Merge pull request #1491 from 8398a7/develop

Develop
8398a7 · Oct 23, 2024 · fd421b4 · fd421b4
2 parents 53441a2 + 084bbf3
commit fd421b4
Show file tree

Hide file tree

Showing 7 changed files with 50 additions and 91 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -4,7 +4,7 @@ on: [push]
 
 jobs:
   test:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     env:
       RAILS_ENV: test
       TZ: /usr/share/zoneinfo/Asia/Tokyo
@@ -14,34 +14,24 @@ jobs:
 
     services:
       postgres:
-        image: postgres:11.5-alpine
+        image: postgres:17.0-alpine
         env:
           POSTGRES_USER: postgres
           POSTGRES_PASSWORD: postgres
         ports:
           - 5432:5432
       redis:
-        image: redis:5.0.5-alpine
+        image: redis:7.4.1-alpine
         ports:
           - 6379:6379
 
     steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-node@v3
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
         with:
-          node-version: 16
-      - name: Get yarn cache directory path
-        id: yarn-cache-dir-path
-        run: echo "::set-output name=dir::$(yarn cache dir)"
-      - uses: actions/cache@v3
-        id: yarn-cache # use this to check for `cache-hit` (`steps.yarn-cache.outputs.cache-hit != 'true'`)
-        with:
-          path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
-          key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
-          restore-keys: |
-            ${{ runner.os }}-yarn-v1
-      - name: yarn install
-        run: yarn install
+          node-version: 22
+          cache: yarn
+      - run: yarn install --frozen-lockfile
       - name: Run Eslint and Prettier
         run: yarn lint
       - uses: ruby/setup-ruby@v1
@@ -64,33 +54,39 @@ jobs:
         uses: paambaati/codeclimate-action@v3.0.0
         env:
           CC_TEST_REPORTER_ID: ${{secrets.CC_TEST_REPORTER_ID}}
+          NODE_OPTIONS: --openssl-legacy-provider
         with:
           coverageCommand: bundle exec rspec
       - name: Archive artifacts
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           path: ./tmp/test-results
   build:
     if: contains(github.ref, 'master')
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     needs: [test]
     steps:
       - uses: actions/checkout@v1
-      - name: docker login
-        run: echo $REGISTRY_TOKEN | docker login docker.pkg.github.com -u 8398a7 --password-stdin
-        env:
-          REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
-      - run: make pull build
-      - name: initialize gcloud sdk
-        run: |
-          echo $GCLOUD_SERVICE_KEY > ${HOME}/gcloud-service-key.json
-          gcloud auth activate-service-account --key-file=${HOME}/gcloud-service-key.json
-          gcloud --quiet config set project iidx-app
-          gcloud --quiet config set compute/zone us-west1-b
-          gcloud auth configure-docker --quiet --project iidx-app
-        env:
-          GCLOUD_SERVICE_KEY: ${{ secrets.GCLOUD_SERVICE_KEY }}
-      - run: make push
+      - name: Get short SHA
+        id: vars
+        run: echo "SHA_TAG=$(git describe --tags --abbrev=10)" >> $GITHUB_ENV
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: login ghcr.io
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: 8398a7
+          password: ${{ secrets.REGISTRY_TOKEN }}
+      - name: build image
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          push: true
+          tags: |
+            ghcr.io/8398a7/abilitysheet/app:${{ env.SHA_TAG }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
       - uses: 8398a7/action-slack@v3
         with:
           fields: repo,job
@@ -101,17 +97,7 @@ jobs:
         if: always()
   deploy:
     if: contains(github.ref, 'master')
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-24.04
     needs: [build]
     steps:
       - uses: actions/checkout@v1
-      - name: deploy abilitysheet chart
-        run: |
-          curl -X POST \
-            https://api.github.com/repos/8398a7/iidx-app-cluster/dispatches \
-            -H 'Accept: application/vnd.github.everest-preview+json' \
-            -H "Authorization: Basic ${TOKEN}" \
-            -H 'Content-Type: application/json' \
-            -d "{\"event_type\": \"abilitysheet abilitysheet.image.tag=$(git describe --tags --abbrev=10)\"}"
-        env:
-          TOKEN: ${{ secrets.DEPLOY_TOKEN }}
diff --git a/build/base.Dockerfile → Dockerfile b/build/base.Dockerfile → Dockerfile
@@ -3,6 +3,7 @@ LABEL maintainer '8398a7 <8398a7@gmail.com>'
 
