diff --git a/.github/workflows/uffizzi-build.yml b/.github/workflows/uffizzi-build.yml new file mode 100644 index 0000000000..8d384a7470 --- /dev/null +++ b/.github/workflows/uffizzi-build.yml @@ -0,0 +1,95 @@ +name: Build PR Image +on: + pull_request: + types: [opened,synchronize,reopened,closed] + +jobs: + + build-application: + name: Build and Push `application` + runs-on: ubuntu-latest + if: ${{ github.event_name != 'pull_request' || github.event.action != 'closed' }} + outputs: + tags: ${{ steps.meta.outputs.tags }} + steps: + - name: Checkout git repo + uses: actions/checkout@v3 + with: + submodules: recursive + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + - name: Generate UUID image name + id: uuid + run: echo "UUID_TAG_APP=$(uuidgen)" >> $GITHUB_ENV + - name: Docker metadata + id: meta + uses: docker/metadata-action@v3 + with: + images: registry.uffizzi.com/${{ env.UUID_TAG_APP }} + tags: type=raw,value=60d + - name: Build and Push Image to registry.uffizzi.com ephemeral registry + uses: docker/build-push-action@v2 + with: + push: true + context: ./ + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + file: ./uffizzi/Dockerfile + cache-from: type=gha + cache-to: type=gha,mode=max + + render-compose-file: + name: Render Docker Compose File + # Pass output of this workflow to another triggered by `workflow_run` event. + runs-on: ubuntu-latest + outputs: + compose-file-cache-key: ${{ steps.hash.outputs.hash }} + needs: + - build-application + steps: + - name: Checkout git repo + uses: actions/checkout@v3 + - name: Render Compose File + run: | + export UFFIZZI_URL=\$UFFIZZI_URL + APP_IMAGE=$(echo ${{ needs.build-application.outputs.tags }}) + export APP_IMAGE + # Render simple template from environment variables. + envsubst < ./uffizzi/docker-compose.uffizzi.yml > docker-compose.rendered.yml + cat docker-compose.rendered.yml + - name: Upload Rendered Compose File as Artifact + uses: actions/upload-artifact@v3 + with: + name: preview-spec + path: docker-compose.rendered.yml + retention-days: 2 + - name: Serialize PR Event to File + run: | + cat << EOF > event.json + ${{ toJSON(github.event) }} + + EOF + - name: Upload PR Event as Artifact + uses: actions/upload-artifact@v3 + with: + name: preview-spec + path: event.json + retention-days: 2 + + delete-preview: + name: Call for Preview Deletion + runs-on: ubuntu-latest + if: ${{ github.event.action == 'closed' }} + steps: + # If this PR is closing, we will not render a compose file nor pass it to the next workflow. + - name: Serialize PR Event to File + run: | + cat << EOF > event.json + ${{ toJSON(github.event) }} + EOF + - name: Upload PR Event as Artifact + uses: actions/upload-artifact@v3 + with: + name: preview-spec + path: event.json + retention-days: 2 \ No newline at end of file diff --git a/.github/workflows/uffizzi-preview.yml b/.github/workflows/uffizzi-preview.yml new file mode 100644 index 0000000000..144c1e0bb6 --- /dev/null +++ b/.github/workflows/uffizzi-preview.yml @@ -0,0 +1,84 @@ +name: Deploy Uffizzi Preview + +on: + workflow_run: + workflows: + - "Build PR Image" + types: + - completed + + +jobs: + cache-compose-file: + name: Cache Compose File + runs-on: ubuntu-latest + outputs: + compose-file-cache-key: ${{ env.COMPOSE_FILE_HASH }} + pr-number: ${{ env.PR_NUMBER }} + steps: + - name: 'Download artifacts' + # Fetch output (zip archive) from the workflow run that triggered this workflow. + uses: actions/github-script@v6 + with: + script: | + let allArtifacts = await github.rest.actions.listWorkflowRunArtifacts({ + owner: context.repo.owner, + repo: context.repo.repo, + run_id: context.payload.workflow_run.id, + }); + let matchArtifact = allArtifacts.data.artifacts.filter((artifact) => { + return