REGISTRY := public.ecr.aws/zero-downtime REPOSITORY := sns-alert-hub REGION := us-east-1 # Parse version from latest git semver tag GTAG=$(shell git describe --tags --match v*.*.* 2>/dev/null || git rev-parse --short HEAD 2>/dev/null) TAG ?= $(shell echo $(GTAG) | awk -F '-' '{ print $$1 "-" $$2 }' | sed -e 's/-$$//') ifeq ($(TRIVY_REMOTE),) TRIVY_OPTS := image else TRIVY_OPTS := client --remote ${TRIVY_REMOTE} endif .PHONY: build push scan test all: test # Ensure we run the tests by removing any previous runs .PHONY: rm-test-image rm-test-image: @test -z "$$(docker image ls -q $(REPOSITORY):$(TAG)-test)" || docker image rm $(REPOSITORY):$(TAG)-test > /dev/null @test -z "$$(docker image ls -q $(REPOSITORY):$(TAG)-test)" || echo "Error: Removing test image failed" build: sed -i -e "s/^__version__ =.*/__version__ = \"$(TAG)\"/" app.py docker build --rm -t $(REPOSITORY):$(TAG) . test: build rm-test-image docker build --rm -t $(REPOSITORY):$(TAG)-test \ --build-arg REPOSITORY=$(REPOSITORY) \ --build-arg TAG=$(TAG) \ -f Dockerfile.test . scan: build trivy $(TRIVY_OPTS) $(REPOSITORY):$(TAG) push: scan aws ecr-public get-login-password --region $(REGION) | docker login --username AWS --password-stdin $(REGISTRY) docker tag $(REPOSITORY):$(TAG) $(REGISTRY)/$(REPOSITORY):$(TAG) $(REGISTRY)/$(REPOSITORY):latest docker push $(REGISTRY)/$(REPOSITORY):$(TAG) docker push $(REGISTRY)/$(REPOSITORY):latest # Delete all untagged images # aws ecr-public batch-delete-image --repository-name $(REPOSITORY) --region $(REGION) --image-ids $$(for image in $$(aws ecr-public describe-images --repository-name $(REPOSITORY) --region $(REGION) --output json | jq -r '.imageDetails[] | select(.imageTags | not ).imageDigest'); do echo -n "imageDigest=$$image "; done)