Skip to content

Commit e14a839

Browse files
author
Sachin Maheshwari
committed
adding new env vars in deployment script.
1 parent 2b384d0 commit e14a839

File tree

6 files changed

+175
-153
lines changed

6 files changed

+175
-153
lines changed

README.md

Lines changed: 3 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -13,9 +13,8 @@ Configuration for the notification server is at `config/default.js`.
1313
The following parameters can be set in config files or in env variables:
1414
- LOG_LEVEL: the log level
1515
- PORT: the notification server port
16-
- authSecret: TC auth secret
17-
- authDomain: TC auth domain
18-
- validIssuers: TC auth valid issuers
16+
- AUTH_SECRET: TC auth secret
17+
- VALID_ISSUERS: TC auth valid issuers
1918
- jwksUri: TC auth JWKS URI
2019
- DATABASE_URL: URI to PostgreSQL database
2120
- DATABASE_OPTIONS: database connection options
@@ -84,9 +83,8 @@ In case it expires, you may get a new token in this way:
8483

8584
## Local deployment
8685
- for local development environment you can set variables as following:
87-
- `authSecret`, `authDomain`, `validIssuers` can get from [tc-project-service config](https://github.com/topcoder-platform/tc-project-service/blob/dev/config/default.json)
86+
- `AUTH_SECRET`,`VALID_ISSUERS` can get from [tc-project-service config](https://github.com/topcoder-platform/tc-project-service/blob/dev/config/default.json)
8887
- `PORT=4000` because **connect-app** call this port by default
89-
- `jwksUri` - any
9088
- `KAFKA_TOPIC_IGNORE_PREFIX=joan-26673.` (with point at the end)
9189
- `TC_API_V4_BASE_URL=https://api.topcoder-dev.com/v4`
9290
- `TC_API_V3_BASE_URL=https://api.topcoder-dev.com/v3`

config/default.js

Lines changed: 7 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -5,9 +5,7 @@ module.exports = {
55
ENV: process.env.ENV,
66
LOG_LEVEL: process.env.LOG_LEVEL,
77
PORT: process.env.PORT,
8-
authSecret: process.env.authSecret,
9-
authDomain: process.env.authDomain,
10-
jwksUri: process.env.jwksUri,
8+
AUTH_SECRET: process.env.authSecret,
119
DATABASE_URL: process.env.DATABASE_URL,
1210
DATABASE_OPTIONS: {
1311
dialect: 'postgres',
@@ -21,7 +19,7 @@ module.exports = {
2119
},
2220
},
2321

24-
validIssuers: process.env.validIssuers ? process.env.validIssuers.replace(/\\"/g, '') : null,
22+
VALID_ISSUERS: process.env.validIssuers ? process.env.validIssuers.replace(/\\"/g, '') : null,
2523
KAFKA_URL: process.env.KAFKA_URL,
2624
KAFKA_TOPIC_IGNORE_PREFIX: process.env.KAFKA_TOPIC_IGNORE_PREFIX,
2725
KAFKA_GROUP_ID: process.env.KAFKA_GROUP_ID,
@@ -47,11 +45,11 @@ module.exports = {
4745

4846
// Configuration for generating machine to machine auth0 token.
4947
// The token will be used for calling another internal API.
50-
auth0Url: process.env.auth0Url,
51-
auth0Audience: process.env.auth0Audience,
48+
AUTH0_URL: process.env.AUTH0_URL,
49+
AUTH0_AUDIENCE: process.env.AUTH0_AUDIENCE,
5250
// The token will be cached.
5351
// We define the time period of the cached token.
54-
tokenCacheTime: process.env.tokenCacheTime || 86400000,
55-
auth0CliendId: process.env.auth0CliendId,
56-
auth0CliendSecret: process.env.auth0CliendSecret,
52+
TOKEN_CACHE_TIME: process.env.TOKEN_CACHE_TIME || 86400000,
53+
AUTH0_CLIENT_ID: process.env.AUTH0_CLIENT_ID,
54+
AUTH0_CLIENT_SECRET: process.env.AUTH0_CLIENT_SECRET,
5755
};

connect/service.js

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -70,7 +70,7 @@ const getRoleMembers = (roleId) => request
7070
*/
7171
const getUsersById = (ids) => {
7272
const query = _.map(ids, (id) => 'userId:' + id).join(' OR ');
73-
return m2m.getMachineToken(config.auth0CliendId, config.auth0CliendSecret)
73+
return m2m.getMachineToken(config.AUTH0_CLIENT_ID, config.AUTH0_CLIENT_SECRET)
7474
.then((token) => {
7575
if (!token && config.TC_ADMIN_TOKEN) token = config.TC_ADMIN_TOKEN;
7676

