-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1468 from NYPL/TGR-149-tiger-team-release-branch
Tgr 149 tiger team release branch
- Loading branch information
Showing
99 changed files
with
3,475 additions
and
3,385 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
# .env | ||
AWS_ACCESS_KEY_ID=<your-public-nypl-sandbox-cli-key> | ||
AWS_SECRET_ACCESS_KEY=<your-private-nypl-sandbox-cli-key> | ||
AWS_REGION=us-east-1 | ||
RAILS_ENV=development |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
name: Deploy Production | ||
on: | ||
workflow_run: | ||
workflows: ["CI"] | ||
types: | ||
- completed | ||
|
||
permissions: | ||
id-token: write | ||
contents: read | ||
|
||
jobs: | ||
deploy_production: | ||
if: ${{ github.event.workflow_run.conclusion == 'success' && github.event.workflow_run.head_branch == 'production' }} | ||
name: Deploy Production | ||
runs-on: ubuntu-latest | ||
environment: production | ||
steps: | ||
- name: checkout | ||
uses: actions/checkout@v2 | ||
|
||
- name: Configure AWS credentials for Production environment account | ||
uses: aws-actions/configure-aws-credentials@v2 | ||
with: | ||
role-to-assume: arn:aws:iam::946183545209:role/GithubActionsDeployerRole | ||
aws-region: us-east-1 | ||
|
||
- name: Login to Amazon ECR | ||
id: login-ecr | ||
uses: aws-actions/amazon-ecr-login@v1 | ||
|
||
- name: Build, tag, and push image to Amazon ECR | ||
env: | ||
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | ||
ECR_REPOSITORY: my-library-nyc-app | ||
IMAGE_TAG: ${{ github.sha }} | ||
run: | | ||
DOCKER_BUILDKIT=1 docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG . | ||
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG | ||
docker tag $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG $ECR_REGISTRY/$ECR_REPOSITORY:production-latest | ||
docker push $ECR_REGISTRY/$ECR_REPOSITORY:production-latest | ||
- name: Force ECS Update | ||
run: | | ||
aws ecs update-service --cluster mylibrarynycapp-production --service mylibrarynycapp-production --force-new-deployment | ||
aws ecs update-service --cluster mylibrarynycapp-production --service mylibrarynycapp-production-delayed-job --force-new-deployment |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
name: Deploy QA | ||
on: | ||
workflow_run: | ||
workflows: ["CI"] | ||
types: | ||
- completed | ||
|
||
permissions: | ||
id-token: write | ||
contents: read | ||
|
||
jobs: | ||
deploy_qa: | ||
if: ${{ github.event.workflow_run.conclusion == 'success' && github.event.workflow_run.head_branch == 'qa' }} | ||
name: Deploy QA | ||
runs-on: ubuntu-latest | ||
environment: qa | ||
steps: | ||
- name: checkout | ||
uses: actions/checkout@v2 | ||
|
||
- name: Configure AWS credentials for QA environment account | ||
uses: aws-actions/configure-aws-credentials@v2 | ||
with: | ||
role-to-assume: arn:aws:iam::946183545209:role/GithubActionsDeployerRole | ||
aws-region: us-east-1 | ||
|
||
- name: Login to Amazon ECR | ||
id: login-ecr | ||
uses: aws-actions/amazon-ecr-login@v1 | ||
|
||
- name: Build, tag, and push image to Amazon ECR | ||
env: | ||
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | ||
ECR_REPOSITORY: my-library-nyc-app | ||
IMAGE_TAG: ${{ github.sha }} | ||
run: | | ||
DOCKER_BUILDKIT=1 docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG . | ||
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG | ||
docker tag $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG $ECR_REGISTRY/$ECR_REPOSITORY:qa-latest | ||
docker push $ECR_REGISTRY/$ECR_REPOSITORY:qa-latest | ||
- name: Force ECS Update | ||
run: | | ||
aws ecs update-service --cluster mylibrarynycapp-qa --service mylibrarynycapp-qa --force-new-deployment | ||
