Mirrors/Rocket.Chat
1
0
Fork 0
mirror of https://github.com/RocketChat/Rocket.Chat.git synced 2025-12-27 22:40:49 +00:00
Code Issues Actions 6 Packages Projects Releases Wiki Activity

chore(CI): improve workflow merging steps and parallelizing image build (#37352)

Browse Source 
Co-authored-by: Guilherme Gazzo <guilherme@gazzo.xyz>
This commit is contained in:
Rodrigo Nascimento 2025-11-05 10:20:47 -03:00 committed by GitHub
parent 31ab78f0d4
commit e54fd03984
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
10 changed files with 243 additions and 367 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
.github/actions/build-docker/action.yml vendored
View File

@ -13,18 +13,10 @@ inputs:
required: true
description: 'Deno version'
type: string
platform:
service:
required: false
description: 'Platform'
default: 'alpine'
build-containers:
required: false
description: 'Containers to build along with Rocket.Chat'
description: 'Container to build'
type: string
turbo-cache:
required: false
description: 'Enable turbo cache'
default: 'true'
publish-image:
required: false
description: 'Publish image'
@ -36,6 +28,10 @@ inputs:
NPM_TOKEN:
required: false
description: 'NPM token'
type:
required: false
description: 'production or coverage'
default: 'production'
runs:
using: composite
@ -49,61 +45,55 @@ runs:
username: ${{ inputs.CR_USER }}
password: ${{ inputs.CR_PAT }}
- name: Restore build
- name: Restore packages build
uses: actions/download-artifact@v4
with:
name: build
name: packages-build
path: /tmp
- name: Unpack packages build
shell: bash
run: |
tar -xzf /tmp/RocketChat-packages-build.tar.gz -C .
- name: Restore meteor build
if: inputs.service == 'rocketchat'
uses: actions/download-artifact@v4
with:
name: build-${{ inputs.type }}
path: /tmp/build
- name: Unpack build
- name: Unpack meteor build
if: inputs.service == 'rocketchat'
shell: bash
run: |
cd /tmp/build
tar xzf Rocket.Chat.tar.gz
rm Rocket.Chat.tar.gz
- uses: rharkor/caching-for-turbo@v1.5
# if we are testing a PR from a fork, we already called the turbo cache at this point, so it should be false
if: inputs.turbo-cache == 'true'
- name: Setup NodeJS
uses: ./.github/actions/setup-node
if: inputs.setup == 'true'
with:
node-version: ${{ inputs.node-version }}
deno-version: ${{ inputs.deno-version }}
cache-modules: true
install: true
NPM_TOKEN: ${{ inputs.NPM_TOKEN }}
- name: Restore turbo build
uses: actions/download-artifact@v4
with:
name: turbo-build
path: .turbo/cache
- run: yarn build
if: inputs.setup == 'true'
shell: bash
- name: Build Docker images
shell: bash
run: |
args=(rocketchat ${{ inputs.build-containers }})
export DENO_VERSION="${{ inputs.deno-version }}"
docker compose -f docker-compose-ci.yml build "${args[@]}"
docker compose -f docker-compose-ci.yml build ${{ inputs.service }}
- name: Publish Docker images to GitHub Container Registry
if: inputs.publish-image == 'true' && github.actor != 'dependabot[bot]' && (github.event.pull_request.head.repo.full_name == github.repository || github.event_name == 'release' || github.ref == 'refs/heads/develop')
shell: bash
run: |
args=(rocketchat ${{ inputs.build-containers }})
set -o xtrace
docker compose -f docker-compose-ci.yml push "${args[@]}"
# Get image name from docker-compose-ci.yml since rocketchat image is different from service name (rocket.chat)
IMAGE=$(docker compose -f docker-compose-ci.yml config --format json 2>/dev/null | jq -r --arg s "${{ inputs.service }}" '.services[$s].image')
IMAGE_NO_TAG=$(echo "$IMAGE" | sed 's/:.*$//')
docker tag ${IMAGE} ${IMAGE}-gha-run-${{ github.run_id }}
docker push --all-tags ${IMAGE_NO_TAG}
- name: Clean up temporary files
if: inputs.service == 'rocketchat'
shell: bash
run: |
sudo rm -rf /tmp/bundle
sudo rm -rf /tmp/build

