-
Notifications
You must be signed in to change notification settings - Fork 112
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #7732 from cfpb/builder-image
Add centos7 deployable-zipfile builder
- Loading branch information
Showing
4 changed files
with
121 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,44 @@ | ||
| name: Create and publish a Docker image that can be used to build a deployable zipfile | ||
|
|
||
| on: | ||
| push: | ||
| branches: ['main'] | ||
| paths: | ||
| - 'docker/builder/**' | ||
|
|
||
| env: | ||
| REGISTRY: ghcr.io | ||
| IMAGE_NAME: ${{ github.repository }}-builder | ||
|
|
||
| jobs: | ||
| build-and-push-image: | ||
| if: github.repository == 'cfpb/consumerfinance.gov' | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| contents: read | ||
| packages: write | ||
|
|
||
| steps: | ||
| - name: Checkout repository | ||
| uses: actions/checkout@v3 | ||
|
|
||
| - name: Log in to the Container registry | ||
| uses: docker/login-action@v3.0.0 | ||
| with: | ||
| registry: ${{ env.REGISTRY }} | ||
| username: ${{ github.actor }} | ||
| password: ${{ secrets.GITHUB_TOKEN }} | ||
|
|
||
| - name: Extract metadata (tags, labels) for Docker | ||
| id: meta | ||
| uses: docker/metadata-action@v5.0.0 | ||
| with: | ||
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | ||
|
|
||
| - name: Build and push Docker image | ||
| uses: docker/build-push-action@v5.0.0 | ||
| with: | ||
| context: ./docker/builder/ | ||
| push: true | ||
| tags: ${{ steps.meta.outputs.tags }} | ||
| labels: ${{ steps.meta.outputs.labels }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,30 @@ | ||
| FROM centos:7 | ||
|
|
||
| # Ensure that the environment uses UTF-8 encoding by default | ||
| ENV LANG en_US.UTF-8 | ||
|
|
||
| # Disables pip cache, which reduces build time, and suppresses warnings when | ||
| # run as non-root. | ||
| ENV PIP_NO_CACHE_DIR true | ||
|
|
||
| ENV BUILD_DIR /src/consumerfinance.gov | ||
|
|
||
| # Must be world writable since alternate uid:gid may be patched in at `docker | ||
| # run` time. | ||
| RUN mkdir -p ${BUILD_DIR} && chmod 777 ${BUILD_DIR} | ||
| WORKDIR ${BUILD_DIR} | ||
|
|
||
| # Install all build requirements including Python 3 and the latest | ||
| # versions of the Python packages pip, setuptools, and wheel. Configure | ||
| # Python 3 to be enabled at login. | ||
| RUN yum -y update && \ | ||
| yum install -y centos-release-scl && \ | ||
| yum install -y rh-python38 gcc git && \ | ||
| echo "source scl_source enable rh-python38" > /etc/profile.d/scl_python.sh && \ | ||
| source /etc/profile && \ | ||
| pip install --no-cache-dir -U pip setuptools wheel && \ | ||
| pip3 install --no-cache-dir -U pip setuptools wheel | ||
|
|
||
| COPY call_create.sh docker-entrypoint.sh ./ | ||
|
|
||
| ENTRYPOINT ["./docker-entrypoint.sh"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,40 @@ | ||
| #!/usr/bin/env bash | ||
|
|
||
| # Fail when any command fails. | ||
| set -e | ||
|
|
||
| # Echo commands. | ||
| set -x | ||
|
|
||
| # Set GIT_COMMITTER_NAME to enable us to `pip -e` from git URLs | ||
| # git < 2.6.5 requires either these variables to be set or the user to exist | ||
| # in passwd file. | ||
| export GIT_COMMITTER_NAME="cf.gov build user" | ||
| export GIT_COMMITTER_EMAIL="tech@cfpb.gov" | ||
|
|
||
| build_artifact_name=cfgov_current_build | ||
| build_artifact="$build_artifact_name.zip" | ||
| cfgov_refresh_volume=/cfgov | ||
| webfonts_path="$cfgov_refresh_volume/static.in/cfgov-fonts" | ||
|
|
||
| # Verify that the source volume has been mapped. | ||
| if [ ! -d "$cfgov_refresh_volume" ]; then | ||
| echo "Source directory $cfgov_refresh_volume does not exist." | ||
| echo "Did you forget to mount the Docker volume?" | ||
| exit 1 | ||
| fi | ||
|
|
||
| # Prepare arguments for the deployable zipfile build. | ||
| build_args=( | ||
| "$cfgov_refresh_volume/cfgov" | ||
| "$cfgov_refresh_volume/requirements/deployment.txt" | ||
| "$build_artifact_name" | ||
| "--extra-static" "$webfonts_path" | ||
| ) | ||
|
|
||
| # Build the deployable zipfile. | ||
| "$cfgov_refresh_volume/cfgov/deployable_zipfile/create.py" "${build_args[@]}" | ||
|
|
||
| # Copy build artifact to source directory. | ||
| cp "$build_artifact" "$cfgov_refresh_volume" | ||
| echo "Generated $build_artifact in $cfgov_refresh_volume." |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| #!/bin/bash --login | ||
| # This entrypoint is used primarily as means of setting up a consistent | ||
| # shell environment no matter which user the process runs as. By using | ||
| # --login, it guarantees /etc/profile is always sourced, unlike the | ||
| # non-login, non-interactive shell you get by default with `docker run`. | ||
|
|
||
| exec "$@" |