From 0fe008829395919ea60f6740cff2e026cb38e784 Mon Sep 17 00:00:00 2001 From: jankun4 Date: Tue, 20 Feb 2024 14:55:00 +0100 Subject: [PATCH 01/30] [#231] fix broken endpoints fix endpoints broken due to assumption that predefined dreps always exist, even if noone delegated to them --- govtool/backend/sql/get-network-metrics.sql | 12 ++++++------ govtool/backend/sql/get-voting-power.sql | 10 ++++++---- govtool/backend/sql/list-proposals.sql | 12 ++++++------ govtool/backend/src/VVA/DRep.hs | 8 +++----- 4 files changed, 21 insertions(+), 21 deletions(-) diff --git a/govtool/backend/sql/get-network-metrics.sql b/govtool/backend/sql/get-network-metrics.sql index 25fb12fbd..073312c48 100644 --- a/govtool/backend/sql/get-network-metrics.sql +++ b/govtool/backend/sql/get-network-metrics.sql @@ -21,17 +21,17 @@ with current_epoch as ( select count(*) as count from drep_hash ), always_abstain_voting_power as ( - select amount - from drep_distr - join drep_hash + select coalesce(amount, 0) as amount + from drep_hash + left join drep_distr on drep_hash.id = drep_distr.hash_id where drep_hash.view = 'drep_always_abstain' order by epoch_no desc limit 1 ), always_no_confidence_voting_power as ( - select amount - from drep_distr - join drep_hash + select coalesce(amount, 0) as amount + from drep_hash + left join drep_distr on drep_hash.id = drep_distr.hash_id where drep_hash.view = 'drep_always_no_confidence' order by epoch_no desc diff --git a/govtool/backend/sql/get-voting-power.sql b/govtool/backend/sql/get-voting-power.sql index 33d22d06d..b81b5eb84 100644 --- a/govtool/backend/sql/get-voting-power.sql +++ b/govtool/backend/sql/get-voting-power.sql @@ -1,5 +1,7 @@ -select drep_distr.amount -from drep_distr -join drep_hash +select coalesce(drep_distr.amount, 0) as amount +from drep_hash +left join drep_distr on drep_hash.id = drep_distr.hash_id -where drep_hash.raw = decode(?,'hex') \ No newline at end of file +where drep_hash.raw = decode(?,'hex') +order by epoch_no desc +limit 1 \ No newline at end of file diff --git a/govtool/backend/sql/list-proposals.sql b/govtool/backend/sql/list-proposals.sql index 00ad5ec34..b7bb42a6b 100644 --- a/govtool/backend/sql/list-proposals.sql +++ b/govtool/backend/sql/list-proposals.sql @@ -10,17 +10,17 @@ WITH LatestDrepDistr AS ( Max(end_time) as last_epoch_end_time FROM epoch ), always_no_confidence_voting_power as ( - select amount - from drep_distr - join drep_hash + select coalesce(amount, 0) as amount + from drep_hash + left join drep_distr on drep_hash.id = drep_distr.hash_id where drep_hash.view = 'drep_always_no_confidence' order by epoch_no desc limit 1 ), always_abstain_voting_power as ( - select amount - from drep_distr - join drep_hash + select coalesce(amount, 0) as amount + from drep_hash + left join drep_distr on drep_hash.id = drep_distr.hash_id where drep_hash.view = 'drep_always_abstain' order by epoch_no desc diff --git a/govtool/backend/src/VVA/DRep.hs b/govtool/backend/src/VVA/DRep.hs index cd373cda5..0661f0f82 100644 --- a/govtool/backend/src/VVA/DRep.hs +++ b/govtool/backend/src/VVA/DRep.hs @@ -47,11 +47,9 @@ getVotingPower :: Text -> m Integer getVotingPower drepId = withPool $ \conn -> do - votingPower <- - sum . map (\(SQL.Only x) -> x) <$> - liftIO - (SQL.query @_ @(SQL.Only Scientific) conn getVotingPowerSql $ - SQL.Only drepId) + [SQL.Only votingPower] <- + liftIO + (SQL.query @_ @(SQL.Only Scientific) conn getVotingPowerSql $ SQL.Only drepId) return $ floor votingPower listDRepsSql :: SQL.Query From 5bdfcc0be3959afa8e1a3d9eb7cd3491bdbec0f2 Mon Sep 17 00:00:00 2001 From: jankun4 Date: Tue, 20 Feb 2024 15:06:06 +0100 Subject: [PATCH 02/30] [#231] update changelog --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index a29f5a4ce..2c7885f3f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,6 +14,8 @@ changes. - i18next library added to FE [Issue 80](https://github.com/IntersectMBO/govtool/issues/80) ### Fixed +- Fix drep voting power calculation [Issue 231](https://github.com/IntersectMBO/govtool/issues/231) +- Fix proposal/list and network/metrics bug that appeared when noone has delegated their funds either to drep_always_abstain or drep_always_no_confidence [Issue 231](https://github.com/IntersectMBO/govtool/issues/231) - Fix copy for maintenance page [Issue 180](https://github.com/IntersectMBO/govtool/issues/180) - Fix misleading metadata hash text [Issue 90](https://github.com/IntersectMBO/govtool/issues/90) - Fixed vote calculation problems related to NoConfidence DRep [Issue 59](https://github.com/IntersectMBO/govtool/issues/59) From 82ffa21f9d893f23bafb3310c1071f82720a7ed8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Placzy=C5=84ski?= Date: Mon, 19 Feb 2024 12:06:32 +0100 Subject: [PATCH 03/30] [#187] Refine backend Nix configuration to explicitly define development environment This commit updates the backend Nix configuration to better meet the current project requirements and explicitly define the backend development environment, including dependencies and toolchains. The key changes include: - Refactoring the default compiler setting to prevent it from being changed during runtime. This ensures a consistent development environment across all stages of development. - Removing the dynamic GHC version parameter (`ghcVersion`) and directly referencing `ghc927` in `ghcPackages`, making the Haskell compiler version explicit and constant throughout the project lifecycle. - The `additionalTools` function now directly utilizes `ghcPackages` instead of dynamically choosing the GHC version, reinforcing the commitment to a specific compiler version and its associated toolchain. --- govtool/backend/default.nix | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/govtool/backend/default.nix b/govtool/backend/default.nix index 7a9b85cf8..41599d4f3 100644 --- a/govtool/backend/default.nix +++ b/govtool/backend/default.nix @@ -1,8 +1,9 @@ -{ pkgs ? (import ./sources.nix).pkgs -, ghcVersion ? "ghc927" -}: +{ pkgs ? (import ./sources.nix).pkgs }: let - additionalTools = drv: pkgs.haskell.lib.addBuildTools drv (with pkgs.haskell.packages."${ghcVersion}"; + # This is the version of the Haskell compiler we reccommend using. + ghcPackages = pkgs.haskell.packages.ghc927; + + additionalTools = drv: pkgs.haskell.lib.addBuildTools drv (with ghcPackages; [ cabal-install haskell-language-server @@ -12,7 +13,7 @@ let zlib ]); - project = pkgs.haskell.packages."${ghcVersion}".developPackage { + project = ghcPackages.developPackage { root = ./.; modifier = additionalTools; overrides = self: super: { openapi3 = pkgs.haskell.lib.dontCheck super.openapi3; }; From 175f3d1afeae942ca423c2e0413727074788d53f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Placzy=C5=84ski?= Date: Mon, 19 Feb 2024 12:48:04 +0100 Subject: [PATCH 04/30] [#187] Add a note for future Nix flakes migration in backend configuration This commit introduces a preparatory note within the backend Nix configuration, specifically in `govtool/backend/default.nix`, advising on a future migration strategy towards Nix flakes. The main change includes a TODO comment that has been added at the beginning of the `default.nix` file, highlighting the intention to remove the current `sources.nix` file dependency. The goal is to switch to using the `nixpkgs` version provided by the flakes lock file, once the flakes feature is fully integrated and enabled at the root of the project (#53). This adjustment serves as a reminder to refine the project's Nix setup further by adopting flakes, a more reproducible and modular Nix configuration approach. The transition to Nix flakes is anticipated to streamline dependency management and enhance project build consistency across different environments. --- govtool/backend/default.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/govtool/backend/default.nix b/govtool/backend/default.nix index 41599d4f3..1a7696a4a 100644 --- a/govtool/backend/default.nix +++ b/govtool/backend/default.nix @@ -1,3 +1,6 @@ +# TODO: Remove the sources file and use the nixpkgs version provided from the +# flakes lock file instead when the flakes feature is present and enabled in the +# root of the project. { pkgs ? (import ./sources.nix).pkgs }: let # This is the version of the Haskell compiler we reccommend using. From c7d28d1d0ca09589b32aa195179740833c93e537 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Placzy=C5=84ski?= Date: Tue, 20 Feb 2024 07:45:39 +0100 Subject: [PATCH 05/30] [#187] Update CHANGELOG with backend Nix configuration refinement This commit updates the CHANGELOG.md to reflect the recent adjustments made to the backend Nix configuration, aimed at better meeting the project's needs. --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2c7885f3f..649eddb84 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -29,6 +29,7 @@ changes. - Reorganized repository to fit new conventions [Issue 85](https://github.com/IntersectMBO/govtool/issues/85). - Renamed project from VVA to GovTool [Issue 97](https://github.com/IntersectMBO/govtool/issues/97). - (`docs/update-working-conventions`) Addressing [Issue 25](https://github.com/IntersectMBO/govtool/issues/25) changed working conventions documentation to improve intended flows. +- Adjusted Nix configuration to meet projects needs [Issue 187](https://github.com/IntersectMBO/govtool/issues/187). ### Removed - From 0a1c9c210f2c19340ec9b6618088be9dde1d7bfe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Placzy=C5=84ski?= Date: Tue, 20 Feb 2024 12:15:56 +0100 Subject: [PATCH 06/30] [#224] Enable CORS for localhost This is a pre-step before implementing an exception that will be applied only to dev environment. This update facilitates easier development and testing by allowing local frontend applications to communicate with the backend without CORS restrictions. For development purposes, Cross-Origin Resource Sharing (CORS) settings have been updated to include `localhost` in the list of allowed origins. In next step the configuration for different environments will be stated explicite in target docjer-compose file. --- scripts/govtool/docker-compose.sanchonet.