build: add dockerfile to build containers via multi-stage dockerfile … #460
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Validate | |
| concurrency: | |
| group: "${{ github.workflow }}-${{ github.ref }}-validate" | |
| cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| push: | |
| branches: | |
| - main | |
| workflow_dispatch: | |
| jobs: | |
| validate: | |
| name: Validate | |
| runs-on: ${{ matrix.os }} | |
| timeout-minutes: 60 | |
| strategy: | |
| fail-fast: true | |
| matrix: | |
| node-version: [24.x] | |
| os: [ubuntu-24.04] | |
| env: | |
| # API_ALLOWED_ORIGINS: | |
| API_BASE_URL: "http://localhost:3003" | |
| API_LOG_LEVEL: "info" | |
| API_PORT: "3003" | |
| DATABASE_HOST: "localhost" | |
| DATABASE_NAME: "dariah-knowledge-base" | |
| DATABASE_PASSWORD: "${{ secrets.TEST_DATABASE_PASSWORD }}" | |
| DATABASE_PORT: "5432" | |
| DATABASE_USER: "${{ secrets.TEST_DATABASE_USER }}" | |
| EMAIL_ADDRESS: "acdh@example.com" | |
| EMAIL_SMTP_PORT: "1025" | |
| EMAIL_SMTP_SERVER: "localhost" | |
| IMGPROXY_BASE_URL: "http://localhost:8080" | |
| IMGPROXY_KEY: "${{ secrets.TEST_IMGPROXY_KEY }}" | |
| IMGPROXY_PORT: "8080" | |
| IMGPROXY_SALT: "${{ secrets.TEST_IMGPROXY_SALT }}" | |
| MAILCHIMP_API_BASE_URL: "${{ secrets.TEST_MAILCHIMP_API_BASE_URL }}" | |
| MAILCHIMP_API_KEY: "${{ secrets.TEST_MAILCHIMP_API_KEY }}" | |
| MAILCHIMP_LIST_ID: "${{ secrets.TEST_MAILCHIMP_LIST_ID }}" | |
| MAILPIT_API_BASE_URL: "http://localhost:8025" | |
| NEXT_PUBLIC_APP_BASE_URL: "http://localhost:3001" | |
| NEXT_PUBLIC_APP_IMPRINT_CUSTOM_CONFIG: "disabled" | |
| NEXT_PUBLIC_APP_IMPRINT_SERVICE_BASE_URL: "${{ vars.NEXT_PUBLIC_IMPRINT_SERVICE_BASE_URL }}" | |
| NEXT_PUBLIC_APP_MATOMO_BASE_URL: "${{ vars.NEXT_PUBLIC_MATOMO_BASE_URL }}" | |
| NEXT_PUBLIC_APP_MATOMO_ID: "${{ vars.NEXT_PUBLIC_APP_MATOMO_ID }}" | |
| NEXT_PUBLIC_APP_SERVICE_ID: "${{ vars.APP_SERVICE_ID }}" | |
| NEXT_PUBLIC_WEBSITE_BASE_URL: "http://localhost:3002" | |
| NEXT_PUBLIC_WEBSITE_IMPRINT_CUSTOM_CONFIG: "disabled" | |
| NEXT_PUBLIC_WEBSITE_IMPRINT_SERVICE_BASE_URL: | |
| "${{ vars.NEXT_PUBLIC_IMPRINT_SERVICE_BASE_URL }}" | |
| NEXT_PUBLIC_WEBSITE_MATOMO_BASE_URL: "${{ vars.NEXT_PUBLIC_MATOMO_BASE_URL }}" | |
| NEXT_PUBLIC_WEBSITE_MATOMO_ID: "${{ vars.NEXT_PUBLIC_WEBSITE_MATOMO_ID }}" | |
| NEXT_PUBLIC_WEBSITE_SERVICE_ID: "${{ vars.WEBSITE_SERVICE_ID }}" | |
| NEXT_PUBLIC_TYPESENSE_RESOURCE_COLLECTION_NAME: "dariah-resources" | |
| NEXT_PUBLIC_TYPESENSE_HOST: "localhost" | |
| NEXT_PUBLIC_TYPESENSE_PORT: "8108" | |
| NEXT_PUBLIC_TYPESENSE_PROTOCOL: "http" | |
| S3_ACCESS_KEY: "${{ secrets.TEST_S3_ACCESS_KEY }}" | |
| S3_BUCKET_NAME: "dariah-knowledge-base" | |
| S3_HOST: "localhost" | |
| S3_PORT: "9000" | |
| S3_PROTOCOL: "http" | |
| S3_SECRET_KEY: "${{ secrets.TEST_S3_SECRET_KEY }}" | |
