feat: Add official docker support (calcom#24672)

* feat: Add official Docker support

* Adding scarf data support

* Comment out pushing the image for now

* Getting env vars ported

* Renamed the job to Release instead of Remote Release

* Move the Dockerfile and docker-compose files to monorepo root

* Remove Slack notifications for failures for now

* Show database container status

* Setting env directly for testing

* Removing env var

* Adding container logs

* Change the volume

* fixing file paths

* Double-quotes wrecking things

* Fixing /calcom paths

* Update permission for scripts

* Fixed the Slack notification

* Updated Slack notification emojis

* Checking the workflow_dispatch input for checkout

* Commenting out the tag checkout for now since our new Docker files are not in main

* Added .dockerignore

* Remove the scarf data export

* Removed extra empty line

* refactor: Create reusable Docker build action for AMD64 and ARM support

- Extract common Docker build logic into reusable composite action
- Create separate workflows for AMD64 and ARM builds that run in parallel
- Both workflows use the same reusable action with platform-specific parameters
- ARM builds use ubuntu-24.04-arm runner and add -arm suffix to tags
- AMD64 builds use buildjet-4vcpu-ubuntu-2204 runner
- Remove old monolithic release-docker.yaml workflow

Co-Authored-By: keith@cal.com <keithwillcode@gmail.com>

* Revert "refactor: Create reusable Docker build action for AMD64 and ARM support"

This reverts commit 66d2c17.

* refactor: Add parallel AMD64 and ARM Docker builds using reusable action

- Create reusable composite action in .github/actions/docker-build-and-test
- Extract common Docker build, test, and push logic into the action
- Update release-docker.yaml to have two parallel jobs:
  - release-amd64: Builds for linux/amd64 on buildjet-4vcpu-ubuntu-2204
  - release-arm: Builds for arm64 on ubuntu-24.04-arm with -arm suffix
- Both jobs use the same reusable action with platform-specific parameters
- Maintains existing functionality while enabling parallel builds

Co-Authored-By: keith@cal.com <keithwillcode@gmail.com>

* Update the ARM action to run on buildjet 4vCPU ARM

* Move the Dockerfile to apps/web

* Revert "Move the Dockerfile to apps/web"

This reverts commit fd91ebe.

