Skip to content
Docker Build

write it out manual for upload too?? #139

Sign in to view logs

write it out manual for upload too??

write it out manual for upload too?? #139

Workflow file for this run

.github/workflows/docker_build.yml at a9a10a7
name: Docker Build
on:
# workflow_dispatch:
push:
permissions:
id-token: write
contents: read
env:
VAULT_PW: ${{ secrets.VAULT_PW }}
REPORT_COVERAGE: true
DPC_CA_CERT: ${{ secrets.DPC_CA_CERT }}
ENV: "github-ci"
jobs:
docker_build_rails_web_portal:
runs-on: self-hosted
env:
REPOSITORY: web-portal
steps:
- name: check gzip
run: gzip --version
- name: Install python3
run: sudo dnf install python3
- name: "Checkout code"
uses: actions/checkout@v4
- name: Install docker compose manually
run: |
sudo mkdir -p /usr/local/lib/docker/cli-plugins
sudo curl -SL https://github.com/docker/compose/releases/download/v2.32.4/docker-compose-linux-x86_64 -o /usr/local/lib/docker/cli-plugins/docker-compose
sudo chown root:root /usr/local/lib/docker/cli-plugins/docker-compose
sudo chmod +x /usr/local/lib/docker/cli-plugins/docker-compose
# TODO replace w/ make ci-portals-v1 when disk space issue resolved
- name: Build portal
run: |
make ci-portal
# run: docker save dpc-$REPOSITORY:latest | gzip > ${{ runner.temp }}/dpc_$REPOSITORY_latest.tar.gz
- name: gzip the image
run: docker save dpc-$REPOSITORY:latest | gzip > ${{ runner.temp }}/dpc_web-portal_latest.tar.gz
- name: upload tar artifact
uses: actions/upload-artifact@v4
with:
name: dpc-$REPOSITORY
path: ${{ runner.temp }}/dpc_web-portal_latest.tar.gz
docker_push_rails_web_portal_image:
runs-on: self-hosted
env:
REPOSITORY: web-portal
needs: docker_build_rails_web_portal
steps:
- name: Download artifact
uses: actions/download-artifact@v4
with:
name: dpc-$REPOSITORY
path: ${{ runner.temp }}
- name: Load image
run: |
docker load --input ${{ runner.temp }}/myimage.tar
docker image ls -a
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: ${{ vars.AWS_REGION }}
role-to-assume: arn:aws:iam::${{ secrets.ACCOUNT_ID }}:role/delegatedadmin/developer/dpc-dev-github-actions
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2
- name: Push to ECR
env:
REGISTRY: ${{ steps.login-ecr.outputs.registry }}
IMAGE_TAG: ${{ github.sha }}
run: |
docker tag dpc-$REPOSITORY:latest $REGISTRY/dpc-$REPOSITORY:latest
docker tag dpc-$REPOSITORY:latest $REGISTRY/dpc-$REPOSITORY:$IMAGE_TAG
docker push $REGISTRY/dpc-$REPOSITORY:$IMAGE_TAG
- name: success
run: "Did it work???"
# TODO add additional steps to push dpc-web-admin and dpc-web, see docker_build_all_portals below
# docker_build_all_portals:
# runs-on: self-hosted
# steps:
# - name: Install python3
# run: sudo dnf install python3
#
# - name: "Checkout code"
# uses: actions/checkout@v4
# with:
# ref: ${{ github.ref_name }}
#
# - name: Install docker compose manually
# run: |
# sudo mkdir -p /usr/local/lib/docker/cli-plugins
# sudo curl -SL https://github.com/docker/compose/releases/download/v2.32.4/docker-compose-linux-x86_64 -o /usr/local/lib/docker/cli-plugins/docker-compose
# sudo chown root:root /usr/local/lib/docker/cli-plugins/docker-compose
# sudo chmod +x /usr/local/lib/docker/cli-plugins/docker-compose
#
# - name: Assert Ownership
# run: sudo chmod -R 777 .
# - name: Cleanup Runner
# run: ./scripts/cleanup-docker.sh
#
# - name: Configure AWS Credentials
# uses: aws-actions/configure-aws-credentials@v4
# with:
# aws-region: ${{ vars.AWS_REGION }}
# role-to-assume: arn:aws:iam::${{ secrets.ACCOUNT_ID }}:role/delegatedadmin/developer/dpc-dev-github-actions
#
# - name: Login to Amazon ECR
# id: login-ecr
# uses: aws-actions/amazon-ecr-login@v2
#
# - name: "Set up Ansible"
# run: |
# sudo dnf -y install python3 python3-pip
# pip install ansible
#
# - name: Build portals
# run: |
# make ci-portals-v1
#
# - name: Push Rails Web Portal to ECR
# env:
# REGISTRY: ${{ steps.login-ecr.outputs.registry }}
# REPOSITORY: web-portal
# IMAGE_TAG: hardcodedstringfornow
# run: |
# docker tag dpc-$REPOSITORY:latest $REGISTRY/dpc-$REPOSITORY:$IMAGE_TAG
# docker push $REGISTRY/dpc-$REPOSITORY:$IMAGE_TAG
#
# - name: Push Rails Admin Portal to ECR
# env:
# REGISTRY: ${{ steps.login-ecr.outputs.registry }}
# REPOSITORY: web-admin
# IMAGE_TAG: hardcodedstringfornow
# run: |
# docker tag dpc-$REPOSITORY:latest $REGISTRY/dpc-$REPOSITORY:$IMAGE_TAG
# docker push $REGISTRY/dpc-$REPOSITORY:$IMAGE_TAG
#
# - name: Push Web to ECR
# env:
# REGISTRY: ${{ steps.login-ecr.outputs.registry }}
# REPOSITORY: web
# IMAGE_TAG: hardcodedstringfornow
# run: |
# docker tag dpc-$REPOSITORY:latest $REGISTRY/dpc-$REPOSITORY:$IMAGE_TAG
# docker push $REGISTRY/dpc-$REPOSITORY:$IMAGE_TAG
#
# - name: echo hello
# run: echo "pushed portal images"
#
# - name: Cleanup at the end too??
