diff options
| author | Greg <supahgreg@users.noreply.github.com> | 2025-10-10 23:47:49 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-10-10 23:47:49 -0500 |
| commit | 4c73941607dae8d12e3b555cda9d46cf11563779 (patch) | |
| tree | 7be75aa665a7c104d002c0c04855bfee101182cd | |
| parent | def5efdef67edf18ae5abb5efc2c64ef4a8c3d3f (diff) | |
| parent | a38fc031f016aeb36d4eadf9ec6ca1a21ef66768 (diff) | |
Merge pull request #37 from tt-rss/feature/docker-config-validation
Fix app image CMD, add a 'Docker Code Quality' workflow
| -rw-r--r-- | .docker/app/Dockerfile | 2 | ||||
| -rw-r--r-- | .docker/web-nginx/Dockerfile | 31 | ||||
| -rw-r--r-- | .github/workflows/docker-code-quality.yml | 39 | ||||
| -rw-r--r-- | .github/workflows/publish.yml | 4 |
4 files changed, 63 insertions, 13 deletions
diff --git a/.docker/app/Dockerfile b/.docker/app/Dockerfile index 4abd0f3cd..9805b28f0 100644 --- a/.docker/app/Dockerfile +++ b/.docker/app/Dockerfile @@ -100,4 +100,4 @@ ENV TTRSS_DB_PORT="5432" ENV TTRSS_PHP_EXECUTABLE="/usr/bin/php${PHP_SUFFIX}" ENV TTRSS_PLUGINS="auth_internal, note, nginx_xaccel" -CMD ${SCRIPT_ROOT}/startup.sh +CMD ["/bin/sh", "-c", "${SCRIPT_ROOT}/startup.sh"] diff --git a/.docker/web-nginx/Dockerfile b/.docker/web-nginx/Dockerfile index 3c7b42e2d..d9f99c56c 100644 --- a/.docker/web-nginx/Dockerfile +++ b/.docker/web-nginx/Dockerfile @@ -1,29 +1,36 @@ FROM nginx:1.29.2-alpine -HEALTHCHECK CMD curl --fail http://localhost${APP_BASE}/index.php || exit 1 - -COPY .docker/web-nginx/nginx.conf /etc/nginx/templates/nginx.conf.template +ARG APP_UPSTREAM=app +ARG APP_FASTCGI_PASS=\$backend +ARG APP_WEB_ROOT=/var/www/html +ARG APP_BASE=/tt-rss +ARG RESOLVER=127.0.0.11 # By default, nginx will send the php requests to "app" server, but this server # name can be overridden at runtime by passing an APP_UPSTREAM env var -ENV APP_UPSTREAM=${APP_UPSTREAM:-app} -ENV APP_FASTCGI_PASS="${APP_FASTCGI_PASS:-\$backend}" +ENV APP_UPSTREAM=${APP_UPSTREAM} +ENV APP_FASTCGI_PASS="${APP_FASTCGI_PASS}" -# Webroot (defaults to /var/www/html) -ENV APP_WEB_ROOT=${APP_WEB_ROOT:-/var/www/html} +# Web root (defaults to /var/www/html) +ENV APP_WEB_ROOT=${APP_WEB_ROOT} # Base location for tt-rss (defaults to /tt-rss) -ENV APP_BASE=${APP_BASE:-/tt-rss} +ENV APP_BASE=${APP_BASE} -# Resolver for nginx (kube-dns.kube-system.svc.cluster.local for k8s) -ENV RESOLVER=${RESOLVER:-127.0.0.11} - -# In order to make tt-rss appear on website root without /tt-rss/ set above as follows in .env: +# NOTE: In order to make tt-rss appear on website root without /tt-rss/ set the following in .env: # APP_WEB_ROOT=/var/www/html/tt-rss # APP_BASE= +# Resolver for nginx (kube-dns.kube-system.svc.cluster.local for k8s) +ENV RESOLVER=${RESOLVER} + # It's necessary to set the following NGINX_ENVSUBST_OUTPUT_DIR env var to tell # nginx to replace the env vars of /etc/nginx/templates/nginx.conf.template # and put the result in /etc/nginx/nginx.conf (instead of /etc/nginx/conf.d/nginx.conf) # See https://github.com/docker-library/docs/tree/master/nginx#using-environment-variables-in-nginx-configuration-new-in-119 ENV NGINX_ENVSUBST_OUTPUT_DIR=/etc/nginx + +COPY .docker/web-nginx/nginx.conf /etc/nginx/templates/nginx.conf.template + +HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \ + CMD ["sh", "-c", "curl --fail --silent --show-error \"http://localhost${APP_BASE}/index.php\" || exit 1"] diff --git a/.github/workflows/docker-code-quality.yml b/.github/workflows/docker-code-quality.yml new file mode 100644 index 000000000..e96baf281 --- /dev/null +++ b/.github/workflows/docker-code-quality.yml @@ -0,0 +1,39 @@ +name: Docker Code Quality + +on: + pull_request: + paths: + - '.docker/**' + # Allow manual triggering + workflow_dispatch: + # Allow other workflows (e.g. Publish) to invoke this one. + workflow_call: + + +permissions: + contents: read + + +jobs: + check: + name: Check Docker image ${{ matrix.image.name }} + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + image: + - name: app + dockerfile: ./.docker/app/Dockerfile + - name: web-nginx + dockerfile: ./.docker/web-nginx/Dockerfile + + steps: + - name: Check out code + uses: actions/checkout@v5 + + - name: Validate configuration + uses: docker/build-push-action@v6 + with: + context: . + file: ${{ matrix.image.dockerfile }} + call: check diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 1ef46b631..1a5e19e22 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -24,12 +24,16 @@ permissions: jobs: + test-docker: + uses: ./.github/workflows/docker-code-quality.yml + test-php: uses: ./.github/workflows/php-code-quality.yml publish: name: Publish Docker image ${{ matrix.image.name }} needs: + - test-docker - test-php runs-on: ubuntu-latest permissions: |