-
Notifications
You must be signed in to change notification settings - Fork 47
/
Copy pathMakefile
238 lines (183 loc) · 7.08 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
GCLOUD_LOCATION ?= us-central1
GCLOUD_KEYRING ?= logflare-keyring-us-central1
GCLOUD_KEY ?= logflare-secrets-key
GCLOUD_PROJECT ?= logflare-staging
ERL_COOKIE ?= monster
ENV ?= dev
SHA_IMAGE_TAG ?= dev-$(shell git rev-parse --short=7 HEAD)
VERSION ?= $(shell cat ./VERSION)
NORMALIZED_VERSION ?= $(shell cat ./VERSION | tr '.' '-')
help:
@cat DEVELOPMENT.md
test:
-epmd -daemon
mix test
test.only:
-epmd -daemon
mix test.only
.PHONY: test test.only
setup: setup.node
# install dependencies
asdf install
# add protobuf install
mix escript.install hex protobuf
asdf reshim
# run elixir setup
mix setup
setup.node:
npm --prefix ./assets install
.PHONY: setup setup.node
start: start.orange
start.orange: ERL_NAME = orange
start.orange: PORT ?= 4000
start.orange: LOGFLARE_GRPC_PORT = 50051
start.orange: __start__
start.pink: ERL_NAME = pink
start.pink: PORT = 4001
start.pink: LOGFLARE_GRPC_PORT = 50052
start.pink: __start__
observer:
erl -sname observer -hidden -setcookie ${ERL_COOKIE} -run observer
__start__:
@env $$(cat .dev.env | xargs) PORT=${PORT} LOGFLARE_GRPC_PORT=${LOGFLARE_GRPC_PORT} iex --sname ${ERL_NAME} --cookie ${ERL_COOKIE} -S mix phx.server
migrate:
@env $$(cat .dev.env | xargs) mix ecto.migrate
.PHONY: __start__ migrate
# Encryption and decryption of secrets
# Usage:
#
# make decrypt.{dev,staging,prod} # Decrypt secrets for given environment
# make encrypt.{dev,staging,prod} # Encrypt secrets for given environment
%: cloudbuild/%.enc
@gcloud kms decrypt --ciphertext-file=$< --plaintext-file=$@ \
--location=${GCLOUD_LOCATION} \
--keyring=${GCLOUD_KEYRING} \
--key=${GCLOUD_KEY} \
--project=${GCLOUD_PROJECT}
@echo "$@ has been decrypted"
%.enc:
@gcloud kms encrypt --ciphertext-file=cloudbuild/$@ --plaintext-file=$(@:.enc=) \
--location=${GCLOUD_LOCATION} \
--keyring=${GCLOUD_KEYRING} \
--key=${GCLOUD_KEY} \
--project=${GCLOUD_PROJECT}
@echo "$@ has been encrypted"
.PRECIOUS: %.enc
decrypt.dev: .dev.env
encrypt.dev: .dev.env.enc
.PHONY: decrypt.dev encrypt.dev
envs = staging prod
%crypt.prod: GCLOUD_KEYRING = logflare-prod-keyring-us-central1
%crypt.prod: GCLOUD_KEY = logflare-prod-secrets-key
%crypt.prod: GCLOUD_PROJECT = logflare-232118
.SECONDEXPANSION:
$(addprefix decrypt.,${envs}): decrypt.%: \
.$$*.gcloud.json \
.$$*.env \
.$$*.cert.key \
.$$*.cert.pem \
.$$*.req.pem \
.$$*.db-client-cert.pem \
.$$*.db-client-key.pem \
.$$*.db-server-ca.pem
$(addprefix encrypt.,${envs}): encrypt.%: \
.$$*.gcloud.json.enc \
.$$*.env.enc \
.$$*.cert.key.enc \
.$$*.cert.pem.enc \
.$$*.req.pem.enc \
.$$*.db-client-cert.pem.enc \
.$$*.db-client-key.pem.enc \
.$$*.db-server-ca.pem.enc
.PHONY: $(addprefix encrypt.,${envs})
.PHONY: $(addprefix decrypt.,${envs})
# OpenTelemetry Protobufs
grpc.protoc:
dir=$$(mktemp -d); \
trap 'rm -rf "$$dir"' EXIT; \
git clone https://github.com/open-telemetry/opentelemetry-proto.git $$dir; \
protoc -I=$$dir --elixir_out=plugins=grpc:$(PWD)/lib/logflare_grpc $$(find $$dir -iname '*.proto')
# manual deployment scripts
deploy.staging.main:
@gcloud config set project logflare-staging
gcloud builds submit . \
--config=cloudbuild/staging/build-image.yaml \
--substitutions=_IMAGE_TAG=$(SHA_IMAGE_TAG) \
--region=europe-west1 \
--gcs-log-dir="gs://logflare-staging_cloudbuild-logs/logs"
gcloud builds submit . \
--config=./cloudbuild/staging/deploy.yaml \
--substitutions=_IMAGE_TAG=$(SHA_IMAGE_TAG),_INSTANCE_TYPE=c2d-standard-16 \
--region=us-central1 \
--gcs-log-dir="gs://logflare-staging_cloudbuild-logs/logs"
gcloud builds submit . \
--config=./cloudbuild/staging/deploy.yaml \
--substitutions=_IMAGE_TAG=$(SHA_IMAGE_TAG),_INSTANCE_GROUP=instance-group-staging-main-saturated,_INSTANCE_TYPE=c2d-highcpu-16 \
--region=us-central1 \
--gcs-log-dir="gs://logflare-staging_cloudbuild-logs/logs"
deploy.staging.versioned:
@gcloud config set project logflare-staging
gcloud builds submit . \
--config=cloudbuild/staging/build-image.yaml \
--substitutions=_IMAGE_TAG=$(VERSION) \
--region=europe-west1 \
--gcs-log-dir="gs://logflare-staging_cloudbuild-logs/logs"
gcloud builds submit . \
--config=./cloudbuild/staging/deploy.yaml \
--substitutions=_IMAGE_TAG=$(VERSION),_NORMALIZED_IMAGE_TAG=$(NORMALIZED_VERSION),_CLUSTER=versioned \
--region=us-west1 \
--gcs-log-dir="gs://logflare-staging_cloudbuild-logs/logs"
deploy.prod.versioned:
@gcloud config set project logflare-232118
@echo "Creating staging instance template and deploying..."
