From 725dda0df3c88215f52c5fc2756279846f6e3c80 Mon Sep 17 00:00:00 2001 From: Mohammad Faraz Date: Sun, 28 Aug 2022 23:01:26 -0400 Subject: [PATCH 1/6] Added scripts, dockerfile and tf code for ECS configuration --- Dockerfile.dev | 57 +++++++++++++++++++++++++++++++++++++++++++++ scripts/runner.sh | 15 ++++++++++++ tf-iac/main.tf | 44 ++++++++++++++++++++++++++++++++++ tf-iac/outputs.tf | 0 tf-iac/provider.tf | 13 +++++++++++ tf-iac/variables.tf | 7 ++++++ 6 files changed, 136 insertions(+) create mode 100644 Dockerfile.dev create mode 100644 scripts/runner.sh create mode 100644 tf-iac/main.tf create mode 100644 tf-iac/outputs.tf create mode 100644 tf-iac/provider.tf create mode 100644 tf-iac/variables.tf diff --git a/Dockerfile.dev b/Dockerfile.dev new file mode 100644 index 00000000..ccad7b3c --- /dev/null +++ b/Dockerfile.dev @@ -0,0 +1,57 @@ +FROM maven:3.6.3-jdk-11 AS build + +COPY src /home/app/src +COPY pom.xml /home/app +RUN mvn -f /home/app/pom.xml clean package -DskipTests + +FROM alpine:3.16.2 as pmeter-build +RUN apk add --update --no-cache git build-base python3 linux-headers python3-dev && \ + ln -sf python3 /usr/bin/python && python -m ensurepip \ + && pip3 install --upgrade pip setuptools \ + && rm -r /usr/lib/python*/ensurepip && \ + if [ ! -e /usr/bin/pip ]; then ln -s pip3 /usr/bin/pip ; fi && \ + rm -r /root/.cache + +RUN git clone https://github.com/didclab/pmeter.git && cd pmeter && \ + pip install --user . + + +ARG ALPINE_VERSION=3.16 + +FROM python:3.10.5-alpine${ALPINE_VERSION} as aws-build + +# Latest version +ARG AWS_CLI_VERSION=2.7.27 +RUN apk add --no-cache git unzip groff build-base libffi-dev cmake +RUN git clone --single-branch --depth 1 -b ${AWS_CLI_VERSION} https://github.com/aws/aws-cli.git + +WORKDIR aws-cli +RUN sed -i'' 's/PyInstaller.*/PyInstaller==5.2/g' requirements-build.txt +RUN python -m venv venv +RUN . venv/bin/activate +RUN scripts/installers/make-exe +RUN unzip -q dist/awscli-exe.zip +RUN aws/install --bin-dir /aws-cli-bin +RUN /aws-cli-bin/aws --version + +RUN rm -rf /usr/local/aws-cli/v2/current/dist/aws_completer /usr/local/aws-cli/v2/current/dist/awscli/data/ac.index /usr/local/aws-cli/v2/current/dist/awscli/examples +RUN find /usr/local/aws-cli/v2/current/dist/awscli/botocore/data -name examples-1.json -delete + + +# Final Image +FROM alpine:3.16.2 +RUN apk add --update --no-cache python3 && ln -sf python3 /usr/bin/python && \ + apk add --no-cache openjdk11 --repository=https://dl-cdn.alpinelinux.org/alpine/latest-stable/community && \ + apk add --no-cache aws-cli + +COPY --from=build /home/app/target/ods-transfer-service-0.0.1-SNAPSHOT.jar /usr/local/lib/ods-transfer-service-0.0.1-SNAPSHOT.jar + +COPY --from=pmeter-build /root/.local /root/.local +RUN export PATH=/root/.local/bin:$PATH && \ + mkdir -p /app/scripts /app/config /app/certs +COPY --from=aws-build /usr/local/aws-cli/ /usr/local/aws-cli/ +COPY --from=aws-build /aws-cli-bin/ /usr/local/bin/ +ADD scripts/runner.sh /app/scripts/runner.sh +RUN chmod u+x /app/scripts/runner.sh +EXPOSE 8083 +ENTRYPOINT ["/bin/sh","-c","/app/scripts/runner.sh"] \ No newline at end of file diff --git a/scripts/runner.sh b/scripts/runner.sh new file mode 