| TYPESENSE_ADMIN_API_KEY: "${{ secrets.TEST_TYPESENSE_ADMIN_API_KEY }}" | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v6 | |
| - name: Install pnpm | |
| uses: pnpm/action-setup@v4 | |
| - name: Use node.js ${{ matrix.node-version }} | |
| uses: actions/setup-node@v6 | |
| with: | |
| node-version: ${{ matrix.node-version }} | |
| cache: "pnpm" | |
| - name: Install turborepo cli globally | |
| run: pnpm add --global turbo | |
| - name: Install dependencies | |
| run: pnpm install --frozen-lockfile | |
| - name: Format | |
| run: turbo run format:check | |
| - name: Build packages | |
| run: turbo run --filter "./packages/*" build | |
| - name: Lint | |
| run: turbo run lint:check | |
| - name: Typecheck | |
| run: turbo run types:check | |
| - name: Start services | |
| run: pnpm run dev:services:up postgres minio imgproxy mailpit | |
| - name: Apply database migrations | |
| run: pnpm run db:push && pnpm run db:migrations:apply | |
| - name: Seed database | |
| run: pnpm run db:seed | |
| - name: Create object store bucket | |
| run: pnpm run object-store:buckets:create | |
| - name: Seed object store | |
| run: pnpm run object-store:buckets:seed | |
| - name: Test | |
| run: turbo run test | |
| # https://nextjs.org/docs/pages/building-your-application/deploying/ci-build-caching#github-actions | |
| # - name: Cache Next.js build output | |
| # uses: actions/cache@v5 | |
| # with: | |
| # path: "${{ github.workspace }}/.next/cache" | |
| # key: | |
| # "${{ matrix.os }}-${{ matrix.node-version }}-nextjs-${{ hashFiles('pnpm-lock.yaml') }}" | |
| - name: Build app | |
| run: turbo run build | |
| - name: Get playwright version | |
| run: | | |
| PLAYWRIGHT_VERSION=$(pnpm ls @playwright/test --json | jq --raw-output '.[0].devDependencies["@playwright/test"].version') | |
| echo "PLAYWRIGHT_VERSION=$PLAYWRIGHT_VERSION" >> $GITHUB_ENV | |
| - name: Cache playwright browsers | |
| uses: actions/cache@v5 | |
| id: cache-playwright-browsers | |
| with: | |
| path: "~/.cache/ms-playwright" | |
| key: | |
| "${{ matrix.os }}-${{ matrix.node-version }}-playwright-browsers-${{ | |
| env.PLAYWRIGHT_VERSION }}" | |
| - name: Install playwright browsers | |
| if: steps.cache-playwright-browsers.outputs.cache-hit != 'true' | |
| run: pnpm exec playwright install --with-deps | |
| - name: Install playwright browsers (operating system dependencies) | |
| if: steps.cache-playwright-browsers.outputs.cache-hit == 'true' | |
| run: pnpm exec playwright install-deps | |
| - name: Run e2e tests | |
| run: turbo run test:e2e | |
| - name: Stop services | |
| run: pnpm run dev:services:down | |
| - uses: actions/upload-artifact@v6 | |
| if: ${{ !cancelled() }} | |
| with: | |
| name: playwright-report | |
| path: playwright-report/ | |
| retention-days: 30 |