Skip to content

Commit

Permalink
[#385] Integrate prepare-config script functionality into Makefile sy…
Browse files Browse the repository at this point in the history
…stem

This commit eliminates the prepare-config.sh script, incorporating its
configuration preparation logic into the Makefile workflow with a new
config.mk file. This adjustment enhances the consistency of the
deployment process, aligning it with the modular Makefile approach. It
simplifies the management of configurations by dynamically generating
necessary files from templates, thereby improving the security and
maintainability of configuration secrets. Adjustments to related
Makefiles files have been made to accommodate these changes,
streamlining the entire configuration and deployment pipeline.
  • Loading branch information
placek committed Mar 5, 2024
1 parent f10fb89 commit 31f7b8c
Show file tree
Hide file tree
Showing 18 changed files with 118 additions and 153 deletions.
10 changes: 2 additions & 8 deletions govtool/frontend/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -6,25 +6,19 @@ endif

.DEFAULT_GOAL := push-frontend

# environment variables
gtm_id := $(shell echo $${GTM_ID})
sentry_dsn := $(shell echo $${SENTRY_DSN})

# image tags
frontend_image_tag := $(shell git log -n 1 --format="%H" -- $(root_dir)/govtool/frontend)

.PHONY: build-frontend
build-frontend: docker-login
@:$(call check_defined, cardano_network)
@:$(call check_defined, gtm_id)
@:$(call check_defined, sentry_dsn)
if [[ "$(cardano_network)" = "mainnet" ]]; then NETWORK_FLAG=1; else NETWORK_FLAG=0; fi; \
$(call check_image_on_ecr,frontend,$(frontend_image_tag)) || \
$(docker) build --tag "$(repo_url)/frontend:$(frontend_image_tag)" \
--build-arg VITE_BASE_URL="https://$(domain)/api" \
--build-arg VITE_GTM_ID="$(gtm_id)" \
--build-arg VITE_GTM_ID="$${GTM_ID}" \
--build-arg VITE_NETWORK_FLAG="$$NETWORK_FLAG" \
--build-arg VITE_SENTRY_DSN="$(sentry_dsn)" \
--build-arg VITE_SENTRY_DSN="$${SENTRY_DSN}" \
$(root_dir)/govtool/frontend

.PHONY: push-frontend
Expand Down
37 changes: 3 additions & 34 deletions scripts/govtool/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -2,24 +2,10 @@ include ../../govtool/backend/Makefile
include ../../govtool/frontend/Makefile
include utils.mk
include info.mk
include config.mk

.DEFAULT_GOAL := info

# tools
curl ?= curl
rsync ?= rsync
ssh-keyscan ?= ssh-keyscan

# environment variables
grafana_admin_password := $(shell echo $${GRAFANA_ADMIN_PASSWORD})
grafana_slack_recipient := $(shell echo $${GRAFANA_SLACK_RECIPIENT})
grafana_slack_oauth_token := $(shell echo $${GRAFANA_SLACK_OAUTH_TOKEN})

# target addresses
docker_host := $(domain)
docker_user := ubuntu
ssh_url := $(docker_user)@$(docker_host)

# stack configuration
docker_compose_file := docker-compose.$(env).yml

Expand All @@ -28,33 +14,16 @@ cardano_node_image_tag := 8.8.0-pre
cardano_db_sync_image_tag := sancho-4-0-0-fix-config

.PHONY: all
all: deploy-stack info #notify

.PHONY: prepare-config
prepare-config:
@:$(call check_defined, cardano_network)
@:$(call check_defined, grafana_slack_recipient)
@:$(call check_defined, grafana_slack_oauth_token)
export CARDANO_NETWORK=$(cardano_network); \
export GRAFANA_SLACK_RECIPIENT=$(grafana_slack_recipient); \
export GRAFANA_SLACK_OAUTH_TOKEN=$(grafana_slack_oauth_token); \
./prepare-config.sh

.PHONY: upload-config
upload-config: check-env-defined prepare-config
@:$(call check_defined, cardano_network)
@:$(call check_defined, env)
$(rsync) -av -e 'ssh -o StrictHostKeyChecking=no' config/target/. $(ssh_url):config
all: deploy-stack info notify

.PHONY: deploy-stack
deploy-stack: upload-config push-backend push-frontend
@:$(call check_defined, cardano_network)
@:$(call check_defined, env)
@:$(call check_defined, grafana_admin_password)
export CARDANO_NETWORK=$(cardano_network); \
export DOCKER_HOST=ssh://$(ssh_url); \
export ENVIRONMENT=$(env); \
export GRAFANA_ADMIN_PASSWORD=$(grafana_admin_password); \
export GRAFANA_ADMIN_PASSWORD=$${GRAFANA_ADMIN_PASSWORD}; \
export BACKEND_TAG=$(backend_image_tag); \
export FRONTEND_TAG=$(frontend_image_tag); \
export CARDANO_NODE_TAG=$(cardano_node_image_tag); \
Expand Down
6 changes: 6 additions & 0 deletions scripts/govtool/common.mk
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,9 @@ ONESHELL:

