diff --git a/.github/workflows/deploy-prod.yml b/.github/workflows/deploy-prod.yml index 848c6e3..e8c8b1d 100644 --- a/.github/workflows/deploy-prod.yml +++ b/.github/workflows/deploy-prod.yml @@ -45,6 +45,8 @@ jobs: envkey_AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} envkey_AWS_REGION_NAME: ${{ secrets.AWS_REGION_NAME }} envkey_AWS_BUCKET_NAME: ${{ secrets.AWS_BUCKET_NAME }} + envkey_VIRUS_CHECKER_TYPE: ${{ secrets.VIRUS_CHECKER_TYPE }} + envkey_VIRUS_CHECKER_API_KEY: ${{ secrets.VIRUS_CHECKER_API_KEY }} - name: Inserts Prod Enviromental Variables run: | diff --git a/.github/workflows/deploy-staging.yml b/.github/workflows/deploy-staging.yml index 756a6a5..f1f4d0b 100644 --- a/.github/workflows/deploy-staging.yml +++ b/.github/workflows/deploy-staging.yml @@ -45,12 +45,14 @@ jobs: envkey_AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} envkey_AWS_REGION_NAME: ${{ secrets.AWS_REGION_NAME }} envkey_AWS_BUCKET_NAME: ${{ secrets.AWS_BUCKET_NAME }} + envkey_VIRUS_CHECKER_TYPE: ${{ secrets.VIRUS_CHECKER_TYPE }} + envkey_VIRUS_CHECKER_API_KEY: ${{ secrets.VIRUS_CHECKER_API_KEY }} - - name: Inserts Prod Enviromental Variables - run: | - python -m pip install --upgrade pip pipenv - pipenv install - pipenv run python setup.py -e staging -f .env + # - name: Inserts Prod Enviromental Variables + # run: | + # python -m pip install --upgrade pip pipenv + # pipenv install + # pipenv run python setup.py -e staging -f .env - name: copy file via ssh uses: appleboy/scp-action@master @@ -62,13 +64,13 @@ jobs: source: "." target: "infra-hideyoshi.com" - - name: executing remote ssh commands - uses: appleboy/ssh-action@master - with: - host: ${{ secrets.SSH_HOST }} - username: ${{ secrets.SSH_USER }} - port: ${{ secrets.SSH_PORT }} - key: ${{ secrets.SSH_KEY }} - script: | - cd infra-hideyoshi.com - ./deploy.sh --staging \ No newline at end of file + # - name: executing remote ssh commands + # uses: appleboy/ssh-action@master + # with: + # host: ${{ secrets.SSH_HOST }} + # username: ${{ secrets.SSH_USER }} + # port: ${{ secrets.SSH_PORT }} + # key: ${{ secrets.SSH_KEY }} + # script: | + # cd infra-hideyoshi.com + # ./deploy.sh --staging \ No newline at end of file diff --git a/.gitignore b/.gitignore index 0b4e79b..9a6a0f0 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,4 @@ -.env +.env* .secret* diff --git a/deployment/storage/storage-processor.yaml b/deployment/storage/storage-processor.yaml index 327dc07..32d0679 100644 --- a/deployment/storage/storage-processor.yaml +++ b/deployment/storage/storage-processor.yaml @@ -16,7 +16,8 @@ spec: containers: - name: storage-processor image: yoshiunfriendly/storage-hideyoshi.com:latest - command: [ "poetry", "run", "rq", "worker", " --with-scheduler" ] + command: [ "./run-queue.sh" ] + args: [ "-q" ] imagePullPolicy: "Always" env: - name: REDIS_BASE_URL @@ -38,4 +39,46 @@ spec: key: redis-password - name: REDIS_URL - value: "redis://:$(REDIS_PASSWORD)@$(REDIS_BASE_URL):$(REDIS_PORT)" \ No newline at end of file + value: "redis://:$(REDIS_PASSWORD)@$(REDIS_BASE_URL):$(REDIS_PORT)" + + - name: STORAGE_TYPE + valueFrom: + secretKeyRef: + name: storage-secret + key: storage_type + + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + name: storage-secret + key: aws_access_key_id + + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + name: storage-secret + key: aws_access_access_key + + - name: AWS_REGION_NAME + valueFrom: + secretKeyRef: + name: storage-secret + key: aws_region_name + + - name: AWS_BUCKET_NAME + valueFrom: + secretKeyRef: + name: storage-secret + key: aws_bucket_name + + - name: VIRUS_CHECKER_TYPE + valueFrom: + secretKeyRef: + name: storage-secret + key: virus_checker_type + + - name: VIRUS_CHECKER_API_KEY + valueFrom: + secretKeyRef: + name: storage-secret + key: virus_checher_api_key \ No newline at end of file diff --git a/deployment/storage/storage.yaml b/deployment/storage/storage.yaml index 10ff8ed..73d14dc 100644 --- a/deployment/storage/storage.yaml +++ b/deployment/storage/storage.yaml @@ -86,6 +86,18 @@ spec: name: storage-secret key: aws_bucket_name + - name: VIRUS_CHECKER_TYPE + valueFrom: + secretKeyRef: + name: storage-secret + key: virus_checker_type + + - name: VIRUS_CHECKER_API_KEY + valueFrom: + secretKeyRef: + name: storage-secret + key: virus_checher_api_key + --- apiVersion: v1 kind: Service diff --git a/setup.py b/setup.py index 8147b65..5e0fc16 100644 --- a/setup.py +++ b/setup.py @@ -31,38 +31,19 @@ ENV_VARIABLES = [ "AWS_SECRET_ACCESS_KEY", "AWS_REGION_NAME", "AWS_BUCKET_NAME", + "VIRUS_CHECKER_TYPE", + "VIRUS_CHECKER_API_KEY", ] -FORCE_BASE64_FIELD = [ - "OAUTH_GITHUB_CLIENT_ID", - "OAUTH_GITHUB_CLIENT_SECRET", - "AWS_ACCESS_KEY_ID", - "AWS_SECRET_ACCESS_KEY", -] - - -def is_force_base64_fields(field: str) -> bool: - return field in FORCE_BASE64_FIELD - - -def is_validate_base64(value: str) -> bool: - if not isinstance(value, str): - return False - - try: - if b64encode(b64decode(value)).decode() == value: - return True - except: - pass - - return False - def setting_environment(environment: str): - if not environment in ("prod", "staging", "dev"): + if not environment in ("prod", "staging", "local", "dev"): raise ValueError("Invalid Environment Selected") match environment: + case "local": + DOMAIN = "local.hideyoshi.com.br" + API_DOMAIN = "api.local.hideyoshi.com.br" case "staging": DOMAIN = "staging.hideyoshi.com.br" API_DOMAIN = "api.staging.hideyoshi.com.br" @@ -85,11 +66,8 @@ def load_secret_file(file: str): def fetch_env_variables(): for env in ENV_VARIABLES: value = os.environ[env] - if not is_force_base64_fields(env) and is_validate_base64(value): - os.environ[env] = value - else: - value = value.encode("utf-8") - os.environ[env] = b64encode(value).decode() + value = value.encode("utf-8") + os.environ[env] = b64encode(value).decode() def envsubst_file(file: PosixPath): diff --git a/template/storage/storage-secret.template.yaml b/template/storage/storage-secret.template.yaml index 4da3faf..959a281 100644 --- a/template/storage/storage-secret.template.yaml +++ b/template/storage/storage-secret.template.yaml @@ -9,4 +9,6 @@ data: aws_access_key_id: $AWS_ACCESS_KEY_ID aws_access_access_key: $AWS_SECRET_ACCESS_KEY aws_region_name: $AWS_REGION_NAME - aws_bucket_name: $AWS_BUCKET_NAME \ No newline at end of file + aws_bucket_name: $AWS_BUCKET_NAME + virus_checker_type: $VIRUS_CHECKER_TYPE + virus_checher_api_key: $VIRUS_CHECKER_API_KEY \ No newline at end of file