From a438b33285f5e65822651e55e105083d6bfa2de7 Mon Sep 17 00:00:00 2001 From: semantic-release-bot Date: Mon, 22 Nov 2021 11:15:24 +0000 Subject: [PATCH 01/24] chore(release): 1.3.0 [skip ci] # [1.3.0](https://github.com/phenixcoder/lambda-container-service/compare/v1.2.1...v1.3.0) (2021-11-22) ### Bug Fixes * **newman:** fixed dev server express mapping ([9be5ee3](https://github.com/phenixcoder/lambda-container-service/commit/9be5ee3804eeec84316f36011d3c39e611d9e07c)) ### Features * **logger:** added improved logger ([2530e38](https://github.com/phenixcoder/lambda-container-service/commit/2530e3832e5ad53bf0b7e76bb26d6c574720f8a1)) --- CHANGELOG.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index ddff7fb..120081d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,15 @@ +# [1.3.0](https://github.com/phenixcoder/lambda-container-service/compare/v1.2.1...v1.3.0) (2021-11-22) + + +### Bug Fixes + +* **newman:** fixed dev server express mapping ([9be5ee3](https://github.com/phenixcoder/lambda-container-service/commit/9be5ee3804eeec84316f36011d3c39e611d9e07c)) + + +### Features + +* **logger:** added improved logger ([2530e38](https://github.com/phenixcoder/lambda-container-service/commit/2530e3832e5ad53bf0b7e76bb26d6c574720f8a1)) + ## [1.2.1](https://github.com/phenixcoder/lambda-container-service/compare/v1.2.0...v1.2.1) (2021-11-14) From f291a1206e585ab35858b4af320ef8afaff5bfb7 Mon Sep 17 00:00:00 2001 From: Balwant Date: Mon, 22 Nov 2021 22:26:22 +1100 Subject: [PATCH 02/24] refactor(ci): split publish command --- .releaserc | 1 + prepare.sh | 4 ++++ publish.sh | 2 -- 3 files changed, 5 insertions(+), 2 deletions(-) create mode 100755 prepare.sh diff --git a/.releaserc b/.releaserc index 3ca0f47..1f9d777 100644 --- a/.releaserc +++ b/.releaserc @@ -10,6 +10,7 @@ [ "@semantic-release/exec", { + "prepareCmd": "./prepare.sh ${nextRelease.version} ${options.branch} ${commits.length} ${Date.now()}", "publishCmd": "./publish.sh ${nextRelease.version} ${options.branch} ${commits.length} ${Date.now()}" } ] diff --git a/prepare.sh b/prepare.sh new file mode 100755 index 0000000..5536ef0 --- /dev/null +++ b/prepare.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +npm version $1 --no-git-tag-version +docker build -t lambda-container-service . \ No newline at end of file diff --git a/publish.sh b/publish.sh index 792b3d5..4337c0b 100755 --- a/publish.sh +++ b/publish.sh @@ -2,8 +2,6 @@ REPO=045615149555.dkr.ecr.ap-southeast-2.amazonaws.com/lambda-container-service -npm version $1 --no-git-tag-version -docker build -t lambda-container-service . docker tag lambda-container-service:latest $REPO:$1 docker push $REPO:$1 docker tag lambda-container-service:latest $REPO:latest From 1ca9128eef4cae578f8d539bc86d44b4609a4023 Mon Sep 17 00:00:00 2001 From: semantic-release-bot Date: Mon, 22 Nov 2021 11:31:10 +0000 Subject: [PATCH 03/24] chore(release): 1.3.0 [skip ci] # [1.3.0](https://github.com/phenixcoder/lambda-container-service/compare/v1.2.1...v1.3.0) (2021-11-22) ### Bug Fixes * **newman:** fixed dev server express mapping ([9be5ee3](https://github.com/phenixcoder/lambda-container-service/commit/9be5ee3804eeec84316f36011d3c39e611d9e07c)) ### Features * **logger:** added improved logger ([2530e38](https://github.com/phenixcoder/lambda-container-service/commit/2530e3832e5ad53bf0b7e76bb26d6c574720f8a1)) --- CHANGELOG.