Skip to content

Commit

Permalink
add mutli-arch ci
Browse files Browse the repository at this point in the history
  • Loading branch information
Yuriy Bezsonov committed Sep 13, 2023
1 parent 37b67ba commit 1d9c3d6
Show file tree
Hide file tree
Showing 4 changed files with 163 additions and 23 deletions.
122 changes: 114 additions & 8 deletions manifests/modules/automation/gitops/flux/.workshop/terraform/addon.tf
Original file line number Diff line number Diff line change
Expand Up @@ -202,7 +202,10 @@ data "aws_iam_policy_document" "codepipeline_policy" {
"codebuild:BatchGetBuilds",
"codebuild:StartBuild",
]
resources = [aws_codebuild_project.codebuild.arn]
resources = [aws_codebuild_project.codebuild_amd64.arn,
aws_codebuild_project.codebuild_arm64.arn,
aws_codebuild_project.codebuild_manifest.arn
]
}

statement {
Expand Down Expand Up @@ -321,8 +324,8 @@ resource "aws_kms_key" "artifact_encryption_key" {
deletion_window_in_days = 10
}

resource "aws_codebuild_project" "codebuild" {
name = "${local.addon_context.eks_cluster_id}-retail-store-sample"
resource "aws_codebuild_project" "codebuild_amd64" {
name = "${local.addon_context.eks_cluster_id}-retail-store-sample-amd64"
service_role = aws_iam_role.codebuild_role.arn
encryption_key = aws_kms_key.artifact_encryption_key.arn

Expand All @@ -332,14 +335,56 @@ resource "aws_codebuild_project" "codebuild" {

environment {
compute_type = "BUILD_GENERAL1_LARGE"
image = "aws/codebuild/standard:5.0"
image = "aws/codebuild/amazonlinux2-x86_64-standard:5.0"
privileged_mode = true
type = "LINUX_CONTAINER"

environment_variable {
name = "ECR_URI"
value = "${data.aws_caller_identity.current.account_id}.dkr.ecr.${data.aws_region.current.name}.amazonaws.com"
# value = aws_ecr_repository.ecr_ui.repository_url
value = "${data.aws_caller_identity.current.account_id}.dkr.ecr.${data.aws_region.current.name}.amazonaws.com/retail-store-sample-ui"
}

environment_variable {
name = "IMAGE_TAG"
value = "latest-amd64"
}
}

source {
type = "CODEPIPELINE"
buildspec = "buildspec.yml"
}

vpc_config {
vpc_id = data.aws_vpc.selected.id
subnets = data.aws_subnets.private.ids
security_group_ids = [data.aws_security_group.default.id]
}
}

resource "aws_codebuild_project" "codebuild_arm64" {
name = "${local.addon_context.eks_cluster_id}-retail-store-sample-arm64"
service_role = aws_iam_role.codebuild_role.arn
encryption_key = aws_kms_key.artifact_encryption_key.arn

artifacts {
type = "CODEPIPELINE"
}

environment {
compute_type = "BUILD_GENERAL1_LARGE"
image = "aws/codebuild/amazonlinux2-aarch64-standard:3.0"
privileged_mode = true
type = "ARM_CONTAINER"

environment_variable {
name = "ECR_URI"
value = "${data.aws_caller_identity.current.account_id}.dkr.ecr.${data.aws_region.current.name}.amazonaws.com/retail-store-sample-ui"
}

environment_variable {
name = "IMAGE_TAG"
value = "latest-arm64"
}
}

Expand All @@ -355,6 +400,39 @@ resource "aws_codebuild_project" "codebuild" {
}
}

resource "aws_codebuild_project" "codebuild_manifest" {
name = "${local.addon_context.eks_cluster_id}-retail-store-sample-manifest"
service_role = aws_iam_role.codebuild_role.arn
encryption_key = aws_kms_key.artifact_encryption_key.arn

artifacts {
type = "CODEPIPELINE"
}

environment {
compute_type = "BUILD_GENERAL1_SMALL"
image = "aws/codebuild/amazonlinux2-x86_64-standard:5.0"
privileged_mode = true
type = "LINUX_CONTAINER"

