| __tests__ | ||
| src | ||
| .editorconfig | ||
| .env | ||
| .eslintignore | ||
| .eslintrc.json | ||
| .gitignore | ||
| .prettierrc | ||
| docker-compose.yml | ||
| docker-wrapper.sh | ||
| Dockerfile | ||
| jest.config.js | ||
| LICENSE | ||
| package.json | ||
| README.md | ||
| run.sh | ||
| storage.conf | ||
| tsconfig.json | ||
| tsconfig.release.json | ||
| yarn.lock | ||
webapp-deployment-status-api
This API provides status information about webapp deployment requests and a mechanism for upload encrypted configuration files used by those requests.
Build and Run
$ yarn
$ yarn build
$ yarn start
Configuration
Keys
Configuration files are encrypted prior to being uploaded using an RSA publicKey specified in the WebappDeployer record.
On upload, the configuration is temporarily decrypted for validation, but stored in its encrypted format.
To create and export a key in the necessary format use:
# Create a key
$ gpg --batch --passphrase "SECRET" --quick-generate-key webapp-deployer-api.my.domain.com default default never
# Export the public key
$ gpg --export webapp-deployer-api.my.domain.com > webapp-deployer-api.my.domain.com.pgp.pub
# Export the private key
$ gpg --export-secret-keys webapp-deployer-api.my.domain.com > webapp-deployer-api.my.domain.com.pgp.key
Create the Deployer Record
Every webapp deployer should have WebappDeployer record in the registry which looks something like:
record:
type: WebappDeployer
version: 1.0.0
name: webapp-deployer-api.my.domain.com
apiUrl: https://webapp-deployer-api.my.domain.com
minimumPayment: 100alnt
paymentAddress: laconic1clpc8smrhx5k25zmk3vwna8kddxrsem7a1jlry
publicKey: mQGNBGbJUk0BDAC3j3CiaVtoEf1jrgtsjJnTA5u1a3BExP72mv0eE8y84TgY5rVcf ...
This record can most easily be created using laconic-so publish-deployer-to-registry.
$ laconic-so publish-deployer-to-registry \
--laconic-config ~/.laconic/registry.yml \
--api-url https://webapp-deployer-api.my.domain.com
--public-key-file webapp-deployer-api.my.domain.com.pgp.pub \
--lrn lrn://laconic/deployers/webapp-deployer-api.my.domain.com \
--min-required-payment 100
This will create the record in the proper format and assign its LRN.
Request Deployment
Users can now request deployment using the LRN of the deployer. This will allow them to:
- Discover the API URL for config uploads.
- Obtain the public key for encrypting config.
- See the minimum required payment.
The request can be made using laconic-so request-webapp-deployment. This will handle encrypting and uploading the
config automatically, as well as making a payment (if necessary).
$ laconic-so request-webapp-deployment \
--laconic-config ~/.laconic/registry.yml \
--deployer lrn://laconic/deployers/webapp-deployer-api.my.domain.com \
--app lrn://cerc-io/applications/webapp-hello-world@0.1.3 \
--env-file hello.env \
--make-payment auto
Example Config
UPLOAD_DIRECTORY="/srv/uploads/config"
UPLOAD_MAX_SIZE="1MB"
DEPLOYER_STATE="/srv/deployments/autodeploy.state"
UNDEPLOYER_STATE="/srv/deployments/autoundeploy.state"
BUILD_LOGS="/srv/logs"
OPENPGP_PASSPHRASE="SECRET"
OPENPGP_PRIVATE_KEY_FILE="/etc/config/webapp-deployer-api.my.domain.com.pgp.key"
LACONIC_CONFIG="/etc/config/registry.yml"