phundrak/bakit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: phundrak:c46ab8397c6c35a28464b2bcb7c61ab901993603
Branches Tags
phundrak:develop
...
compare: phundrak:develop
Branches Tags
phundrak:develop

2 Commits
c46ab8397c ... develop

Author SHA1 Message Date
Lucien Cartier-Tilet
72bbb8b648 chore: better action workflow
Some checks failed
Publish Docker Images / coverage-and-sonar (push) Successful in 13m49s
Details
Publish Docker Images / build-docker (push) Successful in 14m3s
Details
Publish Docker Images / push-docker (push) Failing after 29s
Details
2025-11-27 17:03:17 +01:00
Lucien Cartier-Tilet
ce28426075 chore: rename project to bakit
All checks were successful
Publish Docker Images / build-and-publish (push) Successful in 13m40s
Details
2025-11-20 11:01:55 +01:00
8 changed files with 166 additions and 102 deletions
Expand all files Collapse all files

192
.github/workflows/publish-docker.yml vendored
View File

@@ -16,7 +16,41 @@ env:
IMAGE_NAME: phundrak/phundrak-dot-com-backend
jobs:
build-and-publish:
coverage-and-sonar:
runs-on: ubuntu-latest
permissions:
content: read
pull-requests: read
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Install Nix
uses: cachix/install-nix-action@v27
with:
nix_path: nixpkgs=channel:nixos-unstable
- name: Setup Cachix
uses: cachix/cachix-action@v15
with:
name: '${{ env.CACHIX_NAME }}'
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
skipPush: ${{ github.event_name == 'pull_request' }}
- name: Coverage
run: |
nix develop --no-pure-eval --accept-flake-config --command just coverage
- name: Sonar analysis
uses: SonarSource/sonarqube-scan-action@v6
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
build-docker:
runs-on: ubuntu-latest
permissions:
contents: read
@@ -39,93 +73,123 @@ jobs:
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
skipPush: ${{ github.event_name == 'pull_request' }}
- name: Coverage
run: |
nix develop --no-pure-eval --command just coverage
- name: Sonar analysis
uses: SonarSource/sonarqube-scan-action@v6
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
- name: Build Docker image with Nix
run: |
echo "Building Docker image..."
nix build .#backendDockerLatest --accept-flake-config
cp -L result docker-image.tar.gz
- name: Upload Docker image artifact
uses: actions/upload-artifact@v3
with:
name: docker-image
path: docker-image.tar.gz
retention-days: 1
push-docker:
needs: [coverage-and-sonar, build-docker]
runs-on: ubuntu-latest
permissions:
contents: read
packages: write # Required for pushing to Phundrak Labs registry
steps:
- name: Download Docker image artifact
uses: actions/download-artifact@v3
with:
name: docker-image
- name: Load Docker image
run: |
echo "Loading Docker image into Docker daemon..."
docker load < result
docker load < docker-image.tar.gz
- name: Log in to Docker Registry
run: |
echo "${{ secrets.DOCKER_PASSWORD }}" | docker login ${{ env.DOCKER_REGISTRY }} -u ${{ secrets.DOCKER_USERNAME }} --password-stdin
- name: Push Docker tags
id: push
uses: https://labs.phundrak.com/phundrak/docker-push-action@v1
with:
registry: ${{ env.DOCKER_REGISTRY }}
registry-username: ${{ secrets.DOCKER_USERNAME }}
registry-password: ${{ secrets.DOCKER_PASSWORD }}
image-name: ${{ env.IMAGE_NAME }}
local-image-name: phundrak/phundrak-dot-com-backend:latest
event-name: ${{ github.event_name }}
ref: ${{ github.ref }}
ref-type: ${{ github.ref_type }}
ref-name: ${{ github.ref_name }}
pr-number: ${{ github.event.pull_request.number }}
# - name: Log in to Docker Registry
# run: |
# echo "${{ secrets.DOCKER_PASSWORD }}" | docker login ${{ env.DOCKER_REGISTRY }} -u ${{ secrets.DOCKER_USERNAME }} --password-stdin
- name: Determine tags and push images
run: |
set -euo pipefail
# - name: Determine tags and push images
# run: |
# set -euo pipefail
REGISTRY="${{ env.DOCKER_REGISTRY }}"
IMAGE_NAME="${{ env.IMAGE_NAME }}"
# REGISTRY="${{ env.DOCKER_REGISTRY }}"
# IMAGE_NAME="${{ env.IMAGE_NAME }}"
# The locally built image from Nix (name comes from Cargo.toml package.name)
LOCAL_IMAGE="phundrak/phundrak-dot-com-backend:latest"
# # The locally built image from Nix (name comes from Cargo.toml package.name)
# LOCAL_IMAGE="phundrak/phundrak-dot-com-backend:latest"
echo "Event: ${{ github.event_name }}"
echo "Ref: ${{ github.ref }}"