environment_variable {
name = "ECR_URI"
value = "${data.aws_caller_identity.current.account_id}.dkr.ecr.${data.aws_region.current.name}.amazonaws.com/retail-store-sample-ui"
}
}

source {
type = "CODEPIPELINE"
buildspec = "buildspec-manifest.yml"
}

vpc_config {
vpc_id = data.aws_vpc.selected.id
subnets = data.aws_subnets.private.ids
security_group_ids = [data.aws_security_group.default.id]
}
}

resource "aws_codepipeline" "codepipeline" {
name = "${local.addon_context.eks_cluster_id}-retail-store-sample"
role_arn = aws_iam_role.codepipeline_role.arn
Expand Down Expand Up @@ -391,15 +469,43 @@ resource "aws_codepipeline" "codepipeline" {
name = "Build"

action {
name = "Build"
name = "build_amd64"
category = "Build"
owner = "AWS"
provider = "CodeBuild"
input_artifacts = ["source"]
version = "1"
run_order = 1

configuration = {
ProjectName = aws_codebuild_project.codebuild_amd64.name
}
}

action {
name = "build_arm64"
category = "Build"
owner = "AWS"
provider = "CodeBuild"
input_artifacts = ["source"]
version = "1"
run_order = 1

configuration = {
ProjectName = aws_codebuild_project.codebuild_arm64.name
}
}
action {
name = "build-manifest"
category = "Build"
owner = "AWS"
provider = "CodeBuild"
input_artifacts = ["source"]
version = "1"
run_order = 2

configuration = {
ProjectName = aws_codebuild_project.codebuild.name
ProjectName = aws_codebuild_project.codebuild_manifest.name
}
}
}
Expand Down
36 changes: 36 additions & 0 deletions manifests/modules/automation/gitops/flux/buildspec-manifest.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
version: 0.2

phases:
install:
commands:
- echo Build started on `date`
pre_build:
commands:
- echo Logging in to Amazon ECR in $AWS_REGION
- COMMIT_HASH=$(echo $CODEBUILD_RESOLVED_SOURCE_VERSION | cut -c 1-8)
- IMAGE_TAG=i$(date +%Y%m%d%H%M%S)-${COMMIT_HASH:=latest}
- echo ECR_URI=$ECR_URI
- echo COMMIT_HASH=$COMMIT_HASH
- echo IMAGE_TAG=$IMAGE_TAG
- aws ecr get-login-password --region $AWS_REGION | docker login --username AWS --password-stdin $ECR_URI
build:
commands:
- echo Building the Docker manifest...
# Based on the Docker documentation, must include the DOCKER_CLI_EXPERIMENTAL environment variable
# https://docs.docker.com/engine/reference/commandline/manifest/
- export DOCKER_CLI_EXPERIMENTAL=enabled
- docker manifest create $ECR_URI:$IMAGE_TAG $ECR_URI:latest-arm64 $ECR_URI:latest-amd64
- docker manifest create $ECR_URI:latest $ECR_URI:latest-arm64 $ECR_URI:latest-amd64
- docker manifest annotate --arch arm64 $ECR_URI:$IMAGE_TAG $ECR_URI:latest-arm64
- docker manifest annotate --arch arm64 $ECR_URI:latest $ECR_URI:latest-arm64
- docker manifest annotate --arch amd64 $ECR_URI:$IMAGE_TAG $ECR_URI:latest-amd64
- docker manifest annotate --arch amd64 $ECR_URI:latest $ECR_URI:latest-amd64

