forked from sidpalas/storybooks
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
15 changed files
with
368 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
node_modules |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
name: Build and Deploy to Google Compute Engine | ||
|
||
on: | ||
push: | ||
branches: | ||
- master | ||
|
||
env: | ||
PROJECT_ID: devops-directive-traversy | ||
|
||
jobs: | ||
setup-build-publish-deploy: | ||
name: Setup, Build, Publish, and Deploy | ||
runs-on: ubuntu-latest | ||
|
||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v2 | ||
|
||
# Setup gcloud CLI | ||
- uses: GoogleCloudPlatform/github-actions/setup-gcloud@master | ||
with: | ||
version: '290.0.1' | ||
service_account_key: ${{ secrets.GCE_SA_KEY }} | ||
project_id: ${{ env.PROJECT_ID }} | ||
|
||
# Configure Docker to use the gcloud command-line tool as a credential | ||
# helper for authentication | ||
- run: |- | ||
gcloud --quiet auth configure-docker | ||
# Build the Docker image | ||
- name: Build | ||
run: |- | ||
make build | ||
# Push the Docker image to Google Container Registry | ||
- name: Publish | ||
run: |- | ||
make push | ||
- name: Deploy | ||
run: |- | ||
make deploy |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,4 @@ | ||
node_modules | ||
config/config.env | ||
*key.json | ||
.terraform/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
{ | ||
"trailingComma": "all", | ||
"tabWidth": 2, | ||
"semi": false, | ||
"singleQuote": true | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
FROM node:14-slim | ||
|
||
WORKDIR /usr/src/app | ||
|
||
COPY ./package*.json ./ | ||
|
||
RUN npm install | ||
|
||
COPY . . | ||
|
||
USER node | ||
|
||
EXPOSE 3000 | ||
|
||
CMD ["npm", "start"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,88 @@ | ||
PROJECT_ID=devops-directive-traversy | ||
ZONE=us-central1-a | ||
|
||
run-local: | ||
docker-compose up | ||
|
||
### | ||
|
||
create-tf-backend-bucket: | ||
gsutil mb -p $(PROJECT_ID) gs:https://$(PROJECT_ID)-terraform | ||
|
||
### | ||
|
||
define get-secret | ||
$(shell gcloud secrets versions access latest --secret=$(1) --project=$(PROJECT_ID)) | ||
endef | ||
|
||
### | ||
|
||
ENV=staging | ||
|
||
terraform-create-workspace: | ||
cd terraform && \ | ||
terraform workspace new $(ENV) | ||
|
||
terraform-init: | ||
cd terraform && \ | ||
terraform workspace select $(ENV) && \ | ||
terraform init | ||
|
||
TF_ACTION?=plan | ||
terraform-action: | ||
@cd terraform && \ | ||
terraform workspace select $(ENV) && \ | ||
terraform $(TF_ACTION) \ | ||
-var-file="./environments/common.tfvars" \ | ||
-var-file="./environments/$(ENV)/config.tfvars" \ | ||
-var="mongodbatlas_private_key=$(call get-secret,atlas_private_key)" \ | ||
-var="atlas_user_password=$(call get-secret,atlas_user_password_$(ENV))" \ | ||
-var="cloudflare_api_token=$(call get-secret,cloudflare_api_token)" | ||
|
||
### | ||
|
||
SSH_STRING=palas@storybooks-vm-$(ENV) | ||
|
||
GITHUB_SHA?=latest | ||
LOCAL_TAG=storybooks-app:$(GITHUB_SHA) | ||
REMOTE_TAG=gcr.io/$(PROJECT_ID)/$(LOCAL_TAG) | ||
|
||
CONTAINER_NAME=storybooks-api | ||
DB_NAME=storybooks | ||
|
||
ssh: | ||
gcloud compute ssh $(SSH_STRING) \ | ||
--project=$(PROJECT_ID) \ | ||
