From 6a022d9670c963222b9d7e73f5f7052dd6a9a717 Mon Sep 17 00:00:00 2001 From: Mostafa Ahangarha Date: Sat, 12 Aug 2023 21:31:20 +0330 Subject: [PATCH 01/28] Fix mistake in copy address --- .controlplane/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.controlplane/Dockerfile b/.controlplane/Dockerfile index 3e9f83f6..fe910097 100644 --- a/.controlplane/Dockerfile +++ b/.controlplane/Dockerfile @@ -17,7 +17,7 @@ RUN bundle config set without 'development test' && \ bundle install --jobs=3 --retry=3 # install node packages -COPY package.json yarn.lock . +COPY package.json yarn.lock ./ RUN yarn install # pick necessary app files From 353fe1f6745f5d94d5891efbd3f1e383edbab51c Mon Sep 17 00:00:00 2001 From: Mostafa Ahangarha Date: Sat, 12 Aug 2023 21:31:54 +0330 Subject: [PATCH 02/28] Use supported redis docker image --- .controlplane/templates/redis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.controlplane/templates/redis.yml b/.controlplane/templates/redis.yml index 5d24b2a0..124e665a 100644 --- a/.controlplane/templates/redis.yml +++ b/.controlplane/templates/redis.yml @@ -4,7 +4,7 @@ spec: type: standard containers: - name: redis - image: 'redis:6.2.6' + image: 'redis:6.2-alpine' ports: - number: 6379 protocol: tcp From 7190ba1889880ebceae8246c66a1cca245951939 Mon Sep 17 00:00:00 2001 From: Mostafa Ahangarha Date: Sat, 12 Aug 2023 21:32:23 +0330 Subject: [PATCH 03/28] Update cpl gem to 1.0.4 --- Gemfile | 2 +- Gemfile.lock | 5 ++--- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/Gemfile b/Gemfile index 832763a5..31e96ddb 100644 --- a/Gemfile +++ b/Gemfile @@ -5,7 +5,7 @@ git_source(:github) { |repo| "https://github.com/#{repo}.git" } ruby "3.1.2" -gem "cpl", "~> 0.3.3" +gem "cpl", "~> 1.0.4" gem "react_on_rails", "13.2.0" gem "shakapacker", "7.0.3" diff --git a/Gemfile.lock b/Gemfile.lock index cfcef024..2dbac62d 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -116,7 +116,7 @@ GEM term-ansicolor (~> 1.6) thor (>= 0.20.3, < 2.0) tins (~> 1.16) - cpl (0.3.3) + cpl (1.0.4) debug (~> 1.7.1) dotenv (~> 2.8.1) psych (~> 5.1.0) @@ -180,7 +180,6 @@ GEM matrix (0.4.2) method_source (1.0.0) mini_mime (1.1.5) - mini_portile2 (2.8.4) minitest (5.19.0) mutex_m (0.1.2) net-imap (0.3.7) @@ -428,7 +427,7 @@ DEPENDENCIES capybara-screenshot coffee-rails coveralls_reborn (~> 0.25.0) - cpl (~> 0.3.3) + cpl (~> 1.0.4) database_cleaner debug (>= 1.0.0) factory_bot_rails From cecaa9e74192e9bc7439e545075831ba95ca759c Mon Sep 17 00:00:00 2001 From: Mostafa Ahangarha Date: Sat, 12 Aug 2023 23:48:32 +0330 Subject: [PATCH 04/28] Change the organization --- .controlplane/controlplane.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.controlplane/controlplane.yml b/.controlplane/controlplane.yml index 8544025c..37100f8c 100644 --- a/.controlplane/controlplane.yml +++ b/.controlplane/controlplane.yml @@ -3,7 +3,7 @@ aliases: common: &common # Change this to your org name for staging. Production apps will use a different org # for security. - cpln_org: shakacode-demo + cpln_org: shakacode-open-source-examples # Change `shakacode-staging` to your-org-name-for-staging # Example apps use only location. CPLN offers the ability to use multiple locations. default_location: aws-us-east-2 From 980633eea04c4160a3864fc12d04f4e31dd91270 Mon Sep 17 00:00:00 2001 From: Mostafa Ahangarha Date: Sun, 13 Aug 2023 19:35:21 +0330 Subject: [PATCH 05/28] Add instuction for granting docker access the registry --- .controlplane/readme.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/.controlplane/readme.md b/.controlplane/readme.md index 08414374..d5c9a54d 100644 --- a/.controlplane/readme.md +++ b/.controlplane/readme.md @@ -56,6 +56,22 @@ cpl logs -a tutorial-app cpl open -a tutorial-app ``` +Notice that in the first attempt to build the image, you may get it interrupted with a message like this: + +``` +89c3244a87b2: Waiting +80231db1194c: Waiting +f1c1f2298584: Waiting +ccba29d69370: Waiting +unsupported: +*** You are trying to push/pull to your org's private registry in Control Plane. *** +*** First, grant docker access the registry using the 'cpln' command: *** + + cpln image docker-login --org tutorial-app +``` + +Run the given command as instructed and repeat the `build-image` command. + ## Promoting code upgrades ```sh From 19452cdaa6dcd9cd2e3d1159264f2057714b0610 Mon Sep 17 00:00:00 2001 From: Mostafa Ahangarha Date: Sun, 13 Aug 2023 19:36:43 +0330 Subject: [PATCH 06/28] Replace deprecated cpl setup with apply-template --- .controlplane/readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.controlplane/readme.md b/.controlplane/readme.md index d5c9a54d..5519482d 100644 --- a/.controlplane/readme.md +++ b/.controlplane/readme.md @@ -40,7 +40,7 @@ Check if the Control Plane organization and location are correct in `.controlpla # Provision all infrastructure on Control Plane. # app tutorial-app will be created per definition in .controlplane/controlplane.yml -cpl setup gvc postgres redis rails -a tutorial-app +cpl apply-template gvc postgres redis rails -a tutorial-app # Build and push docker image to Control Plane repository # Note, may take many minutes. Be patient. From e88cf0c0d53cd5e5791bb2b9ff2b2523523ed517 Mon Sep 17 00:00:00 2001 From: Mostafa Ahangarha Date: Fri, 6 Oct 2023 18:55:59 +0330 Subject: [PATCH 07/28] Copy postcss config to docker image --- .controlplane/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.controlplane/Dockerfile b/.controlplane/Dockerfile index fe910097..9ed5651a 100644 --- a/.controlplane/Dockerfile +++ b/.controlplane/Dockerfile @@ -21,7 +21,7 @@ COPY package.json yarn.lock ./ RUN yarn install # pick necessary app files -COPY Gemfile* config.ru Rakefile babel.config.js ./ +COPY Gemfile* config.ru Rakefile babel.config.js postcss.config.js ./ COPY app ./app COPY bin ./bin COPY client ./client From 405e376b2b55ed203d8fb3c0a7f6af90c47a41b2 Mon Sep 17 00:00:00 2001 From: Mostafa Ahangarha Date: Fri, 6 Oct 2023 19:06:22 +0330 Subject: [PATCH 08/28] Copy all files like the old docker file --- .controlplane/Dockerfile | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/.controlplane/Dockerfile b/.controlplane/Dockerfile index 9ed5651a..e65ea9e7 100644 --- a/.controlplane/Dockerfile +++ b/.controlplane/Dockerfile @@ -21,14 +21,16 @@ COPY package.json yarn.lock ./ RUN yarn install # pick necessary app files -COPY Gemfile* config.ru Rakefile babel.config.js postcss.config.js ./ -COPY app ./app -COPY bin ./bin -COPY client ./client -COPY config ./config -COPY db ./db -COPY lib ./lib -COPY public ./public +# COPY Gemfile* config.ru Rakefile babel.config.js postcss.config.js ./ +# COPY app ./app +# COPY bin ./bin +# COPY client ./client +# COPY config ./config +# COPY db ./db +# COPY lib ./lib +# COPY public ./public + +COPY . ./ ENV RAILS_ENV=production ENV NODE_ENV=production From c827162798be0665a54a451369156c348c078063 Mon Sep 17 00:00:00 2001 From: Mostafa Ahangarha Date: Tue, 17 Oct 2023 11:53:07 +0330 Subject: [PATCH 09/28] Add postgres-stateful --- .controlplane/templates/gvc.yml | 2 +- .controlplane/templates/postgres-stateful.yml | 170 ++++++++++++++++++ 2 files changed, 171 insertions(+), 1 deletion(-) create mode 100644 .controlplane/templates/postgres-stateful.yml diff --git a/.controlplane/templates/gvc.yml b/.controlplane/templates/gvc.yml index ce9cc03b..17a342ab 100644 --- a/.controlplane/templates/gvc.yml +++ b/.controlplane/templates/gvc.yml @@ -9,7 +9,7 @@ spec: # Password does not matter because host postgres.APP_GVC.cpln.local can only be accessed # locally within CPLN GVC, and postgres running on a CPLN workload is something only for a # test app that lacks persistence. - value: 'postgres://postgres:password123@postgres.APP_GVC.cpln.local:5432/APP_GVC' + value: 'postgres://the_user:the_password@postgres-stateful.APP_GVC.cpln.local:5432/APP_GVC' - name: RAILS_ENV value: production - name: NODE_ENV diff --git a/.controlplane/templates/postgres-stateful.yml b/.controlplane/templates/postgres-stateful.yml new file mode 100644 index 00000000..e18a0153 --- /dev/null +++ b/.controlplane/templates/postgres-stateful.yml @@ -0,0 +1,170 @@ +kind: volumeset +name: postgres-stateful-vs +description: postgres-stateful-vs +spec: + autoscaling: + maxCapacity: 1000 + minFreePercentage: 1 + scalingFactor: 1.1 + fileSystemType: ext4 + initialCapacity: 10 + performanceClass: general-purpose-ssd + snapshots: + createFinalSnapshot: true + retentionDuration: 7d + +--- +kind: secret +name: postgres-stateful-credentials +description: '' +type: dictionary +data: + password: the_user #Replace this with a real password + username: the_password #Replace this with a real username + +--- +kind: secret +name: postgres-stateful-entrypoint-script +type: opaque +data: + encoding: base64 + payload: >- + IyEvdXNyL2Jpbi9lbnYgYmFzaAoKc291cmNlIC91c3IvbG9jYWwvYmluL2RvY2tlci1lbnRyeXBvaW50LnNoCgppbnN0YWxsX2RlcHMoKSB7CiAgYXB0LWdldCB1cGRhdGUgLXkgPiAvZGV2L251bGwKICBhcHQtZ2V0IGluc3RhbGwgY3VybCAteSA+IC9kZXYvbnVsbAogIGFwdC1nZXQgaW5zdGFsbCB1bnppcCAteSA+IC9kZXYvbnVsbAogIGN1cmwgImh0dHBzOi8vYXdzY2xpLmFtYXpvbmF3cy5jb20vYXdzY2xpLWV4ZS1saW51eC14ODZfNjQuemlwIiAtbyAiYXdzY2xpdjIuemlwIiA+IC9kZXYvbnVsbAogIHVuemlwIGF3c2NsaXYyLnppcCA+IC9kZXYvbnVsbAogIC4vYXdzL2luc3RhbGwgPiAvZGV2L251bGwKfQoKZGJfaGFzX2JlZW5fcmVzdG9yZWQoKSB7CiAgaWYgWyAhIC1mICIkUEdEQVRBL0NQTE5fUkVTVE9SRUQiIF07IHRoZW4KICAgIHJldHVybiAxCiAgZmkKCiAgaWYgISBncmVwIC1xICJcLT4gJDEkIiAiJFBHREFUQS9DUExOX1JFU1RPUkVEIjsgdGhlbgogICAgcmV0dXJuIDEKICBlbHNlCiAgICByZXR1cm4gMAogIGZpCn0KCnJlc3RvcmVfZGIoKSB7Cgl3aGlsZSBbICEgLVMgL3Zhci9ydW4vcG9zdGdyZXNxbC8ucy5QR1NRTC41NDMyIF0KCWRvCiAgICBlY2hvICJXYWl0aW5nIDVzIGZvciBkYiBzb2NrZXQgdG8gYmUgYXZhaWxhYmxlIgogICAgc2xlZXAgNXMKICBkb25lCgoKCWlmICEgZGJfaGFzX2JlZW5fcmVzdG9yZWQgIiQxIjsgdGhlbgoJICBlY2hvICJJdCBhcHBlYXJzIGRiICckMScgaGFzIG5vdCB5ZXQgYmVlbiByZXN0b3JlZCBmcm9tIFMzLiBBdHRlbXB0aW5nIHRvIHJlc3RvcmUgJDEgZnJvbSAkMiIKCSAgaW5zdGFsbF9kZXBzCgkgIGRvY2tlcl9zZXR1cF9kYiAjRW5zdXJlcyAkUE9TVEdSRVNfREIgZXhpc3RzIChkZWZpbmVkIGluIHRoZSBlbnRyeXBvaW50IHNjcmlwdCBmcm9tIHRoZSBwb3N0Z3JlcyBkb2NrZXIgaW1hZ2UpCgkgIGF3cyBzMyBjcCAiJDIiIC0gfCBwZ19yZXN0b3JlIC0tY2xlYW4gLS1uby1hY2wgLS1uby1vd25lciAtZCAiJDEiIC1VICIkUE9TVEdSRVNfVVNFUiIKCSAgZWNobyAiJChkYXRlKTogJDIgLT4gJDEiIHwgY2F0ID4+ICIkUEdEQVRBL0NQTE5fUkVTVE9SRUQiCgllbHNlCgkgIGVjaG8gIkRiICckMScgYWxyZWFkeSBleGlzdHMuIFJlYWR5ISIKICBmaQp9CgpfbWFpbiAiJEAiICYKYmFja2dyb3VuZFByb2Nlc3M9JCEKCmlmIFsgLW4gIiRQT1NUR1JFU19BUkNISVZFX1VSSSIgXTsgdGhlbgogIHJlc3RvcmVfZGIgIiRQT1NUR1JFU19EQiIgIiRQT1NUR1JFU19BUkNISVZFX1VSSSIKZWxzZQogIGVjaG8gIkRlY2xpbmluZyB0byByZXN0b3JlIHRoZSBkYiBiZWNhdXNlIG5vIGFyY2hpdmUgdXJpIHdhcyBwcm92aWRlZCIKZmkKCndhaXQgJGJhY2tncm91bmRQcm9jZXNzCgoK + +#Here is the ASCII-encoded version of the script in the secret above +#!/usr/bin/env bash +# +#source /usr/local/bin/docker-entrypoint.sh +# +#install_deps() { +# apt-get update -y > /dev/null +# apt-get install curl -y > /dev/null +# apt-get install unzip -y > /dev/null +# curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" > /dev/null +# unzip awscliv2.zip > /dev/null +# ./aws/install > /dev/null +#} +# +#db_has_been_restored() { +# if [ ! -f "$PGDATA/CPLN_RESTORED" ]; then +# return 1 +# fi +# +# if ! grep -q "\-> $1$" "$PGDATA/CPLN_RESTORED"; then +# return 1 +# else +# return 0 +# fi +#} +# +#restore_db() { +# while [ ! -S /var/run/postgresql/.s.PGSQL.5432 ] +# do +# echo "Waiting 5s for db socket to be available" +# sleep 5s +# done +# +# +# if ! db_has_been_restored "$1"; then +# echo "It appears db '$1' has not yet been restored from S3. Attempting to restore $1 from $2" +# install_deps +# docker_setup_db #Ensures $POSTGRES_DB exists (defined in the entrypoint script from the postgres docker image) +# aws s3 cp "$2" - | pg_restore --clean --no-acl --no-owner -d "$1" -U "$POSTGRES_USER" +# echo "$(date): $2 -> $1" | cat >> "$PGDATA/CPLN_RESTORED" +# else +# echo "Db '$1' already exists. Ready!" +# fi +#} +# +#_main "$@" & +#backgroundProcess=$! +# +#if [ -n "$POSTGRES_ARCHIVE_URI" ]; then +# restore_db "$POSTGRES_DB" "$POSTGRES_ARCHIVE_URI" +#else +# echo "Declining to restore the db because no archive uri was provided" +#fi +# +#wait $backgroundProcess + +--- +kind: identity +name: postgres-stateful-identity +description: postgres-stateful-identity + +--- +kind: policy +name: postgres-stateful-access +description: postgres-stateful-access +bindings: + - permissions: + - reveal + - use + - view + principalLinks: + - //gvc/react-webpack-rails-tutorial/identity/postgres-stateful-identity #Replace YOUR_GVC_HERE with the name of your gvc +targetKind: secret +targetLinks: + - //secret/postgres-stateful-credentials + - //secret/postgres-stateful-entrypoint-script + +--- +kind: workload +name: postgres-stateful +description: postgres-stateful +spec: + type: stateful + containers: + - cpu: 1000m + memory: 512Mi + env: + # - name: POSTGRES_ARCHIVE_URI #Use this var to control the automatic restore behavior. If you leave it out, the db will start empty. + # value: s3://YOUR_BUCKET/PATH_TO_ARCHIVE_FILE + - name: PGDATA #The location postgres stores the db. This can be anything other than /var/lib/postgresql/data, but it must be inside the mount point for the volume set + value: "/var/lib/postgresql/data/pg_data" + - name: POSTGRES_DB #The name of the initial db + value: test + - name: POSTGRES_PASSWORD #The password for the default user + value: cpln://secret/postgres-stateful-credentials.password + - name: POSTGRES_USER #The name of the default user + value: cpln://secret/postgres-stateful-credentials.username + name: stateful + image: postgres:15 + command: /bin/bash + args: + - "-c" + - "cat /usr/local/bin/cpln-entrypoint.sh >> ./cpln-entrypoint.sh && chmod u+x ./cpln-entrypoint.sh && ./cpln-entrypoint.sh postgres" + #command: "cpln-entrypoint.sh" + #args: + # - "postgres" + ports: + - number: 5432 + protocol: tcp + volumes: + - uri: cpln://volumeset/postgres-stateful-vs + path: "/var/lib/postgresql/data" + - uri: cpln://secret/postgres-stateful-entrypoint-script + path: "/usr/local/bin/cpln-entrypoint.sh" + inheritEnv: false + livenessProbe: + tcpSocket: + port: 5432 + failureThreshold: 1 + readinessProbe: + tcpSocket: + port: 5432 + failureThreshold: 1 + identityLink: //identity/postgres-stateful-identity + defaultOptions: + capacityAI: false + autoscaling: + metric: cpu + target: 95 + maxScale: 1 + firewallConfig: + external: + inboundAllowCIDR: [] + outboundAllowCIDR: + - 0.0.0.0/0 + internal: + inboundAllowType: same-gvc From c836fba3e1cb07ec74cdb1cdce8f9e0d7c2754ff Mon Sep 17 00:00:00 2001 From: Mostafa Ahangarha Date: Tue, 17 Oct 2023 12:04:29 +0330 Subject: [PATCH 10/28] Add postgres-stateful as additional workload --- .controlplane/controlplane.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.controlplane/controlplane.yml b/.controlplane/controlplane.yml index 37100f8c..1a590bb1 100644 --- a/.controlplane/controlplane.yml +++ b/.controlplane/controlplane.yml @@ -16,7 +16,7 @@ aliases: # Like Heroku add-ons additional_workloads: - redis - - postgres + - postgres-stateful apps: react-webpack-rails-tutorial: From 29e71ecc4e82256d8905ca78c18e8708dec20a9f Mon Sep 17 00:00:00 2001 From: Mostafa Ahangarha Date: Tue, 17 Oct 2023 13:51:11 +0330 Subject: [PATCH 11/28] Break down postgres-stateful into separate templates --- .../templates/postgres-stateful-identity.yml | 3 + .../templates/postgres-stateful-policy.yml | 14 +++ ...gres-stateful-secret-entrypoint-script.yml | 63 ++++++++++ .../templates/postgres-stateful-secrets.yml | 7 ++ .../templates/postgres-stateful-vs.yml | 14 +++ .controlplane/templates/postgres-stateful.yml | 111 ------------------ 6 files changed, 101 insertions(+), 111 deletions(-) create mode 100644 .controlplane/templates/postgres-stateful-identity.yml create mode 100644 .controlplane/templates/postgres-stateful-policy.yml create mode 100644 .controlplane/templates/postgres-stateful-secret-entrypoint-script.yml create mode 100644 .controlplane/templates/postgres-stateful-secrets.yml create mode 100644 .controlplane/templates/postgres-stateful-vs.yml diff --git a/.controlplane/templates/postgres-stateful-identity.yml b/.controlplane/templates/postgres-stateful-identity.yml new file mode 100644 index 00000000..dbc7584c --- /dev/null +++ b/.controlplane/templates/postgres-stateful-identity.yml @@ -0,0 +1,3 @@ +kind: identity +name: postgres-stateful-identity +description: postgres-stateful-identity diff --git a/.controlplane/templates/postgres-stateful-policy.yml b/.controlplane/templates/postgres-stateful-policy.yml new file mode 100644 index 00000000..c537bcab --- /dev/null +++ b/.controlplane/templates/postgres-stateful-policy.yml @@ -0,0 +1,14 @@ +kind: policy +name: postgres-stateful-access +description: postgres-stateful-access +bindings: + - permissions: + - reveal + - use + - view + principalLinks: + - //gvc/react-webpack-rails-tutorial/identity/postgres-stateful-identity #Replace YOUR_GVC_HERE with the name of your gvc +targetKind: secret +targetLinks: + - //secret/postgres-stateful-credentials + - //secret/postgres-stateful-entrypoint-script diff --git a/.controlplane/templates/postgres-stateful-secret-entrypoint-script.yml b/.controlplane/templates/postgres-stateful-secret-entrypoint-script.yml new file mode 100644 index 00000000..24a09e7a --- /dev/null +++ b/.controlplane/templates/postgres-stateful-secret-entrypoint-script.yml @@ -0,0 +1,63 @@ +kind: secret +name: postgres-stateful-entrypoint-script +type: opaque +data: + encoding: base64 + payload: >- + IyEvdXNyL2Jpbi9lbnYgYmFzaAoKc291cmNlIC91c3IvbG9jYWwvYmluL2RvY2tlci1lbnRyeXBvaW50LnNoCgppbnN0YWxsX2RlcHMoKSB7CiAgYXB0LWdldCB1cGRhdGUgLXkgPiAvZGV2L251bGwKICBhcHQtZ2V0IGluc3RhbGwgY3VybCAteSA+IC9kZXYvbnVsbAogIGFwdC1nZXQgaW5zdGFsbCB1bnppcCAteSA+IC9kZXYvbnVsbAogIGN1cmwgImh0dHBzOi8vYXdzY2xpLmFtYXpvbmF3cy5jb20vYXdzY2xpLWV4ZS1saW51eC14ODZfNjQuemlwIiAtbyAiYXdzY2xpdjIuemlwIiA+IC9kZXYvbnVsbAogIHVuemlwIGF3c2NsaXYyLnppcCA+IC9kZXYvbnVsbAogIC4vYXdzL2luc3RhbGwgPiAvZGV2L251bGwKfQoKZGJfaGFzX2JlZW5fcmVzdG9yZWQoKSB7CiAgaWYgWyAhIC1mICIkUEdEQVRBL0NQTE5fUkVTVE9SRUQiIF07IHRoZW4KICAgIHJldHVybiAxCiAgZmkKCiAgaWYgISBncmVwIC1xICJcLT4gJDEkIiAiJFBHREFUQS9DUExOX1JFU1RPUkVEIjsgdGhlbgogICAgcmV0dXJuIDEKICBlbHNlCiAgICByZXR1cm4gMAogIGZpCn0KCnJlc3RvcmVfZGIoKSB7Cgl3aGlsZSBbICEgLVMgL3Zhci9ydW4vcG9zdGdyZXNxbC8ucy5QR1NRTC41NDMyIF0KCWRvCiAgICBlY2hvICJXYWl0aW5nIDVzIGZvciBkYiBzb2NrZXQgdG8gYmUgYXZhaWxhYmxlIgogICAgc2xlZXAgNXMKICBkb25lCgoKCWlmICEgZGJfaGFzX2JlZW5fcmVzdG9yZWQgIiQxIjsgdGhlbgoJICBlY2hvICJJdCBhcHBlYXJzIGRiICckMScgaGFzIG5vdCB5ZXQgYmVlbiByZXN0b3JlZCBmcm9tIFMzLiBBdHRlbXB0aW5nIHRvIHJlc3RvcmUgJDEgZnJvbSAkMiIKCSAgaW5zdGFsbF9kZXBzCgkgIGRvY2tlcl9zZXR1cF9kYiAjRW5zdXJlcyAkUE9TVEdSRVNfREIgZXhpc3RzIChkZWZpbmVkIGluIHRoZSBlbnRyeXBvaW50IHNjcmlwdCBmcm9tIHRoZSBwb3N0Z3JlcyBkb2NrZXIgaW1hZ2UpCgkgIGF3cyBzMyBjcCAiJDIiIC0gfCBwZ19yZXN0b3JlIC0tY2xlYW4gLS1uby1hY2wgLS1uby1vd25lciAtZCAiJDEiIC1VICIkUE9TVEdSRVNfVVNFUiIKCSAgZWNobyAiJChkYXRlKTogJDIgLT4gJDEiIHwgY2F0ID4+ICIkUEdEQVRBL0NQTE5fUkVTVE9SRUQiCgllbHNlCgkgIGVjaG8gIkRiICckMScgYWxyZWFkeSBleGlzdHMuIFJlYWR5ISIKICBmaQp9CgpfbWFpbiAiJEAiICYKYmFja2dyb3VuZFByb2Nlc3M9JCEKCmlmIFsgLW4gIiRQT1NUR1JFU19BUkNISVZFX1VSSSIgXTsgdGhlbgogIHJlc3RvcmVfZGIgIiRQT1NUR1JFU19EQiIgIiRQT1NUR1JFU19BUkNISVZFX1VSSSIKZWxzZQogIGVjaG8gIkRlY2xpbmluZyB0byByZXN0b3JlIHRoZSBkYiBiZWNhdXNlIG5vIGFyY2hpdmUgdXJpIHdhcyBwcm92aWRlZCIKZmkKCndhaXQgJGJhY2tncm91bmRQcm9jZXNzCgoK + +#Here is the ASCII-encoded version of the script in the secret above +#!