Publish Python Package via GitHub Actions to AWS CodeArtifact - github-actions

I have a hard time to publish a package to AWS CodeArtifact. Problem is the authentification.
First I tried to execute the login via the aws cli but due to the lack of the .pypirc file containing the repository settings that didn't work out. Now I tried to store the token and feed it into the --repository-url but in both cases I end up that the process wants a username anyway.
Stacktrace:
File "/opt/hostedtoolcache/Python/3.9.1/x64/bin/twine", line 8, in <module>
sys.exit(main())
File "/opt/hostedtoolcache/Python/3.9.1/x64/lib/python3.9/site-packages/twine/__main__.py", line 28, in main
result = cli.dispatch(sys.argv[1:])
File "/opt/hostedtoolcache/Python/3.9.1/x64/lib/python3.9/site-packages/twine/cli.py", line 82, in dispatch
return main(args.args)
File "/opt/hostedtoolcache/Python/3.9.1/x64/lib/python3.9/site-packages/twine/commands/upload.py", line 154, in main
return upload(upload_settings, parsed_args.dists)
File "/opt/hostedtoolcache/Python/3.9.1/x64/lib/python3.9/site-packages/twine/commands/upload.py", line 91, in upload
repository = upload_settings.create_repository()
File "/opt/hostedtoolcache/Python/3.9.1/x64/lib/python3.9/site-packages/twine/settings.py", line 345, in create_repository
self.username,
File "/opt/hostedtoolcache/Python/3.9.1/x64/lib/python3.9/site-packages/twine/settings.py", line 146, in username
return cast(Optional[str], self.auth.username)
File "/opt/hostedtoolcache/Python/3.9.1/x64/lib/python3.9/site-packages/twine/auth.py", line 35, in username
return utils.get_userpass_value(
File "/opt/hostedtoolcache/Python/3.9.1/x64/lib/python3.9/site-packages/twine/utils.py", line 241, in get_userpass_value
return prompt_strategy()
File "/opt/hostedtoolcache/Python/3.9.1/x64/lib/python3.9/site-packages/twine/auth.py", line 81, in username_from_keyring_or_prompt
return self.prompt("username", input)
File "/opt/hostedtoolcache/Python/3.9.1/x64/lib/python3.9/site-packages/twine/auth.py", line 92, in prompt
return how(f"Enter your {what}: ")
EOFError: EOF when reading a line
Enter your username:
Error: Process completed with exit code 1.
Partial github-action.yml:
steps:
- uses: actions/checkout#v2
- name: Set up Python
uses: actions/setup-python#v2
with:
python-version: '3.x'
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install setuptools wheel twine
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials#v1
with:
aws-access-key-id: ${{ secrets.AWS_CA_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_CA_SECRET_ACCESS_KEY }}
aws-region: eu-central-1
- name: Build and publish
run: |
token=$(aws codeartifact get-authorization-token --domain foobar --domain-owner 123456678901 --query authorizationToken --output text)
python setup.py sdist bdist_wheel
twine upload --repository-url https://aws:$token#foobar-123456678901.d.codeartifact.eu-central-1.amazonaws.com/pypi/my-repo/simple dist/*


You need to pass to twine the correct authentication values, try with the following:
twine upload --repository-url https://foobar-123456678901.d.codeartifact.eu-central-1.amazonaws.com/pypi/my-repo/simple --username aws --password $token dist/*
see: https://twine.readthedocs.io/en/latest/#commands


The AWS CLI lets you configure credentials for twine so you don't have to pass them explicitly.
- name: Build and publish
run: |
aws codeartifact login --tool twine --domain foobar --repository my-repo
python setup.py sdist bdist_wheel
twine upload --repository codeartifact dist/*
Links:
https://docs.aws.amazon.com/codeartifact/latest/ug/python-configure.html
https://docs.aws.amazon.com/codeartifact/latest/ug/python-run-twine.html

Related

Git Hub Actions Error - fatal: not a git repository (or any of the parent directories): .git

