* feat(frontend-2): deploy to docker-compose environment
- including DigitalOcean 1-click environments
- local docker compose environment deploys an nginx ingress
- builds and publishes docker-compose-ingress via CircleCI
- sets platform variable for ensuring correct runtime is built
- frontend-2 should connect to speckle server directly within the docker compose network
---------
Co-authored-by: Kristaps Fabians Geikins <fabis94@live.com>
* fix(helm chart): fileimport service maximum object size should match server
- allow maximum object size to be configurable and to match the server value
* Explicitly provide the environment variable to docker-compose
- this indicates to operators of clusters that this environment variable exists and can be configured
* fix(email): from address should be an example to be configured by operator
* fix(environment variable): should be 'EMAIL_FROM'
- also uses docker_image_tag of '2', which should be latest in '2' tags
* No sensible defaults, instead validate that it is configured
- the healthcheck was commencing before the server had started
- this resulted in the server being incorrectly labelled unhealthy prior to it having had sufficient time to start
- the server was being restarted as a result of this incorrect diagnosis by the healthcheck, resulting in an infinite start->unhealthy->restart cycle
- matches the minimum version for our dependencies file ('3')
- healthcheck was introduced in 2.1, and healthcheck.start_period in 2.3, so >=2.3 was minimum
* fix(healthcheck): Add a 2 second timeout to the healthcheck http request
* Ensure all error types are caught and the non-zero failure exit code is always 1
* feat(docker compose): healthcheck for speckle-server
- if speckle server pod becomes unresponsive (but has not yet exited with a non-zero exit code), it will be automatically restarted after 30s.
* feat(1click): add healthcheck to speckle-server container running in DigitalOcean 1click
* fix(1click): remove command statements
- the docker image is responsible for providing these
* chore(frontend): use bitnami/openresty as base image for frontend Dockerfile
openresty/openresty was not being patched as frequently as we would like, resulting in numerous
vulnerabilities without resolution. bitnami/openresty is being patched more frequently.
Some additional changes were necessary when porting our frontend between these distributions:
- html files are in /app
- nginx.conf is in /opt/bitnami/openresty/nginx/conf/nginx.conf
- envsubst is not available by default in bitnami/openresty and needs to be copied in
- Nginx.conf - we wrap the server block in http block and overwrite root nginx.conf
- using the existing bitnami/openresty nginx.conf as a server block alone causes issues with bitnami/openresty, as bitnami/openresty provides a root nginx.conf which conflicts with directives in Speckle's server block
- we copy the directives from openresty/openresty (which are known to work with Speckle's server block), and apply them alongside Speckle's server block. This creates a new root nginx.conf which we can overwrite the default on the image.
- nginx should use a port available to non sudo/root user, we have selected 8080 instead of previous 80
- need to explicitly output nginx logs to stderr / stdout
Created a readonly root file system on Kubernetes. This requires the following changes:
- emptyDir volumes are mounted in kubernetes to allow bitnami/openresty to write to specific locations
- explicitly include and copy mime.types file to nginx configuration directory
Due to the change to non-privileged port number (8080), the following subsequent changes were required:
- Update 1-click deployment script to match frontend at port 8080
- Updates docker-compose-speckle.yaml file
Co-authored-by: Gergő Jedlicska <gergo@jedlicska.com>
* Revert "Revert structured logging 2 (#1240)"
This reverts commit 78ecaeffcb.
* Logging should not be bundled into core shared directory
* making sure observability stuff isnt bundled into frontend
Co-authored-by: Kristaps Fabians Geikins <fabis94@live.com>
* Revert "'@' shortcut must come after it is configured in bootstrap (#1239)"
This reverts commit 967329473f.
* Revert "Structured logging (attempt 2) (#1234)"
This reverts commit 444d2ca7dd.
* Revert "Revert "feat(structured logging): implements structured logging for backend (#1217)" (#1227)"
This reverts commit 63e6581162.
* Use pino-http instead of express pino logger
* Use correct reference to knex and do not instantiate HttpLogger prematurely
* Adds missing dependency for pino to webhook-service
* Do not instantiate middleware when passed to express
* Refactor to move logging into shared
* Copy shared packages into dockerfiles
* Build shared workspace in docker build-stage for fileimport & webhook
* each log line is a json object
* structured logging allows logs to be ingested by machines and the logs to be indexed and queried addresses #1105
* structured logging allows arbitrary properties to be appended to each log line, and ingestion of logs to remain robust
* Structured logging provided by `pino` library
* Add `express-pino-logger` dependency
* Remove `debug`, `morgan`, and `morgan-debug` and replace with structured logging
* `console.log` & `console.error` replaced with structured logging in backend
* Remove `DEBUG` environment variable and replace with `LOG_LEVEL`
- Note that there is a test which reads from a logged line on `stdout`. This is not robust, it would be better to use the childProcess.pid to look up the port number.
* Log errors at points we explicitly send error to Sentry
* Amend indentation of a couple of log messages to align indentation with others
Fileimport service retreives blobs via the server storage API, and not directly from s3. Fileimport
service no longer requires information or credentials about s3.
* Allow save object to S3 in different region
* feat(helm & docker-compose): adds S3_REGION to helm chart & docker-compose
Explicitly adding the environment variable to deployment configuration files provides system operators with documentation of its existence.
Set to empty by default, which will result in the default value being used.
Co-authored-by: Iain Sproat <68657+iainsproat@users.noreply.github.com>
* added "wait" command to server docker container
* readme.md updates, development mode now listen only on localhost by default, added BIND_ADDRESS environment variable for server
Iain Sproat
Gergő Jedlicska
Peter Grainger
Fabians
Cristian Balas