Merge pull request #549 from IntersectMBO/develop

Implement Deployment Workflow to Dev, Nix Flake Configuration, Fixes: eslint,tsc, file hash matching and Code Refactoring

scripts/govtool/.env.example → .envrc.example

@@ -1,10 +1,6 @@
 # vim: set ft=bash
 # This file is a template for the environment variables that need to be set and
-# should be copied to `.env` or `.envrc` and filled in with the correct values.
-
-# Tell direnv to use Nix configuration.
-# See https://direnv.net/docs/hook.html#nix.
-use nix shell.nix
+# should be copied to `.envrc` and filled in with the correct values.
 
 # target environment: dev, test, staging or beta
 export ENVIRONMENT=<ENVIRONMENT>
@@ -34,33 +30,25 @@ export GRAFANA_SLACK_RECIPIENT=<GRAFANA_SLACK_RECIPIENT>
 export GRAFANA_SLACK_OAUTH_TOKEN=<GRAFANA_SLACK_OAUTH_TOKEN>
 # the basic auth credentials for the Nginx proxy
 export NGINX_BASIC_AUTH=<NGINX_BASIC_AUTH>
+# the IP addresses that bypass the basic auth
+export IP_ADDRESS_BYPASSING_BASIC_AUTH1=<IP_ADDRESS_BYPASSING_BASIC_AUTH1>
+export IP_ADDRESS_BYPASSING_BASIC_AUTH2=<IP_ADDRESS_BYPASSING_BASIC_AUTH2>
 
-
-# The following code is a nice way to display what environment we are in.
-function warn() {
-  tput bold; tput setaf $2; echo "GovTool: $1"; tput sgr0
-}
-
-tput bold
+# the domain name for the target environment
 case "$ENVIRONMENT" in
   "dev")
     export DOMAIN="dev-${CARDANO_NETWORK}.govtool.byron.network"
-    warn "This is a DEV environment, all good!" 2
     ;;
   "test")
     export DOMAIN="test-${CARDANO_NETWORK}.govtool.byron.network"
-    warn "This is TEST environment, be careful…" 4
     ;;
   "staging")
     export DOMAIN="staging.govtool.byron.network"
-    warn "This is STAGING environment, be careful…" 5
     ;;
   "beta")
     export DOMAIN="sanchogov.tools"
-    warn "This is BETA environment, BE CAREFUL!" 1
     ;;
   *)
-    warn "Unknown environment, exiting…" 1
     exit 1
     ;;
 esac

.github/workflows/code_check_frontend.yml

@@ -29,6 +29,8 @@ jobs:
           node-version-file: "govtool/frontend/.nvmrc"
 
       - name: 🧪 Test
+        env:
+          NODE_OPTIONS: "--max_old_space_size=4096"
         run: |
           npm install
           npm run test
@@ -51,7 +53,7 @@ jobs:
           node-version-file: "govtool/frontend/.nvmrc"
 
       - name: 👕 Lint
-        run: /
+        run: |
           npm install
           npm run lint
 
@@ -73,6 +75,6 @@ jobs:
           node-version-file: "govtool/frontend/.nvmrc"
 
       - name: 🔍 Type Check
-        run: /
+        run: |
           npm install
           npm run tsc

