Skip to content

Commit

Permalink
Merge pull request #51 from sendbird/CINF-2785
Browse files Browse the repository at this point in the history
[CINF-2785] set up the image build pipeline
  • Loading branch information
JooeunAhn authored Sep 8, 2023
2 parents efd3392 + 1baaf51 commit 5f69aeb
Show file tree
Hide file tree
Showing 2 changed files with 146 additions and 0 deletions.
134 changes: 134 additions & 0 deletions .circleci/config.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,134 @@
version: 2.1
orbs:
aws-ecr: circleci/[email protected]
aws-cli: circleci/[email protected]

executors:
amd64:
machine:
image: ubuntu-2004:current
docker_layer_caching: true
resource_class: medium
arm64:
machine:
image: ubuntu-2004:current
docker_layer_caching: true
resource_class: arm.medium

jobs:
build_container_image_and_push:
executor: << parameters.architecture >>
environment:
AWS_ECR_REGISTRY_ID: '314716043882'
parameters:
architecture:
description: architecture to build
type: enum
enum: ['amd64', 'arm64']
build_path:
description: the path to execute docker build
type: string
dockerfile:
description: dockerfile name to use in docker build
type: string
default: Dockerfile
repo:
description: ECR repository name to push container image
type: string
aws_region:
description: AWS region of ECR repository to push container image
type: enum
enum: ['us-east-1', 'us-west-2']
steps:
- checkout
- attach_workspace:
# Must be absolute path or relative path from working_directory
at: .
- aws-ecr/build-and-push-image:
dockerfile: << parameters.dockerfile >>
new-profile-name: ci-ops
path: << parameters.build_path >>
build-path: << parameters.build_path >>
platform: linux/<< parameters.architecture >>
profile-name: default
region: << parameters.aws_region >>
repo: << parameters.repo >>
role-arn: arn:aws:iam::314716043882:role/ci-ops
tag: '$CIRCLE_TAG-<< parameters.architecture >>'
push_arch_integrated_manifest:
executor: arm64
parameters:
aws_region:
description: AWS region of ECR repository to push container image
type: enum
enum: ['us-east-1', 'us-west-2']
repo:
description: ECR repository name to push container image
type: string
environment:
DOCKER_CLI_EXPERIMENTAL: enabled
ECR_REPO: 314716043882.dkr.ecr.<<parameters.aws_region>>.amazonaws.com/<<parameters.repo>>
steps:
- aws-cli/setup:
profile-name: default
configure-default-region: false
- aws-cli/role-arn-setup:
profile-name: ci-ops
source-profile: default
role-arn: arn:aws:iam::314716043882:role/ci-ops
- run:
name: Login in docker registry
command: |
aws ecr get-login-password --region <<parameters.aws_region>> --profile ci-ops | docker login --username AWS --password-stdin $ECR_REPO
- run:
name: Push image manifest
command: |
docker manifest create "$ECR_REPO:$CIRCLE_TAG" "$ECR_REPO:$CIRCLE_TAG-amd64" "$ECR_REPO:$CIRCLE_TAG-arm64"
docker manifest push "$ECR_REPO:$CIRCLE_TAG"
scan_credentials:
docker:
- image: $SEC_THOG_SCANNER_IMAGE
aws_auth:
aws_access_key_id: $SEC_AWS_ID_FOR_THOG_ECR
aws_secret_access_key: $SEC_AWS_KEY_FOR_THOG_ECR
resource_class: small
steps:
- run:
name: Scan credentials
command: sh scan.sh

workflows:
version: 2
build_and_push:
jobs:
- build_container_image_and_push:
name: build_app-<<matrix.architecture>>
filters: *only_version_tag_trigger
requires:
- build
matrix: &amd64_and_arm64_matrix
parameters:
architecture:
- amd64
- arm64
build_path: '.'
aws_region: us-west-2
repo: aiwidget/app
context:
- circleci-dashboard-bot
- push_arch_integrated_manifest:
name: integrate_manifest_app
filters: *only_version_tag_trigger
requires:
- build_app-amd64
- build_app-arm64
aws_region: us-west-2
repo: aiwidget/app
context:
- circleci-dashboard-bot
- scan_credentials:
filters: *only_version_tag_trigger
context:
- devsecops
requires:
- integrate_manifest_app
12 changes: 12 additions & 0 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
# builder
FROM node:18.17.1-alpine AS builder

WORKDIR /app
COPY ./packages/url-webdemo ./

RUN npm install
RUN npm run build

# production
FROM nginx:alpine
COPY --from=builder /app/dist /usr/share/nginx/html

0 comments on commit 5f69aeb

Please sign in to comment.