From 17c32956074cba5cd3d8f01363880816528e82c3 Mon Sep 17 00:00:00 2001 From: StefanMoCoAt Date: Fri, 13 Feb 2026 21:53:58 +0100 Subject: [PATCH] chore(ci): overhaul Docker workflow with multi-service builds, ARM64 optimizations, and improved Gradle caching strategies --- .gitea/workflows/docker-publish.yaml | 135 ++++++++++++++++++++------- 1 file changed, 103 insertions(+), 32 deletions(-) diff --git a/.gitea/workflows/docker-publish.yaml b/.gitea/workflows/docker-publish.yaml index b9622a24..ae26af95 100644 --- a/.gitea/workflows/docker-publish.yaml +++ b/.gitea/workflows/docker-publish.yaml @@ -1,65 +1,136 @@ -name: Docker Build & Publish (ARM64 Optimized) +name: Build and Publish Docker Images run-name: Build & Publish by @${{ github.actor }} on: push: - branches: [ main ] - tags: [ 'v*' ] + branches: [ "main" ] + paths: + - 'backend/**' + - 'platform/**' + - 'core/**' + - 'frontend/**' + - 'config/docker/**' + - 'build.gradle.kts' + - 'settings.gradle.kts' + - 'gradle.properties' + - 'docker-compose.yaml' + - '.gitea/workflows/docker-publish.yaml' + +env: + REGISTRY: git.mo-code.at + # WICHTIG: Kleingeschrieben für Docker-Konformität + IMAGE_PREFIX: mocode-software/meldestelle + # Build Arguments für Zora (ARM64 Power) + JAVA_VERSION: "25" + GRADLE_VERSION: "9.3.1" + # OPTIMIERUNG: Gradle Parameter für mehr Speed + GRADLE_OPTS: "-Dorg.gradle.parallel=true -Dorg.gradle.workers.max=8" + # Deine neuen JVM Power-Flags für ARM64 (Cortex-A720) + JVM_OPTS_ARM64: "-XX:ActiveProcessorCount=12 -XX:+UseG1GC -XX:+UseTransparentHugePages -XX:+UseSVE=1" jobs: - build: - # Nutze ein Label, das deinen ARM64-Runner anspricht (z.B. ubuntu-latest oder arm64) + build-and-push: runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + include: + # NEU: Keycloak wird jetzt auch automatisch gebaut und gepusht + - service: keycloak + context: . + dockerfile: config/docker/keycloak/Dockerfile + image: keycloak + - service: api-gateway + context: . + dockerfile: backend/infrastructure/gateway/Dockerfile + image: gateway + - service: ping-service + context: . + dockerfile: backend/services/ping/Dockerfile + image: ping-service + - service: web-app + context: . + dockerfile: config/docker/caddy/web-app/Dockerfile + image: web-app steps: - - name: Checkout code - uses: actions/checkout@v4 + - name: Checkout repository + uses: actions/checkout@v3 - - name: Set up JDK 21 (Temurin) + # Java Setup (Wichtig für Gradle-Builds im Runner) + - name: Set up JDK 25 uses: actions/setup-java@v4 with: - java-version: '21' + java-version: '25' distribution: 'temurin' - # Aktiviert automatisches Caching für Maven oder Gradle - cache: 'gradle' + cache: gradle - - name: Grant execute permission for gradlew - run: chmod +x gradlew + # Cache für Gradle (Beschleunigt Folgebauvorgänge massiv) + - name: Setup Gradle Cache + uses: actions/cache@v3 + with: + path: | + ~/.gradle/caches + ~/.gradle/wrapper + key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} + restore-keys: | + ${{ runner.os }}-gradle- - - name: Build with Gradle - # --no-daemon ist in CI-Umgebungen stabiler - run: ./gradlew build --no-daemon + # Frontend Build (Nur für web-app notwendig) + - name: Build Frontend (Kotlin JS) + if: matrix.service == 'web-app' + run: | + chmod +x gradlew + # Wir nutzen --no-daemon im Runner, geben aber mehr Memory + ./gradlew :frontend:shells:meldestelle-portal:jsBrowserDistribution \ + -Pproduction=true \ + --max-workers=8 \ + -Dkotlin.daemon.jvm.options="-Xmx4g" - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + with: + # Wir erzwingen die Nutzung des Host-Drivers, + # um gRPC-Abstürze im Container-Builder zu vermeiden + driver: docker - - name: Login to Gitea Container Registry + # Login bei deiner Gitea Registry + - name: Log in to the Container registry uses: docker/login-action@v3 with: - registry: ${{ gitea.repository_url }} # Oder deine spezifische URL - username: ${{ gitea.actor }} - password: ${{ secrets.GITEA_TOKEN }} + registry: ${{ env.REGISTRY }} + username: ${{ secrets.REGISTRY_USER }} + password: ${{ secrets.REGISTRY_TOKEN }} - - name: Extract Metadata (Tags, Labels) + # Metadaten extrahieren (Tags, Labels) + - name: Extract metadata id: meta uses: docker/metadata-action@v5 with: - images: | - ${{ gitea.repository_url }}/${{ gitea.repository }} + images: ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/${{ matrix.image }} tags: | - type=ref,event=branch - type=semver,pattern={{version}} - type=sha,format=short + type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }} + type=sha,format=long - - name: Build and Push Docker Image - uses: docker/build-push-action@v6 + # Build und Push (Nativ ARM64 für maximale Geschwindigkeit) + - name: Build and push Docker image + uses: docker/build-push-action@v5 with: - context: . - # Nutze natives ARM64-Build, da der Runner bereits auf ARM64 läuft - platforms: linux/arm64 + context: ${{ matrix.context }} + file: ${{ matrix.dockerfile }} push: true + # Fokus auf ARM64 für Zora, AMD64 bleibt für Kompatibilität (optional) + platforms: linux/arm64 tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} - # Nutze das Gitea-interne Caching für Docker-Layer + build-args: | + DOCKER_BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ') + VERSION=${{ github.sha }} + GRADLE_VERSION=${{ env.GRADLE_VERSION }} + JAVA_VERSION=${{ env.JAVA_VERSION }} + KEYCLOAK_IMAGE_TAG=26.4 + JVM_OPTS_APPEND=${{ env.JVM_OPTS_ARM64 }} +# cache-from: type=local,src=/tmp/.buildx-cache +# cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max cache-from: type=gha cache-to: type=gha,mode=max