feat: Switch back to backend only, split front-end to own repo [DEV-2665]

.dockerignore

@@ -1,9 +1,14 @@
 # Skip unncecessary folders
-dist/**
-node_modules/**
-.github/**
+**/.git
+**/.github
+**/node_modules
+**/dist
 
 # Skip unnecessary files
 **/*.md
-Dockerfile**
+Dockerfile
 docker-compose.yml
+
+# Exceptions
+!LICENSE
+!README.md

.github/dependabot.yml

@@ -7,6 +7,7 @@ updates:
 
   # Maintain dependencies for GitHub Actions
   - package-ecosystem: "github-actions"
+    target-branch: "develop"
     directory: "/"
     schedule:
       interval: "weekly"

.github/workflows/build.yml

@@ -8,6 +8,24 @@ defaults:
 
 jobs:
 
+  build-node:
+    name: "Build Node.js"
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v3
+
+      - uses: actions/setup-node@v3
+        with:
+          node-version: 18
+          cache: 'npm'
+
+      - name: "Clean install dependencies"
+        run: npm ci
+
+      - name: "Run npm build"
+        run: npm run build
+
   build-docker:
     name: "Build Docker image"
     runs-on: ubuntu-latest

.github/workflows/dispatch.yml

@@ -19,6 +19,7 @@ jobs:
   call-deploy:
     name: "Deploy"
     needs: call-build
+    if: ${{ github.ref_name == 'develop' }}
     uses: ./.github/workflows/deploy.yml
     secrets: inherit
 

.github/workflows/pull-request.yml

@@ -43,5 +43,6 @@ jobs:
             revert
             style
             test
+            security
           # Configure that a scope must always be provided.
           requireScope: false

.github/workflows/release.yml

@@ -10,11 +10,11 @@ permissions:
 
 
 jobs:
-  release-npm:
+  release-node:
     name: "Semantic Release"
     runs-on: ubuntu-latest
     outputs:
-      VERSION: ${{ steps.set-version.outputs.VERSION }}
+      RELEASE_VERSION: ${{ steps.set-version.outputs.RELEASE_VERSION }}
 
     steps:
       - uses: actions/checkout@v3
@@ -47,20 +47,20 @@ jobs:
           GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
           NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
 
-      - name: Set version number
+      - name: Set release version number
         id: set-version
         run: |
-          VERSION=$( git describe --tags ${{ github.sha }})
-          echo "VERSION=$VERSION" >> "$GITHUB_OUTPUT"
+          RELEASE_VERSION=$( git describe --tags "${{ github.sha }}")
+          echo "RELEASE_VERSION=$RELEASE_VERSION" >> "$GITHUB_OUTPUT"
 
 
   release-docker:
     name: "Release Docker image"
-    needs: release-npm
+    needs: release-node
     runs-on: ubuntu-latest
     if: ${{ ( github.ref_name == 'main' ) }}
     env:
-      IMAGE_NAME: registry.digitalocean.com/${{ github.repository }}
+      IMAGE_NAME: ${{ github.repository }}
     environment: 
       name: production
       url: https://credential-service.cheqd.net
@@ -81,6 +81,13 @@ jobs:
         uses: digitalocean/action-doctl@v2
         with:
           token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }}
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Login to DOCR
         run: doctl registry login --expiry-seconds 600
@@ -90,19 +97,20 @@ jobs:
         uses: docker/metadata-action@v4
         with:
           images: |
-            ${{ env.IMAGE_NAME }}
+            ghcr.io/${{ env.IMAGE_NAME }}
+            registry.digitalocean.com/${{ env.IMAGE_NAME }}
           flavor: |
             latest=auto
           tags: |
-            type=semver,pattern={{version}},value=${{ needs.release-npm.outputs.VERSION }}
+            type=semver,pattern={{version}},value=${{ needs.release-node.outputs.RELEASE_VERSION }}
             type=raw,value=production-latest
             type=sha,format=long
           labels: |
             org.opencontainers.image.description="Cheqd Credential Service"
             org.opencontainers.image.source="https://github.com/cheqd/credential-service"
             org.opencontainers.image.vendor="Cheqd Foundation Limited"
             org.opencontainers.image.created={{date 'dddd, MMMM Do YYYY, h:mm:ss a'}}
-            org.opencontainers.image.documentation="https://docs.cheqd.io/node"
+            org.opencontainers.image.documentation="https://docs.cheqd.io/identity"
 
