Compare commits
8 Commits
Author | SHA1 | Date | |
---|---|---|---|
b99223964a | |||
af6c472981 | |||
d7c96943b5 | |||
79dbc3538b | |||
8864860f8b | |||
31a75ecf8a | |||
fc8ec497e6 | |||
6bc458509b |
42
.gitea/workflows/encrypted.yaml
Normal file
42
.gitea/workflows/encrypted.yaml
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
name: Test Encrypted Config
|
||||||
|
on:
|
||||||
|
push:
|
||||||
|
branches: '*'
|
||||||
|
paths:
|
||||||
|
- '!**'
|
||||||
|
- '.gitea/workflows/triggers/encrypted'
|
||||||
|
|
||||||
|
env:
|
||||||
|
CERC_REGISTRY_USER_KEY: ${{ secrets.CICD_VAASL_LACONIC_USER_KEY }}
|
||||||
|
CERC_REGISTRY_BOND_ID: ${{ secrets.CICD_VAASL_LACONIC_BOND_ID }}
|
||||||
|
CERC_REGISTRY_DEPLOYER_LRN: ${{ vars.CERC_REGISTRY_DEPLOYER_LRN }}
|
||||||
|
CERC_REGISTRY_DEPLOYMENT_HOSTNAME: ${{ vars.CERC_REGISTRY_DEPLOYMENT_HOSTNAME }}-crypt
|
||||||
|
CERC_REGISTRY_DEPLOYMENT_REQUEST_USER_KEY: ${{ secrets.CICD_VAASL_DEPLOYMENT_REQUEST_USER_KEY }}
|
||||||
|
CERC_REGISTRY_DEPLOYMENT_REQUEST_BOND_ID: ${{ secrets.CICD_VAASL_DEPLOYMENT_REQUEST_BOND_ID }}
|
||||||
|
CERC_REGISTRY_DEPLOYMENT_REQUEST_PAYMENT_TO: ${{ secrets.CICD_VAASL_DEPLOYMENT_REQUEST_PAYMENT_TO }}
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
cns_publish:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- name: "Clone project repository"
|
||||||
|
uses: actions/checkout@v3
|
||||||
|
- name: Use Node.js
|
||||||
|
uses: actions/setup-node@v3
|
||||||
|
with:
|
||||||
|
node-version: 18
|
||||||
|
- name: "Enable Yarn"
|
||||||
|
run: corepack enable
|
||||||
|
- name: "Install registry CLI"
|
||||||
|
run: |
|
||||||
|
npm config set @cerc-io:registry https://git.vdb.to/api/packages/cerc-io/npm/
|
||||||
|
npm install -g @cerc-io/laconic-registry-cli
|
||||||
|
- name: "Install jq and gpg"
|
||||||
|
run: apt -y update && apt -y install jq gpg
|
||||||
|
- name: "Install laconic-so"
|
||||||
|
run: |
|
||||||
|
curl -LO https://git.vdb.to/cerc-io/stack-orchestrator/releases/download/latest/laconic-so
|
||||||
|
chmod +x ./laconic-so
|
||||||
|
mv ./laconic-so /usr/bin/laconic-so
|
||||||
|
- name: "Request Deployment w/ Encrypted Config"
|
||||||
|
run: scripts/request-app-deployment-encrypted.sh
|
@ -6,6 +6,10 @@ on:
|
|||||||
env:
|
env:
|
||||||
CERC_REGISTRY_USER_KEY: ${{ secrets.CICD_VAASL_LACONIC_USER_KEY }}
|
CERC_REGISTRY_USER_KEY: ${{ secrets.CICD_VAASL_LACONIC_USER_KEY }}
|
||||||
CERC_REGISTRY_BOND_ID: ${{ secrets.CICD_VAASL_LACONIC_BOND_ID }}
|
CERC_REGISTRY_BOND_ID: ${{ secrets.CICD_VAASL_LACONIC_BOND_ID }}
|
||||||
|
CERC_REGISTRY_DEPLOYMENT_HOSTNAME: ${{ vars.CERC_REGISTRY_DEPLOYMENT_HOSTNAME }}
|
||||||
|
