Feature/dev stack dockerization (#335)

smecalculus · Feb 17, 2024 · 4be2502 · 4be2502
1 parent ff285c8
commit 4be2502
Show file tree

Hide file tree

Showing 57 changed files with 428 additions and 385 deletions.
diff --git a/.github/actions/prepare/action.yaml b/.github/actions/prepare/action.yaml
diff --git a/.github/actions/setup-gear/action.yaml b/.github/actions/setup-gear/action.yaml
@@ -0,0 +1,32 @@
+---
+name: Setup gear
+description: Setup gear
+inputs:
+  devenv:
+    description: Env name
+    required: true
+  token:
+    description: Github token
+    required: true
+runs:
+  using: "composite"
+  steps:
+    - shell: bash
+      run: |
+        cat /etc/docker/daemon.json | jq '. + {"userns-remap": "runner"}' | sudo tee /etc/docker/daemon.json
+        sudo sed -i -e "1i runner:$(getent group docker | cut -d: -f3):1" /etc/subgid
+        sudo sed -i -e "1i runner:$(id -u):1" /etc/subuid
+        sudo systemctl restart docker
+    - uses: docker/[email protected]
+    - uses: docker/[email protected]
+      with:
+        context: stack/gear/${{ inputs.devenv }}
+        tags: stack/gear:${{ inputs.devenv }}
+        load: true
+        cache-from: type=gha,scope=stack/gear/${{ inputs.devenv }}
+        cache-to: type=gha,mode=max,scope=stack/gear/${{ inputs.devenv }}
+    - uses: docker/[email protected]
+      with:
+        registry: ghcr.io
+        username: ${{ github.actor }}
+        password: ${{ inputs.token }}
diff --git a/.github/actions/setup-maven/action.yaml b/.github/actions/setup-maven/action.yaml
@@ -0,0 +1,18 @@
+---
+name: Setup Maven
+description: Settings & caching
+runs:
+  using: "composite"
+  steps:
+    - uses: actions/[email protected]
+      with:
+        distribution: 'temurin'
+        java-version: '21'  # no matter
+        check-latest: false
+        cache: 'maven'
+        cache-dependency-path: |
+          pom.xml
+          libs/pom.xml
+          tools/pom.xml
+    - shell: bash
+      run: cat ~/.m2/settings.xml
diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml
@@ -21,12 +21,16 @@ updates:
     directory: "/dbs/postgres"
     schedule:
       interval: "weekly"
+  - package-ecosystem: "docker"
+    directory: "/stack/gear/church"
+    schedule:
+      interval: "weekly"
   - package-ecosystem: "pip"
-    directory: "/envs/dev/church"
+    directory: "/stack/gear/church"
     schedule:
       interval: "weekly"
   - package-ecosystem: "pip"
-    directory: "/envs/dev/turing"
+    directory: "/stack/gear/turing"
     schedule:
       interval: "weekly"
     ignore:
@@ -35,7 +39,7 @@ updates:
           - version-update:semver-major
           - version-update:semver-minor
   - package-ecosystem: "pip"
-    directory: "/envs/dev/godel"
+    directory: "/stack/gear/godel"
     schedule:
       interval: "weekly"
     ignore:

diff --git a/.github/workflows/beyond-doubt.yaml b/.github/workflows/beyond-doubt.yaml
@@ -8,8 +8,9 @@ on:
   workflow_dispatch:
 
 env:
-  BINARY_STORAGE: maven.pkg.github.com
-  IMAGE_STORAGE: ghcr.io
+  IMAGE_NAME: stack/gear
+  BINARY_REPO: maven.pkg.github.com
+  IMAGE_REPO: ghcr.io
 
