Skip to content

Commit

Permalink
Possible updates.
Browse files Browse the repository at this point in the history
  • Loading branch information
william-riley-land committed Nov 5, 2023
1 parent caf2d93 commit 8ad507e
Show file tree
Hide file tree
Showing 9 changed files with 221 additions and 250 deletions.
3 changes: 0 additions & 3 deletions .dockerignore

This file was deleted.

13 changes: 8 additions & 5 deletions .env.example
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,8 @@
NEXT_PUBLIC_LICENSE_CONSENT=
LICENSE=

NODE_OPTIONS=--max-old-space-size=4092

# BASE_URL and NEXT_PUBLIC_APP_URL are both deprecated. Both are replaced with one variable, NEXT_PUBLIC_WEBAPP_URL
# BASE_URL=http://localhost:3000
# NEXT_PUBLIC_APP_URL=http://localhost:3000
Expand All @@ -20,6 +22,11 @@ NEXT_PUBLIC_WEBAPP_URL=http://localhost:3000
# It is highly recommended that the NEXTAUTH_SECRET must be overridden and very unique
# Use `openssl rand -base64 32` to generate a key
NEXTAUTH_SECRET=secret
NEXT_PUBLIC_APP_NAME='Example Calendar Agent'
NEXT_PUBLIC_COMPANY_NAME='Example Company'
NEXT_PUBLIC_SENDER_ID='Example Calendar Agent'
NEXT_PUBLIC_SENDGRID_SENDER_NAME='Example Calendar Agent'
NEXT_PUBLIC_SUPPORT_MAIL_ADDRESS='calendar@example.com'

# Encryption key that will be used to encrypt CalDAV credentials, choose a random string, for example with `dd if=/dev/urandom bs=1K count=1 | md5sum`
CALENDSO_ENCRYPTION_KEY=secret
Expand All @@ -28,15 +35,13 @@ CALENDSO_ENCRYPTION_KEY=secret
# JWT_SECRET=secret

POSTGRES_USER=unicorn_user
# Use `openssl rand -base64 32` to generate a key
POSTGRES_PASSWORD=magical_password
POSTGRES_DB=calendso
DATABASE_HOST=database:5432
DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${DATABASE_HOST}/${POSTGRES_DB}
GOOGLE_API_CREDENTIALS={}

# Set this to '1' if you don't want Cal to collect anonymous usage
CALCOM_TELEMETRY_DISABLED=

# Used for the Office 365 / Outlook.com Calendar integration
MS_GRAPH_CLIENT_ID=
MS_GRAPH_CLIENT_SECRET=
Expand All @@ -54,5 +59,3 @@ EMAIL_SERVER_HOST=smtp.example.com
EMAIL_SERVER_PORT=587
EMAIL_SERVER_USER=email_user
EMAIL_SERVER_PASSWORD=email_password

NODE_ENV=production
2 changes: 1 addition & 1 deletion .github/workflows/create-release.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ jobs:
runs-on: "ubuntu-latest"

steps:

- name: Checkout source
uses: actions/checkout@v3
with:
Expand Down
106 changes: 42 additions & 64 deletions .github/workflows/docker-build-push-dockerhub.yml
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ on:
# Uncomment below to allow specific version workflow run
# inputs:
# version:
# description: 'Version to build'
# description: 'Version to build'
# required: true

# Leaving in example for releases. Initially we simply push to 'latest'
Expand All @@ -46,10 +46,6 @@ jobs:
- name: checkout
uses: actions/checkout@v3

- name: Git submodule update
run: |
git submodule update --init
- name: Log in to the Docker Hub registry
uses: docker/login-action@v2
with:
Expand All @@ -66,7 +62,7 @@ jobs:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Docker meta
id: meta
uses: docker/metadata-action@v4
Expand All @@ -76,6 +72,14 @@ jobs:
docker.io/calcom/cal.com
ghcr.io/calcom/cal.com
- name: Extract tag
id: extract_tag
run: |
tags="${{ steps.meta.outputs.tags }}"
IFS=',' read -ra ADDR <<< "$tags" # Convert string to array using ',' as delimiter
# Get the first tag
echo "tag=${ADDR[0]}" >> $GITHUB_OUTPUT
- name: Copy env
run: |
grep -o '^[^#]*' .env.example > .env
Expand All @@ -87,21 +91,6 @@ jobs:
# - name: Set up QEMU
# uses: docker/setup-qemu-action@v2

