GoogleCloudPlatform · glasnt · Jul 19, 2023 · Jul 19, 2023 · Jul 19, 2023 · Jul 20, 2023
@@ -0,0 +1,17 @@
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+FROM gcr.io/google.com/cloudsdktool/cloud-sdk:slim
+COPY init-execute.sh .
+ENTRYPOINT ./init-execute.sh
@@ -0,0 +1,10 @@
+# Init
+
+This folder contains the source for a container image that runs the tasks required to setup the application on first deployment.
+
+The container is designed to be executed as a Cloud Run job, with the `roles/run.developer` role, to run the `init-execute.sh` script:
+
+ * execute the `setup` job, [primes the the database](https://github.com/GoogleCloudPlatform/avocano/blob/main/server/scripts/prime_database.sh) script
+ * execute the `client` job, that runs the [client deployment](https://github.com/GoogleCloudPlatform/avocano/blob/main/client/docker-deploy.sh)
+ * purges cache and warms API.
+
@@ -0,0 +1,56 @@
+#!/bin/bash
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Script to assist in Dockerfile-based deployments.
+# any errors? exit immediately.
+set -e
+
+# escape if project_id not defined (mandatory, required later)
+if [[ -z $PROJECT_ID ]]; then
+   echo "PROJECT_ID not defined. Cannot deploy. Exiting."
+   exit 1
+fi
+
+# escape if firebase_url not defined (mandatory, required later)
+if [[ -z $FIREBASE_URL ]]; then
+   echo "FIREBASE_URL not defined. Cannot deploy. Exiting."
+   exit 1
+fi
+
+# Define common defaults, all overrideable.
+REGION="${REGION:-us-central1}"
+SETUP_JOB="${SETUP_JOB:-setup}"
+CLIENT_JOB="${CLIENT_JOB:-client}"
+
+echo "*** Executing initization job ***"
+echo "PROJECT_ID:   $PROJECT_ID"
+echo "REGION:       $REGION"
+echo "SETUP JOB:    $SETUP_JOB"
+echo "CLIENT JOB:   $CLIENT_JOB"
+echo "FIREBASE URL: $FIREBASE_URL"
+echo "SERVER URL:   $SERVER_URL"
+echo ""
+
+echo "Running init database migration..."
+gcloud run jobs execute "$SETUP_JOB" --wait --project "$PROJECT_ID" --region "$REGION"
+
+echo "Running client deploy..."
+gcloud run jobs execute "$CLIENT_JOB" --wait --project "$PROJECT_ID" --region "$REGION"
+
+echo "Purge Firebase cache"
+echo curl -X PURGE "${FIREBASE_URL}/"
+
+echo "Warm up API"
+curl "${SERVER_URL}/api/products/?warmup"
@@ -0,0 +1,36 @@
+# Copyright 2023 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Build placeholder site code into container
+
+steps:
+  - id: build
+    name: "gcr.io/cloud-builders/docker"
+    dir: app/init
+    args:
+      [
+        "build",
+        "-t",
+        "gcr.io/$PROJECT_ID/$_IMAGE_NAME",
+        ".",
+      ]
+
+images:
+  - gcr.io/$PROJECT_ID/$_IMAGE_NAME
+
+substitutions:
+  _IMAGE_NAME: avocano-init
+
+options:
+  dynamic_substitutions: true
@@ -17,7 +17,7 @@
 ARG PROJECT_ID=YOURPROJECTID
 FROM gcr.io/$PROJECT_ID/firebase
 
-RUN apk add gettext
+RUN apk add gettext curl
 RUN npm install -g json
 COPY . ./
 

