From 99c264ed70409ac2e04f8366c317d25de0425738 Mon Sep 17 00:00:00 2001 From: soorq Date: Sat, 25 Apr 2026 00:38:31 +0300 Subject: [PATCH 1/2] build: setup docker environment and next.config optimizations --- .dockerignore | 72 +++++++++++++++++++ .github/workflows/build.yml | 0 .github/workflows/{CI-workflow.yml => ci.yml} | 0 Dockerfile.prod | 51 +++++++++++++ next.config.ts | 1 + public/.gitkeep | 1 + 6 files changed, 125 insertions(+) create mode 100644 .dockerignore create mode 100644 .github/workflows/build.yml rename .github/workflows/{CI-workflow.yml => ci.yml} (100%) create mode 100644 Dockerfile.prod create mode 100644 public/.gitkeep diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..e62ed92 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,72 @@ +# Зависимости (всегда ставим заново внутри контейнера) +node_modules +npm-debug.log +yarn-error.log +pnpm-debug.log + +# Сборка и кэш +.next +out +dist +build +*.tsbuildinfo + +# Логи и отчеты +logs +*.log +npm-debug.log* +yarn-debug.log* +yarn-error.log* +pnpm-debug.log* +lerna-debug.log* + +# Секреты и конфиги окружения +.env +.env.local +.env.production +.env.development +.env.test +.env*.local +!.env.example + +# Тесты и покрытие +coverage +test-results +__tests__ +*.test.ts +*.test.tsx +*.spec.ts +*.spec.tsx + +# Docker файлы (не нужны внутри самого образа) +Dockerfile +Dockerfile.* +docker-compose.yml +docker-compose.*.yml +.dockerignore + +# Git +.git +.gitignore +.gitattributes + +# Редакторы и ОС +.vscode +.idea +.DS_Store +*.swp +Thumbs.db + +# Прочее +README.md +LICENSE +.github +.husky + +# Storybook +.storybook +storybook-static +temp-storybook +*.stories.tsx +*.stories.ts +*.stories.mdx \ No newline at end of file diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000..e69de29 diff --git a/.github/workflows/CI-workflow.yml b/.github/workflows/ci.yml similarity index 100% rename from .github/workflows/CI-workflow.yml rename to .github/workflows/ci.yml diff --git a/Dockerfile.prod b/Dockerfile.prod new file mode 100644 index 0000000..71a51e5 --- /dev/null +++ b/Dockerfile.prod @@ -0,0 +1,51 @@ +FROM node:20-alpine AS base +ENV PNPM_HOME="/pnpm" +ENV PATH="$PNPM_HOME:$PATH" +RUN corepack enable +WORKDIR /app + +FROM base AS deps +RUN apk add --no-cache libc6-compat + +COPY pnpm-lock.yaml ./ +RUN --mount=type=cache,id=pnpm,target=/pnpm/store pnpm fetch + +COPY package.json ./ +RUN --mount=type=cache,id=pnpm,target=/pnpm/store pnpm install --offline --frozen-lockfile + +FROM base AS builder +ARG NEXT_PUBLIC_API_BASE_URL +ARG OPENAPI_URL +ENV NEXT_PUBLIC_API_BASE_URL=$NEXT_PUBLIC_API_BASE_URL \ + OPENAPI_URL=$OPENAPI_URL + +ENV NEXT_TELEMETRY_DISABLED 1 + +COPY --from=deps /app/node_modules ./node_modules +COPY . . + +RUN --mount=type=cache,target=/app/.next/cache pnpm run build + +FROM node:20-alpine AS runner +WORKDIR /app + +ENV NODE_ENV production +ENV NEXT_TELEMETRY_DISABLED 1 + +RUN addgroup --system --gid 1001 nodejs +RUN adduser --system --uid 1001 frontend + +RUN mkdir .next +RUN chown frontend:nodejs .next + +COPY --from=builder /app/public ./public +COPY --from=builder --chown=frontend:nodejs /app/.next/standalone ./ +COPY --from=builder --chown=frontend:nodejs /app/.next/static ./.next/static + +USER frontend + +EXPOSE 3001 +ENV PORT 3001 +ENV HOSTNAME "0.0.0.0" + +CMD ["node", "server.js"] \ No newline at end of file diff --git a/next.config.ts b/next.config.ts index 70a56ee..e8b17a6 100644 --- a/next.config.ts +++ b/next.config.ts @@ -5,6 +5,7 @@ const nextConfig: NextConfig = { turbopack: { root: __dirname, }, + output: 