echo "Ref type: ${{ github.ref_type }}"
# echo "Event: ${{ github.event_name }}"
# echo "Ref: ${{ github.ref }}"
# echo "Ref type: ${{ github.ref_type }}"
# Determine which tags to push based on the event
if [[ "${{ github.event_name }}" == "push" && "${{ github.ref_type }}" == "tag" ]]; then
# Tag push on main branch → publish 'latest' and versioned tag
echo "Tag push detected"
TAG_VERSION="${{ github.ref_name }}"
# Remove 'v' prefix if present (v1.0.0 → 1.0.0)
TAG_VERSION="${TAG_VERSION#v}"
# # Determine which tags to push based on the event
# if [[ "${{ github.event_name }}" == "push" && "${{ github.ref_type }}" == "tag" ]]; then
# # Tag push on main branch → publish 'latest' and versioned tag
# echo "Tag push detected"
# TAG_VERSION="${{ github.ref_name }}"
# # Remove 'v' prefix if present (v1.0.0 → 1.0.0)
# TAG_VERSION="${TAG_VERSION#v}"
echo "Tagging and pushing: ${REGISTRY}/${IMAGE_NAME}:latest"
docker tag "${LOCAL_IMAGE}" "${REGISTRY}/${IMAGE_NAME}:latest"
docker push "${REGISTRY}/${IMAGE_NAME}:latest"
# echo "Tagging and pushing: ${REGISTRY}/${IMAGE_NAME}:latest"
# docker tag "${LOCAL_IMAGE}" "${REGISTRY}/${IMAGE_NAME}:latest"
# docker push "${REGISTRY}/${IMAGE_NAME}:latest"
echo "Tagging and pushing: ${REGISTRY}/${IMAGE_NAME}:${TAG_VERSION}"
docker tag "${LOCAL_IMAGE}" "${REGISTRY}/${IMAGE_NAME}:${TAG_VERSION}"
docker push "${REGISTRY}/${IMAGE_NAME}:${TAG_VERSION}"
# echo "Tagging and pushing: ${REGISTRY}/${IMAGE_NAME}:${TAG_VERSION}"
# docker tag "${LOCAL_IMAGE}" "${REGISTRY}/${IMAGE_NAME}:${TAG_VERSION}"
# docker push "${REGISTRY}/${IMAGE_NAME}:${TAG_VERSION}"
elif [[ "${{ github.event_name }}" == "push" && "${{ github.ref }}" == "refs/heads/develop" ]]; then
# Push on develop branch → publish 'develop' tag
echo "Push to develop branch detected"
# elif [[ "${{ github.event_name }}" == "push" && "${{ github.ref }}" == "refs/heads/develop" ]]; then
# # Push on develop branch → publish 'develop' tag
# echo "Push to develop branch detected"
echo "Tagging and pushing: ${REGISTRY}/${IMAGE_NAME}:develop"
docker tag "${LOCAL_IMAGE}" "${REGISTRY}/${IMAGE_NAME}:develop"
docker push "${REGISTRY}/${IMAGE_NAME}:develop"
# echo "Tagging and pushing: ${REGISTRY}/${IMAGE_NAME}:develop"
# docker tag "${LOCAL_IMAGE}" "${REGISTRY}/${IMAGE_NAME}:develop"
# docker push "${REGISTRY}/${IMAGE_NAME}:develop"
elif [[ "${{ github.event_name }}" == "pull_request" ]]; then
# Pull request → publish 'pr<number>' tag
echo "Pull request detected"
PR_NUMBER="${{ github.event.pull_request.number }}"
# elif [[ "${{ github.event_name }}" == "pull_request" ]]; then
# # Pull request → publish 'pr<number>' tag
# echo "Pull request detected"
# PR_NUMBER="${{ github.event.pull_request.number }}"
echo "Tagging and pushing: ${REGISTRY}/${IMAGE_NAME}:pr${PR_NUMBER}"
docker tag "${LOCAL_IMAGE}" "${REGISTRY}/${IMAGE_NAME}:pr${PR_NUMBER}"
docker push "${REGISTRY}/${IMAGE_NAME}:pr${PR_NUMBER}"
# echo "Tagging and pushing: ${REGISTRY}/${IMAGE_NAME}:pr${PR_NUMBER}"
# docker tag "${LOCAL_IMAGE}" "${REGISTRY}/${IMAGE_NAME}:pr${PR_NUMBER}"
# docker push "${REGISTRY}/${IMAGE_NAME}:pr${PR_NUMBER}"
elif [[ "${{ github.event_name }}" == "push" && "${{ github.ref }}" == "refs/heads/main" ]]; then
# Push to main branch (not a tag) → publish 'latest'
echo "Push to main branch detected"
# elif [[ "${{ github.event_name }}" == "push" && "${{ github.ref }}" == "refs/heads/main" ]]; then
# # Push to main branch (not a tag) → publish 'latest'
# echo "Push to main branch detected"
echo "Tagging and pushing: ${REGISTRY}/${IMAGE_NAME}:latest"
docker tag "${LOCAL_IMAGE}" "${REGISTRY}/${IMAGE_NAME}:latest"
docker push "${REGISTRY}/${IMAGE_NAME}:latest"
# echo "Tagging and pushing: ${REGISTRY}/${IMAGE_NAME}:latest"
# docker tag "${LOCAL_IMAGE}" "${REGISTRY}/${IMAGE_NAME}:latest"
# docker push "${REGISTRY}/${IMAGE_NAME}:latest"
else
echo "Unknown event or ref, skipping push"
exit 1
fi
# else
# echo "Unknown event or ref, skipping push"
# exit 1
# fi
- name: Log out from Docker Registry
if: always()
run: docker logout ${{ env.DOCKER_REGISTRY }}
# - name: Log out from Docker Registry
# if: always()
# run: docker logout ${{ env.DOCKER_REGISTRY }}
- name: Delete Docker image artifact
uses: geekyeggo/delete-artifact@v2
with:
name: docker-image
- name: Image published successfully
run: |