48
.github/actions/meteor-build/action.yml vendored
View File

@ -1,10 +1,10 @@
name: 'Meteor Build'
inputs:
coverage:
type:
required: false
description: 'Enable coverage'
type: boolean
description: 'production or coverage'
default: 'production'
reset-meteor:
required: false
description: 'Reset Meteor'
@ -20,18 +20,33 @@ inputs:
required: true
description: 'Deno version'
type: string
source-hash:
required: true
description: 'Source code hash'
type: string
runs:
using: composite
steps:
- name: Cache build
uses: actions/cache@v4
id: cache-build
with:
path: /tmp/Rocket.Chat.tar.gz
key: ${{ runner.OS }}-rc-build-${{ inputs.source-hash }}
restore-keys: |
${{ runner.os }}-rc-build-
- name: Set Swap Space
uses: pierotofy/set-swap-space@master
if: steps.cache-build.outputs.cache-hit != 'true'
with:
swap-size-gb: 4
- name: Setup NodeJS
uses: ./.github/actions/setup-node
if: steps.cache-build.outputs.cache-hit != 'true'
with:
node-version: ${{ inputs.node-version }}
deno-version: ${{ inputs.deno-version }}
@ -47,6 +62,7 @@ runs:
- name: Cache vite
uses: actions/cache@v3
if: steps.cache-build.outputs.cache-hit != 'true'
with:
path: ./node_modules/.vite
key: vite-local-cache-${{ runner.OS }}-${{ hashFiles('package.json') }}
@ -55,6 +71,7 @@ runs:
- name: Cache meteor local
uses: actions/cache@v3
if: steps.cache-build.outputs.cache-hit != 'true'
with:
path: ./apps/meteor/.meteor/local
key: meteor-local-cache-${{ runner.OS }}-${{ hashFiles('apps/meteor/.meteor/versions') }}
@ -63,6 +80,7 @@ runs:
- name: Cache meteor
uses: actions/cache@v3
if: steps.cache-build.outputs.cache-hit != 'true'
with:
path: ~/.meteor
key: meteor-cache-${{ runner.OS }}-${{ hashFiles('apps/meteor/.meteor/release') }}
@ -71,6 +89,7 @@ runs:
- name: Install Meteor
shell: bash
if: steps.cache-build.outputs.cache-hit != 'true'
run: |
# Restore bin from cache
set +e
@ -91,6 +110,7 @@ runs:
- name: Versions
shell: bash
if: steps.cache-build.outputs.cache-hit != 'true'
run: |
npm --versions
yarn -v
@ -100,19 +120,31 @@ runs:
meteor node -v
git version
- uses: rharkor/caching-for-turbo@v1.5
- uses: rharkor/caching-for-turbo@v1.8
- name: Reset Meteor
shell: bash
if: ${{ inputs.reset-meteor == 'true' }}
if: ${{ steps.cache-build.outputs.cache-hit != 'true' && inputs.reset-meteor == 'true' }}
working-directory: ./apps/meteor
run: meteor reset
- name: Restore packages build
uses: actions/download-artifact@v4
with:
name: packages-build
path: /tmp
- name: Unpack packages build
shell: bash
run: |
tar -xzf /tmp/RocketChat-packages-build.tar.gz -C .
- name: Build Rocket.Chat
shell: bash
if: steps.cache-build.outputs.cache-hit != 'true'
env:
METEOR_PROFILE: 1000
BABEL_ENV: ${{ inputs.coverage == 'true' && 'coverage' || '' }}
BABEL_ENV: ${{ inputs.type }}
run: |
# check if BABEL_ENV is set to coverage
if [[ $BABEL_ENV == "coverage" ]]; then
@ -124,10 +156,12 @@ runs:
- name: Translation check
shell: bash
if: steps.cache-build.outputs.cache-hit != 'true'
run: yarn turbo run translation-check
- name: Prepare build
shell: bash
if: steps.cache-build.outputs.cache-hit != 'true'
run: |
cd /tmp/dist
tar czf /tmp/Rocket.Chat.tar.gz bundle
@ -135,7 +169,7 @@ runs:
- name: Store build
uses: actions/upload-artifact@v4
with:
name: build
name: build-${{ inputs.type }}
path: /tmp/Rocket.Chat.tar.gz
overwrite: true
include-hidden-files: true

18
.github/workflows/ci-code-check.yml vendored
View File

@ -41,19 +41,19 @@ jobs:
install: true
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
# - name: Free disk space
# run: |
# sudo apt clean
# docker rmi $(docker image ls -aq)
# df -h
- uses: rharkor/caching-for-turbo@v1.8
- name: Restore turbo build
- name: Restore packages build
uses: actions/download-artifact@v4
with:
name: turbo-build
path: .turbo/cache
name: packages-build
path: /tmp
- name: Unpack packages build
shell: bash
run: |
tar -xzf /tmp/RocketChat-packages-build.tar.gz -C .
- name: Cache TypeCheck
uses: actions/cache@v4
if: matrix.check == 'ts'

26
.github/workflows/ci-test-e2e.yml vendored
View File

@ -12,12 +12,6 @@ on:
lowercase-repo:
required: true
type: string
rc-dockerfile:
required: true
type: string
rc-docker-tag:
required: true
type: string
gh-docker-tag:
required: true
type: string
@ -72,13 +66,11 @@ env:
TOOL_NODE_FLAGS: ${{ vars.TOOL_NODE_FLAGS }}
LOWERCASE_REPOSITORY: ${{ inputs.lowercase-repo }}
DOCKER_TAG: ${{ inputs.gh-docker-tag }}
DOCKER_TAG_SUFFIX_ROCKETCHAT: '-cov'
jobs:
test:
runs-on: ubuntu-24.04
env:
RC_DOCKERFILE: ${{ inputs.rc-dockerfile }}.${{ (matrix.mongodb-version == '8.2' && 'debian' && false) || 'alpine' }}
RC_DOCKER_TAG: ${{ inputs.rc-docker-tag }}.${{ (matrix.mongodb-version == '8.2' && 'debian' && false) || 'alpine' }}
strategy:
fail-fast: false
@ -86,7 +78,7 @@ jobs:
mongodb-version: ${{ fromJSON(inputs.mongodb-version) }}
shard: ${{ fromJSON(inputs.shard) }}
name: MongoDB ${{ matrix.mongodb-version }}${{ inputs.db-watcher-disabled == 'false' && ' [legacy watchers]' || '' }} (${{ matrix.shard }}/${{ inputs.total-shard }}) - ${{ (matrix.mongodb-version == '8.2' && 'Debian' && false) || 'Alpine (Official)' }}
name: MongoDB ${{ matrix.mongodb-version }}${{ inputs.db-watcher-disabled == 'false' && ' [legacy watchers]' || '' }} (${{ matrix.shard }}/${{ inputs.total-shard }})
steps:
- name: Collect Workflow Telemetry
@ -133,13 +125,16 @@ jobs:
- uses: rharkor/caching-for-turbo@v1.8
- name: Restore turbo build
- name: Restore packages build
uses: actions/download-artifact@v4
with:
name: turbo-build
path: .turbo/cache
name: packages-build
path: /tmp
- run: yarn build
- name: Unpack packages build
shell: bash
run: |
tar -xzf /tmp/RocketChat-packages-build.tar.gz -C .
# if we are testing a PR from a fork, we need to build the docker image at this point
- uses: ./.github/actions/build-docker
@ -148,11 +143,10 @@ jobs:
CR_USER: ${{ secrets.CR_USER }}
CR_PAT: ${{ secrets.CR_PAT }}
node-version: ${{ inputs.node-version }}
# we already called the turbo cache at this point, so it should be false
turbo-cache: false
# the same reason we need to rebuild the docker image at this point is the reason we dont want to publish it
publish-image: false
setup: false
service: 'rocketchat'
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: Set DEBUG_LOG_LEVEL (debug enabled)

