Ha! Got it! And version bump

TODO: Still no access to routes on staging... hmmm...

.drone.yml

@@ -3,7 +3,7 @@ type: docker
 name: Test Pipeline
 
 workspace:
-  path: /drone/grow
+  path: /drone/auth
 
 steps:
 - name: yarn install
@@ -70,7 +70,7 @@ type: docker
 name: Publish Pipeline
 
 workspace:
-  path: /drone/grow
+  path: /drone/auth
 
 steps:
 - name: Build Package
@@ -85,7 +85,7 @@ steps:
     - yarn publish -t ${DRONE_TAG}
   volumes:
   - name: npmrc
-    path: /drone/grow/.npmrc
+    path: /drone/auth/.npmrc
 - name: Report NPM Publish Status
   image: plugins/webhook
   settings:
@@ -151,10 +151,74 @@ trigger:
 ---
 kind: pipeline
 type: docker
-name: Deploy Pipeline
+name: Staging Deploy Pipeline
 
 workspace:
-  path: /drone/grow
+  path: /drone/auth
+
+steps:
+- name: Deploy Container
+  image: docker
+  privileged: true
+  environment:
+    CONTAINER_PREFIX: staging
+    HOST: area51.mifi.dev
+    ROUTE_PREFIX: /auth
+    PORT: 9001
+  commands:
+    - docker compose -f docker-compose.staging-build.yml build --pull --no-cache
+    - docker compose -f docker-compose.staging-build.yml up --remove-orphans --force-recreate --wait
+  volumes:
+  - name: env-secrets
+    path: /drone/auth/staging.env
+  - name: dockersock
+    path: /var/run/docker.sock
+  - name: dockerconfig
+    path: /drone/auth/.docker/config.json
+- name: Send Status Notifications
+  image: plugins/webhook
+  privileged: true
+  settings:
+    urls: https://lab.mifi.dev/hooks/ccw34hdf7tgbjmzp96nptn938r
+    content_type: application/json
+    template: |
+      {
+        "icon_url":"https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/apple/198/freezing-face_1f976.png",
+        "text": "[{{ repo.name }} - Build # {{ build.number }}] Deploy {{ build.status }} {{#success build.status}}:tada:{{else}}:poop:{{/success}}",
+        "username":"DroneBot"
+      }
+  when:
+    status:
+      - success
+      - failure
+
+volumes:
+- name: dockerconfig
+  host:
+    path: /volume1/docker/dockerconfig.json
+- name: dockersock
+  host:
+    path: /var/run/docker.sock
+- name: env-secrets
+  host:
+    path: /volume1/docker/beethoven/labs-auth/staging.env
+
+depends_on:
+  - Test Pipeline
+
+trigger:
+  branch:
+  - develop
+  event:
+  - push
+
+---
+kind: pipeline
+type: docker
+name: Production Deploy Pipeline
+
+workspace:
+  path: /drone/auth
 
 clone:
   disable: true
@@ -169,17 +233,17 @@ steps:
     ROUTE_PREFIX: /auth
     PORT: 9001
   commands:
-    - docker compose -f docker-compose.staging-image.yml pull
-    - docker compose -f docker-compose.staging-image.yml build --no-cache
-    - docker compose -f docker-compose.staging-image.yml rm --stop
-    - docker compose -f docker-compose.staging-image.yml up --wait
+    - docker compose -f docker-compose.production-build.yml pull
+    - docker compose -f docker-compose.production-build.yml build --no-cache
+    - docker compose -f docker-compose.production-build.yml rm --stop
+    - docker compose -f docker-compose.production-build.yml up --wait
   volumes:
   - name: env-secrets
-    path: /drone/grow/staging.env
+    path: /drone/auth/production.env
   - name: dockersock
     path: /var/run/docker.sock
   - name: dockerconfig
-    path: /drone/grow/.docker/config.json
+    path: /drone/auth/.docker/config.json
 - name: Send Status Notifications
   image: plugins/webhook
   privileged: true

