fx build fix

ci/scripts/common/ensure_env_version.sh

@@ -0,0 +1,37 @@
+#!/bin/sh
+set -eu
+
+echo "[fx-pipeline] rewriting .env.version" >&2
+
+if [ -n "${WOODPECKER_COMMIT:-}" ]; then
+  GIT_REV="$(printf '%s' "${WOODPECKER_COMMIT}" | cut -c1-7)"
+elif command -v git >/dev/null 2>&1; then
+  GIT_REV="$(git rev-parse --short HEAD 2>/dev/null || echo dev)"
+else
+  GIT_REV="dev"
+fi
+
+if [ -n "${WOODPECKER_BRANCH:-}" ]; then
+  BUILD_BRANCH="${WOODPECKER_BRANCH}"
+elif command -v git >/dev/null 2>&1; then
+  BUILD_BRANCH="$(git rev-parse --abbrev-ref HEAD 2>/dev/null || echo local)"
+else
+  BUILD_BRANCH="local"
+fi
+
+if [ -f version ]; then
+  APP_V="$(cat version 2>/dev/null || echo dev)"
+else
+  APP_V="dev"
+fi
+
+BUILD_DATE="$(date -u +%Y-%m-%dT%H:%M:%SZ 2>/dev/null || echo unknown)"
+BUILD_USER="${WOODPECKER_MACHINE:-woodpecker}"
+
+cat > .env.version <<EOF
+GIT_REV=${GIT_REV}
+BUILD_BRANCH=${BUILD_BRANCH}
+APP_V=${APP_V}
+BUILD_DATE=${BUILD_DATE}
+BUILD_USER=${BUILD_USER}
+EOF

ci/scripts/fx/build-image.sh

@@ -0,0 +1,85 @@
+#!/bin/sh
+set -eu
+
+if ! set -o pipefail 2>/dev/null; then
+  :
+fi
+
+REPO_ROOT="$(cd "$(dirname "$0")/../.." && pwd)"
+cd "${REPO_ROOT}"
+
+sh ci/scripts/common/ensure_env_version.sh
+
+normalize_env_file() {
+  file="$1"
+  tmp="${file}.tmp.$$"
+  tr -d '\r' <"$file" >"$tmp"
+  mv "$tmp" "$file"
+}
+
+load_env_file() {
+  file="$1"
+  while IFS= read -r line || [ -n "$line" ]; do
+    case "$line" in
+      ''|\#*) continue ;;
+    esac
+    key="${line%%=*}"
+    value="${line#*=}"
+    key="$(printf '%s' "$key" | tr -d '[:space:]')"
+    value="${value#"${value%%[![:space:]]*}"}"
+    value="${value%"${value##*[![:space:]]}"}"
+    export "$key=$value"
+  done <"$file"
+}
+
+FX_ENV_NAME="${FX_ENV:-prod}"
+RUNTIME_ENV_FILE="./ci/${FX_ENV_NAME}/.env.runtime"
+
+if [ ! -f "${RUNTIME_ENV_FILE}" ]; then
+  echo "[fx-build] runtime env file not found: ${RUNTIME_ENV_FILE}" >&2
+  exit 1
+fi
+
+normalize_env_file "${RUNTIME_ENV_FILE}"
+normalize_env_file ./.env.version
+
+load_env_file "${RUNTIME_ENV_FILE}"
+load_env_file ./.env.version
+
+REGISTRY_URL="${REGISTRY_URL:?missing REGISTRY_URL}"
+APP_V="${APP_V:?missing APP_V}"
+FX_DOCKERFILE="${FX_DOCKERFILE:?missing FX_DOCKERFILE}"
+FX_IMAGE_PATH="${FX_IMAGE_PATH:?missing FX_IMAGE_PATH}"
+
+REGISTRY_HOST="${REGISTRY_URL#http://}"
+REGISTRY_HOST="${REGISTRY_HOST#https://}"
+REGISTRY_USER="$(cat secrets/REGISTRY_USER)"
+REGISTRY_PASSWORD="$(cat secrets/REGISTRY_PASSWORD)"
+: "${REGISTRY_USER:?missing registry user}"
+: "${REGISTRY_PASSWORD:?missing registry password}"
+
+mkdir -p /kaniko/.docker
+AUTH_B64="$(printf '%s:%s' "$REGISTRY_USER" "$REGISTRY_PASSWORD" | base64 | tr -d '\n')"
+cat <<EOF >/kaniko/.docker/config.json
+{
+  "auths": {
+    "https://${REGISTRY_HOST}": { "auth": "${AUTH_B64}" }
+  }
+}
+EOF
+
+BUILD_CONTEXT="${FX_BUILD_CONTEXT:-${WOODPECKER_WORKSPACE:-${CI_WORKSPACE:-${PWD:-/workspace}}}}"
+if [ ! -d "${BUILD_CONTEXT}" ]; then
+  BUILD_CONTEXT="/workspace"
+fi
+
+/kaniko/executor \
+  --context "${BUILD_CONTEXT}" \
+  --dockerfile "${FX_DOCKERFILE}" \
+  --destination "${REGISTRY_URL}/${FX_IMAGE_PATH}:${APP_V}" \
+  --build-arg APP_VERSION="${APP_V}" \
+  --build-arg GIT_REV="${GIT_REV}" \
+  --build-arg BUILD_BRANCH="${BUILD_BRANCH}" \
+  --build-arg BUILD_DATE="${BUILD_DATE}" \
+  --build-arg BUILD_USER="${BUILD_USER}" \
+  --single-snapshot

