feat(ci): Add Dockerfile and workflows (#6)

.dockerignore

@@ -0,0 +1,7 @@
+__pycache__
+*.pyc
+*.pyo
+*.pyd
+**/.env
+.git
+.github

.github/workflows/ci-dev-pr.yml

@@ -0,0 +1,23 @@
+name: Development - Pull Request
+on:
+  pull_request:
+    branches:
+      - '**'
+
+jobs:
+  lint-format:
+    name: Linting Checks
+    uses: ./.github/workflows/lint.yml
+
+  build:
+    needs: lint-format
+    name: Build
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Build Docker container
+        run: |
+          docker buildx build \
+            --file=Dockerfile -t duckbot .

.github/workflows/ci-dev.yml

@@ -0,0 +1,11 @@
+name: Development
+on:
+  push:
+    branches:
+      - '**'
+      - '!main'
+
+jobs:
+  lint-format:
+    name: Linting Checks
+    uses: ./.github/workflows/lint.yml

.github/workflows/lint.yml

@@ -1,11 +1,6 @@
-name: Format Code
-
+name: Linting Checks
 on:
-  pull_request:
-    branches:
-      - '*'
-  push:
-    branches: [main]
+  workflow_call:
 
 jobs:
   black:
@@ -29,6 +24,3 @@ jobs:
 
       - name: Format code with Black
         run: poetry run black .
-
-      - name: Check for changes
-        run: git diff --exit-code

.github/workflows/production.yml

@@ -0,0 +1,67 @@
+name: Production
+
+on:
+  push:
+    branches: [main]
+
+env:
+  AWS_REGION: ap-southeast-2
+
+jobs:
+  lint-format:
+    name: Linting Checks
+    uses: ./.github/workflows/lint.yml
+
+  build:
+    needs: lint-format
+    name: Build
+    runs-on: [self-hosted, ARM64] # Since deployment is on arm64
+    permissions:
+      id-token: write
+      contents: read
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
+          role-session-name: ${{ secrets.AWS_ROLE_SESSION_NAME }}
+          aws-region: ${{ env.AWS_REGION }}
+
+      - name: Build Docker container
+        run: |
+          docker buildx build \
+            --platform=linux/arm64 --file=Dockerfile -t duckbot .
+          docker image save duckbot | gzip > duckbot.tar.gz
+
+      - name: Copy image and compose file to S3
+        run: |
+          aws s3 cp ./duckbot.tar.gz s3://${{ secrets.AWS_S3_BUCKET }}/duckbot/
+          aws s3 cp ./docker-compose.yml s3://${{ secrets.AWS_S3_BUCKET }}/duckbot/
+
+  deploy:
+    needs: build
+    name: Deploy
+    runs-on: ubuntu-latest
+    environment: Production
+    steps:
+      - name: Deploy on EC2
+        env:
+          KEY: ${{ secrets.SSH_EC2_KEY }}
+          HOSTNAME: ${{ secrets.SSH_EC2_HOSTNAME }}
+          USER: ${{ secrets.SSH_EC2_USER }}
+          GUILD_ID: ${{ secrets.GUILD_ID }}
+          BOT_TOKEN: ${{ secrets.BOT_TOKEN }}
+        run: |
+          echo "$KEY" > private_key && chmod 600 private_key
+          ssh -v -o StrictHostKeyChecking=no -i private_key ${USER}@${HOSTNAME} '
+            cd ~/duckbot
+            aws s3 cp s3://${{ secrets.AWS_S3_BUCKET }}/duckbot/duckbot.tar.gz .
+            aws s3 cp s3://${{ secrets.AWS_S3_BUCKET }}/duckbot/docker-compose.yml .
+            echo GUILD_ID=${{ secrets.GUILD_ID }} > .env
+            echo BOT_TOKEN=${{ secrets.BOT_TOKEN }} >> .env
+            docker load -i duckbot.tar.gz
+            docker compose up -d
+          '

Dockerfile

@@ -0,0 +1,17 @@
+# Base image
+FROM python:3.11-slim as base
+
+WORKDIR /app
+
+# Install dependencies
+COPY pyproject.toml poetry.lock ./
+
+RUN pip install poetry \
+    && poetry config virtualenvs.create false \
+    && poetry install --no-dev --no-interaction --no-ansi
+
+# Copy the rest of the application code
+COPY . .
+
+# Run the bot
+CMD ["poetry", "run", "python", "src/main.py"]

docker-compose.yml

@@ -0,0 +1,15 @@
+services:
+  duckbot:
+    image: duckbot:latest
+    container_name: duckbot
+    env_file:
+      - .env
+    environment:
+      - PUID=1000
+      - PGID=1000
+    networks:
+      - csclub
+
+networks:
+  csclub:
+    external: true

pyproject.toml

@@ -9,10 +9,9 @@ readme = "README.md"
 [tool.poetry.dependencies]
 python = "^3.11"
 "discord.py" = "2.3.2"
-python-dotenv = "1.0.0"
 black = "^24.4.2"
+poetry-dotenv-plugin = "^0.2.0"
 
 [build-system]
 requires = ["poetry-core"]
 build-backend = "poetry.core.masonry.api"
-

src/main.py

@@ -3,14 +3,10 @@
 import pkgutil
 from discord import Intents, app_commands, Object, Interaction, Embed, Message, Color
 from discord.ext import commands
-from dotenv import load_dotenv
-
-# Load environment variables from .env file
-load_dotenv()
 
 # Retrieve guild ID and bot token from environment variables
-GUILD_ID = os.getenv("GUILD_ID")
-BOT_TOKEN = os.getenv("BOT_TOKEN")
+GUILD_ID = int(os.environ["GUILD_ID"])
+BOT_TOKEN = os.environ["BOT_TOKEN"]
 
 # Load the permissions the bot has been granted in the previous configuration
 intents = Intents.default()