mirror of
https://github.com/MODSetter/SurfSense.git
synced 2026-05-17 18:35:19 +02:00
chore: update GitHub Actions workflows and Dockerfile to use latest action versions and improve build targets
This commit is contained in:
Anish Sarkar
parent
5344fa47e6
commit
f091182b94
2 changed files with 20 additions and 26 deletions
27
.github/workflows/docker-build.yml
vendored
27
.github/workflows/docker-build.yml
vendored
|
|
@ -31,7 +31,7 @@ jobs:
|
|||
new_tag: ${{ steps.tag_version.outputs.next_version }}
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v4
|
||||
uses: actions/checkout@v6
|
||||
with:
|
||||
fetch-depth: 0
|
||||
ref: ${{ github.event.inputs.branch }}
|
||||
|
|
@ -108,16 +108,18 @@ jobs:
|
|||
name: surfsense-backend
|
||||
context: ./surfsense_backend
|
||||
file: ./surfsense_backend/Dockerfile
|
||||
target: production
|
||||
- image: web
|
||||
name: surfsense-web
|
||||
context: ./surfsense_web
|
||||
file: ./surfsense_web/Dockerfile
|
||||
target: runner
|
||||
env:
|
||||
REGISTRY_IMAGE: ghcr.io/${{ github.repository_owner }}/${{ matrix.name }}
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v4
|
||||
uses: actions/checkout@v6
|
||||
|
||||
- name: Set lowercase image name
|
||||
id: image
|
||||
|
|
@ -125,19 +127,19 @@ jobs:
|
|||
|
||||
- name: Docker meta
|
||||
id: meta
|
||||
uses: docker/metadata-action@v5
|
||||
uses: docker/metadata-action@v6
|
||||
with:
|
||||
images: ${{ steps.image.outputs.name }}
|
||||
|
||||
- name: Login to GitHub Container Registry
|
||||
uses: docker/login-action@v3
|
||||
uses: docker/login-action@v4
|
||||
with:
|
||||
registry: ghcr.io
|
||||
username: ${{ github.repository_owner }}
|
||||
password: ${{ secrets.GITHUB_TOKEN }}
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
uses: docker/setup-buildx-action@v4
|
||||
|
||||
- name: Free up disk space
|
||||
run: |
|
||||
|
|
@ -149,10 +151,11 @@ jobs:
|
|||
|
||||
- name: Build and push by digest ${{ matrix.name }} (${{ matrix.suffix }})
|
||||
id: build
|
||||
uses: docker/build-push-action@v6
|
||||
uses: docker/build-push-action@v7
|
||||
with:
|
||||
context: ${{ matrix.context }}
|
||||
file: ${{ matrix.file }}
|
||||
target: ${{ matrix.target }}
|
||||
labels: ${{ steps.meta.outputs.labels }}
|
||||
tags: ${{ steps.image.outputs.name }}
|
||||
outputs: type=image,push-by-digest=true,name-canonical=true,push=true
|
||||
|
|
@ -174,7 +177,7 @@ jobs:
|
|||
touch "/tmp/digests/${digest#sha256:}"
|
||||
|
||||
- name: Upload digest
|
||||
uses: actions/upload-artifact@v4
|
||||
uses: actions/upload-artifact@v7
|
||||
with:
|
||||
name: digests-${{ matrix.image }}-${{ matrix.suffix }}
|
||||
path: /tmp/digests/*
|
||||
|
|
@ -205,22 +208,22 @@ jobs:
|
|||
run: echo "name=${REGISTRY_IMAGE,,}" >> $GITHUB_OUTPUT
|
||||
|
||||
- name: Download amd64 digest
|
||||
uses: actions/download-artifact@v4
|
||||
uses: actions/download-artifact@v8
|
||||
with:
|
||||
name: digests-${{ matrix.image }}-amd64
|
||||
path: /tmp/digests
|
||||
|
||||
- name: Download arm64 digest
|
||||
uses: actions/download-artifact@v4
|
||||
uses: actions/download-artifact@v8
|
||||
with:
|
||||
name: digests-${{ matrix.image }}-arm64
|
||||
path: /tmp/digests
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
uses: docker/setup-buildx-action@v4
|
||||
|
||||
- name: Login to GitHub Container Registry
|
||||
uses: docker/login-action@v3
|
||||
uses: docker/login-action@v4
|
||||
with:
|
||||
registry: ghcr.io
|
||||
username: ${{ github.repository_owner }}
|
||||
|
|
@ -239,7 +242,7 @@ jobs:
|
|||
|
||||
- name: Docker meta
|
||||
id: meta
|
||||
uses: docker/metadata-action@v5
|
||||
uses: docker/metadata-action@v6
|
||||
with:
|
||||
images: ${{ steps.image.outputs.name }}
|
||||
tags: |
|
||||
|
|
|
|||
|
|
@ -1,16 +1,9 @@
|
|||
# =============================================================================
|
||||
# SurfSense Backend — Multi-stage Dockerfile
|
||||
# =============================================================================
|
||||
# Stages:
|
||||
# base — system deps + Pandoc 3.x
|
||||
# deps — Python deps frozen from uv.lock (no dev deps)
|
||||
# models — pre-baked offline assets (EasyOCR, Docling, Playwright)
|
||||
# e2e — adds tests/ via additional_contexts, swaps entrypoint
|
||||
# production — production runtime (LAST stage = default `docker build` target)
|
||||
#
|
||||
# IMPORTANT: `production` MUST remain the last stage. .github/workflows/docker-build.yml
|
||||
# builds without `target:` and BuildKit defaults to the last stage. Reordering will
|
||||
# silently break ghcr.io/modsetter/surfsense-backend.
|
||||
# Graph: base → deps → models → {e2e, production}
|
||||
# e2e — tests/ via additional_contexts (docker-compose.e2e.yml)
|
||||
# production — published ghcr.io image (docker-build.yml pins target)
|
||||
# =============================================================================
|
||||
|
||||
# ─── Stage 1: base (system deps, Pandoc, certificates) ──────────────────────
|
||||
|
|
@ -143,10 +136,8 @@ EXPOSE 8000-8001
|
|||
CMD ["/app/scripts/docker/entrypoint.e2e.sh"]
|
||||
|
||||
|
||||
# ─── Stage 5: production (LAST stage — default `docker build` target) ───────
|
||||
# Behavior is byte-identical to the previous single-stage Dockerfile.
|
||||
# .github/workflows/docker-build.yml builds without `target:` and BuildKit
|
||||
# defaults to the last stage, so this MUST stay last.
|
||||
# ─── Stage 5: production (published ghcr.io image) ──────────────────────────
|
||||
# CI pins `target: production`; also the default for `docker build` / dev compose.
|
||||
FROM models AS production
|
||||
|
||||
# Copy source code (tests/ excluded by .dockerignore — production never ships tests).
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue