From 0cfe0dc3420b1548a4999e42e318e4297bfc3a69 Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 10:43:22 -0400 Subject: [PATCH 01/38] update the workflow logic --- .github/workflows/tyk-dev.yml | 12 +++++++++++- .github/workflows/tyk-env-promotion.yml | 5 +---- .github/workflows/tyk-production.yml | 1 + .github/workflows/tyk-staging.yml | 16 +++------------- 4 files changed, 16 insertions(+), 18 deletions(-) diff --git a/.github/workflows/tyk-dev.yml b/.github/workflows/tyk-dev.yml index ac08d69..bd0100d 100644 --- a/.github/workflows/tyk-dev.yml +++ b/.github/workflows/tyk-dev.yml @@ -13,4 +13,14 @@ jobs: tyk-lint: uses: ./.github/workflows/tyk-lint.yml with: - environment: 'dev' \ No newline at end of file + environment: 'dev' + + # Set up staging APIs and Policies if the Dev assets pass the linter / validation + tyk-set-up-staging: + needs: tyk-lint + uses: ./.github/workflows/tyk-staging.yml + + # Set up prod APIs and Policies if the Dev assets pass the linter / validation + tyk-set-up-prod: + needs: tyk-set-up-staging + uses: ./.github/workflows/tyk-production.yml \ No newline at end of file diff --git a/.github/workflows/tyk-env-promotion.yml b/.github/workflows/tyk-env-promotion.yml index b257efb..7ec48db 100644 --- a/.github/workflows/tyk-env-promotion.yml +++ b/.github/workflows/tyk-env-promotion.yml @@ -9,10 +9,7 @@ on: options: - stg - prod - workflow_call: - inputs: - environment: - type: string + jobs: env-promotion: runs-on: ubuntu-latest diff --git a/.github/workflows/tyk-production.yml b/.github/workflows/tyk-production.yml index 5577fc6..019fd5f 100644 --- a/.github/workflows/tyk-production.yml +++ b/.github/workflows/tyk-production.yml @@ -4,6 +4,7 @@ name: Generate Production Tyk Assets # Perform the env promotion only on push to main branch on: workflow_dispatch: + workflow_call: permissions: contents: write diff --git a/.github/workflows/tyk-staging.yml b/.github/workflows/tyk-staging.yml index c280555..11b8022 100644 --- a/.github/workflows/tyk-staging.yml +++ b/.github/workflows/tyk-staging.yml @@ -5,11 +5,7 @@ name: Generate Staging Tyk Assets # Perform the env promotion only on push to main branch on: workflow_dispatch: - push: - paths: - - 'dev/**' - branches: - - main + workflow_call: jobs: # Set up staging assets @@ -135,7 +131,7 @@ jobs: # done # Run linter and validation workflow - - name: Staging Linter + - name: Run Linter for Staging Environment uses: ./.github/workflows/tyk-lint.yml with: environment: 'stg' @@ -169,10 +165,4 @@ jobs: git config --global user.email "$ORG_EMAIL" git add . git commit -am "CI: Update staging assets" - git push - - # Promote to staging env - tyk-env-promotion: - uses: ./.github/workflows/tyk-env-promotion.yml - with: - environment: 'stg' \ No newline at end of file + git push \ No newline at end of file From 10794185524eeca7febb94d90524f889d73661a7 Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 10:48:25 -0400 Subject: [PATCH 02/38] added push workflow for dev --- .github/workflows/tyk-dev.yml | 3 +++ .github/workflows/tyk-staging.yml | 10 +++++----- dev/apis/api-2399f2e90953469d50245a7e1c77813e.json | 2 +- 3 files changed, 9 insertions(+), 6 deletions(-) diff --git a/.github/workflows/tyk-dev.yml b/.github/workflows/tyk-dev.yml index bd0100d..3508221 100644 --- a/.github/workflows/tyk-dev.yml +++ b/.github/workflows/tyk-dev.yml @@ -7,6 +7,9 @@ on: pull_request: paths: - 'dev/**' + push: + paths: + - 'dev/**' jobs: # Run linter and validation workflow diff --git a/.github/workflows/tyk-staging.yml b/.github/workflows/tyk-staging.yml index 11b8022..e2a631b 100644 --- a/.github/workflows/tyk-staging.yml +++ b/.github/workflows/tyk-staging.yml @@ -155,14 +155,14 @@ jobs: fi # Push changes to remote repository - - name: Commit changes + - name: Commit and push changes if: env.modified == 'true' env: - ORG_NAME: ${{ secrets.ORG_NAME }} - ORG_EMAIL: ${{ secrets.ORG_EMAIL }} + ACTOR_NAME: ${{ github.actor }} + ACTOR_EMAIL: ${{ github.actor }}@users.noreply.github.com run: | - git config --global user.name "$ORG_NAME" - git config --global user.email "$ORG_EMAIL" + git config --global user.name "$ACTOR_NAME" + git config --global user.email "$ACTOR_EMAIL" git add . git commit -am "CI: Update staging assets" git push \ No newline at end of file diff --git a/dev/apis/api-2399f2e90953469d50245a7e1c77813e.json b/dev/apis/api-2399f2e90953469d50245a7e1c77813e.json index 9a9cdd9..e5275ba 100644 --- a/dev/apis/api-2399f2e90953469d50245a7e1c77813e.json +++ b/dev/apis/api-2399f2e90953469d50245a7e1c77813e.json @@ -1,7 +1,7 @@ { "api_definition": { "id": "66e1f6076e83c700014095a8", - "name": "httpbin", + "name": "httpbin-v2", "slug": "temp", "listen_port": 0, "protocol": "", From 1195b8ee002aff56ee9baa00ea5eddb9afc9794e Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 10:55:33 -0400 Subject: [PATCH 03/38] added debugger --- .github/workflows/tyk-staging.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/tyk-staging.yml b/.github/workflows/tyk-staging.yml index e2a631b..87e23bc 100644 --- a/.github/workflows/tyk-staging.yml +++ b/.github/workflows/tyk-staging.yml @@ -76,7 +76,7 @@ jobs: #echo "Config_Data Before:" #jq '.api_definition.config_data' $file #echo "Replacing with:" - #echo $STG_US_CONFIG_DATA | sed 's/./& /g' + echo $STG_US_CONFIG_DATA | sed 's/./& /g' jq --arg config_data "$STG_US_CONFIG_DATA" '.api_definition.config_data = ($config_data | fromjson)' "$file" > tmp_api.json mv tmp_api.json $file echo "Updated config_data in $file" From f27a087ef03a727e21adf94f10a629f5507b17ba Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 11:03:20 -0400 Subject: [PATCH 04/38] fix staging workflow --- .github/workflows/tyk-staging.yml | 2 +- dev/apis/api-2399f2e90953469d50245a7e1c77813e.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/tyk-staging.yml b/.github/workflows/tyk-staging.yml index 87e23bc..b41e1b9 100644 --- a/.github/workflows/tyk-staging.yml +++ b/.github/workflows/tyk-staging.yml @@ -76,7 +76,7 @@ jobs: #echo "Config_Data Before:" #jq '.api_definition.config_data' $file #echo "Replacing with:" - echo $STG_US_CONFIG_DATA | sed 's/./& /g' + # echo $STG_US_CONFIG_DATA | sed 's/./& /g' jq --arg config_data "$STG_US_CONFIG_DATA" '.api_definition.config_data = ($config_data | fromjson)' "$file" > tmp_api.json mv tmp_api.json $file echo "Updated config_data in $file" diff --git a/dev/apis/api-2399f2e90953469d50245a7e1c77813e.json b/dev/apis/api-2399f2e90953469d50245a7e1c77813e.json index e5275ba..2f69d6d 100644 --- a/dev/apis/api-2399f2e90953469d50245a7e1c77813e.json +++ b/dev/apis/api-2399f2e90953469d50245a7e1c77813e.json @@ -1,7 +1,7 @@ { "api_definition": { "id": "66e1f6076e83c700014095a8", - "name": "httpbin-v2", + "name": "httpbin-v3", "slug": "temp", "listen_port": 0, "protocol": "", From ec97466cf680db14a2f7cd1f46ee02c741b3a809 Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 11:10:36 -0400 Subject: [PATCH 05/38] echo json --- .github/workflows/tyk-staging.