# if: ${{ always() }}
# run: ./scripts/cleanup-docker.sh
# docker_build_java:
# runs-on: self-hosted
# steps:
# - name: "Set up Ansible"
# run: |
# sudo dnf -y install python3 python3-pip
# pip install ansible
#
# - name: "Install npm for Postman tests"
# run: |
# sudo dnf -y install nodejs
# npm --version
#
# - name: Install docker compose manually
# run: |
# sudo mkdir -p /usr/local/lib/docker/cli-plugins
# sudo curl -SL https://github.com/docker/compose/releases/download/v2.32.4/docker-compose-linux-x86_64 -o /usr/local/lib/docker/cli-plugins/docker-compose
# sudo chown root:root /usr/local/lib/docker/cli-plugins/docker-compose
# sudo chmod +x /usr/local/lib/docker/cli-plugins/docker-compose
#
# - name: "Set up JDK 11"
# uses: actions/setup-java@v3
# with:
# java-version: "11"
# distribution: "corretto"
# cache: maven
#
# - name: Install Maven 3.6.3
# run: |
# export PATH="$PATH:/opt/maven/bin"
# echo "PATH=$PATH" >> $GITHUB_ENV
# if mvn -v; then echo "Maven already installed" && exit 0; else echo "Installing Maven"; fi
# tmpdir="$(mktemp -d)"
# curl -LsS https://archive.apache.org/dist/maven/maven-3/3.6.3/binaries/apache-maven-3.6.3-bin.tar.gz | tar xzf - -C "$tmpdir"
# sudo rm -rf /opt/maven
# sudo mv "$tmpdir/apache-maven-3.6.3" /opt/maven
#
# - name: Clean maven
# run: mvn -ntp -U clean
#
# - name: "Checkout code"
# uses: actions/checkout@v4
#
# - name: Build ci app
# id: api-build
# run: |
# export PATH=$PATH:~/.local/bin
# make ci-app
#
# # add extra commands to log docker containers during failure
# - name: Consent Logs
# if: ${{ failure() && steps.api-build.outcome == 'failure' }}
# run: docker logs start-v1-app-consent-1
# - name: Attribution Logs
# if: ${{ failure() && steps.api-build.outcome == 'failure' }}
# run: docker logs start-v1-app-attribution-1
# - name: Aggregation Logs
# if: ${{ failure() && steps.api-build.outcome == 'failure' }}
# run: docker logs start-v1-app-aggregation-1
# - name: Api Logs
# if: ${{ failure() && steps.api-build.outcome == 'failure' }}
# run: docker logs start-v1-app-api-1
#
# - name: Configure AWS Credentials
# uses: aws-actions/configure-aws-credentials@v4
# with:
# aws-region: ${{ vars.AWS_REGION }}
# role-to-assume: arn:aws:iam::${{ secrets.ACCOUNT_ID }}:role/delegatedadmin/developer/dpc-dev-github-actions
#
# - name: Login to Amazon ECR
# id: login-ecr
# uses: aws-actions/amazon-ecr-login@v2
#
# - name: ECR (1 of 4) - Push API
# env:
# REGISTRY: ${{ steps.login-ecr.outputs.registry }}
# REPOSITORY: api
# IMAGE_TAG: ${{ github.sha }}
# run: |
# docker tag $REGISTRY/dpc-$REPOSITORY:latest $REGISTRY/dpc-$REPOSITORY:$IMAGE_TAG
# docker push $REGISTRY/dpc-$REPOSITORY:$IMAGE_TAG
#
# - name: ECR (2 of 4) - Push Attribution
# env:
# REGISTRY: ${{ steps.login-ecr.outputs.registry }}
# REPOSITORY: attribution
# IMAGE_TAG: ${{ github.sha }}
# run: |
# docker tag $REGISTRY/dpc-$REPOSITORY:latest $REGISTRY/dpc-$REPOSITORY:$IMAGE_TAG
# docker push $REGISTRY/dpc-$REPOSITORY:$IMAGE_TAG
#
# - name: ECR (3 of 4) - Push Aggregation
# env:
# REGISTRY: ${{ steps.login-ecr.outputs.registry }}
# REPOSITORY: aggregation
# IMAGE_TAG: ${{ github.sha }}
# run: |
# docker tag $REGISTRY/dpc-$REPOSITORY:latest $REGISTRY/dpc-$REPOSITORY:$IMAGE_TAG
# docker push $REGISTRY/dpc-$REPOSITORY:$IMAGE_TAG
#
# - name: ECR (4 of 4) - Push Consent
# env:
# REGISTRY: ${{ steps.login-ecr.outputs.registry }}
# REPOSITORY: consent
# IMAGE_TAG: ${{ github.sha }}
# run: |
# docker tag $REGISTRY/dpc-$REPOSITORY:latest $REGISTRY/dpc-$REPOSITORY:$IMAGE_TAG
# docker push $REGISTRY/dpc-$REPOSITORY:$IMAGE_TAG