From e3f7c4fbb19b32525634af92fb014a8cf5e54cc8 Mon Sep 17 00:00:00 2001 From: bgrahammonf Date: Tue, 13 Jan 2026 15:26:47 -0800 Subject: [PATCH] This PR introduces an automated workflow to build and publish the backend container to GHCR upon merging to `main`. * **Optimized Dockerfile**: Added `backend/Dockerfile_build_and_publish` using a multi-stage build. * **GitHub Action**: Added `.github/workflows/publish-backend.yml` to automatically build and push the container. * **Versioning**: Images are tagged with `latest` and `sha-`. * **Size & Compatibility**: We use `rust:1.91-slim` (based on Debian Bookworm) for building and `debian:bookworm-slim` for the final runtime. This pairing ensures binary compatibility while stripping out the massive build toolchain (~1GB+) to leave a minimal, production-ready image. * **Separation of Concerns**: Kept the original `Dockerfile` for local development/debug builds, while the new `Dockerfile_build_and_publish` is strictly for deployment artifacts. **Action Required After First Run:** Since this repository is private, the new package will be created as **Private** by default. To make it publicly accessible: 1. Wait for the first Action run to complete successfully. 2. Go to the repository/organization's **Packages** page. 3. Select the `execution-events-example` package. 4. Go to **Package Settings** -> **Change visibility**. 5. Change visibility from **Private** to **Public**. --- .github/workflows/publish-backend.yml | 50 +++++++++++++++++++++++++++ backend/Dockerfile_build_and_publish | 50 +++++++++++++++++++++++++++ 2 files changed, 100 insertions(+) create mode 100644 .github/workflows/publish-backend.yml create mode 100644 backend/Dockerfile_build_and_publish diff --git a/.github/workflows/publish-backend.yml b/.github/workflows/publish-backend.yml new file mode 100644 index 0000000..cd24c29 --- /dev/null +++ b/.github/workflows/publish-backend.yml @@ -0,0 +1,50 @@ +name: Publish Backend Container + +on: + push: + branches: [ "main" ] + paths: + - 'backend/**' + - '.github/workflows/publish-backend.yml' + workflow_dispatch: + +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + +jobs: + build-and-push: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Log in to the Container registry + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + tags: | + type=raw,value=latest,enable={{is_default_branch}} + type=sha,format=short + + - name: Build and push Docker image + uses: docker/build-push-action@v5 + with: + context: ./backend + file: ./backend/Dockerfile_build_and_publish + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + diff --git a/backend/Dockerfile_build_and_publish b/backend/Dockerfile_build_and_publish new file mode 100644 index 0000000..5c6ddae --- /dev/null +++ b/backend/Dockerfile_build_and_publish @@ -0,0 +1,50 @@ +# Builder stage +FROM rust:1.91-slim AS builder + +# Install build dependencies +RUN apt-get update && apt-get install -y \ + git \ + curl \ + gcc \ + g++ \ + cmake \ + pkg-config \ + libssl-dev \ + libclang-dev \ + libzstd-dev \ + libhugetlbfs-dev \ + && rm -rf /var/lib/apt/lists/* + +# Set working directory +WORKDIR /usr/src/app + +# Copy all source files +COPY . . + +# Build the binary +RUN cargo build --release --bin backend + +# Runtime stage +FROM debian:bookworm-slim AS runtime + +# Install runtime dependencies +RUN apt-get update && apt-get install -y \ + libssl3 \ + libzstd1 \ + libhugetlbfs0 \ + ca-certificates \ + && rm -rf /var/lib/apt/lists/* + +# Set working directory +WORKDIR /usr/src/app + +# Copy the compiled binary from the builder stage +COPY --from=builder /usr/src/app/target/release/backend /usr/local/bin/backend + +# Expose WebSocket port +EXPOSE 8443 + +# Set entrypoint +ENTRYPOINT ["backend"] +CMD ["--server-addr", "0.0.0.0:8443"] +