Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
39 changes: 39 additions & 0 deletions .github/workflows/check.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
name: Check
on:
push:
branches:
- "main"
pull_request:
branches: [main]

jobs:
check:
name: 🔍 Check
runs-on: ubuntu-latest
timeout-minutes: 15
env:
TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }}
TURBO_TEAM: ${{ secrets.TURBO_TEAM }}
steps:
- name: ⬇️ Checkout repo
uses: actions/checkout@v6

- name: Set up pnpm
uses: pnpm/action-setup@v6

- name: ⎔ Setup node
uses: actions/setup-node@v6
with:
node-version: 24
cache: "pnpm"

- name: 🦕 Setup Deno
uses: denoland/setup-deno@v2
with:
deno-version: v2.x

- name: 📥 Download deps
run: pnpm install

- name: 🔍 Check
run: pnpm check

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions job or workflow does not limit the permissions of the GITHUB_TOKEN. Consider setting an explicit permissions block, using the following as a minimal starting point: {contents: read}
Comment on lines +11 to +39
6 changes: 3 additions & 3 deletions .github/workflows/dx.yml
Original file line number Diff line number Diff line change
Expand Up @@ -41,10 +41,10 @@ jobs:
- name: 📥 Download deps
run: pnpm install

- name: 🔥 Install bun
uses: oven-sh/setup-bun@v2
- name: 🦕 Setup Deno
uses: denoland/setup-deno@v2
with:
bun-version: latest
deno-version: v2.x

- name: 🔥 DX task
run: pnpm dx
8 changes: 4 additions & 4 deletions .github/workflows/test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -30,18 +30,18 @@ jobs:
uses: actions/checkout@v6

- name: Set up pnpm
uses: pnpm/action-setup@v4
uses: pnpm/action-setup@v6

- name: ⎔ Setup node
uses: actions/setup-node@v6
with:
node-version: 24
cache: "pnpm"

- name: 🔥 Install bun
uses: oven-sh/setup-bun@v2
- name: 🦕 Setup Deno
uses: denoland/setup-deno@v2
with:
bun-version: latest
deno-version: v2.x

- name: 📥 Download deps
run: pnpm install
Expand Down
3 changes: 1 addition & 2 deletions apps/dashboard/env.ts
Original file line number Diff line number Diff line change
@@ -1,2 +1 @@
const file = Bun.file("./.env.example");
await Bun.write("./.env", file);
await Deno.copyFile("./.env.example", "./.env");
1 change: 1 addition & 0 deletions apps/screenshot-service/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@
"name": "@openstatus/screenshot-service",
"version": "0.0.1",
"scripts": {
"check": "deno check --sloppy-imports .",
"dev": "bun run --hot src/index.ts",
"start": "NODE_ENV=production bun run src/index.ts"
},
Expand Down
4 changes: 4 additions & 0 deletions apps/server/.gitignore
Original file line number Diff line number Diff line change
@@ -1 +1,5 @@
node_modules
app
src/_serve.bundle.mjs
.deno_compile_bundle_*.mjs
app.tmp-*
30 changes: 13 additions & 17 deletions apps/server/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -3,9 +3,9 @@
# See https://github.com/lenra-io/dofigen

# install
FROM node@sha256:242549cd46785b480c832479a730f4f2a20865d61ea2e404fdb2a5c3d3b73ecf AS install
FROM node@sha256:b31e7a42fdf8b8aa5f5ed477c72d694301273f1069c5a2f71d53c6482e99a2fc AS install
LABEL \
org.opencontainers.image.base.digest="sha256:242549cd46785b480c832479a730f4f2a20865d61ea2e404fdb2a5c3d3b73ecf" \
org.opencontainers.image.base.digest="sha256:b31e7a42fdf8b8aa5f5ed477c72d694301273f1069c5a2f71d53c6482e99a2fc" \
org.opencontainers.image.base.name="docker.io/node:24-slim" \
org.opencontainers.image.stage="install"
WORKDIR /app/
Expand Down Expand Up @@ -48,14 +48,14 @@ RUN \
--mount=type=cache,target=/root/.local/share/pnpm/store,sharing=locked \
<<EOF
corepack enable pnpm
pnpm install --prod --frozen-lockfile --verbose
pnpm install --prod --frozen-lockfile --filter=@openstatus/server... --verbose
EOF