--zone=$(ZONE) | ||
|
||
ssh-cmd: | ||
@gcloud compute ssh $(SSH_STRING) \ | ||
--project=$(PROJECT_ID) \ | ||
--zone=$(ZONE) \ | ||
--command="$(CMD)" | ||
|
||
build: | ||
docker build -t $(LOCAL_TAG) . | ||
|
||
push: | ||
docker tag $(LOCAL_TAG) $(REMOTE_TAG) | ||
docker push $(REMOTE_TAG) | ||
|
||
deploy: | ||
$(MAKE) ssh-cmd CMD='docker-credential-gcr configure-docker' | ||
@echo "pulling new container image..." | ||
$(MAKE) ssh-cmd CMD='docker pull $(REMOTE_TAG)' | ||
@echo "removing old container..." | ||
-$(MAKE) ssh-cmd CMD='docker container stop $(CONTAINER_NAME)' | ||
-$(MAKE) ssh-cmd CMD='docker container rm $(CONTAINER_NAME)' | ||
@echo "starting new container..." | ||
@$(MAKE) ssh-cmd CMD='\ | ||
docker run -d --name=$(CONTAINER_NAME) \ | ||
--restart=unless-stopped \ | ||
-p 80:3000 \ | ||
-e PORT=3000 \ | ||
-e \"MONGO_URI=mongodb+srv:https://storybooks-user-$(ENV):$(call get-secret,atlas_user_password_$(ENV))@storybooks-$(ENV).kkwmy.gcp.mongodb.net/$(DB_NAME)?retryWrites=true&w=majority\" \ | ||
-e GOOGLE_CLIENT_ID=622715457982-885mh022l19kdehu68umar8rbq4qgq24.apps.googleusercontent.com \ | ||
-e GOOGLE_CLIENT_SECRET=$(call get-secret,google_oauth_client_secret) \ | ||
$(REMOTE_TAG) \ | ||
' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
version: '3' | ||
services: | ||
api-server: | ||
build: ./ | ||
env_file: ./config/config.env | ||
ports: | ||
- '3000:3000' | ||
networks: | ||
- storybooks-app | ||
depends_on: | ||
- mongo | ||
mongo: | ||
image: mongo:3.6-xenial | ||
environment: | ||
- MONGO_INITDB_DATABASE=storybooks | ||
ports: | ||
- '27017:27017' | ||
networks: | ||
- storybooks-app | ||
volumes: | ||
- mongo-data:/data/db | ||
|
||
networks: | ||
storybooks-app: | ||
driver: bridge | ||
|
||
volumes: | ||
mongo-data: | ||
driver: local |
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
provider "mongodbatlas" { | ||
public_key = var.mongodbatlas_public_key | ||
private_key = var.mongodbatlas_private_key | ||
version = "~> 0.6" | ||
} | ||
|
||
# cluster | ||
resource "mongodbatlas_cluster" "mongo_cluster" { | ||
project_id = var.atlas_project_id | ||
name = "${var.app_name}-${terraform.workspace}" | ||
num_shards = 1 | ||
|
||
replication_factor = 3 | ||
provider_backup_enabled = true | ||
auto_scaling_disk_gb_enabled = true | ||
mongo_db_major_version = "3.6" | ||
|
||
//Provider Settings "block" | ||
provider_name = "GCP" | ||
disk_size_gb = 10 | ||
provider_instance_size_name = "M10" | ||
provider_region_name = "CENTRAL_US" | ||
} | ||
|
||
# db user | ||
resource "mongodbatlas_database_user" "mongo_user" { | ||
username = "storybooks-user-${terraform.workspace}" | ||
password = var.atlas_user_password | ||
project_id = var.atlas_project_id | ||
auth_database_name = "admin" | ||
|
||
roles { | ||
role_name = "readWrite" | ||
database_name = "storybooks" | ||
} | ||
|
||
roles { | ||
role_name = "readAnyDatabase" | ||
database_name = "admin" | ||
} | ||
} | ||
|
||
# ip whitelist | ||
resource "mongodbatlas_project_ip_whitelist" "test" { | ||
project_id = var.atlas_project_id | ||
ip_address = google_compute_address.ip_address.address | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
provider "cloudflare" { | ||
