Skip to content

Commit

Permalink
Merge branch 'feat/responsive-landing' of github.com:peapescarte/pesc…
Browse files Browse the repository at this point in the history 
…arte-plataforma into feat/responsive-landing

* 'feat/responsive-landing' of github.com:peapescarte/pescarte-plataforma: (25 commits)
  fix: please DOCKER SAVE ME FROM THIS CRUEL LIFE
  fix: ditch faker from dev env
  fix: define project env on compile-time
  fix: re-state arg from env in Dockerfile
  fix: simplify CI
  Feat/publi artigos (#211)
  fix: i can't handle CI anymore 😭
  fix: build prod ignore manual MIX_ENV
  Feat/publi artigos (#210)
  Feat/livros (#209)
  corrigido rota boletin para boletins, e ajuste no width da imagem das capas dos boletins (#208)
  fix: formatter
  fix: avoid docker login on dev/test ci
  Fix/style pictures pesquisa (#205)
  fix/quem somos update (#206)
  Fix/ apps card (#204)
  fix: only fetch specific env deps for each ci part
  fix: adding agenda warning text (#207)
  fix: git hooks
  feat: improve ci, reduce build time
  ...
  • Loading branch information
@douglastofoli
douglastofoli committed Sep 13, 2024
2 parents d690a4b + b5bffbd commit da07155
Show file tree
Hide file tree
Showing 59 changed files with 1,563 additions and 518 deletions.
193 changes: 193 additions & 0 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,193 @@
name: ci
env:
REGISTRY: ghcr.io
IMAGE_NAME: peapescarte/pescarte-plataforma
TAG: ghcr.io/peapescarte/pescarte-plataforma

on:
push:
branches: [ main ]
pull_request:
branches: [ main ]

jobs:
lint:
runs-on: ubuntu-latest
env:
MIX_ENV: dev
strategy:
matrix:
otp: [26.2.5]
elixir: [1.16.2]
steps:
- uses: actions/checkout@v4

- uses: erlef/setup-beam@v1
with:
otp-version: ${{ matrix.otp }}
elixir-version: ${{ matrix.elixir }}

- name: Cache Elixir deps
uses: actions/cache@v1
id: deps-cache
with:
path: deps
key: ${{ runner.os }}-mix-${{ env.MIX_ENV }}-${{ hashFiles(format('{0}{1}', github.workspace, '/mix.lock')) }}

- name: Cache Elixir _build
uses: actions/cache@v1
id: build-cache
with:
path: _build
key: ${{ runner.os }}-build-${{ env.MIX_ENV }}-${{ matrix.otp }}-${{ matrix.elixir }}-${{ hashFiles(format('{0}{1}', github.workspace, '/mix.lock')) }}

- name: Install deps
if: steps.deps-cache.outputs.cache-hit != 'true'
run: |
mix local.rebar --force
mix local.hex --force
mix deps.get --only ${{ env.MIX_ENV }}
- name: Compile deps
if: steps.build-cache.outputs.cache-hit != 'true'
run: mix deps.compile --warnings-as-errors

- name: Run compiler checks
run: mix clean && mix compile --force --warning-as-errors

- name: Run formatter check
run: mix format --check-formatted

- name: Run static analysis
run: mix credo --strict

test:
runs-on: ubuntu-latest
env:
SUPABASE_KEY: "super-ci-key"
SUPABASE_URL: "http://localhost:123"
DATABASE_USER: "peapescarte"
DATABASE_PASS: "peapescarte"
MIX_ENV: test
strategy:
matrix:
otp: [26.2.5]
elixir: [1.16.2]
services:
postgres:
image: postgres:15
ports:
- 5432:5432
env:
POSTGRES_USER: peapescarte
POSTGRES_PASSWORD: peapescarte
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
steps:
- uses: actions/checkout@v4

- uses: erlef/setup-beam@v1
with:
otp-version: ${{ matrix.otp }}
elixir-version: ${{ matrix.elixir }}

- name: Cache Elixir deps
uses: actions/cache@v1
id: deps-cache
with:
path: deps
key: ${{ runner.os }}-mix-${{ env.MIX_ENV }}-${{ hashFiles(format('{0}{1}', github.workspace, '/mix.lock')) }}

- name: Cache Elixir _build
uses: actions/cache@v1
id: build-cache
with:
path: _build
key: ${{ runner.os }}-build-${{ env.MIX_ENV }}-${{ matrix.otp }}-${{ matrix.elixir }}-${{ hashFiles(format('{0}{1}', github.workspace, '/mix.lock')) }}

