diff --git a/ci/scripts/bff/deploy.sh b/ci/scripts/bff/deploy.sh index b5912bd..9901e54 100755 --- a/ci/scripts/bff/deploy.sh +++ b/ci/scripts/bff/deploy.sh @@ -32,6 +32,8 @@ load_env_file() { done <"$file" } +. ci/scripts/common/nats_env.sh + BFF_ENV_NAME="${BFF_ENV:-prod}" RUNTIME_ENV_FILE="./ci/${BFF_ENV_NAME}/.env.runtime" @@ -48,17 +50,13 @@ load_env_file ./.env.version BFF_MONGO_SECRET_PATH="${BFF_MONGO_SECRET_PATH:?missing BFF_MONGO_SECRET_PATH}" BFF_API_SECRET_PATH="${BFF_API_SECRET_PATH:?missing BFF_API_SECRET_PATH}" -: "${NATS_HOST:?missing NATS_HOST}" -: "${NATS_PORT:?missing NATS_PORT}" export MONGO_USER="$(./ci/vlt kv_get kv "${BFF_MONGO_SECRET_PATH}" user)" export MONGO_PASSWORD="$(./ci/vlt kv_get kv "${BFF_MONGO_SECRET_PATH}" password)" export API_ENDPOINT_SECRET="$(./ci/vlt kv_get kv "${BFF_API_SECRET_PATH}" secret)" -export NATS_USER="$(./ci/vlt kv_get kv sendico/nats user)" -export NATS_PASSWORD="$(./ci/vlt kv_get kv sendico/nats password)" -export NATS_URL="nats://${NATS_USER}:${NATS_PASSWORD}@${NATS_HOST}:${NATS_PORT}" +load_nats_env bash ci/prod/scripts/bootstrap/network.sh bash ci/prod/scripts/deploy/bff.sh diff --git a/ci/scripts/billing_fees/deploy.sh b/ci/scripts/billing_fees/deploy.sh index 3d73cd5..afef72d 100644 --- a/ci/scripts/billing_fees/deploy.sh +++ b/ci/scripts/billing_fees/deploy.sh @@ -32,6 +32,8 @@ load_env_file() { done <"$file" } +. ci/scripts/common/nats_env.sh + FEES_ENV_NAME="${FEES_ENV:-prod}" RUNTIME_ENV_FILE="./ci/${FEES_ENV_NAME}/.env.runtime" @@ -47,15 +49,11 @@ load_env_file "${RUNTIME_ENV_FILE}" load_env_file ./.env.version FEES_MONGO_SECRET_PATH="${FEES_MONGO_SECRET_PATH:?missing FEES_MONGO_SECRET_PATH}" -: "${NATS_HOST:?missing NATS_HOST}" -: "${NATS_PORT:?missing NATS_PORT}" export FEES_MONGO_USER="$(./ci/vlt kv_get kv "${FEES_MONGO_SECRET_PATH}" user)" export FEES_MONGO_PASSWORD="$(./ci/vlt kv_get kv "${FEES_MONGO_SECRET_PATH}" password)" -export NATS_USER="$(./ci/vlt kv_get kv sendico/nats user)" -export NATS_PASSWORD="$(./ci/vlt kv_get kv sendico/nats password)" -export NATS_URL="nats://${NATS_USER}:${NATS_PASSWORD}@${NATS_HOST}:${NATS_PORT}" +load_nats_env bash ci/prod/scripts/bootstrap/network.sh bash ci/prod/scripts/deploy/billing_fees.sh diff --git a/ci/scripts/chain_gateway/deploy.sh b/ci/scripts/chain_gateway/deploy.sh index 8607588..5827d72 100755 --- a/ci/scripts/chain_gateway/deploy.sh +++ b/ci/scripts/chain_gateway/deploy.sh @@ -32,6 +32,8 @@ load_env_file() { done <"$file" } +. ci/scripts/common/nats_env.sh + CHAIN_GATEWAY_ENV_NAME="${CHAIN_GATEWAY_ENV:-prod}" RUNTIME_ENV_FILE="./ci/${CHAIN_GATEWAY_ENV_NAME}/.env.runtime" @@ -50,8 +52,6 @@ CHAIN_GATEWAY_MONGO_SECRET_PATH="${CHAIN_GATEWAY_MONGO_SECRET_PATH:?missing CHAI CHAIN_GATEWAY_RPC_SECRET_PATH="${CHAIN_GATEWAY_RPC_SECRET_PATH:?missing CHAIN_GATEWAY_RPC_SECRET_PATH}" CHAIN_GATEWAY_WALLET_SECRET_PATH="${CHAIN_GATEWAY_WALLET_SECRET_PATH:?missing CHAIN_GATEWAY_WALLET_SECRET_PATH}" CHAIN_GATEWAY_VAULT_SECRET_PATH="${CHAIN_GATEWAY_VAULT_SECRET_PATH:?missing CHAIN_GATEWAY_VAULT_SECRET_PATH}" -: "${NATS_HOST:?missing NATS_HOST}" -: "${NATS_PORT:?missing NATS_PORT}" export CHAIN_GATEWAY_MONGO_USER="$(./ci/vlt kv_get kv "${CHAIN_GATEWAY_MONGO_SECRET_PATH}" user)" export CHAIN_GATEWAY_MONGO_PASSWORD="$(./ci/vlt kv_get kv "${CHAIN_GATEWAY_MONGO_SECRET_PATH}" password)" @@ -68,9 +68,7 @@ if [ -z "${CHAIN_GATEWAY_VAULT_ROLE_ID}" ] || [ -z "${CHAIN_GATEWAY_VAULT_SECRET exit 1 fi -export NATS_USER="$(./ci/vlt kv_get kv sendico/nats user)" -export NATS_PASSWORD="$(./ci/vlt kv_get kv sendico/nats password)" -export NATS_URL="nats://${NATS_USER}:${NATS_PASSWORD}@${NATS_HOST}:${NATS_PORT}" +load_nats_env bash ci/prod/scripts/bootstrap/network.sh bash ci/prod/scripts/deploy/chain_gateway.sh diff --git a/ci/scripts/common/ensure_env_version.sh b/ci/scripts/common/ensure_env_version.sh index c9e8257..4e0441c 100755 --- a/ci/scripts/common/ensure_env_version.sh +++ b/ci/scripts/common/ensure_env_version.sh @@ -1,7 +1,7 @@ #!/bin/sh set -eu -echo "[fx-pipeline] rewriting .env.version" >&2 +echo "[build pipeline] rewriting .env.version" >&2 if [ -f ./.env.version ]; then while IFS= read -r line || [ -n "$line" ]; do diff --git a/ci/scripts/common/nats_env.sh b/ci/scripts/common/nats_env.sh new file mode 100644 index 0000000..75ca0fb --- /dev/null +++ b/ci/scripts/common/nats_env.sh @@ -0,0 +1,20 @@ +# Helper for loading NATS credentials and URL in deploy scripts. +load_nats_env() { + : "${NATS_HOST:?missing NATS_HOST}" + : "${NATS_PORT:?missing NATS_PORT}" + + nats_secret_path="${NATS_SECRET_PATH:-sendico/nats}" + export NATS_USER="$(./ci/vlt kv_get kv "${nats_secret_path}" user)" + export NATS_PASSWORD="$(./ci/vlt kv_get kv "${nats_secret_path}" password)" + + nats_url_var="${NATS_URL_VAR:-NATS_URL}" + nats_url_scheme="${NATS_URL_SCHEME:-nats}" + case "${nats_url_var}" in + ''|[!A-Za-z_]*|*[!A-Za-z0-9_]*) + echo "[nats-env] invalid NATS_URL_VAR: ${nats_url_var}" >&2 + exit 1 + ;; + esac + + export "${nats_url_var}=${nats_url_scheme}://${NATS_HOST}:${NATS_PORT}" +} diff --git a/ci/scripts/discovery/deploy.sh b/ci/scripts/discovery/deploy.sh index f120e17..3461415 100644 --- a/ci/scripts/discovery/deploy.sh +++ b/ci/scripts/discovery/deploy.sh @@ -32,6 +32,8 @@ load_env_file() { done <"$file" } +. ci/scripts/common/nats_env.sh + DISCOVERY_ENV_NAME="${DISCOVERY_ENV:-prod}" RUNTIME_ENV_FILE="./ci/${DISCOVERY_ENV_NAME}/.env.runtime" @@ -46,12 +48,7 @@ normalize_env_file ./.env.version load_env_file "${RUNTIME_ENV_FILE}" load_env_file ./.env.version -: "${NATS_HOST:?missing NATS_HOST}" -: "${NATS_PORT:?missing NATS_PORT}" - -export NATS_USER="$(./ci/vlt kv_get kv sendico/nats user)" -export NATS_PASSWORD="$(./ci/vlt kv_get kv sendico/nats password)" -export NATS_URL="nats://${NATS_USER}:${NATS_PASSWORD}@${NATS_HOST}:${NATS_PORT}" +load_nats_env bash ci/prod/scripts/bootstrap/network.sh bash ci/prod/scripts/deploy/discovery.sh diff --git a/ci/scripts/fx/deploy.sh b/ci/scripts/fx/deploy.sh index 6f74aeb..b3b2779 100755 --- a/ci/scripts/fx/deploy.sh +++ b/ci/scripts/fx/deploy.sh @@ -32,6 +32,8 @@ load_env_file() { done <"$file" } +. ci/scripts/common/nats_env.sh + FX_ENV_NAME="${FX_ENV:-prod}" RUNTIME_ENV_FILE="./ci/${FX_ENV_NAME}/.env.runtime" @@ -54,9 +56,7 @@ export FX_MONGO_USER="$(./ci/vlt kv_get kv "${FX_MONGO_SECRET_PATH}" user)" export FX_MONGO_PASSWORD="$(./ci/vlt kv_get kv "${FX_MONGO_SECRET_PATH}" password)" if [ "${FX_NEEDS_NATS}" = "true" ]; then - export NATS_USER="$(./ci/vlt kv_get kv sendico/nats user)" - export NATS_PASSWORD="$(./ci/vlt kv_get kv sendico/nats password)" - export FX_NATS_URL="nats://${NATS_USER}:${NATS_PASSWORD}@${NATS_HOST}:${NATS_PORT}" + NATS_URL_VAR=FX_NATS_URL load_nats_env fi bash ci/prod/scripts/bootstrap/network.sh diff --git a/ci/scripts/ledger/deploy.sh b/ci/scripts/ledger/deploy.sh index 541bb3a..31e2c81 100755 --- a/ci/scripts/ledger/deploy.sh +++ b/ci/scripts/ledger/deploy.sh @@ -32,6 +32,8 @@ load_env_file() { done <"$file" } +. ci/scripts/common/nats_env.sh + LEDGER_ENV_NAME="${LEDGER_ENV:-prod}" RUNTIME_ENV_FILE="./ci/${LEDGER_ENV_NAME}/.env.runtime" @@ -47,15 +49,11 @@ load_env_file "${RUNTIME_ENV_FILE}" load_env_file ./.env.version LEDGER_MONGO_SECRET_PATH="${LEDGER_MONGO_SECRET_PATH:?missing LEDGER_MONGO_SECRET_PATH}" -: "${NATS_HOST:?missing NATS_HOST}" -: "${NATS_PORT:?missing NATS_PORT}" export LEDGER_MONGO_USER="$(./ci/vlt kv_get kv "${LEDGER_MONGO_SECRET_PATH}" user)" export LEDGER_MONGO_PASSWORD="$(./ci/vlt kv_get kv "${LEDGER_MONGO_SECRET_PATH}" password)" -export NATS_USER="$(./ci/vlt kv_get kv sendico/nats user)" -export NATS_PASSWORD="$(./ci/vlt kv_get kv sendico/nats password)" -export NATS_URL="nats://${NATS_USER}:${NATS_PASSWORD}@${NATS_HOST}:${NATS_PORT}" +load_nats_env bash