version = "~> 2.0" | ||
api_token = var.cloudflare_api_token | ||
} | ||
|
||
# Zone | ||
data "cloudflare_zones" "cf_zones" { | ||
filter { | ||
name = var.domain | ||
} | ||
} | ||
|
||
# DNS A record | ||
resource "cloudflare_record" "dns_record" { | ||
zone_id = data.cloudflare_zones.cf_zones.zones[0].id | ||
name = "storybooks${terraform.workspace == "prod" ? "" : "-${terraform.workspace}"}" | ||
value = google_compute_address.ip_address.address | ||
type = "A" | ||
proxied = true | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
app_name="storybooks" | ||
|
||
atlas_project_id = "5f5bdb70abbd5840ca911a50" | ||
mongodbatlas_public_key="cubboskr" | ||
|
||
domain="devopsdirective.com" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
gcp_machine_type = "f1-micro" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,65 @@ | ||
provider "google" { | ||
credentials = file("terraform-sa-key.json") | ||
project = "devops-directive-traversy" | ||
region = "us-central1" | ||
zone = "us-central1-c" | ||
version = "~> 3.38" | ||
} | ||
|
||
# IP ADDRESS | ||
resource "google_compute_address" "ip_address" { | ||
name = "storybooks-ip-${terraform.workspace}" | ||
} | ||
|
||
# NETWORK | ||
data "google_compute_network" "default" { | ||
name = "default" | ||
} | ||
|
||
# FIREWALL RULE | ||
resource "google_compute_firewall" "allow_http" { | ||
name = "allow-http-${terraform.workspace}" | ||
network = data.google_compute_network.default.name | ||
|
||
allow { | ||
protocol = "tcp" | ||
ports = ["80"] | ||
} | ||
|
||
source_ranges = ["0.0.0.0/0"] | ||
|
||
target_tags = ["allow-http-${terraform.workspace}"] | ||
} | ||
|
||
# OS IMAGE | ||
data "google_compute_image" "cos_image" { | ||
family = "cos-81-lts" | ||
project = "cos-cloud" | ||
} | ||
|
||
# COMPUTE ENGINE INSTANCE | ||
resource "google_compute_instance" "instance" { | ||
name = "${var.app_name}-vm-${terraform.workspace}" | ||
machine_type = var.gcp_machine_type | ||
zone = "us-central1-a" | ||
|
||
tags = google_compute_firewall.allow_http.target_tags | ||
|
||
boot_disk { | ||
initialize_params { | ||
image = data.google_compute_image.cos_image.self_link | ||
} | ||
} | ||
|
||
network_interface { | ||
network = data.google_compute_network.default.name | ||
|
||
access_config { | ||
nat_ip = google_compute_address.ip_address.address | ||
} | ||
} | ||
|
||
service_account { | ||
scopes = ["storage-ro"] | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
terraform { | ||
backend "gcs" { | ||
bucket = "devops-directive-traversy-terraform" | ||
prefix = "/state/storybooks" | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
### GENERAL | ||
variable "app_name" { | ||
type = string | ||
} | ||
|
||
### ATLAS | ||
variable "atlas_project_id" { | ||
type = string | ||
} | ||
|
||
variable "mongodbatlas_public_key" { | ||
type = string | ||
} | ||
|
||
variable "mongodbatlas_private_key" { | ||
type = string | ||
} | ||
|
||
variable "atlas_user_password" { | ||
type = string | ||
} | ||
|
||
### GCP | ||
variable "gcp_machine_type" { | ||
type = string | ||
} | ||
|
||
### CLOUDFLARE | ||
variable "cloudflare_api_token" { | ||
type = string | ||
} | ||
|
||
variable "domain" { | ||
type = string | ||
} |