-
Notifications
You must be signed in to change notification settings - Fork 0
167 lines (152 loc) · 8.81 KB
/
dockerize.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
name: Build Pipelines
on:
push:
tags:
- '*'
jobs:
build-docker-image-IN:
runs-on: ubuntu-latest
steps:
- name: Check out the repo
uses: actions/checkout@v2
- name: Set currently pushed tag as env var.
id: set-tag
run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ap-south-1
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@v1
- name: Setup DVC
uses: iterative/setup-dvc@v1
- name: Pull secrets & Build image
env:
DOCKER_BUILDKIT: 1
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }}
run: dvc get https://github.com/skit-ai/skit-calls secrets && dvc pull pipeline_secrets && docker build
--build-arg ECR_REGISTRY=$ECR_REGISTRY
--build-arg REGION="ap-south-1"
--build-arg BASE_IMAGE=$ECR_REGISTRY/$ECR_REPOSITORY:$RELEASE_VERSION
--build-arg DB_HOST=${{ secrets.DB_HOST }}
--build-arg DB_PORT=${{ secrets.DB_PORT }}
--build-arg DB_PASSWORD=${{ secrets.DB_PASSWORD }}
--build-arg DB_NAME=${{ secrets.DB_NAME }}
--build-arg DB_USER=${{ secrets.DB_USER }}
--build-arg CDN_RECORDINGS_BASE_PATH=${{ secrets.CDN_RECORDINGS_BASE_PATH }}
--build-arg BUCKET=${{ secrets.BUCKET }}
--build-arg S3_US_PRODUCTION_TURN_RECORDINGS_BUCKET=${{ secrets.S3_US_PRODUCTION_TURN_RECORDINGS_BUCKET }}
--build-arg SLACK_TOKEN=${{ secrets.SLACK_TOKEN }}
--build-arg SLACK_SIGNING_SECRET=${{ secrets.SLACK_SIGNING_SECRET }}
--build-arg DEFAULT_SLACK_CHANNEL=${{ secrets.DEFAULT_SLACK_CHANNEL }}
--build-arg TOG_TASK_URL=${{ secrets.TOG_TASK_URL }}
--build-arg LABELSTUDIO_TOKEN=${{ secrets.LABELSTUDIO_TOKEN }}
--build-arg AUDIO_URL_DOMAIN=${{ secrets.AUDIO_URL_DOMAIN }}
--build-arg SKIT_API_GATEWAY_PASSWORD=${{ secrets.SKIT_API_GATEWAY_PASSWORD }}
--build-arg SKIT_API_GATEWAY_EMAIL=${{ secrets.SKIT_API_GATEWAY_EMAIL }}
--build-arg SKIT_API_GATEWAY_URL=${{ secrets.SKIT_API_GATEWAY_URL }}
--build-arg KUBEFLOW_GATEWAY_ENDPOINT=${{ secrets.KUBEFLOW_GATEWAY_ENDPOINT }}
--build-arg KF_USERNAME=${{ secrets.KF_USERNAME }}
--build-arg KF_PASSWORD=${{ secrets.KF_PASSWORD }}
--build-arg JWT_SECRET_KEY=${{ secrets.JWT_SECRET_KEY}}
--build-arg GOOGLE_SHEETS_CREDENTIALS=${{ secrets.GOOGLE_SHEETS_CREDENTIALS }}
--build-arg ML_METRICS_DB_NAME=${{ secrets.ML_METRICS_DB_NAME }}
--build-arg ML_METRICS_DB_PORT=${{ secrets.ML_METRICS_DB_PORT }}
--build-arg ML_METRICS_DB_HOST=${{ secrets.ML_METRICS_DB_HOST }}
--build-arg ML_METRICS_DB_USER=${{ secrets.ML_METRICS_DB_USER }}
--build-arg ML_METRICS_DB_PASSWORD=${{ secrets.ML_METRICS_DB_PASSWORD }}
--build-arg PERSONAL_ACCESS_TOKEN_GITHUB=${{secrets.PERSONAL_ACCESS_TOKEN_GITHUB }}
--build-arg PERSONAL_ACCESS_TOKEN_GITLAB=${{secrets.PERSONAL_ACCESS_TOKEN_GITLAB }}
--build-arg OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }}
--build-arg OPENAI_COMPLIANCE_BREACHES_KEY=${{ secrets.OPENAI_COMPLIANCE_BREACHES_KEY }}
--build-arg AWS_ACCESS_KEY_ID=${{ secrets.REPO_AWS_ACCESS_KEY_ID }}
--build-arg AWS_SECRET_ACCESS_KEY=${{ secrets.REPO_AWS_SECRET_ACCESS_KEY }}
--build-arg DUCKLING_HOST="${{ secrets.DUCKLING_HOST }}" -t $ECR_REPOSITORY .
- name: Tag and push images
env:
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }}
run: |
docker tag $ECR_REPOSITORY:latest $ECR_REGISTRY/$ECR_REPOSITORY:$RELEASE_VERSION
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$RELEASE_VERSION
docker tag $ECR_REPOSITORY:latest $ECR_REGISTRY/$ECR_REPOSITORY:latest
docker push $ECR_REGISTRY/$ECR_REPOSITORY:latest
docker tag $ECR_REPOSITORY:latest $ECR_REGISTRY/$ECR_REPOSITORY:master
docker push $ECR_REGISTRY/$ECR_REPOSITORY:master
build-docker-image-US:
runs-on: ubuntu-latest
steps:
- name: Check out the repo
uses: actions/checkout@v2
- name: Set currently pushed tag as env var.
