From 35565aedd39afcb610430c8db627e93835e6c87d Mon Sep 17 00:00:00 2001
From: Jason Puglisi <jason@pugli.si>
Date: Wed, 8 Nov 2023 10:26:31 -0800
Subject: [PATCH] Add GCP deployment

---
 .ebextensions/tls.config                      | 27 --------
 .github/workflows/deploy-app-engine.yaml      | 68 +++++++++++++++++++
 .../workflows/deploy-elastic-beanstalk.yml    | 54 ---------------
 .platform/nginx/conf.d/proxy.conf             | 44 ------------
 app.yaml                                      |  5 ++
 server.js                                     |  2 +-
 6 files changed, 74 insertions(+), 126 deletions(-)
 delete mode 100644 .ebextensions/tls.config
 create mode 100644 .github/workflows/deploy-app-engine.yaml
 delete mode 100644 .github/workflows/deploy-elastic-beanstalk.yml
 delete mode 100644 .platform/nginx/conf.d/proxy.conf
 create mode 100644 app.yaml

diff --git a/.ebextensions/tls.config b/.ebextensions/tls.config
deleted file mode 100644
index 6e11829..0000000
--- a/.ebextensions/tls.config
+++ /dev/null
@@ -1,27 +0,0 @@
-Resources:
-  AWSEBAutoScalingGroup:
-    Metadata:
-      AWS::CloudFormation::Authentication:
-        S3Auth:
-          type: "s3"
-          buckets: ["elasticbeanstalk-us-west-1-046351013430"]
-          roleName:
-            "Fn::GetOptionSetting":
-              Namespace: "aws:autoscaling:launchconfiguration"
-              OptionName: "IamInstanceProfile"
-              DefaultValue: "aws-elasticbeanstalk-ec2-role"
-
-files:
-  /etc/pki/tls/certs/server.crt:
-    mode: "000400"
-    owner: root
-    group: root
-    authentication: "S3Auth"
-    source: https://elasticbeanstalk-us-west-1-046351013430.s3-us-west-1.amazonaws.com/tls/descent/server.crt
-
-  /etc/pki/tls/certs/server.key:
-    mode: "000400"
-    owner: root
-    group: root
-    authentication: "S3Auth"
-    source: https://elasticbeanstalk-us-west-1-046351013430.s3-us-west-1.amazonaws.com/tls/descent/server.key
diff --git a/.github/workflows/deploy-app-engine.yaml b/.github/workflows/deploy-app-engine.yaml
new file mode 100644
index 0000000..9d0d0b3
--- /dev/null
+++ b/.github/workflows/deploy-app-engine.yaml
@@ -0,0 +1,68 @@
+name: Deploy to GCP App Engine
+
+on: [push]
+
+concurrency:
+  group: "ae"
+  cancel-in-progress: false
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        node-version: [latest]
+    steps:
+      - uses: actions/checkout@v3
+      - name: Use Node.js ${{ matrix.node-version }}
+        uses: actions/setup-node@v3
+        with:
+          node-version: ${{ matrix.node-version }}
+      - name: Install dependencies
+        run: yarn --frozen-lockfile
+      - name: Build
+        run: npm test
+      - name: Generate deployment package
+        run: zip -r deploy.zip . -x '*.git'
+      - name: Upload deployment package artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: app-engine
+          path: deploy.zip
+
+  deploy:
+    if: ${{ github.ref == 'refs/heads/main' }}
+    runs-on: ubuntu-latest
+    needs: build
+    environment:
+      name: gcp-app-engine
+      url: https://descent.live
+    permissions:
+      contents: 'read'
+      id-token: 'write'
+    steps:
+      - name: Authenticate to GCP
+        uses: google-github-actions/auth@v1
+        with:
+          workload_identity_provider: ${{ vars.GCP_WORKLOAD_IDENTITY_PROVIDER }}
+          service_account: ${{ vars.GCP_SERVICE_ACCOUNT }}
+          project_id: ${{ vars.GCP_PROJECT_ID }}
+      - name: Download deployment package artifact
+        uses: actions/download-artifact@v3
+        with:
+          name: app-engine
+      - name: Unzip deployment package
+        run: unzip deploy.zip
+      - name: Cleanup build files
+        run: rm -rf deploy.zip .git
+      - name: Deploy to GCP App Engine
+        uses: google-github-actions/deploy-appengine@v1
+        with:
+          env_vars: |-
+            HUE_CLIENT=${{ vars.HUE_CLIENT }}
+            HUE_ID=${{ vars.HUE_ID }}
