Merge pull request #4 from DevSecOpsSamples/develop

engel80 · web-flow · commit 08cdb4aa6515 · 2022-12-18T16:41:49.000+09:00
Sonarcloud org updated, GitHub Action docker build added
diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml
@@ -0,0 +1,21 @@
+name: Docker Build
+on:
+  push:
+    branches:
+      - master
+      - develop
+  pull_request:
+    types: [opened, synchronize, reopened]
+jobs:
+  build-cpu-api:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+    - name: Build the Docker image
+      run: cd cpu-api && docker build . --tag cpu-api:$(date +%s)
+  build-gpu-api:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+    - name: Build the Docker image
+      run: cd gpu-api && docker build . --tag cpu-api:$(date +%s)
diff --git a/.github/workflows/sonarqube.yml b/.github/workflows/sonarqube.yml
@@ -0,0 +1,37 @@
+name: Sonarqube
+on:
+  push:
+    branches:
+      - master
+      - develop
+  pull_request:
+    types: [opened, synchronize, reopened]
+jobs:
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+      - name: Set up JDK 11
+        uses: actions/setup-java@v1
+        with:
+          java-version: 11
+      - name: Cache SonarCloud packages
+        uses: actions/cache@v1
+        with:
+          path: ~/.sonar/cache
+          key: ${{ runner.os }}-sonar
+          restore-keys: ${{ runner.os }}-sonar
+      - name: Cache Gradle packages
+        uses: actions/cache@v1
+        with:
+          path: ~/.gradle/caches
+          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
+          restore-keys: ${{ runner.os }}-gradle
+      - name: Build and analyze
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        run: ./gradlew build sonarqube --info
diff --git a/README.md b/README.md
@@ -1,6 +1,6 @@
 # Sample project for ECS GPU Inference API
 
-[![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=ContainerOnAWS_ecs-gpu-cdk&metric=alert_status)](https://sonarcloud.io/summary/new_code?id=ContainerOnAWS_ecs-gpu-cdk) [![Lines of Code](https://sonarcloud.io/api/project_badges/measure?project=ContainerOnAWS_ecs-gpu-cdk&metric=ncloc)](https://sonarcloud.io/summary/new_code?id=ContainerOnAWS_ecs-gpu-cdk)
+[![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=DevSecOpsSamples_ecs-gpu-cdk&metric=alert_status)](https://sonarcloud.io/summary/new_code?id=DevSecOpsSamples_ecs-gpu-cdk) [![Lines of Code](https://sonarcloud.io/api/project_badges/measure?project=DevSecOpsSamples_ecs-gpu-cdk&metric=ncloc)](https://sonarcloud.io/summary/new_code?id=DevSecOpsSamples_ecs-gpu-cdk)
 
 ## Table of Contents
 
@@ -169,9 +169,9 @@ gpustat
 
 ![gpustat](./screenshots/gpustat.png?raw=true)
 
-## Clean Up
+## Step 7: Cleanup
 
-[clean-up.sh](./clean-up.sh)
+[cleanup.sh](./cleanup.sh)
 
 ## Structure
 
@@ -229,13 +229,13 @@ gpustat
 
 ### CDK Lib
 
-* [ECS](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_ecs-readme.html)
+* [aws-cdk-lib.aws_ecs module](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_ecs-readme.html)
 
-* [ECR Assets](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_ecr_assets-readme.html)
+* [aws-cdk-lib.aws_ecr_assets module](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_ecr_assets-readme.html)
 
-* [IAM](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_iam-readme.html)
+* [aws-cdk-lib.aws_iam module](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_iam-readme.html)
 
-* [SSM](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_ssm-readme.html)
+* [aws-cdk-lib.aws_ssm module](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_ssm-readme.html)
 
 ### IAM Role & Policy
 
diff --git a/build.gradle b/build.gradle
@@ -1,32 +1,21 @@
-apply plugin: 'base'
-apply plugin: 'org.sonarqube'
-archivesBaseName = 'ecs-gpu-cdk'
-
-buildscript {
-    repositories {
-        mavenCentral()
-    }
-    dependencies {
-        classpath("org.sonarsource.scanner.gradle:sonarqube-gradle-plugin:2.5")
-    }
+plugins {
+    id "org.sonarqube" version "3.5.0.2730"
 }
 
 sonarqube {
     properties {
         property "sonar.projectName", "ecs-gpu-cdk"
-        property "sonar.projectKey", "ContainerOnAWS_ecs-gpu-cdk"
-        property "sonar.organization", "containeronaws"
+        property "sonar.projectKey", "DevSecOpsSamples_ecs-gpu-cdk"
+        property "sonar.organization", "devsecopssamples"
         // property "sonar.host.url", "http://127.0.0.1:9000"
         property "sonar.host.url", "https://sonarcloud.io"
         property "sonar.sourceEncoding", "UTF-8"
         property "sonar.sources", "."
         property "sonar.python.version", "3.9"
         property "sonar.exclusions", "**/node_modules/**, **/cdk.out/**"
-        // property "sonar.cpd.exclusions", "**/*index.ts"
         property "sonar.issue.ignore.multicriteria", "e1"
         property "sonar.issue.ignore.multicriteria.e1.ruleKey", "typescript:S1848"
         property "sonar.issue.ignore.multicriteria.e1.resourceKey", "**/*.ts"
-        property "sonar.links.ci", "https://github.com/ContainerOnAWS/ecs-gpu-cdk"
-        property "sonar.log.level", "DEBUG"
+        property "sonar.links.ci", "https://github.com/DevSecOpsSamples/ecs-gpu-cdk"
     }
-}
+}
diff --git a/cleanup.sh b/cleanup.sh
@@ -0,0 +1,17 @@
+echo "[1/4] destroy ecs-restapi-service"
+cd ecs-restapi-service
+cdk destroy
+
+echo "[2/4] destroy ecs-ec2-cluster"
+cd ../ecs-ec2-cluster
+cdk destroy
+
+echo "[3/4] destroy ecs-iam-role"
+cd ../ecs-iam-role
+cdk destroy
+
+echo "[4/4] destroy vpc"
+cd ../vpc
+cdk destroy
+
+find . -name "cdk.context.json" -exec rm -f {} \;
