cleaning up and improving the CI/CD pipeline (#1122)

* no artifacts, not required

* renamed

* cleanup and comments

* pass build args

* two-step docker build

.github/workflows/ci.yml

@@ -1,75 +1,62 @@
 name: ci
 
-on: [push, pull_request]
+on:
+  - push
+  - pull_request
 
 env:
-  project: 'release-node'
+  project: 'gun'
 
 jobs:
 
   test:
     strategy:
       matrix:
-        node-version: [14.x] # [12.x, 14.x]
-        os: [ubuntu-latest] #, macos-latest, windows-latest]
+        node-version: [ 14.x ]
+        os: [ ubuntu-latest ]
     runs-on: ${{ matrix.os }}
     steps:
 
+    # checkout the code
     - name: Checkout
       uses: actions/checkout@v2
 
     # verify the version in package.json matches the release tag
     - name: Version
       uses: tcurdt/action-verify-version-npm@master
 
+    # setup the node version
     - name: Setup Node ${{ matrix.node-version }}
       uses: actions/setup-node@v1
       with:
         node-version: ${{ matrix.node-version }}
 
+    # cache node_modules if we can
     - name: Cache
       id: cache-modules
       uses: actions/cache@v2
       with:
         path: node_modules
         key: ${{ matrix.node-version }}-${{ runner.OS }}-build-${{ hashFiles('package.json') }}
 
+    # ottherweise run install
     - name: Install
       if: steps.cache-modules.outputs.cache-hit != 'true'
       run: npm install
 
+    # run tests
     - name: Test
       run: npm test
 
-    # create release artifacts to publish as github release
-    # - name: Upload
-    #   if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')
-    #   uses: actions/upload-artifact@v2
-    #   with:
-    #     name: ${{ env.project }}_${{ matrix.os }}_${{ matrix.node-version }}
-    #     path: |
-    #       !.git
-    #       !.github
-    #       !node_modules
-    #       .
-
+  # only create a release for tags named 'v*'
   release:
     if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')
-    needs: [test]
+    needs: [ test ]
     runs-on: ubuntu-latest
     steps:
 
-      # - name: Download
-      #   uses: actions/download-artifact@v2
-      #   with:
-      #     path: artifacts
-      # - name: Archives
-      #   run: find artifacts -mindepth 1 -maxdepth 1  -exec tar -C {} -cvzf {}.tgz . \;
-
-      - name: Release
-        uses: softprops/action-gh-release@v1
-        # with:
-        #   files: |
-        #     artifacts/*.tgz
-        env:
-          GITHUB_TOKEN: ${{ secrets.PAT }}
+    # create github release (which triggers the release workflows)
+    - name: Release
+      uses: softprops/action-gh-release@v1
+      env:
+        GITHUB_TOKEN: ${{ secrets.PAT }}

.github/workflows/dockerhub.yml → .github/workflows/release-dockerhub.yml

@@ -2,10 +2,10 @@ name: dockerhub
 
 on:
   release:
-    types: [published]
+    types: [ published ]
 
 env:
-  project: 'release-node'
+  project: 'gun'
 
 jobs:
 
@@ -26,10 +26,19 @@ jobs:
         DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
       run: echo ${{ secrets.DOCKERHUB_TOKEN }} | docker login -u ${{ secrets.DOCKERHUB_USERNAME }} --password-stdin
 
-    - name: Tag
+    - name: Build
       run: |
-        docker tag ${{ env.project }} ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.project }}:${GITHUB_REF/refs\/tags\/v/}
-        docker tag ${{ env.project }} ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.project }}:latest
+        echo "SHA=$GITHUB_SHA"
+        docker build --build-arg \
+          SHA=$GITHUB_SHA \
+          BUILD_DATE=$(date +'%Y-%m-%d') \
+          VCS_REF=${GITHUB_REF/refs\/tags\/v/} \
+          VCS_URL=$GITHUB_SERVER_URL}/${GITHUB_REPOSITORY} \
+          VERSION=${GITHUB_REF/refs\/tags\/v/} \
+          --label "sha=$GITHUB_SHA" \
+          --tag ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.project }}:${GITHUB_REF/refs\/tags\/v/} \
+          --tag ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.project }}:latest \
+          .
 
     - name: Push
       run: docker push ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.project }}

.github/workflows/npm.yml → .github/workflows/release-npm.yml

@@ -2,7 +2,7 @@ name: npm
 
 on:
   release:
-    types: [published]
+    types: [ published ]
 
 jobs:
 

Dockerfile

@@ -1,5 +1,15 @@
-FROM alpine:latest
-# Build-time metadata as defined at http://label-schema.org
+# install packages
+FROM node:14-alpine as builder
+RUN mkdir /work
+WORKDIR /work
+RUN apk add --no-cache alpine-sdk python
+COPY package*.json ./
+RUN mkdir -p node_modules
+RUN npm ci --only=production
+
+# fresh image without dev packages
+FROM node:14-alpine
+# build-time metadata as defined at http://label-schema.org
 ARG BUILD_DATE
 ARG VCS_REF
 ARG VCS_URL
@@ -12,15 +22,14 @@ LABEL org.label-schema.build-date=$BUILD_DATE \
   org.label-schema.vendor="The Gun Database Team" \
   org.label-schema.version=$VERSION \
   org.label-schema.schema-version="1.0"
-#  org.label-schema.description="Let it be pulled from Readme.md..." \
-WORKDIR /app
+ARG SHA
+RUN mkdir /work
+WORKDIR /work
+COPY --from=builder /work/node_modules ./node_modules
+RUN npm rebuild -q
 ADD . .
-ENV NPM_CONFIG_LOGLEVEL warn
-RUN apk update && apk upgrade \
-  && apk add --no-cache ca-certificates nodejs npm \
-  && apk add --no-cache --virtual .build-dependencies python2 make g++ git \
-  && npm install --production=false \
-  && apk del .build-dependencies && rm -rf /var/cache/* /tmp/npm*
+RUN echo "{ \"sha\": \"$SHA\" }" > version.json
+RUN cat version.json
 EXPOSE 8080
 EXPOSE 8765
 CMD ["npm","start"]