init

Author: Andreas Skomedal

.github/workflows/etterlevelse-backend.yml

@@ -0,0 +1,73 @@
+name: Backend
+
+on:
+  push:
+    paths:
+      - '.github/workflows/etterlevelse-backend.yml'
+      - 'apps/backend/**'
+
+env:
+  IMAGE: docker.pkg.github.com/${{ github.repository }}/etterlevelsebackend:${{ github.sha }}
+
+defaults:
+  run:
+    working-directory: apps/backend
+
+jobs:
+  build:
+    name: Backend - build and push docker
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v1
+      - uses: actions/[email protected]
+        with:
+          path: ~/.m2/repository
+          key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
+
+      - name: Set up JDK 15
+        uses: actions/setup-java@v1
+        with:
+          java-version: '15.x'
+      - name: Build
+        run: mvn compile
+      - name: Test and Package
+        run: mvn package
+
+      - name: docker
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          docker build --tag ${IMAGE} .
+          docker login docker.pkg.github.com -u ${GITHUB_REPOSITORY} -p ${GITHUB_TOKEN}
+          docker push ${IMAGE}
+
+  deploy-preprod:
+    name: Backend - deploy Dev GCP
+    needs: build
+    if: github.ref == 'refs/heads/master'
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v1
+      - uses: nais/deploy/actions/deploy@v1
+        env:
+          APIKEY: ${{ secrets.NAIS_DEPLOY_APIKEY }}
+          CLUSTER: dev-gcp
+          RESOURCE: apps/backend/nais/backend-gcp.yaml
+          VARS: apps/backend/nais/backend-dev-gcp-vars.yaml
+          ENVIRONMENT: dev-gcp:teamdatajegerne:etterlevelse-backend
+
+  deploy-prod:
+    name: Backend - deploy Prod GCP
+    needs: build
+    if: github.ref == 'refs/heads/prod'
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v1
+      - uses: nais/deploy/actions/deploy@v1
+        env:
+          APIKEY: ${{ secrets.NAIS_DEPLOY_APIKEY }}
+          CLUSTER: prod-gcp
+          RESOURCE: apps/backend/nais/backend-gcp.yaml
+          VARS: apps/backend/nais/backend-prod-gcp-vars.yaml
+          ENVIRONMENT: prod-gcp:teamdatajegerne:etterlevelse-backend

.github/workflows/etterlevelse-frontend.yml

@@ -0,0 +1,76 @@
+name: Frontend
+
+on:
+    push:
+        paths:
+            - ".github/workflows/etterlevelse-frontend.yml"
+            - "apps/frontend/**"
+
+env:
+    IMAGE: docker.pkg.github.com/${{ github.repository }}/etterlevelsefront${{ github.ref == 'refs/heads/prod' }}:${{ github.sha }}
+
+defaults:
+  run:
+    working-directory: apps/frontend
+
+jobs:
+    build:
+        name: Frontend - build and push docker
+        runs-on: ubuntu-latest
+
+        steps:
+            - uses: actions/checkout@v1
+            - name: Set up node
+              uses: actions/setup-node@v1
+              with:
+                  node-version: "13.x"
+            
+            - name: npm install
+              run: npm i
+            - name: use prod config
+              if: github.ref == 'refs/heads/prod'
+              run: cp .env.prod .env
+            - name: add version
+              env:
+                GITHUB_SHA: ${{ github.sha }}
+              run: echo "REACT_APP_GIT_VERSION=${GITHUB_SHA}" >> .env
+            
+            - name: Build
+              run: CI=false npm run build
+            - name: Docker
+              env:
+                  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+              run: |
+                  docker build --tag ${IMAGE} .
+                  docker login docker.pkg.github.com -u ${GITHUB_REPOSITORY} -p ${GITHUB_TOKEN}
+                  docker push ${IMAGE}
+
+    deploy-preprod:
+        name: Frontend - deploy Dev GCP
+        needs: build
+        if: github.ref == 'refs/heads/master'
+        runs-on: ubuntu-latest
+        steps:
+            - uses: actions/checkout@v1
+            - uses: nais/deploy/actions/deploy@v1
+              env:
+                  APIKEY: ${{ secrets.NAIS_DEPLOY_APIKEY }}
+                  CLUSTER: dev-gcp
+                  RESOURCE: apps/frontend/nais/frontend-gcp.yaml
+                  VARS: apps/frontend/nais/frontend-dev-gcp-vars.yaml
+                  ENVIRONMENT: dev-gcp:teamdatajegerne:etterlevelse-frontend
+
+    deploy-prod:
+        name: Frontend - deploy Prod GCP
+        needs: build
+        if: github.ref == 'refs/heads/prod'
+        runs-on: ubuntu-latest
+        steps:
+            - uses: actions/checkout@v1
+            - uses: nais/deploy/actions/deploy@v1
+              env:
+                  APIKEY: ${{ secrets.NAIS_DEPLOY_APIKEY }}
+                  CLUSTER: prod-gcp
+                  RESOURCE: apps/frontend/nais/frontend-gcp.yaml
+                  VARS: apps/frontend/nais/frontend-prod-gcp-vars.yaml
+                  ENVIRONMENT: prod-gcp:teamdatajegerne:etterlevelse-frontend

