-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
refactor(core): api structure changed; error handler improved.
- Loading branch information
1 parent
69e2e64
commit 616fc8f
Showing
55 changed files
with
7,232 additions
and
13,697 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
# Application | ||
PORT=80 | ||
|
||
# DGII | ||
DGII_WSDL_URI= | ||
DGII_WSDL_PAGINATION_LIMIT=20 | ||
|
||
# Third party services | ||
GCP_CREDENTIALS= |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,105 @@ | ||
name: Build docker image | ||
|
||
on: | ||
workflow_call: | ||
inputs: | ||
app_name: | ||
required: true | ||
type: string | ||
dockerfile_path: | ||
required: true | ||
type: string | ||
dockerfile_target: | ||
required: true | ||
type: string | ||
registry: | ||
required: true | ||
type: string | ||
outputs: | ||
image_digest: | ||
description: "The image digest to be used on a caller workflow" | ||
value: ${{ jobs.build.outputs.image_digest }} | ||
|
||
jobs: | ||
build: | ||
name: Build images | ||
timeout-minutes: 15 | ||
runs-on: ubuntu-latest | ||
outputs: | ||
image_digest: ${{ steps.docker_build.outputs.digest }} | ||
permissions: | ||
contents: "read" | ||
id-token: "write" | ||
steps: | ||
- uses: actions/[email protected] | ||
with: | ||
persist-credentials: false | ||
|
||
- name: Inject slug/short variables | ||
uses: rlespinasse/[email protected] | ||
with: | ||
short-length: 7 | ||
|
||
# Automatic tag management and OCI Image Format Specification for labels | ||
- name: Docker meta | ||
id: meta | ||
uses: docker/[email protected] | ||
with: | ||
# list of Docker images to use as base name for tags | ||
images: | | ||
${{ inputs.registry }}/${{ inputs.app_name }} | ||
# generate Docker tags based on the following events/attributes | ||
tags: | | ||
type=schedule | ||
# semver and ref,tag automatically add a "latest" tag, but only on stable releases | ||
type=semver,pattern={{version}} | ||
type=semver,pattern={{major}}.{{minor}} | ||
type=semver,pattern={{major}} | ||
type=ref,event=tag | ||
type=ref,event=branch | ||
type=ref,event=pr | ||
type=sha | ||
# edge is the latest commit on the default branch. | ||
type=edge,enable={{is_default_branch}} | ||
# Setup Docker Buildx to allow use of docker cache layers from GH | ||
- name: Set up Docker Buildx | ||
id: buildx | ||
uses: docker/setup-buildx-action@v3 | ||
|
||
- name: Login to Google Artifact Registry | ||
uses: docker/[email protected] | ||
with: | ||
registry: us-docker.pkg.dev | ||
username: _json_key | ||
password: ${{ secrets.GAR_JSON_KEY }} | ||
|
||
# Build and push image to Google Artifact Registry, and possibly DockerHub | ||
- name: Build & push | ||
id: docker_build | ||
uses: docker/[email protected] | ||
with: | ||
target: ${{ inputs.dockerfile_target }} | ||
context: . | ||
file: ${{ inputs.dockerfile_path }} | ||
tags: ${{ steps.meta.outputs.tags }} | ||
labels: ${{ steps.meta.outputs.labels }} | ||
push: true | ||
build-args: | | ||
NODE_ENV=${{ env.NODE_ENV }} | ||
# To improve build speeds, for each branch we push an additional image to the registry, | ||
# to be used as the caching layer, using the `max` caching mode. | ||
# | ||
# We use multiple cache sources to confirm a cache hit, starting from a per-branch cache, | ||
# and if there's no hit, then continue with the `main` branch. When changes are added to a PR, | ||
# they are usually smaller than the diff between the PR and `main` branch. So this provides the | ||
# best performance. | ||
# | ||
# The caches are tried in top-down order, the first available cache is used: | ||
# https://github.com/moby/moby/pull/26839#issuecomment-277383550 | ||
cache-from: | | ||
type=registry,ref=${{ inputs.registry }}/${{ inputs.app_name }}:${{ env.GITHUB_REF_SLUG_URL }}-cache | ||
type=registry,ref=${{ inputs.registry }}/${{ inputs.app_name }}:${{ github.event.repository.default_branch }}-cache | ||
cache-to: | | ||
