From 4cf37a879f02a603603c705847ee6be1b52629d5 Mon Sep 17 00:00:00 2001 From: david tjokroaminoto Date: Thu, 18 Jan 2024 22:24:04 +0800 Subject: [PATCH] fix: added gitlab-ci --- .gitlab-ci.yml | 3 +++ package-lock.json | 15 +++++++++++++++ package.json | 1 + serverless.ts | 29 +++++++++++++++-------------- 4 files changed, 34 insertions(+), 14 deletions(-) create mode 100644 .gitlab-ci.yml diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index 0000000..790b29a --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,3 @@ +include: + - project: "$CI_INCLUDE_PROJECT" + file: "$CI_INCLUDE_FILE" diff --git a/package-lock.json b/package-lock.json index 6dbebd1..f5fe60a 100644 --- a/package-lock.json +++ b/package-lock.json @@ -24,6 +24,7 @@ "node-cache": "^5.1.2", "serverless-associate-waf": "^1.2.1", "serverless-domain-manager": "^7.3.3", + "serverless-iamroles": "^3.2.7", "yargs": "^17.7.2" }, "devDependencies": { @@ -14726,6 +14727,20 @@ "node": ">=14.14" } }, + "node_modules/serverless-iamroles": { + "version": "3.2.7", + "resolved": "https://registry.npmjs.org/serverless-iamroles/-/serverless-iamroles-3.2.7.tgz", + "integrity": "sha512-FWKRhWLLwnhvSCM1VEbIubvuVYXKfekD0qvelhzrajzK1lBrWuKLShQ/abHEq4b2+rbnoqjHuDzZT+tEH8m4NA==", + "dependencies": { + "lodash": "^4.17.20" + }, + "engines": { + "node": ">=12" + }, + "peerDependencies": { + "serverless": "1 || 2 || 3" + } + }, "node_modules/serverless-offline": { "version": "13.3.0", "resolved": "https://registry.npmjs.org/serverless-offline/-/serverless-offline-13.3.0.tgz", diff --git a/package.json b/package.json index 4cf33a5..765721a 100644 --- a/package.json +++ b/package.json @@ -31,6 +31,7 @@ "node-cache": "^5.1.2", "serverless-associate-waf": "^1.2.1", "serverless-domain-manager": "^7.3.3", + "serverless-iamroles": "^3.2.7", "yargs": "^17.7.2" }, "devDependencies": { diff --git a/serverless.ts b/serverless.ts index 10ea9b1..0d4740d 100644 --- a/serverless.ts +++ b/serverless.ts @@ -5,11 +5,11 @@ import verify from "@functions/verify"; const STAGE = getArgumentValuesOrDefault({ flag: "stage", defaultValue: "dev" }); const serverlessConfiguration = async (): Promise => { - const service = "notarise-verify-api"; const region = "ap-southeast-1"; return { - service, + useDotenv: true, + service: "${env:PROJECT_NAME}-verify-api", configValidationMode: "error", plugins: ["serverless-esbuild", "serverless-domain-manager", "serverless-stack-termination-protection", "serverless-associate-waf", "serverless-iamroles", "serverless-offline", "serverless-offline-ssm"], provider: { @@ -18,7 +18,7 @@ const serverlessConfiguration = async (): Promise => { runtime: "nodejs18.x", memorySize: 256, timeout: 30, - stackName: 'notarise-${self:provider.stage}-verify-api', + stackName: '${self:custom.project}-${self:provider.stage}-verify-api', stage: STAGE, apiGateway: { minimumCompressionSize: 1024, @@ -32,10 +32,10 @@ const serverlessConfiguration = async (): Promise => { AWS_NODEJS_CONNECTION_REUSE_ENABLED: "1", NODE_OPTIONS: "--enable-source-maps --stack-trace-limit=1000", STAGE, - NETWORK_NAME: "${ssm:/notarise/${self:provider.stage}/network-name}", - INFURA_API_KEY: "${ssm:/notarise/${self:provider.stage}/infura-api-key}", - ALCHEMY_API_KEY: "${ssm:/notarise/${self:provider.stage}/alchemy-api-key}", - WHITELISTED_ISSUERS: "${ssm:/notarise/${self:provider.stage}/whitelisted-issuers}", + NETWORK_NAME: "${ssm:/${self:custom.project}/${self:provider.stage}/network-name}", + INFURA_API_KEY: "${ssm:/${self:custom.project}/${self:provider.stage}/infura-api-key}", + ALCHEMY_API_KEY: "${ssm:/${self:custom.project}/${self:provider.stage}/alchemy-api-key}", + WHITELISTED_ISSUERS: "${ssm:/${self:custom.project}/${self:provider.stage}/whitelisted-issuers}", }, tracing: { lambda: true, @@ -48,14 +48,14 @@ const serverlessConfiguration = async (): Promise => { level: "INFO", roleManagedExternally: true, fullExecutionData: true, - role: '${ssm:/notarise/${self:provider.stage}/cloudwatch-log-role-arn}', + role: '${ssm:/${self:custom.project}/${self:provider.stage}/cloudwatch-log-role-arn}', }, }, deploymentBucket: { name: '${self:custom.infra.deploymentBucket}', }, endpointType: - '${ssm:/notarise/${self:provider.stage}/api-gateway-endpoint-type, "REGIONAL"}', + '${ssm:/${self:custom.project}/${self:provider.stage}/api-gateway-endpoint-type, "REGIONAL"}', iam: { role: { name: "${self:provider.stackName}-lambda", @@ -74,15 +74,16 @@ const serverlessConfiguration = async (): Promise => { functions: { verify }, package: { individually: true }, custom: { + project: '${env:PROJECT_NAME}', infra: { deploymentBucket: - '${ssm:/notarise/${self:provider.stage}/deployment-bucket}', + '${ssm:/${self:custom.project}/${self:provider.stage}/deployment-bucket}', securityGroupIds: - '${ssm:/notarise/${self:provider.stage}/security-group-ids}', - subnetIds: '${ssm:/notarise/${self:provider.stage}/subnet-ids}', + '${ssm:/${self:custom.project}/${self:provider.stage}/security-group-ids}', + subnetIds: '${ssm:/${self:custom.project}/${self:provider.stage}/subnet-ids}', }, associateWaf: { - name: "${ssm:/notarise/${self:provider.stage}/wafv2-name}", + name: "${ssm:/${self:custom.project}/${self:provider.stage}/wafv2-name}", version: 'V2' }, serverlessTerminationProtection: { @@ -105,7 +106,7 @@ const serverlessConfiguration = async (): Promise => { concurrency: 10, }, customDomain: { - domainName: '${ssm:/notarise/${self:provider.stage}/verify-api-domain-name, ""}', + domainName: '${ssm:/${self:custom.project}/${self:provider.stage}/verify-api-domain-name, ""}', basePath: "", createRoute53Record: false, endpointType: "${self:provider.endpointType}",