/usr/bin/env bash +# +#source /usr/local/bin/docker-entrypoint.sh +# +#install_deps() { +# apt-get update -y > /dev/null +# apt-get install curl -y > /dev/null +# apt-get install unzip -y > /dev/null +# curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" > /dev/null +# unzip awscliv2.zip > /dev/null +# ./aws/install > /dev/null +#} +# +#db_has_been_restored() { +# if [ ! -f "$PGDATA/CPLN_RESTORED" ]; then +# return 1 +# fi +# +# if ! grep -q "\-> $1$" "$PGDATA/CPLN_RESTORED"; then +# return 1 +# else +# return 0 +# fi +#} +# +#restore_db() { +# while [ ! -S /var/run/postgresql/.s.PGSQL.5432 ] +# do +# echo "Waiting 5s for db socket to be available" +# sleep 5s +# done +# +# +# if ! db_has_been_restored "$1"; then +# echo "It appears db '$1' has not yet been restored from S3. Attempting to restore $1 from $2" +# install_deps +# docker_setup_db #Ensures $POSTGRES_DB exists (defined in the entrypoint script from the postgres docker image) +# aws s3 cp "$2" - | pg_restore --clean --no-acl --no-owner -d "$1" -U "$POSTGRES_USER" +# echo "$(date): $2 -> $1" | cat >> "$PGDATA/CPLN_RESTORED" +# else +# echo "Db '$1' already exists. Ready!" +# fi +#} +# +#_main "$@" & +#backgroundProcess=$! +# +#if [ -n "$POSTGRES_ARCHIVE_URI" ]; then +# restore_db "$POSTGRES_DB" "$POSTGRES_ARCHIVE_URI" +#else +# echo "Declining to restore the db because no archive uri was provided" +#fi +# +#wait $backgroundProcess diff --git a/.controlplane/templates/postgres-stateful-secrets.yml b/.controlplane/templates/postgres-stateful-secrets.yml new file mode 100644 index 00000000..16c0fda4 --- /dev/null +++ b/.controlplane/templates/postgres-stateful-secrets.yml @@ -0,0 +1,7 @@ +kind: secret +name: postgres-stateful-credentials +description: '' +type: dictionary +data: + password: the_user #Replace this with a real password + username: the_password #Replace this with a real username diff --git a/.controlplane/templates/postgres-stateful-vs.yml b/.controlplane/templates/postgres-stateful-vs.yml new file mode 100644 index 00000000..a20d2f38 --- /dev/null +++ b/.controlplane/templates/postgres-stateful-vs.yml @@ -0,0 +1,14 @@ +kind: volumeset +name: postgres-stateful-vs +description: postgres-stateful-vs +spec: + autoscaling: + maxCapacity: 1000 + minFreePercentage: 1 + scalingFactor: 1.1 + fileSystemType: ext4 + initialCapacity: 10 + performanceClass: general-purpose-ssd + snapshots: + createFinalSnapshot: true + retentionDuration: 7d diff --git a/.controlplane/templates/postgres-stateful.yml b/.controlplane/templates/postgres-stateful.yml index e18a0153..646f01d1 100644 --- a/.controlplane/templates/postgres-stateful.yml +++ b/.controlplane/templates/postgres-stateful.yml @@ -1,114 +1,3 @@ -kind: volumeset -name: postgres-stateful-vs -description: postgres-stateful-vs -spec: - autoscaling: - maxCapacity: 1000 - minFreePercentage: 1 - scalingFactor: 1.1 - fileSystemType: ext4 - initialCapacity: 10 - performanceClass: general-purpose-ssd - snapshots: - createFinalSnapshot: true - retentionDuration: 7d - ---- -kind: secret -name: postgres-stateful-credentials -description: '' -type: dictionary -data: - password: the_user #Replace this with a real password - username: the_password #Replace this with a real username - ---- -kind: secret -name: postgres-stateful-entrypoint-script -type: opaque -data: - encoding: base64 - payload: >- - IyEvdXNyL2Jpbi9lbnYgYmFzaAoKc291cmNlIC91c3IvbG9jYWwvYmluL2RvY2tlci1lbnRyeXBvaW50LnNoCgppbnN0YWxsX2RlcHMoKSB7CiAgYXB0LWdldCB1cGRhdGUgLXkgPiAvZGV2L251bGwKICBhcHQtZ2V0IGluc3RhbGwgY3VybCAteSA+IC9kZXYvbnVsbAogIGFwdC1nZXQgaW5zdGFsbCB1bnppcCAteSA+IC9kZXYvbnVsbAogIGN1cmwgImh0dHBzOi8vYXdzY2xpLmFtYXpvbmF3cy5jb20vYXdzY2xpLWV4ZS1saW51eC14ODZfNjQuemlwIiAtbyAiYXdzY2xpdjIuemlwIiA+IC9kZXYvbnVsbAogIHVuemlwIGF3c2NsaXYyLnppcCA+IC9kZXYvbnVsbAogIC4vYXdzL2luc3RhbGwgPiAvZGV2L251bGwKfQoKZGJfaGFzX2JlZW5fcmVzdG9yZWQoKSB7CiAgaWYgWyAhIC1mICIkUEdEQVRBL0NQTE5fUkVTVE9SRUQiIF07IHRoZW4KICAgIHJldHVybiAxCiAgZmkKCiAgaWYgISBncmVwIC1xICJcLT4gJDEkIiAiJFBHREFUQS9DUExOX1JFU1RPUkVEIjsgdGhlbgogICAgcmV0dXJuIDEKICBlbHNlCiAgICByZXR1cm4gMAogIGZpCn0KCnJlc3RvcmVfZGIoKSB7Cgl3aGlsZSBbICEgLVMgL3Zhci9ydW4vcG9zdGdyZXNxbC8ucy5QR1NRTC41NDMyIF0KCWRvCiAgICBlY2hvICJXYWl0aW5nIDVzIGZvciBkYiBzb2NrZXQgdG8gYmUgYXZhaWxhYmxlIgogICAgc2xlZXAgNXMKICBkb25lCgoKCWlmICEgZGJfaGFzX2JlZW5fcmVzdG9yZWQgIiQxIjsgdGhlbgoJICBlY2hvICJJdCBhcHBlYXJzIGRiICckMScgaGFzIG5vdCB5ZXQgYmVlbiByZXN0b3JlZCBmcm9tIFMzLiBBdHRlbXB0aW5nIHRvIHJlc3RvcmUgJDEgZnJvbSAkMiIKCSAgaW5zdGFsbF9kZXBzCgkgIGRvY2tlcl9zZXR1cF9kYiAjRW5zdXJlcyAkUE9TVEdSRVNfREIgZXhpc3RzIChkZWZpbmVkIGluIHRoZSBlbnRyeXBvaW50IHNjcmlwdCBmcm9tIHRoZSBwb3N0Z3JlcyBkb2NrZXIgaW1hZ2UpCgkgIGF3cyBzMyBjcCAiJDIiIC0gfCBwZ19yZXN0b3JlIC0tY2xlYW4gLS1uby1hY2wgLS1uby1vd25lciAtZCAiJDEiIC1VICIkUE9TVEdSRVNfVVNFUiIKCSAgZWNobyAiJChkYXRlKTogJDIgLT4gJDEiIHwgY2F0ID4+ICIkUEdEQVRBL0NQTE5fUkVTVE9SRUQiCgllbHNlCgkgIGVjaG8gIkRiICckMScgYWxyZWFkeSBleGlzdHMuIFJlYWR5ISIKICBmaQp9CgpfbWFpbiAiJEAiICYKYmFja2dyb3VuZFByb2Nlc3M9JCEKCmlmIFsgLW4gIiRQT1NUR1JFU19BUkNISVZFX1VSSSIgXTsgdGhlbgogIHJlc3RvcmVfZGIgIiRQT1NUR1JFU19EQiIgIiRQT1NUR1JFU19BUkNISVZFX1VSSSIKZWxzZQogIGVjaG8gIkRlY2xpbmluZyB0byByZXN0b3JlIHRoZSBkYiBiZWNhdXNlIG5vIGFyY2hpdmUgdXJpIHdhcyBwcm92aWRlZCIKZmkKCndhaXQgJGJhY2tncm91bmRQcm9jZXNzCgoK - -#Here is the ASCII-encoded version of the script in the secret above -#!/usr/bin/env bash -# -#source /usr/local/bin/docker-entrypoint.sh -# -#install_deps() { -# apt-get update -y > /dev/null -# apt-get install curl -y > /dev/null -# apt-get install unzip -y > /dev/null -# curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" > /dev/null -# unzip awscliv2.zip > /dev/null -# ./aws/install > /dev/null -#} -# -#db_has_been_restored() { -# if [ ! -f "$PGDATA/CPLN_RESTORED" ]; then -# return 1 -# fi -# -# if ! grep -q "\-> $1$" "$PGDATA/CPLN_RESTORED"; then -# return 1 -# else -# return 0 -# fi -#} -# -#restore_db() { -# while [ ! -S /var/run/postgresql/.s.PGSQL.5432 ] -# do -# echo "Waiting 5s for db socket to be available" -# sleep 5s -# done -# -# -# if ! db_has_been_restored "$1"; then -# echo "It appears db '$1' has not yet been restored from S3. Attempting to restore $1 from $2" -# install_deps -# docker_setup_db #Ensures $POSTGRES_DB exists (defined in the entrypoint script from the postgres docker image) -# aws s3 cp "$2" - | pg_restore --clean --no-acl --no-owner -d "$1" -U "$POSTGRES_USER" -# echo "$(date): $2 -> $1" | cat >> "$PGDATA/CPLN_RESTORED" -# else -# echo "Db '$1' already exists. Ready!" -# fi -#} -# -#_main "$@" & -#backgroundProcess=$! -# -#if [ -n "$POSTGRES_ARCHIVE_URI" ]; then -# restore_db "$POSTGRES_DB" "$POSTGRES_ARCHIVE_URI" -#else -# echo "Declining to restore the db because no archive uri was provided" -#fi -# -#wait $backgroundProcess - ---- -kind: identity -name: postgres-stateful-identity -description: postgres-stateful-identity - ---- -kind: policy -name: postgres-stateful-access -description: postgres-stateful-access -bindings: - - permissions: - - reveal - - use - - view - principalLinks: - - //gvc/react-webpack-rails-tutorial/identity/postgres-stateful-identity #Replace YOUR_GVC_HERE with the name of your gvc -targetKind: secret -targetLinks: - - //secret/postgres-stateful-credentials - - //secret/postgres-stateful-entrypoint-script - ---- kind: workload name: postgres-stateful description: postgres-stateful From 0b3f23b4fba78a2c6f7f0e57de35642cf0942530 Mon Sep 17 00:00:00 2001 From: Mostafa Ahangarha Date: Tue, 17 Oct 2023 21:25:16 +0330 Subject: [PATCH 12/28] Fix credentials for database --- .controlplane/templates/postgres-stateful-secrets.