id: set-tag
run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- name: Login to Amazon ECR
id: login-ecr-us
uses: aws-actions/amazon-ecr-login@v1
- name: Setup DVC
uses: iterative/setup-dvc@v1
- name: Pull secrets & Build images
env:
DOCKER_BUILDKIT: 1
US_ECR_REGISTRY: ${{ steps.login-ecr-us.outputs.registry }}
US_ECR_REPOSITORY: ${{ secrets.US_ECR_REPOSITORY }}
run: dvc get https://github.com/skit-ai/skit-calls secrets && dvc pull pipeline_secrets && docker build
--build-arg ECR_REGISTRY=$US_ECR_REGISTRY
--build-arg REGION="us-east-1"
--build-arg BASE_IMAGE=$US_ECR_REGISTRY/$US_ECR_REPOSITORY:$RELEASE_VERSION
--build-arg DB_HOST=${{ secrets.US_DB_HOST }}
--build-arg DB_PORT=${{ secrets.US_DB_PORT }}
--build-arg DB_PASSWORD="${{ secrets.US_DB_PASSWORD }}"
--build-arg DB_NAME=${{ secrets.US_DB_NAME }}
--build-arg DB_USER=${{ secrets.US_DB_USER }}
--build-arg CDN_RECORDINGS_BASE_PATH=${{ secrets.CDN_RECORDINGS_BASE_PATH }}
--build-arg BUCKET=${{ secrets.US_BUCKET }}
--build-arg S3_US_PRODUCTION_TURN_RECORDINGS_BUCKET=${{ secrets.S3_US_PRODUCTION_TURN_RECORDINGS_BUCKET }}
--build-arg SLACK_TOKEN=${{ secrets.US_SLACK_TOKEN }}
--build-arg SLACK_SIGNING_SECRET=${{ secrets.US_SLACK_SIGNING_SECRET }}
--build-arg DEFAULT_SLACK_CHANNEL=${{ secrets.US_DEFAULT_SLACK_CHANNEL }}
--build-arg TOG_TASK_URL=${{ secrets.US_TOG_TASK_URL }}
--build-arg LABELSTUDIO_TOKEN=${{ secrets.US_LABELSTUDIO_TOKEN }}
--build-arg AUDIO_URL_DOMAIN=${{ secrets.US_AUDIO_URL_DOMAIN }}
--build-arg SKIT_API_GATEWAY_PASSWORD="${{ secrets.US_SKIT_API_GATEWAY_PASSWORD }}"
--build-arg SKIT_API_GATEWAY_EMAIL=${{ secrets.US_SKIT_API_GATEWAY_EMAIL }}
--build-arg SKIT_API_GATEWAY_URL=${{ secrets.US_SKIT_API_GATEWAY_URL }}
--build-arg KUBEFLOW_GATEWAY_ENDPOINT=${{ secrets.US_KUBEFLOW_GATEWAY_ENDPOINT }}
--build-arg KF_USERNAME=${{ secrets.US_KF_USERNAME }}
--build-arg KF_PASSWORD="${{ secrets.US_KF_PASSWORD }}"
--build-arg JWT_SECRET_KEY=${{ secrets.US_JWT_SECRET_KEY}}
--build-arg GOOGLE_SHEETS_CREDENTIALS=${{ secrets.GOOGLE_SHEETS_CREDENTIALS }}
--build-arg ML_METRICS_DB_NAME=${{ secrets.US_ML_METRICS_DB_NAME }}
--build-arg ML_METRICS_DB_PORT=${{ secrets.US_ML_METRICS_DB_PORT }}
--build-arg ML_METRICS_DB_HOST=${{ secrets.US_ML_METRICS_DB_HOST }}
--build-arg ML_METRICS_DB_USER=${{ secrets.US_ML_METRICS_DB_USER }}
--build-arg ML_METRICS_DB_PASSWORD="${{ secrets.US_ML_METRICS_DB_PASSWORD }}"
--build-arg PERSONAL_ACCESS_TOKEN_GITHUB=${{secrets.PERSONAL_ACCESS_TOKEN_GITHUB }}
--build-arg PERSONAL_ACCESS_TOKEN_GITLAB=${{secrets.PERSONAL_ACCESS_TOKEN_GITLAB }}
--build-arg OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY }}
--build-arg OPENAI_COMPLIANCE_BREACHES_KEY=${{ secrets.OPENAI_COMPLIANCE_BREACHES_KEY }}
--build-arg AWS_ACCESS_KEY_ID=${{ secrets.REPO_AWS_ACCESS_KEY_ID }}
--build-arg AWS_SECRET_ACCESS_KEY=${{ secrets.REPO_AWS_SECRET_ACCESS_KEY }}
--build-arg DUCKLING_HOST="${{ secrets.DUCKLING_HOST }}" -t $US_ECR_REPOSITORY .
- name: Tag and push images
env:
US_ECR_REGISTRY: ${{ steps.login-ecr-us.outputs.registry }}
US_ECR_REPOSITORY: ${{ secrets.US_ECR_REPOSITORY }}
run: |
docker tag $US_ECR_REPOSITORY:latest $US_ECR_REGISTRY/$US_ECR_REPOSITORY:$RELEASE_VERSION
docker push $US_ECR_REGISTRY/$US_ECR_REPOSITORY:$RELEASE_VERSION
docker tag $US_ECR_REPOSITORY:latest $US_ECR_REGISTRY/$US_ECR_REPOSITORY:latest
docker push $US_ECR_REGISTRY/$US_ECR_REPOSITORY:latest
docker tag $US_ECR_REPOSITORY:latest $US_ECR_REGISTRY/$US_ECR_REPOSITORY:master
docker push $US_ECR_REGISTRY/$US_ECR_REPOSITORY:master