+            HUE_SECRET=${{ secrets.HUE_SECRET }}
+            LASTFM_POLL_INTERVAL=${{ vars.LASTFM_POLL_INTERVAL }}
+            OPENWEATHERMAP_KEY=${{ secrets.OPENWEATHERMAP_KEY }}
+            SPOTIFY_CLIENT=${{ vars.SPOTIFY_CLIENT }}
+            SPOTIFY_SECRET=${{ secrets.SPOTIFY_SECRET }}
diff --git a/.github/workflows/deploy-elastic-beanstalk.yml b/.github/workflows/deploy-elastic-beanstalk.yml
deleted file mode 100644
index 6feaf05..0000000
--- a/.github/workflows/deploy-elastic-beanstalk.yml
+++ /dev/null
@@ -1,54 +0,0 @@
-name: Deploy to AWS Elastic Beanstalk
-
-on: [push]
-
-concurrency:
-  group: "eb"
-  cancel-in-progress: false
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        node-version: [latest]
-    steps:
-      - uses: actions/checkout@v3
-      - name: Use Node.js ${{ matrix.node-version }}
-        uses: actions/setup-node@v3
-        with:
-          node-version: ${{ matrix.node-version }}
-      - name: Install dependencies
-        run: yarn --frozen-lockfile
-      - name: Build
-        run: npm test
-      - name: Generate deployment package
-        run: zip -r deploy.zip . -x '*.git'
-      - name: Upload deployment package artifact
-        uses: actions/upload-artifact@v3
-        with:
-          name: elastic-beanstalk
-          path: deploy.zip
-
-  deploy:
-    if: ${{ github.ref == 'refs/heads/main' }}
-    runs-on: ubuntu-latest
-    needs: build
-    environment:
-      name: aws-elastic-beanstalk
-      url: https://descent.live
-    steps:
-      - name: Download deployment package artifact
-        uses: actions/download-artifact@v3
-        with:
-          name: elastic-beanstalk
-      - name: Deploy to AWS Elastic Beanstalk
-        uses: einaregilsson/beanstalk-deploy@v21
-        with:
-          version_label: github-actions-${{ github.run_id }}-${{ github.run_attempt }}
-          deployment_package: deploy.zip
-          aws_access_key: ${{ secrets.AWS_ACCESS_KEY }}
-          aws_secret_key: ${{ secrets.AWS_SECRET_KEY }}
-          application_name: ${{ secrets.AWS_APPLICATION_NAME }}
-          environment_name: ${{ secrets.AWS_ENVIRONMENT_NAME }}
-          region: ${{ secrets.AWS_REGION }}
diff --git a/.platform/nginx/conf.d/proxy.conf b/.platform/nginx/conf.d/proxy.conf
deleted file mode 100644
index 06cf5f1..0000000
--- a/.platform/nginx/conf.d/proxy.conf
+++ /dev/null
@@ -1,44 +0,0 @@
-upstream nodejs {
-  server 127.0.0.1:8080;
-  keepalive 256;
-}
-
-server {
-  listen 443 ssl;
-  listen [::]:443 ssl;
-  server_name www.descent.live;
-
-  ssl_certificate /etc/pki/tls/certs/server.crt;
-  ssl_certificate_key /etc/pki/tls/certs/server.key;
-
-  ssl_session_timeout 5m;
-
-  ssl_protocols TLSv1.2;
-  ssl_prefer_server_ciphers on;
-
-  return 301 https://descent.live$request_uri;
-}
-
-server {
-  listen 443 ssl;
-  listen [::]:443 ssl;
-  server_name descent.live localhost;
-
-  ssl_certificate /etc/pki/tls/certs/server.crt;
-  ssl_certificate_key /etc/pki/tls/certs/server.key;
-
-  ssl_session_timeout 5m;
-
-  ssl_protocols TLSv1.2;
-  ssl_prefer_server_ciphers on;
-
-  location / {
-    proxy_pass http://nodejs;
-    proxy_set_header Connection "";
-    proxy_http_version 1.1;
-    proxy_set_header Host $host;
-    proxy_set_header X-Real-IP $remote_addr;
-    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-    proxy_set_header X-Forwarded-Proto https;
-  }
-}
diff --git a/app.yaml b/app.yaml
new file mode 100644
index 0000000..2805ece
--- /dev/null
+++ b/app.yaml
@@ -0,0 +1,5 @@
+runtime: nodejs20
+instance_class: F1
+automatic_scaling:
+  max_instances: 1
+  min_instances: 1
diff --git a/server.js b/server.js
index e75a045..7db67b1 100644
--- a/server.js
+++ b/server.js
@@ -566,4 +566,4 @@ async function getWeatherOpenweathermap(key, lat, lon, units, callback) {
 
 /* Application runtime */
 
-app.listen(process.env.DESCENT_PORT || 3000);
+app.listen(process.env.DESCENT_PORT || process.env.PORT || 3000);