Skip to content

Commit

Permalink
Merge branch 'development'
Browse files Browse the repository at this point in the history
  • Loading branch information
mollybsmith-noaa committed Aug 8, 2023
2 parents 0cb0a63 + 6d3a357 commit dd7c218
Show file tree
Hide file tree
Showing 135 changed files with 5,796 additions and 18,561 deletions.
14 changes: 14 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
# To get started with Dependabot version updates, you'll need to specify which
# package ecosystems to update and where the package manifests are located.
# Please see the documentation for all configuration options:
# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates

version: 2
updates:
- package-ecosystem: "github-actions" # See documentation for possible values
directory: "/" # Location of package manifests
schedule:
interval: "weekly"
pull-request-branch-name:
separator: "-" # Use "-" instead of "/" in branch names to avoid issues with docker registries
target-branch: "development" # raise PRs for version updates to GHA against the `development` branch
2 changes: 1 addition & 1 deletion .github/pull_request_template.md
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,6 @@ See the [METplus Workflow](https://metplus.readthedocs.io/en/latest/Contributors
Select: **Reviewer(s)**
Select: **Organization** level software support **Project** or **Repository** level development cycle **Project**
Select: **Milestone** as the version that will include these changes
- [ ] After submitting the PR, select **Development** issue with the original issue number.
- [ ] After submitting the PR, select the :gear: icon in the **Development** section of the right hand sidebar. Search for the issue that this PR will close and select it, if it is not already selected.
- [ ] After the PR is approved, merge your changes. If permissions do not allow this, request that the reviewer do the merge.
- [ ] Close the linked issue and delete your feature or bugfix branch from GitHub.
28 changes: 14 additions & 14 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -42,9 +42,9 @@ jobs:

build:
runs-on: ubuntu-latest
timeout-minutes: 30
timeout-minutes: 120
strategy:
fail-fast: true
# fail-fast: true # FIXME: Reactivate fail-fast once our image size is under control
matrix:
app:
- met-airquality
Expand Down Expand Up @@ -105,19 +105,19 @@ jobs:
--build-arg COMMITSHA=${{ github.sha }} \
-t ${{ env.DEV_REGISTRY }}/${{ env.APP_LOWERCASE }}:${{ env.BRANCH }} \
.
# FIXME: Reactivate image scanning once we've determined why the image size has blown up
# - name: Scan image with Trivy
# uses: aquasecurity/trivy-action@master
# with:
# image-ref: '${{ env.DEV_REGISTRY }}/${{ env.APP_LOWERCASE }}:${{ env.BRANCH }}'
# format: 'sarif'
# output: 'trivy-results-${{ env.APP_LOWERCASE }}.sarif'
# ignore-unfixed: true

- name: Scan image with Trivy
uses: aquasecurity/trivy-action@master
with:
image-ref: '${{ env.DEV_REGISTRY }}/${{ env.APP_LOWERCASE }}:${{ env.BRANCH }}'
format: 'sarif'
output: 'trivy-results-${{ env.APP_LOWERCASE }}.sarif'
ignore-unfixed: true

- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: 'trivy-results-${{ env.APP_LOWERCASE }}.sarif'
# - name: Upload Trivy scan results to GitHub Security tab
# uses: github/codeql-action/upload-sarif@v2
# with:
# sarif_file: 'trivy-results-${{ env.APP_LOWERCASE }}.sarif'

- name: Login to GitHub Container Registry
uses: docker/login-action@v1
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/trivy-repo-analysis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ on:
jobs:
analyze:
name: Analyze
runs-on: ubuntu-18.04
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
Expand Down
71 changes: 27 additions & 44 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# This tag here should match the app's Meteor version, per .meteor/release
FROM geoffreybooth/meteor-base:2.11.0 AS meteor-builder
FROM geoffreybooth/meteor-base:2.12 AS meteor-builder

ARG APPNAME

Expand All @@ -19,56 +19,30 @@ COPY MATScommon /MATScommon
RUN bash ${SCRIPTS_FOLDER}/build-meteor-bundle.sh


# Install OS build dependencies
FROM node:14-alpine AS native-builder

ENV APP_FOLDER=/usr/app
ENV APP_BUNDLE_FOLDER=${APP_FOLDER}/bundle
ENV SCRIPTS_FOLDER /docker

# Install OS build dependencies, which stay with this intermediate image but don’t become part of the final published image
RUN apk --no-cache add \
bash \
g++ \
make \
python3

# Copy in build scripts & entrypoint
COPY --from=meteor-builder $SCRIPTS_FOLDER $SCRIPTS_FOLDER/

# Copy in app bundle
COPY --from=meteor-builder /opt/bundle $APP_BUNDLE_FOLDER/

# Build the native dependencies
# NOTE - the randyp_mats-common atmosphere package pulls in a native npm couchbase dependency
# so we need to force an npm rebuild in the node_modules directory there as well
RUN bash $SCRIPTS_FOLDER/build-meteor-npm-dependencies.sh


# Use the specific version of Node expected by your Meteor release, per https://docs.meteor.com/changelog.html
FROM node:14-alpine AS production
FROM node:14-bullseye-slim AS production

