From 73060466df70236c1bb03b0837055eaa118cba63 Mon Sep 17 00:00:00 2001 From: gisele-igore Date: Fri, 31 Mar 2023 17:44:48 +0200 Subject: [PATCH] Refacto Dockerfile --- .circleci.old/config.yml | 24 -- .circleci.old/workflows.yml | 228 ------------------ .circleci/config.yml | 24 +- Dockerfiles/Dockerfile.api | 47 ---- devops/Dockerfile | 51 ++++ {helm-charts-p2 => devops/charts}/.helmignore | 0 {helm-charts-p2 => devops/charts}/Chart.yaml | 0 .../charts}/templates/NOTES.txt | 0 .../charts}/templates/_helpers.tpl | 0 .../templates/testnet/api.deployment.yaml | 0 .../templates/testnet/api.ingress.yaml | 0 .../templates/testnet/api.service.yaml | 0 .../templates/testnet/api.serviceaccount.yaml | 0 .../charts}/templates/testnet/configmap.yaml | 0 .../templates/testnet/front.deployment.yaml | 0 .../templates/testnet/front.ingress.yaml | 0 .../templates/testnet/front.service.yaml | 0 .../testnet/front.serviceaccount.yaml | 0 .../templates/testnet/proxy.deployment.yaml | 0 .../templates/testnet/proxy.ingress.yaml | 0 .../templates/testnet/proxy.service.yaml | 0 .../testnet/proxy.serviceaccount.yaml | 0 {helm-charts-p2 => devops/charts}/values.yaml | 0 package-lock.json | 33 +++ package.json | 1 + 25 files changed, 92 insertions(+), 316 deletions(-) delete mode 100644 .circleci.old/config.yml delete mode 100644 .circleci.old/workflows.yml delete mode 100644 Dockerfiles/Dockerfile.api create mode 100644 devops/Dockerfile rename {helm-charts-p2 => devops/charts}/.helmignore (100%) rename {helm-charts-p2 => devops/charts}/Chart.yaml (100%) rename {helm-charts-p2 => devops/charts}/templates/NOTES.txt (100%) rename {helm-charts-p2 => devops/charts}/templates/_helpers.tpl (100%) rename {helm-charts-p2 => devops/charts}/templates/testnet/api.deployment.yaml (100%) rename {helm-charts-p2 => devops/charts}/templates/testnet/api.ingress.yaml (100%) rename {helm-charts-p2 => devops/charts}/templates/testnet/api.service.yaml (100%) rename {helm-charts-p2 => devops/charts}/templates/testnet/api.serviceaccount.yaml (100%) rename {helm-charts-p2 => devops/charts}/templates/testnet/configmap.yaml (100%) rename {helm-charts-p2 => devops/charts}/templates/testnet/front.deployment.yaml (100%) rename {helm-charts-p2 => devops/charts}/templates/testnet/front.ingress.yaml (100%) rename {helm-charts-p2 => devops/charts}/templates/testnet/front.service.yaml (100%) rename {helm-charts-p2 => devops/charts}/templates/testnet/front.serviceaccount.yaml (100%) rename {helm-charts-p2 => devops/charts}/templates/testnet/proxy.deployment.yaml (100%) rename {helm-charts-p2 => devops/charts}/templates/testnet/proxy.ingress.yaml (100%) rename {helm-charts-p2 => devops/charts}/templates/testnet/proxy.service.yaml (100%) rename {helm-charts-p2 => devops/charts}/templates/testnet/proxy.serviceaccount.yaml (100%) rename {helm-charts-p2 => devops/charts}/values.yaml (100%) diff --git a/.circleci.old/config.yml b/.circleci.old/config.yml deleted file mode 100644 index 3efdd0f1..00000000 --- a/.circleci.old/config.yml +++ /dev/null @@ -1,24 +0,0 @@ -version: 2.1 - -orbs: - path-filtering: circleci/path-filtering@0.1.3 - -setup: true - -workflows: - setup-workflow: - jobs: - - path-filtering/filter: - filters: - branches: - only: - - dev - - main - - preprod - base-revision: <> - config-path: .circleci/workflows.yml - mapping: | - src/.* src true - devops/.