@envsync-cloud/deploy-cli 0.6.17 → 0.6.19
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +59 -21
- package/package.json +1 -1
package/dist/index.js
CHANGED
|
@@ -269,6 +269,16 @@ function domainMap(rootDomain) {
|
|
|
269
269
|
s3Console: `console.s3.${rootDomain}`
|
|
270
270
|
};
|
|
271
271
|
}
|
|
272
|
+
function publicHttpsOrigin(config, host) {
|
|
273
|
+
return `https://${host}${config.services.public_https_port === 443 ? "" : `:${config.services.public_https_port}`}`;
|
|
274
|
+
}
|
|
275
|
+
function publicHttpsOriginVariants(config, host) {
|
|
276
|
+
const canonical = `https://${host}`;
|
|
277
|
+
if (config.services.public_https_port === 443) {
|
|
278
|
+
return [canonical];
|
|
279
|
+
}
|
|
280
|
+
return [canonical, publicHttpsOrigin(config, host)];
|
|
281
|
+
}
|
|
272
282
|
function getDeployCliVersion() {
|
|
273
283
|
try {
|
|
274
284
|
const packageJsonPath = new URL("../package.json", import.meta.url);
|
|
@@ -650,6 +660,10 @@ function renderKeycloakRealm(config, runtimeEnv) {
|
|
|
650
660
|
}
|
|
651
661
|
function renderTraefikDynamicConfig(config) {
|
|
652
662
|
const hosts = domainMap(config.domain.root_domain);
|
|
663
|
+
const otelAllowedOrigins = [
|
|
664
|
+
...publicHttpsOriginVariants(config, hosts.landing),
|
|
665
|
+
...publicHttpsOriginVariants(config, hosts.app)
|
|
666
|
+
];
|
|
653
667
|
return [
|
|
654
668
|
"http:",
|
|
655
669
|
" middlewares:",
|
|
@@ -664,15 +678,17 @@ function renderTraefikDynamicConfig(config) {
|
|
|
664
678
|
" otel-cors:",
|
|
665
679
|
" headers:",
|
|
666
680
|
" accessControlAllowOriginList:",
|
|
667
|
-
` -
|
|
668
|
-
` - https://${hosts.app}`,
|
|
681
|
+
...otelAllowedOrigins.map((origin) => ` - ${origin}`),
|
|
669
682
|
" accessControlAllowMethods:",
|
|
670
683
|
" - POST",
|
|
671
684
|
" - OPTIONS",
|
|
672
685
|
" accessControlAllowHeaders:",
|
|
673
686
|
" - Content-Type",
|
|
687
|
+
" - content-type",
|
|
674
688
|
" - Authorization",
|
|
675
|
-
"
|
|
689
|
+
" - authorization",
|
|
690
|
+
" accessControlAllowCredentials: true",
|
|
691
|
+
" accessControlMaxAge: 600",
|
|
676
692
|
" addVaryHeader: true",
|
|
677
693
|
" services:",
|
|
678
694
|
" envsync-api:",
|
|
@@ -702,10 +718,6 @@ function renderTraefikDynamicConfig(config) {
|
|
|
702
718
|
" loadBalancer:",
|
|
703
719
|
" servers:",
|
|
704
720
|
" - url: http://clickstack:8080",
|
|
705
|
-
" clickstack-api:",
|
|
706
|
-
" loadBalancer:",
|
|
707
|
-
" servers:",
|
|
708
|
-
" - url: http://clickstack:8000",
|
|
709
721
|
" clickstack-otlp:",
|
|
710
722
|
" loadBalancer:",
|
|
711
723
|
" servers:",
|
|
@@ -715,36 +727,42 @@ function renderTraefikDynamicConfig(config) {
|
|
|
715
727
|
` rule: Host(\`${hosts.landing}\`)`,
|
|
716
728
|
" service: landing",
|
|
717
729
|
" entryPoints: [websecure]",
|
|
718
|
-
" tls:
|
|
730
|
+
" tls:",
|
|
731
|
+
" certResolver: letsencrypt",
|
|
719
732
|
" web-router:",
|
|
720
733
|
` rule: Host(\`${hosts.app}\`)`,
|
|
721
734
|
" service: web",
|
|
722
735
|
" entryPoints: [websecure]",
|
|
723
|
-
" tls:
|
|
736
|
+
" tls:",
|
|
737
|
+
" certResolver: letsencrypt",
|
|
724
738
|
" obs-otlp-router:",
|
|
725
739
|
` rule: Host(\`${hosts.obs}\`) && (PathPrefix(\`/v1/traces\`) || PathPrefix(\`/v1/logs\`) || PathPrefix(\`/v1/metrics\`))`,
|
|
726
740
|
" service: clickstack-otlp",
|
|
727
741
|
" middlewares: [otel-cors]",
|
|
728
742
|
" priority: 100",
|
|
729
743
|
" entryPoints: [websecure]",
|
|
730
|
-
" tls:
|
|
744
|
+
" tls:",
|
|
745
|
+
" certResolver: letsencrypt",
|
|
731
746
|
" obs-api-router:",
|
|
732
747
|
