From acdb38b6a999f90af070be7b168a4f2d9bb594e1 Mon Sep 17 00:00:00 2001 From: Brijesh-Thakkar Date: Wed, 1 Oct 2025 06:34:16 +0530 Subject: [PATCH 1/6] issue_426 --- .github/workflows/publish-dashboard.yml | 77 +++----------- .github/workflows/publish-state-mangaer.yml | 108 ++++---------------- 2 files changed, 35 insertions(+), 150 deletions(-) diff --git a/.github/workflows/publish-dashboard.yml b/.github/workflows/publish-dashboard.yml index 03ab8435..a99ab50a 100644 --- a/.github/workflows/publish-dashboard.yml +++ b/.github/workflows/publish-dashboard.yml @@ -1,4 +1,4 @@ -name: Publish Dashboard image to GHCR +name: Publish Dashboard Image on: push: @@ -9,13 +9,8 @@ on: types: [published] workflow_dispatch: -env: - REGISTRY: ghcr.io - IMAGE_NAME: ${{ github.repository_owner }}/exosphere-dashboard - SHA_TAG: ${{ github.sha }} - jobs: - publish-image-on-ghcr: + build-and-publish: runs-on: ubuntu-latest if: github.repository == 'exospherehost/exospherehost' @@ -23,85 +18,43 @@ jobs: contents: read packages: write - outputs: - tags: ${{ steps.meta.outputs.tags }} - json: ${{ steps.meta.outputs.json }} - steps: - - uses: actions/checkout@v4 + - name: Checkout repository + uses: actions/checkout@v4 - name: Set up QEMU uses: docker/setup-qemu-action@v3 with: platforms: arm64 - - uses: docker/setup-buildx-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 - - name: Log in to GHCR + - name: Log in to GitHub Container Registry uses: docker/login-action@v3 with: - registry: ${{ env.REGISTRY }} + registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Generate tags & labels - id: meta - uses: docker/metadata-action@v5 - with: - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - tags: | - type=raw,value=beta-latest - type=sha,format=short - - - name: Build and push - uses: docker/build-push-action@v5 - with: - context: ./dashboard - push: true - platforms: linux/amd64,linux/arm64 - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - provenance: true - sbom: true - - publish-image-on-docker: - runs-on: ubuntu-latest - if: github.repository == 'exospherehost/exospherehost' - - permissions: - contents: read - packages: write - - outputs: - tags: ${{ steps.meta.outputs.tags }} - json: ${{ steps.meta.outputs.json }} - - steps: - - uses: actions/checkout@v4 - - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - with: - platforms: arm64 - - - uses: docker/setup-buildx-action@v3 - - name: Log in to Docker Hub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Generate tags & labels + - name: Generate tags & labels for both registries id: meta uses: docker/metadata-action@v5 with: - images: ${{ env.IMAGE_NAME }} + images: | + ghcr.io/exospherehost/exosphere-dashboard + exospherehost/exosphere-dashboard tags: | - type=raw,value=beta-latest + type=raw,value=latest type=sha,format=short - - name: Build and push + - name: Build and push to both registries uses: docker/build-push-action@v5 with: context: ./dashboard @@ -110,4 +63,4 @@ jobs: tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} provenance: true - sbom: true + sbom: true \ No newline at end of file diff --git a/.github/workflows/publish-state-mangaer.yml b/.github/workflows/publish-state-mangaer.yml index b7494d5c..80fa7678 100644 --- a/.github/workflows/publish-state-mangaer.yml +++ b/.github/workflows/publish-state-mangaer.yml @@ -1,4 +1,4 @@ -name: Publish State Manager image to GHCR +name: Publish State Manager Image on: push: @@ -7,11 +7,6 @@ on: - 'state-manager/**' workflow_dispatch: -env: - REGISTRY: ghcr.io - IMAGE_NAME: ${{ github.repository_owner }}/exosphere-state-manager - SHA_TAG: ${{ github.sha }} - jobs: test: runs-on: ubuntu-latest @@ -34,22 +29,12 @@ jobs: - name: Checkout code uses: actions/checkout@v4 - - name: Set up Python - uses: actions/setup-python@v5 - with: - python-version: '3.12' - - - name: Install uv - uses: astral-sh/setup-uv@v6 + - name: Set up Go + uses: actions/setup-go@v5 with: - enable-cache: true - - - name: Install dev dependencies with uv - working-directory: state-manager - run: | - uv sync --group dev + go-version-file: state-manager/go.mod - - name: Run full test suite with coverage + - name: Run test suite working-directory: state-manager env: MONGO_URI: mongodb://admin:password@localhost:27017 @@ -57,19 +42,9 @@ jobs: STATE_MANAGER_SECRET: test-secret-key SECRETS_ENCRYPTION_KEY: YTzpUlBGLSwm-3yKJRJTZnb0_aQuQQHyz64s8qAERVU= run: | - uv run pytest tests/ --cov=app --cov-report=xml --cov-report=term-missing --cov-report=html -v --junitxml=full-pytest-report.xml - - - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@v5 - with: - token: ${{ secrets.CODECOV_TOKEN }} - slug: exospherehost/exospherehost - files: state-manager/coverage.xml - flags: unit-tests - name: state-manager-coverage-report - fail_ci_if_error: true + go test -v ./... - publish-image-on-ghcr: + publish: runs-on: ubuntu-latest needs: test if: github.repository == 'exospherehost/exospherehost' @@ -77,87 +52,44 @@ jobs: permissions: contents: read packages: write - - outputs: - tags: ${{ steps.meta.outputs.tags }} - json: ${{ steps.meta.outputs.json }} steps: - - uses: actions/checkout@v4 + - name: Checkout repository + uses: actions/checkout@v4 - name: Set up QEMU uses: docker/setup-qemu-action@v3 with: platforms: arm64 - - uses: docker/setup-buildx-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 - - name: Log in to GHCR + - name: Log in to GitHub Container Registry uses: docker/login-action@v3 with: - registry: ${{ env.REGISTRY }} + registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Generate tags & labels - id: meta - uses: docker/metadata-action@v5 - with: - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - tags: | - type=raw, value=beta-latest - type=sha, value=${{ env.SHA_TAG }} - - - name: Build and push - uses: docker/build-push-action@v5 - with: - context: ./state-manager - push: true - platforms: linux/amd64,linux/arm64 - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - provenance: true - sbom: true - - publish-image-on-docker-hub: - runs-on: ubuntu-latest - needs: test - if: github.repository == 'exospherehost/exospherehost' - - permissions: - contents: read - packages: write - - outputs: - tags: ${{ steps.meta.outputs.tags }} - json: ${{ steps.meta.outputs.json }} - - steps: - - uses: actions/checkout@v4 - - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - with: - platforms: arm64 - - - uses: docker/setup-buildx-action@v3 - - name: Log in to Docker Hub uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Generate tags & labels + - name: Generate tags & labels for both registries id: meta uses: docker/metadata-action@v5 with: - images: ${{ env.IMAGE_NAME }} + images: | + ghcr.io/exospherehost/exosphere-state-manager + exospherehost/exosphere-state-manager tags: | - type=raw, value=beta-latest - type=sha, value=${{ env.SHA_TAG }} + type=raw,value=latest + type=sha,format=short - - name: Build and push + - name: Build and push to both registries uses: docker/build-push-action@v5 with: context: ./state-manager From 78bc0a646b016ebb8d5bc8bb66e31c9f85e85b15 Mon Sep 17 00:00:00 2001 From: Brijesh-Thakkar Date: Wed, 1 Oct 2025 06:55:00 +0530 Subject: [PATCH 2/6] Fix workflow filename typo and add docker-compose.yml --- ...