ci/prod/scripts/bootstrap/network.sh bash ci/prod/scripts/deploy/ledger.sh diff --git a/ci/scripts/mntx/deploy.sh b/ci/scripts/mntx/deploy.sh index 68d1c0d..6ce94a5 100644 --- a/ci/scripts/mntx/deploy.sh +++ b/ci/scripts/mntx/deploy.sh @@ -30,6 +30,8 @@ load_env_file() { done <"$file" } +. ci/scripts/common/nats_env.sh + MNTX_GATEWAY_ENV_NAME="${MNTX_GATEWAY_ENV:-prod}" RUNTIME_ENV_FILE="./ci/${MNTX_GATEWAY_ENV_NAME}/.env.runtime" @@ -50,15 +52,11 @@ load_env_file ./.env.version MNTX_GATEWAY_MONETIX_SECRET_PATH="${MNTX_GATEWAY_MONETIX_SECRET_PATH:-sendico/gateway/monetix}" MNTX_GATEWAY_NATS_SECRET_PATH="${MNTX_GATEWAY_NATS_SECRET_PATH:-sendico/nats}" -: "${NATS_HOST:?missing NATS_HOST}" -: "${NATS_PORT:?missing NATS_PORT}" export MONETIX_PROJECT_ID="$(./ci/vlt kv_get kv "${MNTX_GATEWAY_MONETIX_SECRET_PATH}" project_id)" export MONETIX_SECRET_KEY="$(./ci/vlt kv_get kv "${MNTX_GATEWAY_MONETIX_SECRET_PATH}" secret_key)" -export NATS_USER="$(./ci/vlt kv_get kv "${MNTX_GATEWAY_NATS_SECRET_PATH}" user)" -export NATS_PASSWORD="$(./ci/vlt kv_get kv "${MNTX_GATEWAY_NATS_SECRET_PATH}" password)" -export NATS_URL="nats://${NATS_USER}:${NATS_PASSWORD}@${NATS_HOST}:${NATS_PORT}" +NATS_SECRET_PATH="${MNTX_GATEWAY_NATS_SECRET_PATH}" load_nats_env bash ci/prod/scripts/bootstrap/network.sh bash ci/prod/scripts/deploy/mntx_gateway.sh diff --git a/ci/scripts/notification/deploy.sh b/ci/scripts/notification/deploy.sh index b354a66..e6603e5 100755 --- a/ci/scripts/notification/deploy.sh +++ b/ci/scripts/notification/deploy.sh @@ -32,6 +32,8 @@ load_env_file() { done <"$file" } +. ci/scripts/common/nats_env.sh + NOTIFICATION_ENV_NAME="${NOTIFICATION_ENV:-prod}" RUNTIME_ENV_FILE="./ci/${NOTIFICATION_ENV_NAME}/.env.runtime" @@ -50,8 +52,6 @@ NOTIFICATION_MONGO_SECRET_PATH="${NOTIFICATION_MONGO_SECRET_PATH:?missing NOTIFI NOTIFICATION_MAIL_SECRET_PATH="${NOTIFICATION_MAIL_SECRET_PATH:?missing NOTIFICATION_MAIL_SECRET_PATH}" NOTIFICATION_API_SECRET_PATH="${NOTIFICATION_API_SECRET_PATH:?missing NOTIFICATION_API_SECRET_PATH}" NOTIFICATION_TELEGRAM_SECRET_PATH="${NOTIFICATION_TELEGRAM_SECRET_PATH:?missing NOTIFICATION_TELEGRAM_SECRET_PATH}" -: "${NATS_HOST:?missing NATS_HOST}" -: "${NATS_PORT:?missing NATS_PORT}" export MONGO_USER="$(./ci/vlt kv_get kv "${NOTIFICATION_MONGO_SECRET_PATH}" user)" export MONGO_PASSWORD="$(./ci/vlt kv_get kv "${NOTIFICATION_MONGO_SECRET_PATH}" password)" @@ -69,9 +69,7 @@ if TELEGRAM_THREAD_ID_VALUE="$(./ci/vlt kv_get kv "${NOTIFICATION_TELEGRAM_SECRE fi export TELEGRAM_THREAD_ID -export NATS_USER="$(./ci/vlt kv_get kv sendico/nats user)" -export NATS_PASSWORD="$(./ci/vlt