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.controlplane/templates/postgres-stateful-secrets.yml b/.controlplane/templates/postgres-stateful-secrets.yml index 16c0fda4..c265ab0a 100644 --- a/.controlplane/templates/postgres-stateful-secrets.yml +++ b/.controlplane/templates/postgres-stateful-secrets.yml @@ -3,5 +3,5 @@ name: postgres-stateful-credentials description: '' type: dictionary data: - password: the_user #Replace this with a real password - username: the_password #Replace this with a real username + username: the_user #Replace this with a real username + password: the_password #Replace this with a real password From 749e4cef5837d9d1256051311a1aa3ee97d2e323 Mon Sep 17 00:00:00 2001 From: Mostafa Ahangarha Date: Tue, 17 Oct 2023 22:00:23 +0330 Subject: [PATCH 13/28] Restric policy permission to reveal --- .controlplane/templates/postgres-stateful-policy.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.controlplane/templates/postgres-stateful-policy.yml b/.controlplane/templates/postgres-stateful-policy.yml index c537bcab..f096146f 100644 --- a/.controlplane/templates/postgres-stateful-policy.yml +++ b/.controlplane/templates/postgres-stateful-policy.yml @@ -4,8 +4,6 @@ description: postgres-stateful-access bindings: - permissions: - reveal - - use - - view principalLinks: - //gvc/react-webpack-rails-tutorial/identity/postgres-stateful-identity #Replace YOUR_GVC_HERE with the name of your gvc targetKind: secret From 6f18c03089d1562871d97ab83f6a1c56f4ed698d Mon Sep 17 00:00:00 2001 From: Justin Gordon Date: Tue, 17 Oct 2023 16:51:02 -1000 Subject: [PATCH 14/28] Updates for CPLN working --- .controlplane/controlplane.yml | 2 +- .controlplane/readme.md | 38 ++-- .controlplane/templates/gvc.yml | 2 +- .../templates/postgres-stateful-identity.yml | 3 - .../templates/postgres-stateful-policy.yml | 12 -- ...gres-stateful-secret-entrypoint-script.yml | 63 ------ .../templates/postgres-stateful-secrets.yml | 7 - .../templates/postgres-stateful-vs.yml | 14 -- .controlplane/templates/postgres-stateful.yml | 59 ------ .controlplane/templates/postgres.yml | 179 ++++++++++++++++-- Gemfile | 3 +- Gemfile.lock | 14 +- .../CommentBox/CommentBox.module.scss | 12 -- 13 files changed, 196 insertions(+), 212 deletions(-) delete mode 100644 .controlplane/templates/postgres-stateful-identity.yml delete mode 100644 .controlplane/templates/postgres-stateful-policy.yml delete mode 100644 .controlplane/templates/postgres-stateful-secret-entrypoint-script.yml delete mode 100644 .controlplane/templates/postgres-stateful-secrets.yml delete mode 100644 .controlplane/templates/postgres-stateful-vs.yml delete mode 100644 .controlplane/templates/postgres-stateful.yml diff --git a/.controlplane/controlplane.yml b/.controlplane/controlplane.yml index 1a590bb1..37100f8c 100644 --- a/.controlplane/controlplane.yml +++ b/.controlplane/controlplane.yml @@ -16,7 +16,7 @@ aliases: # Like Heroku add-ons additional_workloads: - redis - - postgres-stateful + - postgres apps: react-webpack-rails-tutorial: diff --git a/.controlplane/readme.md b/.controlplane/readme.md index 5519482d..69d37c40 100644 --- a/.controlplane/readme.md +++ b/.controlplane/readme.md @@ -11,12 +11,13 @@ You can see the definition of Postgres and Redis in the `.controlplane/templates ## Prerequisites 1. Ensure your [Control Plane](https://controlplane.com) account is set up. +You should have an `organization` for testing in that account. You will modify value for `aliases.common.cpln_org` in `.controlplane/controlplane.yml`. If you need an organization, please [contact Shakcode](mailto:controlplane@shkacode.com). -2. Set up an `organization` for testing in that account and modify `aliases.common.cpln_org` in `.controlplane/controlplane.yml` . +2. Run `cpln image docker-login --org ` to ensure that you have access to the Control Plane Docker registry. -3. Install Control Plane CLI (and configure access) [docs here](https://docs.controlplane.com/quickstart/quick-start-3-cli#getting-started-with-the-cli). You can update the `cpln` command line with the same command as installation, `npm install -g @controlplane/cli`. Then run `cpln login` to ensure access. +3. Install Control Plane CLI (and configure access) [docs here](https://docs.controlplane.com/quickstart/quick-start-3-cli#getting-started-with-the-cli), `npm install -g @controlplane/cli`. You can update the `cpln` command line with `npm update -g @controlplane/cli`, . Then run `cpln login` to ensure access. -4. Install [Heroku to Control Plane](https://github.com/shakacode/heroku-to-control-plane) playbook CLI [`cpl` gem](https://rubygems.org/gems/cpl) on your project's Gemfile or globally. +4. Install [Heroku to Control Plane](https://github.com/shakacode/heroku-to-control-plane) playbook CLI [`cpl` gem](https://rubygems.org/gems/cpl) on your project's Gemfile or globally. Use the current version. 5. This project has a `Dockerfile` for Control Plane in this directory. You can use it as an example for your project. Ensure that you have Docker running. @@ -26,8 +27,8 @@ Do not confuse the `cpl` CLI with the `cpln` CLI. The `cpl` CLI is the Heroku to ## Project Configuration See the filese in the `./controlplane` directory. -1. `/templates`: defines the objects created with the `cpl setup` command. -2. `/controlplane.yml`: defines the organization, location, and app name. +1. `/templates`: defines the objects created with the `cpl setup` command. These YAML files are the same as used by the `cpln apply` command. +2. `/controlplane.yml`: defines your application, including the organization, location, and app name. 3. `Dockerfile`: defines the Docker image used to run the app on Control Plane. 4. `entrypoint.sh`: defines the entrypoint script used to run the app on Control Plane. @@ -35,18 +36,20 @@ See the filese in the `./controlplane` directory. Check if the Control Plane organization and location are correct in `.controlplane/controlplane.yml`. You should be able to see this information in the Control Plane UI. -```sh -# Note, below commands use `cpl` which is the Heroku to Control Plane playbook script. +Note, below commands use `cpl` which is the Heroku to Control Plane playbook gem, and +not `cpln` which is the Control Plane CLI. +```sh # Provision all infrastructure on Control Plane. # app tutorial-app will be created per definition in .controlplane/controlplane.yml cpl apply-template gvc postgres redis rails -a tutorial-app # Build and push docker image to Control Plane repository -# Note, may take many minutes. Be patient. +# Note, may take many minutes. Be patient. Check for error messages, such as forgetting to run `cpln image docker-login --org ` cpl build-image -a tutorial-app # Promote image to app after running `cpl build-image command` +# Note, the UX of images may not show the image for up to 5 minutes. However, it's ready. cpl deploy-image -a tutorial-app # See how app is starting up @@ -72,25 +75,30 @@ unsupported: Run the given command as instructed and repeat the `build-image` command. -## Promoting code upgrades +### Promoting code updates + +After committing code, you will update your deployment of `tutorial-app` with the following commands: ```sh -# Build and push new image with sequential image tagging, e.g. 'ror-tutorial_123' +# Build and push new image with sequential image tagging, e.g. 'tutorial-app:1', then 'tutorial-app:2', etc. cpl build-image -a tutorial-app -# OR -# Build and push with sequential image tagging and commit SHA, e.g. 'ror-tutorial_123_ABCD' -cpl build-image -a tutorial-app --commit ABCD - # Run database migrations (or other release tasks) with latest image, # while app is still running on previous image. # This is analogous to the release phase. cpl runner rails db:migrate -a tutorial-app --image latest -# Pomote latest image to app +# Pomote latest image to app after migrations run cpl deploy-image -a tutorial-app ``` +If you needed to push a new image with a specific commit SHA, you can run the following command: + +```sh +# Build and push with sequential image tagging and commit SHA, e.g. 