      - 'v*.*.*'
+  pull_request:
+    branches:
+      - main
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Setup release flow
+        run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/v}" >> $GITHUB_ENV
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Login to ghcr.io
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: ghcr.io/api7/adc
+          tags: |
+            type=ref,event=branch
+            type=ref,event=pr
+            type=match,pattern=portal-api/(.*),group=1
+
+      - name: Build and push
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          file: libs/tools/src/docker/Dockerfile
+          push: ${{ github.event_name == 'push' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          provenance: false
+          sbom: false
diff --git a/.github/workflows/update-s3-and-cloudfront.yaml b/.github/workflows/update-s3-and-cloudfront.yaml
index f0d95e5..e21ac8b 100644
--- a/.github/workflows/update-s3-and-cloudfront.yaml
+++ b/.github/workflows/update-s3-and-cloudfront.yaml
@@ -5,7 +5,8 @@ on:
       - main
     paths:
       - .github/workflows/update-s3-and-cloudfront.yaml
-      - s3/install
+      - libs/tools/project.json
+      - libs/tools/src/s3/install
 
 jobs:
   update-s3-and-cloudfront:
@@ -24,16 +25,16 @@ jobs:
           aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
           aws-region: ${{ secrets.S3_BUCKET_REGION }}
-      
+
       - name: Deploy
         # The path to the install script will be /adc/install
-        run: aws s3 sync ./s3 s3://${{ secrets.S3_BUCKET }}/adc
+        run: aws s3 sync ./libs/tools/src/s3 s3://${{ secrets.S3_BUCKET }}/adc
 
       - name: Invalidate CloudFront
         uses: chetan/invalidate-cloudfront-action@v2
         env:
           DISTRIBUTION: ${{ secrets.CLOUDFRONT_DISTRIBUTION_ID }}
-          PATHS: "/"
-          AWS_REGION: "${{ secrets.S3_BUCKET_REGION }}"
+          PATHS: '/'
+          AWS_REGION: '${{ secrets.S3_BUCKET_REGION }}'
           AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
           AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
diff --git a/libs/tools/project.json b/libs/tools/project.json
new file mode 100644
index 0000000..8c71e01
--- /dev/null
+++ b/libs/tools/project.json
@@ -0,0 +1,8 @@
+{
+  "name": "tools",
+  "$schema": "../../node_modules/nx/schemas/project-schema.json",
+  "sourceRoot": "libs/tools/src",
+  "projectType": "library",
+  "targets": {},
+  "tags": []
+}
diff --git a/libs/tools/src/docker/Dockerfile b/libs/tools/src/docker/Dockerfile
new file mode 100644
index 0000000..ee6c9cf
--- /dev/null
+++ b/libs/tools/src/docker/Dockerfile
@@ -0,0 +1,19 @@
+FROM node:bookworm-slim AS builder
+
+ENV PNPM_HOME="/pnpm"
+ENV PATH="$PNPM_HOME:$PATH"
+RUN corepack enable
+
+WORKDIR /build
+
+COPY . .
+
+RUN pnpm install nx -g \
+  && pnpm install \
+  && NODE_ENV=production nx build cli
+
+FROM node:bookworm-slim
+
+COPY --from=builder /build/dist/apps/cli/main.js .
+
+ENTRYPOINT [ "node", "main.js" ]
diff --git a/s3/install b/libs/tools/src/s3/install
similarity index 100%
rename from s3/install
rename to libs/tools/src/s3/install
diff --git a/package.json b/package.json
index 048afd6..b0f3e42 100644
--- a/package.json
+++ b/package.json
@@ -70,5 +70,5 @@
     "yaml": "^2.4.2",
     "zod": "^3.23.8"
   },
-  "packageManager": "pnpm@9.12.3+sha512.cce0f9de9c5a7c95bef944169cc5dfe8741abfb145078c0d508b868056848a87c81e626246cb60967cbd7fd29a6c062ef73ff840d96b3c86c40ac92cf4a813ee"
+  "packageManager": "pnpm@9.14.2+sha512.6e2baf77d06b9362294152c851c4f278ede37ab1eba3a55fda317a4a17b209f4dbb973fb250a77abc463a341fcb1f17f17cfa24091c4eb319cda0d9b84278387"
 }