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 120081d..bed55d8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,18 @@ * **newman:** fixed dev server express mapping ([9be5ee3](https://github.com/phenixcoder/lambda-container-service/commit/9be5ee3804eeec84316f36011d3c39e611d9e07c)) +### Features + +* **logger:** added improved logger ([2530e38](https://github.com/phenixcoder/lambda-container-service/commit/2530e3832e5ad53bf0b7e76bb26d6c574720f8a1)) + +# [1.3.0](https://github.com/phenixcoder/lambda-container-service/compare/v1.2.1...v1.3.0) (2021-11-22) + + +### Bug Fixes + +* **newman:** fixed dev server express mapping ([9be5ee3](https://github.com/phenixcoder/lambda-container-service/commit/9be5ee3804eeec84316f36011d3c39e611d9e07c)) + + ### Features * **logger:** added improved logger ([2530e38](https://github.com/phenixcoder/lambda-container-service/commit/2530e3832e5ad53bf0b7e76bb26d6c574720f8a1)) From b9ed77e06f603087ef5effda223e00e51764254e Mon Sep 17 00:00:00 2001 From: Balwant Date: Mon, 22 Nov 2021 22:44:08 +1100 Subject: [PATCH 04/24] build: fixing Docker image build --- Dockerfile | 2 ++ prepare.sh | 4 +++- setup.sh | 2 ++ 3 files changed, 7 insertions(+), 1 deletion(-) create mode 100755 setup.sh diff --git a/Dockerfile b/Dockerfile index 551f7a9..b7bfad0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,8 @@ FROM public.ecr.aws/lambda/nodejs:14 COPY ./build ${LAMBDA_TASK_ROOT} +WORKDIR ${LAMBDA_TASK_ROOT} +RUN pwd && ls -la RUN npm ci --only=production # Set the CMD to your handler (could also be done as a parameter override outside of the Dockerfile) diff --git a/prepare.sh b/prepare.sh index 5536ef0..94423bf 100755 --- a/prepare.sh +++ b/prepare.sh @@ -1,4 +1,6 @@ #!/bin/bash +# export LAMBDA_TASK_ROOT=/var/task + npm version $1 --no-git-tag-version -docker build -t lambda-container-service . \ No newline at end of file +docker build --no-cache -t lambda-container-service . \ No newline at end of file diff --git a/setup.sh b/setup.sh new file mode 100755 index 0000000..05a7907 --- /dev/null +++ b/setup.sh @@ -0,0 +1,2 @@ +#!/bin/bash + From 64ec732dfc1b2e1949fd349f903bba86f76461c0 Mon Sep 17 00:00:00 2001 From: semantic-release-bot Date: Mon, 22 Nov 2021 11:46:39 +0000 Subject: [PATCH 05/24] chore(release): 1.3.0 [skip ci] # [1.3.0](https://github.com/phenixcoder/lambda-container-service/compare/v1.2.1...v1.3.0) (2021-11-22) ### Bug Fixes * **newman:** fixed dev server express mapping ([9be5ee3](https://github.com/phenixcoder/lambda-container-service/commit/9be5ee3804eeec84316f36011d3c39e611d9e07c)) ### Features * **logger:** added improved logger ([2530e38](https://github.com/phenixcoder/lambda-container-service/commit/2530e3832e5ad53bf0b7e76bb26d6c574720f8a1)) --- CHANGELOG.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index bed55d8..c346c76 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -18,6 +18,18 @@ * **newman:** fixed dev server express mapping ([9be5ee3](https://github.com/phenixcoder/lambda-container-service/commit/9be5ee3804eeec84316f36011d3c39e611d9e07c)) +### Features + +* **logger:** added improved logger ([2530e38](https://github.com/phenixcoder/lambda-container-service/commit/2530e3832e5ad53bf0b7e76bb26d6c574720f8a1)) + +# [1.3.0](https://github.com/phenixcoder/lambda-container-service/compare/v1.2.1...v1.3.0) (2021-11-22) + + +### Bug Fixes + +* **newman:** fixed dev server express mapping ([9be5ee3](https://github.com/phenixcoder/lambda-container-service/commit/9be5ee3804eeec84316f36011d3c39e611d9e07c)) + + ### Features * **logger:** added improved logger ([2530e38](https://github.com/phenixcoder/lambda-container-service/commit/2530e3832e5ad53bf0b7e76bb26d6c574720f8a1)) From 