From 7b76aa14e7653d6320de5267ae420ecaba009954 Mon Sep 17 00:00:00 2001 From: Tobias Waslowski Date: Fri, 24 May 2024 11:22:17 +0200 Subject: [PATCH 1/8] Push image to Dockerhub --- .github/workflows/build.yml | 17 +++++------------ 1 file changed, 5 insertions(+), 12 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ea04f94..8e05187 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -87,12 +87,6 @@ jobs: - name: checkout uses: actions/checkout@v4 - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: arn:aws:iam::246770851643:role/github-actions - aws-region: us-east-1 - - name: Set up Python 3.11 uses: actions/setup-python@v5 with: @@ -104,12 +98,11 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - - name: Login to Amazon ECR - id: login-ecr - uses: aws-actions/amazon-ecr-login@v2 + - name: Login to Docker Hub + uses: docker/login-action@v3 with: - registry-type: 'public' - mask-password: 'true' + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Load cached poetry id: cached-poetry @@ -134,7 +127,7 @@ jobs: id: meta uses: docker/metadata-action@v5 with: - images: public.ecr.aws/c1o1h8f4/mood-tracker + images: tobiaswaslowski/mood-tracker flavor: | latest=true # generate Docker tags based on the following events/attributes From f9f1381e15b26ebd6315734c5ef7298adac15845 Mon Sep 17 00:00:00 2001 From: Tobias Waslowski Date: Fri, 24 May 2024 11:26:50 +0200 Subject: [PATCH 2/8] do not skip build stage upon PR --- .github/workflows/build.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 8e05187..4d12f01 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -82,7 +82,6 @@ jobs: build_docker_multi_arch: needs: create_infrastructure runs-on: ubuntu-latest - if: github.event_name != 'pull_request' steps: - name: checkout uses: actions/checkout@v4 From edba11a86655c88ac79d413bd0ed2971472ea2b0 Mon Sep 17 00:00:00 2001 From: Tobias Waslowski Date: Fri, 24 May 2024 14:02:41 +0200 Subject: [PATCH 3/8] Also push to Amazon ECR --- .github/workflows/build.yml | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 4d12f01..d4ace12 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -97,12 +97,22 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: arn:aws:iam::246770851643:role/github-actions + aws-region: us-east-1 + - name: Login to Docker Hub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v2 + - name: Load cached poetry id: cached-poetry uses: actions/cache@v4 @@ -121,7 +131,6 @@ jobs: - name: export requirements run: poetry export -f requirements.txt -o requirements.txt --without-hashes - - name: Docker meta id: meta uses: docker/metadata-action@v5 @@ -149,3 +158,8 @@ jobs: labels: ${{ steps.meta.outputs.labels }} cache-from: type=gha cache-to: type=gha,mode=max + + - name: Push to Amazon ECR + run: | + docker tag tobiaswaslowski/mood-tracker:latest ${{ steps.login-ecr.outputs.registry }}:latest + docker push ${{ steps.login-ecr.outputs.registry }}:latest From ccf66d0e029bee71e18fdd8d568a33122e5111b0 Mon Sep 17 00:00:00 2001 From: Tobias Waslowski Date: Fri, 24 May 2024 14:22:07 +0200 Subject: [PATCH 4/8] Skip tests and infrastructure creation --- .github/workflows/build.yml | 70 +++---------------------------------- 1 file changed, 4 insertions(+), 66 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index d4ace12..ec015e2 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -14,71 +14,6 @@ on: branches: [ "main" ] jobs: - test: - runs-on: ubuntu-latest - steps: - - name: checkout - uses: actions/checkout@v4 - - - name: Set up Python 3.11 - id: setup-python - uses: actions/setup-python@v5 - with: - python-version: 3.11.6 - - - name: Load cached poetry - id: cached-poetry - uses: actions/cache@v4 - with: - path: ~/.local - key: dotlocal-${{ runner.os }}-${{ hashFiles('**/poetry.lock') }} - - - name: Install and configure Poetry - if: steps.cached-poetry.outputs.cache-hit != 'true' - uses: snok/install-poetry@v1 - with: - virtualenvs-create: true - virtualenvs-in-project: true - installer-parallel: true - - - name: Load cached venv - id: cached-poetry-dependencies - uses: actions/cache@v4 - with: - path: .venv - key: venv-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('**/poetry.lock') }} - - - name: Install dependencies - if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true' - run: poetry install --no-interaction --no-root --with dev - - - name: Run tests - run: bash -c scripts/test.sh - - create_infrastructure: - needs: test - runs-on: ubuntu-latest - steps: - - name: checkout - uses: actions/checkout@v4 - - - name: set up terraform - uses: hashicorp/setup-terraform@v3 - with: - terraform_version: 1.7.5 - - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: arn:aws:iam::246770851643:role/github-actions - aws-region: eu-central-1 - - - name: Create infrastructure - run: | - cd terraform - terraform init - terraform apply -auto-approve - build_docker_multi_arch: needs: create_infrastructure runs-on: ubuntu-latest @@ -112,6 +47,9 @@ jobs: - name: Login to Amazon ECR id: login-ecr uses: aws-actions/amazon-ecr-login@v2 + with: + registry-type: 'public' + mask-password: 'true' - name: Load cached poetry id: cached-poetry @@ -161,5 +99,5 @@ jobs: - name: Push to Amazon ECR run: | - docker tag tobiaswaslowski/mood-tracker:latest ${{ steps.login-ecr.outputs.registry }}:latest + docker tag tobiaswaslowski/mood-tracker:${{ steps.meta.outputs.version }} ${{ steps.login-ecr.outputs.registry }}:latest docker push ${{ steps.login-ecr.outputs.registry }}:latest From 4019f0bc6d65ab29ab628931fedc51ad1a41f858 Mon Sep 17 00:00:00 2001 From: Tobias Waslowski Date: Fri, 24 May 2024 14:23:17 +0200 Subject: [PATCH 5/8] Remove dependency --- .github/workflows/build.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ec015e2..eb7b157 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -15,7 +15,6 @@ on: jobs: build_docker_multi_arch: - needs: create_infrastructure runs-on: ubuntu-latest steps: - name: checkout From 830506b67680bc65c25d71fb6921289d45c3beec Mon Sep 17 00:00:00 2001 From: Tobias Waslowski Date: Fri, 24 May 2024 14:27:07 +0200 Subject: [PATCH 6/8] Simply use two different meta and build/push steps --- .github/workflows/build.yml | 38 ++++++++++++++++++++++++++++++------- 1 file changed, 31 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index eb7b157..6f696f8 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -69,7 +69,7 @@ jobs: run: poetry export -f requirements.txt -o requirements.txt --without-hashes - name: Docker meta - id: meta + id: meta-dockerhub uses: docker/metadata-action@v5 with: images: tobiaswaslowski/mood-tracker @@ -85,18 +85,42 @@ jobs: type=semver,pattern={{major}} type=sha + - name: Docker meta + id: meta-ecr + uses: docker/metadata-action@v5 + with: + images: public.ecr.aws/c1o1h8f4/mood-tracker + flavor: | + latest=true + # generate Docker tags based on the following events/attributes + tags: | + type=schedule + type=ref,event=branch + type=ref,event=pr + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + type=semver,pattern={{major}} + type=sha + + - name: Build and push uses: docker/build-push-action@v5 with: context: . platforms: linux/amd64,linux/arm64 push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} + tags: ${{ steps.meta-dockerhub.outputs.tags }} + labels: ${{ steps.meta-dockerhub.outputs.labels }} cache-from: type=gha cache-to: type=gha,mode=max - - name: Push to Amazon ECR - run: | - docker tag tobiaswaslowski/mood-tracker:${{ steps.meta.outputs.version }} ${{ steps.login-ecr.outputs.registry }}:latest - docker push ${{ steps.login-ecr.outputs.registry }}:latest + - name: Build and push + uses: docker/build-push-action@v5 + with: + context: . + platforms: linux/amd64,linux/arm64 + push: true + tags: ${{ steps.meta-ecr.outputs.tags }} + labels: ${{ steps.meta-ecr.