npm - @hed-hog/cli - Versions diffs - 0.0.67 → 0.0.69 - Mend

@hed-hog/cli 0.0.67 → 0.0.69

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/dist/src/templates/deployment/DEPLOYMENT.md.ejs CHANGED Viewed

@@ -42,6 +42,15 @@ kubectl get namespace <%= config.namespace %>
 Add the following secrets to your GitHub repository:
 1. `DIGITALOCEAN_ACCESS_TOKEN` - Your Digital Ocean API token
+2. `DATABASE_URL`, `JWT_SECRET`, `ENCRYPTION_SECRET`, and `PEPPER` - API runtime secrets required by the deploy workflow
+You can configure the application secrets directly from the CLI by rerunning:
+```bash
+hedhog dev deploy-config
+```
+The CLI can generate the random values for `JWT_SECRET`, `ENCRYPTION_SECRET`, and `PEPPER`, ask for `DATABASE_URL`, and publish them with `gh secret set`.
 ```bash
 # Get your DO token and add it to GitHub
@@ -131,14 +140,21 @@ kubectl set image deployment/<%= config.appName %>-api <%= config.appName %>-api
 kubectl rollout status deployment/<%= config.appName %>-api -n <%= config.namespace %>
 <% } %><% if (config.apps.includes('admin')) { %>docker build -t <%= config.containerRegistry %>/<%= config.appName %>-admin:latest \
-  --build-arg NEXT_PUBLIC_API_BASE_URL=<%= config.domain ? `https://api.${config.domain}` : '' %> \
-  --build-arg NEXT_PUBLIC_API_URL=<%= config.domain ? `https://api.${config.domain}` : '' %> \
+  --build-arg NEXT_PUBLIC_API_BASE_URL=<%= config.apiDomain || '' %> \
+  --build-arg NEXT_PUBLIC_API_URL=<%= config.apiDomain || '' %> \
+  --build-arg INTERNAL_API_URL=http://<%= config.appName %>-api:<%= config.appPorts?.api || 3000 %> \
+  --build-arg ADMIN_API_BASE_URL=<%= config.apiDomain || '' %> \
+  --build-arg ADMIN_API_URL=<%= config.apiDomain || '' %> \
+  --build-arg ADMIN_INTERNAL_API_URL=http://<%= config.appName %>-api:<%= config.appPorts?.api || 3000 %> \
   -f apps/admin/Dockerfile .
 docker push <%= config.containerRegistry %>/<%= config.appName %>-admin:latest
 kubectl create configmap <%= config.appName %>-admin-config \
   -n <%= config.namespace %> \
-  --from-literal=NEXT_PUBLIC_API_BASE_URL='<%= config.domain ? `https://api.${config.domain}` : '' %>' \
-  --from-literal=NEXT_PUBLIC_API_URL='<%= config.domain ? `https://api.${config.domain}` : '' %>' \
+  --from-literal=ADMIN_API_BASE_URL='<%= config.apiDomain || '' %>' \
+  --from-literal=ADMIN_API_URL='<%= config.apiDomain || '' %>' \
+  --from-literal=ADMIN_INTERNAL_API_URL='http://<%= config.appName %>-api:<%= config.appPorts?.api || 3000 %>' \
+  --from-literal=NEXT_PUBLIC_API_BASE_URL='<%= config.apiDomain || '' %>' \
+  --from-literal=NEXT_PUBLIC_API_URL='<%= config.apiDomain || '' %>' \
   --from-literal=INTERNAL_API_URL='http://<%= config.appName %>-api:<%= config.appPorts?.api || 3000 %>' \
   --from-literal=FRONTEND_URLS='<%= config.frontendUrls || (config.domain ? `https://${config.domain}` : '') %>' \
   --dry-run=client -o yaml | kubectl apply -f -

package/dist/src/templates/deployment/k8s.deployment.yaml.ejs CHANGED Viewed

@@ -24,6 +24,21 @@ spec:
             - name: NODE_ENV
               value: production
 <% if (app === 'admin') { %>
+            - name: ADMIN_INTERNAL_API_URL
+              valueFrom:
+                configMapKeyRef:
+                  name: <%= config.appName %>-<%= app %>-config
+                  key: ADMIN_INTERNAL_API_URL
+            - name: ADMIN_API_BASE_URL
+              valueFrom:
+                configMapKeyRef:
+                  name: <%= config.appName %>-<%= app %>-config
+                  key: ADMIN_API_BASE_URL
+            - name: ADMIN_API_URL
+              valueFrom:
+                configMapKeyRef:
+                  name: <%= config.appName %>-<%= app %>-config
+                  key: ADMIN_API_URL
             - name: INTERNAL_API_URL
               valueFrom:
                 configMapKeyRef:

package/dist/src/templates/deployment/workflow.deploy.yml.ejs CHANGED Viewed

@@ -7,18 +7,18 @@ on:
 env:
   REGISTRY: <%= config.containerRegistry %>
   NAMESPACE: <%= config.namespace %>
-  K8S_CLUSTER_ID: <%= config.clusterName %>
+  K8S_CLUSTER_ID: <%= config.k8sClusterId || config.clusterName %>
 <% if ((config.apps || []).includes('api')) { %>
   # API environment
   API_FRONTEND_URL: <%= config.domain ? 'https://' + config.domain : '' %>
   API_JWT_EXPIRES_IN: <%= config.jwtExpiresIn || '7d' %>
 <% } %>
 <% if ((config.apps || []).includes('admin')) { %>
-  # Admin environment (runtime-replaced at container startup)
+  # Admin environment (used in image build args and mirrored to runtime ConfigMap)
   ADMIN_API_BASE_URL: <%= config.apiDomain || '' %>
   ADMIN_API_URL: <%= config.apiDomain || '' %>
-  ADMIN_INTERNAL_API_URL: http://<%= config.appName %>-api:3100
-  FRONTEND_URLS: <%= config.frontendUrls %>
+  ADMIN_INTERNAL_API_URL: http://<%= config.appName %>-api:<%= config.appPorts?.api || 3000 %>
+  FRONTEND_URLS: <%= config.frontendUrls || (config.domain ? 'https://' + config.domain : '') %>
 <% } %>
 jobs:
   apply-cluster-config:
@@ -26,11 +26,17 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
       - name: Install doctl
-        uses: digitalocean/action-doctl@v2
-        with:
-          token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }}
+        run: |
+          set -eu
+          DOCTL_VERSION="1.119.1"
+          curl -fsSL "https://github.com/digitalocean/doctl/releases/download/v${DOCTL_VERSION}/doctl-${DOCTL_VERSION}-linux-amd64.tar.gz" -o /tmp/doctl.tar.gz
+          tar -xzf /tmp/doctl.tar.gz -C /tmp
+          sudo mv /tmp/doctl /usr/local/bin/doctl
+          doctl version
+      - name: Authenticate doctl
+        run: doctl auth init -t '${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }}'
       - name: Save DigitalOcean kubeconfig
         run: doctl kubernetes cluster kubeconfig save ${{ env.K8S_CLUSTER_ID }}
       - name: Ensure namespace exists
@@ -61,11 +67,17 @@ jobs:
     # - FRONTEND_URL: Frontend URL (currently: ${{ env.API_FRONTEND_URL }})
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
       - name: Install doctl
-        uses: digitalocean/action-doctl@v2
-        with:
-          token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }}
+        run: |
+          set -eu
+          DOCTL_VERSION="1.119.1"
+          curl -fsSL "https://github.com/digitalocean/doctl/releases/download/v${DOCTL_VERSION}/doctl-${DOCTL_VERSION}-linux-amd64.tar.gz" -o /tmp/doctl.tar.gz
+          tar -xzf /tmp/doctl.tar.gz -C /tmp
+          sudo mv /tmp/doctl /usr/local/bin/doctl
+          doctl version
+      - name: Authenticate doctl
+        run: doctl auth init -t '${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }}'
       - name: Validate DigitalOcean token
         run: |
           doctl auth validate
@@ -131,7 +143,7 @@ jobs:
           # Check DATABASE_URL
           if [ -z "$DATABASE_URL" ]; then
             echo "::error::GitHub secret DATABASE_URL is not set. Configure it in Settings > Secrets and variables > Actions."
-              echo "::error::Expected format: postgresql://postgres:<password>@postgresql-<%= config.appName %>:5432/<%= config.appName %>"
+            echo "::error::Expected format: postgresql://postgres:<password>@postgresql-<%= config.appName %>:5432/<%= config.appName %>"
             MISSING_SECRETS="$MISSING_SECRETS DATABASE_URL"
           fi
@@ -285,7 +297,7 @@ jobs:
             echo "Inspecting repository ${REPOSITORY} in registry ${REGISTRY_NAME}"
-            TAG_ROWS="$(doctl registry repository list-tags "${REPOSITORY}" --registry "${REGISTRY_NAME}" --format Tag,ManifestDigest --no-header || true)"
+            TAG_ROWS="$(doctl registry repository list-tags "${REGISTRY_NAME}/${REPOSITORY}" --format Tag,ManifestDigest --no-header || true)"
             if [ -z "${TAG_ROWS}" ]; then
               echo "No tags found for ${REPOSITORY}; skipping cleanup."
