.drone.yml

@@ -84,41 +84,41 @@ workspace:
   path: /drone/auth
 
 steps:
-# - name: Build Package
+- name: Build Package
-#   image: node:20-bullseye-slim
+  image: node:20-bullseye-slim
-#   environment:
+  environment:
-#     YARN_VERSION: 3.5.0
+    YARN_VERSION: 3.5.0
-#   commands:
+  commands:
-#   - yarn set version stable
+  - yarn set version stable
-#   - yarn install
+  - yarn install
-#   - yarn build:production
+  - yarn build:package
-#   volumes:
+  volumes:
-#   - name: yarnrc
+  - name: yarnrc
-#     path: /drone/auth/.yarnrc.yml
+    path: /drone/auth/.yarnrc.yml
-# - name: Publish NPM
+- name: Publish NPM
-#   image: node:20-bullseye-slim
+  image: node:20-bullseye-slim
-#   commands:
+  commands:
-#     - yarn npm publish
+    - yarn npm publish
-#   volumes:
+  volumes:
-#   - name: npmrc
+  - name: npmrc
-#     path: /drone/auth/.npmrc
+    path: /drone/auth/.npmrc
-#   - name: yarnrc
+  - name: yarnrc
-#     path: /drone/auth/.yarnrc.yml
+    path: /drone/auth/.yarnrc.yml
-# - name: Report NPM Publish Status
+- name: Report NPM Publish Status
-#   image: plugins/webhook
+  image: plugins/webhook
-#   settings:
+  settings:
-#     urls: https://lab.mifi.dev/hooks/ccw34hdf7tgbjmzp96nptn938r
+    urls: https://lab.mifi.dev/hooks/ccw34hdf7tgbjmzp96nptn938r
-#     content_type: application/json
+    content_type: application/json
-#     template: |
+    template: |
-#       {
+      {
-#         "icon_url":"https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/apple/198/freezing-face_1f976.png",
+        "icon_url":"https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/apple/198/freezing-face_1f976.png",
-#         "text": "[{{ repo.name }} - New npm package release {{tag}} from # {{ build.number }}] Deploy {{ build.status }} {{#success build.status}}:tada:{{else}}:poop:{{/success}}",
+        "text": "[{{ repo.name }} - New npm package release {{tag}} from # {{ build.number }}] Deploy {{ build.status }} {{#success build.status}}:tada:{{else}}:poop:{{/success}}",
-#         "username":"DroneBot"
+        "username":"DroneBot"
-#       }
+      }
-#   when:
+  when:
-#     status:
+    status:
-#       - success
+      - success
-#       - failure
+      - failure
 - name: Publish Image
   image: plugins/docker
   settings:
@@ -170,11 +170,8 @@ depends_on:
   - Test Pipeline
 
 trigger:
-  branch:
-  - main
   event:
-  # - tag
+  - tag
-  - push
 
 ---
 kind: pipeline
@@ -212,7 +209,7 @@ steps:
     template: |
       {
         "icon_url":"https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/apple/198/freezing-face_1f976.png",
-        "text": "[{{ repo.name }} - Build # {{ build.number }}] Deploy {{ build.status }} {{#success build.status}}:tada:{{else}}:poop:{{/success}}",
+        "text": "[{{ repo.name }} - Build # {{ build.number }}] Staging Deploy {{ build.status }} {{#success build.status}}:tada:{{else}}:poop:{{/success}}",
         "username":"DroneBot"
       }
   when:
@@ -253,25 +250,9 @@ clone:
 
 steps:
 - name: Deploy Container
-  image: docker
+  image: plugins/webhook
-  privileged: true
+  settings:
-  environment:
+    urls: https://portainer.mifi.dev/api/stacks/webhooks/968d2244-2548-4f0b-8c18-bbc9bc35305d
-    CONTAINER_PREFIX: staging
-    HOST: area51.mifi.dev
-    ROUTE_PREFIX: /auth
-    PORT: 9001
-  commands:
-    - docker compose -f docker-compose.production-build.yml pull
-    - docker compose -f docker-compose.production-build.yml build --no-cache
-    - docker compose -f docker-compose.production-build.yml rm --stop
-    - docker compose -f docker-compose.production-build.yml up --wait
-  volumes:
-  - name: env-secrets
-    path: /drone/auth/production.env
-  - name: dockersock
-    path: /var/run/docker.sock
-  - name: dockerconfig
-    path: /drone/auth/.docker/config.json
 - name: Send Status Notifications
   image: plugins/webhook
   privileged: true
@@ -281,7 +262,7 @@ steps:
     template: |
       {
         "icon_url":"https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/apple/198/freezing-face_1f976.png",
-        "text": "[{{ repo.name }} - Build # {{ build.number }}] Deploy {{ build.status }} {{#success build.status}}:tada:{{else}}:poop:{{/success}}",
+        "text": "[{{ repo.name }} - Build # {{ build.number }}] Production Deploy {{ build.status }} {{#success build.status}}:tada:{{else}}:poop:{{/success}}",
         "username":"DroneBot"
       }
   when:
@@ -289,19 +270,8 @@ steps:
       - success
       - failure
 
-volumes:
-- name: dockerconfig
-  host:
-    path: /volume1/docker/dockerconfig.json
-- name: dockersock
-  host:
-    path: /var/run/docker.sock
-- name: env-secrets
-  host:
-    path: /volume1/docker/beethoven/labs-auth/staging.env
-
 depends_on:
-  - Test Pipeline
+  - Publish Pipeline
 
 trigger:
   event:

Dockerfile

@@ -7,10 +7,7 @@ ARG YARN_VERSION=3.5.0
 
 ## mongo build stage
 FROM mongo:${MONGO_VERSION} AS database
-ENV NODE_ENV=${ENV}
 ARG MONGO_ENTRY_FILE=${MONGO_ENTRY_FILE:-latest}
-ENV MONGO_VERSION=${MONGO_VERSION}
-RUN echo ${MONGO_ENTRY_FILE} ${MONGO_VERSION} ${NODE_ENV}
 COPY docker-entrypoint-initdb.d/mongo-init-${MONGO_ENTRY_FILE}.sh ./docker-entrypoint-initdb.d/mongo-init.sh
 
 ## stage one, build the service

docker-compose.staging-build.yml

@@ -9,7 +9,8 @@ services:
             context: .
             target: database
             args:
-              MONGO_VERSION: 4.4
+              - MONGO_ENTRY_FILE=4.4
+              - MONGO_VERSION=4.4
         networks:
             - auth-backend
         volumes:
@@ -55,4 +56,4 @@ networks:
 
 volumes:
     auth-db:
-        external: false
+        external: true

docker-compose.staging-image.yml

@@ -3,41 +3,57 @@ version: '3.8'
 services:
     auth-service_mongo:
         container_name: ${CONTAINER_PREFIX}-auth-service_mongo
-        env_file:
-            - staging.env
         networks:
+            - auth-backend
             - docknet
         volumes:
-            - auth-db:/data
+            - auth-db:/data/db
-            - ./mongo-init.js:/docker-entrypoint-initdb.d/mongo-init.js:ro
+            - auth-db:/data/configdb
         restart: unless-stopped
-        image: mongo:4.4
+        image: mongo:${MONGO_VERSION}
     auth-service:
-        env_file:
-            - staging.env
         container_name: ${CONTAINER_PREFIX}-auth-service
         environment:
             - DB_HOST=${CONTAINER_PREFIX}-auth-service_mongo
+            - DB_NAME=${DB_NAME}
+            - DB_PASSWORD=${DB_PASSWORD}
+            - DB_USERNAME=${DB_USERNAME}
+            - DEFAULT_TOKEN_DAYS=${DEFAULT_TOKEN_DAYS}
+            - JWT_AUDIENCE=${JWT_AUDIENCE}
+            - JWT_ISSUER=${JWT_ISSUER}
+            - JWT_SECRET=${JWT_SECRET}
+            - LOGIN_ROUTE=${LOGIN_ROUTE}
+            - LOGIN_VALID_TIME=${LOGIN_VALID_TIME}
+            - PORT=${PORT}
+            - RESET_ROUTE=${RESET_ROUTE}
+            - RESET_VALID_MINUTES=${RESET_VALID_MINUTES}
+            - ROUTE_PREFIX=${ROUTE_PREFIX}
+            - SESSION_KEY=${SESSION_KEY}
         labels:
             - 'traefik.enable=true'
-            - 'traefik.http.routers.grow.rule=Host(`${HOST}`) && Path(`${ROUTE_PREFIX}`)'
+            - 'traefik.docker.network=docknet'
-            - 'traefik.http.routers.grow.entrypoints=websecure'
+            - 'traefik.http.routers.auth.rule=Host(`${HOST}`) && PathPrefix(`${ROUTE_PREFIX}`)'
-            - 'traefik.http.routers.grow.tls=true'
+            - 'traefik.http.routers.auth.entrypoints=websecure'
-            - 'traefik.http.routers.grow.tls.certresolver=letsencrypt'
+            - 'traefik.http.routers.auth.tls=true'
-            - 'traefik.http.routers.grow.service=grow-service'
+            - 'traefik.http.routers.auth.tls.certresolver=letsencrypt'
-            - 'traefik.http.services.grow-service.loadbalancer.server.port=${PORT}'
+            - 'traefik.http.routers.auth.service=auth-service'
+            - 'traefik.http.services.auth-service.loadbalancer.server.port=${PORT}'
         networks:
+            - auth-backend
             - docknet
         restart: unless-stopped
         depends_on:
             - auth-service_mongo
-        image: git.mifi.dev/mifi/mifi/auth:latest
+        image: git.mifi.dev/mifi/auth-service:latest
 
 networks:
+    auth-backend:
+        driver: bridge
+        external: false
     docknet:
         name: docknet
         external: true
 
 volumes:
     auth-db:
-        external: false
+        external: true

package.json

@@ -1,10 +1,11 @@
 {
   "name": "@mifi/auth-service",
-  "version": "1.0.11",
+  "version": "1.0.12",
   "author": "mifi (Mike Fitzpatrick)",
   "license": "MIT",
   "scripts": {
     "build": "tsc",
+    "build:package": "tsc -p ./tsconfig.package.json",
     "build:production": "tsc -p ./tsconfig.production.json",
     "format": "prettier:fix && lint:fix",
     "lint": "eslint --ext .ts,.tsx src/",

tsconfig.package.json

@@ -0,0 +1,17 @@
+{
+    "extends": "@tsconfig/node16/tsconfig.json",
+    "compilerOptions": {
+        "allowSyntheticDefaultImports": true,
+        "declaration": true,
+        "experimentalDecorators": true,
+        "emitDecoratorMetadata": true,
+        "noImplicitAny": true,
+        "outDir": "dist/",
+        "rootDirs": ["./", "src/"],
+        "strict": true,
+        "esModuleInterop": true,
+        "sourceMap": false,
+        "removeComments": true
+    },
+    "include": ["./src"]
+}

tsconfig.production.json

@@ -2,7 +2,7 @@
     "extends": "@tsconfig/node16/tsconfig.json",
     "compilerOptions": {
         "allowSyntheticDefaultImports": true,
-        "declaration": true,
+        "declaration": false,
         "experimentalDecorators": true,
         "emitDecoratorMetadata": true,
         "noImplicitAny": true,