       - name: Build image with labels
         uses: docker/build-push-action@v4
@@ -116,7 +124,10 @@ jobs:
           labels: ${{ steps.meta.outputs.labels }}
           cache-from: type=gha
           cache-to: type=gha,mode=min
+
+      - name: Push image to GitHub Container Registry
+        run: docker image push --all-tags ghcr.io/${{ env.IMAGE_NAME }}
 
       - name: Push image to DigitalOcean Container Registry
         run: docker image push --all-tags ${{ env.IMAGE_NAME }}
-
+ 

Dockerfile

@@ -2,12 +2,12 @@
 ###         STAGE 1: Build credential-service app           ###
 ###############################################################
 
-FROM node:18-alpine AS runner
+FROM node:18-alpine AS builder
 
-# Set working directory & bash defaults
+# Set working directory
 WORKDIR /home/node/app
 
-# Copy source files
+# Copy source
 COPY . .
 
 # Installing dependencies
@@ -16,10 +16,33 @@ RUN npm ci
 # Build the app
 RUN npm run build
 
+
+###############################################################
+###         STAGE 2: Build credential-service runner        ###
+###############################################################
+
+FROM node:18-alpine AS runner
+
+# Set Node.js environment
+ENV NODE_ENV=production
+
+# Set working directory
+WORKDIR /home/node/app
+
+# Install pre-requisites
+RUN apk update && \
+    apk add --no-cache bash ca-certificates
+
+# Copy files from builder
+COPY --from=builder --chown=node:node /home/node/app/*.json /home/node/app/*.md ./
+COPY --from=builder --chown=node:node /home/node/app/dist ./dist
+
+# Install production dependencies
+RUN npm ci
+
 # Build-time arguments backend
-ARG NODE_ENV=production
 ARG NPM_CONFIG_LOGLEVEL=warn
-ARG PORT=8787
+ARG PORT=3000
 ARG ISSUER_SECRET_KEY
 ARG ISSUER_DATABASE_URL
 ARG ISSUER_DATABASE_CERT
@@ -28,16 +51,7 @@ ARG TESTNET_RPC_URL
 ARG RESOLVER_URL
 ARG ALLOWED_ORIGINS
 
-# Build-time arguments frontend
-ARG PUBLIC_LOGTO_RESOURCE_API_URL
-ARG PUBLIC_LOGTO_ENDPOINT
-ARG PUBLIC_LOGTO_APP_ID
-ARG LOGTO_MANAGEMENT_APP_ID
-ARG LOGTO_MANAGEMENT_APP_SECRET
-ARG LOGTO_RESOURCE_URL
-
 # Run-time environment variables: backend
-ENV NODE_ENV ${NODE_ENV}
 ENV NPM_CONFIG_LOGLEVEL ${NPM_CONFIG_LOGLEVEL}
 ENV PORT ${PORT}
 ENV ISSUER_SECRET_KEY ${ISSUER_SECRET_KEY}
@@ -48,22 +62,12 @@ ENV TESTNET_RPC_URL ${TESTNET_RPC_URL}
 ENV RESOLVER_URL ${RESOLVER_URL}
 ENV ALLOWED_ORIGINS ${ALLOWED_ORIGINS}
 
-# Run-time environment variables: frontend
-ENV PUBLIC_LOGTO_RESOURCE_API_URL ${PUBLIC_LOGTO_RESOURCE_API_URL}
-ENV PUBLIC_LOGTO_ENDPOINT ${PUBLIC_LOGTO_ENDPOINT}
-ENV PUBLIC_LOGTO_APP_ID ${PUBLIC_LOGTO_APP_ID}
-ENV LOGTO_MANAGEMENT_APP_ID ${LOGTO_MANAGEMENT_APP_ID}
-ENV LOGTO_MANAGEMENT_APP_SECRET ${LOGTO_MANAGEMENT_APP_SECRET}
-ENV LOGTO_RESOURCE_URL ${LOGTO_RESOURCE_URL}
-
-RUN chown -R node:node /home/node/app/packages
-
 # Specify default port
 EXPOSE ${PORT}
 
 # Set user and shell
 USER node
-SHELL ["/bin/sh", "-euo", "pipefail", "-c"]
+SHELL ["/bin/bash", "-euo", "pipefail", "-c"]
 
 # Run the application
-CMD npm run backend
+CMD [ "npm run start" ]