5363421eb8a63db7eedeae17d74c59b52dff1cb7 Mon Sep 17 00:00:00 2001 From: Balwant Date: Mon, 22 Nov 2021 22:50:41 +1100 Subject: [PATCH 06/24] ci: update release.yml to use build:image command --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 8a190ba..2a46790 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -39,7 +39,7 @@ jobs: run: | aws ecr get-login-password --region ap-southeast-2 | docker login --username AWS --password-stdin 045615149555.dkr.ecr.ap-southeast-2.amazonaws.com npm ci - npm run build + npm run build:image env: AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} From 2759c22b44729e31a4b76fd583bdb058f72d955f Mon Sep 17 00:00:00 2001 From: semantic-release-bot Date: Mon, 22 Nov 2021 11:52:23 +0000 Subject: [PATCH 07/24] chore(release): 1.3.0 [skip ci] # [1.3.0](https://github.com/phenixcoder/lambda-container-service/compare/v1.2.1...v1.3.0) (2021-11-22) ### Bug Fixes * **newman:** fixed dev server express mapping ([9be5ee3](https://github.com/phenixcoder/lambda-container-service/commit/9be5ee3804eeec84316f36011d3c39e611d9e07c)) ### Features * **logger:** added improved logger ([2530e38](https://github.com/phenixcoder/lambda-container-service/commit/2530e3832e5ad53bf0b7e76bb26d6c574720f8a1)) --- CHANGELOG.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index c346c76..5d48c30 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -30,6 +30,18 @@ * **newman:** fixed dev server express mapping ([9be5ee3](https://github.com/phenixcoder/lambda-container-service/commit/9be5ee3804eeec84316f36011d3c39e611d9e07c)) +### Features + +* **logger:** added improved logger ([2530e38](https://github.com/phenixcoder/lambda-container-service/commit/2530e3832e5ad53bf0b7e76bb26d6c574720f8a1)) + +# [1.3.0](https://github.com/phenixcoder/lambda-container-service/compare/v1.2.1...v1.3.0) (2021-11-22) + + +### Bug Fixes + +* **newman:** fixed dev server express mapping ([9be5ee3](https://github.com/phenixcoder/lambda-container-service/commit/9be5ee3804eeec84316f36011d3c39e611d9e07c)) + + ### Features * **logger:** added improved logger ([2530e38](https://github.com/phenixcoder/lambda-container-service/commit/2530e3832e5ad53bf0b7e76bb26d6c574720f8a1)) From 44d5e7e638f3cde8f0c8b673c5a2086c77f0a881 Mon Sep 17 00:00:00 2001 From: Balwant Date: Mon, 22 Nov 2021 22:58:25 +1100 Subject: [PATCH 08/24] fix(build):build image step in release step --- .github/workflows/release.yml | 9 ++------- prepare.sh | 1 + 2 files changed, 3 insertions(+), 7 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 2a46790..7bbfc1c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -35,16 +35,11 @@ jobs: uses: actions/setup-node@v1.4.5 with: node-version: 14 - - name: Package 📦 + - name: Publish 🚀 run: | aws ecr get-login-password --region ap-southeast-2 | docker login --username AWS --password-stdin 045615149555.dkr.ecr.ap-southeast-2.amazonaws.com npm ci - npm run build:image - env: - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - - name: Publish 🚀 - run: npm run release + npm run release env: AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} diff --git a/prepare.sh b/prepare.sh index 94423bf..aafba81 100755 --- a/prepare.sh +++ b/prepare.sh @@ -3,4 +3,5 @@ # export LAMBDA_TASK_ROOT=/var/task npm version $1 --no-git-tag-version +npm run build:image docker build --no-cache -t lambda-container-service . \ No newline at end of file From 9addb26c7bd0a169059109b7dd61874cfa3898d0 Mon Sep 17 00:00:00 2001 From: Balwant Singh <2805177+phenixcoder@users.noreply.github.com> Date: Wed, 1 Dec 2021 16:10:27 +1100 Subject: [PATCH 09/24] docs: add setup project insturctions --- README.md | 20 ++++++++++++++++++++ deploy.yml | 17 +++++++++++++++++ 2 files changed, 37 insertions(+) create mode 100644 deploy.yml diff --git a/README.md b/README.md index a444156..bc7f44e 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,26 @@ # Lambda Container Service > Service template using container based lambda function +## Setup +1. Create ECR Repo +2. Add folloeing permissions to Repo which allows Lambda to fetch image. +```json +{ + "Sid": "LambdaECRImageRetrievalPolicy", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + }, + "Action": [ + "ecr:BatchGetImage", + "ecr:GetDownloadUrlForLayer" + ] +} +``` +3. Change the Repo Name in + 1. publish.sh:3 (Line 3) + 2. .github/workflows/release.yml (Line 40; To update login credentials) + ## Developing Runs a custom dev webserver which hosts the lambda function which can be hosted on diff --git a/deploy.yml b/deploy.yml new file mode 100644 index 0000000..2a6a6d6 --- /dev/null +++ b/deploy.yml @@ -0,0 +1,17 @@ +envs: + # Development environment + - name: development + auto_merge: false + required_contexts: [] + + # Development environment + - name: beta + auto_merge: false + required_contexts: [] + + # Production environment + - name: production + auto_merge: true + required_contexts: + - test + - docker-image \ No newline at end of file From ce134c34e1de3dafd81b04e2d03c6bf7ebf1de18 Mon Sep 17 00:00:00 2001 From: Balwant Singh <2805177+phenixcoder@users.noreply.github.com> Date: Wed, 1 Dec 2021 16:11:05 +1100 Subject: [PATCH 10/24] ci: Add Gitploy deploy.yml From abde77083401af169f6891af734732aa1ce2a119 Mon Sep 17 00:00:00 2001 From: Balwant Singh <2805177+phenixcoder@users.noreply.github.com> Date: Wed, 1 Dec 2021 16:52:10 +1100 Subject: [PATCH 11/24] ci: added deploument workflow --- .github/workflows/main.yml | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 .github/workflows/main.yml diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml new file mode 100644 index 0000000..e17199e --- /dev/null +++ b/.github/workflows/main.yml @@ -0,0 +1,23 @@ +name: Deploy + +# Controls when the workflow will run +on: + # Triggers the workflow on push or pull request events but only for the main branch + deployment: + branches: [ main ] + +# A workflow run is made up of one or more jobs that can run sequentially or in parallel +jobs: + # This workflow contains a single job called "build" + Verify: + # The type of runner that the job will run on + runs-on: ubuntu-latest + + # Steps represent a sequence of tasks that will be executed as part of the job + steps: + ## Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it + #- uses: actions/checkout@v2 + + # Runs a single command using the runners shell + - name: Verify If Deployment params are valid + run: echo "Verify deployment Request" From 35a3162f380b778771f7deef122c8cfdaf610a19 Mon Sep 17 00:00:00 2001 From: Balwant Singh <2805177+phenixcoder@users.noreply.github.com> Date: Wed, 1 Dec 2021 17:21:56 +1100 Subject: [PATCH 12/24] Update and rename main.yml to deploy.yml --- .github/workflows/{main.yml => deploy.yml} | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) rename .github/workflows/{main.yml => deploy.yml} (84%) diff --git a/.github/workflows/main.yml b/.github/workflows/deploy.yml similarity index 84% rename from .github/workflows/main.yml rename to .github/workflows/deploy.yml index e17199e..b42fa27 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/deploy.yml @@ -2,9 +2,7 @@ name: Deploy # Controls when the workflow will run on: - # Triggers the workflow on push or pull request events but only for the main branch - deployment: - branches: [ main ] + deployment # A workflow run is made up of one or more jobs that can run sequentially or in parallel jobs: From fed2031d9d599361da6cb7cc31101d09faa614ba Mon Sep 17 00:00:00 2001 From: Balwant Singh <2805177+phenixcoder@users.noreply.github.com> Date: Wed, 1 Dec 2021 17:46:05 +1100 Subject: [PATCH 13/24] Update deploy.yml --- .github/workflows/deploy.yml | 23 ++++++++++------------- 1 file changed, 10 insertions(+), 13 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index b42fa27..be8169c 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -1,21 +1,18 @@ name: Deploy -# Controls when the workflow will run on: - deployment + deployment: + branches-ignore: + - '**' + +name: on-deployment -# A workflow run is made up of one or more jobs that can run sequentially or in parallel jobs: - # This workflow contains a single job called "build" Verify: - # The type of runner that the job will run on + environment: ${{ github.event.deployment.environment }} runs-on: ubuntu-latest - - # Steps represent a sequence of tasks that will be executed as part of the job steps: - ## Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - #- uses: actions/checkout@v2 - - # Runs a single command using the runners shell - - name: Verify If Deployment params are valid - run: echo "Verify deployment Request" + - name: Print event data + env: + EVENT: ${{ toJSON( github.event ) }} + run: echo "$EVENT" From db522fca00649092f6fc42a1bf981ac1eb14eed2 Mon Sep 17 00:00:00 2001 From: Balwant Singh <2805177+phenixcoder@users.noreply.github.com> Date: Thu, 2 Dec 2021 17:33:23 +1100 Subject: [PATCH 14/24] Update deploy.yml --- .github/workflows/deploy.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index be8169c..a7c55cb 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -4,9 +4,6 @@ on: deployment: branches-ignore: - '**' - -name: on-deployment - jobs: Verify: environment: ${{ github.event.deployment.environment }} From 63f9eef7d9f146c33fbeab556d505aa388ed03b1 Mon Sep 17 00:00:00 2001 From: Balwant Singh <2805177+phenixcoder@users.noreply.github.com> Date: Thu, 2 Dec 2021 18:11:43 +1100 Subject: [PATCH 15/24] Update deploy.yml --- deploy.yml | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/deploy.yml b/deploy.yml index 2a6a6d6..3a8461e 100644 --- a/deploy.yml +++ b/deploy.yml @@ -1,17 +1,16 @@ envs: # Development environment - name: development - auto_merge: false + task: "${GITPLOY_DEPLOY_TASK}${GITPLOY_ROLLBACK_TASK}:lambda-service:development" required_contexts: [] # Development environment - name: beta - auto_merge: false + task: "${GITPLOY_DEPLOY_TASK}${GITPLOY_ROLLBACK_TASK}:lambda-service:beta" required_contexts: [] # Production environment - name: production - auto_merge: true - required_contexts: - - test - - docker-image \ No newline at end of file + task: "${GITPLOY_DEPLOY_TASK}${GITPLOY_ROLLBACK_TASK}:lambda-service:production" + production_environment: true + required_contexts: [] From 7e94f9626b668eb8026bd2c89d82780fa7e57408 Mon Sep 17 00:00:00 2001 From: Balwant Singh <2805177+phenixcoder@users.noreply.github.com> Date: Thu, 2 Dec 2021 18:24:03 +1100 Subject: [PATCH 16/24] Update deploy.yml --- deploy.