artifact.name == "preview-spec" + })[0]; + let download = await github.rest.actions.downloadArtifact({ + owner: context.repo.owner, + repo: context.repo.repo, + artifact_id: matchArtifact.id, + archive_format: 'zip', + }); + let fs = require('fs'); + fs.writeFileSync(`${process.env.GITHUB_WORKSPACE}/preview-spec.zip`, Buffer.from(download.data)); + - name: 'Unzip artifact' + run: unzip preview-spec.zip + - name: Read Event into ENV + run: | + echo 'EVENT_JSON<> $GITHUB_ENV + cat event.json >> $GITHUB_ENV + echo 'EOF' >> $GITHUB_ENV + - name: Hash Rendered Compose File + id: hash + # If the previous workflow was triggered by a PR close event, we will not have a compose file artifact. + if: ${{ fromJSON(env.EVENT_JSON).action != 'closed' }} + run: echo "COMPOSE_FILE_HASH=$(md5sum docker-compose.rendered.yml | awk '{ print $1 }')" >> $GITHUB_ENV + - name: Cache Rendered Compose File + if: ${{ fromJSON(env.EVENT_JSON).action != 'closed' }} + uses: actions/cache@v3 + with: + path: docker-compose.rendered.yml + key: ${{ env.COMPOSE_FILE_HASH }} + + - name: Read PR Number From Event Object + id: pr + run: echo "PR_NUMBER=${{ fromJSON(env.EVENT_JSON).number }}" >> $GITHUB_ENV + + - name: DEBUG - Print Job Outputs + if: ${{ runner.debug }} + run: | + echo "PR number: ${{ env.PR_NUMBER }}" + echo "Compose file hash: ${{ env.COMPOSE_FILE_HASH }}" + cat event.json + deploy-uffizzi-preview: + name: Use Remote Workflow to Preview on Uffizzi + needs: + - cache-compose-file + uses: UffizziCloud/preview-action/.github/workflows/reusable.yaml@v2 + with: + # If this workflow was triggered by a PR close event, cache-key will be an empty string + # and this reusable workflow will delete the preview deployment. + compose-file-cache-key: ${{ needs.cache-compose-file.outputs.compose-file-cache-key }} + compose-file-cache-path: docker-compose.rendered.yml + server: https://app.uffizzi.com + pr-number: ${{ needs.cache-compose-file.outputs.pr-number }} + permissions: + contents: read + pull-requests: write + id-token: write \ No newline at end of file diff --git a/uffizzi/Dockerfile b/uffizzi/Dockerfile new file mode 100644 index 0000000000..90fc62dc35 --- /dev/null +++ b/uffizzi/Dockerfile @@ -0,0 +1,25 @@ +FROM python:3 + +WORKDIR /app + +COPY . . + +RUN apt update + +RUN curl -fsSL https://deb.nodesource.com/setup_16.x | bash - && apt-get install -y nodejs + + +RUN pip install -e /app + + +ENTRYPOINT [ "jupyter"] + +CMD [\ + "notebook", \ + "--allow-root", \ + "--NotebookApp.allow_origin=*", \ + "--NotebookApp.allow_remote_access=1", \ + "--ip='*'", \ + "--NotebookApp.token=''", \ + "--NotebookApp.password=''"\ + ] \ No newline at end of file diff --git a/uffizzi/docker-compose.uffizzi.yml b/uffizzi/docker-compose.uffizzi.yml new file mode 100644 index 0000000000..82844f1ee9 --- /dev/null +++ b/uffizzi/docker-compose.uffizzi.yml @@ -0,0 +1,27 @@ +version: '3.7' + +x-uffizzi: + ingress: + service: nginx + port: 10000 + +services: + + notebook: + image: "${APP_IMAGE}" + deploy: + resources: + limits: + memory: 2000m + + nginx: + image: nginx:alpine + restart: unless-stopped + ports: + - "10000:10000" + volumes: + - ./uffizzi/nginx:/etc/nginx + deploy: + resources: + limits: + memory: 500m \ No newline at end of file diff --git a/uffizzi/nginx/nginx.conf b/uffizzi/nginx/nginx.conf new file mode 100644 index 0000000000..b468af71c0 --- /dev/null +++ b/uffizzi/nginx/nginx.conf @@ -0,0 +1,22 @@ + +events { + worker_connections 1024; +} + +http { + + server { + listen 10000; + + location / { + proxy_pass http://localhost:8888; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection 'upgrade'; + proxy_set_header Host $host; + proxy_cache_bypass $http_upgrade; + } + + } +} +