-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #72 from Open-EO/feature/improve-sync-timeout
Feature/improve sync timeout
- Loading branch information
Showing
9 changed files
with
178 additions
and
583 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -14,13 +14,15 @@ jobs: | |
| needs: run-reusable-lint-and-test | ||
|
|
||
| if: startsWith(github.ref, 'refs/tags/v') | ||
|
|
||
| runs-on: ubuntu-latest | ||
|
|
||
| env: | ||
| DEPLOYMENT_NAME: "production" | ||
| PROD_ECR_REGISTRY: ${{ secrets.PROD_ECR_REGISTRY }} | ||
| PROD_ECR_REGISTRY_IMAGE: ${{ secrets.PROD_ECR_REGISTRY_IMAGE }} | ||
| ECR_REGISTRY: ${{ secrets.PROD_EC2_ECR_REGISTRY }} | ||
| ECR_REGISTRY_IMAGE: ${{ secrets.PROD_EC2_ECR_REGISTRY_IMAGE }} | ||
| PRIVATE_KEY: ${{ secrets.PROD_SSH_PRIVATE_KEY }} | ||
| HOSTNAME: ${{ secrets.PROD_SSH_HOST }} | ||
| USER_NAME: ${{ secrets.PROD_USER_NAME }} | ||
|
|
||
| steps: | ||
| - uses: actions/checkout@v4 | ||
|
|
@@ -34,7 +36,7 @@ jobs: | |
| run: | | ||
| mkdir -p ~/.aws | ||
| echo -e "[default]\nregion=eu-central-1" > ~/.aws/config | ||
| echo -e "[default]\naws_access_key_id=${{ secrets.PRODZAPPA_AWS_ACCESS_KEY_ID }}\naws_secret_access_key=${{ secrets.PRODZAPPA_AWS_SECRET_ACCESS_KEY }}" > ~/.aws/credentials | ||
| echo -e "[default]\naws_access_key_id=${{ secrets.PRODDATA_AWS_ACCESS_KEY_ID }}\naws_secret_access_key=${{ secrets.PRODDATA_AWS_SECRET_ACCESS_KEY }}" > ~/.aws/credentials | ||
| - name: install pipenv and aws | ||
| run: | | ||
|
|
@@ -50,48 +52,67 @@ jobs: | |
| working-directory: ./rest | ||
| run: pipenv install --dev | ||
|
|
||
| - name: create zappa_settings.json on-the-fly | ||
| working-directory: ./rest | ||
| run: | | ||
| cp zappa_settings.json.template zappa_settings.json | ||
| sed -i "s/@@AWS_ACCESS_KEY_ID@@/${{ secrets.PRODDATA_AWS_ACCESS_KEY_ID }}/g" zappa_settings.json | ||
| sed -i "s#@@AWS_SECRET_ACCESS_KEY@@#${{ secrets.PRODDATA_AWS_SECRET_ACCESS_KEY }}#g" zappa_settings.json | ||
| sed -i "s/@@PRODUCTION_SH_CLIENT_ID@@/${{ secrets.PRODUCTION_SH_CLIENT_ID }}/g" zappa_settings.json | ||
| sed -i "s/@@PRODUCTION_SH_CLIENT_SECRET@@/${{ secrets.PRODUCTION_SH_CLIENT_SECRET }}/g" zappa_settings.json | ||
| sed -i "s/@@BACKEND_VERSION@@/$GITHUB_REF_NAME/g" zappa_settings.json | ||
| sed -i "s/@@RESULTS_S3_BUCKET_NAME_MAIN@@/${{ secrets.RESULTS_S3_BUCKET_NAME_MAIN_PRODUCTION }}/g" zappa_settings.json | ||
| sed -i "s/@@RESULTS_S3_BUCKET_NAME_CREODIAS@@/${{ secrets.RESULTS_S3_BUCKET_NAME_CREODIAS_PRODUCTION }}/g" zappa_settings.json | ||
| sed -i "s/@@RESULTS_S3_BUCKET_NAME_USWEST@@/${{ secrets.RESULTS_S3_BUCKET_NAME_USWEST_PRODUCTION }}/g" zappa_settings.json | ||
