build: build on install

This commit is contained in:
Sérgio Ramos 2018-02-19 14:59:31 +00:00
parent d879202b4e
commit 9966143337
10 changed files with 18 additions and 302 deletions

View File

@ -4,7 +4,7 @@
"private": true, "private": true,
"license": "MPL-2.0", "license": "MPL-2.0",
"scripts": { "scripts": {
"start": "NODE_ENV=development PORT=3069 REACT_APP_GQL_PORT=3069 REACT_APP_GQL_PROTOCOL=http node index.js", "start": "NODE_ENV=development PORT=3069 REACT_APP_GQL_PORT=3069 REACT_APP_GQL_PROTOCOL=http node src/index.js",
"lint-ci": "echo 0", "lint-ci": "echo 0",
"lint": "echo 0", "lint": "echo 0",
"test-ci": "echo 0", "test-ci": "echo 0",

View File

@ -1,40 +0,0 @@
#!/bin/bash
set -e -o pipefail
TRITON_ACCOUNT=$(triton account get | awk -F": " '/id:/{print $2}')
TRITON_DC=$(triton profile get | awk -F"/" '/url:/{print $3}' | awk -F'.' '{print $1}')
DEFAULT_DOMAIN=${TRITON_ACCOUNT}.${TRITON_DC}.cns.triton.zone
read -p "Enter the domain name you plan to use for this key [$DEFAULT_DOMAIN]: " domain
domain="${domain:-$DEFAULT_DOMAIN}"
echo -n "Enter the password to use for the key: "
read -s password
echo
echo "Generating key for $domain"
keys_path=keys-$domain
mkdir -p $keys_path
openssl genrsa -aes256 -passout pass:$password -out $keys_path/ca.key 4096
chmod 400 $keys_path/ca.key
openssl req -new -x509 -sha256 -days 730 -key $keys_path/ca.key -out $keys_path/ca.crt -passin pass:$password -subj "/CN=copilot"
chmod 444 $keys_path/ca.crt
openssl genrsa -out $keys_path/server.key 2048
chmod 400 $keys_path/server.key
openssl req -new -key $keys_path/server.key -sha256 -out $keys_path/server.csr -passin pass:$password -subj "/CN=$domain"
openssl x509 -req -days 365 -sha256 -in $keys_path/server.csr -passin pass:$password -CA $keys_path/ca.crt -CAkey $keys_path/ca.key -set_serial 1 -out $keys_path/server.crt
chmod 444 $keys_path/server.crt
openssl genrsa -out $keys_path/client.key 2048
openssl req -new -key $keys_path/client.key -out $keys_path/client.csr -subj "/CN=$domain"
openssl x509 -req -days 365 -sha256 -in $keys_path/client.csr -CA $keys_path/ca.crt -CAkey $keys_path/ca.key -set_serial 2 -out $keys_path/client.crt -passin pass:$password
openssl pkcs12 -export -clcerts -in $keys_path/client.crt -inkey $keys_path/client.key -out $keys_path/client.p12 -passout pass:$password
# open $keys_path/client.p12 &
echo
echo "You can complete setup by running './setup.sh ~/path/to/TRITON_PRIVATE_KEY $keys_path/ca.crt $keys_path/server.key $keys_path/server.crt'"

