tech/sendico
2
0
Fork 0
Code Issues 22 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

+bff
Some checks failed
ci/woodpecker/push/notification Pipeline is pending
Details
ci/woodpecker/push/payments_orchestrator Pipeline is pending
Details
ci/woodpecker/push/bff Pipeline failed
Details
ci/woodpecker/push/billing_fees Pipeline was successful
Details
ci/woodpecker/push/db Pipeline was successful
Details
ci/woodpecker/push/chain_gateway Pipeline failed
Details
ci/woodpecker/push/fx/1 Pipeline was successful
Details
ci/woodpecker/push/fx/2 Pipeline was successful
Details
ci/woodpecker/push/nats Pipeline failed
Details
ci/woodpecker/push/ledger Pipeline failed
Details

Browse Source
This commit is contained in:
Stephan D
2025-11-11 22:26:09 +01:00
parent 45dcf1714f
commit 05652bdb41
9 changed files with 478 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

85
ci/scripts/bff/build-image.sh Executable file
View File

@@ -0,0 +1,85 @@
#!/bin/sh
set -eu
if ! set -o pipefail 2>/dev/null; then
:
fi
REPO_ROOT="$(cd "$(dirname "$0")/../../.." && pwd)"
cd "${REPO_ROOT}"
sh ci/scripts/common/ensure_env_version.sh
normalize_env_file() {
file="$1"
tmp="${file}.tmp.$$"
tr -d '\r' <"$file" >"$tmp"
mv "$tmp" "$file"
}
load_env_file() {
file="$1"
while IFS= read -r line || [ -n "$line" ]; do
case "$line" in
''|\#*) continue ;;
esac
key="${line%%=*}"
value="${line#*=}"
key="$(printf '%s' "$key" | tr -d '[:space:]')"
value="${value#"${value%%[![:space:]]*}"}"
value="${value%"${value##*[![:space:]]}"}"
export "$key=$value"
done <"$file"
}
BFF_ENV_NAME="${BFF_ENV:-prod}"
RUNTIME_ENV_FILE="./ci/${BFF_ENV_NAME}/.env.runtime"
if [ ! -f "${RUNTIME_ENV_FILE}" ]; then
echo "[bff-build] runtime env file not found: ${RUNTIME_ENV_FILE}" >&2
exit 1
fi
normalize_env_file "${RUNTIME_ENV_FILE}"
normalize_env_file ./.env.version
load_env_file "${RUNTIME_ENV_FILE}"
load_env_file ./.env.version
REGISTRY_URL="${REGISTRY_URL:?missing REGISTRY_URL}"
APP_V="${APP_V:?missing APP_V}"
BFF_DOCKERFILE="${BFF_DOCKERFILE:?missing BFF_DOCKERFILE}"
BFF_IMAGE_PATH="${BFF_IMAGE_PATH:?missing BFF_IMAGE_PATH}"
REGISTRY_HOST="${REGISTRY_URL#http://}"
REGISTRY_HOST="${REGISTRY_HOST#https://}"
REGISTRY_USER="$(cat secrets/REGISTRY_USER)"
REGISTRY_PASSWORD="$(cat secrets/REGISTRY_PASSWORD)"
: "${REGISTRY_USER:?missing registry user}"
: "${REGISTRY_PASSWORD:?missing registry password}"
mkdir -p /kaniko/.docker
AUTH_B64="$(printf '%s:%s' "$REGISTRY_USER" "$REGISTRY_PASSWORD" | base64 | tr -d '\n')"
cat <<EOF >/kaniko/.docker/config.json
{
"auths": {
"https://${REGISTRY_HOST}": { "auth": "${AUTH_B64}" }
}
}
EOF
BUILD_CONTEXT="${BFF_BUILD_CONTEXT:-${WOODPECKER_WORKSPACE:-${CI_WORKSPACE:-${PWD:-/workspace}}}}"
if [ ! -d "${BUILD_CONTEXT}" ]; then
BUILD_CONTEXT="/workspace"
fi
/kaniko/executor \
--context "${BUILD_CONTEXT}" \
--dockerfile "${BFF_DOCKERFILE}" \
--destination "${REGISTRY_URL}/${BFF_IMAGE_PATH}:${APP_V}" \
--build-arg APP_VERSION="${APP_V}" \
--build-arg GIT_REV="${GIT_REV}" \
--build-arg BUILD_BRANCH="${BUILD_BRANCH}" \
--build-arg BUILD_DATE="${BUILD_DATE}" \
--build-arg BUILD_USER="${BUILD_USER}" \
--single-snapshot

