Skip to content

Commit

Permalink
ci(mojaloop/#3533): fix build and release pipeline (#169)
Browse files Browse the repository at this point in the history
  • Loading branch information
oderayi authored Oct 6, 2023
1 parent fc41186 commit 52a7572
Show file tree
Hide file tree
Showing 4 changed files with 77 additions and 51 deletions.
54 changes: 34 additions & 20 deletions .circleci/config.yml
Original file line number Diff line number Diff line change
Expand Up @@ -249,10 +249,16 @@ jobs:
command: |
node --version
npm ci
- run:
name: Set NODE_VERSION env variable
command: |
source ~/.profile
export DOCKER_NODE_VERSION="$NVMRC_VERSION-alpine"
echo "export DOCKER_NODE_VERSION=$NVMRC_VERSION-alpine" >> $BASH_ENV
- run:
name: Spin up core docker compose
command: |
docker-compose build
docker-compose build --build-arg NODE_VERSION=$DOCKER_NODE_VERSION
docker-compose up -d
- run:
name: Wait for services to be running and report healthy
Expand Down Expand Up @@ -420,6 +426,12 @@ jobs:
<<: *defaults_configure_nvmrc
- run:
<<: *defaults_display_versions
- run:
name: Set NODE_VERSION env variable
command: |
source ~/.profile
export DOCKER_NODE_VERSION="$NVMRC_VERSION-alpine"
echo "export DOCKER_NODE_VERSION=$NVMRC_VERSION-alpine" >> $BASH_ENV
- run:
name: Build Docker local image
command: >
Expand Down Expand Up @@ -515,8 +527,18 @@ jobs:
BASH_ENV: /etc/profile ## Ref: https://circleci.com/docs/env-vars/#alpine-linux
ENV: ~/.profile
NVM_ARCH_UNOFFICIAL_OVERRIDE: x64-musl ## Ref: https://github.com/nvm-sh/nvm/issues/1102#issuecomment-550572252
working_directory: *WORKING_DIR
steps:
- setup_remote_docker
- attach_workspace:
at: /tmp
- run:
name: Install docker dependencies for anchore
command: |
apk add --update py-pip docker python3-dev libffi-dev openssl-dev gcc libc-dev make jq curl bash
- run:
name: Install AWS CLI dependencies
command: *defaults_awsCliDependencies
- checkout
- run:
name: Setup Slack config
Expand All @@ -528,22 +550,12 @@ jobs:
echo "export SLACK_CI_URL=${CIRCLE_BUILD_URL}" >> $BASH_ENV
echo "export SLACK_CUSTOM_MSG='Anchore Image Scan failed for: \`${DOCKER_ORG:-mojaloop}/${CIRCLE_PROJECT_REPONAME}:${CIRCLE_TAG}\`'" >> $BASH_ENV
- run:
name: Install docker dependencies for anchore
command: |
apk add --update py-pip docker python3-dev libffi-dev openssl-dev gcc libc-dev make jq npm
<<: *defaults_configure_nvm
- run:
name: Install general dependencies
command: |
apk --no-cache add git
apk --no-cache add ca-certificates
apk --no-cache add curl
apk --no-cache add openssh-client
apk add --no-cache -t build-dependencies make gcc g++ python3 libtool autoconf automake
<<: *defaults_display_versions
- run:
name: Install AWS CLI dependencies
command: *defaults_awsCliDependencies
- attach_workspace:
at: /tmp
name: Install general dependencies
command: *defaults_docker_Dependencies
- run:
name: Load the pre-built docker image from workspace
command: docker load -i /tmp/docker-image.tar
Expand All @@ -556,13 +568,14 @@ jobs:
- run:
name: Pull base image locally
command: |
docker pull node:16.15.0-alpine
# Analyze the base and derived image
# Note: It seems images are scanned in parallel, so preloading the base image result doesn't give us any real performance gain
echo "Pulling docker image: node:$NVMRC_VERSION-alpine"
docker pull node:$NVMRC_VERSION-alpine
## Analyze the base and derived image
## Note: It seems images are scanned in parallel, so preloading the base image result doesn't give us any real performance gain
- anchore/analyze_local_image:
# Force the older version, version 0.7.0 was just published, and is broken
anchore_version: v0.6.1
image_name: "docker.io/node:${NVMRC_VERSION}-alpine ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:local"
image_name: "docker.io/node:$NVMRC_VERSION-alpine ${DOCKER_ORG:-mojaloop}/$CIRCLE_PROJECT_REPONAME:local"
policy_failure: false
timeout: '500'
# Note: if the generated policy is invalid, this will fallback to the default policy, which we don't want!
Expand All @@ -575,7 +588,7 @@ jobs:
aws s3 cp anchore-reports ${AWS_S3_DIR_ANCHORE_REPORTS}/latest/ --recursive
- run:
name: Evaluate failures
command: /tmp/ci-config/container-scanning/anchore-result-diff.js anchore-reports/node_16.15.0-alpine-policy.json anchore-reports/${CIRCLE_PROJECT_REPONAME}*-policy.json
command: /tmp/ci-config/container-scanning/anchore-result-diff.js anchore-reports/node_${NVMRC_VERSION}-alpine-policy.json anchore-reports/${CIRCLE_PROJECT_REPONAME}*-policy.json
- store_artifacts:
path: anchore-reports
- slack/notify:
Expand Down Expand Up @@ -645,6 +658,7 @@ jobs:

publish-snapshot:
executor: default-machine
shell: "/bin/bash -eo pipefail"
environment:
<<: *defaults_environment
steps:
Expand Down
18 changes: 15 additions & 3 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,19 +1,31 @@
FROM node:16.15.0-alpine as builder
# Arguments
ARG NODE_VERSION=lts-alpine

# NOTE: Ensure you set NODE_VERSION Build Argument as follows...
#
# export NODE_VERSION="$(cat .nvmrc)-alpine" \
# docker build \
# --build-arg NODE_VERSION=$NODE_VERSION \
# -t mojaloop/mojaloop-simulator:local \
# . \
#

# Build Image
FROM node:${NODE_VERSION} as builder
USER root

WORKDIR /opt/app/

RUN apk add --no-cache -t build-dependencies git make gcc g++ python3 libtool autoconf automake \
&& cd $(npm root -g)/npm \
&& npm config set unsafe-perm true \
&& npm install -g node-gyp

COPY package.json package-lock.json* /opt/app/
RUN npm ci

COPY src /opt/app/src

FROM node:16.15.0-alpine
FROM node:${NODE_VERSION}
WORKDIR /opt/app/

# Create empty log file & link stdout to the application log file
Expand Down
44 changes: 22 additions & 22 deletions package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

12 changes: 6 additions & 6 deletions package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "mojaloop-simulator",
"version": "14.0.2",
"version": "15.0.0-snapshot.11",
"description": "A canonical test example implementation of the parties, transfers and quotes resources of the Mojaloop FSP Interoperability API",
"license": "Apache-2.0",
"main": "src/index.js",
Expand Down Expand Up @@ -55,7 +55,7 @@
"chance": "1.1.11",
"core-util-is": "1.0.3",
"dotenv": "16.3.1",
"joi": "17.10.2",
"joi": "17.11.0",
"json-rules-engine": "^6.4.2",
"json-schema-ref-parser": "^9.0.9",
"koa": "2.14.2",
Expand All @@ -72,19 +72,19 @@
"@types/jest": "^29.5.5",
"audit-ci": "^6.6.1",
"ava": "^5.3.1",
"axios": "^1.5.0",
"axios": "^1.5.1",
"eslint": "8.50.0",
"eslint-config-airbnb-base": "15.0.0",
"eslint-plugin-ava": "^14.0.0",
"eslint-plugin-import": "2.28.1",
"eslint-plugin-jest": "^27.4.0",
"eslint-plugin-jest": "^27.4.2",
"husky": "8.0.3",
"jest": "^29.7.0",
"jest-junit": "^16.0.0",
"npm-check-updates": "16.14.4",
"npm-check-updates": "16.14.5",
"npm-run-all": "4.1.5",
"nyc": "15.1.0",
"sinon": "^16.0.0",
"sinon": "^16.1.0",
"standard-version": "^9.5.0",
"tap-xunit": "2.4.1",
"uuid": "9.0.1"
Expand Down

0 comments on commit 52a7572

Please sign in to comment.