.github/workflows/deploy-dev-from-tag.yml

@@ -0,0 +1,66 @@
+name: Build and deploy GovTool to DEV server
+run-name: Deploy by @${{ github.actor }}
+
+on:
+  create:
+
+env:
+  ENVIRONMENT: "dev"
+  CARDANO_NETWORK: "sanchonet"
+  DOMAIN: "dev-sanchonet.govtool.byron.network"
+
+jobs:
+  deploy:
+    name: Deploy app
+    if: github.ref_type == 'tag' && startsWith(github.ref, 'refs/tags/dev-')
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: ./scripts/govtool
+    env:
+      DBSYNC_POSTGRES_DB: "cexplorer"
+      DBSYNC_POSTGRES_USER: "postgres"
+      DBSYNC_POSTGRES_PASSWORD: "pSa8JCpQOACMUdGb"
+      GRAFANA_ADMIN_PASSWORD: ${{ secrets.GRAFANA_ADMIN_PASSWORD }}
+      GRAFANA_SLACK_RECIPIENT: ${{ secrets.GRAFANA_SLACK_RECIPIENT }}
+      GRAFANA_SLACK_OAUTH_TOKEN: ${{ secrets.GRAFANA_SLACK_OAUTH_TOKEN }}
+      NGINX_BASIC_AUTH: ${{ secrets.NGINX_BASIC_AUTH }}
+      SENTRY_DSN_BACKEND: ${{ secrets.SENTRY_DSN_BACKEND }}
+      TRAEFIK_LE_EMAIL: "admin+govtool@binarapps.com"
+      GTM_ID: ${{ secrets.GTM_ID }}
+      SENTRY_DSN: ${{ secrets.SENTRY_DSN_FRONTEND }}
+      PIPELINE_URL: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
+      IP_ADDRESS_BYPASSING_BASIC_AUTH1: ${{ secrets.IP_ADDRESS_BYPASSING_BASIC_AUTH1 }}
+      IP_ADDRESS_BYPASSING_BASIC_AUTH2: ${{ secrets.IP_ADDRESS_BYPASSING_BASIC_AUTH2 }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+        with:
+          ref: ${{ github.ref }}
+          fetch-depth: 0
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v3
+        with:
+          aws-access-key-id: ${{ secrets.GHA_AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.GHA_AWS_SECRET_ACCESS_KEY }}
+          aws-region: eu-west-1
+
+      - name: Login to AWS ECR
+        uses: aws-actions/configure-aws-credentials@v2
+        with:
+          aws-region: eu-west-1
+
+      - name: Setup SSH agent
+        uses: webfactory/ssh-agent@v0.8.0
+        with:
+          ssh-private-key: ${{ secrets.GHA_SSH_PRIVATE_KEY }}
+
+      - name: Deploy app
+        run: |
+          make --debug=b all
+
+      - name: Reprovision Grafana
+        run: |
+          sleep 30 # give grafana time to start up
+          make --debug=b reload-grafana

.gitignore

@@ -100,7 +100,7 @@ book/src/08_event-db/db-diagrams/*.dot
 
 # Used by nix
 result*
-/.direnv/
+.direnv/
 /.pre-commit-config.yaml
 
 # Development Environments

CHANGELOG.md

@@ -9,6 +9,7 @@ As a minor extension, we also keep a semantic version for the `UNRELEASED`
 changes.
 
 ## [Unreleased]
+
 - Update Cardano Serialization Lib to 12.0.0-alpha.19 [Issue 521](https://github.com/IntersectMBO/govtool/issues/521)
 - Add generate jsonld function [Issue 451](https://github.com/IntersectMBO/govtool/issues/451)
 - Create GA review subbmision page [Issue 362](https://github.com/IntersectMBO/govtool/issues/362)
@@ -18,9 +19,13 @@ changes.
 - Add on-chain inputs validation [Issue 377](https://github.com/IntersectMBO/govtool/issues/377)
 - Add hash and validation of the metadata [Issue 378](https://github.com/IntersectMBO/govtool/issues/378)
 - Add githubusercontent.com and ipfs.io to content security policy header [Issue 451](https://github.com/IntersectMBO/govtool/issues/451)
-- Add frontend test workflow on github actions [Issue 500](https://github.com/IntesectMBO/govtool/issues/500)
-- Add type check & lint to github actions [Issue 512](https://github.com/IntesectMBO/govtool/issues/512)
-- Add eslint & prettier to frontend package [Issue 166](https://github.com/IntesectMBO/govtool/issues/166)
+- Add frontend test workflow on github actions [Issue 500](https://github.com/IntersectMBO/govtool/issues/500)
+- Add type check & lint to github actions [Issue 512](https://github.com/IntersectMBO/govtool/issues/512)
+- Add eslint & prettier to frontend package [Issue 166](https://github.com/IntersectMBO/govtool/issues/166)
+- Extend the eslint config to apply to the style guide of the project [Issue 514](https://github.com/IntersectMBO/govtool/issues/514)
+- Fix all the existing eslint errors [Issue 514](https://github.com/IntersectMBO/govtool/issues/514)
+- Fix all the existing typescript errors [Issue 514](https://github.com/IntersectMBO/govtool/issues/514)
+- Fix endless spinner on a dashboard [Issue 539](https://github.com/IntersectMBO/govtool/issues/539)
 
