-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add dockerfile and necessary scripts
- Loading branch information
1 parent
89eb3c4
commit f01935a
Showing
5 changed files
with
149 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,23 @@ | ||
| name: Cleanup Untagged Images | ||
|
|
||
| on: | ||
| # every sunday at 00:00 | ||
| schedule: | ||
| - cron: "0 0 * * SUN" | ||
| # or manually | ||
| workflow_dispatch: | ||
|
|
||
| jobs: | ||
| delete-untagged-images: | ||
| name: Delete Untagged Images | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: bots-house/ghcr-delete-image-action@v1.1.0 # nosemgrep: yaml.github-actions.security.third-party-action-not-pinned-to-commit-sha.third-party-action-not-pinned-to-commit-sha | ||
| with: | ||
| # NOTE: at now only orgs is supported | ||
| owner: airtai | ||
| name: captn-google-auth-ads | ||
|
|
||
| token: ${{ secrets.GITHUB_TOKEN }} | ||
| # Keep latest N untagged images | ||
| untagged-keep-latest: 1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,78 @@ | ||
| name: Pipeline | ||
| on: [push, workflow_dispatch] | ||
|
|
||
| env: | ||
| REGISTRY: ghcr.io | ||
| IMAGE_NAME: ${{ github.repository }} | ||
| PORT: ${{ vars.PORT }} | ||
| DOMAIN: ${{ vars.DOMAIN }} | ||
| DATABASE_URL: ${{ secrets.DATABASE_URL }} | ||
| CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }} | ||
|
|
||
| jobs: | ||
| docker_build_push: | ||
| runs-on: ubuntu-22.04 | ||
| permissions: | ||
| contents: read | ||
| packages: write | ||
| steps: | ||
| - name: Checkout repository | ||
| uses: actions/checkout@v4 | ||
| - uses: actions/setup-node@v3 | ||
| with: | ||
| node-version: 18 | ||
|
|
||
| - name: Install wasp | ||
| run: curl -sSL https://get.wasp-lang.dev/installer.sh | sh | ||
|
|
||
| - name: Log in to the Container registry | ||
| uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9 | ||
| with: | ||
| registry: ${{ env.REGISTRY }} | ||
| username: ${{ github.actor }} | ||
| password: ${{ secrets.GITHUB_TOKEN }} | ||
|
|
||
| - run: docker pull ghcr.io/$GITHUB_REPOSITORY:$GITHUB_REF_NAME || docker pull ghcr.io/$GITHUB_REPOSITORY || true | ||
| - run: docker build --build-arg PORT=$PORT -t ghcr.io/$GITHUB_REPOSITORY:$GITHUB_REF_NAME . | ||
| - name: Add tag latest if branch is main | ||
| if: github.ref_name == 'main' | ||
| run: docker tag ghcr.io/$GITHUB_REPOSITORY:$GITHUB_REF_NAME ghcr.io/$GITHUB_REPOSITORY:latest | ||
| - name: Push only if branch name is main | ||
| if: github.ref_name == 'main' | ||
| run: docker push ghcr.io/$GITHUB_REPOSITORY --all-tags | ||
|
|
||
| deploy: | ||
| runs-on: ubuntu-22.04 | ||
| defaults: | ||
| run: | ||
| shell: bash | ||
| needs: [docker_build_push] | ||
| if: github.ref_name == 'main' | ||
| container: | ||
| image: python:3.7-stretch | ||
| env: | ||
| GITHUB_USERNAME: ${{ github.actor }} | ||
| GITHUB_PASSWORD: ${{ secrets.GITHUB_TOKEN }} | ||
| SSH_KEY: ${{ secrets.SSH_KEY }} | ||
