devs-group · weisertimo · Nov 14, 2024 · Nov 14, 2024 · Nov 20, 2024 · Nov 20, 2024
diff --git a/.github/workflows/terraform-gcp.yml b/.github/workflows/terraform-gcp.yml
@@ -0,0 +1,56 @@
+name: Terraform GCP Deployment
+
+on:
+  push:
+    branches: [ feat/terraform-setup-init ]
+    # paths:
+    #   - 'infra/envs/dev/**'
+  pull_request:
+    branches: [ feat/terraform-setup-init ]
+    # paths:
+    #   - 'infra/envs/dev/**'
+
+env:
+  TF_WORKSPACE: dev
+  WORKING_DIRECTORY: infra/envs/dev
+
+jobs:
+  terraform:
+    name: Terraform
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      pull-requests: write
+
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v4
+
+    - name: Auth to GCP
+      uses: google-github-actions/auth@v2
+      with:
+        credentials_json: ${{ secrets.GCP_SA_KEY }}
+
+    - name: Setup Terraform
+      uses: hashicorp/setup-terraform@v3
+      with:
+        terraform_version: "1.7.0"
+
+    - name: Terraform Format
+      working-directory: ${{ env.WORKING_DIRECTORY }}
+      run: terraform fmt -check
+
+    - name: Terraform Init
+      working-directory: ${{ env.WORKING_DIRECTORY }}
+      run: terraform init
+
+    - name: Terraform Plan
+      working-directory: ${{ env.WORKING_DIRECTORY }}
+      # if: github.event_name == 'pull_request'
+      run: terraform plan -no-color
+      continue-on-error: true
+
+    - name: Terraform Apply
+      working-directory: ${{ env.WORKING_DIRECTORY }}
+      # if: github.ref == 'refs/heads/main' && github.event_name == 'push'
+      run: terraform apply -auto-approve
diff --git a/.gitignore b/.gitignore
@@ -2,4 +2,7 @@
 backend/credentials/*
 
 # Env files
-.env
+.env
+
+# Terraform files
+.terraform/
diff --git a/backend/Dockerfile b/backend/Dockerfile
@@ -9,4 +9,4 @@ COPY . .
 
 RUN deno cache main.ts
 
-CMD ["run", "--allow-net", "--allow-read", "--allow-env", "--allow-write", "main.ts"]
+CMD ["run", "--allow-net", "--allow-read", "--allow-env", "--allow-write", "--allow-sys", "main.ts"]
diff --git a/backend/config.ts b/backend/config.ts
@@ -13,10 +13,6 @@ export const config = {
         secret: Deno.env.get("SESSION_SECRET") || "your-secret-key",
     },
     postgres: {
-        user: Deno.env.get("POSTGRES_USER") || "postgres",
-        password: Deno.env.get("POSTGRES_PASSWORD") || "postgres",
-        db: Deno.env.get("POSTGRES_DB") || "postgres",
-        host: Deno.env.get("POSTGRES_HOST") || "database",
-        port: parseInt(Deno.env.get("POSTGRES_PORT") || "5432"),
+        connectionString: Deno.env.get("POSTGRES_CONNECTION_STRING") || "",
     },
 };
diff --git a/backend/db/index.ts b/backend/db/index.ts
@@ -21,11 +21,7 @@ export interface Queries {
 export async function DB(): Promise<Queries> {
     const { Pool } = pg;
     const pool = new Pool({
-        user: config.postgres.user,
-        password: config.postgres.password,
-        host: config.postgres.host,
-        port: config.postgres.port,
-        database: config.postgres.db,
+        connectionString: config.postgres.connectionString,
     });
     const client = await pool.connect();
 