I am new to GitHub Actions and I am just trying to use the 'Test Reporter' action in my workflow.
These are my steps:
- name: Test
env:
SERVER_PATH: ${{ github.workspace }}/drop/${{ env.PATH}}
run: mvn --batch-mode -Dmaven.test.failure.ignore=true test --file ${{ env.PATH }}/pom.xml
- name: Test Report
env:
SERVER_PATH: ${{ github.workspace }}/drop/${{ env.PATH}}
uses: dorny/test-reporter#v1
if: always()
with:
name: Maven Tests
path: target/surefire-reports/*.xml
reporter: java-junit
fail-on-error: true`
The test step works as expected, I am only getting an error in the test report step.
Error:
Check runs will be created with
SHA=589c5f9c5b663f851f3f9bd49fbc66a00634183c
Listing all files tracked by git
/usr/bin/git ls-files -z
fatal: not a git repository (or any of the parent directories): .git
Error: Error: The process '/usr/bin/git' failed with exit code 128
Please help!
Update: Feb 6, 2023:
Test Report
Run dorny/test-reporter#v1
with:
name: Maven Tests
path: target/surefire-reports/*.xml
reporter: java-junit
fail-on-error: true
path-replace-backslashes: false
list-suites: all
list-tests: all
max-annotations: 10
only-summary: false
token: ***
env:
APPCONFIGRGP: appconfig
APPCONFIGSKU: Standard
BACKENDPATH: MyApp
JAVA_HOME_8.0.362_x64: /home/azureuser/actions-runner/_work/_tool/jdk/8.0.362/x64
JAVA_HOME: /home/azureuser/actions-runner/_work/_tool/jdk/8.0.362/x64
JAVA_HOME_8_0_362_X64: /home/azureuser/actions-runner/_work/_tool/jdk/8.0.362/x64
SERVER_PATH: /home/azureuser/actions-runner/_work/App/App/temp/App
Check runs will be created with SHA=05410264d739b3ccb57fe740d230cd4b428ef605
Listing all files tracked by git
/usr/bin/git ls-files -z
fatal: not a git repository (or any of the parent directories): .git
Error: Error: The process '/usr/bin/git' failed with exit code 128

"Can't connect to MySQL server" While trying to connect MYSQL database to Django-REST in Docker

