Skip to content

Commit fa78afc

Browse files
Add nipper to compose file and authorize with ECR (#235)
1 parent b2a57bf commit fa78afc

3 files changed

Lines changed: 42 additions & 3 deletions

File tree

.github/workflows/docker-deploy-dev.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -26,8 +26,8 @@ jobs:
2626
with:
2727
driver: docker
2828

29-
- name: Build mantis
30-
id: build-mantis
29+
- name: Build letsencrypt
30+
id: build-letsencrypt
3131
uses: docker/build-push-action@v2
3232
with:
3333
push: true

.github/workflows/docker-tests.yml

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,10 +14,32 @@ jobs:
1414
name: Validate Platform Installation
1515
runs-on: ubuntu-22.04
1616

17+
permissions:
18+
id-token: write
19+
contents: read
20+
1721
steps:
1822
- name: Checkout
1923
uses: actions/checkout@v3
2024

25+
# main should never require private images
26+
- name: Configure AWS Credentials
27+
if: github.ref != 'refs/heads/main'
28+
uses: aws-actions/configure-aws-credentials@v4
29+
with:
30+
role-to-assume: arn:aws:iam::948971135452:role/ci-sublime-platform-ecr-read
31+
aws-region: us-east-1
32+
33+
- name: Login to Amazon ECR
34+
if: github.ref != 'refs/heads/main'
35+
uses: aws-actions/amazon-ecr-login@v2
36+
with:
37+
registries: "948971135452"
38+
39+
- name: Make ECR credentials available to sudo
40+
if: github.ref != 'refs/heads/main'
41+
run: sudo cp -r $HOME/.docker /root/
42+
2143
- name: Install Platform
2244
run: |
2345
interactive=false clone_platform=false ./install-and-launch.sh

docker-compose.yml

Lines changed: 18 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,21 @@ services:
3434
- "6379:6379"
3535
networks:
3636
- net
37+
sublime_nipper:
38+
image: 948971135452.dkr.ecr.us-east-1.amazonaws.com/nipper-python-dev:dev
39+
restart: unless-stopped
40+
container_name: sublime_nipper
41+
env_file: sublime.env
42+
ports:
43+
- "8300:8000"
44+
networks:
45+
- net
46+
environment:
47+
NIPPER_BUCKET: "nipper-artifacts"
48+
BUCKET_ENDPOINT_URL: "http://sublimes3:8110"
49+
DD_TRACE_ENABLED: false
50+
depends_on:
51+
- sublime_create_buckets
3752
sublime_strelka_frontend:
3853
image: sublimesec/strelka-frontend:0.3
3954
restart: unless-stopped
@@ -122,7 +137,8 @@ services:
122137
az storage container create --name email-screenshots &&
123138
az storage container create --name events &&
124139
az storage container create --name message-storage &&
125-
az storage container create --name message-export
140+
az storage container create --name message-export &&
141+
az storage container create --name nipper-artifacts
126142
"
127143
# Keep this name as sublimes3 because underscores don't play nice with certain endpoint validation
128144
sublimes3:
@@ -157,6 +173,7 @@ services:
157173
/usr/bin/mc mb myminio/events;
158174
/usr/bin/mc mb myminio/message-storage;
159175
/usr/bin/mc mb myminio/message-export;
176+
/usr/bin/mc mb myminio/nipper-artifacts;
160177
/usr/bin/mc ls myminio;
161178
exit 0;
162179
"

0 commit comments

Comments
 (0)