From 1b2dd2d9e4132c66da33f9d5933758c2a2fc22f2 Mon Sep 17 00:00:00 2001 From: Jeff Wong Date: Mon, 21 Jul 2025 15:19:46 -0700 Subject: [PATCH 1/4] FEATURE: build and push web only images to discourse/discourse push image with 4 tags: latest stable x.y.z (stable by current version) x.y.z.betax-dev (latest by current version) --- .github/workflows/push-web-only.yml | 121 ++++++++++++++++++++++++++++ 1 file changed, 121 insertions(+) create mode 100644 .github/workflows/push-web-only.yml diff --git a/.github/workflows/push-web-only.yml b/.github/workflows/push-web-only.yml new file mode 100644 index 000000000..94e589c51 --- /dev/null +++ b/.github/workflows/push-web-only.yml @@ -0,0 +1,121 @@ +on: +# push: +# branches: +# - main + schedule: + - cron: "0 0 * * *" + +env: + BUILDKIT_PROGRESS: plain + DOCKER_REPO: discourse/discourse + +jobs: + version: + runs-on: ubuntu-latest + outputs: + tests-passed: ${{ steps.latest.outputs.version }} + stable: ${{ steps.stable.outputs.version }} + steps: + - uses: ruby/setup-ruby@v1 + with: + ruby-version: '3.3' + - name: checkout tests passed + uses: actions/checkout@v4 + with: + repository: discourse/discourse + ref: tests-passed + fetch-depth: 1 + path: 'tests-passed' + - name: checkout stable + uses: actions/checkout@v4 + with: + repository: discourse/discourse + ref: stable + fetch-depth: 1 + path: 'stable' + - id: latest + working-directory: tests-passed + run: | + version=$(ruby -r ./lib/version.rb -e "puts ::Discourse::VERSION::STRING") + echo "version=$version" + echo "version=$version" >> $GITHUB_OUTPUT + - id: stable + working-directory: stable + run: | + version=$(ruby -r ./lib/version.rb -e "puts ::Discourse::VERSION::STRING") + echo "version=$version" + echo "version=$version" >> $GITHUB_OUTPUT + + push: + strategy: + matrix: + version: [tests-passed,stable] + os: [ubuntu-latest, ubuntu-24.04-arm] + runs-on: ${{ matrix.os }} + needs: version + env: + ARCH: ${{ matrix.os == 'ubuntu-24.04-arm' && 'arm64' || 'amd64' }} + FLOATING_TAG: ${{ matrix.version == 'tests-passed' && 'latest' || matrix.version }}-${{ matrix.os == 'ubuntu-24.04-arm' && 'arm64' || 'amd64' }} + TAG: ${{ matrix.version == 'stable' && needs.version.outputs.stable || needs.version.outputs.tests-passed }}-${{ matrix.os == 'ubuntu-24.04-arm' && 'arm64' || 'amd64' }} + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 1 + - name: download-launcher + run: | + BINDIR="bin" + package="${BINDIR}/launcher.tar.gz" + curl -s -o ${package} -L https://get.discourse.org/launcher/latest/launcher-linux-${{ env.ARCH }}.tar.gz + tar -zxf ${package} -C ${BINDIR} + rm ${package} + - uses: docker/setup-buildx-action@v3 + - name: build + run: | + docker login --username ${{ vars.DOCKERHUB_USERNAME }} --password ${{ secrets.DOCKER_PASSWORD }} + # TODO: can we find a way to override or provide pups params at build time? + # Then we can do something like: + # bin/launcher build --params="version=stable" --conf-dir=./samples web_only + cp ./samples/web_only.yml ./containers/web_only.yml + sed -Ei 's/^ *+#?version:.*/ version: ${{ matrix.version }}/' ./containers/web_only.yml + sed -Ei '/^ *+- "templates\/web.template.yml"/a\ - "templates/offline-page.template.yml"' ./containers/web_only.yml + # TODO: enable lets encrypt build + # Once https://github.com/discourse/discourse_docker/pull/977 is merged + # uncomment the next two lines to apply the let's encrypt template to the base image + #sed -Ei 's/^ *+#- "templates\/web.ssl.template.yml"/ - "templates\/web.ssl.template.yml"/' ./containers/web_only.yml + #sed -Ei 's/^ *+#- "templates\/web.letsencrypt.ssl.template.yml"/ - "templates\/web.letsencrypt.ssl.template.yml"/' ./containers/web_only.yml + bin/launcher build web_only \ + --tag ${{ env.DOCKER_REPO }}:${{ env.FLOATING_TAG }} \ + --tag ${{ env.DOCKER_REPO }}:${{ env.TAG }} \ + --push + + manifest: + runs-on: ubuntu-latest + needs: [version, push] + steps: + - uses: docker/setup-buildx-action@v3 + - name: update manifest + run: | + docker login --username ${{ vars.DOCKERHUB_USERNAME }} --password ${{ secrets.DOCKER_PASSWORD }} + docker manifest create \ + ${{ env.DOCKER_REPO }}:latest \ + --amend ${{ env.DOCKER_REPO }}:latest-amd64 \ + --amend ${{ env.DOCKER_REPO }}:latest-arm64 + docker manifest push ${{ env.DOCKER_REPO }}:latest + + docker manifest create \ + ${{ env.DOCKER_REPO }}:stable \ + --amend ${{ env.DOCKER_REPO }}:stable-amd64 \ + --amend ${{ env.DOCKER_REPO }}:stable-arm64 + docker manifest push ${{ env.DOCKER_REPO }}:stable + + docker manifest create \ + ${{ env.DOCKER_REPO }}:${{ needs.version.outputs.tests-passed }} \ + --amend ${{ env.DOCKER_REPO }}:${{ needs.version.outputs.tests-passed }}-amd64 \ + --amend ${{ env.DOCKER_REPO }}:${{ needs.version.outputs.tests-passed }}-arm64 + docker manifest push ${{ env.DOCKER_REPO }}:${{ needs.version.outputs.tests-passed }} + + docker manifest create \ + ${{ env.DOCKER_REPO }}:${{ needs.version.outputs.stable }} \ + --amend ${{ env.DOCKER_REPO }}:${{ needs.version.outputs.stable }}-amd64 \ + --amend ${{ env.DOCKER_REPO }}:${{ needs.version.outputs.stable }}-arm64 + docker manifest push ${{ env.DOCKER_REPO }}:${{ needs.version.outputs.stable }} From a8a7b493a5f0fa175f0bacf3eda4d7577a53f83c Mon Sep 17 00:00:00 2001 From: Jeff Wong Date: Mon, 21 Jul 2025 15:23:50 -0700 Subject: [PATCH 2/4] correct dockerhub password arg --- .github/workflows/push-web-only.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/push-web-only.yml b/.github/workflows/push-web-only.yml index 94e589c51..6cc8f27fd 100644 --- a/.github/workflows/push-web-only.yml +++ b/.github/workflows/push-web-only.yml @@ -71,7 +71,7 @@ jobs: - uses: docker/setup-buildx-action@v3 - name: build run: | - docker login --username ${{ vars.DOCKERHUB_USERNAME }} --password ${{ secrets.DOCKER_PASSWORD }} + docker login --username ${{ vars.DOCKERHUB_USERNAME }} --password ${{ secrets.DOCKERHUB_PASSWORD }} # TODO: can we find a way to override or provide pups params at build time? # Then we can do something like: # bin/launcher build --params="version=stable" --conf-dir=./samples web_only @@ -95,7 +95,7 @@ jobs: - uses: docker/setup-buildx-action@v3 - name: update manifest run: | - docker login --username ${{ vars.DOCKERHUB_USERNAME }} --password ${{ secrets.DOCKER_PASSWORD }} + docker login --username ${{ vars.DOCKERHUB_USERNAME }} --password ${{ secrets.DOCKERHUB_PASSWORD }} docker manifest create \ ${{ env.DOCKER_REPO }}:latest \ --amend ${{ env.DOCKER_REPO }}:latest-amd64 \ From af8c5d6a70d9c9a283fd63158c5d49d57623b9c2 Mon Sep 17 00:00:00 2001 From: Jeff Wong Date: Thu, 24 Jul 2025 23:03:45 -0700 Subject: [PATCH 3/4] Enable letsencrypt configuration from env vars --- .github/workflows/push-web-only.yml | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/.github/workflows/push-web-only.yml b/.github/workflows/push-web-only.yml index 6cc8f27fd..8494b26ab 100644 --- a/.github/workflows/push-web-only.yml +++ b/.github/workflows/push-web-only.yml @@ -78,11 +78,8 @@ jobs: cp ./samples/web_only.yml ./containers/web_only.yml sed -Ei 's/^ *+#?version:.*/ version: ${{ matrix.version }}/' ./containers/web_only.yml sed -Ei '/^ *+- "templates\/web.template.yml"/a\ - "templates/offline-page.template.yml"' ./containers/web_only.yml - # TODO: enable lets encrypt build - # Once https://github.com/discourse/discourse_docker/pull/977 is merged - # uncomment the next two lines to apply the let's encrypt template to the base image - #sed -Ei 's/^ *+#- "templates\/web.ssl.template.yml"/ - "templates\/web.ssl.template.yml"/' ./containers/web_only.yml - #sed -Ei 's/^ *+#- "templates\/web.letsencrypt.ssl.template.yml"/ - "templates\/web.letsencrypt.ssl.template.yml"/' ./containers/web_only.yml + sed -Ei 's/^ *+#- "templates\/web.ssl.template.yml"/ - "templates\/web.ssl.template.yml"/' ./containers/web_only.yml + sed -Ei 's/^ *+#- "templates\/web.letsencrypt.ssl.template.yml"/ - "templates\/web.letsencrypt.ssl.template.yml"/' ./containers/web_only.yml bin/launcher build web_only \ --tag ${{ env.DOCKER_REPO }}:${{ env.FLOATING_TAG }} \ --tag ${{ env.DOCKER_REPO }}:${{ env.TAG }} \ From 70de3903eaf0890ced6dab55f98d96afaa77f9a2 Mon Sep 17 00:00:00 2001 From: Jeff Wong Date: Sun, 27 Jul 2025 15:08:56 -0700 Subject: [PATCH 4/4] Add note for building from -web-only images Once possible, slim image down by building from web-only base images --- .github/workflows/push-web-only.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/push-web-only.yml b/.github/workflows/push-web-only.yml index 8494b26ab..873a21b13 100644 --- a/.github/workflows/push-web-only.yml +++ b/.github/workflows/push-web-only.yml @@ -76,6 +76,10 @@ jobs: # Then we can do something like: # bin/launcher build --params="version=stable" --conf-dir=./samples web_only cp ./samples/web_only.yml ./containers/web_only.yml + # TODO: Uncomment when PR 966 is merged + # allowing us to build from web-only images + # https://github.com/discourse/discourse_docker/pull/966 + #echo $(grep base_image: ./templates/web.template.yml)-web-only >> ./containers/web_only.yml sed -Ei 's/^ *+#?version:.*/ version: ${{ matrix.version }}/' ./containers/web_only.yml sed -Ei '/^ *+- "templates\/web.template.yml"/a\ - "templates/offline-page.template.yml"' ./containers/web_only.yml sed -Ei 's/^ *+#- "templates\/web.ssl.template.yml"/ - "templates\/web.ssl.template.yml"/' ./containers/web_only.yml