* devops true - .gitleaksignore src true - .gitleaksignore devops true \ No newline at end of file diff --git a/.circleci.old/workflows.yml b/.circleci.old/workflows.yml deleted file mode 100644 index f657c5cd..00000000 --- a/.circleci.old/workflows.yml +++ /dev/null @@ -1,228 +0,0 @@ -version: 2.1 -orbs: - kubernetes: circleci/kubernetes@1.0.0 - helm: circleci/helm@2.0.1 - -parameters: - project-name: - type: string - description: Name of the global project, it will be used for the container registry, example -> tezoslink (has frontend and backend modules) - default: tezoslink - - project-module: - type: string - description: Name of the app or module of the project, it will be used for the container registry, for example tezoslink has a front and back app, example -> front - default: p1-api - - dockerfile-location: - type: string - description: Location of the Dockerfile from the root of the repo - default: . - - project-helm-values: - type: string - description: Index of values in the helm chart file, example -> testApp - default: tezosLink - - -######################################################## -################## DO NOT EDIT ######################### -######################################################## - src: - type: boolean - description: This is the directory of the app, used to trigger app build & deploy - default: false - - devops: - type: boolean - description: This is the directory of the devops, used to trigger devops only deploy - default: false - -######################################################## - -################################################################### -################ COMMANDS ####################### -################################################################### -commands: - install-yq: - parameters: - version: - type: string - default: v4.27.3 - steps: - - run: - name: Install YQ - command: > - curl -L -o ${HOME}/yq - https://github.com/mikefarah/yq/releases/download/<< parameters.version - >>/yq_linux_amd64 - chmod +x ${HOME}/yq - ${HOME}/yq --version - - -jobs: - - default: - docker: - - image: cimg/base:stable - steps: - - run: - name: Nothing to do - command: echo There is nothing to do - - verify-tag: - docker: - - image: cimg/base:stable - steps: - - checkout - - install-yq - - run: - name: Get name of project from repo url - command: echo "export NAMESPACE=$(echo '<>' | sed 's:.*/::')">> $BASH_ENV - - run: - name: Slugify name from repo url - command: echo "export NAMESPACE=$(echo $NAMESPACE | awk '{gsub(/[^0-9a-zA-Z .-]/,""); gsub(/^[ \t\r\n]+/, ""); gsub(/[ \t\r\n]+$/, ""); gsub(/[ ]+/,"-"); print tolower($0);}')">> $BASH_ENV - - run: - name: Extract TAG from Chart.yaml - command: echo "export TAG=$(${HOME}/yq '.appVersion' devops/Chart.yaml )" >> $BASH_ENV - - run: - name: Verify if TAG is in Chart.yaml - command: | - if [ -z "1" ] - then - echo "Tag is either null or missformed (check documentation)" - exit 1 - fi - - run: - name: Tag is 1 - command: echo 1 - - setup_remote_docker: - version: 20.10.12 - docker_layer_caching: true - - run: - name: Login to SCW registry - command: docker login rg.fr-par.scw.cloud/$NAMESPACE -u nologin -p $SCW_SECRET_KEY - - run: - name: Check if TAG already exists in registry - command: docker manifest inspect rg.fr-par.scw.cloud/<>/<>:1 && exit 1 || echo 'TAG is available' - - run: - when: on_fail - command: echo 'Please review your tag' - - run-gitleaks: - docker: - - image: zricethezav/gitleaks:v8.15.0 - steps: - - checkout - - run: - name: Create scan directory - command: mkdir /tmp/gitleaks - - run: - name: Starting scan - command: gitleaks detect --source . --log-opts "-p -n 1" -r /tmp/gitleaks/scan.json -v - - store_artifacts: - path: /tmp/gitleaks/scan.json - - build-docker-image: - machine: - image: ubuntu-2004:202010-01 - steps: - - checkout - - install-yq - - run: - name: Create persistent workspace - command: mkdir -p workspace - - run: - name: Extract TAG from Chart.yaml - command: echo "export TAG=$(${HOME}/yq '.appVersion' devops/Chart.yaml )" >> $BASH_ENV - - run: - name: Display Tag - command: echo You are building version 1 - - run: - name: Build image - command: > - docker build - --tag rg.fr-par.scw.cloud/<>/<>:1 - <> | while read line; do echo "$(date +%T) > $line"; done; - - run: - name: Save image - command: > - docker save - -o workspace/tezoslink-back.tar - rg.fr-par.scw.cloud/<>/<>:1 - - persist_to_workspace: - root: workspace - paths: - - tezoslink-back.tar - - - push-docker-image: - docker: - - image: cimg/base:stable - steps: - - checkout - - install-yq - - attach_workspace: -# at: /tmp/workspace - at: /workspace - - run: - name: Extract TAG from Chart.yaml - command: echo "export TAG=$(${HOME}/yq '.appVersion' devops/Chart.yaml )" >> $BASH_ENV - - run: - name: Display Tag - command: echo You are pushing version 1 - - setup_remote_docker: - version: 20.10.12 - docker_layer_caching: true - - run: - name: Login to SCW registry - command: docker login rg.fr-par.scw.cloud -u nologin -p $SCW_SECRET_KEY - - run: - name: Load docker image from workspace -# command: docker load -i /tmp/workspace/tezoslink-back.tar - command: docker load -i /workspace/tezoslink-back.tar - - run: - name: Push image - command: docker push rg.fr-par.scw.cloud/<>/<>:1 - - -workflows: - version: 2 - build-scan-push-deploy-stg: - when: <> - jobs: - - run-gitleaks: - filters: &filters-stg - branches: - only: application-segmentation-2 - - verify-tag: - filters: - <<: *filters-stg - requires: - - run-gitleaks - - build-docker-image: - # requires: - # - verify-tag - context: - - application-segmentation-2 - filters: - <<: *filters-stg - - push-docker-image: - context: - - application-segmentation-2 - filters: - <<: *filters-stg - - - - default: - when: - and: -# - not: <> - - not: <> - jobs: - - default: - filters: - branches: - only: - - dev \ No newline at end of file diff --git a/.circleci/config.yml b/.circleci/config.yml index 821669e5..be687216 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -4,7 +4,6 @@ orbs: kubernetes: circleci/kubernetes@1.0.0 helm: circleci/helm@2.0.1 - jobs: build-push-docker-image: docker: @@ -16,15 +15,10 @@ jobs: - setup_remote_docker: version: 20.10.12 docker_layer_caching: true - - run: docker login rg.fr-par.scw.cloud/tezoslink -u nologin -p $SCW_SECRET_KEY - - run: docker build --tag rg.fr-par.scw.cloud/tezoslink/p1-api:$TAG -f Dockerfiles/Dockerfile.api . - - run: docker push rg.fr-par.scw.cloud/tezoslink/p1-api:$TAG - - run: docker login rg.fr-par.scw.cloud/tezoslink -u nologin -p $SCW_SECRET_KEY - - run: docker build --tag rg.fr-par.scw.cloud/tezoslink/p1-frontend:$TAG -f Dockerfiles/Dockerfile.front . - - run: docker push rg.fr-par.scw.cloud/tezoslink/p1-frontend:$TAG - - run: docker login rg.fr-par.scw.cloud/tezoslink -u nologin -p $SCW_SECRET_KEY - - run: docker build --tag rg.fr-par.scw.cloud/tezoslink/p1-proxy:$TAG -f Dockerfiles/Dockerfile.proxy . - - run: docker push rg.fr-par.scw.cloud/tezoslink/p1-proxy:$TAG + - run: docker login rg.fr-par.scw.cloud/lecoffre -u nologin -p $SCW_SECRET_KEY + - run: docker build --tag rg.fr-par.scw.cloud/lecoffre/api:$TAG devops/ . + - run: docker push rg.fr-par.scw.cloud/lecoffre/api:$TAG + deploy-docker-image: docker: @@ -40,15 +34,11 @@ jobs: name: Deploy command: > helm upgrade - tezos-link helm-charts-p2 -i -f helm-charts-p2/values.yaml - -n tezos-link + lecoffre-back devops/charts -i -f devops/charts/values.yaml + -n lecoffre-back --create-namespace --set api.image.tag=$TAG - --set api.image.repository='rg.fr-par.scw.cloud/tezoslink/p1-api' - --set front.image.tag=$TAG - --set front.image.repository='rg.fr-par.scw.cloud/tezoslink/p1-frontend' - --set proxy.image.tag=$TAG - --set proxy.image.repository='rg.fr-par.scw.cloud/tezoslink/p1-proxy' + --set api.image.repository='rg.fr-par.scw.cloud/lecoffre/api' workflows: diff --git a/Dockerfiles/Dockerfile.api b/Dockerfiles/Dockerfile.api deleted file mode 100644 index 9cc4eadd..00000000 --- a/Dockerfiles/Dockerfile.api +++ /dev/null @@ -1,47 +0,0 @@ -# Install dependencies only when needed -FROM node:19-alpine AS deps - -WORKDIR leCoffre - -RUN npm install -D prisma@4.11.0 -COPY package.json ./ -COPY src/common/databases/schema.prisma ./src/common/databases/schema.prisma -RUN npx prisma generate -RUN npm install --frozen-lockfile - -# Rebuild the source code only when needed -FROM node:19-alpine AS builder - -WORKDIR leCoffre - -COPY . . - -RUN apk update && apk add openssh-client git - -COPY id_ed25519 /root/.ssh/id_ed25519 -RUN chmod 600 ~/.ssh/id_ed25519 -RUN eval "$(ssh-agent -s)" && ssh-add /root/.ssh/id_ed25519 -RUN ssh-keyscan github.com smart-chain-fr/leCoffre-resources.git >> /root/.ssh/known_hosts - -COPY node_modules ./node_modules -RUN npx prisma generate -RUN npm run build - -# Production image, copy all the files and run next -FROM node:19-alpine AS production - -WORKDIR leCoffre - -RUN adduser -D lecoffreuser --uid 10000 && chown -R lecoffreuser . - -COPY --from=builder --chown=lecoffreuser leCoffre/node_modules ./node_modules -COPY --from=builder --chown=lecoffreuser leCoffre/dist/api ./dist/api -COPY --from=builder --chown=lecoffreuser leCoffre/dist/entries ./dist/entries -COPY --from=builder --chown=lecoffreuser leCoffre/dist/common ./dist/common -COPY --from=builder --chown=lecoffreuser leCoffre/src/common/databases/ ./src/common/databases/ -COPY --from=builder --chown=lecoffreuser leCoffre/package.json ./package.json - -USER lecoffreuser - -CMD ["npm", "run", "api:start"] -EXPOSE 3001 \ No newline at end of file diff --git a/devops/Dockerfile b/devops/Dockerfile new file mode 100644 index 00000000..80aca658 --- /dev/null +++ b/devops/Dockerfile @@ -0,0 +1,51 @@ +# Install dependencies only when needed +FROM node:19-alpine AS deps + +WORKDIR leCoffre-back + +RUN npm install -D prisma@4.11.0 +COPY package.json ./ +COPY src/common/databases/schema.prisma ./src/common/databases/schema.prisma +RUN npx prisma generate + +ARG FINGERPRINT +ENV FINGERPRINT=$FINGERPRINT +COPY id_rsa_${FINGERPRINT} /root/.ssh/id_ed25519 +RUN chmod 600 ~/.ssh/id_ed25519 +RUN eval "$(ssh-agent -s)" && ssh-add /root/.ssh/id_ed25519 +RUN ssh-keyscan github.com smart-chain-fr/leCoffre-back-resources.git >> /root/.ssh/known_hosts +RUN npm cache clean --force +RUN npm install --frozen-lockfile -g npm-cache + +# Rebuild the source code only when needed +FROM node:19-alpine AS builder + +WORKDIR leCoffre-back + +COPY . . +RUN apk update && apk add openssh-client git + +COPY node_modules ./node_modules + +RUN npx prisma generate +RUN npm run build + +# Production image, copy all the files and run next +FROM node:19-alpine AS production + +WORKDIR leCoffre-back + +RUN unset FINGERPRINT +RUN adduser -D lecoffre-back-user --uid 10000 && chown -R lecoffre-back-user . + +COPY --from=builder --chown=lecoffre-back-user leCoffre-back/node_modules ./node_modules +COPY --from=builder --chown=lecoffre-back-user leCoffre-back/dist/app/api ./dist/api +COPY --from=builder --chown=lecoffre-back-user leCoffre-back/dist/entries ./dist/entries +COPY --from=builder --chown=lecoffre-back-user leCoffre-back/dist/common ./dist/common +COPY --from=builder --chown=lecoffre-back-user leCoffre-back/src/common/databases/ ./src/common/databases/ +COPY --from=builder --chown=lecoffre-back-user leCoffre-back/package.json ./package.json + +USER lecoffre-back-user + +CMD ["npm", "run", "api:start"] +EXPOSE 3001 \ No newline at end of file diff --git a/helm-charts-p2/.helmignore b/devops/charts/.helmignore similarity index 100% rename from helm-charts-p2/.helmignore rename to devops/charts/.helmignore diff --git a/helm-charts-p2/Chart.yaml b/devops/charts/Chart.yaml similarity index 100% rename from helm-charts-p2/Chart.yaml rename to devops/charts/Chart.yaml diff --git a/helm-charts-p2/templates/NOTES.txt b/devops/charts/templates/NOTES.txt similarity index 100% rename from helm-charts-p2/templates/NOTES.txt rename to devops/charts/templates/NOTES.txt diff --git a/helm-charts-p2/templates/_helpers.tpl b/devops/charts/templates/_helpers.tpl similarity index 100% rename from helm-charts-p2/templates/_helpers.tpl rename to devops/charts/templates/_helpers.tpl diff --git a/helm-charts-p2/templates/testnet/api.deployment.yaml b/devops/charts/templates/testnet/api.deployment.yaml similarity index 100% rename from helm-charts-p2/templates/testnet/api.deployment.yaml rename to devops/charts/templates/testnet/api.deployment.yaml diff --git a/helm-charts-p2/templates/testnet/api.ingress.yaml b/devops/charts/templates/testnet/api.ingress.yaml similarity index 100% rename from helm-charts-p2/templates/testnet/api.ingress.yaml rename to devops/charts/templates/testnet/api.ingress.yaml diff --git a/helm-charts-p2/templates/testnet/api.service.yaml b/devops/charts/templates/testnet/api.service.yaml similarity index 100% rename from helm-charts-p2/templates/testnet/api.service.yaml rename to devops/charts/templates/testnet/api.service.yaml diff --git a/helm-charts-p2/templates/testnet/api.serviceaccount.yaml b/devops/charts/templates/testnet/api.serviceaccount.yaml similarity index 100% rename from helm-charts-p2/templates/testnet/api.serviceaccount.yaml rename to devops/charts/templates/testnet/api.serviceaccount.yaml diff --git a/helm-charts-p2/templates/testnet/configmap.yaml b/devops/charts/templates/testnet/configmap.yaml similarity index 100% rename from helm-charts-p2/templates/testnet/configmap.yaml rename to devops/charts/templates/testnet/configmap.yaml diff --git a/helm-charts-p2/templates/testnet/front.deployment.yaml b/devops/charts/templates/testnet/front.deployment.yaml similarity index 100% rename from helm-charts-p2/templates/testnet/front.deployment.yaml rename to devops/charts/templates/testnet/front.deployment.yaml diff --git a/helm-charts-p2/templates/testnet/front.ingress.yaml b/devops/charts/templates/testnet/front.ingress.yaml similarity index 100% rename from helm-charts-p2/templates/testnet/front.ingress.yaml rename to devops/charts/templates/testnet/front.ingress.yaml diff --git a/helm-charts-p2/templates/testnet/front.service.yaml b/devops/charts/templates/testnet/front.service.yaml similarity index 100% rename from helm-charts-p2/templates/testnet/front.service.yaml rename to devops/charts/templates/testnet/front.service.yaml diff --git a/helm-charts-p2/templates/testnet/front.serviceaccount.yaml b/devops/charts/templates/testnet/front.serviceaccount.yaml similarity index 100% rename from helm-charts-p2/templates/testnet/front.serviceaccount.yaml rename to