add hasura grahpql integration and CI workflow

.github/workflows/gh-deploy-micro-squids.yml

@@ -3,7 +3,7 @@ name: Deploy Docker Compose for Micro Squids on main
 on:
   push:
     branches:
-      - main
+      - production
     paths:
       - "indexers/general-squid/**"
       - "indexers/rewards-squid/**"
@@ -22,6 +22,10 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@v3
 
+      - name: Set Hasura secret
+        id: set_secret
+        run: echo "hasura_secret=${{ secrets.HASURA_GRAPHQL_ADMIN_SECRET }}" >> $GITHUB_OUTPUT
+
       - name: Install SSH key
         uses: webfactory/ssh-agent@dc588b651fe13675774614f8e6a936a468676387 # v0.9.0
         with:
@@ -38,13 +42,23 @@ jobs:
           mkdir -p ~/.ssh
           ssh-keyscan -H ${{ secrets.SQUID_HOST }} >> ~/.ssh/known_hosts
           ssh ${SSH_USER}@${{ secrets.SQUID_HOST }} "
+
             if [ ! -d ${DEPLOY_PATH} ]; then
               git clone https://github.com/autonomys/astral.git ${DEPLOY_PATH}
             else
               cd ${DEPLOY_PATH}
               git pull
             fi
             git checkout ${BRANCH_NAME}
+
+            # Securely update the .env file
+            if [ ! -f .env ]; then
+              echo 'HASURA_GRAPHQL_ADMIN_SECRET=${{ steps.set_secret.outputs.hasura_secret }}' > .env
+            else
+              sed -i '/^HASURA_GRAPHQL_ADMIN_SECRET=/d' .env
+              echo 'HASURA_GRAPHQL_ADMIN_SECRET=${{ steps.set_secret.outputs.hasura_secret }}' >> .env
+            fi
+
             docker-compose -f docker-compose-all-squids.yml pull
             docker-compose -f docker-compose-all-squids.yml up -d
           "

.github/workflows/gh-deploy-monolith-squid.yml

@@ -0,0 +1,77 @@
+name: Deploy Docker Compose for Micro Squids on main
+
+on:
+  push:
+    branches:
+      - production
+    paths:
+      - "indexers/squid-blockexplorer/**"
+env:
+  DOCKER_HOST: ssh://${{ secrets.SSH_USER }}@${{ secrets.SQUID_HOST }}
+  DEPLOY_PATH: /home/ubuntu/squids/astral
+  BRANCH_NAME: ${{ github.ref == 'refs/heads/main' && 'main' || github.ref }}
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      - name: Set Hasura secret
+        id: set_secret
+        run: echo "hasura_secret=${{ secrets.HASURA_GRAPHQL_ADMIN_SECRET }}" >> $GITHUB_OUTPUT
+
+      - name: Install SSH key
+        uses: webfactory/ssh-agent@dc588b651fe13675774614f8e6a936a468676387 # v0.9.0
+        with:
+          ssh-private-key: ${{ secrets.SERVER_SSH_PRIVATE_KEY }}
+
+      - name: Add SSH host key fingerprint
+        run: |
+          ssh-keyscan -H ${{ secrets.SQUID_HOST }} >> ~/.ssh/known_hosts
+
+      - name: Deploy with Docker Compose
+        env:
+          SSH_USER: ${{ secrets.SSH_USER }}
+          HASURA_GRAPHQL_ADMIN_SECRET: ${{ secrets.HASURA_GRAPHQL_ADMIN_SECRET }}
+        run: |
+          mkdir -p ~/.ssh
+          ssh-keyscan -H ${{ secrets.SQUID_HOST }} >> ~/.ssh/known_hosts
+          ssh ${SSH_USER}@${{ secrets.SQUID_HOST }} "
+
+            if [ ! -d ${DEPLOY_PATH} ]; then
+              git clone https://github.com/autonomys/astral.git ${DEPLOY_PATH}
+            else
+              cd ${DEPLOY_PATH}
+              git pull
+            fi
+            git checkout ${BRANCH_NAME}
+
+            # Securely update the .env file
+            if [ ! -f .env ]; then
+              echo 'HASURA_GRAPHQL_ADMIN_SECRET=${{ steps.set_secret.outputs.hasura_secret }}' > .env
+            else
+              sed -i '/^HASURA_GRAPHQL_ADMIN_SECRET=/d' .env
+              echo 'HASURA_GRAPHQL_ADMIN_SECRET=${{ steps.set_secret.outputs.hasura_secret }}' >> .env
+            fi
+
+            docker-compose -f docker-compose-all-squids.yml pull
+            docker-compose -f docker-compose-all-squids.yml up -d
+          "
+
+      - name: Notify on failure
+        if: failure()
+        env:
+          SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_URL }}
+        uses: 8398a7/action-slack@v3
+        with:
+          status: ${{ job.status }}
+          fields: repo,message,commit,author,action,eventName,ref,workflow,job
+          author_name: Deployment failed
+          mention: here
+          if_mention: failure,cancelled
+          job_name: Deploy Docker Compose for Micro Squids on staging
+          channel: alerts
+          icon_emoji: ":github:"

indexers/squid-blockexplorer/.env.sample

@@ -6,3 +6,6 @@ GQL_PORT=4350
 ARCHIVE_ENDPOINT=
 CHAIN_RPC_ENDPOINT=
 SQUID_GRAPHQL_ENDPOINT=
+HASURA_GRAPHQL_ENDPOINT=
+HASURA_GQL_PORT=8080
+HASURA_GRAPHQL_ADMIN_SECRET="myadminsecretkey"

indexers/squid-blockexplorer/docker-compose.yml

@@ -7,5 +7,30 @@ services:
     environment:
       POSTGRES_DB: squid
       POSTGRES_PASSWORD: squid
+      POSTGRES_USER: postgres
     ports:
       - "${DB_PORT}:5432"
+
+  graphql-engine:
+    image: hasura/graphql-engine:v2.40.0
+    depends_on:
+      - "postgres"
+    restart: always
+    environment:
+      ## postgres database to store Hasura metadata
+      HASURA_GRAPHQL_METADATA_DATABASE_URL: postgres://\${POSTGRES_USER}:\${POSTGRES_PASSWORD}@db:5432/\${POSTGRES_DB}
+      ## enable the console served by server
+      HASURA_GRAPHQL_ENABLE_CONSOLE: "true" # set "false" to disable console
+      ## enable debugging mode. It is recommended to disable this in production
+      HASURA_GRAPHQL_DEV_MODE: "true"
+      ## uncomment next line to run console offline (i.e load console assets from server instead of CDN)
+      # HASURA_GRAPHQL_CONSOLE_ASSETS_DIR: /srv/console-assets
+      ## uncomment next line to set an admin secret
+      HASURA_GRAPHQL_ADMIN_SECRET: \${HASURA_GRAPHQL_ADMIN_SECRET}
+      HASURA_GRAPHQL_UNAUTHORIZED_ROLE: user
+      HASURA_GRAPHQL_STRINGIFY_NUMERIC_TYPES: "true"
+    ports:
+      - "${HASURA_GQL_PORT}:8080"
+    command:
+      - graphql-engine
+      - serve