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/scripts/govtool/docker-compose.sanchonet.yml b/scripts/govtool/docker-compose.sanchonet.yml index 5c052a02d..7c85b506f 100644 --- a/scripts/govtool/docker-compose.sanchonet.yml +++ b/scripts/govtool/docker-compose.sanchonet.yml @@ -182,8 +182,10 @@ services: - "traefik.enable=true" - "traefik.http.routers.backend.rule=Host(`${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network}`) && PathPrefix(`/api`)" - "traefik.http.middlewares.backend-stripprefix.stripprefix.prefixes=/api" - - "traefik.http.middlewares.backend-cors.headers.customresponseheaders.Access-Control-Allow-Origin=https://${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network}" - - "traefik.http.middlewares.backend-cors.headers.customresponseheaders.Access-Control-Allow-Methods=GET,HEAD,OPTIONS" + - "traefik.http.middlewares.backend-cors.headers.accesscontrolallowmethods=GET,HEAD,OPTIONS" + - "traefik.http.middlewares.backend-cors.headers.accesscontrolallowheaders=*" + - "traefik.http.middlewares.backend-cors.headers.accesscontrolalloworiginlist=https://${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network},http://localhost" + - "traefik.http.middlewares.backend-cors.headers.accesscontrolmaxage=100" - "traefik.http.middlewares.backend-cors.headers.addvaryheader=true" - "traefik.http.routers.backend.middlewares=backend-stripprefix@docker,backend-cors@docker" - "traefik.http.routers.backend.entrypoints=websecure" From cb692a8362896434ed72c92f9328beca7c1c2067 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Placzy=C5=84ski?= Date: Wed, 21 Feb 2024 09:24:11 +0100 Subject: [PATCH 07/30] [#224] Rename docker-compose file to support Cardano stack only In preparation for a more modular and environment-specific docker-compose setup, the existing docker-compose configuration has been renamed to `docker-compose.node+dbsync.yml`. This change marks a pre-step towards introducing separate docker-compose files for each environment, aiming to streamline development processes and improve clarity. --- ...ompose.dev.yml => docker-compose.node+dbsync.yml} | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) rename scripts/govtool/{docker-compose.dev.yml => docker-compose.node+dbsync.yml} (86%) diff --git a/scripts/govtool/docker-compose.dev.yml b/scripts/govtool/docker-compose.node+dbsync.yml similarity index 86% rename from scripts/govtool/docker-compose.dev.yml rename to scripts/govtool/docker-compose.node+dbsync.yml index fe68dc95e..bcd8ba8c4 100644 --- a/scripts/govtool/docker-compose.dev.yml +++ b/scripts/govtool/docker-compose.node+dbsync.yml @@ -15,10 +15,10 @@ # * ./dev-postgres_user # # USAGE: -# docker compose --file docker-compose.dev.yml up --detach -# docker compose --file docker-compose.dev.yml down --remove-orphans -# docker compose --file docker-compose.dev.yml logs --follow --timestamps cardano-node -# docker compose --file docker-compose.dev.yml logs --follow --timestamps cardano-db-sync +# docker compose --file docker-compose.node+dbsync.yml up --detach +# docker compose --file docker-compose.node+dbsync.yml down --remove-orphans +# docker compose --file docker-compose.node+dbsync.yml logs --follow --timestamps cardano-node +# docker compose --file docker-compose.node+dbsync.yml logs --follow --timestamps cardano-db-sync # docker-compose run postgres psql version: "3.9" @@ -56,9 +56,9 @@ services: restart: on-failure healthcheck: test: ["CMD-SHELL", "curl -f 127.0.0.1:12788 || exit 1"] - interval: 60s + interval: 10s timeout: 10s - retries: 5 + retries: 10 cardano-db-sync: image: ghcr.io/intersectmbo/cardano-db-sync:sancho-4-0-0-fix-config From 39535e8083e8620d5083460d8ffd579681e119d8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Placzy=C5=84ski?= Date: Wed, 21 Feb 2024 09:55:14 +0100 Subject: [PATCH 08/30] [#224] Remove unused docker-compose configuration As part of streamlining the development environment and preparing for a more granular docker-compose file strategy, the unused `docker-compose.yml` file within the `scripts/govtool` directory has been removed. This removal is in alignment with efforts to declutter the project's configuration files and ensure that only relevant and environment-specific docker-compose files are maintained. This change aids in reducing confusion and simplifying the setup process for developers, ensuring a focus on necessary services and configurations for development and testing. --- scripts/govtool/docker-compose.yml | 180 ----------------------------- 1 file changed, 180 deletions(-) delete mode 100644 scripts/govtool/docker-compose.yml diff --git a/scripts/govtool/docker-compose.yml b/scripts/govtool/docker-compose.yml deleted file mode 100644 index c0daa4671..000000000 --- a/scripts/govtool/docker-compose.yml +++ /dev/null @@ -1,180 +0,0 @@ -version: "3.9" - -services: - traefik: - image: traefik:v2.10 - command: - - "--providers.docker=true" - - "--providers.docker.exposedbydefault=false" - - "--entrypoints.web.address=:80" - # - "--entrypoints.websecure.address=:443" - # - "--certificatesresolvers.myresolver.acme.httpchallenge=true" - # - "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web" - # - "--certificatesresolvers.myresolver.acme.email=${TRAEFIK_LE_EMAIL}" - # - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json" - ports: - - ${TRAEFIK_HTTP_PORT:-8080}:80 - # - ${TRAEFIK_HTTPS_PORT:-8443}:8443 - volumes: - # - letsencrypt:/letsencrypt - - "/var/run/docker.sock:/var/run/docker.sock:ro" - - postgres: - image: postgres:11.18-alpine - environment: - - POSTGRES_LOGGING=true - - POSTGRES_DB_FILE=/run/secrets/postgres_db - - POSTGRES_PASSWORD_FILE=/run/secrets/postgres_password - - POSTGRES_USER_FILE=/run/secrets/postgres_user - secrets: - - postgres_password - - postgres_user - - postgres_db - # don't expose ports because the traffic goes through traefik - # ports: - # - ${DBSYNC_POSTGRES_PORT:-5432}:5432 - volumes: - - postgres:/var/lib/postgresql/data - restart: on-failure - healthcheck: - # Use pg_isready to check postgres is running. Substitute different - # user `postgres` if you've setup differently to config/pgpass-mainnet - test: ["CMD-SHELL", "pg_isready -U postgres"] - interval: 10s - timeout: 5s - retries: 5 - command: ${POSTGRES_ARGS:--c maintenance_work_mem=1GB -c max_parallel_maintenance_workers=4} - logging: &logging - driver: "json-file" - options: - max-size: "200k" - max-file: "10" - - cardano-node: - image: inputoutput/cardano-node:8.7.3 - environment: - - NETWORK=${NETWORK:-mainnet} - volumes: - - node-db:/data/db - - node-ipc:/ipc - restart: on-failure - healthcheck: - # Ping the EKG port to see if it responds. - # Assuming if EKG isn't up then the rest of cardano-node isn't either. - test: ["CMD-SHELL", "curl -f 127.0.0.1:12788 || exit 1"] - interval: 60s - timeout: 10s - retries: 5 - logging: *logging - - cardano-db-sync: - image: inputoutput/cardano-db-sync:13.1.1.2-docker - environment: - - NETWORK=${NETWORK:-mainnet} - - POSTGRES_HOST=postgres - - POSTGRES_PORT=5432 - - RESTORE_SNAPSHOT=${RESTORE_SNAPSHOT:-} - - RESTORE_RECREATE_DB=N - - EXTRA_DB_SYNC_ARGS=${EXTRA_DB_SYNC_ARGS:-} - depends_on: - # Depend on both services to be healthy before starting. - cardano-node: - condition: service_healthy - postgres: - condition: service_healthy - secrets: - - postgres_password - - postgres_user - - postgres_db - volumes: - - db-sync-data:/var/lib/cexplorer - - node-ipc:/node-ipc - restart: on-failure - logging: *logging - - postgres-fakedbsync: - image: postgres:15-alpine - environment: - - POSTGRES_LOGGING=true - - POSTGRES_DB=govtool - - POSTGRES_PASSWORD=test - - POSTGRES_USER=postgres - volumes: - - postgres-fakedbsync:/var/lib/postgresql/data - - ../../govtool/backend/misc/fakedbsync_users.sql:/docker-entrypoint-initdb.d/00_fakedbsync_users.sql - - ../../govtool/backend/misc/schema6.sql:/docker-entrypoint-initdb.d/10_schema6.sql - restart: on-failure - healthcheck: - # Use pg_isready to check postgres is running. Substitute different - # user `postgres` if you've setup differently to config/pgpass-mainnet - test: ["CMD-SHELL", "pg_isready -U postgres"] - interval: 10s - timeout: 5s - retries: 5 - command: ${POSTGRES_ARGS:--c maintenance_work_mem=1GB -c max_parallel_maintenance_workers=4} - logging: *logging - - backend: - build: - context: ../../govtool/backend - command: /usr/local/bin/vva-be -c /run/secrets/backend-config.json start-app - depends_on: - # Depend on both services to be healthy before starting. - cardano-node: - condition: service_healthy - postgres: - condition: service_healthy - postgres-fakedbsync: - condition: service_healthy - # don't expose ports because the traffic goes through traefik - # ports: - # - ${VVA_BE_PORT:-9876}:9876 - secrets: - - backend-config.json - restart: on-failure - logging: *logging - labels: - - "traefik.enable=true" - - "traefik.http.routers.backend.rule=Host(`${GOVTOOL_BE_DOMAIN:-backend-govtool.localhost}`)" - - "traefik.http.routers.backend.entrypoints=web" - - "traefik.http.services.backend.loadbalancer.server.port=9876" - - frontend: - build: - context: ../../govtool/frontend - args: - - VITE_BASE_URL="https://${GOVTOOL_BE_DOMAIN:-backend-govtool.localhost}" - depends_on: - # Depend on both services to be healthy before starting. - cardano-node: - condition: service_healthy - postgres: - condition: service_healthy - # don't expose ports because the traffic goes through traefik - # ports: - # - ${VVA_FE_PORT:-8080}:80 - restart: on-failure - logging: *logging - labels: - - "traefik.enable=true" - - "traefik.http.routers.frontend.rule=Host(`${GOVTOOL_FE_DOMAIN:-frontend-govtool.localhost}`)" - - "traefik.http.routers.frontend.entrypoints=web" - - "traefik.http.services.frontend.loadbalancer.server.port=80" - -secrets: - postgres_db: - file: ./config/secrets/postgres_db - postgres_password: - file: ./config/secrets/postgres_password - postgres_user: - file: ./config/secrets/postgres_user - backend-config.json: - file: ./config/secrets/backend-config.json - -volumes: - # letsencrypt: - db-sync-data: - postgres: - postgres-fakedbsync: - node-db: - node-ipc: From 5f8697265005a3b2f4d8a34468f1279c07e115ef Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Placzy=C5=84ski?