From 5ca0d1dffbd18a20a41fb8b389f4cc25d2da76f5 Mon Sep 17 00:00:00 2001 From: Phil Salant Date: Tue, 30 Nov 2021 19:55:35 -0500 Subject: [PATCH 01/20] First pass at parallelized tests --- .github/workflows/test.yaml | 218 ++++++++++++++++++++++++++++++++---- 1 file changed, 198 insertions(+), 20 deletions(-) diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 9b2089bf752..23882ad2417 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -1,6 +1,5 @@ -name: Tests +name: Test -# Only test on Pull Requests that target main on: pull_request: branches: @@ -9,32 +8,211 @@ on: - fidesctl/** - .github/workflows/test.yaml +env: + CONTAINER: fidesctl-${{ github.sha }} + IMAGE: ethyca/fidesctl:${{ github.sha }} + jobs: - Tests: + Build: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + + - name: Set up Docker Buildx + id: buildx + uses: docker/setup-buildx-action@v1 + + - name: Build fidesctl and export + uses: docker/build-push-action@v2 + with: + builder: ${{ steps.buildx.outputs.name }} + context: ./fidesctl + file: ./fidesctl/Dockerfile + outputs: type=docker,dest=/tmp/${{ env.CONTAINER }}.tar + push: false + tags: ${{ env.IMAGE }} + + - name: Upload fidesctl artifact + uses: actions/upload-artifact@v2 + with: + name: ${{ env.CONTAINER }} + path: /tmp/${{ env.CONTAINER }}.tar + retention-days: 7 + + Evaluate: + needs: Build runs-on: ubuntu-latest + services: + postgres: + image: postgres:12 + env: + POSTGRES_DB: fidesctl + POSTGRES_PASSWORD: fidesctl + options: >- + --health-cmd pg_isready + --health-interval 5s + --health-timeout 5s + --health-retries 5 + ports: + - 5432:5432 steps: - - uses: actions/checkout@v2 + - name: Download fidesctl artifact + uses: actions/download-artifact@v2 + with: + name: ${{ env.CONTAINER }} + path: /tmp/ - - name: Build the Docker Images - run: make compose-build + - name: Load image + run: docker load --input /tmp/${{ env.CONTAINER }}.tar - - name: Check fidesctl installed - run: make check-install + - name: Check install + run: docker run ${{ env.IMAGE }} fidesctl - - name: Fidesctl Evaluation - run: make fidesctl + - name: Fidesctl evaluation + run: docker run --rm ${{ env.IMAGE }} fidesctl --local evaluate fides_resources/ - - name: Format - run: make black + Format: + needs: Build + runs-on: ubuntu-latest + services: + postgres: + image: postgres:12 + env: + POSTGRES_DB: fidesctl + POSTGRES_PASSWORD: fidesctl + options: >- + --health-cmd pg_isready + --health-interval 5s + --health-timeout 5s + --health-retries 5 + ports: + - 5432:5432 + steps: + - name: Download fidesctl artifact + uses: actions/download-artifact@v2 + with: + name: ${{ env.CONTAINER }} + path: /tmp/ + + - name: Load image + run: docker load --input /tmp/${{ env.CONTAINER }}.tar + + - name: Run formatter + run: docker run ${{ env.IMAGE }} black --check src/ + + Lint: + needs: Build + runs-on: ubuntu-latest + services: + postgres: + image: postgres:12 + env: + POSTGRES_DB: fidesctl + POSTGRES_PASSWORD: fidesctl + options: >- + --health-cmd pg_isready + --health-interval 5s + --health-timeout 5s + --health-retries 5 + ports: + - 5432:5432 + steps: + - name: Download fidesctl artifact + uses: actions/download-artifact@v2 + with: + name: ${{ env.CONTAINER }} + path: /tmp/ - - name: Lint - run: make pylint + - name: Load image + run: docker load --input /tmp/${{ env.CONTAINER }}.tar - - name: TypeCheck - run: make mypy + - name: Run linter + run: docker run ${{ env.IMAGE }} pylint src/ + + TypeCheck: + needs: Build + runs-on: ubuntu-latest + services: + postgres: + image: postgres:12 + env: + POSTGRES_DB: fidesctl + POSTGRES_PASSWORD: fidesctl + options: >- + --health-cmd pg_isready + --health-interval 5s + --health-timeout 5s + --health-retries 5 + ports: + - 5432:5432 + steps: + - name: Download fidesctl artifact + uses: actions/download-artifact@v2 + with: + name: ${{ env.CONTAINER }} + path: /tmp/ + + - name: Load image + run: docker load --input /tmp/${{ env.CONTAINER }}.tar + + - name: Run typechecker + run: docker run ${{ env.IMAGE }} mypy + + Complexity: + needs: Build + runs-on: ubuntu-latest + services: + postgres: + image: postgres:12 + env: + POSTGRES_DB: fidesctl + POSTGRES_PASSWORD: fidesctl + options: >- + --health-cmd pg_isready + --health-interval 5s + --health-timeout 5s + --health-retries 5 + ports: + - 5432:5432 + steps: + - name: Download fidesctl artifact + uses: actions/download-artifact@v2 + with: + name: ${{ env.CONTAINER }} + path: /tmp/ + + - name: Load image + run: docker load --input /tmp/${{ env.CONTAINER }}.tar + + - name: Run cyclomatic complexity check + run: docker run ${{ env.IMAGE }} xenon src --max-absolute B --max-modules B --max-average A --ignore "data, tests, docs" --exclude "src/fidesctl/core/annotate_dataset.py,src/fidesctl/_version.py" + + Test: + needs: Build + runs-on: ubuntu-latest + services: + postgres: + image: postgres:12 + env: + POSTGRES_DB: fidesctl + POSTGRES_PASSWORD: fidesctl + options: >- + --health-cmd pg_isready + --health-interval 5s + --health-timeout 5s + --health-retries 5 + ports: + - 5432:5432 + steps: + - name: Download fidesctl artifact + uses: actions/download-artifact@v2 + with: + name: ${{ env.CONTAINER }} + path: /tmp/ - - name: Complexity Check - run: make xenon + - name: Load image + run: docker load --input /tmp/${{ env.CONTAINER }}.tar - - name: Test - run: make pytest + - name: Run test suite + run: docker run ${{ env.IMAGE }} pytest -x From 2cfff1f0c711729db5c7fd39b04f5d8ea21c8373 Mon Sep 17 00:00:00 2001 From: Phil Salant Date: Wed, 1 Dec 2021 14:42:25 -0500 Subject: [PATCH 02/20] Rename workflow file, polish job and step names --- .../workflows/{test.yaml => pr_checks.yml} | 34 +++++++++---------- 1 file changed, 17 insertions(+), 17 deletions(-) rename .github/workflows/{test.yaml => pr_checks.yml} (88%) diff --git a/.github/workflows/test.yaml b/.github/workflows/pr_checks.yml similarity index 88% rename from .github/workflows/test.yaml rename to .github/workflows/pr_checks.yml index 23882ad2417..12335886c73 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/pr_checks.yml @@ -1,4 +1,4 @@ -name: Test +name: PR Checks on: pull_request: @@ -23,7 +23,7 @@ jobs: id: buildx uses: docker/setup-buildx-action@v1 - - name: Build fidesctl and export + - name: Build fidesctl container uses: docker/build-push-action@v2 with: builder: ${{ steps.buildx.outputs.name }} @@ -33,7 +33,7 @@ jobs: push: false tags: ${{ env.IMAGE }} - - name: Upload fidesctl artifact + - name: Upload fidesctl container uses: actions/upload-artifact@v2 with: name: ${{ env.CONTAINER }} @@ -57,19 +57,19 @@ jobs: ports: - 5432:5432 steps: - - name: Download fidesctl artifact + - name: Download fidesctl container uses: actions/download-artifact@v2 with: name: ${{ env.CONTAINER }} path: /tmp/ - - name: Load image + - name: Load fidesctl image run: docker load --input /tmp/${{ env.CONTAINER }}.tar - - name: Check install + - name: Check fidesctl installation run: docker run ${{ env.IMAGE }} fidesctl - - name: Fidesctl evaluation + - name: Run fidesctl evaluation run: docker run --rm ${{ env.IMAGE }} fidesctl --local evaluate fides_resources/ Format: @@ -89,13 +89,13 @@ jobs: ports: - 5432:5432 steps: - - name: Download fidesctl artifact + - name: Download fidesctl container uses: actions/download-artifact@v2 with: name: ${{ env.CONTAINER }} path: /tmp/ - - name: Load image + - name: Load fidesctl image run: docker load --input /tmp/${{ env.CONTAINER }}.tar - name: Run formatter @@ -118,13 +118,13 @@ jobs: ports: - 5432:5432 steps: - - name: Download fidesctl artifact + - name: Download fidesctl container uses: actions/download-artifact@v2 with: name: ${{ env.CONTAINER }} path: /tmp/ - - name: Load image + - name: Load fidesctl image run: docker load --input /tmp/${{ env.CONTAINER }}.tar - name: Run linter @@ -147,13 +147,13 @@ jobs: ports: - 5432:5432 steps: - - name: Download fidesctl artifact + - name: Download fidesctl container uses: actions/download-artifact@v2 with: name: ${{ env.CONTAINER }} path: /tmp/ - - name: Load image + - name: Load fidesctl image run: docker load --input /tmp/${{ env.CONTAINER }}.tar - name: Run typechecker @@ -176,13 +176,13 @@ jobs: ports: - 5432:5432 steps: - - name: Download fidesctl artifact + - name: Download fidesctl container uses: actions/download-artifact@v2 with: name: ${{ env.CONTAINER }} path: /tmp/ - - name: Load image + - name: Load fidesctl image run: docker load --input /tmp/${{ env.CONTAINER }}.tar - name: Run cyclomatic complexity check @@ -205,13 +205,13 @@ jobs: ports: - 5432:5432 steps: - - name: Download fidesctl artifact + - name: Download fidesctl container uses: actions/download-artifact@v2 with: name: ${{ env.CONTAINER }} path: /tmp/ - - name: Load image + - name: Load fidesctl image run: docker load --input /tmp/${{ env.CONTAINER }}.tar - name: Run test suite From b8e5ef8f7398c422696d3c517a1a004afc149fd6 Mon Sep 17 00:00:00 2001 From: Phil Salant Date: Wed, 1 Dec 2021 14:49:51 -0500 Subject: [PATCH 03/20] Use the PR's HEAD commit sha --- .github/workflows/pr_checks.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pr_checks.yml b/.github/workflows/pr_checks.yml index 12335886c73..5c9741c5292 100644 --- a/.github/workflows/pr_checks.yml +++ b/.github/workflows/pr_checks.yml @@ -9,8 +9,8 @@ on: - .github/workflows/test.yaml env: - CONTAINER: fidesctl-${{ github.sha }} - IMAGE: ethyca/fidesctl:${{ github.sha }} + CONTAINER: fidesctl-${{ github.event.pull_request.head.sha }} + IMAGE: ethyca/fidesctl:${{ github.event.pull_request.head.sha }} jobs: Build: From 39b13eb57c7e6ed21a20d4fdc5745edd3dbcdc8d Mon Sep 17 00:00:00 2001 From: Phil Salant Date: Wed, 1 Dec 2021 16:59:55 -0500 Subject: [PATCH 04/20] Start fidesctl before running the test suite --- .github/workflows/pr_checks.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/pr_checks.yml b/.github/workflows/pr_checks.yml index 5c9741c5292..b934fe5283e 100644 --- a/.github/workflows/pr_checks.yml +++ b/.github/workflows/pr_checks.yml @@ -214,5 +214,8 @@ jobs: - name: Load fidesctl image run: docker load --input /tmp/${{ env.CONTAINER }}.tar + - name: Start fidesctl + run: docker run ${{ env.IMAGE }} + - name: Run test suite run: docker run ${{ env.IMAGE }} pytest -x From 9b01d03ba29aa0091e5e8a3a35b480999c67f72f Mon Sep 17 00:00:00 2001 From: Phil Salant Date: Wed, 1 Dec 2021 17:29:47 -0500 Subject: [PATCH 05/20] Remove postgres where it isn't needed --- .github/workflows/pr_checks.yml | 65 --------------------------------- 1 file changed, 65 deletions(-) diff --git a/.github/workflows/pr_checks.yml b/.github/workflows/pr_checks.yml index b934fe5283e..5b6291cc0df 100644 --- a/.github/workflows/pr_checks.yml +++ b/.github/workflows/pr_checks.yml @@ -43,19 +43,6 @@ jobs: Evaluate: needs: Build runs-on: ubuntu-latest - services: - postgres: - image: postgres:12 - env: - POSTGRES_DB: fidesctl - POSTGRES_PASSWORD: fidesctl - options: >- - --health-cmd pg_isready - --health-interval 5s - --health-timeout 5s - --health-retries 5 - ports: - - 5432:5432 steps: - name: Download fidesctl container uses: actions/download-artifact@v2 @@ -75,19 +62,6 @@ jobs: Format: needs: Build runs-on: ubuntu-latest - services: - postgres: - image: postgres:12 - env: - POSTGRES_DB: fidesctl - POSTGRES_PASSWORD: fidesctl - options: >- - --health-cmd pg_isready - --health-interval 5s - --health-timeout 5s - --health-retries 5 - ports: - - 5432:5432 steps: - name: Download fidesctl container uses: actions/download-artifact@v2 @@ -104,19 +78,6 @@ jobs: Lint: needs: Build runs-on: ubuntu-latest - services: - postgres: - image: postgres:12 - env: - POSTGRES_DB: fidesctl - POSTGRES_PASSWORD: fidesctl - options: >- - --health-cmd pg_isready - --health-interval 5s - --health-timeout 5s - --health-retries 5 - ports: - - 5432:5432 steps: - name: Download fidesctl container uses: actions/download-artifact@v2 @@ -133,19 +94,6 @@ jobs: TypeCheck: needs: Build runs-on: ubuntu-latest - services: - postgres: - image: postgres:12 - env: - POSTGRES_DB: fidesctl - POSTGRES_PASSWORD: fidesctl - options: >- - --health-cmd pg_isready - --health-interval 5s - --health-timeout 5s - --health-retries 5 - ports: - - 5432:5432 steps: - name: Download fidesctl container uses: actions/download-artifact@v2 @@ -162,19 +110,6 @@ jobs: Complexity: needs: Build runs-on: ubuntu-latest - services: - postgres: - image: postgres:12 - env: - POSTGRES_DB: fidesctl - POSTGRES_PASSWORD: fidesctl - options: >- - --health-cmd pg_isready - --health-interval 5s - --health-timeout 5s - --health-retries 5 - ports: - - 5432:5432 steps: - name: Download fidesctl container uses: actions/download-artifact@v2 From 252d805a99ad78163b80a5044b9a2fda9a883095 Mon Sep 17 00:00:00 2001 From: Phil Salant Date: Wed, 1 Dec 2021 17:33:28 -0500 Subject: [PATCH 06/20] Try renaming postgres image to fidesctl-db --- .github/workflows/pr_checks.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr_checks.yml b/.github/workflows/pr_checks.yml index 5b6291cc0df..68a42f020bd 100644 --- a/.github/workflows/pr_checks.yml +++ b/.github/workflows/pr_checks.yml @@ -127,7 +127,7 @@ jobs: needs: Build runs-on: ubuntu-latest services: - postgres: + fidesctl-db: image: postgres:12 env: POSTGRES_DB: fidesctl From eca41f3c54741c42bbd12e614ddb36876b55fb64 Mon Sep 17 00:00:00 2001 From: Thomas La Piana Date: Mon, 6 Dec 2021 14:55:02 -0800 Subject: [PATCH 07/20] update the docker-compose to add an image tag, update the CI checks in the makefile to use specific images, update the image names in the pr_checks file --- .github/workflows/pr_checks.yml | 28 +++++++++--------- Makefile | 50 +++++++++++++++++++++------------ docker-compose.yml | 4 +-- 3 files changed, 48 insertions(+), 34 deletions(-) diff --git a/.github/workflows/pr_checks.yml b/.github/workflows/pr_checks.yml index 68a42f020bd..dcd86ea48cb 100644 --- a/.github/workflows/pr_checks.yml +++ b/.github/workflows/pr_checks.yml @@ -4,13 +4,13 @@ on: pull_request: branches: - main - paths: # Only run tests when certain paths change + paths: - fidesctl/** - .github/workflows/test.yaml env: - CONTAINER: fidesctl-${{ github.event.pull_request.head.sha }} - IMAGE: ethyca/fidesctl:${{ github.event.pull_request.head.sha }} + CONTAINER: fidesctl:local + IMAGE: ethyca/fidesctl:local jobs: Build: @@ -40,7 +40,7 @@ jobs: path: /tmp/${{ env.CONTAINER }}.tar retention-days: 7 - Evaluate: + Fidesctl: needs: Build runs-on: ubuntu-latest steps: @@ -54,12 +54,12 @@ jobs: run: docker load --input /tmp/${{ env.CONTAINER }}.tar - name: Check fidesctl installation - run: docker run ${{ env.IMAGE }} fidesctl + run: make check-installation - name: Run fidesctl evaluation - run: docker run --rm ${{ env.IMAGE }} fidesctl --local evaluate fides_resources/ + run: make fidesctl - Format: + Black: needs: Build runs-on: ubuntu-latest steps: @@ -73,9 +73,9 @@ jobs: run: docker load --input /tmp/${{ env.CONTAINER }}.tar - name: Run formatter - run: docker run ${{ env.IMAGE }} black --check src/ + run: make black - Lint: + Pylint: needs: Build runs-on: ubuntu-latest steps: @@ -89,9 +89,9 @@ jobs: run: docker load --input /tmp/${{ env.CONTAINER }}.tar - name: Run linter - run: docker run ${{ env.IMAGE }} pylint src/ + run: make pylint - TypeCheck: + Mypy: needs: Build runs-on: ubuntu-latest steps: @@ -105,9 +105,9 @@ jobs: run: docker load --input /tmp/${{ env.CONTAINER }}.tar - name: Run typechecker - run: docker run ${{ env.IMAGE }} mypy + run: make mypy - Complexity: + Xenon: needs: Build runs-on: ubuntu-latest steps: @@ -121,7 +121,7 @@ jobs: run: docker load --input /tmp/${{ env.CONTAINER }}.tar - name: Run cyclomatic complexity check - run: docker run ${{ env.IMAGE }} xenon src --max-absolute B --max-modules B --max-average A --ignore "data, tests, docs" --exclude "src/fidesctl/core/annotate_dataset.py,src/fidesctl/_version.py" + run: make xenon Test: needs: Build diff --git a/Makefile b/Makefile index cb79f0d9b04..785856fc414 100644 --- a/Makefile +++ b/Makefile @@ -3,16 +3,22 @@ #################### # CONSTANTS #################### -RUN = docker-compose run --rm $(IMAGE_NAME) -RUN_NO_DEPS = docker-compose run --no-deps --rm $(IMAGE_NAME) - REGISTRY := ethyca IMAGE_TAG := $(shell git fetch --force --tags && git describe --tags --dirty --always) +# Various Image Names IMAGE_NAME := fidesctl +LOCAL_IMAGE_NAME := ethyca/fidesctl:local IMAGE := $(REGISTRY)/$(IMAGE_NAME):$(IMAGE_TAG) IMAGE_LATEST := $(REGISTRY)/$(IMAGE_NAME):latest +# Run in Compose +RUN = docker-compose run --rm $(IMAGE_NAME) +RUN_NO_DEPS = docker-compose run --no-deps --rm $(IMAGE_NAME) + +# Run using standalone containers +RUN_LOCAL = docker run --rm $(LOCAL_IMAGE_NAME) + .PHONY: help help: @echo -------------------- @@ -80,31 +86,39 @@ push: build # CI #################### -black: compose-build - @$(RUN_NO_DEPS) black --check src/ +.PHONY: black +black: + @$(RUN_LOCAL) black --check src/ -check-all: check-install fidesctl black pylint mypy xenon pytest +.PHONY: check-all +check-all: compose-build check-install fidesctl black pylint mypy xenon pytest @echo "Running formatter, linter, typechecker and tests..." +.PHONY: check-install check-install: @echo "Checking that fidesctl is installed..." - @$(RUN_NO_DEPS) fidesctl + @$(RUN_LOCAL) fidesctl -fidesctl: compose-build - @$(RUN_NO_DEPS) fidesctl --local evaluate fides_resources/ +.PHONY: fidesctl +fidesctl: + @$(RUN_LOCAL) fidesctl --local evaluate fides_resources/ -mypy: compose-build - @$(RUN_NO_DEPS) mypy +.PHONY: mypy +mypy: + @$(RUN_LOCAL) mypy -pylint: compose-build - @$(RUN_NO_DEPS) pylint src/ +.PHONY: pylint +pylint: + @$(RUN_LOCAL) pylint src/ +.PHONY: pytest pytest: compose-build - @docker-compose up -d $(IMAGE_NAME) - @$(RUN) pytest -x + @docker run -d --env-file env_files/fidesctl.env $(LOCAL_IMAGE_NAME) + @$(RUN_) pytest -x -xenon: compose-build - @$(RUN_NO_DEPS) xenon src \ +.PHONY: xenon +xenon: + @$(RUN_LOCAL) xenon src \ --max-absolute B \ --max-modules B \ --max-average A \ @@ -131,7 +145,7 @@ teardown: compose-build: @echo "Build the images required in the docker-compose file..." @docker-compose down - @docker-compose build + @docker-compose build fidesctl .PHONY: docs-build docs-build: compose-build diff --git a/docker-compose.yml b/docker-compose.yml index 156b41ffc19..11c097f6eb5 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -2,7 +2,7 @@ services: fidesctl: build: context: fidesctl - dockerfile: Dockerfile + image: ethyca/fidesctl:local command: uvicorn --host 0.0.0.0 --port 8080 --reload fidesapi.main:app healthcheck: test: [ "CMD", "curl", "-f", "http://0.0.0.0:8080/health" ] @@ -43,7 +43,7 @@ services: docs: build: context: docs/fides/ - dockerfile: Dockerfile + image: ethyca/fidesctl-docs:local volumes: - ./docs/fides:/docs - ./fidesctl:/fidesctl From f609a81e06ae7be92849190c0fe630903c951a9e Mon Sep 17 00:00:00 2001 From: Thomas La Piana Date: Mon, 6 Dec 2021 15:20:02 -0800 Subject: [PATCH 08/20] fix the image name, add caching to docker-compose --- .github/workflows/pr_checks.yml | 20 ++------------------ Makefile | 3 +-- docker-compose.yml | 6 ++++-- 3 files changed, 7 insertions(+), 22 deletions(-) diff --git a/.github/workflows/pr_checks.yml b/.github/workflows/pr_checks.yml index dcd86ea48cb..870de066357 100644 --- a/.github/workflows/pr_checks.yml +++ b/.github/workflows/pr_checks.yml @@ -9,7 +9,7 @@ on: - .github/workflows/test.yaml env: - CONTAINER: fidesctl:local + CONTAINER: fidesctl-local IMAGE: ethyca/fidesctl:local jobs: @@ -126,19 +126,6 @@ jobs: Test: needs: Build runs-on: ubuntu-latest - services: - fidesctl-db: - image: postgres:12 - env: - POSTGRES_DB: fidesctl - POSTGRES_PASSWORD: fidesctl - options: >- - --health-cmd pg_isready - --health-interval 5s - --health-timeout 5s - --health-retries 5 - ports: - - 5432:5432 steps: - name: Download fidesctl container uses: actions/download-artifact@v2 @@ -149,8 +136,5 @@ jobs: - name: Load fidesctl image run: docker load --input /tmp/${{ env.CONTAINER }}.tar - - name: Start fidesctl - run: docker run ${{ env.IMAGE }} - - name: Run test suite - run: docker run ${{ env.IMAGE }} pytest -x + run: make pytest diff --git a/Makefile b/Makefile index 785856fc414..9ac2297144e 100644 --- a/Makefile +++ b/Makefile @@ -113,8 +113,7 @@ pylint: .PHONY: pytest pytest: compose-build - @docker run -d --env-file env_files/fidesctl.env $(LOCAL_IMAGE_NAME) - @$(RUN_) pytest -x + @$(RUN) pytest -x .PHONY: xenon xenon: diff --git a/docker-compose.yml b/docker-compose.yml index 11c097f6eb5..40f9188a690 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -2,7 +2,9 @@ services: fidesctl: build: context: fidesctl - image: ethyca/fidesctl:local + cache_from: + - ethyca/fidesctl # If the container already exists, pull from the cache + image: ethyca/fidesctl command: uvicorn --host 0.0.0.0 --port 8080 --reload fidesapi.main:app healthcheck: test: [ "CMD", "curl", "-f", "http://0.0.0.0:8080/health" ] @@ -43,7 +45,7 @@ services: docs: build: context: docs/fides/ - image: ethyca/fidesctl-docs:local + image: ethyca/fidesctl-docs volumes: - ./docs/fides:/docs - ./fidesctl:/fidesctl From 6f6a12ee8e0eb60708c635b2216de378a68315b1 Mon Sep 17 00:00:00 2001 From: Thomas La Piana Date: Mon, 6 Dec 2021 15:33:18 -0800 Subject: [PATCH 09/20] restore the makefile CI checks and hope that compose-file caching works as expected, checkout the repo in each CI step since the makefile is in use again --- .github/workflows/pr_checks.yml | 18 ++++++++++++++++++ Makefile | 26 +++++++++----------------- 2 files changed, 27 insertions(+), 17 deletions(-) diff --git a/.github/workflows/pr_checks.yml b/.github/workflows/pr_checks.yml index 870de066357..55c278f77b9 100644 --- a/.github/workflows/pr_checks.yml +++ b/.github/workflows/pr_checks.yml @@ -53,6 +53,9 @@ jobs: - name: Load fidesctl image run: docker load --input /tmp/${{ env.CONTAINER }}.tar + - name: Checkout + uses: actions/checkout@v2 + - name: Check fidesctl installation run: make check-installation @@ -72,6 +75,9 @@ jobs: - name: Load fidesctl image run: docker load --input /tmp/${{ env.CONTAINER }}.tar + - name: Checkout + uses: actions/checkout@v2 + - name: Run formatter run: make black @@ -88,6 +94,9 @@ jobs: - name: Load fidesctl image run: docker load --input /tmp/${{ env.CONTAINER }}.tar + - name: Checkout + uses: actions/checkout@v2 + - name: Run linter run: make pylint @@ -104,6 +113,9 @@ jobs: - name: Load fidesctl image run: docker load --input /tmp/${{ env.CONTAINER }}.tar + - name: Checkout + uses: actions/checkout@v2 + - name: Run typechecker run: make mypy @@ -120,6 +132,9 @@ jobs: - name: Load fidesctl image run: docker load --input /tmp/${{ env.CONTAINER }}.tar + - name: Checkout + uses: actions/checkout@v2 + - name: Run cyclomatic complexity check run: make xenon @@ -136,5 +151,8 @@ jobs: - name: Load fidesctl image run: docker load --input /tmp/${{ env.CONTAINER }}.tar + - name: Checkout + uses: actions/checkout@v2 + - name: Run test suite run: make pytest diff --git a/Makefile b/Makefile index 9ac2297144e..72207cef992 100644 --- a/Makefile +++ b/Makefile @@ -16,9 +16,6 @@ IMAGE_LATEST := $(REGISTRY)/$(IMAGE_NAME):latest RUN = docker-compose run --rm $(IMAGE_NAME) RUN_NO_DEPS = docker-compose run --no-deps --rm $(IMAGE_NAME) -# Run using standalone containers -RUN_LOCAL = docker run --rm $(LOCAL_IMAGE_NAME) - .PHONY: help help: @echo -------------------- @@ -86,38 +83,33 @@ push: build # CI #################### -.PHONY: black black: - @$(RUN_LOCAL) black --check src/ + @$(RUN_NO_DEPS) black --check src/ -.PHONY: check-all +# The order of dependent targets here is intentional check-all: compose-build check-install fidesctl black pylint mypy xenon pytest @echo "Running formatter, linter, typechecker and tests..." -.PHONY: check-install check-install: @echo "Checking that fidesctl is installed..." - @$(RUN_LOCAL) fidesctl + @$(RUN_NO_DEPS) fidesctl .PHONY: fidesctl fidesctl: - @$(RUN_LOCAL) fidesctl --local evaluate fides_resources/ + @$(RUN_NO_DEPS) fidesctl --local evaluate fides_resources/ -.PHONY: mypy mypy: - @$(RUN_LOCAL) mypy + @$(RUN_NO_DEPS) mypy -.PHONY: pylint pylint: - @$(RUN_LOCAL) pylint src/ + @$(RUN_NO_DEPS) pylint src/ -.PHONY: pytest -pytest: compose-build +pytest: + @docker-compose up -d $(IMAGE_NAME) @$(RUN) pytest -x -.PHONY: xenon xenon: - @$(RUN_LOCAL) xenon src \ + @$(RUN_NO_DEPS) xenon src \ --max-absolute B \ --max-modules B \ --max-average A \ From 03d28991c54d938f98daa7fbc62bed97c59e56b1 Mon Sep 17 00:00:00 2001 From: Thomas La Piana Date: Mon, 6 Dec 2021 15:52:39 -0800 Subject: [PATCH 10/20] try to fix the docker-compose caching --- .github/workflows/pr_checks.yml | 2 +- Makefile | 1 - docker-compose.yml | 4 +--- fidesctl/Dockerfile | 1 + 4 files changed, 3 insertions(+), 5 deletions(-) diff --git a/.github/workflows/pr_checks.yml b/.github/workflows/pr_checks.yml index 55c278f77b9..9ea0a22f4ab 100644 --- a/.github/workflows/pr_checks.yml +++ b/.github/workflows/pr_checks.yml @@ -57,7 +57,7 @@ jobs: uses: actions/checkout@v2 - name: Check fidesctl installation - run: make check-installation + run: make check-install - name: Run fidesctl evaluation run: make fidesctl diff --git a/Makefile b/Makefile index 72207cef992..0f4f565ecf8 100644 --- a/Makefile +++ b/Makefile @@ -8,7 +8,6 @@ IMAGE_TAG := $(shell git fetch --force --tags && git describe --tags --dirty --a # Various Image Names IMAGE_NAME := fidesctl -LOCAL_IMAGE_NAME := ethyca/fidesctl:local IMAGE := $(REGISTRY)/$(IMAGE_NAME):$(IMAGE_TAG) IMAGE_LATEST := $(REGISTRY)/$(IMAGE_NAME):latest diff --git a/docker-compose.yml b/docker-compose.yml index 40f9188a690..85a43f52f19 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -3,8 +3,7 @@ services: build: context: fidesctl cache_from: - - ethyca/fidesctl # If the container already exists, pull from the cache - image: ethyca/fidesctl + - ethyca/fidesctl:local # If the container already exists, pull from the cache command: uvicorn --host 0.0.0.0 --port 8080 --reload fidesapi.main:app healthcheck: test: [ "CMD", "curl", "-f", "http://0.0.0.0:8080/health" ] @@ -45,7 +44,6 @@ services: docs: build: context: docs/fides/ - image: ethyca/fidesctl-docs volumes: - ./docs/fides:/docs - ./fidesctl:/fidesctl diff --git a/fidesctl/Dockerfile b/fidesctl/Dockerfile index 57335a964c6..7f13c07b602 100644 --- a/fidesctl/Dockerfile +++ b/fidesctl/Dockerfile @@ -28,4 +28,5 @@ RUN pip install -e ".