CERC_REGISTRY_DEPLOYMENT_REQUEST_USER_KEY: ${{ secrets.CICD_VAASL_DEPLOYMENT_REQUEST_USER_KEY }}
|
||||||
|
CERC_REGISTRY_DEPLOYMENT_REQUEST_BOND_ID: ${{ secrets.CICD_VAASL_DEPLOYMENT_REQUEST_BOND_ID }}
|
||||||
|
CERC_REGISTRY_DEPLOYMENT_REQUEST_PAYMENT_TO: ${{ secrets.CICD_VAASL_DEPLOYMENT_REQUEST_PAYMENT_TO }}
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
cns_publish:
|
cns_publish:
|
||||||
|
2
.gitea/workflows/triggers/encrypted
Normal file
2
.gitea/workflows/triggers/encrypted
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
1
|
||||||
|
2
|
@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "@cerc-io/webapp-hello-world",
|
"name": "@cerc-io/webapp-hello-world",
|
||||||
"version": "0.1.0",
|
"version": "0.1.3",
|
||||||
"repository": "https://git.vdb.to/cerc-io/webapp-hello-world",
|
"repository": "https://git.vdb.to/cerc-io/webapp-hello-world",
|
||||||
"scripts": {
|
"scripts": {
|
||||||
"dev": "next dev",
|
"dev": "next dev",
|
||||||
|
43
scripts/request-app-deployment-encrypted.sh
Executable file
43
scripts/request-app-deployment-encrypted.sh
Executable file
@ -0,0 +1,43 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
set -e
|
||||||
|
|
||||||
|
CONFIG_FILE=`mktemp`
|
||||||
|
ENV_FILE=`mktemp`
|
||||||
|
|
||||||
|
rcd_name=$(jq -r '.name' package.json | sed 's/null//' | sed 's/^@//')
|
||||||
|
rcd_app_version=$(jq -r '.version' package.json | sed 's/null//')
|
||||||
|
|
||||||
|
cat <<EOF > "$CONFIG_FILE"
|
||||||
|
services:
|
||||||
|
registry:
|
||||||
|
userKey: ${CERC_REGISTRY_DEPLOYMENT_REQUEST_USER_KEY}
|
||||||
|
bondId: ${CERC_REGISTRY_DEPLOYMENT_REQUEST_BOND_ID}
|
||||||
|
rpcEndpoint: '${CERC_REGISTRY_RPC_ENDPOINT:-http://testnet-a-1.dev.vaasl.io:26657}'
|
||||||
|
gqlEndpoint: '${CERC_REGISTRY_GQL_ENDPOINT:-http://testnet-a-1.dev.vaasl.io:9473/api}'
|
||||||
|
chainId: ${CERC_REGISTRY_CHAIN_ID:-laconic-08062024}
|
||||||
|
gas: 900000
|
||||||
|
fees: 900000alnt
|
||||||
|
EOF
|
||||||
|
|
||||||
|
if [ -z "$CERC_REGISTRY_APP_LRN" ]; then
|
||||||
|
authority=$(echo "$rcd_name" | cut -d'/' -f1 | sed 's/@//')
|
||||||
|
app=$(echo "$rcd_name" | cut -d'/' -f2-)
|
||||||
|
CERC_REGISTRY_APP_LRN="lrn://$authority/applications/$app"
|
||||||
|
fi
|
||||||
|
|
||||||
|
cat >$ENV_FILE <<EOF
|
||||||
|
CERC_TEST_WEBAPP_CONFIG1="this is an encrypted string"
|
||||||
|
CERC_TEST_WEBAPP_CONFIG2="this is also an encrypted string"
|
||||||
|
CERC_WEBAPP_DEBUG="$CERC_REGISTRY_APP_LRN - CRYPT"
|
||||||
|
EOF
|
||||||
|
|
||||||
|
laconic-so request-webapp-deployment \
|
||||||
|
--laconic-config $CONFIG_FILE \
|
||||||
|
--deployer $CERC_REGISTRY_DEPLOYER_LRN \
|
||||||
|
--app $CERC_REGISTRY_APP_LRN \
|
||||||
|
--env-file $ENV_FILE \
|
