Merge pull request #233 from axonivy-market/develop

MARP-1409 Create new release 1.5.0

.github/workflows/docker-build.yml

@@ -22,6 +22,9 @@ on:
         type: string
         default: ''
 
+env:
+  BASE_WORKING_DIR: /home/axonivy/marketplace/work
+
 jobs:
   cleanup:
     name: Clean up docker container and images
@@ -30,9 +33,17 @@ jobs:
     steps:
       - name: Bring down and remove containers and images
         continue-on-error: true
-        working-directory: ./marketplace-build/dev
+        working-directory: ${{ env.BASE_WORKING_DIR }}
+        run: |
+          docker compose -f publish/docker-compose.yml down --rmi all
+      - name: Delete old sources code
+        working-directory: ${{ env.BASE_WORKING_DIR }}
         run: |
-          docker compose down --rmi all
+          echo "Clean up workspaces ${{ env.BASE_WORKING_DIR }}"
+          rm -rf ./marketplace-ui/*
+          rm -rf ./marketplace-service/*
+          rm -rf ./publish/*
+          rm -rf ./config/*
 
   build-and-deploy:
     name: Build and bring up docker containers
@@ -45,9 +56,24 @@ jobs:
         with:
           ref: ${{ inputs.release_version || github.ref }}
 
+      - name: Copy resources to working directory
+        run : |
+          echo "Copy marketplace-ui to ${{ env.BASE_WORKING_DIR }} directory"
+          cp -r marketplace-ui ${{ env.BASE_WORKING_DIR }}
+
+          echo "Copy marketplace-service to ${{ env.BASE_WORKING_DIR }} directory"
+          cp -r marketplace-service ${{ env.BASE_WORKING_DIR }}
+
+          echo "Copy nginx configs to config directory"
+          mkdir -p ${{ env.BASE_WORKING_DIR }}/config/nginx && cp -r marketplace-build/config/nginx/dev/* ${{ env.BASE_WORKING_DIR }}/config/nginx
+
+          echo "Copy compose configs to publish directory"
+          mkdir -p ${{ env.BASE_WORKING_DIR }}/publish && cp -r marketplace-build/.env ${{ env.BASE_WORKING_DIR }}/publish/.env
+          cp -r marketplace-build/docker-compose.yml ${{ env.BASE_WORKING_DIR }}/publish/docker-compose.yml
+
       - name: Update environment variables for .env
         env:
-          ENV_FILE: './marketplace-build/dev/.env'
+          ENV_FILE: '${{ env.BASE_WORKING_DIR }}/publish/.env'
           ROOT_USERNAME: ${{ secrets.MONGODB_ROOT_USERNAME }}
           ROOT_PASSWORD: ${{ secrets.MONGODB_ROOT_PASSWORD }}
           SERVICE_USERNAME: ${{ secrets.SERVICE_USERNAME }}
@@ -76,23 +102,24 @@ jobs:
           sed -i "s/^MARKET_JWT_SECRET_KEY=.*$/MARKET_JWT_SECRET_KEY=$MARKET_JWT_SECRET_KEY/" $ENV_FILE
           sed -i "s/^MARKET_CORS_ALLOWED_ORIGIN=.*$/MARKET_CORS_ALLOWED_ORIGIN=$MARKET_CORS_ALLOWED_ORIGIN/" $ENV_FILE
 
-      - name: Update version and tagging source
+      - name: Update version
         if: ${{ inputs.release_version != '' }}
         continue-on-error: true
         env:
-          POM_FILE: './marketplace-service/pom.xml'
-          PACKAGE_FILE: './marketplace-ui/package.json'
+          POM_FILE: '${{ env.BASE_WORKING_DIR }}/marketplace-service/pom.xml'
+          PACKAGE_FILE: '${{ env.BASE_WORKING_DIR }}/marketplace-ui/package.json'
         run: |
           xml ed -L -u "//_:project/_:version" -v "${{ inputs.release_version }}" $POM_FILE
           sed -i 's/"version": "[^"]*"/"version": "${{ inputs.release_version }}"/' $PACKAGE_FILE
 