| sed -i "s/@@RESULTS_S3_BUCKET_ACCESS_KEY_ID_MAIN@@/${{ secrets.RESULTS_S3_BUCKET_ACCESS_KEY_ID_MAIN_PRODUCTION }}/g" zappa_settings.json | ||
| sed -i "s/@@RESULTS_S3_BUCKET_ACCESS_KEY_ID_CREODIAS@@/${{ secrets.RESULTS_S3_BUCKET_ACCESS_KEY_ID_CREODIAS_PRODUCTION }}/g" zappa_settings.json | ||
| sed -i "s/@@RESULTS_S3_BUCKET_ACCESS_KEY_ID_USWEST@@/${{ secrets.RESULTS_S3_BUCKET_ACCESS_KEY_ID_USWEST_PRODUCTION }}/g" zappa_settings.json | ||
| sed -i "s#@@RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_MAIN@@#${{ secrets.RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_MAIN_PRODUCTION }}#g" zappa_settings.json | ||
| sed -i "s/@@RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_CREODIAS@@/${{ secrets.RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_CREODIAS_PRODUCTION }}/g" zappa_settings.json | ||
| sed -i "s#@@RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_USWEST@@#${{ secrets.RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_USWEST_PRODUCTION }}#g" zappa_settings.json | ||
| sed -i "s#@@USAGE_REPORTING_BASE_URL_PRODUCTION@@#${{ secrets.USAGE_REPORTING_BASE_URL_PRODUCTION }}#g" zappa_settings.json | ||
| sed -i "s#@@USAGE_REPORTING_AUTH_URL_PRODUCTION@@#${{ secrets.USAGE_REPORTING_AUTH_URL_PRODUCTION }}#g" zappa_settings.json | ||
| sed -i "s#@@USAGE_REPORTING_AUTH_CLIENT_ID_PRODUCTION@@#${{ secrets.USAGE_REPORTING_AUTH_CLIENT_ID_PRODUCTION }}#g" zappa_settings.json | ||
| sed -i "s#@@USAGE_REPORTING_AUTH_CLIENT_SECRET_PRODUCTION@@#${{ secrets.USAGE_REPORTING_AUTH_CLIENT_SECRET_PRODUCTION }}#g" zappa_settings.json | ||
| sed -i "s#@@LOGGING_LEVEL@@#${{ secrets.LOGGING_LEVEL_PRODUCTION }}#g" zappa_settings.json | ||
| - name: generate zappa_settings.py for docker image from zappa_settings.json | ||
| working-directory: ./rest | ||
| run: pipenv run zappa save-python-settings-file "$DEPLOYMENT_NAME" | ||
| - name: create env file | ||
| working-directory: ./rest/ | ||
| run: | | ||
| echo "AWS_ACCESS_KEY_ID=${{ secrets.PRODDATA_AWS_ACCESS_KEY_ID }} | ||
| AWS_SECRET_ACCESS_KEY=${{ secrets.PRODDATA_AWS_SECRET_ACCESS_KEY }} | ||
| SH_CLIENT_ID=${{ secrets.PRODUCTION_SH_CLIENT_ID }} | ||
| SH_CLIENT_SECRET=${{ secrets.PRODUCTION_SH_CLIENT_SECRET }} | ||
| BACKEND_VERSION=$GITHUB_REF_NAME | ||
| RESULTS_S3_BUCKET_NAME_MAIN=${{ secrets.RESULTS_S3_BUCKET_NAME_MAIN_PRODUCTION }} | ||
| RESULTS_S3_BUCKET_NAME_CREODIAS=${{ secrets.RESULTS_S3_BUCKET_NAME_CREODIAS_PRODUCTION }} | ||
| RESULTS_S3_BUCKET_NAME_USWEST=${{ secrets.RESULTS_S3_BUCKET_NAME_USWEST_PRODUCTION }} | ||
| RESULTS_S3_BUCKET_ACCESS_KEY_ID_MAIN=${{ secrets.RESULTS_S3_BUCKET_ACCESS_KEY_ID_MAIN_PRODUCTION }} | ||
| RESULTS_S3_BUCKET_ACCESS_KEY_ID_CREODIAS=${{ secrets.RESULTS_S3_BUCKET_ACCESS_KEY_ID_CREODIAS_PRODUCTION }} | ||
