apk add python3 #74
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Docker Build | |
| on: | |
| push: | |
| # branches: | |
| # - main | |
| # pull_request: | |
| workflow_call: | |
| inputs: | |
| branch: | |
| description: "Branch name for build" | |
| required: true | |
| type: string | |
| permissions: | |
| id-token: write | |
| contents: read | |
| env: | |
| VAULT_PW: ${{ secrets.VAULT_PW }} | |
| REPORT_COVERAGE: true | |
| DPC_CA_CERT: ${{ secrets.DPC_CA_CERT }} | |
| ENV: "github-ci" | |
| jobs: | |
| docker_build: | |
| runs-on: self-hosted | |
| steps: | |
| - name: "Checkout code" | |
| uses: actions/checkout@v4 | |
| with: | |
| # path: dpc-app | |
| ref: ${{ github.ref_name }} | |
| - name: Check docker version | |
| run: docker --version | |
| - name: Install docker compose manually | |
| # run: sudo mkdir -p /usr/local/lib/docker/cli-plugins | | |
| # curl -sL https://github.com/docker/compose/releases/latest/download/docker-compose-linux-"$(uname -m)" -o /usr/local/lib/docker/cli-plugins/docker-compose | |
| # sudo chown root:root /usr/local/lib/docker/cli-plugins/docker-compose | |
| run: | | |
| sudo mkdir -p /usr/local/lib/docker/cli-plugins | |
| sudo curl -SL https://github.com/docker/compose/releases/download/v2.32.4/docker-compose-linux-x86_64 -o /usr/local/lib/docker/cli-plugins/docker-compose | |
| sudo chown root:root /usr/local/lib/docker/cli-plugins/docker-compose | |
| sudo chmod +x /usr/local/lib/docker/cli-plugins/docker-compose | |
| - name: Docker compose version | |
| run: docker compose version | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-region: ${{ vars.AWS_REGION }} | |
| role-to-assume: arn:aws:iam::${{ secrets.ACCOUNT_ID }}:role/delegatedadmin/developer/dpc-dev-github-actions | |
| - name: Login to Amazon ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| - name: "Set up JDK 11" | |
| uses: actions/setup-java@v1 | |
| with: | |
| java-version: "11" | |
| - name: Install Maven 3.6.3 | |
| run: | | |
| export PATH="$PATH:/opt/maven/bin" | |
| echo "PATH=$PATH" >> $GITHUB_ENV | |
| if mvn -v; then echo "Maven already installed" && exit 0; else echo "Installing Maven"; fi | |
| tmpdir="$(mktemp -d)" | |
| curl -LsS https://archive.apache.org/dist/maven/maven-3/3.6.3/binaries/apache-maven-3.6.3-bin.tar.gz | tar xzf - -C "$tmpdir" | |
| sudo rm -rf /opt/maven | |
| sudo mv "$tmpdir/apache-maven-3.6.3" /opt/maven | |
| - name: Clean maven | |
| run: mvn -ntp -U clean | |
| - name: Install python3 | |
| run: apk add python3=~3.11 --no-cache | |
| - name: Build app | |
| run: make ci-app | |
| - name: Build portal # this is run in parallel with the app build on jenkins, might break out to separate job | |
| run: make ci-portals-v1 | |
| # - name: Build, tag, and push docker image to Amazon ECR | |
| # env: | |
| # REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| # REPOSITORY: api | |
| # IMAGE_TAG: hardcodedstringfornow | |
| # run: | | |
| # docker tag $REGISTRY/dpc-$REPOSITORY $REGISTRY/dpc-$REPOSITORY:$IMAGE_TAG | |
| # docker push $REGISTRY/dpc-$REPOSITORY:$IMAGE_TAG | |
| # REPOSITORIES=['api', 'attribution', 'aggregation', 'consent', 'web', 'web-admin', 'web-portal'] | |
| ## | |
| ## - name: Push artifacts | |
| ## run: | # tag | |
| ## | |
| ## | |
| # # use ECR to save the artifacts | |
| # # TODO convert over to GHA | |
| ## - name: ECR Login | |
| ## run: "log into ECR here and then push up images" | |
| ## docker.withRegistry("https://$docker_ecr") { | |
| ## for (component in ['web', 'web-admin', 'web-portal']) { | |
| ## docker.image("${docker_ecr}/dpc-${component}:latest").push() | |
| ## docker.image("${docker_ecr}/dpc-${component}:$version_tag").push() | |
| ## } | |
| ## } |