Compare commits

...

9 Commits

Author SHA1 Message Date
0cc81d6430 Fix copy chown
All checks were successful
Build and Push Docker Image / build-and-push (push) Successful in 6m34s
2025-06-10 15:05:12 +02:00
1dcb8c6826 Fix run dockerfile & service
Some checks failed
Build and Push Docker Image / build-and-push (push) Failing after 2m23s
2025-06-10 14:56:29 +02:00
2b6870b861 Suppression packages build
All checks were successful
Build and Push Docker Image / build-and-push (push) Successful in 13m19s
2025-06-10 14:02:35 +02:00
ceb7a74b11 Modif apk en apt
Some checks failed
Build and Push Docker Image / build-and-push (push) Has been cancelled
2025-06-10 13:00:26 +02:00
fd4e17a754 Try fix dns avec alpine HS
Some checks failed
Build and Push Docker Image / build-and-push (push) Failing after 1m33s
2025-06-10 12:50:14 +02:00
4ed73f7c72 Ajout ingress et service pour Twurple 2025-06-10 11:09:12 +02:00
066a3864dd Push build version
All checks were successful
Build and Push Docker Image / build-and-push (pull_request) Successful in 1m58s
2025-06-10 01:53:08 +02:00
9a4902291e Fix workflow sha tag
All checks were successful
Build and Push Docker Image / build-and-push (push) Successful in 1m2s
2025-06-10 01:49:29 +02:00
d06df32bab Fix workflow tags and remove attestation
Some checks failed
Build and Push Docker Image / build-and-push (push) Failing after 3m11s
2025-06-09 23:42:02 +02:00
5 changed files with 92 additions and 22 deletions

View File

@@ -54,12 +54,17 @@ jobs:
tags: | tags: |
# Tag avec le nom du tag Git # Tag avec le nom du tag Git
type=ref,event=tag type=ref,event=tag
# Tag 'latest' pour la branche master
type=raw,value=latest,enable={{is_default_branch}}
# Tag avec le SHA pour les autres branches
type=sha,prefix=sha-
labels: | labels: |
org.opencontainers.image.title=${{ env.IMAGE_NAME }} org.opencontainers.image.title=${{ env.IMAGE_NAME }}
org.opencontainers.image.description=Bot Discord org.opencontainers.image.description=Bot Discord de moi
org.opencontainers.image.url=https://gitea.zac.ovh/zachary/bot_Tamiseur org.opencontainers.image.url=https://git.zac.ovh/zachary/bot_Tamiseur
org.opencontainers.image.source=https://gitea.zac.ovh/zachary/bot_Tamiseur org.opencontainers.image.source=https://git.zac.ovh/zachary/bot_Tamiseur
org.opencontainers.image.revision=${{ github.sha }} org.opencontainers.image.revision=${{ github.sha }}
org.opencontainers.image.created={{date 'RFC3339'}}
- name: Build and push Docker image - name: Build and push Docker image
uses: docker/build-push-action@v5 uses: docker/build-push-action@v5
@@ -72,10 +77,3 @@ jobs:
labels: ${{ steps.meta.outputs.labels }} labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha cache-from: type=gha
cache-to: type=gha,mode=max cache-to: type=gha,mode=max
- name: Generate artifact attestation
uses: actions/attest-build-provenance@v1
with:
subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_PATH }}/${{ env.IMAGE_NAME }}
subject-digest: ${{ steps.build.outputs.digest }}
push-to-registry: true

View File

@@ -1,22 +1,34 @@
# Starting from node # Starting from node
FROM node:22-alpine FROM node:22-slim
ENV NODE_ENV=production # Install build dependencies
RUN apt-get update && \
apt-get install -y ffmpeg python3 make g++
# Set the working directory
WORKDIR /app WORKDIR /app
RUN chown node:node ./
USER node
RUN apk add --no-cache ffmpeg python3 make g++ # Copy package files first
COPY --chown=node:node package.json package-lock.json* .
# Copy package files and install only production dependencies # Install app dependencies
COPY package.json package-lock.json* . ENV NODE_ENV=production
RUN npm ci --only=production --ignore-scripts && \ RUN npm ci --only=production --ignore-scripts && \
npm install bufferutil zlib-sync npm install bufferutil zlib-sync && \
npm cache clean --force
# Copy the builded files and the charts # Copy the builded files
COPY ./dist/* . COPY --chown=node:node ./dist/* .
# Set the permissions # Return to root user to remove build dependencies
RUN chown -R node:node /app USER root
RUN apt-get remove -y python3 make g++ && \
apt-get autoremove -y && \
rm -rf /var/lib/apt/lists/*
# Go back to node user
USER node USER node
# Start the application # Start the application

View File

@@ -0,0 +1,32 @@
{{- if .Values.ingress.enabled }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ .Release.Name }}
annotations:
external-dns.alpha.kubernetes.io/target: omegamaestro.{{ .Values.ingress.domain }}
cert-manager.io/cluster-issuer: {{ .Values.ingress.issuer }}
nginx.ingress.kubernetes.io/backend-protocol: "HTTP"
{{- if .Values.ingress.geoip }}
nginx.ingress.kubernetes.io/server-snippet: |
if ($lan = yes) { set $allowed_country yes; }
if ($allowed_country = no) { return 451; }
{{- end }}
spec:
ingressClassName: {{ .Values.ingress.class }}
tls:
- hosts:
- {{ .Values.ingress.subdomain }}.{{ .Values.ingress.domain }}
secretName: {{ .Release.Name }}-tls
rules:
- host: "{{ .Values.ingress.subdomain }}.{{ .Values.ingress.domain }}"
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: "{{ .Release.Name }}-{{ .Values.service.name }}"
port:
name: {{ .Values.service.name }}
{{- end }}

View File

@@ -0,0 +1,15 @@
{{- if .Values.service.enabled }}
apiVersion: v1
kind: Service
metadata:
name: "{{ .Release.Name }}-{{ .Values.service.name }}"
spec:
selector:
pod: {{ .Release.Name }}
ports:
- name: {{ .Values.service.name }}
port: {{ .Values.deployment.env.TWURPLE_PORT | default .Values.service.port }}
targetPort: {{ .Values.deployment.env.TWURPLE_PORT | default .Values.service.port }}
protocol: TCP
type: {{ .Values.service.type }}
{{- end }}

View File

@@ -3,7 +3,7 @@ deployment:
strategy: RollingUpdate strategy: RollingUpdate
image: image:
repository: "rgy.angels-dev.fr/prod/bot_tamiseur" repository: "rgy.angels-dev.fr/prod/bot_tamiseur"
tag: "4.0.0" tag: "build_2025-06-10_01h49"
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
env: env:
NODE_ENV: "production" NODE_ENV: "production"
@@ -16,3 +16,16 @@ deployment:
requests: requests:
Cpu: "0.1" Cpu: "0.1"
Memory: "50Mi" Memory: "50Mi"
service:
enabled: true
type: ClusterIP
name: twurple
ingress:
enabled: true
class: nginx
subdomain: dcb-chantier.prd
domain: angels-dev.fr
issuer: letsencrypt-prod
geoip: false