zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-06-05 12:17:30 +02:00
Code Issues Projects Releases Packages Wiki Activity

Revert "Update epp proxy config files according to epp url (#2116)"

Browse source 
This reverts commit 5eb07e54c1.
This commit is contained in:
Keijo Raamat 2021-10-12 17:05:54 +03:00
parent 5eb07e54c1
commit 33b238425a
3 changed files with 13 additions and 47 deletions
Download patch file Download diff file Expand all files Collapse all files

54
.github/workflows/build_deploy_staging.yml vendored
View file

@ -7,6 +7,7 @@ on:
- 'CHANGELOG.md' - 'CHANGELOG.md'
- 'README.md' - 'README.md'
- 'yarn.lock' - 'yarn.lock'
- 'package.json'
branches: [master] branches: [master]
types: types:
- opened - opened
@ -30,18 +31,8 @@ jobs:
run: | run: |
SHORT_SHA=$(echo $GITHUB_SHA | cut -c 1-7) #pr-s test commit of merged state SHORT_SHA=$(echo $GITHUB_SHA | cut -c 1-7) #pr-s test commit of merged state
echo "TAG=ghcr.io/internetee/registry:RC-$SHORT_SHA" >> $GITHUB_ENV echo "TAG=ghcr.io/internetee/registry:RC-$SHORT_SHA" >> $GITHUB_ENV
echo "PROXY_TAG=ghcr.io/internetee/registry:PROXY-RC-$SHORT_SHA" >> $GITHUB_ENV
echo "SHORT_TAG=RC-$SHORT_SHA" >> $GITHUB_ENV echo "SHORT_TAG=RC-$SHORT_SHA" >> $GITHUB_ENV
- name: Get pull request reference number
run: |
echo "$GITHUB_REF"
echo "PR_REF=$(cat /home/runner/work/_temp/_github_workflow/event.json | jq -r '.number')" >> $GITHUB_ENV
echo $(cat /home/runner/work/_temp/_github_workflow/event.json | jq -r '.number')
- name: Set EPP port
run: echo "EPP_PORT=${PR_REF:(-3)}" >> $GITHUB_ENV
- name: Set config files for build - name: Set config files for build
env: env:
ST_APP: ${{ secrets.ST_APPLICATION_YML}} ST_APP: ${{ secrets.ST_APPLICATION_YML}}
@ -51,43 +42,24 @@ jobs:
cp config/database.yml.sample config/database.yml cp config/database.yml.sample config/database.yml
ls -l config/ ls -l config/
- name: Build registry image - name: Build image
env: env:
KEY_BASE: ${{ secrets.KEY_BASE}} KEY_BASE: ${{ secrets.KEY_BASE}}
run: | run: |
docker build -t $TAG --build-arg RAILS_ENV=staging --build-arg SECRET_KEY_BASE="$KEY_BASE" -f Dockerfile.generic . docker build -t $TAG --build-arg RAILS_ENV=staging --build-arg SECRET_KEY_BASE="$KEY_BASE" -f Dockerfile.generic .
- name: Clone epp_proxy project
run: |
git clone https://github.com/internetee/epp_proxy.git
- name: Configurate proxy build
run: |
cd epp_proxy/
sed -i -e 's/LABEL org.opencontainers.image.source=https:\/\/github.com\/internetee\/epp_proxy/LABEL org.opencontainers.image.source=https:\/\/github.com\/internetee\/registry/' Dockerfile.release
echo "EXPOSE 700" >> Dockerfile.release
cd config/
sed -i -e 's/{insecure, false},/%% {insecure, false},/' sys.config
sed -i -e 's/{epp_session_url, "https:\/\/registry.test\/epp\/session\/"},/{epp_session_url, "http:\/\/st-'$PR_REF'-epp.epp.svc.cluster.local\/epp\/session\/"},/' sys.config
sed -i -e 's/{epp_command_url, "https:\/\/registry.test\/epp\/command\/"},/{epp_command_url, "http:\/\/st-'$PR_REF'-epp.epp.svc.cluster.local\/epp\/command\/"},/' sys.config
sed -i -e 's/{epp_error_url, "https:\/\/registry.test\/epp\/error\/"},/{epp_error_url, "http:\/\/st-'$PR_REF'-epp.epp.svc.cluster.local\/epp\/error\/"},/' sys.config
sed -i -e 's/{cacertfile_path, "\/opt\/shared\/ca\/certs\/ca.crt.pem"},/{cacertfile_path, "\/opt\/shared\/ca\/certs\/ca.crt"},/' sys.config
sed -i -e 's/{certfile_path, "\/opt\/shared\/ca\/certs\/cert.pem"},/{certfile_path, "\/opt\/shared\/ca\/certs\/tls.crt"},/' sys.config
sed -i -e 's/{keyfile_path, "\/opt\/shared\/ca\/certs\/key.pem"},/{keyfile_path, "\/opt\/shared\/ca\/certs\/tls.key"}]},/' sys.config
sed -i -e 's/{crlfile_path, "\/opt\/shared\/ca\/certs\/key.pem"}]},//' sys.config
- name: Build proxy image
run: |
cd epp_proxy
docker build -t $PROXY_TAG -f Dockerfile.release .
- name: Push Docker image to gh container registry - name: Push Docker image to gh container registry
env: env:
PASSWORD: ${{ secrets.GHCR }} PASSWORD: ${{ secrets.GHCR }}
run: | run: |
echo $PASSWORD | docker login ghcr.io -u eisbot --password-stdin echo $PASSWORD | docker login ghcr.io -u eisbot --password-stdin
docker push $TAG docker push $TAG
docker push $PROXY_TAG
- name: Get pull request reference number
run: |
echo "$GITHUB_REF"
echo "PR_REF=$(cat /home/runner/work/_temp/_github_workflow/event.json | jq -r '.number')" >> $GITHUB_ENV
echo $(cat /home/runner/work/_temp/_github_workflow/event.json | jq -r '.number')
- name: Get repo name - name: Get repo name
run: | run: |
@ -97,7 +69,6 @@ jobs:
IFS=OIFS IFS=OIFS
echo "REPO=${parts[1]}" >> $GITHUB_ENV echo "REPO=${parts[1]}" >> $GITHUB_ENV
- name: Set deploy config - name: Set deploy config
env: env:
OVPN: ${{ secrets.OVPN }} OVPN: ${{ secrets.OVPN }}
@ -105,7 +76,6 @@ jobs:
P12: ${{ secrets.P12 }} P12: ${{ secrets.P12 }}
K_CONFIG: ${{ secrets.KUBE_CONFIG }} K_CONFIG: ${{ secrets.KUBE_CONFIG }}
SSH_KEY: ${{ secrets.EISBOT_SSH_KEY }} SSH_KEY: ${{ secrets.EISBOT_SSH_KEY }}
EPPROXY_CONF: ${{ secrets.EPPROXY_CONF }}
run: | run: |
echo $VPN_PWD | base64 -di > client.pwd echo $VPN_PWD | base64 -di > client.pwd
chmod 0600 client.pwd chmod 0600 client.pwd
@ -125,8 +95,6 @@ jobs:
- name: Deploy from remote server - name: Deploy from remote server
timeout-minutes: 5 timeout-minutes: 5
env:
TOKEN: ${{ secrets.CLOUD_TOKEN }}
run: | run: |
sudo openvpn --config config.ovpn --askpass client.pwd --auth-nocache --daemon& sudo openvpn --config config.ovpn --askpass client.pwd --auth-nocache --daemon&
sleep 15 sleep 15
@ -143,9 +111,8 @@ jobs:
helm repo add eisrepo https://internetee.github.io/helm-charts/ helm repo add eisrepo https://internetee.github.io/helm-charts/
helm repo update helm repo update
helm upgrade --install reg-admin-"$PR_REF" --set image.tag="$SHORT_TAG",reference="$PR_REF" eisrepo/registry-admin -n reg-admin-staging helm upgrade --install reg-admin-"$PR_REF" --set image.tag="$SHORT_TAG",reference="$PR_REF" eisrepo/registry-admin -n reg-admin-staging
helm upgrade --install epp-"$PR_REF" --set image.tag="$SHORT_TAG",reference="$PR_REF" eisrepo/registry-epp -n epp helm upgrade --install repp-"$PR_REF" --set image.tag="$SHORT_TAG",reference="$PR_REF" eisrepo/registry-epp -n epp
helm upgrade --install reg-api-"$PR_REF" --set image.tag="$SHORT_TAG",reference="$PR_REF" eisrepo/registry-api -n reg-api helm upgrade --install reg-api-"$PR_REF" --set image.tag="$SHORT_TAG",reference="$PR_REF" eisrepo/registry-api -n reg-api
TOKEN=${{ secrets.CLOUD_TOKEN }} python3 ../../portOpener.py "$PR_REF" add
rm kubeconfig rm kubeconfig
echo "Setting up URLs" echo "Setting up URLs"
echo "server obs.tld.ee echo "server obs.tld.ee
@ -174,8 +141,7 @@ jobs:
| **Admin** | https://reg-admin-'$PR_REF'.pilv.tld.ee | | **Admin** | https://reg-admin-'$PR_REF'.pilv.tld.ee |
| **repp** | https://repp-'$PR_REF'.pilv.tld.ee | | **repp** | https://repp-'$PR_REF'.pilv.tld.ee |
| **API** | https://reg-api-'$PR_REF'.pilv.tld.ee | | **API** | https://reg-api-'$PR_REF'.pilv.tld.ee |
| **EPP** | riigi.pilv.tld.ee on port '$EPP_PORT' |
Please note that the API is only accessible from Riigipilv. Please note that the API is only accessible from Riigipilv.
" "
}' $NOTIFICATION_URL }' $NOTIFICATION_URL