11
.github/workflows/ci-test-storybook.yml vendored
View File

@ -37,11 +37,16 @@ jobs:
- uses: rharkor/caching-for-turbo@v1.8
- name: Restore turbo build
- name: Restore packages build
uses: actions/download-artifact@v4
with:
name: turbo-build
path: .turbo/cache
name: packages-build
path: /tmp
- name: Unpack packages build
shell: bash
run: |
tar -xzf /tmp/RocketChat-packages-build.tar.gz -C .
- uses: ./.github/actions/setup-playwright

12
.github/workflows/ci-test-unit.yml vendored
View File

@ -47,11 +47,17 @@ jobs:
- uses: rharkor/caching-for-turbo@v1.8
- name: Restore turbo build
- name: Restore packages build
uses: actions/download-artifact@v4
with:
name: turbo-build
path: .turbo/cache
name: packages-build
path: /tmp
- name: Unpack packages build
shell: bash
run: |
tar -xzf /tmp/RocketChat-packages-build.tar.gz -C .
- name: Unit Test
run: yarn testunit

405
.github/workflows/ci.yml vendored
View File

@ -27,25 +27,51 @@ jobs:
outputs:
release: ${{ steps.by-tag.outputs.release }}
latest-release: ${{ steps.latest.outputs.latest-release }}
docker-tag: ${{ steps.docker.outputs.docker-tag }}
gh-docker-tag: ${{ steps.docker.outputs.gh-docker-tag }}
lowercase-repo: ${{ steps.var.outputs.lowercase-repo }}
rc-dockerfile: '${{ github.workspace }}/apps/meteor/.docker/Dockerfile'
rc-docker-tag: '${{ steps.docker.outputs.gh-docker-tag }}'
node-version: ${{ steps.var.outputs.node-version }}
deno-version: ${{ steps.var.outputs.deno-version }}
official-platform: 'alpine'
services: ${{ steps.var.outputs.services }}
source-hash: ${{ steps.source.outputs.hash }}
# this is 100% intentional, secrets are not available for forks, so ee-tests will always fail
# to avoid this, we are using a dummy license, expiring at 2026-07-01
enterprise-license: Uo7Jcr6WW0XYA8ydHd+Sk6pZ9/0V6dIASnyTwvUrNym/zJg2Ma3eYNKkC8osXLCc72y1ahohnWY7/+7IYkvono3GYXQR+IGvYbbrVgNR6OjMahd9P/odHZL1GFTm2qHrEL5Hh/XEOG+YluFeRdWPzCizQlp4zGGOi0+PkQo096TR9NVCLrsErVl2MW1WM6ZM1W5EUJG9pKly4BQnaOTUAlor1im6i8qPTDCKrISZfLiZEWuQKaPW/GE3mRKjQNjDh0CabX1N2S880pRRGoozBYAnp2NmFfrQW0+5ihKisBTIeMbMZ7K5NE5PkYU1nhQDcc+rpDHtwG9Ceg5X0J+oea3UfrPTmDON2aSI0iO22kvL6G7QI3fyrEIvJrMbxcNKxAFeQYgnjisw/b06+chWSG4jG686Fx58XrVS87dFhWL9WoGltsk1dJCntUQvI1sX6zOfpvyg1iWRnHfYDOrwoWlX57XMm29fWineEoqnOOTOVnA/uP+DKEhercQ9Xuo7Cr6zJxpQpwd03e7ODVjiEbTDqlkZE687rmxRCD4Wmu8L86WIl2xSEIajKLX301Ww5mz/FdLqk+Mg32lkW66W3azQKvJ1440NBrYxhpJ+dl9vSFMb3s1+xnz1cYUbjUcq9mARvORcgy5mLwKulmqT6Sq0Uvbv10YCO0TW0beXYW8=
steps:
- name: Github Info
run: |
echo "GITHUB_ACTION: $GITHUB_ACTION"
echo "GITHUB_ACTOR: $GITHUB_ACTOR"
echo "GITHUB_REF: $GITHUB_REF"
echo "GITHUB_HEAD_REF: $GITHUB_HEAD_REF"
echo "GITHUB_BASE_REF: $GITHUB_BASE_REF"
echo "github.event_name: ${{ github.event_name }}"
cat $GITHUB_EVENT_PATH
- uses: actions/checkout@v4
with:
sparse-checkout: |
package.json
.tool-versions
sparse-checkout-cone-mode: false
ref: ${{ github.ref }}
# with:
# sparse-checkout: |
# package.json
# .tool-versions
# sparse-checkout-cone-mode: false
# ref: ${{ github.ref }}
- id: source
run: |
ls -la
tar -cf /tmp/RocketChat-source.tar \
--sort=name \
--owner=0 --group=0 \
--mtime='1970-01-01' \
--exclude='.github' \
--exclude='.git' \
.
SOURCE_HASH=$(sha256sum /tmp/RocketChat-source.tar | awk '{ print $1 }')-v3
echo hash=${SOURCE_HASH}
echo hash=${SOURCE_HASH} >> $GITHUB_OUTPUT
- id: var
run: |
@ -62,6 +88,8 @@ jobs:
echo "DENO_VERSION: ${DENO_VERSION}"
echo "deno-version=${DENO_VERSION}" >> $GITHUB_OUTPUT
echo "services=[\"rocketchat\",\"authorization-service\",\"account-service\",\"ddp-streamer-service\",\"presence-service\",\"stream-hub-service\",\"queue-worker-service\",\"omnichannel-transcript-service\"]" >> $GITHUB_OUTPUT
- id: by-tag
run: |
if echo "$GITHUB_REF_NAME" | grep -Eq '^[0-9]+\.[0-9]+\.[0-9]+$' ; then
@ -86,7 +114,7 @@ jobs:
if [[ '${{ github.event_name }}' == 'pull_request' ]]; then
DOCKER_TAG="pr-${{ github.event.number }}"
else
DOCKER_TAG="gh-${{ github.run_id }}"
DOCKER_TAG=$GITHUB_REF_NAME
fi
echo "DOCKER_TAG: ${DOCKER_TAG}"
echo "gh-docker-tag=${DOCKER_TAG}" >> $GITHUB_OUTPUT
@ -138,25 +166,31 @@ jobs:
needs: [release-versions, notify-draft-services]
runs-on: ubuntu-24.04
steps:
- name: Github Info
run: |
echo "GITHUB_ACTION: $GITHUB_ACTION"
echo "GITHUB_ACTOR: $GITHUB_ACTOR"
echo "GITHUB_REF: $GITHUB_REF"
echo "GITHUB_HEAD_REF: $GITHUB_HEAD_REF"
echo "GITHUB_BASE_REF: $GITHUB_BASE_REF"
echo "github.event_name: ${{ github.event_name }}"
cat $GITHUB_EVENT_PATH
- name: Cache build
uses: actions/cache@v4
id: packages-cache-build
with:
path: |