40
Cargo.lock generated
View File

@@ -134,6 +134,26 @@ dependencies = [
"fs_extra",
]
[[package]]
name = "bakit"
version = "0.1.0"
dependencies = [
"chrono",
"config",
"dotenvy",
"governor",
"lettre",
"poem",
"poem-openapi",
"serde",
"serde_json",
"thiserror",
"tokio",
"tracing",
"tracing-subscriber",
"validator",
]
[[package]]
name = "base64"
version = "0.21.7"
@@ -1573,26 +1593,6 @@ dependencies = [
"sha2",
]
[[package]]
name = "phundrak-dot-com-backend"
version = "0.1.0"
dependencies = [
"chrono",
"config",
"dotenvy",
"governor",
"lettre",
"poem",
"poem-openapi",
"serde",
"serde_json",
"thiserror",
"tokio",
"tracing",
"tracing-subscriber",
"validator",
]
[[package]]
name = "pin-project"
version = "0.4.30"

4
Cargo.toml
View File

@@ -1,5 +1,5 @@
[package]
name = "phundrak-dot-com-backend"
name = "bakit"
version = "0.1.0"
edition = "2024"
publish = false
@@ -11,7 +11,7 @@ path = "src/lib.rs"
[[bin]]
path = "src/main.rs"
name = "phundrak-dot-com-backend"
name = "bakit"
[dependencies]
chrono = { version = "0.4.42", features = ["serde"] }

