authentication documentation added (#10)

* authentication documentation added * compose files added
muhammadzadeh · Feb 27, 2024 · bc870d2 · bc870d2
1 parent bae6277
commit bc870d2
Show file tree

Hide file tree

Showing 24 changed files with 1,068 additions and 564 deletions.
diff --git a/.deploy/docker-compose-beta.yml b/.deploy/docker-compose-beta.yml
@@ -0,0 +1,34 @@
+version: "3.8"
+
+networks:
+  staging:
+    external: true
+
+services:
+  api:
+    hostname: beta.app-server.stage
+    image: __IMAGE__
+    networks:
+      - staging
+    deploy:
+      mode: replicated
+      replicas: 5
+      update_config:
+        parallelism: 2
+        order: start-first
+        failure_action: rollback
+        delay: 10s
+      rollback_config:
+        parallelism: 0
+        order: stop-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 20s
+    healthcheck:
+      test: ["CMD", "node", "dist/base/health/health.js"]
+      interval: 30s
+      retries: 3
+      start_period: 10s
+      timeout: 10s
diff --git a/.deploy/docker-compose-dev.yml b/.deploy/docker-compose-dev.yml
@@ -0,0 +1,34 @@
+version: "3.8"
+
+networks:
+  staging:
+    external: true
+
+services:
+  api:
+    hostname: __VERSION__.app-server.stage
+    image: __IMAGE__
+    networks:
+      - staging
+    deploy:
+      mode: replicated
+      replicas: 5
+      update_config:
+        parallelism: 2
+        order: start-first
+        failure_action: rollback
+        delay: 10s
+      rollback_config:
+        parallelism: 0
+        order: stop-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 20s
+    healthcheck:
+      test: ["CMD", "node", "dist/base/health/health.js"]
+      interval: 30s
+      retries: 3
+      start_period: 10s
+      timeout: 10s
diff --git a/.deploy/docker-compose-prod.yml b/.deploy/docker-compose-prod.yml
@@ -0,0 +1,34 @@
+version: "3.8"
+
+networks:
+  production:
+    external: true
+
+services:
+  api:
+    hostname: api.app-server.prod
+    image: __IMAGE__
+    networks:
+      - production
+    deploy:
+      mode: replicated
+      replicas: 5
+      update_config:
+        parallelism: 2
+        order: start-first
+        failure_action: rollback
+        delay: 10s
+      rollback_config:
+        parallelism: 0
+        order: stop-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 20s
+    healthcheck:
+      test: ["CMD", "node", "dist/base/health/health.js"]
+      interval: 30s
+      retries: 3
+      start_period: 10s
+      timeout: 10s
diff --git a/.deploy/docker-compose-uat.yml b/.deploy/docker-compose-uat.yml
@@ -0,0 +1,34 @@
+version: "3.8"
+
+networks:
+  staging:
+    external: true
+
+services:
+  api:
+    hostname: uat.app-server.stage
+    image: __IMAGE__
+    networks:
+      - staging
+    deploy:
+      mode: replicated
+      replicas: 5
+      update_config:
+        parallelism: 2
+        order: start-first
+        failure_action: rollback
+        delay: 10s
+      rollback_config:
+        parallelism: 0
+        order: stop-first
+      restart_policy:
+        condition: any
+        delay: 5s
+        max_attempts: 3
+        window: 20s
+    healthcheck:
+      test: ["CMD", "node", "dist/base/health/health.js"]
+      interval: 30s
+      retries: 3
+      start_period: 10s
+      timeout: 10s
diff --git a/.github/workflows/deployment.yml b/.github/workflows/deployment.yml
@@ -0,0 +1,238 @@
+name: Deployment Workflow
+
+env:
+  APP_NAME: app-server
+  IMAGE_NAME: ${{ secrets.DOCKER_REGISTRY }}/app-server
+
+on:
+  push:
+    branches:
+      - main
+      - development
+      - 'release-*'
+      - 'hotfix**'
+    tags:
+      - 'dev-*'
+
+jobs:
+  Setup:
+    runs-on: ubuntu-latest
+    outputs:
+      environment_name: ${{ steps.set_env.outputs.environment }}
+    steps:
+      - name: Determine Environment
+        id: set_env
+        run: |
+          if [[ $GITHUB_REF == refs/tags/dev-* ]]; then
+            echo "::set-output name=environment::dev"
+          elif [[ $GITHUB_REF == refs/heads/development ]]; then
+            echo "::set-output name=environment::beta"
+          elif [[ $GITHUB_REF == refs/heads/release* ]] || [[ $GITHUB_REF == refs/heads/hotfix* ]]; then