'tutorial-app:123_ABCD' +cpl build-image -a tutorial-app --commit ABCD +``` + ## Other notes ### `entrypoint.sh` diff --git a/.controlplane/templates/gvc.yml b/.controlplane/templates/gvc.yml index 17a342ab..93028630 100644 --- a/.controlplane/templates/gvc.yml +++ b/.controlplane/templates/gvc.yml @@ -9,7 +9,7 @@ spec: # Password does not matter because host postgres.APP_GVC.cpln.local can only be accessed # locally within CPLN GVC, and postgres running on a CPLN workload is something only for a # test app that lacks persistence. - value: 'postgres://the_user:the_password@postgres-stateful.APP_GVC.cpln.local:5432/APP_GVC' + value: 'postgres://the_user:the_password@postgres.APP_GVC.cpln.local:5432/APP_GVC' - name: RAILS_ENV value: production - name: NODE_ENV diff --git a/.controlplane/templates/postgres-stateful-identity.yml b/.controlplane/templates/postgres-stateful-identity.yml deleted file mode 100644 index dbc7584c..00000000 --- a/.controlplane/templates/postgres-stateful-identity.yml +++ /dev/null @@ -1,3 +0,0 @@ -kind: identity -name: postgres-stateful-identity -description: postgres-stateful-identity diff --git a/.controlplane/templates/postgres-stateful-policy.yml b/.controlplane/templates/postgres-stateful-policy.yml deleted file mode 100644 index f096146f..00000000 --- a/.controlplane/templates/postgres-stateful-policy.yml +++ /dev/null @@ -1,12 +0,0 @@ -kind: policy -name: postgres-stateful-access -description: postgres-stateful-access -bindings: - - permissions: - - reveal - principalLinks: - - //gvc/react-webpack-rails-tutorial/identity/postgres-stateful-identity #Replace YOUR_GVC_HERE with the name of your gvc -targetKind: secret -targetLinks: - - //secret/postgres-stateful-credentials - - //secret/postgres-stateful-entrypoint-script diff --git a/.controlplane/templates/postgres-stateful-secret-entrypoint-script.yml b/.controlplane/templates/postgres-stateful-secret-entrypoint-script.yml deleted file mode 100644 index 24a09e7a..00000000 --- a/.controlplane/templates/postgres-stateful-secret-entrypoint-script.yml +++ /dev/null @@ -1,63 +0,0 @@ -kind: secret -name: postgres-stateful-entrypoint-script -type: opaque -data: - encoding: base64 - payload: >- - IyEvdXNyL2Jpbi9lbnYgYmFzaAoKc291cmNlIC91c3IvbG9jYWwvYmluL2RvY2tlci1lbnRyeXBvaW50LnNoCgppbnN0YWxsX2RlcHMoKSB7CiAgYXB0LWdldCB1cGRhdGUgLXkgPiAvZGV2L251bGwKICBhcHQtZ2V0IGluc3RhbGwgY3VybCAteSA+IC9kZXYvbnVsbAogIGFwdC1nZXQgaW5zdGFsbCB1bnppcCAteSA+IC9kZXYvbnVsbAogIGN1cmwgImh0dHBzOi8vYXdzY2xpLmFtYXpvbmF3cy5jb20vYXdzY2xpLWV4ZS1saW51eC14ODZfNjQuemlwIiAtbyAiYXdzY2xpdjIuemlwIiA+IC9kZXYvbnVsbAogIHVuemlwIGF3c2NsaXYyLnppcCA+IC9kZXYvbnVsbAogIC4vYXdzL2luc3RhbGwgPiAvZGV2L251bGwKfQoKZGJfaGFzX2JlZW5fcmVzdG9yZWQoKSB7CiAgaWYgWyAhIC1mICIkUEdEQVRBL0NQTE5fUkVTVE9SRUQiIF07IHRoZW4KICAgIHJldHVybiAxCiAgZmkKCiAgaWYgISBncmVwIC1xICJcLT4gJDEkIiAiJFBHREFUQS9DUExOX1JFU1RPUkVEIjsgdGhlbgogICAgcmV0dXJuIDEKICBlbHNlCiAgICByZXR1cm4gMAogIGZpCn0KCnJlc3RvcmVfZGIoKSB7Cgl3aGlsZSBbICEgLVMgL3Zhci9ydW4vcG9zdGdyZXNxbC8ucy5QR1NRTC41NDMyIF0KCWRvCiAgICBlY2hvICJXYWl0aW5nIDVzIGZvciBkYiBzb2NrZXQgdG8gYmUgYXZhaWxhYmxlIgogICAgc2xlZXAgNXMKICBkb25lCgoKCWlmICEgZGJfaGFzX2JlZW5fcmVzdG9yZWQgIiQxIjsgdGhlbgoJICBlY2hvICJJdCBhcHBlYXJzIGRiICckMScgaGFzIG5vdCB5ZXQgYmVlbiByZXN0b3JlZCBmcm9tIFMzLiBBdHRlbXB0aW5nIHRvIHJlc3RvcmUgJDEgZnJvbSAkMiIKCSAgaW5zdGFsbF9kZXBzCgkgIGRvY2tlcl9zZXR1cF9kYiAjRW5zdXJlcyAkUE9TVEdSRVNfREIgZXhpc3RzIChkZWZpbmVkIGluIHRoZSBlbnRyeXBvaW50IHNjcmlwdCBmcm9tIHRoZSBwb3N0Z3JlcyBkb2NrZXIgaW1hZ2UpCgkgIGF3cyBzMyBjcCAiJDIiIC0gfCBwZ19yZXN0b3JlIC0tY2xlYW4gLS1uby1hY2wgLS1uby1vd25lciAtZCAiJDEiIC1VICIkUE9TVEdSRVNfVVNFUiIKCSAgZWNobyAiJChkYXRlKTogJDIgLT4gJDEiIHwgY2F0ID4+ICIkUEdEQVRBL0NQTE5fUkVTVE9SRUQiCgllbHNlCgkgIGVjaG8gIkRiICckMScgYWxyZWFkeSBleGlzdHMuIFJlYWR5ISIKICBmaQp9CgpfbWFpbiAiJEAiICYKYmFja2dyb3VuZFByb2Nlc3M9JCEKCmlmIFsgLW4gIiRQT1NUR1JFU19BUkNISVZFX1VSSSIgXTsgdGhlbgogIHJlc3RvcmVfZGIgIiRQT1NUR1JFU19EQiIgIiRQT1NUR1JFU19BUkNISVZFX1VSSSIKZWxzZQogIGVjaG8gIkRlY2xpbmluZyB0byByZXN0b3JlIHRoZSBkYiBiZWNhdXNlIG5vIGFyY2hpdmUgdXJpIHdhcyBwcm92aWRlZCIKZmkKCndhaXQgJGJhY2tncm91bmRQcm9jZXNzCgoK - -#Here is the ASCII-encoded version of the script in the secret above -#!/usr/bin/env bash -# -#source /usr/local/bin/docker-entrypoint.sh -# -#install_deps() { -# apt-get update -y > /dev/null -# apt-get install curl -y > /dev/null -# apt-get install unzip -y > /dev/null -# curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" > /dev/null -# unzip awscliv2.zip > /dev/null -# ./aws/install > /dev/null -#} -# -#db_has_been_restored() { -# if [ ! -f "$PGDATA/CPLN_RESTORED" ]; then -# return 1 -# fi -# -# if ! grep -q "\-> $1$" "$PGDATA/CPLN_RESTORED"; then -# return 1 -# else -# return 0 -# fi -#} -# -#restore_db() { -# while [ ! -S /var/run/postgresql/.s.PGSQL.5432 ] -# do -# echo "Waiting 5s for db socket to be available" -# sleep 5s -# done -# -# -# if ! db_has_been_restored "$1"; then -# echo "It appears db '$1' has not yet been restored from S3. Attempting to restore $1 from $2" -# install_deps -# docker_setup_db #Ensures $POSTGRES_DB exists (defined in the entrypoint script from the postgres docker image) -# aws s3 cp "$2" - | pg_restore --clean --no-acl --no-owner -d "$1" -U "$POSTGRES_USER" -# echo "$(date): $2 -> $1" | cat >> "$PGDATA/CPLN_RESTORED" -# else -# echo "Db '$1' already exists. Ready!" -# fi -#} -# -#_main "$@" & -#backgroundProcess=$! -# -#if [ -n "$POSTGRES_ARCHIVE_URI" ]; then -# restore_db "$POSTGRES_DB" "$POSTGRES_ARCHIVE_URI" -#else -# echo "Declining to restore the db because no archive uri was provided" -#fi -# -#wait $backgroundProcess diff --git a/.controlplane/templates/postgres-stateful-secrets.yml b/.controlplane/templates/postgres-stateful-secrets.yml deleted file mode 100644 index c265ab0a..00000000 --- a/.controlplane/templates/postgres-stateful-secrets.yml +++ /dev/null @@ -1,7 +0,0 @@ -kind: secret -name: postgres-stateful-credentials -description: '' -type: dictionary -data: - username: the_user #Replace this with a real username - password: the_password #Replace this with a real password diff --git a/.controlplane/templates/postgres-stateful-vs.yml b/.controlplane/templates/postgres-stateful-vs.yml deleted file mode 100644 index a20d2f38..00000000 --- a/.controlplane/templates/postgres-stateful-vs.yml +++ /dev/null @@ -1,14 +0,0 @@ -kind: volumeset -name: postgres-stateful-vs -description: postgres-stateful-vs -spec: - autoscaling: - maxCapacity: 1000 - minFreePercentage: 1 - scalingFactor: 1.1 - fileSystemType: ext4 - initialCapacity: 10 - performanceClass: general-purpose-ssd - snapshots: - createFinalSnapshot: true - retentionDuration: 7d diff --git a/.controlplane/templates/postgres-stateful.yml b/.controlplane/templates/postgres-stateful.yml deleted file mode 100644 index 646f01d1..00000000 --- a/.controlplane/templates/postgres-stateful.yml +++ /dev/null @@ -1,59 +0,0 @@ -kind: workload -name: postgres-stateful -description: postgres-stateful -spec: - type: stateful - containers: - - cpu: 1000m - memory: 512Mi - env: - # - name: POSTGRES_ARCHIVE_URI #Use this var to control the automatic restore behavior. If you leave it out, the db will start empty. - # value: s3://YOUR_BUCKET/PATH_TO_ARCHIVE_FILE - - name: PGDATA #The location postgres stores the db. This can be anything other than /var/lib/postgresql/data, but it must be inside the mount point for the volume set - value: "/var/lib/postgresql/data/pg_data" - - name: POSTGRES_DB #The name of the initial db - value: test - - name: POSTGRES_PASSWORD #The password for the default user - value: cpln://secret/postgres-stateful-credentials.password - - name: POSTGRES_USER #The name of the default user - value: cpln://secret/postgres-stateful-credentials.username - name: stateful - image: postgres:15 - command: /bin/bash - args: - - "-c" - - "cat /usr/local/bin/cpln-entrypoint.sh >> ./cpln-entrypoint.sh && chmod u+x ./cpln-entrypoint.sh && ./cpln-entrypoint.sh postgres" - #command: "cpln-entrypoint.sh" - #args: - # - "postgres" - ports: - - number: 5432 - protocol: tcp - volumes: - - uri: cpln://volumeset/postgres-stateful-vs - path: "/var/lib/postgresql/data" - - uri: cpln://secret/postgres-stateful-entrypoint-script - path: "/usr/local/bin/cpln-entrypoint.sh" - inheritEnv: false - livenessProbe: - tcpSocket: - port: 5432 - failureThreshold: 1 - readinessProbe: - tcpSocket: - port: 5432 - failureThreshold: 1 - identityLink: //identity/postgres-stateful-identity - defaultOptions: - capacityAI: false - autoscaling: - metric: cpu - target: 95 - maxScale: 1 - firewallConfig: - external: - inboundAllowCIDR: [] - outboundAllowCIDR: - - 0.0.0.0/0 - internal: - inboundAllowType: same-gvc diff --git a/.controlplane/templates/postgres.yml b/.controlplane/templates/postgres.yml index 47d59186..7291e37d 100644 --- a/.controlplane/templates/postgres.yml +++ b/.controlplane/templates/postgres.yml @@ -1,33 +1,176 @@ -# Template setup of Postgres workload, roughly corresponding to a Heroku add-on for a database +# Comes from example at +# https://github.com/controlplane-com/examples/blob/main/examples/postgres/manifest.yaml + +kind: volumeset +name: postgres-poc-vs +description: postgres-poc-vs +spec: + autoscaling: + maxCapacity: 1000 + minFreePercentage: 1 + scalingFactor: 1.1 + fileSystemType: ext4 + initialCapacity: 10 + performanceClass: general-purpose-ssd + snapshots: + createFinalSnapshot: true + retentionDuration: 7d + +--- +kind: secret +name: postgres-poc-credentials +description: '' +type: dictionary +data: + password: the_password #Replace this with a real password + username: the_user #Replace this with a real username + +--- +kind: secret +name: postgres-poc-entrypoint-script +type: opaque +data: + encoding: base64 + payload: >- + IyEvdXNyL2Jpbi9lbnYgYmFzaAoKc291cmNlIC91c3IvbG9jYWwvYmluL2RvY2tlci1lbnRyeXBvaW50LnNoCgppbnN0YWxsX2RlcHMoKSB7CiAgYXB0LWdldCB1cGRhdGUgLXkgPiAvZGV2L251bGwKICBhcHQtZ2V0IGluc3RhbGwgY3VybCAteSA+IC9kZXYvbnVsbAogIGFwdC1nZXQgaW5zdGFsbCB1bnppcCAteSA+IC9kZXYvbnVsbAogIGN1cmwgImh0dHBzOi8vYXdzY2xpLmFtYXpvbmF3cy5jb20vYXdzY2xpLWV4ZS1saW51eC14ODZfNjQuemlwIiAtbyAiYXdzY2xpdjIuemlwIiA+IC9kZXYvbnVsbAogIHVuemlwIGF3c2NsaXYyLnppcCA+IC9kZXYvbnVsbAogIC4vYXdzL2luc3RhbGwgPiAvZGV2L251bGwKfQoKZGJfaGFzX2JlZW5fcmVzdG9yZWQoKSB7CiAgaWYgWyAhIC1mICIkUEdEQVRBL0NQTE5fUkVTVE9SRUQiIF07IHRoZW4KICAgIHJldHVybiAxCiAgZmkKCiAgaWYgISBncmVwIC1xICJcLT4gJDEkIiAiJFBHREFUQS9DUExOX1JFU1RPUkVEIjsgdGhlbgogICAgcmV0dXJuIDEKICBlbHNlCiAgICByZXR1cm4gMAogIGZpCn0KCnJlc3RvcmVfZGIoKSB7Cgl3aGlsZSBbICEgLVMgL3Zhci9ydW4vcG9zdGdyZXNxbC8ucy5QR1NRTC41NDMyIF0KCWRvCiAgICBlY2hvICJXYWl0aW5nIDVzIGZvciBkYiBzb2NrZXQgdG8gYmUgYXZhaWxhYmxlIgogICAgc2xlZXAgNXMKICBkb25lCgoKCWlmICEgZGJfaGFzX2JlZW5fcmVzdG9yZWQgIiQxIjsgdGhlbgoJICBlY2hvICJJdCBhcHBlYXJzIGRiICckMScgaGFzIG5vdCB5ZXQgYmVlbiByZXN0b3JlZCBmcm9tIFMzLiBBdHRlbXB0aW5nIHRvIHJlc3RvcmUgJDEgZnJvbSAkMiIKCSAgaW5zdGFsbF9kZXBzCgkgIGRvY2tlcl9zZXR1cF9kYiAjRW5zdXJlcyAkUE9TVEdSRVNfREIgZXhpc3RzIChkZWZpbmVkIGluIHRoZSBlbnRyeXBvaW50IHNjcmlwdCBmcm9tIHRoZSBwb3N0Z3JlcyBkb2NrZXIgaW1hZ2UpCgkgIGF3cyBzMyBjcCAiJDIiIC0gfCBwZ19yZXN0b3JlIC0tY2xlYW4gLS1uby1hY2wgLS1uby1vd25lciAtZCAiJDEiIC1VICIkUE9TVEdSRVNfVVNFUiIKCSAgZWNobyAiJChkYXRlKTogJDIgLT4gJDEiIHwgY2F0ID4+ICIkUEdEQVRBL0NQTE5fUkVTVE9SRUQiCgllbHNlCgkgIGVjaG8gIkRiICckMScgYWxyZWFkeSBleGlzdHMuIFJlYWR5ISIKICBmaQp9CgpfbWFpbiAiJEAiICYKYmFja2dyb3VuZFByb2Nlc3M9JCEKCmlmIFsgLW4gIiRQT1NUR1JFU19BUkNISVZFX1VSSSIgXTsgdGhlbgogIHJlc3RvcmVfZGIgIiRQT1NUR1JFU19EQiIgIiRQT1NUR1JFU19BUkNISVZFX1VSSSIKZWxzZQogIGVjaG8gIkRlY2xpbmluZyB0byByZXN0b3JlIHRoZSBkYiBiZWNhdXNlIG5vIGFyY2hpdmUgdXJpIHdhcyBwcm92aWRlZCIKZmkKCndhaXQgJGJhY2tncm91bmRQcm9jZXNzCgoK + +#Here is the ASCII-encoded version of the script in the secret above +#!