Merge pull request #1460 from openworld-community/release/2024-11-04

Release/2024 11 04
openworld-community · Nov 8, 2024 · 077df14 · 077df14
2 parents aa3db0f + 6d016bc
commit 077df14
Show file tree

Hide file tree

Showing 41 changed files with 1,270 additions and 389 deletions.
diff --git a/.github/workflows/build-and-push-demo.yml b/.github/workflows/build-and-push-demo.yml
@@ -0,0 +1,96 @@
+name: Build docker images and push to GHCR
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - demo
+
+concurrency: build-and-deploy
+
+permissions:
+  contents: read
+  packages: write
+
+env:
+  env_var: ${{ vars.ENV_CONTEXT_VAR }}
+  REGISTRY: ghcr.io
+  TAG_NAME: demo
+  FRONTEND_CACHE_IMAGE_NAME: frontend_buildcache
+  BACKEND_CACHE_IMAGE_NAME: backend_buildcache
+
+jobs:
+  build-and-push:
+    name: Build demo image and push it to registry
+    timeout-minutes: 10
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Export lowercase image names
+        shell: bash
+        run: |
+          : "${{ env.REGISTRY }}/${{ github.repository }}_frontend:demo"
+          echo "FRONTEND_IMAGE_TAG=${_,,}" | tee -a $GITHUB_ENV
+          : "${{ env.REGISTRY }}/${{ github.repository }}_backend:demo"
+          echo "BACKEND_IMAGE_TAG=${_,,}" | tee -a $GITHUB_ENV
+          : "${{ env.REGISTRY }}/${{ github.repository }}/${{ env.FRONTEND_CACHE_IMAGE_NAME }}:demo"
+          echo "FRONTEND_CACHE_IMAGE_TAG=${_,,}" | tee -a $GITHUB_ENV
+          : "${{ env.REGISTRY }}/${{ github.repository }}/${{ env.BACKEND_CACHE_IMAGE_NAME }}:demo"
+          echo "BACKEND_CACHE_IMAGE_TAG=${_,,}" | tee -a $GITHUB_ENV
+
+      - name: Login to GHCR
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Build and push frontend docker image
+        uses: docker/build-push-action@v3
+        with:
+          builder: ${{ steps.buildx.outputs.name }}
+          context: ./
+          file: ./frontend/Dockerfile
+          tags: "${{ env.FRONTEND_IMAGE_TAG }}"
+          push: true
+          cache-from: type=registry,ref=${{ env.FRONTEND_CACHE_IMAGE_TAG }}
+          cache-to: type=registry,ref=${{ env.FRONTEND_CACHE_IMAGE_TAG }},mode=max
+
+      - name: Build and push backend docker image
+        uses: docker/build-push-action@v3
+        with:
+          builder: ${{ steps.buildx.outputs.name }}
+          context: ./
+          file: ./backend/Dockerfile
+          tags: "${{ env.BACKEND_IMAGE_TAG }}"
+          push: true
+          cache-from: type=registry,ref=${{ env.BACKEND_CACHE_IMAGE_TAG }}
+          cache-to: type=registry,ref=${{ env.BACKEND_CACHE_IMAGE_TAG }},mode=max
+
+  deploy-demo:
+    name: Connect to server, pull latest demo images and deploy it
+    needs: build-and-push
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    steps:
+      - name: install ssh keys
+        # check this thread to understand why its needed:
+        # https://stackoverflow.com/a/70447517
+        run: |
+          install -m 600 -D /dev/null ~/.ssh/id_rsa
+          echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
+          ssh-keyscan -H ${{ secrets.SSH_HOST }} > ~/.ssh/known_hosts
+      - name: connect and pull
+        run: ssh ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} "cd ${{ vars.DEMO_DIR }} && git checkout ${{ vars.DEMO_BRANCH }} && git pull"
+      - name: connect and update traefik
+        run: ssh ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} "cd ${{ vars.DEMO_DIR }} && docker compose --compatibility -p ows-events -f docker-compose.traefik.yml up -d --build && exit"
+      - name: connect and  services
+        run: ssh ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} "echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u ${{ github.actor }} --password-stdin && export NUXT_PUBLIC_GOOGLE_SIGN_IN_CLIENT_ID=${{ secrets.DEMO_GOOGLE_OAUTH_KEY }} && export PEREDELANOCONF_GOOGLEDOC=${{ secrets.PEREDELANOCONF_GOOGLEDOC_ID }} && export GITHUB_PARSING_TOKEN=${{ secrets.PARSING_TOKEN }} && export SECRET_KEY=${{ secrets.BACKEND_SECRET_KEY }} && export NUXT_PUBLIC_TELEGRAM_AUTH_BOT_NAME=${{ vars.DEMO_AUTH_TELEGRAM_BOT_NAME }} && cd ${{ vars.DEMO_DIR }} && docker compose --compatibility -p ows-events_demo -f docker-compose.demo.new.yml up --pull always -d --force-recreate && exit"