= Date: Wed, 21 Feb 2024 10:24:21 +0100 Subject: [PATCH 09/30] [#224] Refactor Makefile to use variable for docker-compose file selection Updated the Makefile within the `scripts/govtool` directory to dynamically select the docker-compose file based on the `cardano_network` variable. This change introduces a new variable `docker_compose_file` that constructs the docker-compose filename from the given network environment (e.g., `docker-compose.mainnet.yml` or `docker-compose.testnet.yml`). This adjustment allows for more flexible deployment processes by automatically selecting the appropriate docker-compose configuration for different Cardano network environments during deployment, toggling maintenance mode, and executing other docker-compose commands. The intent is to streamline deployment workflows and enhance maintainability by reducing hardcoded references to specific docker-compose files. --- scripts/govtool/Makefile | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/scripts/govtool/Makefile b/scripts/govtool/Makefile index 8268fbada..f06fd12a7 100644 --- a/scripts/govtool/Makefile +++ b/scripts/govtool/Makefile @@ -20,6 +20,7 @@ tag := $(commit)-$(env)-$(cardano_network) docker_host := $(domain) docker_user := ubuntu ssh_url := $(docker_user)@$(docker_host) +docker_compose_file := docker-compose.$(cardano_network).yml # helper function for checking undefined variables check_defined = \ @@ -104,8 +105,8 @@ deploy-stack: export GRAFANA_ADMIN_PASSWORD=$(grafana_admin_password); \ export TAG=$(tag); \ ssh-keyscan $(docker_host) 2>/dev/null >> ~/.ssh/known_hosts; \ - docker compose -f docker-compose.$(cardano_network).yml -p govtool-$(env)-$(cardano_network) pull; \ - docker compose -f docker-compose.$(cardano_network).yml -p govtool-$(env)-$(cardano_network) up -d + docker compose -f $(docker_compose_file) -p govtool-$(env)-$(cardano_network) pull; \ + docker compose -f $(docker_compose_file) -p govtool-$(env)-$(cardano_network) up -d .PHONY: destroy-cardano-node-and-dbsync destroy-cardano-node-and-dbsync: @@ -132,8 +133,8 @@ toggle-maintenance: export DOCKER_HOST=ssh://$(ssh_url); \ export TAG=$(tag); \ ssh-keyscan $(docker_host) 2>/dev/null >> ~/.ssh/known_hosts; \ - if [[ "$(maintenance)" = "enable" ]]; then docker compose -f docker-compose.$(cardano_network).yml -p govtool-$(env)-$(cardano_network) exec frontend touch /var/run/maintenance_enabled; \ - else docker compose -f docker-compose.$(cardano_network).yml -p govtool-$(env)-$(cardano_network) exec frontend rm /var/run/maintenance_enabled; fi + if [[ "$(maintenance)" = "enable" ]]; then docker compose -f $(docker_compose_file) -p govtool-$(env)-$(cardano_network) exec frontend touch /var/run/maintenance_enabled; \ + else docker compose -f $(docker_compose_file) -p govtool-$(env)-$(cardano_network) exec frontend rm /var/run/maintenance_enabled; fi .DEFAULT_GOAL := info .PHONY: info @@ -176,4 +177,4 @@ docker: export GRAFANA_ADMIN_PASSWORD=$(grafana_admin_password); \ export TAG=$(tag); \ ssh-keyscan $(docker_host) 2>/dev/null >> ~/.ssh/known_hosts; \ - docker compose -f docker-compose.$(cardano_network).yml -p govtool-$(env)-$(cardano_network) $(cmd) + docker compose -f $(docker_compose_file) -p govtool-$(env)-$(cardano_network) $(cmd) From 58a7edf20526b8f98e8b372197cffb7167d7e624 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Placzy=C5=84ski?= Date: Wed, 21 Feb 2024 10:35:28 +0100 Subject: [PATCH 10/30] [#224] Create separate docker-compose files for each environment As part of improving the deployment process and environment management, separate docker-compose files have been created for each environment: development (dev), testing (test), staging, and beta. This change allows for tailored configurations per environment, enhancing the ability to manage unique settings, dependencies, and services required by each. The `docker-compose.sanchonet.yml` file has been renamed to `docker-compose.beta.yml` to align with this new structure. Additionally, the Makefile has been updated to dynamically select the docker-compose file based on the `env` variable, further streamlining deployment operations. This modular approach not only simplifies environment-specific deployments but also improves the overall manageability and scalability of the infrastructure. --- scripts/govtool/Makefile | 2 +- ....sanchonet.yml => docker-compose.beta.yml} | 0 scripts/govtool/docker-compose.dev.yml | 233 ++++++++++++++++++ scripts/govtool/docker-compose.staging.yml | 233 ++++++++++++++++++ scripts/govtool/docker-compose.test.yml | 233 ++++++++++++++++++ 5 files changed, 700 insertions(+), 1 deletion(-) rename scripts/govtool/{docker-compose.sanchonet.yml => docker-compose.beta.yml} (100%) create mode 100644 scripts/govtool/docker-compose.dev.yml create mode 100644 scripts/govtool/docker-compose.staging.yml create mode 100644 scripts/govtool/docker-compose.test.yml diff --git a/scripts/govtool/Makefile b/scripts/govtool/Makefile index f06fd12a7..5d7835c36 100644 --- a/scripts/govtool/Makefile +++ b/scripts/govtool/Makefile @@ -20,7 +20,7 @@ tag := $(commit)-$(env)-$(cardano_network) docker_host := $(domain) docker_user := ubuntu ssh_url := $(docker_user)@$(docker_host) -docker_compose_file := docker-compose.$(cardano_network).yml +docker_compose_file := docker-compose.$(env).yml # helper function for checking undefined variables check_defined = \ diff --git a/scripts/govtool/docker-compose.sanchonet.yml b/scripts/govtool/docker-compose.beta.yml similarity index 100% rename from scripts/govtool/docker-compose.sanchonet.yml rename to scripts/govtool/docker-compose.beta.yml diff --git a/scripts/govtool/docker-compose.dev.yml b/scripts/govtool/docker-compose.dev.yml new file mode 100644 index 000000000..7c85b506f --- /dev/null +++ b/scripts/govtool/docker-compose.dev.yml @@ -0,0 +1,233 @@ +version: "3.9" + +services: + traefik: + image: traefik:v2.10 + command: + - "--providers.docker=true" + - "--providers.docker.exposedbydefault=false" + - "--entrypoints.web.address=:80" + - "--entrypoints.websecure.address=:443" + - "--certificatesresolvers.myresolver.acme.httpchallenge=true" + - "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web" + - "--certificatesresolvers.myresolver.acme.email=${TRAEFIK_LE_EMAIL}" + - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json" + - "--log.level=DEBUG" + - "--entryPoints.metrics.address=:8082" + - "--metrics.prometheus=true" + - "--metrics.prometheus.entryPoint=metrics" + - "--metrics.prometheus.buckets=0.1,0.3,1.2,5.0" + ports: + - 80:80 + - 443:443 + volumes: + - letsencrypt:/letsencrypt + - "/var/run/docker.sock:/var/run/docker.sock:ro" + restart: always + logging: &logging + driver: "json-file" + options: + max-size: "200k" + max-file: "10" + labels: + - "traefik.enable=true" + - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" + - "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)" + - "traefik.http.routers.http-catchall.entrypoints=web" + - "traefik.http.routers.http-catchall.middlewares=redirect-to-https" + + prometheus: + image: prom/prometheus:v2.47.1 + volumes: + - prometheus-data:/prometheus + - /home/ubuntu/config/prometheus.yml:/etc/prometheus/prometheus.yml + extra_hosts: + - "host.docker.internal:host-gateway" + restart: always + logging: *logging + + grafana: + image: grafana/grafana:10.0.8 + volumes: + - grafana-data:/var/lib/grafana + - /home/ubuntu/config/grafana-provisioning:/etc/grafana/provisioning + environment: + - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_ADMIN_PASSWORD} + - GF_USERS_ALLOW_SIGN_UP=false + - GF_INSTALL_PLUGINS=grafana-piechart-panel + - GF_SERVER_ROOT_URL=https://${SUBDOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK}.govtool.byron.network/grafana + - GF_SERVER_SERVE_FROM_SUB_PATH=true + restart: always + logging: *logging + labels: + - "traefik.enable=true" + - "traefik.http.routers.grafana.rule=Host(`${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network}`) && PathPrefix(`/grafana`)" + - "traefik.http.routers.grafana.entrypoints=websecure" + - "traefik.http.routers.grafana.tls.certresolver=myresolver" + - "traefik.http.services.grafana.loadbalancer.server.port=3000" + + status-service: + build: + context: ../../govtool/status-service + environment: + - GRAFANA_USERNAME=admin + - GRAFANA_PASSWORD=${GRAFANA_ADMIN_PASSWORD} + restart: always + logging: *logging + labels: + - "traefik.enable=true" + - "traefik.http.routers.status-service.rule=Host(`${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network}`) && PathPrefix(`/status`)" + - "traefik.http.routers.status-service.entrypoints=websecure" + - "traefik.http.routers.status-service.tls.certresolver=myresolver" + - "traefik.http.services.status-service.loadbalancer.server.port=8000" + + postgres: + image: postgres:15-alpine + environment: + - POSTGRES_LOGGING=true + - POSTGRES_DB_FILE=/run/secrets/postgres_db + - POSTGRES_PASSWORD_FILE=/run/secrets/postgres_password + - POSTGRES_USER_FILE=/run/secrets/postgres_user + secrets: + - postgres_password + - postgres_user + - postgres_db + volumes: + - postgres:/var/lib/postgresql/data + restart: always + healthcheck: + test: ["CMD-SHELL", "pg_isready -U postgres"] + interval: 10s + timeout: 5s + retries: 5 + command: ${POSTGRES_ARGS:--c maintenance_work_mem=1GB -c max_parallel_maintenance_workers=4} + logging: *logging + + cardano-node: + image: ghcr.io/intersectmbo/cardano-node:8.8.0-pre + entrypoint: + - "cardano-node" + - "run" + - "--topology" + - "/configuration/topology.json" + - "--database-path" + - "/data/db" + - "--socket-path" + - "/ipc/node.socket" + - "--host-addr" + - "0.0.0.0" + - "--port" + - "3001" + - "--config" + - "/configuration/config.json" + - "+RTS" + - "-N2" + - "-I0" + - "-A16m" + - "-qg" + - "-qb" + - "--disable-delayed-os-memory-return" + - "-RTS" + environment: + - NETWORK=${CARDANO_NETWORK:-sanchonet} + volumes: + - node-db:/data/db + - node-ipc:/ipc + - /home/ubuntu/config/cardano-node:/configuration + restart: always + healthcheck: + test: ["CMD-SHELL", "curl -f 127.0.0.1:12788 || exit 1"] + interval: 60s + timeout: 10s + retries: 5 + logging: *logging + + cardano-db-sync: + image: ghcr.io/intersectmbo/cardano-db-sync:sancho-4-0-0-fix-config + environment: + - NETWORK=${CARDANO_NETWORK:-sanchonet} + - POSTGRES_HOST=postgres + - POSTGRES_PORT=5432 + - RESTORE_SNAPSHOT=${RESTORE_SNAPSHOT:-} + - RESTORE_RECREATE_DB=N + - EXTRA_DB_SYNC_ARGS=${EXTRA_DB_SYNC_ARGS:-} + depends_on: + cardano-node: + condition: service_healthy + postgres: + condition: service_healthy + secrets: + - postgres_password + - postgres_user + - postgres_db + volumes: + - db-sync-data:/var/lib/cexplorer + - node-ipc:/node-ipc + restart: always + logging: *logging + + backend: + image: ${VVA_BE_REPO:-733019650473.dkr.ecr.eu-west-1.amazonaws.com/backend}:${TAG:-main-dev-sanchonet} + command: /usr/local/bin/vva-be -c /run/secrets/backend-config.json start-app + depends_on: + cardano-node: + condition: service_healthy + postgres: + condition: service_healthy + secrets: + - backend-config.json + restart: always + logging: *logging + labels: + - "traefik.enable=true" + - "traefik.http.routers.backend.rule=Host(`${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network}`) && PathPrefix(`/api`)" + - "traefik.http.middlewares.backend-stripprefix.stripprefix.prefixes=/api" + - "traefik.http.middlewares.backend-cors.headers.accesscontrolallowmethods=GET,HEAD,OPTIONS" + - "traefik.http.middlewares.backend-cors.headers.accesscontrolallowheaders=*" + - "traefik.http.middlewares.backend-cors.headers.accesscontrolalloworiginlist=https://${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network},http://localhost" + - "traefik.http.middlewares.backend-cors.headers.accesscontrolmaxage=100" + - "traefik.http.middlewares.backend-cors.headers.addvaryheader=true" + - "traefik.http.routers.backend.middlewares=backend-stripprefix@docker,backend-cors@docker" + - "traefik.http.routers.backend.entrypoints=websecure" + - "traefik.http.routers.backend.tls.certresolver=myresolver" + - "traefik.http.services.backend.loadbalancer.server.port=9876" + + frontend: + image: ${VVA_FE_REPO:-733019650473.dkr.ecr.eu-west-1.amazonaws.com/frontend}:${TAG:-main-dev-sanchonet} + volumes: + - /home/ubuntu/config/nginx/auth.conf:/etc/nginx/conf.d/auth.conf + - /home/ubuntu/config/nginx/govtool.htpasswd:/etc/nginx/conf.d/govtool.htpasswd + depends_on: + cardano-node: + condition: service_healthy + postgres: + condition: service_healthy + restart: always + logging: *logging + labels: + - "traefik.enable=true" + - "traefik.http.routers.frontend.rule=Host(`${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network}`)" + - "traefik.http.routers.frontend.entrypoints=websecure" + - "traefik.http.routers.frontend.tls.certresolver=myresolver" + - "traefik.http.middlewares.frontend-csp.headers.contentSecurityPolicy=default-src 'self'; img-src *.usersnap.com 'self' data:; script-src *.usersnap.com 'self' 'unsafe-inline' https://www.googletagmanager.com https://browser.sentry-cdn.com; style-src *.usersnap.com *.googleapis.com 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src *.usersnap.com https://s3.eu-central-1.amazonaws.com/upload.usersnap.com 'self' https://o4506155985141760.ingest.sentry.io/api/4506156032196608/envelope/ *.google-analytics.com; font-src *.usersnap.com *.gstatic.com 'self' 'unsafe-inline' https://fonts.gstatic.com; worker-src blob:" + - "traefik.http.routers.frontend.middlewares=frontend-csp@docker" + - "traefik.http.services.frontend.loadbalancer.server.port=80" + +secrets: + postgres_db: + file: /home/ubuntu/config/dbsync-secrets/postgres_db + postgres_password: + file: /home/ubuntu/config/dbsync-secrets/postgres_password + postgres_user: + file: /home/ubuntu/config/dbsync-secrets/postgres_user + backend-config.json: + file: /home/ubuntu/config/backend-config.json + +volumes: + letsencrypt: + db-sync-data: + grafana-data: + postgres: + prometheus-data: + node-db: + node-ipc: diff --git a/scripts/govtool/docker-compose.staging.yml b/scripts/govtool/docker-compose.staging.yml new file mode 100644 index 000000000..7c85b506f --- /dev/null +++ b/scripts/govtool/docker-compose.staging.yml @@ -0,0 +1,233 @@ +version: "3.9" + +services: + traefik: + image: traefik:v2.10 + command: + - "--providers.docker=true" + - "--providers.docker.exposedbydefault=false" + - "--entrypoints.web.address=:80" + - "--entrypoints.websecure.address=:443" + - "--certificatesresolvers.myresolver.acme.httpchallenge=true" + - "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web" + - "--certificatesresolvers.myresolver.acme.email=${TRAEFIK_LE_EMAIL}" + - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json" + - "--log.level=DEBUG" + - "--entryPoints.metrics.address=:8082" + - "--metrics.prometheus=true" + - "--metrics.prometheus.entryPoint=metrics" + - "--metrics.prometheus.buckets=0.1,0.3,1.2,5.0" + ports: + - 80:80 + - 443:443 + volumes: + - letsencrypt:/letsencrypt + - "/var/run/docker.sock:/var/run/docker.sock:ro" + restart: always + logging: &logging + driver: "json-file" + options: + max-size: "200k" + max-file: "10" + labels: + - "traefik.enable=true" + - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" + - "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)" + - "traefik.http.routers.http-catchall.entrypoints=web" + - "traefik.http.routers.http-catchall.middlewares=redirect-to-https" + + prometheus: + image: prom/prometheus:v2.47.1 + volumes: + - prometheus-data:/prometheus + - /home/ubuntu/config/prometheus.yml:/etc/prometheus/prometheus.yml + extra_hosts: + - "host.docker.internal:host-gateway" + restart: always + logging: *logging + + grafana: + image: grafana/grafana:10.0.8 + volumes: + - grafana-data:/var/lib/grafana + - /home/ubuntu/config/grafana-provisioning:/etc/grafana/provisioning + environment: + - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_ADMIN_PASSWORD} + - GF_USERS_ALLOW_SIGN_UP=false + - GF_INSTALL_PLUGINS=grafana-piechart-panel + - GF_SERVER_ROOT_URL=https://${SUBDOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK}.govtool.byron.network/grafana + - GF_SERVER_SERVE_FROM_SUB_PATH=true + restart: always + logging: *logging + labels: + - "traefik.enable=true" + - "traefik.http.routers.grafana.rule=Host(`${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network}`) && PathPrefix(`/grafana`)" + - "traefik.http.routers.grafana.entrypoints=websecure" + - "traefik.http.routers.grafana.tls.certresolver=myresolver" + - "traefik.http.services.grafana.loadbalancer.server.port=3000" + + status-service: + build: + context: ../../govtool/status-service + environment: + - GRAFANA_USERNAME=admin + - GRAFANA_PASSWORD=${GRAFANA_ADMIN_PASSWORD} + restart: always + logging: *logging + labels: + - "traefik.enable=true" + - "traefik.http.routers.status-service.rule=Host(`${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network}`) && PathPrefix(`/status`)" + - "traefik.http.routers.status-service.entrypoints=websecure" + - "traefik.http.routers.status-service.tls.certresolver=myresolver" + - "traefik.http.services.status-service.loadbalancer.server.port=8000" + + postgres: + image: postgres:15-alpine + environment: + - POSTGRES_LOGGING=true + - POSTGRES_DB_FILE=/run/secrets/postgres_db + - POSTGRES_PASSWORD_FILE=/run/secrets/postgres_password + - POSTGRES_USER_FILE=/run/secrets/postgres_user + secrets: + - postgres_password + - postgres_user + - postgres_db + volumes: + - postgres:/var/lib/postgresql/data + restart: always + healthcheck: + test: ["CMD-SHELL", "pg_isready -U postgres"] + interval: 10s + timeout: 5s + retries: 5 + command: ${POSTGRES_ARGS:--c maintenance_work_mem=1GB -c max_parallel_maintenance_workers=4} + logging: *logging + + cardano-node: + image: ghcr.io/intersectmbo/cardano-node:8.8.0-pre + entrypoint: + - "cardano-node" + - "run" + - "--topology" + - "/configuration/topology.json" + - "--database-path" + - "/data/db" + - "--socket-path" + - "/ipc/node.socket" + - "--host-addr" + - "0.0.0.0" + - "--port" + - "3001" + - "--config" + - "/configuration/config.json" + - "+RTS" + - "-N2" + - "-I0" + - "-A16m" + - "-qg" + - "-qb" + - "--disable-delayed-os-memory-return" + - "-RTS" + environment: + - NETWORK=${CARDANO_NETWORK:-sanchonet} + volumes: + - node-db:/data/db + - node-ipc:/ipc + - /home/ubuntu/config/cardano-node:/configuration + restart: always + healthcheck: + test: ["CMD-SHELL", "curl -f 127.0.0.1:12788 || exit 1"] + interval: 60s + timeout: 10s + retries: 5 + logging: *logging + + cardano-db-sync: + image: ghcr.io/intersectmbo/cardano-db-sync:sancho-4-0-0-fix-config + environment: + - NETWORK=${CARDANO_NETWORK:-sanchonet} + - POSTGRES_HOST=postgres + - POSTGRES_PORT=5432 + - RESTORE_SNAPSHOT=${RESTORE_SNAPSHOT:-} + - RESTORE_RECREATE_DB=N + - EXTRA_DB_SYNC_ARGS=${EXTRA_DB_SYNC_ARGS:-} + depends_on: + cardano-node: + condition: service_healthy + postgres: + condition: service_healthy + secrets: + - postgres_password + - postgres_user + - postgres_db + volumes: + - db-sync-data:/var/lib/cexplorer + - node-ipc:/node-ipc + restart: always + logging: *logging + + backend: + image: ${VVA_BE_REPO:-733019650473.dkr.ecr.eu-west-1.amazonaws.com/backend}:${TAG:-main-dev-sanchonet} + command: /usr/local/bin/vva-be -c /run/secrets/backend-config.json start-app + depends_on: + cardano-node: + condition: service_healthy + postgres: + condition: service_healthy + secrets: + - backend-config.json + restart: always + logging: *logging + labels: + - "traefik.enable=true" + - "traefik.http.routers.backend.rule=Host(`${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network}`) && PathPrefix(`/api`)" + - "traefik.http.middlewares.backend-stripprefix.stripprefix.prefixes=/api" + - "traefik.http.middlewares.backend-cors.headers.accesscontrolallowmethods=GET,HEAD,OPTIONS" + - "traefik.http.middlewares.backend-cors.headers.accesscontrolallowheaders=*" + - "traefik.http.middlewares.backend-cors.headers.accesscontrolalloworiginlist=https://${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network},http://localhost" + - "traefik.http.middlewares.backend-cors.headers.accesscontrolmaxage=100" + - "traefik.http.middlewares.backend-cors.headers.addvaryheader=true" + - "traefik.http.routers.backend.middlewares=backend-stripprefix@docker,backend-cors@docker" + - "traefik.http.routers.backend.entrypoints=websecure" + - "traefik.http.routers.backend.tls.certresolver=myresolver" + - "traefik.http.services.backend.loadbalancer.server.port=9876" + + frontend: + image: ${VVA_FE_REPO:-733019650473.dkr.ecr.eu-west-1.amazonaws.com/frontend}:${TAG:-main-dev-sanchonet} + volumes: + - /home/ubuntu/config/nginx/auth.conf:/etc/nginx/conf.d/auth.conf + - /home/ubuntu/config/nginx/govtool.htpasswd:/etc/nginx/conf.d/govtool.htpasswd + depends_on: + cardano-node: + condition: service_healthy + postgres: + condition: service_healthy + restart: always + logging: *logging + labels: + - "traefik.enable=true" + - "traefik.http.routers.frontend.rule=Host(`${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network}`)" + - "traefik.http.routers.frontend.entrypoints=websecure" + - "traefik.http.routers.frontend.tls.certresolver=myresolver" + - "traefik.http.middlewares.frontend-csp.headers.contentSecurityPolicy=default-src 'self'; img-src *.usersnap.com 'self' data:; script-src *.usersnap.com 'self' 'unsafe-inline' https://www.googletagmanager.com https://browser.sentry-cdn.com; style-src *.usersnap.com *.googleapis.com 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src *.usersnap.com https://s3.eu-central-1.amazonaws.com/upload.usersnap.com 'self' https://o4506155985141760.ingest.sentry.io/api/4506156032196608/envelope/ *.google-analytics.com; font-src *.usersnap.com *.gstatic.com 'self' 'unsafe-inline' https://fonts.gstatic.com; worker-src blob:" + - "traefik.http.routers.frontend.middlewares=frontend-csp@docker" + - "traefik.http.services.frontend.loadbalancer.server.port=80" + +secrets: + postgres_db: + file: /home/ubuntu/config/dbsync-secrets/postgres_db + postgres_password: + file: /home/ubuntu/config/dbsync-secrets/postgres_password + postgres_user: + file: /home/ubuntu/config/dbsync-secrets/postgres_user + backend-config.json: + file: /home/ubuntu/config/backend-config.json + +volumes: + letsencrypt: + db-sync-data: + grafana-data: + postgres: + prometheus-data: + node-db: + node-ipc: diff --git a/scripts/govtool/docker-compose.test.yml b/scripts/govtool/docker-compose.test.yml new file mode 100644 index 000000000..7c85b506f --- /dev/null +++ b/scripts/govtool/docker-compose.test.yml @@ -0,0 +1,233 @@ +version: "3.9" + +services: + traefik: + image: traefik:v2.10 + command: + - "--providers.docker=true" + - "--providers.docker.exposedbydefault=false" + - "--entrypoints.web.address=:80" + - "--entrypoints.websecure.address=:443" + - "--certificatesresolvers.myresolver.acme.httpchallenge=true" + - "--certificatesresolvers.myresolver.acme.httpchallenge.entrypoint=web" + - "--certificatesresolvers.myresolver.acme.email=${TRAEFIK_LE_EMAIL}" + - "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json" + - "--log.level=DEBUG" + - "--entryPoints.metrics.address=:8082" + - "--metrics.prometheus=true" + - "--metrics.prometheus.entryPoint=metrics" + - "--metrics.prometheus.buckets=0.1,0.3,1.2,5.0" + ports: + - 80:80 + - 443:443 + volumes: + - letsencrypt:/letsencrypt + - "/var/run/docker.sock:/var/run/docker.sock:ro" + restart: always + logging: &logging + driver: "json-file" + options: + max-size: "200k" + max-file: "10" + labels: + - "traefik.enable=true" + - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https" + - "traefik.http.routers.http-catchall.rule=hostregexp(`{host:.+}`)" + - "traefik.http.routers.http-catchall.entrypoints=web" + - "traefik.http.routers.http-catchall.middlewares=redirect-to-https" + + prometheus: + image: prom/prometheus:v2.47.1 + volumes: + - prometheus-data:/prometheus + - /home/ubuntu/config/prometheus.yml:/etc/prometheus/prometheus.yml + extra_hosts: + - "host.docker.internal:host-gateway" + restart: always + logging: *logging + + grafana: + image: grafana/grafana:10.0.8 + volumes: + - grafana-data:/var/lib/grafana + - /home/ubuntu/config/grafana-provisioning:/etc/grafana/provisioning + environment: + - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_ADMIN_PASSWORD} + - GF_USERS_ALLOW_SIGN_UP=false + - GF_INSTALL_PLUGINS=grafana-piechart-panel + - GF_SERVER_ROOT_URL=https://${SUBDOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK}.govtool.byron.network/grafana + - GF_SERVER_SERVE_FROM_SUB_PATH=true + restart: always + logging: *logging + labels: + - "traefik.enable=true" + - "traefik.http.routers.grafana.rule=Host(`${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network}`) && PathPrefix(`/grafana`)" + - "traefik.http.routers.grafana.entrypoints=websecure" + - "traefik.http.routers.grafana.tls.certresolver=myresolver" + - "traefik.http.services.grafana.loadbalancer.server.port=3000" + + status-service: + build: + context: ../../govtool/status-service + environment: + - GRAFANA_USERNAME=admin + - GRAFANA_PASSWORD=${GRAFANA_ADMIN_PASSWORD} + restart: always + logging: *logging + labels: + - "traefik.enable=true" + - "traefik.http.routers.status-service.rule=Host(`${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network}`) && PathPrefix(`/status`)" + - "traefik.http.routers.status-service.entrypoints=websecure" + - "traefik.http.routers.status-service.tls.certresolver=myresolver" + - "traefik.http.services.status-service.loadbalancer.server.port=8000" + + postgres: + image: postgres:15-alpine + environment: + - POSTGRES_LOGGING=true + - POSTGRES_DB_FILE=/run/secrets/postgres_db + - POSTGRES_PASSWORD_FILE=/run/secrets/postgres_password + - POSTGRES_USER_FILE=/run/secrets/postgres_user + secrets: + - postgres_password + - postgres_user + - postgres_db + volumes: + - postgres:/var/lib/postgresql/data + restart: always + healthcheck: + test: ["CMD-SHELL", "pg_isready -U postgres"] + interval: 10s + timeout: 5s + retries: 5 + command: ${POSTGRES_ARGS:--c maintenance_work_mem=1GB -c max_parallel_maintenance_workers=4} + logging: *logging + + cardano-node: + image: ghcr.io/intersectmbo/cardano-node:8.8.0-pre + entrypoint: + - "cardano-node" + - "run" + - "--topology" + - "/configuration/topology.json" + - "--database-path" + - "/data/db" + - "--socket-path" + - "/ipc/node.socket" + - "--host-addr" + - "0.0.0.0" + - "--port" + - "3001" + - "--config" + - "/configuration/config.json" + - "+RTS" + - "-N2" + - "-I0" + - "-A16m" + - "-qg" + - "-qb" + - "--disable-delayed-os-memory-return" + - "-RTS" + environment: + - NETWORK=${CARDANO_NETWORK:-sanchonet} + volumes: + - node-db:/data/db + - node-ipc:/ipc + - /home/ubuntu/config/cardano-node:/configuration + restart: always + healthcheck: + test: ["CMD-SHELL", "curl -f 127.0.0.1:12788 || exit 1"] + interval: 60s + timeout: 10s + retries: 5 + logging: *logging + + cardano-db-sync: + image: ghcr.io/intersectmbo/cardano-db-sync:sancho-4-0-0-fix-config + environment: + - NETWORK=${CARDANO_NETWORK:-sanchonet} + - POSTGRES_HOST=postgres + - POSTGRES_PORT=5432 + - RESTORE_SNAPSHOT=${RESTORE_SNAPSHOT:-} + - RESTORE_RECREATE_DB=N + - EXTRA_DB_SYNC_ARGS=${EXTRA_DB_SYNC_ARGS:-} + depends_on: + cardano-node: + condition: service_healthy + postgres: + condition: service_healthy + secrets: + - postgres_password + - postgres_user + - postgres_db + volumes: + - db-sync-data:/var/lib/cexplorer + - node-ipc:/node-ipc + restart: always + logging: *logging + + backend: + image: ${VVA_BE_REPO:-733019650473.dkr.ecr.eu-west-1.amazonaws.com/backend}:${TAG:-main-dev-sanchonet} + command: /usr/local/bin/vva-be -c /run/secrets/backend-config.json start-app + depends_on: + cardano-node: + condition: service_healthy + postgres: + condition: service_healthy + secrets: + - backend-config.json + restart: always + logging: *logging + labels: + - "traefik.enable=true" + - "traefik.http.routers.backend.rule=Host(`${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network}`) && PathPrefix(`/api`)" + - "traefik.http.middlewares.backend-stripprefix.stripprefix.prefixes=/api" + - "traefik.http.middlewares.backend-cors.headers.accesscontrolallowmethods=GET,HEAD,OPTIONS" + - "traefik.http.middlewares.backend-cors.headers.accesscontrolallowheaders=*" + - "traefik.http.middlewares.backend-cors.headers.accesscontrolalloworiginlist=https://${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network},http://localhost" + - "traefik.http.middlewares.backend-cors.headers.accesscontrolmaxage=100" + - "traefik.http.middlewares.backend-cors.headers.addvaryheader=true" + - "traefik.http.routers.backend.middlewares=backend-stripprefix@docker,backend-cors@docker" + - "traefik.http.routers.backend.entrypoints=websecure" + - "traefik.http.routers.backend.tls.certresolver=myresolver" + - "traefik.http.services.backend.loadbalancer.server.port=9876" + + frontend: + image: ${VVA_FE_REPO:-733019650473.dkr.ecr.eu-west-1.amazonaws.com/frontend}:${TAG:-main-dev-sanchonet} + volumes: + - /home/ubuntu/config/nginx/auth.conf:/etc/nginx/conf.d/auth.conf + - /home/ubuntu/config/nginx/govtool.htpasswd:/etc/nginx/conf.d/govtool.htpasswd + depends_on: + cardano-node: + condition: service_healthy + postgres: + condition: service_healthy + restart: always + logging: *logging + labels: + - "traefik.enable=true" + - "traefik.http.routers.frontend.rule=Host(`${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network}`)" + - "traefik.http.routers.frontend.entrypoints=websecure" + - "traefik.http.routers.frontend.tls.certresolver=myresolver" + - "traefik.http.middlewares.frontend-csp.headers.contentSecurityPolicy=default-src 'self'; img-src *.usersnap.com 'self' data:; script-src *.usersnap.com 'self' 'unsafe-inline' https://www.googletagmanager.com https://browser.sentry-cdn.com; style-src *.usersnap.com *.googleapis.com 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src *.usersnap.com https://s3.eu-central-1.amazonaws.com/upload.usersnap.com 'self' https://o4506155985141760.ingest.sentry.io/api/4506156032196608/envelope/ *.google-analytics.com; font-src *.usersnap.com *.gstatic.com 'self' 'unsafe-inline' https://fonts.gstatic.com; worker-src blob:" + - "traefik.http.routers.frontend.middlewares=frontend-csp@docker" + - "traefik.http.services.frontend.loadbalancer.server.port=80" + +secrets: + postgres_db: + file: /home/ubuntu/config/dbsync-secrets/postgres_db + postgres_password: + file: /home/ubuntu/config/dbsync-secrets/postgres_password + postgres_user: + file: /home/ubuntu/config/dbsync-secrets/postgres_user + backend-config.json: + file: /home/ubuntu/config/backend-config.json + +volumes: + letsencrypt: + db-sync-data: + grafana-data: + postgres: + prometheus-data: + node-db: + node-ipc: From dbb90f879e8dadf5ef6cc5aee72ecc2805675329 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Placzy=C5=84ski?