/usr/bin/env bash +# +#source /usr/local/bin/docker-entrypoint.sh +# +#install_deps() { +# apt-get update -y > /dev/null +# apt-get install curl -y > /dev/null +# apt-get install unzip -y > /dev/null +# curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" > /dev/null +# unzip awscliv2.zip > /dev/null +# ./aws/install > /dev/null +#} +# +#db_has_been_restored() { +# if [ ! -f "$PGDATA/CPLN_RESTORED" ]; then +# return 1 +# fi +# +# if ! grep -q "\-> $1$" "$PGDATA/CPLN_RESTORED"; then +# return 1 +# else +# return 0 +# fi +#} +# +#restore_db() { +# while [ ! -S /var/run/postgresql/.s.PGSQL.5432 ] +# do +# echo "Waiting 5s for db socket to be available" +# sleep 5s +# done +# +# +# if ! db_has_been_restored "$1"; then +# echo "It appears db '$1' has not yet been restored from S3. Attempting to restore $1 from $2" +# install_deps +# docker_setup_db #Ensures $POSTGRES_DB exists (defined in the entrypoint script from the postgres docker image) +# aws s3 cp "$2" - | pg_restore --clean --no-acl --no-owner -d "$1" -U "$POSTGRES_USER" +# echo "$(date): $2 -> $1" | cat >> "$PGDATA/CPLN_RESTORED" +# else +# echo "Db '$1' already exists. Ready!" +# fi +#} +# +#_main "$@" & +#backgroundProcess=$! +# +#if [ -n "$POSTGRES_ARCHIVE_URI" ]; then +# restore_db "$POSTGRES_DB" "$POSTGRES_ARCHIVE_URI" +#else +# echo "Declining to restore the db because no archive uri was provided" +#fi +# +#wait $backgroundProcess + +--- +kind: identity +name: postgres-poc-identity +description: postgres-poc-identity + +--- +kind: policy +name: postgres-poc-access +description: postgres-poc-access +bindings: + - permissions: + - reveal +# Uncomment these two +# - use +# - view + principalLinks: + - //gvc/APP_GVC/identity/postgres-poc-identity +targetKind: secret +targetLinks: + - //secret/postgres-poc-credentials + - //secret/postgres-poc-entrypoint-script + +--- kind: workload name: postgres +description: postgres spec: - type: standard + type: stateful containers: - - name: postgres + - cpu: 1000m + memory: 512Mi env: - - name: PGUSER - value: postgres - # Hardcoded password. See firewall comment below. - - name: POSTGRES_PASSWORD - value: password123 - - name: POSTGRES_USER - value: postgres - image: 'postgres:13.8-alpine' + # Uncomment next two envs will cause the db to be restored from the archive uri + # - name: POSTGRES_ARCHIVE_URI #Use this var to control the automatic restore behavior. If you leave it out, the db will start empty. + # value: s3://YOUR_BUCKET/PATH_TO_ARCHIVE_FILE + # - name: POSTGRES_DB #The name of the initial db in case of doing a restore + # value: test + - name: PGDATA #The location postgres stores the db. This can be anything other than /var/lib/postgresql/data, but it must be inside the mount point for the volume set + value: "/var/lib/postgresql/data/pg_data" + - name: POSTGRES_PASSWORD #The password for the default user + value: cpln://secret/postgres-poc-credentials.password + - name: POSTGRES_USER #The name of the default user + value: cpln://secret/postgres-poc-credentials.username + name: stateful + image: postgres:15 + command: /bin/bash + args: + - "-c" + - "cat /usr/local/bin/cpln-entrypoint.sh >> ./cpln-entrypoint.sh && chmod u+x ./cpln-entrypoint.sh && ./cpln-entrypoint.sh postgres" + #command: "cpln-entrypoint.sh" + #args: + # - "postgres" ports: - number: 5432 protocol: tcp volumes: - - path: /var/lib/postgresql/data - recoveryPolicy: retain - uri: 'scratch://postgres-vol' - # Important that postgres does not scaling because disk storage is local to one server! + - uri: cpln://volumeset/postgres-poc-vs + path: "/var/lib/postgresql/data" + # Make the ENV value for the entry script a file + - uri: cpln://secret/postgres-poc-entrypoint-script + path: "/usr/local/bin/cpln-entrypoint.sh" + inheritEnv: false + livenessProbe: + tcpSocket: + port: 5432 + failureThreshold: 1 + readinessProbe: + tcpSocket: + port: 5432 + failureThreshold: 1 + identityLink: //identity/postgres-poc-identity defaultOptions: + capacityAI: false autoscaling: + metric: cpu + target: 95 maxScale: 1 - capacityAI: false - # This firewall configuration corresponds to using a simple, hard-coded password for postgres - # in the gvc.yml template. firewallConfig: + external: + inboundAllowCIDR: [] + outboundAllowCIDR: + - 0.0.0.0/0 internal: inboundAllowType: same-gvc diff --git a/Gemfile b/Gemfile index 31e96ddb..11ff5e80 100644 --- a/Gemfile +++ b/Gemfile @@ -5,7 +5,8 @@ git_source(:github) { |repo| "https://github.com/#{repo}.git" } ruby "3.1.2" -gem "cpl", "~> 1.0.4" +gem "cpl" + gem "react_on_rails", "13.2.0" gem "shakapacker", "7.0.3" diff --git a/Gemfile.lock b/Gemfile.lock index 2dbac62d..70223366 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -116,7 +116,7 @@ GEM term-ansicolor (~> 1.6) thor (>= 0.20.3, < 2.0) tins (~> 1.16) - cpl (1.0.4) + cpl (1.1.1) debug (~> 1.7.1) dotenv (~> 2.8.1) psych (~> 5.1.0) @@ -157,8 +157,9 @@ GEM concurrent-ruby (~> 1.0) interception (0.5) io-console (0.6.0) - irb (1.7.4) - reline (>= 0.3.6) + irb (1.8.3) + rdoc + reline (>= 0.3.8) jbuilder (2.11.5) actionview (>= 5.0.0) activesupport (>= 5.0.0) @@ -180,6 +181,7 @@ GEM matrix (0.4.2) method_source (1.0.0) mini_mime (1.1.5) + mini_portile2 (2.8.4) minitest (5.19.0) mutex_m (0.1.2) net-imap (0.3.7) @@ -221,7 +223,7 @@ GEM pry-stack_explorer (0.6.1) binding_of_caller (~> 1.0) pry (~> 0.13) - psych (5.1.0) + psych (5.1.1.1) stringio public_suffix (5.0.3) puma (6.3.1) @@ -290,7 +292,7 @@ GEM redcarpet (3.6.0) redis (3.3.3) regexp_parser (2.8.1) - reline (0.3.8) + reline (0.3.9) io-console (~> 0.5) require_all (3.0.0) rexml (3.2.6) @@ -427,7 +429,7 @@ DEPENDENCIES capybara-screenshot coffee-rails coveralls_reborn (~> 0.25.0) - cpl (~> 1.0.4) + cpl database_cleaner debug (>= 1.0.0) factory_bot_rails diff --git a/client/app/bundles/comments/components/CommentBox/CommentBox.module.scss b/client/app/bundles/comments/components/CommentBox/CommentBox.module.scss index 5c94b4ae..60cb622d 100644 --- a/client/app/bundles/comments/components/CommentBox/CommentBox.module.scss +++ b/client/app/bundles/comments/components/CommentBox/CommentBox.module.scss @@ -17,15 +17,3 @@ transition: opacity $animation-duration ease-in; } } - -.anchorButton { - background-color: transparent; - border: 0; - color: #337AB7; - cursor: pointer; - padding: 0; -} - -.anchorButton:hover { - text-decoration: underline; -} From ee1904d15bf9c653c9a193e8b83fa5f2764ad2a8 Mon Sep 17 00:00:00 2001 From: Justin Gordon Date: Tue, 17 Oct 2023 17:29:14 -1000 Subject: [PATCH 15/28] beta gem --- Gemfile | 2 +- Gemfile.lock | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile b/Gemfile index 11ff5e80..d053442d 100644 --- a/Gemfile +++ b/Gemfile @@ -5,7 +5,7 @@ git_source(:github) { |repo| "https://github.com/#{repo}.git" } ruby "3.1.2" -gem "cpl" +gem "cpl", "1.1.2.rc.0" gem "react_on_rails", "13.2.0" gem "shakapacker", "7.0.3" diff --git a/Gemfile.lock b/Gemfile.lock index 70223366..9dfe228a 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -116,7 +116,7 @@ GEM term-ansicolor (~> 1.6) thor (>= 0.20.3, < 2.0) tins (~> 1.16) - cpl (1.1.1) + cpl (1.1.2.rc.0) debug (~> 1.7.1) dotenv (~> 2.8.1) psych (~> 5.1.0) @@ -429,7 +429,7 @@ DEPENDENCIES capybara-screenshot coffee-rails coveralls_reborn (~> 0.25.0) - cpl + cpl (= 1.1.2.rc.0) database_cleaner debug (>= 1.0.0) factory_bot_rails From ff8ae4f8ab3b874710986a4938f15445b2684f26 Mon Sep 17 00:00:00 2001 From: Mostafa Ahangarha Date: Wed, 18 Oct 2023 15:14:57 +0330 Subject: [PATCH 16/28] Use .dockerignore --- .controlplane/Dockerfile | 10 -------- .dockerignore | 51 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 51 insertions(+), 10 deletions(-) create mode 100644 .dockerignore diff --git a/.controlplane/Dockerfile b/.controlplane/Dockerfile