- name: Install deps
if: steps.deps-cache.outputs.cache-hit != 'true'
run: |
mix local.rebar --force
mix local.hex --force
mix deps.get --only ${{ env.MIX_ENV }}
- name: Compile deps
if: steps.build-cache.outputs.cache-hit != 'true'
run: mix deps.compile --warnings-as-errors

- name: Run tests
run: mix test

build-dev:
runs-on: ubuntu-latest
needs: test
if: success() && github.ref == 'refs/heads/main'
permissions:
contents: read
packages: write
attestations: write
id-token: write
steps:
- uses: actions/checkout@v4

- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ secrets.GHCR_USERNAME }}
password: ${{ secrets.GHCR_TOKEN }}

- name: Build and push Docker image (DEV)
id: push
uses: docker/build-push-action@v6
with:
context: .
push: true
tags: ${{ env.TAG }}:dev
build-args: MIX_ENV=dev
target: builder

- name: Generate artifact attestation
uses: actions/attest-build-provenance@v1
with:
subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
subject-digest: ${{ steps.push.outputs.digest }}
push-to-registry: true

build-prod:
runs-on: ubuntu-latest
needs: test
if: success() && github.ref == 'refs/heads/main'
permissions:
contents: read
packages: write
attestations: write
id-token: write
steps:
- uses: actions/checkout@v4

- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ secrets.GHCR_USERNAME }}
password: ${{ secrets.GHCR_TOKEN }}

- name: Build and push Docker image (PROD)
id: push
uses: docker/build-push-action@v6
with:
context: .
push: true
tags: ${{ env.TAG }}:prod

- name: Generate artifact attestation
uses: actions/attest-build-provenance@v1
with:
subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
subject-digest: ${{ steps.push.outputs.digest }}
push-to-registry: true
34 changes: 0 additions & 34 deletions .github/workflows/docker.yml
View file

This file was deleted.

34 changes: 0 additions & 34 deletions .github/workflows/lint.yml
View file

This file was deleted.

34 changes: 0 additions & 34 deletions .github/workflows/test.yml
View file

This file was deleted.

23 changes: 14 additions & 9 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,25 +1,25 @@
ARG ELIXIR_VERSION=1.16.0
ARG OTP_VERSION=26.1.2
ARG ALPINE_VERSION=3.18.4
ARG MIX_ENV=prod

ARG BUILDER_IMAGE="hexpm/elixir:${ELIXIR_VERSION}-erlang-${OTP_VERSION}-alpine-${ALPINE_VERSION}"
ARG RUNNER_IMAGE="alpine:${ALPINE_VERSION}"

FROM ${BUILDER_IMAGE} as builder
FROM ${BUILDER_IMAGE} AS builder

# prepare build dir
WORKDIR /app

RUN apk update --no-cache
RUN apk add --no-cache build-base gcc curl git wget nodejs npm

ARG MIX_ENV

# install hex + rebar
RUN mix local.hex --force && \
mix local.rebar --force

# set build ENV
ENV MIX_ENV="prod"

# install mix dependencies
COPY mix.exs mix.lock ./
RUN mix deps.get --only $MIX_ENV
Expand All @@ -46,20 +46,25 @@ RUN mix assets.deploy
# Changes to config/runtime.exs don't require recompiling the code
COPY config/runtime.exs config/

# generate mappings for sentry stacktraces
RUN mix sentry.package_source_code

COPY rel rel
RUN mix release

# start a new build stage so that the final image will only contain
# the compiled release and other runtime necessities
FROM ${RUNNER_IMAGE}
FROM ${RUNNER_IMAGE} AS runner

RUN apk update --no-cache
RUN apk add --no-cache tzdata openssl ncurses wget
RUN apk add --no-cache chromium --repository=http://dl-cdn.alpinelinux.org/alpine/v3.18/community

ENV LANG en_US.UTF-8
ENV LANGUAGE en_US:en
ENV LC_ALL en_US.UTF-8
ARG MIX_ENV

ENV LANG=en_US.UTF-8
ENV LANGUAGE=en_US:en
ENV LC_ALL=en_US.UTF-8

WORKDIR "/app"
RUN chown nobody /app
Expand All @@ -68,7 +73,7 @@ RUN chown nobody /app
ENV MIX_ENV="prod"

# Only copy the final release from the build stage
COPY --from=builder --chown=nobody:root /app/_build/${MIX_ENV}/rel/pescarte ./
COPY --from=builder --chown=nobody:root /app/_build/$MIX_ENV/rel/pescarte ./

USER nobody

Expand Down
Loading

0 comments on commit da07155

Please sign in to comment.