ci/scripts/fx/deploy.sh

@@ -0,0 +1,63 @@
+#!/bin/sh
+set -eu
+
+if ! set -o pipefail 2>/dev/null; then
+  :
+fi
+
+REPO_ROOT="$(cd "$(dirname "$0")/../.." && pwd)"
+cd "${REPO_ROOT}"
+
+sh ci/scripts/common/ensure_env_version.sh
+
+normalize_env_file() {
+  file="$1"
+  tmp="${file}.tmp.$$"
+  tr -d '\r' <"$file" >"$tmp"
+  mv "$tmp" "$file"
+}
+
+load_env_file() {
+  file="$1"
+  while IFS= read -r line || [ -n "$line" ]; do
+    case "$line" in
+      ''|\#*) continue ;;
+    esac
+    key="${line%%=*}"
+    value="${line#*=}"
+    key="$(printf '%s' "$key" | tr -d '[:space:]')"
+    value="${value#"${value%%[![:space:]]*}"}"
+    value="${value%"${value##*[![:space:]]}"}"
+    export "$key=$value"
+  done <"$file"
+}
+
+FX_ENV_NAME="${FX_ENV:-prod}"
+RUNTIME_ENV_FILE="./ci/${FX_ENV_NAME}/.env.runtime"
+
+if [ ! -f "${RUNTIME_ENV_FILE}" ]; then
+  echo "[fx-deploy] runtime env file not found: ${RUNTIME_ENV_FILE}" >&2
+  exit 1
+fi
+
+normalize_env_file "${RUNTIME_ENV_FILE}"
+normalize_env_file ./.env.version
+
+load_env_file "${RUNTIME_ENV_FILE}"
+load_env_file ./.env.version
+
+FX_MONGO_SECRET_PATH="${FX_MONGO_SECRET_PATH:?missing FX_MONGO_SECRET_PATH}"
+FX_DEPLOY_TARGET="${FX_DEPLOY_TARGET:?missing FX_DEPLOY_TARGET}"
+FX_NEEDS_NATS="${FX_NEEDS_NATS:-false}"
+
+export FX_MONGO_USER="$(./ci/vlt kv_get kv "${FX_MONGO_SECRET_PATH}" user)"
+export FX_MONGO_PASSWORD="$(./ci/vlt kv_get kv "${FX_MONGO_SECRET_PATH}" password)"
+
+if [ "${FX_NEEDS_NATS}" = "true" ]; then
+  export NATS_USER="$(./ci/vlt kv_get kv sendico/nats user)"
+  export NATS_PASSWORD="$(./ci/vlt kv_get kv sendico/nats password)"
+  export FX_NATS_URL="nats://${NATS_USER}:${NATS_PASSWORD}@${NATS_HOST}:${NATS_PORT}"
+fi
+
+bash ci/prod/scripts/bootstrap/network.sh
+bash ci/prod/scripts/deploy/fx.sh "${FX_DEPLOY_TARGET}"

