Skip to content

refactor(docker): switch to Alpine images for efficiency #599

refactor(docker): switch to Alpine images for efficiency

refactor(docker): switch to Alpine images for efficiency #599

Workflow file for this run

name: publish
on:
push:
branches: ["main"]
# Publish semver tags as releases.
tags: ["v*.*.*"]
pull_request:
branches: ["main"]
env:
# Use docker.io for Docker Hub if empty
REGISTRY: ghcr.io
# github.repository as <account>/<repo>
SITE_IMAGE_NAME: ${{ github.repository }}
EDITOR_IMAGE_NAME: ${{ github.repository }}editor
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
id-token: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
# Workaround: https://github.com/docker/build-push-action/issues/461
- name: Setup Docker buildx
uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db
- name: Set commit hash
id: set-commit-hash
shell: bash
run: |
export COMMIT_HASH=${GITHUB_SHA:0:7}
echo "COMMIT_HASH=$COMMIT_HASH" >> $GITHUB_OUTPUT
# Login against a Docker registry except on PR
# https://github.com/docker/login-action
- name: Log into registry ${{ env.REGISTRY }}
if: github.event_name != 'pull_request'
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
# Extract metadata (tags, labels) for Docker
# https://github.com/docker/metadata-action
- name: Extract Docker metadata (site)
id: meta-site
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81
with:
images: ${{ env.REGISTRY }}/${{ env.SITE_IMAGE_NAME }}
tags: |
type=sha,format=long,prefix=,priority=100
type=sha,prefix=,priority=80
type=ref,event=branch,priority=60
type=ref,event=pr,priority=40
# Build and push Docker image with Buildx (don't push on PR)
# https://github.com/docker/build-push-action
- name: Build and push Docker image (site)
id: build-and-push-site
uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85
with:
context: .
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta-site.outputs.tags }}
file: "src/GordonBeemingCom/Dockerfile"
build-args: |
A_COMMIT_HASH=${{ steps.set-commit-hash.outputs.COMMIT_HASH }}
A_BRANCH_NAME=${{ github.ref_name }}
# Extract metadata (tags, labels) for Docker
# https://github.com/docker/metadata-action
- name: Extract Docker metadata (editor)
id: meta-editor
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81
with:
images: ${{ env.REGISTRY }}/${{ env.EDITOR_IMAGE_NAME }}
tags: |
type=sha,format=long,prefix=,priority=100
type=sha,prefix=,priority=80
type=ref,event=branch,priority=60
type=ref,event=pr,priority=40
# Build and push Docker image with Buildx (don't push on PR)
# https://github.com/docker/build-push-action
- name: Build and push Docker image (editor)
id: build-and-push-editor
uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85
with:
context: .
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta-editor.outputs.tags }}
file: "src/GordonBeemingCom.Editor/Dockerfile"
build-args: |
A_COMMIT_HASH=${{ steps.set-commit-hash.outputs.COMMIT_HASH }}
A_BRANCH_NAME=${{ github.ref_name }}
deployPreview:
name: "Deploy to Preview"
needs: build
if: github.ref == 'refs/heads/main'
concurrency:
group: preview
cancel-in-progress: false
environment:
name: "preview"
url: "https://preview.gordonbeeming.com/"
runs-on: ubuntu-latest
permissions:
id-token: write
env:
API_URL: "https://preview.gordonbeeming.com"
steps:
- name: Azure Login
uses: azure/login@v2
with:
client-id: ${{ secrets.ARM_CLIENT_ID }}
tenant-id: ${{ secrets.ARM_TENANT_ID }}
subscription-id: ${{ secrets.ARM_SUBSCRIPTION_ID }}
- name: Set commit hash
id: set-commit-hash
shell: bash
run: |
export COMMIT_HASH=${GITHUB_SHA:0:7}
echo "COMMIT_HASH=$COMMIT_HASH" >> $GITHUB_OUTPUT
- name: Deploy Web App to Preview (editor)
uses: Azure/cli@v2
with:
inlineScript: |
TAG=$(echo 'https://${{ env.REGISTRY }}/${{ env.EDITOR_IMAGE_NAME }}:${{ github.sha }}' | tr '[:upper:]' '[:lower:]')
az webapp config container set --resource-group ${{ secrets.AZURE_WEBAPP_RG }} --name ${{ secrets.EDITOR_AZURE_WEBAPP_NAME }} --docker-custom-image-name $TAG
- name: Deploy Web App to Preview (site)
uses: Azure/cli@v2
with:
inlineScript: |
TAG=$(echo 'https://${{ env.REGISTRY }}/${{ env.SITE_IMAGE_NAME }}:${{ github.sha }}' | tr '[:upper:]' '[:lower:]')
az webapp config container set --resource-group ${{ secrets.AZURE_WEBAPP_RG }} --name ${{ secrets.SITE_AZURE_WEBAPP_NAME }} --docker-custom-image-name $TAG
- name: Check deployed version endpoint
shell: pwsh
run: |
$tries = 0
$maxTries = 24
$apiDeployed = $false
$returnedVersion = ""
$expectedCommitHash = $env:COMMIT_HASH