100644 index 00000000..7bd9de07 --- /dev/null +++ b/scripts/runner.sh @@ -0,0 +1,15 @@ +#! /bin/sh + +# Requires some aws stuff +export AWS_REGION=us-east-2 +aws s3 cp s3:// /app/config/ +aws s3 cp s3:// /app/certs/ --recursive +chmod 400 /app/certs/* + + +## Source boot.sh from mounted directory + +source /app/config/boot.sh + +# Run transfer-service +java -jar /usr/local/lib/ods-transfer-service-0.0.1-SNAPSHOT.jar \ No newline at end of file diff --git a/tf-iac/main.tf b/tf-iac/main.tf new file mode 100644 index 00000000..78e0850e --- /dev/null +++ b/tf-iac/main.tf @@ -0,0 +1,44 @@ +# Log group for ecs cluster for monitoring +resource "aws_cloudwatch_log_group" "ods_cluster" { + name = "ods_cluster" +} + +# Launch template to use to create instance and add to ODS ASG +resource "aws_launch_template" "ods_lt" { + name_prefix = "ods" + image_id = var.imageID + instance_type = "t2.medium" +} +# ASG to use with ECS capacity providers +resource "aws_autoscaling_group" "ods_ecs_asg" { + availability_zones = ["us-east-2a","us-east-2b","us-east-2c"] + desired_capacity = 1 + max_size = 10 + min_size = 1 + launch_template { + id = aws_launch_template.ods_lt.id + version = "$Latest" + } + lifecycle { + ignore_changes = [ + desired_capacity + ] + } +} +# TODO: capacity providers, task definitions, services + +resource "aws_ecs_cluster" "ods" { + name = "ods_services" + setting { + name = "containerInsights" + value = "Enabled" + } + configuration { + execute_command_configuration { + logging = "DEFAULT" + log_configuration { + cloud_watch_log_group_name = aws_cloudwatch_log_group.ods_cluster.name + } + } + } +} \ No newline at end of file diff --git a/tf-iac/outputs.tf b/tf-iac/outputs.tf new file mode 100644 index 00000000..e69de29b diff --git a/tf-iac/provider.tf b/tf-iac/provider.tf new file mode 100644 index 00000000..9fd6d25a --- /dev/null +++ b/tf-iac/provider.tf @@ -0,0 +1,13 @@ +terraform { + required_version = "~>1.2.0" + required_providers { + aws = { + source = "hashicorp/aws" + version = "4.28.0" + } + } +} + +provider "aws" { + region = var.region +} \ No newline at end of file diff --git a/tf-iac/variables.tf b/tf-iac/variables.tf new file mode 100644 index 00000000..de011cc0 --- /dev/null +++ b/tf-iac/variables.tf @@ -0,0 +1,7 @@ +variable "region" { + description = "Region to deploy resources in" + default = "us-east-2" +} +variable "image_id" { + description = "Image ID to use with launch template for ASG" +} \ No newline at end of file From 5d7bda0a9ca90f03e83197eba2775f7063c8404e Mon Sep 17 00:00:00 2001 From: Mohammad Faraz Date: Sun, 28 Aug 2022 23:01:26 -0400 Subject: [PATCH 2/6] Added scripts, dockerfile and tf code for ECS configuration --- Dockerfile.dev | 57 +++++++++++++++++++++++++++++++++++++++++++++ scripts/runner.sh | 15 ++++++++++++ tf-iac/main.tf | 44 ++++++++++++++++++++++++++++++++++ tf-iac/outputs.tf | 0 tf-iac/provider.tf | 13 +++++++++++ tf-iac/variables.tf | 7 ++++++ 6 files changed, 136 insertions(+) create mode 100644 Dockerfile.dev create mode 100644 scripts/runner.sh create mode 100644 tf-iac/main.tf create mode 100644 tf-iac/outputs.tf create mode 100644 tf-iac/provider.tf create mode 100644 tf-iac/variables.tf