# tools
docker ?= docker
curl ?= curl
rsync ?= rsync
ssh-keyscan ?= ssh-keyscan

# environment variables
env := $(shell echo $${ENVIRONMENT})
Expand All @@ -17,6 +20,9 @@ root_dir := $(shell git rev-parse --show-toplevel)
# target addresses
domain := $(shell echo $${DOMAIN})
repo_url ?= 733019650473.dkr.ecr.eu-west-1.amazonaws.com
docker_host := $(domain)
docker_user := ubuntu
ssh_url := $(docker_user)@$(docker_host)

# stack configuration
compose_stack_name := govtool-$(env)-$(cardano_network)
Expand Down
82 changes: 82 additions & 0 deletions scripts/govtool/config.mk
Original file line number Diff line number Diff line change
@@ -0,0 +1,82 @@
common_mk := ../../scripts/govtool/common.mk
ifeq ($(origin $(common_mk)), undefined)
$(eval $(common_mk) := included)
include $(common_mk)
endif

# directory paths
config_dir := $(root_dir)/scripts/govtool/config
target_config_dir := $(config_dir)/target
template_config_dir := $(config_dir)/templates
cardano_node_config_dir := $(target_config_dir)/cardano-node
dbsync_secrets_dir := $(target_config_dir)/dbsync-secrets
grafana_provisioning_dir := $(target_config_dir)/grafana-provisioning
nginx_config_dir := $(target_config_dir)/nginx

# metadata
cardano_config_provider := https://book.world.dev.cardano.org

.PHONY: prepare-config
prepare-config: clear enable-prometheus prepare-dbsync-secrets prepare-backend-config prepare-prometheus-config prepare-grafana-provisioning prepare-nginx-config

.PHONY: clear
clear:
rm -rf $(target_config_dir)

.PHONY: fetch-cardano-node-config
fetch-cardano-node-config:
@:$(call check_defined, cardano_network)
mkdir -p $(cardano_node_config_dir)
$(curl) -s "$(cardano_config_provider)/env-$(cardano_network).html" | \
grep -E -o '[a-z-]+\.json' | \
sort -u | \
xargs -I"{}" $(curl) -s "$(cardano_config_provider)/environments/$(cardano_network)/{}" -o "$(cardano_node_config_dir)/{}"

.PHONY: enable-prometheus
enable-prometheus: fetch-cardano-node-config
sed -i '/"hasPrometheus"/ { N; s/"127\.0\.0\.1"/"0.0.0.0"/ }' "$(cardano_node_config_dir)/config.json"

.PHONY: prepare-dbsync-secrets
prepare-dbsync-secrets:
mkdir -p $(dbsync_secrets_dir)
echo "$${DBSYNC_POSTGRES_USER}" > "$(dbsync_secrets_dir)/postgres_user"; \
echo "$${DBSYNC_POSTGRES_PASSWORD}" > "$(dbsync_secrets_dir)/postgres_password"; \
echo "$${DBSYNC_POSTGRES_DB}" > "$(dbsync_secrets_dir)/postgres_db"

.PHONY: prepare-backend-config
prepare-backend-config:
sed -e "s/DBSYNC_POSTGRES_DB/$${DBSYNC_POSTGRES_DB}/" \
-e "s/DBSYNC_POSTGRES_USER/$${DBSYNC_POSTGRES_USER}/" \
-e "s/DBSYNC_POSTGRES_PASSWORD/$${DBSYNC_POSTGRES_PASSWORD}/" \
-e "s|SENTRY_DSN|$${SENTRY_DSN_BACKEND}|" \
"$(config_dir)/templates/backend-config.json.tpl" \
> "$(target_config_dir)/backend-config.json"

.PHONY: prepare-prometheus-config
prepare-prometheus-config:
cp -a "$(template_config_dir)/prometheus.yml" "$(target_config_dir)/prometheus.yml"

PHONY: prepare-grafana-provisioning
prepare-grafana-provisioning:
mkdir -p $(grafana_provisioning_dir)
cp -a $(template_config_dir)/grafana-provisioning/* $(grafana_provisioning_dir)
sed -e "s/GRAFANA_SLACK_RECIPIENT/$${GRAFANA_SLACK_RECIPIENT}/" \
-e "s|GRAFANA_SLACK_OAUTH_TOKEN|$${GRAFANA_SLACK_OAUTH_TOKEN}|" \
-i $(grafana_provisioning_dir)/alerting/alerting.yml

