diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 000000000..52a79f5be --- /dev/null +++ b/.dockerignore @@ -0,0 +1,9 @@ +Dockerfile +.dockerignore +node_modules +npm-debug.log +README.md +.next +!.next/static +!.next/standalone +.git \ No newline at end of file diff --git a/.github/workflows/develop.deploy-functions.yml b/.github/workflows/develop.deploy-functions.yml index 5bdc53ab5..71743daea 100644 --- a/.github/workflows/develop.deploy-functions.yml +++ b/.github/workflows/develop.deploy-functions.yml @@ -41,25 +41,44 @@ jobs: with: project_id: ${{ vars.PROJECT_ID }} credentials_json: ${{secrets.CREDENTIALS_JSON}} + - name: Set up Cloud SDK + uses: 'google-github-actions/setup-gcloud@v2' + + - name: Configure Docker + run: | + gcloud auth configure-docker + + - name: Build and Push Docker Image + run: | + docker build -t gcr.io/${{ vars.PROJECT_ID }}/${{ vars.DOCKER_IMAGE_NAME }}:latest . + docker push gcr.io/${{ vars.PROJECT_ID}}/${{ vars.DOCKER_IMAGE_NAME }}:latest + + - name: Deploy to Cloud Run + run: | + gcloud run deploy ${{vars.APP_NAME}} \ + --image gcr.io/${{ vars.PROJECT_ID }}/${{ vars.DOCKER_IMAGE_NAME }}:latest \ + --platform managed \ + --region us-central1 \ + --allow-unauthenticated # https://github.com/marketplace/actions/deploy-to-cloud-run - - name: Build and Deploy to Google CloudRun - id: 'deploy' - uses: 'google-github-actions/deploy-cloudrun@v2' - with: - service: ${{ vars.APP_NAME }} - project_id: ${{ vars.PROJECT_ID }} - region: ${{ vars.REGION }} - source: ./ - env_vars: |- - COMPANY_NAME="Foo Bar" - TWITTER_CREATOR="@vercel" - TWITTER_SITE="https://nextjs.org/commerce" - SITE_NAME="Next.js Commerce" - SHOPIFY_REVALIDATION_SECRET="${{ env.SHOPIFY_REVALIDATION_SECRET }}" - SHOPIFY_STOREFRONT_ACCESS_TOKEN="${{ env.SHOPIFY_STOREFRONT_ACCESS_TOKEN }}" - SHOPIFY_STORE_DOMAIN="${{ env.SHOPIFY_STORE_DOMAIN }}" - env_vars_update_strategy: 'overwrite' + # - name: Build and Deploy to Google CloudRun + # id: 'deploy' + # uses: 'google-github-actions/deploy-cloudrun@v2' + # with: + # service: ${{ vars.APP_NAME }} + # project_id: ${{ vars.PROJECT_ID }} + # region: ${{ vars.REGION }} + # source: ./ + # env_vars: |- + # COMPANY_NAME="Foo Bar" + # TWITTER_CREATOR="@vercel" + # TWITTER_SITE="https://nextjs.org/commerce" + # SITE_NAME="Next.js Commerce" + # SHOPIFY_REVALIDATION_SECRET="${{ env.SHOPIFY_REVALIDATION_SECRET }}" + # SHOPIFY_STOREFRONT_ACCESS_TOKEN="${{ env.SHOPIFY_STOREFRONT_ACCESS_TOKEN }}" + # SHOPIFY_STORE_DOMAIN="${{ env.SHOPIFY_STORE_DOMAIN }}" + # env_vars_update_strategy: 'overwrite' - name: 'Use output' run: 'curl "${{ steps.deploy.outputs.url }}"' diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 000000000..e90cfd9c5 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,67 @@ +FROM node:18-alpine AS base + +# Install dependencies only when needed +FROM base AS deps +# Check https://github.com/nodejs/docker-node/tree/b4117f9333da4138b03a546ec926ef50a31506c3#nodealpine to understand why libc6-compat might be needed. +RUN apk add --no-cache libc6-compat +WORKDIR /app + +# Install dependencies based on the preferred package manager +COPY package.json yarn.lock* package-lock.json* pnpm-lock.yaml* ./ +RUN \ + if [ -f yarn.lock ]; then yarn --frozen-lockfile; \ + elif [ -f package-lock.json ]; then npm ci; \ + elif [ -f pnpm-lock.yaml ]; then corepack enable pnpm && pnpm i --frozen-lockfile; \ + else echo "Lockfile not found." && exit 1; \ + fi + + +# Rebuild the source code only when needed +FROM base AS builder +WORKDIR /app +COPY --from=deps /app/node_modules ./node_modules +COPY . . + +# Next.js collects completely anonymous telemetry data about general usage. +# Learn more here: https://nextjs.org/telemetry +# Uncomment the following line in case you want to disable telemetry during the build. +# ENV NEXT_TELEMETRY_DISABLED 1 + +RUN \ + if [ -f yarn.lock ]; then yarn run build; \ + elif [ -f package-lock.json ]; then npm run build; \ + elif [ -f pnpm-lock.yaml ]; then corepack enable pnpm && pnpm run build; \ + else echo "Lockfile not found." && exit 1; \ + fi + +# Production image, copy all the files and run next +FROM base AS runner +WORKDIR /app + +ENV NODE_ENV production +# Uncomment the following line in case you want to disable telemetry during runtime. +# ENV NEXT_TELEMETRY_DISABLED 1 + +RUN addgroup --system --gid 1001 nodejs +RUN adduser --system --uid 1001 nextjs + +COPY --from=builder /app/public ./public + +# Set the correct permission for prerender cache +RUN mkdir .next +RUN chown nextjs:nodejs .next + +# Automatically leverage output traces to reduce image size +# https://nextjs.org/docs/advanced-features/output-file-tracing +COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./ +COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static + +USER nextjs + +EXPOSE 3000 + +ENV PORT 3000 + +# server.js is created by next build from the standalone output +# https://nextjs.org/docs/pages/api-reference/next-config-js/output +CMD HOSTNAME="0.0.0.0" node server.js \ No newline at end of file diff --git a/next.config.js b/next.config.js index 8bab35c40..1712620d2 100644 --- a/next.config.js +++ b/next.config.js @@ -1,5 +1,6 @@ /** @type {import('next').NextConfig} */ module.exports = { + output: 'standalone', eslint: { // Disabling on production builds because we're running checks on PRs via GitHub Actions. ignoreDuringBuilds: true diff --git a/public/.gitkeep b/public/.gitkeep new file mode 100644 index 000000000..e69de29bb diff --git a/static-analysis.datadog.yml b/static-analysis.datadog.yml new file mode 100644 index 000000000..ebac9a187 --- /dev/null +++ b/static-analysis.datadog.yml @@ -0,0 +1,3 @@ +schema-version: v1 +rulesets: + - docker-best-practices