feat(ci): proper Dockerfile for current project setup & release workflow

Close #424
2026-04-26 13:40:42 +00:00 · 2025-08-25 04:30:37 +08:00 · 2025-08-25 04:30:37 +08:00 · d8b5d3f262
commit d8b5d3f262
parent 6ffb13da8e
3 changed files with 67 additions and 5 deletions
--- a/.dockerignore
+++ b/.dockerignore
@ -0,0 +1,4 @@
+**/node_modules
+**/dist
+**/.temp
+target
--- a/.github/workflows/release-docker.yaml
+++ b/.github/workflows/release-docker.yaml
@ -0,0 +1,59 @@
+name: Release Docker / OCI
+
+on:
+  push:
+    tags:
+      - '**'
+  workflow_dispatch:
+
+jobs:
+  ghcr_build:
+    name: Release
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Fetch version
+        id: version
+        run: |
+          export LAST_TAGGED_COMMIT=$(git rev-list --tags --max-count=1)
+          export LAST_TAG=$(git describe --tags $LAST_TAGGED_COMMIT)
+          echo "version=${LAST_TAG#v}" >> $GITHUB_OUTPUT
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+        with:
+          platforms: linux/amd64,linux/arm64,linux/arm64/v8
+
+      - name: Sign in to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Create image tags
+        id: image_tag
+        run: |
+          echo "tag_latest=ghcr.io/${{ github.repository }}:latest" >> $GITHUB_OUTPUT
+          echo "tag=ghcr.io/${{ github.repository }}:${{ steps.version.outputs.version }}" >> $GITHUB_OUTPUT
+
+      - name: Build and Push
+        uses: docker/build-push-action@v6
+        with:
+          context: ./
+          file: ./apps/stage-web//Dockerfile
+          push: true
+          platforms: linux/amd64,linux/arm64,linux/arm64/v8
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          tags: |
+            ${{ steps.image_tag.outputs.tag_latest }}
+            ${{ steps.image_tag.outputs.tag }}
--- a/apps/stage-web/Dockerfile
+++ b/apps/stage-web/Dockerfile
@ -4,15 +4,14 @@ WORKDIR /app

 RUN apt update && apt install -y ca-certificates curl
 RUN update-ca-certificates
-RUN apt update && apt install -y python curl
+RUN apt update && apt install -y python3 curl

 RUN corepack enable

-COPY package.json pnpm-workspace.yaml pnpm-lock.yaml ./
-RUN --mount=type=cache,id=pnpm-store,target=/root/.turbo \
+COPY . .
+RUN --mount=type=cache,id=pnpm-store,target=/root/.pnpm-store \
    pnpm install --frozen-lockfile

-COPY . .
 RUN pnpm -F @proj-airi/stage-web run build && \
    pnpm -F @proj-airi/docs run build:base && \
    mv ./docs/.vitepress/dist ./apps/stage-web/dist/docs && \
@ -21,7 +20,7 @@ RUN pnpm -F @proj-airi/stage-web run build && \

 FROM nginx:stable-alpine AS production-stage

-COPY --from=build-stage /apps/stage-web/dist /usr/share/nginx/html
+COPY --from=build-stage /app/apps/stage-web/dist /usr/share/nginx/html
 EXPOSE 80

 CMD ["nginx", "-g", "daemon off;"]