/tmp/RocketChat-packages-build.tar.gz
key: ${{ runner.OS }}-packages-build-${{ needs.release-versions.outputs.source-hash }}
restore-keys: |
${{ runner.os }}-packages-build-
- name: Debug cache-hit
run: echo "cache-hit=${{ steps.packages-cache-build.outputs.cache-hit }}"
- name: Set Swap Space
uses: pierotofy/set-swap-space@master
if: steps.packages-cache-build.outputs.cache-hit != 'true'
with:
swap-size-gb: 4
- uses: actions/checkout@v4
if: steps.packages-cache-build.outputs.cache-hit != 'true'
- name: Setup NodeJS
uses: ./.github/actions/setup-node
if: steps.packages-cache-build.outputs.cache-hit != 'true'
with:
node-version: ${{ needs.release-versions.outputs.node-version }}
deno-version: ${{ needs.release-versions.outputs.deno-version }}
@ -167,6 +201,7 @@ jobs:
- name: Cache vite
uses: actions/cache@v4
if: steps.packages-cache-build.outputs.cache-hit != 'true'
with:
path: ./node_modules/.vite
key: vite-local-cache-${{ runner.OS }}-${{ hashFiles('package.json') }}
@ -174,11 +209,27 @@ jobs:
vite-local-cache-${{ runner.os }}-
- uses: rharkor/caching-for-turbo@v1.8
if: steps.packages-cache-build.outputs.cache-hit != 'true'
- name: Build Rocket.Chat Packages
if: steps.packages-cache-build.outputs.cache-hit != 'true'
run: yarn build
- name: Archive packages build output
if: steps.packages-cache-build.outputs.cache-hit != 'true'
run: |
tar -czf /tmp/RocketChat-packages-build.tar.gz \
$(git ls-files -oi --exclude-standard -- ':(exclude)node_modules/*' ':(exclude)**/node_modules/*' ':(exclude)**/.meteor/*' ':(exclude)**/.deno-cache/*' ':(exclude)**/.turbo/*' ':(exclude).turbo/*' ':(exclude)**/.yarn/*' ':(exclude).yarn/*' ':(exclude).git/*')
- name: Upload packages build artifact
uses: actions/upload-artifact@v4
with:
name: packages-build
path: /tmp/RocketChat-packages-build.tar.gz
retention-days: 5
- name: Store turbo build
if: steps.packages-cache-build.outputs.cache-hit != 'true'
uses: actions/upload-artifact@v4
with:
name: turbo-build
@ -187,40 +238,14 @@ jobs:
include-hidden-files: true
build:
name: 📦 Meteor Build - coverage
name: 📦 Meteor Build (${{ matrix.type }})
needs: [release-versions, packages-build]
runs-on: ubuntu-24.04
steps:
- name: Collect Workflow Telemetry
uses: catchpoint/workflow-telemetry-action@v2
with:
theme: dark
job_summary: true
comment_on_pr: false
- name: Github Info
run: |
echo "GITHUB_ACTION: $GITHUB_ACTION"
echo "GITHUB_ACTOR: $GITHUB_ACTOR"
echo "GITHUB_REF: $GITHUB_REF"
echo "GITHUB_HEAD_REF: $GITHUB_HEAD_REF"
echo "GITHUB_BASE_REF: $GITHUB_BASE_REF"
echo "github.event_name: ${{ github.event_name }}"
cat $GITHUB_EVENT_PATH
- uses: actions/checkout@v4
- uses: ./.github/actions/meteor-build
with:
node-version: ${{ needs.release-versions.outputs.node-version }}
deno-version: ${{ needs.release-versions.outputs.deno-version }}
coverage: true
build-prod:
name: 📦 Meteor Build - official
needs: [tests-done, release-versions, packages-build]
if: (github.event_name == 'release' || github.ref == 'refs/heads/develop')
runs-on: ubuntu-24.04
strategy:
fail-fast: false
matrix:
type: ['production', 'coverage']
steps:
- name: Collect Workflow Telemetry
@ -229,15 +254,6 @@ jobs:
theme: dark
job_summary: true
comment_on_pr: false
- name: Github Info
run: |
echo "GITHUB_ACTION: $GITHUB_ACTION"
echo "GITHUB_ACTOR: $GITHUB_ACTOR"
echo "GITHUB_REF: $GITHUB_REF"
echo "GITHUB_HEAD_REF: $GITHUB_HEAD_REF"
echo "GITHUB_BASE_REF: $GITHUB_BASE_REF"
echo "github.event_name: ${{ github.event_name }}"
cat $GITHUB_EVENT_PATH
- uses: actions/checkout@v4
@ -245,23 +261,28 @@ jobs:
with:
node-version: ${{ needs.release-versions.outputs.node-version }}
deno-version: ${{ needs.release-versions.outputs.deno-version }}
coverage: false
source-hash: ${{ needs.release-versions.outputs.source-hash }}
type: ${{ matrix.type }}
build-gh-docker-coverage:
name: 🚢 Build Docker Images for Testing
build-gh-docker:
name: 🚢 Build Docker
needs: [build, release-versions]
runs-on: ubuntu-24.04
env:
RC_DOCKERFILE: ${{ needs.release-versions.outputs.rc-dockerfile }}.${{ matrix.platform }}
RC_DOCKER_TAG: ${{ needs.release-versions.outputs.rc-docker-tag }}.${{ matrix.platform }}
DOCKER_TAG: ${{ needs.release-versions.outputs.gh-docker-tag }}
LOWERCASE_REPOSITORY: ${{ needs.release-versions.outputs.lowercase-repo }}
strategy:
fail-fast: false
matrix:
platform: ['alpine']
service: ${{ fromJson(needs.release-versions.outputs.services) }}
type: ['production']
include:
# for rocketchat monolith and on develop branch builds we create a coverage image to run tests against it
# and keep the baseline of the coverage for other PRs
- service: rocketchat