[all]" # Immediately flush to stdout, globally ENV PYTHONUNBUFFERED=TRUE +EXPOSE 8080 CMD ["fidesctl", "webserver"] From 3588500b4e4b1c8ffabaae0dfd65e1c31ea761e3 Mon Sep 17 00:00:00 2001 From: Thomas La Piana Date: Mon, 6 Dec 2021 16:03:27 -0800 Subject: [PATCH 11/20] tests indicated that a compose-build step has to run before caching is used --- Makefile | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/Makefile b/Makefile index 0f4f565ecf8..5cce83e0138 100644 --- a/Makefile +++ b/Makefile @@ -82,32 +82,32 @@ push: build # CI #################### -black: +black: compose-build @$(RUN_NO_DEPS) black --check src/ # The order of dependent targets here is intentional check-all: compose-build check-install fidesctl black pylint mypy xenon pytest @echo "Running formatter, linter, typechecker and tests..." -check-install: +check-install: compose-build @echo "Checking that fidesctl is installed..." @$(RUN_NO_DEPS) fidesctl .PHONY: fidesctl -fidesctl: +fidesctl: compose-build @$(RUN_NO_DEPS) fidesctl --local evaluate fides_resources/ -mypy: +mypy: compose-build @$(RUN_NO_DEPS) mypy -pylint: +pylint: compose-build @$(RUN_NO_DEPS) pylint src/ -pytest: +pytest: compose-build @docker-compose up -d $(IMAGE_NAME) @$(RUN) pytest -x -xenon: +xenon: compose-build @$(RUN_NO_DEPS) xenon src \ --max-absolute B \ --max-modules B \ From 714598cb66c17f558f2088bb47f4b1f2827e2868 Mon Sep 17 00:00:00 2001 From: Thomas La Piana Date: Mon, 6 Dec 2021 17:10:49 -0800 Subject: [PATCH 12/20] change docker-compose to docker compose, add a logger in the CI checks --- .github/workflows/pr_checks.yml | 2 ++ Makefile | 28 ++++++++++++++-------------- 2 files changed, 16 insertions(+), 14 deletions(-) diff --git a/.github/workflows/pr_checks.yml b/.github/workflows/pr_checks.yml index 9ea0a22f4ab..0eada062c5d 100644 --- a/.github/workflows/pr_checks.yml +++ b/.github/workflows/pr_checks.yml @@ -50,6 +50,8 @@ jobs: name: ${{ env.CONTAINER }} path: /tmp/ + - run: docker image ls + - name: Load fidesctl image run: docker load --input /tmp/${{ env.CONTAINER }}.tar diff --git a/Makefile b/Makefile index 5cce83e0138..42459fd6019 100644 --- a/Makefile +++ b/Makefile @@ -6,14 +6,14 @@ REGISTRY := ethyca IMAGE_TAG := $(shell git fetch --force --tags && git describe --tags --dirty --always) -# Various Image Names +# Image Names & Tags IMAGE_NAME := fidesctl IMAGE := $(REGISTRY)/$(IMAGE_NAME):$(IMAGE_TAG) IMAGE_LATEST := $(REGISTRY)/$(IMAGE_NAME):latest # Run in Compose -RUN = docker-compose run --rm $(IMAGE_NAME) -RUN_NO_DEPS = docker-compose run --no-deps --rm $(IMAGE_NAME) +RUN = docker compose run --rm $(IMAGE_NAME) +RUN_NO_DEPS = docker compose run --no-deps --rm $(IMAGE_NAME) .PHONY: help help: @@ -42,27 +42,27 @@ help: .PHONY: init-db init-db: compose-build @echo "Checking for new migrations to run..." - @docker-compose up -d $(IMAGE_NAME) + @docker compose up -d $(IMAGE_NAME) @$(RUN) fidesctl init-db @make teardown .PHONY: reset-db reset-db: compose-build @echo "Reset the database..." - @docker-compose up -d $(IMAGE_NAME) + @docker compose up -d $(IMAGE_NAME) @$(RUN) fidesctl reset-db -y @make teardown .PHONY: api api: compose-build @echo "Spinning up the webserver..." - @docker-compose up $(IMAGE_NAME) + @docker compose up $(IMAGE_NAME) @make teardown .PHONY: cli cli: compose-build @echo "Setting up a local development shell... (press CTRL-D to exit)" - @docker-compose up -d $(IMAGE_NAME) + @docker compose up -d $(IMAGE_NAME) @$(RUN) /bin/bash @make teardown @@ -104,7 +104,7 @@ pylint: compose-build @$(RUN_NO_DEPS) pylint src/ pytest: compose-build - @docker-compose up -d $(IMAGE_NAME) + @docker compose up -d $(IMAGE_NAME) @$(RUN) pytest -x xenon: compose-build @@ -128,22 +128,22 @@ clean: .PHONY: teardown teardown: @echo "Tearing down the dev environment..." - @docker-compose down + @docker compose down @echo "Teardown complete" .PHONY: compose-build compose-build: @echo "Build the images required in the docker-compose file..." - @docker-compose down - @docker-compose build fidesctl + @docker compose down + @docker compose build fidesctl .PHONY: docs-build docs-build: compose-build - @docker-compose run --rm $(IMAGE_NAME) \ + @docker compose run --rm $(IMAGE_NAME) \ python generate_openapi.py ../docs/fides/docs/api/openapi.json .PHONY: docs-serve docs-serve: docs-build - @docker-compose build docs - @docker-compose run --rm --service-ports docs \ + @docker compose build docs + @docker compose run --rm --service-ports docs \ /bin/bash -c "pip install -e /fidesctl && mkdocs serve --dev-addr=0.0.0.0:8000" From ce440cc0eed02af5195e9fd0967f3ed170d030dc Mon Sep 17 00:00:00 2001 From: Thomas La Piana Date: Mon, 6 Dec 2021 17:17:44 -0800 Subject: [PATCH 13/20] move the debugger line --- .github/workflows/pr_checks.