+            echo "::set-output name=environment::uat"
+          elif [[ $GITHUB_REF == refs/heads/main ]]; then
+            echo "::set-output name=environment::prod"
+          else
+            echo "::set-output name=environment::default"
+          fi
+        env:
+          GITHUB_REF: ${{ github.ref }}
+
+  Build:
+    needs: Setup
+    environment:
+      name: ${{ needs.Setup.outputs.environment_name }}
+    runs-on: self-hosted-staging
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set the IMAGE env variable
+        run: echo "IMAGE=${{ env.IMAGE_NAME }}:$(echo ${{ github.ref_name }}-${{ github.sha }} | tr '. - /\' '_' )" >> $GITHUB_ENV
+
+      - name: Set vault configuration
+        run: |
+          sed -i 's|VAULT_HOST|'"${{ vars.VAULT_HOST }}"'|g' ./deployments/config.yml
+          sed -i 's|VAULT_TOKEN|'"${{ secrets.VAULT_TOKEN }}"'|g' ./deployments/config.yml
+          sed -i 's|VAULT_BACKEND|'"${{ vars.VAULT_BACKEND }}"'|g' ./deployments/config.yml
+
+      - name: Set application's env and app_url to config file
+        run: |
+          if [[ "${{github.ref}}" == "refs/tags/dev-"* ]]; then
+          sed -i 's|APP_URL|'"${{ vars.APP_URL }}/${{github.ref_name}}"'|g' ./deployments/config.yml
+          sed -i 's|ENVIRONMENT|'"${{ github.ref_name  }}"'|g' ./deployments/config.yml
+          else
+          sed -i 's|APP_URL|'"${{ vars.APP_URL }}"'|g' ./deployments/config.yml
+          sed -i 's|ENVIRONMENT|'"${{ needs.Setup.outputs.environment_name }}"'|g' ./deployments/config.yml
+          fi
+
+      - name: Set elastic apm configuration
+        run: |
+          sed -i 's|ELASTIC_APM_SERVER_URL|'"${{ secrets.ELASTIC_APM_SERVER_URL }}"'|g' ./src/base/apm.ts
+          sed -i 's|ELASTIC_APM_ENABLED|'"${{ vars.ELASTIC_APM_ENABLED }}"'|g' ./src/base/apm.ts
+          if [[ "${{github.ref}}" == "refs/tags/dev-"* ]]; then
+          sed -i 's|ENVIRONMENT|'"${{ github.ref_name  }}"'|g' ./src/base/apm.ts
+          else
+          sed -i 's|ENVIRONMENT|'"${{ needs.Setup.outputs.environment_name }}"'|g' ./src/base/apm.ts
+          fi
+
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ secrets.DOCKER_REGISTRY }}
+          username: ${{ secrets.DOCKER_REGISTRY_USERNAME }}
+          password: ${{ secrets.DOCKER_REGISTRY_PASSWORD }}
+
+      - name: Build
+        run: docker build . -t ${{ env.IMAGE }}
+
+      - name: Docker push
+        run: docker push ${{ env.IMAGE }}
+
+  Deploy-Dev:
+    needs: Build
+    runs-on: self-hosted-staging
+    environment: dev
+    if: startsWith(github.ref, 'refs/tags/dev-')
+    env:
+      RUNNER_WORKING_DIR: /opt/back-end/dev/
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set the IMAGE env variable
+        run: echo "IMAGE=${{ env.IMAGE_NAME }}:$(echo ${{ github.ref_name }}-${{ github.sha }} | tr '. - /\' '_' )" >> $GITHUB_ENV
+
+      - name: Set the APP_STACK_NAME environment variable
+        run: echo "APP_STACK_NAME=$(echo ${{env.APP_NAME}}-${{github.ref_name}} | tr . - | cut -d/ -f2 )" >> $GITHUB_ENV
+
+      - name: Set the COMPOSE_FILE_NAME_PATH environment variable
+        run: echo "COMPOSE_FILE_NAME_PATH=${{ env.RUNNER_WORKING_DIR }}${{ github.ref_name }}/docker-compose-dev.yml" >> $GITHUB_ENV
+
+      - name: Create SubDirectory
+        run: mkdir -p ${{ env.RUNNER_WORKING_DIR }}${{ github.ref_name }}/
+
+      - name: Copy Docker Compose file
+        run: |
+          cp .deploy/docker-compose-dev.yml ${{ env.RUNNER_WORKING_DIR }}${{ github.ref_name }}/
+          cp ${{ env.RUNNER_WORKING_DIR }}.env ${{ env.RUNNER_WORKING_DIR }}${{ github.ref_name }}/
+
+      - name: Replace PlaceHolders
+        run: |
+          sed -i 's|__IMAGE__|'"${{ env.IMAGE }}"'|g' ${{env.COMPOSE_FILE_NAME_PATH}}
+          sed -i 's|__VERSION__|'"${{ github.ref_name }}"'|g' ${{env.COMPOSE_FILE_NAME_PATH}}
+          sed -i 's|__VERSION__|'"${{ github.ref_name }}"'|g' ${{ env.RUNNER_WORKING_DIR }}${{ github.ref_name }}/.env
+          sed -i 's|__APP_STACK_NAME__|'"${{ env.APP_STACK_NAME  }}"'|g' ${{env.COMPOSE_FILE_NAME_PATH}}
+