| RESULTS_S3_BUCKET_ACCESS_KEY_ID_USWEST=${{ secrets.RESULTS_S3_BUCKET_ACCESS_KEY_ID_USWEST_PRODUCTION }} | ||
| RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_MAIN=${{ secrets.RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_MAIN_PRODUCTION }} | ||
| RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_CREODIAS=${{ secrets.RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_CREODIAS_PRODUCTION }} | ||
| RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_USWEST=${{ secrets.RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_USWEST_PRODUCTION }} | ||
| USAGE_REPORTING_BASE_URL=${{ secrets.USAGE_REPORTING_BASE_URL_PRODUCTION }} | ||
| USAGE_REPORTING_AUTH_URL=${{ secrets.USAGE_REPORTING_AUTH_URL_PRODUCTION }} | ||
| USAGE_REPORTING_AUTH_CLIENT_ID=${{ secrets.USAGE_REPORTING_AUTH_CLIENT_ID_PRODUCTION }} | ||
| USAGE_REPORTING_AUTH_CLIENT_SECRET=${{ secrets.USAGE_REPORTING_AUTH_CLIENT_SECRET_PRODUCTION }} | ||
| LOGGING_LEVEL=${{ secrets.LOGGING_LEVEL_PRODUCTION }} | ||
| DEPLOYMENT_TYPE=production | ||
| " > .env | ||
| - name: build docker image with correct tags | ||
| working-directory: ./rest | ||
| run: docker build -t "$PROD_ECR_REGISTRY/$PROD_ECR_REGISTRY_IMAGE:$GITHUB_REF_NAME" -t "$PROD_ECR_REGISTRY/$PROD_ECR_REGISTRY_IMAGE:latest" --build-arg VERSION=$GITHUB_REF_NAME --build-arg VCS_REF=$GITHUB_SHA --build-arg BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ') . | ||
| run: docker build -t "$ECR_REGISTRY/$ECR_REGISTRY_IMAGE:$GITHUB_REF_NAME" -t "$ECR_REGISTRY/$ECR_REGISTRY_IMAGE:latest" --build-arg VERSION=$GITHUB_REF_NAME --build-arg VCS_REF=$GITHUB_SHA --build-arg BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ') . | ||
|
|
||
| - name: login for AWS ECR docker | ||
| working-directory: ./rest | ||
| run: aws ecr get-login-password --region eu-central-1 | docker login --username AWS --password-stdin "$PROD_ECR_REGISTRY" | ||
| run: aws ecr get-login-password --region eu-central-1 | docker login --username AWS --password-stdin "$ECR_REGISTRY" | ||
|
|
||
| - name: push docker images (versioned with CI tag and "latest") to AWS ECR with docker | ||
| working-directory: ./rest | ||
| run: | | ||
| docker push "$PROD_ECR_REGISTRY/$PROD_ECR_REGISTRY_IMAGE:$GITHUB_REF_NAME" | ||
| docker push "$PROD_ECR_REGISTRY/$PROD_ECR_REGISTRY_IMAGE:latest" | ||
| - name: deploy lambda with new docker image | ||
| docker push "$ECR_REGISTRY/$ECR_REGISTRY_IMAGE:$GITHUB_REF_NAME" | ||
| docker push "$ECR_REGISTRY/$ECR_REGISTRY_IMAGE:latest" | ||
| - name: copy env file | ||
| working-directory: ./rest | ||
