From eff4b56f13534a7fd758c67acef67460a6b4a23b Mon Sep 17 00:00:00 2001 From: estafons Date: Thu, 3 Oct 2024 16:12:35 +0300 Subject: [PATCH 01/13] cd/cd: add deployment --- .github/templates/.env.j2 | 92 +++++++++++++++++++++++++++++ .github/templates/wg0.j2 | 10 ++++ .github/workflows/deploy.yml | 109 +++++++++++++++++++++++++++++++++++ 3 files changed, 211 insertions(+) create mode 100644 .github/templates/.env.j2 create mode 100644 .github/templates/wg0.j2 create mode 100644 .github/workflows/deploy.yml diff --git a/.github/templates/.env.j2 b/.github/templates/.env.j2 new file mode 100644 index 00000000..817f18c6 --- /dev/null +++ b/.github/templates/.env.j2 @@ -0,0 +1,92 @@ +APP_NAME="Crowdsourcing platform | Let's crowdsource our future" +APP_ENV=production +APP_KEY={{ APP_KEY }} +APP_DEBUG=true +DEBUGBAR_ENABLED=false +APP_LOG_LEVEL=debug +APP_URL=http://localhost +APP_VERSION=v5.0 +GOOGLE_MAPS_KEY= + +DB_CONNECTION=mysql +DB_HOST=127.0.0.1 +DB_PORT=3306 +DB_DATABASE={{ DB_NAME }} +DB_USERNAME={{ DB_USER }} +DB_PASSWORD={{ DB_PASSWORD }} + +BROADCAST_DRIVER=redis +CACHE_DRIVER=file +QUEUE_CONNECTION=redis +SESSION_DRIVER=file +SESSION_LIFETIME=120 + +REDIS_CLIENT=predis +REDIS_HOST=127.0.0.1 +REDIS_PASSWORD=null +REDIS_PORT=6379 +REDIS_PREFIX=crowdsourcing_ + +MAIL_FROM_ADDRESS=example@example.com +MAIL_FROM_NAME=Crowdsourcing_Platform +MAIL_MAILER=smtp +MAIL_HOST=smtp.mailtrap.io +MAIL_PORT=2525 +MAIL_USERNAME= +MAIL_PASSWORD= +MAIL_ENCRYPTION=null + +PUSHER_APP_ID= +PUSHER_APP_KEY= +PUSHER_APP_SECRET= +PUSHER_APP_CLUSTER=mt1 + +PERSONAL_CLIENT_ID=1 +PERSONAL_CLIENT_SECRET= +PASSWORD_CLIENT_ID=2 +PASSWORD_CLIENT_SECRET= + +FACEBOOK_CLIENT_ID= +FACEBOOK_CLIENT_SECRET= + +TWITTER_CLIENT_ID= +TWITTER_CLIENT_SECRET= + +GOOGLE_CLIENT_ID= +GOOGLE_CLIENT_SECRET= + +MICROSOFT_CLIENT_ID= +MICROSOFT_CLIENT_SECRET= + +LINKEDIN_CLIENT_ID= +LINKEDIN_CLIENT_SECRET= + +DEFAULT_ADMIN_USER_PASSWORD_FOR_SEED=12345678 + +GOOGLE_TRANSLATE_KEY= + +# MAILCHIMP INTEGRATION +MAILCHIMP_API_KEY= + +# SENTRY DSN +SENTRY_LARAVEL_DSN= +SENTRY_TRACES_SAMPLE_RATE=1.0 +VITE_SENTRY_DSN_PUBLIC="${SENTRY_LARAVEL_DSN}" + +# GOOGLE ANALYTICS ID +GA_ID=YOUR_ANALYTICS_ID +GOOGLE_TAG_MANAGER_ID=GTM-123 + +VITE_APP_URL="${APP_URL}" +USERWAY_ID= + +# Installation variables +INSTALLATION_RESOURCES_DIR=together +INSTALLATION_COMPANY_NAME="company name here" +INSTALLATION_COMPANY_ADDRESS="address" +INSTALLATION_COMPANY_PHONE="+123" +INSTALLATION_COMPANY_EMAIL="info(at)company.org" + +# Newsletter variables +NEWSLETTER_LIST_ID_NEWSLETTER=# this should come from the mailchimp_lists DB table +NEWSLETTER_LIST_ID_NEWSLETTER_REGISTERED_USERS=# this should come from the mailchimp_lists DB table \ No newline at end of file diff --git a/.github/templates/wg0.j2 b/.github/templates/wg0.j2 new file mode 100644 index 00000000..77d437d8 --- /dev/null +++ b/.github/templates/wg0.j2 @@ -0,0 +1,10 @@ +[Interface] +Address = 10.10.0.19/32 +ListenPort = 48123 +PrivateKey = {{ WIREGUARD_PRIVATE_KEY }} + +[Peer] +PublicKey = {{ VPN_SERVER_PUBLIC_KEY }} +AllowedIPs = 10.10.0.0/24 +Endpoint = pegasus.scify.org:1194 +PersistentKeepalive = 25 \ No newline at end of file diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml new file mode 100644 index 00000000..ed5cf034 --- /dev/null +++ b/.github/workflows/deploy.yml @@ -0,0 +1,109 @@ +name: Deploy to Production + +on: + workflow_dispatch: + push: + + branches: + + - staging_sec_data + +env: + PHP_VERSION: '8.2' + SERVER_HOSTNAME: 'staging.scify.org' + REMOTE_USER: 'project_crowdsourcing_sec_data' + PROJECT_URL: 'crowcrowdsourcing-ecas.staging.scify.org' + +jobs: + deploy: + runs-on: ubuntu-latest + steps: + + - name: Checkout repo + uses: actions/checkout@v3.2.0 + + - name: Install wireguard + run: sudo apt install wireguard + + - name: Create wg0 file + uses: cuchi/jinja2-action@v1.2.0 + with: + template: .github/templates/wg0.j2 + output_file: wg0.conf + variables: | + WIREGUARD_PRIVATE_KEY=${{ secrets.WIREGUARD_PRIVATE_KEY }} + VPN_SERVER_PUBLIC_KEY=${{ secrets.VPN_SERVER_PUBLIC_KEY }} + + + + - name: Move wg0.conf to /etc/wireguard + run: sudo mv wg0.conf /etc/wireguard/wg0.conf + + - name: Start wireguard + run: sudo wg-quick up wg0 + + - name: Checkout repo + uses: actions/checkout@v3.2.0 + + - name: Add frodo to etc hosts + run: echo "10.10.0.100 frodo.scify.org" | sudo tee -a /etc/hosts + + - name: read password from vault + uses: hashicorp/vault-action@v2 + with: + url: https://frodo.scify.org:8200 + caCertificate: ${{ secrets.VAULT_CA_CERT }} + method: userpass + username: ${{ secrets.VAULT_USER }} + password: ${{ secrets.VAULT_PASSWORD }} + secrets: | + Projects/crowdsourcing/scify-installation-together/staging_sec_data/database db_name | DB_NAME ; + Projects/crowdsourcing/scify-installation-together/staging_sec_data/database db_user | DB_USER ; + Projects/crowdsourcing/scify-installation-together/staging_sec_data/database password | DB_PASSWORD ; + + + + + - name: Create .env file + uses: cuchi/jinja2-action@v1.2.0 + with: + template: .github/templates/.env.j2 + output_file: .env + variables: | + DB_NAME=${{ secrets.DB_NAME }} + DB_USER=${{ secrets.DB_USER }} + DB_PASSWORD=${{ secrets.DB_PASSWORD }} + + + - name: Setup node + uses: actions/setup-node@v4 + with: + node-version-file: '.nvmrc' + + - name: Install node dependencies + run: npm install + + - name: Build assets + run: npm run build + + + - name: SCP files to staging server + uses: easingthemes/ssh-deploy@v3.0.1 + env: + SSH_PRIVATE_KEY: ${{ secrets.SSH_KEY_STAGING_SERVER }} + REMOTE_PORT: 222 + SOURCE: "./" + REMOTE_HOST: ${{ env.SERVER_HOSTNAME }} + REMOTE_USER: ${{ env.REMOTE_USER }} + TARGET: "/home/${{ env.REMOTE_USER }}/www/${{ env.PROJECT_URL }}" + + + - name: Run composer install on remote server + uses: appleboy/ssh-action@v1.0.3 + with: + host: ${{ env.PRODUCTION_SERVER_HOSTNAME }} + username: ${{ env.REMOTE_USER }} + key: ${{ secrets.SSH_KEY_STAGING_SERVER }} + script: | + cd /home/${{ env.REMOTE_USER }}/www/${{ env.PROJECT_URL }} + composer install --no-dev --no-interaction --no-progress --optimize-autoloader \ No newline at end of file From c1ba78dee172ca44397127b4a8c579f6fa004393 Mon Sep 17 00:00:00 2001 From: estafons Date: Thu, 3 Oct 2024 16:15:06 +0300 Subject: [PATCH 02/13] cd/cd: fix identation in yaml --- .github/workflows/deploy.yml | 87 +++++++++++++++++------------------- 1 file changed, 42 insertions(+), 45 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index ed5cf034..a9633805 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -3,9 +3,7 @@ name: Deploy to Production on: workflow_dispatch: push: - branches: - - staging_sec_data env: @@ -18,7 +16,6 @@ jobs: deploy: runs-on: ubuntu-latest steps: - - name: Checkout repo uses: actions/checkout@v3.2.0 @@ -64,46 +61,46 @@ jobs: - - name: Create .env file - uses: cuchi/jinja2-action@v1.2.0 - with: - template: .github/templates/.env.j2 - output_file: .env - variables: | - DB_NAME=${{ secrets.DB_NAME }} - DB_USER=${{ secrets.DB_USER }} - DB_PASSWORD=${{ secrets.DB_PASSWORD }} - + - name: Create .env file + uses: cuchi/jinja2-action@v1.2.0 + with: + template: .github/templates/.env.j2 + output_file: .env + variables: | + DB_NAME=${{ secrets.DB_NAME }} + DB_USER=${{ secrets.DB_USER }} + DB_PASSWORD=${{ secrets.DB_PASSWORD }} - - name: Setup node - uses: actions/setup-node@v4 - with: - node-version-file: '.nvmrc' - - - name: Install node dependencies - run: npm install - - - name: Build assets - run: npm run build - - - - name: SCP files to staging server - uses: easingthemes/ssh-deploy@v3.0.1 - env: - SSH_PRIVATE_KEY: ${{ secrets.SSH_KEY_STAGING_SERVER }} - REMOTE_PORT: 222 - SOURCE: "./" - REMOTE_HOST: ${{ env.SERVER_HOSTNAME }} - REMOTE_USER: ${{ env.REMOTE_USER }} - TARGET: "/home/${{ env.REMOTE_USER }}/www/${{ env.PROJECT_URL }}" - - - - name: Run composer install on remote server - uses: appleboy/ssh-action@v1.0.3 - with: - host: ${{ env.PRODUCTION_SERVER_HOSTNAME }} - username: ${{ env.REMOTE_USER }} - key: ${{ secrets.SSH_KEY_STAGING_SERVER }} - script: | - cd /home/${{ env.REMOTE_USER }}/www/${{ env.PROJECT_URL }} - composer install --no-dev --no-interaction --no-progress --optimize-autoloader \ No newline at end of file + + - name: Setup node + uses: actions/setup-node@v4 + with: + node-version-file: '.nvmrc' + + - name: Install node dependencies + run: npm install + + - name: Build assets + run: npm run build + + + - name: SCP files to staging server + uses: easingthemes/ssh-deploy@v3.0.1 + env: + SSH_PRIVATE_KEY: ${{ secrets.SSH_KEY_STAGING_SERVER }} + REMOTE_PORT: 222 + SOURCE: "./" + REMOTE_HOST: ${{ env.SERVER_HOSTNAME }} + REMOTE_USER: ${{ env.REMOTE_USER }} + TARGET: "/home/${{ env.REMOTE_USER }}/www/${{ env.PROJECT_URL }}" + + + - name: Run composer install on remote server + uses: appleboy/ssh-action@v1.0.3 + with: + host: ${{ env.PRODUCTION_SERVER_HOSTNAME }} + username: ${{ env.REMOTE_USER }} + key: ${{ secrets.SSH_KEY_STAGING_SERVER }} + script: | + cd /home/${{ env.REMOTE_USER }}/www/${{ env.PROJECT_URL }} + composer install --no-dev --no-interaction --no-progress --optimize-autoloader \ No newline at end of file From 02d188ff9f6b9b53736a6b8a8ba5b53686b4e4e6 Mon Sep 17 00:00:00 2001 From: estafons Date: Thu, 3 Oct 2024 16:23:36 +0300 Subject: [PATCH 03/13] ci/cd: change path of vault secrets --- .github/workflows/deploy.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index a9633805..225f9d58 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -54,9 +54,9 @@ jobs: username: ${{ secrets.VAULT_USER }} password: ${{ secrets.VAULT_PASSWORD }} secrets: | - Projects/crowdsourcing/scify-installation-together/staging_sec_data/database db_name | DB_NAME ; - Projects/crowdsourcing/scify-installation-together/staging_sec_data/database db_user | DB_USER ; - Projects/crowdsourcing/scify-installation-together/staging_sec_data/database password | DB_PASSWORD ; + Projects/crowdsourcing/staging_sec_data/database db_name | DB_NAME ; + Projects/crowdsourcingstaging_sec_data/database db_user | DB_USER ; + Projects/crowdsourcing/staging_sec_data/database password | DB_PASSWORD ; From 908ad52c19fc03fade1ab323195a6edd751a3d6e Mon Sep 17 00:00:00 2001 From: estafons Date: Thu, 3 Oct 2024 16:32:18 +0300 Subject: [PATCH 04/13] ci/cd: fix path of vault secrets --- .github/workflows/deploy.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 225f9d58..bd676cd3 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -54,9 +54,9 @@ jobs: username: ${{ secrets.VAULT_USER }} password: ${{ secrets.VAULT_PASSWORD }} secrets: | - Projects/crowdsourcing/staging_sec_data/database db_name | DB_NAME ; - Projects/crowdsourcingstaging_sec_data/database db_user | DB_USER ; - Projects/crowdsourcing/staging_sec_data/database password | DB_PASSWORD ; + Projects/data/crowdsourcing/staging_sec_data/database db_name | DB_NAME ; + Projects/data/crowdsourcingstaging_sec_data/database db_user | DB_USER ; + Projects/data/crowdsourcing/staging_sec_data/database password | DB_PASSWORD ; From 2deb22ab4683e66156519fb8334d0e12a37dbbed Mon Sep 17 00:00:00 2001 From: estafons Date: Thu, 3 Oct 2024 16:42:44 +0300 Subject: [PATCH 05/13] ci/cd: fix typo --- .github/workflows/deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index bd676cd3..e7f41828 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -55,7 +55,7 @@ jobs: password: ${{ secrets.VAULT_PASSWORD }} secrets: | Projects/data/crowdsourcing/staging_sec_data/database db_name | DB_NAME ; - Projects/data/crowdsourcingstaging_sec_data/database db_user | DB_USER ; + Projects/data/crowdsourcing/staging_sec_data/database db_user | DB_USER ; Projects/data/crowdsourcing/staging_sec_data/database password | DB_PASSWORD ; From d9609268515fc4f057d6eb18b718933915a8edc9 Mon Sep 17 00:00:00 2001 From: estafons Date: Thu, 3 Oct 2024 16:48:01 +0300 Subject: [PATCH 06/13] ci/cd: fix typo --- .github/workflows/deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index