type: coverage
steps:
- uses: actions/checkout@v4
@ -269,65 +290,16 @@ jobs:
# we only build and publish the actual docker images if not a PR from a fork
- uses: ./.github/actions/build-docker
if: (github.event.pull_request.head.repo.full_name == github.repository || github.event_name == 'release' || github.ref == 'refs/heads/develop') && github.actor != 'dependabot[bot]'
env:
DOCKER_TAG_SUFFIX_ROCKETCHAT: ${{ matrix.type == 'coverage' && '-cov' || '' }}
with:
CR_USER: ${{ secrets.CR_USER }}
CR_PAT: ${{ secrets.CR_PAT }}
node-version: ${{ needs.release-versions.outputs.node-version }}
deno-version: ${{ needs.release-versions.outputs.deno-version }}
platform: ${{ matrix.platform }}
build-containers: ${{ matrix.platform == needs.release-versions.outputs.official-platform && 'authorization-service account-service ddp-streamer-service presence-service stream-hub-service queue-worker-service omnichannel-transcript-service' || '' }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: Rename official Docker tag to GitHub Container Registry
if: matrix.platform == needs.release-versions.outputs.official-platform && (github.event.pull_request.head.repo.full_name == github.repository || github.event_name == 'release' || github.ref == 'refs/heads/develop') && github.actor != 'dependabot[bot]'
run: |
IMAGE_NAME_BASE="ghcr.io/${LOWERCASE_REPOSITORY}/rocket.chat:${DOCKER_TAG}"
echo "Push Docker image: ${IMAGE_NAME_BASE}.official"
docker tag ${IMAGE_NAME_BASE}.${{matrix.platform}} ${IMAGE_NAME_BASE}.official
docker push ${IMAGE_NAME_BASE}.official
build-gh-docker:
name: 🚢 Build Docker Images for Production
needs: [build-prod, release-versions]
runs-on: ubuntu-24.04
env:
RC_DOCKERFILE: ${{ needs.release-versions.outputs.rc-dockerfile }}.${{ matrix.platform }}
RC_DOCKER_TAG: ${{ needs.release-versions.outputs.rc-docker-tag }}.${{ matrix.platform }}
DOCKER_TAG: ${{ needs.release-versions.outputs.gh-docker-tag }}
LOWERCASE_REPOSITORY: ${{ needs.release-versions.outputs.lowercase-repo }}
strategy:
fail-fast: false
matrix:
platform: ['alpine']
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/build-docker
with:
CR_USER: ${{ secrets.CR_USER }}
CR_PAT: ${{ secrets.CR_PAT }}
node-version: ${{ needs.release-versions.outputs.node-version }}
deno-version: ${{ needs.release-versions.outputs.deno-version }}
platform: ${{ matrix.platform }}
build-containers: ${{ matrix.platform == needs.release-versions.outputs.official-platform && 'authorization-service account-service ddp-streamer-service presence-service stream-hub-service queue-worker-service omnichannel-transcript-service' || '' }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
- name: Rename official Docker tag to GitHub Container Registry
if: matrix.platform == needs.release-versions.outputs.official-platform
run: |
IMAGE_NAME_BASE="ghcr.io/${LOWERCASE_REPOSITORY}/rocket.chat:${DOCKER_TAG}"
echo "Push Docker image: ${IMAGE_NAME_BASE}"
docker tag ${IMAGE_NAME_BASE}.${{matrix.platform}} $IMAGE_NAME_BASE
docker push $IMAGE_NAME_BASE
echo "Push Docker image: ${IMAGE_NAME_BASE}.official"
docker tag ${IMAGE_NAME_BASE}.${{matrix.platform}} ${IMAGE_NAME_BASE}.official
docker push ${IMAGE_NAME_BASE}.official
service: ${{ matrix.service }}
type: ${{ matrix.type }}
checks:
needs: [release-versions, packages-build]
@ -363,7 +335,7 @@ jobs:
test-api:
name: 🔨 Test API (CE)
needs: [checks, build-gh-docker-coverage, release-versions]
needs: [checks, build-gh-docker, release-versions]
uses: ./.github/workflows/ci-test-e2e.yml
with:
@ -372,8 +344,6 @@ jobs:
node-version: ${{ needs.release-versions.outputs.node-version }}
deno-version: ${{ needs.release-versions.outputs.deno-version }}
lowercase-repo: ${{ needs.release-versions.outputs.lowercase-repo }}
rc-dockerfile: ${{ needs.release-versions.outputs.rc-dockerfile }}
rc-docker-tag: ${{ needs.release-versions.outputs.rc-docker-tag }}
gh-docker-tag: ${{ needs.release-versions.outputs.gh-docker-tag }}
secrets:
CR_USER: ${{ secrets.CR_USER }}
@ -381,7 +351,7 @@ jobs:
test-ui:
name: 🔨 Test UI (CE)
needs: [checks, build-gh-docker-coverage, release-versions]
needs: [checks, build-gh-docker, release-versions]
uses: ./.github/workflows/ci-test-e2e.yml
with:
@ -394,8 +364,6 @@ jobs:
node-version: ${{ needs.release-versions.outputs.node-version }}
deno-version: ${{ needs.release-versions.outputs.deno-version }}
lowercase-repo: ${{ needs.release-versions.outputs.lowercase-repo }}