.PHONY: prepare-nginx-config
prepare-nginx-config:
@:$(call check_defined, domain)
mkdir -p $(nginx_config_dir)
touch "$(nginx_config_dir)/auth.conf"
touch "$(nginx_config_dir)/govtool.htpasswd"
if [[ "$(domain)" == *"sanchonet.govtool.byron.network"* ]]; then \
echo "$${NGINX_BASIC_AUTH}" > "$(nginx_config_dir)/govtool.htpasswd"; \
echo "auth_basic \"Restricted\";" > "$(nginx_config_dir)/auth.conf"; \
echo "auth_basic_user_file /etc/nginx/conf.d/govtool.htpasswd;" >> "$(nginx_config_dir)/auth.conf"; \
fi

.PHONY: upload-config
upload-config: check-env-defined prepare-config
@:$(call check_defined, ssh_url)
$(rsync) -av -e 'ssh -o StrictHostKeyChecking=no' config/target/. $(ssh_url):config
18 changes: 0 additions & 18 deletions scripts/govtool/config/secrets/backend-config.json

This file was deleted.

1 change: 0 additions & 1 deletion scripts/govtool/config/secrets/postgres_db

This file was deleted.

1 change: 0 additions & 1 deletion scripts/govtool/config/secrets/postgres_password

This file was deleted.

1 change: 0 additions & 1 deletion scripts/govtool/config/secrets/postgres_user

This file was deleted.

23 changes: 23 additions & 0 deletions scripts/govtool/config/templates/prometheus.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
global:
scrape_interval: 15s
evaluation_interval: 15s
external_labels:
monitor: 'govtool'
scrape_configs:
- job_name: 'traefik'
scrape_interval: 5s
static_configs:
- targets: ['traefik:8082']
- job_name: 'cardano'
scrape_interval: 5s
static_configs:
- targets: ['cardano-node:12798']
- job_name: 'cardano_db_sync'
scrape_interval: 5s
metrics_path: /
static_configs:
- targets: ['cardano-db-sync:8080']
- job_name: 'host'
scrape_interval: 5s
static_configs:
- targets: ['host.docker.internal:9100']
2 changes: 1 addition & 1 deletion scripts/govtool/info.mk
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ notify:
@:$(call check_defined, cardano_network)
@:$(call check_defined, env)
$(curl) -X POST https://slack.com/api/chat.postMessage\
-H "Authorization: Bearer $(grafana_slack_oauth_token)" \
-H "Authorization: Bearer $${GRAFANA_SLACK_OAUTH_TOKEN}" \
-H "Content-Type: application/json; charset=utf-8" \
--data "{ \"channel\":\"$${GRAFANA_SLACK_RECIPIENT}\", \"text\":\":rocket: *Deploy performed on \`$(env)\`*\n- from *branch* \`$(branch)\` (\`$(commit)\`),\n- using *Cardano Node* version \`$(cardano_node_image_tag)\`,\n- using *Cardano DB Sync* version \`$(cardano_db_sync_image_tag)\`,\n- using *GovTool backend* version \`$(backend_image_tag)\`,\n- using *Govtool frontend* version \`$(frontend_image_tag)\`.\n$(pipeline_info)\" }"

85 changes: 0 additions & 85 deletions scripts/govtool/prepare-config.sh

This file was deleted.

5 changes: 1 addition & 4 deletions scripts/govtool/utils.mk
Original file line number Diff line number Diff line change
@@ -1,20 +1,17 @@
.PHONY: ssh
ssh:
@:$(call check_defined, cardano_network)
@:$(call check_defined, env)
export TERM=xterm-256color; \
ssh $(ssh_url)

.PHONY: docker
docker:
@:$(call check_defined, cardano_network)
@:$(call check_defined, env)
@:$(call check_defined, grafana_admin_password)
@:$(call check_defined, cmd)
export CARDANO_NETWORK=$(cardano_network); \
export DOCKER_HOST=ssh://$(ssh_url); \
export ENVIRONMENT=$(env); \
export GRAFANA_ADMIN_PASSWORD=$(grafana_admin_password); \
export GRAFANA_ADMIN_PASSWORD=$${GRAFANA_ADMIN_PASSWORD}; \
export BACKEND_TAG=$(backend_image_tag); \
export FRONTEND_TAG=$(frontend_image_tag); \
export CARDANO_NODE_TAG=$(cardano_node_image_tag); \
Expand Down

0 comments on commit 31f7b8c

Please sign in to comment.