'standalone', }; export default nextConfig; diff --git a/public/.gitkeep b/public/.gitkeep new file mode 100644 index 0000000..21d8c0d --- /dev/null +++ b/public/.gitkeep @@ -0,0 +1 @@ +add at feature same \ No newline at end of file From 99d5cee4f1074aa9dece9c4fc1513fb89e8b6a0f Mon Sep 17 00:00:00 2001 From: soorq Date: Sat, 25 Apr 2026 00:45:33 +0300 Subject: [PATCH 2/2] feat: implement workflows yamls for frontend --- .github/workflows/build.yml | 66 ++++++++++++++++++++++++++++ .github/workflows/codeql.yml | 33 ++++++++++++++ .github/workflows/release-please.yml | 18 ++++++++ .github/workflows/stale.yml | 21 +++++++++ 4 files changed, 138 insertions(+) create mode 100644 .github/workflows/codeql.yml create mode 100644 .github/workflows/release-please.yml create mode 100644 .github/workflows/stale.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index e69de29..5d84c86 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -0,0 +1,66 @@ +name: Build and Push + +on: + push: + branches: [dev, main, feat/**] + +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + +jobs: + build-push: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + + steps: + - uses: actions/checkout@v4 + + - name: Install pnpm + uses: pnpm/action-setup@v3 + + - name: Get pnpm store directory + shell: bash + run: | + echo "STORE_PATH=$(pnpm store path --silent)" >> $GITHUB_ENV + + - uses: actions/cache@v4 + name: Setup pnpm cache + with: + path: ${{ env.STORE_PATH }} + key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }} + restore-keys: | + ${{ runner.os }}-pnpm-store- + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log in to the Container registry + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata (tags, labels) + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + tags: | + type=ref,event=branch + type=sha,format=short + type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }} + + - name: Build and push Docker image + uses: docker/build-push-action@v5 + with: + context: . + file: ./Dockerfile.prod + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000..9b0d4e0 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,33 @@ +name: 'CodeQL' + +on: + push: + branches: [main, dev, feat/**, chore/**, build/**] + pull_request: + branches: [main] + schedule: + - cron: '15 13 * * 5' + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: javascript-typescript + + - name: Autobuild + uses: github/codeql-action/autobuild@v3 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml new file mode 100644 index 0000000..9843e92 --- /dev/null +++ b/.github/workflows/release-please.yml @@ -0,0 +1,18 @@ +name: release-please + +on: + push: + branches: + - main + +permissions: + contents: write + pull-requests: write + +jobs: + release-please: + runs-on: ubuntu-latest + steps: + - uses: googleapis/release-please-action@v4 + with: + release-type: node diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml new file mode 100644 index 0000000..7e54907 --- /dev/null +++ b/.github/workflows/stale.yml @@ -0,0 +1,21 @@ +name: 'Close stale issues and PRs' + +on: + schedule: + - cron: '30 1 * * *' + +jobs: + stale: + runs-on: ubuntu-latest + permissions: + issues: write + pull-requests: write + steps: + - uses: actions/stale@v9 + with: + stale-issue-message: 'Эта задача давно не обновлялась. Она будет закрыта через 5 + дней, если не появится новой активности.' + stale-pr-message: 'Этот PR замер. Мы закроем его через 5 дней, чтобы не копить + очередь, но вы всегда можете переоткрыть его позже.' + days-before-stale: 30 + days-before-close: 5