       - name: Build and bring up containers without cache
-        working-directory: ./marketplace-build/dev
+        working-directory: ${{ env.BASE_WORKING_DIR }}/publish
         run: |
           if [ -n "${{ inputs.release_version }}" ]; then
             BUILD_VERSION="${{ inputs.release_version }}"
           else
-            BUILD_VERSION=$(xml sel -t -v "//_:project/_:version" ../../marketplace-service/pom.xml)
+            chmod +r ../marketplace-service/pom.xml
+            BUILD_VERSION=$(xml sel -t -v "//_:project/_:version" ../marketplace-service/pom.xml)
           fi
 
           docker compose build --build-arg BUILD_ENV=${{ inputs.build_env }} --build-arg BUILD_VERSION=$BUILD_VERSION

.github/workflows/release-build.yml

@@ -1,8 +1,6 @@
 name: Release Build
 
 on:
-  push:
-    branches: [ "master" ]
   workflow_dispatch:
     inputs:
       release_version:

marketplace-build/.env

@@ -1,9 +1,11 @@
-MONGODB_INITDB_ROOT_USERNAME=
+BUILD_ENV=staging
+BUILD_VERSION=1.0.0-SNAPSHOT
+MONGODB_INITDB_ROOT_USERNAME=octopus
 MONGODB_INITDB_ROOT_PASSWORD=
 SERVICE_MONGODB_HOST=mongodb
-SERVICE_MONGODB_USER=
+SERVICE_MONGODB_USER=octopus
 SERVICE_MONGODB_PASSWORD=
-SERVICE_MONGODB_DATABASE=marketplace
+SERVICE_MONGODB_DATABASE=marketplace-dev
 MARKET_GITHUB_MARKET_BRANCH=
 MARKET_GITHUB_TOKEN=
 MARKET_GITHUB_OAUTH_APP_CLIENT_ID=

marketplace-build/README.md

@@ -1,6 +1,13 @@
 # Get starts with Marketplace build
 
+### Create docker network
+For the marketplace-ui, marketplace-service, and marketplace MongoDB to be able to connect to each other. They must be in a same network.
+To create a docker network for the marketplace, please run:
+
+* ``docker network create marketplace-network``
+
 ### Set up MongoDB with authentication mode
+#### Init a admin user for MongoDb volume
 * Navigate to ``marketplace-build/config/mongodb`` and execute the ``docker-compose -f non-authen-docker-compose.yml up -d`` to start MongoDB with non-auth mode and create a root admin user.
 
 * [Optional] Execute authentication test for the created user
@@ -12,32 +19,24 @@ This command should return the ``OK`` code
 
 * Down the non-authen instance to start the main docker compose file by run ``docker-compose down``
 
-### Docker build for DEV environment
-#### Start from scratch:
-* Navigate to ``marketplace-build``
+#### Start MongoDB container
 
-* Run ``docker-compose up -d --build`` to start a Marketplace DEV at the local
+* Start the authen instance by run ``docker-compose -f authen-docker-compose.yml up -d`` to start mongodb
 
-#### If you already have MongoDB on your local machine with public port `27017`
-* Create a docker network to connect ui > service > mongodb by run ``docker network create marketplace-network``
+### Docker build for local environment
+#### Update the MongoDB configuration for env
+* Navigate to ``marketplace-build/dev`` and edit ``.env`` base on your mongo configuration
 
 * Navigate to ``marketplace-build/dev``
 
 * Run ``docker-compose up -d --build`` to start a Marketplace DEV at the local
 
-> In case you want to set up the MongoDB as a standalone compose. Please run `docker-compose -f authen-docker-compose.yml up -d` in ``marketplace-build/config/mongodb``
-
 ### Docker release
 To release a new version for marketplace images, please trigger the ``Docker Release`` actions.
 * This GH Actions will trigger the ``Docker build`` on the master branch.
 * Login to GitHub Registry Hub.
 * Deploy new image to packages.
 Please verify the result in the ``Package`` after the build is completed.
 