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/tyk-staging.yml b/.github/workflows/tyk-staging.yml index b41e1b9..87e23bc 100644 --- a/.github/workflows/tyk-staging.yml +++ b/.github/workflows/tyk-staging.yml @@ -76,7 +76,7 @@ jobs: #echo "Config_Data Before:" #jq '.api_definition.config_data' $file #echo "Replacing with:" - # echo $STG_US_CONFIG_DATA | sed 's/./& /g' + echo $STG_US_CONFIG_DATA | sed 's/./& /g' jq --arg config_data "$STG_US_CONFIG_DATA" '.api_definition.config_data = ($config_data | fromjson)' "$file" > tmp_api.json mv tmp_api.json $file echo "Updated config_data in $file" From a83e4dfd2d17f33b40d2b128e5737eb19ebe3898 Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 11:19:29 -0400 Subject: [PATCH 06/38] print out file --- .github/workflows/tyk-staging.yml | 1 + dev/apis/api-2399f2e90953469d50245a7e1c77813e.json | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/tyk-staging.yml b/.github/workflows/tyk-staging.yml index 87e23bc..a09a317 100644 --- a/.github/workflows/tyk-staging.yml +++ b/.github/workflows/tyk-staging.yml @@ -77,6 +77,7 @@ jobs: #jq '.api_definition.config_data' $file #echo "Replacing with:" echo $STG_US_CONFIG_DATA | sed 's/./& /g' + cat $file jq --arg config_data "$STG_US_CONFIG_DATA" '.api_definition.config_data = ($config_data | fromjson)' "$file" > tmp_api.json mv tmp_api.json $file echo "Updated config_data in $file" diff --git a/dev/apis/api-2399f2e90953469d50245a7e1c77813e.json b/dev/apis/api-2399f2e90953469d50245a7e1c77813e.json index 2f69d6d..9771ba0 100644 --- a/dev/apis/api-2399f2e90953469d50245a7e1c77813e.json +++ b/dev/apis/api-2399f2e90953469d50245a7e1c77813e.json @@ -1,7 +1,7 @@ { "api_definition": { "id": "66e1f6076e83c700014095a8", - "name": "httpbin-v3", + "name": "httpbin-v5", "slug": "temp", "listen_port": 0, "protocol": "", From d10ac7377dafefd7adafc395dcce57e83fad21e2 Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 11:23:22 -0400 Subject: [PATCH 07/38] set json replacement data --- .github/workflows/tyk-staging.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/tyk-staging.yml b/.github/workflows/tyk-staging.yml index a09a317..050f50f 100644 --- a/.github/workflows/tyk-staging.yml +++ b/.github/workflows/tyk-staging.yml @@ -78,7 +78,7 @@ jobs: #echo "Replacing with:" echo $STG_US_CONFIG_DATA | sed 's/./& /g' cat $file - jq --arg config_data "$STG_US_CONFIG_DATA" '.api_definition.config_data = ($config_data | fromjson)' "$file" > tmp_api.json + jq --arg config_data '{"routes": {"default": "https://stg.httpbin.com","stg1": "https://stg1.httpbin.com","stg2": "https://stg2.httpbin.com"}}' '.api_definition.config_data = ($config_data | fromjson)' "$file" > tmp_api.json mv tmp_api.json $file echo "Updated config_data in $file" done From 795039422781a7b43fe1960191d633c59b24eb90 Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 11:52:46 -0400 Subject: [PATCH 08/38] tweaks --- .github/workflows/tyk-staging.yml | 20 +++++++++---------- .../api-2399f2e90953469d50245a7e1c77813e.json | 2 +- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/tyk-staging.yml b/.github/workflows/tyk-staging.yml index 050f50f..2093dce 100644 --- a/.github/workflows/tyk-staging.yml +++ b/.github/workflows/tyk-staging.yml @@ -73,12 +73,12 @@ jobs: # Tyk Classic API Definitions for file in $(find . -name "stg-api*.json"); do echo "Adding config_data to Tyk Classic API Definition: $file" - #echo "Config_Data Before:" - #jq '.api_definition.config_data' $file - #echo "Replacing with:" + # echo "Config_Data Before:" + # jq '.api_definition.config_data' $file + # echo "Replacing with:" echo $STG_US_CONFIG_DATA | sed 's/./& /g' - cat $file - jq --arg config_data '{"routes": {"default": "https://stg.httpbin.com","stg1": "https://stg1.httpbin.com","stg2": "https://stg2.httpbin.com"}}' '.api_definition.config_data = ($config_data | fromjson)' "$file" > tmp_api.json + echo $STG_US_CONFIG_DATA + jq --arg config_data "$STG_US_CONFIG_DATA" '.api_definition.config_data = ($config_data | fromjson)' "$file" > tmp_api.json mv tmp_api.json $file echo "Updated config_data in $file" done @@ -131,11 +131,11 @@ jobs: # fi # done - # Run linter and validation workflow - - name: Run Linter for Staging Environment - uses: ./.github/workflows/tyk-lint.yml - with: - environment: 'stg' + # # Run linter and validation workflow + # - name: Run Linter for Staging Environment + # uses: ./.github/workflows/tyk-lint.yml + # with: + # environment: 'stg' # List repo content post sub # - name: 'List Repository Contents Post-Substitution' diff --git a/dev/apis/api-2399f2e90953469d50245a7e1c77813e.json b/dev/apis/api-2399f2e90953469d50245a7e1c77813e.json index 9771ba0..200d2aa 100644 --- a/dev/apis/api-2399f2e90953469d50245a7e1c77813e.json +++ b/dev/apis/api-2399f2e90953469d50245a7e1c77813e.json @@ -1,7 +1,7 @@ { "api_definition": { "id": "66e1f6076e83c700014095a8", - "name": "httpbin-v5", + "name": "httpbin-v1", "slug": "temp", "listen_port": 0, "protocol": "", From 2d9f0cfc22615d5b245a0b594c0c1cc4e72fcbf6 Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 12:22:50 -0400 Subject: [PATCH 09/38] print secret to test and validate the value --- .github/workflows/tyk-staging.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/tyk-staging.yml b/.github/workflows/tyk-staging.yml index 2093dce..e71ff07 100644 --- a/.github/workflows/tyk-staging.yml +++ b/.github/workflows/tyk-staging.yml @@ -76,8 +76,8 @@ jobs: # echo "Config_Data Before:" # jq '.api_definition.config_data' $file # echo "Replacing with:" - echo $STG_US_CONFIG_DATA | sed 's/./& /g' - echo $STG_US_CONFIG_DATA + echo ${{secrets.STG_US_PROXY_TARGET_URL}} | sed 's/./& /g' + echo ${{secrets.STG_US_PROXY_TARGET_URL}} jq --arg config_data "$STG_US_CONFIG_DATA" '.api_definition.config_data = ($config_data | fromjson)' "$file" > tmp_api.json mv tmp_api.json $file echo "Updated config_data in $file" From 37ce08400d83adabdc8be57bbb2c68b1f1b86823 Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 12:24:25 -0400 Subject: [PATCH 10/38] print correct secret --- .github/workflows/tyk-staging.