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pr_checks.yml b/.github/workflows/pr_checks.yml index 0eada062c5d..e94a194efb9 100644 --- a/.github/workflows/pr_checks.yml +++ b/.github/workflows/pr_checks.yml @@ -50,11 +50,11 @@ jobs: name: ${{ env.CONTAINER }} path: /tmp/ - - run: docker image ls - - name: Load fidesctl image run: docker load --input /tmp/${{ env.CONTAINER }}.tar + - run: docker image ls + - name: Checkout uses: actions/checkout@v2 From 24f90d270931ac1ff6dcdf6fcace246d5e5142b0 Mon Sep 17 00:00:00 2001 From: Thomas La Piana Date: Mon, 6 Dec 2021 17:29:13 -0800 Subject: [PATCH 14/20] enable buildkit explicitly --- .github/workflows/pr_checks.yml | 3 +-- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/pr_checks.yml b/.github/workflows/pr_checks.yml index e94a194efb9..703a40db064 100644 --- a/.github/workflows/pr_checks.yml +++ b/.github/workflows/pr_checks.yml @@ -11,6 +11,7 @@ on: env: CONTAINER: fidesctl-local IMAGE: ethyca/fidesctl:local + DOCKER_BUILDKIT: 1 jobs: Build: @@ -53,8 +54,6 @@ jobs: - name: Load fidesctl image run: docker load --input /tmp/${{ env.CONTAINER }}.tar - - run: docker image ls - - name: Checkout uses: actions/checkout@v2 diff --git a/docker-compose.yml b/docker-compose.yml index 85a43f52f19..f86044af210 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -3,7 +3,7 @@ services: build: context: fidesctl cache_from: - - ethyca/fidesctl:local # If the container already exists, pull from the cache + - ethyca/fidesctl:local # If the image already exists, use the cache command: uvicorn --host 0.0.0.0 --port 8080 --reload fidesapi.main:app healthcheck: test: [ "CMD", "curl", "-f", "http://0.0.0.0:8080/health" ] From 7c34d1f91fa6d8b3be7115fcf8bd70b79e91c07f Mon Sep 17 00:00:00 2001 From: Thomas La Piana Date: Mon, 6 Dec 2021 17:46:37 -0800 Subject: [PATCH 15/20] add another flag to try --- .github/workflows/pr_checks.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/pr_checks.yml b/.github/workflows/pr_checks.yml index 703a40db064..7565e74ae2e 100644 --- a/.github/workflows/pr_checks.yml +++ b/.github/workflows/pr_checks.yml @@ -12,6 +12,7 @@ env: CONTAINER: fidesctl-local IMAGE: ethyca/fidesctl:local DOCKER_BUILDKIT: 1 + COMPOSE_DOCKER_CLI_BUILD: 1 jobs: Build: From 368b890574c179da7bcf52120d246a3396d4a79e Mon Sep 17 00:00:00 2001 From: Thomas La Piana Date: Wed, 8 Dec 2021 11:31:08 -0800 Subject: [PATCH 16/20] try adding the load flag --- .github/workflows/pr_checks.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/pr_checks.yml b/.github/workflows/pr_checks.yml index 7565e74ae2e..543ea66aed4 100644 --- a/.github/workflows/pr_checks.yml +++ b/.github/workflows/pr_checks.yml @@ -32,6 +32,7 @@ jobs: context: ./fidesctl file: ./fidesctl/Dockerfile outputs: type=docker,dest=/tmp/${{ env.CONTAINER }}.tar + load: True push: false tags: ${{ env.IMAGE }} From 03a389e8791035ad2562ebf6fbe8d819cba4a3a9 Mon Sep 17 00:00:00 2001 From: Thomas La Piana Date: Wed, 8 Dec 2021 15:33:14 -0800 Subject: [PATCH 17/20] remove the build step from docker-compose, it expects the ethyca/fidesct:local image to already exist --- Makefile | 41 ++++++++++++++++------------------------- docker-compose.yml | 5 +---- 2 files changed, 17 insertions(+), 29 deletions(-) diff --git a/Makefile b/Makefile index 42459fd6019..266b2d96b42 100644 --- a/Makefile +++ b/Makefile @@ -9,6 +9,7 @@ IMAGE_TAG := $(shell git fetch --force --tags && git describe --tags --dirty --a # Image Names & Tags IMAGE_NAME := fidesctl IMAGE := $(REGISTRY)/$(IMAGE_NAME):$(IMAGE_TAG) +LOCAL_IMAGE := $(REGISTRY)/$(IMAGE_NAME):local IMAGE_LATEST := $(REGISTRY)/$(IMAGE_NAME):latest # Run in Compose @@ -39,28 +40,21 @@ help: # Dev #################### -.PHONY: init-db -init-db: compose-build - @echo "Checking for new migrations to run..." - @docker compose up -d $(IMAGE_NAME) - @$(RUN) fidesctl init-db - @make teardown - .PHONY: reset-db -reset-db: compose-build +reset-db: build-local @echo "Reset the database..." @docker compose up -d $(IMAGE_NAME) @$(RUN) fidesctl reset-db -y @make teardown .PHONY: api -api: compose-build +api: build-local @echo "Spinning up the webserver..." @docker compose up $(IMAGE_NAME) @make teardown .PHONY: cli -cli: compose-build +cli: build-local @echo "Setting up a local development shell... (press CTRL-D to exit)" @docker compose up -d $(IMAGE_NAME) @$(RUN) /bin/bash @@ -73,6 +67,9 @@ cli: compose-build build: docker build --tag $(IMAGE) fidesctl/ +build-local: + docker build --tag $(LOCAL_IMAGE) fidesctl/ + push: build docker tag $(IMAGE) $(IMAGE_LATEST) docker push $(IMAGE) @@ -82,32 +79,32 @@ push: build # CI #################### -black: compose-build +black: build-local @$(RUN_NO_DEPS) black --check src/ # The order of dependent targets here is intentional -check-all: compose-build check-install fidesctl black pylint