digital-asset/daml
1
1
Fork 0
mirror of https://github.com/digital-asset/daml.git synced 2024-10-26 13:17:54 +03:00
Code Issues Projects Releases Wiki Activity

target s3 bucket with docs refresh script (#1287)

Browse Source 
There is no simple way to configure GCS to serve the desired security
headers, so instead the script will keep updating the existing s3
bucket.

Consequent changes:

- Add aws cli tool to dev-env
- Remove docs bucket from Terraform
This commit is contained in:
Gary Verhaegen 2019-05-21 23:26:07 +01:00 committed by mergify[bot]
parent be2457cc6a
commit c762d491ea
9 changed files with 20 additions and 105 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
azure-cron.yml
View File

@ -22,6 +22,8 @@ jobs:
- bash: |
set -euo pipefail
CUR_SHA=$(git rev-parse HEAD)
robustly_download_nix_pkgs() {
# In recent commits, this is part of the dev-env-install script.
# However, we have to copy it here to apply it to older versions.
@ -66,16 +68,23 @@ jobs:
mkdir -p $DOCDIR/${version#v}
tar xzf bazel-genfiles/docs/html.tar.gz --strip-components=1 -C $DOCDIR/${version#v} >$LOG 2>&1
done
echo "Maintain proper 404 page"
curl -s https://docs.daml.com/not-found.html > $DOCDIR/not-found.html
echo "Pushing to GCS bucket..."
GCS_KEY=$(mktemp)
echo "$GOOGLE_APPLICATION_CREDENTIALS_CONTENT" > $GCS_KEY
gcloud auth activate-service-account --key-file=$GCS_KEY >$LOG 2>&1
BOTO_CONFIG=/dev/null gsutil rsync -d -r $DOCDIR gs://daml-docs >$LOG 2>&1
git checkout $CUR_SHA
echo "Pushing to S3 bucket..."
aws s3 sync $DOCDIR \
s3://docs-daml-com/ \
--delete \
--acl public-read \
--exclude '*.doctrees/*' \
--exclude '*.buildinfo'
echo "Refreshing CloudFront cache..."
aws cloudfront create-invalidation \
--distribution-id E1U753I56ERH55 \
--paths '/*'
echo "Done."
env:
GOOGLE_APPLICATION_CREDENTIALS_CONTENT: $(GOOGLE_APPLICATION_CREDENTIALS_CONTENT)
AWS_ACCESS_KEY_ID: $(AWS_ACCESS_KEY_ID)
AWS_SECRET_ACCESS_KEY: $(AWS_SECRET_ACCESS_KEY)
- task: PublishPipelineArtifact@0
condition: always()
inputs:

1
dev-env/bin/aws Symbolic link
View File

@ -0,0 +1 @@
../lib/dade-exec-nix-tool

37
infra/docs_bucket.tf
View File

@ -1,37 +0,0 @@
# Copyright (c) 2019 Digital Asset (Switzerland) GmbH and/or its affiliates. All rights reserved.
# SPDX-License-Identifier: Apache-2.0
// Setup the documentation bucket
locals {
doc_bucket = "daml-docs"
// see main.tf for additional locals
}
module "daml_docs" {
source = "./modules/gcp_cdn_bucket"
labels = "${local.labels}"
name = "${local.doc_bucket}"
project = "${local.project}"
region = "${local.region}"
ssl_certificate = "${local.ssl_certificate}"
default_file = "docs"
// We do not want to delete anything here, but Terraform composition is hard
// so instead keep objects for 100 years.
cache_retention_days = 36500
}
// allow rw access for CI writer (see writer.tf)
resource "google_storage_bucket_iam_member" "docs_bucket_writer" {
bucket = "${module.daml_docs.bucket_name}"
# https://cloud.google.com/storage/docs/access-control/iam-roles
role = "roles/storage.objectAdmin"
member = "serviceAccount:${google_service_account.writer.email}"
}
output "daml_docs_ip" {
value = "${module.daml_docs.external_ip}"
}

1
infra/modules/gcp_cdn_bucket/README.md
View File

@ -19,7 +19,6 @@ It also makes a few assumptions:
| Name | Description | Type | Default | Required |
|------|-------------|:----:|:-----:|:-----:|
| cache\_retention\_days | The number of days to keep the objects around | string | n/a | yes |
| default\_file | The name of the file (from the files folder) to show for unknown paths. Currently one of cache or docs. | string | `"cache"` | no |
| labels | Labels to apply on all the resources | map | `<map>` | no |
| name | Name prefix for all the resources | string | n/a | yes |
| project | GCP project name | string | n/a | yes |