- name: Start database
run: |
docker compose up -d database
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
driver-opts: |
network=container:database
buildkitd-flags: |
--allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host
# config-inline: |
# [worker.oci]
# max-parallelism = 1

- name: Build image
id: docker_build
uses: docker/build-push-action@v4
Expand All @@ -114,52 +103,44 @@ jobs:
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
NEXT_PUBLIC_WEBAPP_URL=${{ env.NEXT_PUBLIC_WEBAPP_URL }}
NEXT_PUBLIC_LICENSE_CONSENT=${{ env.NEXT_PUBLIC_LICENSE_CONSENT }}
NEXT_PUBLIC_TELEMETRY_KEY=${{ env.NEXT_PUBLIC_TELEMETRY_KEY }}
DATABASE_URL=postgresql://${{ env.POSTGRES_USER }}:${{ env.POSTGRES_PASSWORD }}@${{ env.DATABASE_HOST }}/${{ env.POSTGRES_DB }}
CALCOM_BRANCH=${{ steps.extract_tag.outputs.tag }}
- name: Start database
run: |
docker compose up --detach --wait database
- name: Test runtime
run: |
tags="${{ steps.meta.outputs.tags }}"
IFS=',' read -ra ADDR <<< "$tags" # Convert string to array using ',' as delimiter
tag=${ADDR[0]} # Get the first tag
docker run --rm --network stack \
-p 3000:3000 \
-e DATABASE_URL=postgresql://${{ env.POSTGRES_USER }}:${{ env.POSTGRES_PASSWORD }}@database/${{ env.POSTGRES_DB }} \
-e NEXTAUTH_SECRET=${{ env.NEXTAUTH_SECRET }} \
-e CALENDSO_ENCRYPTION_KEY=${{ env.CALENDSO_ENCRYPTION_KEY }} \
$tag &

server_pid=$!


echo "Waiting for the server to start..."
sleep 120

echo ${{ env.NEXT_PUBLIC_WEBAPP_URL }}/auth/login

for i in {1..60}; do
echo "Checking server health ($i/60)..."
response=$(curl -o /dev/null -s -w "%{http_code}" ${{ env.NEXT_PUBLIC_WEBAPP_URL }}/auth/login)
echo "HTTP Status Code: $response"
if [[ "$response" == "200" ]] || [[ "$response" == "307" ]]; then
echo "Server is healthy"
# Now, shutdown the server
kill $server_pid
exit 0
fi
sleep 1
done

echo "Server health check failed"
kill $server_pid
exit 1
echo "Waiting for the server to start..."
docker compose up --detach --wait calcom
echo ${{ env.NEXT_PUBLIC_WEBAPP_URL }}/auth/login
for i in {1..60}; do
echo "Checking server health ($i/60)..."
response=$(curl -o /dev/null -s -w "%{http_code}" ${{ env.NEXT_PUBLIC_WEBAPP_URL }}/auth/login)
echo "HTTP Status Code: $response"
if [[ "$response" == "200" ]] || [[ "$response" == "307" ]]; then
echo "Server is healthy"
# Now, shutdown the server
docker compose down
exit 0
fi
sleep 1
done
echo "Server health check failed"
docker compose down
exit 1
env:
NEXTAUTH_SECRET: 'EI4qqDpcfdvf4A+0aQEEx8JjHxHSy4uWiZw/F32K+pA='
CALENDSO_ENCRYPTION_KEY: '0zfLtY99wjeLnsM7qsa8xsT+Q0oSgnOL'


# - name: Push image
# run: |
Expand All @@ -175,19 +156,16 @@ jobs:
with:
context: ./
file: ./Dockerfile
push: true
push: true
platforms: linux/amd64
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
NEXT_PUBLIC_WEBAPP_URL=${{ env.NEXT_PUBLIC_WEBAPP_URL }}
NEXT_PUBLIC_LICENSE_CONSENT=${{ env.NEXT_PUBLIC_LICENSE_CONSENT }}
NEXT_PUBLIC_TELEMETRY_KEY=${{ env.NEXT_PUBLIC_TELEMETRY_KEY }}
DATABASE_URL=postgresql://${{ env.POSTGRES_USER }}:${{ env.POSTGRES_PASSWORD }}@${{ env.DATABASE_HOST }}/${{ env.POSTGRES_DB }}
CALCOM_BRANCH=${{ steps.extract_tag.outputs.tag }}
- name: Image digest
run: echo ${{ steps.docker_build.outputs.digest }}