 ENV \
   HOME=/app \
+  NODE_OPTIONS='--openssl-legacy-provider' \
   DEBIAN_FRONTEND=noninteractive \
   RAILS_ENV=production \
   SECRET_KEY_BASE=wip
@@ -13,10 +14,10 @@ RUN \
   apt-get update -qq && apt-get install -y \
   git \
   build-essential \
-  libpq-dev
-RUN \
-  apt-get install -y curl && \
-  curl -sL https://deb.nodesource.com/setup_16.x | bash - && \
+  libpq-dev \
+  tzdata \
+  curl && \
+  curl -sL https://deb.nodesource.com/setup_22.x | bash - && \
   curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - && \
   echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list && \
   apt-get update -qq && apt-get install -y --no-install-recommends nodejs yarn
@@ -47,3 +48,8 @@ COPY ./config $HOME/config
 COPY config/database.k8s.yml $HOME/config/database.yml
 ENV SENTRY_JS_DSN https://xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx@sentry.io/y
 RUN mkdir log && rails ts:routes assets:precompile
+
+COPY . $HOME
+RUN \
+  mv config/database.k8s.yml config/database.yml && \
+  mkdir -p tmp/pids
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -147,7 +147,7 @@ GEM
       faraday-net_http (>= 2.0, < 3.1)
       ruby2_keywords (>= 0.0.4)
     faraday-net_http (3.0.0)
-    ffi (1.15.5)
+    ffi (1.17.0)
     ffi-compiler (1.0.1)
       ffi (>= 1.0.0)
       rake
@@ -261,7 +261,7 @@ GEM
       digest
       net-protocol
       timeout
-    nio4r (2.5.8)
+    nio4r (2.5.9)
     nokogiri (1.15.4)
       mini_portile2 (~> 2.8.2)
       racc (~> 1.4)

diff --git a/Makefile b/Makefile
@@ -1,14 +1,9 @@
 TAG := $(shell git describe --tags --abbrev=10)
-BASE_IMAGE := docker.pkg.github.com/8398a7/abilitysheet/abilitysheet-base
-IMAGE := gcr.io/iidx-app/abilitysheet
+IMAGE := ghcr.io/8398a7/abilitysheet/app
 
-.PHONY: pull
-	docker pull $(BASE_IMAGE):latest
 .PHONY: build
 build:
-	docker build --cache-from $(BASE_IMAGE):latest -t $(BASE_IMAGE):latest -f build/base.Dockerfile .
-	docker build -t $(IMAGE):$(TAG) -f build/Dockerfile .
+	docker build --platform linux/amd64 -t $(IMAGE):$(TAG) .
 .PHONY: push
 push:
-	docker push $(BASE_IMAGE):latest
 	docker push $(IMAGE):$(TAG)
diff --git a/app/models/concerns/static.rb b/app/models/concerns/static.rb
@@ -81,7 +81,8 @@ module Static
     ['BIS', 28],
     ['CH', 29],
     ['RES', 30],
-    ['EPO', 31]
+    ['EPO', 31],
+    ['Pin', 32]
   ].freeze
 
   COLOR = %w[

diff --git a/build/Dockerfile b/build/Dockerfile
diff --git a/config/environments/production.rb b/config/environments/production.rb
@@ -38,8 +38,8 @@
   # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX
 
   # Store uploaded files on the local file system (see config/storage.yml for options).
-  # config.active_storage.service = :local
-  config.active_storage.service = :google
+  config.active_storage.service = :local
+  # config.active_storage.service = :google
 
   # Mount Action Cable outside main process or domain.
   # config.action_cable.mount_path = nil