View File

@ -1,235 +0,0 @@
#!/bin/bash
set -e -o pipefail
help() {
echo
echo 'Usage ./setup.sh ~/path/to/TRITON_PRIVATE_KEY ~/path/to/CA_CRT ~/path/to/SERVER_KEY ~/path/to/SERVER_CRT'
echo
echo 'Checks that your Triton and Docker environment is sane and configures'
echo 'an environment file to use.'
echo
echo 'TRITON_PRIVATE_KEY is the filesystem path to an SSH private key'
echo 'used to connect to Triton.'
echo
echo 'CA_CRT is the filesystem path to a certificate authority crt file.'
echo
echo 'SERVER_KEY is the filesystem path to a TLS server key file.'
echo
echo 'SERVER_CRT is the filesystem path to a TLS server crt file.'
echo
}
# Check for correct configuration
check() {
if [ -z "$1" ]; then
tput rev # reverse
tput bold # bold
echo 'Please provide a path to a SSH private key to access Triton.'
tput sgr0 # clear
help
exit 1
fi
if [ ! -f "$1" ]; then
tput rev # reverse
tput bold # bold
echo 'SSH private key for Triton is unreadable.'
tput sgr0 # clear
help
exit 1
fi
# Assign args to named vars
TRITON_PRIVATE_KEY_PATH=$1
if [ -z "$2" ]; then
tput rev # reverse
tput bold # bold
echo 'Please provide a path to the NGINX CA crt file.'
tput sgr0 # clear
help
exit 1
fi
if [ ! -f "$2" ]; then
tput rev # reverse
tput bold # bold
echo 'CA certificate for NGINX is unreadable.'
tput sgr0 # clear
help
exit 1
fi
NGINX_CA_CRT_PATH=$2
if [ -z "$3" ]; then
tput rev # reverse
tput bold # bold
echo 'Please provide a path to the server key file.'
tput sgr0 # clear
help
exit 1
fi
if [ ! -f "$3" ]; then
tput rev # reverse
tput bold # bold
echo 'Server key file for NGINX is unreadable.'
tput sgr0 # clear
help
exit 1
fi
NGINX_SERVER_KEY_PATH=$3
if [ -z "$4" ]; then
tput rev # reverse
tput bold # bold
echo 'Please provide a path to the server crt file.'
tput sgr0 # clear
help
exit 1
fi
if [ ! -f "$4" ]; then
tput rev # reverse
tput bold # bold
echo 'Server crt file for NGINX is unreadable.'
tput sgr0 # clear
help
exit 1
fi
NGINX_SERVER_CRT_PATH=$4
command -v docker >/dev/null 2>&1 || {
echo
tput rev # reverse
tput bold # bold
echo 'Docker is required, but does not appear to be installed.'
tput sgr0 # clear
echo 'See https://docs.joyent.com/public-cloud/api-access/docker'
exit 1
}
command -v triton >/dev/null 2>&1 || {
echo
tput rev # reverse
tput bold # bold
echo 'Error! Joyent Triton CLI is required, but does not appear to be installed.'
tput sgr0 # clear
echo 'See https://www.joyent.com/blog/introducing-the-triton-command-line-tool'
exit 1
}
TRITON_USER=$(triton profile get | awk -F": " '/account:/{print $2}')
TRITON_DC=$(triton profile get | awk -F"/" '/url:/{print $3}' | awk -F'.' '{print $1}')
TRITON_ACCOUNT=$(triton account get | awk -F": " '/id:/{print $2}')
SDC_URL=$(triton env | grep SDC_URL | awk -F"=" '{print $2}' | awk -F"\"" '{print $2}')
SDC_ACCOUNT=$(triton env | grep SDC_ACCOUNT | awk -F"=" '{print $2}' | awk -F"\"" '{print $2}')
SDC_KEY_ID=$(triton env | grep SDC_KEY_ID | awk -F"=" '{print $2}' | awk -F"\"" '{print $2}')
DOCKER_CERT_PATH=$(triton env | grep DOCKER_CERT_PATH | awk -F"=" '{print $2}')
DOCKER_HOST=$(triton env | grep DOCKER_HOST | awk -F"=" '{print $2}')
rm _env_consul
rm _env_mysql
rm _env
echo MYSQL_DATABASE=bridge-db >> _env_mysql
echo 'MYSQL_ROOT_PASSWORD='$(cat /dev/urandom | LC_ALL=C tr -dc 'A-Za-z0-9' | head -c 12) >> _env_mysql
echo MYSQL_USER=bridge-user >> _env_mysql
echo 'MYSQL_PASSWORD='$(cat /dev/urandom | LC_ALL=C tr -dc 'A-Za-z0-9' | head -c 8) >> _env_mysql
echo >> _env_mysql
echo '# Consul discovery via Triton CNS' >> _env_consul
echo CONSUL=bridge-consul.svc.${TRITON_ACCOUNT}.${TRITON_DC}.cns.joyent.com >> _env_consul
echo CONSUL_AGENT=1 >> _env_consul
echo >> _env_consul
TRITON_CREDS_PATH=/root/.triton
echo '# Allowed list of account Ids who can access the site' >> _env
echo ALLOWED_ACCOUNTS=${TRITON_ACCOUNT} >> _env
echo >> _env
echo '# Site URL' >> _env
echo BASE_URL=https://bridge.svc.${TRITON_ACCOUNT}.${TRITON_DC}.cns.triton.zone >> _env
echo COOKIE_DOMAIN=triton.zone >> _env
echo >> _env
echo '# MySQL via Triton CNS' >> _env
echo MYSQL_HOST=bridge-mysql.svc.${TRITON_ACCOUNT}.${TRITON_DC}.cns.joyent.com >> _env
echo >> _env
echo PORT=8080 >> _env
echo 'COOKIE_PASSWORD='$(cat /dev/urandom | LC_ALL=C tr -dc 'A-Za-z0-9' | head -c 36) >> _env
echo SDC_KEY_PATH=/root/.ssh/id_rsa >> _env
echo DOCKER_CERT_PATH=${TRITON_CREDS_PATH} >> _env
echo TRITON_CREDS_PATH=${TRITON_CREDS_PATH} >> _env
echo DOCKER_TLS_VERIFY=1 >> _env
echo DOCKER_HOST=${DOCKER_HOST} >> _env
echo SDC_URL=${SDC_URL} >> _env
echo SDC_ACCOUNT=${SDC_ACCOUNT} >> _env
echo SDC_KEY_ID=${SDC_KEY_ID} >> _env
echo CONSUL=bridge-consul.svc.${TRITON_ACCOUNT}.${TRITON_DC}.cns.joyent.com >> _env
echo TRITON_CA=$(cat "${DOCKER_CERT_PATH}"/ca.pem | tr '\n' '#') >> _env
echo TRITON_CA_PATH=${TRITON_CREDS_PATH}/ca.pem >> _env
echo TRITON_KEY=$(cat "${DOCKER_CERT_PATH}"/key.pem | tr '\n' '#') >> _env
echo TRITON_KEY_PATH=${TRITON_CREDS_PATH}/key.pem >> _env
echo TRITON_CERT=$(cat "${DOCKER_CERT_PATH}"/cert.pem | tr '\n' '#') >> _env
echo TRITON_CERT_PATH=${TRITON_CREDS_PATH}/cert.pem >> _env
echo SDC_KEY=$(cat "${TRITON_PRIVATE_KEY_PATH}" | tr '\n' '#') >> _env
echo SDC_KEY_PUB=$(cat "${TRITON_PRIVATE_KEY_PATH}".pub | tr '\n' '#') >> _env
echo NGINX_CA_CRT=$(cat "${NGINX_CA_CRT_PATH}" | tr '\n' '#') >> _env
echo NGINX_SERVER_KEY=$(cat "${NGINX_SERVER_KEY_PATH}" | tr '\n' '#') >> _env
echo NGINX_SERVER_CRT=$(cat "${NGINX_SERVER_CRT_PATH}" | tr '\n' '#') >> _env
echo >> _env
}
# ---------------------------------------------------
# parse arguments
# Get function list
funcs=($(declare -F -p | cut -d " " -f 3))
until
if [ ! -z "$1" ]; then
# check if the first arg is a function in this file, or use a default
if [[ " ${funcs[@]} " =~ " $1 " ]]; then
cmd=$1
shift 1
else
cmd="check"
fi
$cmd "$@"
if [ $? == 127 ]; then
help
fi
exit
else
help
fi
do
echo
done