kv_get kv sendico/nats password)" -export NATS_URL="nats://${NATS_USER}:${NATS_PASSWORD}@${NATS_HOST}:${NATS_PORT}" +load_nats_env bash ci/prod/scripts/bootstrap/network.sh bash ci/prod/scripts/deploy/notification.sh diff --git a/ci/scripts/payments_orchestrator/deploy.sh b/ci/scripts/payments_orchestrator/deploy.sh index 31b9db3..99a5e1e 100755 --- a/ci/scripts/payments_orchestrator/deploy.sh +++ b/ci/scripts/payments_orchestrator/deploy.sh @@ -32,6 +32,8 @@ load_env_file() { done <"$file" } +. ci/scripts/common/nats_env.sh + PAYMENTS_ENV_NAME="${PAYMENTS_ENV:-prod}" RUNTIME_ENV_FILE="./ci/${PAYMENTS_ENV_NAME}/.env.runtime" @@ -47,15 +49,11 @@ load_env_file "${RUNTIME_ENV_FILE}" load_env_file ./.env.version PAYMENTS_MONGO_SECRET_PATH="${PAYMENTS_MONGO_SECRET_PATH:?missing PAYMENTS_MONGO_SECRET_PATH}" -: "${NATS_HOST:?missing NATS_HOST}" -: "${NATS_PORT:?missing NATS_PORT}" export PAYMENTS_MONGO_USER="$(./ci/vlt kv_get kv "${PAYMENTS_MONGO_SECRET_PATH}" user)" export PAYMENTS_MONGO_PASSWORD="$(./ci/vlt kv_get kv "${PAYMENTS_MONGO_SECRET_PATH}" password)" -export NATS_USER="$(./ci/vlt kv_get kv sendico/nats user)" -export NATS_PASSWORD="$(./ci/vlt kv_get kv sendico/nats password)" -export NATS_URL="nats://${NATS_USER}:${NATS_PASSWORD}@${NATS_HOST}:${NATS_PORT}" +load_nats_env bash ci/prod/scripts/bootstrap/network.sh bash ci/prod/scripts/deploy/payments_orchestrator.sh diff --git a/ci/scripts/tgsettle/deploy.sh b/ci/scripts/tgsettle/deploy.sh index 3f10501..0edd27f 100755 --- a/ci/scripts/tgsettle/deploy.sh +++ b/ci/scripts/tgsettle/deploy.sh @@ -32,6 +32,8 @@ load_env_file() { done <"$file" } +. ci/scripts/common/nats_env.sh + TGSETTLE_GATEWAY_ENV_NAME="${TGSETTLE_GATEWAY_ENV:-prod}" RUNTIME_ENV_FILE="./ci/${TGSETTLE_GATEWAY_ENV_NAME}/.env.runtime" @@ -47,15 +49,11 @@ load_env_file "${RUNTIME_ENV_FILE}" load_env_file ./.env.version TGSETTLE_GATEWAY_MONGO_SECRET_PATH="${TGSETTLE_GATEWAY_MONGO_SECRET_PATH:?missing TGSETTLE_GATEWAY_MONGO_SECRET_PATH}" -: "${NATS_HOST:?missing NATS_HOST}" -: "${NATS_PORT:?missing NATS_PORT}" export TGSETTLE_GATEWAY_MONGO_USER="$(./ci/vlt kv_get kv "${TGSETTLE_GATEWAY_MONGO_SECRET_PATH}" user)" export TGSETTLE_GATEWAY_MONGO_PASSWORD="$(./ci/vlt kv_get kv "${TGSETTLE_GATEWAY_MONGO_SECRET_PATH}" password)" -export NATS_USER="$(./ci/vlt kv_get kv sendico/nats user)" -export NATS_PASSWORD="$(./ci/vlt kv_get kv sendico/nats password)" -export NATS_URL="nats://${NATS_USER}:${NATS_PASSWORD}@${NATS_HOST}:${NATS_PORT}" +load_nats_env bash ci/prod/scripts/bootstrap/network.sh bash ci/prod/scripts/deploy/tgsettle_gateway.sh