| run: pipenv run zappa deploy "$DEPLOYMENT_NAME" -d "$PROD_ECR_REGISTRY/$PROD_ECR_REGISTRY_IMAGE:latest" || pipenv run zappa update "$DEPLOYMENT_NAME" -d "$PROD_ECR_REGISTRY/$PROD_ECR_REGISTRY_IMAGE:latest" | ||
| run: | | ||
| echo "${PRIVATE_KEY}" > private_key && chmod 600 private_key | ||
| scp -o StrictHostKeyChecking=no -i private_key ./.env ${USER_NAME}@${HOSTNAME}:openEO/.env | ||
| - name: pull docker image and run | ||
| uses: appleboy/[email protected] | ||
| with: | ||
| key: ${{ secrets.PROD_SSH_PRIVATE_KEY }} | ||
| host: ${{ secrets.PROD_SSH_HOST }} | ||
| username: ${{ secrets.PROD_USER_NAME }} | ||
| envs: ECR_REGISTRY, ECR_REGISTRY_IMAGE | ||
| script: | | ||
| aws ecr get-login-password --region eu-central-1 | docker login --username AWS --password-stdin "$ECR_REGISTRY/$ECR_REGISTRY_IMAGE" | ||
| docker pull "$ECR_REGISTRY/$ECR_REGISTRY_IMAGE:latest" | ||
| # stop and remove all containers | ||
| docker ps -aq | xargs docker stop | xargs docker rm | ||
| cd openEO | ||
| docker run -p 8000:8000 -d --env-file .env "$ECR_REGISTRY/$ECR_REGISTRY_IMAGE:latest" | ||
| # remove all dangling images | ||
| docker image prune --force | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -20,8 +20,11 @@ jobs: | |
|
|
||
| env: | ||
| DEPLOYMENT_NAME: "testing" | ||
| TESTING_ECR_REGISTRY: ${{ secrets.TESTING_ECR_REGISTRY }} | ||
| TESTING_ECR_REGISTRY_IMAGE: ${{ secrets.TESTING_ECR_REGISTRY_IMAGE }} | ||
| TESTING_ECR_REGISTRY: ${{ secrets.TESTING_EC2_ECR_REGISTRY }} | ||
| TESTING_ECR_REGISTRY_IMAGE: ${{ secrets.TESTING_EC2_ECR_REGISTRY_IMAGE }} | ||
| PRIVATE_KEY: ${{ secrets.TESTING_SSH_PRIVATE_KEY }} | ||
| HOSTNAME: ${{ secrets.TESTING_SSH_HOST }} | ||
| USER_NAME: ${{ secrets.TESTING_USER_NAME }} | ||
|
|
||
| steps: | ||
| - uses: actions/checkout@v4 | ||
|
|
@@ -35,7 +38,7 @@ jobs: | |
| run: | | ||
| mkdir -p ~/.aws | ||
| echo -e "[default]\nregion=eu-central-1" > ~/.aws/config | ||
| echo -e "[default]\naws_access_key_id=${{ secrets.TESTINGZAPPA_AWS_ACCESS_KEY_ID }}\naws_secret_access_key=${{ secrets.TESTINGZAPPA_AWS_SECRET_ACCESS_KEY }}" > ~/.aws/credentials | ||
| echo -e "[default]\naws_access_key_id=${{ secrets.TESTINGDATA_AWS_ACCESS_KEY_ID }}\naws_secret_access_key=${{ secrets.TESTINGDATA_AWS_SECRET_ACCESS_KEY }}" > ~/.aws/credentials | ||
| - name: install pipenv and aws | ||
| run: | | ||
|
|
@@ -51,33 +54,30 @@ jobs: | |
| working-directory: ./rest | ||
| run: pipenv install --dev | ||
|
|
||
| - name: create zappa_settings.json on-the-fly | ||
| working-directory: ./rest | ||
| run: | | ||
| cp zappa_settings.json.template zappa_settings.json | ||
| sed -i "s/@@AWS_ACCESS_KEY_ID@@/${{ secrets.TESTINGDATA_AWS_ACCESS_KEY_ID }}/g" zappa_settings.json | ||
| sed -i "s#@@AWS_SECRET_ACCESS_KEY@@#${{ secrets.TESTINGDATA_AWS_SECRET_ACCESS_KEY }}#g" zappa_settings.json | ||