# build
FROM oven/bun@sha256:0733e50325078969732ebe3b15ce4c4be5082f18c4ac1a0f0ca4839c2e4e42a7 AS build
FROM denoland/deno@sha256:8d24854de78a79c56e74b49aa4c5996c60e1fe3730efba8fbdd2692c582e6e29 AS build
LABEL \
org.opencontainers.image.base.digest="sha256:0733e50325078969732ebe3b15ce4c4be5082f18c4ac1a0f0ca4839c2e4e42a7" \
org.opencontainers.image.base.name="docker.io/oven/bun:1.3.11" \
org.opencontainers.image.base.digest="sha256:8d24854de78a79c56e74b49aa4c5996c60e1fe3730efba8fbdd2692c582e6e29" \
org.opencontainers.image.base.name="docker.io/denoland/deno:2.9.0" \
org.opencontainers.image.stage="build"
ENV NODE_ENV="production"
WORKDIR /app/apps/server
Expand All @@ -74,15 +74,17 @@ COPY \
--from=install \
--link \
"/app/packages" "/app/packages"
RUN bun build --compile --sourcemap src/index.ts --outfile=app
RUN <<EOF
deno bundle --platform=deno --minify --sloppy-imports --node-modules-dir=manual --output src/_serve.bundle.mjs src/serve.ts
deno compile --no-check -A --node-modules-dir=none --include static/openapi.yaml --include static/openapi-v1.json --output app src/_serve.bundle.mjs
EOF

# runtime
FROM debian@sha256:cd1bc32f233a49f1b82149c9edb8ef34fb1e6c45f37211445c51a97603468604 AS runtime
FROM registry.access.redhat.com/hi/curl@sha256:848b81ab5d5e55371d7193fd4f1ea7b605d14dbb039344ffad34a4c1f0d880f4 AS runtime
LABEL \
io.dofigen.version="2.8.0" \
org.opencontainers.image.authors="OpenStatus Team" \
org.opencontainers.image.base.digest="sha256:cd1bc32f233a49f1b82149c9edb8ef34fb1e6c45f37211445c51a97603468604" \
org.opencontainers.image.base.name="docker.io/debian:bullseye-slim" \
org.opencontainers.image.base.digest="sha256:848b81ab5d5e55371d7193fd4f1ea7b605d14dbb039344ffad34a4c1f0d880f4" \
org.opencontainers.image.description="REST API server with Hono framework for OpenStatus" \
org.opencontainers.image.source="https://github.com/openstatusHQ/openstatus" \
org.opencontainers.image.title="OpenStatus Server" \
Expand All @@ -93,18 +95,12 @@ COPY \
--chmod=555 \
--link \
"/app/apps/server/app" "/bin/"
USER 0:0
RUN <<EOF
apt-get update
apt-get install -y --no-install-recommends curl
rm -rf /var/lib/apt/lists/*
EOF
USER 1000:1000
EXPOSE 3000
HEALTHCHECK \
--interval=30s \
--timeout=10s \
--start-period=30s \
--retries=3 \
CMD curl -f http://localhost:3000/ping || exit 1
CMD ["curl", "-f", "http://localhost:3000/ping"]
ENTRYPOINT ["/bin/app"]
2 changes: 0 additions & 2 deletions apps/server/bunfig.toml

This file was deleted.