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/deploy.yml b/deploy.yml index 3a8461e..5095b52 100644 --- a/deploy.yml +++ b/deploy.yml @@ -2,15 +2,18 @@ envs: # Development environment - name: development task: "${GITPLOY_DEPLOY_TASK}${GITPLOY_ROLLBACK_TASK}:lambda-service:development" + auto_merge: false required_contexts: [] # Development environment - name: beta task: "${GITPLOY_DEPLOY_TASK}${GITPLOY_ROLLBACK_TASK}:lambda-service:beta" + auto_merge: false required_contexts: [] # Production environment - name: production task: "${GITPLOY_DEPLOY_TASK}${GITPLOY_ROLLBACK_TASK}:lambda-service:production" production_environment: true + auto_merge: false required_contexts: [] From 5b3048c330b20a7bdd6e8a617f4c0017921d23cf Mon Sep 17 00:00:00 2001 From: Balwant Singh <2805177+phenixcoder@users.noreply.github.com> Date: Thu, 2 Dec 2021 18:30:06 +1100 Subject: [PATCH 17/24] Auto merge to true --- deploy.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/deploy.yml b/deploy.yml index 5095b52..f74efe6 100644 --- a/deploy.yml +++ b/deploy.yml @@ -2,18 +2,18 @@ envs: # Development environment - name: development task: "${GITPLOY_DEPLOY_TASK}${GITPLOY_ROLLBACK_TASK}:lambda-service:development" - auto_merge: false + auto_merge: true required_contexts: [] # Development environment - name: beta task: "${GITPLOY_DEPLOY_TASK}${GITPLOY_ROLLBACK_TASK}:lambda-service:beta" - auto_merge: false + auto_merge: true required_contexts: [] # Production environment - name: production task: "${GITPLOY_DEPLOY_TASK}${GITPLOY_ROLLBACK_TASK}:lambda-service:production" production_environment: true - auto_merge: false + auto_merge: true required_contexts: [] From 7e7675ffd86d895ce8110797503e5503de070847 Mon Sep 17 00:00:00 2001 From: Balwant Singh <2805177+phenixcoder@users.noreply.github.com> Date: Thu, 2 Dec 2021 18:33:55 +1100 Subject: [PATCH 18/24] Update deploy.yml --- deploy.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/deploy.yml b/deploy.yml index f74efe6..5095b52 100644 --- a/deploy.yml +++ b/deploy.yml @@ -2,18 +2,18 @@ envs: # Development environment - name: development task: "${GITPLOY_DEPLOY_TASK}${GITPLOY_ROLLBACK_TASK}:lambda-service:development" - auto_merge: true + auto_merge: false required_contexts: [] # Development environment - name: beta task: "${GITPLOY_DEPLOY_TASK}${GITPLOY_ROLLBACK_TASK}:lambda-service:beta" - auto_merge: true + auto_merge: false required_contexts: [] # Production environment - name: production task: "${GITPLOY_DEPLOY_TASK}${GITPLOY_ROLLBACK_TASK}:lambda-service:production" production_environment: true - auto_merge: true + auto_merge: false required_contexts: [] From 9531639406a0f9e5920f5d6c22efefe70499984d Mon Sep 17 00:00:00 2001 From: Balwant Singh <2805177+phenixcoder@users.noreply.github.com> Date: Fri, 3 Dec 2021 11:38:15 +1100 Subject: [PATCH 19/24] Update deploy.yml --- .github/workflows/deploy.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index a7c55cb..2e375c9 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -4,6 +4,8 @@ on: deployment: branches-ignore: - '**' + tags: + - v* jobs: Verify: environment: ${{ github.event.deployment.environment }} From b8de7ed1f9b712d6c24c23d95c7a05eb28491010 Mon Sep 17 00:00:00 2001 From: Balwant Singh <2805177+phenixcoder@users.noreply.github.com> Date: Fri, 3 Dec 2021 12:01:40 +1100 Subject: [PATCH 20/24] Update deploy.yml --- .github/workflows/deploy.yml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 2e375c9..19a9342 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -1,11 +1,7 @@ name: Deploy on: - deployment: - branches-ignore: - - '**' - tags: - - v* + deployment jobs: Verify: environment: ${{ github.event.deployment.environment }} From 5d59a8f63e50a11281fccc865b95f374ea625456 