build with tag docker

2026-05-20 21:41:57 +00:00 · 2025-11-09 14:44:58 +07:00
parent 8a11c176aa
commit 52e8fb4a3b
2 changed files with 77 additions and 52 deletions
@@ -10,9 +10,6 @@ variables:
  KEEP_IMAGES: 3
  BUILD_MODE: static

-# =====================================================
-# 🔑 AUTH TO REGISTRY
-# =====================================================
 before_script:
  - echo "🔐 Logging in to GitLab Container Registry..."
  - echo "$GITLAB_TOKEN" | docker login -u "$GITLAB_USER" --password-stdin "$CI_REGISTRY"
@@ -27,24 +24,21 @@ build-image:
    - docker:dind
  variables:
    DOCKER_TLS_CERTDIR: ""
-  script:
-    - echo "🚀 Building Docker image for ${DEPLOY_ENV} branch..."
+  script: |
+    echo "🚀 Building Docker image for ${DEPLOY_ENV} branch..."
+    export TAG="${DEPLOY_ENV}_${CI_COMMIT_SHORT_SHA}"
+    echo "🧱 Tagging image as: $IMAGE_NAME:$TAG"

-    # Tag format: web-lti:development_<commit>
-    - export TAG="${DEPLOY_ENV}_${CI_COMMIT_SHORT_SHA}"
+    docker build \
+      --build-arg NEXT_PUBLIC_API_BASE_URL=$NEXT_PUBLIC_API_BASE_URL \
+      --build-arg NEXT_PUBLIC_SSO_LOGIN_URL=$NEXT_PUBLIC_SSO_LOGIN_URL \
+      --build-arg BUILD_MODE=$BUILD_MODE \
+      -t "$IMAGE_NAME:$TAG" \
+      -t "$IMAGE_NAME:$DEPLOY_ENV" .

-    - echo "🧱 Tagging image as: $IMAGE_NAME:$TAG"
-    - docker build \
-        --build-arg NEXT_PUBLIC_API_BASE_URL=$NEXT_PUBLIC_API_BASE_URL \
-        --build-arg NEXT_PUBLIC_LTI_API_START_URL=$NEXT_PUBLIC_LTI_API_START_URL \
-        --build-arg NEXT_PUBLIC_LTI_CLIENT_ID=$NEXT_PUBLIC_LTI_CLIENT_ID \
-        --build-arg BUILD_MODE=$BUILD_MODE \
-        -t "$IMAGE_NAME:$TAG" \
-        -t "$IMAGE_NAME:$DEPLOY_ENV" .
-
-    - echo "📦 Pushing images to registry..."
-    - docker push "$IMAGE_NAME:$TAG"
-    - docker push "$IMAGE_NAME:$DEPLOY_ENV"
+    echo "📦 Pushing images to registry..."
+    docker push "$IMAGE_NAME:$TAG"
+    docker push "$IMAGE_NAME:$DEPLOY_ENV"
  only:
    - development

@@ -54,26 +48,25 @@ build-image:
 cleanup-registry:
  stage: cleanup
  image: alpine:3.20
-  script:
-    - apk add --no-cache curl jq
-    - echo "🧹 Cleaning up old images (keeping ${KEEP_IMAGES})..."
+  script: |
+    apk add --no-cache curl jq
+    echo "🧹 Cleaning up old images (keeping ${KEEP_IMAGES})..."

-    - TOKEN=$(curl --silent --request POST --header "Content-Type: application/json" \
-        --data "{\"login\": \"$GITLAB_USER\", \"password\": \"$GITLAB_TOKEN\"}" \
-        "${CI_REGISTRY}/jwt/auth" | jq -r '.token')
+    TOKEN=$(curl --silent --request POST --header "Content-Type: application/json" \
+      --data "{\"login\": \"$GITLAB_USER\", \"password\": \"$GITLAB_TOKEN\"}" \
+      "${CI_REGISTRY}/jwt/auth" | jq -r '.token')

-    - ALL_TAGS=$(curl --silent --header "Authorization: Bearer $TOKEN" \
-        "${CI_REGISTRY}/v2/${CI_PROJECT_PATH}/web-lti/tags/list" \
-        | jq -r '.tags | sort | reverse | .['$KEEP_IMAGES':] | @sh' | tr -d "'")
+    ALL_TAGS=$(curl --silent --header "Authorization: Bearer $TOKEN" \
+      "${CI_REGISTRY}/v2/${CI_PROJECT_PATH}/web-lti/tags/list" \
+      | jq -r ".tags | sort | reverse | .[${KEEP_IMAGES}:]" | jq -r '.[]')