@@ -108,7 +108,7 @@ const getUsersById = (ids) => {
108108
*/
109109
const getUsersByHandle = (handles) => {
110110
const query = _.map(handles, (handle) => 'handle:' + handle).join(' OR ');
111-
return m2m.getMachineToken(config.auth0CliendId, config.auth0CliendSecret)
111+
return m2m.getMachineToken(config.AUTH0_CLIENT_ID, config.AUTH0_CLIENT_SECRET)
112112
.then((token) => {
113113
if (!token && config.TC_ADMIN_TOKEN) token = config.TC_ADMIN_TOKEN;
114114

deploy.sh

Lines changed: 160 additions & 134 deletions
Original file line numberDiff line numberDiff line change
@@ -71,6 +71,12 @@ AWS_ECS_CONTAINER_NAME=$(eval "echo \$${ENV}_AWS_ECS_CONTAINER_NAME")
7171

7272
API_CONTEXT_PATH=$(eval "echo \$${ENV}_API_CONTEXT_PATH")
7373

74+
AUTH0_URL=$(eval "echo \$${ENV}_AUTH0_URL")
75+
AUTH0_AUDIENCE=$(eval "echo \$${ENV}_AUTH0_AUDIENCE")
76+
TOKEN_CACHE_TIME=$(eval "echo \$${ENV}_TOKEN_CACHE_TIME")
77+
AUTH0_CLIENT_ID=$(eval "echo \$${ENV}_AUTH0_CLIENT_ID")
78+
AUTH0_CLIENT_SECRET=$(eval "echo \$${ENV}_AUTH0_CLIENT_SECRET")
79+
7480
echo $APP_NAME
7581

