From 25c376aac025953df06539ef16e07cd95657c46f Mon Sep 17 00:00:00 2001 From: anthony sottile Date: Thu, 2 May 2024 14:06:22 -0400 Subject: [PATCH] ref: dual-write chartcuterie image to artifact registry gcr is deprecated, OPS-3966 --- .dockerignore | 3 +-- Dockerfile | 14 ++++++++++- cloudbuild.yaml | 65 +++++++++++++++++-------------------------------- 3 files changed, 36 insertions(+), 46 deletions(-) diff --git a/.dockerignore b/.dockerignore index e3d483d..730e55c 100644 --- a/.dockerignore +++ b/.dockerignore @@ -2,8 +2,7 @@ * !/package.json -!/webpack.config.ts !/tsconfig.json !/yarn.lock -!/lib +!/src !/fonts diff --git a/Dockerfile b/Dockerfile index 4432c76..e52a0fb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,3 +1,12 @@ +FROM node:20 AS builder + +COPY package.json yarn.lock . +RUN yarn install --frozen-lockfile + +COPY tsconfig.json . +COPY src src +RUN yarn build + FROM node:20-slim ENV NODE_ENV=production @@ -16,7 +25,10 @@ WORKDIR /usr/src/app COPY package.json yarn.lock ./ RUN yarn install --frozen-lockfile -COPY . . +COPY fonts fonts +COPY --from=builder lib lib + +RUN node lib/index.js --help EXPOSE 9090/tcp CMD ["node", "./lib/index.js", "server", "9090"] diff --git a/cloudbuild.yaml b/cloudbuild.yaml index ba3033c..8a8bf1e 100644 --- a/cloudbuild.yaml +++ b/cloudbuild.yaml @@ -1,56 +1,35 @@ steps: - # Build the app - - name: 'node:20' - args: ['bash', '-c', 'yarn && yarn build'] - # Build and push runtime image - - name: 'gcr.io/kaniko-project/executor:v1.19.2' + - name: 'gcr.io/cloud-builders/docker' args: [ - '--cache=true', - '--use-new-run', + 'build', + '-t', + 'us.gcr.io/$PROJECT_ID/chartcuterie:latest', + '-t', + 'us.gcr.io/$PROJECT_ID/chartcuterie:$COMMIT_SHA', + '-t', + 'us-central1-docker.pkg.dev/$PROJECT_ID/getsentry/chartcuterie/image:latest', + '-t', + 'us-central1-docker.pkg.dev/$PROJECT_ID/getsentry/chartcuterie/image:$COMMIT_SHA', '--build-arg', - 'SOURCE_COMMIT=$COMMIT_SHA', - '--destination=us.gcr.io/$PROJECT_ID/chartcuterie:$COMMIT_SHA', + 'BUILDKIT_INLINE_CACHE=1', + '--cache-from', + 'us-central1-docker.pkg.dev/$PROJECT_ID/getsentry/chartcuterie/image:latest', + '.', ] - timeout: 900s - - # Smoke test - - name: 'us.gcr.io/$PROJECT_ID/chartcuterie:$COMMIT_SHA' - args: - - node - - '/usr/src/app/lib/index.js' - - '--help' - timeout: 60s + env: [DOCKER_BUILDKIT=1] - name: 'gcr.io/cloud-builders/docker' - secretEnv: ['DOCKER_PASSWORD'] entrypoint: 'bash' args: - - '-e' - - '-c' - - | - # Only push to Docker Hub from master - [ "$BRANCH_NAME" != "master" ] && exit 0 - docker tag us.gcr.io/$PROJECT_ID/chartcuterie:$COMMIT_SHA us.gcr.io/$PROJECT_ID/chartcuterie:latest - docker push us.gcr.io/$PROJECT_ID/chartcuterie:latest - echo "$$DOCKER_PASSWORD" | docker login --username=sentrybuilder --password-stdin - docker tag us.gcr.io/$PROJECT_ID/chartcuterie:$COMMIT_SHA getsentry/chartcuterie:$SHORT_SHA - docker push getsentry/chartcuterie:$SHORT_SHA - docker tag us.gcr.io/$PROJECT_ID/chartcuterie:$COMMIT_SHA getsentry/chartcuterie:$COMMIT_SHA - docker push getsentry/chartcuterie:$COMMIT_SHA - docker tag us.gcr.io/$PROJECT_ID/chartcuterie:$COMMIT_SHA getsentry/chartcuterie:latest - docker push getsentry/chartcuterie:latest + - '-c' + - | + # Only push "latest" tag when building on "master" + [ "$BRANCH_NAME" != "master" ] && exit 0 + docker push us.gcr.io/$PROJECT_ID/chartcuterie:latest + docker push us-central1-docker.pkg.dev/$PROJECT_ID/getsentry/chartcuterie/image:latest images: [ 'us.gcr.io/$PROJECT_ID/chartcuterie:$COMMIT_SHA', + 'us-central1-docker.pkg.dev/$PROJECT_ID/getsentry/chartcuterie/image:$COMMIT_SHA', ] - -secrets: -- kmsKeyName: projects/sentryio/locations/global/keyRings/service-credentials/cryptoKeys/cloudbuild - secretEnv: - # This is a personal access token for the sentrybuilder account, encrypted using the - # short guide at http://bit.ly/2Pg6uw9 - DOCKER_PASSWORD: | - CiQAE8gN7y3OMxn+a1kofmK4Bi8jQZtdRFj2lYYwaZHVeIIBUzMSTQA9tvn8XCv2vqj6u8CHoeSP - TVW9pLvSCorKoeNtOp0eb+6V1yNJW/+JC07DNO1KLbTbodbuza6jKJHU5xeAJ4kGQI78UY5Vu1Gp - QcMK