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max From a22138588773c72d198ef90d0c26b08db1b33111 Mon Sep 17 00:00:00 2001 From: Tobias Waslowski Date: Fri, 24 May 2024 14:30:22 +0200 Subject: [PATCH 7/8] Restore previous pipeline configuration --- .github/workflows/build.yml | 66 +++++++++++++++++++++++++++++++++++++ 1 file changed, 66 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 6f696f8..670b154 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -14,7 +14,73 @@ on: branches: [ "main" ] jobs: + test: + runs-on: ubuntu-latest + steps: + - name: checkout + uses: actions/checkout@v4 + + - name: Set up Python 3.11 + id: setup-python + uses: actions/setup-python@v5 + with: + python-version: 3.11.6 + + - name: Load cached poetry + id: cached-poetry + uses: actions/cache@v4 + with: + path: ~/.local + key: dotlocal-${{ runner.os }}-${{ hashFiles('**/poetry.lock') }} + + - name: Install and configure Poetry + if: steps.cached-poetry.outputs.cache-hit != 'true' + uses: snok/install-poetry@v1 + with: + virtualenvs-create: true + virtualenvs-in-project: true + installer-parallel: true + + - name: Load cached venv + id: cached-poetry-dependencies + uses: actions/cache@v4 + with: + path: .venv + key: venv-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('**/poetry.lock') }} + + - name: Install dependencies + if: steps.cached-poetry-dependencies.outputs.cache-hit != 'true' + run: poetry install --no-interaction --no-root --with dev + + - name: Run tests + run: bash -c scripts/test.sh + + create_infrastructure: + needs: test + runs-on: ubuntu-latest + steps: + - name: checkout + uses: actions/checkout@v4 + + - name: set up terraform + uses: hashicorp/setup-terraform@v3 + with: + terraform_version: 1.7.5 + + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: arn:aws:iam::246770851643:role/github-actions + aws-region: eu-central-1 + + - name: Create infrastructure + run: | + cd terraform + terraform init + terraform apply -auto-approve + build_docker_multi_arch: + needs: create_infrastructure runs-on: ubuntu-latest steps: - name: checkout From bca89c900a043cb5c6b821d63cdd6ac4cb1b5263 Mon Sep 17 00:00:00 2001 From: Tobias Waslowski Date: Fri, 24 May 2024 14:53:51 +0200 Subject: [PATCH 8/8] Stop referencing ECR repository in code and documentation --- README.md | 8 ++++---- docker-compose.yml | 2 +- scripts/run.sh | 2 +- terraform/files/USAGE.md | 27 +++++++++------------------ 4 files changed, 15 insertions(+), 24 deletions(-) diff --git a/README.md b/README.md index 727324d..de728bd 100644 --- a/README.md +++ b/README.md @@ -68,7 +68,7 @@ Assuming you have a MongoDB instance running on your local machine that is bound (e.g. by running `docker run -p 27017:27017 mongo`) you can run the following command: docker run --env TELEGRAM_TOKEN=$TELEGRAM_TOKEN \ - public.ecr.aws/c1o1h8f4/mood-tracker:latest + tobiaswaslowski/mood-tracker:latest Supported architectures are x86_64 (amd64) and arm64. If you require images for additional architectures, feel free to raise a ticket or build your own images (see [Development](#development)). @@ -97,7 +97,7 @@ The run command in that case could look like this: docker run --env