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/tyk-staging.yml b/.github/workflows/tyk-staging.yml index e71ff07..811bd50 100644 --- a/.github/workflows/tyk-staging.yml +++ b/.github/workflows/tyk-staging.yml @@ -76,8 +76,8 @@ jobs: # echo "Config_Data Before:" # jq '.api_definition.config_data' $file # echo "Replacing with:" - echo ${{secrets.STG_US_PROXY_TARGET_URL}} | sed 's/./& /g' - echo ${{secrets.STG_US_PROXY_TARGET_URL}} + echo ${{ secrets.STG_US_CONFIG_DATA }} | sed 's/./& /g' + echo ${{ secrets.STG_US_CONFIG_DATA }} jq --arg config_data "$STG_US_CONFIG_DATA" '.api_definition.config_data = ($config_data | fromjson)' "$file" > tmp_api.json mv tmp_api.json $file echo "Updated config_data in $file" From 0df237164b98136a4de6394678591bee81e22aa0 Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 12:29:12 -0400 Subject: [PATCH 11/38] use the config secrets --- .github/workflows/tyk-staging.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/tyk-staging.yml b/.github/workflows/tyk-staging.yml index 811bd50..8cdc87f 100644 --- a/.github/workflows/tyk-staging.yml +++ b/.github/workflows/tyk-staging.yml @@ -78,7 +78,7 @@ jobs: # echo "Replacing with:" echo ${{ secrets.STG_US_CONFIG_DATA }} | sed 's/./& /g' echo ${{ secrets.STG_US_CONFIG_DATA }} - jq --arg config_data "$STG_US_CONFIG_DATA" '.api_definition.config_data = ($config_data | fromjson)' "$file" > tmp_api.json + jq --arg config_data "${{ secrets.STG_US_CONFIG_DATA }}" '.api_definition.config_data = ($config_data | fromjson)' "$file" > tmp_api.json mv tmp_api.json $file echo "Updated config_data in $file" done From 929ff154a258dc04f18f383de69fc08f9f43b0e9 Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 12:55:52 -0400 Subject: [PATCH 12/38] added new secret --- .github/workflows/tyk-staging.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/tyk-staging.yml b/.github/workflows/tyk-staging.yml index 8cdc87f..0bd5e32 100644 --- a/.github/workflows/tyk-staging.yml +++ b/.github/workflows/tyk-staging.yml @@ -56,7 +56,7 @@ jobs: # Create a new file path in the stg directory with a stg- prefix new_file="stg-$(basename "$file")" # Replace proxy.target_url with the GitHub secret value and write to the new file - echo ${{secrets.STG_US_PROXY_TARGET_URL}} | sed 's/./& /g' + echo ${{ secrets.STG_US_PROXY_TARGET_URL }} | sed 's/./& /g' jq --arg url "$STG_US_PROXY_TARGET_URL" '.proxy.target_url = $url' "$file" > "../stg/apis/$new_file" echo "Updated target_url in $new_file" done @@ -78,7 +78,8 @@ jobs: # echo "Replacing with:" echo ${{ secrets.STG_US_CONFIG_DATA }} | sed 's/./& /g' echo ${{ secrets.STG_US_CONFIG_DATA }} - jq --arg config_data "${{ secrets.STG_US_CONFIG_DATA }}" '.api_definition.config_data = ($config_data | fromjson)' "$file" > tmp_api.json + echo "${{ secrets.HELLO_WORLD }}" + jq --arg config_data "${{ secrets.STG_US_CONFIG_DATA }}" '.api_definition.config_data = ($jq | fromjson)' "$file" > tmp_api.json mv tmp_api.json $file echo "Updated config_data in $file" done From 5ad0815c64498989b2e8b14c9502e0b88e10e089 Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 13:03:37 -0400 Subject: [PATCH 13/38] update teh config_data --- .github/workflows/tyk-staging.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/tyk-staging.yml b/.github/workflows/tyk-staging.yml index 0bd5e32..192502c 100644 --- a/.github/workflows/tyk-staging.yml +++ b/.github/workflows/tyk-staging.yml @@ -79,7 +79,7 @@ jobs: echo ${{ secrets.STG_US_CONFIG_DATA }} | sed 's/./& /g' echo ${{ secrets.STG_US_CONFIG_DATA }} echo "${{ secrets.HELLO_WORLD }}" - jq --arg config_data "${{ secrets.STG_US_CONFIG_DATA }}" '.api_definition.config_data = ($jq | fromjson)' "$file" > tmp_api.json + jq --arg config_data "${{ secrets.STG_US_CONFIG_DATA }}" '.api_definition.config_data = ($config_data | fromjson)' "$file" > tmp_api.json mv tmp_api.json $file echo "Updated config_data in $file" done From c6c82487f43f0bd89e247071011a3c7618098e56 Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 13:07:05 -0400 Subject: [PATCH 14/38] added inheritance to github actions workflow --- .github/workflows/tyk-dev.yml | 4 +++- .github/workflows/tyk-staging.yml | 1 - 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/tyk-dev.yml b/.github/workflows/tyk-dev.yml index 3508221..65cc374 100644 --- a/.github/workflows/tyk-dev.yml +++ b/.github/workflows/tyk-dev.yml @@ -22,8 +22,10 @@ jobs: tyk-set-up-staging: needs: tyk-lint uses: ./.github/workflows/tyk-staging.yml + secrets: inherit # Set up prod APIs and Policies if the Dev assets pass the linter / validation tyk-set-up-prod: needs: tyk-set-up-staging - uses: ./.github/workflows/tyk-production.yml \ No newline at end of file + uses: ./.github/workflows/tyk-production.yml + secrets: inherit \ No newline at end of file diff --git a/.github/workflows/tyk-staging.yml b/.github/workflows/tyk-staging.yml index 192502c..236a8ca 100644 --- a/.github/workflows/tyk-staging.yml +++ b/.github/workflows/tyk-staging.yml @@ -78,7 +78,6 @@ jobs: # echo "Replacing with:" echo ${{ secrets.STG_US_CONFIG_DATA }} | sed 's/./& /g' echo ${{ secrets.STG_US_CONFIG_DATA }} - echo "${{ secrets.HELLO_WORLD }}" jq --arg config_data "${{ secrets.STG_US_CONFIG_DATA }}" '.api_definition.config_data = ($config_data | fromjson)' "$file" > tmp_api.json mv tmp_api.json $file echo "Updated config_data in $file" From 780b0f4a713e65a570f9e81e540af4c3e469a35d Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 13:14:49 -0400 Subject: [PATCH 15/38] update the push command --- .github/workflows/tyk-staging.yml | 40 +++++++++++++++---------------- 1 file changed, 19 insertions(+), 21 deletions(-) diff --git a/.github/workflows/tyk-staging.yml b/.github/workflows/tyk-staging.yml index 236a8ca..084fcf9 100644 --- a/.github/workflows/tyk-staging.yml +++ b/.github/workflows/tyk-staging.yml @@ -76,9 +76,9 @@ jobs: # echo "Config_Data Before:" # jq '.api_definition.config_data' $file # echo "Replacing with:" - echo ${{ secrets.STG_US_CONFIG_DATA }} | sed 's/./& /g' - echo ${{ secrets.STG_US_CONFIG_DATA }} - jq --arg config_data "${{ secrets.STG_US_CONFIG_DATA }}" '.api_definition.config_data = ($config_data | fromjson)' "$file" > tmp_api.json + # echo ${{ secrets.STG_US_CONFIG_DATA }} | sed 's/./& /g' + # echo ${{ secrets.STG_US_CONFIG_DATA }} + jq --arg config_data "$STG_US_CONFIG_DATA" '.api_definition.config_data = ($config_data | fromjson)' "$file" > tmp_api.json mv tmp_api.json $file echo "Updated config_data in $file" done @@ -146,24 +146,22 @@ jobs: # ls -la # Check for modified files - - name: Check for modified files - id: git-check + - name: Commit and Push Changes run: | - if [ -n "$(git status --porcelain)" ]; then - echo "modified=true" >> $GITHUB_ENV - else - echo "modified=false" >> $GITHUB_ENV - fi + # Configure Git + git config --global user.name "github-actions[bot]" + git config --global user.email "github-actions[bot]@users.noreply.github.com" - # Push changes to remote repository - - name: Commit and push changes - if: env.modified == 'true' - env: - ACTOR_NAME: ${{ github.actor }} - ACTOR_EMAIL: ${{ github.actor }}@users.noreply.github.com - run: | - git config --global user.name "$ACTOR_NAME" - git config --global user.email "$ACTOR_EMAIL" + # Add changes git add . - git commit -am "CI: Update staging assets" - git push \ No newline at end of file + + # Check if there are changes to commit + if git diff --cached --quiet; then + echo "No changes to commit." + else + # Commit changes + git commit -m "Copy files from staging to production" + + # Push changes + git push + fi \ No newline at end of file From 2c251aaa69d346f61c60bf1550d43b607861cb2f Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 13:17:45 -0400 Subject: [PATCH 16/38] print secret --- .github/workflows/tyk-staging.