luxiaba
commented
2 years ago I think for image packaging, we'd better only package code/project related data, and remove sensitive data.
Now dockerfile packages a sentive file (IPIP DB file) and that not submmited to git, and also config.py, I think it's maybe a little not convenient for others to run, so I made some changes in the configuration part:
- Use
base.pyas the basic configuration of the project, and submit it to git. - Use the env variable
APP_ENVto tell the project which configuration to load to overwritebase.py. - And i also submitted a
test.pyto git for testing usage.
-
Pull.
docker pull ghcr.io/v2ex/remote@latestYou can have a try using my image first:docker pull ghcr.io/luxiaba/remote@latest -
Run.
docker run -d --name v2ex-remote \ -e APP_ENV="PrOd" \ -v $PATH_TO_PROD_CONFIG:/app/remote/config/prod.py \ -v $PATH_TO_IPIP_DB:/opt/data/ipip.datx \ -p 127.0.0.1:5001:5000 \ $IMAGE_ID # APP_ENV is case insentive. # $PATH_TO_PROD_CONFIG is prod config file path. # and $PATH_TO_IPIP_DB, IIRC it's should be map to `/opt/data/ipip.datx` in container. # BTW, on the new version of macOS, 5000 is used by system services(airdrop or something) by default.If everything is ok, we should can curl it now:
curl 127.0.0.1:5001/hello
livid
related #19
First of all, this is same as that PR about blueprint, I'm not sure if this is what you want, please feel free let me know if not fit. ☺️
Create a Github Token . Github Action should have permission to publish the image, we generate this token first, and make sure it has
write:packagespermission.Add token generated on step 1 to remote repo secrets . So that we can use it on Github Action, pls named it as
PACKAGES_TOKEN(I call it this inci.yamlfor now).Merge to run CI.
Push to GHCR by Github Action. If everything is ok, at first time, CI will publish a new private image to GHCR, we can change it to public later.