TELEGRAM_TOKEN=$TELEGRAM_TOKEN \ --env MONGO_HOST=192.168.1.1:27017 \ --network="host" \ - public.ecr.aws/c1o1h8f4/mood-tracker:latest + tobiaswaslowski/mood-tracker:latest For more guidance on Docker networking, please refer to the [official documentation](https://docs.docker.com/network/). @@ -116,7 +116,7 @@ docker run -d --rm \ --name mood-tracker \ -e TELEGRAM_TOKEN="$TELEGRAM_TOKEN" \ -v "$HOME/.aws/credentials:/root/.aws/credentials:ro" \ - public.ecr.aws/c1o1h8f4/mood-tracker:latest + tobiaswaslowski/mood-tracker:latest ``` Why `/root/.aws/credentials`? Because `boto3` checks in the home directory of the user running the script for the @@ -134,7 +134,7 @@ docker run -d --rm \ --name mood-tracker \ -e TELEGRAM_TOKEN="$TELEGRAM_TOKEN" \ -v ./config.yaml:/app/config.yaml \ - public.ecr.aws/c1o1h8f4/mood-tracker:latest + tobiaswaslowski/mood-tracker:latest ``` # Configuration diff --git a/docker-compose.yml b/docker-compose.yml index 6c48239..87443e4 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -7,7 +7,7 @@ services: - mongo_data:/data/db mood-tracker: - image: public.ecr.aws/c1o1h8f4/mood-tracker:latest + image: tobiaswaslowski/mood-tracker:latest build: context: . dockerfile: Dockerfile diff --git a/scripts/run.sh b/scripts/run.sh index 4c44d0e..ca670f3 100755 --- a/scripts/run.sh +++ b/scripts/run.sh @@ -18,4 +18,4 @@ sudo docker run -d --rm \ --security-opt seccomp:unconfined \ -v "$HOME/.aws/credentials:/root/.aws/credentials:ro" \ -v ./config.yaml:/app/config.yaml \ - public.ecr.aws/c1o1h8f4/mood-tracker:latest + tobiaswaslowski/mood-tracker:latest diff --git a/terraform/files/USAGE.md b/terraform/files/USAGE.md index 72984ba..3913b75 100644 --- a/terraform/files/USAGE.md +++ b/terraform/files/USAGE.md @@ -1,28 +1,19 @@ # Usage +## DEPRECATION NOTICE + +I'm discontinuing support for ECR. Please use the Docker Hub image instead. The new repository is: + + tobiaswaslowski/mood-tracker + ## Quickstart -I host the Docker image for this application on a public ECR repository. You have to create your own -Telegram via the [Botfather](https://t.me/botfather) and supply it to the container as an environment variable. +You have to create your ownm Telegram via the [Botfather](https://t.me/botfather) and supply it to the container as an environment variable. Additionally, you'll have to have a MongoDB instance running for persistence. Assuming you have a MongoDB instance running on your local machine that is bound to `127.0.0.1:27017`, (e.g. by running `docker run -p 27017:27017 mongo`) you can run the following command: docker run --env TELEGRAM_TOKEN=$TELEGRAM_TOKEN \ - public.ecr.aws/c1o1h8f4/mood-tracker:latest - -Supported architectures are x86_64 (amd64) and arm64. If you require images -for additional architectures, feel free to raise a ticket or build your own images (see [Development](#development)). - -## MongoDB Configuration - -If your MongoDB instance is bound to a different hosts, you'll have to supply the connection string as an environment -variable. If you're running Docker for Linux, I recommend using `--network="host"` for simplicity's sake. -The run command in that case could look like this: - - docker run --env TELEGRAM_TOKEN=$TELEGRAM_TOKEN \ - --env MONGO_HOST=192.168.1.1:27017 \ - --network="host" \ - public.ecr.aws/c1o1h8f4/mood-tracker:latest + tobiaswaslowski/mood-tracker:latest -For more guidance on Docker networking, please refer to the [official documentation](https://docs.docker.com/network/). +DynamoDB is also supported as a backend. For more information, check out the [documentation](https://github.com/twaslowski/telegram-mood-tracker?tab=readme-ov-file#running).