 ### Added
 
@@ -32,6 +37,8 @@ changes.
 - Vitest unit tests added for utils functions [Issue 81](https://github.com/IntersectMBO/govtool/issues/81)
 - i18next library added to FE [Issue 80](https://github.com/IntersectMBO/govtool/issues/80)
 - Add possibility to vote on behalf of myself - Sole Voter [Issue 119](https://github.com/IntersectMBO/govtool/issues/119)
+- Added Nix Flakes configurtion to handle unified developers setup [Issue 526](https://github.com/IntersectMBO/govtool/issues/526)
+- Add missing test to utils [Issue 500](https://github.com/IntersectMBO/govtool/issues/500).
 
 ### Fixed
 
@@ -48,6 +55,7 @@ changes.
 - Fixed deployment scripts to address [Issue 171](https://github.com/IntersectMBO/govtool/issues/171).
 - Fixed get drep voting power incorrectly executed endpoint [Issue 280](https://github.com/IntersectMBO/govtool/issues/280).
 - Fixed CSP settings to allow error reports with Sentry [Issue 291](https://github.com/IntersectMBO/govtool/issues/291).
+- Fix frontend package tests [Issue 500](https://github.com/IntersectMBO/govtool/issues/500).
 
 ### Changed
 

CONTRIBUTING.md

@@ -167,6 +167,7 @@ Try to keep branches up-to-date with main (not strict requirement though).
 Once merged to main, please delete the branch.
 
 **Tip:** Use Github's merge button in PRs to merge with commit.
+This strategy helps us operate on the commits you've delivered: it's easier to [cherry-pick a merge commit](https://git-scm.com/docs/git-cherry-pick#Documentation/git-cherry-pick.txt--mltparent-numbergt) than a series of commits, and it's also easier to [revert changes using a merge commit](https://git-scm.com/docs/git-revert#Documentation/git-revert.txt--mparent-number) instead of a series of reverts.
 If a branch is outdated, use the rebase button in PRs to rebase feature branches (NOT update via merge).
 
 #### Rationale
@@ -229,19 +230,21 @@ TODO
 - Choose ticket/issue to work on from the project, move ticket from `todo` to `in progress`.
 - Create [well named](#branch-naming) branch from `develop` add changes, then make a pull request back to the `develop` branch.
 - If the changes are not ready for review then feel free to create a draft PR, and link this to the ticket/issue.
+- When the PR is ready for review move the ticket from `in progress` to `in review`. Remember to change the state of the PR from draft to actual PR.
 - Developers should review each other's pull requests, and should be requested via [CODEOWNERS](./CODEOWNERS).
 - Unit tests are run on each pull request to `develop`.
-- Once tests pass and peer review is done the branch can be merged into `develop` by author and then deployed to the dev environment (manually for now).
-- The ticket status can then be moved ticket to `in QA` making sure that the PR/branch has been added to the ticket/issue as a comment.
+- After a review remember to address all the requests of changes since they are blocking PR from being merged.
+- Once tests pass and peer review is done the branch can be merged into `develop` by author and then deployed to the dev environment (manually).
+- The ticket status can then be moved to `in QA` making sure that the PR/branch has been added to the ticket/issue as a comment.
 
 ### QA Workflow
 
 - Choose ticket from `in QA`.
 - Merge in the ticket's changes from `develop` branch into `test` branch.
-- Deploy to test environment (manually for now).
+- Deploy to test environment is performed automatically once the ticket is merged to the `test` branch.
 - The QA tests the deployed test environment against the ticket.
 - If QA agrees that the code is good, they can make a PR from `test` branch to `staging` branch where end-to-end and performance tests are run.
-- If tests pass, then QA or tech lead can merge and deploy to staging environment (manually for now).
+- If tests pass, then QA or tech lead can merge and deploy to staging environment (automatically).
 - Moving ticket to `staging` status this ready for PO check.
 
