apply pre-commit fix for lambda container

cdk-projects/bash_scripts/docker_bash.sh

@@ -37,6 +37,7 @@ cp ./cdk-projects/bash_scripts/spack.yaml $SPACK_ENV/
 
 cd $SPACK_ENV
 #create a docker file
+#change the Dockerfile in the correct dir 
 spack containerize > ../Dockerfile
 cd -
 

cdk-projects/build_cache/Dockerfile

@@ -0,0 +1,21 @@
+FROM public.ecr.aws/lambda/python:3.11
+
+# Copy requirements.txt
+#COPY requirements.txt ${LAMBDA_TASK_ROOT}
+
+# Copy function code
+#COPY lambda_handler.py ${LAMBDA_TASK_ROOT}
+#ADD python_wrapper ${LAMBDA_TASK_ROOT}/python_wrapper
+
+#Setup Proxy
+#RUN export HTTPS_PROXY=http://proxy01.pnl.gov:3128
+#RUN export https_proxy=http://proxy01.pnl.gov:3128
+# Install the specified packages
+#RUN export HTTP_PROXY=http://proxy01.pnl.gov:3128
+#RUN export http_proxy=http://proxy01.pnl.gov:3128
+RUN pip install --upgrade pip
+#RUN pip install -r ${LAMBDA_TASK_ROOT}/requirements.txt
+
+
+# Set the CMD to your handler (could also be done as a parameter override outside of the Dockerfile)
+#CMD [ "lambda_handler.main" ]

cdk-projects/build_cache/app.py

@@ -0,0 +1,36 @@
+# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+# SPDX-License-Identifier: MIT-0
+
+"""
+Sample app for publishing python packages
+"""
+
+import aws_cdk as cdk
+# from cdk_nag import AwsSolutionsChecks
+
+from cachecodeartifact.codeartifact_stack import CacheCodeartifactStack
+
+app = cdk.App()
+CacheCodeartifactStack(
+    app,
+    "CacheCodeartifactStack",
+    # If you don't specify 'env', this stack will be environment-agnostic.
+    # Account/Region-dependent features and context lookups will not work,
+    # but a single synthesized template can be deployed anywhere.
+
+    # Uncomment the next line to specialize this stack for the AWS Account
+    # and Region that are implied by the current CLI configuration.
+
+    # env=cdk.Environment(account=os.getenv('CDK_DEFAULT_ACCOUNT'), region=os.getenv('CDK_DEFAULT_REGION')),
+
+    # Uncomment the next line if you know exactly what Account and Region you
+    # want to deploy the stack to. */
+
+    # env=cdk.Environment(account='123456789012', region='us-east-1'),
+
+    # For more information, see https://docs.aws.amazon.com/cdk/latest/guide/environments.html
+)
+
+# cdk.Aspects.of(app).add(AwsSolutionsChecks())
+
+app.synth()

cdk-projects/build_cache/aws_proxy.sh

@@ -0,0 +1,23 @@
+#!/bin/bash
+
+# Setting up proxy and git
+export HTTPS_PROXY=http://proxy01.pnl.gov:3128 
+export https_proxy=http://proxy01.pnl.gov:3128
+export AWS_PROFILE=AdministratorAccess-305402452870
+export AWS_DEFAULT_REGION=us-west-2
+
+# Configure Git credential helper
+git config --global credential.helper '!aws --profile AdministratorAccess-305402452870 codecommit credential-helper $@'
+
+# Start docker engine 
+docker --version
+
+#virtual environment setup
+python -m venv venv
+source venv/bin/activate
+
+#cdk library setup
+pip install aws-cdk-lib==2.90.0
+
+# AWS configuration on CLI
+aws configure sso