64
ci/scripts/bff/deploy.sh Executable file
View File

@@ -0,0 +1,64 @@
#!/bin/sh
set -eu
if ! set -o pipefail 2>/dev/null; then
:
fi
REPO_ROOT="$(cd "$(dirname "$0")/../../.." && pwd)"
cd "${REPO_ROOT}"
sh ci/scripts/common/ensure_env_version.sh
normalize_env_file() {
file="$1"
tmp="${file}.tmp.$$"
tr -d '\r' <"$file" >"$tmp"
mv "$tmp" "$file"
}
load_env_file() {
file="$1"
while IFS= read -r line || [ -n "$line" ]; do
case "$line" in
''|\#*) continue ;;
esac
key="${line%%=*}"
value="${line#*=}"
key="$(printf '%s' "$key" | tr -d '[:space:]')"
value="${value#"${value%%[![:space:]]*}"}"
value="${value%"${value##*[![:space:]]}"}"
export "$key=$value"
done <"$file"
}
BFF_ENV_NAME="${BFF_ENV:-prod}"
RUNTIME_ENV_FILE="./ci/${BFF_ENV_NAME}/.env.runtime"
if [ ! -f "${RUNTIME_ENV_FILE}" ]; then
echo "[bff-deploy] runtime env file not found: ${RUNTIME_ENV_FILE}" >&2
exit 1
fi
normalize_env_file "${RUNTIME_ENV_FILE}"
normalize_env_file ./.env.version
load_env_file "${RUNTIME_ENV_FILE}"
load_env_file ./.env.version
BFF_MONGO_SECRET_PATH="${BFF_MONGO_SECRET_PATH:?missing BFF_MONGO_SECRET_PATH}"
BFF_API_SECRET_PATH="${BFF_API_SECRET_PATH:?missing BFF_API_SECRET_PATH}"
: "${NATS_HOST:?missing NATS_HOST}"
: "${NATS_PORT:?missing NATS_PORT}"
export MONGO_USER="$(./ci/vlt kv_get kv "${BFF_MONGO_SECRET_PATH}" user)"
export MONGO_PASSWORD="$(./ci/vlt kv_get kv "${BFF_MONGO_SECRET_PATH}" password)"
export API_ENDPOINT_SECRET="$(./ci/vlt kv_get kv "${BFF_API_SECRET_PATH}" secret)"
export NATS_USER="$(./ci/vlt kv_get kv sendico/nats user)"
export NATS_PASSWORD="$(./ci/vlt kv_get kv sendico/nats password)"
export NATS_URL="nats://${NATS_USER}:${NATS_PASSWORD}@${NATS_HOST}:${NATS_PORT}"
bash ci/prod/scripts/bootstrap/network.sh
bash ci/prod/scripts/deploy/bff.sh

2
ci/scripts/chain_gateway/deploy.sh
View File

@@ -56,7 +56,7 @@ CHAIN_GATEWAY_VAULT_SECRET_PATH="${CHAIN_GATEWAY_VAULT_SECRET_PATH:?missing CHAI
export CHAIN_GATEWAY_MONGO_USER="$(./ci/vlt kv_get kv "${CHAIN_GATEWAY_MONGO_SECRET_PATH}" user)"
export CHAIN_GATEWAY_MONGO_PASSWORD="$(./ci/vlt kv_get kv "${CHAIN_GATEWAY_MONGO_SECRET_PATH}" password)"
export CHAIN_GATEWAY_ARBITRUM_RPC_URL="$(./ci/vlt kv_get kv "${CHAIN_GATEWAY_RPC_SECRET_PATH}" rpc_url)"
export CHAIN_GATEWAY_ARBITRUM_RPC_URL="$(./ci/vlt kv_get kv "${CHAIN_GATEWAY_RPC_SECRET_PATH}" arbitrum_rpc_url)"
export CHAIN_GATEWAY_SERVICE_WALLET_KEY="$(./ci/vlt kv_get kv "${CHAIN_GATEWAY_WALLET_SECRET_PATH}" private_key)"
export CHAIN_GATEWAY_SERVICE_WALLET_ADDRESS="$(./ci/vlt kv_get kv "${CHAIN_GATEWAY_WALLET_SECRET_PATH}" address || true)"