update : Dockerfile #22
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD Pipeline 🚀 | |
| # Kích hoạt workflow khi có push hoặc pull request đến nhánh dev | |
| on: | |
| push: | |
| branches: [main] | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| # Bước 1: Checkout code từ repository | |
| - name: Checkout code 📝 | |
| uses: actions/checkout@v2 | |
| # Bước 2: Thiết lập Docker Buildx | |
| - name: Set up Docker Buildx 🛠️ | |
| uses: docker/setup-buildx-action@v1 | |
| # Bước 3: Cache Docker layers để tăng tốc độ build | |
| - name: Cache Docker layers ⚡ | |
| uses: actions/cache@v2 | |
| with: | |
| path: /tmp/.buildx-cache | |
| key: ${{ runner.os }}-buildx-${{ github.sha }} | |
| restore-keys: | | |
| ${{ runner.os }}-buildx- | |
| # Bước 4: Chạy npm i để cài đặt | |
| - name: Install exact dependencies 📦 | |
| run: npm i --legacy-peer-deps | |
| # Bước 5: Verify code quality and run tests 🛡️ | |
| - name: Verify code quality and run tests ✅ | |
| run: | | |
| # Kiểm tra cú pháp với ESLint | |
| npx eslint . | |
| # Bước 6: Export GitHub Secrets as environment variables | |
| - name: Export secrets as environment variables | |
| run: | | |
| echo "NEXT_PUBLIC_API_KEY=${{ secrets.NEXT_PUBLIC_API_KEY }}" >> .env | |
| echo "NEXT_PUBLIC_TMDB_URL=${{ secrets.NEXT_PUBLIC_TMDB_URL }}" >> .env | |
| echo "NEXT_PUBLIC_TMDB_URL_IMAGE=${{ secrets.NEXT_PUBLIC_TMDB_URL_IMAGE }}" >> .env | |
| echo "NEXT_PUBLIC_URL=${{ secrets.NEXT_PUBLIC_URL }}" >> .env | |
| echo "NEXTAUTH_SECRET=${{ secrets.NEXTAUTH_SECRET }}" >> .env | |
| echo "GOOGLE_CLIENT_ID=${{ secrets.GOOGLE_CLIENT_ID }}" >> .env | |
| echo "GOOGLE_CLIENT_SECRET=${{ secrets.GOOGLE_CLIENT_SECRET }}" >> .env | |
| echo "GITHUB_ID=${{ secrets.GH_ID }}" >> .env | |
| echo "GITHUB_SECRET=${{ secrets.GH_SECRET }}" >> .env | |
| echo "EMAIL_SERVER=${{ secrets.EMAIL_SERVER }}" >> .env | |
| echo "EMAIL_FROM=${{ secrets.EMAIL_FROM }}" >> .env | |
| echo "NEXT_SHARP_PATH=${{ secrets.NEXT_SHARP_PATH }}" >> .env | |
| # Bước 7: Build Docker image 🏗️ | |
| - name: Build Docker image 🛠️ | |
| run: | | |
| docker build . \ | |
| --file Dockerfile \ | |
| --tag nextjs-app \ | |
| --build-arg NEXT_PUBLIC_API_KEY=${{ secrets.NEXT_PUBLIC_API_KEY }} \ | |
| --build-arg NEXT_PUBLIC_TMDB_URL=${{ secrets.NEXT_PUBLIC_TMDB_URL }} \ | |
| --build-arg NEXT_PUBLIC_TMDB_URL_IMAGE=${{ secrets.NEXT_PUBLIC_TMDB_URL_IMAGE }} \ | |
| --build-arg NEXT_PUBLIC_URL=${{ secrets.NEXT_PUBLIC_URL }} \ | |
| --build-arg NEXTAUTH_SECRET=${{ secrets.NEXTAUTH_SECRET }} \ | |
| --build-arg GOOGLE_CLIENT_ID=${{ secrets.GOOGLE_CLIENT_ID }} \ | |
| --build-arg GOOGLE_CLIENT_SECRET=${{ secrets.GOOGLE_CLIENT_SECRET }} \ | |
| --build-arg GITHUB_ID=${{ secrets.GH_ID }} \ | |
| --build-arg GITHUB_SECRET=${{ secrets.GH_SECRET }} \ | |
| --build-arg EMAIL_SERVER=${{ secrets.EMAIL_SERVER }} \ | |
| --build-arg EMAIL_FROM=${{ secrets.EMAIL_FROM }} \ | |
| --build-arg NEXT_SHARP_PATH=${{ secrets.NEXT_SHARP_PATH }} | |
| # Bước 8: Run Docker Compose 🐳 | |
| - name: Run Docker Compose 🚀 | |
| run: docker-compose up -d | |
| # Bước 9: Initialize CodeQL 🔍 | |
| - name: Initialize CodeQL 🔍 | |
| uses: github/codeql-action/init@v1 | |
| with: | |
| languages: javascript,typescript | |
| # Bước 10: Perform CodeQL Analysis 📈 | |
| - name: Perform CodeQL Analysis 🕵️ | |
| uses: github/codeql-action/analyze@v1 |