index e65ea9e7..bca50f3c 100644 --- a/.controlplane/Dockerfile +++ b/.controlplane/Dockerfile @@ -20,16 +20,6 @@ RUN bundle config set without 'development test' && \ COPY package.json yarn.lock ./ RUN yarn install -# pick necessary app files -# COPY Gemfile* config.ru Rakefile babel.config.js postcss.config.js ./ -# COPY app ./app -# COPY bin ./bin -# COPY client ./client -# COPY config ./config -# COPY db ./db -# COPY lib ./lib -# COPY public ./public - COPY . ./ ENV RAILS_ENV=production diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 00000000..d28956cd --- /dev/null +++ b/.dockerignore @@ -0,0 +1,51 @@ +# From .gitignore + +# Ignore bundler config. +/.bundle + +# Ignore the default SQLite database. +/db/*.sqlite3 +/db/*.sqlite3-journal + +# Ignore all logfiles and tempfiles. +/log/*.log +/tmp +/public/assets +.env +node_modules +npm-debug.log* +/coverage +dump.rdb +.DS_Store + +# Ignore bundle dependencies +vendor/ruby + +# RVM gemset +.ruby-gemset + +# Generated js bundles +/public/packs +/public/packs-test + +# Rubymine/IntelliJ +.idea + +# Redis generated file +dump.rdb + +# Ignore i18n-js +client/app/libs/i18n/translations.js +client/app/libs/i18n/default.js + +/yarn-error.log +yarn-debug.log* +.yarn-integrity + +################################################### +# Specific to .dockerignore +.git/ +.github/ +spec/ +scripts/ + From 5fa28bc6c0c9b70e2e0c2df2675e030ab686e497 Mon Sep 17 00:00:00 2001 From: Mostafa Ahangarha Date: Wed, 18 Oct 2023 15:15:22 +0330 Subject: [PATCH 17/28] Add command for generating locale files --- .controlplane/Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/.controlplane/Dockerfile b/.controlplane/Dockerfile index bca50f3c..103f8a4b 100644 --- a/.controlplane/Dockerfile +++ b/.controlplane/Dockerfile @@ -28,6 +28,7 @@ ENV NODE_ENV=production # compiling assets requires any value for ENV of SECRET_KEY_BASE ENV SECRET_KEY_BASE=NOT_USED_NON_BLANK +RUN rails react_on_rails:locale RUN rails assets:precompile # add entrypoint From 61fcf8facce5ca792fab5425d5fd057f5a040219 Mon Sep 17 00:00:00 2001 From: Mostafa Ahangarha Date: Wed, 18 Oct 2023 16:18:42 +0330 Subject: [PATCH 18/28] Update cpln docs --- .controlplane/readme.md | 58 +++++++++++++++++++++-------------------- 1 file changed, 30 insertions(+), 28 deletions(-) diff --git a/.controlplane/readme.md b/.controlplane/readme.md index 69d37c40..76bca72d 100644 --- a/.controlplane/readme.md +++ b/.controlplane/readme.md @@ -11,33 +11,49 @@ You can see the definition of Postgres and Redis in the `.controlplane/templates ## Prerequisites 1. Ensure your [Control Plane](https://controlplane.com) account is set up. -You should have an `organization` for testing in that account. You will modify value for `aliases.common.cpln_org` in `.controlplane/controlplane.yml`. If you need an organization, please [contact Shakcode](mailto:controlplane@shkacode.com). +You should have an `organization` `` for testing in that account. +You will modify value for `aliases.common.cpln_org` in `.controlplane/controlplane.yml`. +If you need an organization, please [contact Shakacode](mailto:controlplane@shakacode.com). 2. Run `cpln image docker-login --org ` to ensure that you have access to the Control Plane Docker registry. -3. Install Control Plane CLI (and configure access) [docs here](https://docs.controlplane.com/quickstart/quick-start-3-cli#getting-started-with-the-cli), `npm install -g @controlplane/cli`. You can update the `cpln` command line with `npm update -g @controlplane/cli`, . Then run `cpln login` to ensure access. +3. Install Control Plane CLI (and configure access) using `npm install -g @controlplane/cli`. +You can update the `cpln` command line with `npm update -g @controlplane/cli`. +Then run `cpln login` to ensure access. +For more informatation check out the +[docs here](https://docs.controlplane.com/quickstart/quick-start-3-cli#getting-started-with-the-cli). -4. Install [Heroku to Control Plane](https://github.com/shakacode/heroku-to-control-plane) playbook CLI [`cpl` gem](https://rubygems.org/gems/cpl) on your project's Gemfile or globally. Use the current version. +4. Install the latest version of +[`cpl` gem](https://rubygems.org/gems/cpl) +on your project's Gemfile or globally. +For more information check out +[Heroku to Control Plane](https://github.com/shakacode/heroku-to-control-plane). -5. This project has a `Dockerfile` for Control Plane in this directory. You can use it as an example for your project. Ensure that you have Docker running. +5. This project has a `Dockerfile` for Control Plane in `.controlplane` directory. +You can use it as an example for your project. +Ensure that you have Docker running. -## Tips -Do not confuse the `cpl` CLI with the `cpln` CLI. The `cpl` CLI is the Heroku to Control Plane playbook CLI. The `cpln` CLI is the Control Plane CLI. +### Tips +Do not confuse the `cpl` CLI with the `cpln` CLI. +The `cpl` CLI is the Heroku to Control Plane playbook CLI. +The `cpln` CLI is the Control Plane CLI. ## Project Configuration See the filese in the `./controlplane` directory. -1. `/templates`: defines the objects created with the `cpl setup` command. These YAML files are the same as used by the `cpln apply` command. +1. `/templates`: defines the objects created with the `cpl setup` command. +These YAML files are the same as used by the `cpln apply` command. 2. `/controlplane.yml`: defines your application, including the organization, location, and app name. 3. `Dockerfile`: defines the Docker image used to run the app on Control Plane. 4. `entrypoint.sh`: defines the entrypoint script used to run the app on Control Plane. ## Setup and run -Check if the Control Plane organization and location are correct in `.controlplane/controlplane.yml`. You should be able to see this information in the Control Plane UI. +Check if the Control Plane organization and location are correct in `.controlplane/controlplane.yml`. +You should be able to see this information in the Control Plane UI. -Note, below commands use `cpl` which is the Heroku to Control Plane playbook gem, and -not `cpln` which is the Control Plane CLI. +**Note:** The below commands use `cpl` which is the Heroku to Control Plane playbook gem, +and not `cpln` which is the Control Plane CLI. ```sh # Provision all infrastructure on Control Plane. @@ -45,11 +61,13 @@ not `cpln` which is the Control Plane CLI. cpl apply-template gvc postgres redis rails -a tutorial-app # Build and push docker image to Control Plane repository -# Note, may take many minutes. Be patient. Check for error messages, such as forgetting to run `cpln image docker-login --org ` +# Note, may take many minutes. Be patient. +# Check for error messages, such as forgetting to run `cpln image docker-login --org ` cpl build-image -a tutorial-app # Promote image to app after running `cpl build-image command` -# Note, the UX of images may not show the image for up to 5 minutes. However, it's ready. +# Note, the UX of images may not show the image for up to 5 minutes. +# However, it's ready. cpl deploy-image -a tutorial-app # See how app is starting up @@ -59,22 +77,6 @@ cpl logs -a tutorial-app cpl open -a tutorial-app ``` -Notice that in the first attempt to build the image, you may get it interrupted with a message like this: - -``` -89c3244a87b2: Waiting -80231db1194c: Waiting -f1c1f2298584: Waiting -ccba29d69370: Waiting -unsupported: -*** You are trying to push/pull to your org's private registry in Control Plane. *** -*** First, grant docker access the registry using the 'cpln' command: *** - - cpln image docker-login --org tutorial-app -``` - -Run the given command as instructed and repeat the `build-image` command. - ### Promoting code updates After committing code, you will update your deployment of `tutorial-app` with the following commands: From 741c7435276c99df571a35a315e63e8a2fe5e5e3 Mon Sep 17 00:00:00 2001 From: Mostafa Ahangarha Date: Tue, 24 Oct 2023 19:03:28 +0330 Subject: [PATCH 19/28] Add db:reset cron job workload --- .controlplane/templates/crob.yml | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 .controlplane/templates/crob.yml diff --git a/.controlplane/templates/crob.yml b/.controlplane/templates/crob.yml new file mode 100644 index 00000000..0ebf5f93 --- /dev/null +++ b/.controlplane/templates/crob.yml @@ -0,0 +1,31 @@ +kind: workload +name: daily-task +spec: + # https://docs.controlplane.com/reference/workload#cron-configuration + type: cron + job: + # Run daily job at 2am (see cron docs) + schedule: 0 2 * * * + # Never or OnFailure + restartPolicy: Never + containers: + - name: daily-task + cpu: 50m + memory: 256Mi + args: + - bundle + - exec + - rails + - db:prepare + inheritEnv: true + image: "/org/APP_ORG/image/APP_IMAGE" + defaultOptions: + autoscaling: + minScale: 1 + maxScale: 1 + capacityAI: false + firewallConfig: + external: + outboundAllowCIDR: + - 0.0.0.0/0 + identityLink: /org/APP_ORG/gvc/APP_GVC/identity/postgres-poc-identity From 2efaa0b7a4fabd6d1cd2dbc6c3a9446b5ebc6a27 Mon Sep 17 00:00:00 2001 From: Mostafa