feat: build docker images in CI #231
Conversation
| ARG NEXT_PUBLIC_WS_URL=ws://127.0.0.1:3001 | ||
| ARG NEXT_PUBLIC_API_URL=http://127.0.0.1:3001/api |
| ENV NEXT_PUBLIC_WS_URL=${NEXT_PUBLIC_WS_URL} | ||
| ENV NEXT_PUBLIC_API_URL=${NEXT_PUBLIC_API_URL} | ||
|
|
||
| WORKDIR /home/perplexica | ||
|
|
||
| COPY ui /home/perplexica/ | ||
|
|
||
| RUN yarn install | ||
| RUN yarn install --frozen-lockfile |
| @@ -1,21 +1,19 @@ | |||
| FROM nikolaik/python-nodejs:python3.12-nodejs20-bullseye | |||
|
|
|||
| ARG SEARXNG_API_URL | |||
| ENV SEARXNG_API_URL=${SEARXNG_API_URL} | |||
There was a problem hiding this comment.
have the arg show up in the env
| @@ -21,6 +21,7 @@ services: | |||
| - 3001:3001 | |||
| volumes: | |||
| - backend-dbstore:/home/perplexica/data | |||
| - ./config.toml:/home/perplexica/config.toml | |||
There was a problem hiding this comment.
bind the config file into the container
| @@ -7,5 +7,5 @@ OPENAI = "" # OpenAI API key - sk-1234567890abcdef1234567890abcdef | |||
| GROQ = "" # Groq API key - gsk_1234567890abcdef1234567890abcdef | |||
|
|
|||
| [API_ENDPOINTS] | |||
| SEARXNG = "http://localhost:32768" # SearxNG API URL | |||
| SEARXNG = "" # SearxNG API URL - http://localhost:32768 | |||
There was a problem hiding this comment.
No need to specify it anymore, as the env var will be used if not specified
| @@ -37,7 +37,8 @@ export const getOpenaiApiKey = () => loadConfig().API_KEYS.OPENAI; | |||
|
|
|||
| export const getGroqApiKey = () => loadConfig().API_KEYS.GROQ; | |||
|
|
|||
| export const getSearxngApiEndpoint = () => loadConfig().API_ENDPOINTS.SEARXNG; | |||
| export const getSearxngApiEndpoint = () => | |||
| loadConfig().API_ENDPOINTS.SEARXNG || process.env['SEARXNG_API_URL']; | |||
| id: build-and-push-app | ||
| with: | ||
| context: . | ||
| platforms: linux/amd64,linux/arm64 |
| - name: Sign the backend images with GitHub OIDC Token | ||
| env: | ||
| DIGEST: ${{ steps.build-and-push-backend.outputs.digest }} | ||
| TAGS: ${{ steps.meta-backend.outputs.tags }} | ||
| run: | | ||
| images="" | ||
| for tag in ${TAGS}; do | ||
| images+="${tag}@${DIGEST} " | ||
| done | ||
| cosign sign --yes ${images} | ||
|
|
||
| - name: Attest app | ||
| uses: actions/attest-build-provenance@v1 | ||
| id: attest-app | ||
| with: | ||
| subject-name: ghcr.io/${{ env.IMAGE_NAME }}-app | ||
| subject-digest: ${{ steps.build-and-push-app.outputs.digest }} | ||
| push-to-registry: true |
There was a problem hiding this comment.
image signing & attestation are best practices for docker images
|
@ItzCrazyKns This looks like a professional enhancement to this lovely project. +1 for this |
|
Hey @nperez0111, thanks for the PR! All of the changes looks good but I cannot merge the CI pipeline for the docker image building as if the |
|
Yea I think in general the maintainer is looking at how to store and configure these settings. I appreciate that it can be difficult since there are so many options to configure with: env vars, runtime values, config file, even the db could store settings. I made some modifications to read from env vars since that is quite common in docker. But I'll let the maintainer cook on what he actually wants to build, support and maintain. |
|
I've got a version of mine work. |
Hi, really like the project. I wanted to have docker images that were already pre-built to self-host. So, I got the project building in GitHub Container Registry & built automatically in CI.
Definitely some optimizations could be made to the Docker images to get this to work better though like:
One thing that I had to do though, we not modify the config file (since that is better handled by a volume) at build time to include the build time arg. So what I did was make env vars be a fallback for values that are actually specified in the config (so updating the config should always override an env var declarations)
You can see the docker images (and pull them if you like!) here: