docker

.github/workflows/docker-build.yml

@@ -0,0 +1,163 @@
+name: Build and Publish Docker Images
+
+on:
+  push:
+    branches: [ main, develop ]
+    tags: [ 'v*' ]
+  pull_request:
+    branches: [ main ]
+
+env:
+  REGISTRY: docker.io
+  IMAGE_NAME_DISCORD_BOT: uptime-kuma-discord-bot
+  IMAGE_NAME_WEB_BACKEND: uptime-kuma-web-backend
+
+jobs:
+  build-and-push:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v3
+
+    - name: Log in to Docker Hub
+      if: github.event_name != 'pull_request'
+      uses: docker/login-action@v3
+      with:
+        registry: ${{ env.REGISTRY }}
+        username: ${{ secrets.DOCKER_USERNAME }}
+        password: ${{ secrets.DOCKER_PASSWORD }}
+
+    - name: Extract metadata for Discord Bot
+      id: meta-discord-bot
+      uses: docker/metadata-action@v5
+      with:
+        images: ${{ env.REGISTRY }}/${{ secrets.DOCKER_USERNAME }}/${{ env.IMAGE_NAME_DISCORD_BOT }}
+        tags: |
+          type=ref,event=branch
+          type=ref,event=pr
+          type=semver,pattern={{version}}
+          type=semver,pattern={{major}}.{{minor}}
+          type=semver,pattern={{major}}
+          type=raw,value=latest,enable={{is_default_branch}}
+
+    - name: Extract metadata for Web Backend
+      id: meta-web-backend
+      uses: docker/metadata-action@v5
+      with:
+        images: ${{ env.REGISTRY }}/${{ secrets.DOCKER_USERNAME }}/${{ env.IMAGE_NAME_WEB_BACKEND }}
+        tags: |
+          type=ref,event=branch
+          type=ref,event=pr
+          type=semver,pattern={{version}}
+          type=semver,pattern={{major}}.{{minor}}
+          type=semver,pattern={{major}}
+          type=raw,value=latest,enable={{is_default_branch}}
+
+    - name: Build and push Discord Bot image
+      uses: docker/build-push-action@v5
+      with:
+        context: ./Bot
+        file: ./Bot/Dockerfile
+        push: ${{ github.event_name != 'pull_request' }}
+        tags: ${{ steps.meta-discord-bot.outputs.tags }}
+        labels: ${{ steps.meta-discord-bot.outputs.labels }}
+        platforms: linux/amd64,linux/arm64
+        cache-from: type=gha
+        cache-to: type=gha,mode=max
+
+    - name: Build and push Web Backend image
+      uses: docker/build-push-action@v5
+      with:
+        context: ./Web
+        file: ./Web/Dockerfile
+        push: ${{ github.event_name != 'pull_request' }}
+        tags: ${{ steps.meta-web-backend.outputs.tags }}
+        labels: ${{ steps.meta-web-backend.outputs.labels }}
+        platforms: linux/amd64,linux/arm64
+        cache-from: type=gha
+        cache-to: type=gha,mode=max
+
+    - name: Generate SBOM for Discord Bot
+      if: github.event_name != 'pull_request'
+      uses: anchore/sbom-action@v0
+      with:
+        image: ${{ env.REGISTRY }}/${{ secrets.DOCKER_USERNAME }}/${{ env.IMAGE_NAME_DISCORD_BOT }}:${{ steps.meta-discord-bot.outputs.version }}
+        format: spdx-json
+        output-file: discord-bot-sbom.spdx.json
+
+    - name: Generate SBOM for Web Backend
+      if: github.event_name != 'pull_request'
+      uses: anchore/sbom-action@v0
+      with:
+        image: ${{ env.REGISTRY }}/${{ secrets.DOCKER_USERNAME }}/${{ env.IMAGE_NAME_WEB_BACKEND }}:${{ steps.meta-web-backend.outputs.version }}
+        format: spdx-json
+        output-file: web-backend-sbom.spdx.json
+
+    - name: Upload SBOM artifacts
+      if: github.event_name != 'pull_request'
+      uses: actions/upload-artifact@v4
+      with:
+        name: sbom-artifacts
+        path: |
+          discord-bot-sbom.spdx.json
+          web-backend-sbom.spdx.json
+        retention-days: 30
+
+  security-scan:
+    runs-on: ubuntu-latest
+    needs: build-and-push
+    if: github.event_name != 'pull_request'
+    permissions:
+      contents: read
+      security-events: write
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Run Trivy vulnerability scanner for Discord Bot
+      uses: aquasecurity/trivy-action@master
+      with:
+        image-ref: ${{ env.REGISTRY }}/${{ secrets.DOCKER_USERNAME }}/${{ env.IMAGE_NAME_DISCORD_BOT }}:latest
+        format: 'sarif'
+        output: 'discord-bot-trivy-results.sarif'
+
+    - name: Run Trivy vulnerability scanner for Web Backend
+      uses: aquasecurity/trivy-action@master
+      with:
+        image-ref: ${{ env.REGISTRY }}/${{ secrets.DOCKER_USERNAME }}/${{ env.IMAGE_NAME_WEB_BACKEND }}:latest
+        format: 'sarif'
+        output: 'web-backend-trivy-results.sarif'
+
+    - name: Upload Trivy scan results to GitHub Security tab
+      uses: github/codeql-action/upload-sarif@v3
+      with:
+        sarif_file: |
+          discord-bot-trivy-results.sarif
+          web-backend-trivy-results.sarif
+
+  notify:
+    runs-on: ubuntu-latest
+    needs: [build-and-push, security-scan]
+    if: always() && github.event_name != 'pull_request'
+    
+    steps:
+    - name: Notify on success
+      if: needs.build-and-push.result == 'success' && needs.security-scan.result == 'success'
+      run: |
+        echo "✅ Docker images built and published successfully!"
+        echo "Discord Bot: ${{ env.REGISTRY }}/${{ secrets.DOCKER_USERNAME }}/${{ env.IMAGE_NAME_DISCORD_BOT }}:latest"
+        echo "Web Backend: ${{ env.REGISTRY }}/${{ secrets.DOCKER_USERNAME }}/${{ env.IMAGE_NAME_WEB_BACKEND }}:latest"
+
+    - name: Notify on failure
+      if: needs.build-and-push.result == 'failure' || needs.security-scan.result == 'failure'
+      run: |
+        echo "❌ Docker build or security scan failed!"
+        exit 1