.env.dev

@@ -6,14 +6,14 @@ ROUTE_PREFIX=/auth
 LOGIN_ROUTE=/login
 RESET_ROUTE=/reset
 
-DB_ADMIN_USERNAME=root
-DB_ADMIN_PASSWORD=password
+# DB_ADMIN_USERNAME=root
+# DB_ADMIN_PASSWORD=password
 DB_USERNAME=user
 DB_PASSWORD=password
 DB_NAME=auth
 
-MONGO_INITDB_ROOT_USERNAME=$DB_ADMIN_USERNAME
-MONGO_INITDB_ROOT_PASSWORD=$DB_ADMIN_PASSWORD
+MONGO_INITDB_ROOT_USERNAME=$DB_USERNAME
+MONGO_INITDB_ROOT_PASSWORD=$DB_PASSWORD
 MONGO_INITDB_DATABASE=$DB_NAME
 
 SESSION_KEY=shjhakjfhfjdshjksdhfdshfhfduyeyb73te4

Dockerfile

@@ -1,3 +1,12 @@
+ARG ENV=production
+ARG MONGO_VERSION=latest
+ARG PORT=9001
+
+## mongo build stage
+FROM mongo:$MONGO_VERSION AS database
+COPY mongo-init.sh /docker-entrypoint-initdb.d
+
+## stage one, build the service
 FROM node:20-alpine AS build
 ENV NODE_ENV development
 WORKDIR /home/node/app
@@ -10,10 +19,10 @@ RUN yarn build
 
 ## this is stage two , where the app actually runs
 FROM node:20-alpine AS containerize
-ENV NODE_ENV ${ENV:-production}
+ENV NODE_ENV $ENV
 WORKDIR /home/node/app
 COPY package*.json ./
 RUN yarn install --frozen-lockfile --production
-COPY --from=0 /home/node/app/dist .
-EXPOSE ${PORT:-9001}
+COPY --from=build /home/node/app/dist .
+EXPOSE $PORT
 CMD ["node","server/index.js"]

README.md

@@ -1,2 +1,2 @@
-# grow-api
+# @mifi/auth
 

docker-compose.dev.yml

@@ -3,14 +3,14 @@ version: '3.8'
 services:
     auth-service_mongo:
         env_file: .env.dev
-        container_name: ${CONTAINER_PREFIX:-dev}-auth-service_mongo
+        container_name: ${CONTAINER_PREFIX}-auth-service_mongo
         ports:
             - 27017:27017
         networks:
             - backend
         volumes:
-            - auth-db:/data
-            - ./mongo-init.js:/docker-entrypoint-initdb.d/mongo-init.js:ro
+            - auth-db:/data/db
+            - auth-db:/data/configdb
         restart: unless-stopped
         image: mongo:latest
     auth-service:
@@ -20,11 +20,11 @@ services:
             args:
               - PORT
               - ENV
-        container_name: ${CONTAINER_PREFIX:-dev}-auth-service
+        container_name: ${CONTAINER_PREFIX}-auth-service
         ports:
             - 9001:9001
         environment:
-            - DB_HOST=${CONTAINER_PREFIX:-dev}-auth-service_mongo
+            - DB_HOST=${CONTAINER_PREFIX}-auth-service_mongo
         networks:
             - labs-net
             - backend

docker-compose.staging-build.yml

@@ -2,42 +2,53 @@ version: '3.8'
 