7682
configure_aws_cli() {
@@ -111,141 +117,161 @@ deploy_cluster() {
111117

112118
make_task_def(){
113119
task_template='[
114-
{
115-
"name": "%s",
116-
"image": "%s.dkr.ecr.%s.amazonaws.com/%s:%s",
117-
"essential": true,
118-
"memory": 500,
119-
"cpu": 100,
120-
"environment": [
121-
{
122-
"name": "ENV",
123-
"value": "%s"
124-
},
125-
{
126-
"name": "KAFKA_CLIENT_CERT",
127-
"value": "%s"
128-
},
129-
{
130-
"name": "KAFKA_CLIENT_CERT_KEY",
131-
"value": "%s"
132-
},
133-
{
134-
"name": "KAFKA_GROUP_ID",
135-
"value": "%s"
136-
},
137-
{
138-
"name": "KAFKA_TOPIC_IGNORE_PREFIX",
139-
"value": "%s"
140-
},
141-
{
142-
"name": "KAFKA_URL",
143-
"value": "%s"
144-
},
145-
{
146-
"name": "DATABASE_URL",
147-
"value": "%s"
148-
},
149-
{
150-
"name": "authSecret",
151-
"value": "%s"
152-
},
153-
{
154-
"name": "authDomain",
155-
"value": "%s"
156-
},
157-
{
158-
"name": "jwksUri",
159-
"value": "%s"
160-
},
161-
{
162-
"name": "TC_API_BASE_URL",
163-
"value": "%s"
164-
},
165-
{
166-
"name": "TC_API_V3_BASE_URL",
167-
"value": "%s"
168-
},
169-
{
170-
"name": "TC_API_V4_BASE_URL",
171-
"value": "%s"
172-
},
173-
{
174-
"name": "TC_API_V5_BASE_URL",
175-
"value": "%s"
176-
},
177-
{
178-
"name": "MESSAGE_API_BASE_URL",
179-
"value": "%s"
180-
},
181-
{
182-
"name": "TC_ADMIN_TOKEN",
183-
"value": "%s"
184-
},
185-
{
186-
"name": "ENABLE_EMAILS",
187-
"value": "%s"
188-
},
189-
{
190-
"name": "MENTION_EMAIL",
191-
"value": "%s"
192-
},
193-
{
194-
"name": "REPLY_EMAIL_PREFIX",
195-
"value": "%s"
196-
},
197-
{
198-
"name": "REPLY_EMAIL_DOMAIN",
199-
"value": "%s"
200-
},
201-
{
202-
"name": "ENABLE_DEV_MODE",
203-
"value": "%s"
204-
},
205-
{
206-
"name": "DEV_MODE_EMAIL",
207-
"value": "%s"
208-
},
209-
{
210-
"name": "BUS_API_AUTH_TOKEN",
211-
"value": "%s"
212-
},
213-
{
214-
"name": "LOG_LEVEL",
215-
"value": "%s"
216-
},
217-
{
218-
"name": "validIssuers",
219-
"value": "%s"
220-
},
221-
{
222-
"name": "PORT",
223-
"value": "%s"
224-
},
225-
{
226-
"name": "API_CONTEXT_PATH",
227-
"value": "%s"
228-
}
229-
],
230-
"portMappings": [
231-
{
232-
"hostPort": 0,
233-
"containerPort": 4000,
234-
"protocol": "tcp"
235-
}
236-
],
237-
"logConfiguration": {
238-
"logDriver": "awslogs",
239-
"options": {
240-
"awslogs-group": "/aws/ecs/%s",
241-
"awslogs-region": "%s",
242-
"awslogs-stream-prefix": "%s_%s"
243-
}
244-
}
245-
}
246-
]'
120+
{
121+
"name": "%s",
122+
"image": "%s.dkr.ecr.%s.amazonaws.com/%s:%s",
123+
"essential": true,
124+
"memory": 500,
125+
"cpu": 100,
126+
"environment": [
127+
{
128+
"name": "ENV",
129+
"value": "%s"
130+
},
131+
{
132+
"name": "KAFKA_CLIENT_CERT",
133+
"value": "%s"
134+
},
135+
{
136+
"name": "KAFKA_CLIENT_CERT_KEY",
137+
"value": "%s"
138+
},
139+
{
140+
"name": "KAFKA_GROUP_ID",
141+
"value": "%s"
142+
},
143+
{
144+
"name": "KAFKA_TOPIC_IGNORE_PREFIX",
145+
"value": "%s"
146+
},
147+
{
148+
"name": "KAFKA_URL",
149+
"value": "%s"
150+
},
151+
{
152+
"name": "DATABASE_URL",
153+
"value": "%s"
154+
},
155+
{
156+
"name": "authSecret",
157+
"value": "%s"
158+
},
159+
{
160+
"name": "authDomain",
161+
"value": "%s"
162+
},
163+
{
164+
"name": "jwksUri",
165+
"value": "%s"
166+
},
167+
{
168+
"name": "TC_API_BASE_URL",
169+
"value": "%s"
170+
},
171+
{
172+
"name": "TC_API_V3_BASE_URL",
173+
"value": "%s"
174+
},
175+
{
176+
"name": "TC_API_V4_BASE_URL",
177+
"value": "%s"
178+
},
179+
{
180+
"name": "TC_API_V5_BASE_URL",
181+
"value": "%s"
182+
},
183+
{
184+
"name": "MESSAGE_API_BASE_URL",
185+
"value": "%s"
186+
},
187+
{
188+
"name": "TC_ADMIN_TOKEN",
189+
"value": "%s"
190+
},
191+
{
192+
"name": "ENABLE_EMAILS",
193+
"value": "%s"
194+
},
195+
{
196+
"name": "MENTION_EMAIL",
197+
"value": "%s"
198+
},
199+
{
200+
"name": "REPLY_EMAIL_PREFIX",
201+
"value": "%s"
202+
},
203+
{
204+
"name": "REPLY_EMAIL_DOMAIN",
205+
"value": "%s"
206+
},
207+
{
208+
"name": "ENABLE_DEV_MODE",
209+
"value": "%s"
210+
},
211+
{
212+
"name": "DEV_MODE_EMAIL",
213+
"value": "%s"
214+
},
215+
{
216+
"name": "BUS_API_AUTH_TOKEN",
217+
"value": "%s"
218+
},
219+
{
220+
"name": "LOG_LEVEL",
221+
"value": "%s"
222+
},
223+
{
224+
"name": "validIssuers",
225+
"value": "%s"
226+
},
227+
{
228+
"name": "PORT",
229+
"value": "%s"
230+
},
231+
{
232+
"name": "API_CONTEXT_PATH",
233+
"value": "%s"
234+
},
235+
{
236+
"name": "AUTH0_URL",
237+
"value": "%s"
238+
},
239+
{
240+
"name": "AUTH0_AUDIENCE",
241+
"value": "%s"
242+
},
243+
{
244+
"name": "AUTH0_CLIENT_ID",
245+
"value": "%s"
246+
},
247+
{
248+
"name": "AUTH0_CLIENT_SECRET",
249+
"value": "%s"
250+
},
251+
{
252+
"name": "TOKEN_CACHE_TIME",
253+
"value": "%s"
254+
}
255+
],
256+
"portMappings": [
257+
{
258+
"hostPort": 0,
259+
"containerPort": 4000,
260+
"protocol": "tcp"
261+
}
262+
],
263+
"logConfiguration": {
264+
"logDriver": "awslogs",
265+
"options": {
266+
"awslogs-group": "/aws/ecs/%s",
267+
"awslogs-region": "%s",
268+
"awslogs-stream-prefix": "%s_%s"
269+
}
270+
}
271+
}
272+
]'
247273