.github/workflows/docker-compose-test.yml

@@ -0,0 +1,125 @@
+name: Test Docker Compose Setup
+
+on:
+  push:
+    branches: [ main, develop ]
+  pull_request:
+    branches: [ main ]
+
+env:
+  COMPOSE_PROJECT_NAME: uptime-kuma-test
+
+jobs:
+  test-compose:
+    runs-on: ubuntu-latest
+    
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v3
+
+    - name: Create test environment file
+      run: |
+        cat > .env << EOF
+        DISCORD_TOKEN=test_token_12345
+        GUILD_ID=123456789012345678
+        CHANNEL_ID=123456789012345678
+        CLIENT_ID=123456789012345678
+        UPDATE_TIME=60
+        UPTIME_KUMA_URL=https://test.example.com/metrics
+        UPTIME_KUMA_API_KEY=test_api_key_12345
+        EOF
+
+    - name: Build Docker images
+      run: |
+        docker-compose build --no-cache
+
+    - name: Start services
+      run: |
+        docker-compose up -d
+        sleep 30
+
+    - name: Check service health
+      run: |
+        # Check if web backend is responding
+        curl -f http://localhost:8080/back-end.php || exit 1
+        
+        # Check container status
+        docker-compose ps
+        
+        # Check logs for errors
+        docker-compose logs --tail=50
+
+    - name: Test web backend endpoint
+      run: |
+        # Test the PHP endpoint (should fail gracefully with test data)
+        response=$(curl -s -w "%{http_code}" http://localhost:8080/back-end.php)
+        echo "Response: $response"
+        # Accept both 200 (success) and 500 (expected failure with test data)
+        if [[ "$response" =~ ^(200|500)$ ]]; then
+          echo "✅ Web backend endpoint is responding"
+        else
+          echo "❌ Web backend endpoint failed"
+          exit 1
+        fi
+
+    - name: Verify container logs
+      run: |
+        # Check Discord bot logs for startup
+        docker-compose logs discord-bot | grep -E "(Bot is online|Error)" || echo "No startup messages found"
+        
+        # Check web backend logs
+        docker-compose logs web-backend | grep -E "(Apache|PHP)" || echo "No backend messages found"
+
+    - name: Cleanup
+      if: always()
+      run: |
+        docker-compose down -v
+        docker system prune -f
+
+  lint-dockerfiles:
+    runs-on: ubuntu-latest
+    
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Run hadolint on Dockerfiles
+      uses: hadolint/hadolint-action@v3.1.0
+      with:
+        dockerfile: Bot/Dockerfile
+        failure-threshold: warning
+
+    - name: Run hadolint on Web Dockerfile
+      uses: hadolint/hadolint-action@v3.1.0
+      with:
+        dockerfile: Web/Dockerfile
+        failure-threshold: warning
+
+  validate-compose:
+    runs-on: ubuntu-latest
+    
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Validate docker-compose.yml
+      run: |
+        docker-compose config --quiet
+        echo "✅ docker-compose.yml is valid"
+
+    - name: Check for required environment variables
+      run: |
+        # Check if all required env vars are referenced in docker-compose.yml
+        required_vars=("DISCORD_TOKEN" "GUILD_ID" "CHANNEL_ID" "CLIENT_ID" "UPTIME_KUMA_URL" "UPTIME_KUMA_API_KEY")
+        
+        for var in "${required_vars[@]}"; do
+          if grep -q "\${$var}" docker-compose.yml; then
+            echo "✅ $var is referenced in docker-compose.yml"
+          else
+            echo "❌ $var is missing from docker-compose.yml"
+            exit 1
+          fi
+        done