View File

@ -83,7 +83,7 @@ async function main () {
server.auth.default('sso'); server.auth.default('sso');
process.on('unhandledRejection', (err) => { process.on('unhandledRejection', err => {
server.log(['error'], err); server.log(['error'], err);
}); });

View File

@ -1,14 +1,8 @@
const Inert = require('inert'); const Inert = require('inert');
const Path = require('path'); const Path = require('path');
const Execa = require('execa');
const { readFile } = require('mz/fs'); const { readFile } = require('mz/fs');
exports.register = async server => { exports.register = async server => {
await Execa('npm', ['run', 'build'], {
cwd: Path.join(__dirname, '..'),
stdio: 'inherit'
});
const indexFile = await readFile( const indexFile = await readFile(
Path.join(__dirname, '../build/index.html'), Path.join(__dirname, '../build/index.html'),
'utf-8' 'utf-8'

View File

@ -13,6 +13,7 @@
"lint": "eslint . --fix --ext .js --ext .md", "lint": "eslint . --fix --ext .js --ext .md",
"test-ci": "NODE_ENV=test joyent-react-scripts test --env=jsdom --testPathIgnorePatterns='.ui.js'", "test-ci": "NODE_ENV=test joyent-react-scripts test --env=jsdom --testPathIgnorePatterns='.ui.js'",
"test": "DEFAULT_TIMEOUT_INTERVAL=100000 NODE_ENV=test joyent-react-scripts test --env=jsdom", "test": "DEFAULT_TIMEOUT_INTERVAL=100000 NODE_ENV=test joyent-react-scripts test --env=jsdom",
"postinstall": "npm run build",
"prepublish": "echo 0" "prepublish": "echo 0"
}, },
"dependencies": { "dependencies": {
@ -46,7 +47,6 @@
"lodash.sortby": "^4.7.0", "lodash.sortby": "^4.7.0",
"lodash.uniqby": "^4.7.0", "lodash.uniqby": "^4.7.0",
"lunr": "^2.1.5", "lunr": "^2.1.5",
"mz": "^2.7.0",
"normalized-styled-components": "^1.0.18", "normalized-styled-components": "^1.0.18",
"param-case": "^2.1.1", "param-case": "^2.1.1",
"prop-types": "^15.6.0", "prop-types": "^15.6.0",