rc-dockerfile: ${{ needs.release-versions.outputs.rc-dockerfile }}
rc-docker-tag: ${{ needs.release-versions.outputs.rc-docker-tag }}
gh-docker-tag: ${{ needs.release-versions.outputs.gh-docker-tag }}
retries: ${{ (github.event_name == 'release' || github.ref == 'refs/heads/develop' || github.ref == 'refs/heads/master') && 2 || 0 }}
secrets:
@ -408,7 +376,7 @@ jobs:
test-api-ee:
name: 🔨 Test API (EE)
needs: [checks, build-gh-docker-coverage, release-versions]
needs: [checks, build-gh-docker, release-versions]
uses: ./.github/workflows/ci-test-e2e.yml
with:
@ -420,8 +388,6 @@ jobs:
node-version: ${{ needs.release-versions.outputs.node-version }}
deno-version: ${{ needs.release-versions.outputs.deno-version }}
lowercase-repo: ${{ needs.release-versions.outputs.lowercase-repo }}
rc-dockerfile: ${{ needs.release-versions.outputs.rc-dockerfile }}
rc-docker-tag: ${{ needs.release-versions.outputs.rc-docker-tag }}
gh-docker-tag: ${{ needs.release-versions.outputs.gh-docker-tag }}
secrets:
CR_USER: ${{ secrets.CR_USER }}
@ -429,7 +395,7 @@ jobs:
test-ui-ee:
name: 🔨 Test UI (EE)
needs: [checks, build-gh-docker-coverage, release-versions]
needs: [checks, build-gh-docker, release-versions]
uses: ./.github/workflows/ci-test-e2e.yml
with:
@ -443,8 +409,6 @@ jobs:
node-version: ${{ needs.release-versions.outputs.node-version }}
deno-version: ${{ needs.release-versions.outputs.deno-version }}
lowercase-repo: ${{ needs.release-versions.outputs.lowercase-repo }}
rc-dockerfile: ${{ needs.release-versions.outputs.rc-dockerfile }}
rc-docker-tag: ${{ needs.release-versions.outputs.rc-docker-tag }}
gh-docker-tag: ${{ needs.release-versions.outputs.gh-docker-tag }}
retries: ${{ (github.event_name == 'release' || github.ref == 'refs/heads/develop' || github.ref == 'refs/heads/master') && 2 || 0 }}
secrets:
@ -458,7 +422,7 @@ jobs:
test-ui-ee-watcher:
name: 🔨 Test UI (EE)
needs: [checks, build-gh-docker-coverage, release-versions]
needs: [checks, build-gh-docker, release-versions]
uses: ./.github/workflows/ci-test-e2e.yml
with:
@ -472,8 +436,6 @@ jobs:
node-version: ${{ needs.release-versions.outputs.node-version }}
deno-version: ${{ needs.release-versions.outputs.deno-version }}
lowercase-repo: ${{ needs.release-versions.outputs.lowercase-repo }}
rc-dockerfile: ${{ needs.release-versions.outputs.rc-dockerfile }}
rc-docker-tag: ${{ needs.release-versions.outputs.rc-docker-tag }}
gh-docker-tag: ${{ needs.release-versions.outputs.gh-docker-tag }}
retries: ${{ (github.event_name == 'release' || github.ref == 'refs/heads/develop' || github.ref == 'refs/heads/master') && 2 || 0 }}
db-watcher-disabled: 'false'
@ -579,18 +541,22 @@ jobs:
aws s3 cp $ROCKET_DEPLOY_DIR/ s3://download.rocket.chat/build/ --recursive
docker-image-publish:
name: 🚀 Publish Docker Image (main)
name: 🚀 Publish Docker Images (DockerHub)
runs-on: ubuntu-24.04
needs: [deploy, release-versions]
strategy:
matrix:
# this is currently a mix of variants and different images
release: ['alpine']
env:
IMAGE_NAME: 'rocketchat/rocket.chat'
service: ${{ fromJson(needs.release-versions.outputs.services) }}
steps:
- uses: actions/checkout@v4
with:
sparse-checkout: |
docker-compose-ci.yml
sparse-checkout-cone-mode: false
ref: ${{ github.ref }}
- name: Login to DockerHub
uses: docker/login-action@v3
with:
@ -607,181 +573,69 @@ jobs:
- name: Get Docker image name
id: gh-docker
run: |
GH_IMAGE_NAME="ghcr.io/${{ needs.release-versions.outputs.lowercase-repo }}/rocket.chat:${{ needs.release-versions.outputs.gh-docker-tag }}.${{ matrix.release }}"
# Get image name from docker-compose-ci.yml since rocketchat image is different from service name (rocket.chat)
GH_IMAGE_NAME=$(docker compose -f docker-compose-ci.yml config --format json 2>/dev/null | jq -r --arg s "${{ matrix.service }}" '.services[$s].image')
echo "GH_IMAGE_NAME: $GH_IMAGE_NAME"
echo "gh-image-name=${GH_IMAGE_NAME}" >> $GITHUB_OUTPUT
DOCKER_TAG_SHA="sha-${GITHUB_SHA:0:7}"
echo "DOCKER_TAG_SHA: ${DOCKER_TAG_SHA}"
echo "gh-docker-tag-sha=${DOCKER_TAG_SHA}" >> $GITHUB_OUTPUT
- name: Pull Docker image
run: docker pull ${{ steps.gh-docker.outputs.gh-image-name }}
- name: Publish Docker image
run: |
if [[ '${{ matrix.release }}' = 'preview' ]]; then
IMAGE_NAME="${IMAGE_NAME}.preview"
fi;
if [[ '${{ matrix.service }}' == 'rocketchat' ]]; then
IMAGE_NAME="${{ needs.release-versions.outputs.lowercase-repo }}/rocket.chat"
else
IMAGE_NAME="${{ needs.release-versions.outputs.lowercase-repo }}/${{ matrix.service }}"
fi
# 'develop' or 'tag'
DOCKER_TAG=$GITHUB_REF_NAME
