@abgov/nx-adsp 12.25.2 → 12.26.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
|
@@ -128,8 +128,8 @@ describe('MyFeatureComponent', () => {
|
|
|
128
128
|
## OpenShift targets
|
|
129
129
|
|
|
130
130
|
```bash
|
|
131
|
-
nx run <%= projectName %>:sandbox # build + push to
|
|
132
|
-
nx run <%= projectName %>:sandbox-teardown # remove sandbox resources
|
|
131
|
+
nx run <%= projectName %>:sandbox # build locally (podman) + push to GHCR + deploy
|
|
132
|
+
nx run <%= projectName %>:sandbox-teardown # remove sandbox resources + delete the GHCR image
|
|
133
133
|
nx run <%= projectName %>:apply-envs # apply manifests to all environments
|
|
134
134
|
nx run <%= projectName %>:teardown-dev # remove from dev environment
|
|
135
135
|
```
|
|
@@ -142,3 +142,29 @@ nx run <%= projectName %>:teardown-dev # remove from dev environment
|
|
|
142
142
|
silent SSO check on page load
|
|
143
143
|
- `environments/environment.ts` — access URL and realm are pre-configured for
|
|
144
144
|
the ADSP tenant; override at runtime via environment variables
|
|
145
|
+
|
|
146
|
+
## Sandbox deployment (local build)
|
|
147
|
+
|
|
148
|
+
The `sandbox` targets are added by the nx-oc sandbox generator — run it once per app first:
|
|
149
|
+
|
|
150
|
+
```bash
|
|
151
|
+
nx g @abgov/nx-oc:sandbox <%= projectName %> --sandboxProject <your-namespace>
|
|
152
|
+
```
|
|
153
|
+
|
|
154
|
+
Then `nx run <%= projectName %>:sandbox` builds the image **locally with podman**, pushes it to GHCR, and imports it into your sandbox namespace — no git push or CI wait. Prerequisites (one-time):
|
|
155
|
+
|
|
156
|
+
- `podman` installed and running (`podman machine start` on macOS).
|
|
157
|
+
- `oc` logged in, targeting your (per-user) sandbox namespace.
|
|
158
|
+
- `gh auth login` as an account with **`write:packages`** on the registry org. That account must be the **active** `gh` account when you run the target — the sandbox reads `gh auth token` for both the image push and the pull secret (no PAT is stored). Check with `gh auth status`; switch with `gh auth switch -u <account>`.
|
|
159
|
+
|
|
160
|
+
The registry (`ghcr.io/<org>`) is derived from the git remote on first run and saved in `nx.json`. The image is `<registry>/<sandboxProject>-<app>:sandbox` (namespace-prefixed to avoid collisions). If a push or import fails, it's almost always the active `gh` account lacking `write:packages` or access to the org — re-run after `gh auth switch`.
|
|
161
|
+
|
|
162
|
+
### Verify & troubleshoot a sandbox deploy
|
|
163
|
+
|
|
164
|
+
The target ends with `oc rollout status`. To confirm and diagnose:
|
|
165
|
+
|
|
166
|
+
- **Health:** `oc get pods -n <namespace> -l name=<%= projectName %>` and `curl https://$(oc get route <%= projectName %> -n <namespace> -o jsonpath='{.spec.host}')/health`.
|
|
167
|
+
- **Push or import failed:** almost always the active `gh` account lacks `write:packages` or access to the org — check `gh auth status`, then `gh auth switch -u <account>` and re-run.
|
|
168
|
+
- **Pod CrashLoopBackOff / not ready:** `oc logs -n <namespace> <pod> -c <%= projectName %>`. For a service with a database, also check the migration init container: `oc logs -n <namespace> <pod> -c <%= projectName %>-migrate`.
|
|
169
|
+
- **`podman` errors:** ensure the machine is running — `podman machine start` (macOS).
|
|
170
|
+
- **Namespace missing:** create it with `oc new-project <namespace>`.