View File

@ -8,16 +8,17 @@ import { reducer as valuesReducer } from 'react-redux-values';
import paramCase from 'param-case'; import paramCase from 'param-case';
const { const {
REACT_APP_GQL_PORT = 443, REACT_APP_GQL_PORT = window.location.port,
REACT_APP_GQL_PROTOCOL = 'https', REACT_APP_GQL_PROTOCOL = window.location.protocol.replace(/\:$/, ''),
REACT_APP_GQL_HOSTNAME = window.location.hostname REACT_APP_GQL_HOSTNAME = window.location.hostname
} = process.env; } = process.env;
const PORT = REACT_APP_GQL_PORT ? `:${REACT_APP_GQL_PORT}` : '';
const URI = `${REACT_APP_GQL_PROTOCOL}://${REACT_APP_GQL_HOSTNAME}${PORT}/graphql`;
export const client = new ApolloClient({ export const client = new ApolloClient({
cache: new InMemoryCache(), cache: new InMemoryCache(),
link: new HttpLink({ link: new HttpLink({ uri: URI })
uri: `${REACT_APP_GQL_PROTOCOL}://${REACT_APP_GQL_HOSTNAME}:${REACT_APP_GQL_PORT}/graphql`
})
}); });
const initialState = { const initialState = {

View File

@ -1,15 +1,9 @@
const Inert = require('inert'); const Inert = require('inert');
const Path = require('path'); const Path = require('path');
const Execa = require('execa');
const ROOT = Path.join(__dirname, '../build'); const ROOT = Path.join(__dirname, '../build');
exports.register = async server => { exports.register = async server => {
await Execa('npm', ['run', 'build'], {
cwd: Path.join(__dirname, '..'),
stdio: 'inherit'
});
const manifest = require('../build/asset-manifest.json'); const manifest = require('../build/asset-manifest.json');
await server.register(Inert); await server.register(Inert);
@ -30,7 +24,9 @@ exports.register = async server => {
return h.continue; return h.continue;
} }
return h.file(Path.join(ROOT, file), { confine: ROOT }); return h.file(Path.join(ROOT, file), {
confine: ROOT
});
} }
} }
} }

View File

@ -10,6 +10,7 @@
"lint": "eslint . --fix --ext .js --ext .md", "lint": "eslint . --fix --ext .js --ext .md",
"test-ci": "echo 0", "test-ci": "echo 0",
"test": "echo 0", "test": "echo 0",
"postinstall": "npm run build",
"prepublish": "echo 0" "prepublish": "echo 0"
}, },
"dependencies": { "dependencies": {
@ -21,7 +22,6 @@
"babel-preset-joyent-portal": "^6.0.3", "babel-preset-joyent-portal": "^6.0.3",
"emotion": "^8.0.12", "emotion": "^8.0.12",
"emotion-theming": "^8.0.12", "emotion-theming": "^8.0.12",
"execa": "^0.9.0",
"graphql-tag": "^2.6.1", "graphql-tag": "^2.6.1",
"inert": "^5.1.0", "inert": "^5.1.0",
"joyent-icons": "^5.0.0", "joyent-icons": "^5.0.0",
@ -29,7 +29,6 @@
"joyent-react-scripts": "^7.3.0", "joyent-react-scripts": "^7.3.0",
"lodash.chunk": "^4.2.0", "lodash.chunk": "^4.2.0",
"lodash.keys": "^4.2.0", "lodash.keys": "^4.2.0",
"mz": "^2.7.0",
"outy": "^0.1.2", "outy": "^0.1.2",
"param-case": "^2.1.1", "param-case": "^2.1.1",
"pascal-case": "^2.0.1", "pascal-case": "^2.0.1",

View File

@ -7,12 +7,13 @@ import { withClientState } from 'apollo-link-state';
import defaultState from './local'; import defaultState from './local';
const { const {
REACT_APP_GQL_PORT = 443, REACT_APP_GQL_PORT = window.location.port,
REACT_APP_GQL_PROTOCOL = 'https', REACT_APP_GQL_PROTOCOL = window.location.protocol.replace(/\:$/, ''),
REACT_APP_GQL_HOSTNAME = window.location.hostname REACT_APP_GQL_HOSTNAME = window.location.hostname
} = process.env; } = process.env;
const URI = `${REACT_APP_GQL_PROTOCOL}://${REACT_APP_GQL_HOSTNAME}:${REACT_APP_GQL_PORT}/graphql`; const PORT = REACT_APP_GQL_PORT ? `:${REACT_APP_GQL_PORT}` : '';
const URI = `${REACT_APP_GQL_PROTOCOL}://${REACT_APP_GQL_HOSTNAME}${PORT}/graphql`;
const cache = new InMemoryCache(); const cache = new InMemoryCache();
const remote = new HttpLink({ uri: URI }); const remote = new HttpLink({ uri: URI });