Skip to content

Commit

Permalink
Created CI build workflow to build and push Docker Image
Browse files Browse the repository at this point in the history
  • Loading branch information
ckunki committed Dec 13, 2023
1 parent ae6ca9b commit b856f04
Show file tree
Hide file tree
Showing 7 changed files with 76 additions and 14 deletions.
2 changes: 1 addition & 1 deletion aws-code-build/ci/buildspec_release.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -32,5 +32,5 @@ phases:
build:
commands:
- poetry run python3 -m exasol.ds.sandbox.main create-vm --default-password "$DEFAULT_PASSWORD" --asset-id "$ASSET_ID" $MAKE_AMI_PUBLIC_OPTION
- poetry run python3 -m exasol.ds.sandbox.main create-docker-image --publish --log-level info
- poetry run python3 -m exasol.ds.sandbox.main create-docker-image --version "$ASSET_ID" --publish --log-level info
- poetry run python3 -m exasol.ds.sandbox.main update-release --release-id "$RELEASE_ID" --asset-id "$ASSET_ID"
25 changes: 19 additions & 6 deletions exasol/ds/sandbox/cli/commands/start_test_release_build.py
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
import os
from typing import Optional

import click
Expand All @@ -9,10 +8,16 @@
from exasol.ds.sandbox.cli.options.logging import logging_options
from exasol.ds.sandbox.lib.aws_access.aws_access import AwsAccess
from exasol.ds.sandbox.lib.logging import set_log_level
from exasol.ds.sandbox.lib.github_release_access import GithubReleaseAccess
from exasol.ds.sandbox.lib.github_release_access import (
github_token_or_exit,
GithubReleaseAccess,
)
from exasol.ds.sandbox.lib.release_build.run_release_build import run_start_test_release_build


GITHUB_TOKEN_ENV = "GITHUB_TOKEN"


@cli.command()
@add_options(aws_options)
@add_options(logging_options)
Expand All @@ -27,9 +32,17 @@ def start_test_release_build(
release_title: str
):
"""
This command triggers the AWS release Codebuild to generate a new sandbox test version.
This command triggers the AWS release Codebuild to generate a new
sandbox test version. GitHub token is expected to be found in environment
variable GITHUB_TOKEN.
"""
set_log_level(log_level)
gh_token = os.getenv("GITHUB_TOKEN")
run_start_test_release_build(AwsAccess(aws_profile), GithubReleaseAccess(gh_token),
branch, release_title, gh_token)
gh_token = github_token_or_exit()
run_start_test_release_build(
AwsAccess(aws_profile),
GithubReleaseAccess(gh_token),
branch,
release_title,
gh_token,
)

20 changes: 14 additions & 6 deletions exasol/ds/sandbox/cli/commands/update_release.py
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
import os
from typing import Optional

import click
Expand All @@ -11,7 +10,10 @@
from exasol.ds.sandbox.lib.asset_id import AssetId
from exasol.ds.sandbox.lib.aws_access.aws_access import AwsAccess
from exasol.ds.sandbox.lib.logging import set_log_level
from exasol.ds.sandbox.lib.github_release_access import GithubReleaseAccess
from exasol.ds.sandbox.lib.github_release_access import (
github_token_or_exit,
GithubReleaseAccess,
)
from exasol.ds.sandbox.lib.update_release.run_update_release import run_update_release


Expand All @@ -27,9 +29,15 @@ def update_release(
asset_id: str,
log_level: str):
"""
This command attaches the links of the release assets (AMI, VM images) to the Github release,
indicated by parameter 'release-id'.
This command attaches the links of the release assets (AMI, VM images)
to the Github release, indicated by parameter 'release-id'. GitHub token
is expected to be found in environment variable GITHUB_TOKEN.
"""
set_log_level(log_level)
run_update_release(AwsAccess(aws_profile), GithubReleaseAccess(os.getenv("GITHUB_TOKEN")),
release_id, AssetId(asset_id))
gh_token = github_token_or_exit()
run_update_release(
AwsAccess(aws_profile),
GithubReleaseAccess(gh_token),
release_id,
AssetId(asset_id),
)
18 changes: 18 additions & 0 deletions exasol/ds/sandbox/lib/aws_access/aws_access.py
Original file line number Diff line number Diff line change
Expand Up @@ -100,6 +100,24 @@ def upload_cloudformation_stack(self, yml: str, stack_name: str, tags=tuple()) -
LOG.error(f"Run 'aws cloudformation describe-stack-events --stack-name {stack_name}' to get details.")
raise e

def read_secret_arn(self, physical_resource_id: str):
""""
Uses Boto3 to retrieve the ARN of a secret.
"""
LOG.debug("Reading secret for getting ARN,"
f" physical resource ID = {physical_resource_id},"
f" for aws profile {self.aws_profile_for_logging}")
client = self._get_aws_client("secretsmanager")
try:
secret = client.get_secret_value(SecretId=physical_resource_id)
return secret["ARN"]
except botocore.exceptions.ClientError as e:
LOG.error("Unable to read secret")
raise e

def read_dockerhub_secret_arn(self):
return self.read_secret_arn("Dockerhub")

@_log_function_start
def validate_cloudformation_template(self, cloudformation_yml) -> None:
"""
Expand Down
14 changes: 14 additions & 0 deletions exasol/ds/sandbox/lib/github_release_access.py
Original file line number Diff line number Diff line change
@@ -1,11 +1,25 @@
import os
import sys

from pathlib import Path

from github import Github, GithubException
from github.Repository import Repository

from exasol.ds.sandbox.lib.logging import get_status_logger, LogType


LOG = get_status_logger(LogType.RELEASE_ACCESS)
GITHUB_TOKEN_ENV = "GITHUB_TOKEN"


def github_token_or_exit() -> str:
variable = GITHUB_TOKEN_ENV
value = os.getenv(variable)
if value is not None:
return value
LOG.error(f"Environment variable {variable} is not set")
sys.exit(1)


class GithubReleaseAccess:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,12 @@


def run_setup_release_codebuild(aws_access: AwsAccess) -> None:
yml = render_template("release_code_build.jinja.yaml", vm_bucket=find_vm_bucket(aws_access))
secret_arn = aws_access.read_dockerhub_secret_arn()
yml = render_template(
"release_code_build.jinja.yaml",
vm_bucket=find_vm_bucket(aws_access),
dockerhub_secret_arn=secret_arn,
)
aws_access.upload_cloudformation_stack(yml, RELEASE_CODE_BUILD_STACK_NAME)
LOG.info(f"Deployed cloudformation stack {RELEASE_CODE_BUILD_STACK_NAME}")

4 changes: 4 additions & 0 deletions exasol/ds/sandbox/templates/release_code_build.jinja.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -72,6 +72,10 @@ Resources:
- s3:DeleteObject
Resource: arn:aws:s3:::{{vm_bucket}}/data_science_sandbox/*
Effect: Allow
- Action:
- secretsmanager:GetSecretValue
Resource: {{dockerhub_secret_arn}}
Effect: Allow
DataScienceSandboxReleaseCodeBuild:
Type: AWS::CodeBuild::Project
Properties:
Expand Down

0 comments on commit b856f04

Please sign in to comment.