24
README.md
View File

@@ -12,11 +12,11 @@ gitea: none
<br/>
<div align="center">
<a href="https://sonar.phundrak.com/dashboard?id=phundrak-backend" target="_blank">
<img src="https://sonar.phundrak.com/api/project_badges/measure?project=phundrak-backend&metric=coverage&token=sqb_bda24bf36825576d6c6b76048044e103339c3c5f" alt="Sonar Coverage" />
<a href="https://sonar.phundrak.com/dashboard?id=bakit" target="_blank">
<img src="https://sonar.phundrak.com/api/project_badges/measure?project=bakit&metric=coverage&token=sqb_bda24bf36825576d6c6b76048044e103339c3c5f" alt="Sonar Coverage" />
</a>
<a href="https://sonar.phundrak.com/dashboard?id=phundrak-backend" target="_blank">
<img src="https://sonar.phundrak.com/api/project_badges/measure?project=phundrak-backend&metric=alert_status&token=sqb_bda24bf36825576d6c6b76048044e103339c3c5f" alt="Sonar Quality Gate Status" />
<a href="https://sonar.phundrak.com/dashboard?id=bakit" target="_blank">
<img src="https://sonar.phundrak.com/api/project_badges/measure?project=bakit&metric=alert_status&token=sqb_bda24bf36825576d6c6b76048044e103339c3c5f" alt="Sonar Quality Gate Status" />
</a>
<a href="#license">
<img src="https://img.shields.io/badge/License-AGPL--3.0--only-blue" alt="License" />
@@ -141,14 +141,14 @@ For optimized production builds:
cargo build --release
```
The compiled binary will be at `target/release/backend`.
The compiled binary will be at `target/release/bakit`.
**With Nix:**
Build the backend binary:
```bash
nix build .#backend
# Binary available at: ./result/bin/backend
# Binary available at: ./result/bin/bakit
```
Build Docker images:
@@ -161,7 +161,7 @@ nix build .#backendDockerLatest
# Load into Docker
docker load < result
# Image will be available as: localhost/phundrak/backend-rust:latest
# Image will be available as: localhost/phundrak/bakit:latest
```
The Nix build ensures reproducible builds with all dependencies pinned.
@@ -336,7 +336,7 @@ Docker images are automatically built and published via GitHub Actions to the co
Pull and run the latest image:
```bash
# Pull from Phundrak Labs (labs.phundrak.com)
docker pull labs.phundrak.com/phundrak/phundrak-dot-com-backend:latest
docker pull labs.phundrak.com/phundrak/bakit:latest
# Run the container
docker run -d \
@@ -349,7 +349,7 @@ docker run -d \
-e APP__EMAIL__PASSWORD=your_password \
-e APP__EMAIL__FROM="Contact Form <noreply@example.com>" \
-e APP__EMAIL__RECIPIENT="Admin <admin@example.com>" \
labs.phundrak.com/phundrak/phundrak-dot-com-backend:latest
labs.phundrak.com/phundrak/bakit:latest
```
### Available Image Tags
@@ -367,7 +367,7 @@ Build with Nix (recommended for reproducibility):
```bash
nix build .#backendDockerLatest
docker load < result
docker run -p 3100:3100 localhost/phundrak/backend-rust:latest
docker run -p 3100:3100 localhost/phundrak/bakit:latest
```
Build with Docker directly:
@@ -383,7 +383,7 @@ version: '3.8'
services:
backend:
image: labs.phundrak.com/phundrak/phundrak-dot-com-backend:latest
image: labs.phundrak.com/phundrak/bakit:latest
ports:
- "3100:3100"
environment:
@@ -435,7 +435,7 @@ To use the published images, authenticate with the registry:
echo $GITHUB_TOKEN | docker login labs.phundrak.com -u USERNAME --password-stdin
# Pull the image
docker pull labs.phundrak.com/phundrak/phundrak-dot-com-backend:latest
docker pull labs.phundrak.com/phundrak/bakit:latest
```
### Required Secrets

2
settings/development.yaml
View File

@@ -5,7 +5,7 @@ application:
protocol: http
host: 127.0.0.1
base_url: http://127.0.0.1:3100
name: "com.phundrak.backend.dev"
name: "bakit-dev"
email:
host: localhost

2
settings/production.yaml
View File

@@ -2,7 +2,7 @@ debug: false
frontend_url: ""
application:
name: "com.phundrak.backend.prod"
name: "bakit-prod"
protocol: https
host: 0.0.0.0
base_url: ""

2
sonar-project.properties
View File

@@ -1 +1 @@
sonar.projectKey=phundrak-backend
sonar.projectKey=bakit

2
src/main.rs
View File

@@ -3,5 +3,5 @@
#[cfg(not(tarpaulin_include))]
#[tokio::main]
async fn main() -> Result<(), std::io::Error> {
phundrak_dot_com_backend::run(None).await
bakit::run(None).await
}