Skip to content

fix: backend/quart_api/Dockerfile.slim.multi-stage to reduce vulnerab… #242

fix: backend/quart_api/Dockerfile.slim.multi-stage to reduce vulnerab…

fix: backend/quart_api/Dockerfile.slim.multi-stage to reduce vulnerab… #242

Workflow file for this run

# Article about caching docker builds in GitHub Actions
# ref: https://dev.to/dtinth/caching-docker-builds-in-github-actions-which-approach-is-the-fastest-a-research-18ei
# ref: https://github.com/dtinth/github-actions-docker-layer-caching-poc/blob/master/.github/workflows/dockerimage.yml
name: Continuous Integration
on: push
jobs:
apis:
strategy:
matrix:
api: [fastapi, quart, tornado]
runs-on: ubuntu-latest
name: ${{ matrix.api }} Project
env:
APP_NAME: ${{ matrix.api }}_api
steps:
- uses: actions/checkout@v2
- uses: actions/cache@v2
with:
path: |
~/.cache/pip
~/.cache/pypoetry/cache
key: pip-poetry-cache-${{ hashFiles('**/poetry.lock') }}
restore-keys: |
pip-poetry-cache-
- name: Set up Python 3.8
uses: actions/setup-python@v2
with:
python-version: 3.8
- name: Testing
run: |
python -m pip install --upgrade pip
pip install poetry
poetry install
poetry run make test
working-directory: backend/${{ matrix.api }}_api
lint:
runs-on: ubuntu-latest
name: Lint Backend Projects
steps:
- uses: actions/checkout@v2
- uses: actions/cache@v2
with:
path: |
~/.cache/pip
~/.cache/pypoetry/cache
key: pip-poetry-cache-${{ hashFiles('**/poetry.lock') }}
restore-keys: |
pip-poetry-cache-
- name: Set up Python 3.8
uses: actions/setup-python@v2
with:
python-version: 3.8
- name: Linting
run: |
python -m pip install --upgrade pip
pip install poetry
poetry install
poetry run make check
working-directory: backend
test-server:
runs-on: ubuntu-latest
name: Server Smoke Test
needs: [apis, lint]
steps:
- uses: actions/checkout@v2
- name: Set up Python 3.8
uses: actions/setup-python@v2
with:
python-version: 3.8
- uses: actions/cache@v2
id: cache
with:
path: |
~/.cache/pip
~/.cache/pypoetry/cache
/tmp/docker-registry
key: pip-poetry-cache-${{ hashFiles('**/poetry.lock') }}
restore-keys: |
pip-poetry-cache-
- name: Start local registry
run: |
docker run -d -p 5000:5000 --restart=always --name registry \
-v /tmp/docker-registry:/var/lib/registry registry:2 && npx wait-on tcp:5000
- name: Pull builder images
if: steps.cache.outputs.cache-hit == 'true'
run: |
for app in fastapi quart tornado; do
APP_NAME=${app}_api
docker pull localhost:5000/$APP_NAME:builder || true
done
- name: Build builder images
if: steps.cache.outputs.cache-hit != 'true'
working-directory: backend
run: |
for app in fastapi quart tornado; do
APP_NAME=${app}_api
docker build --target builder -t localhost:5000/$APP_NAME:builder -f Dockerfile.$APP_NAME .
docker push localhost:5000/$APP_NAME:builder || true
done
- name: Build final images
working-directory: backend
run: |
for app in fastapi quart tornado; do
APP_NAME=${app}_api
docker build -t $APP_NAME --cache-from=localhost:5000/$APP_NAME:builder -f Dockerfile.$APP_NAME .
done
- name: Test Server
working-directory: server
run: |
python -m pip install --upgrade pip
pip install poetry
poetry install
poetry run make env_file
poetry run pytest -sv