github/crypt-keeper-extension
1
1
Fork 0
mirror of https://github.com/CryptKeeperZK/crypt-keeper-extension.git synced 2026-01-08 21:47:56 -05:00
Code Issues Packages Projects Releases Wiki Activity

chore: aws infrastructure (docker + deploy workflow) (#653)

Browse Source 
* Add workflow + aux scripts to support deploy via codedeploy
* Fix role ARN
* Fix role scripts + rename Dockerfiles
* Fix role scripts
* Create .env file
* Manipulate .env in build script
* Remove .env (used while testing)
* Fix typo
* Move Dockerfiles into packages
* Fixed typo
This commit is contained in:
ntampakas
2023-07-18 19:42:05 +03:00
committed by GitHub
parent c46515ef40
commit 4b7820a85a
12 changed files with 226 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
.github/scripts/build.sh vendored Executable file
View File

@@ -0,0 +1,20 @@
#!/bin/bash
set -ex
build=$1
[ $build = "enable" ] || exit 0
aws ecr get-login-password --region eu-central-1 | docker login --username AWS --password-stdin 490752553772.dkr.ecr.eu-central-1.amazonaws.com
cp .env.example .env
docker build -f packages/demo/Dockerfile -t crypt-keeper-extension-demo .
docker tag crypt-keeper-extension-demo:latest 490752553772.dkr.ecr.eu-central-1.amazonaws.com/crypt-keeper-extension-demo:latest
docker push 490752553772.dkr.ecr.eu-central-1.amazonaws.com/crypt-keeper-extension-demo:latest
docker build -f packages/merkle-mock-server/Dockerfile -t crypt-keeper-extension-merkle .
docker tag crypt-keeper-extension-merkle:latest 490752553772.dkr.ecr.eu-central-1.amazonaws.com/crypt-keeper-extension-merkle:latest
docker push 490752553772.dkr.ecr.eu-central-1.amazonaws.com/crypt-keeper-extension-merkle:latest
exit 0

21
.github/scripts/deploy.sh vendored Executable file
View File

@@ -0,0 +1,21 @@
#!/bin/bash
set -x
COMMIT_HASH=$(git rev-parse HEAD)
DEPLOY_ID=$(aws deploy create-deployment --application-name crypt-keeper-extension-prod --deployment-group-name crypt-keeper-extension-prod-group --github-location repository=$GITHUB_REPOSITORY,commitId=$COMMIT_HASH --ignore-application-stop-failures --file-exists OVERWRITE --output text)
while true; do
STATUS=$(aws deploy get-deployment --deployment-id $DEPLOY_ID --query 'deploymentInfo.status' --output text)
if [ $STATUS != "InProgress" ] && [ $STATUS != "Created" ]; then
if [ $STATUS = "Succeeded" ]; then
echo "SUCCESS"
exit 0
else
echo "Failed"
exit 1
fi
else
echo "Deploying..."
fi
sleep 30
done

48
.github/workflows/deploy.yml vendored Normal file
View File

@@ -0,0 +1,48 @@
name: Deploy
on:
#push:
# branches: [ main ]
workflow_dispatch:
inputs:
build:
description: "Build trigger"
required: true
default: "enable"
type: choice
options:
- enable
- disable
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
deploy:
runs-on: ubuntu-latest
env:
DATA: ${{ github.event.inputs.build || 'enable' }}
permissions:
id-token: write
contents: read
steps:
- name: Checkout
uses: actions/checkout@v2
with:
persist-credentials: false
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
role-to-assume: arn:aws:iam::490752553772:role/crypt-keeper-extension-ecs-deploy-slc
role-duration-seconds: 1800
aws-region: eu-central-1
- name: Build and Push images to ECR
run: |
.github/scripts/build.sh ${{ env.DATA }}
- name: Create Deployment
run: |
.github/scripts/deploy.sh

