From 38d63c177d9a919e451a2f092aed28743c5fbfae Mon Sep 17 00:00:00 2001 From: Yurii Kovalchuk <103324562+yumirkov@users.noreply.github.com> Date: Tue, 3 Sep 2024 13:56:27 +0300 Subject: [PATCH] ATOR-406 - CI improvements (#24) --- .github/actions/build-and-push/action.yml | 12 ++---------- .github/actions/deploy/action.yml | 1 + .github/workflows/dev.yml | 7 ++++--- .github/workflows/live.yml | 20 ++++++-------------- .github/workflows/stage.yml | 7 ++++--- docker/destination/Dockerfile | 7 ------- docker/destination/default.conf | 16 ---------------- docker/destination/docker-entrypoint.sh | 5 ----- docker/docker-compose.yml | 10 ---------- operations/deploy-dev.hcl | 8 ++++---- operations/deploy-live.hcl | 2 +- operations/deploy-stage.hcl | 6 +++--- 12 files changed, 25 insertions(+), 76 deletions(-) delete mode 100755 docker/destination/Dockerfile delete mode 100644 docker/destination/default.conf delete mode 100755 docker/destination/docker-entrypoint.sh diff --git a/.github/actions/build-and-push/action.yml b/.github/actions/build-and-push/action.yml index 4bfa14d..c7d6567 100644 --- a/.github/actions/build-and-push/action.yml +++ b/.github/actions/build-and-push/action.yml @@ -13,6 +13,7 @@ runs: - name: Log in to Docker Hub uses: docker/login-action@v1 with: + registry: ghcr.io username: ${{ inputs.docker-username }} password: ${{ inputs.docker-password }} @@ -22,13 +23,4 @@ runs: context: . file: ./docker/scanner/Dockerfile push: true - tags: ${{ inputs.docker-username }}/sbws-scanner:${{ github.sha }},${{ inputs.docker-username }}/sbws-scanner:${{ inputs.docker-tag }} - - - name: Build and push Docker image of destination - uses: docker/build-push-action@v2 - with: - context: ./docker/destination - file: ./docker/destination/Dockerfile - push: true - tags: ${{ inputs.docker-username }}/sbws-destination:${{ github.sha }},${{ inputs.docker-username }}/sbws-destination:${{ inputs.docker-tag }} - + tags: ghcr.io/ator-development/sbws-scanner:${{ inputs.docker-tag }} diff --git a/.github/actions/deploy/action.yml b/.github/actions/deploy/action.yml index 42728d8..66d7ae4 100644 --- a/.github/actions/deploy/action.yml +++ b/.github/actions/deploy/action.yml @@ -19,6 +19,7 @@ runs: NOMAD_TOKEN: ${{ inputs.nomad-token }} NOMAD_ADDR: ${{ inputs.nomad-addr }} run: | + sed -i 's/DEPLOY_TAG/${{ inputs.docker-tag }}/g' operations/deploy-${{ inputs.environment }}.hcl curl -L https://releases.hashicorp.com/nomad/1.6.3/nomad_1.6.3_linux_amd64.zip -o nomad.zip unzip nomad.zip ./nomad job run operations/deploy-${{ inputs.environment }}.hcl diff --git a/.github/workflows/dev.yml b/.github/workflows/dev.yml index b7df4b6..662bc02 100644 --- a/.github/workflows/dev.yml +++ b/.github/workflows/dev.yml @@ -16,9 +16,9 @@ jobs: - name: Build and push uses: ./.github/actions/build-and-push with: - docker-username: ${{ secrets.DOCKER_HUB_USERNAME }} - docker-password: ${{ secrets.DOCKER_HUB_PASSWORD }} - docker-tag: latest-dev + docker-username: ${{ github.actor }} + docker-password: ${{ secrets.GITHUB_TOKEN }} + docker-tag: ${{ github.sha }} - name: Deploy uses: ./.github/actions/deploy with: @@ -26,3 +26,4 @@ jobs: nomad-cacert: operations/admin-ui-ca.crt nomad-token: ${{ secrets.NOMAD_TOKEN_SBWS_DEPLOY }} nomad-addr: ${{ secrets.NOMAD_DEPLOY_ADDR }} + docker-tag: ${{ github.sha }} diff --git a/.github/workflows/live.yml b/.github/workflows/live.yml index c6ea3c2..d826719 100644 --- a/.github/workflows/live.yml +++ b/.github/workflows/live.yml @@ -10,21 +10,12 @@ jobs: steps: - name: Check out the repo uses: actions/checkout@v4 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - name: Log in to Github Container Registry - uses: docker/login-action@v3 + - name: Build and push + uses: ./.github/actions/build-and-push with: - username: ${{ secrets.DOCKER_HUB_USERNAME }} - password: ${{ secrets.DOCKER_HUB_PASSWORD }} - - name: Tag latest - run: | - docker pull ${{ secrets.DOCKER_HUB_USERNAME }}/sbws-scanner:latest-stage - docker tag ${{ secrets.DOCKER_HUB_USERNAME }}/sbws-scanner:latest-stage ${{ secrets.DOCKER_HUB_USERNAME }}/sbws-scanner:latest - docker push ${{ secrets.DOCKER_HUB_USERNAME }}/sbws-scanner:latest - docker pull ${{ secrets.DOCKER_HUB_USERNAME }}/sbws-destination:latest-stage - docker tag ${{ secrets.DOCKER_HUB_USERNAME }}/sbws-destination:latest-stage ${{ secrets.DOCKER_HUB_USERNAME }}/sbws-destination:latest - docker push ${{ secrets.DOCKER_HUB_USERNAME }}/sbws-destination:latest + docker-username: ${{ github.actor }} + docker-password: ${{ secrets.GITHUB_TOKEN }} + docker-tag: ${{ github.sha }} - name: Deploy uses: ./.github/actions/deploy with: @@ -32,3 +23,4 @@ jobs: nomad-cacert: operations/admin-ui-ca.crt nomad-token: ${{ secrets.NOMAD_TOKEN_SBWS_DEPLOY }} nomad-addr: ${{ secrets.NOMAD_DEPLOY_ADDR }} + docker-tag: ${{ github.sha }} diff --git a/.github/workflows/stage.yml b/.github/workflows/stage.yml index e27f7a5..1c6f262 100644 --- a/.github/workflows/stage.yml +++ b/.github/workflows/stage.yml @@ -16,9 +16,9 @@ jobs: - name: Build and push uses: ./.github/actions/build-and-push with: - docker-username: ${{ secrets.DOCKER_HUB_USERNAME }} - docker-password: ${{ secrets.DOCKER_HUB_PASSWORD }} - docker-tag: latest-stage + docker-username: ${{ github.actor }} + docker-password: ${{ secrets.GITHUB_TOKEN }} + docker-tag: ${{ github.sha }} - name: Deploy uses: ./.github/actions/deploy with: @@ -26,3 +26,4 @@ jobs: nomad-cacert: operations/admin-ui-ca.crt nomad-token: ${{ secrets.NOMAD_TOKEN_SBWS_DEPLOY }} nomad-addr: ${{ secrets.NOMAD_DEPLOY_ADDR }} + docker-tag: ${{ github.sha }} diff --git a/docker/destination/Dockerfile b/docker/destination/Dockerfile deleted file mode 100755 index 7fba28c..0000000 --- a/docker/destination/Dockerfile +++ /dev/null @@ -1,7 +0,0 @@ -FROM nginx - -WORKDIR /app/destination - -COPY docker-entrypoint.sh /app/destination - -ENTRYPOINT [ "sh", "docker-entrypoint.sh" ] diff --git a/docker/destination/default.conf b/docker/destination/default.conf deleted file mode 100644 index cb9e54f..0000000 --- a/docker/destination/default.conf +++ /dev/null @@ -1,16 +0,0 @@ -server { - - root /app/destination/data; - - autoindex on; - - listen 0.0.0.0:80; - - location / { - try_files $uri $uri/ =404; - } - - location ~/\.ht { - deny all; - } -} diff --git a/docker/destination/docker-entrypoint.sh b/docker/destination/docker-entrypoint.sh deleted file mode 100755 index 28d5660..0000000 --- a/docker/destination/docker-entrypoint.sh +++ /dev/null @@ -1,5 +0,0 @@ -mkdir -p data && cd data - -head -c $((1024*1024*1024)) /dev/urandom > 1GiB - -nginx -g 'daemon off;' diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index 0465167..12bbf0e 100755 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -24,16 +24,6 @@ services: networks: local: ipv4_address: 172.18.0.3 - sbws-destination: - image: sbws-destination - restart: always - ports: - - "8888:80" - volumes: - - ./destination/default.conf:/etc/nginx/conf.d/default.conf - networks: - local: - ipv4_address: 172.18.0.4 networks: local: diff --git a/operations/deploy-dev.hcl b/operations/deploy-dev.hcl index b307502..13a12df 100644 --- a/operations/deploy-dev.hcl +++ b/operations/deploy-dev.hcl @@ -47,7 +47,7 @@ job "sbws-dev" { } port "orport" { - static = 9091 + static = 9019 } } @@ -73,8 +73,8 @@ job "sbws-dev" { } resources { - cpu = 2048 - memory = 2560 + cpu = 512 + memory = 1024 } template { @@ -128,7 +128,7 @@ ORPort {{ env `NOMAD_PORT_orport` }} } config { - image = "svforte/sbws-scanner:latest-dev" + image = "ghcr.io/ator-development/sbws-scanner:DEPLOY_TAG" force_pull = true volumes = [ "local/.sbws.ini:/root/.sbws.ini:ro" diff --git a/operations/deploy-live.hcl b/operations/deploy-live.hcl index f909751..1585fbc 100644 --- a/operations/deploy-live.hcl +++ b/operations/deploy-live.hcl @@ -133,7 +133,7 @@ ORPort {{ env `NOMAD_PORT_orport` }} } config { - image = "svforte/sbws-scanner:latest" + image = "ghcr.io/ator-development/sbws-scanner:DEPLOY_TAG" force_pull = true volumes = [ "local/.sbws.ini:/root/.sbws.ini:ro" diff --git a/operations/deploy-stage.hcl b/operations/deploy-stage.hcl index e5c0a59..7df4c3c 100644 --- a/operations/deploy-stage.hcl +++ b/operations/deploy-stage.hcl @@ -122,7 +122,7 @@ ORPort {{ env `NOMAD_PORT_orport` }} } config { - image = "svforte/sbws-scanner:latest-stage" + image = "ghcr.io/ator-development/sbws-scanner:DEPLOY_TAG" force_pull = true volumes = [ "local/.sbws.ini:/root/.sbws.ini:ro" @@ -349,7 +349,7 @@ ORPort {{ env `NOMAD_PORT_orport` }} } config { - image = "svforte/sbws-scanner:latest-stage" + image = "ghcr.io/ator-development/sbws-scanner:DEPLOY_TAG" force_pull = true volumes = [ "local/.sbws.ini:/root/.sbws.ini:ro" @@ -576,7 +576,7 @@ ORPort {{ env `NOMAD_PORT_orport` }} } config { - image = "svforte/sbws-scanner:latest-stage" + image = "ghcr.io/ator-development/sbws-scanner:DEPLOY_TAG" force_pull = true volumes = [ "local/.sbws.ini:/root/.sbws.ini:ro"