From 880f706f23cdebcbaaf2dd31134f4d5a384af53a Mon Sep 17 00:00:00 2001 From: devops72 <43383438+devops72-sre@users.noreply.github.com> Date: Tue, 5 Nov 2024 09:04:42 +0530 Subject: [PATCH] feat: cicd workflow (#93) * Added ci * Added ci * Add multiport * rename directory * rename directory * modified dockerfile * modified dockerfile * Added infisical * corrected comments --------- Co-authored-by: devops72-sre <> --- infra/theoros/Dockerfile | 43 +++++++++++++++++++++++++++++++++++++ infra/theoros/buildspec.yml | 29 +++++++++++++++++++++++++ infra/theoros/config.yml | 9 ++++++++ infra/theoros/entrypoint.sh | 7 ++++++ 4 files changed, 88 insertions(+) create mode 100644 infra/theoros/Dockerfile create mode 100644 infra/theoros/buildspec.yml create mode 100644 infra/theoros/config.yml create mode 100644 infra/theoros/entrypoint.sh diff --git a/infra/theoros/Dockerfile b/infra/theoros/Dockerfile new file mode 100644 index 00000000..bce52586 --- /dev/null +++ b/infra/theoros/Dockerfile @@ -0,0 +1,43 @@ + +FROM public.ecr.aws/docker/library/rust:1.81.0-slim-bookworm AS build + +ARG PACKAGE_NAME=theoros + +RUN apt-get update && apt-get install -y --no-install-recommends \ + build-essential pkg-config libssl-dev protobuf-compiler curl libprotobuf-dev && \ + apt-get autoremove -y && \ + apt-get clean && \ + rm -rf /var/lib/apt/lists/* + +RUN apt-get update && apt-get install -y bash curl && curl -1sLf \ +'https://dl.cloudsmith.io/public/infisical/infisical-cli/setup.deb.sh' | bash \ +&& apt-get update && apt-get install -y infisical + +WORKDIR /app + +COPY ./rust . + +RUN cargo build --release --package ${PACKAGE_NAME} + +FROM public.ecr.aws/docker/library/debian:bookworm-slim + +RUN apt-get update && apt-get install -y --no-install-recommends \ + libssl-dev wget ca-certificates && \ + apt-get autoremove -y && \ + apt-get clean && \ + rm -rf /var/lib/apt/lists/* +RUN groupadd pragma + +RUN useradd -g pragma pragma + +USER pragma + +WORKDIR /home/pragma +EXPOSE 3000 +EXPOSE 8080 +COPY --from=build /usr/bin/infisical /usr/bin/infisical +COPY infra/theoros/entrypoint.sh /home/pragma/entrypoint.sh +# Copy artifacts from base image +COPY --from=build /app/target/release/theoros /usr/local/bin/ + +ENTRYPOINT ["/bin/bash","/home/pragma/entrypoint.sh"] diff --git a/infra/theoros/buildspec.yml b/infra/theoros/buildspec.yml new file mode 100644 index 00000000..82795f84 --- /dev/null +++ b/infra/theoros/buildspec.yml @@ -0,0 +1,29 @@ +version: 0.2 +phases: + pre_build: + commands: + - echo Logging in to Amazon ECR... + - aws --version + - aws ecr get-login-password --region $ECR_REGION | docker login --username AWS --password-stdin $AWS_ACCOUNT_ID.dkr.ecr.$ECR_REGION.amazonaws.com + - REPOSITORY_URI=$AWS_ACCOUNT_ID.dkr.ecr.$ECR_REGION.amazonaws.com/$ECR_REPOSITORY_NAME + - COMMIT_HASH=$(echo $CODEBUILD_RESOLVED_SOURCE_VERSION | cut -c 1-7) + - IMAGE_TAG=${COMMIT_HASH:=latest} + build: + commands: + - echo Build started on `date` + - echo Building the Docker image... + - ls -ltr + - docker build -f infra/theoros/Dockerfile -t $REPOSITORY_URI:latest . + - docker tag $REPOSITORY_URI:latest $REPOSITORY_URI:$IMAGE_TAG + post_build: + commands: + - echo Pushing the Docker images... + - docker push $REPOSITORY_URI:latest + - docker push $REPOSITORY_URI:$IMAGE_TAG + - echo Writing image definitions file... + - printf '[{"name":"%s","imageUri":"%s"}]' $ECS_CONTAINER_NAME $REPOSITORY_URI:$IMAGE_TAG > imagedefinitions.json +artifacts: + files: + - imagedefinitions.json + - infra/theoros/config.yml + discard-paths: yes \ No newline at end of file diff --git a/infra/theoros/config.yml b/infra/theoros/config.yml new file mode 100644 index 00000000..aa01a2e4 --- /dev/null +++ b/infra/theoros/config.yml @@ -0,0 +1,9 @@ +path: "/" +container_port: 3000,8080 +health_check_path: "/health" +container_environment: + - region: "eu-west-3" + - prefix: "/conf/{{ SERVICE_NAME }}/{{ RUN_ENV }}" + - keys: + - INFISICAL_ENV + - INFISICAL_APP_PATH \ No newline at end of file diff --git a/infra/theoros/entrypoint.sh b/infra/theoros/entrypoint.sh new file mode 100644 index 00000000..886f6afd --- /dev/null +++ b/infra/theoros/entrypoint.sh @@ -0,0 +1,7 @@ +#!/bin/bash +set -euo pipefail +export INFISICAL_TOKEN=$(infisical login --method=universal-auth --client-id=${INFISICAL_CLIENT_ID} --client-secret=${INFISICAL_CLIENT_SECRET} --silent --plain) +infisical export --projectId=${INFISICAL_PROJECT_ID} --env=${INFISICAL_ENV} --path=${INFISICAL_APP_PATH} > .env +source .env +wget ${EVM_URL} -O evm_config.yaml +exec theoros ${ARGS} \ No newline at end of file