My configuration is as follows:
I am running a Django-REST backend, with a MySQL database. I am trying to run the Django backend in its own Docker container, as well as running a MySQL database in its own Django container. It seems that Django is not able to connect to the MySQL database when my containers are running.
Database settings in Django:
DATABASES = {
"default": {
"ENGINE": os.environ.get("SQL_ENGINE", "django.db.backends.sqlite3"),
"NAME": os.environ.get("SQL_DATABASE", BASE_DIR / "db.sqlite3"),
"USER": os.environ.get("SQL_USER", "user"),
"PASSWORD": os.environ.get("SQL_PASSWORD", "password"),
"HOST": os.environ.get("SQL_HOST", "localhost"),
"PORT": os.environ.get("SQL_PORT", "5432"),
}
}
Dockerfile:
FROM python:3.10.2-slim-buster
ENV PYTHONUNBUFFERED 1
RUN mkdir /code
WORKDIR /code
RUN apt update \
&& apt install -y --no-install-recommends python3-dev \
default-libmysqlclient-dev build-essential default-mysql-client \
&& apt autoclean
RUN pip install --no-cache-dir --upgrade pip
COPY ./requirements.txt /code/
RUN pip install --no-cache-dir -r requirements.txt
COPY ./neura-dbms-backend /code/
EXPOSE 7000
Requirements.txt:
Django
djangorestframework
django-cors-headers
requests
boto3
django-storages
pytest
mysqlclient==2.1.1
django-use-email-as-username
djangorestframework-simplejwt
gunicorn
docker-compose.yml:
version: "3.8"
services:
neura-dbms-backend:
build:
context: ./DBMS/neura-dbms-backend
command: [sh, -c, "python manage.py runserver 0.0.0.0:7000"]
image: neura-dbms-backend
container_name: neura-dbms-backend
volumes:
- ./DBMS/neura-dbms-backend/neura-dbms-backend:/code
ports:
- 7000:7000
networks:
- docker-network
environment:
- DEBUG=1
- SECRET_KEY=${SECRET_KEY_DBMS}
- DJANGO_ALLOWED_HOSTS=${DJANGO_ALLOWED_HOSTS}
- DJANGO_ALLOWED_ORIGINS=${DJANGO_ALLOWED_ORIGINS}
- JWT_KEY=${JWT_KEY}
- SQL_ENGINE=django.db.backends.mysql
- SQL_DATABASE=db_neura_dbms
- SQL_USER=neura_dbms_user
- SQL_PASSWORD=super_secure_password
- SQL_HOST=db_neura_dbms
- SQL_PORT=5432
depends_on:
- "db_neura_dbms"
db_neura_dbms:
image: mysql:latest
volumes:
- mysql_data_db_neura_dbms:/var/lib/mysql/
environment:
- MYSQL_DATABASE=db_neura_dbms
- MYSQL_USER=neura_dbms_user
- MYSQL_PASSWORD=super_secure_password
- MYSQL_ROOT_PASSWORD=super_secure_password
networks:
- docker-network
networks:
docker-network:
driver: bridge
volumes:
mysql_data_db_neura_dbms:
I am able to build images for Django and the Database, but when I try to run the containers, I get the following error from the Django container:
neura-dbms-backend | System check identified no issues (0 silenced).
neura-dbms-backend | Exception in thread django-main-thread:
neura-dbms-backend | Traceback (most recent call last):
neura-dbms-backend | File "/usr/local/lib/python3.10/site-packages/django/db/backends/base/base.py", line 282, in ensure_connection
neura-dbms-backend | self.connect()
neura-dbms-backend | File "/usr/local/lib/python3.10/site-packages/django/utils/asyncio.py", line 26, in inner
neura-dbms-backend | return func(*args, **kwargs)
neura-dbms-backend | File "/usr/local/lib/python3.10/site-packages/django/db/backends/base/base.py", line 263, in connect
neura-dbms-backend | self.connection = self.get_new_connection(conn_params)
neura-dbms-backend | File "/usr/local/lib/python3.10/site-packages/django/utils/asyncio.py", line 26, in inner
neura-dbms-backend | return func(*args, **kwargs)
neura-dbms-backend | File "/usr/local/lib/python3.10/site-packages/django/db/backends/mysql/base.py", line 247, in get_new_connection
neura-dbms-backend | connection = Database.connect(**conn_params)
neura-dbms-backend | File "/usr/local/lib/python3.10/site-packages/MySQLdb/__init__.py", line 123, in Connect
neura-dbms-backend | return Connection(*args, **kwargs)
neura-dbms-backend | File "/usr/local/lib/python3.10/site-packages/MySQLdb/connections.py", line 185, in __init__
neura-dbms-backend | super().__init__(*args, **kwargs2)
neura-dbms-backend | MySQLdb.OperationalError: (2002, "Can't connect to MySQL server on 'db_neura_dbms' (115)")
What am I missing? Thanks!

So I added a script so that Django waits for the mysql database to be ready before it connects:
#!/bin/bash
if [ "$SQL_HOST" = "db" ]
then
echo "Waiting for mysql..."
while !</dev/tcp/$SQL_HOST/$SQL_PORT; do sleep 1; done;
echo "MySQL started"
fi
# python manage.py migrate
exec "$#"
When I first run the Docker containers, it seems that MySQL runs through some sort of setup, Django then tries to connect and fails.
If I then kill the containers, and run them again, the MySQL setup is finished, and Django is able to connect to the database. I wonder if there is a way for Django to wait for this setup to be finished as well?