diff --git a/Dockerfile.dev b/Dockerfile.dev new file mode 100644 index 00000000..ccad7b3c --- /dev/null +++ b/Dockerfile.dev @@ -0,0 +1,57 @@ +FROM maven:3.6.3-jdk-11 AS build + +COPY src /home/app/src +COPY pom.xml /home/app +RUN mvn -f /home/app/pom.xml clean package -DskipTests + +FROM alpine:3.16.2 as pmeter-build +RUN apk add --update --no-cache git build-base python3 linux-headers python3-dev && \ + ln -sf python3 /usr/bin/python && python -m ensurepip \ + && pip3 install --upgrade pip setuptools \ + && rm -r /usr/lib/python*/ensurepip && \ + if [ ! -e /usr/bin/pip ]; then ln -s pip3 /usr/bin/pip ; fi && \ + rm -r /root/.cache + +RUN git clone https://github.com/didclab/pmeter.git && cd pmeter && \ + pip install --user . + + +ARG ALPINE_VERSION=3.16 + +FROM python:3.10.5-alpine${ALPINE_VERSION} as aws-build + +# Latest version +ARG AWS_CLI_VERSION=2.7.27 +RUN apk add --no-cache git unzip groff build-base libffi-dev cmake +RUN git clone --single-branch --depth 1 -b ${AWS_CLI_VERSION} https://github.com/aws/aws-cli.git + +WORKDIR aws-cli +RUN sed -i'' 's/PyInstaller.*/PyInstaller==5.2/g' requirements-build.txt +RUN python -m venv venv +RUN . venv/bin/activate +RUN scripts/installers/make-exe +RUN unzip -q dist/awscli-exe.zip +RUN aws/install --bin-dir /aws-cli-bin +RUN /aws-cli-bin/aws --version + +RUN rm -rf /usr/local/aws-cli/v2/current/dist/aws_completer /usr/local/aws-cli/v2/current/dist/awscli/data/ac.index /usr/local/aws-cli/v2/current/dist/awscli/examples +RUN find /usr/local/aws-cli/v2/current/dist/awscli/botocore/data -name examples-1.json -delete + + +# Final Image +FROM alpine:3.16.2 +RUN apk add --update --no-cache python3 && ln -sf python3 /usr/bin/python && \ + apk add --no-cache openjdk11 --repository=https://dl-cdn.alpinelinux.org/alpine/latest-stable/community && \ + apk add --no-cache aws-cli + +COPY --from=build /home/app/target/ods-transfer-service-0.0.1-SNAPSHOT.jar /usr/local/lib/ods-transfer-service-0.0.1-SNAPSHOT.jar + +COPY --from=pmeter-build /root/.local /root/.local +RUN export PATH=/root/.local/bin:$PATH && \ + mkdir -p /app/scripts /app/config /app/certs +COPY --from=aws-build /usr/local/aws-cli/ /usr/local/aws-cli/ +COPY --from=aws-build /aws-cli-bin/ /usr/local/bin/ +ADD scripts/runner.sh /app/scripts/runner.sh +RUN chmod u+x /app/scripts/runner.sh +EXPOSE 8083 +ENTRYPOINT ["/bin/sh","-c","/app/scripts/runner.sh"] \ No newline at end of file diff --git a/scripts/runner.sh b/scripts/runner.sh new file mode 100644 index 00000000..7bd9de07 --- /dev/null +++ b/scripts/runner.sh @@ -0,0 +1,15 @@ +#! /bin/sh + +# Requires some aws stuff +export AWS_REGION=us-east-2 +aws s3 cp s3:// /app/config/ +aws s3 cp s3:// /app/certs/ --recursive +chmod 400 /app/certs/* + + +## Source boot.sh from mounted directory + +source /app/config/boot.sh + +# Run transfer-service +java -jar /usr/local/lib/ods-transfer-service-0.0.1-SNAPSHOT.jar \ No newline at end of file diff --git a/tf-iac/main.tf b/tf-iac/main.tf new file mode 100644 index 00000000..78e0850e --- /dev/null +++ b/tf-iac/main.tf @@ -0,0 +1,44 @@ +# Log group for ecs cluster for monitoring +resource "aws_cloudwatch_log_group" "ods_cluster" { + name = "ods_cluster" +} + +# Launch