type=registry,ref=${{ inputs.registry }}/${{ inputs.app_name }}:${{ env.GITHUB_REF_SLUG_URL }}-cache,mode=min |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,88 @@ | ||
name: Deploy to Cloud Run | ||
|
||
on: | ||
workflow_call: | ||
inputs: | ||
image: | ||
required: false | ||
type: string | ||
image_digest: | ||
required: false | ||
type: string | ||
region: | ||
required: true | ||
type: string | ||
project: | ||
required: true | ||
type: string | ||
environment: | ||
required: false | ||
type: string | ||
default_name: | ||
required: false | ||
type: string | ||
|
||
jobs: | ||
versioning: | ||
runs-on: ubuntu-latest | ||
outputs: | ||
version: ${{ steps.set.outputs.version }} | ||
steps: | ||
- name: Getting API Version | ||
id: get | ||
uses: actions/github-script@v6 | ||
if: ${{ github.event_name == 'release' }} | ||
with: | ||
result-encoding: string | ||
script: | | ||
return context.payload.release.tag_name.substring(0,2) | ||
- name: Setting API Version | ||
id: set | ||
run: echo "version=${{ steps.get.outputs.result }}" >> "$GITHUB_OUTPUT" | ||
|
||
deploy: | ||
name: Deploy to Cloud Run | ||
needs: ['versioning'] | ||
timeout-minutes: 10 | ||
runs-on: ubuntu-latest | ||
permissions: | ||
contents: read | ||
id-token: write | ||
environment: | ||
name: ${{ inputs.environment }} | ||
url: ${{ steps.deploy.outputs.url }} | ||
steps: | ||
- name: Inject slug/short variables | ||
uses: rlespinasse/[email protected] | ||
|
||
- name: Authenticate to GCP | ||
id: auth | ||
uses: google-github-actions/[email protected] | ||
with: | ||
credentials_json: ${{ secrets.GAR_JSON_KEY }} | ||
|
||
- name: Set up Cloud SDK | ||
uses: google-github-actions/[email protected] | ||
|
||
- name: Deploy to cloud run | ||
id: deploy | ||
uses: google-github-actions/[email protected] | ||
with: | ||
image: ${{ inputs.image }} | ||
service: ${{ env.GITHUB_REPOSITORY_NAME_PART_SLUG }}-${{ inputs.default_name || needs.versioning.outputs.version || env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} | ||
region: ${{ inputs.region }} | ||
flags: | | ||
--vpc-connector=projects/${{ secrets.GCP_PROJECT }}/locations/${{ secrets.GCP_REGION }}/connectors/${{ secrets.GCP_REGION }} | ||
env_vars: | | ||
NODE_ENV=${{ env.NODE_ENV }}, | ||
DGII_WSDL_URI=${{ secrets.DGII_WSDL_URI }}, | ||
DGII_WSDL_PAGINATION_LIMIT=${{ secrets.DGII_WSDL_PAGINATION_LIMIT }}, | ||
GCP_CREDENTIALS=${{ secrets.GCP_CREDENTIALS }} | ||
- name: Allow unauthenticated calls to the service | ||
run: | | ||
gcloud run services add-iam-policy-binding ${{ env.GITHUB_REPOSITORY_NAME_PART_SLUG }}-${{ needs.versioning.outputs.version || env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} \ | ||
--region=${{ inputs.region }} --member=allUsers --role=roles/run.invoker --quiet | ||
- name: Test service with cURL | ||
run: curl "${{ steps.deploy.outputs.url }}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
name: Delete Cloud Run instances on PR closed by merged | ||
|
||
on: | ||
pull_request: | ||
branches: | ||
- master | ||
types: [closed] | ||
|
||
jobs: | ||
delete-cloud-run: | ||
if: github.event.pull_request.merged == true | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Inject slug/short variables | ||
uses: rlespinasse/[email protected] | ||
|
||
- id: 'auth' | ||
name: 'Authenticate to Google Cloud' | ||
uses: 'google-github-actions/auth@v2' | ||
with: | ||
credentials_json: '${{ secrets.GAR_JSON_KEY }}' | ||
|
||
- name: 'Set up Cloud SDK' | ||
uses: 'google-github-actions/setup-gcloud@v2' | ||
|
||
- name: 'Display information about the current gcloud environment' | ||
run: 'gcloud info' | ||
|
||
- name: Check if Cloud Run service exists | ||
id: check_service | ||
run: | | ||
SERVICE_NAME=${{ env.GITHUB_REPOSITORY_NAME_PART_SLUG }}-${{ env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} | ||
if gcloud run services describe $SERVICE_NAME --region=${{ vars.GCP_REGION }} > /dev/null 2>&1; then | ||
