From da579c5b17fa6ceeb8681486389abf5256eb57db Mon Sep 17 00:00:00 2001 From: Ash Date: Sat, 9 Mar 2024 21:44:24 +0000 Subject: [PATCH] chore: add base Dockerfile. update infra workflow (#3) --- .github/workflows/ci.yml | 16 +++++++----- .github/workflows/infrastructure.yml | 32 +++++++++++++++++++++++ infrastructure/package.json | 4 +-- infrastructure/src/images/Dockerfile.base | 5 ++++ 4 files changed, 48 insertions(+), 9 deletions(-) create mode 100644 infrastructure/src/images/Dockerfile.base diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 22211d8..74c7af3 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -77,10 +77,12 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - trigger-deploy: - if: github.ref == 'refs/heads/main' - runs-on: ubuntu-latest - needs: [audit, lint, test, build, sonarcloud] - steps: - - uses: actions/checkout@v4 - - run: gh workflow run deploy.yml -f environment=dev + # trigger-deploy: + # if: github.ref == 'refs/heads/main' + # runs-on: ubuntu-latest + # needs: [audit, lint, test, build, sonarcloud] + # steps: + # - uses: actions/checkout@v4 + # - run: gh workflow run deploy.yml -f environment=dev + # env: + # GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/infrastructure.yml b/.github/workflows/infrastructure.yml index 692d0a3..e309f6f 100644 --- a/.github/workflows/infrastructure.yml +++ b/.github/workflows/infrastructure.yml @@ -3,6 +3,7 @@ name: infrastructure env: NODE_VERSION: 20 OIDC_ROLE_ARN: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/saas-github-oidc-provider-role + # ECR_URI: ${{ secrets.AWS_ACCOUNT_ID }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com permissions: id-token: write @@ -31,6 +32,13 @@ jobs: - name: Install run: npm ci + - uses: dorny/paths-filter@v2.2.1 + id: filter + with: + filters: | + images: + - '**/*/Dockerfile.base' + - name: Build working-directory: ./infrastructure run: | @@ -43,6 +51,30 @@ jobs: role-session-name: gh-infrastructure-deploy-session role-to-assume: ${{ env.OIDC_ROLE_ARN }} aws-region: ${{ secrets.AWS_REGION }} + + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v2 + + - name: Deploy base image + if: ${{ steps.filter.outputs.images == 'true' }} + working-directory: ./infrastructure + run: | + # aws --version + # aws ecr get-login-password --region ${{ secrets.AWS_REGION }} | docker login --username AWS --password-stdin ${{ env.ECR_URI }} + # aws ecr describe-repositories --repository-names base || aws ecr create-repository --repository-name base + + # REPOSITORY_URI=${{ env.ECR_URI }}/base + + # docker build -t $REPOSITORY_URI:latest -f ./images/Dockerfile.base . + # docker tag base:latest $REPOSITORY_URI:latest + # docker push $REPOSITORY_URI:latest + + docker build -t $REGISTRY/$REPOSITORY:latest -f ./images/Dockerfile.base . + docker push $REGISTRY/$REPOSITORY:latest + env: + REGISTRY: ${{ steps.login-ecr.outputs.registry }} + REPOSITORY: base - name: Synth working-directory: ./infrastructure diff --git a/infrastructure/package.json b/infrastructure/package.json index fa3f466..e4a40e5 100644 --- a/infrastructure/package.json +++ b/infrastructure/package.json @@ -1,6 +1,6 @@ { "name": "infrastructure", - "version": "0.1.0", + "version": "0.0.1", "bin": { "infrastructure": "bin/infrastructure.js" }, @@ -16,4 +16,4 @@ "constructs": "^10.0.0", "source-map-support": "^0.5.21" } -} \ No newline at end of file +} diff --git a/infrastructure/src/images/Dockerfile.base b/infrastructure/src/images/Dockerfile.base new file mode 100644 index 0000000..12e7f20 --- /dev/null +++ b/infrastructure/src/images/Dockerfile.base @@ -0,0 +1,5 @@ +FROM node:20-alpine3.19 AS setup +RUN apk add --no-cache python3 make g++ +RUN apk add --no-cache jq +RUN apk add --no-cache git +RUN apk add --no-cache aws-cli