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/tyk-staging.yml b/.github/workflows/tyk-staging.yml index 084fcf9..d415d4d 100644 --- a/.github/workflows/tyk-staging.yml +++ b/.github/workflows/tyk-staging.yml @@ -76,8 +76,8 @@ jobs: # echo "Config_Data Before:" # jq '.api_definition.config_data' $file # echo "Replacing with:" - # echo ${{ secrets.STG_US_CONFIG_DATA }} | sed 's/./& /g' - # echo ${{ secrets.STG_US_CONFIG_DATA }} + echo ${{ secrets.STG_US_CONFIG_DATA }} | sed 's/./& /g' + echo ${{ secrets.STG_US_CONFIG_DATA }} jq --arg config_data "$STG_US_CONFIG_DATA" '.api_definition.config_data = ($config_data | fromjson)' "$file" > tmp_api.json mv tmp_api.json $file echo "Updated config_data in $file" @@ -131,11 +131,11 @@ jobs: # fi # done - # # Run linter and validation workflow - # - name: Run Linter for Staging Environment - # uses: ./.github/workflows/tyk-lint.yml - # with: - # environment: 'stg' + # Run linter and validation workflow + - name: Run Linter for Staging Environment + uses: ./.github/workflows/tyk-lint.yml + with: + environment: 'stg' # List repo content post sub # - name: 'List Repository Contents Post-Substitution' From 103c2c99bf8d20efda40752c26c73b680b0a5e93 Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 13:20:02 -0400 Subject: [PATCH 17/38] set the secret --- .github/workflows/tyk-staging.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/tyk-staging.yml b/.github/workflows/tyk-staging.yml index d415d4d..f8eb9bd 100644 --- a/.github/workflows/tyk-staging.yml +++ b/.github/workflows/tyk-staging.yml @@ -76,9 +76,9 @@ jobs: # echo "Config_Data Before:" # jq '.api_definition.config_data' $file # echo "Replacing with:" - echo ${{ secrets.STG_US_CONFIG_DATA }} | sed 's/./& /g' + echo ${{ secrets.STG_US_CONFIG_DATA }} | sed 's/./& /g' echo ${{ secrets.STG_US_CONFIG_DATA }} - jq --arg config_data "$STG_US_CONFIG_DATA" '.api_definition.config_data = ($config_data | fromjson)' "$file" > tmp_api.json + jq --arg config_data "${{ secrets.STG_US_CONFIG_DATA }}" '.api_definition.config_data = ($config_data | fromjson)' "$file" > tmp_api.json mv tmp_api.json $file echo "Updated config_data in $file" done From fb6dce88fc14fcce05c5979060b411e14a6ff4e5 Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 13:25:30 -0400 Subject: [PATCH 18/38] print directory contents --- .github/workflows/tyk-staging.yml | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/.github/workflows/tyk-staging.yml b/.github/workflows/tyk-staging.yml index f8eb9bd..1804131 100644 --- a/.github/workflows/tyk-staging.yml +++ b/.github/workflows/tyk-staging.yml @@ -131,20 +131,18 @@ jobs: # fi # done + # List repo content post sub + - name: 'List Repository Contents Post-Substitution' + run: | + pwd + ls -la + # Run linter and validation workflow - name: Run Linter for Staging Environment uses: ./.github/workflows/tyk-lint.yml with: environment: 'stg' - # List repo content post sub - # - name: 'List Repository Contents Post-Substitution' - # run: | - # cd stg - # pwd - # cat stg*.json | grep "target_url" - # ls -la - # Check for modified files - name: Commit and Push Changes run: | From 112b92779b9c922d4debd62c7d0cc17af6676ecc Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 13:33:24 -0400 Subject: [PATCH 19/38] seperate actions into jobs --- .github/workflows/tyk-staging.yml | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) diff --git a/.github/workflows/tyk-staging.yml b/.github/workflows/tyk-staging.yml index 1804131..5c90ea9 100644 --- a/.github/workflows/tyk-staging.yml +++ b/.github/workflows/tyk-staging.yml @@ -131,18 +131,26 @@ jobs: # fi # done - # List repo content post sub - - name: 'List Repository Contents Post-Substitution' - run: | - pwd - ls -la - - # Run linter and validation workflow + # # List repo content post sub + # - name: 'List Repository Contents Post-Substitution' + # run: | + # pwd + # ls .github/ -la + + # Run linter and validation workflow + tyk-lint: + runs-on: ubuntu-latest + + steps: - name: Run Linter for Staging Environment uses: ./.github/workflows/tyk-lint.yml with: - environment: 'stg' + environment: 'stg' + commit-stg-tyk-assets: + runs-on: ubuntu-latest + + steps: # Check for modified files - name: Commit and Push Changes run: | From e5bf7dd8f9f62ee27b506f63e2eba633197edfb7 Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 13:34:23 -0400 Subject: [PATCH 20/38] update workflow for staging --- .github/workflows/tyk-staging.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/tyk-staging.yml b/.github/workflows/tyk-staging.yml index 5c90ea9..5abcbf0 100644 --- a/.github/workflows/tyk-staging.yml +++ b/.github/workflows/tyk-staging.yml @@ -139,6 +139,7 @@ jobs: # Run linter and validation workflow tyk-lint: + needs: set-up-stg-tyk-assets runs-on: ubuntu-latest steps: @@ -148,6 +149,7 @@ jobs: environment: 'stg' commit-stg-tyk-assets: + needs: tyk-lint runs-on: ubuntu-latest steps: From bdd828d9aa4220ecfbe34f0697d5b1d8f455a90f Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 13:38:57 -0400 Subject: [PATCH 21/38] reworked the staging gitflow action --- .github/workflows/tyk-staging.yml | 25 ++++++++----------------- 1 file changed, 8 insertions(+), 17 deletions(-) diff --git a/.github/workflows/tyk-staging.yml b/.github/workflows/tyk-staging.yml index 5abcbf0..0cfe450 100644 --- a/.github/workflows/tyk-staging.yml +++ b/.github/workflows/tyk-staging.yml @@ -136,23 +136,7 @@ jobs: # run: | # pwd # ls .github/ -la - - # Run linter and validation workflow - tyk-lint: - needs: set-up-stg-tyk-assets - runs-on: ubuntu-latest - - steps: - - name: Run Linter for Staging Environment - uses: ./.github/workflows/tyk-lint.yml - with: - environment: 'stg' - commit-stg-tyk-assets: - needs: tyk-lint - runs-on: ubuntu-latest - - steps: # Check for modified files - name: Commit and Push Changes run: | @@ -172,4 +156,11 @@ jobs: # Push changes git push - fi \ No newline at end of file + fi + + # Run linter and validation workflow + tyk-lint: + needs: set-up-stg-tyk-assets + uses: ./.github/workflows/tyk-lint.yml + with: + environment: 'stg' \ No newline at end of file From d728b13219d614a9edc75dad992487f5913118a3 Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 13:41:39 -0400 Subject: [PATCH 22/38] update branch --- .github/workflows/tyk-staging.