From d550cf7097c8c4bb0db7dce686f5d39683c9efb4 Mon Sep 17 00:00:00 2001 From: Bruno Gabriel Date: Thu, 19 Dec 2024 11:57:12 -0300 Subject: [PATCH] chore: adjusts docker image configuration --- .github/workflows/lint_tests_and_sonar.yml | 17 +++++++++-- .github/workflows/login-ecr.yml | 34 +++++++++++++++++++++ .github/workflows/reusable-ecr-login.yml | 35 ++++++++++++++++++++++ Dockerfile | 2 +- Dockerfile.prod | 4 +-- docker-compose.yml | 2 +- 6 files changed, 88 insertions(+), 6 deletions(-) create mode 100644 .github/workflows/login-ecr.yml create mode 100644 .github/workflows/reusable-ecr-login.yml diff --git a/.github/workflows/lint_tests_and_sonar.yml b/.github/workflows/lint_tests_and_sonar.yml index b25ba8b..c2e3197 100644 --- a/.github/workflows/lint_tests_and_sonar.yml +++ b/.github/workflows/lint_tests_and_sonar.yml @@ -30,18 +30,31 @@ jobs: - name: Run lint run: npm run lint + login-erc: + uses: ./.github/workflows/login-ecr.yml@main + secrets: + AWS_PULL_ECR_ACCESS_KEY_ID: ${{ secrets.DOCKER_IMAGES_AWS_PULL_ACCESS_KEY_ID }} + AWS_PULL_ECR_SECRET_ACCESS_KEY: ${{ secrets.DOCKER_IMAGES_AWS_PULL_SECRET_ACCESS_KEY }} + test: name: Test runs-on: ubuntu-latest + needs: [login-erc] steps: - name: Checkout uses: actions/checkout@v3 + - name: Instalar Docker Compose Standalone + run: | + sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose + sudo chmod +x /usr/local/bin/docker-compose + - name: Login to Docker Hub uses: docker/login-action@v2 with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} + registry: ${{ needs.login-erc.outputs.registry }} + username: ${{ needs.login-erc.outputs.docker_username }} + password: ${{ needs.login-erc.outputs.docker_password }} - name: Run tests run: make test-ci diff --git a/.github/workflows/login-ecr.yml b/.github/workflows/login-ecr.yml new file mode 100644 index 0000000..48e4346 --- /dev/null +++ b/.github/workflows/login-ecr.yml @@ -0,0 +1,34 @@ +name: Reusable steps for ecr login job + +on: + workflow_call: + secrets: + AWS_PULL_ECR_ACCESS_KEY_ID: + required: true + AWS_PULL_ECR_SECRET_ACCESS_KEY: + required: true + outputs: + registry: + description: "registry from login" + value: ${{ jobs.configure_aws.outputs.registry }} + docker_username: + description: "registry from login" + value: ${{ jobs.configure_aws.outputs.docker_username }} + docker_password: + description: "registry from login" + value: ${{ jobs.configure_aws.outputs.docker_password }} + +jobs: + configure_aws: + runs-on: small-runner-on-demand + steps: + - name: Configure AWS credentials and login + uses: pagarme/github-actions-workflows/.github/reusable-ecr-login@main + id: login-ecr + with: + AWS_PULL_ECR_ACCESS_KEY_ID: ${{ secrets.AWS_PULL_ECR_ACCESS_KEY_ID }} + AWS_PULL_ECR_SECRET_ACCESS_KEY: ${{ secrets.AWS_PULL_ECR_SECRET_ACCESS_KEY }} + outputs: + registry: ${{ steps.login-ecr.outputs.registry }} + docker_username: ${{ steps.login-ecr.outputs.docker_username }} # More information on these outputs can be found below in the 'Docker Credentials' section + docker_password: ${{ steps.login-ecr.outputs.docker_password }} \ No newline at end of file diff --git a/.github/workflows/reusable-ecr-login.yml b/.github/workflows/reusable-ecr-login.yml new file mode 100644 index 0000000..bc750af --- /dev/null +++ b/.github/workflows/reusable-ecr-login.yml @@ -0,0 +1,35 @@ +name: Reusable steps for ecr login +description: this will be used to login in to docker-images ecr to download the pre-build images + +inputs: + AWS_PULL_ECR_ACCESS_KEY_ID: + description: 'ECR KEY ID for pull docker-image ecr' + required: true + AWS_PULL_ECR_SECRET_ACCESS_KEY: + required: true + description: 'ECR SECRET KEY for pull docker-image ecr' +outputs: + registry: + description: "registry from login" + value: ${{ steps.login-ecr.outputs.registry }} + docker_username: + description: "username for login" + value: ${{ steps.login-ecr.outputs.docker_username_697525377503_dkr_ecr_us_east_1_amazonaws_com }} + docker_password: + description: "password for login" + value: ${{ steps.login-ecr.outputs.docker_password_697525377503_dkr_ecr_us_east_1_amazonaws_com }} + +runs: + using: 'composite' + steps: + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v3 + id: configure-ecr + with: + aws-access-key-id: ${{ inputs.AWS_PULL_ECR_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ inputs.AWS_PULL_ECR_SECRET_ACCESS_KEY }} + aws-region: us-east-1 + mask-aws-account-id: "no" + - name: Login no Elastic Container Registry / ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index 1f76c0b..eb177c6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM pagarme/docker-nodejs:8.9 +FROM pay-docker-base-images:docker-nodejs:8.9 COPY package.json /superbowleto/package.json COPY package-lock.json /superbowleto/package-lock.json diff --git a/Dockerfile.prod b/Dockerfile.prod index 3548cdb..2c3a45b 100644 --- a/Dockerfile.prod +++ b/Dockerfile.prod @@ -1,4 +1,4 @@ -FROM pagarme/docker-nodejs:8.9 +FROM pay-docker-base-images:docker-nodejs:8.9 # Copy package definition files COPY package.json /app/package.json @@ -11,7 +11,7 @@ RUN apk update && \ apk add python make g++ && \ npm install --production -FROM pagarme/docker-nodejs:8.9 +FROM pay-docker-base-images:docker-nodejs:8.9 ENV APP_NAME 'superbowleto' diff --git a/docker-compose.yml b/docker-compose.yml index 7722c2e..3564b44 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -15,7 +15,7 @@ services: retries: 5 yopa: - image: pagarme/yopa:latest + image: pay-docker-base-images:pagarme-yopa command: java -Xms64m -Xmx256m -jar uberjar.jar -c /tmp/yopa-in/config.yml -o /tmp/dev-env-aws-regions-override.xml ports: - 47195