e7f41828..4f4d335a 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -98,7 +98,7 @@ jobs: - name: Run composer install on remote server uses: appleboy/ssh-action@v1.0.3 with: - host: ${{ env.PRODUCTION_SERVER_HOSTNAME }} + host: ${{ env.SERVER_HOSTNAME }} username: ${{ env.REMOTE_USER }} key: ${{ secrets.SSH_KEY_STAGING_SERVER }} script: | From 56542a5c98091d660f95c50ab016544b6823a088 Mon Sep 17 00:00:00 2001 From: estafons Date: Thu, 3 Oct 2024 16:55:10 +0300 Subject: [PATCH 07/13] ci/cd: add port on composer action --- .github/workflows/deploy.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 4f4d335a..4b901668 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -99,6 +99,7 @@ jobs: uses: appleboy/ssh-action@v1.0.3 with: host: ${{ env.SERVER_HOSTNAME }} + port: 222 username: ${{ env.REMOTE_USER }} key: ${{ secrets.SSH_KEY_STAGING_SERVER }} script: | From 957ef5a9cebe286779e846d022601d8eaf7c13a9 Mon Sep 17 00:00:00 2001 From: estafons Date: Thu, 3 Oct 2024 16:58:42 +0300 Subject: [PATCH 08/13] ci/cd: composer action, add sourcing of .profile --- .github/workflows/deploy.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 4b901668..b0c41e69 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -103,5 +103,6 @@ jobs: username: ${{ env.REMOTE_USER }} key: ${{ secrets.SSH_KEY_STAGING_SERVER }} script: | + source /home/${{ env.REMOTE_USER }}/.profile cd /home/${{ env.REMOTE_USER }}/www/${{ env.PROJECT_URL }} composer install --no-dev --no-interaction --no-progress --optimize-autoloader \ No newline at end of file From 5c33e063255b2db79c4350739f6f77b3cf5e489a Mon Sep 17 00:00:00 2001 From: estafons Date: Thu, 3 Oct 2024 17:03:19 +0300 Subject: [PATCH 09/13] ci/cd: fix path --- .github/workflows/deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index b0c41e69..65d76c83 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -10,7 +10,7 @@ env: PHP_VERSION: '8.2' SERVER_HOSTNAME: 'staging.scify.org' REMOTE_USER: 'project_crowdsourcing_sec_data' - PROJECT_URL: 'crowcrowdsourcing-ecas.staging.scify.org' + PROJECT_URL: 'crowdsourcing-ecas.staging.scify.org' jobs: deploy: From 5731cbc55c74d0ade398b4d99e24b3cd08b6ff19 Mon Sep 17 00:00:00 2001 From: estafons Date: Thu, 3 Oct 2024 17:22:39 +0300 Subject: [PATCH 10/13] ci/cd: secrets fix --- .github/templates/.env.j2 | 2 +- .github/workflows/deploy.yml | 10 ++++++---- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/.github/templates/.env.j2 b/.github/templates/.env.j2 index 817f18c6..29785ce8 100644 --- a/.github/templates/.env.j2 +++ b/.github/templates/.env.j2 @@ -1,6 +1,6 @@ APP_NAME="Crowdsourcing platform | Let's crowdsource our future" APP_ENV=production -APP_KEY={{ APP_KEY }} +APP_KEY={{ LARAVEL_STAGING_SEC_DATA_APP_KEY }} APP_DEBUG=true DEBUGBAR_ENABLED=false APP_LOG_LEVEL=debug diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 65d76c83..15af89a4 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -67,9 +67,10 @@ jobs: template: .github/templates/.env.j2 output_file: .env variables: | - DB_NAME=${{ secrets.DB_NAME }} - DB_USER=${{ secrets.DB_USER }} - DB_PASSWORD=${{ secrets.DB_PASSWORD }} + DB_NAME=${{ env.DB_NAME }} + DB_USER=${{ env.DB_USER }} + DB_PASSWORD=${{ env.DB_PASSWORD }} + LARAVEL_STAGING_SEC_DATA_APP_KEY=${{ secrets.LARAVEL_STAGING_SEC_DATA_APP_KEY }} - name: Setup node @@ -105,4 +106,5 @@ jobs: script: | source /home/${{ env.REMOTE_USER }}/.profile cd /home/${{ env.REMOTE_USER }}/www/${{ env.PROJECT_URL }} - composer install --no-dev --no-interaction --no-progress --optimize-autoloader \ No newline at end of file + composer install --no-interaction --no-progress --optimize-autoloader + # --no-dev \ No newline at end of file From c228a39892f0689ecadb4466814d10a937e76c1b Mon Sep 17 00:00:00 2001 From: estafons Date: Fri, 4 Oct 2024 09:49:59 +0300 Subject: [PATCH 11/13] ci/cd: add all env vars --- .github/templates/.env.j2 | 96 ++++++++++++++++++++---------------- .github/workflows/deploy.yml | 28 ++++++++++- 2 files changed, 81 insertions(+), 43 deletions(-) diff --git a/.github/templates/.env.j2 b/.github/templates/.env.j2 index 29785ce8..9aba3ebd 100644 --- a/.github/templates/.env.j2 +++ b/.github/templates/.env.j2 @@ -1,11 +1,13 @@ APP_NAME="Crowdsourcing platform | Let's crowdsource our future" APP_ENV=production APP_KEY={{ LARAVEL_STAGING_SEC_DATA_APP_KEY }} -APP_DEBUG=true +APP_DEBUG=false DEBUGBAR_ENABLED=false APP_LOG_LEVEL=debug -APP_URL=http://localhost -APP_VERSION=v5.0 +APP_URL={{ PROJECT_URL }} +ASSET_URL=${APP_URL} +MIX_ASSET_URL=${APP_URL} +APP_VERSION=v8.0 GOOGLE_MAPS_KEY= DB_CONNECTION=mysql @@ -21,20 +23,21 @@ QUEUE_CONNECTION=redis SESSION_DRIVER=file SESSION_LIFETIME=120 -REDIS_CLIENT=predis +REDIS_CLIENT=phpredis REDIS_HOST=127.0.0.1 REDIS_PASSWORD=null REDIS_PORT=6379 -REDIS_PREFIX=crowdsourcing_ +REDIS_PREFIX=crowdsourcing_ecas_ + + +MAIL_MAILER=mailgun +MAIL_FROM_ADDRESS=noreply@ecas.org +MAIL_FROM_NAME="Crowdsourcing Platform" +MAIL_HOST=smtp.eu.mailgun.org +MAILGUN_DOMAIN=crowdsourcing.ecas.org +MAILGUN_SECRET={{ MAILGUN_SECRET }} +MAILGUN_ENDPOINT=api.eu.mailgun.net -MAIL_FROM_ADDRESS=example@example.com -MAIL_FROM_NAME=Crowdsourcing_Platform -MAIL_MAILER=smtp -MAIL_HOST=smtp.mailtrap.io -MAIL_PORT=2525 -MAIL_USERNAME= -MAIL_PASSWORD= -MAIL_ENCRYPTION=null PUSHER_APP_ID= PUSHER_APP_KEY= @@ -42,51 +45,60 @@ PUSHER_APP_SECRET= PUSHER_APP_CLUSTER=mt1 PERSONAL_CLIENT_ID=1 -PERSONAL_CLIENT_SECRET= +PERSONAL_CLIENT_SECRET= {{ PERSONAL_CLIENT_SECRET }} PASSWORD_CLIENT_ID=2 -PASSWORD_CLIENT_SECRET= - -FACEBOOK_CLIENT_ID= -FACEBOOK_CLIENT_SECRET= +PASSWORD_CLIENT_SECRET={{ PASSWORD_CLIENT_SECRET }} -TWITTER_CLIENT_ID= -TWITTER_CLIENT_SECRET= +FACEBOOK_CLIENT_ID={{ FACEBOOK_CLIENT_ID }} +FACEBOOK_CLIENT_SECRET={{ FACEBOOK_CLIENT_SECRET }} -GOOGLE_CLIENT_ID= -GOOGLE_CLIENT_SECRET= +TWITTER_CLIENT_ID={{ TWITTER_CLIENT_ID }} +TWITTER_CLIENT_SECRET={{ TWITTER_CLIENT_SECRET }} -MICROSOFT_CLIENT_ID= -MICROSOFT_CLIENT_SECRET= +GOOGLE_CLIENT_ID={{ GOOGLE_CLIENT_ID }} +GOOGLE_CLIENT_SECRET={{ GOOGLE_CLIENT_SECRET }} -LINKEDIN_CLIENT_ID= -LINKEDIN_CLIENT_SECRET= +MICROSOFT_CLIENT_ID={{ MICROSOFT_CLIENT_ID }} +MICROSOFT_CLIENT_SECRET={{ MICROSOFT_CLIENT_SECRET }} -DEFAULT_ADMIN_USER_PASSWORD_FOR_SEED=12345678 +LINKEDIN_CLIENT_ID={{ LINKEDIN_CLIENT_ID }} +LINKEDIN_CLIENT_SECRET={{ LINKEDIN_CLIENT_SECRET }} -GOOGLE_TRANSLATE_KEY= +DEFAULT_ADMIN_USER_PASSWORD_FOR_SEED={{ DEFAULT_ADMIN_USER_PASSWORD_FOR_SEED }} +GOOGLE_TRANSLATE_KEY={{ GOOGLE_TRANSLATE_KEY }} # MAILCHIMP INTEGRATION -MAILCHIMP_API_KEY= +MAILCHIMP_API_KEY={{ MAILCHIMP_API_KEY }} # SENTRY DSN -SENTRY_LARAVEL_DSN= -SENTRY_TRACES_SAMPLE_RATE=1.0 +SENTRY_LARAVEL_DSN={{ SENTRY_LARAVEL_DSN }} +SENTRY_TRACES_SAMPLE_RATE=1 VITE_SENTRY_DSN_PUBLIC="${SENTRY_LARAVEL_DSN}" -# GOOGLE ANALYTICS ID -GA_ID=YOUR_ANALYTICS_ID -GOOGLE_TAG_MANAGER_ID=GTM-123 - VITE_APP_URL="${APP_URL}" USERWAY_ID= -# Installation variables -INSTALLATION_RESOURCES_DIR=together -INSTALLATION_COMPANY_NAME="company name here" -INSTALLATION_COMPANY_ADDRESS="address" -INSTALLATION_COMPANY_PHONE="+123" -INSTALLATION_COMPANY_EMAIL="info(at)company.org" + +INSTALLATION_RESOURCES_DIR=ecas +API_AUTH_TOKEN={{ API_AUTH_TOKEN }} +MIX_API_AUTH_TOKEN="${API_AUTH_TOKEN}" +MIX_APP_URL="${APP_URL}" +USERWAY_ID={{ USERWAY_ID }} + # Newsletter variables NEWSLETTER_LIST_ID_NEWSLETTER=# this should come from the mailchimp_lists DB table -NEWSLETTER_LIST_ID_NEWSLETTER_REGISTERED_USERS=# this should come from the mailchimp_lists DB table \ No newline at end of file +NEWSLETTER_LIST_ID_NEWSLETTER_REGISTERED_USERS=# this should come from the mailchimp_lists DB table + +# Variables needed for S3-based filesystem to work +AWS_ACCESS_KEY_ID={{ AWS_ACCESS_KEY_ID }} +AWS_SECRET_ACCESS_KEY={{ AWS_SECRET_ACCESS_KEY }} +AWS_DEFAULT_REGION=eu-central-1 +AWS_BUCKET=crowdsourcing-ecas-bucket-s3 +AWS_USE_PATH_STYLE_ENDPOINT=false + +INSTALLATION_COMPANY_NAME="ECAS - European Citizen Action Service" +INSTALLATION_COMPANY_ADDRESS="BeCentral Cantersteen 12 B-1000 Brussels, Belgium" +INSTALLATION_COMPANY_PHONE="+32 (0) 2 548 04 90" +INSTALLATION_COMPANY_EMAIL="info(at)ecas.org" + diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 15af89a4..95e27adb 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -1,4 +1,4 @@ -name: Deploy to Production +name: Deploy to Secondary Staging Server on: workflow_dispatch: @@ -57,6 +57,9 @@ jobs: Projects/data/crowdsourcing/staging_sec_data/database db_name | DB_NAME ; Projects/data/crowdsourcing/staging_sec_data/database db_user | DB_USER ; Projects/data/crowdsourcing/staging_sec_data/database password | DB_PASSWORD ; + Projects/data/crowdsourcing/staging_sec_data/google_client_secrets google_client_id | GOOGLE_CLIENT_ID ; + Projects/data/crowdsourcing/production/email/laravel_mailgun_env_variables MAILGUN_SECRET | MAILGUN_SECRET ; + @@ -71,6 +74,29 @@ jobs: DB_USER=${{ env.DB_USER }} DB_PASSWORD=${{ env.DB_PASSWORD }} LARAVEL_STAGING_SEC_DATA_APP_KEY=${{ secrets.LARAVEL_STAGING_SEC_DATA_APP_KEY }} + PROJECT_URL=${{ env.PROJECT_URL }} + MAILGUN_SECRET=${{ env.MAILGUN_SECRET }} + PERSONAL_CLIENT_ID=${{ secrets.PERSONAL_CLIENT_ID }} + PERSONAL_CLIENT_SECRET=${{ secrets.PERSONAL_CLIENT_SECRET }} + FACEBOOK_CLIENT_ID=${{ secrets.FACEBOOK_CLIENT_ID }} + FACEBOOK_CLIENT_SECRET=${{ secrets.FACEBOOK_CLIENT_SECRET }} + TWITTER_CLIENT_ID=${{ secrets.TWITTER_CLIENT_ID }} + TWITTER_CLIENT_SECRET=${{ secrets.TWITTER_CLIENT_SECRET }} + GOOGLE_CLIENT_ID=${{ env.GOOGLE_CLIENT_ID }} + GOOGLE_CLIENT_SECRET=${{ secrets.GOOGLE_CLIENT_SECRET }} + MICROSOFT_CLIENT_ID=${{ secrets.MICROSOFT_CLIENT_ID }} + MICROSOFT_CLIENT_SECRET=${{ secrets.MICROSOFT_CLIENT_SECRET }} + LINKEDIN_CLIENT_ID=${{ secrets.LINKEDIN_CLIENT_ID }} + LINKEDIN_CLIENT_SECRET=${{ secrets.LINKEDIN_CLIENT_SECRET }} + DEFAULT_ADMIN_USER_PASSWORD_FOR_SEED=${{ secrets.DEFAULT_ADMIN_USER_PASSWORD_FOR_SEED }} + GOOGLE_TRANSLATE_KEY=${{ secrets.GOOGLE_TRANSLATE_KEY }} + MAILCHIMP_API_KEY=${{ secrets.MAILCHIMP_API_KEY }} + SENTRY_LARAVEL_DSN=${{ secrets.SENTRY_LARAVEL_DSN }} + API_AUTH_TOKEN=${{ secrets.API_AUTH_TOKEN }} + USERWAY_ID=${{ secrets.USERWAY_ID }} + AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }} + - name: Setup node From dc813f3985a76a78ab24d7321b5fda6fd65a5de5 Mon Sep 17 00:00:00 2001 From: estafons Date: Fri, 4 Oct 2024 10:05:36 +0300 Subject: [PATCH 12/13] ci/cd: fix env var --- .github/templates/.env.j2 | 1 - .github/workflows/deploy.yml | 1 + 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/templates/.env.j2 b/.github/templates/.env.j2 index 9aba3ebd..1246063a 100644 --- a/.github/templates/.env.j2 +++ b/.github/templates/.env.j2 @@ -76,7 +76,6 @@ SENTRY_TRACES_SAMPLE_RATE=1 VITE_SENTRY_DSN_PUBLIC="${SENTRY_LARAVEL_DSN}" VITE_APP_URL="${APP_URL}" -USERWAY_ID= INSTALLATION_RESOURCES_DIR=ecas diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 95e27adb..adb279a5 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -78,6 +78,7 @@ jobs: MAILGUN_SECRET=${{ env.MAILGUN_SECRET }} PERSONAL_CLIENT_ID=${{ secrets.PERSONAL_CLIENT_ID }} PERSONAL_CLIENT_SECRET=${{ secrets.PERSONAL_CLIENT_SECRET }} + PASSWORD_CLIENT_SECRET=${{ secrets.PASSWORD_CLIENT_SECRET }} FACEBOOK_CLIENT_ID=${{ secrets.FACEBOOK_CLIENT_ID }} FACEBOOK_CLIENT_SECRET=${{ secrets.FACEBOOK_CLIENT_SECRET }} TWITTER_CLIENT_ID=${{ secrets.TWITTER_CLIENT_ID }} From 5ea5b873fa8f274a1449c21dc187c75330230888 Mon Sep 17 00:00:00 2001 From: estafons Date: Fri, 4 Oct 2024 11:25:40 +0300 Subject: [PATCH 13/13] ci/cd: fix app url prefix --- .github/templates/.env.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/templates/.env.j2 b/.github/templates/.env.j2 index 1246063a..db59d5c5 100644 --- a/.github/templates/.env.j2 +++ b/.github/templates/.env.j2 @@ -4,7 +4,7 @@ APP_KEY={{ LARAVEL_STAGING_SEC_DATA_APP_KEY }} APP_DEBUG=false DEBUGBAR_ENABLED=false APP_LOG_LEVEL=debug -APP_URL={{ PROJECT_URL }} +APP_URL=https://{{ PROJECT_URL }} ASSET_URL=${APP_URL} MIX_ASSET_URL=${APP_URL} APP_VERSION=v8.0