ci: docker builds

.github/workflows/dev.yml

@@ -0,0 +1,69 @@
+name: Build dev branch
+
+on:
+  push:
+    branches: [ "dev" ]
+  schedule:
+    - cron: '24 9 * * 6'
+  workflow_dispatch:
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+  IMAGE_TAG: ${{ github.sha }}
+
+jobs:
+  security_checks:
+    runs-on: ubuntu-latest
+    name: Security check
+    steps:
+      - uses: actions/checkout@v3
+      - name: Security Checks (PyCharm Security)
+        uses: tonybaloney/pycharm-security@master
+        with:
+          path: .
+
+  build:
+    needs: security_checks
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Checkout Dockerfile
+        id: checkout
+        uses: actions/checkout@v3
+        with:
+          ref: ${{ inputs.branch }}
+
+      - name: Setup QEMU
+        id: qemu
+        uses: docker/setup-qemu-action@v2
+        with:
+          image: tonistiigi/binfmt:latest
+          platforms: all
+
+      - name: Setup Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          flavor: |
+            latest=${{ startsWith(github.ref, 'refs/heads/main') }}
+            suffix=-${{ github.sha }}
+
+      - name: Build Docker image
+        id: build
+        uses: docker/build-push-action@v3
+        with:
+          context: .
+          file: ./Dockerfile
+          platforms: linux/amd64,linux/arm64/v8
+          push: false
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}

.github/workflows/main.yml

@@ -0,0 +1,67 @@
+name: Build and Publish Docker Image
+
+on:
+  push:
+    branches: [main]
+  schedule:
+    - cron: "24 9 * * 6"
+  workflow_dispatch:
+
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
+  IMAGE_TAG: ${{ github.sha }}
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Checkout Dockerfile
+        id: checkout
+        uses: actions/checkout@v3
+
+      - name: Setup QEMU
+        id: qemu
+        uses: docker/setup-qemu-action@v2
+        with:
+          image: tonistiigi/binfmt:latest
+          platforms: all
+
+      - name: Setup Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Login to GitHub Container Registry
+        id: ghcr
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GH_TOKEN }}
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          flavor: |
+            latest=${{ startsWith(github.ref, 'refs/heads/main') }}
+            suffix=-${{ github.sha }}
+
+      - name: Build and push main Docker image
+        id: build
+        uses: docker/build-push-action@v3
+        with:
+          build-args: GH_TOKEN=${{ secrets.GH_TOKEN }}
+          context: .
+          file: ./Dockerfile
+          platforms: linux/amd64,linux/arm64/v8
+          cache-to: type=gha,mode=max,ignore-error=true
+          cache-from: type=gha
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}

.github/workflows/mypy.yml

@@ -26,7 +26,7 @@ jobs:
       - name: Set up Python
         uses: actions/setup-python@v4
         with:
-          python-version: "3.11.3"
+          python-version: "3.11.4"
 
       - name: Install project dependencies
         run: |
@@ -35,9 +35,6 @@ jobs:
           then pip install -r requirements.txt;
           fi
 
-      - name: Install testing tools
-        run: pip install mypy pydantic
-
       - name: Run mypy
         uses: sasanquaneuf/mypy-github-action@main
         with:

.github/workflows/pytest.yml

@@ -26,7 +26,7 @@ jobs:
       - name: Set up Python
         uses: actions/setup-python@v4
         with:
-          python-version: "3.11.3"
+          python-version: "3.11.4"
 
       - name: Install project dependencies
         run: |

.github/workflows/quodana.yml

@@ -23,7 +23,7 @@ jobs:
       - name: Set up Python
         uses: actions/setup-python@v4
         with:
-          python-version: "3.11.3"
+          python-version: "3.11.4"
 
       - name: Install project dependencies
         run: |

Dockerfile

@@ -0,0 +1,14 @@
+FROM python:3.11-slim
+
+ARG GITHUB_TOKEN
+ENV GITHUB_TOKEN $GITHUB_TOKEN
+
+WORKDIR /usr/src/app
+
+COPY . .
+
+RUN apt update && \
+    apt-get install build-essential libffi-dev -y \
+    && pip install --no-cache-dir -r requirements.txt
+
+CMD [ "python3", "-m" , "sanic", "app:app", "--fast", "--access-logs", "--motd", "--noisy-exceptions", "-H", "0.0.0.0"]

app.py

@@ -1,16 +1,39 @@
 # app.py
-
 from sanic import Sanic
+import sanic.response
 from sanic_ext import Config
 
 from api import api
 from config import *
 
+REDIRECTS = {
+    "/": "/docs/swagger",
+}
+
 app = Sanic("ReVanced-API")
 app.extend(config=Config(oas_ignore_head=False))
 app.ext.openapi.describe(
     title=openapi_title,
     version=openapi_version,
     description=openapi_description,
 )
+app.config.CORS_ALWAYS_SEND = True
+app.config.CORS_AUTOMATIC_OPTIONS = True
+app.config.CORS_VARY_HEADER = True
+app.config.CORS_METHODS = ["GET", "HEAD", "OPTIONS"]
+app.config.CORS_SUPPORTS_CREDENTIALS = True
+app.config.CORS_SEND_WILDCARD = True
+app.config.CORS_ORIGINS = "*"
+
 app.blueprint(api)
+
+
+# https://sanic.dev/en/guide/how-to/static-redirects.html
+
+
+def get_static_function(value):
+    return lambda *_, **__: value
+
+
+for src, dest in REDIRECTS.items():
+    app.route(src)(get_static_function(sanic.response.redirect(dest)))