diff --git a/.github/workflows/build-all-images.yaml b/.github/workflows/build-all-images.yaml new file mode 100644 index 00000000..8d7764c8 --- /dev/null +++ b/.github/workflows/build-all-images.yaml @@ -0,0 +1,221 @@ +name: build-all-images + +on: + workflow_dispatch: + +env: + ENV_ID: ${{ secrets.DEV_ENV_ID }} + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + GITHUB_REGISTRY: ghcr.io + +jobs: + rule: + name: rule + runs-on: ubuntu-latest + env: + SERVICE_NAME: rule + steps: + - uses: actions/checkout@v4 + - name: build image + run: bash scripts/build-image-job.sh --service-name $SERVICE_NAME --build-ctx . + - name: tag image + run: docker tag $SERVICE_NAME:latest ${{ env.GITHUB_REGISTRY }}/${{ github.repository }}/$SERVICE_NAME:latest + - name: log into container registry + uses: docker/login-action@v3 + with: + registry: ${{ env.GITHUB_REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: push image + run: docker push ${{ env.GITHUB_REGISTRY }}/${{ github.repository }}/$SERVICE_NAME:latest + balance_by_account: + name: balance-by-account + runs-on: ubuntu-latest + env: + SERVICE_NAME: balance-by-account + steps: + - uses: actions/checkout@v4 + - name: build image + run: bash scripts/build-image-job.sh --service-name $SERVICE_NAME --build-ctx . + - name: tag image + run: docker tag $SERVICE_NAME:latest ${{ env.GITHUB_REGISTRY }}/${{ github.repository }}/$SERVICE_NAME:latest + - name: log into container registry + uses: docker/login-action@v3 + with: + registry: ${{ env.GITHUB_REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: push image + run: docker push ${{ env.GITHUB_REGISTRY }}/${{ github.repository }}/$SERVICE_NAME:latest + graphql: + name: graphql + runs-on: ubuntu-latest + env: + SERVICE_NAME: graphql + steps: + - uses: actions/checkout@v4 + - name: build image + run: bash scripts/build-image-job.sh --service-name $SERVICE_NAME --build-ctx . + - name: tag image + run: docker tag $SERVICE_NAME:latest ${{ env.GITHUB_REGISTRY }}/${{ github.repository }}/$SERVICE_NAME:latest + - name: log into container registry + uses: docker/login-action@v3 + with: + registry: ${{ env.GITHUB_REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: push image + run: docker push ${{ env.GITHUB_REGISTRY }}/${{ github.repository }}/$SERVICE_NAME:latest + request_create: + name: request-create + runs-on: ubuntu-latest + env: + SERVICE_NAME: request-create + steps: + - uses: actions/checkout@v4 + - name: build image + run: bash scripts/build-image-job.sh --service-name $SERVICE_NAME --build-ctx . + - name: tag image + run: docker tag $SERVICE_NAME:latest ${{ env.GITHUB_REGISTRY }}/${{ github.repository }}/$SERVICE_NAME:latest + - name: log into container registry + uses: docker/login-action@v3 + with: + registry: ${{ env.GITHUB_REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: push image + run: docker push ${{ env.GITHUB_REGISTRY }}/${{ github.repository }}/$SERVICE_NAME:latest + request_approve: + name: request-approve + runs-on: ubuntu-latest + env: + SERVICE_NAME: request-approve + steps: + - uses: actions/checkout@v4 + - name: build image + run: bash scripts/build-image-job.sh --service-name $SERVICE_NAME --build-ctx . + - name: tag image + run: docker tag $SERVICE_NAME:latest ${{ env.GITHUB_REGISTRY }}/${{ github.repository }}/$SERVICE_NAME:latest + - name: log into container registry + uses: docker/login-action@v3 + with: + registry: ${{ env.GITHUB_REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: push image + run: docker push ${{ env.GITHUB_REGISTRY }}/${{ github.repository }}/$SERVICE_NAME:latest + request_by_id: + name: request-by-id + runs-on: ubuntu-latest + env: + SERVICE_NAME: request-by-id + steps: + - uses: actions/checkout@v4 + - name: build image + run: bash scripts/build-image-job.sh --service-name $SERVICE_NAME --build-ctx . + - name: tag image + run: docker tag $SERVICE_NAME:latest ${{ env.GITHUB_REGISTRY }}/${{ github.repository }}/$SERVICE_NAME:latest + - name: log into container registry + uses: docker/login-action@v3 + with: + registry: ${{ env.GITHUB_REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: push image + run: docker push ${{ env.GITHUB_REGISTRY }}/${{ github.repository }}/$SERVICE_NAME:latest + requests_by_account: + name: requests-by-account + runs-on: ubuntu-latest + env: + SERVICE_NAME: requests-by-account + steps: + - uses: actions/checkout@v4 + - name: build image + run: bash scripts/build-image-job.sh --service-name $SERVICE_NAME --build-ctx . + - name: tag image + run: docker tag $SERVICE_NAME:latest ${{ env.GITHUB_REGISTRY }}/${{ github.repository }}/$SERVICE_NAME:latest + - name: log into container registry + uses: docker/login-action@v3 + with: + registry: ${{ env.GITHUB_REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: push image + run: docker push ${{ env.GITHUB_REGISTRY }}/${{ github.repository }}/$SERVICE_NAME:latest + transaction_by_id: + name: transaction-by-id + runs-on: ubuntu-latest + env: + SERVICE_NAME: transaction-by-id + steps: + - uses: actions/checkout@v4 + - name: build image + run: bash scripts/build-image-job.sh --service-name $SERVICE_NAME --build-ctx . + - name: tag image + run: docker tag $SERVICE_NAME:latest ${{ env.GITHUB_REGISTRY }}/${{ github.repository }}/$SERVICE_NAME:latest + - name: log into container registry + uses: docker/login-action@v3 + with: + registry: ${{ env.GITHUB_REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: push image + run: docker push ${{ env.GITHUB_REGISTRY }}/${{ github.repository }}/$SERVICE_NAME:latest + transactions_by_account: + name: transactions-by-account + runs-on: ubuntu-latest + env: + SERVICE_NAME: transactions-by-account + steps: + - uses: actions/checkout@v4 + - name: build image + run: bash scripts/build-image-job.sh --service-name $SERVICE_NAME --build-ctx . + - name: tag image + run: docker tag $SERVICE_NAME:latest ${{ env.GITHUB_REGISTRY }}/${{ github.repository }}/$SERVICE_NAME:latest + - name: log into container registry + uses: docker/login-action@v3 + with: + registry: ${{ env.GITHUB_REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: push image + run: docker push ${{ env.GITHUB_REGISTRY }}/${{ github.repository }}/$SERVICE_NAME:latest + auto_confirm: + name: auto-confirm + runs-on: ubuntu-latest + env: + SERVICE_NAME: auto-confirm + steps: + - uses: actions/checkout@v4 + - name: build image + run: bash scripts/build-image-job.sh --service-name $SERVICE_NAME --build-ctx . + - name: tag image + run: docker tag $SERVICE_NAME:latest ${{ env.GITHUB_REGISTRY }}/${{ github.repository }}/$SERVICE_NAME:latest + - name: log into container registry + uses: docker/login-action@v3 + with: + registry: ${{ env.GITHUB_REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: push image + run: docker push ${{ env.GITHUB_REGISTRY }}/${{ github.repository }}/$SERVICE_NAME:latest + go_migrate: + name: go-migrate + runs-on: ubuntu-latest + env: + SERVICE_NAME: go-migrate + steps: + - uses: actions/checkout@v4 + - name: build image + run: bash scripts/build-image-job.sh --service-name $SERVICE_NAME --build-ctx ./migrations/go-migrate # non root build context + - name: tag image + run: docker tag $SERVICE_NAME:latest ${{ env.GITHUB_REGISTRY }}/${{ github.repository }}/$SERVICE_NAME:latest + - name: log into container registry + uses: docker/login-action@v3 + with: + registry: ${{ env.GITHUB_REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: push image + run: docker push ${{ env.GITHUB_REGISTRY }}/${{ github.repository }}/$SERVICE_NAME:latest \ No newline at end of file diff --git a/scripts/README.md b/scripts/README.md index c70c0025..69baac46 100755 --- a/scripts/README.md +++ b/scripts/README.md @@ -296,4 +296,8 @@ deploys "last" dev ecr image to lambda function. "latest" tag convention not use used in integration test workflow after cloud integration tests pass 1. tests if current dev image tagged with merge commit 1. adds prod tag if current dev image tagged with merge commit, then pushes to prod ecr -1. exits if current dev image NOT tagged with merge commit (prod image not tagged and pushed) \ No newline at end of file +1. exits if current dev image NOT tagged with merge commit (prod image not tagged and pushed) + +### `build-image-job.sh` + +used in `.github/workflows/build-all-images.yaml` to copy zipped code from s3, then build, tag and push service images to github container registry \ No newline at end of file diff --git a/scripts/build-image-job.sh b/scripts/build-image-job.sh new file mode 100644 index 00000000..481ef9e8 --- /dev/null +++ b/scripts/build-image-job.sh @@ -0,0 +1,40 @@ +#!/bin/bash + +set -e + +# set in .github/workflows/build-all-images.yaml +if [[ -z $ENV_ID ]]; then + echo "ENV_ID is not set" + exit 1 +fi + +if [[ "$#" -ne 4 ]]; then + echo "use: bash scripts/build-image-job.sh --service-name request-create --build-ctx ." + exit 1 +fi + +while [[ "$#" -gt 0 ]]; do + case $1 in + --service-name) SERVICE_NAME="$2"; shift ;; + --build-ctx) BUILD_CTX="$2"; shift ;; + *) echo "unknown parameter passed: $1"; exit 1 ;; + esac + shift +done + +PROJECT_CONF=project.yaml +REGION=$(yq '.infrastructure.terraform.aws.modules.environment.env_var.set.REGION.default' $PROJECT_CONF) +ENV=dev +ID_ENV="$ENV_ID-$ENV" +ARTIFACTS_BUCKET_PREFIX=$(yq '.infrastructure.terraform.aws.modules["project-storage"].env_var.set.ARTIFACTS_BUCKET_PREFIX.default' $PROJECT_CONF) +ARTIFACTS_BUCKET="$ARTIFACTS_BUCKET_PREFIX-$ID_ENV" +SERVICES_ZIP=$(yq '.scripts.env_var.set.SERVICES_ZIP.default' $PROJECT_CONF) +SERVICES_DIR=$(echo $SERVICES_ZIP | sed 's/.zip//') + +aws s3 cp s3://$ARTIFACTS_BUCKET/$SERVICES_ZIP . --region $REGION + +unzip $SERVICES_ZIP -d $SERVICES_DIR + +cd $SERVICES_DIR + +docker build -t $SERVICE_NAME:latest -f ./docker/$SERVICE_NAME.Dockerfile $BUILD_CTX \ No newline at end of file