ci(src): 🐳 Dockerize & GH Actions

.github/workflows/build.yml

@@ -0,0 +1,36 @@
+name: Docker Publish
+
+on:
+  push:
+    branches: [main]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+      - name: Docker login
+        run: |
+          echo "${{ github.token }}" | docker login https://ghcr.io -u ${GITHUB_ACTOR} --password-stdin
+      - name: 'Create env file'
+        run: |
+          touch build.env.local
+          echo KEYCLOAK_URL="https://auth.buildtheearth.net/realms/website" >> build.env.local
+          echo KEYCLOAK_ID="frontend" >> build.env.local
+          echo KEYCLOAK_SECRET="${{ secrets.KEYCLOAK_SECRET }}" >> build.env.local
+          echo NEXTAUTH_URL="https://dash.buildtheearth.net" >> build.env.local
+          echo NEXTAUTH_SECRET="${{ secrets.NEXTAUTH_SECRET }}" >> build.env.local
+          echo NEXT_PUBLIC_API_URL="https://api.buildtheearth.net/api/v1" >> build.env.local
+          echo NEXT_PUBLIC_SMYLER_API_URL="https://smybteapi.buildtheearth.net" >> build.env.local
+          echo NEXT_PUBLIC_FRONTEND_URL="https://buildtheearth.net" >> build.env.local
+          echo FRONTEND_KEY="${{ secrets.FRONTEND_KEY }}" >> build.env.local
+          echo REPORTS_WEBHOOK="${{ secrets.REPORTS_WEBHOOK }}" >> build.env.local
+          echo PORT=3000 >> build.env.local
+
+      - name: Build Docker Image
+        run: docker build . --file Dockerfile --tag ghcr.io/buildtheearth/website-frontend:$(git rev-parse --short HEAD) --tag ghcr.io/buildtheearth/website-frontend:latest
+      - name: Docker Push
+        run: docker push ghcr.io/buildtheearth/website-frontend:$(git rev-parse --short HEAD)
+      - name: Docker Push Latest
+        run: docker push ghcr.io/buildtheearth/website-frontend:latest

Dockerfile

@@ -0,0 +1,66 @@
+FROM node:18-alpine AS base
+
+#
+# Dependency Installation - Cached
+#
+FROM base AS deps
+RUN apk add --no-cache libc6-compat
+WORKDIR /app
+
+COPY package.json yarn.lock* package-lock.json* pnpm-lock.yaml* ./
+RUN \
+  if [ -f yarn.lock ]; then yarn --frozen-lockfile; \
+  elif [ -f package-lock.json ]; then npm ci; \
+  elif [ -f pnpm-lock.yaml ]; then corepack enable pnpm && pnpm i --frozen-lockfile; \
+  else echo "Lockfile not found." && exit 1; \
+  fi
+
+#
+# Building Source - Cached
+#
+FROM base AS builder
+WORKDIR /app
+
+COPY --from=deps /app/node_modules ./node_modules
+COPY . .
+COPY build.env.local /app/.env.local
+
+ENV NEXT_TELEMETRY_DISABLED 1
+
+RUN \
+  if [ -f yarn.lock ]; then yarn run build; \
+  elif [ -f package-lock.json ]; then npm run build; \
+  elif [ -f pnpm-lock.yaml ]; then corepack enable pnpm && pnpm run build; \
+  else echo "Lockfile not found." && exit 1; \
+  fi
+
+#
+# Production Image
+#
+FROM base AS runner
+WORKDIR /app
+
+ENV NODE_ENV production
+ENV NEXT_TELEMETRY_DISABLED 1
+# ENV NEXT_SHARP_PATH /node_modules/sharp
+
+
+RUN addgroup --system --gid 1001 nodejs
+RUN adduser --system --uid 1001 nextjs
+
+COPY --from=builder /app/public ./public
+
+RUN mkdir .next
+RUN chown nextjs:nodejs .next
+
+COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./
+COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static
+
+USER nextjs
+
+EXPOSE 3000
+
+ENV PORT 3000
+ENV HOSTNAME "0.0.0.0"
+
+CMD ["node", "server.js"]