Mon Sep 17 00:00:00 2001 From: Balwant Singh <2805177+phenixcoder@users.noreply.github.com> Date: Fri, 3 Dec 2021 14:57:25 +1100 Subject: [PATCH 21/24] Update deploy.yml --- .github/workflows/deploy.yml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 19a9342..79ca25c 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -1,7 +1,14 @@ name: Deploy on: - deployment + workflow_dispatch: + inputs: + environment: + description: 'Target Environment' + required: true + tags: + description: 'Release tag to be deployed' + required: true jobs: Verify: environment: ${{ github.event.deployment.environment }} From 03e3b368ee51ecb4cd217c717ceeab508a36ef07 Mon Sep 17 00:00:00 2001 From: Balwant Singh <2805177+phenixcoder@users.noreply.github.com> Date: Mon, 27 Mar 2023 02:08:31 +1100 Subject: [PATCH 22/24] Update setup script --- .github/workflows/release.yml | 5 ++- publish.sh | 7 ++-- setup | 69 +++++++++++++++++++++++++++++++++++ setup.sh | 2 - 4 files changed, 77 insertions(+), 6 deletions(-) create mode 100644 setup delete mode 100755 setup.sh diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7bbfc1c..4a51d31 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -37,9 +37,12 @@ jobs: node-version: 14 - name: Publish 🚀 run: | - aws ecr get-login-password --region ap-southeast-2 | docker login --username AWS --password-stdin 045615149555.dkr.ecr.ap-southeast-2.amazonaws.com + aws ecr get-login-password --region ap-southeast-2 | docker login --username AWS --password-stdin $REPO_REGISTRY npm ci npm run release env: + REPO_NAME: "lambda-container-service" + REPO_URI: "045615149555.dkr.ecr.ap-southeast-2.amazonaws.com/lambda-container-service" + REPO_REGISTRY: "045615149555.dkr.ecr.ap-southeast-2.amazonaws.com" AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} diff --git a/publish.sh b/publish.sh index 4337c0b..c7d6be7 100755 --- a/publish.sh +++ b/publish.sh @@ -1,8 +1,9 @@ #!/bin/bash -REPO=045615149555.dkr.ecr.ap-southeast-2.amazonaws.com/lambda-container-service +SERVICE_NAME=$REPO_NAME +REPO=$REPO_URI -docker tag lambda-container-service:latest $REPO:$1 +docker tag $SERVICE_NAME:latest $REPO:$1 docker push $REPO:$1 -docker tag lambda-container-service:latest $REPO:latest +docker tag $SERVICE_NAME:latest $REPO:latest docker push $REPO:latest \ No newline at end of file diff --git a/setup b/setup new file mode 100644 index 0000000..bb40724 --- /dev/null +++ b/setup @@ -0,0 +1,69 @@ +#!/bin/env node + +const execSync = require('child_process').execSync; +const { readFileSync, writeFileSync, unlinkSync } = require('fs'); +const POLICY = { + "Version" : "2008-10-17", + "Statement" : [ + { + "Sid": "LambdaECRImageRetrievalPolicy", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + }, + "Action": [ + "ecr:BatchGetImage", + "ecr:GetDownloadUrlForLayer" + ] + } + ] + }; + +const runtimeConfig = { + REPO_NAME : process.argv[2], + REPO_URI: null, + REPO_REGISTRY: null +} +try { + const repos = execSync(` aws ecr describe-repositories --repository-names=${runtimeConfig.REPO_NAME}`, { stdio: 'pipe'}); + console.log(); + runtimeConfig.REPO_URI = JSON.parse(repos.toString()).repositories[0].repositoryUri; +} catch (error) { + console.log(error); + const newRepo = execSync(`aws ecr create-repository --repository-name ${runtimeConfig.REPO_NAME}`, { stdio: 'pipe'}); + runtimeConfig.REPO_URI = JSON.parse(newRepo.toString()).repository.repositoryUri; +} + +if (runtimeConfig.REPO_URI) { + runtimeConfig.REPO_REGISTRY = runtimeConfig.REPO_URI.replace(`/${runtimeConfig.REPO_NAME}`, ""); + console.log('Setting Repo Policy'); + writeFileSync('./lcs-policy.json', JSON.stringify(POLICY)); + try { + execSync(`aws ecr set-repository-policy --repository-name=${runtimeConfig.REPO_NAME} --policy-text=file://lcs-policy.json`, { stdio: 'pipe'}); + unlinkSync('./lcs-policy.json'); + console.log(`Repo policy set on ${runtimeConfig.REPO_NAME} repo.