feat: docker (#496)

* feat: add a dockerfile

* feat: add docker

* fix: remove redundant env var NEXT_PUBLIC_COMMENT_DOMAIN

* fix: allow optional social auth

* fix(e2e): can't find the domain input

* fix: ut error

* fix: ut

* fix: e2e

.dockerignore

@@ -0,0 +1,14 @@
+Dockerfile
+.dockerignore
+# node_modules
+npm-debug.log
+README.md
+# .next
+# .git
+.github
+.turbo
+**/.env.local
+.vercel
+
+e2e
+/services

.github/workflows/bundle-analysis.yml

@@ -54,6 +54,5 @@ jobs:
           NEXTAUTH_URL: ${{ secrets.NEXTAUTH_URL }}
           NEXT_PUBLIC_ANALYTICS_DOMAIN: ${{ secrets.NEXT_PUBLIC_ANALYTICS_DOMAIN }}
           NEXT_PUBLIC_APP_URL: ${{ secrets.NEXT_PUBLIC_APP_URL }}
-          NEXT_PUBLIC_COMMENT_DOMAIN: ${{ secrets.NEXT_PUBLIC_COMMENT_DOMAIN }}
           NEXT_PUBLIC_HASURA_HTTP_ORIGIN: ${{ secrets.NEXT_PUBLIC_HASURA_HTTP_ORIGIN }}
           NEXT_PUBLIC_HASURA_WS_ORIGIN: ${{ secrets.NEXT_PUBLIC_HASURA_WS_ORIGIN }}

.github/workflows/docker.yml

@@ -0,0 +1,60 @@
+name: Publish Docker images
+
+on:
+  create:
+    tags: ['v*']
+  push:
+    branches: [prod]
+  pull_request:
+    branches: [prod]
+
+jobs:
+  push_builder:
+    name: Builder
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out the repo
+        uses: actions/checkout@v3
+
+      - name: Extract meta
+        id: builder-meta
+        uses: docker/metadata-action@v4
+        with:
+          images: devrsi0n/chirpy
+          tags: |
+            type=ref,event=branch
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{major}}
+
+      - name: Log in to Docker Hub
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      - name: Build and push builder image
+        uses: docker/build-push-action@v3
+        with:
+          context: .
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.builder-meta.outputs.tags }}
+          labels: ${{ steps.builder-meta.outputs.labels }}
+          build-args:
+            NEXT_PUBLIC_HASURA_HTTP_ORIGIN: ${{ secrets.NEXT_PUBLIC_HASURA_HTTP_ORIGIN }}
+            NEXT_PUBLIC_HASURA_WS_ORIGIN: ${{ secrets.NEXT_PUBLIC_HASURA_HTTP_ORIGIN }}
+            NEXT_PUBLIC_APP_URL: ${{ secrets.NEXT_PUBLIC_APP_URL }}
+            NEXT_PUBLIC_VAPID: ${{ secrets.NEXT_PUBLIC_VAPID }}
+            NEXT_PUBLIC_ANALYTICS_DOMAIN: ${{ secrets.NEXT_PUBLIC_ANALYTICS_DOMAIN }}
+            NEXTAUTH_URL: ${{ secrets.NEXTAUTH_URL }}
+            HASURA_ADMIN_SECRET: ${{ secrets.HASURA_ADMIN_SECRET }}
+            HASURA_EVENT_SECRET: ${{ secrets.HASURA_EVENT_SECRET }}
+            HASH_ALGORITHM: ${{ secrets.HASH_ALGORITHM }}
+            NEXTAUTH_SECRET: ${{ secrets.NEXTAUTH_SECRET }}
+            PRIVATE_VAPID: ${{ secrets.PRIVATE_VAPID }}
+            EMAIL_API_KEY: ${{ secrets.EMAIL_API_KEY }}
+            GITHUB_CLIENT_ID: ${{ secrets.GITHUB_CLIENT_ID }}
+            GITHUB_CLIENT_SECRET: ${{ secrets.GITHUB_CLIENT_SECRET }}
+            TWITTER_CONSUMER_KEY: ${{ secrets.TWITTER_CONSUMER_KEY }}
+            TWITTER_CONSUMER_SECRET: ${{ secrets.TWITTER_CONSUMER_SECRET }}