 services:
     auth-service_mongo:
-        container_name: ${CONTAINER_PREFIX:-staging}-auth-service_mongo
-        env_file:
-            - staging.env
-        networks:
-            - docknet
-        volumes:
-            - 'auth-db:/data'
-            - './mongo-init.js:/docker-entrypoint-initdb.d/mongo-init.js:ro'
-        restart: unless-stopped
-        image: mongo:latest
-    auth-service:
+        container_name: ${CONTAINER_PREFIX}-auth-service_mongo
         env_file:
             - staging.env
         build:
             context: .
+            target: database
+            args:
+              MONGO_VERSION: 4.4
+        networks:
+            - auth-backend
+        volumes:
+            - 'auth-db:/data/db'
+            - 'auth-db:/data/configdb'
+        restart: unless-stopped
+        image: mongo:4.4
+    auth-service:
+        container_name: ${CONTAINER_PREFIX}-auth-service
+        env_file:
+            - staging.env
+        build:
+            context: .
+            target: containerize
             args:
               - PORT
               - ENV
-        container_name: ${CONTAINER_PREFIX:-staging}-auth-service
         environment:
-            - DB_HOST=${CONTAINER_PREFIX:-staging}-auth-service_mongo
+            - DB_HOST=${CONTAINER_PREFIX}-auth-service_mongo
         labels:
             - 'traefik.enable=true'
-            - 'traefik.http.routers.grow.rule=Host(`${HOST}`) && Path(`${ROUTE_PREFIX}`)'
-            - 'traefik.http.routers.grow.entrypoints=websecure'
-            - 'traefik.http.routers.grow.tls=true'
-            - 'traefik.http.routers.grow.tls.certresolver=letsencrypt'
-            - 'traefik.http.routers.grow.service=grow-service'
-            - 'traefik.http.services.grow-service.loadbalancer.server.port=${PORT}'
+            - 'traefik.docker.network=docknet'
+            - 'traefik.http.routers.labs-auth.rule=Host(`${HOST}`) && PathPrefix(`${ROUTE_PREFIX}`)'
+            - 'traefik.http.routers.labs-auth.entrypoints=websecure'
+            - 'traefik.http.routers.labs-auth.tls=true'
+            - 'traefik.http.routers.labs-auth.tls.certresolver=letsencrypt'
+            - 'traefik.http.routers.labs-auth.service=labs-auth-service'
+            - 'traefik.http.services.labs-auth-service.loadbalancer.server.port=${PORT}'
         networks:
+            - auth-backend
             - docknet
         restart: unless-stopped
         image: node:20-alpine
         depends_on:
             - auth-service_mongo
 networks:
+    auth-backend:
+        driver: bridge
+        external: false
     docknet:
         name: docknet
         external: true

docker-compose.staging-image.yml

@@ -2,7 +2,7 @@ version: '3.8'
 
 services:
     auth-service_mongo:
-        container_name: ${CONTAINER_PREFIX:-staging}-auth-service_mongo
+        container_name: ${CONTAINER_PREFIX}-auth-service_mongo
         env_file:
             - staging.env
         networks:
@@ -11,13 +11,13 @@ services:
             - auth-db:/data
             - ./mongo-init.js:/docker-entrypoint-initdb.d/mongo-init.js:ro
         restart: unless-stopped
-        image: mongo:latest
+        image: mongo:4.4
     auth-service:
         env_file:
             - staging.env
-        container_name: ${CONTAINER_PREFIX:-staging}-auth-service
+        container_name: ${CONTAINER_PREFIX}-auth-service
         environment:
-            - DB_HOST=${CONTAINER_PREFIX:-staging}-auth-service_mongo
+            - DB_HOST=${CONTAINER_PREFIX}-auth-service_mongo
         labels:
             - 'traefik.enable=true'
             - 'traefik.http.routers.grow.rule=Host(`${HOST}`) && Path(`${ROUTE_PREFIX}`)'
@@ -29,9 +29,9 @@ services:
         networks:
             - docknet
         restart: unless-stopped
-        image: git.mifi.dev/mifi/mifi/auth:latest
         depends_on:
             - auth-service_mongo
+        image: git.mifi.dev/mifi/mifi/auth:latest
 
 networks:
     docknet:

mongo-init.js

@@ -1,12 +0,0 @@
-/* eslint-disable no-undef */
-db = db.getSiblingDB(process.env.DB_NAME);
-db.createUser({
-    user: process.env.DB_USERNAME,
-    pwd: process.env.DB_PASSWORD,
-    roles: [
-        {
-            role: 'readWrite',
-            db: process.env.DB_NAME,
-        },
-    ],
-});

mongo-init.sh

@@ -0,0 +1,14 @@
+set -e
+
+mongo <<EOF
+use $MONGO_INITDB_DATABASE
+
+db.createUser({
+  user: '$DB_USERNAME',
+  pwd: '$DB_PASSWORD',
+  roles: [{
+    role: 'readWrite',
+    db: '$MONGO_INITDB_DATABASE'
+  }]
+})
+EOF

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@mifi/auth",
-  "version": "0.0.38",
+  "version": "0.0.39",
   "author": "mifi (Mike Fitzpatrick)",
   "license": "MIT",
   "scripts": {