| sed -i "s/@@TESTING_SH_CLIENT_ID@@/${{ secrets.TESTING_SH_CLIENT_ID }}/g" zappa_settings.json | ||
| sed -i "s/@@TESTING_SH_CLIENT_SECRET@@/${{ secrets.TESTING_SH_CLIENT_SECRET }}/g" zappa_settings.json | ||
| sed -i "s/@@BACKEND_VERSION@@/$GITHUB_REF_NAME/g" zappa_settings.json | ||
| sed -i "s/@@RESULTS_S3_BUCKET_NAME_MAIN@@/${{ secrets.RESULTS_S3_BUCKET_NAME_MAIN }}/g" zappa_settings.json | ||
| sed -i "s/@@RESULTS_S3_BUCKET_NAME_CREODIAS@@/${{ secrets.RESULTS_S3_BUCKET_NAME_CREODIAS }}/g" zappa_settings.json | ||
| sed -i "s/@@RESULTS_S3_BUCKET_NAME_USWEST@@/${{ secrets.RESULTS_S3_BUCKET_NAME_USWEST }}/g" zappa_settings.json | ||
| sed -i "s/@@RESULTS_S3_BUCKET_ACCESS_KEY_ID_MAIN@@/${{ secrets.RESULTS_S3_BUCKET_ACCESS_KEY_ID_MAIN }}/g" zappa_settings.json | ||
| sed -i "s/@@RESULTS_S3_BUCKET_ACCESS_KEY_ID_CREODIAS@@/${{ secrets.RESULTS_S3_BUCKET_ACCESS_KEY_ID_CREODIAS }}/g" zappa_settings.json | ||
| sed -i "s/@@RESULTS_S3_BUCKET_ACCESS_KEY_ID_USWEST@@/${{ secrets.RESULTS_S3_BUCKET_ACCESS_KEY_ID_USWEST }}/g" zappa_settings.json | ||
| sed -i "s#@@RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_MAIN@@#${{ secrets.RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_MAIN }}#g" zappa_settings.json | ||
| sed -i "s/@@RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_CREODIAS@@/${{ secrets.RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_CREODIAS }}/g" zappa_settings.json | ||
| sed -i "s#@@RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_USWEST@@#${{ secrets.RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_USWEST }}#g" zappa_settings.json | ||
| sed -i "s#@@USAGE_REPORTING_BASE_URL_TESTING@@#${{ secrets.USAGE_REPORTING_BASE_URL_TESTING }}#g" zappa_settings.json | ||
| sed -i "s#@@USAGE_REPORTING_AUTH_URL_TESTING@@#${{ secrets.USAGE_REPORTING_AUTH_URL_TESTING }}#g" zappa_settings.json | ||
| sed -i "s#@@USAGE_REPORTING_AUTH_CLIENT_ID_TESTING@@#${{ secrets.USAGE_REPORTING_AUTH_CLIENT_ID_TESTING }}#g" zappa_settings.json | ||
| sed -i "s#@@USAGE_REPORTING_AUTH_CLIENT_SECRET_TESTING@@#${{ secrets.USAGE_REPORTING_AUTH_CLIENT_SECRET_TESTING }}#g" zappa_settings.json | ||
| sed -i "s#@@LOGGING_LEVEL@@#${{ secrets.LOGGING_LEVEL_TESTING }}#g" zappa_settings.json | ||
| - name: generate zappa_settings.py for docker image from zappa_settings.json | ||
| working-directory: ./rest | ||
| run: pipenv run zappa save-python-settings-file "$DEPLOYMENT_NAME" | ||
| - name: create env file | ||
| working-directory: ./rest/ | ||
| run: | | ||
| echo "AWS_ACCESS_KEY_ID=${{ secrets.TESTINGDATA_AWS_ACCESS_KEY_ID }} | ||
| AWS_SECRET_ACCESS_KEY=${{ secrets.TESTINGDATA_AWS_SECRET_ACCESS_KEY }} | ||
