feat: release a docker image for the provisioner (#3123)

This is an image configured to use cloudformation for provisioning postgres databases. Though it should not be used in production yet, we are releasing it here to make testing easier in dev environment
block · Oct 15, 2024 · ba3e76d · ba3e76d
1 parent 097415d
commit ba3e76d
Show file tree

Hide file tree

Showing 4 changed files with 92 additions and 0 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -225,6 +225,15 @@ jobs:
       - uses: cashapp/[email protected]
       - uses: ./.github/actions/build-cache
       - run: just build-docker controller
+  docker-build-provisioner:
+    name: Build Provisioner Docker Image
+    # if: github.event_name != 'pull_request' || github.event.action == 'enqueued' || contains( github.event.pull_request.labels.*.name, 'run-all')
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: cashapp/[email protected]
+      - uses: ./.github/actions/build-cache
+      - run: just build-docker provisioner
   docker-build-runner:
     name: Build Runner Docker Image
     # if: github.event_name != 'pull_request' || github.event.action == 'enqueued' || contains( github.event.pull_request.labels.*.name, 'run-all')

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -42,6 +42,25 @@ jobs:
           name: docker-controller-artifact
           path: artifacts/ftl-controller
           retention-days: 1
+  build-provisioner:
+    name: Build Provisioner Docker Image
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      - name: Init Hermit
+        uses: cashapp/[email protected]
+      - name: Build
+        run: |
+          just build-docker provisioner
+          mkdir -p artifacts/ftl-provisioner
+          docker save -o artifacts/ftl-provisioner/ftl-provisioner.tar ftl0/ftl-provisioner:latest
+      - name: Temporarily save Docker image
+        uses: actions/upload-artifact@v4
+        with:
+          name: docker-provisioner-artifact
+          path: artifacts/ftl-provisioner
+          retention-days: 1
   build-box:
     name: Build FTL-in-a-box Docker Image
     runs-on: ubuntu-latest
@@ -85,6 +104,11 @@ jobs:
         with:
           name: docker-controller-artifact
           path: artifacts/ftl-controller
+      - name: Retrieve Provisioner Docker image
+        uses: actions/download-artifact@v4
+        with:
+          name: docker-provisioner-artifact
+          path: artifacts/ftl-provisioner
       - name: Retrieve FTL-in-a-box Docker image
         uses: actions/download-artifact@v4
         with:
@@ -94,6 +118,8 @@ jobs:
         run: docker load -i artifacts/ftl-runner/ftl-runner.tar
       - name: Load Controller Docker image
         run: docker load -i artifacts/ftl-controller/ftl-controller.tar
+      - name: Load Provisioner Docker image
+        run: docker load -i artifacts/ftl-provisioner/ftl-provisioner.tar
       - name: Load FTL-in-a-box Docker image
         run: docker load -i artifacts/ftl-box/ftl-box.tar
       - name: Log in to the Container registry
@@ -110,6 +136,9 @@ jobs:
           docker tag ftl0/ftl-controller:latest ftl0/ftl-controller:"$GITHUB_SHA"
           docker tag ftl0/ftl-controller:latest ftl0/ftl-controller:"$version"
           docker push -a ftl0/ftl-controller
+          docker tag ftl0/ftl-provisioner:latest ftl0/ftl-provisioner:"$GITHUB_SHA"
+          docker tag ftl0/ftl-provisioner:latest ftl0/ftl-provisioner:"$version"
+          docker push -a ftl0/ftl-provisioner
           docker tag ftl0/ftl-box:latest ftl0/ftl-box:"$GITHUB_SHA"
           docker tag ftl0/ftl-box:latest ftl0/ftl-box:"$version"
           docker push -a ftl0/ftl-box

diff --git a/Dockerfile.provisioner b/Dockerfile.provisioner
@@ -0,0 +1,50 @@
+FROM ubuntu:24.04 AS builder
+RUN apt-get update
+RUN apt-get install -y curl git zip
+
+# Copy Hermit bin stubs and install all packages. This is done
+# separately so that Docker will cache the tools correctly.
+COPY ./bin /src/bin
+ENV PATH="/src/bin:$PATH"
+WORKDIR /src
+
+# Seed some of the most common tools - this will be cached
+RUN go version
+RUN node --version
+
+# Download Go dependencies separately so Docker will cache them
+COPY go.mod go.sum ./
+RUN go mod download -x
+
+# Download PNPM dependencies separately so Docker will cache them
+COPY frontend/console/package.json ./frontend/console/
+COPY frontend/vscode/package.json ./frontend/vscode/
+COPY pnpm-workspace.yaml pnpm-lock.yaml ./
+RUN pnpm install --frozen-lockfile
+
+# Build
+COPY . /src/
+RUN just errtrace
+# Reset timestamps so that the build state is reset
+RUN git ls-files -z | xargs -0 touch -r go.mod
+RUN just build ftl-provisioner ftl-provisioner-cloudformation
+
+# Finally create the runtime image.
+FROM scratch
+
+COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
+
+WORKDIR /plugins/
+COPY ftl-provisioner-config.toml .
+COPY --from=builder /src/build/release/ftl-provisioner-cloudformation .
+
+WORKDIR /service/
+COPY --from=builder /src/build/release/ftl-provisioner .
+
+EXPOSE 8893
+
+ENV PATH="$PATH:/plugins/"
+ENV FTL_PROVISIONER_BIND="http://0.0.0.0:8893"
+ENV FTL_PROVISIONER_PLUGIN_CONFIG_FILE="/plugins/config.toml"
+
+CMD ["/service/ftl-provisioner"]
diff --git a/ftl-provisioner-config.toml b/ftl-provisioner-config.toml
@@ -0,0 +1,4 @@
+plugins = [
+    { id = "cloudformation", resources = ["postgres"] },
+    { id = "controller", resources = ["module"] },
+]