template to use to create instance and add to ODS ASG +resource "aws_launch_template" "ods_lt" { + name_prefix = "ods" + image_id = var.imageID + instance_type = "t2.medium" +} +# ASG to use with ECS capacity providers +resource "aws_autoscaling_group" "ods_ecs_asg" { + availability_zones = ["us-east-2a","us-east-2b","us-east-2c"] + desired_capacity = 1 + max_size = 10 + min_size = 1 + launch_template { + id = aws_launch_template.ods_lt.id + version = "$Latest" + } + lifecycle { + ignore_changes = [ + desired_capacity + ] + } +} +# TODO: capacity providers, task definitions, services + +resource "aws_ecs_cluster" "ods" { + name = "ods_services" + setting { + name = "containerInsights" + value = "Enabled" + } + configuration { + execute_command_configuration { + logging = "DEFAULT" + log_configuration { + cloud_watch_log_group_name = aws_cloudwatch_log_group.ods_cluster.name + } + } + } +} \ No newline at end of file diff --git a/tf-iac/outputs.tf b/tf-iac/outputs.tf new file mode 100644 index 00000000..e69de29b diff --git a/tf-iac/provider.tf b/tf-iac/provider.tf new file mode 100644 index 00000000..9fd6d25a --- /dev/null +++ b/tf-iac/provider.tf @@ -0,0 +1,13 @@ +terraform { + required_version = "~>1.2.0" + required_providers { + aws = { + source = "hashicorp/aws" + version = "4.28.0" + } + } +} + +provider "aws" { + region = var.region +} \ No newline at end of file diff --git a/tf-iac/variables.tf b/tf-iac/variables.tf new file mode 100644 index 00000000..de011cc0 --- /dev/null +++ b/tf-iac/variables.tf @@ -0,0 +1,7 @@ +variable "region" { + description = "Region to deploy resources in" + default = "us-east-2" +} +variable "image_id" { + description = "Image ID to use with launch template for ASG" +} \ No newline at end of file From e1a6678008340a83e530b79c3836db9c4363c8f9 Mon Sep 17 00:00:00 2001 From: Mohammad Faraz Date: Thu, 6 Oct 2022 20:26:46 -0400 Subject: [PATCH 3/6] Pulled from master and updated docker file to run on ECS --- .gitignore | 3 ++ Dockerfile.dev | 22 ++++++------ scripts/runner.sh | 11 +++--- src/main/resources/application.properties | 2 +- tf-iac/main.tf | 44 ----------------------- tf-iac/outputs.tf | 0 tf-iac/provider.tf | 13 ------- tf-iac/variables.tf | 7 ---- 8 files changed, 20 insertions(+), 82 deletions(-) delete mode 100644 tf-iac/main.tf delete mode 100644 tf-iac/outputs.tf delete mode 100644 tf-iac/provider.tf delete mode 100644 tf-iac/variables.tf diff --git a/.gitignore b/.gitignore index 5d46b37d..d750f250 100644 --- a/.gitignore +++ b/.gitignore @@ -102,3 +102,6 @@ output.log boot.sh certs/ + +.terraform* +terraform* \ No newline at end of file diff --git a/Dockerfile.dev b/Dockerfile.dev index ccad7b3c..c66a1ad6 100644 --- a/Dockerfile.dev +++ b/Dockerfile.dev @@ -7,14 +7,12 @@ RUN mvn -f /home/app/pom.xml clean package -DskipTests FROM alpine:3.16.2 as pmeter-build RUN apk add --update --no-cache git build-base python3 linux-headers python3-dev && \ ln -sf python3 /usr/bin/python && python -m ensurepip \ - && pip3 install --upgrade pip setuptools \ + && pip3 install --upgrade pip setuptools wheel \ && rm -r /usr/lib/python*/ensurepip && \ if [ ! -e /usr/bin/pip ]; then ln -s pip3 /usr/bin/pip ; fi && \ rm -r /root/.cache -RUN git clone https://github.com/didclab/pmeter.git && cd pmeter && \ - pip install --user . - +RUN cd $HOME && pip install pmeter_ods --user ARG ALPINE_VERSION=3.16 @@ -41,17 +39,17 @@ RUN find /usr/local/aws-cli/v2/current/dist/awscli/botocore/data -name examples- # Final Image FROM alpine:3.16.2 RUN apk add --update --no-cache python3 && ln -sf python3 /usr/bin/python && \ - apk add --no-cache openjdk11 --repository=https://dl-cdn.alpinelinux.org/alpine/latest-stable/community && \ - apk add --no-cache aws-cli + apk add --no-cache openjdk11 --repository=https://dl-cdn.alpinelinux.org/alpine/latest-stable/community COPY --from=build /home/app/target/ods-transfer-service-0.0.1-SNAPSHOT.jar /usr/local/lib/ods-transfer-service-0.0.1-SNAPSHOT.jar - -COPY --from=pmeter-build /root/.local /root/.local -RUN export PATH=/root/.local/bin:$PATH && \ - mkdir -p /app/scripts /app/config /app/certs +RUN adduser ods -D -s /bin/sh +COPY --from=pmeter-build --chown=ods:ods /root/.local /home/ods/.local +RUN mkdir -p /app/scripts /app/config /app/certs COPY --from=aws-build /usr/local/aws-cli/ /usr/local/aws-cli/ COPY --from=aws-build /aws-cli-bin/ /usr/local/bin/ ADD scripts/runner.sh /app/scripts/runner.sh -RUN chmod u+x /app/scripts/runner.sh -EXPOSE 8083 +RUN chown -R ods:ods /app && chmod u+x /app/scripts/runner.sh +USER ods +ENV PATH "/home/ods/.local/bin:${PATH}" +EXPOSE 8092 ENTRYPOINT ["/bin/sh","-c","/app/scripts/runner.sh"] \ No newline at end of file diff --git a/scripts/runner.sh b/scripts/runner.sh index 7bd9de07..600854cc 100644 --- a/scripts/runner.sh +++ b/scripts/runner.sh @@ -2,13 +2,14 @@ # Requires some aws stuff export AWS_REGION=us-east-2 -aws s3 cp s3:// /app/config/ -aws s3 cp s3:// /app/certs/ --recursive -chmod 400 /app/certs/* - +aws s3 cp s3:///config/boot.sh /app/config/ +aws s3 cp s3:///certs /app/certs/ --recursive +chmod 600 /app/certs/* +chmod u+x /app/config/boot.sh +ls -alR /app ## Source boot.sh from mounted directory - +sed -i "s//t3_ec2_medium/g" /app/config/boot.sh source /app/config/boot.sh # Run transfer-service diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 43dc461f..3aa812d8 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -5,7 +5,7 @@ server.port=8092 server.tomcat.threads.max=1 #Eureka config -eureka.client.enabled=true +eureka.client.enabled=${EUREKA_ENABLE:false} eureka.client.serviceUrl.defaultZone=http://${EUREKA_USER:admin}:${EUREKA_PASS:admin}@${EUREKA_URI:localhost:8090}/eureka eureka.client.healthcheck.enabled=true eureka.client.registry-fetch-interval-seconds=5 diff --git a/tf-iac/main.tf b/tf-iac/main.tf deleted file mode 100644 index 78e0850e..00000000 --- a/tf-iac/main.tf +++ /dev/null @@ -1,44 +0,0 @@ -# Log group for ecs cluster for monitoring -resource "aws_cloudwatch_log_group" "ods_cluster" { - name = "ods_cluster" -} - -# Launch template to use to create instance and add to ODS ASG -resource "aws_launch_template" "ods_lt" { - name_prefix = "ods" - image_id = var.imageID - instance_type = "t2.medium" -} -# ASG to use with ECS capacity providers -resource "aws_autoscaling_group" "ods_ecs_asg" { - availability_zones = ["us-east-2a","us-east-2b","us-east-2c"] - desired_capacity = 1 - max_size = 10 - min_size = 1 - launch_template { - id = aws_launch_template.ods_lt.id - version = "$Latest" - } - lifecycle { - ignore_changes = [ - desired_capacity - ] - } -} -# TODO: capacity providers, task definitions, services - -resource "aws_ecs_cluster" "ods" { - name = "ods_services" - setting { - name = "containerInsights" - value = "Enabled" - } - configuration { - execute_command_configuration { - logging = "DEFAULT" - log_configuration { - cloud_watch_log_group_name = aws_cloudwatch_log_group.ods_cluster.name - } - } - } -} \ No newline at end of file diff --git a/tf-iac/outputs.tf b/tf-iac/outputs.tf deleted file mode 100644 index e69de29b..00000000 diff --git a/tf-iac/provider.tf b/tf-iac/provider.tf deleted file mode 100644 index 9fd6d25a..00000000 --- a/tf-iac/provider.tf +++ /dev/null @@ -1,13 +0,0 @@ -terraform { - required_version = "~>1.2.0" - required_providers { - aws = { - source = "hashicorp/aws" - version = "4.28.0" - } - } -} - -provider "aws" { - region = var.region -} \ No newline at end of file diff --git a/tf-iac/variables.tf b/tf-iac/variables.tf deleted file mode 100644 index de011cc0..00000000 --- a/tf-iac/variables.tf +++ /dev/null @@ -1,7 +0,0 @@ -variable "region" { - description = "Region to deploy resources in" - default = "us-east-2" -} -variable "image_id" { - description = "Image ID to use with launch template for ASG" -} \ No newline at end of file From 46ae9264e963c23547364ae9f69ede2326cb6eab Mon Sep 17 00:00:00 2001 From: Mohammad Faraz Date: Thu, 6 Oct 2022 20:30:37 -0400 Subject: [PATCH 4/6] resolved merge-conflict --- tf-iac/main.tf | 44 -------------------------------------------- tf-iac/outputs.tf | 0 tf-iac/provider.tf | 13 ------------- tf-iac/variables.tf | 7 ------- 4 files changed, 64 deletions(-) delete mode 100644 tf-iac/main.tf delete mode 100644 tf-iac/outputs.tf delete mode 100644 tf-iac/provider.tf delete mode 100644 tf-iac/variables.tf diff --git a/tf-iac/main.tf b/tf-iac/main.tf deleted file mode 100644 index 78e0850e..00000000 --- a/tf-iac/main.tf +++ /dev/null @@ -1,44 +0,0 @@ -# Log group for ecs cluster for monitoring -resource "aws_cloudwatch_log_group" "ods_cluster" { - name = "ods_cluster" -} - -# Launch template to use to create instance and add to ODS ASG -resource "aws_launch_template" "ods_lt" { - name_prefix = "ods" - image_id = var.imageID - instance_type = "t2.medium" -} -# ASG to use with ECS capacity providers -resource "aws_autoscaling_group" "ods_ecs_asg" { - availability_zones = ["us-east-2a","us-east-2b","us-east-2c"] - desired_capacity = 1 - max_size = 10 - min_size = 1 - launch_template { - id = aws_launch_template.ods_lt.id - version = "$Latest" - } - lifecycle { - ignore_changes = [ - desired_capacity - ] - } -} -# TODO: capacity providers, task definitions, services - -resource "aws_ecs_cluster" "ods" { - name = "ods_services" - setting { - name = "containerInsights" - value = "Enabled" - } - configuration { - execute_command_configuration { - logging = "DEFAULT" - log_configuration { - cloud_watch_log_group_name = aws_cloudwatch_log_group.ods_cluster.name - } - } - } -} \ No newline at end of file diff --git