` rule: Host(\`${hosts.obs}\`) && PathPrefix(\`/api\`)`,
|
|
733
|
-
" service: clickstack-
|
|
748
|
+
" service: clickstack-ui",
|
|
734
749
|
" priority: 90",
|
|
735
750
|
" entryPoints: [websecure]",
|
|
736
|
-
" tls:
|
|
751
|
+
" tls:",
|
|
752
|
+
" certResolver: letsencrypt",
|
|
737
753
|
" obs-ui-router:",
|
|
738
754
|
` rule: Host(\`${hosts.obs}\`)`,
|
|
739
755
|
" service: clickstack-ui",
|
|
740
756
|
" priority: 10",
|
|
741
757
|
" entryPoints: [websecure]",
|
|
742
|
-
" tls:
|
|
758
|
+
" tls:",
|
|
759
|
+
" certResolver: letsencrypt",
|
|
743
760
|
" api-router:",
|
|
744
761
|
` rule: Host(\`${hosts.api}\`)`,
|
|
745
762
|
" service: envsync-api",
|
|
746
763
|
" entryPoints: [websecure]",
|
|
747
|
-
" tls:
|
|
764
|
+
" tls:",
|
|
765
|
+
" certResolver: letsencrypt"
|
|
748
766
|
].join("\n") + "\n";
|
|
749
767
|
}
|
|
750
768
|
function renderNginxConf(kind) {
|
|
@@ -941,8 +959,9 @@ ${renderEnvList({
|
|
|
941
959
|
KC_PROXY_HEADERS: "xforwarded",
|
|
942
960
|
KC_HOSTNAME_STRICT: "false"
|
|
943
961
|
})}
|
|
944
|
-
|
|
945
|
-
-
|
|
962
|
+
configs:
|
|
963
|
+
- source: keycloak_realm
|
|
964
|
+
target: /opt/keycloak/data/import/realm.json
|
|
946
965
|
networks: [envsync]
|
|
947
966
|
deploy:
|
|
948
967
|
labels:
|
|
@@ -1012,7 +1031,9 @@ ${renderEnvList({
|
|
|
1012
1031
|
- clickstack_data:/data/db
|
|
1013
1032
|
- clickstack_ch_data:/var/lib/clickhouse
|
|
1014
1033
|
- clickstack_ch_logs:/var/log/clickhouse-server
|
|
1015
|
-
|
|
1034
|
+
configs:
|
|
1035
|
+
- source: clickstack_clickhouse_conf
|
|
1036
|
+
target: /etc/clickhouse-server/config.d/envsync-listen-host.xml
|
|
1016
1037
|
networks: [envsync]
|
|
1017
1038
|
healthcheck:
|
|
1018
1039
|
disable: true
|
|
@@ -1020,22 +1041,27 @@ ${renderEnvList({
|
|
|
1020
1041
|
otel-agent:
|
|
1021
1042
|
image: ${config.images.otel_agent}
|
|
1022
1043
|
command: ["--config=/etc/otel-agent.yaml"]
|
|
1023
|
-
|
|
1024
|
-
-
|
|
1044
|
+
configs:
|
|
1045
|
+
- source: otel_agent_conf
|
|
1046
|
+
target: /etc/otel-agent.yaml
|
|
1025
1047
|
networks: [envsync]
|
|
1026
1048
|
${includeAppServices ? `
|
|
1027
1049
|
|
|
1028
1050
|
landing_nginx:
|
|
1029
1051
|
image: nginx:1.27-alpine
|
|
1052
|
+
configs:
|
|
1053
|
+
- source: nginx_landing_conf
|
|
1054
|
+
target: /etc/nginx/conf.d/default.conf
|
|
1030
1055
|
volumes:
|
|
1031
|
-
- ${NGINX_LANDING_CONF}:/etc/nginx/conf.d/default.conf:ro
|
|
1032
1056
|
- ${RELEASES_ROOT}/landing/current:/srv/landing:ro
|
|
1033
1057
|
networks: [envsync]
|
|
1034
1058
|
|
|
1035
1059
|
web_nginx:
|
|
1036
1060
|
image: nginx:1.27-alpine
|
|
1061
|
+
configs:
|
|
1062
|
+
- source: nginx_web_conf
|
|
1063
|
+
target: /etc/nginx/conf.d/default.conf
|
|
1037
1064
|
volumes:
|
|
1038
|
-
- ${NGINX_WEB_CONF}:/etc/nginx/conf.d/default.conf:ro
|
|
1039
1065
|
- ${RELEASES_ROOT}/web/current:/srv/web:ro
|
|
1040
1066
|
networks: [envsync]
|
|
1041
1067
|
|
|
@@ -1066,6 +1092,18 @@ volumes:
|
|
|
1066
1092
|
clickstack_data:
|
|
1067
1093
|
clickstack_ch_data:
|
|
1068
1094
|
clickstack_ch_logs:
|
|
1095
|
+
|
|
1096
|
+
configs:
|
|
1097
|
+
keycloak_realm:
|
|
1098
|
+
file: ${KEYCLOAK_REALM_FILE}
|
|
1099
|
+
clickstack_clickhouse_conf:
|
|
1100
|
+
file: ${CLICKSTACK_CLICKHOUSE_CONF}
|
|
1101
|
+
otel_agent_conf:
|
|
1102
|
+
file: ${OTEL_AGENT_CONF}
|
|
1103
|
+
nginx_landing_conf:
|
|
1104
|
+
file: ${NGINX_LANDING_CONF}
|
|
1105
|
+
nginx_web_conf:
|
|
1106
|
+
file: ${NGINX_WEB_CONF}
|
|
1069
1107
|
`.trimStart();
|
|
1070
1108
|
}
|
|
1071
1109
|
function writeDeployArtifacts(config, generated) {
|