roleypoly/v3
1
0
Fork 0
mirror of https://github.com/roleypoly/roleypoly.git synced 2025-06-16 09:39:09 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

big overhaul (#474)

Browse source 
* miniflare init

* feat(api): add tests

* chore: more tests, almost 100%

* add sessions/state spec

* add majority of routes and datapaths, start on interactions

* nevermind, no interactions

* nevermind x2, tweetnacl is bad but SubtleCrypto has what we need apparently

* simplify interactions verify

* add brute force interactions tests

* every primary path API route is refactored!

* automatically import from legacy, or die trying.

* check that we only fetch legacy once, ever

* remove old-src, same some historic pieces

* remove interactions & worker-utils package, update misc/types

* update some packages we don't need specific pinning for anymore

* update web references to API routes since they all changed

* fix all linting issues, upgrade most packages

* fix tests, divorce enzyme where-ever possible

* update web, fix integration issues

* pre-build api

* fix tests

* move api pretest to api package.json instead of CI

* remove interactions from terraform, fix deploy side configs

* update to tf 1.1.4

* prevent double writes to worker in GCS, port to newer GCP auth workflow

* fix api.tf var refs, upgrade node action

* change to curl-based script upload for worker script due to terraform provider limitations

* oh no, cloudflare freaked out :(
This commit is contained in:
41666 2022-01-31 20:35:22 -05:00 committed by GitHub
parent b644a38aa7
commit 3291f9aacc
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
183 changed files with 9853 additions and 9924 deletions
Download patch file Download diff file Expand all files Collapse all files

151
terraform/api.tf
View file

@ -1,3 +1,7 @@
locals {
name = "roleypoly-backend-${var.environment_tag}"
}
resource "cloudflare_workers_kv_namespace" "sessions" {
title = "roleypoly-sessions-${var.environment_tag}"
}
@ -10,69 +14,97 @@ resource "cloudflare_workers_kv_namespace" "guild_data" {
title = "roleypoly-guild_data-${var.environment_tag}"
}
resource "cloudflare_worker_script" "backend" {
name = "roleypoly-backend-${var.environment_tag}"
content = file("${path.module}/${var.api_path_to_worker}")
// Alternate method of uploading workers based on modules.
resource "null_resource" "cloudflare_workers_script_backend" {
depends_on = [
cloudflare_workers_kv_namespace.sessions,
cloudflare_workers_kv_namespace.guilds,
cloudflare_workers_kv_namespace.guild_data,
]
kv_namespace_binding {
name = "KV_SESSIONS"
namespace_id = cloudflare_workers_kv_namespace.sessions.id
triggers = {
script = data.local_file.script.content,
bindings = local_file.bindings.sensitive_content,
name = local.name,
account_id = var.cloudflare_account_id,
}
kv_namespace_binding {
name = "KV_GUILDS"
namespace_id = cloudflare_workers_kv_namespace.guilds.id
provisioner "local-exec" {
command = <<EOF
curl -f -sSL -X PUT "https://api.cloudflare.com/client/v4/accounts/${var.cloudflare_account_id}/workers/scripts/${local.name}" \
-H "Authorization: Bearer ${var.cloudflare_api_token}" \
-F "script=@${data.local_file.script.filename};filename=${basename(data.local_file.script.filename)};type=application/javascript+module" \
-F "metadata=@${local_file.bindings.filename}"
EOF
}
}
kv_namespace_binding {
name = "KV_GUILD_DATA"
namespace_id = cloudflare_workers_kv_namespace.guild_data.id
}
resource "local_file" "bindings" {
filename = "${path.module}/bindings.json"
sensitive_content = jsonencode({
main_module = basename(var.path_to_worker)
bindings = [
{
name = "BOT_CLIENT_ID"
text = var.bot_client_id
type = "plain_text"
},
{
name = "BOT_CLIENT_SECRET"
text = var.bot_client_secret
type = "secret_text"
},
{
name = "BOT_TOKEN"
text = var.bot_token
type = "secret_text"
},
{
name = "BOT_IMPORT_TOKEN"
text = var.bot_import_token
type = "secret_text"
},
{
name = "UI_PUBLIC_URI"
text = var.ui_public_uri
type = "plain_text"
},
{
name = "API_PUBLIC_URI"
text = var.api_public_uri
type = "plain_text"
},
{
name = "ALLOWED_CALLBACK_HOSTS"
text = var.allowed_callback_hosts
type = "plain_text"
},
{
name = "ROOT_USERS"
text = join(",", var.root_users)
type = "plain_text"
},
{
name = "KV_SESSIONS"
namespace_id = cloudflare_workers_kv_namespace.sessions.id
type = "kv_namespace"
},
{
name = "KV_GUILDS"
namespace_id = cloudflare_workers_kv_namespace.guilds.id
type = "kv_namespace"
},
{
name = "KV_GUILD_DATA"
namespace_id = cloudflare_workers_kv_namespace.guild_data.id
type = "kv_namespace"
}
]
})
}
plain_text_binding {
name = "BOT_CLIENT_ID"
text = var.bot_client_id
}
secret_text_binding {
name = "BOT_CLIENT_SECRET"
text = var.bot_client_secret
}
secret_text_binding {
name = "BOT_TOKEN"
text = var.bot_token
}
secret_text_binding {
name = "BOT_IMPORT_TOKEN"
text = var.bot_import_token
}
plain_text_binding {
name = "UI_PUBLIC_URI"
text = var.ui_public_uri
}
plain_text_binding {
name = "API_PUBLIC_URI"
text = var.api_public_uri
}
plain_text_binding {
name = "ALLOWED_CALLBACK_HOSTS"
text = var.allowed_callback_hosts
}
plain_text_binding {
name = "ROOT_USERS"
text = join(",", var.root_users)
}
secret_text_binding {
name = "INTERACTIONS_SHARED_KEY"
text = random_password.interactions_token.result
}
data "local_file" "script" {
filename = "${path.module}/${var.path_to_worker}"
}
resource "cloudflare_record" "api" {
@ -86,5 +118,8 @@ resource "cloudflare_record" "api" {
resource "cloudflare_worker_route" "backend" {
zone_id = var.cloudflare_zone_id
pattern = "api-${var.environment_tag}.roleypoly.com/*"
script_name = cloudflare_worker_script.backend.name
script_name = local.name
depends_on = [
null_resource.cloudflare_workers_script_backend,
]
}