aws ecs update-service --cluster mylibrarynycapp-qa --service mylibrarynycapp-qa-delayed-job --force-new-deployment |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
name: CI | ||
|
||
on: | ||
push: | ||
branches: | ||
- qa | ||
- production | ||
pull_request: | ||
branches: | ||
- qa | ||
- production | ||
|
||
jobs: | ||
build_and_test: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: check out code | ||
uses: actions/checkout@v2 | ||
|
||
- name: set up docker | ||
uses: docker/setup-buildx-action@v2 | ||
|
||
- name: install docker compose | ||
run: | | ||
sudo apt-get update | ||
sudo apt-get install -y docker-compose | ||
- name: build application | ||
run: | | ||
docker-compose build | ||
- name: Run tests | ||
run: | | ||
docker-compose up -d | ||
docker-compose run webapp sh -c 'RAILS_ENV=test bundle exec rails test' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
--require spec_helper | ||
--format documentation |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,56 +1,49 @@ | ||
# syntax = docker/dockerfile:1.3 | ||
FROM ruby:2.7.4 AS builder | ||
|
||
# set env vars | ||
ENV APP_HOME /home/app/MyLibraryNYCApp | ||
ENV AWS_DEFAULT_REGION=us-east-1 | ||
|
||
ARG RAILS_ENV | ||
ENV RAILS_ENV=${RAILS_ENV} | ||
|
||
# Set base image and working directory | ||
FROM ruby:3.3 | ||
|
||
# Install necessary packages, including curl and PostgreSQL client | ||
RUN apt-get update -qq && apt-get install -y \ | ||
curl \ | ||
postgresql-client \ | ||
&& curl -fsSL https://deb.nodesource.com/setup_20.x | bash - \ | ||
&& apt-get install -y nodejs \ | ||
&& apt-get clean \ | ||
&& rm -rf /var/lib/apt/lists/* | ||
|
||
# Install Yarn globally | ||
RUN npm install -g yarn | ||
|
||
# Set environment variables | ||
ENV RAILS_ENV=development | ||
ENV APP_HOME=/app | ||
RUN mkdir $APP_HOME | ||
WORKDIR $APP_HOME | ||
|
||
# install packages | ||
RUN apt-get update -qq \ | ||
&& apt-get install -y \ | ||
curl \ | ||
postgresql-client \ | ||
git | ||
|
||
RUN curl -sL https://deb.nodesource.com/setup_16.x | bash - \ | ||
&& apt-get -y install nodejs \ | ||
&& npm install --global yarn | ||
|
||
# Install esbuild | ||
# Install esbuild globally | ||
RUN npm install -g esbuild | ||
|
||
# set up app files | ||
COPY . $APP_HOME | ||
COPY Gemfile $APP_HOME | ||
COPY Gemfile.lock $APP_HOME | ||
WORKDIR $APP_HOME | ||
# Copy Gemfile and Gemfile.lock first | ||
COPY Gemfile Gemfile.lock $APP_HOME/ | ||
|
||
## bundle | ||
ENV BUNDLER_VERSION=2.4.22 | ||
RUN gem install bundler -v $BUNDLER_VERSION | ||
RUN bundle config --global github.https true \ | ||
&& bundle install --jobs 30 | ||
# Install bundler and Ruby dependencies | ||
RUN gem install bundler -v 2.5.20 | ||
RUN bundle install --jobs 30 | ||
|
||
COPY package.json $APP_HOME/package.json | ||
COPY package-lock.json $APP_HOME/package-lock.json | ||
# Copy package.json and package-lock.json before running yarn install | ||
COPY package.json $APP_HOME/ | ||
|
||
# Install JS dependencies | ||
RUN yarn install | ||
|
||
# build | ||
# Now copy the rest of the application | ||
COPY . $APP_HOME/ | ||
|
||
# Precompile assets | ||
RUN yarn build | ||
RUN yarn build:css | ||
RUN --mount=type=secret,id=AWS_ACCESS_KEY_ID \ | ||
--mount=type=secret,id=AWS_SECRET_ACCESS_KEY \ | ||
AWS_ACCESS_KEY_ID=$(cat /run/secrets/AWS_ACCESS_KEY_ID) \ | ||
&& export AWS_ACCESS_KEY_ID \ | ||
AWS_SECRET_ACCESS_KEY=$(cat /run/secrets/AWS_SECRET_ACCESS_KEY) \ | ||
&& export AWS_SECRET_ACCESS_KEY \ | ||
&& bundle exe rails assets:precompile | ||
|
||
# Expose the app port | ||
EXPOSE 3000 | ||
CMD ["bundle", "exec", "rails", "server", "-p", "3000", "-b", "0.0.0.0"] | ||
|
||
# Start the server | ||
CMD ["bash", "-c", "rm -f /app/tmp/pids/server.pid && bundle exec rails server -b 0.0.0.0"] |
Oops, something went wrong.