add action

mariovyord · Dec 13, 2023 · 9589068 · 9589068
1 parent 8bc88c3
commit 9589068
Show file tree

Hide file tree

Showing 4 changed files with 58 additions and 19 deletions.
diff --git a/.github/workflows/image.ci.yml b/.github/workflows/image.ci.yml
@@ -0,0 +1,53 @@
+name: image-ci
+
+on:
+  push:
+    branches:
+      - "main"
+    tags:
+      - "v*"
+
+jobs:
+  build-tag-push:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: |
+            mariovyordanov/api-node
+          tags: |
+            type=raw,value=latest
+            type=ref,event=branch
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=raw,value={{date 'YYYYMMDD'}}-{{sha}}
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Build and push
+        uses: docker/build-push-action@v4
+        with:
+          file: ./Dockerfile
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+
+      - name: Run Trivy vulnerability scanner
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: "mariovyordanov/api-node:latest"
+          format: "table"
+          exit-code: "1"
+          ignore-unfixed: true
+          vuln-type: "os,library"
+          severity: "CRITICAL"
diff --git a/Dockerfile b/Dockerfile
@@ -7,24 +7,6 @@ WORKDIR /usr/src/app
 # Copy package.json and package-lock.json to the working directory (better layer caching)
 COPY package*.json ./
 
-FROM base as dev
-
-# Install dependencies
-RUN --mount=type=cache,target=/usr/src/app/.npm \
-  npm set cache /usr/src/app/.npm && \
-  npm install
-
-# Copy all local files to the working directory
-COPY . .
-
-# Build the TypeScript files
-RUN npm run build
-
-# Command to run the app
-CMD ["npm", "run", "dev"]
-
-FROM base as production
-
 # Set NODE_ENV
 ENV NODE_ENV production
 

diff --git a/Makefile b/Makefile
@@ -5,6 +5,10 @@ TEST_COMPOSE_FILE=docker-compose-test.yml
 
 ### DOCKER COMPOSE COMMANDS
 
+.PHONY: prod-compose-build
+prod-compose-build:
+	docker compose -f $(PROD_COMPOSE_FILE) build
+
 .PHONY: compose-build
 compose-build:
 	docker compose -f $(DEV_COMPOSE_FILE) build

diff --git a/docker-compose.yml b/docker-compose.yml
@@ -2,10 +2,10 @@ version: "3"
 
 services:
   app:
+    image: mariovyordanov/api-node
     build:
       context: .
       dockerfile: ./Dockerfile
-      target: production
     ports:
       - "5000:5000"
     networks: