Merge branch 'develop' of https://github.com/transfem-org/Sharkey into develop
This commit is contained in:
commit
d3b40ec275
|
@ -5,10 +5,17 @@ on:
|
||||||
types: [published]
|
types: [published]
|
||||||
workflow_dispatch:
|
workflow_dispatch:
|
||||||
|
|
||||||
|
env:
|
||||||
|
REGISTRY: ghcr.io
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
push_to_registry:
|
push_to_registry:
|
||||||
name: Push Docker image to Docker Hub
|
name: Push Docker image to GHCR
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
if: github.repository == 'transfem-org/Sharkey'
|
||||||
|
permissions:
|
||||||
|
contents: read
|
||||||
|
packages: write
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: Check out the repo
|
- name: Check out the repo
|
||||||
|
@ -17,12 +24,12 @@ jobs:
|
||||||
id: buildx
|
id: buildx
|
||||||
uses: docker/setup-buildx-action@v3.0.0
|
uses: docker/setup-buildx-action@v3.0.0
|
||||||
with:
|
with:
|
||||||
platforms: linux/amd64,linux/arm64
|
platforms: linux/amd64
|
||||||
- name: Docker meta
|
- name: Docker meta
|
||||||
id: meta
|
id: meta
|
||||||
uses: docker/metadata-action@v5
|
uses: docker/metadata-action@v5
|
||||||
with:
|
with:
|
||||||
images: misskey/misskey
|
images: ${{ env.REGISTRY }}/transfem-org/sharkey
|
||||||
tags: |
|
tags: |
|
||||||
type=edge
|
type=edge
|
||||||
type=ref,event=pr
|
type=ref,event=pr
|
||||||
|
@ -30,12 +37,13 @@ jobs:
|
||||||
type=semver,pattern={{version}}
|
type=semver,pattern={{version}}
|
||||||
type=semver,pattern={{major}}.{{minor}}
|
type=semver,pattern={{major}}.{{minor}}
|
||||||
type=semver,pattern={{major}}
|
type=semver,pattern={{major}}
|
||||||
- name: Log in to Docker Hub
|
- name: Log in to GHCR
|
||||||
uses: docker/login-action@v3
|
uses: docker/login-action@v3
|
||||||
with:
|
with:
|
||||||
username: ${{ secrets.DOCKER_USERNAME }}
|
registry: ${{ env.REGISTRY }}
|
||||||
password: ${{ secrets.DOCKER_PASSWORD }}
|
username: ${{ github.actor }}
|
||||||
- name: Build and Push to Docker Hub
|
password: ${{ secrets.GITHUB_TOKEN }}
|
||||||
|
- name: Build and Push to GHCR
|
||||||
uses: docker/build-push-action@v5
|
uses: docker/build-push-action@v5
|
||||||
with:
|
with:
|
||||||
builder: ${{ steps.buildx.outputs.name }}
|
builder: ${{ steps.buildx.outputs.name }}
|
||||||
|
@ -43,7 +51,7 @@ jobs:
|
||||||
push: true
|
push: true
|
||||||
platforms: ${{ steps.buildx.outputs.platforms }}
|
platforms: ${{ steps.buildx.outputs.platforms }}
|
||||||
provenance: false
|
provenance: false
|
||||||
tags: ${{ steps.meta.outputs.tags }}
|
tags: ${{ env.REGISTRY }}/transfem-org/sharkey:stable
|
||||||
labels: ${{ steps.meta.outputs.labels }}
|
labels: stable
|
||||||
cache-from: type=gha
|
cache-from: type=gha
|
||||||
cache-to: type=gha,mode=max
|
cache-to: type=gha,mode=max
|
||||||
|
|
26
Dockerfile
26
Dockerfile
|
@ -16,7 +16,7 @@ RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
|
||||||
|
|
||||||
RUN corepack enable
|
RUN corepack enable
|
||||||
|
|
||||||
WORKDIR /misskey
|
WORKDIR /sharkey
|
||||||
|
|
||||||
COPY --link ["pnpm-lock.yaml", "pnpm-workspace.yaml", "package.json", "./"]
|
COPY --link ["pnpm-lock.yaml", "pnpm-workspace.yaml", "package.json", "./"]
|
||||||
COPY --link ["scripts", "./scripts"]
|
COPY --link ["scripts", "./scripts"]
|
||||||
|
@ -46,7 +46,7 @@ RUN apt-get update \
|
||||||
|
|
||||||
RUN corepack enable
|
RUN corepack enable
|
||||||
|
|
||||||
WORKDIR /misskey
|
WORKDIR /sharkey
|
||||||
|
|
||||||
COPY --link ["pnpm-lock.yaml", "pnpm-workspace.yaml", "package.json", "./"]
|
COPY --link ["pnpm-lock.yaml", "pnpm-workspace.yaml", "package.json", "./"]
|
||||||
COPY --link ["scripts", "./scripts"]
|
COPY --link ["scripts", "./scripts"]
|
||||||
|
@ -65,25 +65,25 @@ RUN apt-get update \
|
||||||
ffmpeg tini curl libjemalloc-dev libjemalloc2 \
|
ffmpeg tini curl libjemalloc-dev libjemalloc2 \
|
||||||
&& ln -s /usr/lib/$(uname -m)-linux-gnu/libjemalloc.so.2 /usr/local/lib/libjemalloc.so \
|
&& ln -s /usr/lib/$(uname -m)-linux-gnu/libjemalloc.so.2 /usr/local/lib/libjemalloc.so \
|
||||||
&& corepack enable \
|
&& corepack enable \
|
||||||
&& groupadd -g "${GID}" misskey \
|
&& groupadd -g "${GID}" sharkey \
|
||||||
&& useradd -l -u "${UID}" -g "${GID}" -m -d /misskey misskey \
|
&& useradd -l -u "${UID}" -g "${GID}" -m -d /sharkey sharkey \
|
||||||
&& find / -type d -path /proc -prune -o -type f -perm /u+s -ignore_readdir_race -exec chmod u-s {} \; \
|
&& find / -type d -path /proc -prune -o -type f -perm /u+s -ignore_readdir_race -exec chmod u-s {} \; \
|
||||||
&& find / -type d -path /proc -prune -o -type f -perm /g+s -ignore_readdir_race -exec chmod g-s {} \; \
|
&& find / -type d -path /proc -prune -o -type f -perm /g+s -ignore_readdir_race -exec chmod g-s {} \; \
|
||||||
&& apt-get clean \
|
&& apt-get clean \
|
||||||
&& rm -rf /var/lib/apt/lists
|
&& rm -rf /var/lib/apt/lists
|
||||||
|
|
||||||
USER misskey
|
USER sharkey
|
||||||
WORKDIR /misskey
|
WORKDIR /sharkey
|
||||||
|
|
||||||
COPY --chown=misskey:misskey --from=target-builder /misskey/node_modules ./node_modules
|
COPY --chown=sharkey:sharkey --from=target-builder /sharkey/node_modules ./node_modules
|
||||||
COPY --chown=misskey:misskey --from=target-builder /misskey/packages/backend/node_modules ./packages/backend/node_modules
|
COPY --chown=sharkey:sharkey --from=target-builder /sharkey/packages/backend/node_modules ./packages/backend/node_modules
|
||||||
COPY --chown=misskey:misskey --from=native-builder /misskey/built ./built
|
COPY --chown=sharkey:sharkey --from=native-builder /sharkey/built ./built
|
||||||
COPY --chown=misskey:misskey --from=native-builder /misskey/packages/backend/built ./packages/backend/built
|
COPY --chown=sharkey:sharkey --from=native-builder /sharkey/packages/backend/built ./packages/backend/built
|
||||||
COPY --chown=misskey:misskey --from=native-builder /misskey/fluent-emojis /misskey/fluent-emojis
|
COPY --chown=sharkey:sharkey --from=native-builder /sharkey/fluent-emojis /sharkey/fluent-emojis
|
||||||
COPY --chown=misskey:misskey . ./
|
COPY --chown=sharkey:sharkey . ./
|
||||||
|
|
||||||
ENV LD_PRELOAD=/usr/local/lib/libjemalloc.so
|
ENV LD_PRELOAD=/usr/local/lib/libjemalloc.so
|
||||||
ENV NODE_ENV=production
|
ENV NODE_ENV=production
|
||||||
HEALTHCHECK --interval=5s --retries=20 CMD ["/bin/bash", "/misskey/healthcheck.sh"]
|
HEALTHCHECK --interval=5s --retries=20 CMD ["/bin/bash", "/sharkey/healthcheck.sh"]
|
||||||
ENTRYPOINT ["/usr/bin/tini", "--"]
|
ENTRYPOINT ["/usr/bin/tini", "--"]
|
||||||
CMD ["pnpm", "run", "migrateandstart"]
|
CMD ["pnpm", "run", "migrateandstart"]
|
||||||
|
|
|
@ -3,5 +3,5 @@
|
||||||
# SPDX-FileCopyrightText: syuilo and other misskey contributors
|
# SPDX-FileCopyrightText: syuilo and other misskey contributors
|
||||||
# SPDX-License-Identifier: AGPL-3.0-only
|
# SPDX-License-Identifier: AGPL-3.0-only
|
||||||
|
|
||||||
PORT=$(grep '^port:' /misskey/.config/default.yml | awk 'NR==1{print $2; exit}')
|
PORT=$(grep '^port:' /sharkey/.config/default.yml | awk 'NR==1{print $2; exit}')
|
||||||
curl -s -S -o /dev/null "http://localhost:${PORT}"
|
curl -s -S -o /dev/null "http://localhost:${PORT}"
|
||||||
|
|
Loading…
Reference in New Issue