# Set Build ARGS
ARG APPNAME
ARG BUILDVER=dev
ARG COMMITBRANCH=development
ARG COMMITSHA
ARG METCALCPYVER=develop

ENV DEBIAN_FRONTEND=noninteractive

# Install runtime dependencies
RUN apk --no-cache add \
RUN apt-get update && apt-get install -y --no-install-recommends \
bash \
git \
ca-certificates \
mariadb \
python3 \
py3-numpy \
py3-scipy \
py3-pandas \
py3-pip \
&& pip3 --no-cache-dir install \
pymysql \
metcalcpy@git+https://github.com/dtcenter/METcalcpy.git@${METCALCPYVER}
python3-pip \
&& apt-get clean && rm -rf /var/lib/apt/lists/* \
&& python3 -m pip install --no-cache-dir \
metcalcpy \
numpy \
scipy \
pandas \
pymysql

# Set Environment
ENV APP_FOLDER=/usr/app
Expand All @@ -83,11 +57,11 @@ ENV VERSION=${BUILDVER}
ENV BRANCH=${COMMITBRANCH}
ENV COMMIT=${COMMITSHA}

# Copy in helper scripts with the built and installed dependencies from the previous image
COPY --from=native-builder ${SCRIPTS_FOLDER} ${SCRIPTS_FOLDER}/
# Copy in helper scripts from the previous image
COPY --from=meteor-builder ${SCRIPTS_FOLDER} ${SCRIPTS_FOLDER}/

# Copy in app bundle with the built and installed dependencies from the previous image
COPY --from=native-builder ${APP_BUNDLE_FOLDER} ${APP_BUNDLE_FOLDER}/
# Copy in app bundle from the previous image
COPY --from=meteor-builder /opt/bundle ${APP_BUNDLE_FOLDER}/

# We want to use our own launcher script
COPY container-scripts/run_app.sh ${APP_FOLDER}/
Expand All @@ -100,6 +74,15 @@ RUN mkdir -p ${SETTINGS_DIR} \
&& chown node:node ${APP_BUNDLE_FOLDER}/bundle/programs/server/fileCache \
&& chmod 644 ${APP_BUNDLE_FOLDER}/bundle/programs/server/fileCache

# Install the Meteor app's NPM dependencies
# g++ & build-essential would be needed for ARM/Apple Silicon builds in order to recompile fibers
RUN bash $SCRIPTS_FOLDER/build-meteor-npm-dependencies.sh

# Update the OS packages in the container
RUN apt-get update \
&& apt-get -y upgrade \
&& apt-get clean && rm -rf /var/lib/apt/lists/*

EXPOSE ${PORT}
USER node

Expand All @@ -115,7 +98,7 @@ LABEL version=${BUILDVER} code.branch=${COMMITBRANCH} code.commit=${COMMITSHA}


# Create a stage with the root user for debugging
# Note - you'll need to override the entrypoint if you want a shell (docker run --entrypoint /bin/bash ...)
# Note - you'll need to override the entrypoint if you want a shell (docker run -it --entrypoint /bin/bash ...)
FROM production AS debug
USER root

Expand Down
2 changes: 1 addition & 1 deletion MATScommon
Submodule MATScommon updated 313 files
4 changes: 3 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,9 @@

A METexpress app is a [Meteor](https://www.meteor.com/) app that is based on NOAA Global Systems Lab's "[MATS](https://www.github.com/NOAA-GSL/MATS)" Model Analysis Tool Suite application framework. The METexpress apps are specifically designed to be used to visualize [MET](https://dtcenter.org/community-code/model-evaluation-tools-met) data that has been loaded into a [METdatadb](https://dtcenter.org/metplus-practical-session-guide-feb-2019/session-5-trkintfeature-relative/metviewer) database.

The official NWS METexpress instance can be found at [metexpress.nws.noaa.gov](https://metexpress.nws.noaa.gov/)
The official NWS METexpress instance can be found at [metexpress.nws.noaa.gov](https://metexpress.nws.noaa.gov/).

For information about the support provided for releases, see our [Release Support Policy](https://metplus.readthedocs.io/en/develop/Release_Guide/index.html#release-support-policy).

## Installing & Running METexpress

Expand Down
14 changes: 7 additions & 7 deletions apps/met-airquality/.meteor/packages
Original file line number Diff line number Diff line change
Expand Up @@ -6,26 +6,26 @@

