Closed denizgenc closed 4 years ago
The 2 commits above move the amazonlinux2
Dockerfile (and the related install_terraform.sh
script) to its own amazonlinux2
Dockerfile.
It's important to note that, as of the above changes, the pipeline still uploads the image to the amazonlinux2
tag of gdscyber/cyber-security-concourse-base-image
on Docker Hub.
I highlight this because it might be desired to upload this to its own repository, like we do with all of the other images defined in the pipeline.yml
. Comments and suggestions are appreciated.
Summary
This PR represents a new base image that has Python 3.8 only (therefore it would break existing pipelines). It is based on the
amazonlinux:2
Docker image, and creates a new task in the pipeline to build based on theamazonlinux2
branch (the one this PR is originating from).Notes
This is part of the work to migrate the Cyber Security API to Lambda + ALB using Terraform, as seen in this issue: alphagov/cyber-security-api/issues/60 and this PR: alphagov/cyber-security-api/pull/61
In our particular use case, the building and testing of the application was made far simpler by using Amazon Linux based images. Deployment using Terraform didn't really change that much.
I have opened a draft PR because the Dockerfile shouldn't be merged as is. The
pipeline.yml
configuration actually points at theamazonlinux2
branch in this repo, so merging this to master will not only break pipelines that rely on Python 3.7 and/or Ubuntu behaviour, but it would break the build of thisamazonlinux2
tag of the image, since the branch would be deleted.This draft PR therefore exists to create discussion on how to handle this additional tag. Do we just create a new subdirectory in the repo root and build off that? I'm not too sure.
Please also note the fact that we've moved the installation of Terraform from the Dockerfile to an external shell script. This was required to actually get the Dockerfile to build, as the
RUN
commands for the Terraform installation would not complete. Regardless I think it's a good change that should be added to the Ubuntu build as well, as it improves readability.