Skip to content

Commit

Permalink
fix(image): use docker build instead of podman
Browse files Browse the repository at this point in the history
  • Loading branch information
RouHim committed Dec 13, 2022
1 parent e66039f commit 1198061
Show file tree
Hide file tree
Showing 8 changed files with 44 additions and 127 deletions.
149 changes: 32 additions & 117 deletions .github/workflows/build-image.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -53,13 +53,14 @@ jobs:
uses: actions/checkout@v3

- name: Install required dependencies
run: sudo apt install -y libsmbclient-dev libsmbclient
run: sudo apt update && sudo apt install -y libsmbclient-dev libsmbclient

- name: Install rust toolchain
uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: stable
components: rustfmt

- uses: Swatinem/rust-cache@v2 # use rust / cargo caching
with:
Expand All @@ -76,13 +77,14 @@ jobs:
uses: actions/checkout@v3

- name: Install required dependencies
run: sudo apt install -y libsmbclient-dev libsmbclient
run: sudo apt update && sudo apt install -y libsmbclient-dev libsmbclient

- name: Install rust toolchain
uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: stable
components: clippy

- uses: Swatinem/rust-cache@v2 # use rust / cargo caching
with:
Expand All @@ -102,7 +104,7 @@ jobs:
uses: actions/checkout@v3

- name: Install required dependencies
run: sudo apt install -y libsmbclient-dev libsmbclient
run: sudo apt update && sudo apt install -y libsmbclient-dev libsmbclient

- name: Install rust toolchain
uses: actions-rs/toolchain@v1
Expand All @@ -125,7 +127,7 @@ jobs:
uses: actions/checkout@v3

- name: Install required dependencies
run: sudo apt install -y libsmbclient-dev libsmbclient
run: sudo apt update && sudo apt install -y libsmbclient-dev libsmbclient

- name: Install rust toolchain
uses: actions-rs/toolchain@v1
Expand All @@ -144,142 +146,55 @@ jobs:
run: cargo +nightly udeps

build-container-image:
name: Build container image
name: Build, test and push container image
needs: [ check-oci-config, check-repo, check-code-style, check-code, test ]
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
container-image-arch: [ amd64, arm64, arm ]
steps:
- name: Checkout code
uses: actions/checkout@v3

- name: Install required dependencies
run: sudo apt install -y libsmbclient-dev libsmbclient
run: sudo apt update && sudo apt install -y libsmbclient-dev libsmbclient

- name: Set up QEMU
uses: docker/setup-qemu-action@v2
with:
platforms: ${{ matrix.container-image-arch }}
platforms: linux/amd64, linux/arm64, linux/arm/v7

- name: Build container image
uses: redhat-actions/buildah-build@v2
with:
image: ${{ env.IMAGE_NAME }}
tags: ${{ env.IMAGE_TAG }}_${{ matrix.container-image-arch }}
oci: true
archs: ${{ matrix.container-image-arch }}
containerfiles: |
./Containerfile
- name: Save container image
run: podman save -o ${{ matrix.container-image-arch }}.tar ${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }}_${{ matrix.container-image-arch }}

- name: Upload container image
uses: actions/upload-artifact@v3
with:
name: ${{ matrix.container-image-arch }}
path: ${{ matrix.container-image-arch }}.tar

scan-container-image:
name: Scan container for vulnerabilities
needs: build-container-image
runs-on: ubuntu-latest
steps:
- name: Download Container Image
uses: actions/download-artifact@v3
with:
name: amd64
path: .
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2

- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
- name: Login to Docker Hub
uses: docker/login-action@v2
with:
scan-type: image
input: amd64.tar
format: 'table'
exit-code: '1'
ignore-unfixed: true
severity: 'CRITICAL,HIGH'
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}

test-container-image:
name: Test container image
needs: build-container-image
runs-on: ubuntu-latest
steps:
- name: Download Container Image
uses: actions/download-artifact@v3
- name: Build container image
uses: docker/build-push-action@v3
with:
name: amd64
path: .

- name: Restore container image
run: podman load --input amd64.tar
tags: ${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }}_${{ matrix.container-image-arch }}
platforms: linux/amd64, linux/arm64, linux/arm/v7
file: ./Containerfile
load: true
push: false

- name: Prepare test env
run: |
mkdir -p /tmp/test
wget https://raw.githubusercontent.com/ianare/exif-samples/master/jpg/gps/DSCN0010.jpg -O /tmp/test/DSCN0010.jpg
wget https://raw.githubusercontent.com/ianare/exif-samples/master/jpg/gps/DSCN0010.jpg -O /tmp/test/DSCN0010.jpg
- name: Start test container
run: podman run -d --name test-container -p 8080:8080 -v /tmp/test:/resources rouhim/this-week-in-past:latest

run: docker run --pull never -d --name test-container -p 8080:8080 -v /tmp/test:/resources rouhim/this-week-in-past:latest
- name: Test container web api
run: wget -q -O /dev/null --timeout 5 --tries 3 http://localhost:8080/api/health

- name: Cleanup
run: podman kill test-container && podman rm test-container

push-container:
name: Push container image
needs: [ scan-container-image, test-container-image ]
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3

- name: Download amd64 Container Image
uses: actions/download-artifact@v3
with:
name: amd64
path: .
- name: Download arm64 Container Image
uses: actions/download-artifact@v3
with:
name: arm64
path: .
- name: Download arm Container Image
uses: actions/download-artifact@v3
with:
name: arm
path: .