-mangaer.yml => publish-state-manager.yml} | 0 docker-compose.yml | 51 +++++++++++++++++++ 2 files changed, 51 insertions(+) rename .github/workflows/{publish-state-mangaer.yml => publish-state-manager.yml} (100%) create mode 100644 docker-compose.yml diff --git a/.github/workflows/publish-state-mangaer.yml b/.github/workflows/publish-state-manager.yml similarity index 100% rename from .github/workflows/publish-state-mangaer.yml rename to .github/workflows/publish-state-manager.yml diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 00000000..d80bde4b --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,51 @@ +services: + exosphere-state-manager: + image: ghcr.io/exospherehost/exosphere-state-manager:${EXOSPHERE_TAG:-latest} + pull_policy: always + container_name: exosphere-state-manager + restart: unless-stopped + environment: + - MONGO_URI=${MONGO_URI} + - STATE_MANAGER_SECRET=${STATE_MANAGER_SECRET:-exosphere@123} + - MONGO_DATABASE_NAME=${MONGO_DATABASE_NAME:-exosphere} + - SECRETS_ENCRYPTION_KEY=${SECRETS_ENCRYPTION_KEY:-YTzpUlBGLSwm-3yKJRJTZnb0_aQuQQHyz64s8qAERVU=} + ports: + - "8000:8000" + networks: + - exosphere-network + healthcheck: + test: ["CMD", "python", "-c", "import urllib.request; urllib.request.urlopen('http://localhost:8000/health')"] + interval: 10s + timeout: 5s + retries: 5 + start_period: 30s + + exosphere-dashboard: + image: ghcr.io/exospherehost/exosphere-dashboard:${EXOSPHERE_TAG:-latest} + pull_policy: always + container_name: exosphere-dashboard + restart: unless-stopped + environment: + # Server-side secure configuration (NOT exposed to browser) + - EXOSPHERE_STATE_MANAGER_URI=${EXOSPHERE_STATE_MANAGER_URI:-http://exosphere-state-manager:8000} + - EXOSPHERE_API_KEY=${EXOSPHERE_API_KEY:-exosphere@123} + # Client-side configuration (exposed to browser) + - NEXT_PUBLIC_DEFAULT_NAMESPACE=${NEXT_PUBLIC_DEFAULT_NAMESPACE:-default} + depends_on: + exosphere-state-manager: + condition: service_healthy + ports: + - "3000:3000" + networks: + - exosphere-network + healthcheck: + test: ["CMD", "node", "-e", "require('http').get('http://localhost:3000', (res) => process.exit(res.statusCode === 200 ? 0 : 1)).on('error', () => process.exit(1))"] + interval: 10s + timeout: 5s + retries: 5 + start_period: 30s + +networks: + exosphere-network: + driver: bridge + attachable: true From a06de827a5db35b48eb7c26c43adc7ad8884cda9 Mon Sep 17 00:00:00 2001 From: Brijesh Thakkar Date: Wed, 1 Oct 2025 07:06:04 +0530 Subject: [PATCH 3/6] Update .github/workflows/publish-state-manager.yml Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> --- .github/workflows/publish-state-manager.