From 0047e576faa731489f37ef10322640f3828c2f25 Mon Sep 17 00:00:00 2001
From: Sacha STAFYNIAK <sacha@digisquad.io>
Date: Thu, 28 Mar 2024 13:00:56 +0100
Subject: [PATCH] ci: update node and docker

---
 .../actions/build-template-action/script.sh   |  2 +-
 .github/workflows/deploy.yml                  | 38 +++++++++----------
 .github/workflows/release.yml                 | 29 ++++++--------
 .github/workflows/standard-version.yml        | 13 ++-----
 Dockerfile                                    |  4 +-
 Dockerfile.api                                |  2 +-
 docker-compose.yml                            |  7 ++--
 7 files changed, 40 insertions(+), 55 deletions(-)

diff --git a/.github/actions/build-template-action/script.sh b/.github/actions/build-template-action/script.sh
index 03b5e74..1aac6d3 100755
--- a/.github/actions/build-template-action/script.sh
+++ b/.github/actions/build-template-action/script.sh
@@ -45,4 +45,4 @@ echo "- ${INPUT_PROJECT^} ${INPUT_TAG} template built :rocket:" >> $GITHUB_STEP_
 
 # This step is important, it set the "filepath" output variable
 # Will be accessible in workflow
-echo "::set-output name=filepath::${ARCHIVE}"
\ No newline at end of file
+echo "filepath=${ARCHIVE}" >> "$GITHUB_OUTPUT"
\ No newline at end of file
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index 98978a2..a4a3c13 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -15,78 +15,74 @@ concurrency:
 
 jobs:
   docker-build-demo:
-    # We can skip deployment by adding [skip] in the commit body
-    if: "!contains(github.event.head_commit.message, '[skip]')"
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Set up dockertags
         run: |
           echo "dockertags=digisquad/cssninja.hr-demo:latest" >> $GITHUB_ENV
         
       - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
+        uses: docker/setup-qemu-action@v3
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
 
       - name: Login to DockerHub
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
 
       - name: Build and push
         id: docker_build
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v5
         timeout-minutes: 60
         with:
           push: true
           tags: ${{ env.dockertags }}
-          cache-from: type=registry,ref=${{ env.dockertags }}
-          cache-to: type=inline
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
 
   docker-build-api:
-    # We can skip deployment by adding [skip] in the commit body
-    if: "!contains(github.event.head_commit.message, '[skip]')"
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Set up dockertags
         run: |
           echo "dockertags=digisquad/cssninja.hr-api:latest" >> $GITHUB_ENV
         
       - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
+        uses: docker/setup-qemu-action@v3
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
 
       - name: Login to DockerHub
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
 
       - name: Build and push
         id: docker_build
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v5
         timeout-minutes: 60
         with:
           file: ./Dockerfile.api
           push: true
           tags: ${{ env.dockertags }}
-          cache-from: type=registry,ref=${{ env.dockertags }}
-          cache-to: type=inline
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
 
   deploy:
     runs-on: ubuntu-latest
     needs: [docker-build-demo, docker-build-api]
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Prepare
         uses: appleboy/ssh-action@master
         with:
@@ -114,5 +110,5 @@ jobs:
           script_stop: true
           script: |
             cd ${{ secrets.HOST_DIRECTORY }}
-            docker-compose pull
-            docker-compose up -d --force-recreate --remove-orphans
\ No newline at end of file
+            docker compose pull
+            docker compose up -d --force-recreate --remove-orphans
\ No newline at end of file
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index ea55252..fef2f55 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -7,16 +7,11 @@ on:
 
 jobs:
   release:
-    # setup strategy matrix, so we can share same pnpm cache
-    strategy:
-      matrix:
-        os: [ubuntu-latest]
-        node-version: [18]
-    runs-on: ${{ matrix.os }}
+    runs-on: ubuntu-latest
 
     steps:
       # Checkout action retreive the source (git clone)
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           fetch-depth: 0 # needed to retreive all git history
 
@@ -24,9 +19,9 @@ jobs:
       - run: corepack enable
 
       # Setup pnpm with cache
-      - uses: actions/setup-node@v3
+      - uses: actions/setup-node@v4
         with:
-          node-version: ${{ matrix.node-version }}
+          node-version: 20
           cache: "pnpm"
 