- name: Restore container images
run: |
podman load --input amd64.tar
podman load --input arm64.tar
podman load --input arm.tar
- name: Create container image manifest
run: buildah manifest create multiarch-manifest

- name: Add all architectures to the manifest
run: |
buildah manifest add multiarch-manifest ${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }}_amd64
buildah manifest add multiarch-manifest ${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }}_arm64
buildah manifest add multiarch-manifest ${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }}_arm
- name: Login to docker hub
run: podman login docker.io --username ${{ secrets.DOCKERHUB_USERNAME }} --password ${{ secrets.DOCKERHUB_PASSWORD }}

- name: Push multiarch manifest to docker hub
run: buildah manifest push --all multiarch-manifest docker://docker.io/${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }}
run: docker kill test-container && docker rm test-container

- name: Update docker hub description
if: github.ref_name == 'main' # only push the image if the branch is main
uses: peter-evans/dockerhub-description@v3
- name: Push container image
uses: docker/build-push-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
repository: ${{ env.IMAGE_NAME }}
tags: ${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }}_${{ matrix.container-image-arch }}
platforms: linux/amd64, linux/arm64, linux/arm/v7
file: ./Containerfile
load: false
push: true
3 changes: 2 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -6,4 +6,5 @@ test.sh
test-image.sh
index-*
content-*
*.db
*.db
.env
4 changes: 2 additions & 2 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ ureq = "2.5.0"
actix-http = { version = "3.2.2", features = ["rustls"] }
actix-web = { version = "4.2.1", features = ["rustls"] }
actix-files = "0.6.2"
clokwerk = "0.3.5"
clokwerk = "0.4.0"
kamadak-exif = "0.5.5"
rayon = "1.6.1"
regex = "1.7.0"
Expand Down
4 changes: 2 additions & 2 deletions src/exif_reader.rs
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ fn get_gps_date(exif_data: &Exif) -> Option<NaiveDateTime> {
.map(|gps_date| {
NaiveDate::parse_from_str(gps_date.display_value().to_string().as_str(), "%F").unwrap()
})
.map(|gps_date| gps_date.and_hms(0, 0, 0))
.map(|gps_date| gps_date.and_hms_opt(0, 0, 0).unwrap())
}

/// Finds the exif date in for the given tags
Expand Down Expand Up @@ -128,7 +128,7 @@ pub fn detect_date_by_name(resource_path: &str) -> Option<NaiveDateTime> {
if parsed.is_empty() {
None
} else {
Some(parsed.first().unwrap().and_hms(0, 0, 0))
Some(parsed.first().unwrap().and_hms_opt(0, 0, 0).unwrap())
}
}

Expand Down
4 changes: 2 additions & 2 deletions src/integration_test_resources_api.rs
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,7 @@ async fn test_get_all_resources() {
async fn test_this_week_in_past_resources() {
// GIVEN is one image assets
let base_test_dir = create_temp_folder().await;
let today_date_string = Local::now().date().format("%Y%m%d").to_string();
let today_date_string = Local::now().date_naive().format("%Y%m%d").to_string();
let test_image_1 = create_test_image(
&base_test_dir,
"",
Expand All @@ -73,7 +73,7 @@ async fn test_this_week_in_past_resources() {
)
.await;
let another_date_string = Local::now()
.date()
.date_naive()
.add(Duration::weeks(4))
.format("%Y%m%d")
.to_string();
Expand Down
2 changes: 1 addition & 1 deletion src/scheduler.rs
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ use std::thread;

use std::time::{Duration, Instant};

use clokwerk::{ScheduleHandle, Scheduler, TimeUnits};
use clokwerk::{Job, ScheduleHandle, Scheduler, TimeUnits};
use log::info;

use crate::resource_store::ResourceStore;
Expand Down
3 changes: 2 additions & 1 deletion src/utils.rs
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,14 @@ use std::time::{SystemTime, UNIX_EPOCH};

/// Converts the type `SystemTime` to `NaiveDateTime`
pub fn to_date_time(system_time: SystemTime) -> NaiveDateTime {
NaiveDateTime::from_timestamp(
NaiveDateTime::from_timestamp_opt(
system_time
.duration_since(UNIX_EPOCH)
.unwrap_or(std::time::Duration::new(0, 0))
.as_secs() as i64,
0,
)
.unwrap()
}

/// Returns a md5 string based on a given string
Expand Down

0 comments on commit 1198061

Please sign in to comment.