+      - name: cleanup
+        run: rm -rf ~/.ssh
+
diff --git a/.github/workflows/build-and-push-prod.yml b/.github/workflows/build-and-push-prod.yml
@@ -0,0 +1,96 @@
+name: Build docker images and push to GHCR
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - prod
+
+concurrency: build-and-deploy
+
+permissions:
+  contents: read
+  packages: write
+
+env:
+  env_var: ${{ vars.ENV_CONTEXT_VAR }}
+  REGISTRY: ghcr.io
+  TAG_NAME: prod
+  FRONTEND_CACHE_IMAGE_NAME: frontend_buildcache
+  BACKEND_CACHE_IMAGE_NAME: backend_buildcache
+
+jobs:
+  build-and-push:
+    name: Build prod image and push it to registry
+    timeout-minutes: 10
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Export lowercase image names
+        shell: bash
+        run: |
+          : "${{ env.REGISTRY }}/${{ github.repository }}_frontend:prod"
+          echo "FRONTEND_IMAGE_TAG=${_,,}" | tee -a $GITHUB_ENV
+          : "${{ env.REGISTRY }}/${{ github.repository }}_backend:prod"
+          echo "BACKEND_IMAGE_TAG=${_,,}" | tee -a $GITHUB_ENV
+          : "${{ env.REGISTRY }}/${{ github.repository }}/${{ env.FRONTEND_CACHE_IMAGE_NAME }}:prod"
+          echo "FRONTEND_CACHE_IMAGE_TAG=${_,,}" | tee -a $GITHUB_ENV
+          : "${{ env.REGISTRY }}/${{ github.repository }}/${{ env.BACKEND_CACHE_IMAGE_NAME }}:prod"
+          echo "BACKEND_CACHE_IMAGE_TAG=${_,,}" | tee -a $GITHUB_ENV
+
+      - name: Login to GHCR
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Build and push frontend docker image
+        uses: docker/build-push-action@v3
+        with:
+          builder: ${{ steps.buildx.outputs.name }}
+          context: ./
+          file: ./frontend/Dockerfile
+          tags: "${{ env.FRONTEND_IMAGE_TAG }}"
+          push: true
+          cache-from: type=registry,ref=${{ env.FRONTEND_CACHE_IMAGE_TAG }}
+          cache-to: type=registry,ref=${{ env.FRONTEND_CACHE_IMAGE_TAG }},mode=max
+
+      - name: Build and push backend docker image
+        uses: docker/build-push-action@v3
+        with:
+          builder: ${{ steps.buildx.outputs.name }}
+          context: ./
+          file: ./backend/Dockerfile
+          tags: "${{ env.BACKEND_IMAGE_TAG }}"
+          push: true
+          cache-from: type=registry,ref=${{ env.BACKEND_CACHE_IMAGE_TAG }}
+          cache-to: type=registry,ref=${{ env.BACKEND_CACHE_IMAGE_TAG }},mode=max
+
+  deploy-prod:
+    name: Connect to server, pull latest prod images and deploy it
+    needs: build-and-push
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    steps:
+      - name: install ssh keys
+        # check this thread to understand why its needed:
+        # https://stackoverflow.com/a/70447517
+        run: |
+          install -m 600 -D /dev/null ~/.ssh/id_rsa
+          echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
+          ssh-keyscan -H ${{ secrets.SSH_HOST }} > ~/.ssh/known_hosts
+      - name: connect and pull
+        run: ssh ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} "cd ${{ vars.PROD_DIR }} && git checkout ${{ vars.PROD_BRANCH }} && git pull"
+      - name: connect and update traefik
+        run: ssh ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} "cd ${{ vars.PROD_DIR }} && docker compose --compatibility -p ows-events -f docker-compose.traefik.yml up -d --build && exit"
+      - name: connect and  services
+        run: ssh ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} "echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u ${{ github.actor }} --password-stdin && export NUXT_PUBLIC_GOOGLE_SIGN_IN_CLIENT_ID=${{ secrets.PROD_GOOGLE_OAUTH_KEY }} && export PEREDELANOCONF_GOOGLEDOC=${{ secrets.PEREDELANOCONF_GOOGLEDOC_ID }} && export NUXT_PUBLIC_GTAG_ID=${{ secrets.PROD_GTAG_ID }} && export GITHUB_PARSING_TOKEN=${{ secrets.PARSING_TOKEN }} && export SECRET_KEY=${{ secrets.BACKEND_SECRET_KEY }} && export NUXT_PUBLIC_TELEGRAM_AUTH_BOT_NAME=${{ vars.PROD_AUTH_TELEGRAM_BOT_NAME }} && cd ${{ vars.PROD_DIR }} && docker compose --compatibility -p ows-events_prod -f docker-compose.prod.new.yml up --pull always -d --force-recreate && exit"
+      - name: cleanup
+        run: rm -rf ~/.ssh
+
