-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathzero-module.yml
210 lines (206 loc) · 8.56 KB
/
zero-module.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
name: zero-frontend-react
description: 'Zero module for a single page application based on Create React App and deployed to S3/Cloudfront'
author: 'Commit'
zeroVersion: '>= 0.2.1'
commands:
check: sh scripts/check.sh
dependsOn:
- zero-aws-eks-stack
template:
strictMode: true
delimiters:
- '<%'
- '%>'
inputDir: 'templates'
outputDir: 'frontend'
requiredCredentials:
- aws
- github
parameters:
- field: backendApplicationHosting
label: How do you want to host the backend of your application?
info: "Kubernetes is more complex and expensive, but significantly more feature-rich. The serverless approach can be cheaper but is limited in tooling.\nWe recommend Kubernetes for all but the most simple applications. See why: https://whyk8s.getzero.dev"
default: "kubernetes"
options:
"kubernetes": "Kubernetes using AWS EKS"
"serverless": "(BETA) Serverless using AWS SAM/Lambda"
- field: useExistingAwsProfile
label: "Use credentials from an existing AWS profile?"
info: "You can choose either a currently existing profile if you've already configured your AWS CLI, or manually enter a pair of AWS access keys."
options:
"yes": "Yes"
"no": "No"
omitFromProjectFile: yes
- field: profilePicker
omitFromProjectFile: yes
type: AWSProfilePicker
conditions:
- action: KeyMatchCondition
whenValue: "yes"
matchField: useExistingAwsProfile
- field: accessKeyId
label: AWS AccessKeyId
info: "AWS access is controlled by a pair of keys tied to a user account.\nhttps://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html "
envVarName: "AWS_ACCESS_KEY_ID"
conditions:
- action: KeyMatchCondition
whenValue: "no"
matchField: useExistingAwsProfile
- field: secretAccessKey
envVarName: "AWS_SECRET_ACCESS_KEY"
label: AWS SecretAccessKey
info: "AWS access is controlled by a pair of keys tied to a user account.\nhttps://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html "
conditions:
- action: KeyMatchCondition
whenValue: "no"
matchField: useExistingAwsProfile
- field: githubAccessToken
label: "Github API Key to setup your repository and optionally CI/CD"
info: "This API key will let us set up new repositories to check in your code.\nhttps://docs.github.com/en/github/authenticating-to-github/keeping-your-account-and-data-secure/creating-a-personal-access-token"
envVarName: GITHUB_ACCESS_TOKEN
- field: region
label: Select AWS Region
info: "This is the region your resources will be created in.\nMost regions have all the same features and functionality, but depending on your product you may need to choose a different region for data sovereignty reasons."
options:
"us-east-1": "us-east-1 - US East (N. Virginia)"
"us-east-2": "us-east-2 - US East (Ohio)"
"us-west-2": "us-west-2 - US West (Oregon)"
"ca-central-1": "ca-central-1 - Canada (Central)"
"eu-west-1": "eu-west-1 - Europe (Ireland)"
"ap-southeast-1": "ap-southeast-1 - Asia Pacific (Singapore)"
- field: productionHostRoot
label: Production Root Host Name (e.g. mydomain.com)
info: "This must be the root of the chosen domain, not a subdomain. You will also be prompted for the subdomains to use for your application."
fieldValidation:
type: regex
value: '^([a-z0-9]+(-[a-z0-9]+)*\.{1})+[a-z]{2,}$'
errorMessage: Invalid root domain name
- field: productionFrontendSubdomain
label: Production Frontend Host Name (e.g. app.)
info: "The subdomain that will point to the static assets of your frontend hosted in Cloudfront."
default: app.
fieldValidation:
type: regex
value: '^([a-z0-9]+(-[a-z0-9]+)*\.)$'
errorMessage: Invalid subdomain (cannot contain special chars & must end with a '.')
- field: productionBackendSubdomain
label: Production Backend Host Name (e.g. api.)
info: "The subdomain that will point to the API of your backend running in Kubernetes."
default: api.
fieldValidation:
type: regex
value: '^([a-z0-9]+(-[a-z0-9]+)*\.)$'
errorMessage: Invalid subdomain (cannot contain special chars & must end with a '.')