4
.github/workflows/remove_st_after_pr.yml vendored
View file

@ -71,7 +71,7 @@ jobs:
cd "$REPO"/"$PR_REF" cd "$REPO"/"$PR_REF"
export KUBECONFIG=./kubeconfig export KUBECONFIG=./kubeconfig
helm delete reg-admin-"$PR_REF" -n reg-admin-staging helm delete reg-admin-"$PR_REF" -n reg-admin-staging
helm delete epp-"$PR_REF" -n epp helm delete repp-"$PR_REF" -n epp
helm delete reg-api-"$PR_REF" -n reg-api helm delete reg-api-"$PR_REF" -n reg-api
rm kubeconfig rm kubeconfig
echo "server obs.tld.ee echo "server obs.tld.ee
@ -87,7 +87,7 @@ jobs:
echo "CNAME updates failed" echo "CNAME updates failed"
fi fi
EOSSH EOSSH
- name: Notify developers - name: Notify developers
timeout-minutes: 1 timeout-minutes: 1
env: env:

2
config/environments/production.rb
View file

@ -43,7 +43,7 @@ Rails.application.configure do
# config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ] # config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ]
# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
config.force_ssl = true config.force_ssl = false
# Use the lowest log level to ensure availability of diagnostic information # Use the lowest log level to ensure availability of diagnostic information
# when problems arise. # when problems arise.