# append the variant name to docker tag
if [[ '${{ matrix.release }}' = 'debian' ]]; then
DOCKER_TAG="${DOCKER_TAG}-${{ matrix.release }}"
fi;
declare -a TAGS=()
PUBLISHED_TAGS=()
# tag and push the specific tag version
docker tag ${{ steps.gh-docker.outputs.gh-image-name }} $IMAGE_NAME:$DOCKER_TAG
docker push $IMAGE_NAME:$DOCKER_TAG
PUBLISHED_TAGS+=("$IMAGE_NAME:$DOCKER_TAG")
# tag specific tag version
TAGS+=("$DOCKER_TAG")
if [[ $GITHUB_REF == refs/tags/* ]]; then
RELEASE="${{ needs.release-versions.outputs.release }}"
if [[ '${{ matrix.release }}' = 'debian' ]]; then
RELEASE="${RELEASE}-${{ matrix.release }}"
fi;
echo "RELEASE: $RELEASE"
if [[ $RELEASE == 'latest' ]]; then
if [[ '${{ needs.release-versions.outputs.latest-release }}' == $GITHUB_REF_NAME ]]; then
docker tag ${{ steps.gh-docker.outputs.gh-image-name }} $IMAGE_NAME:$RELEASE
docker push $IMAGE_NAME:$RELEASE
PUBLISHED_TAGS+=("$IMAGE_NAME:$RELEASE")
TAGS+=("$RELEASE")
fi
else
docker tag ${{ steps.gh-docker.outputs.gh-image-name }} $IMAGE_NAME:$RELEASE
docker push $IMAGE_NAME:$RELEASE
PUBLISHED_TAGS+=("$IMAGE_NAME:$RELEASE")
TAGS+=("$RELEASE")
fi
fi
# commit hash
TAG_SHA="${{ steps.gh-docker.outputs.gh-docker-tag-sha }}"
COMMIT_SHA="sha-${GITHUB_SHA:0:7}"
echo "COMMIT_SHA: ${COMMIT_SHA}"
TAGS+=("${COMMIT_SHA}")
# append the variant name to docker tag
if [[ '${{ matrix.release }}' = 'debian' ]]; then
TAG_SHA="${TAG_SHA}-${{ matrix.release }}"
fi;
echo "Tags: ${TAGS[*]}"
docker tag ${{ steps.gh-docker.outputs.gh-image-name }} $IMAGE_NAME:$TAG_SHA
docker push $IMAGE_NAME:$TAG_SHA
SRC="${{ steps.gh-docker.outputs.gh-image-name }}"
DEST_REPO="docker.io/${IMAGE_NAME}"
PUBLISHED_TAGS+=("$IMAGE_NAME:$TAG_SHA")
echo "::group::Published tags"
for TAG in ${PUBLISHED_TAGS[@]}; do
echo $TAG
done
echo "::endgroup::"
services-docker-image-publish:
name: 🚀 Publish Docker Image (services)
runs-on: ubuntu-24.04
needs: [deploy, release-versions]
strategy:
matrix:
service: ['account', 'authorization', 'ddp-streamer', 'omnichannel-transcript', 'presence', 'queue-worker', 'stream-hub']
steps:
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASS }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ secrets.CR_USER }}
password: ${{ secrets.CR_PAT }}
- name: Get Docker image name
id: gh-docker
run: |
GH_IMAGE_NAME="ghcr.io/${{ needs.release-versions.outputs.lowercase-repo }}/${{ matrix.service }}-service:${{ needs.release-versions.outputs.gh-docker-tag }}"
echo "GH_IMAGE_NAME: $GH_IMAGE_NAME"
echo "gh-image-name=${GH_IMAGE_NAME}" >> $GITHUB_OUTPUT
DOCKER_TAG_SHA="sha-${GITHUB_SHA:0:7}"
echo "DOCKER_TAG_SHA: ${DOCKER_TAG_SHA}"
echo "gh-docker-tag-sha=${DOCKER_TAG_SHA}" >> $GITHUB_OUTPUT
- name: Pull Docker image
run: docker pull ${{ steps.gh-docker.outputs.gh-image-name }}
- name: Publish Docker images
run: |
DH_IMAGE_NAME="rocketchat/${{ matrix.service }}-service"
# 'develop' or 'tag'
DOCKER_TAG=$GITHUB_REF_NAME
PUBLISHED_TAGS=()
# tag and push the specific tag version
docker tag ${{ steps.gh-docker.outputs.gh-image-name }} $DH_IMAGE_NAME:$DOCKER_TAG
docker push $DH_IMAGE_NAME:$DOCKER_TAG
PUBLISHED_TAGS+=("$DH_IMAGE_NAME:$DOCKER_TAG")
if [[ $GITHUB_REF == refs/tags/* ]]; then
RELEASE="${{ needs.release-versions.outputs.release }}"
if [[ $RELEASE == 'latest' ]]; then
if [[ '${{ needs.release-versions.outputs.latest-release }}' == $GITHUB_REF_NAME ]]; then
docker tag ${{ steps.gh-docker.outputs.gh-image-name }} $DH_IMAGE_NAME:$RELEASE
docker push $DH_IMAGE_NAME:$RELEASE
PUBLISHED_TAGS+=("$DH_IMAGE_NAME:$RELEASE")
fi
else
docker tag ${{ steps.gh-docker.outputs.gh-image-name }} $DH_IMAGE_NAME:$RELEASE
docker push $DH_IMAGE_NAME:$RELEASE
PUBLISHED_TAGS+=("$DH_IMAGE_NAME:$RELEASE")
fi
if (( ${#TAGS[@]} > 0 )); then
for t in "${TAGS[@]:0}"; do
echo "Copying $SRC to ${DEST_REPO}:${t}"
docker tag $SRC "${DEST_REPO}:${t}"
done
fi
# commit hash
TAG_SHA="${{ steps.gh-docker.outputs.gh-docker-tag-sha }}"
docker tag ${{ steps.gh-docker.outputs.gh-image-name }} $DH_IMAGE_NAME:$TAG_SHA
docker push $DH_IMAGE_NAME:$TAG_SHA
PUBLISHED_TAGS+=("$DH_IMAGE_NAME:$TAG_SHA")
echo "::group::Published tags"
for TAG in ${PUBLISHED_TAGS[@]}; do
echo $TAG
done
echo "::endgroup::"
docker push --all-tags $DEST_REPO
notify-services:
name: 🚀 Notify external services
runs-on: ubuntu-24.04
needs:
- services-docker-image-publish
- docker-image-publish
- release-versions
steps:
@ -829,7 +683,6 @@ jobs:
if: github.event_name == 'release'
needs:
- services-docker-image-publish
- docker-image-publish
uses: ./.github/workflows/update-version-durability.yml