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/tyk-staging.yml b/.github/workflows/tyk-staging.yml index 0cfe450..706901c 100644 --- a/.github/workflows/tyk-staging.yml +++ b/.github/workflows/tyk-staging.yml @@ -144,6 +144,9 @@ jobs: git config --global user.name "github-actions[bot]" git config --global user.email "github-actions[bot]@users.noreply.github.com" + # CHeckout branch + git checkout main + # Add changes git add . From fddf1e39a863ec338946a8f0e56b38352dcc33d7 Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 13:43:22 -0400 Subject: [PATCH 23/38] remove the commit --- .github/workflows/tyk-staging.yml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/.github/workflows/tyk-staging.yml b/.github/workflows/tyk-staging.yml index 706901c..dc017ba 100644 --- a/.github/workflows/tyk-staging.yml +++ b/.github/workflows/tyk-staging.yml @@ -16,8 +16,6 @@ jobs: # Check out the current repo and fetch only the current commits (JTBD) - name: 'Checkout Repository' uses: actions/checkout@v4 - with: - fetch-depth: 1 # List the content that exists within the repo to validate the files - name: 'List Repository Contents' @@ -144,9 +142,6 @@ jobs: git config --global user.name "github-actions[bot]" git config --global user.email "github-actions[bot]@users.noreply.github.com" - # CHeckout branch - git checkout main - # Add changes git add . From e6d6d17b6ed438ba048eceeb74e6791813677e74 Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 13:46:21 -0400 Subject: [PATCH 24/38] remove fetch-depth --- .github/workflows/tyk-env-promotion.yml | 2 -- .github/workflows/tyk-lint.yml | 2 -- .github/workflows/tyk-production.yml | 2 -- 3 files changed, 6 deletions(-) diff --git a/.github/workflows/tyk-env-promotion.yml b/.github/workflows/tyk-env-promotion.yml index 7ec48db..65476f1 100644 --- a/.github/workflows/tyk-env-promotion.yml +++ b/.github/workflows/tyk-env-promotion.yml @@ -18,8 +18,6 @@ jobs: # Check out the current repo and fetch only the current commits (JTBD) - name: 'Checkout Repository' uses: actions/checkout@v4 - with: - fetch-depth: 1 # - name: Create .tyk.json # run: | diff --git a/.github/workflows/tyk-lint.yml b/.github/workflows/tyk-lint.yml index 77ef0e4..7652f9c 100644 --- a/.github/workflows/tyk-lint.yml +++ b/.github/workflows/tyk-lint.yml @@ -25,8 +25,6 @@ jobs: # Check out the current repo and fetch only the current commits (JTBD) - name: 'Checkout Repository' uses: actions/checkout@v4 - with: - fetch-depth: 1 # List the content that exists within the repo to validate the files - name: 'List Repository Contents' diff --git a/.github/workflows/tyk-production.yml b/.github/workflows/tyk-production.yml index 019fd5f..9ff1e35 100644 --- a/.github/workflows/tyk-production.yml +++ b/.github/workflows/tyk-production.yml @@ -19,8 +19,6 @@ jobs: # Check out the current repo and fetch only the current commits (JTBD) - name: 'Checkout Repository' uses: actions/checkout@v4 - with: - fetch-depth: 1 - name: 'Perform workflow to generate production assets' run: | From 5640151d9902c23c0f20ef8723faa5df5d42dca2 Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 13:49:54 -0400 Subject: [PATCH 25/38] add fetch depth 0 --- .github/workflows/tyk-staging.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/tyk-staging.yml b/.github/workflows/tyk-staging.yml index dc017ba..744a7e3 100644 --- a/.github/workflows/tyk-staging.yml +++ b/.github/workflows/tyk-staging.yml @@ -16,6 +16,8 @@ jobs: # Check out the current repo and fetch only the current commits (JTBD) - name: 'Checkout Repository' uses: actions/checkout@v4 + with: + fetch-depth: 0 # List the content that exists within the repo to validate the files - name: 'List Repository Contents' From fb1948439c16ed2280cf35e34f68306dcc4623ff Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 13:52:23 -0400 Subject: [PATCH 26/38] added git branch command --- .github/workflows/tyk-staging.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/tyk-staging.yml b/.github/workflows/tyk-staging.yml index 744a7e3..f2d99e3 100644 --- a/.github/workflows/tyk-staging.yml +++ b/.github/workflows/tyk-staging.yml @@ -16,8 +16,6 @@ jobs: # Check out the current repo and fetch only the current commits (JTBD) - name: 'Checkout Repository' uses: actions/checkout@v4 - with: - fetch-depth: 0 # List the content that exists within the repo to validate the files - name: 'List Repository Contents' @@ -144,6 +142,8 @@ jobs: git config --global user.name "github-actions[bot]" git config --global user.email "github-actions[bot]@users.noreply.github.com" + git branch + # Add changes git add . From f67758a2557231cd6d23a879589bf5f5ca4ebd36 Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 13:55:50 -0400 Subject: [PATCH 27/38] added git status command --- .github/workflows/tyk-staging.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/tyk-staging.yml b/.github/workflows/tyk-staging.yml index f2d99e3..5d57628 100644 --- a/.github/workflows/tyk-staging.yml +++ b/.github/workflows/tyk-staging.yml @@ -143,6 +143,7 @@ jobs: git config --global user.email "github-actions[bot]@users.noreply.github.com" git branch + git status # Add changes git add . From c65c69fc0d6af43438508488e8d53d3d4f3e6a78 Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 13:58:26 -0400 Subject: [PATCH 28/38] add commit to push to ref head --- .github/workflows/tyk-staging.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/tyk-staging.yml b/.github/workflows/tyk-staging.yml index 5d57628..c18ee6f 100644 --- a/.github/workflows/tyk-staging.yml +++ b/.github/workflows/tyk-staging.yml @@ -144,6 +144,9 @@ jobs: git branch git status + + # Check out the current pull request branch + git checkout ${{ github.head_ref }} # Add changes git add . @@ -156,7 +159,7 @@ jobs: git commit -m "Copy files from staging to production" # Push changes - git push + git push origin ${{ github.head_ref }} fi # Run linter and validation workflow From 246fc7369c671c12ac13d02e2f701530cadd7fd8 Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 14:03:01 -0400 Subject: [PATCH 29/38] blah blah --- .github/workflows/tyk-staging.