 jobs:
   up-to-images:
@@ -23,36 +24,43 @@ jobs:
       matrix:
         env:
           - dev: godel
-            os: ubuntu-20.04
           - dev: turing
-            os: ubuntu-22.04
           - dev: church
-            os: ubuntu-22.04
-    runs-on: ${{ matrix.env.os }}
+    runs-on: ubuntu-latest
     steps:
       - uses: actions/[email protected]
-      - uses: ./.github/actions/prepare
+      - name: Run setup-gear
+        uses: ./.github/actions/setup-gear
         with:
           devenv: ${{ matrix.env.dev }}
-          tools: python java docker
           token: ${{ secrets.GITHUB_TOKEN }}
-      - run: >-
-          ansible-playbook codebase.yaml
+      - name: Run setup-maven
+        uses: ./.github/actions/setup-maven
+      - name: Run ansible-playbook sources.yaml
+        run: >-
+          docker run --rm
+          --volume $(pwd):$(pwd)
+          --volume ~/.m2:/root/.m2
+          --workdir $(pwd)/bakers/ansible
+          ${{ env.IMAGE_NAME }}:${{ matrix.env.dev }}
+          ansible-playbook sources.yaml
           -e devenv=${{ matrix.env.dev }}
-        working-directory: bakers/ansible
-        env:
-          GITHUB_ACTOR: ${{ github.actor }}
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      - id: images
+      - name: Run ansible-playbook images.yaml
+        id: images
         run: >-
-          ansible-playbook images.yaml
-          -e binary_storage=${{ env.BINARY_STORAGE }}
-          -e image_storage=${{ env.IMAGE_STORAGE }}
+          docker run --rm
+          --volume $(pwd):$(pwd)
+          --volume ~/.m2:/root/.m2
+          --volume /var/run/docker.sock:/var/run/docker.sock
+          --volume ~/.docker/config.json:/root/.docker/config.json:ro
+          --env GITHUB_ACTOR=${{ github.actor }}
+          --env GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
+          --workdir $(pwd)/bakers/ansible
+          ${{ env.IMAGE_NAME }}:${{ matrix.env.dev }}
+          ansible-playbook images.yaml -v
           -e devenv=${{ matrix.env.dev }}
-        working-directory: bakers/ansible
-        env:
-          GITHUB_ACTOR: ${{ github.actor }}
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          -e binary_repo=${{ env.BINARY_REPO }}
+          -e image_repo=${{ env.IMAGE_REPO }}
       - uses: mikepenz/[email protected]
         if: ${{ !cancelled() && (steps.images.outcome == 'success' || steps.images.outcome == 'failure') }}
         with:
@@ -80,36 +88,36 @@ jobs:
         purpose: [func]
         env:
           - dev: godel
-            os: ubuntu-20.04
             ops: marx
           - dev: turing
-            os: ubuntu-22.04
             ops: durkheim
           - dev: turing
-            os: ubuntu-22.04
             ops: veblen
           - dev: church
-            os: ubuntu-22.04
             ops: commons
-    runs-on: ${{ matrix.env.os }}
+    runs-on: ubuntu-latest
     steps:
       - uses: actions/[email protected]
-      - uses: ./.github/actions/prepare
+      - name: Run setup-gear
+        uses: ./.github/actions/setup-gear
         with:
           devenv: ${{ matrix.env.dev }}
-          tools: python docker
           token: ${{ secrets.GITHUB_TOKEN }}
-      - run: >-
+      - name: Run ansible-playbook stacks.yaml -t build
+        run: >-
+          docker run --rm
+          --volume $(pwd):$(pwd)
+          --workdir $(pwd)/bakers/ansible
+          ${{ env.IMAGE_NAME }}:${{ matrix.env.dev }}
           ansible-playbook stacks.yaml -t build
-          -e image_storage=${{ env.IMAGE_STORAGE }}
+          -e image_repo=${{ env.IMAGE_REPO }}
           -e devenv=${{ matrix.env.dev }}
           -e purpose=${{ matrix.purpose }}
           -e opsenv=${{ matrix.env.ops }}
-        working-directory: bakers/ansible
       - uses: actions/[email protected]
         with:
           name: solution-${{ matrix.purpose }}-${{ matrix.env.ops }}
-          path: stacks/solution/target/image-context
+          path: stack/solution/target/image-context
           if-no-files-found: ignore
 
