From 38a0b13976216d751aac369fa5830575d9350447 Mon Sep 17 00:00:00 2001 From: Mohamed ElSayed Date: Wed, 20 Nov 2024 15:30:38 +1100 Subject: [PATCH 1/6] chore: Configure repo with release please --- .github/workflows/release-please.yaml | 47 +++++++++++++++++++++++++++ .github/workflows/test.yml | 32 ++++++++++++++++++ .release-please-manifest.json | 3 ++ release-please-config.json | 12 +++++++ 4 files changed, 94 insertions(+) create mode 100644 .github/workflows/release-please.yaml create mode 100644 .github/workflows/test.yml create mode 100644 .release-please-manifest.json create mode 100644 release-please-config.json diff --git a/.github/workflows/release-please.yaml b/.github/workflows/release-please.yaml new file mode 100644 index 0000000..fccfef2 --- /dev/null +++ b/.github/workflows/release-please.yaml @@ -0,0 +1,47 @@ +name: Release Please +on: + push: + branches: + - master + +permissions: + actions: read # Read the metrics + contents: write # to be able to publish a GitHub release + issues: write # to be able to comment on released issues + pull-requests: write # to be able to comment on released pull requests + id-token: write # to enable use of OIDC for npm provenance / AWS + +env: + CLUSTER_KEY: ${{secrets.CLUSTER_KEY}} + +jobs: + release-please: + runs-on: ubuntu-latest + outputs: + # Root level release_created + release_created: ${{ steps.release.outputs.release_created }} + # Root level tag_name + tag_name: ${{ steps.release.outputs.tag_name }} + sha: ${{ steps.release.outputs.sha }} + steps: + - uses: googleapis/release-please-action@v4 + id: release + with: {} + + publish_docker_image: + name: Build and Push Docker Image + uses: uptick/actions/.github/workflows/ci.yaml@main + needs: release-please + if: ${{ needs.release-please.outputs.release_created }} + secrets: + SECRET_ENV: "${{ secrets.SSH_DEPLOY_KEY }}" + #https://github.com/uptick/actions/blob/main/.github/workflows/ci.yaml + with: + aws-iam-role-arn: "arn:aws:iam::610829907584:role/default-github-actions-ci-role" + docker-enabled: true + docker-context: "." + docker-tag: "${{ needs.release-please.outputs.tag_name }}" + docker-tag-latest: true + docker-image-platforms: linux/amd64 + docker-repository: "610829907584.dkr.ecr.ap-southeast-2.amazonaws.com/splat" + command: GIT_SSH_COMMAND='ssh -i <(echo "$SECRET_ENV") -o StrictHostKeyChecking=accept-new' git clone git@github.com:uptick/splat-private.git diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 0000000..32c8db7 --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,32 @@ +name: Test +on: + push: + branches: + - master + pull_request: ~ + +permissions: + actions: read # Read the metrics + contents: write # to be able to publish a GitHub release + issues: write # to be able to comment on released issues + pull-requests: write # to be able to comment on released pull requests + id-token: write # to enable use of OIDC for npm provenance / AWS + +jobs: + build: + name: Build and Push Docker Image + uses: uptick/actions/.github/workflows/ci.yaml@main + secrets: + SECRET_ENV: "${{ secrets.SSH_DEPLOY_KEY }}" + #https://github.com/uptick/actions/blob/main/.github/workflows/ci.yaml + with: + aws-iam-role-arn: "arn:aws:iam::610829907584:role/default-github-actions-ci-role" + docker-enabled: true + docker-context: "." + docker-prefix: test + docker-tag-latest: false + docker-image-platforms: linux/amd64 + docker-push: false + docker-repository: "610829907584.dkr.ecr.ap-southeast-2.amazonaws.com/splat" + command: GIT_SSH_COMMAND='ssh -i <(echo "$SECRET_ENV") -o StrictHostKeyChecking=accept-new' git clone git@github.com:uptick/splat-private.git + diff --git a/.release-please-manifest.json b/.release-please-manifest.json new file mode 100644 index 0000000..2b33d40 --- /dev/null +++ b/.release-please-manifest.json @@ -0,0 +1,3 @@ +{ + ".": "0.1.8" +} diff --git a/release-please-config.json b/release-please-config.json new file mode 100644 index 0000000..ab35934 --- /dev/null +++ b/release-please-config.json @@ -0,0 +1,12 @@ +{ + "packages": { + ".": { + "package-name": "splat", + "release-type": "python", + "changelog-path": "CHANGELOG.md", + "exclude-paths": [ + "tests/" + ] + } + } +} \ No newline at end of file From 6de686de569a5947260a19935b81015c69f4a75d Mon Sep 17 00:00:00 2001 From: Mohamed ElSayed Date: Wed, 20 Nov 2024 15:42:45 +1100 Subject: [PATCH 2/6] chore: Use DEPLOY_KEY and checkout splat-private --- .github/workflows/release-please.yaml | 2 +- .github/workflows/test.yml | 2 +- Dockerfile | 7 ++++--- 3 files changed, 6 insertions(+), 5 deletions(-) diff --git a/.github/workflows/release-please.yaml b/.github/workflows/release-please.yaml index fccfef2..88e4f69 100644 --- a/.github/workflows/release-please.yaml +++ b/.github/workflows/release-please.yaml @@ -34,7 +34,7 @@ jobs: needs: release-please if: ${{ needs.release-please.outputs.release_created }} secrets: - SECRET_ENV: "${{ secrets.SSH_DEPLOY_KEY }}" + SECRET_ENV: "${{ secrets.DEPLOY_KEY }}" #https://github.com/uptick/actions/blob/main/.github/workflows/ci.yaml with: aws-iam-role-arn: "arn:aws:iam::610829907584:role/default-github-actions-ci-role" diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 32c8db7..baadc24 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -17,7 +17,7 @@ jobs: name: Build and Push Docker Image uses: uptick/actions/.github/workflows/ci.yaml@main secrets: - SECRET_ENV: "${{ secrets.SSH_DEPLOY_KEY }}" + SECRET_ENV: "${{ secrets.DEPLOY_KEY }}" #https://github.com/uptick/actions/blob/main/.github/workflows/ci.yaml with: aws-iam-role-arn: "arn:aws:iam::610829907584:role/default-github-actions-ci-role" diff --git a/Dockerfile b/Dockerfile index 2831288..c73b4cf 100644 --- a/Dockerfile +++ b/Dockerfile @@ -55,10 +55,11 @@ RUN curl -O -J https://www.princexml.com/download/prince-14.2-aws-lambda.zip && rm prince-14.2-aws-lambda.zip -CMD rm -rf /var/task/fonts || true -COPY font[s] /var/task/fonts +RUN rm -rf /var/task/fonts || true RUN mkdir -p /var/task/fonts || true -COPY license.dat ./prince-engine/license/license.dat +COPY splat-private/font[s] /var/task/fonts + +COPY splat-private/license.dat ./prince-engine/license/license.dat COPY lambda_function.py ./ ENTRYPOINT [ "/entry_script.sh","lambda_function.lambda_handler" ] From fcea6ec03d6fa92f52cef48efa5cc99b992ca2be Mon Sep 17 00:00:00 2001 From: Mohamed ElSayed Date: Wed, 20 Nov 2024 15:46:27 +1100 Subject: [PATCH 3/6] chore: Fix command --- .github/workflows/release-please.yaml | 6 +++++- .github/workflows/test.yml | 6 +++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release-please.yaml b/.github/workflows/release-please.yaml index 88e4f69..be218a2 100644 --- a/.github/workflows/release-please.yaml +++ b/.github/workflows/release-please.yaml @@ -44,4 +44,8 @@ jobs: docker-tag-latest: true docker-image-platforms: linux/amd64 docker-repository: "610829907584.dkr.ecr.ap-southeast-2.amazonaws.com/splat" - command: GIT_SSH_COMMAND='ssh -i <(echo "$SECRET_ENV") -o StrictHostKeyChecking=accept-new' git clone git@github.com:uptick/splat-private.git + command: | + echo "$SECRET_ENV" > /tmp/deploy_key + chmod 600 /tmp/deploy_key + GIT_SSH_COMMAND="ssh -i /tmp/deploy_key -o StrictHostKeyChecking=accept-new" git clone git@github.com:uptick/splat-private.git + rm /tmp/deploy_key diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index baadc24..c00c026 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -28,5 +28,9 @@ jobs: docker-image-platforms: linux/amd64 docker-push: false docker-repository: "610829907584.dkr.ecr.ap-southeast-2.amazonaws.com/splat" - command: GIT_SSH_COMMAND='ssh -i <(echo "$SECRET_ENV") -o StrictHostKeyChecking=accept-new' git clone git@github.com:uptick/splat-private.git + command: | + echo "$SECRET_ENV" > /tmp/deploy_key + chmod 600 /tmp/deploy_key + GIT_SSH_COMMAND="ssh -i /tmp/deploy_key -o StrictHostKeyChecking=accept-new" git clone git@github.com:uptick/splat-private.git + rm /tmp/deploy_key From 833bc720a5782ac6141431dd307cdbc5b96ae005 Mon Sep 17 00:00:00 2001 From: Mohamed ElSayed Date: Wed, 20 Nov 2024 15:51:41 +1100 Subject: [PATCH 4/6] chore: Fix ci workflow --- .github/workflows/ci.yaml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index d2fddaf..41cbc75 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -21,7 +21,8 @@ env: jobs: ci: uses: uptick/actions/.github/workflows/ci.yaml@main - secrets: inherit + secrets: + SECRET_ENV: "${{ secrets.DEPLOY_KEY }}" with: python: true python-version: 3.11 @@ -29,6 +30,10 @@ jobs: poetry: true poetry-install-command: "poetry install" command: | + echo "$SECRET_ENV" > /tmp/deploy_key + chmod 600 /tmp/deploy_key + GIT_SSH_COMMAND="ssh -i /tmp/deploy_key -o StrictHostKeyChecking=accept-new" git clone git@github.com:uptick/splat-private.git + rm /tmp/deploy_key curl https://mise.jdx.dev/install.sh | sh echo "$HOME/.local/bin" >> $GITHUB_PATH echo "$HOME/.local/share/mise/shims" >> $GITHUB_PATH From 66326695f382d137ef451516924a072aa1a29ee3 Mon Sep 17 00:00:00 2001 From: Mohamed ElSayed Date: Thu, 21 Nov 2024 06:26:40 +1100 Subject: [PATCH 5/6] chore: Add CHANGELOG.md --- CHANGELOG.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 CHANGELOG.md diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 0000000..e69de29 From 5e34c5e3dbc74535e2a9507a10120da850a1ed25 Mon Sep 17 00:00:00 2001 From: Mohamed ElSayed Date: Thu, 21 Nov 2024 12:47:22 +1100 Subject: [PATCH 6/6] chore: Fix casing in Dockerfile --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index c73b4cf..e4fbb53 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ # Define function directory ARG FUNCTION_DIR="/var/task" -FROM mcr.microsoft.com/playwright/python:v1.43.0-jammy as build-image +FROM mcr.microsoft.com/playwright/python:v1.43.0-jammy AS build-image # Install aws-lambda-cpp build dependencies RUN apt-get update && \