-### Start Docker compose for PROD deployment
+### Start Docker compose for PROD/SPRINT deployment
 * Navigate to ``marketplace-build/release`` run ``docker-compose up -d`` to clone the docker images from GitHub packages and start the website
-
-### Start Docker compose using SPRINT release version
-* Navigate to ``marketplace-build/release`` run ``docker-compose -f sprint-compose.yml up`` to clone the docker images from GitHub packages and start the website
-
-

marketplace-build/config/matomo/docker-compose.yml

@@ -0,0 +1,46 @@
+name: matomo-prod
+
+services:
+  matomo-db:
+    image: mysql:9.1.0
+    container_name: matomo-db
+    restart: always
+    volumes:
+      - matomo-data:/var/lib/mysql:Z
+    environment:
+      - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
+      - MYSQL_DATABASE=${MYSQL_DATABASE}
+      - MYSQL_USER=${MYSQL_USER}
+      - MYSQL_PASSWORD=${MYSQL_PASSWORD}
+    ports:
+      - 3310:3306
+    env_file:
+      - ./matomo-db.env
+
+  matomo-app:
+    image: matomo:fpm-alpine
+    container_name: matomo-app
+    restart: always
+    links:
+      - matomo-db
+    volumes:
+      - matomo:/var/www/html:z
+    environment:
+      - MATOMO_DATABASE_HOST=matomo-db
+      - PHP_MEMORY_LIMIT=2048M
+    env_file:
+      - ./matomo-db.env
+
+  matomo-web:
+    image: nginx:alpine
+    container_name: matomo-web
+    restart: always
+    volumes:
+      - matomo:/var/www/html:z,ro
+      - ./matomo.conf:/etc/nginx/conf.d/default.conf:z,ro
+    ports:
+      - 8085:80
+
+volumes:
+  matomo-data:
+  matomo:

marketplace-build/config/matomo/matomo-db.env

@@ -0,0 +1,8 @@
+MYSQL_ROOT_PASSWORD=
+MYSQL_DATABASE=matomo
+MYSQL_USER=matomo
+MYSQL_PASSWORD=
+MATOMO_DATABASE_ADAPTER=mysql
+MATOMO_DATABASE_TABLES_PREFIX=matomo_
+MATOMO_DATABASE_USERNAME=matomo
+MATOMO_DATABASE_DBNAME=matomo

marketplace-build/config/matomo/matomo.conf

@@ -0,0 +1,69 @@
+upstream php-handler {
+	server matomo-app:9000;
+}
+
+server {
+	listen 80;
+
+	add_header Referrer-Policy origin; # make sure outgoing links don't show the URL to the Matomo instance
+	root /var/www/html; # replace with path to your matomo instance
+	index index.php;
+	try_files $uri $uri/ =404;
+
+	## only allow accessing the following php files
+	location ~ ^/(index|matomo|piwik|js/index|plugins/HeatmapSessionRecording/configs).php {
+		# regex to split $uri to $fastcgi_script_name and $fastcgi_path
+		fastcgi_split_path_info ^(.+\.php)(/.+)$;
+
+		# Check that the PHP script exists before passing it
+		try_files $fastcgi_script_name =404;
+
+		include fastcgi_params;
+		fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+		fastcgi_param PATH_INFO $fastcgi_path_info;
+		fastcgi_param HTTP_PROXY ""; # prohibit httpoxy: https://httpoxy.org/
+		fastcgi_pass php-handler;
+	}
+
+	## deny access to all other .php files
+	location ~* ^.+\.php$ {
+		deny all;
+		return 403;
+	}
+
+	## disable all access to the following directories
+	location ~ /(config|tmp|core|lang) {
+		deny all;
+		return 403; # replace with 404 to not show these directories exist
+	}
+	location ~ /\.ht {
+		deny all;
+		return 403;
+	}
+
+	location ~ js/container_.*_preview\.js$ {
+		expires off;
+		add_header Cache-Control 'private, no-cache, no-store';
+	}
+
+	location ~ \.(gif|ico|jpg|png|svg|js|css|htm|html|mp3|mp4|wav|ogg|avi|ttf|eot|woff|woff2|json)$ {
+		allow all;
+		## Cache images,CSS,JS and webfonts for an hour
+		## Increasing the duration may improve the load-time, but may cause old files to show after an Matomo upgrade
+		expires 1h;
+		add_header Pragma public;
+		add_header Cache-Control "public";
+	}
+
+	location ~ /(libs|vendor|plugins|misc/user) {
+		deny all;
+		return 403;
+	}
+
+	## properly display textfiles in root directory
+	location ~/(.*\.md|LEGALNOTICE|LICENSE) {
+		default_type text/plain;
+	}
+}
+
+# vim: filetype=nginx

marketplace-build/config/nginx/nginx.conf → marketplace-build/config/nginx/release/nginx.conf