 ### PO Workflow

flake.nix

@@ -0,0 +1,27 @@
+{
+  description = "GovTool and utilities monorepo.";
+
+  inputs.nixpkgs.url =
+    "github:nixos/nixpkgs/c9ece0059f42e0ab53ac870104ca4049df41b133";
+  inputs.node_nixpkgs.url =
+    "github:nixos/nixpkgs/9957cd48326fe8dbd52fdc50dd2502307f188b0d";
+
+  outputs = { self, nixpkgs, node_nixpkgs }: {
+    packages = let
+      supportedSystems =
+        [ "x86_64-linux" "aarch64-linux" "x86_64-darwin" "aarch64-darwin" ];
+    in builtins.listToAttrs (map (system:
+      let
+        pkgs = import nixpkgs { inherit system; config.allowBroken = true; };
+        npkgs = import node_nixpkgs { inherit system; };
+      in {
+        name = system;
+        value = {
+          scripts = pkgs.callPackage ./scripts/govtool { inherit pkgs; };
+          infra = pkgs.callPackage ./infra/terraform { inherit pkgs; };
+          backend = pkgs.callPackage ./govtool/backend { inherit pkgs; };
+          frontend = pkgs.callPackage ./govtool/frontend { pkgs = npkgs; };
+        };
+      }) supportedSystems);
+  };
+}

govtool/backend/.envrc

@@ -0,0 +1,3 @@
+source_up_if_exists
+watch_file vva-be.cabal
+use flake --extra-experimental-features nix-command --extra-experimental-features flakes ../..#backend

govtool/backend/README.md

@@ -18,29 +18,24 @@ You will need your `cardano-node` and `cardano-db-sync` to be compatible with Sa
 
 [`sancho` testnet config files](https://sancho.network/tutorials/start-node/)
 
-### Using Nix
+### Using Nix and Direnv
 
 Due to problems with openapi3 package it's hard to build this project with plain `ghc` and `cabal-install`. Until the prolem is solved we reccomend using `nix` - this problem is fixed when you build your project from inside of the nix shell.
 
 1. Get [Nix](https://nixos.org/download).
 
-2. Enter `govtool/backend` directory:
+2. Get [direnv](https://direnv.net/).
 
-    ```sh
-    cd govtool/backend
-    ```
-
-3. Allow broken nix packages
+3. Enter `govtool/backend` directory:
 
     ```sh
-    export NIXPKGS_ALLOW_BROKEN=1
+    cd govtool/backend
     ```
-    This is due to `openapi3` package being marked as broken.
 
-4. Run `nix-shell`
+4. Allow direnv to setup your environment:
 
     ```sh
-    nix-shell
+    direnv allow
     ```
 
 5. Update cabal & build project

govtool/backend/default.nix

@@ -1,10 +1,10 @@
-{ pkgs ? import <nixpkgs> {} }:
+{ pkgs ? import <nixpkgs> { } }:
 let
   # This is the version of the Haskell compiler we reccommend using.
   ghcPackages = pkgs.haskell.packages.ghc927;
 
-  additionalTools = drv: pkgs.haskell.lib.addBuildTools drv (with ghcPackages;
-    [
+  additionalTools = drv:
+    pkgs.haskell.lib.addBuildTools drv (with ghcPackages; [
       cabal-install
       haskell-language-server
       lzma
@@ -16,7 +16,17 @@ let
   project = ghcPackages.developPackage {
     root = ./.;
     modifier = additionalTools;
-    overrides = self: super: { openapi3 = pkgs.haskell.lib.dontCheck super.openapi3; };
+    overrides = self: super: {
+      openapi3 = pkgs.haskell.lib.dontCheck super.openapi3;
+    };
   };
-in
-project
+in project.overrideAttrs (oldAttrs: {
+  shellHook = ''
+    function warn() { tput setaf $2; echo "$1"; tput sgr0; }
+
+    tput bold
+    warn "Welcome to GovTool!" 4
+    warn "This is a backend development shell." 4
+    warn "Read the govtool/backend/README.md to get more info about this module." 8
+  '' + (oldAttrs.shellHook or "");
+})