6 changes: 6 additions & 0 deletions apps/server/deno.jsonc
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
/* Needed to fix the import aliases */
{
"imports": {
"@/": "./src/",
},
}
2 changes: 2 additions & 0 deletions apps/server/docker-compose.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,3 +8,5 @@ services:
- 3000:3000
image: server
command: .
env_file:
- ../../.env.docker
126 changes: 59 additions & 67 deletions apps/server/dofigen.lock
Original file line number Diff line number Diff line change
Expand Up @@ -10,47 +10,18 @@ effective: |
- /packages/api
- /packages/integrations/vercel
builders:
build:
fromImage:
path: oven/bun
digest: sha256:0733e50325078969732ebe3b15ce4c4be5082f18c4ac1a0f0ca4839c2e4e42a7
label:
org.opencontainers.image.stage: build
org.opencontainers.image.base.name: docker.io/oven/bun:1.3.11
org.opencontainers.image.base.digest: sha256:0733e50325078969732ebe3b15ce4c4be5082f18c4ac1a0f0ca4839c2e4e42a7
workdir: /app/apps/server
env:
NODE_ENV: production
copy:
- paths:
- .
target: /app/
- fromBuilder: install
paths:
- /app/node_modules
target: /app/node_modules
- fromBuilder: install
paths:
- /app/apps/server/node_modules
target: /app/apps/server/node_modules
- fromBuilder: install
paths:
- /app/packages
target: /app/packages
run:
- bun build --compile --sourcemap src/index.ts --outfile=app
install:
fromImage:
path: node
digest: sha256:242549cd46785b480c832479a730f4f2a20865d61ea2e404fdb2a5c3d3b73ecf
digest: sha256:b31e7a42fdf8b8aa5f5ed477c72d694301273f1069c5a2f71d53c6482e99a2fc
label:
org.opencontainers.image.base.name: docker.io/node:24-slim
org.opencontainers.image.base.digest: sha256:242549cd46785b480c832479a730f4f2a20865d61ea2e404fdb2a5c3d3b73ecf
org.opencontainers.image.stage: install
org.opencontainers.image.base.digest: sha256:b31e7a42fdf8b8aa5f5ed477c72d694301273f1069c5a2f71d53c6482e99a2fc
workdir: /app/
run:
- corepack enable pnpm
- pnpm install --prod --frozen-lockfile --verbose
- pnpm install --prod --frozen-lockfile --filter=@openstatus/server... --verbose
cache:
- target: /root/.local/share/pnpm/store
bind:
Expand Down Expand Up @@ -124,18 +95,49 @@ effective: |
source: packages/services/package.json
- target: packages/importers/package.json
source: packages/importers/package.json
build:
fromImage:
path: denoland/deno
digest: sha256:8d24854de78a79c56e74b49aa4c5996c60e1fe3730efba8fbdd2692c582e6e29
label:
org.opencontainers.image.base.name: docker.io/denoland/deno:2.9.0
org.opencontainers.image.base.digest: sha256:8d24854de78a79c56e74b49aa4c5996c60e1fe3730efba8fbdd2692c582e6e29
org.opencontainers.image.stage: build
workdir: /app/apps/server
env:
NODE_ENV: production
copy:
- paths:
- .
target: /app/
- fromBuilder: install
paths:
- /app/node_modules
target: /app/node_modules
- fromBuilder: install
paths:
- /app/apps/server/node_modules
target: /app/apps/server/node_modules
- fromBuilder: install
paths:
- /app/packages
target: /app/packages
run:
- deno bundle --platform=deno --minify --sloppy-imports --node-modules-dir=manual --output src/_serve.bundle.mjs src/serve.ts
- deno compile --no-check -A --node-modules-dir=none --include static/openapi.yaml --include static/openapi-v1.json --output app src/_serve.bundle.mjs
fromImage:
path: debian
digest: sha256:cd1bc32f233a49f1b82149c9edb8ef34fb1e6c45f37211445c51a97603468604
host: registry.access.redhat.com
port: 443
path: hi/curl
digest: sha256:848b81ab5d5e55371d7193fd4f1ea7b605d14dbb039344ffad34a4c1f0d880f4
label:
io.dofigen.version: 2.8.0
org.opencontainers.image.authors: OpenStatus Team
org.opencontainers.image.base.digest: sha256:848b81ab5d5e55371d7193fd4f1ea7b605d14dbb039344ffad34a4c1f0d880f4
io.dofigen.version: 2.8.0
org.opencontainers.image.source: https://github.com/openstatusHQ/openstatus
org.opencontainers.image.title: OpenStatus Server
org.opencontainers.image.base.digest: sha256:cd1bc32f233a49f1b82149c9edb8ef34fb1e6c45f37211445c51a97603468604
org.opencontainers.image.vendor: OpenStatus
org.opencontainers.image.description: REST API server with Hono framework for OpenStatus
org.opencontainers.image.base.name: docker.io/debian:bullseye-slim
user:
user: '1000'
group: '1000'
Expand All @@ -145,37 +147,29 @@ effective: |
- /app/apps/server/app
target: /bin/
chmod: '555'
root:
run:
- apt-get update
- apt-get install -y --no-install-recommends curl
- rm -rf /var/lib/apt/lists/*
entrypoint:
- /bin/app
expose:
- port: 3000
healthcheck:
cmd: curl -f http://localhost:3000/ping || exit 1
cmd: '["curl", "-f", "http://localhost:3000/ping"]'
interval: 30s
timeout: 10s
start: 30s
retries: 3
images:
docker.io:
oven:
bun:
1.3.11:
digest: sha256:0733e50325078969732ebe3b15ce4c4be5082f18c4ac1a0f0ca4839c2e4e42a7
library:
node:
24-slim:
digest: sha256:242549cd46785b480c832479a730f4f2a20865d61ea2e404fdb2a5c3d3b73ecf
debian:
bullseye-slim:
digest: sha256:cd1bc32f233a49f1b82149c9edb8ef34fb1e6c45f37211445c51a97603468604
digest: sha256:b31e7a42fdf8b8aa5f5ed477c72d694301273f1069c5a2f71d53c6482e99a2fc
denoland:
deno:
2.9.0:
digest: sha256:8d24854de78a79c56e74b49aa4c5996c60e1fe3730efba8fbdd2692c582e6e29
resources:
dofigen.yml:
hash: 4ad3de79c65a09ba1ba428b29a15ab9131c66e271eb7c4376b4fdcc825ebd770
hash: f9fb4559e02833a2518fbd89165716c9584bd11d24e8a6103a98a959b5a6ae0c
content: |
# Files to exclude from Docker context
ignore:
Expand Down Expand Up @@ -234,13 +228,13 @@ resources:
- packages/importers/package.json
run:
- corepack enable pnpm
- pnpm install --prod --frozen-lockfile --verbose
- pnpm install --prod --frozen-lockfile --filter=@openstatus/server... --verbose
cache:
- /root/.local/share/pnpm/store

