Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(root): move docker images from github packages to aws ecr #6792

Merged
merged 34 commits into from
Oct 30, 2024
Merged

feat(root): move docker images from github packages to aws ecr #6792

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
34 commits
Select commit Hold shift + click to select a range
2af6774
refactor(ci): Update AWS ECR login and configure AWS credentials
merrcury Oct 25, 2024
e1f17b1
refactor(ci): Comment out unused test_api job in dev-deploy-api.yml
merrcury Oct 25, 2024
1e6a897
refactor(ci): Update AWS ECR login and configure AWS credentials
merrcury Oct 25, 2024
d045a82
refactor(ci): Remove unused test_api job and update Docker build conf…
merrcury Oct 25, 2024
b883cba
refactor(ci): Remove unused build api step and update Docker build co…
merrcury Oct 25, 2024
e68a5ba
refactor(ci): Update Docker build configuration in build-api action.yml
merrcury Oct 25, 2024
d1c09c9
refactor(ci): Update Docker build configuration and AWS credentials
merrcury Oct 25, 2024
d23638f
refactor(ci): Remove unused QEMU setup step in build-api action.yml
merrcury Oct 28, 2024
485abfb
refactor(ci): Update health check URL in build-worker action.yml
merrcury Oct 28, 2024
2e0c6ec
refactor(ci): Update Docker build configuration and AWS credentials i…
merrcury Oct 28, 2024
7bdde64
refactor(ci): Update Docker build configuration and AWS credentials i…
merrcury Oct 29, 2024
9c5ecd5
refactor(ci): Update Docker build configuration for '${{ inputs.packa…
merrcury Oct 29, 2024
060f693
refactor(ci): Update Docker build configuration for '${{ inputs.packa…
merrcury Oct 29, 2024
1feb604
refactor(ci): Fix typo in Docker tag for $REGISTRY/$REPOSITORY in reu…
merrcury Oct 29, 2024
0b3e277
refactor(ci): Update AWS region in prod-deploy-webhook.yml
merrcury Oct 29, 2024
d80b2c1
refactor(ci): Update Docker build configuration and AWS credentials i…
merrcury Oct 29, 2024
be15ef7
refactor(ci): Update Docker build configuration in prod-deploy-api.yml
merrcury Oct 29, 2024
f41a573
refactor(ci): Update Docker build configuration and AWS credentials i…
merrcury Oct 29, 2024
eb8beaf
refactor(ci): Remove unused GH_ACTOR and GH_PASSWORD variables in pro…
merrcury Oct 29, 2024
b577d4a
refactor(ci): Update Docker build configuration and AWS credentials i…
merrcury Oct 29, 2024
7dc9f7b
refactor(ci): Add AWS region configuration to prod-deploy-webhook.yml
merrcury Oct 29, 2024
b6bee12
refactor(ci): Remove unused publish_docker_image_web job in dev-deplo…
merrcury Oct 29, 2024
ed7fc81
refactor(ci): Remove commented out publish_docker_image_dashboard job…
merrcury Oct 29, 2024
9db814e
refactor(ci): Update dev-deploy-api.yml, dev-deploy-webhook.yml, dev-…
merrcury Oct 29, 2024
9509fc9
refactor(ci): Update deployment configurations for dev-deploy-dashboa…
merrcury Oct 29, 2024
36f2375
refactor(ci): Update dev-deploy-webhook.yml configuration
merrcury Oct 29, 2024
213d894
refactor(ci): Remove unused environment variable in build-worker acti…
merrcury Oct 29, 2024
834ddaa
refactor(ci): Remove unused environment variable in build-api and bui…
merrcury Oct 29, 2024
a4d401f
refactor(ci): Comment out unused test_api job in dev-deploy-api.yml (…
merrcury Oct 30, 2024
ce9a062
refactor(ci): Update if condition in dev-deploy-webhook.yml and dev-d…
merrcury Oct 30, 2024
b3c1d2d
refactor(ci): Update if condition in dev-deploy-webhook.yml and dev-d…
merrcury Oct 30, 2024
56c2636
refactor(ci): Comment out unused test_api job in dev-deploy-api.yml (…
merrcury Oct 30, 2024
3cbac2e
refactor(ci): Remove unused deployment workflows for PROD Embed, PROD…
merrcury Oct 30, 2024
d12f894
refactor(ci): Remove unused deployment workflows for PROD Embed, PROD…
merrcury Oct 30, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
91 changes: 32 additions & 59 deletions .github/actions/docker/build-api/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,11 @@ inputs:
description: 'Push the image to the registry'
required: false
default: 'false'
github_token:
description: 'The token to use for logging into ghcr.io'
aws-access-key-id:
description: 'Access Key for AWS'
required: true
aws-secret-access-key:
description: 'Secret Access Key for AWS'
required: true
fork:
description: 'Whether this is being triggered from a forked repo'
Expand All @@ -20,10 +23,6 @@ inputs:
docker_name:
description: 'Name for docker image'
required: true
environment:
required: false
type: string