@@ -17,14 +17,29 @@
 # any errors? exit immediately.
 set -e
 
+# escape if firebase_url not defined (mandatory, required later)
+if [[ -z $FIREBASE_URL ]]; then
+    echo "FIREBASE_URL not defined. Cannot deploy. Exiting."
+    exit 1
+fi
+
+# Only run the placeholder script if the site has been deployed before.
+# Check if the firebase url has "Site Not Found" (the pre-deployment state)
+if curl "$FIREBASE_URL" | grep -q "Site Not Found"; then
+    echo "Firebase site $FIREBASE_URL hasn't been deployed before, so it needs a placeholder."
+else
+    echo "Firebase site $FIREBASE_URL has been deployed before. Not going to deploy placeholder. Exiting."
+    exit 0
+fi
+
 # if deploying with a suffix (from infra/jobs.tf), adjust the config to suit the custom site
 # https://firebase.google.com/docs/hosting/multisites#set_up_deploy_targets
 if [[ -n $SUFFIX ]]; then
     json -I -f firebase.json -e "this.hosting.target='$SUFFIX'"
     UPDATED=true
 
     # Use template file to generate configuration
-    envsubst  < firebaserc.tmpl > .firebaserc
+    envsubst <firebaserc.tmpl >.firebaserc
     echo "Customised .firebaserc created to support site."
     cat .firebaserc
 fi
@@ -35,6 +50,10 @@ if [[ -n $UPDATED ]]; then
     cat firebase.json
 fi
 
+# Finally, deploy the application
 echo "Deploying placeholder to Firebase..."
-
 firebase deploy --project "$PROJECT_ID" --only hosting
+
+# Setup for greater chances of success by explicitly purging cache
+echo "Purging firebase cache"
+curl -X PURGE "${FIREBASE_URL}/"
@@ -19,5 +19,6 @@
 locals {
   server_image      = "gcr.io/${var.server_image_host}/server:${var.image_version}"
   client_image      = "gcr.io/${var.client_image_host}/client:${var.image_version}"
-  placeholder_image = "gcr.io/hsa-public/avocano-placeholder:latest"
+  placeholder_image = "gcr.io/hsa-public/avocano-placeholder:postjsscurl" # TODO(glasnt): revert to tag "latest"
+  init_image        = "gcr.io/hsa-public/avocano-init:postjsscurl"        # TODO(glasnt): revert to tag "latest"
 }
@@ -41,9 +41,9 @@ resource "google_service_account" "automation" {
   depends_on   = [module.project_services]
 }
 
-resource "google_service_account" "compute" {
-  account_id   = var.random_suffix ? "compute-startup-${random_id.suffix.hex}" : "compute-startup"
-  display_name = "Head Start App Compute Instance SA"
+resource "google_service_account" "init" {
+  account_id   = var.random_suffix ? "init-startup-${random_id.suffix.hex}" : "init-startup"
+  display_name = "Jump Start App Init SA"
   depends_on   = [module.project_services]
   count        = var.init ? 1 : 0
 }
@@ -88,12 +88,12 @@ resource "google_project_iam_member" "client_permissions" {
   depends_on = [google_service_account.client]
 }
 
-# GCE instance needs access to start Jobs
-resource "google_project_iam_member" "computestartup_permissions" {
+# Init process needs access to start Jobs
+resource "google_project_iam_member" "initstartup_permissions" {
   project    = var.project_id
   role       = "roles/run.developer"
-  member     = "serviceAccount:${google_service_account.compute[0].email}"
-  depends_on = [google_service_account.compute]
+  member     = "serviceAccount:${google_service_account.init[0].email}"
+  depends_on = [google_service_account.init]
   count      = var.init ? 1 : 0
 }
 

@@ -144,32 +144,3 @@ resource "google_cloud_run_v2_job" "client" {
   ]
 }
 
-
-resource "google_cloud_run_v2_job" "placeholder" {
-  name     = var.random_suffix ? "placeholder-${random_id.suffix.hex}" : "placeholder"
-  location = var.region
-
-  labels = var.labels
-
-  template {
-    template {
-      service_account = google_service_account.client.email
-      containers {
-        image = local.placeholder_image
-        env {
-          name  = "PROJECT_ID"
-          value = var.project_id
-        }
-
-        env {
-          name  = "SUFFIX"
-          value = var.random_suffix ? random_id.suffix.hex : ""
-        }
-      }
-    }
-  }
-
-  depends_on = [
-    module.project_services
-  ]
-}