diff --git a/.github/workflows/build-and-push-test.yml b/.github/workflows/build-and-push-test.yml
@@ -0,0 +1,96 @@
+name: Build docker images and push to GHCR
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - main
+
+concurrency: build-and-deploy
+
+permissions:
+  contents: read
+  packages: write
+
+env:
+  env_var: ${{ vars.ENV_CONTEXT_VAR }}
+  REGISTRY: ghcr.io
+  TAG_NAME: latest
+  FRONTEND_CACHE_IMAGE_NAME: frontend_buildcache
+  BACKEND_CACHE_IMAGE_NAME: backend_buildcache
+
+jobs:
+  build-and-push:
+    name: Build test image and push it to registry
+    timeout-minutes: 10
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Export lowercase image names
+        shell: bash
+        run: |
+          : "${{ env.REGISTRY }}/${{ github.repository }}_frontend:latest"
+          echo "FRONTEND_IMAGE_TAG=${_,,}" | tee -a $GITHUB_ENV
+          : "${{ env.REGISTRY }}/${{ github.repository }}_backend:latest"
+          echo "BACKEND_IMAGE_TAG=${_,,}" | tee -a $GITHUB_ENV
+          : "${{ env.REGISTRY }}/${{ github.repository }}/${{ env.FRONTEND_CACHE_IMAGE_NAME }}:latest"
+          echo "FRONTEND_CACHE_IMAGE_TAG=${_,,}" | tee -a $GITHUB_ENV
+          : "${{ env.REGISTRY }}/${{ github.repository }}/${{ env.BACKEND_CACHE_IMAGE_NAME }}:latest"
+          echo "BACKEND_CACHE_IMAGE_TAG=${_,,}" | tee -a $GITHUB_ENV
+
+      - name: Login to GHCR
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Build and push frontend docker image
+        uses: docker/build-push-action@v3
+        with:
+          builder: ${{ steps.buildx.outputs.name }}
+          context: ./
+          file: ./frontend/Dockerfile
+          tags: "${{ env.FRONTEND_IMAGE_TAG }}"
+          push: true
+          cache-from: type=registry,ref=${{ env.FRONTEND_CACHE_IMAGE_TAG }}
+          cache-to: type=registry,ref=${{ env.FRONTEND_CACHE_IMAGE_TAG }},mode=max
+
+      - name: Build and push backend docker image
+        uses: docker/build-push-action@v3
+        with:
+          builder: ${{ steps.buildx.outputs.name }}
+          context: ./
+          file: ./backend/Dockerfile
+          tags: "${{ env.BACKEND_IMAGE_TAG }}"
+          push: true
+          cache-from: type=registry,ref=${{ env.BACKEND_CACHE_IMAGE_TAG }}
+          cache-to: type=registry,ref=${{ env.BACKEND_CACHE_IMAGE_TAG }},mode=max
+
+  deploy-test:
+    name: Connect to server, pull latest test images and deploy it
+    needs: build-and-push
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    steps:
+      - name: install ssh keys
+        # check this thread to understand why its needed:
+        # https://stackoverflow.com/a/70447517
+        run: |
+          install -m 600 -D /dev/null ~/.ssh/id_rsa
+          echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/id_rsa
+          ssh-keyscan -H ${{ secrets.SSH_HOST }} > ~/.ssh/known_hosts
+      - name: connect and pull
+        run: ssh ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} "cd ${{ vars.TEST_DIR }} && git checkout ${{ vars.TEST_BRANCH }} && git pull"
+      - name: connect and update traefik
+        run: ssh ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} "cd ${{ vars.TEST_DIR }} && docker compose --compatibility -p ows-events -f docker-compose.traefik.yml up -d --build && exit"
+      - name: connect and  services
+        run: ssh ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} "echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u ${{ github.actor }} --password-stdin && export NUXT_PUBLIC_GOOGLE_SIGN_IN_CLIENT_ID=${{ secrets.TEST_GOOGLE_OAUTH_KEY }} && export PEREDELANOCONF_GOOGLEDOC=${{ secrets.PEREDELANOCONF_GOOGLEDOC_ID }} && export NUXT_PUBLIC_GTAG_ID=${{ secrets.TEST_GTAG_ID }} && export GITHUB_PARSING_TOKEN=${{ secrets.PARSING_TOKEN }} && export SECRET_KEY=${{ secrets.BACKEND_SECRET_KEY }} && export NUXT_PUBLIC_TELEGRAM_AUTH_BOT_NAME=${{ vars.TEST_AUTH_TELEGRAM_BOT_NAME }} && cd ${{ vars.TEST_DIR }} && docker compose --compatibility -p ows-events_test -f docker-compose.test.new.yml up --pull always -d --force-recreate && exit"
+      - name: cleanup
+        run: rm -rf ~/.ssh
+
diff --git a/.github/workflows/deploy-test.yml b/.github/workflows/deploy-test.yml
@@ -1,9 +1,6 @@
 name: 'Deploy'
 
