diff --git a/.github/workflows/build-services.yml b/.github/workflows/build-services.yml index b5d8eac..4f6e471 100644 --- a/.github/workflows/build-services.yml +++ b/.github/workflows/build-services.yml @@ -36,12 +36,12 @@ jobs: - name: Checkout if: ${{ steps.check_state.outputs.initial_deploy_state == 'disabled_manually' }} - uses: actions/checkout@v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd with: ref: ${{ steps.setvars.outputs.environment }} - name: Get next version - uses: reecetech/version-increment@2023.9.3 + uses: reecetech/version-increment@a29aa752dc3b8118a2dc2ed93faf0e95a73a9c7e if: ${{ steps.check_state.outputs.initial_deploy_state == 'disabled_manually' }} id: version with: @@ -49,14 +49,14 @@ jobs: increment: patch - name: Create Release branch - uses: JamesIves/github-pages-deploy-action@v4 + uses: JamesIves/github-pages-deploy-action@d92aa235d04922e8f08b40ce78cc5442fcfbfa2f if: ${{ steps.check_state.outputs.initial_deploy_state == 'disabled_manually' }} with: branch: release-${{ steps.setvars.outputs.environment }} # The branch the action should deploy to. folder: . # The folder the action should deploy. - name: Checkout Release branch - uses: actions/checkout@v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd if: ${{ steps.check_state.outputs.initial_deploy_state == 'disabled_manually' }} with: ref: release-${{ steps.setvars.outputs.environment }} @@ -80,7 +80,7 @@ jobs: git push - name: Create release - uses: "actions/github-script@v6" + uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd if: ${{ steps.check_state.outputs.initial_deploy_state == 'disabled_manually' }} env: VERSION: ${{ steps.version.outputs.version }} @@ -160,7 +160,7 @@ jobs: --data @payload.json \ https://app.terraform.io/api/v2/vars - - uses: hashicorp/tfc-workflows-github/actions/upload-configuration@v1.1.1 + - uses: hashicorp/tfc-workflows-github/actions/upload-configuration@8e08d1ba957673f5fbf971a22b3219639dc45661 id: upload if: ${{ steps.check_state.outputs.initial_deploy_state == 'disabled_manually' }} with: @@ -168,7 +168,7 @@ jobs: directory: release - name: Create Apply Run - uses: hashicorp/tfc-workflows-github/actions/create-run@v1.1.1 + uses: hashicorp/tfc-workflows-github/actions/create-run@8e08d1ba957673f5fbf971a22b3219639dc45661 id: apply-run if: ${{ steps.check_state.outputs.initial_deploy_state == 'disabled_manually' }} with: diff --git a/.github/workflows/initial-deploy.yml b/.github/workflows/initial-deploy.yml index f8e7673..6aeafef 100644 --- a/.github/workflows/initial-deploy.yml +++ b/.github/workflows/initial-deploy.yml @@ -15,23 +15,34 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - name: Get next version - uses: reecetech/version-increment@2023.9.3 + uses: reecetech/version-increment@a29aa752dc3b8118a2dc2ed93faf0e95a73a9c7e id: version with: scheme: calver increment: patch + - name: Lookup Project ID + id: lookup_project_id + run: | + curl \ + --header "Authorization: Bearer ${{ secrets.TFE_TOKEN }}" \ + --header "Content-Type: application/vnd.api+json" \ + --request GET \ + --output project_output.txt \ + https://app.terraform.io/api/v2/organizations/${{ github.repository_owner }}/projects + echo "project_id=$(jq -r --arg name '${{ vars.TFE_PROJECT }}' '.data[] | select(.attributes.name | test($name; "i")) | .id' project_output.txt)" >> $GITHUB_OUTPUT + - name: Create Release branch - uses: JamesIves/github-pages-deploy-action@v4 + uses: JamesIves/github-pages-deploy-action@d92aa235d04922e8f08b40ce78cc5442fcfbfa2f with: branch: release # The branch the action should deploy to. folder: . # The folder the action should deploy. - name: Checkout Release branch - uses: actions/checkout@v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd with: ref: release path: release @@ -54,25 +65,33 @@ jobs: - name: Create workspace id: create_workspace_dev run: | - cat > payload.json <> $GITHUB_OUTPUT + cat > payload.json <> $GITHUB_OUTPUT - name: Create workspace id: create_workspace_prod @@ -84,7 +103,15 @@ jobs: "name": "${{ github.event.repository.name }}-prod", "auto-apply": "true" }, - "type": "workspaces" + "type": "workspaces", + "relationships": { + "project": { + "data": { + "type": "projects", + "id": "${{ steps.lookup_project_id.outputs.project_id }}" + } + } + } } } EOF @@ -282,7 +309,7 @@ jobs: https://app.terraform.io/api/v2/vars - name: Create release - uses: "actions/github-script@v6" + uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd env: VERSION: ${{ steps.version.outputs.version }} with: @@ -305,20 +332,20 @@ jobs: core.setFailed(error.message); } - - uses: hashicorp/tfc-workflows-github/actions/upload-configuration@v1.1.1 + - uses: hashicorp/tfc-workflows-github/actions/upload-configuration@8e08d1ba957673f5fbf971a22b3219639dc45661 id: upload_dev with: workspace: ${{ github.event.repository.name }}-dev directory: release - - uses: hashicorp/tfc-workflows-github/actions/upload-configuration@v1.1.1 + - uses: hashicorp/tfc-workflows-github/actions/upload-configuration@8e08d1ba957673f5fbf971a22b3219639dc45661 id: upload_prod with: workspace: ${{ github.event.repository.name }}-prod directory: release - name: Create Apply Run dev - uses: hashicorp/tfc-workflows-github/actions/create-run@v1.1.1 + uses: hashicorp/tfc-workflows-github/actions/create-run@8e08d1ba957673f5fbf971a22b3219639dc45661 id: apply-run-dev if: success() || failure() with: @@ -327,7 +354,7 @@ jobs: plan_only: false - name: Create Apply Run prod - uses: hashicorp/tfc-workflows-github/actions/create-run@v1.1.1 + uses: hashicorp/tfc-workflows-github/actions/create-run@8e08d1ba957673f5fbf971a22b3219639dc45661 id: apply-run-prod if: success() || failure() with: diff --git a/README.md b/README.md index cc1b312..72b1641 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,2 @@ # pulse-graphql -GraphQL project repo +GraphQL project repo \ No newline at end of file diff --git a/cloudflare.tf b/cloudflare.tf index 358350c..9bdbd82 100644 --- a/cloudflare.tf +++ b/cloudflare.tf @@ -1,16 +1,19 @@ -resource "cloudflare_workers_domain" "project_domain" { +resource "cloudflare_workers_custom_domain" "project_domain" { account_id = var.cloudflare_account_id hostname = "${var.project_name}.${var.environment}.${var.domain}" - service = "${var.project_name}-${var.environment}" + service = cloudflare_workers_script.project_script.script_name zone_id = var.cloudflare_zone_id - - depends_on = [cloudflare_workers_script.project_script] } resource "cloudflare_workers_route" "project_route" { - zone_id = var.cloudflare_zone_id - pattern = "${var.project_name}.${var.environment}.${var.domain}/*" - script_name = cloudflare_workers_script.project_script.name + zone_id = var.cloudflare_zone_id + pattern = "${var.project_name}.${var.environment}.