- name: Cleanup
run: |
docker compose down
154 changes: 85 additions & 69 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,75 +1,91 @@
FROM node:18 as builder
# syntax=docker/dockerfile:1
# ^ Syntax version >= 1.5 is needed for `ADD`ing a git repository.

# Reference:
# - https://github.com/calcom/docker/blob/main/Dockerfile
# - https://cal.com/docs/introduction/quick-start/self-hosting/installation#development-setup-&-production-build
# - https://cal.com/docs/introduction/quick-start/self-hosting/upgrading
# - https://github.com/nodejs/docker-node/blob/main/docs/BestPractices.md
# - https://github.com/docker/docker-bench-security/tree/master
# - https://yarnpkg.com/cli/workspaces/focus#details

# ---------------------------------
FROM node:18-alpine as builder

ARG CALCOM_BRANCH=v3.4.3

# Set this to '1' if you don't want Cal to collect anonymous usage
ENV CALCOM_TELEMETRY_DISABLED=0
# CHECKPOINT_DISABLE disables Prisma's telemetry
ENV CHECKPOINT_DISABLE=0
ENV NEXT_TELEMETRY_DISABLED=0
ENV NODE_ENV=production
ENV STORYBOOK_DISABLE_TELEMETRY=0

WORKDIR /cal.com

ADD --keep-git-dir=false https://github.com/calcom/cal.com.git#${CALCOM_BRANCH} /cal.com

# Notice yarn telemetry can be set here.
RUN \
--mount=type=cache,target=/caches \
yarn config set enableTelemetry 1 && \
yarn config set cacheFolder /caches/yarn && \
yarn config set httpTimeout 1200000 && \
yarn install

# Set CI so that linting and type checking are skipped during the build. This is to lower the build time. Seems to have no other effects in Cal.com during build (currently). Defaults `yarn install` to use `--immutable`, which isn't desirable here because `yarn.lock` needs to be rebuilt, so it is set here after `yarn install` has already run.
ENV CI=1

# Use a secret mount for the environment variables, to avoid passing in build args. The secrets are only stored in memory, not in the container layer. Tooling caches are preserved to speed future builds.
RUN \
--mount=type=cache,target=/cal.com/apps/web/.next/cache \
--mount=type=cache,target=/cal.com/node_modules/.cache \
--mount=type=secret,id=calcom-environment,target=/cal.com/.env \
set -a && . .env && set +a && \
npx turbo run build --filter=@calcom/web...

# The Next.js and Turbo caches are stored for future builds in the previous layer. Since neither tool allows moving its cache directory outside of the default location inside `/cal.com`, the directories are removed here so they don't get copied to the runner later.
RUN rm -rf /cal.com/apps/web/.next/cache /cal.com/node_modules/.cache

# ---------------------------------
FROM node:18-alpine as runner
WORKDIR /cal.com

# Copy appropriate directories.
COPY --from=builder --chown=node:node /cal.com/.yarn/ .yarn/
COPY --from=builder --chown=node:node /cal.com/apps/web/ apps/web/
COPY --from=builder --chown=node:node /cal.com/packages/ packages/
COPY --from=builder --chown=node:node /cal.com/node_modules/ node_modules/

# Copy individual files.
COPY --from=builder --chown=node:node \
/cal.com/.yarnrc.yml \
/cal.com/package.json \
/cal.com/turbo.json \
/cal.com/yarn.lock \
/cal.com/
COPY --from=builder --chown=node:node /cal.com/packages/prisma/schema.prisma prisma/schema.prisma

# Copy the scripts used to start the container, and make them executable.
COPY --chmod=555 --chown=node:node \
scripts/start.sh \
scripts/wait-for-it.sh \
/cal.com/scripts/

# This symlink is not needed to build this way. Harmless to leave it in, but unlinking it cleans up a large warning in the logs.
RUN unlink /cal.com/packages/prisma/.env

