ci: Another round of tweaks

This commit is contained in:
Stefan Reimer 2022-02-11 16:40:01 +01:00
parent 32f3efe7a8
commit be7d9eed5f
4 changed files with 40 additions and 29 deletions

View File

@ -13,6 +13,7 @@ RUN apk upgrade -U --available --no-cache && \
# Stage 2 - build function and dependencies
FROM python-alpine AS build-image
ARG TAG="latest"
# Install aws-lambda-cpp build dependencies
RUN apk upgrade -U --available --no-cache && \
@ -37,6 +38,8 @@ RUN export MAKEFLAGS="-j$(nproc)" && \
# Install our app
COPY app.py /app
# Ser version to our TAG
RUN sed -i -e "s/^__version__ =.*/__version__ = \"${TAG}\"/" /app/app.py
# Stage 3 - final runtime image
FROM python-alpine
@ -46,3 +49,6 @@ COPY --from=build-image /app /app
ENTRYPOINT [ "/usr/local/bin/python", "-m", "awslambdaric" ]
CMD [ "app.handler" ]
LABEL zero-downtime.net.image.maintainer="stefan@zero-downtime.net" \
zero-downtime.net.image.license="AGPLv3"

View File

@ -1,7 +1,4 @@
ARG REPOSITORY="sns-alert-hub"
ARG TAG="latest"
FROM ${REPOSITORY}:${TAG}
FROM setviacmdline:latest
# Install additional tools for tests
COPY dev-requirements.txt .flake8 .

View File

@ -1,5 +1,5 @@
REGISTRY := public.ecr.aws/zero-downtime
REPOSITORY := sns-alert-hub
IMAGE := sns-alert-hub
REGION := us-east-1
# Parse version from latest git semver tag
@ -12,33 +12,41 @@ else
TRIVY_OPTS := client --remote ${TRIVY_REMOTE}
endif
.PHONY: build push scan test
.PHONY: build test scan push clean
all: test
build:
docker image exists $(IMAGE):$(TAG) || \
docker build --rm -t $(IMAGE):$(TAG) --build-arg TAG=$(TAG) .
test: build rm-test-image
docker build --rm -t $(IMAGE):$(TAG)-test --from=$(IMAGE):$(TAG) -f Dockerfile.test .
scan: build
trivy $(TRIVY_OPTS) $(IMAGE):$(TAG)
push: scan
@aws ecr-public get-login-password --region $(REGION) | docker login --username AWS --password-stdin $(REGISTRY)
@docker tag $(IMAGE):$(TAG) $(REGISTRY)/$(IMAGE):$(TAG) $(REGISTRY)/$(IMAGE):latest
docker push $(REGISTRY)/$(IMAGE):$(TAG)
docker push $(REGISTRY)/$(IMAGE):latest
# Delete all untagged images
# aws ecr-public batch-delete-image --repository-name $(IMAGE) --region $(REGION) --image-ids $$(for image in $$(aws ecr-public describe-images --repository-name $(IMAGE) --region $(REGION) --output json | jq -r '.imageDetails[] | select(.imageTags | not ).imageDigest'); do echo -n "imageDigest=$$image "; done)
clean: rm-test-image rm-image
.PHONY: rm-image
rm-image:
@test -z "$$(docker image ls -q $(IMAGE):$(TAG))" || docker image rm -f $(IMAGE):$(TAG) > /dev/null
@test -z "$$(docker image ls -q $(IMAGE):$(TAG))" || echo "Error: Removing image failed"
# Ensure we run the tests by removing any previous runs
.PHONY: rm-test-image
rm-test-image:
@test -z "$$(docker image ls -q $(REPOSITORY):$(TAG)-test)" || docker image rm $(REPOSITORY):$(TAG)-test > /dev/null
@test -z "$$(docker image ls -q $(REPOSITORY):$(TAG)-test)" || echo "Error: Removing test image failed"
@test -z "$$(docker image ls -q $(IMAGE):$(TAG)-test)" || docker image rm -f $(IMAGE):$(TAG)-test > /dev/null
@test -z "$$(docker image ls -q $(IMAGE):$(TAG)-test)" || echo "Error: Removing test image failed"
build:
sed -i -e "s/^__version__ =.*/__version__ = \"$(TAG)\"/" app.py
docker build --rm -t $(REPOSITORY):$(TAG) .
test: build rm-test-image
docker build --rm -t $(REPOSITORY):$(TAG)-test \
--build-arg REPOSITORY=$(REPOSITORY) \
--build-arg TAG=$(TAG) \
-f Dockerfile.test .
scan: build
trivy $(TRIVY_OPTS) $(REPOSITORY):$(TAG)
push: scan
aws ecr-public get-login-password --region $(REGION) | docker login --username AWS --password-stdin $(REGISTRY)
docker tag $(REPOSITORY):$(TAG) $(REGISTRY)/$(REPOSITORY):$(TAG) $(REGISTRY)/$(REPOSITORY):latest
docker push $(REGISTRY)/$(REPOSITORY):$(TAG)
docker push $(REGISTRY)/$(REPOSITORY):latest
# Delete all untagged images
# aws ecr-public batch-delete-image --repository-name $(REPOSITORY) --region $(REGION) --image-ids $$(for image in $$(aws ecr-public describe-images --repository-name $(REPOSITORY) --region $(REGION) --output json | jq -r '.imageDetails[] | select(.imageTags | not ).imageDigest'); do echo -n "imageDigest=$$image "; done)
.DEFAULT:
@echo "$@ not implemented. NOOP"

2
app.py
View File

@ -11,7 +11,7 @@ import apprise
__author__ = "Stefan Reimer"
__author_email__ = "stefan@zero-downtime.net"
__version__ = "head"
__version__ = "latest"
# Global alias lookup cache
account_aliases = {}