diff --git a/.circleci/config.yml b/.circleci/config.yml new file mode 100644 index 00000000..366da01e --- /dev/null +++ b/.circleci/config.yml @@ -0,0 +1,67 @@ +version: 2.1 + +job-defaults: &job-defaults + working_directory: &working_directory + ~/app + environment: + AWS_PROFILE: dev/vault + AWS_DEFAULT_REGION: us-west-2 + AWS_REGION: us-west-2 + AWS_ACCOUNT_ID: "883127560329" + +machine-setup: &machine-setup + machine: + image: ubuntu-2204:2023.07.2 + docker_layer_caching: true + +persist-workspace: &persist-workspace + persist_to_workspace: + root: . + paths: + - "*" + +attach-workspace: &attach-workspace + attach_workspace: + at: *working_directory + +jobs: + build: + <<: *machine-setup + <<: *job-defaults + steps: + - checkout + - run: APP_VERSION=${CIRCLE_TAG:-$CIRCLE_SHA1} docker-compose build httpbin + - <<: *persist-workspace + +# TODO: Here should be some test as well to verify that container is actually starting in the image and can respond to basic commands + + deploy-image: + <<: *machine-setup + <<: *job-defaults + steps: + - <<: *attach-workspace + - run: | + ./ops/docker-login.sh + docker-compose push httpbin + +workflows: + build-test-and-deploy: + jobs: + - build: + context: + - circleci + filters: + tags: + only: /.*/ + branches: + only: /.*/ + - deploy-image: + context: + - circleci + requires: + - build + filters: + tags: + only: /^\d+\.\d+\.\d+(?:-\w+){0,1}$/ + branches: + ignore: /.*/ diff --git a/.gitignore b/.gitignore index eac3867b..1911764c 100644 --- a/.gitignore +++ b/.gitignore @@ -9,3 +9,4 @@ dist/ *.egg-info *.swp .vscode/ +.idea diff --git a/docker-compose.yml b/docker-compose.yml index a7765f7b..77e5877c 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,6 +1,11 @@ -version: '2' +version: '3' + services: - httpbin: - build: '.' - ports: - - '80:80' \ No newline at end of file + + httpbin: + image: quay.io/verygoodsecurity/httpbin:${APP_VERSION:-latest} + build: + context: . + dockerfile: vgs.dockerfile + ports: + - '8000:8000' diff --git a/httpbin/helpers.py b/httpbin/helpers.py index b29e1835..716fe30f 100644 --- a/httpbin/helpers.py +++ b/httpbin/helpers.py @@ -218,9 +218,9 @@ def status_code(code): 307: redirect, 401: dict(headers={'WWW-Authenticate': 'Basic realm="Fake Realm"'}), 402: dict( - data='Fuck you, pay me!', + data='Client must make a payment to access the requested resource.', headers={ - 'x-more-info': 'http://vimeo.com/22053820' + 'x-more-info': 'https://www.rfc-editor.org/rfc/rfc9110.html#section-15.5.3' } ), 406: dict(data=json.dumps({ diff --git a/ops/docker-login.sh b/ops/docker-login.sh new file mode 100755 index 00000000..4e6543ff --- /dev/null +++ b/ops/docker-login.sh @@ -0,0 +1,3 @@ +#!/usr/bin/env bash + +docker login quay.io --username "$QUAY_DOCKER_LOGIN" --password "$QUAY_DOCKER_LOGIN_PASSWORD" diff --git a/requirements.txt b/requirements.txt new file mode 100644 index 00000000..4980401e --- /dev/null +++ b/requirements.txt @@ -0,0 +1,27 @@ +attrs==20.1.0 +blinker==1.4 +brotlipy==0.7.0 +cffi==1.14.2 +click==7.1.2 +decorator==4.4.2 +flasgger==0.9.5 +Flask==1.1.2 +gevent==21.12.0 +greenlet==1.1.3 +gunicorn==20.0.4 +itsdangerous==1.1.0 +Jinja2==2.11.2 +jsonschema==3.2.0 +MarkupSafe==1.1.1 +mistune==0.8.4 +pip==20.2.2 +pycparser==2.20 +pyrsistent==0.16.0 +PyYAML==5.3.1 +raven==6.10.0 +setuptools==49.3.1 +six==1.15.0 +Werkzeug==1.0.1 +wheel==0.34.2 +zope.event==4.4 +zope.interface==5.1.0 diff --git a/vgs.dockerfile b/vgs.dockerfile new file mode 100644 index 00000000..69742569 --- /dev/null +++ b/vgs.dockerfile @@ -0,0 +1,17 @@ +FROM python:3.8-alpine + +RUN apk --update add --no-cache \ + gcc \ + python3-dev \ + build-base \ + libffi-dev \ + musl-dev \ + git + +COPY . /httpbin/ +WORKDIR /httpbin +RUN pip install -r requirements.txt + +EXPOSE 8000 + +CMD ["gunicorn", "-b", "0.0.0.0:8000", "-w", "4", "-k", "gevent", "httpbin:app"]