-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
d3ec72b
commit 1f67c6a
Showing
5 changed files
with
177 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,79 @@ | ||
| name: Go | ||
|
|
||
| on: | ||
| push: | ||
| branches: [ "main" ] | ||
|
|
||
| jobs: | ||
| build-push-docker: | ||
| runs-on: ubuntu-latest | ||
| defaults: | ||
| run: | ||
| working-directory: . | ||
| steps: | ||
| - name: Check out the repository to the runner | ||
| uses: actions/checkout@v4 | ||
| - name: Build and Push Docker Image | ||
| env: | ||
| REGISTRY_NAME: "794038231069.dkr.ecr.us-west-2.amazonaws.com" | ||
| REPOSITORY_NAME: "sdm-service" | ||
| IMAGE_TAG: "prod" | ||
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | ||
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | ||
| AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} | ||
| run: | | ||
| aws ecr put-image-tag-mutability --repository-name ${REPOSITORY_NAME} --image-tag-mutability MUTABLE | ||
| docker build -t ${REGISTRY_NAME}/${REPOSITORY_NAME}:${IMAGE_TAG} . | ||
| aws ecr get-login-password | docker login --username AWS --password-stdin ${REGISTRY_NAME} | ||
| docker push ${REGISTRY_NAME}/${REPOSITORY_NAME}:${IMAGE_TAG} | ||
| update-ssm: | ||
| runs-on: ubuntu-latest | ||
| defaults: | ||
| run: | ||
| working-directory: . | ||
| steps: | ||
| - name: Check out the repository to the runner | ||
| uses: actions/checkout@v4 | ||
| - name: Update AWS SSM from config file | ||
| env: | ||
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | ||
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | ||
| AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} | ||
| ECS_SERVICE_NAME: "service-prod" | ||
| run: | | ||
| #!/bin/bash | ||
| export BRANCH_NAME=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}} | ||
| while read line; do | ||
| key=$(echo $line | cut -d '=' -f 1) | ||
| value=$(echo $line | cut -d '=' -f 2-) | ||
| echo "Updating AWS SSM: ${key}=$value" | ||
| aws ssm put-parameter --name /${ECS_SERVICE_NAME}/$key --value $value --overwrite --type String | ||
| done < "configs/${BRANCH_NAME}.conf" | ||
| restart: | ||
| needs: [build-push-docker, update-ssm] | ||
| runs-on: ubuntu-latest | ||
| defaults: | ||
| run: | ||
| working-directory: . | ||
| steps: | ||
| - name: Redeploy ECS Service | ||
| env: | ||
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | ||
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | ||
| AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} | ||
| ECS_SERVICE_NAME: "service-prod" | ||
| ECS_CLUSTER_NAME: "sdm-kachi-prod" | ||
| run: | | ||
| #!/bin/bash | ||
| aws ecs describe-task-definition \ | ||
| --task-definition arn:aws:ecs:us-west-2:677459762413:task-definition/${ECS_SERVICE_NAME} | ||
| aws ecs update-service \ | ||
| --service ${ECS_SERVICE_NAME} \ | ||
| --cluster ${ECS_CLUSTER_NAME} \ | ||
| --force-new-deployment | ||
| aws ecs wait services-stable \ | ||
| --services ${ECS_SERVICE_NAME} \ | ||
| --cluster ${ECS_CLUSTER_NAME} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,38 @@ | ||
| FROM public.ecr.aws/docker/library/golang:1.21 as build | ||
|
|
||
| RUN echo "nobody:*:65534:65534:nobody:/_nonexistent:/bin/false" > /etc/passwd.minimal | ||
|
|
||
| WORKDIR /app | ||
|
|
||
| COPY go.mod go.mod ./ | ||
|
|
||
| RUN go mod tidy | ||
|
|
||
| COPY . . | ||
|
|
||
| RUN CGO_ENABLED=0 go build -a -trimpath \ | ||
| -buildvcs=true -o /go/bin/gobinary \ | ||
| -tags osusergo,netgo \ | ||
| -ldflags "-s -w -extldflags '-static'" \ | ||
| -v . | ||
|
|
||
| ################################################# | ||
| ### Production Image | ||
| FROM scratch as runner | ||
| COPY --from=build /etc/passwd.minimal /etc/passwd | ||
| USER nobody | ||
|
|
||
| COPY --from=build --chown=nobody /etc/ssl/certs /etc/ssl/certs | ||
| COPY --from=build --chown=nobody /usr/share/zoneinfo /usr/share/zoneinfo | ||
|
|
||
| # Metadata params | ||
| ARG BUILD_DATE=`date` | ||
|
|
||
| # Metadata | ||
| LABEL org.opencontainers.image.created="${BUILD_DATE}" \ | ||
| org.opencontainers.image.vendor="Frontend Masters" \ | ||
| org.opencontainers.image.licenses="Apache-2.0" \ | ||
| org.opencontainers.image.base.name="scratch" | ||
|
|
||
| COPY --from=build --chown=nobody /go/bin/gobinary /gobinary | ||
| ENTRYPOINT ["/gobinary"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| sdm-instructor=Kachi | ||
| sdm-location=MN | ||
| sd-version=v0.0.1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| module github.com/ALT-F4-LLC/fem-eci-service | ||
|
|
||
| go 1.20 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,54 @@ | ||
| package main | ||
|
|
||
| import ( | ||
| "fmt" | ||
| "log" | ||
| "net/http" | ||
| "os" | ||
| "strings" | ||
| ) | ||
|
|
||
| const ( | ||
| PORT = "80" | ||
| ENV_PREFIX = "FEM" | ||
| ) | ||
|
|
||
| // Hello handler greets the user. | ||
| func Hello(w http.ResponseWriter, r *http.Request) { | ||
| w.Write([]byte("Hello from Display Server\n")) | ||
| } | ||
|
|
||
| // DisplayEnvVars handler displays environment variables with "FEM" prefix | ||
| func DisplayEnvVars(w http.ResponseWriter, r *http.Request) { | ||
| fmt.Fprintf(w, "--- Environment Variables with '"+ENV_PREFIX+"' prefix ---\n\n\n") | ||
| for key, value := range getEnvVarsWithPrefix(ENV_PREFIX) { | ||
| fmt.Fprintf(w, "%s = %s\n", key, value) | ||
| } | ||
| } | ||
|
|
||
| // getEnvVarsWithPrefix is implementation of DisplayEnvVars handler | ||
| func getEnvVarsWithPrefix(prefix string) map[string]string { | ||
| envVars := make(map[string]string) | ||
|
|
||
| for _, keypair := range os.Environ() { | ||
| key, value, found := strings.Cut(keypair, "=") | ||
| if found && strings.HasPrefix(key, prefix) { | ||
| envVars[key] = value | ||
| } | ||
| } | ||
|
|
||
| return envVars | ||
| } | ||
|
|
||
| func main() { | ||
| // Use the http.NewServeMux() function to initialize a new servemux | ||
| mux := http.NewServeMux() | ||
|
|
||
| // Register routes | ||
| mux.HandleFunc("/", Hello) | ||
| mux.HandleFunc("/env", DisplayEnvVars) | ||
|
|
||
| // Print a log a message to say that the server is starting. | ||
| log.Println("Starting server on port", PORT) | ||
| log.Fatalln(http.ListenAndServe(fmt.Sprintf(":%v", PORT), mux)) | ||
| } |