echo "service_exists=true" >> $GITHUB_ENV | ||
else | ||
echo "service_exists=false" >> $GITHUB_ENV | ||
fi | ||
- name: 'Delete service' | ||
if: env.service_exists == 'true' | ||
run: gcloud run services delete ${{ env.GITHUB_REPOSITORY_NAME_PART_SLUG }}-${{ env.GITHUB_HEAD_REF_SLUG || env.GITHUB_REF_SLUG }} --region=${{ vars.GCP_REGION }} --quiet |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
name: Deploy to dev | ||
|
||
on: | ||
workflow_dispatch: | ||
pull_request: | ||
branches: | ||
- "master" | ||
paths: | ||
- "**.js*" | ||
- "**.ts*" | ||
- "package*.json" | ||
- "Dockerfile" | ||
- "entrypoint.sh" | ||
- ".github/workflows/deploy-to-dev.yml" | ||
types: [opened, synchronize, reopened, labeled] | ||
|
||
concurrency: | ||
# Ensures that only one workflow task will run at a time. Previous builds, if | ||
# already in process, will get cancelled. Only the latest commit will be allowed | ||
# to run, cancelling any workflows in between | ||
group: ${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.run_id }} | ||
cancel-in-progress: true | ||
|
||
jobs: | ||
build: | ||
uses: ./.github/workflows/build-docker-image.yml | ||
with: | ||
dockerfile_path: ./Dockerfile | ||
dockerfile_target: release | ||
app_name: ${{ vars.APP_NAME }} | ||
registry: ${{ vars.GCP_REGISTRY}} | ||
secrets: inherit | ||
|
||
deploy: | ||
needs: ["build"] | ||
uses: ./.github/workflows/cloudrun-deploy.yml | ||
with: | ||
environment: development | ||
project: ${{ vars.GCP_PROJECT }} | ||
region: us-east1 | ||
image: ${{ vars.GCP_IMAGE}}@${{ needs.build.outputs.image_digest }} | ||
secrets: inherit |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
name: Deploy to production | ||
|
||
on: | ||
release: | ||
types: | ||
- published | ||
|
||
concurrency: | ||
# Ensures that only one workflow task will run at a time. Previous builds, if | ||
# already in process, will get cancelled. Only the latest commit will be allowed | ||
# to run, cancelling any workflows in between | ||
group: ${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.run_id }} | ||
cancel-in-progress: true | ||
|
||
jobs: | ||
build: | ||
uses: ./.github/workflows/build-docker-image.yml | ||
with: | ||
dockerfile_path: ./Dockerfile | ||
dockerfile_target: release | ||
app_name: ${{ vars.APP_NAME }} | ||
registry: ${{ vars.GCP_REGISTRY}} | ||
secrets: inherit | ||
|
||
deploy: | ||
needs: ["build"] | ||
uses: ./.github/workflows/cloudrun-deploy.yml | ||
with: | ||
environment: production | ||
project: ${{ vars.GCP_PROJECT }} | ||
region: us-east1 | ||
image: ${{ vars.GCP_IMAGE}}@${{ needs.build.outputs.image_digest }} | ||
secrets: inherit |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
name: Deploy to staging | ||
|
||
on: | ||
workflow_dispatch: | ||
push: | ||
branches: | ||
- 'master' | ||
paths: | ||
- '**.js*' | ||
- '**.ts*' | ||
- 'package*.json' | ||
- 'Dockerfile' | ||
- 'entrypoint.sh' | ||
- '.github/workflows/deploy-to-staging.yml' | ||
|
||
concurrency: | ||
# Ensures that only one workflow task will run at a time. Previous builds, if | ||
# already in process, will get cancelled. Only the latest commit will be allowed | ||
# to run, cancelling any workflows in between | ||
group: ${{ github.workflow }}-${{ github.job }}-${{ github.head_ref || github.run_id }} | ||
cancel-in-progress: true | ||
|
||
jobs: | ||
build: | ||
uses: ./.github/workflows/build-docker-image.yml | ||
with: | ||
dockerfile_path: ./Dockerfile | ||
dockerfile_target: release | ||
app_name: ${{ vars.APP_NAME }} | ||
registry: ${{ vars.GCP_REGISTRY}} | ||
secrets: inherit | ||
|
||
deploy: | ||
needs: ['build'] | ||
uses: ./.github/workflows/cloudrun-deploy.yml | ||
with: | ||
default_name: master | ||
environment: production | ||
project: ${{ vars.GCP_PROJECT }} | ||
region: us-east1 | ||
image: ${{ vars.GCP_IMAGE}}@${{ needs.build.outputs.image_digest }} | ||
secrets: inherit |
Oops, something went wrong.