Rearchitect and dockerize project for CloudRun (#80)

gchristov · Aug 12, 2023 · 865a476 · 865a476
1 parent e60f9ca
commit 865a476
Show file tree

Hide file tree

Showing 94 changed files with 1,854 additions and 2,157 deletions.
diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml
@@ -1,18 +1,20 @@
-name: Check Build
+name: PR Checks
 
 on:
   pull_request:
     branches: [ master ]
 
 env:
+  # Required for CI workflow
   JAVA_VERSION: "15"
+  JAVA_DISTRIBUTION: "zulu"
+  # Required for build
   FIREBASE_API_KEY: ${{ secrets.FIREBASE_API_KEY }}
   FIREBASE_AUTH_DOMAIN: ${{ secrets.FIREBASE_AUTH_DOMAIN }}
   FIREBASE_PROJECT_ID: ${{ secrets.FIREBASE_PROJECT_ID }}
   FIREBASE_STORAGE_BUCKET: ${{ secrets.FIREBASE_STORAGE_BUCKET }}
   FIREBASE_GCM_SENDER_ID: ${{ secrets.FIREBASE_GCM_SENDER_ID }}
   FIREBASE_APPLICATION_ID: ${{ secrets.FIREBASE_APPLICATION_ID }}
-  GCP_SA_KEY: ${{ secrets.GCP_SA_KEY }}
   SLACK_SIGNING_SECRET: ${{ secrets.SLACK_SIGNING_SECRET }}
   SLACK_REQUEST_VERIFICATION_ENABLED: ${{ secrets.SLACK_REQUEST_VERIFICATION_ENABLED }}
   SLACK_CLIENT_ID: ${{ secrets.SLACK_CLIENT_ID }}
@@ -30,32 +32,24 @@ jobs:
     steps:
       - name: Checkout
         uses: actions/checkout@v3
-      - name: Setup Java
+      - name: Set up Java
         uses: actions/setup-java@v3
         with:
-          distribution: 'zulu'
+          distribution: ${{ env.JAVA_DISTRIBUTION }}
           java-version: ${{ env.JAVA_VERSION }}
-      - name: Gradle cache
-        uses: gradle/gradle-build-action@v2
-      - name: KMP cache
-        uses: actions/cache@v3
-        id: konan-js-build
-        with:
-          path: '~/.konan/**'
-          key: konan-js-build
-      - name: Compile Javascript app
+      - name: Set up Gradle cache
+        uses: gradle/gradle-build-action@v2 # By default, cache is only saved on the 'master' branch
+      - name: Build
         run: |
-          set -o pipefail && bash ./scripts/env.sh && bash ./scripts/build.sh
-      - name: Save artifacts
+          set -o pipefail && 
+          bash ./scripts/env.sh && 
+          ./gradlew --no-daemon assemble
+      - name: Artifacts
         uses: actions/upload-artifact@v3
         with:
-          name: Javascript build
+          name: Build
           path: |
-            build/productionBackend/*.json
-            build/productionBackend/*.ts
-            build/productionBackend/*.js
-            build/productionBackend/*.map
-            build/productionWeb
+            build/bin
             local.properties
 
   jsTest:
@@ -66,33 +60,27 @@ jobs:
     steps:
       - name: Checkout
         uses: actions/checkout@v3
-      - name: Setup Java
+      - name: Set up Java
         uses: actions/setup-java@v3
         with:
-          distribution: 'zulu'
+          distribution: ${{ env.JAVA_DISTRIBUTION }}
           java-version: ${{ env.JAVA_VERSION }}
-      - name: Gradle cache
+      - name: Set up Gradle cache
         uses: gradle/gradle-build-action@v2
-      - name: KMP cache
-        uses: actions/cache@v3
-        id: konan-js-test
-        with:
-          path: '~/.konan/**'
-          key: konan-js-test
-      - name: Run Javascript tests
+      - name: Test
         run: |
-          set -o pipefail && bash ./scripts/env.sh && ./gradlew --continue jsNodeTest
-      # Always run this job even if the previous steps fail to collect all test reports
-      - name: Generate Javascript test report
+          set -o pipefail && 
+          bash ./scripts/env.sh && 
+          ./gradlew --no-daemon --continue jsNodeTest
+      - name: Generate test report
         uses: mikepenz/action-junit-report@v3
-        if: always()
+        if: always() # Ensure all test reports are collected, even after errors
         with:
           report_paths: '**/build/test-results/**/TEST-*.xml'
           check_name: 'jsTestResults'
-      # Always run this job even if the previous steps fail to collect all artifacts
-      - name: Save artifacts
+      - name: Artifacts
         uses: actions/upload-artifact@v3
-        if: always()
+        if: always() # Ensure all artifacts are collected, even after errors
         with:
-          name: Javascript test results
+          name: Tests
           path: '**/build/test-results/**/TEST-*.xml'
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -1,18 +1,27 @@
-name: Deploy Build
+name: Deployment
 
 on:
   push:
     branches: [ master ]
 
