Add FE code to Docker image

.github/workflows/image-build.yml

@@ -20,6 +20,10 @@ jobs:
         uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3
+      - name: Fetch latest FE commit SHA
+        id: fetch_commit_fe_sha
+        run: |
+          echo "LATEST_COMMIT_SHA=$(curl -LSsk 'https://api.github.com/repos/stacklok/codegate-ui/commits?per_page=1' -H 'Authorization: Bearer ${{ secrets.GH_CI_TOKEN }}' | jq -r '.[0].sha')" >> $GITHUB_ENV
       - name: Test build on x86
         id: docker_build
         uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v5
@@ -30,4 +34,8 @@ jobs:
           push: false # Only attempt to build, to verify the Dockerfile is working
           load: true
           cache-from: type=gha
-          cache-to: type=gha,mode=max
+          cache-to: type=gha,mode=max
+          secrets: |
+            gh_token=${{ secrets.GH_CI_TOKEN }}
+          build-args: |
+            LATEST_COMMIT_SHA=${{ env.LATEST_COMMIT_SHA }}

.github/workflows/image-publish.yml

@@ -61,6 +61,10 @@ jobs:
           name_is_regexp: true
           skip_unpack: false
           if_no_artifact_found: ignore
+      - name: Fetch latest FE commit SHA
+        id: fetch_commit_fe_sha
+        run: |
+          echo "LATEST_COMMIT_SHA=$(curl -LSsk 'https://api.github.com/repos/stacklok/codegate-ui/commits?per_page=1' -H 'Authorization: Bearer ${{ secrets.GH_CI_TOKEN }}' | jq -r '.[0].sha')" >> $GITHUB_ENV
       - name: Rename to accomodate to image
         run: mv ./backup_weaviate ./weaviate_backup
       - name: Build image
@@ -76,3 +80,7 @@ jobs:
           labels: ${{ steps.docker-metadata.outputs.labels }}
           cache-from: type=gha
           cache-to: type=gha,mode=max
+          secrets: |
+            gh_token=${{ secrets.GH_CI_TOKEN }}
+          build-args: |
+            LATEST_COMMIT_SHA=${{ env.LATEST_COMMIT_SHA }}

Dockerfile

@@ -21,23 +21,74 @@ RUN poetry config virtualenvs.create false && \
 # Copy the rest of the application
 COPY . /app
 
+# Build the webapp
+FROM node:20.18-slim AS webbuilder
+
+# Install curl for downloading the webapp from GH and unzip to extract it
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    curl \
+    unzip\
+    ca-certificates
+
+WORKDIR /usr/src/
+
+# Get the latest commit sha as a build arg
+# This is needed otherwise Docker will cache the git clone step. With this workaround
+# we can force Docker to re-run the git clone step if the latest commit sha changes.
+# --build-arg LATEST_COMMIT_SHA=$(curl \
+#     -LSsk "https://api.github.com/repos/stacklok/codegate-ui/commits?per_page=1" \
+#     -H "Authorization: Bearer $GH_CI_TOKEN" | jq -r '.[0].sha')
+ARG LATEST_COMMIT_SHA=LATEST
+RUN echo "Latest FE commit: $LATEST_COMMIT_SHA"
+# Download the webapp from GH
+# -L to follow redirects
+RUN --mount=type=secret,id=gh_token \
+    LATEST_COMMIT_SHA=${LATEST_COMMIT_SHA} \
+    curl -L -o main.zip "https://api.github.com/repos/stacklok/codegate-ui/zipball/main" \
+    -H "Authorization: Bearer $(cat /run/secrets/gh_token)"
+
+# Extract the downloaded zip file
+RUN unzip main.zip
+RUN rm main.zip
+# Rename the extracted folder
+RUN mv *codegate-ui* webapp
+
+WORKDIR /usr/src/webapp
+
+# Install the webapp dependencies and build it
+RUN npm install
+RUN npm run build
+
 # Runtime stage: Create the final lightweight image
 FROM python:3.12-slim AS runtime
 
 # Install runtime system dependencies
 RUN apt-get update && apt-get install -y --no-install-recommends \
     libgomp1 \
+    nginx \
     && rm -rf /var/lib/apt/lists/*
 
-# Create a non-root user and switch to it
+# Create a non-root user
 RUN useradd -m -u 1000 -r codegate 
+
+# Set permissions for user codegate to run nginx
+RUN chown -R codegate /var/lib/nginx && \
+    chown -R codegate /var/log/nginx && \
+    chown -R codegate /run
+
+# Switch to codegate user
 USER codegate
 WORKDIR /app
 
 # Copy necessary artifacts from the builder stage
 COPY --from=builder /usr/local/lib/python3.12/site-packages /usr/local/lib/python3.12/site-packages
 COPY --from=builder /app /app
 
+# Copy necessary artifacts from the webbuilder stage
+COPY --from=webbuilder /usr/src/webapp/dist /var/www/html
+# Expose nginx
+EXPOSE 80
+
 # Set the PYTHONPATH environment variable
 ENV PYTHONPATH=/app/src
 

scripts/entrypoint.sh

@@ -9,6 +9,10 @@ else
     echo "No backup found at $1/$2. Skipping restore."
 fi
 
-# Step 2: Start the main application (serve)
+# Step 2: Start the Nginx server with FE
+echo "Starting the dashboard.. "
+exec nginx -g 'daemon off;' & 
+
+# Step 3: Start the main application (serve)
 echo "Starting the application..."
-exec python -m src.codegate.cli serve --port 8989 --host 0.0.0.0
+exec python -m src.codegate.cli serve --port 8989 --host 0.0.0.0 --vllm-url https://inference.codegate.ai