roleypoly/v3
1
0
Fork 0
mirror of https://github.com/roleypoly/roleypoly.git synced 2025-04-25 03:49:11 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix tests, remove webapp from terraform

Browse source
This commit is contained in:
41666 2021-03-09 23:57:49 -05:00
parent 8d06327c03
commit 0b54321cfe
11 changed files with 1017 additions and 313 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
.github/workflows/build.yml vendored
View file

@ -119,7 +119,6 @@ jobs:
strategy:
matrix:
dockerfile:
- ui
- bot
steps:
- uses: actions/checkout@master
@ -182,12 +181,6 @@ jobs:
if: github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
steps:
- name: Get UI digest
uses: actions/download-artifact@v2
with:
name: ui-digest
path: .digests/ui
- name: Get Bot digest
uses: actions/download-artifact@v2
with:
@ -197,7 +190,7 @@ jobs:
- name: Set digests as addressable
id: digests
env:
IMAGES: ui bot
IMAGES: bot
run: |
set_digest_output() {
echo ::set-output name=$1::@$(cat .digests/$1/digest.txt)

24
hack/dockerfiles/ui.Dockerfile
View file

@ -1,24 +0,0 @@
#
# Builder
#
FROM mhart/alpine-node:14 AS builder
WORKDIR /src
COPY package.json yarn.lock ./
RUN yarn install --frozen-lockfile --ignore-scripts
COPY tsconfig.json .babelrc.js next.config.js next-env.d.ts ./
COPY src src
RUN yarn ui:build
RUN yarn install --frozen-lockfile --prod --ignore-scripts
#
# Output layer
#
FROM mhart/alpine-node:slim-14 AS output
COPY --from=builder /src .
ENV PORT=6601
ENTRYPOINT [ "/bin/sh", "-c", "/usr/bin/node node_modules/.bin/next start -p $PORT" ]

27
package.json
View file

@ -12,7 +12,14 @@
},
"author": "Katalina Okano <git@kat.cafe>",
"license": "MIT",
"private": true,
"workspaces": [
"packages/*"
],
"scripts": {
"build": "run-p -c build:*",
"build:design-system": "yarn workspace @roleypoly/design-system run build",
"build:web": "yarn workspace @roleypoly/web run build",
"lint": "run-p -c lint:* --",
"lint:eslint": "eslint",
"lint:go": "go fmt ./...",
@ -24,9 +31,6 @@
"postinstall": "is-ci || husky install",
"storybook": "start-storybook -p 6006",
"storybook:build": "build-storybook",
"build": "run-p -c build:*",
"build:design-system": "yarn workspace @roleypoly/design-system run build",
"build:web": "yarn workspace @roleypoly/web run build",
"test": "jest",
"ui": "next dev -p 6601",
"ui:build": "next build",
@ -34,7 +38,16 @@
"worker": "node src/backend-emulator/main.js"
},
"devDependencies": {
"@types/enzyme": "^3.10.8",
"@types/lodash": "^4.14.168",
"@wojtekmaj/enzyme-adapter-react-17": "^0.4.1",
"enzyme": "^3.11.0",
"enzyme-adapter-react-16": "^1.15.6",
"husky": "^5.1.3",
"is-ci": "^3.0.0",
"jest-enzyme": "^7.1.2",
"jest-react-hooks-shallow": "^1.5.1",
"jest-styled-components": "^7.0.3",
"lint-staged": "^10.5.4",
"npm-run-all": "^4.1.5",
"prettier": "^2.2.1",
@ -46,7 +59,7 @@
"stylelint-config-standard": "^21.0.0",
"stylelint-config-styled-components": "^0.1.1",
"stylelint-prettier": "^1.2.0",
"is-ci": "^3.0.0",
"ts-jest": "^26.5.3",
"typescript": "^4.2.3"
},
"lint-staged": {
@ -62,9 +75,5 @@
".husky/pre-commit": [
"prettier --write"
]
},
"private": true,
"workspaces": [
"packages/*"
]
}
}

9
packages/web/src/App.test.tsx
View file

@ -1,9 +0,0 @@
import React from 'react';
import { render, screen } from '@testing-library/react';
import App from './App';
test('renders learn react link', () => {
render(<App />);
const linkElement = screen.getByText(/learn react/i);
expect(linkElement).toBeInTheDocument();
});

3
packages/web/src/App.tsx
View file

@ -1,12 +1,9 @@
import React from 'react';
import logo from './logo.svg';
import './App.css';
function App() {
return (
<div className="App">
<header className="App-header">
<img src={logo} className="App-logo" alt="logo" />
<p>
Edit <code>src/App.tsx</code> and save to reload.
</p>

5
packages/web/src/setupTests.ts
View file

@ -1,5 +0,0 @@
// jest-dom adds custom jest matchers for asserting on DOM nodes.
// allows you to do things like:
// expect(element).toHaveTextContent(/react/i)
// learn more: https://github.com/testing-library/jest-dom
import '@testing-library/jest-dom';

2
src/common/utils/hasPermission.spec.ts
View file

@ -1,5 +1,5 @@
import { roleCategory } from '@roleypoly/design-system/fixtures/storyData';
import { Role } from 'roleypoly/common/types';
import { roleCategory } from '../../fixtures/storyData';
import { hasPermission, hasPermissionOrAdmin } from './hasPermission';
export const permissions = {

20
terraform/cloudflare-origin-cert.tf
View file

@ -1,20 +0,0 @@
resource "tls_private_key" "tls_pk" {
algorithm = "RSA"
}
resource "tls_cert_request" "web_csr" {
key_algorithm = tls_private_key.tls_pk.algorithm
private_key_pem = tls_private_key.tls_pk.private_key_pem
subject {
common_name = "web-${var.environment_tag}.roleypoly.com"
organization = "Roleypoly"
}
}
resource "cloudflare_origin_ca_certificate" "web" {
csr = tls_cert_request.web_csr.cert_request_pem
hostnames = var.ui_hostnames
request_type = "origin-rsa"
requested_validity = 365 * 15
}