= Date: Wed, 21 Feb 2024 11:08:37 +0100 Subject: [PATCH 11/30] [#224] Hardcode domains for target environments in Docker Compose files Updated the Docker Compose files for beta, dev, staging, and test environments to hardcode the domain names for each respective environment. This change ensures that the services within each environment are accessible through predefined, environment-specific URLs, enhancing clarity and reducing the reliance on dynamically generated domain names based on environment variables. Specifically, the changes include hardcoding the Grafana URL, status-service, backend API, and frontend service URLs to their respective environment-specific domains. This change also addresses the original issue stated in #224 - an exception on dev sever to apply specific CORS policy only there. This adjustment facilitates more predictable deployment and access patterns for services across different deployment stages. --- scripts/govtool/docker-compose.beta.yml | 12 ++++++------ scripts/govtool/docker-compose.dev.yml | 12 ++++++------ scripts/govtool/docker-compose.staging.yml | 12 ++++++------ scripts/govtool/docker-compose.test.yml | 12 ++++++------ 4 files changed, 24 insertions(+), 24 deletions(-) diff --git a/scripts/govtool/docker-compose.beta.yml b/scripts/govtool/docker-compose.beta.yml index 7c85b506f..0a608601f 100644 --- a/scripts/govtool/docker-compose.beta.yml +++ b/scripts/govtool/docker-compose.beta.yml @@ -55,13 +55,13 @@ services: - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_ADMIN_PASSWORD} - GF_USERS_ALLOW_SIGN_UP=false - GF_INSTALL_PLUGINS=grafana-piechart-panel - - GF_SERVER_ROOT_URL=https://${SUBDOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK}.govtool.byron.network/grafana + - GF_SERVER_ROOT_URL=https://sanchogov.tools/grafana/login - GF_SERVER_SERVE_FROM_SUB_PATH=true restart: always logging: *logging labels: - "traefik.enable=true" - - "traefik.http.routers.grafana.rule=Host(`${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network}`) && PathPrefix(`/grafana`)" + - "traefik.http.routers.grafana.rule=Host(`sanchogov.tools`) && PathPrefix(`/grafana`)" - "traefik.http.routers.grafana.entrypoints=websecure" - "traefik.http.routers.grafana.tls.certresolver=myresolver" - "traefik.http.services.grafana.loadbalancer.server.port=3000" @@ -76,7 +76,7 @@ services: logging: *logging labels: - "traefik.enable=true" - - "traefik.http.routers.status-service.rule=Host(`${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network}`) && PathPrefix(`/status`)" + - "traefik.http.routers.status-service.rule=Host(`sanchogov.tools`) && PathPrefix(`/status`)" - "traefik.http.routers.status-service.entrypoints=websecure" - "traefik.http.routers.status-service.tls.certresolver=myresolver" - "traefik.http.services.status-service.loadbalancer.server.port=8000" @@ -180,11 +180,11 @@ services: logging: *logging labels: - "traefik.enable=true" - - "traefik.http.routers.backend.rule=Host(`${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network}`) && PathPrefix(`/api`)" + - "traefik.http.routers.backend.rule=Host(`sanchogov.tools`) && PathPrefix(`/api`)" - "traefik.http.middlewares.backend-stripprefix.stripprefix.prefixes=/api" - "traefik.http.middlewares.backend-cors.headers.accesscontrolallowmethods=GET,HEAD,OPTIONS" - "traefik.http.middlewares.backend-cors.headers.accesscontrolallowheaders=*" - - "traefik.http.middlewares.backend-cors.headers.accesscontrolalloworiginlist=https://${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network},http://localhost" + - "traefik.http.middlewares.backend-cors.headers.accesscontrolalloworiginlist=https://sanchogov.tools" - "traefik.http.middlewares.backend-cors.headers.accesscontrolmaxage=100" - "traefik.http.middlewares.backend-cors.headers.addvaryheader=true" - "traefik.http.routers.backend.middlewares=backend-stripprefix@docker,backend-cors@docker" @@ -206,7 +206,7 @@ services: logging: *logging labels: - "traefik.enable=true" - - "traefik.http.routers.frontend.rule=Host(`${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network}`)" + - "traefik.http.routers.frontend.rule=Host(`sanchogov.tools`)" - "traefik.http.routers.frontend.entrypoints=websecure" - "traefik.http.routers.frontend.tls.certresolver=myresolver" - "traefik.http.middlewares.frontend-csp.headers.contentSecurityPolicy=default-src 'self'; img-src *.usersnap.com 'self' data:; script-src *.usersnap.com 'self' 'unsafe-inline' https://www.googletagmanager.com https://browser.sentry-cdn.com; style-src *.usersnap.com *.googleapis.com 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src *.usersnap.com https://s3.eu-central-1.amazonaws.com/upload.usersnap.com 'self' https://o4506155985141760.ingest.sentry.io/api/4506156032196608/envelope/ *.google-analytics.com; font-src *.usersnap.com *.gstatic.com 'self' 'unsafe-inline' https://fonts.gstatic.com; worker-src blob:" diff --git a/scripts/govtool/docker-compose.dev.yml b/scripts/govtool/docker-compose.dev.yml index 7c85b506f..a43d63137 100644 --- a/scripts/govtool/docker-compose.dev.yml +++ b/scripts/govtool/docker-compose.dev.yml @@ -55,13 +55,13 @@ services: - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_ADMIN_PASSWORD} - GF_USERS_ALLOW_SIGN_UP=false - GF_INSTALL_PLUGINS=grafana-piechart-panel - - GF_SERVER_ROOT_URL=https://${SUBDOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK}.govtool.byron.network/grafana + - GF_SERVER_ROOT_URL=https://dev-sanchonet.govtool.byron.network/grafana - GF_SERVER_SERVE_FROM_SUB_PATH=true restart: always logging: *logging labels: - "traefik.enable=true" - - "traefik.http.routers.grafana.rule=Host(`${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network}`) && PathPrefix(`/grafana`)" + - "traefik.http.routers.grafana.rule=Host(`dev-sanchonet.govtool.byron.network`) && PathPrefix(`/grafana`)" - "traefik.http.routers.grafana.entrypoints=websecure" - "traefik.http.routers.grafana.tls.certresolver=myresolver" - "traefik.http.services.grafana.loadbalancer.server.port=3000" @@ -76,7 +76,7 @@ services: logging: *logging labels: - "traefik.enable=true" - - "traefik.http.routers.status-service.rule=Host(`${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network}`) && PathPrefix(`/status`)" + - "traefik.http.routers.status-service.rule=Host(`dev-sanchonet.govtool.byron.network`) && PathPrefix(`/status`)" - "traefik.http.routers.status-service.entrypoints=websecure" - "traefik.http.routers.status-service.tls.certresolver=myresolver" - "traefik.http.services.status-service.loadbalancer.server.port=8000" @@ -180,11 +180,11 @@ services: logging: *logging labels: - "traefik.enable=true" - - "traefik.http.routers.backend.rule=Host(`${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network}`) && PathPrefix(`/api`)" + - "traefik.http.routers.backend.rule=Host(`dev-sanchonet.govtool.byron.network`) && PathPrefix(`/api`)" - "traefik.http.middlewares.backend-stripprefix.stripprefix.prefixes=/api" - "traefik.http.middlewares.backend-cors.headers.accesscontrolallowmethods=GET,HEAD,OPTIONS" - "traefik.http.middlewares.backend-cors.headers.accesscontrolallowheaders=*" - - "traefik.http.middlewares.backend-cors.headers.accesscontrolalloworiginlist=https://${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network},http://localhost" + - "traefik.http.middlewares.backend-cors.headers.accesscontrolalloworiginlist=https://dev-sanchonet.govtool.byron.network,http://localhost" - "traefik.http.middlewares.backend-cors.headers.accesscontrolmaxage=100" - "traefik.http.middlewares.backend-cors.headers.addvaryheader=true" - "traefik.http.routers.backend.middlewares=backend-stripprefix@docker,backend-cors@docker" @@ -206,7 +206,7 @@ services: logging: *logging labels: - "traefik.enable=true" - - "traefik.http.routers.frontend.rule=Host(`${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network}`)" + - "traefik.http.routers.frontend.rule=Host(`dev-sanchonet.govtool.byron.network`)" - "traefik.http.routers.frontend.entrypoints=websecure" - "traefik.http.routers.frontend.tls.certresolver=myresolver" - "traefik.http.middlewares.frontend-csp.headers.contentSecurityPolicy=default-src 'self'; img-src *.usersnap.com 'self' data:; script-src *.usersnap.com 'self' 'unsafe-inline' https://www.googletagmanager.com https://browser.sentry-cdn.com; style-src *.usersnap.com *.googleapis.com 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src *.usersnap.com https://s3.eu-central-1.amazonaws.com/upload.usersnap.com 'self' https://o4506155985141760.ingest.sentry.io/api/4506156032196608/envelope/ *.google-analytics.com; font-src *.usersnap.com *.gstatic.com 'self' 'unsafe-inline' https://fonts.gstatic.com; worker-src blob:" diff --git a/scripts/govtool/docker-compose.staging.yml b/scripts/govtool/docker-compose.staging.yml index 7c85b506f..24de7ae0a 100644 --- a/scripts/govtool/docker-compose.staging.yml +++ b/scripts/govtool/docker-compose.staging.yml @@ -55,13 +55,13 @@ services: - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_ADMIN_PASSWORD} - GF_USERS_ALLOW_SIGN_UP=false - GF_INSTALL_PLUGINS=grafana-piechart-panel - - GF_SERVER_ROOT_URL=https://${SUBDOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK}.govtool.byron.network/grafana + - GF_SERVER_ROOT_URL=https://staging.govtool.byron.network/grafana - GF_SERVER_SERVE_FROM_SUB_PATH=true