mypy xenon pytest +check-all: build-local check-install fidesctl black pylint mypy xenon pytest @echo "Running formatter, linter, typechecker and tests..." -check-install: compose-build +check-install: build-local @echo "Checking that fidesctl is installed..." @$(RUN_NO_DEPS) fidesctl .PHONY: fidesctl -fidesctl: compose-build +fidesctl: build-local @$(RUN_NO_DEPS) fidesctl --local evaluate fides_resources/ -mypy: compose-build +mypy: build-local @$(RUN_NO_DEPS) mypy -pylint: compose-build +pylint: build-local @$(RUN_NO_DEPS) pylint src/ -pytest: compose-build +pytest: build-local @docker compose up -d $(IMAGE_NAME) @$(RUN) pytest -x -xenon: compose-build +xenon: build-local @$(RUN_NO_DEPS) xenon src \ --max-absolute B \ --max-modules B \ @@ -131,14 +128,8 @@ teardown: @docker compose down @echo "Teardown complete" -.PHONY: compose-build -compose-build: - @echo "Build the images required in the docker-compose file..." - @docker compose down - @docker compose build fidesctl - .PHONY: docs-build -docs-build: compose-build +docs-build: build-local @docker compose run --rm $(IMAGE_NAME) \ python generate_openapi.py ../docs/fides/docs/api/openapi.json diff --git a/docker-compose.yml b/docker-compose.yml index f86044af210..1683dd00405 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,9 +1,6 @@ services: fidesctl: - build: - context: fidesctl - cache_from: - - ethyca/fidesctl:local # If the image already exists, use the cache + image: ethyca/fidesctl:local command: uvicorn --host 0.0.0.0 --port 8080 --reload fidesapi.main:app healthcheck: test: [ "CMD", "curl", "-f", "http://0.0.0.0:8080/health" ] From 6aafbad6bfb9e37999ec23ae0afcb6b6e4d4a02e Mon Sep 17 00:00:00 2001 From: Thomas La Piana Date: Wed, 8 Dec 2021 15:39:57 -0800 Subject: [PATCH 18/20] remove the build step from the individual makefile commands --- Makefile | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/Makefile b/Makefile index 266b2d96b42..78c4f928bc9 100644 --- a/Makefile +++ b/Makefile @@ -79,32 +79,32 @@ push: build # CI #################### -black: build-local +black: @$(RUN_NO_DEPS) black --check src/ # The order of dependent targets here is intentional check-all: build-local check-install fidesctl black pylint mypy xenon pytest @echo "Running formatter, linter, typechecker and tests..." -check-install: build-local +check-install: @echo "Checking that fidesctl is installed..." @$(RUN_NO_DEPS) fidesctl .PHONY: fidesctl -fidesctl: build-local +fidesctl: @$(RUN_NO_DEPS) fidesctl --local evaluate fides_resources/ -mypy: build-local +mypy: @$(RUN_NO_DEPS) mypy -pylint: build-local +pylint: @$(RUN_NO_DEPS) pylint src/ -pytest: build-local +pytest: @docker compose up -d $(IMAGE_NAME) @$(RUN) pytest -x -xenon: build-local +xenon: @$(RUN_NO_DEPS) xenon src \ --max-absolute B \ --max-modules B \ From 77bd46d1575a63b14604b32b91ab925df02806a6 Mon Sep 17 00:00:00 2001 From: Thomas La Piana Date: Wed, 8 Dec 2021 15:54:14 -0800 Subject: [PATCH 19/20] added a docker build step to the pre-commit checks --- .pre-commit-config.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 04c8c644d4c..b7643ad5af9 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -3,6 +3,13 @@ minimum_pre_commit_version: "2" repos: - repo: local hooks: + - id: docker + name: docker + entry: make build-local + files: "^fidesctl/" + types_or: [file, python] + language: system + - id: black name: black entry: make black From 98169e72b7ab3aa7421f386f4e16fe6719741747 Mon Sep 17 00:00:00 2001 From: Thomas La Piana Date: Fri, 10 Dec 2021 09:14:34 -0800 Subject: [PATCH 20/20] make suggested changes --- .github/workflows/pr_checks.yml | 7 ++----- Makefile | 4 ++-- 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/.github/workflows/pr_checks.yml b/.github/workflows/pr_checks.yml index 543ea66aed4..b85ee058e2e 100644 --- a/.github/workflows/pr_checks.yml +++ b/.github/workflows/pr_checks.yml @@ -6,13 +6,11 @@ on: - main paths: - fidesctl/** - - .github/workflows/test.yaml + - .github/workflows/pr_checks.yaml env: CONTAINER: fidesctl-local IMAGE: ethyca/fidesctl:local - DOCKER_BUILDKIT: 1 - COMPOSE_DOCKER_CLI_BUILD: 1 jobs: Build: @@ -32,7 +30,6 @@ jobs: context: ./fidesctl file: ./fidesctl/Dockerfile outputs: type=docker,dest=/tmp/${{ env.CONTAINER }}.tar - load: True push: false tags: ${{ env.IMAGE }} @@ -41,7 +38,7 @@ jobs: with: name: ${{ env.CONTAINER }} path: /tmp/${{ env.CONTAINER }}.tar - retention-days: 7 + retention-days: 1 Fidesctl: needs: Build diff --git a/Makefile b/Makefile index 78c4f928bc9..d51bc4726b1 100644 --- a/Makefile +++ b/Makefile @@ -9,7 +9,7 @@ IMAGE_TAG := $(shell git fetch --force --tags && git describe --tags --dirty --a # Image Names & Tags IMAGE_NAME := fidesctl IMAGE := $(REGISTRY)/$(IMAGE_NAME):$(IMAGE_TAG) -LOCAL_IMAGE := $(REGISTRY)/$(IMAGE_NAME):local +IMAGE_LOCAL := $(REGISTRY)/$(IMAGE_NAME):local IMAGE_LATEST := $(REGISTRY)/$(IMAGE_NAME):latest # Run in Compose @@ -68,7 +68,7 @@ build: docker build --tag $(IMAGE) fidesctl/ build-local: - docker build --tag $(LOCAL_IMAGE) fidesctl/ + docker build --tag $(IMAGE_LOCAL) fidesctl/ push: build docker tag $(IMAGE) $(IMAGE_LATEST)