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ secrets.DOCKER_REGISTRY }}
+          username: ${{ secrets.DOCKER_REGISTRY_USERNAME }}
+          password: ${{ secrets.DOCKER_REGISTRY_PASSWORD }}
+
+      - name: Deploy Stack
+        run: |
+          docker stack deploy -c ${{env.COMPOSE_FILE_NAME_PATH}} ${{env.APP_STACK_NAME}} --with-registry-auth
+
+  Deploy-Beta:
+    needs: Build
+    runs-on: self-hosted-staging
+    environment: beta
+    if: github.ref == 'refs/heads/development'
+    env:
+      RUNNER_WORKING_DIR: /opt/back-end/beta/
+      COMPOSE_FILE_NAME_PATH: /opt/back-end/beta/docker-compose-beta.yml
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set the IMAGE env variable
+        run: echo "IMAGE=${{ env.IMAGE_NAME }}:$(echo ${{ github.ref_name }}-${{ github.sha }} | tr '. - /\' '_' )" >> $GITHUB_ENV
+
+      - name: Set the APP_STACK_NAME environment variable
+        run: echo "APP_STACK_NAME=${{ env.APP_NAME }}-beta" >> $GITHUB_ENV
+
+      - name: Copy Docker Compose file
+        run: cp .deploy/docker-compose-beta.yml ${{ env.RUNNER_WORKING_DIR }}
+
+      - name: Replace placeholders
+        run: |
+          sed -i 's|__IMAGE__|'"${{ env.IMAGE }}"'|g' ${{ env.COMPOSE_FILE_NAME_PATH }}
+          sed -i 's|__APP_STACK_NAME__|'"${{ env.APP_STACK_NAME  }}"'|g' ${{ env.COMPOSE_FILE_NAME_PATH }}
+
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ secrets.DOCKER_REGISTRY }}
+          username: ${{ secrets.DOCKER_REGISTRY_USERNAME }}
+          password: ${{ secrets.DOCKER_REGISTRY_PASSWORD }}
+
+      - name: Deploy Stack
+        run: docker stack deploy -c ${{ env.COMPOSE_FILE_NAME_PATH }} ${APP_STACK_NAME} --with-registry-auth
+
+  Deploy-UAT:
+    needs: Build
+    runs-on: self-hosted-staging
+    environment: uat
+    if: startsWith(github.ref_name, 'release') || startsWith(github.ref_name, 'hotfix') &&  github.ref_type == 'branch'
+    env:
+      RUNNER_WORKING_DIR: /opt/back-end/uat/
+      COMPOSE_FILE_NAME_PATH: /opt/back-end/uat/docker-compose-uat.yml
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set the APP_STACK_NAME environment variable
+        run: echo "APP_STACK_NAME=${{ env.APP_NAME }}-uat" >> $GITHUB_ENV
+
+      - name: Set the IMAGE env variable
+        run: echo "IMAGE=${{ env.IMAGE_NAME }}:$(echo ${{ github.ref_name }}-${{ github.sha }} | tr '. - /\' '_' )" >> $GITHUB_ENV
+
+      - name: Copy Docker Compose file
+        run: cp .deploy/docker-compose-uat.yml ${{ env.RUNNER_WORKING_DIR }}
+
+      - name: Replace placeholders
+        run: |
+          sed -i 's|__IMAGE__|'"${{ env.IMAGE }}"'|g'  ${{ env.COMPOSE_FILE_NAME_PATH }}
+          sed -i 's|__APP_STACK_NAME__|'"${{ env.APP_STACK_NAME  }}"'|g'  ${{ env.COMPOSE_FILE_NAME_PATH }}
+
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ secrets.DOCKER_REGISTRY }}
+          username: ${{ secrets.DOCKER_REGISTRY_USERNAME }}
+          password: ${{ secrets.DOCKER_REGISTRY_PASSWORD }}
+
+      - name: Deploy
+        run: docker stack deploy -c  ${{ env.COMPOSE_FILE_NAME_PATH }} ${APP_STACK_NAME} --with-registry-auth
+
+  Deploy-Production:
+    needs: Build
+    runs-on: self-hosted-production
+    environment: prod
+    if: startsWith(github.ref_name, 'main') &&  github.ref_type == 'branch'
+    env:
+      RUNNER_WORKING_DIR: /opt/back-end/
+      COMPOSE_FILE_NAME_PATH: /opt/back-end/docker-compose-prod.yml
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set the IMAGE env variable
+        run: echo "IMAGE=${{ env.IMAGE_NAME }}:$(echo ${{ github.ref_name }}-${{ github.sha }} | tr '. - /\' '_' )" >> $GITHUB_ENV
+
+      - name: Copy Docker Compose file
+        run: cp .deploy/docker-compose-prod.yml ${{env.RUNNER_WORKING_DIR}}
+
+      - name: Replace placeholders
+        run: sed -i 's|__IMAGE__|'"${{ env.IMAGE }}"'|g'  ${{ env.COMPOSE_FILE_NAME_PATH }}
+
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ secrets.DOCKER_REGISTRY }}
+          username: ${{ secrets.DOCKER_REGISTRY_USERNAME }}
+          password: ${{ secrets.DOCKER_REGISTRY_PASSWORD }}
+
+      - name: Deploy
+        run: docker stack deploy -c  ${{ env.COMPOSE_FILE_NAME_PATH }} ${{env.APP_NAME}} --with-registry-auth