 on:
-  push:
-    branches:
-      - main
   workflow_dispatch:
 
 concurrency: build-and-deploy
@@ -30,6 +27,6 @@ jobs:
       - name: connect and update traefik
         run: ssh ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} "cd ${{ vars.TEST_DIR }} && docker compose --compatibility -p ows-events -f docker-compose.traefik.yml up -d --build && exit"
       - name: connect and rebuild services
-        run: ssh ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} "export VITE_GOOGLE_OAUTH_KEY=${{ secrets.TEST_GOOGLE_OAUTH_KEY }} && export PEREDELANOCONF_GOOGLEDOC=${{ secrets.PEREDELANOCONF_GOOGLEDOC_ID }} && export VITE_GTAG_ID=${{ secrets.TEST_GTAG_ID }} && export GITHUB_PARSING_TOKEN=${{ secrets.PARSING_TOKEN }} && export SECRET_KEY=${{ secrets.BACKEND_SECRET_KEY }} && export VITE_TELEGRAM_AUTH_BOT_NAME=${{ vars.TEST_AUTH_TELEGRAM_BOT_NAME }} && cd ${{ vars.TEST_DIR }} && docker compose --compatibility -p ows-events_test -f docker-compose.test.yml up -d --force-recreate --build && exit"
+        run: ssh ${{ secrets.SSH_USER }}@${{ secrets.SSH_HOST }} "export VITE_GOOGLE_OAUTH_KEY=${{ secrets.TEST_GOOGLE_OAUTH_KEY }} && export PEREDELANOCONF_GOOGLEDOC=${{ secrets.PEREDELANOCONF_GOOGLEDOC_ID }} && export VITE_GTAG_ID=${{ secrets.TEST_GTAG_ID }} && export GITHUB_PARSING_TOKEN=${{ secrets.PARSING_TOKEN }} && export SECRET_KEY=${{ secrets.BACKEND_SECRET_KEY }} && export VITE_TELEGRAM_AUTH_BOT_NAME=${{ vars.TEST_AUTH_TELEGRAM_BOT_NAME }} && cd ${{ vars.TEST_DIR }} && docker compose --compatibility -p ows-events_test -f docker-compose.test.yml up --pull always -d --force-recreate --build && exit"
       - name: cleanup
         run: rm -rf ~/.ssh
diff --git a/backend/src/config/vars.ts b/backend/src/config/vars.ts
@@ -18,7 +18,7 @@ export const vars = {
 		googledocs: {
 			peredelanoConfSheetId: process.env.PEREDELANOCONF_GOOGLEDOC || ''
 		},
-		googleauth: process.env.VITE_GOOGLE_OAUTH_KEY || '123',
+		googleauth: process.env.NUXT_PUBLIC_GOOGLE_SIGN_IN_CLIENT_ID || '123',
 		googleAnalytics: {
 			apiSecret: process.env.GA_API_SECRET || '',
 			measurementId: process.env.GA_MEASUREMENT_ID || ''