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish-state-manager.yml b/.github/workflows/publish-state-manager.yml index 80fa7678..87a8a119 100644 --- a/.github/workflows/publish-state-manager.yml +++ b/.github/workflows/publish-state-manager.yml @@ -37,7 +37,7 @@ jobs: - name: Run test suite working-directory: state-manager env: - MONGO_URI: mongodb://admin:password@localhost:27017 + MONGO_URI: mongodb://admin:password@localhost:27017/?authSource=admin MONGO_DATABASE_NAME: test_exosphere_state_manager STATE_MANAGER_SECRET: test-secret-key SECRETS_ENCRYPTION_KEY: YTzpUlBGLSwm-3yKJRJTZnb0_aQuQQHyz64s8qAERVU= From a28ed40183eea3da545fdaaeb54ab8f7e79e4c1e Mon Sep 17 00:00:00 2001 From: Brijesh-Thakkar Date: Wed, 1 Oct 2025 07:16:04 +0530 Subject: [PATCH 4/6] fix: Apply suggestions from code review bot --- .gitignore | 4 +++- docker-compose.yml | 6 +++--- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/.gitignore b/.gitignore index 774ebbf6..f938d0d1 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,5 @@ # Ignore temp directory and temp files at repository root /temp* -!/temp/.gitkeep \ No newline at end of file +!/temp/.gitkeep + +.env \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index d80bde4b..52e7e0d3 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -6,9 +6,9 @@ services: restart: unless-stopped environment: - MONGO_URI=${MONGO_URI} - - STATE_MANAGER_SECRET=${STATE_MANAGER_SECRET:-exosphere@123} + - STATE_MANAGER_SECRET=${STATE_MANAGER_SECRET:?missing STATE_MANAGER_SECRET} - MONGO_DATABASE_NAME=${MONGO_DATABASE_NAME:-exosphere} - - SECRETS_ENCRYPTION_KEY=${SECRETS_ENCRYPTION_KEY:-YTzpUlBGLSwm-3yKJRJTZnb0_aQuQQHyz64s8qAERVU=} + - SECRETS_ENCRYPTION_KEY=${SECRETS_ENCRYPTION_KEY:?missing SECRETS_ENCRYPTION_KEY} ports: - "8000:8000" networks: @@ -28,7 +28,7 @@ services: environment: # Server-side secure configuration (NOT exposed to browser) - EXOSPHERE_STATE_MANAGER_URI=${EXOSPHERE_STATE_MANAGER_URI:-http://exosphere-state-manager:8000} - - EXOSPHERE_API_KEY=${EXOSPHERE_API_KEY:-exosphere@123} + - EXOSPHERE_API_KEY=${EXOSPHERE_API_KEY:?missing EXOSPHERE_API_KEY} # Client-side configuration (exposed to browser) - NEXT_PUBLIC_DEFAULT_NAMESPACE=${NEXT_PUBLIC_DEFAULT_NAMESPACE:-default} depends_on: From 8bd92261d7547dd3fa5f889108cc79f787214559 Mon Sep 17 00:00:00 2001 From: Brijesh Thakkar Date: Wed, 1 Oct 2025 07:23:09 +0530 Subject: [PATCH 5/6] Update docker-compose.yml Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> --- docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index 52e7e0d3..53ee2297 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -5,7 +5,7 @@ services: container_name: exosphere-state-manager restart: unless-stopped environment: - - MONGO_URI=${MONGO_URI} + - MONGO_URI=${MONGO_URI:?missing MONGO_URI} - STATE_MANAGER_SECRET=${STATE_MANAGER_SECRET:?missing STATE_MANAGER_SECRET} - MONGO_DATABASE_NAME=${MONGO_DATABASE_NAME:-exosphere} - SECRETS_ENCRYPTION_KEY=${SECRETS_ENCRYPTION_KEY:?missing SECRETS_ENCRYPTION_KEY} From 5e64473597030beea6a6ab24622405e8af1c858d Mon Sep 17 00:00:00 2001 From: Brijesh Thakkar Date: Wed, 1 Oct 2025 07:23:46 +0530 Subject: [PATCH 6/6] Update .github/workflows/publish-state-manager.yml Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> --- .github/workflows/publish-state-manager.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish-state-manager.yml b/.github/workflows/publish-state-manager.yml index 87a8a119..24251bc0 100644 --- a/.github/workflows/publish-state-manager.yml +++ b/.github/workflows/publish-state-manager.yml @@ -40,7 +40,7 @@ jobs: MONGO_URI: mongodb://admin:password@localhost:27017/?authSource=admin MONGO_DATABASE_NAME: test_exosphere_state_manager STATE_MANAGER_SECRET: test-secret-key - SECRETS_ENCRYPTION_KEY: YTzpUlBGLSwm-3yKJRJTZnb0_aQuQQHyz64s8qAERVU= + SECRETS_ENCRYPTION_KEY: ${{ secrets.STATE_MANAGER_ENCRYPTION_KEY }} run: | go test -v ./...