meteor-base@1.5.1 # Packages every Meteor app needs to have
mobile-experience@1.1.0 # Packages for a great mobile UX
mongo@1.16.5 # The database Meteor supports right now
mongo@1.16.6 # The database Meteor supports right now
blaze-html-templates # Compile .html files into Meteor Blaze views
reactive-var@1.0.12 # Reactive variable for tracker
jquery@1.11.10 # Helpful client-side library
tracker@1.3.1 # Meteor's client-side reactive programming library
tracker@1.3.2 # Meteor's client-side reactive programming library
standard-minifier-js@2.8.1 # JS minifier run for production mode
es5-shim@4.8.0 # ECMAScript 5 compatibility for older browsers.
ecmascript@0.16.6 # Enable ECMAScript2015+ syntax in app code
ecmascript@0.16.7 # Enable ECMAScript2015+ syntax in app code
shell-server@0.5.0 # Server-side component of the `meteor shell` command
pcel:mysql
seba:minifiers-autoprefixer
session@1.2.1
momentjs:moment
randyp:mats-common@5.1.0
randyp:mats-common@5.1.1
accounts-google@1.4.0
accounts-base@2.2.7
accounts-base@2.2.8
accounts-ui@1.4.2
google-config-ui@1.0.3
dynamic-import@0.7.2
underscore@1.0.12
dynamic-import@0.7.3
underscore@1.0.13
kadira:blaze-layout
ostrio:flow-router-extra
meteorhacks:picker
2 changes: 1 addition & 1 deletion apps/met-airquality/.meteor/release
Original file line number Diff line number Diff line change
@@ -1 +1 @@
METEOR@2.11.0
METEOR@2.12
50 changes: 25 additions & 25 deletions apps/met-airquality/.meteor/versions
Original file line number Diff line number Diff line change
@@ -1,37 +1,37 @@
accounts-base@2.2.7
accounts-base@2.2.8
accounts-google@1.4.0
accounts-oauth@1.4.2
accounts-password@2.3.4
accounts-ui@1.4.2
accounts-ui-unstyled@1.7.0
allow-deny@1.1.1
autoupdate@1.8.0
babel-compiler@7.10.3
babel-compiler@7.10.4
babel-runtime@1.5.1
base64@1.0.12
binary-heap@1.0.11
blaze@2.6.1
blaze@2.7.1
blaze-html-templates@2.0.0
blaze-tools@1.1.3
boilerplate-generator@1.7.1
caching-compiler@1.2.2
caching-html-compiler@1.2.1
callback-hook@1.5.0
callback-hook@1.5.1
check@1.3.2
ddp@1.4.1
ddp-client@2.6.1
ddp-common@1.4.0
ddp-rate-limiter@1.1.1
ddp-server@2.6.0
ddp-rate-limiter@1.2.0
ddp-server@2.6.1
diff-sequence@1.1.2
differential:event-hooks@1.5.0
dynamic-import@0.7.2
ecmascript@0.16.6
ecmascript-runtime@0.8.0
dynamic-import@0.7.3
ecmascript@0.16.7
ecmascript-runtime@0.8.1
ecmascript-runtime-client@0.12.1
ecmascript-runtime-server@0.11.0
ejson@1.1.3
email@2.2.4
email@2.2.5
es5-shim@4.8.0
fetch@0.1.3
geojson-utils@1.0.11
Expand All @@ -49,37 +49,37 @@ less@4.0.0
localstorage@1.2.0
logging@1.3.2
mdg:validated-method@1.3.0
meteor@1.11.1
meteor@1.11.2
meteor-base@1.5.1
meteorhacks:picker@1.0.3
meteortoys:toykit@10.0.0
minifier-css@1.6.2
minifier-css@1.6.4
minifier-js@2.7.5
minimongo@1.9.2
minimongo@1.9.3
mobile-experience@1.1.0
mobile-status-bar@1.1.0
modern-browsers@0.1.9
modules@0.19.0
modules-runtime@0.13.1
momentjs:moment@2.29.3
mongo@1.16.5
mongo@1.16.6
mongo-decimal@0.1.3
mongo-dev-server@1.1.0
mongo-id@1.0.8
msavin:mongol@10.0.1
natestrauser:select2@4.0.3
npm-mongo@4.14.0
npm-mongo@4.16.0
oauth@2.2.0
oauth2@1.3.2
observe-sequence@1.0.20
observe-sequence@1.0.21
ordered-dict@1.1.0
ostrio:flow-router-extra@3.9.0
pcel:mysql@0.1.0
promise@0.12.2
random@1.2.1
randyp:mats-common@5.1.0
rate-limit@1.0.9
react-fast-refresh@0.2.6
randyp:mats-common@5.1.1
rate-limit@1.1.1
react-fast-refresh@0.2.7
reactive-dict@1.3.1
reactive-var@1.0.12
reload@1.3.1
Expand All @@ -91,19 +91,19 @@ service-configuration@1.3.1
session@1.2.1
sha@1.0.9
shell-server@0.5.0
socket-stream-client@0.5.0
spacebars@1.3.0
socket-stream-client@0.5.1
spacebars@1.4.1
spacebars-compiler@1.3.1
standard-minifier-js@2.8.1
templating@1.4.2
templating-compiler@1.4.1
templating-runtime@1.6.1
templating-runtime@1.6.3
templating-tools@1.2.2
tracker@1.3.1
tracker@1.3.2
twbs:bootstrap@3.3.6
underscore@1.0.12
underscore@1.0.13
url@1.3.2
webapp@1.13.4
webapp@1.13.5
webapp-hashing@1.1.1
yasinuslu:json-view@1.2.3
zodern:types@1.0.9
Loading

0 comments on commit dd7c218

Please sign in to comment.