|
|
@@ -318,8 +318,8 @@ nginx in production. All API routes live under `/<%= projectName %>/v1/`.
|
|
|
318
318
|
## OpenShift targets
|
|
319
319
|
|
|
320
320
|
```bash
|
|
321
|
-
nx run <%= projectName %>:sandbox # build + push to
|
|
322
|
-
nx run <%= projectName %>:sandbox-teardown # remove sandbox resources
|
|
321
|
+
nx run <%= projectName %>:sandbox # build locally (podman) + push to GHCR + deploy
|
|
322
|
+
nx run <%= projectName %>:sandbox-teardown # remove sandbox resources + delete the GHCR image
|
|
323
323
|
nx run <%= projectName %>:apply-envs # apply manifests to all environments
|
|
324
324
|
nx run <%= projectName %>:teardown-dev # remove from dev environment
|
|
325
325
|
```
|
|
@@ -332,3 +332,29 @@ nx run <%= projectName %>:teardown-dev # remove from dev environment
|
|
|
332
332
|
- `configurationHandler` on the API path — provides configuration service
|
|
333
333
|
integration; keep it applied before route handlers
|
|
334
334
|
- `createErrorHandler(logger)` — must remain the last `app.use()` call
|
|
335
|
+
|
|
336
|
+
## Sandbox deployment (local build)
|
|
337
|
+
|
|
338
|
+
The `sandbox` targets are added by the nx-oc sandbox generator — run it once per app first:
|
|
339
|
+
|
|
340
|
+
```bash
|
|
341
|
+
nx g @abgov/nx-oc:sandbox <%= projectName %> --sandboxProject <your-namespace>
|
|
342
|
+
```
|
|
343
|
+
|
|
344
|
+
Then `nx run <%= projectName %>:sandbox` builds the image **locally with podman**, pushes it to GHCR, and imports it into your sandbox namespace — no git push or CI wait. Prerequisites (one-time):
|
|
345
|
+
|
|
346
|
+
- `podman` installed and running (`podman machine start` on macOS).
|
|
347
|
+
- `oc` logged in, targeting your (per-user) sandbox namespace.
|
|
348
|
+
- `gh auth login` as an account with **`write:packages`** on the registry org. That account must be the **active** `gh` account when you run the target — the sandbox reads `gh auth token` for both the image push and the pull secret (no PAT is stored). Check with `gh auth status`; switch with `gh auth switch -u <account>`.
|
|
349
|
+
|
|
350
|
+
The registry (`ghcr.io/<org>`) is derived from the git remote on first run and saved in `nx.json`. The image is `<registry>/<sandboxProject>-<app>:sandbox` (namespace-prefixed to avoid collisions). If a push or import fails, it's almost always the active `gh` account lacking `write:packages` or access to the org — re-run after `gh auth switch`.
|
|
351
|
+
|
|
352
|
+
### Verify & troubleshoot a sandbox deploy
|
|
353
|
+
|
|
354
|
+
The target ends with `oc rollout status`. To confirm and diagnose:
|
|
355
|
+
|
|
356
|
+
- **Health:** `oc get pods -n <namespace> -l name=<%= projectName %>` and `curl https://$(oc get route <%= projectName %> -n <namespace> -o jsonpath='{.spec.host}')/health`.
|
|
357
|
+
- **Push or import failed:** almost always the active `gh` account lacks `write:packages` or access to the org — check `gh auth status`, then `gh auth switch -u <account>` and re-run.
|
|
358
|
+
- **Pod CrashLoopBackOff / not ready:** `oc logs -n <namespace> <pod> -c <%= projectName %>`. For a service with a database, also check the migration init container: `oc logs -n <namespace> <pod> -c <%= projectName %>-migrate`.
|
|
359
|
+
- **`podman` errors:** ensure the machine is running — `podman machine start` (macOS).
|
|
360
|
+
- **Namespace missing:** create it with `oc new-project <namespace>`.
