Mozorg and Pocket Demos on Cloud Run (#11685)

* Lay in initial Cloud Build configs for generating demo apps on Cloud Run

This is experimental for now.

There are two configs in this changeset, one for mozorg and a very similar
one for pocket. They both trigger builds of containers, uploads them to
Artifact Registry in us-central1 and deoploys them to Cloud Run in either
Mozorg mode or Pocket mode, respectively.

This is not the entire puzzle, though. We also will need to...

1) Set up corresponding Services with the expected names, which are taken
from the branch names: mozorg-demo-1, mozorg-demo-2....5, pocket-demo-1,
pocket-demo-2 (We'll just have two pocket demos for now)

2) Set up custom domains to those (now-known) services

3) Setting appropriate hostnames for ALLOWED_HOSTS, rather than the wildcard

As for setting custom env vars - that's still to be solved.

* Update ENV var handling, ahead of setting some in the Service

* Update demo config to use separate env file(s)

We can't support multiple env files, so developers can't have a core env
and then add to a 'demo.env' additional file, unfortunately.

However, they can edit/add to these new Mozorg- or Pocket-specific env files.
There may be an occaisonal merge conflict in these files, but that should
be very rare.

Secrets are kept secret and need to be provisioned separately. At the moment
we're going with a somewhat verbose and numerous set of secrets, but maybe
we can pull all this into a single YAML file of secrets, like we do with k8s.

* Rename Cloud Build config files and add cloud-only logging option

* Drop cloudbuld YAML config for GCP demos - moved to infra repo instead

* Remove redundant config from Pocket demo env vars
This commit is contained in:
Steve Jalim 2022-06-28 09:58:13 +01:00 коммит произвёл GitHub
Родитель c7ec9a712a
Коммит e6e1264ec6
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: 4AEE18F83AFDEB23
2 изменённых файлов: 42 добавлений и 0 удалений

Просмотреть файл

@ -0,0 +1,22 @@
# This file contains env vars which will ONLY be used on Mozorg Demos on GCP.
#
# This file is public: do _not_ put secrets such as API keys into this file.
# If you need to add a secret, please consult with SRE or MEAO backend to
# learn how to do this.
ALLOWED_HOSTS: .allizom.org,.moz.works,.run.app
CONTENT_CARDS_URL: https://www-dev.allizom.org/media/
CSP_DEFAULT_SRC: "*.allizom.org"
CSP_EXTRA_FRAME_SRC: "*.mozaws.net,o1069899.sentry.io"
CSP_REPORT_ENABLE: "True"
DB_DOWNLOAD_IGNORE_GIT: "True"
DEBUG: "False"
DEV: "True"
GTM_CONTAINER_ID: GTM-MW3R8V
LOG_LEVEL: INFO
PROD_DETAILS_STORAGE: product_details.storage.PDDatabaseStorage
RUN_SUPERVISOR: "True"
SECURE_SSL_REDIRECT: "True"
SENTRY_DSN: https://97ec0cd426714b728e92f3b3aa62f00b@o1069899.ingest.sentry.io/6260338
SITE_MODE: Mozorg
STUB_ATTRIBUTION_HMAC_KEY: the-dude

Просмотреть файл

@ -0,0 +1,20 @@
# This file contains env vars which will ONLY be used on Mozorg Demos on GCP.
#
# This file is public: do _not_ put secrets such as API keys into this file.
# If you need to add a secret, please consult with SRE or MEAO backend to
# learn how to do this.
ALLOWED_HOSTS: .tekcopteg.org,.moz.works,.run.app
CONTENT_CARDS_URL: https://www-dev.allizom.org/media/
CSP_DEFAULT_SRC: "*.tekcopteg.com"
CSP_EXTRA_FRAME_SRC: "*.mozaws.net,o1069899.sentry.io"
CSP_REPORT_ENABLE: "True"
DB_DOWNLOAD_IGNORE_GIT: "True"
DEBUG: "False"
DEV: "True"
LOG_LEVEL: INFO
PROD_DETAILS_STORAGE: product_details.storage.PDDatabaseStorage
RUN_SUPERVISOR: "True"
SECURE_SSL_REDIRECT: "True"
SENTRY_DSN: https://97ec0cd426714b728e92f3b3aa62f00b@o1069899.ingest.sentry.io/6260338
SITE_MODE: Pocket