Docker/mealie
Docker/mealie
1
0
Fork 0
mirror of https://github.com/mealie-recipes/mealie.git synced 2025-08-02 20:15:24 +02:00
Code Issues Releases Activity

feat: consolidate deployment targets and publish to ghcr.io (#2539)

Browse source 
* WIP: proof of concept

* basic meta tag injection

* add support for scraping public/private links

* make tests go brrrrr

* cleanup initialization

* rewrite build config

* remove recipe meta on frontend

* make type checker happy

* remove other deployment methods

* fix issue with JSON response on un-authenticated request

* docs updates

* update tivy scanner

* fix linter stuff

* change registry tag

* build fixes

* fix same mistake I always make
This commit is contained in:
Hayden 2023-09-14 06:40:13 -08:00 committed by GitHub
parent aec4cb4f31
commit 2ad6af2cce
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
34 changed files with 268 additions and 793 deletions
Download patch file Download diff file Expand all files Collapse all files

22
.github/workflows/nightly.yml vendored
View file

@ -41,24 +41,4 @@ jobs:
DISCORD_WEBHOOK: ${{ secrets.DISCORD_NIGHTLY_WEBHOOK }}
uses: Ilshidur/action-discord@0.3.2
with:
args: "🚀 New builds of mealie:api-nightly, mealie:frontend-nightly, and mealie:omni-nightly are available"
deploy-demo:
runs-on: ubuntu-latest
name: Deploy Demo
needs:
- build-release
steps:
- name: Clean and Deploy Demo
uses: appleboy/ssh-action@master
with:
host: ${{ secrets.DEMO_SERVER_IP }}
username: ${{ secrets.DEMO_SERVER_USER }}
key: ${{ secrets.DEMO_SERVER_SSH_KEY }}
port: ${{ secrets.DEMO_SERVER_PORT }}
script_stop: true
script: |
cd ~/docker/mealie
docker-compose pull
docker-compose down -v
docker-compose up -d
args: "🚀 New builds of ghcr.io/mealie-recipes/mealie:nightly"

144
.github/workflows/partial-builder.yml vendored
View file

@ -13,163 +13,37 @@ on:
required: true
jobs:
build-frontend:
publish:
runs-on: ubuntu-latest
name: Build Frontend
permissions:
contents: read
packages: write
steps:
- name: Checkout
- name: Checkout repository
uses: actions/checkout@v3
- name: Set up QEMU
id: qemu
uses: docker/setup-qemu-action@v2
with:
image: tonistiigi/binfmt:latest
platforms: all
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v2
with:
install: true
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Log in to the Container registry
uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
with:
images: |
hkotel/mealie
ghcr.io/${{ github.repository }}
- name: Build and push Frontend images
uses: docker/build-push-action@v4
with:
file: docker/frontend.Dockerfile
context: .
push: true
tags: frontend-${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
platforms: linux/amd64,linux/arm64
build-backend:
runs-on: ubuntu-latest
name: Build Backend
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Set up QEMU
id: qemu
uses: docker/setup-qemu-action@v2
with:
image: tonistiigi/binfmt:latest
platforms: all
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v2
with:
install: true
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Override __init__.py
run: |
echo "__version__ = \"${{ inputs.tag }}\"" > ./mealie/__init__.py
- name: Log in to the Container registry
uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
with:
images: |
hkotel/mealie
ghcr.io/${{ github.repository }}
- name: Build and push API images
- name: Build and push Docker image
uses: docker/build-push-action@v4
with:
file: docker/api.Dockerfile
file: ./docker/Dockerfile
context: .
push: true
tags: api-${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
platforms: linux/amd64,linux/arm64
build-omni:
runs-on: ubuntu-latest
name: Build Omni
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Set up QEMU
id: qemu
uses: docker/setup-qemu-action@v2
with:
image: tonistiigi/binfmt:latest
platforms: all
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v2
with:
install: true
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Override __init__.py
run: |
echo "__version__ = \"${{ inputs.tag }}\"" > ./mealie/__init__.py
- name: Log in to the Container registry
uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
with:
images: |
hkotel/mealie
ghcr.io/${{ github.repository }}
- name: Build and push API images
uses: docker/build-push-action@v4
with:
file: docker/omni.Dockerfile
context: .
push: true
tags: omni-${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
platforms: linux/amd64,linux/arm64
tags: ghcr.io/${{ github.repository }}:${{ inputs.tag }}

6
.github/workflows/partial-trivy-backend-container-scanning.yml → .github/workflows/partial-trivy-container-scanning.yml vendored
View file

@ -1,11 +1,11 @@
name: Trivy Backend Container Scanning
name: Trivy Container Scanning
on:
workflow_call:
jobs:
build:
name: Build and Scan Backend Container
name: Build and Scan Container
runs-on: ubuntu-latest
strategy:
fail-fast: true
@ -15,7 +15,7 @@ jobs:
- name: Build Dockerfile
run: |
docker build -t mealie --file=./docker/api.Dockerfile .
docker build -t mealie --file=./docker/Dockerfile .
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master

31
.github/workflows/partial-trivy-frontend-container-scanning.yml vendored
View file

@ -1,31 +0,0 @@
name: Trivy Frontend Container Scanning
on:
workflow_call:
jobs:
build:
name: Build and Scan Frontend Container
runs-on: ubuntu-latest
strategy:
fail-fast: true
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Build Dockerfile
run: |
docker build -t mealie --file=./docker/frontend.Dockerfile .
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
ignore-unfixed: true
image-ref: "mealie"
format: "sarif"
output: "trivy-results.sarif"
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: "trivy-results.sarif"

10
.github/workflows/pull-requests.yml vendored
View file

@ -14,10 +14,6 @@ jobs:
name: "Frontend and End-to-End Tests"
uses: ./.github/workflows/partial-frontend.yml
backend-container-scanning:
name: "Trivy Backend Container Scanning"
uses: ./.github/workflows/partial-trivy-backend-container-scanning.yml
frontend-container-scanning:
name: "Trivy Frontend Container Scanning"
uses: ./.github/workflows/partial-trivy-frontend-container-scanning.yml
container-scanning:
name: "Trivy Container Scanning"
uses: ./.github/workflows/partial-trivy-container-scanning.yml