42
infra/modules/gcp_cdn_bucket/files/docs.html
View File

@ -1,42 +0,0 @@
<!-- Copyright (c) 2019 Digital Asset (Switzerland) GmbH and/or its affiliates. All rights reserved. -->
<!-- SPDX-License-Identifier: Apache-2.0 -->
<html>
<head>
<link href="https://fonts.googleapis.com/css?family=Montserrat" rel="stylesheet">
<link href="https://fonts.googleapis.com/css?family=Karla" rel="stylesheet">
</head>
<body>
<svg width="840px" height="226px" version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
viewBox="0 0 840.2 226" style="display:block; margin:100px auto 50px; enable-background:new 0 0 840.2 226;" xml:space="preserve">
<style type="text/css">
.st0{fill:#21356A;}
.st1{fill-rule:evenodd;clip-rule:evenodd;fill:#517CD9;}
.st2{fill-rule:evenodd;clip-rule:evenodd;fill:url(#SVGID_1_);}
.st3{fill-rule:evenodd;clip-rule:evenodd;fill:#21356A;}
.st4{fill-rule:evenodd;clip-rule:evenodd;fill:#81A9FF;}
</style>
<path class="st0" d="M687.3,0h-59.2l-59.5,157.2L508.4,0h-60.2v226H499V85.9L549.2,226h38.6l48.6-140.1V226h50.9V0z"/>
<path class="st0" d="M776.1,180.8V0H724v226h116.2v-45.2H776.1z"/>
<path class="st0" d="M0,0v226h82.7c18.7,0,35.3-3.2,49.9-9.5c14.6-6.3,26.9-14.8,36.9-25.3c10-10.5,17.5-22.6,22.7-36.2
c5.1-13.6,7.7-27.5,7.7-42c0-14.4-2.6-28.4-7.9-42c-5.3-13.6-12.9-25.6-22.9-36.2c-10-10.5-22.2-19-36.7-25.3
C118,3.2,101.4,0,82.7,0H0z M80.1,45.2c10.5,0,19.9,1.9,28.2,5.6c8.3,3.8,15.2,8.8,20.9,15.2c5.7,6.4,10,13.6,13,21.8
c3,8.2,4.5,16.6,4.5,25.2c0,8.8-1.5,17.3-4.5,25.3c-3,8.1-7.4,15.3-13,21.6c-5.7,6.4-12.7,11.4-20.9,15.2
c-8.3,3.8-17.7,5.6-28.2,5.6h-28V45.2H80.1z"/>
<g>
<path class="st1" d="M285.4,2.1h50.3L406.1,226h-50.3L285.4,2.1z"/>
<linearGradient id="SVGID_1_" gradientUnits="userSpaceOnUse" x1="431.8985" y1="200.2006" x2="259.5836" y2="27.8857">
<stop offset="0" style="stop-color:#517CD9"/>
<stop offset="1" style="stop-color:#2C58B9"/>
</linearGradient>
<path class="st2" d="M285.4,2.1h50.3L406.1,226h-50.3L285.4,2.1z"/>
</g>
<polygon class="st3" points="290.4,146 265.3,226 215,226 240.1,146 "/>
<polygon class="st4" points="335.7,2.1 309.9,84.1 259.6,84.1 285.4,2.1 "/>
</svg>
<div style="text-align: center;">
<h1 style="font-family:Montserrat; font-weight:bold; font-size:30pt; color:#3A478F">There is nothing here</h1>
<a href="https://docs.daml.com/" style="font-family:Karla; font-size:20pt; color:#5C86DF">Back to safety</a>
</div>
</body>
</html>

0
infra/modules/gcp_cdn_bucket/files/cache.html → infra/modules/gcp_cdn_bucket/files/index.html
View File

13
infra/modules/gcp_cdn_bucket/google_storage.tf
View File

@ -41,7 +41,6 @@ resource "google_storage_bucket" "default" {
website {
main_page_suffix = "index.html"
not_found_page = "${var.default_file == "docs" ? "not-found.html" : ""}"
}
force_destroy = true
@ -54,19 +53,9 @@ resource "google_storage_bucket_acl" "default" {
}
resource "google_storage_bucket_object" "default" {
count = "${var.default_file == "cache" ? 1 : 0}"
name = "index.html"
bucket = "${google_storage_bucket.default.name}"
content = "${file("${path.module}/files/${var.default_file}.html")}"
content_type = "text/html"
depends_on = ["google_storage_bucket_acl.default"]
}
resource "google_storage_bucket_object" "not_found" {
count = "${var.default_file == "docs" ? 1 : 0}"
name = "not-found.html"
bucket = "${google_storage_bucket.default.name}"
content = "${file("${path.module}/files/${var.default_file}.html")}"
content = "${file("${path.module}/files/index.html")}"
content_type = "text/html"
depends_on = ["google_storage_bucket_acl.default"]
}

5
infra/modules/gcp_cdn_bucket/variables.tf
View File

@ -26,8 +26,3 @@ variable "ssl_certificate" {
variable "cache_retention_days" {
description = "The number of days to keep the objects around"
}
variable "default_file" {
description = "The name of the file (from the files folder) to show for unknown paths. Currently one of cache or docs."
default = "cache"
}

1
nix/packages.nix
View File

@ -245,6 +245,7 @@ in rec {
jfrog = pkgs.callPackage ./tools/jfrog-cli {};
# Cloud tools
aws = pkgs.awscli;
gcloud = pkgs.google-cloud-sdk;
bq = gcloud;
gsutil = gcloud;