From 28295ca94b058ead70f6eefee5fe868ddf7fb246 Mon Sep 17 00:00:00 2001 From: Michele Pagot Date: Thu, 8 Feb 2024 01:07:09 +0100 Subject: [PATCH] Move to terraform 1.5.7 and add Dockerfile validation Improve the Dockerfile to use Terraform 1.5.7 and Python 3.11. Add virtual env in the Dockerfile to fix a bug that prevented pip installation of python packages. Add bash script to validate the docker image. Add githubaction to build the container image and run the validation test. --- .github/workflows/ansible.yml | 1 + .github/workflows/gluescript.yml | 2 ++ .github/workflows/terraform.yml | 2 +- .github/workflows/tools.yml | 51 ++++++++++++++++++++++++++++++++ Dockerfile | 15 +++++++--- README.md | 4 +-- tools/image_test.sh | 25 ++++++++++++++++ 7 files changed, 93 insertions(+), 7 deletions(-) create mode 100644 .github/workflows/tools.yml create mode 100755 tools/image_test.sh diff --git a/.github/workflows/ansible.yml b/.github/workflows/ansible.yml index 20cf1361..cf12ff1f 100644 --- a/.github/workflows/ansible.yml +++ b/.github/workflows/ansible.yml @@ -1,4 +1,5 @@ name: Ansible + on: [push, pull_request] jobs: diff --git a/.github/workflows/gluescript.yml b/.github/workflows/gluescript.yml index 8024d8b9..7909ece4 100644 --- a/.github/workflows/gluescript.yml +++ b/.github/workflows/gluescript.yml @@ -2,6 +2,8 @@ name: Glue Script on: push: + branches: + - "main" paths: - scripts/qesap/** - .github/workflows/gluescript.yml diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 93400df3..dd7306a4 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -33,7 +33,7 @@ jobs: - name: Setup Terraform uses: hashicorp/setup-terraform@v2 with: - terraform_version: 1.3.6 + terraform_version: 1.5.7 # Initialize a new or existing Terraform working directory by creating initial files, loading any remote state, downloading modules, etc. - name: Terraform Init run: terraform init diff --git a/.github/workflows/tools.yml b/.github/workflows/tools.yml new file mode 100644 index 00000000..95acc4eb --- /dev/null +++ b/.github/workflows/tools.yml @@ -0,0 +1,51 @@ +name: Tools environment + +on: + push: + branches: + - "main" + paths: + - Dockerfile + - requirements.txt + - requirements.yml + - .github/workflows/tools.yml + pull_request: + paths: + - Dockerfile + - requirements.txt + - requirements.yml + - .github/workflows/tools.yml + +env: + REGISTRY: ghcr.io + +jobs: + docker: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup Docker buildx + uses: docker/setup-buildx-action@v3 + + - name: Log into registry ${{ env.REGISTRY }} + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build and push Docker image + id: build-and-push + uses: docker/build-push-action@v5 + with: + push: false + load: true # Export to Docker Engine rather than pushing to a registry + tags: ${{ github.run_id }} + cache-from: type=gha + cache-to: type=gha,mode=max + + - name: Test + run: | + cre=docker ./tools/image_test.sh ${{ github.run_id }} diff --git a/Dockerfile b/Dockerfile index 409fa830..14b5057b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,7 +5,7 @@ FROM opensuse/tumbleweed:latest ## AZURE # way suggested on https://docs.microsoft.com/en-us/cli/azure/install-azure-cli-linux?pivots=zypper RUN zypper ref && zypper up -y && \ - zypper install -y tar gzip unzip curl python310-pip