bullmq_secret:
description: 'Bullmq secret api token'
required: true
Expand All @@ -36,29 +35,6 @@ outputs:
runs:
using: composite
steps:
- name: ⛏️ build api
shell: bash
run: pnpm build:api

# TODO Removed when migrated to action matrix for each build type
- uses: ./.github/actions/free-space
- uses: ./.github/actions/cache

- uses: crazy-max/ghaction-setup-docker@v2
with:
version: v24.0.6
daemon-config: |
{
"features": {
"containerd-snapshotter": true
}
}

- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: linux/amd64,linux/arm64

- name: Set Up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
Expand All @@ -70,13 +46,16 @@ runs:
service=${{ matrix.name }}
echo "SERVICE_NAME=$(basename "${service//-/-}")" >> $GITHUB_ENV

- name: Login To Registry
shell: bash
env:
GH_ACTOR: ${{ github.actor }}
GH_PASSWORD: ${{ inputs.github_token }}
run: |
echo $GH_PASSWORD | docker login ghcr.io -u $GH_ACTOR --password-stdin
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ inputs.aws-access-key-id }}
aws-secret-access-key: ${{ inputs.aws-secret-access-key }}
aws-region: eu-west-2

- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2

- name: Set Bull MQ Env variable for EE
shell: bash
Expand All @@ -87,16 +66,12 @@ runs:
- name: Build with Buildx, tag, and test
shell: bash
env:
REGISTRY_OWNER: novuhq
DOCKER_NAME: ${{ inputs.docker_name }}
REGISTRY: ${{ steps.login-ecr.outputs.registry }}
REPOSITORY: novu-dev/api
IMAGE_TAG: ${{ github.sha }}
GH_ACTOR: ${{ github.actor }}
GH_PASSWORD: ${{ inputs.github_token }}
DOCKER_BUILD_ARGUMENTS: >
--cache-from type=registry,ref=ghcr.io/novuhq/cache:build-cache-${{ env.SERVICE_NAME }}-${{ inputs.environment }}
--cache-to type=registry,ref=ghcr.io/novuhq/cache:build-cache-${{ env.SERVICE_NAME }}-${{ inputs.environment }},mode=max
--platform=linux/amd64 --provenance=false
--output=type=image,name=ghcr.io/novuhq/${{ inputs.docker_name }},push-by-digest=true,name-canonical=true
--output=type=image,name=$REGISTRY/$REPOSITORY,push-by-digest=true,name-canonical=true
run: |
set -x
cd apps/api && pnpm run docker:build
Expand All @@ -105,45 +80,43 @@ runs:
id: build-image
shell: bash
env:
REGISTRY_OWNER: novuhq
DOCKER_NAME: ${{ inputs.docker_name }}
REGISTRY: ${{ steps.login-ecr.outputs.registry }}
merrcury marked this conversation as resolved.
Show resolved Hide resolved
REPOSITORY: novu-dev/api
IMAGE_TAG: ${{ github.sha }}
GH_ACTOR: ${{ github.actor }}
GH_PASSWORD: ${{ inputs.github_token }}
run: |
echo "Built image"
docker tag novu-api ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:$IMAGE_TAG
docker tag novu-api $REGISTRY/$REPOSITORY:$IMAGE_TAG

docker run --network=host --name api -dit --env NODE_ENV=test ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:$IMAGE_TAG
docker run --network=host --name api -dit --env NODE_ENV=test $REGISTRY/$REPOSITORY:$IMAGE_TAG
docker run --network=host appropriate/curl --retry 10 --retry-delay 5 --retry-connrefused http://127.0.0.1:1337/v1/health-check | grep 'ok'

echo "IMAGE=ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:$IMAGE_TAG" >> $GITHUB_OUTPUT
echo "IMAGE=$REGISTRY/$REPOSITORY:$IMAGE_TAG" >> $GITHUB_OUTPUT

