Feat 2

.circleci/config.yml

@@ -1,16 +1,16 @@
 version: 2
 jobs:
  build:
-  # Variable expansion in working_directory not supported at this time
-  # You will need to modify the code below to reflect your github account/repo setup
-  working_directory: /go/src/github.com/Securing-DevOps/invoicer-chapter2
+# Configures a working directory to build the Docker container of the application
+  working_directory: /go/src/github.com/gushu-learn/invoicer-chapter2
   docker:
+# Declares the environment the job will run on
    - image: circleci/golang:1.10
   steps:
    - checkout
    - setup_remote_docker
 
-   - run: 
+   - run:
       name: Setup environment
       command: |
        gb="/src/github.com/${CIRCLE_PROJECT_USERNAME}";
@@ -26,13 +26,13 @@ jobs:
        EOF
    - run: mkdir -p "${GOPATH_BASE}"
    - run: mkdir -p "${GOPATH_HEAD}/bin"
-       
+
    - run:
       name: Testing application
       command: |
           go test \
           github.com/${CIRCLE_PROJECT_USERNAME}/${CIRCLE_PROJECT_REPONAME}
-
+# docker variables added circleCI project settings
    - deploy:
        command: |
          if [ "${CIRCLE_BRANCH}" == "master" ]; then
@@ -45,4 +45,4 @@ jobs:
            docker images --no-trunc | awk '/^app/ {print $3}' | \
              sudo tee $CIRCLE_ARTIFACTS/docker-image-shasum256.txt;
            docker push ${DOCKER_REPO}/${CIRCLE_PROJECT_REPONAME};
-         fi
+         fi

.gitignore

@@ -0,0 +1 @@
+tmp/

Dockerfile

@@ -1,14 +1,8 @@
-FROM golang:latest
-RUN addgroup --gid 10001 app
-RUN adduser --gid 10001 --uid 10001 \
-    --home /app --shell /sbin/nologin \
-    --disabled-password app
-
-RUN mkdir /app/statics/
-ADD statics /app/statics/
-
-COPY bin/invoicer /app/invoicer
+FROM busybox:latest
+RUN addgroup -g 10001 app && \
+    adduser -G app -u 10001 \
+    -D -h /app -s /sbin/nologin app
+COPY bin/invoicer /bin/invoicer
 USER app
 EXPOSE 8080
-WORKDIR /app
-ENTRYPOINT /app/invoicer
+ENTRYPOINT /bin/invoicer

create_ebs_env.sh

@@ -10,7 +10,7 @@ fail() {
     exit 1
 }
 
-export AWS_DEFAULT_REGION=${AWS_REGION:-us-east-1}
+export AWS_DEFAULT_REGION=${AWS_REGION:-eu-west-2}
 
 datetag=$(date +%Y%m%d%H%M)
 identifier=$(whoami)ivcr$datetag
@@ -32,17 +32,17 @@ dbsg=$(jq -r '.GroupId' tmp/$identifier/dbsg.json)
 echo "DB security group is $dbsg"
 
 # Create the database
-dbinstclass="db.t2.micro"
+dbinstclass="db.t3.micro"
 dbstorage=5
 dbpass=$(dd if=/dev/urandom bs=128 count=1 2>/dev/null| tr -dc _A-Z-a-z-0-9)
+echo "Password is $dbpass eom"
 aws rds create-db-instance \
     --db-name invoicer \
     --db-instance-identifier "$identifier" \
     --vpc-security-group-ids "$dbsg" \
     --allocated-storage "$dbstorage" \
     --db-instance-class "$dbinstclass" \
     --engine postgres \
-    --engine-version 9.6.2 \
     --auto-minor-version-upgrade \
     --publicly-accessible \
     --master-username invoicer \
@@ -77,7 +77,7 @@ echo "ElasticBeanTalk application created"
 
 # Get the name of the latest Docker solution stack
 dockerstack="$(aws elasticbeanstalk list-available-solution-stacks | \
-    jq -r '.SolutionStacks[]' | grep -P '.+Amazon Linux.+running Docker.+' | head -1)"
+    jq -r '.SolutionStacks[]' | grep -P '.+Amazon Linux.+running Docker' | head -1)"
 
 # Create the EB API environment
 sed "s/POSTGRESPASSREPLACEME/$dbpass/" ebs-options.json > tmp/$identifier/ebs-options.json || fail

ebs-options.json

@@ -28,5 +28,10 @@
         "Namespace": "aws:elasticbeanstalk:application:environment", 
         "OptionName": "INVOICER_POSTGRES_SSLMODE", 
         "Value": "disable"
+    },
+    {
+        "Namespace": "aws:autoscaling:launchconfiguration", 
+        "OptionName": "IAMINSTANCEPROFILE", 
+        "Value": "aws-elasticbeanstalk-ec2-role"
     }
 ]

version.go

@@ -1,3 +1,3 @@
 package main
-const version = "20180614.0-92f47c3"
-const commit = "92f47c3d3dd24e41c8b38adbb86b2407143c9dc9"
+const version = "20220830.0-22420e3"
+const commit = "22420e38ea5cec3fc12c7525006d51723eb71973"