248-
task_def=$(printf "$task_template" $AWS_ECS_CONTAINER_NAME $AWS_ACCOUNT_ID $AWS_REGION $AWS_REPOSITORY $TAG $ENV "$KAFKA_CLIENT_CERT" "$KAFKA_CLIENT_CERT_KEY" $KAFKA_GROUP_ID "$KAFKA_TOPIC_IGNORE_PREFIX" $KAFKA_URL $DATABASE_URL $AUTHSECRET "$AUTHDOMAIN" "$JWKSURI" $TC_API_BASE_URL $TC_API_V3_BASE_URL $TC_API_V4_BASE_URL $TC_API_V5_BASE_URL $MESSAGE_API_BASE_URL $TC_ADMIN_TOKEN $ENABLE_EMAILS $MENTION_EMAIL $REPLY_EMAIL_PREFIX $REPLY_EMAIL_DOMAIN $ENABLE_DEV_MODE $DEV_MODE_EMAIL $BUS_API_AUTH_TOKEN $LOG_LEVEL $VALID_ISSUERS $PORT "$API_CONTEXT_PATH" $AWS_ECS_CLUSTER $AWS_REGION $AWS_ECS_CLUSTER $ENV)
274+
task_def=$(printf "$task_template" $AWS_ECS_CONTAINER_NAME $AWS_ACCOUNT_ID $AWS_REGION $AWS_REPOSITORY $TAG $ENV "$KAFKA_CLIENT_CERT" "$KAFKA_CLIENT_CERT_KEY" $KAFKA_GROUP_ID "$KAFKA_TOPIC_IGNORE_PREFIX" $KAFKA_URL $DATABASE_URL $AUTHSECRET "$AUTHDOMAIN" "$JWKSURI" $TC_API_BASE_URL $TC_API_V3_BASE_URL $TC_API_V4_BASE_URL $TC_API_V5_BASE_URL $MESSAGE_API_BASE_URL $TC_ADMIN_TOKEN $ENABLE_EMAILS $MENTION_EMAIL $REPLY_EMAIL_PREFIX $REPLY_EMAIL_DOMAIN $ENABLE_DEV_MODE $DEV_MODE_EMAIL $BUS_API_AUTH_TOKEN $LOG_LEVEL $VALID_ISSUERS $PORT "$API_CONTEXT_PATH" "$AUTH0_URL" "$AUTH0_AUDIENCE" $AUTH0_CLIENT_ID "$AUTH0_CLIENT_SECRET" $TOKEN_CACHE_TIME $AWS_ECS_CLUSTER $AWS_REGION $AWS_ECS_CLUSTER $ENV)
249275
}
250276

251277
register_definition() {

src/app.js

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -105,8 +105,8 @@ function startKafkaConsumer(handlers) {
105105
};
106106
logger.debug('body', body);
107107
logger.debug(`body for generating token: ${JSON.stringify(body)}`);
108-
logger.debug(`authSecret: ${config.authSecret.substring(-5)}`);
109-
const token = jwt.sign(body, config.authSecret, { noTimestamp: true }).split('.')[2];
108+
logger.debug(`AUTH_SECRET: ${config.AUTH_SECRET.substring(-5)}`);
109+
const token = jwt.sign(body, config.AUTH_SECRET, { noTimestamp: true }).split('.')[2];
110110
logger.debug(`token: ${token}`);
111111

112112
const replyTo = `${config.REPLY_EMAIL_PREFIX}+${topicId}/${token}@${config.REPLY_EMAIL_DOMAIN}`;

0 commit comments

Comments
 (0)