| SH_CLIENT_ID=${{ secrets.TESTING_SH_CLIENT_ID }} | ||
| SH_CLIENT_SECRET=${{ secrets.TESTING_SH_CLIENT_SECRET }} | ||
| BACKEND_VERSION=$GITHUB_REF_NAME | ||
| RESULTS_S3_BUCKET_NAME_MAIN=${{ secrets.RESULTS_S3_BUCKET_NAME_MAIN }} | ||
| RESULTS_S3_BUCKET_NAME_CREODIAS=${{ secrets.RESULTS_S3_BUCKET_NAME_CREODIAS }} | ||
| RESULTS_S3_BUCKET_NAME_USWEST=${{ secrets.RESULTS_S3_BUCKET_NAME_USWEST }} | ||
| RESULTS_S3_BUCKET_ACCESS_KEY_ID_MAIN=${{ secrets.RESULTS_S3_BUCKET_ACCESS_KEY_ID_MAIN }} | ||
| RESULTS_S3_BUCKET_ACCESS_KEY_ID_CREODIAS=${{ secrets.RESULTS_S3_BUCKET_ACCESS_KEY_ID_CREODIAS }} | ||
| RESULTS_S3_BUCKET_ACCESS_KEY_ID_USWEST=${{ secrets.RESULTS_S3_BUCKET_ACCESS_KEY_ID_USWEST }} | ||
| RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_MAIN=${{ secrets.RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_MAIN }} | ||
| RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_CREODIAS=${{ secrets.RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_CREODIAS }} | ||
| RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_USWEST=${{ secrets.RESULTS_S3_BUCKET_SECRET_ACCESS_KEY_USWEST }} | ||
| USAGE_REPORTING_BASE_URL=${{ secrets.USAGE_REPORTING_BASE_URL_TESTING }} | ||
| USAGE_REPORTING_AUTH_URL=${{ secrets.USAGE_REPORTING_AUTH_URL_TESTING }} | ||
| USAGE_REPORTING_AUTH_CLIENT_ID=${{ secrets.USAGE_REPORTING_AUTH_CLIENT_ID_TESTING }} | ||
| USAGE_REPORTING_AUTH_CLIENT_SECRET=${{ secrets.USAGE_REPORTING_AUTH_CLIENT_SECRET_TESTING }} | ||
| LOGGING_LEVEL=${{ secrets.LOGGING_LEVEL_TESTING }} | ||
| DEPLOYMENT_TYPE=testing | ||
| " > .env | ||
| - name: build docker image with correct tags | ||
| working-directory: ./rest | ||
|
|
@@ -92,7 +92,29 @@ jobs: | |
| run: | | ||
| docker push "$TESTING_ECR_REGISTRY/$TESTING_ECR_REGISTRY_IMAGE:$GITHUB_REF_NAME" | ||
| docker push "$TESTING_ECR_REGISTRY/$TESTING_ECR_REGISTRY_IMAGE:latest" | ||
| - name: deploy lambda with new docker image | ||
| - name: copy env file | ||
| working-directory: ./rest | ||
| run: pipenv run zappa deploy "$DEPLOYMENT_NAME" -d "$TESTING_ECR_REGISTRY/$TESTING_ECR_REGISTRY_IMAGE:latest" || pipenv run zappa update "$DEPLOYMENT_NAME" -d "$TESTING_ECR_REGISTRY/$TESTING_ECR_REGISTRY_IMAGE:latest" | ||
| run: | | ||
| echo "${PRIVATE_KEY}" > private_key && chmod 600 private_key | ||
| scp -o StrictHostKeyChecking=no -i private_key ./.env ${USER_NAME}@${HOSTNAME}:openEO/.env | ||
| - name: pull docker image and run | ||
| uses: appleboy/[email protected] | ||
| with: | ||
| key: ${{ secrets.TESTING_SSH_PRIVATE_KEY }} | ||
| host: ${{ secrets.TESTING_SSH_HOST }} | ||
| username: ${{ secrets.TESTING_USER_NAME }} | ||
| envs: TESTING_ECR_REGISTRY, TESTING_ECR_REGISTRY_IMAGE | ||
