Merge pull request #2 from ladesa-ro/feat/ci

feat(ci): build and push image

.devops/development/data/import/.gitignore

@@ -0,0 +1,2 @@
+*
+!.gitignore

devops/development/docker-compose.yml → .devops/development/docker-compose.yml

@@ -1,37 +1,39 @@
 services:
-  sisgea-servc-idp-db:
+  ladesa-ro-auth-db:
     image: bitnami/postgresql:15
-    container_name: sisgea-servc-idp-db
+    container_name: ladesa-ro-auth-db
     volumes:
-      - "sisgea-servc-idp-db-data:/bitnami/postgresql"
+      - "ladesa-ro-auth-db-data:/bitnami/postgresql"
       - "./volumes/db/scripts/docker-entrypoint-initdb.d:/docker-entrypoint-initdb.d"
     env_file:
       - .kc-db.env
     networks:
-      sisgea-net:
+      ladesa-net:
     ports:
       - 127.128.5.11:5432:5432
 
-  sisgea-servc-idp:
+  ladesa-ro-auth:
     build:
-      context: ../docker/sso/image
+      context: ../../
       args:
         - KEYCLOAK_EXTRA_ARGS=-Dkeycloak.profile.feature.scripts=enabled
     entrypoint: /opt/keycloak/bin/kc.sh
     command: start-dev --import-realm
-    container_name: sisgea-servc-idp
+    container_name: ladesa-ro-auth
+    volumes:
+      - ./data/import:/opt/keycloak/data/import/
     env_file:
       - .kc.env
     depends_on:
-      - sisgea-servc-idp-db
+      - ladesa-ro-auth-db
     networks:
-      sisgea-net:
+      ladesa-net:
     ports:
       - 127.128.5.10:8080:8080
 
 networks:
-  sisgea-net:
+  ladesa-net:
     external: true
 
 volumes:
-  sisgea-servc-idp-db-data:
+  ladesa-ro-auth-db-data:

.github/dependabot.yml

@@ -0,0 +1,25 @@
+version: 2
+updates:
+  - package-ecosystem: docker
+    directory: '/'
+    schedule:
+      interval: 'daily'
+    open-pull-requests-limit: 10
+
+  - package-ecosystem: docker
+    directory: '/.devops'
+    schedule:
+      interval: 'daily'
+    open-pull-requests-limit: 10
+
+  - package-ecosystem: github-actions
+    directory: '/.github/workflows'
+    schedule:
+      interval: 'daily'
+    open-pull-requests-limit: 10
+
+  - package-ecosystem: npm
+    directory: '/'
+    schedule:
+      interval: 'daily'
+    open-pull-requests-limit: 10

.github/workflows/ci.yml

@@ -0,0 +1,86 @@
+name: Continuous Integration
+
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - "main"
+      - "production"
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+env:
+  CI_DEVELOPMENT_BRANCH: ${{ vars.CI_DEVELOPMENT_BRANCH }}
+  CI_PRODUCTION_BRANCH: ${{ vars.CI_PRODUCTION_BRANCH }}
+
+  ENABLE_BUILD_IMAGE: ${{ vars.ENABLE_BUILD_IMAGE }}
+  IMAGE_TAG_DEVELOPMENT: ${{ vars.IMAGE_TAG_DEVELOPMENT }}
+  IMAGE_TAG_PRODUCTION: ${{ vars.IMAGE_TAG_PRODUCTION }}
+
+  ENABLE_PUSH_IMAGE: ${{ vars.ENABLE_PUSH_IMAGE }}
+
+  REGISTRY_URL: ghcr.io
+  REGISTRY_USERNAME: ${{ github.actor }}
+  REGISTRY_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  IMAGE_NAME: ${{ github.repository }}
+
+  # REGISTRY_URL: ${{ secrets.REGISTRY_URL }}
+  # REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }}
+  # REGISTRY_TOKEN: ${{ secrets.REGISTRY_TOKEN }}
+  # IMAGE_NAME: ${{ vars.IMAGE_NAME }}
+
+  ENABLE_TRIGGER_DEPLOY: ${{ vars.ENABLE_TRIGGER_DEPLOY }}
+  DEPLOY_DISPATCH_TOKEN: ${{ secrets.DEPLOY_DISPATCH_TOKEN }}
+  DEPLOY_OWNER: ${{ vars.DEPLOY_OWNER }}
+  DEPLOY_REPOSITORY: ${{ vars.DEPLOY_REPOSITORY }}
+  DEPLOY_WORKFLOW: ${{ vars.DEPLOY_WORKFLOW }}
+  DEPLOY_BRANCH: ${{ vars.DEPLOY_BRANCH }}
+
+jobs:
+  image-build-push:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to Registry
+        if: ${{ env.ENABLE_PUSH_IMAGE == 'true' }}
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY_URL }}
+          username: ${{ env.REGISTRY_USERNAME }}
+          password: ${{ env.REGISTRY_TOKEN }}
+
+      - name: Build (and push if enabled) channel development
+        if: ${{ env.ENABLE_BUILD_IMAGE == 'true' && github.ref_name == env.CI_DEVELOPMENT_BRANCH }}
+        uses: docker/build-push-action@v6
+        with:
+          push: ${{ env.ENABLE_PUSH_IMAGE == 'true' }}
+          tags: ${{ env.REGISTRY_URL }}/${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG_DEVELOPMENT }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+
+      - name: Build (and push if enabled) channel production
+        if: ${{ env.ENABLE_BUILD_IMAGE == 'true' && github.ref_name == env.CI_PRODUCTION_BRANCH }}
+        uses: docker/build-push-action@v6
+        with:
+          push: ${{ env.ENABLE_PUSH_IMAGE == 'true' }}
+          tags: ${{ env.REGISTRY_URL }}/${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG_PRODUCTION }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+
+      - name: Dispatch infrastructure deploy workflow
+        if: ${{ env.ENABLE_BUILD_IMAGE == 'true' && env.ENABLE_PUSH_IMAGE == 'true' && env.ENABLE_TRIGGER_DEPLOY == 'true' }}
+        run: |
+          curl -L \
+            -X POST \
+            -H "Accept: application/vnd.github+json" \
+            -H "Authorization: Bearer ${{ env.DEPLOY_DISPATCH_TOKEN }}" \
+            -H "X-GitHub-Api-Version: 2022-11-28" \
+            https://api.github.com/repos/${{ env.DEPLOY_OWNER }}/${{ env.DEPLOY_REPOSITORY }}/actions/workflows/${{ env.DEPLOY_WORKFLOW }}/dispatches \
+            -d '{"ref":"${{ env.DEPLOY_BRANCH }}","inputs":{}}'