||||||
|
--dns $CERC_REGISTRY_DEPLOYMENT_HOSTNAME \
|
||||||
|
--make-payment auto
|
||||||
|
|
||||||
|
rm -f $ENV_FILE $CONFIG_FILE
|
@ -24,6 +24,13 @@ if [ -z "$CERC_REGISTRY_APP_LRN" ]; then
|
|||||||
CERC_REGISTRY_APP_LRN="lrn://$authority/applications/$app"
|
CERC_REGISTRY_APP_LRN="lrn://$authority/applications/$app"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
PAYMENT_TX=$(laconic -c $CONFIG_FILE registry tokens send \
|
||||||
|
--address $CERC_REGISTRY_DEPLOYMENT_REQUEST_PAYMENT_TO \
|
||||||
|
--user-key "${CERC_REGISTRY_DEPLOYMENT_REQUEST_USER_KEY}" \
|
||||||
|
--bond-id "${CERC_REGISTRY_DEPLOYMENT_REQUEST_BOND_ID}" \
|
||||||
|
--type alnt \
|
||||||
|
--quantity ${CERC_REGISTRY_DEPLOYMENT_REQUEST_PAYMENT_AMOUNT:-10000} | jq '.tx.hash')
|
||||||
|
|
||||||
APP_RECORD=$(laconic -c $CONFIG_FILE registry name resolve "$CERC_REGISTRY_APP_LRN" | jq '.[0]')
|
APP_RECORD=$(laconic -c $CONFIG_FILE registry name resolve "$CERC_REGISTRY_APP_LRN" | jq '.[0]')
|
||||||
if [ -z "$APP_RECORD" ] || [ "null" == "$APP_RECORD" ]; then
|
if [ -z "$APP_RECORD" ] || [ "null" == "$APP_RECORD" ]; then
|
||||||
echo "No record found for $CERC_REGISTRY_APP_LRN."
|
echo "No record found for $CERC_REGISTRY_APP_LRN."
|
||||||
@ -38,6 +45,8 @@ record:
|
|||||||
application: "$CERC_REGISTRY_APP_LRN@$rcd_app_version"
|
application: "$CERC_REGISTRY_APP_LRN@$rcd_app_version"
|
||||||
dns: "$CERC_REGISTRY_DEPLOYMENT_HOSTNAME"
|
dns: "$CERC_REGISTRY_DEPLOYMENT_HOSTNAME"
|
||||||
deployment: "$CERC_REGISTRY_DEPLOYMENT_LRN"
|
deployment: "$CERC_REGISTRY_DEPLOYMENT_LRN"
|
||||||
|
to: $CERC_REGISTRY_DEPLOYMENT_REQUEST_PAYMENT_TO
|
||||||
|
payment: $PAYMENT_TX
|
||||||
config:
|
config:
|
||||||
env:
|
env:
|
||||||
CERC_WEBAPP_DEBUG: "$rcd_app_version"
|
CERC_WEBAPP_DEBUG: "$rcd_app_version"
|
||||||
@ -47,8 +56,12 @@ record:
|
|||||||
repository_ref: "${GITHUB_SHA:-`git log -1 --format="%H"`}"
|
repository_ref: "${GITHUB_SHA:-`git log -1 --format="%H"`}"
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
|
|
||||||
cat $RECORD_FILE
|
cat $RECORD_FILE
|
||||||
RECORD_ID=$(laconic -c $CONFIG_FILE registry record publish --filename $RECORD_FILE --user-key "${CERC_REGISTRY_USER_KEY}" --bond-id ${CERC_REGISTRY_BOND_ID} | jq -r '.id')
|
RECORD_ID=$(laconic -c $CONFIG_FILE registry record publish \
|
||||||
|
--filename $RECORD_FILE \
|
||||||
|
--user-key "${CERC_REGISTRY_DEPLOYMENT_REQUEST_USER_KEY}" \
|
||||||
|
--bond-id ${CERC_REGISTRY_DEPLOYMENT_REQUEST_BOND_ID} | jq -r '.id')
|
||||||
echo $RECORD_ID
|
echo $RECORD_ID
|
||||||
|
|
||||||
rm -f $RECORD_FILE $CONFIG_FILE
|
rm -f $RECORD_FILE $CONFIG_FILE
|
||||||
|
Loading…
Reference in New Issue
Block a user