ci: try to improve build times

2025-12-16 18:26:10 -06:00 · 2025-11-23 22:08:39 -03:00
parent d2de0684fb
commit 5f098e11a3
2 changed files with 39 additions and 49 deletions
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -12,7 +12,7 @@ on:
        required: true
        type: string
      ref:
-        description: 'Git ref to checkout (branch, tag, or SHA)'
+        description: 'Git ref to checkout'
        required: true
        default: 'main'
        type: string
@@ -29,73 +29,57 @@ jobs:
    runs-on: ubuntu-latest
    permissions:
      contents: read
+      packages: write # Needed if you switch to GHCR, good practice

    steps:
      - name: Checkout code
        uses: actions/checkout@v4
        with:
-          ref: ${{ github.event.inputs.ref }}
-        if: github.event_name == 'workflow_dispatch'
-
-      - name: Checkout code (non-manual)
-        uses: actions/checkout@v4
-        if: github.event_name != 'workflow_dispatch'
+          ref: ${{ inputs.ref || github.ref }}

      - name: Log in to Docker Hub
-        uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1
+        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}

+      # This action handles all the logic for tags (nightly vs release vs custom)
+      - name: Docker Metadata
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.IMAGE_NAME }}
+          tags: |
+            # Logic for Push to Main -> nightly
+            type=raw,value=nightly,enable=${{ github.event_name == 'push' }}
+            # Logic for Release -> semver and latest
+            type=semver,pattern={{version}},enable=${{ github.event_name == 'release' }}
+            type=raw,value=latest,enable=${{ github.event_name == 'release' }}
+            # Logic for Manual Dispatch -> custom input
+            type=raw,value=${{ inputs.tag }},enable=${{ github.event_name == 'workflow_dispatch' }}
+
      - name: Set up QEMU
        uses: docker/setup-qemu-action@v3

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

-      - name: Build and push nightly image
-        if: github.event_name == 'push'
+      - name: Build and push
        uses: docker/build-push-action@v6
        with:
          context: .
          file: ./docker/prod/django/Dockerfile
          push: true
          provenance: false
+          # Pass the calculated tags from the meta step
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
          build-args: |
-            VERSION=nightly
-          tags: ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.IMAGE_NAME }}:nightly
+            VERSION=${{ steps.meta.outputs.version }}
          platforms: linux/amd64,linux/arm64
-          cache-from: type=gha
-          cache-to: type=gha,mode=max

-      - name: Build and push release image
-        if: github.event_name == 'release'
-        uses: docker/build-push-action@v6
-        with:
-          context: .
-          file: ./docker/prod/django/Dockerfile
-          push: true
-          provenance: false
-          build-args: |
-            VERSION=${{ github.event.release.tag_name }}
-          tags: |
-            ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.IMAGE_NAME }}:latest
-            ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.IMAGE_NAME }}:${{ github.event.release.tag_name }}
-          platforms: linux/amd64,linux/arm64
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
-
-      - name: Build and push custom image
-        if: github.event_name == 'workflow_dispatch'
-        uses: docker/build-push-action@v6
-        with:
-          context: .
-          file: ./docker/prod/django/Dockerfile
-          push: true
-          provenance: false
-          build-args: |
-            VERSION=${{ github.event.inputs.tag }}
-          tags: ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.IMAGE_NAME }}:${{ github.event.inputs.tag }}
-          platforms: linux/amd64,linux/arm64
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
+          # --- CACHE CONFIGURATION ---
+          # We set a specific 'scope' key.
+          # This allows the Release tag to see the cache created by the Main branch.
+          cache-from: type=gha,scope=build-cache
+          cache-to: type=gha,mode=max,scope=build-cache
--- a/docker/prod/django/Dockerfile
+++ b/docker/prod/django/Dockerfile
@@ -11,12 +11,16 @@ RUN --mount=type=cache,target=/root/.cache/pip \

 FROM node:lts-alpine AS webpack_build
 WORKDIR /usr/src/frontend
+
+COPY ./frontend/package.json ./frontend/package-lock.json* ./
+
+RUN --mount=type=cache,target=/root/.npm \
+    npm ci || npm install
+
 COPY ./frontend .
 COPY ./app/templates /usr/src/app/templates
-RUN --mount=type=cache,target=/root/.npm \
-    rm -rf node_modules package-lock.json && \
-    npm install --verbose && \
-    npm run build
+
+RUN npm run build

 FROM python:3.11-slim-bookworm AS python-run-stage

@@ -33,6 +37,7 @@ RUN addgroup --system app && \
 ENV PYTHONDONTWRITEBYTECODE=1 \
    PYTHONUNBUFFERED=1

+# Install python dependencies from wheels
 COPY --from=python-build-stage /usr/src/app/wheels /wheels/
 RUN --mount=type=cache,target=/root/.cache/apt \
    apt-get update && \
@@ -47,6 +52,7 @@ COPY --chown=app:app ./docker/prod/procrastinate/start /start-procrastinate
 COPY --chown=app:app ./docker/prod/supervisord/supervisord.conf /etc/supervisor/conf.d/supervisord.conf
 COPY --chown=app:app ./docker/prod/supervisord/supervisord.conf /etc/supervisord.conf
 COPY --chown=app:app ./docker/prod/supervisord/start /start-single
+
 RUN sed -i 's/\r$//g' /start && \
    chmod +x /start && \
    sed -i 's/\r$//g' /start-procrastinate && \