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/workflows/tyk-staging.yml b/.github/workflows/tyk-staging.yml index c18ee6f..e524f99 100644 --- a/.github/workflows/tyk-staging.yml +++ b/.github/workflows/tyk-staging.yml @@ -145,12 +145,17 @@ jobs: git branch git status - # Check out the current pull request branch + # Fetch the branch for the pull request + git fetch origin ${{ github.head_ref }} + # Check out the branch git checkout ${{ github.head_ref }} # Add changes git add . + git status + + # Check if there are changes to commit if git diff --cached --quiet; then echo "No changes to commit." From c652d989f879289b198e546bd44a31f4122a2e36 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 16 Sep 2024 18:04:13 +0000 Subject: [PATCH 30/38] Copy files from staging to production --- ...-api-2399f2e90953469d50245a7e1c77813e.json | 491 ++++++++++++++++++ 1 file changed, 491 insertions(+) create mode 100644 stg/apis/stg-api-2399f2e90953469d50245a7e1c77813e.json diff --git a/stg/apis/stg-api-2399f2e90953469d50245a7e1c77813e.json b/stg/apis/stg-api-2399f2e90953469d50245a7e1c77813e.json new file mode 100644 index 0000000..7e66f7c --- /dev/null +++ b/stg/apis/stg-api-2399f2e90953469d50245a7e1c77813e.json @@ -0,0 +1,491 @@ +{ + "api_definition": { + "id": "66e1f6076e83c700014095a8", + "name": "httpbin-v1", + "slug": "temp", + "listen_port": 0, + "protocol": "", + "enable_proxy_protocol": false, + "api_id": "2399f2e90953469d50245a7e1c77813e", + "org_id": "5e9d9544a1dcd60001d0ed20", + "use_keyless": false, + "use_oauth2": false, + "use_openid": false, + "openid_options": { + "providers": [], + "segregate_by_client": false + }, + "oauth_meta": { + "allowed_access_types": [], + "allowed_authorize_types": [], + "auth_login_redirect": "" + }, + "auth": { + "name": "", + "use_param": false, + "param_name": "", + "use_cookie": false, + "cookie_name": "", + "disable_header": false, + "auth_header_name": "Authorization", + "use_certificate": false, + "validate_signature": false, + "signature": { + "algorithm": "", + "header": "", + "use_param": false, + "param_name": "", + "secret": "", + "allowed_clock_skew": 0, + "error_code": 0, + "error_message": "" + } + }, + "auth_configs": { + "authToken": { + "name": "", + "use_param": false, + "param_name": "", + "use_cookie": false, + "cookie_name": "", + "disable_header": false, + "auth_header_name": "Authorization", + "use_certificate": false, + "validate_signature": false, + "signature": { + "algorithm": "", + "header": "", + "use_param": false, + "param_name": "", + "secret": "", + "allowed_clock_skew": 0, + "error_code": 0, + "error_message": "" + } + }, + "basic": { + "name": "", + "use_param": false, + "param_name": "", + "use_cookie": false, + "cookie_name": "", + "disable_header": false, + "auth_header_name": "Authorization", + "use_certificate": false, + "validate_signature": false, + "signature": { + "algorithm": "", + "header": "", + "use_param": false, + "param_name": "", + "secret": "", + "allowed_clock_skew": 0, + "error_code": 0, + "error_message": "" + } + }, + "coprocess": { + "name": "", + "use_param": false, + "param_name": "", + "use_cookie": false, + "cookie_name": "", + "disable_header": false, + "auth_header_name": "Authorization", + "use_certificate": false, + "validate_signature": false, + "signature": { + "algorithm": "", + "header": "", + "use_param": false, + "param_name": "", + "secret": "", + "allowed_clock_skew": 0, + "error_code": 0, + "error_message": "" + } + }, + "hmac": { + "name": "", + "use_param": false, + "param_name": "", + "use_cookie": false, + "cookie_name": "", + "disable_header": false, + "auth_header_name": "Authorization", + "use_certificate": false, + "validate_signature": false, + "signature": { + "algorithm": "", + "header": "", + "use_param": false, + "param_name": "", + "secret": "", + "allowed_clock_skew": 0, + "error_code": 0, + "error_message": "" + } + }, + "jwt": { + "name": "", + "use_param": false, + "param_name": "", + "use_cookie": false, + "cookie_name": "", + "disable_header": false, + "auth_header_name": "Authorization", + "use_certificate": false, + "validate_signature": false, + "signature": { + "algorithm": "", + "header": "", + "use_param": false, + "param_name": "", + "secret": "", + "allowed_clock_skew": 0, + "error_code": 0, + "error_message": "" + } + }, + "oauth": { + "name": "", + "use_param": false, + "param_name": "", + "use_cookie": false, + "cookie_name": "", + "disable_header": false, + "auth_header_name": "Authorization", + "use_certificate": false, + "validate_signature": false, + "signature": { + "algorithm": "", + "header": "", + "use_param": false, + "param_name": "", + "secret": "", + "allowed_clock_skew": 0, + "error_code": 0, + "error_message": "" + } + }, + "oidc": { + "name": "", + "use_param": false, + "param_name": "", + "use_cookie": false, + "cookie_name": "", + "disable_header": false, + "auth_header_name": "Authorization", + "use_certificate": false, + "validate_signature": false, + "signature": { + "algorithm": "", + "header": "", + "use_param": false, + "param_name": "", + "secret": "", + "allowed_clock_skew": 0, + "error_code": 0, + "error_message": "" + } + } + }, + "use_basic_auth": false, + "basic_auth": { + "disable_caching": false, + "cache_ttl": 0, + "extract_from_body": false, + "body_user_regexp": "", + "body_password_regexp": "" + }, + "use_mutual_tls_auth": false, + "client_certificates": [], + "upstream_certificates": {}, + "pinned_public_keys": {}, + "enable_jwt": true, + "use_standard_auth": true, + "use_go_plugin_auth": false, + "enable_coprocess_auth": false, + "custom_plugin_auth_enabled": false, + "jwt_signing_method": "", + "jwt_source": "", + "jwt_identity_base_field": "", + "jwt_client_base_field": "", + "jwt_policy_field_name": "", + "jwt_default_policies": [], + "jwt_issued_at_validation_skew": 0, + "jwt_expires_at_validation_skew": 0, + "jwt_not_before_validation_skew": 0, + "jwt_skip_kid": false, + "idp_client_id_mapping_disabled": false, + "jwt_scope_to_policy_mapping": {}, + "jwt_scope_claim_name": "", + "notifications": { + "shared_secret": "", + "oauth_on_keychange_url": "" + }, + "enable_signature_checking": false, + "hmac_allowed_clock_skew": -1, + "hmac_allowed_algorithms": [], + "request_signing": { + "is_enabled": false, + "secret": "", + "key_id": "", + "algorithm": "", + "header_list": [], + "certificate_id": "", + "signature_header": "" + }, + "base_identity_provided_by": "", + "definition": { + "enabled": false, + "name": "", + "default": "", + "location": "header", + "key": "x-api-version", + "strip_path": false, + "strip_versioning_data": false, + "url_versioning_pattern": "", + "fallback_to_default": false, + "versions": {} + }, + "version_data": { + "not_versioned": true, + "default_version": "", + "versions": { + "Default": { + "name": "Default", + "expires": "", + "paths": { + "ignored": [], + "white_list": [], + "black_list": [] + }, + "use_extended_paths": true, + "extended_paths": { + "persist_graphql": [], + "rate_limit": [] + }, + "global_headers": {}, + "global_headers_remove": [], + "global_headers_disabled": false, + "global_response_headers": {}, + "global_response_headers_remove": [], + "global_response_headers_disabled": false, + "ignore_endpoint_case": false, + "global_size_limit": 