ci: Another round of tweaks

This commit is contained in:
Stefan Reimer 2022-02-11 16:40:01 +01:00
parent 32f3efe7a8
commit be7d9eed5f
4 changed files with 40 additions and 29 deletions

View File

@ -13,6 +13,7 @@ RUN apk upgrade -U --available --no-cache && \
# Stage 2 - build function and dependencies # Stage 2 - build function and dependencies
FROM python-alpine AS build-image FROM python-alpine AS build-image
ARG TAG="latest"
# Install aws-lambda-cpp build dependencies # Install aws-lambda-cpp build dependencies
RUN apk upgrade -U --available --no-cache && \ RUN apk upgrade -U --available --no-cache && \
@ -37,6 +38,8 @@ RUN export MAKEFLAGS="-j$(nproc)" && \
# Install our app # Install our app
COPY app.py /app COPY app.py /app
# Ser version to our TAG
RUN sed -i -e "s/^__version__ =.*/__version__ = \"${TAG}\"/" /app/app.py
# Stage 3 - final runtime image # Stage 3 - final runtime image
FROM python-alpine FROM python-alpine
@ -46,3 +49,6 @@ COPY --from=build-image /app /app
ENTRYPOINT [ "/usr/local/bin/python", "-m", "awslambdaric" ] ENTRYPOINT [ "/usr/local/bin/python", "-m", "awslambdaric" ]
CMD [ "app.handler" ] CMD [ "app.handler" ]
LABEL zero-downtime.net.image.maintainer="stefan@zero-downtime.net" \
zero-downtime.net.image.license="AGPLv3"

View File

@ -1,7 +1,4 @@
ARG REPOSITORY="sns-alert-hub" FROM setviacmdline:latest
ARG TAG="latest"
FROM ${REPOSITORY}:${TAG}
# Install additional tools for tests # Install additional tools for tests
COPY dev-requirements.txt .flake8 . COPY dev-requirements.txt .flake8 .

View File

@ -1,5 +1,5 @@
REGISTRY := public.ecr.aws/zero-downtime REGISTRY := public.ecr.aws/zero-downtime
REPOSITORY := sns-alert-hub IMAGE := sns-alert-hub
REGION := us-east-1 REGION := us-east-1
# Parse version from latest git semver tag # Parse version from latest git semver tag
@ -12,33 +12,41 @@ else
TRIVY_OPTS := client --remote ${TRIVY_REMOTE} TRIVY_OPTS := client --remote ${TRIVY_REMOTE}
endif endif
.PHONY: build push scan test .PHONY: build test scan push clean
all: test all: test
build:
docker image exists $(IMAGE):$(TAG) || \
docker build --rm -t $(IMAGE):$(TAG) --build-arg TAG=$(TAG) .
test: build rm-test-image
docker build --rm -t $(IMAGE):$(TAG)-test --from=$(IMAGE):$(TAG) -f Dockerfile.test .
scan: build
trivy $(TRIVY_OPTS) $(IMAGE):$(TAG)
push: scan
@aws ecr-public get-login-password --region $(REGION) | docker login --username AWS --password-stdin $(REGISTRY)
@docker tag $(IMAGE):$(TAG) $(REGISTRY)/$(IMAGE):$(TAG) $(REGISTRY)/$(IMAGE):latest
docker push $(REGISTRY)/$(IMAGE):$(TAG)
docker push $(REGISTRY)/$(IMAGE):latest
# Delete all untagged images
# aws ecr-public batch-delete-image --repository-name $(IMAGE) --region $(REGION) --image-ids $$(for image in $$(aws ecr-public describe-images --repository-name $(IMAGE) --region $(REGION) --output json | jq -r '.imageDetails[] | select(.imageTags | not ).imageDigest'); do echo -n "imageDigest=$$image "; done)
clean: rm-test-image rm-image
.PHONY: rm-image
rm-image:
@test -z "$$(docker image ls -q $(IMAGE):$(TAG))" || docker image rm -f $(IMAGE):$(TAG) > /dev/null
@test -z "$$(docker image ls -q $(IMAGE):$(TAG))" || echo "Error: Removing image failed"
# Ensure we run the tests by removing any previous runs # Ensure we run the tests by removing any previous runs
.PHONY: rm-test-image .PHONY: rm-test-image
rm-test-image: rm-test-image:
@test -z "$$(docker image ls -q $(REPOSITORY):$(TAG)-test)" || docker image rm $(REPOSITORY):$(TAG)-test > /dev/null @test -z "$$(docker image ls -q $(IMAGE):$(TAG)-test)" || docker image rm -f $(IMAGE):$(TAG)-test > /dev/null
@test -z "$$(docker image ls -q $(REPOSITORY):$(TAG)-test)" || echo "Error: Removing test image failed" @test -z "$$(docker image ls -q $(IMAGE):$(TAG)-test)" || echo "Error: Removing test image failed"
build: .DEFAULT:
sed -i -e "s/^__version__ =.*/__version__ = \"$(TAG)\"/" app.py @echo "$@ not implemented. NOOP"
docker build --rm -t $(REPOSITORY):$(TAG) .
test: build rm-test-image
docker build --rm -t $(REPOSITORY):$(TAG)-test \
--build-arg REPOSITORY=$(REPOSITORY) \
--build-arg TAG=$(TAG) \
-f Dockerfile.test .
scan: build
trivy $(TRIVY_OPTS) $(REPOSITORY):$(TAG)
push: scan
aws ecr-public get-login-password --region $(REGION) | docker login --username AWS --password-stdin $(REGISTRY)
docker tag $(REPOSITORY):$(TAG) $(REGISTRY)/$(REPOSITORY):$(TAG) $(REGISTRY)/$(REPOSITORY):latest
docker push $(REGISTRY)/$(REPOSITORY):$(TAG)
docker push $(REGISTRY)/$(REPOSITORY):latest
# Delete all untagged images
# aws ecr-public batch-delete-image --repository-name $(REPOSITORY) --region $(REGION) --image-ids $$(for image in $$(aws ecr-public describe-images --repository-name $(REPOSITORY) --region $(REGION) --output json | jq -r '.imageDetails[] | select(.imageTags | not ).imageDigest'); do echo -n "imageDigest=$$image "; done)

2
app.py
View File

@ -11,7 +11,7 @@ import apprise
__author__ = "Stefan Reimer" __author__ = "Stefan Reimer"
__author_email__ = "stefan@zero-downtime.net" __author_email__ = "stefan@zero-downtime.net"
__version__ = "head" __version__ = "latest"
# Global alias lookup cache # Global alias lookup cache
account_aliases = {} account_aliases = {}