.gitignore

@@ -1,4 +1,5 @@
 #
+
 *.env
 node_modules
 

devops/docker/sso/image-clean/Dockerfile → Dockerfile

@@ -8,5 +8,6 @@ RUN /opt/keycloak/bin/kc.sh build
 
 FROM quay.io/keycloak/keycloak:23.0
 COPY --from=builder /opt/keycloak/ /opt/keycloak/
+# COPY ./devops/development/data/import /opt/keycloak/data/import/
 WORKDIR /opt/keycloak
 ENTRYPOINT ["/opt/keycloak/bin/kc.sh", "start", "--spi-login-protocol-openid-connect-legacy-logout-redirect-uri=true", "--optimized", "--proxy=edge"]

Makefile

@@ -1,19 +1,45 @@
+
+d_network=ladesa-net
+d_container_app=ladesa-ro-auth
+
+compose_options=--file .devops/development/docker-compose.yml -p ladesa-ro-auth
+
 dev-setup:
 
-	$(shell (cd devops/development; find . -type f -name "*.example" -exec sh -c 'cp -n {} $$(basename {} .example)' \;))
+	$(shell (cd .devops/development; find . -type f -name "*.example" -exec sh -c 'cp -n {} $$(basename {} .example)' \;))
 
-	$(shell sudo docker network create sisgea-net 2>/dev/null)
+	$(shell (bash -c "sudo docker network create $(d_network) &>/dev/null"))
 
 dev-up:
 	make dev-setup;
-	sudo docker compose --file devops/development/docker-compose.yml -p sisgea-servc-idp up -d --build;
+	sudo docker compose $(compose_options) up -d --remove-orphans;
 
 dev-shell:
+	make dev-setup;
 	make dev-up;
-	sudo docker compose --file devops/development/docker-compose.yml -p sisgea-servc-idp exec sisgea-servc-idp bash;
+	sudo docker compose $(compose_options) exec $(d_container_app) bash;
+
+dev-shell-root:
+	make dev-setup;
+	make dev-up;
+	sudo docker compose $(compose_options) exec -u root $(d_container_app) bash;
 
 dev-down:
-	sudo docker compose --file devops/development/docker-compose.yml -p sisgea-servc-idp stop
+	make dev-setup;
+	sudo docker compose $(compose_options) stop;
 
 dev-logs:
-	sudo docker compose --file devops/development/docker-compose.yml -p sisgea-servc-idp logs -f
+	make dev-setup;
+	sudo docker compose $(compose_options) logs -f
+
+
+dev-start:
+	make dev-setup;
+	make dev-down;
+	make dev-up;
+
+	sudo docker compose $(compose_options) exec -u node --no-TTY -d $(d_container_app) bash -c "npm i && npm run migration:run && npm run start:dev" \&;
+
+dev-cleanup:
+	make dev-down;
+	sudo docker compose $(compose_options) down -v;

README.md

@@ -1,18 +1,20 @@
-# sisgea-account
+# auth
 
-## Desenvolvimento
+## Configuração Local
 
-```
-git clone https://github.com/sisgha/sisgea-account.git;
-cd sisgea-account;
+### Obter o código fonte do projeto
+
+```sh
+git clone https://github.com/ladesa-ro/auth.git
+cd auth
 ```
 
-### Serviços do [devops/development/docker-compose.yml](./devops/development/docker-compose.yml)
+### Serviços do [.devops/development/docker-compose.yml](./.devops/development/docker-compose.yml)
 
-| Host                  | Endereço            | Descrição               | Plataforma Base                    |
-| --------------------- | ------------------- | ----------------------- | ---------------------------------- |
-| `sisgea-servc-idp`    | `127.128.5.10:8080` | Aplicação KeyCloak      | `quay.io/keycloak/keycloak:21.1.2` |
-| `sisgea-servc-idp-db` | `127.128.5.11:5432` | Banco de dados postgres | `docker.io/bitnami/postgresql:15`  |
+| Host                | Endereço            | Descrição               | Plataforma Base                   |
+| ------------------- | ------------------- | ----------------------- | --------------------------------- |
+| `ladesa-ro-auth`    | `127.128.5.10:8080` | Aplicação KeyCloak      | `quay.io/keycloak/keycloak:23.0`  |
+| `ladesa-ro-auth-db` | `127.128.5.11:5432` | Banco de dados postgres | `docker.io/bitnami/postgresql:15` |
 
 ### Scripts Make