update dockerfiles and github workflows

2026-05-05 22:06:05 +02:00 · 2026-04-27 12:08:03 +02:00
parent 10deecfb35
commit 13954c0fd6
5 changed files with 23 additions and 43 deletions
@@ -25,7 +25,7 @@ jobs:
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
-          lfs: true # WICHTIG: Lädt die echten LFS-Dateien (MaxMind DBs) herunter
+          lfs: true

      - name: Get short SHA
        id: vars
@@ -58,6 +58,8 @@ jobs:
          build-args: |
            GIT_COMMIT_SHA=${{ steps.vars.outputs.sha }}
            SENTRY_DSN=${{ secrets.SENTRY_DSN }}
+          cache-from: type=gha,scope=backend
+          cache-to: type=gha,mode=max,scope=backend

      - name: Tag backend with extra_tag (manifest retag)
        if: ${{ github.event.inputs.extra_tag && github.event.inputs.extra_tag != '' }}
@@ -80,6 +82,8 @@ jobs:
          build-args: |
            GIT_COMMIT_SHA=${{ steps.vars.outputs.sha }}
            SENTRY_DSN=${{ secrets.SENTRY_DSN }}
+          cache-from: type=gha,scope=frontend
+          cache-to: type=gha,mode=max,scope=frontend

      - name: Tag frontend with extra_tag (manifest retag)
        if: ${{ github.event.inputs.extra_tag && github.event.inputs.extra_tag != '' }}
@@ -1,14 +1,13 @@
 name: Update MaxMind GeoLite2 DBs

 on:
-  workflow_dispatch: # Ermöglicht manuelles Starten
+  workflow_dispatch:
  schedule:
    - cron: '0 0 1 * *'

 jobs:
  update-db:
    runs-on: ubuntu-latest
-    # Berechtigung, um Änderungen zurück ins Repo zu pushen
    permissions:
      contents: write

@@ -16,71 +15,46 @@ jobs:
      - name: Checkout repository
        uses: actions/checkout@v4
        with:
-          lfs: true # Wichtig: LFS-Dateien beim Checkout herunterladen
+          lfs: true

-      - name: Download geoipupdate tool
+      - name: Download latest geoipupdate
        run: |
-          # Lade eine spezifische Version oder die neueste herunter
-          GEOIPUPDATE_VERSION="4.11.1"
-          wget "https://github.com/maxmind/geoipupdate/releases/download/v${GEOIPUPDATE_VERSION}/geoipupdate_${GEOIPUPDATE_VERSION}_linux_amd64.tar.gz"
-          tar -zxvf "geoipupdate_${GEOIPUPDATE_VERSION}_linux_amd64.tar.gz"
-          # Verschiebe das Binary in einen bekannten Pfad und mache es ausführbar
+          GEOIPUPDATE_VERSION=$(curl -fsSL https://api.github.com/repos/maxmind/geoipupdate/releases/latest | jq -r '.tag_name | ltrimstr("v")')
+          echo "Installing geoipupdate v${GEOIPUPDATE_VERSION}"
+          wget -q "https://github.com/maxmind/geoipupdate/releases/download/v${GEOIPUPDATE_VERSION}/geoipupdate_${GEOIPUPDATE_VERSION}_linux_amd64.tar.gz"
+          tar -xzf "geoipupdate_${GEOIPUPDATE_VERSION}_linux_amd64.tar.gz"
          sudo mv "geoipupdate_${GEOIPUPDATE_VERSION}_linux_amd64/geoipupdate" /usr/local/bin/
-          sudo chmod +x /usr/local/bin/geoipupdate
-          # Überprüfe die Version
          geoipupdate -V

      - name: Create GeoIP.conf
-        # Erstellt die Konfigurationsdatei für geoipupdate mit den Secrets
        run: |
-          echo "Creating GeoIP.conf..."
          cat << EOF > GeoIP.conf
-          # GeoIP.conf file for geoipupdate
          AccountID ${{ secrets.MAXMIND_ACCOUNT_ID }}
          LicenseKey ${{ secrets.MAXMIND_LICENSE_KEY }}
-
-          # Specify the editions to download
          EditionIDs GeoLite2-ASN GeoLite2-City
          EOF
-          echo "GeoIP.conf created."
        env:
          MAXMIND_ACCOUNT_ID: ${{ secrets.MAXMIND_ACCOUNT_ID }}
          MAXMIND_LICENSE_KEY: ${{ secrets.MAXMIND_LICENSE_KEY }}

      - name: Run geoipupdate
-        run: |
-          echo "Running geoipupdate..."
-          # Lädt die Datenbanken nach ./backend/data herunter
-          geoipupdate -f GeoIP.conf -d ./backend/data -v
-          echo "geoipupdate finished."
+        run: geoipupdate -f GeoIP.conf -d ./backend/data -v

      - name: Configure Git and LFS
        run: |
          git config --global user.name 'github-actions[bot]'
          git config --global user.email 'github-actions[bot]@users.noreply.github.com'
-          # Installiere Git LFS Hooks für diesen Run
          git lfs install

-      - name: Track and Commit changes (LFS)
+      - name: Commit and push updated databases
        run: |
-          # Sage Git, dass .mmdb Dateien mit LFS verwaltet werden sollen
          git lfs track "backend/data/*.mmdb"
-          
-          # Füge .gitattributes (hier steht die LFS-Konfiguration drin) hinzu
-          git add .gitattributes
-          
-          # Füge die eigentlichen Datenbank-Dateien hinzu
-          git add ./backend/data/*.mmdb
-
-          # Prüfe, ob Änderungen zum Committen vorliegen (staged changes)
+          git add .gitattributes ./backend/data/*.mmdb
          if git diff --staged --quiet; then
            echo "No changes detected in MaxMind databases."
          else
-            echo "Changes detected. Committing..."
-            COMMIT_DATE=$(date -u +"%Y-%m-%d")
-            git commit -m "Update MaxMind GeoLite2 databases (LFS) (${COMMIT_DATE})"
+            git commit -m "Update MaxMind GeoLite2 databases (LFS) ($(date -u +%Y-%m-%d))"
            git push
-            echo "Changes pushed via LFS."
          fi
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -14,8 +14,7 @@ COPY package*.json ./

 # Install app dependencies using npm ci for faster, reliable builds
 # --only=production installs only production dependencies (including 'oui')
-RUN npm ci --only=production
-# REMOVED: RUN npm i oui (should be installed by npm ci now)
+RUN npm ci --omit=dev

 # Stage 2: Production Image
 FROM node:24-alpine
@@ -9,6 +9,9 @@
  "keywords": [],
  "author": "",
  "license": "ISC",
+  "engines": {
+    "node": ">=24"
+  },
  "dependencies": {
    "@maxmind/geoip2-node": "^6.0.0",
    "@sentry/node": "^10.42.0",
@@ -2,7 +2,7 @@
 # Aktuell nicht nötig, da wir CDN/statische Dateien haben.

 # Stage 2: Production Environment using Nginx
-FROM nginx:1.25-alpine
+FROM nginx:1.27-alpine

 # Arbeitsverzeichnis im Container (optional, aber gute Praxis)
 WORKDIR /usr/share/nginx/html