cdk-projects/build_cache/cachecodeartifact/codeartifact_stack.py

@@ -0,0 +1,211 @@
+# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+# SPDX-License-Identifier: MIT-0
+
+"""
+Sample stack for publishing python packages
+"""
+
+from aws_cdk import (
+    RemovalPolicy,
+    Stack
+)
+from constructs import Construct
+from aws_cdk import aws_iam as iam
+from aws_cdk import aws_codebuild as codebuild
+from aws_cdk import aws_codecommit as codecommit
+from aws_cdk import aws_codeartifact as codeartifact
+from aws_cdk import aws_codepipeline as codepipeline
+from aws_cdk import aws_codepipeline_actions as codepipeline_actions
+from aws_cdk import aws_s3 as s3
+from aws_cdk import aws_kms as kms
+from aws_cdk import aws_ecr
+# from codeartifact.custom_constructs.build_and_publish_package import BuildAndPublishPackage
+# from cdk_nag import NagSuppressions
+# from cdk_nag import NagPackSuppression
+
+
+class CacheCodeartifactStack(Stack):
+
+    def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None:
+        super().__init__(scope, construct_id, **kwargs)
+    # edit the repo class withploy
+    #  aws documentation
+        repo = codecommit.Repository.from_repository_name(self, "build_cache1",
+                                                          repository_name="build_cache1",
+                                                          )
+
+        codeartifact_domain = codeartifact.CfnDomain(
+            self,
+            "CodeArtifactDomain",
+            domain_name="aws-sample-domain",
+        )
+
+        pip_private_codeartifact_repository = codeartifact.CfnRepository(
+            self,
+            "PipPrivateCodeArtifactRepository",
+            domain_name=codeartifact_domain.domain_name,
+            repository_name="pip",
+            description="Private PyPi repo",
+            external_connections=["public:pypi"],
+        )
+
+        pip_private_codeartifact_repository.add_depends_on(codeartifact_domain)
+
+        codebuild_encryption_key = kms.Key(
+            self,
+            'codeBuildEncryptionKey',
+            enable_key_rotation=True
+        )
+
+        access_logs_bucket = s3.Bucket(
+            self,
+            "AccessLogsBucket",
+            bucket_name="sample-cdk-access-logs-" + self.account,
+            block_public_access=s3.BlockPublicAccess.BLOCK_ALL,
+            encryption=s3.BucketEncryption.KMS,
+            encryption_key=codebuild_encryption_key,
+            enforce_ssl=True,
+            removal_policy=RemovalPolicy.DESTROY,
+            auto_delete_objects=True,
+        )
+
+        pipeline_artifact_bucket = s3.Bucket(
+            self,
+            "PipelineArtifactBucket",
+            bucket_name="sample-cdk-artifact-" + self.account,
+            server_access_logs_bucket=access_logs_bucket,
+            block_public_access=s3.BlockPublicAccess.BLOCK_ALL,
+            encryption=s3.BucketEncryption.KMS,
+            encryption_key=codebuild_encryption_key,
+            enforce_ssl=True,
+            removal_policy=RemovalPolicy.DESTROY,
+            auto_delete_objects=True,
+        )
+
+        # NagSuppressions.add_resource_suppressions(
+        #    access_logs_bucket,
+        #    [NagPackSuppression(id="AwsSolutions-S1", reason="Cannot log to itself")],
+        #   True
+        # )
+
+        pipeline = codepipeline.Pipeline(
+            self,
+            "PackagePipeline",
+            pipeline_name="python-sample-pipeline",
+            restart_execution_on_update=True,
+            artifact_bucket=pipeline_artifact_bucket,
+        )
+
+        source_output = codepipeline.Artifact()
+
+        source_action = codepipeline_actions.CodeCommitSourceAction(
+            action_name="CodeCommit",
+            repository=repo,
+            output=source_output,
+            branch="cloud-dev"
+        )
+
+        pipeline.add_stage(
+            stage_name="Source",
+            actions=[source_action],
+        )
+        # ecr_repo = ecr.Repository.from_repository_name(self, "EcrRepo", repository_name="test_repo")
+        ecr_repo = aws_ecr.Repository(
+            self, "EcrRepo", repository_name="build_cache")
+
+        run_build_exago_project = codebuild.PipelineProject(
+            self,
+            "RunBuildExaGO",
+            environment=codebuild.BuildEnvironment(
+                privileged=True,
+                # modified compute type and amazon_linux
+                compute_type=codebuild.ComputeType.LARGE,
+                build_image=codebuild.LinuxBuildImage.AMAZON_LINUX_2_5
+            ),
+
+            encryption_key=pipeline.artifact_bucket.encryption_key,
+            build_spec=codebuild.BuildSpec.from_object({
+                "version": "0.2",
+                "phases": {
+                    "pre_build": {
+                        "commands": [
+                            "python3 -m venv .venv",
+
+                            # "pip3 install -r requirements-dev.txt",
+                        ],
+                    },
+                    "build": {
+                        "commands": [
+                            ". .venv/bin/activate",
+                            # "aws codeartifact login --tool pip --repository pip --domain aws-sample-domain",
+                            "ls *",
+                            "ls cdk-projects/build_cache",
+                            "cd cdk-projects",
+                            "cd build_cache",
+                            "docker --version",
+                            # "pip3 install -r requirements.txt",
+                            "aws ecr get-login-password --region us-west-2 | docker login --username AWS --password-stdin 305402452870.dkr.ecr.us-west-2.amazonaws.com",
+                            "docker pull ghcr.io/pnnl/exago:exago-develop-x436raytwpfhkihapsbpto3jd3dpfyqg.spack",
+                            "docker build -t build_cache ."
+                            "docker tag build_cache:latest 305402452870.dkr.ecr.us-west-2.amazonaws.com/build_cache:latest",
+                            "docker push 305402452870.dkr.ecr.us-west-2.amazonaws.com/build_cache:latest"
+
+                        ],
+                    },
+                },
+            })
+        )
+
+        run_build_exago_project.role.attach_inline_policy(
+            iam.Policy(
+                self,
+                "RunBuildExaGOPolicy",
+                statements=[
+                    iam.PolicyStatement(
+                        effect=iam.Effect.ALLOW,
+                        resources=["*"],
+                        actions=["sts:GetServiceBearerToken"],
+                        conditions={
+                            "StringEquals": {
+                                "sts:AWSServiceName": "codeartifact.amazonaws.com"
+                            },
+                        }
+                    ),
+                    iam.PolicyStatement(
+                        effect=iam.Effect.ALLOW,
+                        resources=[codeartifact_domain.attr_arn],
+                        actions=["codeartifact:GetAuthorizationToken"],
+                    ),
+                    iam.PolicyStatement(
+                        effect=iam.Effect.ALLOW,
+                        resources=[
+                            pip_private_codeartifact_repository.attr_arn],
+                        actions=[
+                            "codeartifact:ReadFromRepository",
+                            "codeartifact:GetRepositoryEndpoint",
+                            "codeartifact:List*"
+                            # "ecr:GetAuthorizationToken"
+                        ],
+                    ),
+                    iam.PolicyStatement(
+                        effect=iam.Effect.ALLOW,
+                        resources=["*"],
+                        actions=[
+                            "ecr:GetAuthorizationToken",
+                            "ecr:*"
+                        ],
+                    )
+                ]
+            )
+        )
+
+        pipeline.add_stage(
+            stage_name="Build",
+            actions=[
+                codepipeline_actions.CodeBuildAction(
+                    action_name="build-exago-container",
+                    project=run_build_exago_project,
+                    input=source_output,
+                )
+            ],
+        )

