From afdaaef90ccff608e1c34c69a72d1b06327e81d7 Mon Sep 17 00:00:00 2001 From: Caleb Woodbine Date: Mon, 10 Jul 2023 15:48:31 +1200 Subject: [PATCH] feat: use GH Actions and separate Dockerfiles --- .github/workflows/build.yml | 64 +++++++++++++++++++++++++++ cmd/fdsn-holdings-consumer/Dockerfile | 40 +++++++++++++++++ cmd/fdsn-slink-db/Dockerfile | 40 +++++++++++++++++ cmd/fdsn-ws-nrt/Dockerfile | 40 +++++++++++++++++ cmd/fdsn-ws/Dockerfile | 40 +++++++++++++++++ 5 files changed, 224 insertions(+) create mode 100644 .github/workflows/build.yml create mode 100644 cmd/fdsn-holdings-consumer/Dockerfile create mode 100644 cmd/fdsn-slink-db/Dockerfile create mode 100644 cmd/fdsn-ws-nrt/Dockerfile create mode 100644 cmd/fdsn-ws/Dockerfile diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 00000000..f519278e --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,64 @@ +name: build +on: + push: {} + release: + types: [published] + workflow_dispatch: {} +permissions: + packages: write + contents: write + pull-requests: write + id-token: write +env: + FOLDER: ./cmd + # doesn't have an ECR by that name; EXCLUDE is regex and is '|' separated (e.g: a|b|c) + EXCLUDE: s3-notify +jobs: + prepare: + runs-on: ubuntu-latest + outputs: + git-rev: ${{ steps.git-rev.outputs.git-rev }} + matrix: ${{ steps.set.outputs.matrix }} + steps: + - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + - uses: GeoNet/yq@bbe305500687a5fe8498d74883c17f0f06431ac4 # master + - id: git-rev + env: + GIT_SHA: ${{ github.sha }} + run: | + echo "git-rev=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT + - id: set + run: | + echo "matrix=$(find $FOLDER -mindepth 1 -maxdepth 1 -type d | grep -Ewv "$EXCLUDE" - | xargs -n 1 basename | xargs | yq 'split(" ")|.[]|{"target":.,"folder":env(FOLDER)+"/"+.}' -ojson | jq -rcM -s '{"include":.}')" >> $GITHUB_OUTPUT + - name: check output + run: | + jq . <<< '${{ steps.set.outputs.matrix }}' + build: + needs: prepare + strategy: + matrix: ${{ fromJSON(needs.prepare.outputs.matrix) }} + uses: GeoNet/Actions/.github/workflows/reusable-docker-build.yml@main + with: + context: . + dockerfile: ${{ fromJSON(toJSON(matrix)).folder }}/Dockerfile + imageName: ${{ fromJSON(toJSON(matrix)).target }} + platforms: linux/amd64 + push: ${{ github.ref == 'refs/heads/main' }} + tags: latest,git-${{ needs.prepare.outputs.git-rev }} + registryOverride: 862640294325.dkr.ecr.ap-southeast-2.amazonaws.com + aws-region: ap-southeast-2 + aws-role-arn-to-assume: arn:aws:iam::862640294325:role/github-actions-geonet-ecr-push + aws-role-duration-seconds: "3600" + go-apps: + uses: GeoNet/Actions/.github/workflows/reusable-go-apps.yml@main + with: + testSetup: | + sudo apt-get -yq update + sudo apt-get install -y xsltproc + docker \ + run -d \ + -p 5432:5432 \ + -e POSTGRES_PASSWORD=test \ + -e POSTGRES_USER=fdsn_w \ + -e POSTGRES_DB=fdsn \ + docker.io/postgis/postgis:15-3.3-alpine diff --git a/cmd/fdsn-holdings-consumer/Dockerfile b/cmd/fdsn-holdings-consumer/Dockerfile new file mode 100644 index 00000000..013d8e57 --- /dev/null +++ b/cmd/fdsn-holdings-consumer/Dockerfile @@ -0,0 +1,40 @@ +ARG BUILDER_IMAGE=ghcr.io/geonet/base-images/go:1.20 +ARG RUNNER_IMAGE=ghcr.io/geonet/base-images/static:latest +ARG RUN_USER=nobody +# Only support image based on AlpineLinux +FROM ${BUILDER_IMAGE} as builder + +# Project to build +ARG BUILD=fdsn-holdings-consumer + +# Git commit SHA +ARG GIT_COMMIT_SHA + +WORKDIR /repo +COPY go.* *.go /repo +RUN go mod download +COPY internal /repo/internal +COPY vendor /repo/vendor +COPY cmd/$BUILD /repo/cmd/$BUILD + +# Set a bunch of go env flags +ENV GOBIN /repo/gobin +ENV GOFLAGS -mod=vendor +ENV CGO_ENABLED=0 +RUN go install -a -ldflags "-X main.Prefix=${BUILD}/${GIT_COMMIT_SHA} -extldflags -static" /repo/cmd/${BUILD} + +FROM ${RUNNER_IMAGE} +# Export a port, default to 8080 +ARG EXPOSE_PORT=8080 +EXPOSE $EXPOSE_PORT +ARG BUILD +# Need to make this an env for it to be interpolated by the shell +ENV TZ Pacific/Auckland +ENV BUILD_BIN=${BUILD} +# We have to make our binary have a fixed name, otherwise, we cannot