| script: | | ||
| aws ecr get-login-password --region eu-central-1 | docker login --username AWS --password-stdin "$TESTING_ECR_REGISTRY/$TESTING_ECR_REGISTRY_IMAGE" | ||
| docker pull "$TESTING_ECR_REGISTRY/$TESTING_ECR_REGISTRY_IMAGE:latest" | ||
| # stop and remove all containers | ||
| docker ps -aq | xargs docker stop | xargs docker rm | ||
| cd openEO | ||
| docker run -p 8000:8000 -d --env-file .env "$TESTING_ECR_REGISTRY/$TESTING_ECR_REGISTRY_IMAGE:latest" | ||
| # remove all dangling images | ||
| docker image prune --force | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,38 +1,13 @@ | ||
| # resources | ||
| # https://www.cloudtechsimplified.com/run-docker-containers-images-from-ecr-in-aws-lambda-along-with-cicd-python/ | ||
| # https://docs.aws.amazon.com/lambda/latest/dg/python-image.html#python-image-instructions | ||
| # https://gallery.ecr.aws/lambda/python/ | ||
| # https://zebradil.me/post/2018-05-25-pipenv-for-aws-lambda/ | ||
| # https://stackoverflow.com/questions/48381918/how-do-i-install-git-using-aws-lambda | ||
| # https://stackoverflow.com/a/68787552 | ||
| # https://github.com/zappa/Zappa#docker-workflows | ||
| # https://ianwhitestone.work/zappa-serverless-docker/ | ||
| FROM public.ecr.aws/docker/library/python:3.9 | ||
|
|
||
| # use base aws lambda docker image for python (all the sources listed bellow) | ||
| FROM public.ecr.aws/lambda/python:3.9 | ||
|
|
||
| # install pipenv and git that are needed to install dependencies | ||
| RUN yum -y install git | ||
| RUN apt-get install git -y | ||
| RUN pip install pipenv | ||
|
|
||
| # copy the /rest folder | ||
| COPY ./ ${LAMBDA_TASK_ROOT} | ||
| COPY ./ /rest | ||
| WORKDIR /rest | ||
|
|
||
| # create requirements.txt file and | ||
| # install dependencies with pip | ||
| RUN pipenv requirements > requirements.txt | ||
| RUN pip install -r requirements.txt | ||
| RUN pip install gunicorn | ||
|
|
||
| # Set the CMD to your handler (could also be done as a parameter override outside of the Dockerfile) | ||
| # app.app is the same as in zappa_settings.json.template | ||
| # CMD [ "app.app" ] | ||
|
|
||
| # https://ianwhitestone.work/zappa-serverless-docker/ | ||
| # Grab the zappa handler.py and put it in the working directory | ||
| RUN ZAPPA_HANDLER_PATH=$( \ | ||
| python -c "from zappa import handler; print (handler.__file__)" \ | ||
| ) \ | ||
| && echo $ZAPPA_HANDLER_PATH \ | ||
| && cp $ZAPPA_HANDLER_PATH ${LAMBDA_TASK_ROOT} | ||
|
|
||
| CMD [ "handler.lambda_handler" ] | ||
| CMD ["gunicorn","--bind","0.0.0.0:8000", "--timeout", "300", "--threads", "20" , "--forwarded-allow-ips", "*", "wsgi:app"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.