diff --git a/.github/workflows/push-docker.yaml b/.github/workflows/push-docker.yaml new file mode 100644 index 00000000..950a4125 --- /dev/null +++ b/.github/workflows/push-docker.yaml @@ -0,0 +1,54 @@ +name: Push to ECR +on: + push: + branches: + - "release/**" +jobs: + push_ecr: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + + - name: Build Image + env: + AWS_ID: ${{ secrets.CI_AWS_ACCOUNT_ID }} + CERT_PATH: ${{ secrets.CERTPATH }} + run: | + set +x + sed -i "" "s||${CERT_PATH}|g" scripts/runner.sh + sed -i "" "s||${CERT_PATH}|g" scripts/runner.sh + docker build -t ${AWSID}.dkr.ecr.us-east-2.amazonaws.com/ods_transfer_service:1.0.0 + set -x + + - name: Setup AWS Access + env: + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET }} + AWS_REGION: us-east-2 + AWS_ID: ${{ secrets.CI_AWS_ACCOUNT_ID }} + run: | + pip3 install aws-sts-tool + set +x + aws_sts_tool ${AWS_ID} ${GITHUB_JOB}_${GITHUB_RUN_ID} ods_ci_ecr_push shell + set -x + + - name: Login to ECR and push + env: + AWS_ID: ${{ secrets.CI_AWS_ACCOUNT_ID }} + run: | + set +x + source credentials.sh + + aws ecr get-login-password --region us-east-2 | docker login --username AWS --password-stdin ${AWS_ID}.dkr.ecr.us-east-2.amazonaws.com + + + docker push ${AWS_ID}.dkr.ecr.us-east-2.amazonaws.com/ods_transfer_service:1.0.0 + + set -x + + - name: Clean up + if: success() || failure() + run: | + rm credentials.sh + \ No newline at end of file diff --git a/.gitignore b/.gitignore index 5d46b37d..d750f250 100644 --- a/.gitignore +++ b/.gitignore @@ -102,3 +102,6 @@ output.log boot.sh certs/ + +.terraform* +terraform* \ No newline at end of file diff --git a/Dockerfile.dev b/Dockerfile.dev new file mode 100644 index 00000000..c66a1ad6 --- /dev/null +++ b/Dockerfile.dev @@ -0,0 +1,55 @@ +FROM maven:3.6.3-jdk-11 AS build + +COPY src /home/app/src +COPY pom.xml /home/app +RUN mvn -f /home/app/pom.xml clean package -DskipTests + +FROM alpine:3.16.2 as pmeter-build +RUN apk add --update --no-cache git build-base python3 linux-headers python3-dev && \ + ln -sf python3 /usr/bin/python && python -m ensurepip \ + && pip3 install --upgrade pip setuptools wheel \ + && rm -r /usr/lib/python*/ensurepip && \ + if [ ! -e /usr/bin/pip ]; then ln -s pip3 /usr/bin/pip ; fi && \ + rm -r /root/.cache + +RUN cd $HOME && pip install pmeter_ods --user + +ARG ALPINE_VERSION=3.16 + +FROM python:3.10.5-alpine${ALPINE_VERSION} as aws-build + +# Latest version +ARG AWS_CLI_VERSION=2.7.27 +RUN apk add --no-cache git unzip groff build-base libffi-dev cmake +RUN git clone --single-branch --depth 1 -b ${AWS_CLI_VERSION} https://github.com/aws/aws-cli.git + +WORKDIR aws-cli +RUN sed -i'' 's/PyInstaller.*/PyInstaller==5.2/g' requirements-build.txt +RUN python -m venv venv +RUN . venv/bin/activate +RUN scripts/installers/make-exe +RUN unzip -q dist/awscli-exe.zip +RUN aws/install --bin-dir /aws-cli-bin +RUN /aws-cli-bin/aws --version + +RUN rm -rf /usr/local/aws-cli/v2/current/dist/aws_completer /usr/local/aws-cli/v2/current/dist/awscli/data/ac.index /usr/local/aws-cli/v2/current/dist/awscli/examples +RUN find /usr/local/aws-cli/v2/current/dist/awscli/botocore/data -name examples-1.json -delete + + +# Final Image +FROM alpine:3.16.2 +RUN apk add --update --no-cache python3 && ln -sf python3 /usr/bin/python && \ + apk add --no-cache openjdk11 --repository=https://dl-cdn.alpinelinux.org/alpine/latest-stable/community + +COPY --from=build /home/app/target/ods-transfer-service-0.0.1-SNAPSHOT.jar /usr/local/lib/ods-transfer-service-0.0.1-SNAPSHOT.jar +RUN adduser ods -D -s /bin/sh +COPY --from=pmeter-build --chown=ods:ods /root/.local /home/ods/.local +RUN mkdir -p /app/scripts /app/config /app/certs +COPY --from=aws-build /usr/local/aws-cli/ /usr/local/aws-cli/ +COPY --from=aws-build /aws-cli-bin/ /usr/local/bin/ +ADD scripts/runner.sh /app/scripts/runner.sh +RUN chown -R ods:ods /app && chmod u+x /app/scripts/runner.sh +USER ods +ENV PATH "/home/ods/.local/bin:${PATH}" +EXPOSE 8092 +ENTRYPOINT ["/bin/sh","-c","/app/scripts/runner.sh"] \ No newline at end of file diff --git a/scripts/runner.sh b/scripts/runner.sh new file mode 100644 index 00000000..600854cc --- /dev/null +++ b/scripts/runner.sh @@ -0,0 +1,16 @@ +#! /bin/sh + +# Requires some aws stuff +export AWS_REGION=us-east-2 +aws s3 cp s3:///config/boot.sh /app/config/ +aws s3 cp s3:///certs /app/certs/ --recursive +chmod 600 /app/certs/* +chmod u+x /app/config/boot.sh +ls -alR /app + +## Source boot.sh from mounted directory +sed -i "s//t3_ec2_medium/g" /app/config/boot.sh +source /app/config/boot.sh + +# Run transfer-service +java -jar /usr/local/lib/ods-transfer-service-0.0.1-SNAPSHOT.jar \ No newline at end of file diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 43dc461f..3aa812d8 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -5,7 +5,7 @@ server.port=8092 server.tomcat.threads.max=1 #Eureka config -eureka.client.enabled=true +eureka.client.enabled=${EUREKA_ENABLE:false} eureka.client.serviceUrl.defaultZone=http://${EUREKA_USER:admin}:${EUREKA_PASS:admin}@${EUREKA_URI:localhost:8090}/eureka eureka.client.healthcheck.enabled=true eureka.client.registry-fetch-interval-seconds=5