6
docker-compose-ci.yml
View File

@ -1,16 +1,14 @@
version: '3.8'
services:
rocketchat:
volumes:
- /tmp/coverage:/tmp/coverage
platform: linux/amd64
build:
dockerfile: ${RC_DOCKERFILE}
dockerfile: ${GITHUB_WORKSPACE}/apps/meteor/.docker/Dockerfile.alpine
context: /tmp/build
args:
DENO_VERSION: ${DENO_VERSION}
image: ghcr.io/${LOWERCASE_REPOSITORY}/rocket.chat:${RC_DOCKER_TAG}
image: ghcr.io/${LOWERCASE_REPOSITORY}/rocket.chat:${DOCKER_TAG}${DOCKER_TAG_SUFFIX_ROCKETCHAT}
environment:
- TEST_MODE=true
- DEBUG=${DEBUG}

4
docker-compose-local.yml
View File

@ -4,9 +4,9 @@ services:
rocketchat:
platform: linux/amd64
build:
dockerfile: ${RC_DOCKERFILE}
dockerfile: apps/meteor/.docker/Dockerfile.alpine
context: /tmp/build
image: ghcr.io/${LOWERCASE_REPOSITORY}/rocket.chat:${RC_DOCKER_TAG}
image: ghcr.io/${LOWERCASE_REPOSITORY}/rocket.chat:${DOCKER_TAG}
environment:
- TEST_MODE=true
- EXIT_UNHANDLEDPROMISEREJECTION=true

4
turbo.json
View File

@ -18,18 +18,15 @@
"outputs": ["coverage/**"]
},
"testunit": {
"dependsOn": ["build"],
"outputs": ["coverage/**"]
},
"lint": {
"dependsOn": ["build"],
"outputs": []
},
"translation-check": {
"outputs": []
},
"typecheck": {
"dependsOn": ["^build"],
"outputs": []
},
"dev": {
@ -48,7 +45,6 @@
"cache": false
},
"@rocket.chat/meteor#build:ci": {
"dependsOn": ["^build"],
"env": ["BABEL_ENV"],
"cache": false
}