depends_on only waits till the database container is started, but in this case, after the container is started it still takes some time for mysql to make the system ready for connection.
what you can do is create a command file (This is for postgres, you can make one for yours, you will need to add raised mysql exception instead of Psycopg2Error )
import time
from psycopg2 import OperationalError as Psycopg2Error
from django.db.utils import OperationalError
from django.core.management.base import BaseCommand
class Command(BaseCommand):
"""
Django command to wait for database
"""
def handle(self, *args, **options):
"""
Command entrypoint
"""
self.stdout.write("Checking database availability\n")
db_up = False
seconds_cnt = 0
while not db_up:
try:
self.check(databases=['default'])
db_up = True
self.stdout.write(
self.style.WARNING(
"Available within {} seconds".format(seconds_cnt)))
self.stdout.write(self.style.SUCCESS("Database available!"))
except(Psycopg2Error, OperationalError):
seconds_cnt += 1
self.stdout.write(
self.style.WARNING(
"Database unavailable waiting... {} seconds"
.format(seconds_cnt)))
time.sleep(1)
Your command can be updated with,
command: >
sh -c "python manage.py wait_for_db &&
python manage.py runserver 0.0.0.0:87000"

Terratest in GitHub Action fails

when running terratest locally with an assertion it works as expected. But when trying to run it via a github action i get the error below (removing the assertion has terratest running as expected):
TestTerraform 2022-07-27T08:34:49Z logger.go:66: ::set-output name=exitcode::0
output.go:19:
Error Trace: output.go:19
terraform_test.go:24
Error: Received unexpected error:
invalid character 'c' looking for beginning of value
Test: TestTerraform
The terratest file looks like:
package test
import (
"github.com/gruntwork-io/terratest/modules/terraform"
"github.com/stretchr/testify/assert"
"testing"
)
func TestTerraform(t *testing.T) {
iam_arn_expected := "arn:aws:iam::xxx:role/terratest_iam"
terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{
TerraformDir: "../examples/simple",
Vars: map[string]interface{}{
"iam_name": "terratest_iam",
"region": "eu-west-2",
},
})
defer terraform.Destroy(t, terraformOptions)
terraform.InitAndApply(t, terraformOptions)
iam_arn := terraform.Output(t, terraformOptions, "iam_arn")
assert.Equal(t, iam_arn_expected, iam_arn)
}
the github action looks like:
jobs:
terratest:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v3
- uses: actions/setup-go#v3.2.1
- name: Install tfenv
run: |
git clone https://github.com/tfutils/tfenv.git ~/.tfenv
echo "$HOME/.tfenv/bin" >> $GITHUB_PATH
- name: Install Terraform
working-directory: .
run: |
pwd
tfenv install
terraform --version
- name: Download Go Modules
working-directory: test
run: go mod download
- name: Run Terratest
working-directory: test
run: go test -v
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_PLAYGROUND_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_PLAYGROUND_KEY }}

The solution is to use the HashiCorp setup-terraform action with the Terraform wrapper turned off in place of your "Install Terraform" step.
- name: Setup Terraform
uses: hashicorp/setup-terraform#v2
with:
terraform_version: 1.3.6
terraform_wrapper: false

xcodebuild fails until pod installing again(twice) after the failure occurs - how to resolve?