@@ -1,3 +1,6 @@
+user www-data;
+worker_processes auto;
+
 events {}
 
 http {
@@ -18,10 +21,12 @@ http {
         location /marketplace-service {
             proxy_set_header X-Real-IP $remote_addr;
             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            # Start using for forwarded domain
             proxy_set_header X-Forwarded-Host $host;
             proxy_set_header X-Forwarded-Proto $scheme;
+            # End using for forwarded domain
             proxy_set_header X-NginX-Proxy true;
-            proxy_pass http://service:8080/marketplace-service;
+            proxy_pass http://preview_service:8080/marketplace-service;
             proxy_ssl_session_reuse off;
             proxy_set_header Host $http_host;
             proxy_cache_bypass $http_upgrade;

marketplace-build/dev/.env

@@ -1,3 +1,5 @@
+BUILD_ENV=staging
+BUILD_VERSION=1.0.0-SNAPSHOT
 MONGODB_INITDB_ROOT_USERNAME=octopus
 MONGODB_INITDB_ROOT_PASSWORD=
 SERVICE_MONGODB_HOST=10.193.8.78

marketplace-build/dev/docker-compose.yml

@@ -1,12 +1,11 @@
+# Used for the local environment
 name: marketplace
 
 services:
   ui:
     container_name: marketplace-ui
     build:
       context: ../../marketplace-ui
-      additional_contexts:
-        assets: ../../marketplace-build/
       dockerfile: Dockerfile
       args:
         - BUILD_ENV=${BUILD_ENV}
@@ -16,8 +15,6 @@ services:
       - marketcache:/usr/share/nginx/html/market-cache
     ports:
       - "4200:80"
-    depends_on:
-      - service
     networks:
       - marketplace-network
 

marketplace-build/docker-compose.yml

@@ -1,38 +1,22 @@
+# Use for DEV instance built by GH Actions
 name: marketplace
 
 services:
-  mongodb:
-    container_name: marketplace-mongodb
-    build:
-      context: ./config/mongodb
-      dockerfile: Dockerfile
-    restart: always
-    ports:
-      - "27017:27017"
-    environment:
-      MONGODB_INITDB_ROOT_USERNAME: ${MONGODB_INITDB_ROOT_USERNAME}
-      MONGODB_INITDB_ROOT_PASSWORD: ${MONGODB_INITDB_ROOT_PASSWORD}
-    volumes:
-      - mongodata:/data/db
-      - ./config/mongodb/mongod.conf:/etc/mongod.conf
-
   ui:
     container_name: marketplace-ui
     build:
       context: ../marketplace-ui
-      additional_contexts:
-        assets: ../marketplace-build/
       dockerfile: Dockerfile
       args:
         - BUILD_ENV=${BUILD_ENV}
     restart: always
     volumes:
-      - ./config/nginx/nginx.conf:/etc/nginx/nginx.conf
+      - ../config/nginx/nginx.conf:/etc/nginx/nginx.conf
       - marketcache:/usr/share/nginx/html/market-cache
     ports:
       - "4200:80"
-    depends_on:
-      - service
+    networks:
+      - marketplace-network
 
   service:
     container_name: marketplace-service
@@ -59,9 +43,12 @@ services:
         - BUILD_VERSION=${BUILD_VERSION}
     ports:
       - "8080:8080"
-    depends_on:
-      - mongodb
+    networks:
+      - marketplace-network
 
 volumes:
-  mongodata:
   marketcache:
+
+networks:
+  marketplace-network:
+    external: true