3 files changed, 32 insertions, 39 deletions

diff --git a/.github/workflows/lint-test-build-push.yaml b/.github/workflows/lint-test-build-push.yaml
index 8dd9b34..62691ab 100644
--- a/.github/workflows/lint-test-build-push.yaml
+++ b/.github/workflows/lint-test-build-push.yaml
@@ -23,9 +23,16 @@ jobs:
         run: |
           tag=$(cut -c 1-7 <<< $GITHUB_SHA)
           echo "::set-output name=tag::$tag"
+
       - name: Checkout code
         uses: actions/checkout@v2
 
+      # The current version (v2) of Docker's build-push action uses
+      # buildx, which comes with BuildKit features that help us speed
+      # up our builds using additional cache features. Buildx also
+      # has a lot of other features that are not as relevant to us.
+      #
+      # See https://github.com/docker/build-push-action
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v1
 
@@ -36,38 +43,33 @@ jobs:
           username: ${{ github.repository_owner }}
           password: ${{ secrets.GHCR_TOKEN  }}
 
-      # Set up a caching directory for image layers. According to the docker
-      # documentation, it's recommended to use a SHA-based key to get the
-      # greatest change of finding the most relevant cached layer. We fall
-      # down to more generic containers by then matching by GitHub branch,
-      # to use cache generated earlier in the same branch, and finally to
-      # the latest cache in general. The `v0` is purely a cache version
-      # indicator that can be incremented manually if we want to invalidate
-      # old caches completely.
+      # Create a local cache directory for PR builds, as the image
+      # we build for PRs may start to deviate from the "latest" image
+      # currently registered in the GHCR. For master, the best we can
+      # do is use the previous master build, which can be cached from
+      # the GHCR.
       - name: Cache Image Layers
+        if: github.event_name == 'pull_request'
         uses: actions/cache@v2
         with:
           path: /tmp/.buildx-cache
           key: ${{ runner.os }}-v0-buildx-${{ github.ref }}-${{ github.sha }}
           restore-keys: |
             ${{ runner.os }}-v0-buildx-${{ github.ref }}-
-            ${{ runner.os }}-v0-buildx-
 
-      # Build the image we need for testing/linting the current codebase,
-      # without pushing the image to the GHCR. Instead, we load it into
-      # the runner's docker environment so we can run it later. The
-      # target of this build is the `venv` stage of the Dockerfile, as we
-      # don't want to include the final production entry point stage.
+      # Build the image we need for linting and testing using the
+      # `venv` target stage within our Dockerfile. We load the image
+      # into the runner's Docker image collection so we can run it
+      # later.
       #
-      # This build caches to our GitHub Actions cache and uses that cache
-      # during the build process as well. If no GitHub Actions cache was
-      # available, it will use the latest intermediate images pushed to
-      # the GHCR as a cache source.
+      # The image includes an inline cache manifest to support caching
+      # from the GHCR, which means that a build can pull the layers it
+      # can reuse instead of building them from scratch.
       - name: Build image for linting and testing
         uses: docker/build-push-action@v2
         with:
           context: .
-          file: ./docker/Dockerfile
+          file: ./Dockerfile
           push: false
           load: true
           target: venv
@@ -147,61 +149,52 @@ jobs:
           coveralls
 
       # Final build stage. This is run in the same job with conditions
-      # to prevent us from having to reload the caching directory. We
-      # already built a huge chunk of the image before this point in
-      # the run, so it does not make sense to drop down to a completely
-      # fresh build environment in a new worker/runner.
+      # in order to use the local build cache generated by buildx while
+      # building the `venv` image in the lint/test phase.
 
       # Build the final production image and push it to GHCR, tagging it
       # both with the short commit SHA and 'latest'. This step should use
-      # the cache that was just generated when we built the test container.
+      # the local build cache of the current run.
       - name: Build final image
         if: env.production_build == 'true'
         uses: docker/build-push-action@v2
         with:
           context: .
-          file: ./docker/Dockerfile
+          file: ./Dockerfile
           push: true
           cache-from: |
-            type=local,src=/tmp/.buildx-cache
             ghcr.io/python-discord/snekbox-base:latest
             ghcr.io/python-discord/snekbox-venv:latest
             ghcr.io/python-discord/snekbox:latest
-          cache-to: type=local,dest=/tmp/.buildx-cache
+          cache-to: type=inline
           tags: |
             ghcr.io/python-discord/snekbox:latest
             ghcr.io/python-discord/snekbox:${{ steps.sha_tag.outputs.tag }}
 
-      # Push the base image to GHCR, *with* an inline cache manifest to
-      # ensure we can use this image as a cache source if our GitHub Actions
-      # "local" cache failed to be restored. GHCR does not support pushing a
-      # separate cache manifest, meaning we have to use an "inline" manifest.
+      # Push the base image to GHCR, with an inline cache manifest
       - name: Push base image
         if: env.production_build == 'true'
         uses: docker/build-push-action@v2
         with:
           context: .
-          file: ./docker/Dockerfile
+          file: ./Dockerfile
           target: base
           push: true
           cache-from: |
-            type=local,src=/tmp/.buildx-cache
             ghcr.io/python-discord/snekbox-base:latest
           cache-to: type=inline
           tags: ghcr.io/python-discord/snekbox-base:latest
 
-      # Push the venv image to GHCR *with* an inline cache manifest. See
-      # the comment attached to the previous step for more information.
+      # Push the venv image to GHCR, with an inline cache manifest
       - name: Push venv image
         if: env.production_build == 'true'
         uses: docker/build-push-action@v2
         with:
           context: .
-          file: ./docker/Dockerfile
+          file: ./Dockerfile
           target: venv
           push: true
           cache-from: |
-            type=local,src=/tmp/.buildx-cache
             ghcr.io/python-discord/snekbox-base:latest
             ghcr.io/python-discord/snekbox-venv:latest
           cache-to: type=inline
diff --git a/docker/Dockerfile b/Dockerfile
index ea05c5c..ed199a0 100644
--- a/docker/Dockerfile
+++ b/Dockerfile
@@ -59,5 +59,5 @@ FROM venv
 ENTRYPOINT ["gunicorn"]
 CMD ["-c", "config/gunicorn.conf.py", "snekbox.api.app"]
 
-COPY . /snekbox
+COPY docker /snekbox
 WORKDIR /snekbox
diff --git a/docker-compose.yml b/docker-compose.yml
index 066f38b..3062af3 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -10,4 +10,4 @@ services:
     ipc: none
     build:
       context: .
-      dockerfile: docker/Dockerfile
+      dockerfile: Dockerfile