a/tf-iac/outputs.tf b/tf-iac/outputs.tf deleted file mode 100644 index e69de29b..00000000 diff --git a/tf-iac/provider.tf b/tf-iac/provider.tf deleted file mode 100644 index 9fd6d25a..00000000 --- a/tf-iac/provider.tf +++ /dev/null @@ -1,13 +0,0 @@ -terraform { - required_version = "~>1.2.0" - required_providers { - aws = { - source = "hashicorp/aws" - version = "4.28.0" - } - } -} - -provider "aws" { - region = var.region -} \ No newline at end of file diff --git a/tf-iac/variables.tf b/tf-iac/variables.tf deleted file mode 100644 index de011cc0..00000000 --- a/tf-iac/variables.tf +++ /dev/null @@ -1,7 +0,0 @@ -variable "region" { - description = "Region to deploy resources in" - default = "us-east-2" -} -variable "image_id" { - description = "Image ID to use with launch template for ASG" -} \ No newline at end of file From e5765dfa0f4ebe6fa0afeb52cbeff1f53dce7606 Mon Sep 17 00:00:00 2001 From: Mohammad Faraz Date: Tue, 18 Oct 2022 15:43:07 -0400 Subject: [PATCH 5/6] Added github actions to push to ECR --- .github/workflows/push-docker.yaml | 51 ++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 .github/workflows/push-docker.yaml diff --git a/.github/workflows/push-docker.yaml b/.github/workflows/push-docker.yaml new file mode 100644 index 00000000..307d5831 --- /dev/null +++ b/.github/workflows/push-docker.yaml @@ -0,0 +1,51 @@ +name: Push to ECR +on: + push: + branches: + - "release/**" +jobs: + push_ecr: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + + - name: Build Image + env: + AWS_ID: ${{ secrets.CI_AWS_ACCOUNT_ID }} + run: | + set +x + docker build -t ${AWSID}.dkr.ecr.us-east-2.amazonaws.com/ods_transfer_service:1.0.0 + set -x + + - name: Setup AWS Access + env: + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET }} + AWS_REGION: us-east-2 + AWS_ID: ${{ secrets.CI_AWS_ACCOUNT_ID }} + run: | + pip3 install aws-sts-tool + set +x + aws_sts_tool ${AWS_ID} ${GITHUB_JOB}_${GITHUB_RUN_ID} ods_ci_ecr_push shell + set -x + + - name: Login to ECR and push + env: + AWS_ID: ${{ secrets.CI_AWS_ACCOUNT_ID }} + run: | + set +x + source credentials.sh + + aws ecr get-login-password --region us-east-2 | docker login --username AWS --password-stdin ${AWS_ID}.dkr.ecr.us-east-2.amazonaws.com + + + docker push ${AWS_ID}.dkr.ecr.us-east-2.amazonaws.com/ods_transfer_service:1.0.0 + + set -x + + - name: Clean up + if: success() || failure() + run: | + rm credentials.sh + \ No newline at end of file From dbb351b1401a64e446b0673027239b762e3f26a1 Mon Sep 17 00:00:00 2001 From: Mohammad Faraz Date: Wed, 19 Oct 2022 15:19:43 -0400 Subject: [PATCH 6/6] Updating values at runtime --- .github/workflows/push-docker.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/push-docker.yaml b/.github/workflows/push-docker.yaml index 307d5831..950a4125 100644 --- a/.github/workflows/push-docker.yaml +++ b/.github/workflows/push-docker.yaml @@ -13,8 +13,11 @@ jobs: - name: Build Image env: AWS_ID: ${{ secrets.CI_AWS_ACCOUNT_ID }} + CERT_PATH: ${{ secrets.CERTPATH }} run: | set +x + sed -i "" "s||${CERT_PATH}|g" scripts/runner.sh + sed -i "" "s||${CERT_PATH}|g" scripts/runner.sh docker build -t ${AWSID}.dkr.ecr.us-east-2.amazonaws.com/ods_transfer_service:1.0.0 set -x