@@ -336,12 +348,11 @@ jobs:
                 continue
               fi
-              doctl registry repository delete-manifest "${REPOSITORY}" "${DIGEST}" --registry "${REGISTRY_NAME}" --force
+              doctl registry repository delete-manifest "${REGISTRY_NAME}/${REPOSITORY}" "${DIGEST}" --force
             done
           }
           cleanup_repository "<%= config.appName %>-api"
-          cleanup_repository "<%= config.appName %>-api-migrate"
 <% } %>
 <% if ((config.apps || []).includes('admin')) { %>
   deploy-admin:
@@ -354,11 +365,17 @@ jobs:
 <% } %>
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
       - name: Install doctl
-        uses: digitalocean/action-doctl@v2
-        with:
-          token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }}
+        run: |
+          set -eu
+          DOCTL_VERSION="1.119.1"
+          curl -fsSL "https://github.com/digitalocean/doctl/releases/download/v${DOCTL_VERSION}/doctl-${DOCTL_VERSION}-linux-amd64.tar.gz" -o /tmp/doctl.tar.gz
+          tar -xzf /tmp/doctl.tar.gz -C /tmp
+          sudo mv /tmp/doctl /usr/local/bin/doctl
+          doctl version
+      - name: Authenticate doctl
+        run: doctl auth init -t '${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }}'
       - name: Validate DigitalOcean token
         run: |
           doctl auth validate
@@ -426,10 +443,13 @@ jobs:
           esac
       - name: Build Docker image
         run: |
-          docker build -t ${{ env.REGISTRY }}/hub-admin:${{ github.sha }} \
+          docker build -t ${{ env.REGISTRY }}/<%= config.appName %>-admin:${{ github.sha }} \
             --build-arg NEXT_PUBLIC_API_BASE_URL=${{ env.ADMIN_API_BASE_URL }} \
             --build-arg NEXT_PUBLIC_API_URL=${{ env.ADMIN_API_URL }} \
             --build-arg INTERNAL_API_URL=${{ env.ADMIN_INTERNAL_API_URL }} \
+            --build-arg ADMIN_API_BASE_URL=${{ env.ADMIN_API_BASE_URL }} \
+            --build-arg ADMIN_API_URL=${{ env.ADMIN_API_URL }} \
+            --build-arg ADMIN_INTERNAL_API_URL=${{ env.ADMIN_INTERNAL_API_URL }} \
             -f apps/admin/Dockerfile .
       - name: Push Docker image (sha)
         run: |
@@ -445,6 +465,9 @@ jobs:
         run: |
           kubectl create configmap <%= config.appName %>-admin-config \
             -n ${{ env.NAMESPACE }} \
+            --from-literal=ADMIN_API_BASE_URL='${{ env.ADMIN_API_BASE_URL }}' \
+            --from-literal=ADMIN_API_URL='${{ env.ADMIN_API_URL }}' \
+            --from-literal=ADMIN_INTERNAL_API_URL='${{ env.ADMIN_INTERNAL_API_URL }}' \
             --from-literal=NEXT_PUBLIC_API_BASE_URL='${{ env.ADMIN_API_BASE_URL }}' \
             --from-literal=NEXT_PUBLIC_API_URL='${{ env.ADMIN_API_URL }}' \
             --from-literal=INTERNAL_API_URL='${{ env.ADMIN_INTERNAL_API_URL }}' \
@@ -481,7 +504,7 @@ jobs:
           echo "Inspecting repository ${REPOSITORY} in registry ${REGISTRY_NAME}"
-          TAG_ROWS="$(doctl registry repository list-tags "${REPOSITORY}" --registry "${REGISTRY_NAME}" --format Tag,ManifestDigest --no-header || true)"
+          TAG_ROWS="$(doctl registry repository list-tags "${REGISTRY_NAME}/${REPOSITORY}" --format Tag,ManifestDigest --no-header || true)"
           if [ -z "${TAG_ROWS}" ]; then
             echo "No tags found for ${REPOSITORY}; skipping cleanup."
@@ -532,6 +555,6 @@ jobs:
               continue
             fi
-            doctl registry repository delete-manifest "${REPOSITORY}" "${DIGEST}" --registry "${REGISTRY_NAME}" --force
+            doctl registry repository delete-manifest "${REGISTRY_NAME}/${REPOSITORY}" "${DIGEST}" --force
           done
 <% } %>