|
|
@@ -117,8 +117,8 @@ describe('MyFeature', () => {
|
|
|
117
117
|
## OpenShift targets
|
|
118
118
|
|
|
119
119
|
```bash
|
|
120
|
-
nx run <%= projectName %>:sandbox # build + push to
|
|
121
|
-
nx run <%= projectName %>:sandbox-teardown # remove sandbox resources
|
|
120
|
+
nx run <%= projectName %>:sandbox # build locally (podman) + push to GHCR + deploy
|
|
121
|
+
nx run <%= projectName %>:sandbox-teardown # remove sandbox resources + delete the GHCR image
|
|
122
122
|
nx run <%= projectName %>:apply-envs # apply manifests to all environments
|
|
123
123
|
nx run <%= projectName %>:teardown-dev # remove from dev environment
|
|
124
124
|
```
|
|
@@ -131,3 +131,29 @@ nx run <%= projectName %>:teardown-dev # remove from dev environment
|
|
|
131
131
|
the ADSP tenant; override at runtime via deployment config
|
|
132
132
|
- `silent-check-sso.html` — required for keycloak-js silent SSO; must be served
|
|
133
133
|
from the app root
|
|
134
|
+
|
|
135
|
+
## Sandbox deployment (local build)
|
|
136
|
+
|
|
137
|
+
The `sandbox` targets are added by the nx-oc sandbox generator — run it once per app first:
|
|
138
|
+
|
|
139
|
+
```bash
|
|
140
|
+
nx g @abgov/nx-oc:sandbox <%= projectName %> --sandboxProject <your-namespace>
|
|
141
|
+
```
|
|
142
|
+
|
|
143
|
+
Then `nx run <%= projectName %>:sandbox` builds the image **locally with podman**, pushes it to GHCR, and imports it into your sandbox namespace — no git push or CI wait. Prerequisites (one-time):
|
|
144
|
+
|
|
145
|
+
- `podman` installed and running (`podman machine start` on macOS).
|
|
146
|
+
- `oc` logged in, targeting your (per-user) sandbox namespace.
|
|
147
|
+
- `gh auth login` as an account with **`write:packages`** on the registry org. That account must be the **active** `gh` account when you run the target — the sandbox reads `gh auth token` for both the image push and the pull secret (no PAT is stored). Check with `gh auth status`; switch with `gh auth switch -u <account>`.
|
|
148
|
+
|
|
149
|
+
The registry (`ghcr.io/<org>`) is derived from the git remote on first run and saved in `nx.json`. The image is `<registry>/<sandboxProject>-<app>:sandbox` (namespace-prefixed to avoid collisions). If a push or import fails, it's almost always the active `gh` account lacking `write:packages` or access to the org — re-run after `gh auth switch`.
|
|
150
|
+
|
|
151
|
+
### Verify & troubleshoot a sandbox deploy
|
|
152
|
+
|
|
153
|
+
The target ends with `oc rollout status`. To confirm and diagnose:
|
|
154
|
+
|
|
155
|
+
- **Health:** `oc get pods -n <namespace> -l name=<%= projectName %>` and `curl https://$(oc get route <%= projectName %> -n <namespace> -o jsonpath='{.spec.host}')/health`.
|
|
156
|
+
- **Push or import failed:** almost always the active `gh` account lacks `write:packages` or access to the org — check `gh auth status`, then `gh auth switch -u <account>` and re-run.
|
|
157
|
+
- **Pod CrashLoopBackOff / not ready:** `oc logs -n <namespace> <pod> -c <%= projectName %>`. For a service with a database, also check the migration init container: `oc logs -n <namespace> <pod> -c <%= projectName %>-migrate`.
|
|
158
|
+
- **`podman` errors:** ensure the machine is running — `podman machine start` (macOS).
|
|
159
|
+
- **Namespace missing:** create it with `oc new-project <namespace>`.
