Merge branch 'mergeability:master' into master

.dockerignore

@@ -1,4 +1,38 @@
+# Include any files or directories that you don't want to be copied to your
+# container here (e.g., local build artifacts, temporary files, etc.).
+#
+# For more help, visit the .dockerignore file reference guide at
+# https://docs.docker.com/go/build-context-dockerignore/
+
 npm-debug.log
 *.pem
 .env
 coverage
+**/.classpath
+**/.dockerignore
+**/.env
+**/.git
+**/.gitignore
+**/.project
+**/.settings
+**/.toolstarget
+**/.vs
+**/.vscode
+**/.next
+**/.cache
+**/*.*proj.user
+**/*.dbmdl
+**/*.jfm
+**/charts
+**/docker-compose*
+**/compose.y*ml
+**/Dockerfile*
+**/node_modules
+**/npm-debug.log
+**/obj
+**/secrets.dev.yaml
+**/values.dev.yaml
+**/build
+**/dist
+LICENSE
+README.md

.github/workflows/docker.yml

@@ -1,66 +1,113 @@
-name: Docker Release
+name: Docker
 
 on:
   push:
     tags:
-      - '*'
-    branches:
-      - master
+      - "*"
+  workflow_dispatch:
 
-permissions:
-  contents: read
+env:
+  REGISTRY_IMAGE: mergeability/mergeable
 
 jobs:
-  init:
-    permissions:
-      contents: none
-    runs-on: ubuntu-latest
-    outputs:
-      do_docker: ${{ steps.vars.outputs.IS_DOCKERHUB_PUSH }}
-    steps:
-      - name: Initialize workflow variables
-        shell: bash
-        run: |
-          # work-around for inaccessible 'secrets' object for 'if'; see <https://github.community/t5/GitHub-Actions/jobs-lt-job-id-gt-if-does-not-work-with-env-secrets/m-p/38549>)
-          unset IS_DOCKERHUB_PUSH
-          if [ -z "$DOCKERHUB_PUSH" ]; then IS_DOCKERHUB_PUSH='false'; else IS_DOCKERHUB_PUSH='true' ; fi
-          echo set-output name=IS_DOCKERHUB_PUSH::${IS_DOCKERHUB_PUSH}
-          echo ::set-output name=IS_DOCKERHUB_PUSH::${IS_DOCKERHUB_PUSH}
-        env:
-          DOCKERHUB_PUSH: ${{ secrets.DOCKERHUB_PUSH }}
   build:
-    name: Build and push Docker image
     runs-on: ubuntu-latest
-    needs: [init]
-    if: ${{ needs.init.outputs.do_docker == 'true' }}
+    strategy:
+      fail-fast: false
+      matrix:
+        platform:
+          - linux/amd64
+          # Failing to build 
+          # - linux/arm/v6
+          - linux/arm/v7
+          - linux/arm64
     steps:
+      - name: Prepare
+        run: |
+          platform=${{ matrix.platform }}
+          echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
+      
       - name: Checkout
-        uses: actions/checkout@v2
-
+        uses: actions/checkout@v4
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY_IMAGE }}
+
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
-
-      - name: Login to DockerHub
-        uses: docker/login-action@v1
+        uses: docker/setup-buildx-action@v3
+      
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_PASSWORD }}
-
-      - name: Build and push latest
-        uses: docker/build-push-action@v2
-        if: github.ref == 'refs/heads/master'
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      
+      - name: Build and push by digest
+        id: build
+        uses: docker/build-push-action@v5
         with:
-          push: true
-          tags: ${{ secrets.DOCKERHUB_REPO }}:latest
-
-      - name: Set version variable
-        id: version
-        if: startsWith(github.ref, 'refs/tags/')
-        run: echo ::set-output name=TAG::${GITHUB_REF#refs/tags/}
+          context: .
+          platforms: ${{ matrix.platform }}
+          labels: ${{ steps.meta.outputs.labels }}
+          outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true
+          cache-from: type=gha,scope=build-${{ matrix.platform }}
+          cache-to: type=gha,mode=max,scope=build-${{ matrix.platform }}
+
+      - name: Export digest
+        run: |
+          mkdir -p /tmp/digests
+          digest="${{ steps.build.outputs.digest }}"
+          touch "/tmp/digests/${digest#sha256:}"
+      
+      - name: Upload digest
+        uses: actions/upload-artifact@v4
+        with:
+          name: digests-${{ env.PLATFORM_PAIR }}
+          path: /tmp/digests/*
+          if-no-files-found: error
+          retention-days: 1
 
-      - name: Build and push tag
-        uses: docker/build-push-action@v2
-        if: startsWith(github.ref, 'refs/tags/')
+  merge:
+    runs-on: ubuntu-latest
+    needs:
+      - build
+    steps:
+      - name: Download digests
+        uses: actions/download-artifact@v4
+        with:
+          path: /tmp/digests
+          pattern: digests-*
+          merge-multiple: true
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v5
         with:
-          push: true
-          tags: ${{ secrets.DOCKERHUB_REPO }}:${{ steps.version.outputs.TAG }}
+          images: ${{ env.REGISTRY_IMAGE }}
+          tags: |
+            # minimal
+            type=semver,pattern={{version}}
+            # set latest tag for default branch
+            type=raw,value=latest,enable={{is_default_branch}}
+      
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Create manifest list and push
+        working-directory: /tmp/digests
+        run: |
+          docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
+            $(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *)
+      
+      - name: Inspect image
+        run: |
+          docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }}