 env:
+  # Required for CI workflow
   JAVA_VERSION: "15"
+  JAVA_DISTRIBUTION: "zulu"
+  GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT }}
+  GCP_SA_KEY: ${{ secrets.GCP_SA_KEY }}
+  GCP_SERVICE: cloudrun-test
+  GCP_REGION: us-west1
+  GCP_REPOSITORY: cloudrun-test-repo
+  GCP_REPOSITORY_FORMAT: docker
+  GCP_REPOSITORY_IMAGE: cloudrun-test-image
+  # Required for build
   FIREBASE_API_KEY: ${{ secrets.FIREBASE_API_KEY }}
   FIREBASE_AUTH_DOMAIN: ${{ secrets.FIREBASE_AUTH_DOMAIN }}
   FIREBASE_PROJECT_ID: ${{ secrets.FIREBASE_PROJECT_ID }}
   FIREBASE_STORAGE_BUCKET: ${{ secrets.FIREBASE_STORAGE_BUCKET }}
   FIREBASE_GCM_SENDER_ID: ${{ secrets.FIREBASE_GCM_SENDER_ID }}
   FIREBASE_APPLICATION_ID: ${{ secrets.FIREBASE_APPLICATION_ID }}
-  GCP_SA_KEY: ${{ secrets.GCP_SA_KEY }}
   SLACK_SIGNING_SECRET: ${{ secrets.SLACK_SIGNING_SECRET }}
   SLACK_REQUEST_VERIFICATION_ENABLED: ${{ secrets.SLACK_REQUEST_VERIFICATION_ENABLED }}
   SLACK_CLIENT_ID: ${{ secrets.SLACK_CLIENT_ID }}
@@ -30,41 +39,67 @@ jobs:
     steps:
       - name: Checkout
         uses: actions/checkout@v3
-      - name: Setup Java
+      - name: Set up Java
         uses: actions/setup-java@v3
         with:
-          distribution: 'zulu'
+          distribution: ${{ env.JAVA_DISTRIBUTION }}
           java-version: ${{ env.JAVA_VERSION }}
-      - name: Gradle cache
-        uses: gradle/gradle-build-action@v2
-      - name: KMP cache
-        uses: actions/cache@v3
-        id: konan-js-deploy
-        with:
-          path: '~/.konan/**'
-          key: konan-js-deploy
-      - name: Compile Javascript app
+      - name: Set up Gradle cache
+        uses: gradle/gradle-build-action@v2 # By default, cache is only saved on the 'master' branch
+      - name: Build
         run: |
-          set -o pipefail && bash ./scripts/env.sh && bash ./scripts/build.sh
-      - name: Deploy to Firebase
-        uses: w9jds/firebase-action@master
-        with:
-          args: deploy -f
-        env:
-          GCP_SA_KEY: ${{ secrets.GCP_SA_KEY }}
-      - name: Save artifacts
+          set -o pipefail && 
+          bash ./scripts/env.sh && 
+          ./gradlew --no-daemon assemble
+      - name: Artifacts
         uses: actions/upload-artifact@v3
         with:
-          name: Javascript deploy
+          name: Build
           path: |
-            build/productionBackend/*.json
-            build/productionBackend/*.ts
-            build/productionBackend/*.js
-            build/productionBackend/*.map
-            build/productionWeb
-            firebase-debug.log*
-            firebase-debug.*.log
+            build/bin
             local.properties
+      - name: Set up deploy environment
+        run: |
+          GCP_BUILD_TAG="${{ env.GCP_REGION }}-docker.pkg.dev/${{ env.GCP_PROJECT_ID }}/${{ env.GCP_REPOSITORY }}/${{ env.GCP_REPOSITORY_IMAGE }}"
+          echo "GCP_BUILD_TAG=$GCP_BUILD_TAG" >> $GITHUB_ENV
+      - name: Set up deploy authentication
+        uses: google-github-actions/[email protected]
+        with:
+          credentials_json: ${{ env.GCP_SA_KEY }}
+      - name: Set up deploy cli
+        uses: google-github-actions/[email protected]
+        with:
+          project_id: ${{ env.GCP_PROJECT_ID }}
+      - name: Set up container storage
+        run: |-
+          if [ "$(gcloud artifacts repositories describe ${{ env.GCP_REPOSITORY }} --location=${{ env.GCP_REGION }} >&/dev/null ; echo $?)" -ne 0 ]; then
+            echo "Creating new artifact registry repository"
+            gcloud artifacts repositories create ${{ env.GCP_REPOSITORY }} --location=${{ env.GCP_REGION }} --repository-format=${{ env.GCP_REPOSITORY_FORMAT }}  
+          else
+            echo "Artifact registry repository already exists"
+          fi
+      - name: Build and push container image
+        run: |-
+          gcloud auth configure-docker ${{ env.GCP_REGION }}-docker.pkg.dev
+          docker build -t $GCP_BUILD_TAG .
+          docker push $GCP_BUILD_TAG
+      - name: Deploy
+        id: deployment
+        uses: google-github-actions/[email protected]
+        with:
+          service: ${{ env.GCP_SERVICE }}
+          image: ${{ env.GCP_BUILD_TAG }}
+          region: ${{ env.GCP_REGION }}
+      - name: Allow public access
+        run: |
+          gcloud run services add-iam-policy-binding ${{ env.GCP_SERVICE }} \
+            --platform managed \
+            --region ${{ env.GCP_REGION }} \
+            --member=allUsers \
+            --role=roles/run.invoker
+      - name: Deploy output
+        run: |-
+          echo "Service available at: ${{ steps.deployment.outputs.url }}"
 