cdk-projects/build_cache/cdk.json

@@ -0,0 +1,32 @@
+{
+    "app": "python3 app.py",
+    "watch": {
+      "include": [
+        "**"
+      ],
+      "exclude": [
+        "README.md",
+        "cdk*.json",
+        "requirements*.txt",
+        "source.bat",
+        "**/__init__.py",
+        "python/__pycache__",
+        "tests"
+      ]
+    },
+    "context": {
+      "@aws-cdk/aws-apigateway:usagePlanKeyOrderInsensitiveId": true,
+      "@aws-cdk/core:stackRelativeExports": true,
+      "@aws-cdk/aws-rds:lowercaseDbIdentifier": true,
+      "@aws-cdk/aws-lambda:recognizeVersionProps": true,
+      "@aws-cdk/aws-cloudfront:defaultSecurityPolicyTLSv1.2_2021": true,
+      "@aws-cdk-containers/ecs-service-extensions:enableDefaultLogDriver": true,
+      "@aws-cdk/aws-ec2:uniqueImdsv2TemplateName": true,
+      "@aws-cdk/core:checkSecretUsage": true,
+      "@aws-cdk/aws-iam:minimizePolicies": true,
+      "@aws-cdk/core:target-partitions": [
+        "aws",
+        "aws-cn"
+      ]
+    }
+  }

cdk-projects/lambda-s3-trigger/aws_proxy.sh

@@ -0,0 +1,24 @@
+#!/bin/bash
+
+# Setting up proxy and git
+export HTTPS_PROXY=http://proxy01.pnl.gov:3128 
+export https_proxy=http://proxy01.pnl.gov:3128
+export AWS_PROFILE=AdministratorAccess-305402452870
+export AWS_DEFAULT_REGION=us-west-2
+
+# Configure Git credential helper
+git config --global credential.helper '!aws --profile AdministratorAccess-305402452870 codecommit credential-helper $@'
+
+# Start docker engine 
+docker --version
+
+#virtual environment setup
+python -m venv venv
+source venv/bin/activate
+
+
+#cdk library setup
+pip install aws-cdk-lib==2.90.0
+
+# AWS configuration on CLI
+aws configure sso

cdk-projects/lambda-s3-trigger/lambda/Dockerfile

@@ -76,8 +76,8 @@ RUN mkdir /opt/spack-environment \
 &&   echo '  #   - get IPOPT working' \
 &&   echo '  #   - get Sparse CPU support working' \
 &&   echo '  - exago@1.6.0+python+mpi+hiop~ipopt' \
-&&   echo '  - perl ^zlib' \
-&&   echo '  - curl ^zlib' \
+&&   echo '  mirrors:' \
+&&   echo '    spack: https://binaries.spack.io/develop' \
 &&   echo '  concretizer:' \
 &&   echo '    unify: true' \
 &&   echo '  config:' \
@@ -111,25 +111,11 @@ COPY --from=builder /opt/views /opt/views
 RUN { \
       echo '#!/bin/sh' \
       && echo '.' /opt/spack-environment/activate.sh \
-      && echo 'python -m awslambdaric "$@"'; \
+      && echo 'exec "$@"'; \
     } > /entrypoint.sh \
 && chmod a+x /entrypoint.sh \
 && ln -s /opt/views/view /opt/view
 
 
-ENV LAMBDA_TASK_ROOT /var/root
-
-# Copy function code
-RUN mkdir -p ${LAMBDA_TASK_ROOT}
-COPY lambda_handler.py ${LAMBDA_TASK_ROOT}
-
-RUN pip install --upgrade pip && \
-    pip install \
-    --target ${LAMBDA_TASK_ROOT} \
-        awslambdaric
-
-# Set the CMD to your handler (could also be done as a parameter override outside of the Dockerfile)
-WORKDIR ${LAMBDA_TASK_ROOT}
-
 ENTRYPOINT [ "/entrypoint.sh" ]
-CMD [ "lambda_handler.main" ]
+CMD [ "/bin/bash" ]