* Revert the arm machine back off build jet

* Use node 20

* Set push to true

* Remove Dockerfile.render

* Removed commented Docker lines

* Fixed read me

* Updated README for Docker support

---------

Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com>

Author: keithwillcode

.github/actions/docker-build-and-test/action.yml

@@ -0,0 +1,182 @@
+name: "Docker Build and Test"
+description: "Reusable action to build and test Docker images for Cal.com"
+
+inputs:
+  platform:
+    description: "Target platform (linux/amd64 or arm64)"
+    required: true
+  platform-suffix:
+    description: "Suffix to add to image tags (e.g., -arm)"
+    required: false
+    default: ""
+  dockerhub-username:
+    description: "Docker Hub username"
+    required: true
+  dockerhub-token:
+    description: "Docker Hub token"
+    required: true
+  github-token:
+    description: "GitHub token for GHCR"
+    required: true
+  postgres-user:
+    description: "PostgreSQL user"
+    required: true
+  postgres-password:
+    description: "PostgreSQL password"
+    required: true
+  postgres-db:
+    description: "PostgreSQL database name"
+    required: true
+  database-host:
+    description: "Database host"
+    required: true
+  push-image:
+    description: "Whether to push the built image"
+    required: false
+    default: "false"
+
+runs:
+  using: "composite"
+  steps:
+    - name: Log in to the Docker Hub registry
+      uses: docker/login-action@v3
+      with:
+        username: ${{ inputs.dockerhub-username }}
+        password: ${{ inputs.dockerhub-token }}
+        logout: true
+
+    - name: Log in to the Github Container registry
+      uses: docker/login-action@v3
+      with:
+        registry: ghcr.io
+        username: ${{ github.actor }}
+        password: ${{ inputs.github-token }}
+
+    - name: Docker meta
+      id: meta
+      uses: docker/metadata-action@v5
+      with:
+        images: |
+          docker.io/calendso/calendso
+          docker.io/calcom/cal.com
+          ghcr.io/calcom/cal.com
+        flavor: |
+          latest=${{ !github.event.release.prerelease }}
+          suffix=${{ inputs.platform-suffix }}
+
+    - name: Copy env
+      shell: bash
+      run: |
+        grep -o '^[^#]*' .env.example > .env
+        cat .env >> $GITHUB_ENV
+        echo "DATABASE_HOST=localhost:5432" >> $GITHUB_ENV
+        eval $(sed -e '/^#/d' -e 's/^/export /' -e 's/$/;/' .env) ;
+
+    - name: Start database
+      shell: bash
+      run: |
+        docker compose up -d database
+
+    - name: Show database logs and container status
+      shell: bash
+      run: |
+        echo "--- Container Status ---"
+        docker compose ps database
+
+        echo "--- Container Logs ---"
+        docker compose logs database
+
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v3
+      with:
+        driver-opts: |
+          network=container:database
+        buildkitd-flags: |
+          --allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host
+
+    - name: Build image
+      id: docker_build
+      uses: docker/build-push-action@v6
+      with:
+        context: ./
+        file: ./Dockerfile
+        load: true
+        push: false
+        platforms: ${{ inputs.platform }}
+        tags: ${{ steps.meta.outputs.tags }}
+        labels: ${{ steps.meta.outputs.labels }}
+        build-args: |
+          NEXT_PUBLIC_WEBAPP_URL=http://localhost:3000
+          NEXT_PUBLIC_API_V2_URL=http://localhost:5555/api/v2
+          NEXT_PUBLIC_LICENSE_CONSENT=agree
+          DATABASE_URL=postgresql://${{ inputs.postgres-user }}:${{ inputs.postgres-password }}@${{ inputs.database-host }}/${{ inputs.postgres-db }}
+          DATABASE_DIRECT_URL=postgresql://${{ inputs.postgres-user }}:${{ inputs.postgres-password }}@${{ inputs.database-host }}/${{ inputs.postgres-db }}
+
+    - name: Test runtime
+      shell: bash
+      run: |
+        tags="${{ steps.meta.outputs.tags }}"
+        IFS=',' read -ra ADDR <<< "$tags"
+        tag=${ADDR[0]}
+
+        docker run --rm --network stack \
+          -p 3000:3000 \
+          -e DATABASE_URL=postgresql://${{ inputs.postgres-user }}:${{ inputs.postgres-password }}@database/${{ inputs.postgres-db }} \
+          -e DATABASE_DIRECT_URL=postgresql://${{ inputs.postgres-user }}:${{ inputs.postgres-password }}@database/${{ inputs.postgres-db }} \
+          -e NEXTAUTH_SECRET=${{ env.NEXTAUTH_SECRET }} \
+          -e CALENDSO_ENCRYPTION_KEY=${{ env.CALENDSO_ENCRYPTION_KEY }} \
+          $tag &
+
+          server_pid=$!
+
+          echo "Waiting for the server to start..."
+          sleep 120
+
+          echo http://localhost:3000/auth/login
+
+          for i in {1..60}; do
+            echo "Checking server health ($i/60)..."
+            response=$(curl -o /dev/null -s -w "%{http_code}" http://localhost:3000/auth/login)
+            echo "HTTP Status Code: $response"
+            if [[ "$response" == "200" ]] || [[ "$response" == "307" ]]; then
+              echo "Server is healthy"
+              kill $server_pid
+              exit 0
+            fi
+            sleep 1
+          done
+
+          echo "Server health check failed"
+          kill $server_pid
+          exit 1
+      env:
+        NEXTAUTH_SECRET: "EI4qqDpcfdvf4A+0aQEEx8JjHxHSy4uWiZw/F32K+pA="
+        CALENDSO_ENCRYPTION_KEY: "0zfLtY99wjeLnsM7qsa8xsT+Q0oSgnOL"
+
+    - name: Push image
+      id: docker_push
+      uses: docker/build-push-action@v6
+      if: ${{ inputs.push-image == 'true' && !github.event.release.prerelease }}
+      with:
+        context: ./
+        file: ./Dockerfile
+        push: true
+        platforms: ${{ inputs.platform }}
+        tags: ${{ steps.meta.outputs.tags }}
+        labels: ${{ steps.meta.outputs.labels }}
+        build-args: |
+          NEXT_PUBLIC_WEBAPP_URL=http://localhost:3000
+          NEXT_PUBLIC_API_V2_URL=http://localhost:5555/api/v2
+          NEXT_PUBLIC_LICENSE_CONSENT=agree
+          DATABASE_URL=postgresql://${{ inputs.postgres-user }}:${{ inputs.postgres-password }}@${{ inputs.database-host }}/${{ inputs.postgres-db }}
+          DATABASE_DIRECT_URL=postgresql://${{ inputs.postgres-user }}:${{ inputs.postgres-password }}@${{ inputs.database-host }}/${{ inputs.postgres-db }}
+
+    - name: Image digest
+      shell: bash
+      run: echo ${{ steps.docker_build.outputs.digest }}
+
+    - name: Cleanup
+      shell: bash
+      if: always()
+      run: |
+        docker compose down

.github/workflows/release-docker.yaml

@@ -1,48 +1,110 @@
 name: "Release Docker"
 
