Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add hasura grahpql integration and CI workflow #795

Merged
merged 1 commit into from
Aug 6, 2024
Merged

add hasura grahpql integration and CI workflow #795

merged 1 commit into from
Aug 6, 2024

Conversation

DaMandal0rian
Copy link
Contributor

@DaMandal0rian DaMandal0rian commented Aug 6, 2024
edited by github-actions bot
Loading

PR Type

enhancement, configuration changes

Description

  • Updated deployment workflow for micro squids to use the production branch and handle HASURA_GRAPHQL_ADMIN_SECRET in the .env file.
  • Added a new deployment workflow for monolith squid with steps for code checkout, SSH key installation, Docker Compose deployment, and Slack notifications on failure.
  • Enhanced sample environment variables to include Hasura-related configurations.
  • Integrated Hasura GraphQL Engine service into Docker Compose setup with necessary environment variables and dependencies.

Changes walkthrough 📝

Relevant files
Configuration changes
gh-deploy-micro-squids.yml
Update deployment workflow for micro squids                           

.github/workflows/gh-deploy-micro-squids.yml

  • Changed deployment branch from main to production.
  • Added HASURA_GRAPHQL_ADMIN_SECRET to environment variables.
  • Included logic to update .env file with HASURA_GRAPHQL_ADMIN_SECRET.
    		•  +11/-1   
    gh-deploy-monolith-squid.yml
    Add deployment workflow for monolith squid                             

    .github/workflows/gh-deploy-monolith-squid.yml

  • Added new deployment workflow for monolith squid.
  • Included steps for checking out code, installing SSH key, and
    deploying with Docker Compose.
  • Added logic to handle HASURA_GRAPHQL_ADMIN_SECRET in .env file.
  • Included Slack notification on deployment failure.
    		•  +75/-0   
    Enhancement
    .env.sample
    Update sample environment variables for Hasura integration

    indexers/squid-blockexplorer/.env.sample

  • Added HASURA_GRAPHQL_ENDPOINT, HASURA_GQL_PORT, and
    HASURA_GRAPHQL_ADMIN_SECRET to sample environment variables.
    		•  +3/-0     
    docker-compose.yml
    Add Hasura GraphQL Engine service to Docker Compose           

    indexers/squid-blockexplorer/docker-compose.yml

  • Added Hasura GraphQL Engine service configuration.
  • Configured environment variables for Hasura service.
  • Set up ports and dependencies for Hasura service.
    		•  +25/-0   

    💡 PR-Agent usage:
    Comment /help on the PR to get a list of all available PR-Agent tools and their descriptions

    @netlify Netlify
    Copy link

    netlify bot commented Aug 6, 2024
    edited
    Loading

    Deploy Preview for dev-astral canceled.

    Name Link
    🔨 Latest commit c088b7f
    🔍 Latest deploy log https://app.netlify.com/sites/dev-astral/deploys/66b2550b6ecdfd00088e39f5

    @DaMandal0rian
    Copy link
    Contributor Author

    related PR in infra
    autonomys/infra#334

    @autonomys autonomys deleted a comment from github-actions bot Aug 6, 2024
    @autonomys autonomys deleted a comment from github-actions bot Aug 6, 2024
    @DaMandal0rian
    Copy link
    Contributor Author

    /review

    @github-actions GitHub Actions
    Copy link

    github-actions bot commented Aug 6, 2024

    PR Reviewer Guide 🔍

    ⏱️ Estimated effort to review: 3 🔵🔵🔵⚪⚪
    🧪 No relevant tests
    🔒 Security concerns

    Sensitive information exposure:
    The PR includes changes that handle sensitive environment variables in a way that could potentially expose them. This includes writing secrets to files in shell scripts, which might not be secure depending on the environment configuration and access controls.

    ⚡ Key issues to review

    Security Concern
    The .env file is being updated with sensitive information (HASURA_GRAPHQL_ADMIN_SECRET) in a potentially insecure way using shell commands. This could expose sensitive information if not handled properly.

    Security Concern
    Similar to the micro squids deployment, the monolith squid deployment also handles sensitive information in the .env file using shell commands, which might expose sensitive data.

    Hardcoded Secret
    The sample environment file contains a hardcoded value for HASURA_GRAPHQL_ADMIN_SECRET, which is a security risk as it might be used inadvertently in a production environment.

    marc-aurele-besner
    marc-aurele-besner approved these changes Aug 6, 2024
    View reviewed changes
    Copy link
    Collaborator

    @marc-aurele-besner marc-aurele-besner left a comment

    Choose a reason for hiding this comment

    The reason will be displayed to describe this comment to others. Learn more.

    Awesome 🚀

    @DaMandal0rian DaMandal0rian merged commit cd70b5e into main Aug 6, 2024
    13 checks passed
    @DaMandal0rian DaMandal0rian deleted the hasura-integration branch August 6, 2024 20:17
    @marc-aurele-besner marc-aurele-besner mentioned this pull request Aug 20, 2024
    Merged
    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
    Reviewers

    @marc-aurele-besner marc-aurele-besner marc-aurele-besner approved these changes

    Assignees
    No one assigned
    Labels
    configuration changes enhancement New feature or request Review effort [1-5]: 3
    Projects
    None yet
    Milestone
    No milestone
    Development

    Successfully merging this pull request may close these issues.
    2 participants
    @DaMandal0rian @marc-aurele-besner