|
|
@@ -136,8 +136,8 @@ describe('MyComponent', () => {
|
|
|
136
136
|
## OpenShift targets
|
|
137
137
|
|
|
138
138
|
```bash
|
|
139
|
-
nx run <%= projectName %>:sandbox # build + push to
|
|
140
|
-
nx run <%= projectName %>:sandbox-teardown # remove sandbox resources
|
|
139
|
+
nx run <%= projectName %>:sandbox # build locally (podman) + push to GHCR + deploy
|
|
140
|
+
nx run <%= projectName %>:sandbox-teardown # remove sandbox resources + delete the GHCR image
|
|
141
141
|
nx run <%= projectName %>:apply-envs # apply manifests to all environments
|
|
142
142
|
nx run <%= projectName %>:teardown-dev # remove from dev environment
|
|
143
143
|
```
|
|
@@ -148,3 +148,29 @@ nx run <%= projectName %>:teardown-dev # remove from dev environment
|
|
|
148
148
|
- `environments/environment.ts` — access URL and realm are pre-configured for the ADSP tenant
|
|
149
149
|
- `silent-check-sso.html` — required for keycloak-js silent SSO; must be served from the app root
|
|
150
150
|
- `vite.config.ts` — the `isCustomElement` predicate must stay to suppress Vue warnings for `goa-*` elements
|
|
151
|
+
|
|
152
|
+
## Sandbox deployment (local build)
|
|
153
|
+
|
|
154
|
+
The `sandbox` targets are added by the nx-oc sandbox generator — run it once per app first:
|
|
155
|
+
|
|
156
|
+
```bash
|
|
157
|
+
nx g @abgov/nx-oc:sandbox <%= projectName %> --sandboxProject <your-namespace>
|
|
158
|
+
```
|
|
159
|
+
|
|
160
|
+
Then `nx run <%= projectName %>:sandbox` builds the image **locally with podman**, pushes it to GHCR, and imports it into your sandbox namespace — no git push or CI wait. Prerequisites (one-time):
|
|
161
|
+
|
|
162
|
+
- `podman` installed and running (`podman machine start` on macOS).
|
|
163
|
+
- `oc` logged in, targeting your (per-user) sandbox namespace.
|
|
164
|
+
- `gh auth login` as an account with **`write:packages`** on the registry org. That account must be the **active** `gh` account when you run the target — the sandbox reads `gh auth token` for both the image push and the pull secret (no PAT is stored). Check with `gh auth status`; switch with `gh auth switch -u <account>`.
|
|
165
|
+
|
|
166
|
+
The registry (`ghcr.io/<org>`) is derived from the git remote on first run and saved in `nx.json`. The image is `<registry>/<sandboxProject>-<app>:sandbox` (namespace-prefixed to avoid collisions). If a push or import fails, it's almost always the active `gh` account lacking `write:packages` or access to the org — re-run after `gh auth switch`.
|
|
167
|
+
|
|
168
|
+
### Verify & troubleshoot a sandbox deploy
|
|
169
|
+
|
|
170
|
+
The target ends with `oc rollout status`. To confirm and diagnose:
|
|
171
|
+
|
|
172
|
+
- **Health:** `oc get pods -n <namespace> -l name=<%= projectName %>` and `curl https://$(oc get route <%= projectName %> -n <namespace> -o jsonpath='{.spec.host}')/health`.
|
|
173
|
+
- **Push or import failed:** almost always the active `gh` account lacks `write:packages` or access to the org — check `gh auth status`, then `gh auth switch -u <account>` and re-run.
|
|
174
|
+
- **Pod CrashLoopBackOff / not ready:** `oc logs -n <namespace> <pod> -c <%= projectName %>`. For a service with a database, also check the migration init container: `oc logs -n <namespace> <pod> -c <%= projectName %>-migrate`.
|
|
175
|
+
- **`podman` errors:** ensure the machine is running — `podman machine start` (macOS).
|
|
176
|
+
- **Namespace missing:** create it with `oc new-project <namespace>`.
|