diff --git a/docker-compose.build.yml b/docker-compose.build.yml
@@ -7,33 +7,31 @@ x-logging: &default-logging
         max-file: '5'
 
 networks:
-    ows_events_parsing:
+    build_ows_events:
 
 services:
     frontend:
-        container_name: ows-events_parsing_frontend
-        image: ows-events_parsing_frontend
         build:
             context: .
             dockerfile: ./frontend/Dockerfile
             args:
                 - NODE_ENV=production
-                - VITE_API_URL=http://127.0.0.1:7080/api
-                - VITE_BASE_URL=http://127.0.0.1:7080
-                - VITE_IPREGISTRY_API_KEY=ryy5dlbl3v8y55x4
-                - VITE_TELEGRAM_AUTH_BOT_NAME=afisha_oauth_local_bot
                 - VITE_MODE=production
-                - VITE_DOMAIN=127.0.0.1
         logging: *default-logging
         restart: always
         networks:
-            - ows_events_parsing
+            - build_ows_events
         ports:
             - '80:3000'
+        environment:
+            - NUXT_PUBLIC_API_URL=http://localhost:7080/api
+            - NUXT_PUBLIC_BASE_URL=http://localhost:7080
+            - NUXT_PUBLIC_TELEGRAM_AUTH_BOT_NAME=afisha_oauth_local_bot
+            - NUXT_PUBLIC_DOMAIN=localhost
+            - NUXT_PUBLIC_GTAG_ID=localhostGtagId
+            - NUXT_PUBLIC_GOOGLE_SIGN_IN_CLIENT_ID
 
     backend:
-        container_name: ows-events_parsing_backend
-        image: ows-events_parsing_backend
         build:
             context: .
             dockerfile: ./backend/Dockerfile
@@ -49,21 +47,20 @@ services:
             - FRONTEND_URL=http://127.0.0.1
             - SECRET_KEY
         networks:
-            - ows_events_parsing
+            - build_ows_events
         ports:
             - '7080:7080'
         volumes:
             - /root/ows-events/assets/img:/app/assets/img
 
     mongo:
-        container_name: ows-events_parsing_mongo
         image: mongo:6.0
         restart: unless-stopped
         command: ['--bind_ip_all']
         ports:
             - '27020:27017'
         networks:
-            - ows_events_parsing
+            - build_ows_events
         healthcheck:
             test: test $$(echo "rs.initiate().ok || rs.status().ok" | mongo --quiet) -eq 1
             interval: 10s