post_build:
commands:
- echo Pushing the Docker image...
- docker manifest push $ECR_URI:$IMAGE_TAG
- docker manifest push $ECR_URI:latest
- docker manifest inspect $ECR_URI:$IMAGE_TAG
- docker manifest inspect $ECR_URI:latest
- echo Build completed on `date`
20 changes: 9 additions & 11 deletions manifests/modules/automation/gitops/flux/buildspec.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,29 +4,27 @@ phases:
install:
commands:
- echo Build started on `date`
- export BUILDX_VERSION=$(curl --silent "https://api.github.com/repos/docker/buildx/releases/latest" |jq -r .tag_name)
- curl -JLO "https://github.com/docker/buildx/releases/download/$BUILDX_VERSION/buildx-$BUILDX_VERSION.linux-amd64"
- mkdir -p ~/.docker/cli-plugins
- mv "buildx-$BUILDX_VERSION.linux-amd64" ~/.docker/cli-plugins/docker-buildx
- chmod +x ~/.docker/cli-plugins/docker-buildx
pre_build:
commands:
- echo Logging in to Amazon ECR in $AWS_REGION
- COMMIT_HASH=$(echo $CODEBUILD_RESOLVED_SOURCE_VERSION | cut -c 1-8)
- IMAGE_TAG_I=i$(date +%Y%m%d%H%M%S)-${COMMIT_HASH:=latest}
- echo ECR_URI=$ECR_URI
# - echo IMAGE_TAG=$IMAGE_TAG
- echo IMAGE_TAG=$IMAGE_TAG
- echo IMAGE_TAG_I=$IMAGE_TAG_I
- aws ecr get-login-password --region $AWS_REGION | docker login --username AWS --password-stdin $ECR_URI
build:
commands:
- echo Building a container image ...
# - docker build -t $ECR_URI:$IMAGE_TAG .
# - docker tag $ECR_URI:$IMAGE_TAG $ECR_URI:$IMAGE_TAG_I
- ./scripts/build-image.sh -t $IMAGE_TAG_I -r $ECR_URI -p -s ui
- component=ui
- component_dir="./src/$component"
- source "$component_dir/scripts/build.source"
- cd $component_dir
- docker build -f $dockerfile $docker_build_args -t $ECR_URI:$IMAGE_TAG .
- docker tag $ECR_URI:$IMAGE_TAG $ECR_URI:$IMAGE_TAG_I
- docker images
post_build:
commands:
# - docker push $ECR_URI:$IMAGE_TAG_I
# - docker push $ECR_URI:$IMAGE_TAG
- docker push $ECR_URI:$IMAGE_TAG_I
- docker push $ECR_URI:$IMAGE_TAG
- echo Build completed on `date`
8 changes: 4 additions & 4 deletions website/docs/automation/gitops/flux/ci.md
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,6 @@ $ git clone https://github.com/aws-containers/retail-store-sample-app ~/environm
$ git -C ~/environment/retail-store-sample-codecommit checkout -b main

$ cp -R retail-store-sample-app/src retail-store-sample-codecommit
$ cp -R retail-store-sample-app/scripts retail-store-sample-codecommit
$ cp -R retail-store-sample-app/images retail-store-sample-codecommit
```

Expand Down Expand Up @@ -180,9 +179,10 @@ Wait until CI will build the new image and Flux will deploy it

```bash
$ kubectl -n ui describe deployment ui | grep Image
$ aws codepipeline start-pipeline-execution --name eks-workshop-retail-store-sample
$ sleep 10
$ while [[ "$(aws codepipeline get-pipeline-state --name eks-workshop-retail-store-sample --query 'stageStates[1].actionStates[0].latestExecution.status' --output text)" != "Succeeded" ]]; do echo "Waiting for pipeline to reach 'Succeeded' state..."; sleep 10; done && echo "Pipeline has reached the 'Succeeded' state."
$ # aws codepipeline start-pipeline-execution --name eks-workshop-retail-store-sample
$ # sleep 10
$ while [[ "$(aws codepipeline get-pipeline-state --name eks-workshop-retail-store-sample --query 'stageStates[1].actionStates[0].latestExecution.status' --output text)" != "InProgress" ]]; do echo "Waiting for pipeline to start ..."; sleep 10; done && echo "Pipeline started."
$ while [[ "$(aws codepipeline get-pipeline-state --name eks-workshop-retail-store-sample --query 'stageStates[1].actionStates[2].latestExecution.status' --output text)" != "Succeeded" ]]; do echo "Waiting for pipeline to reach 'Succeeded' state ..."; sleep 10; done && echo "Pipeline has reached the 'Succeeded' state."

$ flux reconcile image repository ui
$ sleep 5
Expand Down

0 comments on commit 1d9c3d6

Please sign in to comment.