| AZURE_OPENAI_API_KEY: ${{ secrets.AZURE_OPENAI_API_KEY }} | ||
| steps: | ||
| - uses: actions/checkout@v3 | ||
| # This is to fix GIT not liking owner of the checkout dir - https://github.com/actions/runner/issues/2033#issuecomment-1204205989 | ||
| - run: chown -R $(id -u):$(id -g) $PWD | ||
| - run: echo "TAG=latest" >> $GITHUB_ENV | ||
| # - run: if [[ $GITHUB_REF_NAME == "main" ]]; then printenv PROD_CONFIG > "$(pwd)/.env" ; else printenv STAGING_CONFIG > "$(pwd)/.env" ; fi; | ||
| - run: echo "PATH=$PATH:/github/home/.local/bin" >> $GITHUB_ENV | ||
| - run: 'which ssh-agent || ( apt-get update -y && apt-get install openssh-client git -y )' | ||
| - run: eval $(ssh-agent -s) | ||
| - run: mkdir -p ~/.ssh | ||
| - run: chmod 700 ~/.ssh | ||
| - run: ssh-keyscan "$BACKEND_DOMAIN" >> ~/.ssh/known_hosts | ||
| - run: chmod 644 ~/.ssh/known_hosts | ||
| - run: echo "$SSH_KEY" | base64 --decode > key.pem | ||
| - run: chmod 600 key.pem | ||
|
|
||
| # - run: if [[ $GITHUB_REF_NAME == "main" ]]; then echo "DOMAIN=api.airt.ai" >> $GITHUB_ENV ; else echo "DOMAIN=api.staging.airt.ai" >> $GITHUB_ENV ; fi; | ||
| - run: ssh -o StrictHostKeyChecking=no -i key.pem azureuser@"$BACKEND_DOMAIN" "docker images" | ||
| - run: sh scripts/deploy_backend.sh | ||
|
|
||
| - run: rm key.pem |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,35 @@ | ||
| ARG BASE_IMAGE=ubuntu:22.04 | ||
|
|
||
| FROM $BASE_IMAGE | ||
|
|
||
|
|
||
| SHELL ["/bin/bash", "-c"] | ||
|
|
||
|
|
||
| # needed to suppress tons of debconf messages | ||
| ENV DEBIAN_FRONTEND noninteractive | ||
|
|
||
| RUN apt update --fix-missing && apt upgrade --yes \ | ||
| && apt install -y software-properties-common apt-utils build-essential git wget curl \ | ||
| && add-apt-repository ppa:deadsnakes/ppa \ | ||
| && apt update \ | ||
| && apt purge --auto-remove \ | ||
| && apt clean \ | ||
| && rm -rf /var/lib/apt/lists/* | ||
|
|
||
| # Install node and npm | ||
| RUN curl -fsSL https://deb.nodesource.com/setup_18.x | bash - && apt-get install -y --no-install-recommends nodejs \ | ||
| && apt purge --auto-remove && apt clean && rm -rf /var/lib/apt/lists/* | ||
|
|
||
| RUN update-alternatives --set python3 /usr/bin/python3.10 | ||
| RUN python3 -m pip install --upgrade pip | ||
|
|
||
| COPY migrations ./migrations | ||
| COPY application.py scripts/* fastapi_requirements.txt schema.prisma ./ | ||
| RUN pip install -r fastapi_requirements.txt | ||
| RUN pip install airt_service-*-py3-none-any.whl | ||
|
|
||
| EXPOSE ${PORT} | ||
|
|
||
| ENTRYPOINT [] | ||
| CMD [ "/usr/bin/bash", "-c", "./start_webservice.sh" ] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| #!/usr/bin/bash | ||
|
|
||
|
|
||
| if [[ -z "${NUM_WORKERS}" ]]; then | ||
| NUM_WORKERS=2 | ||
| fi | ||
|
|
||
| echo NUM_WORKERS set to $NUM_WORKERS | ||
|
|
||
| prisma migrate deploy | ||
|
|
||
| uvicorn application:app --port $PORT --host 0.0.0.0 --workers=$NUM_WORKERS --proxy-headers |