diff --git a/.github/workflows/build_and_deploy.yml b/.github/workflows/build_and_deploy.yml index b8a8cd77..e50be83e 100644 --- a/.github/workflows/build_and_deploy.yml +++ b/.github/workflows/build_and_deploy.yml @@ -39,23 +39,21 @@ jobs: id: login-ecr uses: aws-actions/amazon-ecr-login@2fc7aceee09e9e4a7105c0d060c656fad0b4f63d # v1.7.0 - - name: Set up QEMU - uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@4c0219f9ac95b02789c1075625400b2acbff50b1 # v2.9.1 - - name: Build container working-directory: ./app run: | - docker buildx build \ + docker build \ --build-arg git_sha=$GITHUB_SHA \ --build-arg LICENSE_KEY=${{ secrets.MAXMIND_LICENSE }} \ - --platform=linux/arm64 \ - --push \ -t $REGISTRY/sre-bot:$GITHUB_SHA-`date '+%Y-%m-%d'` \ -t $REGISTRY/sre-bot:latest . + - name: Push containers to Amazon ECR + working-directory: ./app + run: | + docker push $REGISTRY/sre-bot:$GITHUB_SHA-`date '+%Y-%m-%d'` + docker push $REGISTRY/sre-bot:latest + - name: Restart ECS run: | aws ecs update-service --cluster sre-bot-cluster --service sre-bot-service --force-new-deployment > /dev/null 2>&1 @@ -69,10 +67,9 @@ jobs: log_analytics_workspace_key: ${{ secrets.LOG_ANALYTICS_WORKSPACE_KEY }} - name: Docker generate SBOM - uses: cds-snc/security-tools/.github/actions/generate-sbom@cfec0943e40dbb78cee115bbbe89dc17f07b7a0f # v2.1.3 + uses: cds-snc/security-tools/.github/actions/generate-sbom@cfec0943e40dbb78cee115bbbe89dc17f07b7a0f # v2.1.3 with: docker_image: "${{ env.REGISTRY }}/sre-bot:latest" dockerfile_path: "app/Dockerfile" - platform: "linux/arm64" sbom_name: "sre-bot" - token: "${{ secrets.GITHUB_TOKEN }}" \ No newline at end of file + token: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/ci_container.yml b/.github/workflows/ci_container.yml index 13d3957c..3677ccda 100644 --- a/.github/workflows/ci_container.yml +++ b/.github/workflows/ci_container.yml @@ -18,22 +18,15 @@ jobs: DNS_PROXY_FORWARDTOSENTINEL: "true" DNS_PROXY_LOGANALYTICSWORKSPACEID: ${{ secrets.LOG_ANALYTICS_WORKSPACE_ID }} DNS_PROXY_LOGANALYTICSSHAREDKEY: ${{ secrets.LOG_ANALYTICS_WORKSPACE_KEY }} - + - name: Checkout uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - - name: Set up QEMU - uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@4c0219f9ac95b02789c1075625400b2acbff50b1 # v2.9.1 - - name: Build container working-directory: ./app run: | - docker buildx build \ + docker build \ --build-arg git_sha=$GITHUB_SHA \ --build-arg LICENSE_KEY=${{ secrets.MAXMIND_LICENSE }} \ - --platform=linux/arm64 \ -t $REGISTRY/sre-bot:$GITHUB_SHA-`date '+%Y-%m-%d'` \ -t $REGISTRY/sre-bot:latest . diff --git a/app/Dockerfile b/app/Dockerfile index 0ed9a6bf..30427845 100644 --- a/app/Dockerfile +++ b/app/Dockerfile @@ -1,4 +1,4 @@ -FROM arm64v8/python:3.11.5-slim@sha256:f65b9b18c5752633d4975b14ef5bb6860b750e6b00dc9fd102542d9f84bf3d9c +FROM python:3.11.5-slim RUN apt-get update \ && apt-get install -y wget \ diff --git a/terraform/ecs.tf b/terraform/ecs.tf index 39eb45bf..a3439b99 100644 --- a/terraform/ecs.tf +++ b/terraform/ecs.tf @@ -30,11 +30,6 @@ resource "aws_ecs_task_definition" "sre-bot" { memory = var.fargate_memory container_definitions = data.template_file.sre-bot.rendered task_role_arn = aws_iam_role.sre-bot.arn - - runtime_platform { - operating_system_family = "LINUX" - cpu_architecture = "ARM64" - } } resource "aws_ecs_service" "main" {