# Set this to '1' if you don't want Cal to collect anonymous usage
ENV CALCOM_TELEMETRY_DISABLED=0
ENV NEXT_TELEMETRY_DISABLED=0
ENV NODE_ENV=production
ENV STORYBOOK_DISABLE_TELEMETRY=0

WORKDIR /calcom

ARG NEXT_PUBLIC_LICENSE_CONSENT
ARG CALCOM_TELEMETRY_DISABLED
ARG DATABASE_URL
ARG NEXTAUTH_SECRET=secret
ARG CALENDSO_ENCRYPTION_KEY=secret
ARG MAX_OLD_SPACE_SIZE=4096

ENV NEXT_PUBLIC_WEBAPP_URL=http://NEXT_PUBLIC_WEBAPP_URL_PLACEHOLDER \
NEXT_PUBLIC_LICENSE_CONSENT=$NEXT_PUBLIC_LICENSE_CONSENT \
CALCOM_TELEMETRY_DISABLED=$CALCOM_TELEMETRY_DISABLED \
DATABASE_URL=$DATABASE_URL \
NEXTAUTH_SECRET=${NEXTAUTH_SECRET} \
CALENDSO_ENCRYPTION_KEY=${CALENDSO_ENCRYPTION_KEY} \
NODE_OPTIONS=--max-old-space-size=${MAX_OLD_SPACE_SIZE}

COPY calcom/package.json calcom/yarn.lock calcom/.yarnrc.yml calcom/playwright.config.ts calcom/turbo.json calcom/git-init.sh calcom/git-setup.sh ./
COPY calcom/.yarn ./.yarn
COPY calcom/apps/web ./apps/web
COPY calcom/packages ./packages
COPY calcom/tests ./tests

RUN yarn config set httpTimeout 1200000 && \
npx turbo prune --scope=@calcom/web --docker && \
yarn install && \
yarn db-deploy && \
yarn --cwd packages/prisma seed-app-store

RUN yarn turbo run build --filter=@calcom/web

# RUN yarn plugin import workspace-tools && \
# yarn workspaces focus --all --production
RUN rm -rf node_modules/.cache .yarn/cache apps/web/.next/cache

FROM node:18 as builder-two

WORKDIR /calcom
ARG NEXT_PUBLIC_WEBAPP_URL=http://localhost:3000

ENV NODE_ENV production

COPY calcom/package.json calcom/.yarnrc.yml calcom/yarn.lock calcom/turbo.json ./
COPY calcom/.yarn ./.yarn
COPY --from=builder /calcom/node_modules ./node_modules
COPY --from=builder /calcom/packages ./packages
COPY --from=builder /calcom/apps/web ./apps/web
COPY --from=builder /calcom/packages/prisma/schema.prisma ./prisma/schema.prisma
COPY scripts scripts

# Save value used during this build stage. If NEXT_PUBLIC_WEBAPP_URL and BUILT_NEXT_PUBLIC_WEBAPP_URL differ at
# run-time, then start.sh will find/replace static values again.
ENV NEXT_PUBLIC_WEBAPP_URL=$NEXT_PUBLIC_WEBAPP_URL \
BUILT_NEXT_PUBLIC_WEBAPP_URL=$NEXT_PUBLIC_WEBAPP_URL

RUN scripts/replace-placeholder.sh http://NEXT_PUBLIC_WEBAPP_URL_PLACEHOLDER ${NEXT_PUBLIC_WEBAPP_URL}

FROM node:18 as runner


WORKDIR /calcom
COPY --from=builder-two /calcom ./
ARG NEXT_PUBLIC_WEBAPP_URL=http://localhost:3000
ENV NEXT_PUBLIC_WEBAPP_URL=$NEXT_PUBLIC_WEBAPP_URL \
BUILT_NEXT_PUBLIC_WEBAPP_URL=$NEXT_PUBLIC_WEBAPP_URL

ENV NODE_ENV production
EXPOSE 3000

HEALTHCHECK --interval=30s --timeout=30s --retries=5 \
CMD wget --spider http://localhost:3000 || exit 1

CMD ["/calcom/scripts/start.sh"]
USER node
CMD ["/cal.com/scripts/start.sh"]

0 comments on commit 8ad507e

Please sign in to comment.