run it without a shell +COPY --from=builder /repo/gobin/${BUILD} /${BUILD} +# Copy the assets +ARG ASSET_DIR +COPY ${ASSET_DIR} /assets +USER nobody +CMD ["/fdsn-holdings-consumer"] diff --git a/cmd/fdsn-slink-db/Dockerfile b/cmd/fdsn-slink-db/Dockerfile new file mode 100644 index 00000000..21971036 --- /dev/null +++ b/cmd/fdsn-slink-db/Dockerfile @@ -0,0 +1,40 @@ +ARG BUILDER_IMAGE=ghcr.io/geonet/base-images/go:1.20 +ARG RUNNER_IMAGE=ghcr.io/geonet/base-images/static:latest +ARG RUN_USER=nobody +# Only support image based on AlpineLinux +FROM ${BUILDER_IMAGE} as builder + +# Project to build +ARG BUILD=fdsn-slink-db + +# Git commit SHA +ARG GIT_COMMIT_SHA + +WORKDIR /repo +COPY go.* *.go /repo +RUN go mod download +COPY internal /repo/internal +COPY vendor /repo/vendor +COPY cmd/$BUILD /repo/cmd/$BUILD + +# Set a bunch of go env flags +ENV GOBIN /repo/gobin +ENV GOFLAGS -mod=vendor +ENV CGO_ENABLED=0 +RUN go install -a -ldflags "-X main.Prefix=${BUILD}/${GIT_COMMIT_SHA} -extldflags -static" /repo/cmd/${BUILD} + +FROM ${RUNNER_IMAGE} +# Export a port, default to 8080 +ARG EXPOSE_PORT=8080 +EXPOSE $EXPOSE_PORT +ARG BUILD +# Need to make this an env for it to be interpolated by the shell +ENV TZ Pacific/Auckland +ENV BUILD_BIN=${BUILD} +# We have to make our binary have a fixed name, otherwise, we cannot run it without a shell +COPY --from=builder /repo/gobin/${BUILD} /${BUILD} +# Copy the assets +ARG ASSET_DIR +COPY ${ASSET_DIR} /assets +USER nobody +CMD ["/fdsn-slink-db"] diff --git a/cmd/fdsn-ws-nrt/Dockerfile b/cmd/fdsn-ws-nrt/Dockerfile new file mode 100644 index 00000000..29949080 --- /dev/null +++ b/cmd/fdsn-ws-nrt/Dockerfile @@ -0,0 +1,40 @@ +ARG BUILDER_IMAGE=ghcr.io/geonet/base-images/go:1.20 +ARG RUNNER_IMAGE=ghcr.io/geonet/base-images/static:latest +ARG RUN_USER=nobody +# Only support image based on AlpineLinux +FROM ${BUILDER_IMAGE} as builder + +# Project to build +ARG BUILD=fdsn-ws-nrt + +# Git commit SHA +ARG GIT_COMMIT_SHA + +WORKDIR /repo +COPY go.* *.go /repo +RUN go mod download +COPY internal /repo/internal +COPY vendor /repo/vendor +COPY cmd/$BUILD /repo/cmd/$BUILD + +# Set a bunch of go env flags +ENV GOBIN /repo/gobin +ENV GOFLAGS -mod=vendor +ENV CGO_ENABLED=0 +RUN go install -a -ldflags "-X main.Prefix=${BUILD}/${GIT_COMMIT_SHA} -extldflags -static" /repo/cmd/${BUILD} + +FROM ${RUNNER_IMAGE} +# Export a port, default to 8080 +ARG EXPOSE_PORT=8080 +EXPOSE $EXPOSE_PORT +ARG BUILD +# Need to make this an env for it to be interpolated by the shell +ENV TZ Pacific/Auckland +ENV BUILD_BIN=${BUILD} +# We have to make our binary have a fixed name, otherwise, we cannot run it without a shell +COPY --from=builder /repo/gobin/${BUILD} /${BUILD} +# Copy the assets +ARG ASSET_DIR +COPY ${ASSET_DIR} /assets +USER nobody +CMD ["/fdsn-ws-nrt"] diff --git a/cmd/fdsn-ws/Dockerfile b/cmd/fdsn-ws/Dockerfile new file mode 100644 index 00000000..02e5db9b --- /dev/null +++ b/cmd/fdsn-ws/Dockerfile @@ -0,0 +1,40 @@ +ARG BUILDER_IMAGE=ghcr.io/geonet/base-images/go:1.20 +ARG RUNNER_IMAGE=ghcr.io/geonet/base-images/static:latest +ARG RUN_USER=nobody +# Only support image based on AlpineLinux +FROM ${BUILDER_IMAGE} as builder + +# Project to build +ARG BUILD=fdsn-ws + +# Git commit SHA +ARG GIT_COMMIT_SHA + +WORKDIR /repo +COPY go.* *.go /repo +RUN go mod download +COPY internal /repo/internal +COPY vendor /repo/vendor +COPY cmd/$BUILD /repo/cmd/$BUILD + +# Set a bunch of go env flags +ENV GOBIN /repo/gobin +ENV GOFLAGS -mod=vendor +ENV CGO_ENABLED=0 +RUN go install -a -ldflags "-X main.Prefix=${BUILD}/${GIT_COMMIT_SHA} -extldflags -static" /repo/cmd/${BUILD} + +FROM ${RUNNER_IMAGE} +# Export a port, default to 8080 +ARG EXPOSE_PORT=8080 +EXPOSE $EXPOSE_PORT +ARG BUILD +# Need to make this an env for it to be interpolated by the shell +ENV TZ Pacific/Auckland +ENV BUILD_BIN=${BUILD} +# We have to make our binary have a fixed name, otherwise, we cannot run it without a shell +COPY --from=builder /repo/gobin/${BUILD} /${BUILD} +# Copy the assets +ARG ASSET_DIR +COPY ${ASSET_DIR} /assets +USER nobody +CMD ["/fdsn-ws"]