Ahangarha Date: Wed, 25 Oct 2023 13:11:20 +0330 Subject: [PATCH 20/28] Update cpl to 1.1.2 --- Gemfile | 2 +- Gemfile.lock | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile b/Gemfile index d053442d..f8ef39ae 100644 --- a/Gemfile +++ b/Gemfile @@ -5,7 +5,7 @@ git_source(:github) { |repo| "https://github.com/#{repo}.git" } ruby "3.1.2" -gem "cpl", "1.1.2.rc.0" +gem "cpl", "1.1.2" gem "react_on_rails", "13.2.0" gem "shakapacker", "7.0.3" diff --git a/Gemfile.lock b/Gemfile.lock index 9dfe228a..c175ce4e 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -116,7 +116,7 @@ GEM term-ansicolor (~> 1.6) thor (>= 0.20.3, < 2.0) tins (~> 1.16) - cpl (1.1.2.rc.0) + cpl (1.1.2) debug (~> 1.7.1) dotenv (~> 2.8.1) psych (~> 5.1.0) @@ -429,7 +429,7 @@ DEPENDENCIES capybara-screenshot coffee-rails coveralls_reborn (~> 0.25.0) - cpl (= 1.1.2.rc.0) + cpl (= 1.1.2) database_cleaner debug (>= 1.0.0) factory_bot_rails From 67858879e577a5c58bd1f0478297cf83cab2a210 Mon Sep 17 00:00:00 2001 From: Mostafa Ahangarha Date: Wed, 25 Oct 2023 13:23:02 +0330 Subject: [PATCH 21/28] Rename cron template for typo --- .controlplane/templates/{crob.yml => cron.yml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .controlplane/templates/{crob.yml => cron.yml} (100%) diff --git a/.controlplane/templates/crob.yml b/.controlplane/templates/cron.yml similarity index 100% rename from .controlplane/templates/crob.yml rename to .controlplane/templates/cron.yml From 215cbc7c85f36672770df8479f9da6c28b015e7f Mon Sep 17 00:00:00 2001 From: Mostafa Ahangarha Date: Wed, 25 Oct 2023 20:41:45 +0330 Subject: [PATCH 22/28] Fix format of job schedule value --- .controlplane/templates/cron.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.controlplane/templates/cron.yml b/.controlplane/templates/cron.yml index 0ebf5f93..ca6185d4 100644 --- a/.controlplane/templates/cron.yml +++ b/.controlplane/templates/cron.yml @@ -5,7 +5,7 @@ spec: type: cron job: # Run daily job at 2am (see cron docs) - schedule: 0 2 * * * + schedule: "0 2 * * *" # Never or OnFailure restartPolicy: Never containers: @@ -16,7 +16,7 @@ spec: - bundle - exec - rails - - db:prepare + - db:reset inheritEnv: true image: "/org/APP_ORG/image/APP_IMAGE" defaultOptions: From 47c6262391a255150e21090fbdd8a2911612fcd6 Mon Sep 17 00:00:00 2001 From: Mostafa Ahangarha Date: Wed, 25 Oct 2023 21:03:41 +0330 Subject: [PATCH 23/28] Add env var for letting db:reset in production env --- .controlplane/templates/postgres.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.controlplane/templates/postgres.yml b/.controlplane/templates/postgres.yml index 7291e37d..5cc4f997 100644 --- a/.controlplane/templates/postgres.yml +++ b/.controlplane/templates/postgres.yml @@ -133,6 +133,8 @@ spec: value: cpln://secret/postgres-poc-credentials.password - name: POSTGRES_USER #The name of the default user value: cpln://secret/postgres-poc-credentials.username + - name: DISABLE_DATABASE_ENVIRONMENT_CHECK #To allow db:reset in production environment + value: 1 name: stateful image: postgres:15 command: /bin/bash From e280eb6e162601da42adf1db504d9a937b23a892 Mon Sep 17 00:00:00 2001 From: Mostafa Ahangarha Date: Wed, 25 Oct 2023 21:06:51 +0330 Subject: [PATCH 24/28] Wrap env variable value in quotation --- .controlplane/templates/postgres.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.controlplane/templates/postgres.yml b/.controlplane/templates/postgres.yml index 5cc4f997..36de5898 100644 --- a/.controlplane/templates/postgres.yml +++ b/.controlplane/templates/postgres.yml @@ -134,7 +134,7 @@ spec: - name: POSTGRES_USER #The name of the default user value: cpln://secret/postgres-poc-credentials.username - name: DISABLE_DATABASE_ENVIRONMENT_CHECK #To allow db:reset in production environment - value: 1 + value: "1" name: stateful image: postgres:15 command: /bin/bash From 8663108541bcaa2e8743bf3200bf8edf23c993eb Mon Sep 17 00:00:00 2001 From: Mostafa Ahangarha Date: Wed, 25 Oct 2023 21:52:19 +0330 Subject: [PATCH 25/28] Move env variable for db:reset to corn workload --- .controlplane/templates/cron.yml | 3 +++ .controlplane/templates/postgres.yml | 2 -- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.controlplane/templates/cron.yml b/.controlplane/templates/cron.yml index ca6185d4..80ba1fe8 100644 --- a/.controlplane/templates/cron.yml +++ b/.controlplane/templates/cron.yml @@ -17,6 +17,9 @@ spec: - exec - rails - db:reset + env: + - name: DISABLE_DATABASE_ENVIRONMENT_CHECK #To allow db:reset in production environment + value: "1" inheritEnv: true image: "/org/APP_ORG/image/APP_IMAGE" defaultOptions: diff --git a/.controlplane/templates/postgres.yml b/.controlplane/templates/postgres.yml index 36de5898..7291e37d 100644 --- a/.controlplane/templates/postgres.yml +++ b/.controlplane/templates/postgres.yml @@ -133,8 +133,6 @@ spec: value: cpln://secret/postgres-poc-credentials.password - name: POSTGRES_USER #The name of the default user value: cpln://secret/postgres-poc-credentials.username - - name: DISABLE_DATABASE_ENVIRONMENT_CHECK #To allow db:reset in production environment - value: "1" name: stateful image: postgres:15 command: /bin/bash From 58adbb9ffd00bfd8082f499827a4925eceb2b12b Mon Sep 17 00:00:00 2001 From: Mostafa Ahangarha Date: Wed, 25 Oct 2023 22:36:16 +0330 Subject: [PATCH 26/28] Add cron to addition workloads --- .controlplane/controlplane.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.controlplane/controlplane.yml b/.controlplane/controlplane.yml index 37100f8c..e320c66e 100644 --- a/.controlplane/controlplane.yml +++ b/.controlplane/controlplane.yml @@ -17,6 +17,7 @@ aliases: additional_workloads: - redis - postgres + - daily-task apps: react-webpack-rails-tutorial: From f7886ec7ae74b631a16603340af5ee756bdcdfa3 Mon Sep 17 00:00:00 2001 From: Justin Gordon Date: Wed, 25 Oct 2023 21:59:48 -1000 Subject: [PATCH 27/28] Remove the org from the example --- .controlplane/controlplane.yml | 10 ++++++---- Gemfile | 2 +- Gemfile.lock | 2 +- 3 files changed, 8 insertions(+), 6 deletions(-) diff --git a/.controlplane/controlplane.yml b/.controlplane/controlplane.yml index e320c66e..8278cec6 100644 --- a/.controlplane/controlplane.yml +++ b/.controlplane/controlplane.yml @@ -1,10 +1,12 @@ # Configuration for "Heroku to CPLN playbook" custom scripts aliases: common: &common - # Change this to your org name for staging. Production apps will use a different org - # for security. - cpln_org: shakacode-open-source-examples - # Change `shakacode-staging` to your-org-name-for-staging + # Org for staging and QA apps is typically set as an alias + # Production apps will use a different org than staging for security. + # Change this value to your org name + # or set ENV value to CPLN_ORG as that will override whatever is used here for all cpl commands + # cpln_org: shakacode-open-source-examples + # Example apps use only location. CPLN offers the ability to use multiple locations. default_location: aws-us-east-2 # Configure the workload name used as a template for one-off scripts, like a Heroku one-off dyno. diff --git a/Gemfile b/Gemfile index f8ef39ae..997b3089 100644 --- a/Gemfile +++ b/Gemfile @@ -5,7 +5,7 @@ git_source(:github) { |repo| "https://github.com/#{repo}.git" } ruby "3.1.2" -gem "cpl", "1.1.2" +gem "cpl", "~>1.1.2" gem "react_on_rails", "13.2.0" gem "shakapacker", "7.0.3" diff --git a/Gemfile.lock b/Gemfile.lock index c175ce4e..c274d7ea 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -429,7 +429,7 @@ DEPENDENCIES capybara-screenshot coffee-rails coveralls_reborn (~> 0.25.0) - cpl (= 1.1.2) + cpl (~> 1.1.2) database_cleaner debug (>= 1.0.0) factory_bot_rails From ea0eba1ffcb3e27a95d1adbea822664c8bf0a44e Mon Sep 17 00:00:00 2001 From: Justin Gordon Date: Wed, 25 Oct 2023 22:06:23 -1000 Subject: [PATCH 28/28] Add missing daily task --- .controlplane/controlplane.yml | 1 + .controlplane/templates/{cron.yml => daily-task.yml} | 8 +++++--- 2 files changed, 6 insertions(+), 3 deletions(-) rename .controlplane/templates/{cron.yml => daily-task.yml} (84%) diff --git a/.controlplane/controlplane.yml b/.controlplane/controlplane.yml index 8278cec6..b72bae2a 100644 --- a/.controlplane/controlplane.yml +++ b/.controlplane/controlplane.yml @@ -15,6 +15,7 @@ aliases: # and the application image updates. app_workloads: - rails + - daily-task # Like Heroku add-ons additional_workloads: - redis diff --git a/.controlplane/templates/cron.yml b/.controlplane/templates/daily-task.yml similarity index 84% rename from .controlplane/templates/cron.yml rename to .controlplane/templates/daily-task.yml index 80ba1fe8..6981aeac 100644 --- a/.controlplane/templates/cron.yml +++ b/.controlplane/templates/daily-task.yml @@ -4,10 +4,12 @@ spec: # https://docs.controlplane.com/reference/workload#cron-configuration type: cron job: - # Run daily job at 2am (see cron docs) - schedule: "0 2 * * *" - # Never or OnFailure + activeDeadlineSeconds: 3600 + concurrencyPolicy: Forbid + historyLimit: 5 restartPolicy: Never + # daily. See cron docs + schedule: 0 0 * * * containers: - name: daily-task cpu: 50m