I'm setting up github actions to test my xcode app (kotlin multiplatform) and for some reason my build is not successful until pod installing a second time after attempting to build.
So I pod install -> build -> build fails -> pod install again -> build -> build succeeds.
Steps to reproduce this locally:
Checkout the repo
arch -x86_64 pod install
xcodebuild ARCHS=x86_64 ONLY_ACTIVE_ARCH=NO -workspace myworkspace.xcworkspace -scheme
myScheme -configuration Release -destination 'platform=iOS Simulator,name=iPhone 12,OS=15.4'
The build fails on this step trying to import the common kotlin library:
import common
^
** BUILD FAILED **
and then if I run these steps again
arch -x86_64 pod install
xcodebuild ARCHS=x86_64 ONLY_ACTIVE_ARCH=NO -workspace myworkspace.xcworkspace -scheme myScheme -configuration Release -destination 'platform=iOS Simulator,name=iPhone 12,OS=15.4'
the build is successful
/usr/bin/codesign --force --sign - --entitlements /Users/me/Library/Developer/Xcode/DerivedData/myApp-esecylpzfadofbsakhxtkqqgzuk/Build/Intermediates.noindex/myApp.build/Release-iphonesimulator/myApp.build/myApp.app.xcent --timestamp\=none --generate-entitlement-der /Users/me/Library/Developer/Xcode/DerivedData/myApp-esecylpzfadofbsakhxtkqqgzuk/Build/Products/Release-iphonesimulator/myApp.app
** BUILD SUCCEEDED **
Here is my podfile:
platform :ios, '15.2'
use_frameworks!
inhibit_all_warnings!
def shared_pods
pod 'common', :path => '../common'
pod 'GoogleSignIn'
end
target 'myApp' do
shared_pods
end
target 'myApp_Tests' do
shared_pods
end
post_install do |installer|
installer.pods_project.targets.each do |target|
target.build_configurations.each do |config|
config.build_settings['IPHONEOS_DEPLOYMENT_TARGET'] = '12.0'
end
end
end
and here's my BuildTests.yaml file for github actions
name: ios-unit-tests
on:
push:
branches:
- main
pull_request:
branches:
- main
jobs:
run_tests:
runs-on: macos-latest
strategy:
matrix:
include:
- ios: "15.2"
name: test iOS (${{ matrix.ios }})
steps:
- uses: actions/setup-java#v2
with:
distribution: 'temurin'
java-version: '11'
- name: Checkout repository
uses: actions/checkout#v3
- name: Install the Apple certificate and provisioning profile
env:
BUILD_CERTIFICATE_BASE64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }}
P12_PASSWORD: ${{ secrets.P12_PASSWORD }}
BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.BUILD_PROVISION_PROFILE_BASE64 }}
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
run: |
# create variables
CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
# import certificate and provisioning profile from secrets
echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode --output $CERTIFICATE_PATH
echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode --output $PP_PATH
# create temporary keychain
security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
# import certificate to keychain
security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
# apply provisioning profile
mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
- name: Install M1 Pod
run: sudo arch -x86_64 gem install ffi;
- name: Pod Install
run: cd myApp; which pod; rm myApp.xcodeproj/project.xcworkspace/xcshareddata/swiftpm/Package.resolved; arch -x86_64 pod install
- name: Build
run: xcodebuild ARCHS=x86_64 ONLY_ACTIVE_ARCH=NO -workspace myApp/myApp.xcworkspace -scheme myApp -configuration Release -destination 'platform=iOS Simulator,name=iPhone 12,OS=${{ matrix.ios }}'
- name: Run unit tests
run: xcodebuild test -workspace myApp/myApp.xcworkspace -scheme myApp -sdk iphonesimulator -destination 'platform=iOS Simulator,name=iPhone 12,OS=${{ matrix.ios }}'
UPDATE:
Resolution was to delete .gitignore and build the project and see which files changed. Turned out there were some build files commented out that should have been committed

run realize start for a Go program, outputs exec: not started

when I run realize start for a Go program, I got this error result
[14:55:13][V2-USER-API.YUMMY.ID] : Watching 159 file/s 118 folder/s
[14:55:13][V2-USER-API.YUMMY.ID] : Install started
[14:55:13][V2-USER-API.YUMMY.ID] : Install
exec: not started
I have set up my file .realize.yaml, like this
settings:
legacy:
force: false
interval: 0s
schema:
- name: v2-user-api.yummy.id
path: ./cmd/server
commands:
run:
status: true
watcher:
extensions:
- go
paths:
- ../../
ignored_paths:
- .git
- .realize
- vendor
but I got error after run realize start

This command work for me
#!/usr/bin/env bash
export GO111MODULE=off
cd ~/
go get github.com/oxequa/realize
cd /go/src/github.com/oxequa/realize && \
git fetch && \
git checkout v2.0.2 && \
go get github.com/oxequa/realize
RV=$(realize --version)
echo "Realize installed #: $RV"
export GO111MODULE=on
use realize version v2.0.2