gcloud builds submit . \
--config=./cloudbuild/prod/build-image.yaml \
--substitutions=_IMAGE_TAG=$(VERSION) \
--region=europe-west3 \
--gcs-log-dir="gs://logflare-prod_cloudbuild-logs/logs"
@echo "Creating canary instance template..."
gcloud builds submit . \
--config=./cloudbuild/prod/pre-deploy.yaml \
--substitutions=_IMAGE_TAG=$(VERSION),_NORMALIZED_IMAGE_TAG=$(NORMALIZED_VERSION) \
--region=europe-west3 \
--gcs-log-dir="gs://logflare-prod_cloudbuild-logs/logs"
@echo "Deploying to canary instances"
gcloud builds submit . \
--config=./cloudbuild/prod/deploy.yaml \
--substitutions=_IMAGE_TAG=$(VERSION),_NORMALIZED_IMAGE_TAG=$(NORMALIZED_VERSION) \
--region=europe-west3 \
--gcs-log-dir="gs://logflare-prod_cloudbuild-logs/logs"
@echo "Creating prod instance templates..."
gcloud builds submit . \
--config=./cloudbuild/prod/pre-deploy.yaml \
--substitutions=_IMAGE_TAG=$(VERSION),_NORMALIZED_IMAGE_TAG=$(NORMALIZED_VERSION),_CLUSTER=prod-a \
--region=europe-west3 \
--gcs-log-dir="gs://logflare-prod_cloudbuild-logs/logs"
gcloud builds submit . \
--config=./cloudbuild/prod/pre-deploy.yaml \
--substitutions=_IMAGE_TAG=$(VERSION),_NORMALIZED_IMAGE_TAG=$(NORMALIZED_VERSION),_CLUSTER=prod-b \
--region=europe-west3 \
--gcs-log-dir="gs://logflare-prod_cloudbuild-logs/logs"
gcloud builds submit . \
--config=./cloudbuild/prod/pre-deploy.yaml \
--substitutions=_IMAGE_TAG=$(VERSION),_NORMALIZED_IMAGE_TAG=$(NORMALIZED_VERSION),_CLUSTER=prod-c \
--region=europe-west3 \
--gcs-log-dir="gs://logflare-prod_cloudbuild-logs/logs"
@echo "Instance template has been created successfully. Complete the deployment by navigating to https://console.cloud.google.com/compute/instanceGroups/list?hl=en&project=logflare-232118"
.PHONY: deploy.staging.main
tag-versioned:
@echo "Checking dockerhub registry for dev image supabase/logflare:$(SHA_IMAGE_TAG) ..."
@echo "Dev image must be built on CI: https://github.com/Logflare/logflare/actions" \
docker manifest inspect supabase/logflare:$(SHA_IMAGE_TAG) >/dev/null
@echo "OK"
@echo "Retagging dev image to supabase/logflare:$(VERSION) ..."
docker buildx imagetools create -t supabase/logflare:$(VERSION) -t supabase/logflare:latest supabase/logflare:$(SHA_IMAGE_TAG)
@echo "OK"
.PHONY: tag-versioned
ssl.prod: CERT_DOMAIN = logflare.app
ssl.staging: CERT_DOMAIN = logflarestaging.com
$(addprefix ssl.,${envs}): ssl.%:
@echo "Generating self-signed certificate..."
@openssl req -x509 -newkey rsa:2048 -keyout .$*.cert.key -out .$*.cert.pem -days 3650 \
-nodes -subj "/C=US/ST=DE/O=Supabase/OU=Logflare/CN=$(CERT_DOMAIN)"
.PHONY: $(addprefix ssl.,${envs})