   stack-testing:
@@ -123,42 +131,43 @@ jobs:
         shard: [0, 1]
         env:
           - dev: godel
-            os: ubuntu-20.04
             ops: marx
           - dev: turing
-            os: ubuntu-22.04
             ops: durkheim
           - dev: turing
-            os: ubuntu-22.04
             ops: veblen
           - dev: church
-            os: ubuntu-22.04
             ops: commons
-    runs-on: ${{ matrix.env.os }}
+    runs-on: ubuntu-latest
     steps:
       - uses: actions/[email protected]
-      - uses: ./.github/actions/prepare
+      - name: Run setup-gear
+        uses: ./.github/actions/setup-gear
         with:
           devenv: ${{ matrix.env.dev }}
-          tools: python java docker
           token: ${{ secrets.GITHUB_TOKEN }}
       - uses: actions/[email protected]
         continue-on-error: true  # it's ok because stack building can be skipped
         with:
           name: solution-${{ matrix.purpose }}-${{ matrix.env.ops }}
-          path: stacks/solution/target/image-context
-      - run: >-
+          path: stack/solution/target/image-context
+      - name: Run setup-maven
+        uses: ./.github/actions/setup-maven
+      - name: Run ansible-playbook stacks.yaml -t test
+        run: >-
+          docker run --rm
+          --volume $(pwd):$(pwd)
+          --volume ~/.m2:/root/.m2
+          --volume /var/run/docker.sock:/var/run/docker.sock
+          --workdir $(pwd)/bakers/ansible
+          ${{ env.IMAGE_NAME }}:${{ matrix.env.dev }}
           ansible-playbook stacks.yaml -t test
-          -e image_storage=${{ env.IMAGE_STORAGE }}
-          -e reminder=${{ matrix.shard }}
-          -e modulus=2
+          -e image_repo=${{ env.IMAGE_REPO }}
           -e devenv=${{ matrix.env.dev }}
           -e purpose=${{ matrix.purpose }}
           -e opsenv=${{ matrix.env.ops }}
-        working-directory: bakers/ansible
-        env:
-          GITHUB_ACTOR: ${{ github.actor }}
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          -e reminder=${{ matrix.shard }}
+          -e modulus=2
       - uses: actions/[email protected]
         if: ${{ !cancelled() }}
         with:
@@ -176,39 +185,41 @@ jobs:
         purpose: [func]
         env:
           - dev: godel
-            os: ubuntu-20.04
             ops: marx
           - dev: turing
-            os: ubuntu-22.04
             ops: durkheim
           - dev: turing
-            os: ubuntu-22.04
             ops: veblen
           - dev: church
-            os: ubuntu-22.04
             ops: commons
-    runs-on: ${{ matrix.env.os }}
+    runs-on: ubuntu-latest
     permissions:
       packages: write
     steps:
       - uses: actions/[email protected]
-      - uses: ./.github/actions/prepare
+      - name: Run setup-gear
+        uses: ./.github/actions/setup-gear
         with:
           devenv: ${{ matrix.env.dev }}
-          tools: python docker
           token: ${{ secrets.GITHUB_TOKEN }}
       - uses: actions/[email protected]
         continue-on-error: true  # it's ok because stack building can be skipped
         with:
           name: solution-${{ matrix.purpose }}-${{ matrix.env.ops }}
-          path: stacks/solution/target/image-context
-      - run: >-
+          path: stack/solution/target/image-context
+      - name: Run ansible-playbook stacks.yaml -t package
+        run: >-
+          docker run --rm
+          --volume $(pwd):$(pwd)
+          --volume /var/run/docker.sock:/var/run/docker.sock
+          --volume ~/.docker/config.json:/root/.docker/config.json:ro
+          --workdir $(pwd)/bakers/ansible
+          ${{ env.IMAGE_NAME }}:${{ matrix.env.dev }}
           ansible-playbook stacks.yaml -t package
-          -e image_storage=${{ env.IMAGE_STORAGE }}
+          -e image_repo=${{ env.IMAGE_REPO }}
           -e devenv=${{ matrix.env.dev }}
           -e purpose=${{ matrix.purpose }}
           -e opsenv=${{ matrix.env.ops }}
-        working-directory: bakers/ansible
 
   stack-reporting:
     name: Stack reporting