feat: Add health checks and Docker registry commands to Makefile and Dockerfiles

developerkunal · developerkunal · commit c7288c2ca02e · 2025-07-26T15:59:37.000+05:30
diff --git a/Dockerfile b/Dockerfile
@@ -70,3 +70,7 @@ LABEL maintainer="developerkunal" \
       org.opencontainers.image.vendor="developerkunal" \
       org.opencontainers.image.licenses="MIT" \
       org.opencontainers.image.source="https://github.com/developerkunal/OpenMorph"
+
+# Health check
+HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
+    CMD ["/usr/local/bin/openmorph", "--version"] || exit 1
diff --git a/Dockerfile.dev b/Dockerfile.dev
@@ -38,14 +38,25 @@ RUN apk add --no-cache \
 # Install swagger-cli globally
 RUN npm install -g @apidevtools/swagger-cli
 
+# Create non-root user for security
+RUN addgroup -g 1001 -S openmorph && \
+    adduser -u 1001 -S openmorph -G openmorph
+
 # Copy the binary
 COPY --from=builder /build/openmorph /usr/local/bin/openmorph
 
 # Make it executable
 RUN chmod +x /usr/local/bin/openmorph
 
+# Switch to non-root user
+USER openmorph
+
 # Create workspace directory
 WORKDIR /workspace
 
+# Health check
+HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
+    CMD ["/usr/local/bin/openmorph", "--version"] || exit 1
+
 # Set up shell
 CMD ["/bin/bash"]
diff --git a/Makefile b/Makefile
@@ -56,6 +56,10 @@ help:
 	@echo "  docker-compose-ci     Run CI/CD simulation"
 	@echo "  docker-clean          Clean Docker images and system"
 	@echo "  docker-all            Build and test all Docker images"
+	@echo "  docker-tag            Tag images for registry push"
+	@echo "  docker-login          Login to GitHub Container Registry"
+	@echo "  docker-push           Push tagged images to registry"
+	@echo "  docker-push-override  Build and push images (overrides existing version)"
 	@echo ""
 	@echo "Utilities:"
 	@echo "  clean                 Clean build artifacts"
@@ -190,7 +194,7 @@ docker-build:
 
 docker-test:
 	@echo "Testing Docker images..."
-	./scripts/healthcheck.sh || true
+	docker run --rm -v $(PWD)/scripts:/scripts openmorph:dev /scripts/healthcheck.sh || true
 	docker run --rm openmorph:latest --version
 	docker run --rm openmorph:distroless --version
 	@echo "Creating test files..."
@@ -227,3 +231,48 @@ docker-clean:
 
 docker-all: docker-build docker-test
 	@echo "Docker build and test complete"
+
+# Docker registry commands
+docker-tag:
+	@echo "Tagging Docker images for registry..."
+	docker tag openmorph:latest ghcr.io/developerkunal/openmorph:v$(VERSION)
+	docker tag openmorph:latest ghcr.io/developerkunal/openmorph:latest
+	docker tag openmorph:latest ghcr.io/developerkunal/openmorph:v$(shell echo $(VERSION) | cut -d. -f1)
+	docker tag openmorph:latest ghcr.io/developerkunal/openmorph:v$(shell echo $(VERSION) | cut -d. -f1-2)
+	docker tag openmorph:distroless ghcr.io/developerkunal/openmorph:v$(VERSION)-distroless
+	docker tag openmorph:dev ghcr.io/developerkunal/openmorph:v$(VERSION)-dev
+	@echo "✅ Images tagged for ghcr.io/developerkunal/openmorph"
+
+docker-login:
+	@echo "Logging into GitHub Container Registry..."
+	@echo "Make sure you have a GitHub token with write:packages permission"
+	@echo "Run: echo \$$GITHUB_TOKEN | docker login ghcr.io -u USERNAME --password-stdin"
+	@echo "Or use: docker login ghcr.io"
+	docker login ghcr.io
+
+docker-push: docker-tag
+	@echo "Pushing Docker images to GitHub Container Registry..."
+	docker push ghcr.io/developerkunal/openmorph:v$(VERSION)
+	docker push ghcr.io/developerkunal/openmorph:latest
+	docker push ghcr.io/developerkunal/openmorph:v$(shell echo $(VERSION) | cut -d. -f1)
+	docker push ghcr.io/developerkunal/openmorph:v$(shell echo $(VERSION) | cut -d. -f1-2)
+	docker push ghcr.io/developerkunal/openmorph:v$(VERSION)-distroless
+	docker push ghcr.io/developerkunal/openmorph:v$(VERSION)-dev
+	@echo "✅ All images pushed successfully!"
+
+docker-push-override: docker-build docker-tag
+	@echo "🚨 OVERRIDING existing v$(VERSION) images with security fixes..."
+	@echo "This will replace the existing images in the registry"
+	@read -p "Are you sure you want to override v$(VERSION)? (y/N): " confirm; \
+	if [ "$$confirm" = "y" ] || [ "$$confirm" = "Y" ]; then \
+		echo "Pushing images..."; \
+		docker push ghcr.io/developerkunal/openmorph:v$(VERSION); \
+		docker push ghcr.io/developerkunal/openmorph:latest; \
+		docker push ghcr.io/developerkunal/openmorph:v$(shell echo $(VERSION) | cut -d. -f1); \
+		docker push ghcr.io/developerkunal/openmorph:v$(shell echo $(VERSION) | cut -d. -f1-2); \
+		docker push ghcr.io/developerkunal/openmorph:v$(VERSION)-distroless; \
+		docker push ghcr.io/developerkunal/openmorph:v$(VERSION)-dev; \
+		echo "✅ v$(VERSION) images overridden with security fixes!"; \
+	else \
+		echo "❌ Push cancelled"; \
+	fi