60
terraform/webapp.tf
View file

@ -1,60 +0,0 @@
locals {
uiTag = var.ui_tag == "" ? ":${var.environment_tag}" : var.ui_tag
}
resource "google_cloud_run_service" "web" {
for_each = toset(var.ui_regions)
name = "roleypoly-web-${var.environment_tag}-${each.key}"
location = each.key
template {
spec {
containers {
image = "${local.artifactBaseMap[each.key]}/ui${local.uiTag}"
env {
name = "API_PUBLIC_URI"
value = var.api_public_uri
}
env {
name = "UI_PUBLIC_URI"
value = var.ui_public_uri
}
}
}
metadata {
annotations = {
"autoscaling.knative.dev/maxScale" = "10"
}
}
}
traffic {
percent = 100
latest_revision = true
}
}
data "google_iam_policy" "noauth" {
binding {
role = "roles/run.invoker"
members = [
"allUsers",
]
}
}
resource "google_cloud_run_service_iam_policy" "noauth" {
for_each = toset(var.ui_regions)
location = google_cloud_run_service.web[each.key].location
project = google_cloud_run_service.web[each.key].project
service = google_cloud_run_service.web[each.key].name
policy_data = data.google_iam_policy.noauth.policy_data
}

125
terraform/weblb.tf
View file

@ -1,125 +0,0 @@
// Maps all requests to the backend service
resource "google_compute_url_map" "web_lb" {
name = "lb-um-web-${var.environment_tag}"
host_rule {
hosts = var.ui_hostnames
path_matcher = "path-matcher-1" // Matching google console due to bug with mutating url_maps
}
path_matcher {
name = "path-matcher-1"
default_service = google_compute_backend_service.web_lb.id
}
// Blackhole. No addresses will ever be this, and hosts without IPv6 will fail regardless.
// Not matching the host_rule should be seen as treason.
default_url_redirect {
host_redirect = "[100::]"
path_redirect = "/"
strip_query = true
}
}
// Regional load balancer
resource "google_compute_backend_service" "web_lb" {
name = "lb-rbes-web-${var.environment_tag}"
dynamic "backend" {
for_each = toset(var.ui_regions)
content {
group = google_compute_region_network_endpoint_group.web_lb[backend.value].id
}
}
}
// Origin TLS cert from Cloudflare
resource "google_compute_ssl_certificate" "origin_tls" {
name_prefix = "cf-origin-web-${var.environment_tag}-"
private_key = tls_private_key.tls_pk.private_key_pem
certificate = cloudflare_origin_ca_certificate.web.certificate
lifecycle {
create_before_destroy = true
}
}
// HTTPS proxy
resource "google_compute_target_https_proxy" "web_lb" {
name = "lb-http-web-${var.environment_tag}"
url_map = google_compute_url_map.web_lb.id
ssl_certificates = [google_compute_ssl_certificate.origin_tls.id]
}
// Static IPs, Anycast
resource "google_compute_global_address" "web_lb-ipv4" {
name = "lb-ga-web-ipv4-${var.environment_tag}"
ip_version = "IPV4"
}
resource "google_compute_global_address" "web_lb-ipv6" {
name = "lb-ga-web-ipv6-${var.environment_tag}"
ip_version = "IPV6"
}
// Forwarding rules (if request on 443, send to proxy)
resource "google_compute_global_forwarding_rule" "web_lb-ipv4" {
provider = google-beta
name = "lb-fr-web-ipv4-${var.environment_tag}"
target = google_compute_target_https_proxy.web_lb.self_link
port_range = "443"
ip_address = google_compute_global_address.web_lb-ipv4.address
}
resource "google_compute_global_forwarding_rule" "web_lb-ipv6" {
provider = google-beta
name = "lb-fr-web-ipv6-${var.environment_tag}"
target = google_compute_target_https_proxy.web_lb.self_link
port_range = "443"
ip_address = google_compute_global_address.web_lb-ipv6.address
}
// Cloudflare DNS records
locals {
// for web-example.roleypoly.com, grab the .roleypoly.com. This may break for .co.uk, etc, so don't use that. :)
uiDNSReplace = regex("\\.[a-z0-9-]+\\.[a-z]+$", var.ui_hostnames[0])
}
resource "cloudflare_record" "web-ipv4" {
for_each = toset(var.ui_hostnames)
zone_id = var.cloudflare_zone_id
name = replace(each.value, local.uiDNSReplace, "")
type = "A"
value = google_compute_global_forwarding_rule.web_lb-ipv4.ip_address
proxied = true
}
resource "cloudflare_record" "web-ipv6" {
for_each = toset(var.ui_hostnames)
zone_id = var.cloudflare_zone_id
name = replace(each.value, local.uiDNSReplace, "")
type = "AAAA"
value = google_compute_global_forwarding_rule.web_lb-ipv6.ip_address
proxied = true
}
// Regional groups so the backend service knows what it can route to for a given region
resource "google_compute_region_network_endpoint_group" "web_lb" {
provider = google-beta
for_each = toset(var.ui_regions)
lifecycle {
create_before_destroy = true
}
name = "lb-fr-neg-${each.key}-${var.environment_tag}"
region = google_cloud_run_service.web[each.key].location
network_endpoint_type = "SERVERLESS"
cloud_run {
service = google_cloud_run_service.web[each.key].name
}
}

1046
yarn.lock
View file

File diff suppressed because it is too large Load diff