- name: Optionally tag docker image
if: ${{ inputs.tag }}
shell: bash
env:
REGISTRY_OWNER: novuhq
DOCKER_NAME: ${{ inputs.docker_name }}
REGISTRY: ${{ steps.login-ecr.outputs.registry }}
REPOSITORY: novu-dev/api
IMAGE_TAG: ${{ github.sha }}
run: |
docker tag ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:$IMAGE_TAG ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:${{ inputs.tag }}
docker tag $REGISTRY/$REPOSITORY:$IMAGE_TAG $REGISTRY/$REPOSITORY:${{ inputs.tag }}

- name: Push PR tag image
if: ${{ inputs.push == 'true' }}
shell: bash
env:
REGISTRY_OWNER: novuhq
DOCKER_NAME: ${{ inputs.docker_name }}
REGISTRY: ${{ steps.login-ecr.outputs.registry }}
REPOSITORY: novu-dev/api
IMAGE_TAG: ${{ github.sha }}
run: |
docker push ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:$IMAGE_TAG
docker push $REGISTRY/$REPOSITORY:$IMAGE_TAG

- name: Push custom tag image
if: ${{ inputs.push == 'true' && inputs.tag }}
shell: bash
env:
REGISTRY_OWNER: novuhq
DOCKER_NAME: ${{ inputs.docker_name }}
REGISTRY: ${{ steps.login-ecr.outputs.registry }}
REPOSITORY: novu-dev/api
run: |
docker push ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:${{ inputs.tag }}
docker push $REGISTRY/$REPOSITORY:${{ inputs.tag }}
95 changes: 33 additions & 62 deletions .github/actions/docker/build-worker/action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,11 @@ inputs:
description: 'Push the image to the registry'
required: false
default: 'false'
github_token:
description: 'The token to use for logging into ghcr.io'
aws-access-key-id:
description: 'Access Key for AWS'
required: true
aws-secret-access-key:
description: 'Secret Access Key for AWS'
required: true
fork:
description: 'Whether this is being triggered from a forked repo'
Expand All @@ -20,10 +23,6 @@ inputs:
docker_name:
description: 'Name for docker image'
required: true
environment:
required: false
type: string

bullmq_secret:
description: 'Bullmq secret api token'
required: true
Expand All @@ -36,29 +35,6 @@ outputs:
runs:
using: composite
steps:
- name: ⛏️ build worker
shell: bash
run: pnpm build:worker

# TODO Removed when migrated to action matrix for each build type
- uses: ./.github/actions/free-space
- uses: ./.github/actions/cache

- uses: crazy-max/ghaction-setup-docker@v2
with:
version: v24.0.6
daemon-config: |
{
"features": {
"containerd-snapshotter": true
}
}

- name: Setup QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: linux/amd64,linux/arm64

- name: Set Up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
Expand All @@ -70,13 +46,16 @@ runs:
service=${{ matrix.name }}
echo "SERVICE_NAME=$(basename "${service//-/-}")" >> $GITHUB_ENV

- name: Login To Registry
shell: bash
env:
GH_ACTOR: ${{ github.actor }}
GH_PASSWORD: ${{ inputs.github_token }}
run: |
echo $GH_PASSWORD | docker login ghcr.io -u $GH_ACTOR --password-stdin
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ inputs.aws-access-key-id }}
aws-secret-access-key: ${{ inputs.aws-secret-access-key }}
aws-region: eu-west-2

- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v2

- name: Set Bull MQ Env variable for EE
shell: bash
Expand All @@ -87,16 +66,12 @@ runs:
- name: Build with Buildx, tag, and test
shell: bash
env:
REGISTRY_OWNER: novuhq
DOCKER_NAME: ${{ inputs.docker_name }}
REGISTRY: ${{ steps.login-ecr.outputs.registry }}
REPOSITORY: novu-dev/worker
IMAGE_TAG: ${{ github.sha }}
GH_ACTOR: ${{ github.actor }}
GH_PASSWORD: ${{ inputs.github_token }}
DOCKER_BUILD_ARGUMENTS: >
--cache-from type=registry,ref=ghcr.io/novuhq/cache:build-cache-${{ env.SERVICE_NAME }}-${{ inputs.environment }}
--cache-to type=registry,ref=ghcr.io/novuhq/cache:build-cache-${{ env.SERVICE_NAME }}-${{ inputs.environment }},mode=max
--platform=linux/amd64 --provenance=false
--output=type=image,name=ghcr.io/novuhq/${{ inputs.docker_name }},push-by-digest=true,name-canonical=true
--output=type=image,name=$REGISTRY/$REPOSITORY,push-by-digest=true,name-canonical=true
run: |
set -x
cd apps/worker && pnpm run docker:build
Expand All @@ -105,47 +80,43 @@ runs:
id: build-image
shell: bash
env:
REGISTRY_OWNER: novuhq
DOCKER_NAME: ${{ inputs.docker_name }}
REGISTRY: ${{ steps.login-ecr.outputs.registry }}
REPOSITORY: novu-dev/worker
IMAGE_TAG: ${{ github.sha }}
GH_ACTOR: ${{ github.actor }}
GH_PASSWORD: ${{ inputs.github_token }}
run: |
echo "Tag image"
docker images --all
docker tag novu-worker ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:$IMAGE_TAG
echo "Built image"
docker tag novu-worker $REGISTRY/$REPOSITORY:$IMAGE_TAG

echo "Run image"
docker run --network=host --name worker -dit --env NODE_ENV=test ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:$IMAGE_TAG
docker run --network=host --name worker -dit --env NODE_ENV=test $REGISTRY/$REPOSITORY:$IMAGE_TAG
docker run --network=host appropriate/curl --retry 10 --retry-delay 5 --retry-connrefused http://127.0.0.1:1342/v1/health-check | grep 'ok'

echo "IMAGE=ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:$IMAGE_TAG" >> $GITHUB_OUTPUT
echo "IMAGE=$REGISTRY/$REPOSITORY:$IMAGE_TAG" >> $GITHUB_OUTPUT

- name: Optionally tag docker image
if: ${{ inputs.tag }}
shell: bash
env:
REGISTRY_OWNER: novuhq
DOCKER_NAME: ${{ inputs.docker_name }}
REGISTRY: ${{ steps.login-ecr.outputs.registry }}
REPOSITORY: novu-dev/worker
IMAGE_TAG: ${{ github.sha }}
run: |
docker tag ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:$IMAGE_TAG ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:${{ inputs.tag }}
docker tag $REGISTRY/$REPOSITORY:$IMAGE_TAG $REGISTRY/$REPOSITORY:${{ inputs.tag }}

- name: Push PR tag image
if: ${{ inputs.push == 'true' }}
shell: bash
env:
REGISTRY_OWNER: novuhq
DOCKER_NAME: ${{ inputs.docker_name }}
REGISTRY: ${{ steps.login-ecr.outputs.registry }}
REPOSITORY: novu-dev/worker
IMAGE_TAG: ${{ github.sha }}
run: |
docker push ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:$IMAGE_TAG
docker push $REGISTRY/$REPOSITORY:$IMAGE_TAG

- name: Push custom tag image
if: ${{ inputs.push == 'true' && inputs.tag }}
shell: bash
env:
REGISTRY_OWNER: novuhq
DOCKER_NAME: ${{ inputs.docker_name }}
REGISTRY: ${{ steps.login-ecr.outputs.registry }}
REPOSITORY: novu-dev/worker
run: |
docker push ghcr.io/$REGISTRY_OWNER/$DOCKER_NAME:${{ inputs.tag }}
docker push $REGISTRY/$REPOSITORY:${{ inputs.tag }}
Loading
Loading