devops/charts/templates/testnet/front.serviceaccount.yaml diff --git a/helm-charts-p2/templates/testnet/proxy.deployment.yaml b/devops/charts/templates/testnet/proxy.deployment.yaml similarity index 100% rename from helm-charts-p2/templates/testnet/proxy.deployment.yaml rename to devops/charts/templates/testnet/proxy.deployment.yaml diff --git a/helm-charts-p2/templates/testnet/proxy.ingress.yaml b/devops/charts/templates/testnet/proxy.ingress.yaml similarity index 100% rename from helm-charts-p2/templates/testnet/proxy.ingress.yaml rename to devops/charts/templates/testnet/proxy.ingress.yaml diff --git a/helm-charts-p2/templates/testnet/proxy.service.yaml b/devops/charts/templates/testnet/proxy.service.yaml similarity index 100% rename from helm-charts-p2/templates/testnet/proxy.service.yaml rename to devops/charts/templates/testnet/proxy.service.yaml diff --git a/helm-charts-p2/templates/testnet/proxy.serviceaccount.yaml b/devops/charts/templates/testnet/proxy.serviceaccount.yaml similarity index 100% rename from helm-charts-p2/templates/testnet/proxy.serviceaccount.yaml rename to devops/charts/templates/testnet/proxy.serviceaccount.yaml diff --git a/helm-charts-p2/values.yaml b/devops/charts/values.yaml similarity index 100% rename from helm-charts-p2/values.yaml rename to devops/charts/values.yaml diff --git a/package-lock.json b/package-lock.json index 4fb26d00..0b0fc1a9 100644 --- a/package-lock.json +++ b/package-lock.json @@ -20,6 +20,7 @@ "le-coffre-ressources": "github.com:smart-chain-fr/leCoffre-resources.git", "module-alias": "^2.2.2", "next": "^13.1.5", + "node-cache": "^5.1.2", "node-schedule": "^2.1.1", "prisma-query": "^2.0.0", "reflect-metadata": "^0.1.13", @@ -431,6 +432,14 @@ "version": "0.0.1", "license": "MIT" }, + "node_modules/clone": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/clone/-/clone-2.1.2.tgz", + "integrity": "sha512-3Pe/CF1Nn94hyhIYpjtiLhdCoEoz0DqQ+988E9gmeEdQZlojxnOb74wctFyuwWQHzqyf9X7C7MG8juUpqBJT8w==", + "engines": { + "node": ">=0.8" + } + }, "node_modules/combined-stream": { "version": "1.0.8", "license": "MIT", @@ -994,6 +1003,17 @@ } } }, + "node_modules/node-cache": { + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/node-cache/-/node-cache-5.1.2.tgz", + "integrity": "sha512-t1QzWwnk4sjLWaQAS8CHgOJ+RAfmHpxFWmc36IWTiWHQfs0w5JDMBS1b1ZxQteo0vVVuWJvIUKHDkkeK7vIGCg==", + "dependencies": { + "clone": "2.x" + }, + "engines": { + "node": ">= 8.0.0" + } + }, "node_modules/node-schedule": { "version": "2.1.1", "license": "MIT", @@ -1838,6 +1858,11 @@ "client-only": { "version": "0.0.1" }, + "clone": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/clone/-/clone-2.1.2.tgz", + "integrity": "sha512-3Pe/CF1Nn94hyhIYpjtiLhdCoEoz0DqQ+988E9gmeEdQZlojxnOb74wctFyuwWQHzqyf9X7C7MG8juUpqBJT8w==" + }, "combined-stream": { "version": "1.0.8", "requires": { @@ -2157,6 +2182,14 @@ "styled-jsx": "5.1.1" } }, + "node-cache": { + "version": "5.1.2", + "resolved": "https://registry.npmjs.org/node-cache/-/node-cache-5.1.2.tgz", + "integrity": "sha512-t1QzWwnk4sjLWaQAS8CHgOJ+RAfmHpxFWmc36IWTiWHQfs0w5JDMBS1b1ZxQteo0vVVuWJvIUKHDkkeK7vIGCg==", + "requires": { + "clone": "2.x" + } + }, "node-schedule": { "version": "2.1.1", "requires": { diff --git a/package.json b/package.json index 08b167c2..fe04618a 100644 --- a/package.json +++ b/package.json @@ -47,6 +47,7 @@ "le-coffre-ressources": "github.com:smart-chain-fr/leCoffre-resources.git", "module-alias": "^2.2.2", "next": "^13.1.5", + "node-cache": "^5.1.2", "node-schedule": "^2.1.1", "prisma-query": "^2.0.0", "reflect-metadata": "^0.1.13",