Fix cache in Dockerfile (#7)

karthiknatarajan · web-flow · commit 384c578ff540 · 2025-12-30T19:53:07.000+05:30
* Fix cache in Dockerfile

* Add codeql
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -0,0 +1,47 @@
+name: "CodeQL"
+
+on:
+    push:
+        branches: ["main"]
+    pull_request:
+        branches: ["main"]
+    schedule:
+        - cron: "0 6 * * 1" # Run every Monday at 6 AM UTC
+
+jobs:
+    analyze:
+        name: Analyze
+        runs-on: ubuntu-latest
+        timeout-minutes: 360
+        permissions:
+            actions: read
+            contents: read
+            security-events: write
+
+        strategy:
+            fail-fast: false
+            matrix:
+                language: ["go"]
+
+        steps:
+            - name: Checkout repository
+              uses: actions/checkout@v4
+
+            - name: Set up Go
+              uses: actions/setup-go@v5
+              with:
+                  go-version-file: go.mod
+                  cache: true
+
+            - name: Initialize CodeQL
+              uses: github/codeql-action/init@v3
+              with:
+                  languages: ${{ matrix.language }}
+
+            - name: Autobuild
+              uses: github/codeql-action/autobuild@v3
+
+            - name: Perform CodeQL Analysis
+              uses: github/codeql-action/analyze@v3
+              with:
+                  category: "/language:${{matrix.language}}"
diff --git a/Dockerfile b/Dockerfile
@@ -5,9 +5,10 @@ FROM node:24 AS web
 
 WORKDIR /app
 
-COPY package.json ./
+# Copy package files first for better caching
+COPY package.json package-lock.json* ./
 
-RUN npm i
+RUN npm ci --prefer-offline || npm i
 
 # Copy full web assets for tailwind to parse templ files
 COPY ./app/web ./app/web
@@ -30,22 +31,24 @@ FROM golang:1.25-trixie AS builder
 
 # Setup workig dir
 WORKDIR /app
-# Get dependencies - will also be cached if we won't change mod/sum
-COPY go.mod .
-COPY go.sum .
+
+# Get dependencies first - cached if go.mod/go.sum unchanged
+COPY go.mod go.sum ./
 
 ENV CGO_CFLAGS="-D_LARGEFILE64_SOURCE"
 RUN go install tool
 RUN go mod download
 
-# COPY the source code
-COPY . .
+# Copy templ files first for templ generate caching
+COPY ./app/web ./app/web
 COPY --from=web /app/dist ./app/web/public/assets
 
-
-# Generate the template code
+# Generate the template code (cached if templ files unchanged)
 RUN go tool templ generate
 
+# Copy remaining source code
+COPY . .
+
 RUN --mount=type=cache,target=/root/.cache/go-build \
     --mount=type=cache,target=/go/pkg \
     LDFLAGS="-X github.com/cloudness-io/cloudness/version.GitCommit=${GIT_COMMIT} -X github.com/cloudness-io/cloudness/version.major=${CLOUDNESS_VERSION_MAJOR} -X github.com/cloudness-io/cloudness/version.minor=${CLOUDNESS_VERSION_MINOR} -X github.com/cloudness-io/cloudness/version.patch=${CLOUDNESS_VERSION_PATCH} -extldflags '-static'" && \