openssh && \ + zypper install -y tar gzip unzip curl python311-pip openssh && \ rpm --import https://packages.microsoft.com/keys/microsoft.asc && \ zypper addrepo --name 'Azure CLI' --check https://packages.microsoft.com/yumrepos/azure-cli azure-cli && \ zypper install --from azure-cli -y azure-cli && \ @@ -21,13 +21,20 @@ RUN curl https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud echo 'source ~/google-cloud-sdk/path.bash.inc' >> ~/.bashrc ## Terraform -RUN curl https://releases.hashicorp.com/terraform/1.3.6/terraform_1.3.6_linux_amd64.zip -o terraform.zip && \ +RUN curl https://releases.hashicorp.com/terraform/1.5.7/terraform_1.5.7_linux_amd64.zip -o terraform.zip && \ unzip terraform.zip -d /usr/local/bin && \ terraform -install-autocomplete && \ rm terraform.zip +ENV VIRTUAL_ENV=/opt/venv +RUN python3.11 -m venv $VIRTUAL_ENV +ENV PATH="$VIRTUAL_ENV/bin:$PATH" COPY requirements.txt . -RUN pip install -r requirements.txt +RUN pip install --upgrade pip && \ + pip install -r requirements.txt + +COPY requirements.yml . +RUN ansible-galaxy install -r requirements.yml RUN mkdir /src -WORKDIR /src +WORKDIR /src \ No newline at end of file diff --git a/README.md b/README.md index 2556e1e4..eb6faac6 100644 --- a/README.md +++ b/README.md @@ -8,8 +8,8 @@ This project is in a very early stage of development. Tools needed -* Python 3.9 -* terraform v1.3.6 +* Python >= 3.9 +* terraform v1.5.7 * ansible-core 2.13.5 : please refer to the **requirements.txt** file * cloud provider cli tools (`az`, `aws`, `gcloud`) diff --git a/tools/image_test.sh b/tools/image_test.sh new file mode 100755 index 00000000..e64c67ee --- /dev/null +++ b/tools/image_test.sh @@ -0,0 +1,25 @@ +#!/bin/bash + +img_name=$1 +cre="${cre:-"podman"}" + +#$cre build -f Dockerfile -t "${img_name}" + +$cre run "${img_name}" terraform --version | grep 1.5.7 || ( echo "ERROR[$?] wrong or not usable Terraform" ; exit 1 ) +$cre run -v $(pwd):/src "${img_name}" terraform -chdir=/src/terraform/azure init || ( echo "ERROR[$?] terraform init does not work for azure" ; exit 1 ) +$cre run -v $(pwd):/src "${img_name}" terraform -chdir=/src/terraform/aws init || ( echo "ERROR[$?] terraform init does not work for aws" ; exit 1 ) +$cre run -v $(pwd):/src "${img_name}" terraform -chdir=/src/terraform/gcp init || ( echo "ERROR[$?] terraform init does not work for google" ; exit 1 ) + +$cre run "${img_name}" python3.11 --version | grep 3.11 || ( echo "ERROR[$?] wrong or not usable Python" ; exit 1 ) +$cre run "${img_name}" pip3.11 --version || ( echo "ERROR[$?] wrong or not usable pip" ; exit 1 ) +$cre run "${img_name}" pip3.11 freeze | grep ansible-core || ( echo "ERROR[$?] ansible-core not installed" ; exit 1 ) +$cre run "${img_name}" ansible --version || ( echo "ERROR[$?] wrong or not usable Terraform" ; exit 1 ) +$cre run "${img_name}" ansible-galaxy --version || ( echo "ERROR[$?] wrong or not usable Terraform" ; exit 1 ) + +$cre run "${img_name}" pip3.11 freeze | grep aws || ( echo "ERROR[$?] aws cli not installed" ; exit 1 ) +$cre run "${img_name}" aws --version || ( echo "ERROR[$?] wrong or not usable aws" ; exit 1 ) +$cre run "${img_name}" az --version || ( echo "ERROR[$?] wrong or not usable az" ; exit 1 ) +#$cre run "${img_name}" cat /root/.bashrc +# $cre run "${img_name}" gcloud --version + +