# Stage 2: Build application (compile to binary)
# Stage 2: Build application (compile to binary with Deno)
build:
fromImage: oven/bun:1.3.11
fromImage: denoland/deno:2.9.0
workdir: /app/apps/server
labels:
org.opencontainers.image.stage: build
Expand All @@ -257,10 +251,15 @@ resources:
- fromBuilder: install
source: /app/packages
target: /app/packages
run: bun build --compile --sourcemap src/index.ts --outfile=app
# 1) bundle to a self-contained mjs; manual node_modules resolves pnpm catalog: + workspace deps, sloppy-imports the extensionless relative imports.
# 2) compile the bundle with node-modules-dir=none so node_modules is NOT embedded — keeps the binary ~110MB instead of ~390MB.
run:
- deno bundle --platform=deno --minify --sloppy-imports --node-modules-dir=manual --output src/_serve.bundle.mjs src/serve.ts
- deno compile --no-check -A --node-modules-dir=none --include static/openapi.yaml --include static/openapi-v1.json --output app src/_serve.bundle.mjs

# Runtime stage
fromImage: debian:bullseye-slim
# Runtime stage: distroless glibc base that already ships curl (for the healthcheck).
# Pinned to the multi-arch index digest of hi/curl:latest — dofigen mis-resolves this registry's tag to an unpullable digest.
fromImage: registry.access.redhat.com/hi/curl@sha256:848b81ab5d5e55371d7193fd4f1ea7b605d14dbb039344ffad34a4c1f0d880f4

# Metadata labels
labels:
Expand All @@ -277,26 +276,19 @@ resources:
target: /bin/
chmod: "555"

# Install curl for health checks
root:
run:
- apt-get update
- apt-get install -y --no-install-recommends curl
- rm -rf /var/lib/apt/lists/*

# Security: run as non-root user
user: "1000:1000"

# Expose port
expose: "3000"

# Health check
# Health check — exec form (JSON array) because the base has no shell for CMD-SHELL
healthcheck:
interval: 30s
timeout: 10s
start: 30s
retries: 3
cmd: curl -f http://localhost:3000/ping || exit 1
cmd: '["curl", "-f", "http://localhost:3000/ping"]'

# Start application
entrypoint: /bin/app
Loading
Loading