Merge pull request #6 from franknstayn/feat/dev

Feat/dev
2025-11-26 23:44:14 +08:00
parent f6ebcdc656 562e66d3ce
commit 71c19e0a51
4 changed files with 233 additions and 2 deletions
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@@ -0,0 +1,61 @@
+name: Build and Push Docker Image
+
+on:
+  push:
+    branches:
+      - main
+      - develop
+    tags:
+      - 'v*'
+  pull_request:
+    branches:
+      - main
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+
+jobs:
+  build-and-push:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to GitHub Container Registry
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract metadata (tags, labels)
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=ref,event=branch
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=sha,prefix={{branch}}-
+            type=raw,value=latest,enable={{is_default_branch}}
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          push: ${{ github.event_name != 'pull_request' }}
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
--- a/GHCR-SETUP.md
+++ b/GHCR-SETUP.md
@@ -0,0 +1,133 @@
+# GitHub Container Registry Setup for Slipmatz Web
+
+## Overview
+The slipmatz-web application is automatically built and published to GitHub Container Registry (GHCR) on every push to main/develop branches.
+
+## Container Registry URL
+```
+ghcr.io/franknstayn/slipmatz-web:latest
+```
+
+## GitHub Actions Workflow
+
+The workflow (`.github/workflows/docker-publish.yml`) automatically:
+1. Builds the Docker image on every push to `main` or `develop`
+2. Pushes to GitHub Container Registry
+3. Tags images with:
+   - `latest` (for main branch)
+   - Branch name (e.g., `develop`)
+   - Git SHA (e.g., `main-abc1234`)
+   - Version tags (for tagged releases)
+
+## Repository Setup
+
+### 1. Enable GitHub Actions
+- Go to repository Settings → Actions → General
+- Ensure "Read and write permissions" is enabled for GITHUB_TOKEN
+
+### 2. Make Package Public (Optional)
+- Go to repository → Packages → slipmatz-web
+- Package settings → Change visibility → Public
+- (Or keep private if preferred)
+
+## Deployment
+
+### Pull from Registry (Recommended for Production)
+```bash
+cd crew-infrastructure
+docker compose pull slipmatz_web
+docker compose up -d slipmatz_web
+```
+
+### Build Locally (Development)
+Uncomment the `build` section in docker-compose.yml:
+```yaml
+slipmatz_web:
+  build:
+    context: ../apps/slipmatz-web
+    dockerfile: Dockerfile
+  # image: ghcr.io/franknstayn/slipmatz-web:latest
+```
+
+## Using Specific Versions
+
+### Pull specific tag
+```bash
+docker pull ghcr.io/franknstayn/slipmatz-web:develop
+docker pull ghcr.io/franknstayn/slipmatz-web:v1.0.0
+docker pull ghcr.io/franknstayn/slipmatz-web:main-abc1234
+```
+
+### Use in docker-compose.yml
+```yaml
+slipmatz_web:
+  image: ghcr.io/franknstayn/slipmatz-web:v1.0.0
+```
+
+## CI/CD Pipeline
+
+### Automatic Builds Trigger On:
+- Push to `main` → builds `latest` tag
+- Push to `develop` → builds `develop` tag
+- Create tag `v*` → builds version tags
+- Pull request → builds but doesn't push
+
+### Workflow Features:
+- ✅ Docker layer caching (faster builds)
+- ✅ Multi-platform support ready
+- ✅ Automatic tagging strategy
+- ✅ Build cache optimization
+
+## Manual Build and Push
+
+If you need to manually build and push:
+
+```bash
+# Login to GHCR
+echo $GITHUB_TOKEN | docker login ghcr.io -u USERNAME --password-stdin
+
+# Build and tag
+cd apps/slipmatz-web
+docker build -t ghcr.io/franknstayn/slipmatz-web:latest .
+
+# Push
+docker push ghcr.io/franknstayn/slipmatz-web:latest
+```
+
+## Troubleshooting
+
+### Authentication Error
+If you get permission denied when pulling:
+```bash
+# Login with GitHub Personal Access Token
+echo $GITHUB_TOKEN | docker login ghcr.io -u franknstayn --password-stdin
+```
+
+Create token at: https://github.com/settings/tokens
+- Scope needed: `read:packages`
+
+### Image Not Found
+- Check if workflow ran successfully in Actions tab
+- Verify package exists at: https://github.com/franknstayn?tab=packages
+- Ensure package visibility matches your needs (public/private)
+
+### Old Image Cached
+```bash
+docker compose pull slipmatz_web --no-cache
+docker compose up -d slipmatz_web
+```
+
+## Benefits
+
+✅ **Faster Deployments**: Pull pre-built images instead of building on server  
+✅ **Version Control**: Track and rollback to specific image versions  
+✅ **Consistent Builds**: Same image across environments  
+✅ **CI/CD Ready**: Automatic builds on code push  
+✅ **Free**: GitHub Packages is free for public repos  
+
+## Next Steps
+
+1. Push code to trigger first build
+2. Verify image appears in GitHub Packages
+3. Pull and deploy on production server
+4. Set up similar workflow for slipmatz-backend
--- a/nuxt.config.ts
+++ b/nuxt.config.ts
@@ -10,8 +10,8 @@ export default defineNuxtConfig({
    plugins: [tailwindcss()],
  },
  runtimeConfig: {
-    stripeSecretKey: process.env.STRIPE_SECRET_KEY,
-    stripeWebhookSecret: process.env.STRIPE_WEBHOOK_SECRET,
+    stripeSecretKey: process.env.NUXT_STRIPE_SECRET_KEY,
+    stripeWebhookSecret: process.env.NUXT_STRIPE_WEBHOOK_SECRET,
    public: {
      firebaseApiKey: process.env.NUXT_PUBLIC_FIREBASE_API_KEY,
      firebaseAuthDomain: process.env.NUXT_PUBLIC_FIREBASE_AUTH_DOMAIN,
--- a/test-workflow.sh
+++ b/test-workflow.sh
@@ -0,0 +1,37 @@
+#!/bin/bash
+# Test GitHub Actions workflow locally using act
+
+echo "🧪 Testing GitHub Actions workflow locally..."
+echo ""
+
+# Check if act is installed
+if ! command -v act &> /dev/null; then
+    echo "❌ act is not installed. Install with: brew install act"
+    exit 1
+fi
+
+# Change to slipmatz-web directory
+cd "$(dirname "$0")" || exit 1
+
+echo "📋 Available workflows:"
+act --list
+echo ""
+
+echo "🔍 Dry-run (no execution):"
+echo "   act pull_request --container-architecture linux/amd64 --dryrun"
+echo ""
+
+echo "🏗️  Build only (doesn't push to registry):"
+echo "   act pull_request --container-architecture linux/amd64 -j build-and-push"
+echo ""
+
+echo "🚀 Test push event (simulates main branch push):"
+echo "   act push --container-architecture linux/amd64 -j build-and-push"
+echo ""
+
+# Ask user what to do
+read -p "Run dry-run test? (y/n) " -n 1 -r
+echo
+if [[ $REPLY =~ ^[Yy]$ ]]; then
+    act pull_request --container-architecture linux/amd64 --dryrun
+fi