From 83dda81f7b32d51c80abc0f6e6d6bf5058bac45e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mat=C3=A9o=20M=C3=A9vollon?=
 <38255502+matmut7@users.noreply.github.com>
Date: Wed, 27 Nov 2024 17:26:57 +0100
Subject: [PATCH] chore: setup CD (#1)

---
 .github/workflows/cd.yml | 31 +++++++++++++++++++++++++++++++
 Dockerfile               | 11 +++++++----
 2 files changed, 38 insertions(+), 4 deletions(-)
 create mode 100644 .github/workflows/cd.yml

diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml
new file mode 100644
index 00000000..c12d0806
--- /dev/null
+++ b/.github/workflows/cd.yml
@@ -0,0 +1,31 @@
+name: 📦 CD
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    name: Build and push Docker image
+    steps:
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Inject enhanced GitHub environment variables
+        uses: rlespinasse/github-slug-action@v5
+      - name: Login to GHCR
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ github.token }}
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          push: true
+          tags: |
+            ghcr.io/${{ env.GITHUB_REPOSITORY_OWNER_PART_SLUG }}/sites-faciles:${{ env.GITHUB_REF_SLUG }}
+            latest
+          cache-from: type=registry,ref=ghcr.io/${{ env.GITHUB_REPOSITORY_OWNER_PART_SLUG }}/sites-faciles:${{ env.GITHUB_REF_SLUG }}
+          cache-to: type=inline
diff --git a/Dockerfile b/Dockerfile
index d36ecc35..728f75bd 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -13,15 +13,18 @@ ENV POETRY_HOME=/opt/poetry
 ENV POETRY_VENV=/opt/poetry-venv
 ENV POETRY_CACHE_DIR=/opt/.cache
 
+# Needed for docker build to succeed
+ENV DATABASE_URL=postgres://user:password@localhost:5432/db
+
 # Add new user to run the whole thing as non-root.
 RUN set -ex \
-    && addgroup app \
-    && adduser --ingroup app --home ${APP_DIR} --disabled-password app;
+  && addgroup --gid 1000 app \
+  && adduser --uid 1000 --gid 1000 --home ${APP_DIR} --disabled-password app;
 
 # Install poetry separated from system interpreter
 RUN python3 -m venv ${POETRY_VENV} \
-    && ${POETRY_VENV}/bin/pip install -U pip setuptools \
-    && ${POETRY_VENV}/bin/pip install poetry==${POETRY_VERSION}
+  && ${POETRY_VENV}/bin/pip install -U pip setuptools \
+  && ${POETRY_VENV}/bin/pip install poetry==${POETRY_VERSION}
 
 # Add `poetry` to PATH
 ENV PATH="${PATH}:${POETRY_VENV}/bin"