${var.domain}/*" + script = cloudflare_workers_script.project_script.script_name +} + +resource "cloudflare_r2_bucket" "schemas_bucket" { + account_id = var.cloudflare_account_id + name = "schemas-pulsedb-${var.environment}" } resource "null_resource" "project_id" { @@ -33,70 +36,73 @@ data "local_file" "load_project_id" { resource "cloudflare_workers_script" "project_script" { account_id = var.cloudflare_account_id - name = "${var.project_name}-${var.environment}" - content = file("${path.module}/dist/index.mjs") + script_name = "${var.project_name}-${var.environment}" + content_file = "${path.module}/dist/index.mjs" + content_sha256 = filesha256("${path.module}/dist/index.mjs") compatibility_date = "2023-08-28" - module = true - - plain_text_binding { - name = "CORS_DOMAINS" - text = var.ALLOWED_HOSTS - } - - plain_text_binding { - name = "ENVIRONMENT" - text = var.environment - } - - plain_text_binding { - name = "GCP_LOGGING_PROJECT_ID" - text = var.GCP_LOGGING_PROJECT_ID - } - - plain_text_binding { - name = "LOG_NAME" - text = "${var.project_name}_${var.environment}_worker_log" - } - - r2_bucket_binding { - name = "SCHEMAS_BUCKET" - bucket_name = "schemas-pulsedb-${var.environment}" - } - - plain_text_binding { - name = "PULSE_DATASET" - text = "pulsedb_dataset" - } - - plain_text_binding { - name = "PULSE_DATABASE_PROJECT_ID" - text = data.local_file.load_project_id.content - } - - plain_text_binding { - name = "VERSION" - text = var.VERSION - } - - secret_text_binding { - name = "GCP_LOGGING_CREDENTIALS" - text = var.GCP_LOGGING_CREDENTIALS - } - - secret_text_binding { - name = "GCP_BIGQUERY_CREDENTIALS" - text = var.GCP_BIGQUERY_CREDENTIALS - } - - secret_text_binding { - name = "GCP_USERINFO_CREDENTIALS" - text = var.GCP_USERINFO_CREDENTIALS - } - - secret_text_binding { - name = "GLOBAL_SHARED_SECRET" - text = var.GLOBAL_SHARED_SECRET - } + main_module = "index.mjs" + bindings = [ + { + name = "CORS_DOMAINS" + type = "plain_text" + text = var.ALLOWED_HOSTS + }, + { + name = "ENVIRONMENT" + type = "plain_text" + text = var.environment + }, + { + name = "GCP_LOGGING_PROJECT_ID" + type = "plain_text" + text = var.GCP_LOGGING_PROJECT_ID + }, + { + name = "LOG_NAME" + type = "plain_text" + text = "${var.project_name}_${var.environment}_worker_log" + }, + { + name = "SCHEMAS_BUCKET" + type = "r2_bucket" + bucket_name = cloudflare_r2_bucket.schemas_bucket.name + }, + { + name = "PULSE_DATASET" + type = "plain_text" + text = "pulsedb_dataset" + }, + { + name = "PULSE_DATABASE_PROJECT_ID" + type = "plain_text" + text = data.local_file.load_project_id.content + }, + { + name = "VERSION" + type = "plain_text" + text = var.VERSION + }, + { + name = "GCP_LOGGING_CREDENTIALS" + type = "secret_text" + text = var.GCP_LOGGING_CREDENTIALS + }, + { + name = "GCP_BIGQUERY_CREDENTIALS" + type = "secret_text" + text = var.GCP_BIGQUERY_CREDENTIALS + }, + { + name = "GCP_USERINFO_CREDENTIALS" + type = "secret_text" + text = var.GCP_USERINFO_CREDENTIALS + }, + { + name = "GLOBAL_SHARED_SECRET" + type = "secret_text" + text = var.GLOBAL_SHARED_SECRET + } + ] - depends_on = [ data.local_file.load_project_id ] + depends_on = [ data.local_file.load_project_id, cloudflare_r2_bucket.schemas_bucket ] } diff --git a/terraform.tf b/terraform.tf index ff06031..2436c09 100644 --- a/terraform.tf +++ b/terraform.tf @@ -2,11 +2,11 @@ terraform { required_providers { cloudflare = { source = "cloudflare/cloudflare" - version = "~> 4.0" + version = "~> 5.0" } } } provider "cloudflare" { - api_token = "${var.cloudflare_token}" + api_token = var.cloudflare_token }