.github/workflows/release.yml

@@ -61,6 +61,5 @@ jobs:
           NEXTAUTH_URL: ${{ secrets.NEXTAUTH_URL }}
           NEXT_PUBLIC_ANALYTICS_DOMAIN: ${{ secrets.NEXT_PUBLIC_ANALYTICS_DOMAIN }}
           NEXT_PUBLIC_APP_URL: ${{ secrets.NEXT_PUBLIC_APP_URL }}
-          NEXT_PUBLIC_COMMENT_DOMAIN: ${{ secrets.NEXT_PUBLIC_COMMENT_DOMAIN }}
           NEXT_PUBLIC_HASURA_HTTP_ORIGIN: ${{ secrets.NEXT_PUBLIC_HASURA_HTTP_ORIGIN }}
           NEXT_PUBLIC_HASURA_WS_ORIGIN: ${{ secrets.NEXT_PUBLIC_HASURA_WS_ORIGIN }}

Dockerfile

@@ -0,0 +1,73 @@
+FROM node:16-slim AS base
+WORKDIR /app
+ARG NEXT_PUBLIC_HASURA_HTTP_ORIGIN
+ENV NEXT_PUBLIC_HASURA_HTTP_ORIGIN=${NEXT_PUBLIC_HASURA_HTTP_ORIGIN}
+ARG NEXT_PUBLIC_HASURA_WS_ORIGIN
+ENV NEXT_PUBLIC_HASURA_WS_ORIGIN=${NEXT_PUBLIC_HASURA_WS_ORIGIN}
+ARG NEXT_PUBLIC_APP_URL
+ENV NEXT_PUBLIC_APP_URL=${NEXT_PUBLIC_APP_URL}
+ARG NEXT_PUBLIC_VAPID
+ENV NEXT_PUBLIC_VAPID=${NEXT_PUBLIC_VAPID}
+ARG NEXT_PUBLIC_ANALYTICS_DOMAIN
+ENV NEXT_PUBLIC_ANALYTICS_DOMAIN=${NEXT_PUBLIC_ANALYTICS_DOMAIN}
+ARG NEXTAUTH_URL
+ENV NEXTAUTH_URL=${NEXTAUTH_URL}
+ARG HASURA_ADMIN_SECRET
+ENV HASURA_ADMIN_SECRET=${HASURA_ADMIN_SECRET}
+ARG HASURA_EVENT_SECRET
+ENV HASURA_EVENT_SECRET=${HASURA_EVENT_SECRET}
+ARG HASH_ALGORITHM
+ENV HASH_ALGORITHM=${HASH_ALGORITHM}
+ARG NEXTAUTH_SECRET
+ENV NEXTAUTH_SECRET=${NEXTAUTH_SECRET}
+ARG PRIVATE_VAPID
+ENV PRIVATE_VAPID=${PRIVATE_VAPID}
+ARG EMAIL_API_KEY
+ENV EMAIL_API_KEY=${EMAIL_API_KEY}
+ARG GITHUB_CLIENT_ID
+ENV GITHUB_CLIENT_ID=${GITHUB_CLIENT_ID}
+ARG GITHUB_CLIENT_SECRET
+ENV GITHUB_CLIENT_SECRET=${GITHUB_CLIENT_SECRET}
+ARG TWITTER_CONSUMER_KEY
+ENV TWITTER_CONSUMER_KEY=${TWITTER_CONSUMER_KEY}
+# Disable telemetry
+ENV NEXT_TELEMETRY_DISABLED=1
+ENV DOCKER=true
+RUN npm --global install pnpm
+
+FROM base AS builder
+RUN apt-get -qy update && apt-get -qy --no-install-recommends install openssl git
+
+# COPY pnpm-lock.yaml .npmrc pnpm-workspace.yaml patches ./
+# RUN pnpm fetch
+ADD . ./
+RUN pnpm install -r --frozen-lockfile
+RUN pnpm turbo run build --filter=@chirpy-dev/main-app...
+
+FROM base AS runner
+
+RUN apt-get -qy update \
+    && apt-get -qy --no-install-recommends install \
+    openssl \
+    && apt-get autoremove -yq \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/*
+# RUN addgroup --system --gid 1001 nodejs
+# RUN adduser --system --uid 1001 nextjs
+# USER nextjs
+
+COPY ./apps/main/.env.docker ./apps/main/.env.production
+COPY --from=builder /app/node_modules ./node_modules
+COPY --from=builder /app/apps/main/public ./apps/main/public
+COPY --from=builder --chown=node:node /app/apps/main/.next/standalone ./apps/main/
+COPY --from=builder --chown=node:node /app/apps/main/.next/static ./apps/main/.next/static
+
+COPY env.sh ./
+RUN chmod +x ./env.sh
+# Setup env.sh config
+ENV ENVSH_OUTPUT=./apps/main/public/__env.js
+ENV ENVSH_ENV=./apps/main/.env.production
+ENTRYPOINT ["./env.sh"]
+CMD node ./apps/main/server.js
+
+EXPOSE 3000