Dockerfile

@@ -1,13 +1,38 @@
-FROM node:16
+# syntax=docker/dockerfile:1
 
-WORKDIR /app
+# Comments are provided throughout this file to help you get started.
+# If you need more help, visit the Dockerfile reference guide at
+# https://docs.docker.com/go/dockerfile-reference/
 
-COPY package*.json ./
-RUN npm ci --only=production
+# Want to help us make this template better? Share your feedback here: https://forms.gle/ybq9Krt8jtBL3iCk7
 
+ARG NODE_VERSION=18
+
+FROM node:${NODE_VERSION}-alpine
+
+# Use production node environment by default.
+ENV NODE_ENV production
+
+
+WORKDIR /usr/src/app
+
+# Download dependencies as a separate step to take advantage of Docker's caching.
+# Leverage a cache mount to /root/.npm to speed up subsequent builds.
+# Leverage a bind mounts to package.json and package-lock.json to avoid having to copy them into
+# into this layer.
+RUN --mount=type=bind,source=package.json,target=package.json \
+    --mount=type=bind,source=package-lock.json,target=package-lock.json \
+    --mount=type=cache,target=/root/.npm \
+    npm ci --omit=dev
+
+# Run the application as a non-root user.
+USER node
+
+# Copy the rest of the source files into the image.
 COPY . .
 
-ENV PORT=${PORT:-3000}
-USER 1000:1000
+# Expose the port that the application listens on.
+EXPOSE 3000
 
-CMD ./node_modules/probot/bin/probot.js run --port $PORT ./index.js
+# Run the application.
+CMD npm start

README.md

@@ -25,6 +25,7 @@ Some examples of what you can do:
 - Ensure pull requests follow conventions and [prevent merging][comment-if-guidelines-not-met] when it is not followed.
 - [Notify author of failed guidelines][comment] when opening an issue.
 - Schedule [detection for obsolete (stale) issues and pull requests][staleness] and notify author and collaborators.
+- [Auto-merge][automerge] pull requests once all checks pass.
 - And [more][configuration]
 
 ---
@@ -45,7 +46,7 @@ We need your help:
 - Have an **💡idea** for a **new feature**? Please [create a new issue](https://github.com/mergeability/mergeable/issues) and tell us!
 - **Fix a bug**, implement a new **validator** or **action** and [open a pull request](CONTRIBUTING.md)!
 
-> ☝️ **NOTE:** For development and testing. You'll want to [read about how to run it locally](deploy.md#running-locally).
+> ☝️ **NOTE:** For development and testing. You'll want to [read about how to run it locally][run-locally].
 
 
 # Authors
@@ -58,4 +59,6 @@ AGPL, Copyright (c) 2019 [Justin Law](https://github.com/jusx) & [Shine Lee](htt
 [comment-if-guidelines-not-met]: https://mergeable.readthedocs.io/en/latest/recipes.html#comment-if-guidelines-not-met
 [comment]: https://mergeable.readthedocs.io/en/latest/actions/comment.html
 [staleness]: https://mergeable.readthedocs.io/en/latest/recipes.html#check-stale-pr-and-issues
+[automerge]: https://mergeable.readthedocs.io/en/latest/recipes.html#auto-merge-pull-requests-once-all-checks-pass
 [configuration]: https://mergeable.readthedocs.io/en/latest/configuration.html
+[run-locally]: https://mergeable.readthedocs.io/en/latest/deployment.html#running-locally

compose.yaml

@@ -0,0 +1,51 @@
+# Comments are provided throughout this file to help you get started.
+# If you need more help, visit the Docker Compose reference guide at
+# https://docs.docker.com/go/compose-spec-reference/
+
+# Here the instructions define your application as a service called "server".
+# This service is built from the Dockerfile in the current directory.
+# You can add other services your application may depend on here, such as a
+# database or a cache. For examples, see the Awesome Compose repository:
+# https://github.com/docker/awesome-compose
+services:
+  server:
+    build:
+      context: .
+    environment:
+      NODE_ENV: production
+    ports:
+      - 3000:3000
+
+# The commented out section below is an example of how to define a PostgreSQL
+# database that your application can use. `depends_on` tells Docker Compose to
+# start the database before your application. The `db-data` volume persists the
+# database data between container restarts. The `db-password` secret is used
+# to set the database password. You must create `db/password.txt` and add
+# a password of your choosing to it before running `docker-compose up`.
+#     depends_on:
+#       db:
+#         condition: service_healthy
+#   db:
+#     image: postgres
+#     restart: always
+#     user: postgres
+#     secrets:
+#       - db-password
+#     volumes:
+#       - db-data:/var/lib/postgresql/data
+#     environment:
+#       - POSTGRES_DB=example
+#       - POSTGRES_PASSWORD_FILE=/run/secrets/db-password
+#     expose:
+#       - 5432
+#     healthcheck:
+#       test: [ "CMD", "pg_isready" ]
+#       interval: 10s
+#       timeout: 5s
+#       retries: 5
+# volumes:
+#   db-data:
+# secrets:
+#   db-password:
+#     file: db/password.txt
+