.github/workflows/release.yml

@@ -0,0 +1,94 @@
+name: Create Release
+
+on:
+  push:
+    tags:
+      - 'v*'
+
+env:
+  REGISTRY: docker.io
+  IMAGE_NAME_DISCORD_BOT: uptime-kuma-discord-bot
+  IMAGE_NAME_WEB_BACKEND: uptime-kuma-web-backend
+
+jobs:
+  create-release:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      packages: write
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    - name: Extract version from tag
+      id: version
+      run: |
+        VERSION=${GITHUB_REF#refs/tags/}
+        VERSION=${VERSION#v}
+        echo "version=$VERSION" >> $GITHUB_OUTPUT
+        echo "tag=v$VERSION" >> $GITHUB_OUTPUT
+
+    - name: Generate changelog
+      id: changelog
+      run: |
+        # Get commits since last tag
+        if git describe --tags --abbrev=0 HEAD~1 >/dev/null 2>&1; then
+          PREV_TAG=$(git describe --tags --abbrev=0 HEAD~1)
+          echo "Changes since $PREV_TAG:"
+          git log --pretty=format:"- %s (%h)" $PREV_TAG..HEAD
+        else
+          echo "Initial release"
+          git log --pretty=format:"- %s (%h)"
+        fi > CHANGELOG.md
+
+    - name: Create Release
+      uses: softprops/action-gh-release@v1
+      with:
+        tag_name: ${{ steps.version.outputs.tag }}
+        name: Release ${{ steps.version.outputs.tag }}
+        body: |
+          ## What's Changed
+          
+          ${{ steps.changelog.outputs.content }}
+          
+          ## Docker Images
+          
+          ### Discord Bot
+          ```bash
+          docker pull ${{ env.REGISTRY }}/${{ secrets.DOCKER_USERNAME }}/${{ env.IMAGE_NAME_DISCORD_BOT }}:${{ steps.version.outputs.version }}
+          docker pull ${{ env.REGISTRY }}/${{ secrets.DOCKER_USERNAME }}/${{ env.IMAGE_NAME_DISCORD_BOT }}:latest
+          ```
+          
+          ### Web Backend
+          ```bash
+          docker pull ${{ env.REGISTRY }}/${{ secrets.DOCKER_USERNAME }}/${{ env.IMAGE_NAME_WEB_BACKEND }}:${{ steps.version.outputs.version }}
+          docker pull ${{ env.REGISTRY }}/${{ secrets.DOCKER_USERNAME }}/${{ env.IMAGE_NAME_WEB_BACKEND }}:latest
+          ```
+          
+          ## Quick Start
+          
+          ```bash
+          # Clone the repository
+          git clone <repository-url>
+          cd UptimeKuma-DiscordBot
+          
+          # Copy environment template
+          cp env.example .env
+          
+          # Edit .env with your values
+          # Then start with Docker Compose
+          docker-compose up -d
+          ```
+          
+          See [DOCKER_SETUP.md](DOCKER_SETUP.md) for detailed instructions.
+        files: |
+          CHANGELOG.md
+        draft: false
+        prerelease: false
+
+    - name: Update Docker Hub description
+      if: success()
+      run: |
+        echo "🎉 Release ${{ steps.version.outputs.tag }} created successfully!"
+        echo "Docker images will be automatically built and pushed by the docker-build workflow."