$baseUrl = $env:API_URL
$VersionApi = "$($baseUrl)/api/Deploy/Version"
Write-Host "Waiting for API to deploy at $VersionApi"
Write-Host "Expected Version: $expectedCommitHash"
while ($tries -lt $maxTries -and $apiDeployed -eq $false) {
try
{
$version = Invoke-WebRequest -Uri $VersionApi -Method POST -Body "" -ContentType "application/json"
$returnedVersion = $version.Content.Trim('"')
if ($version.StatusCode -eq 200 -and $returnedVersion -eq $expectedCommitHash) {
$apiDeployed = $true
} else {
Write-Host "Waiting for API to deploy... (try $($tries + 1) of $maxTries)"
Start-Sleep -Seconds 5
$tries++
}
}
catch
{
Write-Host "🔥 Error trying to get version... $($_.Exception)"
Write-Host "Waiting for API to deploy... (try $($tries + 1) of $maxTries)"
Start-Sleep -Seconds 5
$tries++
}
}
if ($apiDeployed -eq $false) {
Write-Host "🔥 API did not deploy after $($maxTries * 5) seconds"
Write-Host "🔥 Current Version: $($returnedVersion), Expected Version: $($expectedCommitHash)"
exit(1)
}
# Write-Host "Health Check at $($baseUrl)/api/HealthCheck"
# $response = Invoke-WebRequest -Uri $env:API_URL/api/HealthCheck -SslProtocol Tls12 -Method POST -Body "" -ContentType "application/json"
# if ($response.Content -eq "OK") {
# Write-Host "Health check succeeded"
# } else {
# Write-Error "Health check failed: $($response.StatusCode)"
# exit 1
# }
env:
COMMIT_HASH: ${{ steps.set-commit-hash.outputs.COMMIT_HASH }}
- name: Azure Logout
uses: azure/CLI@v2
with:
inlineScript: |
az logout
deployLive:
name: "Deploy to live"
needs: deployPreview
if: github.ref == 'refs/heads/main'
concurrency:
group: live
cancel-in-progress: false
environment:
name: "live"
url: "https://gordonbeeming.com/"
runs-on: ubuntu-latest
permissions:
id-token: write
env:
API_URL: "https://gordonbeeming.com"
steps:
- name: Azure Login
uses: azure/login@v2
with:
client-id: ${{ secrets.ARM_CLIENT_ID }}
tenant-id: ${{ secrets.ARM_TENANT_ID }}
subscription-id: ${{ secrets.ARM_SUBSCRIPTION_ID }}
- name: Set commit hash
id: set-commit-hash
shell: bash
run: |
export COMMIT_HASH=${GITHUB_SHA:0:7}
echo "COMMIT_HASH=$COMMIT_HASH" >> $GITHUB_OUTPUT
- name: Deploy Web App to Live (editor)
uses: Azure/cli@v2
with:
inlineScript: |
TAG=$(echo 'https://${{ env.REGISTRY }}/${{ env.EDITOR_IMAGE_NAME }}:${{ github.sha }}' | tr '[:upper:]' '[:lower:]')
az webapp config container set --resource-group ${{ secrets.AZURE_WEBAPP_RG }} --name ${{ secrets.EDITOR_AZURE_WEBAPP_NAME }} --docker-custom-image-name $TAG
- name: Deploy Web App to Live (site)
uses: Azure/cli@v2
with:
inlineScript: |
TAG=$(echo 'https://${{ env.REGISTRY }}/${{ env.SITE_IMAGE_NAME }}:${{ github.sha }}' | tr '[:upper:]' '[:lower:]')
az webapp config container set --resource-group ${{ secrets.AZURE_WEBAPP_RG }} --name ${{ secrets.SITE_AZURE_WEBAPP_NAME }} --docker-custom-image-name $TAG
- name: Check deployed version endpoint
shell: pwsh
run: |
$tries = 0
$maxTries = 24
$apiDeployed = $false
$returnedVersion = ""
$expectedCommitHash = $env:COMMIT_HASH
$baseUrl = $env:API_URL
$VersionApi = "$($baseUrl)/api/Deploy/Version"
Write-Host "Waiting for API to deploy at $VersionApi"
Write-Host "Expected Version: $expectedCommitHash"
while ($tries -lt $maxTries -and $apiDeployed -eq $false) {
try
{
$version = Invoke-WebRequest -Uri $VersionApi -Method POST -Body "" -ContentType "application/json"
$returnedVersion = $version.Content.Trim('"')
if ($version.StatusCode -eq 200 -and $returnedVersion -eq $expectedCommitHash) {
$apiDeployed = $true
} else {
Write-Host "Waiting for API to deploy... (try $($tries + 1) of $maxTries)"
Start-Sleep -Seconds 5
$tries++
}
}
catch
{
Write-Host "🔥 Error trying to get version... $($_.Exception)"
Write-Host "Waiting for API to deploy... (try $($tries + 1) of $maxTries)"
Start-Sleep -Seconds 5
$tries++
}
}
if ($apiDeployed -eq $false) {
Write-Host "🔥 API did not deploy after $($maxTries * 5) seconds"
Write-Host "🔥 Current Version: $($returnedVersion), Expected Version: $($expectedCommitHash)"
exit(1)
}
# Write-Host "Health Check at $($baseUrl)/api/HealthCheck"
# $response = Invoke-WebRequest -Uri $env:API_URL/api/HealthCheck -SslProtocol Tls12 -Method POST -Body "" -ContentType "application/json"
# if ($response.Content -eq "OK") {
# Write-Host "Health check succeeded"
# } else {
# Write-Error "Health check failed: $($response.StatusCode)"
# exit 1
# }
env:
COMMIT_HASH: ${{ steps.set-commit-hash.outputs.COMMIT_HASH }}
- name: Azure Logout
uses: azure/CLI@v2
with:
inlineScript: |
az logout