   jsTest:
     runs-on: ubuntu-20.04
@@ -74,33 +109,27 @@ jobs:
     steps:
       - name: Checkout
         uses: actions/checkout@v3
-      - name: Setup Java
+      - name: Set up Java
         uses: actions/setup-java@v3
         with:
-          distribution: 'zulu'
+          distribution: ${{ env.JAVA_DISTRIBUTION }}
           java-version: ${{ env.JAVA_VERSION }}
-      - name: Gradle cache
+      - name: Set up Gradle cache
         uses: gradle/gradle-build-action@v2
-      - name: KMP cache
-        uses: actions/cache@v3
-        id: konan-js-test
-        with:
-          path: '~/.konan/**'
-          key: konan-js-test
-      - name: Javascript tests
+      - name: Test
         run: |
-          set -o pipefail && bash ./scripts/env.sh && ./gradlew --continue jsNodeTest
-      # Always run this job even if the previous steps fail to collect all test reports
-      - name: Generate Javascript test report
+          set -o pipefail && 
+          bash ./scripts/env.sh && 
+          ./gradlew --no-daemon --continue jsNodeTest
+      - name: Generate test report
         uses: mikepenz/action-junit-report@v3
-        if: always()
+        if: always() # Ensure all test reports are collected, even after errors
         with:
           report_paths: '**/build/test-results/**/TEST-*.xml'
           check_name: 'jsTestResults'
-      # Always run this job even if the previous steps fail to collect all artifacts
-      - name: Save artifacts
+      - name: Artifacts
         uses: actions/upload-artifact@v3
-        if: always()
+        if: always() # Ensure all artifacts are collected, even after errors
         with:
-          name: Javascript test results
+          name: Tests
           path: '**/build/test-results/**/TEST-*.xml'
diff --git a/.gitignore b/.gitignore
@@ -59,4 +59,6 @@ node_modules/
 .firebase/
 firebase-debug.log*
 firebase-debug.*.log*
+
 local.properties
+local-credentials-pubsub.json
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,11 @@
+# Step 1: Install Node.js dependencies
+FROM node:16-slim AS npm
+WORKDIR /app
+COPY /build/bin/package.json ./bin/
+RUN npm install --prefix ./bin/ --only=production
+COPY /build/bin/. ./bin/
+
+# Step 2: Run binaries
+FROM npm AS run
+WORKDIR ./bin/
+CMD [ "node", "thecodinglove-kmp-appBackend.js" ]
diff --git a/README.md b/README.md
@@ -7,4 +7,10 @@ firebase init emulators
 
 [Slack API test hub](https://requestbin.com/r/eny6fd4lflem/2LzxvzhVXCw7p02t82zfRXkAvdF)
 
-Serve local content to the web - `ssh -R 80:localhost:5000 serveo.net`
+Serve local content to the web - `ssh -R codinglove.serveo.net:80:localhost:3000 serveo.net`
+
+[KotlinJS NodeJS example](https://github.com/wadejensen/kotlin-nodejs-example)
+
+[KotlinJS ExpressJS example](https://github.com/chrisnkrueger/kotlin-express)
+
+[KotlinJS external mappings example](https://dev.to/mpetuska/js-in-kotlinjs-c4g)
diff --git a/backend/appBackend/build.gradle.kts b/backend/appBackend/build.gradle.kts
@@ -14,14 +14,25 @@ kotlin {
                 // not supported out of the box or through the npm-publish plugin and causes "module
                 // not found" errors. As a workaround, all NPM dependencies will be listed here,
                 // making them available to all submodules.
-                implementation(npm(Deps.Google.firebase.name, Deps.Google.firebase.version))
-                implementation(npm(Deps.Google.firebaseAdmin.name, Deps.Google.firebaseAdmin.version))
-                implementation(npm(Deps.Google.firebaseFunctions.name, Deps.Google.firebaseFunctions.version))
                 implementation(npm(Deps.Google.pubSub.name, Deps.Google.pubSub.version))
                 implementation(npm(Deps.Node.htmlParser.name, Deps.Node.htmlParser.version))
                 implementation(npm(Deps.Node.express.name, Deps.Node.express.version))
                 implementation(npm(Deps.Node.jsJoda.name, Deps.Node.jsJoda.version))
             }
         }
     }
+}
+
+// Copy the output binaries to their final destination
+tasks.named("assemble") {
+    doLast {
+        copy {
+            from(file("$buildDir/productionLibrary"))
+            into(file("$rootDir/build/bin"))
+        }
+        copy {
+            from(file("$rootDir/local-credentials-pubsub.json"))
+            into(file("$rootDir/build/bin"))
+        }
+    }
 }