Create CI

twaslowski · Mar 27, 2024 · e667d84 · e667d84
1 parent 6f88857
commit e667d84
Show file tree

Hide file tree

Showing 6 changed files with 159 additions and 12 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -0,0 +1,91 @@
+name: Build
+
+permissions:
+  contents: read
+  id-token: write
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout
+        uses: actions/checkout@v4
+
+      - name: Set up Python 3.11
+        uses: actions/setup-python@v5
+        with:
+          python-version: 3.11.6
+
+      - name: Install dependencies
+        run: |
+          sudo apt update
+          sudo apt install pipx
+          pipx ensurepath
+          pipx install poetry
+          poetry install --with dev
+
+      - name: Run tests
+        run: |
+          make test
+
+  create_infrastructure:
+    needs: test
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout
+        uses: actions/checkout@v4
+
+      - name: set up terraform
+        uses: hashicorp/setup-terraform@v1
+        with:
+          terraform_version: 1.0.11
+
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: arn:aws:iam::246770851643:role/github-actions
+          aws-region: eu-central-1
+
+      - name: Create infrastructure
+        run: |
+          cd terraform
+          terraform init
+          terraform apply -auto-approve
+
+  build_docker:
+    needs: create_infrastructure
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout
+        uses: actions/checkout@v4
+
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: arn:aws:iam::246770851643:role/github-actions
+          aws-region: eu-central-1
+
+      - name: Set up Python 3.11
+        uses: actions/setup-python@v5
+        with:
+          python-version: 3.11.6
+
+      - name: Install dependencies
+        run: |
+          sudo apt update
+          sudo apt install pipx
+          pipx ensurepath
+          pipx install poetry
+
+      - name: Build docker image
+        env:
+          AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
+        run: |
+          ./scripts/docker-util.sh build
+          ./scripts/docker-util.sh push
diff --git a/.gitignore b/.gitignore
@@ -9,3 +9,5 @@ data
 dump/
 graphs/
 package/
+
+.terraform*
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -18,11 +18,3 @@ repos:
 #        entry: bash -c "pushd backend && make lint"
 #        language: python
 #        pass_filenames: false
-
-  - repo: local
-    hooks:
-      - id: test
-        name: test
-        entry: bash -c "make test"
-        language: python
-        pass_filenames: false
diff --git a/scripts/build.sh b/scripts/build.sh
diff --git a/scripts/docker-util.sh b/scripts/docker-util.sh
@@ -0,0 +1,18 @@
+VERB=$1
+
+function build() {
+  mkdir -p package
+  poetry export -f requirements.txt -o package/requirements.txt --without-hashes
+  docker build -t mood-tracker:latest .
+}
+
+function push() {
+  commit_sha=$(git rev-parse --short HEAD)
+  aws ecr get-login-password --region eu-central-1 | docker login --username AWS --password-stdin "246770851643.dkr.ecr.eu-central-1.amazonaws.com"
+  docker tag "mood-tracker:latest" "246770851643.dkr.ecr.eu-central-1.amazonaws.com/mood-tracker:latest"
+  docker tag "mood-tracker:latest" "246770851643.dkr.ecr.eu-central-1.amazonaws.com/mood-tracker:${commit_sha}"
+  docker push "246770851643.dkr.ecr.eu-central-1.amazonaws.com/mood-tracker:latest"
+  docker push "246770851643.dkr.ecr.eu-central-1.amazonaws.com/mood-tracker:${commit_sha}"
+}
+
+$VERB
diff --git a/terraform/main.tf b/terraform/main.tf
@@ -0,0 +1,48 @@
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+    }
+  }
+
+  backend "s3" {
+    bucket = "telegram-mood-tracker-state"
+    key    = "mood-tracker/terraform.tfstate"
+    region = "eu-central-1"
+  }
+}
+
+data "aws_caller_identity" "current" {}
+
+module "mood_tracker_repository" {
+  source = "terraform-aws-modules/ecr/aws"
+
+  repository_name                 = "mood-tracker"
+  repository_image_tag_mutability = "MUTABLE"
+
+  repository_read_write_access_arns = [
+    data.aws_caller_identity.current.arn,
+  ]
+
+  repository_lifecycle_policy = local.repository_lifecycle_policy
+}
+
+locals {
+  repository_lifecycle_policy = jsonencode({
+    rules = [
+      {
+        rulePriority = 1,
+        description  = "Keep 3 images",
+        selection = {
+          tagStatus   = "any",
+          countType   = "imageCountMoreThan",
+          countNumber = 2
+        },
+        action = {
+          type = "expire"
+        }
+      }
+    ]
+  })
+}
+
-Original file line number
+Diff line change
@@ Expand Up / @@ -9,3 +9,5 @@ data @@
     dump/
     graphs/
     package/
+    .terraform*