forked from mozilla/github-org-scripts
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathMakefile
102 lines (90 loc) · 3.13 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
gitrev := $(shell git rev-parse --short=10 HEAD)
VENV_NAME := venv
now := $(shell date --utc +%Y%m%dT%H%MZ)
github3_version:=1.1.0-$(now)-$(gitrev)
port := 8888
image_to_use := offboard-slim
container_user_name := jovyan
SOPS_credentials := $(SECOPS_SOPS_PATH)/off-boarding.yaml
DOCKER_OPTS :=
.PHONY: help
help:
@echo "Targets available"
@echo ""
@echo " help this message"
@echo " build create a docker image based on working directory"
@echo " run run a docker image previously created"
@echo " run-edit run with modifiable current directory"
@echo " vscode set env vars, then launch vscode"
@echo " jupyter run local (non docker) jupyter server for development (deprecated)"
@echo " $(VENV_NAME) create a local virtualenv for old style development (deprecated)"
$(VENV_NAME):
python3 -m venv $@
. $(VENV_NAME)/bin/activate && echo req*.txt | xargs -n1 pip install -r
@echo "Virtualenv created in $(VENV_NAME). You must activate before continuing."
false
SHELL := /bin/bash
.PHONY: build debug_build
# New build
build: Dockerfile .dockerignore Makefile notebooks/*ipynb requirements*.txt
docker buildx build --tag $(image_to_use):$(github3_version) --tag $(image_to_use):latest .
# debug the build by not using buildkit - we also assume last one failed, so no need to tag prior
debug-build:
DOCKER_BUILDKIT=0 docker build --tag $(image_to_use):debug .
# For `run`, we use the configs baked into the image at the time of
# the build, so we get what we expect.
.PHONY: run
run:
$(SHELL) -ce ' ( source set_secrets_in_env.sh $(SOPS_credentials); \
export TZ=$$(./get_olson_tz.sh) ; \
docker run --rm --publish-all \
--env "GITHUB_PAT" \
--env "CIS_CLIENT_ID" \
--env "CIS_CLIENT_SECRET" \
--env "TZ" \
--env "DOCKER_STACKS_JUPYTER_CMD=notebook" \
--publish $(port):8888 \
$(image_to_use):latest \
& \
job_pid=$$! ; \
sleep 5 ; \
docker ps --filter "ancestor=$(image_to_use)" ; \
wait $$job_pid ; \
) '
# For `run-edit`, we're mapping the local notebooks directory onto the container's notebooks directory
# This allows for editing the notebook, but still uses the baked in jupyter configuration (in $HOME)
.PHONY: run-edit
run-edit:
$(SHELL) -ce ' ( source set_secrets_in_env.sh $(SOPS_credentials); \
export TZ=$$(./get_olson_tz.sh) ; \
docker run --rm --publish-all \
$(DOCKER_OPTS) \
--env "GITHUB_PAT" \
--env "CIS_CLIENT_ID" \
--env "CIS_CLIENT_SECRET" \
--env "TZ" \
--env "DOCKER_STACKS_JUPYTER_CMD=notebook" \
--publish $(port):8888 \
--volume "$$PWD/notebooks:/home/$(container_user_name)"/notebooks \
$(image_to_use):latest \
& \
job_pid=$$! ; \
sleep 10 ; \
docker ps --filter "ancestor=$(image_to_use)" ; \
wait $$job_pid ; \
) '
.PHONY: vscode
vscode:
$(SHELL) -cex ' ( source set_secrets_in_env.sh $(SOPS_credentials); \
export TZ=$$(./get_olson_tz.sh) ; \
code . \
) '
.PHONY: jupyter
jupyter:
$(SHELL) -ce ' ( source set_secrets_in_env.sh $(SOPS_credentials); \
jupyter-notebook ; \
) '
.PHONY: debug-edit
debug-edit:
$(MAKE) DOCKER_OPTS="--security-opt=seccomp:unconfined" run-edit
# vim: noet ts=8