       # Compute tag and capitalized product name
@@ -34,9 +29,9 @@ jobs:
         name: release meta
         run: |
           project=${GITHUB_REPOSITORY#*/}
-          echo ::set-output name=project::${project}
-          echo ::set-output name=project-capitalized::${project^}
-          echo ::set-output name=tag::${GITHUB_REF#refs/tags/}
+          echo "PROJECT=${project}" >> "$GITHUB_OUTPUT"
+          echo "PROJECT_CAP=${project^}" >> "$GITHUB_OUTPUT"
+          echo "TAG=${GITHUB_REF#refs/tags/}" >> "$GITHUB_OUTPUT"
       # This is where we generate releases assets.
       # It use a github action in the current directory 
       # which contains a shell script to create the archive. 
@@ -45,8 +40,8 @@ jobs:
         name: build release template
         uses: ./.github/actions/build-template-action
         with:
-          tag: ${{ steps.meta.outputs.tag }}
-          project: ${{ steps.meta.outputs.project }}
+          tag: ${{ steps.meta.outputs.TAG }}
+          project: ${{ steps.meta.outputs.PROJECT }}
 
       # We re-generate the changelog using a subset of standard-version
       # The content is generated in a temp /CHANGELOG_RELEASE.md file
@@ -59,11 +54,11 @@ jobs:
       # Prepare the draft github release
       - id: create_release
         name: create github draft release
-        uses: softprops/action-gh-release@v1
+        uses: softprops/action-gh-release@v2
         with:
           # Use outputs from meta and changelog
-          tag_name: ${{ steps.meta.outputs.tag }}
-          name: ${{ steps.meta.outputs.project-capitalized }} ${{ steps.meta.outputs.tag }}
+          tag_name: ${{ steps.meta.outputs.TAG }}
+          name: ${{ steps.meta.outputs.PROJECT_CAP }} ${{ steps.meta.outputs.TAG }}
           body_path: ${{ github.workspace }}/CHANGELOG_RELEASE.md
           prerelease: false
           # The draft is required to allow file upload
diff --git a/.github/workflows/standard-version.yml b/.github/workflows/standard-version.yml
index a625495..df0e78b 100644
--- a/.github/workflows/standard-version.yml
+++ b/.github/workflows/standard-version.yml
@@ -11,16 +11,11 @@ on:
 
 jobs:
   standard-version:
-    # setup strategy matrix, so we can share same pnpm cache
-    strategy:
-      matrix:
-        os: [ubuntu-latest]
-        node-version: [18]
-    runs-on: ${{ matrix.os }}
+    runs-on: ubuntu-latest
 
     steps:
       # Checkout action retreive the source (git clone)
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           fetch-depth: 0 # needed to retreive all git history
           token: ${{ secrets.APP_GITHUB_TOKEN }}
@@ -29,9 +24,9 @@ jobs:
       - run: corepack enable
 
       # Setup pnpm with cache
-      - uses: actions/setup-node@v3
+      - uses: actions/setup-node@v4
         with:
-          node-version: ${{ matrix.node-version }}
+          node-version: 20
           cache: "pnpm"
 
       # Run "standard-version", which may create a new tag
diff --git a/Dockerfile b/Dockerfile
index 966727e..6698363 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM bitnami/node:18 AS build
+FROM bitnami/node:20 AS build
 WORKDIR /app
 
 ARG API
@@ -14,7 +14,7 @@ COPY . .
 RUN API=https://api-hr.cssninja.io/ pnpm build
 
 
-FROM bitnami/nginx:1.22 AS prod
+FROM bitnami/nginx:1.25 AS prod
 WORKDIR /app
 
 COPY --from=build /app/dist .
diff --git a/Dockerfile.api b/Dockerfile.api
index 69c4b3d..3f67c98 100644
--- a/Dockerfile.api
+++ b/Dockerfile.api
@@ -1,4 +1,4 @@
-FROM bitnami/node:18 AS build
+FROM bitnami/node:20 AS build
 WORKDIR /app
 
 RUN corepack enable && corepack prepare pnpm@latest --activate
diff --git a/docker-compose.yml b/docker-compose.yml
index 53ec460..e316ed9 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,4 +1,6 @@
-version: '3.7'
+networks:
+  cssninja-services:
+    external: true
 
 services:
   hr-demo:
@@ -39,6 +41,3 @@ services:
       traefik.http.routers.hr-api-https.tls.certresolver: 'http'
       traefik.http.routers.hr-api-https.service: 'hr-api-https'
 
-networks:
-  cssninja-services:
-    external: true
\ No newline at end of file