From 39a64b3e384dc5af426a263d6c75b213d014d6cc Mon Sep 17 00:00:00 2001
From: Ondrej Vlach <ondrej@vlach.xyz>
Date: Sat, 9 Dec 2023 16:22:22 +0100
Subject: [PATCH] feat: docker build

---
 .gitea/workflows/release_docker.yaml | 52 ++++++++++++++++++++++++++++
 .gitea/workflows/test.yaml           | 25 ++++++++-----
 Dockerfile                           | 22 ++++++++++++
 Rocket.toml                          |  3 +-
 4 files changed, 93 insertions(+), 9 deletions(-)
 create mode 100644 .gitea/workflows/release_docker.yaml
 create mode 100644 Dockerfile

diff --git a/.gitea/workflows/release_docker.yaml b/.gitea/workflows/release_docker.yaml
new file mode 100644
index 0000000..3af6042
--- /dev/null
+++ b/.gitea/workflows/release_docker.yaml
@@ -0,0 +1,52 @@
+name: release
+run-name: release
+on:
+  push:
+    branches:
+      - master
+jobs:
+  docker:
+    name: docker
+    runs-on: ubuntu-latest
+    container:
+      image: ovlach/docker-gitea:v0.0.2-alpha
+    steps:
+    - uses: https://github.com/actions/checkout.git@v4
+    - name: Login to git.nanobyte.cz
+      uses: https://github.com/docker/login-action@v3
+      with:
+        username: ${{ secrets.DEPLOYMENT_PACKAGE }}
+        password: ${{ secrets.DEPLOYMENT_PACKAGE }}
+        registry: git.nanobyte.cz
+    - name: Get short hash from git repository
+      id: git
+      run: echo "::set-output name=short_hash::$(git rev-parse --short HEAD)"
+    - name: Build and push docker
+      run: |
+        docker build . -t git.nanobyte.cz/$GITHUB_REPOSITORY_OWNER/ovlach_pdf:${{steps.git.outputs.short_hash}} && \
+        docker push git.nanobyte.cz/$GITHUB_REPOSITORY_OWNER/ovlach_pdf:${{steps.git.outputs.short_hash}}
+  stage_deployment:
+    name: stage-deployment
+    runs-on: ubuntu-latest
+    needs: [docker]  # require tests to pass before deploy runs
+    steps:
+    - uses: https://github.com/actions/checkout.git@v4
+    - name: Get short hash from git repository
+      id: git
+      run: echo "::set-output name=short_hash::$(git rev-parse --short HEAD)"
+    - uses: https://github.com/actions/checkout.git@v4
+      with:
+        ssh-key: '${{ secrets.VLACH_XYZ_DEPLOY }}'
+        path: 'vlach_xyz_deploy'
+        repository: 'ovlach/vlach_xyz'
+        ref: 'master'
+        github-server-url: 'ssh://git.nanobyte.cz'
+        ssh-known-hosts: 'git.nanobyte.cz ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC3senpFPTYk75y73d1xL4XEDBe5AcLJ+GLEA+XTMpMiLsociwUeJZCJZoRUsZBH1bSvlgT23wlHtGJvDARygCBX/rZKKIb0KdD5qYgbtCzdmyg1Aw6+RNbgsOZuuDqh1HCLftj6PZWKXfEyp1rLjVCJEBmK2+iC54VjGTrm/0D3Mi1Tzpbmz0U+SqiZpNmC4GJu3riyxcXBrySsEZjWFcrUGSfVW9/MzzNk6relemGrkvBFDh6+lcx5bvPi3wamm0dlS+ySB9GhkGMukjCHHGLleRRZB3hf8ClbiMrod0KXwG1RQzqBIn3or4AUrl2ExIeA+olBTGIooy1sf/s8qBSGytYwUR1wbkMa9SIPWxIyioQY2uPu8Jg2qUYyZCJLNMeCVne5QGfxcDPm468pkkKOHVDqsVmhzRvcLuadpLHffZRg9Ds8LWSpIZh/OSWUkeavP0kSEN+vC4j/pFepYId3GJrEv/FN8KvdxKndkH2WyK2JAMcbTQAq3LiUgApuSuY1717VYNEhkEJ7u4NNmZhkW7WpTU75TCwMqrR77/eHO3ou5U7LEAKE4ujXrRX6HDgiRpg4psnI48hoJ/K50DYCL9CUAYcXLXjWhfmYUaN/1FYWS6cNpaTcwqOsdpYW4yfzqzIPLxe4GbIcEPinkywr7InwivyDIsPUYbXE9KBEw=='
+    - name: configure git
+      run: git config --global user.email "gitea-bot@nanobyte.cz" && git config --global user.name "Gitea Bot"
+    - name: Install kustomize
+      run: |
+        curl -L https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2Fv5.3.0/kustomize_v5.3.0_linux_amd64.tar.gz -o kustomize.tar.gz && tar -xzf kustomize.tar.gz
+    - name: Update images
+      run: |
+        cd vlach_xyz_deploy && cd kubernetes/staging/ && ../../../kustomize edit set image pdf=git.nanobyte.cz/$GITHUB_REPOSITORY_OWNER/ovlach_pdf:${{steps.git.outputs.short_hash}} && git add . && git commit -m "upgrade ovlach_pdf -> ${{steps.git.outputs.short_hash}}" && git push origin master
diff --git a/.gitea/workflows/test.yaml b/.gitea/workflows/test.yaml
index 4314ab3..2065d84 100644
--- a/.gitea/workflows/test.yaml
+++ b/.gitea/workflows/test.yaml
@@ -1,53 +1,62 @@
 name: test
 run-name: test