.gitignore

@@ -0,0 +1,27 @@
+
+# IDE
+.idea
+*.iml
+
+# dependencies
+node_modules
+.pnp
+.pnp.js
+
+# testing
+/coverage
+
+target
+build
+
+# misc
+.DS_Store
+.env.local
+.env.development.local
+.env.test.local
+.env.production.local
+
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+package-lock.json

LICENSE

@@ -0,0 +1,21 @@
+#MIT License
+
+Copyright 2019 NAV (Arbeids- og velferdsdirektoratet) - The Norwegian Labour and Welfare Administration
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

apps/backend/Dockerfile

@@ -0,0 +1,20 @@
+FROM openjdk:15-slim as builder
+WORKDIR application
+COPY target/app-exec.jar application.jar
+RUN java -Djarmode=layertools -jar application.jar extract
+
+FROM navikt/java:15
+
+ENV MAIN_CLASS=org.springframework.boot.loader.JarLauncher
+ENV JAVA_OPTS="-Xmx850m \
+               --enable-preview \
+               -Djava.security.egd=file:/dev/./urandom"
+COPY run-java.sh /
+
+COPY --from=builder application/dependencies/ ./
+RUN true
+COPY --from=builder application/snapshot-dependencies/ ./
+RUN true
+COPY --from=builder application/spring-boot-loader/ ./
+RUN true
+COPY --from=builder application/application/ ./

apps/backend/docker-compose.yml

@@ -0,0 +1,15 @@
+version: '3.7'
+services:
+  postgres:
+    image: postgres:12
+    restart: always
+    environment:
+      - POSTGRES_USER=etterlev
+      - POSTGRES_PASSWORD=password
+    volumes:
+      - postgres:/var/lib/postgresql/data
+    ports:
+      - 5433:5432
+
+volumes:
+  postgres:

apps/backend/nais/backend-dev-gcp-vars.yaml

@@ -0,0 +1,14 @@
+ingresses:
+  - https://etterlevelse-api.dev.intern.nav.no
+replies:
+  - https://etterlevelse-api.dev.intern.nav.no/oauth2/callback
+  - https://etterlevelse.dev.intern.nav.no/oauth2/callback
+  - http://localhost:8080/oauth2/callback
+  - http://localhost:3000/oauth2/callback
+env:
+  - name: ETTERLEV_SECURITY_REDIRECT_URIS
+    value: https://etterlevelse.dev.intern.nav.no,https://etterlevelse-api.dev.intern.nav.no,http://localhost:3000
+  - name: AZURE_CLIENT_GROUPS
+    value: 2ee0ef50-718c-43d3-8c05-c839f2dc2490
+  - name: AZURE_CLIENT_GROUPS_ADMIN
+    value: bf05a29f-6f80-4da1-b419-22c802fd41e7

apps/backend/nais/backend-gcp.yaml

@@ -0,0 +1,68 @@
+apiVersion: "nais.io/v1alpha1"
+kind: "Application"
+metadata:
+  name: etterlevelse-backend
+  namespace: teamdatajegerne
+  labels:
+    team: teamdatajegerne 
+spec:
+  image: {{image}}
+  port: 8080
+  azure:
+    application:
+      enabled: true
+      replyURLs:
+      {{#each replies as |url|}}
+         - {{url}}
+      {{/each}}
+  tokenx:
+    enabled: true
+  ingresses:
+  {{#each ingresses as |url|}}
+    - {{url}}
+  {{/each}}
+  replicas:
+    min: 2
+    max: 2
+    cpuThresholdPercentage: 50
+  resources:
+    limits:
+      cpu: 1000m
+      memory: 1024Mi
+    requests:
+      memory: 512Mi
+  liveness:
+    path: internal/isAlive
+    initialDelay: 10
+    periodSeconds: 5
+    failureThreshold: 30
+  readiness:
+    path: internal/isReady
+    initialDelay: 10
+    periodSeconds: 5
+    failureThreshold: 30
+  prometheus:
+    enabled: true
+    path: internal/metrics
+  envFrom:
+    - secret: etterlevelse-enckey
+  env:
+  {{#each env}}
+    - name: {{this.name}}
+      value: {{this.value}}
+  {{/each}}
+
+  gcp:
+    sqlInstances:
+      - name: etterlevelse
+        type: POSTGRES_12
+        databases:
+          - name: etterlevelsedb
+            envVarPrefix: DB
+  accessPolicy:
+    inbound:
+      rules:
+        - application: etterlevelse-frontend
+    outbound:
+      external:
+        - host: teamkatalog-api.dev-fss-pub.nais.io

apps/backend/nais/backend-prod-gcp-vars.yaml

@@ -0,0 +1,11 @@
+ingresses:
+  - https://etterlevelse-api.intern.nav.no
+replies:
+  - https://etterlevelse.intern.nav.no/oauth2/callback
+env:
+  - name: ETTERLEV_SECURITY_REDIRECT_URIS
+    value: https://etterlevelse.intern.nav.no
+  - name: AZURE_CLIENT_GROUPS
+    value: 2ee0ef50-718c-43d3-8c05-c839f2dc2490
+  - name: AZURE_CLIENT_GROUPS_ADMIN
+    value: bf05a29f-6f80-4da1-b419-22c802fd41e7