82af967dfc
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Problem: Runtime stage was installing Node.js again! Solution: Use base image for runtime too - Already has Python 3.11 ✅ - Already has Node.js 20 ✅ - Already has curl, ca-certificates ✅ - Only install tini (tiny) This is the CORRECT way to use base image!
Build Directory
این دایرکتوری شامل همه فایلهای مربوط به build process پروژه است.
📁 ساختار
build/
├── docker/ # Docker configurations
│ ├── Dockerfile # Main application Dockerfile
│ ├── Dockerfile.base # Base image reference
│ ├── docker-compose.yml # Local development
│ └── .dockerignore
└── ci/ # CI/CD configurations
└── woodpecker.yml # Woodpecker CI pipeline
🐳 Docker
Dockerfile
Multi-stage Dockerfile برای بهینهسازی حجم image و امنیت:
- Stage 1 (Builder): Build و compile
- Stage 2 (Runtime): Image نهایی بدون build tools
Build:
make docker-build
# یا
docker build -f build/docker/Dockerfile -t peikarband/landing:latest .
Dockerfile.base
فایل مرجع برای base image که در repo جداگانه build میشود:
- Repo:
peikarband/base - Registry:
hub.peikarband.ir/peikarband/base:latest
docker-compose.yml
برای development محلی:
make docker-up
# یا
docker-compose -f build/docker/docker-compose.yml up -d
🔄 CI/CD
woodpecker.yml
Woodpecker CI pipeline configuration:
- Build Docker image
- Push به Harbor registry
- Tag with commit SHA
- Cache optimization
تنظیمات مورد نیاز:
HARBOR_USERNAME: Harbor registry usernameHARBOR_PASSWORD: Harbor registry password
🎯 Best Practices
-
Docker Images
- Multi-stage builds
- Minimal runtime dependencies
- Non-root user
- Health checks
-
CI/CD
- Cache layers
- Automated testing
- Semantic versioning
- Registry push on main branch only
-
Security
- Scan images for vulnerabilities
- Sign images
- Use specific versions (no
:latestin production)