`); + } catch (error) { + console.log('Error setting policy', error.stderr.toString()); + unlinkSync('./lcs-policy.json'); + process.exit(1); + } +} + +console.log('\nRuntime Config:'); +console.log('==============='); +console.log('REPO_NAME:', runtimeConfig.REPO_NAME); +console.log('REPO_URI :', runtimeConfig.REPO_URI); +console.log('REPO_REGISTRY :', runtimeConfig.REPO_REGISTRY); + +console.log("Updating package.json"); +let packageFile = JSON.parse(readFileSync('package.json').toString()); +packageFile.name = runtimeConfig.REPO_NAME; +writeFileSync('package.json', JSON.stringify(packageFile, null, ' ')); + +console.log("Updating .github/workflows/release.yml"); +let releaseFile = readFileSync('.github/workflows/release.yml').toString(); +releaseFile = releaseFile.replace('REPO_NAME: "lambda-container-service"', `REPO_NAME: "${runtimeConfig.REPO_NAME}"`); +releaseFile = releaseFile.replace('REPO_URI: "045615149555.dkr.ecr.ap-southeast-2.amazonaws.com/lambda-container-service"', `REPO_URI: "${runtimeConfig.REPO_URI}"`); +releaseFile = releaseFile.replace('REPO_REGISTRY: "045615149555.dkr.ecr.ap-southeast-2.amazonaws.com"', `REPO_REGISTRY: "${runtimeConfig.REPO_REGISTRY}"`); +writeFileSync('.github/workflows/release.yml', releaseFile); +console.log('Setup Successfull. Please delete this setup script.'); \ No newline at end of file diff --git a/setup.sh b/setup.sh deleted file mode 100755 index 05a7907..0000000 --- a/setup.sh +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/bash - From d47041392c1c5a665484737b2891c5987a0798fd Mon Sep 17 00:00:00 2001 From: Balwant Singh <2805177+phenixcoder@users.noreply.github.com> Date: Mon, 27 Mar 2023 02:22:22 +1100 Subject: [PATCH 23/24] Added AWS STS Auth --- .github/workflows/release.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 4a51d31..6c0fc0f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -35,6 +35,12 @@ jobs: uses: actions/setup-node@v1.4.5 with: node-version: 14 + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-region: ap-southeast-2 + role-to-assume: arn:aws:iam::045615149555:role/service-image-upload + role-session-name: service-image-upload-session - name: Publish 🚀 run: | aws ecr get-login-password --region ap-southeast-2 | docker login --username AWS --password-stdin $REPO_REGISTRY @@ -44,5 +50,3 @@ jobs: REPO_NAME: "lambda-container-service" REPO_URI: "045615149555.dkr.ecr.ap-southeast-2.amazonaws.com/lambda-container-service" REPO_REGISTRY: "045615149555.dkr.ecr.ap-southeast-2.amazonaws.com" - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} From 6f8b8409f6aefa306077f04a4ed31f22fde6888c Mon Sep 17 00:00:00 2001 From: Balwant Singh <2805177+phenixcoder@users.noreply.github.com> Date: Mon, 27 Mar 2023 02:27:15 +1100 Subject: [PATCH 24/24] Added Permissions --- .github/workflows/release.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 6c0fc0f..dd5ffb5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -29,6 +29,9 @@ jobs: runs-on: ubuntu-latest if: ${{ github.ref == 'refs/heads/main' }} needs: [Verify] + permissions: + id-token: write + contents: write steps: - uses: actions/checkout@v2 - name: Setup Node.js environment