-    - |
-      for tag in $ALL_TAGS; do
-        echo "🗑️  Deleting old image tag: $tag"
-        DIGEST=$(curl --silent -H "Authorization: Bearer $TOKEN" \
-          "${CI_REGISTRY}/v2/${CI_PROJECT_PATH}/web-lti/manifests/$tag" | jq -r '.config.digest')
-        curl --silent -X DELETE -H "Authorization: Bearer $TOKEN" \
-          "${CI_REGISTRY}/v2/${CI_PROJECT_PATH}/web-lti/manifests/${DIGEST}"
-      done
+    for tag in $ALL_TAGS; do
+      echo "🗑️  Deleting old image tag: $tag"
+      DIGEST=$(curl --silent -H "Authorization: Bearer $TOKEN" \
+        "${CI_REGISTRY}/v2/${CI_PROJECT_PATH}/web-lti/manifests/$tag" | jq -r '.config.digest')
+      curl --silent -X DELETE -H "Authorization: Bearer $TOKEN" \
+        "${CI_REGISTRY}/v2/${CI_PROJECT_PATH}/web-lti/manifests/${DIGEST}" || true
+    done
  only:
    - development
  when: always
@@ -90,13 +83,13 @@ deploy:
    - echo "$SSH_PRIVATE_KEY" > ~/.ssh/id_rsa
    - chmod 600 ~/.ssh/id_rsa
    - ssh-keyscan -H "$SERVER_IP" >> ~/.ssh/known_hosts
-  script:
-    - echo "🚀 Deploying $IMAGE_NAME:$DEPLOY_ENV to $SERVER_USER@$SERVER_IP"
-    - ssh $SERVER_USER@$SERVER_IP "
-        docker login -u '$GITLAB_USER' -p '$GITLAB_TOKEN' $CI_REGISTRY &&
-        docker pull $IMAGE_NAME:$DEPLOY_ENV &&
-        docker compose -f /home/devops/docker/deployment/development/compose/docker-compose.web-lti.yaml up -d dev-web-lti &&
-        docker image prune -f
-      "
+  script: |
+    echo "🚀 Deploying $IMAGE_NAME:$DEPLOY_ENV to $SERVER_USER@$SERVER_IP"
+    ssh $SERVER_USER@$SERVER_IP "
+      docker login -u '$GITLAB_USER' -p '$GITLAB_TOKEN' $CI_REGISTRY &&
+      docker pull $IMAGE_NAME:$DEPLOY_ENV &&
+      docker compose -f /home/devops/docker/deployment/development/compose/docker-compose.web-lti.yaml up -d dev-web-lti &&
+      docker image prune -f
+    "
  only:
    - development
@@ -1,24 +1,56 @@
-FROM node:20-alpine
+# ============================================================
+# 🏗️  Stage 1 — Builder
+# ============================================================
+FROM node:20-alpine AS builder

+# Install hanya yang diperlukan untuk build
 RUN apk add --no-cache git bash build-base curl

 WORKDIR /app

+# Copy dependency list terlebih dahulu agar cache efektif
 COPY package*.json ./
-RUN npm ci

+# Gunakan npm ci (lebih cepat, konsisten)
+RUN npm ci --omit=dev
+
+# Copy source code terakhir
 COPY . .

-# Buat config agar Next tahu output: export
+# Buat config agar Next tahu mode static export
 RUN echo "const config = { output: 'export', images: { unoptimized: true } }; export default config;" > next.config.mjs

-# Build project (Next.js 15 otomatis static export)
-RUN NEXT_DISABLE_TURBOPACK=1 npx next build
+# Build Next.js tanpa Turbopack, lalu hapus cache npm
+ENV NEXT_DISABLE_TURBOPACK=1
+RUN npx next build && npm cache clean --force

-# Pastikan folder static tersedia untuk URL _next/static
+# Tambahkan cache folder _next agar bisa dilayani oleh server
 RUN mkdir -p .next/server/app/_next && \
    cp -r .next/static .next/server/app/_next/static && \
-    cp -r public/assets .next/server/app/
+    cp -r public/assets .next/server/app/ || true
+
+# ============================================================
+# 🧱  Stage 2 — Runtime (super ringan)
+# ============================================================
+FROM node:20-alpine AS runtime
+
+# Install hanya 1 dependency ringan untuk serving static file
+RUN npm install -g serve && apk add --no-cache tini
+
+WORKDIR /app
+
+# Copy hasil build dari stage sebelumnya
+COPY --from=builder /app/.next/server/app ./server
+COPY --from=builder /app/.next/server/app/_next ./server/_next
+COPY --from=builder /app/public ./public
+
+# Set environment minimal
+ENV NODE_ENV=production
+ENV PORT=3000

 EXPOSE 3000
-CMD ["npx", "serve", ".next/server/app", "-l", "3000"]
+
+# Jalankan lewat tini untuk handle signal & memory leak
+ENTRYPOINT ["/sbin/tini", "--"]
+
+CMD ["serve", "-s", "server", "-l", "3000"]