chore: add base Dockerfile. update infra workflow (#3)

ashleyjtaylor · Mar 9, 2024 · da579c5 · da579c5
1 parent 7b45e11
commit da579c5
Show file tree

Hide file tree

Showing 4 changed files with 48 additions and 9 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -77,10 +77,12 @@ jobs:
         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
 
-  trigger-deploy:
-    if: github.ref == 'refs/heads/main'
-    runs-on: ubuntu-latest
-    needs: [audit, lint, test, build, sonarcloud]
-    steps:
-      - uses: actions/checkout@v4
-      - run: gh workflow run deploy.yml -f environment=dev
+  # trigger-deploy:
+  #   if: github.ref == 'refs/heads/main'
+  #   runs-on: ubuntu-latest
+  #   needs: [audit, lint, test, build, sonarcloud]
+  #   steps:
+  #     - uses: actions/checkout@v4
+  #     - run: gh workflow run deploy.yml -f environment=dev
+  #       env:
+  #         GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/infrastructure.yml b/.github/workflows/infrastructure.yml
@@ -3,6 +3,7 @@ name: infrastructure
 env:
   NODE_VERSION: 20
   OIDC_ROLE_ARN: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/saas-github-oidc-provider-role
+  # ECR_URI: ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com
 
 permissions:
   id-token: write
@@ -31,6 +32,13 @@ jobs:
       - name: Install
         run: npm ci
 
+      - uses: dorny/[email protected]
+        id: filter
+        with:
+          filters: |
+            images:
+              - '**/*/Dockerfile.base'
+
       - name: Build
         working-directory: ./infrastructure
         run: |
@@ -43,6 +51,30 @@ jobs:
           role-session-name: gh-infrastructure-deploy-session
           role-to-assume: ${{ env.OIDC_ROLE_ARN }}
           aws-region: ${{ secrets.AWS_REGION }}
+
+      - name: Login to Amazon ECR
+        id: login-ecr
+        uses: aws-actions/amazon-ecr-login@v2
+
+      - name: Deploy base image
+        if: ${{ steps.filter.outputs.images == 'true' }}
+        working-directory: ./infrastructure
+        run: |
+          # aws --version
+          # aws ecr get-login-password --region ${{ secrets.AWS_REGION }} | docker login --username AWS --password-stdin ${{ env.ECR_URI }}
+          # aws ecr describe-repositories --repository-names base || aws ecr create-repository --repository-name base
+
+          # REPOSITORY_URI=${{ env.ECR_URI }}/base
+
+          # docker build -t $REPOSITORY_URI:latest -f ./images/Dockerfile.base .
+          # docker tag base:latest $REPOSITORY_URI:latest
+          # docker push $REPOSITORY_URI:latest
+
+          docker build -t $REGISTRY/$REPOSITORY:latest -f ./images/Dockerfile.base .
+          docker push $REGISTRY/$REPOSITORY:latest
+        env:
+          REGISTRY: ${{ steps.login-ecr.outputs.registry }}
+          REPOSITORY: base  
 
       - name: Synth
         working-directory: ./infrastructure

diff --git a/infrastructure/package.json b/infrastructure/package.json
@@ -1,6 +1,6 @@
 {
   "name": "infrastructure",
-  "version": "0.1.0",
+  "version": "0.0.1",
   "bin": {
     "infrastructure": "bin/infrastructure.js"
   },
@@ -16,4 +16,4 @@
     "constructs": "^10.0.0",
     "source-map-support": "^0.5.21"
   }
-}
+}
diff --git a/infrastructure/src/images/Dockerfile.base b/infrastructure/src/images/Dockerfile.base
@@ -0,0 +1,5 @@
+FROM node:20-alpine3.19 AS setup
+RUN apk add --no-cache python3 make g++
+RUN apk add --no-cache jq
+RUN apk add --no-cache git
+RUN apk add --no-cache aws-cli