 on:
-  workflow_call:
   push:
     branches:
       - '*'
 jobs:
   clippy:
     runs-on: ubuntu-latest
+    container:
+      image: git.nanobyte.cz/nanobyte/nano-rust-builder:1.74.5f84654
     steps:
       - uses: https://github.com/actions/checkout.git@v4
+      - name: Hash of Cargo.lock
+        id: get-hash
+        run: echo "::set-output name=hash::$(md5sum Cargo.lock |  awk '{ print $1; }')"
       - uses: https://gitea.com/wolfogre/cache/restore@v3
         id: cache
         with:
+          key: "${{github.repository}}-cache-cargo-clippy-v4-${{ steps.get-hash.outputs.hash }}"
           path: |
             .cache
             target
-          key: ${{github.repository}}-cache-cargo-clippy-v4-${{ hashFiles('Cargo.lock') }}
           restore-keys: ${{github.repository}}-cache-cargo-clippy-v4
       - uses: nanobyte-public/rust-action@master
         with:
-          args: CARGO_HOME=./.cache cargo clippy -- -Dwarnings
+          args: CARGO_HOME=./.cache cargo-nan \"Bearer ${{secrets.deployment_package}}\" cargo clippy -- -Dwarnings
       - uses: https://gitea.com/wolfogre/cache/save@v3
         if: steps.cache.outputs.cache-hit != 'true'
         with:
           path: |
             .cache
             target
-          key: ${{github.repository}}-cache-cargo-clippy-v4-${{ hashFiles('Cargo.lock') }}
+          key: "${{github.repository}}-cache-cargo-clippy-v4-${{ steps.get-hash.outputs.hash }}"
   test:
+    container:
+        image: git.nanobyte.cz/nanobyte/nano-rust-builder:1.74.5f84654
     runs-on: ubuntu-latest
     steps:
       - uses: https://github.com/actions/checkout.git@v4
+      - name: Hash of Cargo.lock
+        id: get-hash
+        run: echo "::set-output name=hash::$(md5sum Cargo.lock | awk '{ print $1; '})"
       - uses: https://gitea.com/wolfogre/cache/restore@v3
         id: cache
         with:
           path: |
             .cache
             target
-          key: ${{github.repository}}-cache-cargo-test-v4-${{ hashFiles('Cargo.lock') }}
-          restore-keys: ${{github.repository}}-cache-cargo-test-v4
+          key: "${{github.repository}}-cache-test-clippy-v4-${{ steps.get-hash.outputs.hash }}"
+          restore-keys: ${{github.repository}}-cache-test-test-v4
       - uses: nanobyte-public/rust-action@master
         with:
           args: |
-            CARGO_HOME=./.cache  cargo test
+            CARGO_HOME=./.cache cargo-nan \"Bearer ${{secrets.deployment_package}}\" cargo test
       - uses: https://gitea.com/wolfogre/cache/save@v3
         if: steps.cache.outputs.cache-hit != 'true'
         with:
           path: |
             .cache
             target
-          key: ${{github.repository}}-cache-cargo-test-v4-${{ hashFiles('Cargo.lock') }}
+          key: "${{github.repository}}-cache-test-clippy-v4-${{ steps.get-hash.outputs.hash }}"
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..f6e8979
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,22 @@
+FROM git.nanobyte.cz/nanobyte-public/nano-rust:1.74.5f84654 AS builder
+ARG PACKAGE_NAME="ovlach_pdf"
+ARG GITEA_TOKEN
+
+
+COPY . /data/
+RUN cd /data && cargo-nan "${GITEA_TOKEN}" cargo build --release
+
+FROM git.nanobyte.cz/nanobyte-public/nano-rust:1.74.5f84654
+ARG PACKAGE_NAME="ovlach_pdf"
+ARG GITEA_TOKEN
+RUN apt-get update && apt-get install -y chromium
+COPY --from=builder /data/target/release/${PACKAGE_NAME} /bin
+RUN mkdir /rund
+COPY Rocket.toml /rund
+COPY templates/* /rund/templates/
+COPY resources /rund/resources/
+WORKDIR /rund
+EXPOSE 8000
+ENV ROCKET_ADDRESS=0.0.0.0
+ENV PACKAGE_NAME=${PACKAGE_NAME}
+ENTRYPOINT $PACKAGE_NAME
diff --git a/Rocket.toml b/Rocket.toml
index 1984b8f..84eca56 100644
--- a/Rocket.toml
+++ b/Rocket.toml
@@ -1,9 +1,10 @@
 [debug]
 static_route = "http://localhost:8001"
 cv_backend_path = "http://localhost:8002"
+port = 8003
 
 [default]
 static_route = "http://localhost:8001"
 cv_backend_path = "http://localhost:8002"
-port = 8003
+port = 8000
 default_person_name = "ovlach"