30
appspec.yml Normal file
View File

@@ -0,0 +1,30 @@
version: 0.0
os: linux
files:
- source: /
destination: /home/ubuntu/crypt-keeper-extension
permissions:
- object: /home/ubuntu/crypt-keeper-extension
owner: ubuntu
group: ubuntu
hooks:
BeforeInstall:
- location: scripts/before_install.sh
timeout: 300
runas: ubuntu
AfterInstall:
- location: scripts/after_install.sh
timeout: 300
runas: ubuntu
ApplicationStart:
- location: scripts/start_app.sh
timeout: 300
runas: ubuntu
ApplicationStop:
- location: scripts/stop_app.sh
timeout: 300
runas: ubuntu
ValidateService:
- location: scripts/validate_app.sh
timeout: 300
runas: ubuntu

30
docker-compose.yml Normal file
View File

@@ -0,0 +1,30 @@
version: '3.9'
services:
demo:
image: 490752553772.dkr.ecr.eu-central-1.amazonaws.com/crypt-keeper-extension-demo
pull_policy: always
container_name: demo
ports:
- "1234:1234"
restart: always
expose:
- 1234
networks:
- network-1
merkle:
image: 490752553772.dkr.ecr.eu-central-1.amazonaws.com/crypt-keeper-extension-merkle
pull_policy: always
container_name: merkle
ports:
- "8090:8090"
expose:
- 8090
restart: always
networks:
- network-1
networks:
network-1:
driver: bridge

21
packages/demo/Dockerfile Normal file
View File

@@ -0,0 +1,21 @@
FROM node:18-alpine as builder
RUN apk add --no-cache git curl
WORKDIR /builder
COPY . .
RUN npm i -g pnpm
RUN pnpm install
RUN pnpm run build
# Create image by copying build artifacts
FROM node:18-alpine as runner
RUN npm i -g pnpm
USER node
ARG PORT=1234
WORKDIR /home/node
COPY --chown=node:node --from=builder /builder/ ./
EXPOSE ${PORT}
CMD ["pnpm", "run", "demo:start"]

21
packages/merkle-mock-server/Dockerfile Normal file
View File

@@ -0,0 +1,21 @@
FROM node:18-alpine as builder
RUN apk add --no-cache git curl
WORKDIR /builder
COPY . .
RUN npm i -g pnpm
RUN pnpm install
RUN pnpm run build
# Create image by copying build artifacts
FROM node:18-alpine as runner
RUN npm i -g pnpm
USER node
ARG PORT=8090
WORKDIR /home/node
COPY --chown=node:node --from=builder /builder/ ./
EXPOSE ${PORT}
CMD ["pnpm", "run", "merkle:start"]

6
scripts/after_install.sh Executable file
View File

@@ -0,0 +1,6 @@
#!/bin/bash
set -e
aws ecr get-login-password --region eu-central-1 | docker login --username AWS --password-stdin 490752553772.dkr.ecr.eu-central-1.amazonaws.com
exit 0

6
scripts/before_install.sh Executable file
View File

@@ -0,0 +1,6 @@
#!/bin/bash
set -e
docker image prune --filter "until=72h" -f
exit 0

7
scripts/start_app.sh Executable file
View File

@@ -0,0 +1,7 @@
#!/bin/bash
set -e
cd ~/crypt-keeper-extension
docker compose up -d
exit 0

7
scripts/stop_app.sh Executable file
View File

@@ -0,0 +1,7 @@
#!/bin/bash
cd ~/crypt-keeper-extension
docker compose down
exit 0

9
scripts/validate_app.sh Executable file
View File

@@ -0,0 +1,9 @@
#!/bin/bash
containers_running=$(docker ps --format "{{.Status}}" | grep -ci up)
[ $containers_running -eq 2 ] || exit 1
exposed_ports=$(netstat -lnt4 | egrep -cw '8090|1234')
[ $exposed_ports -eq 2 ] || exit 1
exit 0