diff --git a/backend/docker.sh b/backend/docker.sh
@@ -0,0 +1,12 @@
+#!/bin/bash
+if [ "$1" == "dev" ]; then
+  ENV="dev"
+elif [ "$1" == "prod" ]; then
+  ENV="prod"
+else
+  echo "Invalid environment: $1"
+  exit 1
+fi
+
+docker buildx build --platform linux/amd64 -t europe-west1-docker.pkg.dev/driplet-core-$ENV/driplet-repository/driplet:latest .
+docker push europe-west1-docker.pkg.dev/driplet-core-$ENV/driplet-repository/driplet:latest
diff --git a/backend/handlers/collect.ts b/backend/handlers/collect.ts
@@ -1,5 +1,5 @@
 import { express, STATUS_CODE } from "../deps.ts";
-import { publishMessage, type EventMessage } from "../pubsub/pubsub.ts";
+import { type EventMessage, publishMessage } from "../pubsub/pubsub.ts";
 import { PubSub } from "npm:@google-cloud/pubsub@4.1.0";
 import { config } from "../config.ts";
 import { Buffer } from "node:buffer";
@@ -19,16 +19,16 @@ export async function POST_collect(
 ) {
   const { event } = req.body;
 
-  if (!event || typeof event !== 'object') {
-    res.status(STATUS_CODE.BadRequest).send({ 
-      message: "Event is required and must be an object" 
+  if (!event || typeof event !== "object") {
+    res.status(STATUS_CODE.BadRequest).send({
+      message: "Event is required and must be an object",
     });
     return;
   }
 
   if (!req.user?.id) {
-    res.status(STATUS_CODE.Unauthorized).send({ 
-      message: "User must be authenticated" 
+    res.status(STATUS_CODE.Unauthorized).send({
+      message: "User must be authenticated",
     });
     return;
   }
@@ -41,12 +41,13 @@ export async function POST_collect(
 
   try {
     const messageId = await publishMessage(messageData);
-    res.status(STATUS_CODE.OK).send({ 
+    res.status(STATUS_CODE.OK).send({
       message: "Event collected successfully",
       messageId,
     });
+    return;
   } catch (error) {
-    l.error('Failed to publish message:', {
+    l.error("Failed to publish message:", {
       error: error.message,
       event: messageData,
     });
@@ -55,9 +56,4 @@ export async function POST_collect(
     });
     return;
   }
-
-  res.status(STATUS_CODE.InternalServerError).send({ 
-    message: "Failed to collect event",
-    error: error.message,
-  });
-}
+}
diff --git a/infra/envs/dev/.terraform.lock.hcl b/infra/envs/dev/.terraform.lock.hcl
diff --git a/infra/envs/dev/main.tf b/infra/envs/dev/main.tf
@@ -0,0 +1,30 @@
+# Provider configuration
+provider "google" {
+  project = var.project_id
+  region  = var.region
+}
+locals {
+  driplet_image         = "europe-west1-docker.pkg.dev/${var.project_id}/${var.artifact_registry_repository_id}/${var.image_name}:${var.image_tag}"
+  service_account_email = "driplet-service-account@${var.project_id}.iam.gserviceaccount.com"
+}
+
+module "main" {
+  source = "../../modules"
+
+  project_id                        = var.project_id
+  region                            = var.region
+  domain                            = var.domain
+  network_name                      = var.network_name
+  subnet_ranges                     = var.subnet_ranges
+  database_instance_name            = var.database_instance_name
+  database_user                     = var.database_user
+  cloud_run_service_name            = var.cloud_run_service_name
+  driplet_image                     = local.driplet_image
+  oauth_run_callback_url            = var.oauth_run_callback_url
+  pubsub_topic_client_events        = var.pubsub_topic_client_events
+  artifact_registry_repository_id   = var.artifact_registry_repository_id
+  service_account_email             = local.service_account_email
+  bigquery_dataset                  = var.bigquery_dataset
+  bigquery_table                    = var.bigquery_table
+  pubsub_subscription_client_events = var.pubsub_subscription_client_events
+}
Original file line number	Diff line number	Diff line change
Expand Up		@@ -9,4 +9,4 @@ COPY . .

		RUN deno cache main.ts

		CMD ["run", "--allow-net", "--allow-read", "--allow-env", "--allow-write", "main.ts"]
		CMD ["run", "--allow-net", "--allow-read", "--allow-env", "--allow-write", "--allow-sys", "main.ts"]