restart: always logging: *logging labels: - "traefik.enable=true" - - "traefik.http.routers.grafana.rule=Host(`${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network}`) && PathPrefix(`/grafana`)" + - "traefik.http.routers.grafana.rule=Host(`staging.govtool.byron.network`) && PathPrefix(`/grafana`)" - "traefik.http.routers.grafana.entrypoints=websecure" - "traefik.http.routers.grafana.tls.certresolver=myresolver" - "traefik.http.services.grafana.loadbalancer.server.port=3000" @@ -76,7 +76,7 @@ services: logging: *logging labels: - "traefik.enable=true" - - "traefik.http.routers.status-service.rule=Host(`${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network}`) && PathPrefix(`/status`)" + - "traefik.http.routers.status-service.rule=Host(`staging.govtool.byron.network`) && PathPrefix(`/status`)" - "traefik.http.routers.status-service.entrypoints=websecure" - "traefik.http.routers.status-service.tls.certresolver=myresolver" - "traefik.http.services.status-service.loadbalancer.server.port=8000" @@ -180,11 +180,11 @@ services: logging: *logging labels: - "traefik.enable=true" - - "traefik.http.routers.backend.rule=Host(`${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network}`) && PathPrefix(`/api`)" + - "traefik.http.routers.backend.rule=Host(`staging.govtool.byron.network`) && PathPrefix(`/api`)" - "traefik.http.middlewares.backend-stripprefix.stripprefix.prefixes=/api" - "traefik.http.middlewares.backend-cors.headers.accesscontrolallowmethods=GET,HEAD,OPTIONS" - "traefik.http.middlewares.backend-cors.headers.accesscontrolallowheaders=*" - - "traefik.http.middlewares.backend-cors.headers.accesscontrolalloworiginlist=https://${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network},http://localhost" + - "traefik.http.middlewares.backend-cors.headers.accesscontrolalloworiginlist=https://staging.govtool.byron.network" - "traefik.http.middlewares.backend-cors.headers.accesscontrolmaxage=100" - "traefik.http.middlewares.backend-cors.headers.addvaryheader=true" - "traefik.http.routers.backend.middlewares=backend-stripprefix@docker,backend-cors@docker" @@ -206,7 +206,7 @@ services: logging: *logging labels: - "traefik.enable=true" - - "traefik.http.routers.frontend.rule=Host(`${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network}`)" + - "traefik.http.routers.frontend.rule=Host(`staging.govtool.byron.network`)" - "traefik.http.routers.frontend.entrypoints=websecure" - "traefik.http.routers.frontend.tls.certresolver=myresolver" - "traefik.http.middlewares.frontend-csp.headers.contentSecurityPolicy=default-src 'self'; img-src *.usersnap.com 'self' data:; script-src *.usersnap.com 'self' 'unsafe-inline' https://www.googletagmanager.com https://browser.sentry-cdn.com; style-src *.usersnap.com *.googleapis.com 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src *.usersnap.com https://s3.eu-central-1.amazonaws.com/upload.usersnap.com 'self' https://o4506155985141760.ingest.sentry.io/api/4506156032196608/envelope/ *.google-analytics.com; font-src *.usersnap.com *.gstatic.com 'self' 'unsafe-inline' https://fonts.gstatic.com; worker-src blob:" diff --git a/scripts/govtool/docker-compose.test.yml b/scripts/govtool/docker-compose.test.yml index 7c85b506f..14b818825 100644 --- a/scripts/govtool/docker-compose.test.yml +++ b/scripts/govtool/docker-compose.test.yml @@ -55,13 +55,13 @@ services: - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_ADMIN_PASSWORD} - GF_USERS_ALLOW_SIGN_UP=false - GF_INSTALL_PLUGINS=grafana-piechart-panel - - GF_SERVER_ROOT_URL=https://${SUBDOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK}.govtool.byron.network/grafana + - GF_SERVER_ROOT_URL=https://test.govtool.byron.network/grafana - GF_SERVER_SERVE_FROM_SUB_PATH=true restart: always logging: *logging labels: - "traefik.enable=true" - - "traefik.http.routers.grafana.rule=Host(`${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network}`) && PathPrefix(`/grafana`)" + - "traefik.http.routers.grafana.rule=Host(`test.govtool.byron.network`) && PathPrefix(`/grafana`)" - "traefik.http.routers.grafana.entrypoints=websecure" - "traefik.http.routers.grafana.tls.certresolver=myresolver" - "traefik.http.services.grafana.loadbalancer.server.port=3000" @@ -76,7 +76,7 @@ services: logging: *logging labels: - "traefik.enable=true" - - "traefik.http.routers.status-service.rule=Host(`${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network}`) && PathPrefix(`/status`)" + - "traefik.http.routers.status-service.rule=Host(`test.govtool.byron.network`) && PathPrefix(`/status`)" - "traefik.http.routers.status-service.entrypoints=websecure" - "traefik.http.routers.status-service.tls.certresolver=myresolver" - "traefik.http.services.status-service.loadbalancer.server.port=8000" @@ -180,11 +180,11 @@ services: logging: *logging labels: - "traefik.enable=true" - - "traefik.http.routers.backend.rule=Host(`${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network}`) && PathPrefix(`/api`)" + - "traefik.http.routers.backend.rule=Host(`test.govtool.byron.network`) && PathPrefix(`/api`)" - "traefik.http.middlewares.backend-stripprefix.stripprefix.prefixes=/api" - "traefik.http.middlewares.backend-cors.headers.accesscontrolallowmethods=GET,HEAD,OPTIONS" - "traefik.http.middlewares.backend-cors.headers.accesscontrolallowheaders=*" - - "traefik.http.middlewares.backend-cors.headers.accesscontrolalloworiginlist=https://${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network},http://localhost" + - "traefik.http.middlewares.backend-cors.headers.accesscontrolalloworiginlist=https://test.govtool.byron.network" - "traefik.http.middlewares.backend-cors.headers.accesscontrolmaxage=100" - "traefik.http.middlewares.backend-cors.headers.addvaryheader=true" - "traefik.http.routers.backend.middlewares=backend-stripprefix@docker,backend-cors@docker" @@ -206,7 +206,7 @@ services: logging: *logging labels: - "traefik.enable=true" - - "traefik.http.routers.frontend.rule=Host(`${DOMAIN:-$ENVIRONMENT-$CARDANO_NETWORK.govtool.byron.network}`)" + - "traefik.http.routers.frontend.rule=Host(`test.govtool.byron.network`)" - "traefik.http.routers.frontend.entrypoints=websecure" - "traefik.http.routers.frontend.tls.certresolver=myresolver" - "traefik.http.middlewares.frontend-csp.headers.contentSecurityPolicy=default-src 'self'; img-src *.usersnap.com 'self' data:; script-src *.usersnap.com 'self' 'unsafe-inline' https://www.googletagmanager.com https://browser.sentry-cdn.com; style-src *.usersnap.com *.googleapis.com 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src *.usersnap.com https://s3.eu-central-1.amazonaws.com/upload.usersnap.com 'self' https://o4506155985141760.ingest.sentry.io/api/4506156032196608/envelope/ *.google-analytics.com; font-src *.usersnap.com *.gstatic.com 'self' 'unsafe-inline' https://fonts.gstatic.com; worker-src blob:" From 93eebd3b02ed7e6f9fe1fe9d8f1719d5c9314e96 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Placzy=C5=84ski?= Date: Wed, 21 Feb 2024 11:30:14 +0100 Subject: [PATCH 12/30] Refactor Makefile to use 'compose_stack_name' variable for project naming Enhanced the Makefile in the `scripts/govtool` directory by introducing a new variable, `compose_stack_name`, to standardize the naming convention for Docker Compose projects across different environments. This variable concatenates 'govtool' with the environment (`env`) and Cardano network (`cardano_network`) identifiers to form a unified project name (e.g., `govtool-dev-sanchonet`). This modification simplifies the Makefile's readability and maintainability by using `compose_stack_name` in place of repeated concatenations throughout the file. Additionally, it ensures consistent naming for Docker Compose projects, facilitating clearer project management and deployment processes. --- scripts/govtool/Makefile | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/scripts/govtool/Makefile b/scripts/govtool/Makefile index 5d7835c36..2900ad2e9 100644 --- a/scripts/govtool/Makefile +++ b/scripts/govtool/Makefile @@ -21,6 +21,7 @@ docker_host := $(domain) docker_user := ubuntu ssh_url := $(docker_user)@$(docker_host) docker_compose_file := docker-compose.$(env).yml +compose_stack_name := govtool-$(env)-$(cardano_network) # helper function for checking undefined variables check_defined = \ @@ -37,7 +38,7 @@ all: docker-login prepare-config upload-config build-backend push-backend build- check-env-defined: @:$(call check_defined, cardano_network) @:$(call check_defined, env) - @grep -q "module \"govtool-$(env)-$(cardano_network)\"" ../../infra/terraform/main.tf && \ + @grep -q "module \"$(compose_stack_name)\"" ../../infra/terraform/main.tf && \ echo "Environment $(env) for network $(cardano_network) is defined in Terraform" || \ { echo "Environment $(env) for network $(cardano_network) is NOT defined in Terraform, cannot deploy there"; exit 1; } @@ -105,8 +106,8 @@ deploy-stack: export GRAFANA_ADMIN_PASSWORD=$(grafana_admin_password); \ export TAG=$(tag); \ ssh-keyscan $(docker_host) 2>/dev/null >> ~/.ssh/known_hosts; \ - docker compose -f $(docker_compose_file) -p govtool-$(env)-$(cardano_network) pull; \ - docker compose -f $(docker_compose_file) -p govtool-$(env)-$(cardano_network) up -d + docker compose -f $(docker_compose_file) -p $(compose_stack_name) pull; \ + docker compose -f $(docker_compose_file) -p $(compose_stack_name) up -d .PHONY: destroy-cardano-node-and-dbsync destroy-cardano-node-and-dbsync: @@ -133,8 +134,8 @@ toggle-maintenance: export DOCKER_HOST=ssh://$(ssh_url); \ export TAG=$(tag); \ ssh-keyscan $(docker_host) 2>/dev/null >> ~/.ssh/known_hosts; \ - if [[ "$(maintenance)" = "enable" ]]; then docker compose -f $(docker_compose_file) -p govtool-$(env)-$(cardano_network) exec frontend touch /var/run/maintenance_enabled; \ - else docker compose -f $(docker_compose_file) -p govtool-$(env)-$(cardano_network) exec frontend rm /var/run/maintenance_enabled; fi + if [[ "$(maintenance)" = "enable" ]]; then docker compose -f $(docker_compose_file) -p $(compose_stack_name) exec frontend touch /var/run/maintenance_enabled; \ + else docker compose -f $(docker_compose_file) -p $(compose_stack_name) exec frontend rm /var/run/maintenance_enabled; fi .DEFAULT_GOAL := info .PHONY: info @@ -177,4 +178,4 @@ docker: export GRAFANA_ADMIN_PASSWORD=$(grafana_admin_password); \ export TAG=$(tag); \ ssh-keyscan $(docker_host) 2>/dev/null >> ~/.ssh/known_hosts; \ - docker compose -f $(docker_compose_file) -p govtool-$(env)-$(cardano_network) $(cmd) + docker compose -f $(docker_compose_file) -p $(compose_stack_name) $(cmd) From f64673c83970956b1e56b4e2a072de0f0f4e1f37 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Placzy=C5=84ski?