-on: # yamllint disable-line rule:truthy
-  release:
-    types:
-      - created
-      - published
+env:
+  POSTGRES_USER: "unicorn_user"
+  POSTGRES_PASSWORD: "magical_password"
+  POSTGRES_DB: "calendso"
+  DATABASE_HOST: "database:5432"
+
+on:
+  push:
+    tags:
+      - "v*"
   # in case manual trigger is needed
   workflow_dispatch:
     inputs:
       RELEASE_TAG:
         description: "v{Major}.{Minor}.{Patch}"
 
 jobs:
-  release:
-    name: "Remote Release"
+  release-amd64:
+    name: "Release AMD64"
+    runs-on: buildjet-4vcpu-ubuntu-2204
+    steps:
+      - name: checkout
+        uses: actions/checkout@v4
+
+      - name: "Determine tag"
+        run: 'echo "RELEASE_TAG=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV'
 
-    runs-on: "ubuntu-latest"
+      - name: Build and test Docker image
+        uses: ./.github/actions/docker-build-and-test
+        with:
+          platform: "linux/amd64"
+          platform-suffix: ""
+          dockerhub-username: ${{ secrets.DOCKERHUB_USERNAME }}
+          dockerhub-token: ${{ secrets.DOCKERHUB_TOKEN }}
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          postgres-user: ${{ env.POSTGRES_USER }}
+          postgres-password: ${{ env.POSTGRES_PASSWORD }}
+          postgres-db: ${{ env.POSTGRES_DB }}
+          database-host: ${{ env.DATABASE_HOST }}
+          push-image: "true"
 
+      - name: Notify Slack on Success
+        if: success()
+        uses: slackapi/slack-github-action@v1.24.0
+        with:
+          payload: |
+            {
+              "text": ":large_green_circle: Workflow *${{ github.workflow }}* (AMD64) succeeded in job *${{ github.job }}*.\nSee: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
+            }
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.CI_SLACK_WEBHOOK_URL }}
+
+      - name: Notify Slack on Failure
+        if: failure()
+        uses: slackapi/slack-github-action@v1.24.0
+        with:
+          payload: |
+            {
+              "text": ":red_circle: Workflow *${{ github.workflow }}* (AMD64) failed in job *${{ github.job }}*.\nSee: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
+            }
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.CI_SLACK_WEBHOOK_URL }}
+
+  release-arm:
+    name: "Release ARM"
+    runs-on: ubuntu-24.04-arm
     steps:
       - name: checkout
         uses: actions/checkout@v4
 
       - name: "Determine tag"
         run: 'echo "RELEASE_TAG=${GITHUB_REF#refs/tags/}" >> $GITHUB_ENV'
 
-      - name: "Run remote release workflow"
-        uses: "actions/github-script@v6"
+      - name: Build and test Docker image
+        uses: ./.github/actions/docker-build-and-test
+        with:
+          platform: "arm64"
+          platform-suffix: "-arm"
+          dockerhub-username: ${{ secrets.DOCKERHUB_USERNAME }}
+          dockerhub-token: ${{ secrets.DOCKERHUB_TOKEN }}
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          postgres-user: ${{ env.POSTGRES_USER }}
+          postgres-password: ${{ env.POSTGRES_PASSWORD }}
+          postgres-db: ${{ env.POSTGRES_DB }}
+          database-host: ${{ env.DATABASE_HOST }}
+          push-image: "true"
+
+      - name: Notify Slack on Success
+        if: success()
+        uses: slackapi/slack-github-action@v1.24.0
+        with:
+          payload: |
+            {
+              "text": ":large_green_circle: Workflow *${{ github.workflow }}* (ARM) succeeded in job *${{ github.job }}*.\nSee: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
+            }
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.CI_SLACK_WEBHOOK_URL }}
+
+      - name: Notify Slack on Failure
+        if: failure()
+        uses: slackapi/slack-github-action@v1.24.0
         with:
-          # Requires a personal access token with Actions Read and write permissions on calcom/docker.
-          github-token: "${{ secrets.DOCKER_REPO_ACCESS_TOKEN }}"
-          script: |
-            try {
-              const response = await github.rest.actions.createWorkflowDispatch({
-                owner: context.repo.owner,
-                repo: 'docker',
-                workflow_id: 'create-release.yaml',
-                ref: 'main',
-                inputs: {
-                  "RELEASE_TAG": process.env.RELEASE_TAG
-                },
-              });
-
-              console.log(response);
-            } catch (error) {
-              console.error(error);
-              core.setFailed(error.message);
+          payload: |
+            {
+              "text": ":red_circle: Workflow *${{ github.workflow }}* (ARM) failed in job *${{ github.job }}*.\nSee: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
             }
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.CI_SLACK_WEBHOOK_URL }}