- field: stagingHostRoot
label: Staging Root Host Name (e.g. mydomain-staging.com)
info: "This must be the root of the chosen domain, not a subdomain. You will also be prompted for the subdomains to use for your application.\nIt's recommended that you use different hostnames for staging and production instead of trying to have staging as a subdomain of your production domain."
fieldValidation:
type: regex
value: '^([a-z0-9]+(-[a-z0-9]+)*\.{1})+[a-z]{2,}$'
errorMessage: Invalid root domain name
- field: stagingFrontendSubdomain
label: Staging Frontend Host Name (e.g. app.)
info: "The subdomain that will point to the static assets of your frontend hosted in Cloudfront."
default: app.
fieldValidation:
type: regex
value: '^([a-z0-9]+(-[a-z0-9]+)*\.)$'
errorMessage: Invalid subdomain (cannot contain special chars & must end with a '.')
- field: stagingBackendSubdomain
label: Staging Backend Host Name (e.g. api.)
info: "The subdomain that will point to the API of your backend running in Kubernetes."
default: api.
fieldValidation:
type: regex
value: '^([a-z0-9]+(-[a-z0-9]+)*\.)$'
errorMessage: Invalid subdomain (cannot contain special chars & must end with a '.')
- field: randomSeed
label: Random seed that will be shared between projects to come up with deterministic resource names
execute: uuidgen | head -c 8
- field: userAuth
label: Enable user management and auth access proxy?
info: "This will enable infrastructure and application code that uses Kratos for user management and the Oathkeeper access proxy.\nhttps://ory.sh"
default: yes
options:
"yes": "Yes"
"no": "No"
- field: CIVendor
label: Which CI vendor would you like to use?
info: "Build pipelines will be set up which will deploy your code to your infrastructure whenever PRs are merged to the main branch."
default: "circleci"
options:
"circleci": "CircleCI"
"github-actions": "Github Actions"
- field: circleciApiKey
label: "CircleCI API Key"
info: "This will let us configure your CircleCI account to automatically enable CI for these newly created projects.\nhttps://circleci.com/docs/2.0/managing-api-tokens/"
envVarName: CIRCLECI_API_KEY
conditions:
- action: KeyMatchCondition
matchField: CIVendor
whenValue: "circleci"
- field: billingEnabled
label: "Enable billing support?"
info: "Provides a subscription example using stripe in the backend and frontend repositories."
options:
"yes": "Yes"
"no": "No"
- field: stagingStripePublicApiKey
label: "Staging Stripe public api key"
info: "Used for the frontend repository. It's recommended to use a sandbox key while getting set up."
conditions:
- action: KeyMatchCondition
matchField: billingEnabled
whenValue: "yes"
- field: stagingStripeSecretApiKey
label: "Staging Stripe secret api key"
info: "Used for the backend repository. It's recommended to use a sandbox key while getting set up."
conditions:
- action: KeyMatchCondition
matchField: billingEnabled
whenValue: "yes"
- field: productionStripePublicApiKey
label: "Production Stripe public api key"
info: "Used for the frontend repository. It's recommended to use a sandbox key while getting set up."
conditions:
- action: KeyMatchCondition
matchField: billingEnabled
whenValue: "yes"
- field: productionStripeSecretApiKey
label: "Production Stripe secret api key"
info: "Used for the backend repository. It's recommended to use a sandbox key while getting set up."
conditions:
- action: KeyMatchCondition
matchField: billingEnabled
whenValue: "yes"
conditions:
- action: ignoreFile
matchField: userAuth
whenValue: "no"
data:
- src/components/AuthCheck.js
- src/components/AuthForm.js
- src/components/AuthForm.css
- src/pages/Auth/
- src/api/
- src/context/
- action: ignoreFile
matchField: CIVendor
whenValue: "circleci"
data:
- .github/
- action: ignoreFile
matchField: CIVendor
whenValue: "github-actions"
data:
- .circleci/
- action: ignoreFile
matchField: billingEnabled
whenValue: "no"
data:
- src/pages/Billing
- action: ignoreFile
matchField: backendApplicationHosting
whenValue: "kubernetes"
data:
- src/api/serverless-auth.js