c2b1073fef
- Add production Dockerfile with bun build --compile, multi-stage Alpine build - Add .dockerignore - Swap bcrypt -> bcryptjs (pure JS, no native addons) - Add programmatic migrations on startup via drizzle migrator - Add /v1/version endpoint with APP_VERSION baked in at build time - Add .gitea/workflows/ci.yml (lint + test with postgres/valkey services) - Add .gitea/workflows/build.yml (version bump, build, push to registry) - Update CLAUDE.md and docs/architecture.md to remove multi-tenancy - Add docs/deployment.md covering DOKS + ArgoCD architecture Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
78 lines
2.9 KiB
YAML
78 lines
2.9 KiB
YAML
name: Build & Release
|
|
|
|
on:
|
|
push:
|
|
branches: [main]
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
build:
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
token: ${{ secrets.BOT_TOKEN }}
|
|
|
|
- name: Determine version bump
|
|
id: bump
|
|
run: |
|
|
COMMIT_MSG=$(git log -1 --pretty=%s)
|
|
if echo "$COMMIT_MSG" | grep -qiE "^breaking(\(.+\))?:|^.+!:"; then
|
|
echo "type=major" >> $GITHUB_OUTPUT
|
|
elif echo "$COMMIT_MSG" | grep -qiE "^feat(\(.+\))?:"; then
|
|
echo "type=minor" >> $GITHUB_OUTPUT
|
|
else
|
|
echo "type=patch" >> $GITHUB_OUTPUT
|
|
fi
|
|
|
|
- name: Bump version in package.json
|
|
id: version
|
|
run: |
|
|
cd packages/backend
|
|
npm version ${{ steps.bump.outputs.type }} --no-git-tag-version
|
|
VERSION=$(node -p "require('./package.json').version")
|
|
echo "version=$VERSION" >> $GITHUB_OUTPUT
|
|
|
|
- name: Commit version bump
|
|
run: |
|
|
git config user.name "lunarfront-bot"
|
|
git config user.email "bot@lunarfront.tech"
|
|
git remote set-url origin https://lunarfront-bot:${{ secrets.BOT_TOKEN }}@git.lunarfront.tech/ryan/lunarfront-app.git
|
|
git add packages/backend/package.json
|
|
git commit -m "chore: bump version to v${{ steps.version.outputs.version }}"
|
|
git push origin main
|
|
|
|
- name: Install Docker CLI
|
|
run: |
|
|
apt-get update -qq
|
|
apt-get install -y ca-certificates curl
|
|
install -m 0755 -d /etc/apt/keyrings
|
|
curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
|
|
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian $(. /etc/os-release && echo $VERSION_CODENAME) stable" > /etc/apt/sources.list.d/docker.list
|
|
apt-get update -qq
|
|
apt-get install -y docker-ce-cli
|
|
|
|
- name: Login to registry
|
|
run: echo "${{ secrets.REGISTRY_TOKEN }}" | docker login registry.lunarfront.tech -u ryan --password-stdin
|
|
|
|
- name: Build and push
|
|
run: |
|
|
VERSION=${{ steps.version.outputs.version }}
|
|
SHA=$(git rev-parse --short HEAD)
|
|
docker build \
|
|
--build-arg APP_VERSION=$VERSION \
|
|
-t registry.lunarfront.tech/ryan/lunarfront-app:$VERSION \
|
|
-t registry.lunarfront.tech/ryan/lunarfront-app:$SHA \
|
|
-t registry.lunarfront.tech/ryan/lunarfront-app:latest \
|
|
.
|
|
docker push registry.lunarfront.tech/ryan/lunarfront-app:$VERSION
|
|
docker push registry.lunarfront.tech/ryan/lunarfront-app:$SHA
|
|
docker push registry.lunarfront.tech/ryan/lunarfront-app:latest
|
|
|
|
- name: Logout
|
|
if: always()
|
|
run: docker logout registry.lunarfront.tech
|