= Date: Wed, 21 Feb 2024 11:36:11 +0100 Subject: [PATCH 13/30] Fix typo in Makefile Slack notification command Corrected a typo in the `Makefile` under the `scripts/govtool` directory that caused the Slack notification command to fail. The typo in the git revision parsing command (`git-rev-parse HEAD`) was corrected to `git rev-parse HEAD`, ensuring that the command correctly retrieves the current commit hash. This fix ensures that notifications sent to Slack upon deployment include the accurate commit hash from which the deployment was made, improving traceability and communication in deployment processes. --- scripts/govtool/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/govtool/Makefile b/scripts/govtool/Makefile index 2900ad2e9..a1c3346f4 100644 --- a/scripts/govtool/Makefile +++ b/scripts/govtool/Makefile @@ -157,7 +157,7 @@ info: notify: @:$(call check_defined, cardano_network) @:$(call check_defined, env) - curl -X POST -H "Authorization: Bearer $$GRAFANA_SLACK_OAUTH_TOKEN" -d "channel=$$GRAFANA_SLACK_RECIPIENT" -d "text=The deploy to $(env) has been made from branch $(branch) ($(shell git-rev-parse HEAD))" https://slack.com/api/chat.postMessage + curl -X POST -H "Authorization: Bearer $$GRAFANA_SLACK_OAUTH_TOKEN" -d "channel=$$GRAFANA_SLACK_RECIPIENT" -d "text=The deploy to $(env) has been made from branch $(branch) ($(shell git rev-parse HEAD))" https://slack.com/api/chat.postMessage .PHONY: ssh ssh: From 30e1367b7b6beff9f4645d5c2afdec9dc28fffb0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bart=C5=82omiej=20Sworze=C5=84?= Date: Thu, 22 Feb 2024 15:12:45 +0100 Subject: [PATCH 14/30] fix GA details --- .../organisms/GovernanceActionDetailsCard.tsx | 22 ++++++++----------- 1 file changed, 9 insertions(+), 13 deletions(-) diff --git a/govtool/frontend/src/components/organisms/GovernanceActionDetailsCard.tsx b/govtool/frontend/src/components/organisms/GovernanceActionDetailsCard.tsx index af7861853..4dba451c0 100644 --- a/govtool/frontend/src/components/organisms/GovernanceActionDetailsCard.tsx +++ b/govtool/frontend/src/components/organisms/GovernanceActionDetailsCard.tsx @@ -1,7 +1,7 @@ import { Box } from "@mui/material"; import { Button, Typography } from "../atoms"; import InfoOutlinedIcon from "@mui/icons-material/InfoOutlined"; -import { GovActionDetails, VoteActionForm, VotesSubmitted } from "../molecules"; +import { VoteActionForm, VotesSubmitted } from "../molecules"; import { useModal } from "@context"; import { useScreenDimension, useTranslation } from "@hooks"; import { ICONS } from "@consts"; @@ -164,22 +164,18 @@ export const GovernanceActionDetailsCard = ({ {t("govActions.details")} - {typeof details === "object" && details !== null ? ( - Object.entries(details).map(([key, value]) => { - return ( -
- {} -
- ); - }) - ) : ( + - {details} + {JSON.stringify(details, null, 1)} - )} + + ); + }, [isMobile]); + + const renderContinueButton = useMemo(() => { + return ( + + ); + }, [isMobile]); + + return ( + = 768 ? "center" : "inherit", + marginTop: screenWidth < 1440 ? "97px" : "137px", + display: screenWidth < 1440 ? "flex" : "grid", + ...(screenWidth < 1440 && { + flexDirection: "column", + }), + ...(screenWidth >= 1440 && { gridTemplateColumns: "1fr auto 1fr" }), + }} + > + {isMobile && ( + + + {title} + + + )} + + + + {t("backToDashboard")} + + + 768 ? 600 : undefined} + px={isMobile ? 2 : 18.75} + pt={isMobile ? 6 : 10} + pb={3} + sx={sx} + > + + {children} + + + {isMobile ? renderContinueButton : renderBackButton} + + {isMobile ? renderBackButton : renderContinueButton} + + + + ); +}; diff --git a/govtool/frontend/src/components/organisms/RegisterAsdRepStepOne.tsx b/govtool/frontend/src/components/organisms/RegisterAsdRepStepOne.tsx index a67efe9b0..e9cf6e093 100644 --- a/govtool/frontend/src/components/organisms/RegisterAsdRepStepOne.tsx +++ b/govtool/frontend/src/components/organisms/RegisterAsdRepStepOne.tsx @@ -1,139 +1,61 @@ -import { Dispatch, SetStateAction, useMemo } from "react"; -import { useNavigate } from "react-router-dom"; -import { Box, Link } from "@mui/material"; +import { Dispatch, SetStateAction, useCallback } from "react"; +import { Trans } from "react-i18next"; +import { Link } from "@mui/material"; -import { Button, Spacer, Typography } from "@atoms"; -import { PATHS } from "@consts"; +import { Typography } from "@atoms"; +import { useScreenDimension, useTranslation } from "@hooks"; import { - useScreenDimension, - useRegisterAsdRepFormContext, - useTranslation, -} from "@hooks"; -import { theme } from "@/theme"; -import { openInNewTab } from "@utils"; + correctAdaFormat, + getItemFromLocalStorage, + openInNewTab, + PROTOCOL_PARAMS_KEY, +} from "@utils"; -import { ControlledField } from "."; +import { BgCard } from "."; -interface Props { +export const RegisterAsdRepStepOne = ({ + setStep, +}: { setStep: Dispatch>; -} - -export const RegisterAsdRepStepOne = ({ setStep }: Props) => { - const navigate = useNavigate(); +}) => { const { t } = useTranslation(); - const { - palette: { boxShadow2 }, - } = theme; - const { isMobile, pagePadding, screenWidth } = useScreenDimension(); - const { control, errors, isValid, showSubmitButton } = - useRegisterAsdRepFormContext(); + const { isMobile } = useScreenDimension(); - const renderCancelButton = useMemo(() => { - return ( - - ); - }, [isMobile]); + const deposit = getItemFromLocalStorage(PROTOCOL_PARAMS_KEY); - const renderConfirmButton = useMemo(() => { - return ( - - ); - }, [isMobile, isValid, showSubmitButton]); + const onClickContinue = useCallback(() => setStep(2), [setStep]); return ( - - - - {t("registration.optional")} - - - {t("registration.headingStepOne")} - - - {t("registration.descriptionStepOne")} - - - - - - openInNewTab( - "https://docs.sanchogov.tools/faqs/how-to-create-a-metadata-anchor" - ) - } - alignSelf={"center"} - mt={5} - sx={{ cursor: "pointer" }} - > - - {t("forms.howCreateUrlAndHash")} - - - - + {t("registration.rolesAndResponsibilitiesTitle")} + + - {isMobile ? renderConfirmButton : renderCancelButton} - - {isMobile ? renderCancelButton : renderConfirmButton} - - + openInNewTab("https://sancho.network/")} + sx={{ cursor: "pointer" }} + />, + ]} + i18nKey={"registration.rolesAndResponsibilitiesDescription"} + values={{ deposit: correctAdaFormat(deposit) }} + /> + + ); }; diff --git a/govtool/frontend/src/components/organisms/index.ts b/govtool/frontend/src/components/organisms/index.ts index 8378c5d10..63712a617 100644 --- a/govtool/frontend/src/components/organisms/index.ts +++ b/govtool/frontend/src/components/organisms/index.ts @@ -1,3 +1,4 @@ +export * from "./BgCard"; export * from "./ChooseStakeKeyPanel"; export * from "./ChooseWalletModal"; export * from "./DashboardCards"; diff --git a/govtool/frontend/src/components/organisms/types.ts b/govtool/frontend/src/components/organisms/types.ts new file mode 100644 index 000000000..36adf5698 --- /dev/null +++ b/govtool/frontend/src/components/organisms/types.ts @@ -0,0 +1,10 @@ +import { SxProps } from "@mui/material"; + +export type BgCardProps = { + actionButtonLabel: string; + children: React.ReactNode; + onClickBackButton?: () => void; + onClickActionButton: () => void; + sx?: SxProps; + title: string; +}; diff --git a/govtool/frontend/src/i18n/locales/en.ts b/govtool/frontend/src/i18n/locales/en.ts index aa6a71f3e..511b8211d 100644 --- a/govtool/frontend/src/i18n/locales/en.ts +++ b/govtool/frontend/src/i18n/locales/en.ts @@ -269,15 +269,15 @@ export const en = { }, }, registration: { - descriptionStepOne: - "You can include extra information about yourself by adding a URL and its hash.", + rolesAndResponsibilitiesTitle: "Roles & Responsibilities", + rolesAndResponsibilitiesDescription: + "DReps are fundamental users that govern the Cardano network. This is an important role which requires work and dedication to fulfil.\n\nA DRep is expected to actively participate in governance and act as a representative of other Cardano members in governance matters. Therefore, DReps will be expected to keep abreast of Governance Actions so they can make informed and wise decisions.\n<0>Learn More about DRep.\n\nPlease register as a DRep if you have time to dedicate to making Cardano a better and more well-governed place.\n\nBecoming a DRep will require a refundable deposit of ₳{{deposit}}.\n\nYou will be refunded your deposit when you retire.", descriptionStepTwo: "By clicking register you create your DRep ID within your wallet and become a DRep.\n\nOnce the registration has completed your DRep ID will be shown on your dashboard. You will be able to share your DRep ID so that other ada holders can delegate their voting power to you.", - headingStepOne: "Add Information", headingStepTwo: "Confirm DRep registration", optional: "OPTIONAL", register: "Register", - registerAsDRep: "Register as a DRep", + becomeADRep: "Become a DRep", }, slider: { showAll: "Show all", @@ -355,6 +355,7 @@ export const en = { }, abstain: "Abstain", back: "Back", + backToDashboard: "Back to dashboard", backToList: "Back to the list", cancel: "Cancel", clear: "Clear", diff --git a/govtool/frontend/src/pages/RegisterAsdRep.tsx b/govtool/frontend/src/pages/RegisterAsdRep.tsx index 79e3b1c88..ad5332273 100644 --- a/govtool/frontend/src/pages/RegisterAsdRep.tsx +++ b/govtool/frontend/src/pages/RegisterAsdRep.tsx @@ -37,25 +37,17 @@ export const RegisterAsdRep = () => { return ( - + - - - {step === 1 && } - {step === 2 && } - - + + {step === 1 && } + {step === 2 && } + {isMobile &&