website-and-documentation/DOCKER.md

# Docker Build

This project uses a multi-stage Docker build that matches the local devbox development environment.

## Version Management

All tool versions are defined in `.env.versions` as the single source of truth:

```bash
NODE_VERSION=24.10.0
GO_VERSION=1.25.1
HUGO_VERSION=0.151.0
```

These versions are used in:

- `devbox.json` - Local development environment
- `Dockerfile` - Docker build arguments (with defaults)
- `.github/workflows/ci.yaml` - CI/CD pipeline

**Important:** When updating versions, modify `.env.versions` and sync with `devbox.json`.

## Local Build

### Using Task (recommended)

The easiest way to build the OCI image:

```bash
task build:oci-image
```

This automatically:

- Loads versions from `.env.versions`
- Builds the image with correct build arguments
- Tags with `latest` and git commit hash

To build and test:

```bash
task test:oci-image
```

### Automatic version loading

Use the helper script to load versions from `.env.versions`:

```bash
source scripts/get-versions.sh
```

This will show you the Docker build command with the correct versions.

### Manual build

```bash
docker build --network=host \
  --build-arg NODE_VERSION=24.10.0 \
  --build-arg GO_VERSION=1.25.1 \
  --build-arg HUGO_VERSION=0.151.0 \
  -t ipceicis-developerframework:latest .
```

### Test the image

```bash
docker run -d -p 8080:80 --name hugo-test ipceicis-developerframework:latest
curl http://localhost:8080
docker stop hugo-test && docker rm hugo-test
```

## CI/CD Pipeline

The GitHub Actions workflow (`.github/workflows/ci.yaml`) automatically:

1. Extracts versions from devbox environment
2. Builds multi-arch images (amd64 + arm64)
3. Pushes to the container registry with appropriate tags

### Required Secrets

Configure these secrets in your GitHub repository:

- `PACKAGES_USER`: Container registry username
- `PACKAGES_TOKEN`: Container registry token/password

## Image Structure

- **Build Stage**: Uses Node.js base image, installs Go and Hugo
- **Runtime Stage**: Uses nginx:alpine to serve static content (~50MB)

The build process:

1. Installs npm dependencies
2. Downloads Hugo modules
3. Builds static site with `hugo --gc --minify`
4. Copies built site to minimal nginx container
feat(ci): add Docker build pipeline with version management - Add multi-stage Dockerfile with pinned tool versions (Node 24.10.0, Go 1.25.1, Hugo 0.151.0) - Create .env.versions as single source of truth for all tool versions - Add GitHub Actions CI workflow for automated OCI image builds - Multi-arch support (amd64, arm64) - Automatic version loading from .env.versions - Docker registry push with metadata tags - Add Taskfile tasks for local OCI image building and testing - task build:oci-image - Build with version-pinned dependencies - task test:oci-image - Build and test container locally - Pin devbox.json to specific versions matching .env.versions - Add comprehensive documentation (DOCKER.md, VERSIONS.md) - Add helper script (scripts/get-versions.sh) for version extraction This enables consistent development and production environments with identical tool versions across local devbox, Docker builds, and CI/CD. 2025-10-23 17:04:28 +02:00			`# Docker Build`

			`This project uses a multi-stage Docker build that matches the local devbox development environment.`

			`## Version Management`

			All tool versions are defined in `.env.versions` as the single source of truth:

			```bash
			`NODE_VERSION=24.10.0`
			`GO_VERSION=1.25.1`
			`HUGO_VERSION=0.151.0`
			```

			`These versions are used in:`

			- `devbox.json` - Local development environment
			- `Dockerfile` - Docker build arguments (with defaults)
			- `.github/workflows/ci.yaml` - CI/CD pipeline

			Important: When updating versions, modify `.env.versions` and sync with `devbox.json`.

			`## Local Build`

			`### Using Task (recommended)`

			`The easiest way to build the OCI image:`

			```bash
			`task build:oci-image`
			```

			`This automatically:`

			- Loads versions from `.env.versions`
			`- Builds the image with correct build arguments`
			- Tags with `latest` and git commit hash

			`To build and test:`

			```bash
			`task test:oci-image`
			```

			`### Automatic version loading`

			Use the helper script to load versions from `.env.versions`:

			```bash
			`source scripts/get-versions.sh`
			```

			`This will show you the Docker build command with the correct versions.`

			`### Manual build`

			```bash
			`docker build --network=host \`
			`--build-arg NODE_VERSION=24.10.0 \`
			`--build-arg GO_VERSION=1.25.1 \`
			`--build-arg HUGO_VERSION=0.151.0 \`
			`-t ipceicis-developerframework:latest .`
			```

			`### Test the image`

			```bash
			`docker run -d -p 8080:80 --name hugo-test ipceicis-developerframework:latest`
			`curl http://localhost:8080`
			`docker stop hugo-test && docker rm hugo-test`
			```

			`## CI/CD Pipeline`

			The GitHub Actions workflow (`.github/workflows/ci.yaml`) automatically:

			`1. Extracts versions from devbox environment`
			`2. Builds multi-arch images (amd64 + arm64)`
			`3. Pushes to the container registry with appropriate tags`

			`### Required Secrets`

			`Configure these secrets in your GitHub repository:`

			- `PACKAGES_USER`: Container registry username
			- `PACKAGES_TOKEN`: Container registry token/password

			`## Image Structure`

			`- Build Stage: Uses Node.js base image, installs Go and Hugo`
			`- Runtime Stage: Uses nginx:alpine to serve static content (~50MB)`

			`The build process:`

			`1. Installs npm dependencies`
			`2. Downloads Hugo modules`
			3. Builds static site with `hugo --gc --minify`
			`4. Copies built site to minimal nginx container`