ci/scripts/proto/generate.sh

@@ -0,0 +1,112 @@
+#!/usr/bin/env bash
+
+set -euo pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+REPO_ROOT="$(cd "${SCRIPT_DIR}/../.." && pwd)"
+API_DIR="${REPO_ROOT}/api"
+PROTO_DIR="./proto"
+PROTOC_BIN="${PROTOC:-protoc}"
+
+if ! command -v "${PROTOC_BIN}" >/dev/null 2>&1; then
+  echo "[proto] protoc binary not found" >&2
+  exit 1
+fi
+if ! command -v protoc-gen-go >/dev/null 2>&1; then
+  echo "[proto] protoc-gen-go is not installed" >&2
+  exit 1
+fi
+if ! command -v protoc-gen-go-grpc >/dev/null 2>&1; then
+  echo "[proto] protoc-gen-go-grpc is not installed" >&2
+  exit 1
+fi
+
+info() {
+  printf '[proto] %s\n' "$1"
+}
+
+generate_go() {
+  local out_dir="$1"
+  shift
+  mkdir -p "${out_dir}"
+  "${PROTOC_BIN}" \
+    -I="${PROTO_DIR}" \
+    --go_out="${out_dir}" \
+    --go_opt=paths=source_relative \
+    "$@"
+}
+
+generate_go_with_grpc() {
+  local out_dir="$1"
+  shift
+  mkdir -p "${out_dir}"
+  "${PROTOC_BIN}" \
+    -I="${PROTO_DIR}" \
+    --go_out="${out_dir}" \
+    --go_opt=paths=source_relative \
+    --go-grpc_out="${out_dir}" \
+    --go-grpc_opt=paths=source_relative \
+    "$@"
+}
+
+clean_pb_files() {
+  local target="$1"
+  if [ -d "${target}" ]; then
+    find "${target}" -type f -name '*.pb.go' -delete
+  fi
+}
+
+cd "${API_DIR}"
+
+# Messaging / notification protos (top-level files).
+mapfile -t messaging_protos < <(find "${PROTO_DIR}" -maxdepth 1 -type f -name '*.proto' | sort)
+if [ "${#messaging_protos[@]}" -gt 0 ]; then
+  info "Compiling messaging protos"
+  rm -rf ./pkg/messaging/internal/generated
+  generate_go "./pkg/messaging/internal/generated" "${messaging_protos[@]}"
+fi
+
+# Common shared protos
+mapfile -t common_protos < <(find "${PROTO_DIR}/common" -type f -name '*.proto' | sort)
+if [ "${#common_protos[@]}" -gt 0 ]; then
+  info "Compiling common shared protos"
+  clean_pb_files "./pkg/proto"
+  generate_go "./pkg/proto" "${common_protos[@]}"
+fi
+
+# Ledger shared protos
+if [ -f "${PROTO_DIR}/ledger/v1/ledger.proto" ]; then
+  info "Compiling ledger protos"
+  clean_pb_files "./pkg/proto/ledger"
+  generate_go_with_grpc "./pkg/proto/ledger/v1" "${PROTO_DIR}/ledger/v1/ledger.proto"
+fi
+
+# Oracle shared protos
+if [ -f "${PROTO_DIR}/oracle/v1/oracle.proto" ]; then
+  info "Compiling oracle protos"
+  clean_pb_files "./pkg/proto/oracle"
+  generate_go_with_grpc "./pkg/proto/oracle/v1" "${PROTO_DIR}/oracle/v1/oracle.proto"
+fi
+
+# Chain gateway shared protos
+if [ -f "${PROTO_DIR}/chain/gateway/v1/gateway.proto" ]; then
+  info "Compiling chain gateway protos"
+  clean_pb_files "./pkg/proto/chain/gateway"
+  generate_go_with_grpc "./pkg/proto/chain/gateway/v1" "${PROTO_DIR}/chain/gateway/v1/gateway.proto"
+fi
+
+# Payments orchestrator shared protos
+if [ -f "${PROTO_DIR}/payments/orchestrator/v1/orchestrator.proto" ]; then
+  info "Compiling payments orchestrator protos"
+  clean_pb_files "./pkg/proto/payments/orchestrator"
+  generate_go_with_grpc "./pkg/proto/payments/orchestrator/v1" "${PROTO_DIR}/payments/orchestrator/v1/orchestrator.proto"
+fi
+
+# Billing fees shared protos
+if [ -f "${PROTO_DIR}/billing/fees/v1/fees.proto" ]; then
+  info "Compiling billing fees protos"
+  clean_pb_files "./pkg/proto/billing/fees"
+  generate_go_with_grpc "./pkg/proto/billing/fees/v1" "${PROTO_DIR}/billing/fees/v1/fees.proto"
+fi
+
+info "Protobuf generation completed"