0, + "override_target": "" + } + } + }, + "uptime_tests": { + "check_list": [], + "config": { + "expire_utime_after": 0, + "service_discovery": { + "use_discovery_service": false, + "query_endpoint": "", + "use_nested_query": false, + "parent_data_path": "", + "data_path": "", + "port_data_path": "", + "target_path": "", + "use_target_list": false, + "cache_disabled": false, + "cache_timeout": 60, + "endpoint_returns_list": false + }, + "recheck_wait": 0 + } + }, + "proxy": { + "preserve_host_header": false, + "listen_path": "/httpbin/", + "target_url": "http://httpbin.org/", + "disable_strip_slash": true, + "strip_listen_path": true, + "enable_load_balancing": false, + "target_list": [], + "check_host_against_uptime_tests": false, + "service_discovery": { + "use_discovery_service": false, + "query_endpoint": "", + "use_nested_query": false, + "parent_data_path": "", + "data_path": "", + "port_data_path": "", + "target_path": "", + "use_target_list": false, + "cache_disabled": false, + "cache_timeout": 0, + "endpoint_returns_list": false + }, + "transport": { + "ssl_insecure_skip_verify": false, + "ssl_ciphers": [], + "ssl_min_version": 0, + "ssl_max_version": 0, + "ssl_force_common_name_check": false, + "proxy_url": "" + } + }, + "disable_rate_limit": false, + "disable_quota": false, + "custom_middleware": { + "pre": [], + "post": [], + "post_key_auth": [], + "auth_check": { + "disabled": false, + "name": "", + "path": "", + "require_session": false, + "raw_body_only": false + }, + "response": [], + "driver": "", + "id_extractor": { + "disabled": false, + "extract_from": "", + "extract_with": "", + "extractor_config": {} + } + }, + "custom_middleware_bundle": "", + "custom_middleware_bundle_disabled": false, + "cache_options": { + "cache_timeout": 60, + "enable_cache": true, + "cache_all_safe_requests": false, + "cache_response_codes": [], + "enable_upstream_cache_control": false, + "cache_control_ttl_header": "", + "cache_by_headers": [] + }, + "session_lifetime": 0, + "active": true, + "internal": false, + "auth_provider": { + "name": "", + "storage_engine": "", + "meta": {} + }, + "session_provider": { + "name": "", + "storage_engine": "", + "meta": {} + }, + "event_handlers": { + "events": {} + }, + "enable_batch_request_support": false, + "enable_ip_whitelisting": false, + "allowed_ips": [], + "enable_ip_blacklisting": false, + "blacklisted_ips": [], + "dont_set_quota_on_create": false, + "expire_analytics_after": 0, + "response_processors": [], + "CORS": { + "enable": false, + "allowed_origins": [ + "*" + ], + "allowed_methods": [ + "GET", + "POST", + "HEAD" + ], + "allowed_headers": [ + "Origin", + "Accept", + "Content-Type", + "X-Requested-With", + "Authorization" + ], + "exposed_headers": [], + "allow_credentials": false, + "max_age": 24, + "options_passthrough": false, + "debug": false + }, + "domain": "", + "certificates": [], + "do_not_track": false, + "enable_context_vars": false, + "config_data": { + "routes": { + "default": "https://stg.httpbin.com", + "stg1": "https://stg1.httpbin.com", + "stg2": "https://stg2.httpbin.com" + } + }, + "config_data_disabled": false, + "tag_headers": [], + "global_rate_limit": { + "disabled": false, + "rate": 0, + "per": 0 + }, + "strip_auth_data": false, + "enable_detailed_recording": true, + "graphql": { + "enabled": false, + "execution_mode": "proxyOnly", + "version": "2", + "schema": "", + "type_field_configurations": [], + "playground": { + "enabled": false, + "path": "" + }, + "engine": { + "field_configs": [], + "data_sources": [], + "global_headers": [] + }, + "proxy": { + "features": { + "use_immutable_headers": true + }, + "auth_headers": {}, + "request_headers": {}, + "use_response_extensions": { + "on_error_forwarding": false + }, + "request_headers_rewrite": {} + }, + "subgraph": { + "sdl": "" + }, + "supergraph": { + "subgraphs": [], + "merged_sdl": "", + "global_headers": {}, + "disable_query_batching": false + }, + "introspection": { + "disabled": false + } + }, + "tags": [], + "detailed_tracing": false, + "scopes": { + "jwt": {}, + "oidc": {} + }, + "analytics_plugin": {}, + "external_oauth": { + "enabled": false, + "providers": [] + } + }, + "hook_references": [], + "is_site": false, + "sort_by": 0, + "user_group_owners": [], + "user_owners": [], + "proxy": { + "target_url": "us-stg-example.com" + } +} From 878314225462ccc63458bf26a1819c8180bac3a8 Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 14:17:30 -0400 Subject: [PATCH 31/38] built out prod workflow --- .github/workflows/tyk-dev.yml | 4 +- .github/workflows/tyk-production.yml | 211 +++++++++++++++++++++------ .github/workflows/tyk-staging.yml | 5 +- README.md | 7 + 4 files changed, 174 insertions(+), 53 deletions(-) diff --git a/.github/workflows/tyk-dev.yml b/.github/workflows/tyk-dev.yml index 65cc374..67587d6 100644 --- a/.github/workflows/tyk-dev.yml +++ b/.github/workflows/tyk-dev.yml @@ -13,14 +13,14 @@ on: jobs: # Run linter and validation workflow - tyk-lint: + tyk-set-up-dev: uses: ./.github/workflows/tyk-lint.yml with: environment: 'dev' # Set up staging APIs and Policies if the Dev assets pass the linter / validation tyk-set-up-staging: - needs: tyk-lint + needs: tyk-set-up-dev uses: ./.github/workflows/tyk-staging.yml secrets: inherit diff --git a/.github/workflows/tyk-production.yml b/.github/workflows/tyk-production.yml index 9ff1e35..ab8afbe 100644 --- a/.github/workflows/tyk-production.yml +++ b/.github/workflows/tyk-production.yml @@ -1,55 +1,172 @@ -# Please refer to staging for an example on automating production level assets. -name: Generate Production Tyk Assets +# Basic env promotion with GH secret store substituion triggered on successful PR reviews and approval with a push to main branch. +# This workflow will substitution env specific values for both prod and prod and deploy them as required. +name: Generate Prod Tyk Assets # Perform the env promotion only on push to main branch on: workflow_dispatch: workflow_call: -permissions: - contents: write - actions: read - checks: write - jobs: - set-up-prod-tyk-assets: - runs-on: ubuntu-latest - - steps: - # Check out the current repo and fetch only the current commits (JTBD) - - name: 'Checkout Repository' - uses: actions/checkout@v4 - - - name: 'Perform workflow to generate production assets' - run: | - echo "Hello, World!" + # Set up prod assets + set-up-prod-tyk-assets: + runs-on: ubuntu-latest + + steps: + # Check out the current repo and fetch only the current commits (JTBD) + - name: 'Checkout Repository' + uses: actions/checkout@v4 + + # List the content that exists within the repo to validate the files + - name: 'List Repository Contents' + run: | + ls -la + pwd + cd dev + ls -la + + # Install JQ library used to introspect the API and Policy definitions + - name: 'Install JQ Library' + uses: dcarbone/install-jq-action@v2 + - name: 'Check JQ Library' + run: | + which jq + jq --version + + # Create prod directory if needed + - name: "Create prod directory" + run: | + if [ ! -d prod ]; then + mkdir prod + echo "Created 'prod' directory." + else + echo "'prod' directory already exists." + fi + + # Substitute with prod specific environment variables + - name: Replace proxy.target_url in JSON files + env: + PROD_US_PROXY_TARGET_URL: ${{ secrets.PROD_US_PROXY_TARGET_URL }} + run: | + cd ./dev + for file in $(find . -name "api*.json"); do + echo "Processing Tyk Classic API Definition: $file" + # Create a new file path in the prod directory with a prod- prefix + new_file="prod-$(basename "$file")" + # Replace proxy.target_url with the GitHub secret value and write to the new file + echo ${{ secrets.PROD_US_PROXY_TARGET_URL }} | sed 's/./& /g' + jq --arg url "$PROD_US_PROXY_TARGET_URL" '.proxy.target_url = $url' "$file" > "../prod/apis/$new_file" + echo "Updated target_url in $new_file" + done + # List the content that exists within the repo to validate the files + + # Substitute config_data with Prod Version + - name: Replace config_data with Prod Version + env: + PROD_US_CONFIG_DATA: ${{ secrets.PROD_US_CONFIG_DATA }} + run: | + # cd ./prod + # ls -la + # pwd + # Tyk Classic API Definitions + for file in $(find . -name "prod-api*.json"); do + echo "Adding config_data to Tyk Classic API Definition: $file" + # echo "Config_Data Before:" + # jq '.api_definition.config_data' $file + # echo "Replacing with:" + echo ${{ secrets.PROD_US_CONFIG_DATA }} | sed 's/./& /g' + echo ${{ secrets.PROD_US_CONFIG_DATA }} + jq --arg config_data "${{ secrets.PROD_US_CONFIG_DATA }}" '.api_definition.config_data = ($config_data | fromjson)' "$file" > tmp_api.json + mv tmp_api.json $file + echo "Updated config_data in $file" + done + # OAS Definitions + # for file in $(find . -name "prod*oas*.json"); do + # echo "Processing Tyk OAS Definitions" + # # Create a new file path in the prod directory with a prod- prefix + # new_file="prod-$(basename "$file")" + # echo "Config_Data Before:" + # cat $file | jq '.oas["x-tyk-api-gateway"].middleware.global.pluginConfig.data.value' + # #echo "Replacing with:" + # #cat $PROD_US_CONFIG_DATA + # #cat $PROD_US_CONFIG_DATA | sed 's/./& /g' + # jq --arg config_data "$PROD_US_CONFIG_DATA" '.oas["x-tyk-api-gateway"].middleware.global.pluginConfig.data.value = ($config_data | fromjson)' "$file" > tmp_api.json mv temp.oas $file + # # "../prod/$new_file" + # done + + # Substitute mTLS Root Certificate(s) with Prod Version + - name: Replace mTLS Root Certificates(s) with Prod Version + env: + PROD_US_MTLS_ROOT_CERT: ${{ secrets.PROD_US_MTLS_ROOT_CERT }} + run: | + cd ./prod + # Tyk Classic API Definitions + for file in $(find . -name "prod-api*.json"); do + mtls_api=$(jq '.api_definition.use_mutual_tls_auth' $file) + if [ "$mtls_api" = "true" ]; then + echo "Adding root cert(s) to Tyk Classic Definition: $file" + jq --arg root_cert "$PROD_US_MTLS_ROOT_CERT" '.api_definition.client_certificates = ($root_cert)' "$file" > tmp_api.json + mv tmp_api.json $file + echo "Updated root cert(s) in $file" + fi + done + # OAS Definitions + # for file in $(find . -name "*oas*.json"); do + # echo "Processing Tyk OAS Definitions" + # # Create a new file path in the prod directory with a prod- prefix + # # new_file="prod-$(basename "$file")" + # # Check if .oas["x-tyk-api-gateway"].server.clientCertificates.enabled is true + # ENABLED=$(jq '.oas["x-tyk-api-gateway"].server.clientCertificates.enabled' "$file") + # echo $ENABLED + # if [ "$ENABLED" = "true" ]; then + # echo "Certificate AllowList Before:" + # cat $file | jq '.oas["x-tyk-api-gateway"].server.clientCertificates.allowlist' + # echo "Replacing with:" + # echo $PROD_US_MTLS_ROOT_CERT | sed 's/./& /g' + # jq --arg root_cert "$PROD_US_MTLS_ROOT_CERT" '.oas["x-tyk-api-gateway"].server.clientCertificates.allowlist = ($root_cert | fromjson)' "$file" > tmp.json && mv tmp.json $file + # else + # echo "Client Certificates are not enabled. No changes made." + # fi + # done + + # # List repo content post sub + # - name: 'List Repository Contents Post-Substitution' + # run: | + # pwd + # ls .github/ -la + + # Check for modified files + - name: Commit and Push Changes + run: | + # Configure Git + git config --global user.name "github-actions[bot]" + git config --global user.email "github-actions[bot]@users.noreply.github.com" + + git branch + git status + + # Fetch the branch for the pull request + git fetch origin ${{ github.head_ref }} + # Check out the branch + git checkout ${{ github.head_ref }} + + # Add changes + git add . + + # Check if there are changes to commit + if git diff --cached --quiet; then + echo "No changes to commit." + else + # Commit changes + git commit -m "Copy files from staging to production" - # # Check for modified files - # - name: Check for modified files - # id: git-check - # run: | - # if [ -n "$(git status --porcelain)" ]; then - # echo "modified=true" >> $GITHUB_ENV - # else - # echo "modified=false" >> $GITHUB_ENV - # fi - - # # Push changes to remote repository - # - name: Commit changes - # if: env.modified == 'true' - # env: - # ORG_NAME: ${{ secrets.ORG_NAME }} - # ORG_EMAIL: ${{ secrets.ORG_EMAIL }} - # run: | - # git config --global user.name "$ORG_NAME" - # git config --global user.email "$ORG_EMAIL" - # git add . - # git commit -am "CI: Update staging assets" - # git push - - # # Promote to staging env - # tyk-env-promotion: - # uses: ./.github/workflows/tyk-env-promotion.yml - # with: - # environment: 'stg' - \ No newline at end of file + # Push changes + git push origin ${{ github.head_ref }} + fi + + # Run linter and validation workflow + tyk-lint: + needs: set-up-prod-tyk-assets + uses: ./.github/workflows/tyk-lint.yml + with: + environment: 'prod' \ No newline at end of file diff --git a/.github/workflows/tyk-staging.yml b/.github/workflows/tyk-staging.yml index e524f99..b0576f5 100644 --- a/.github/workflows/tyk-staging.yml +++ b/.github/workflows/tyk-staging.yml @@ -153,15 +153,12 @@ jobs: # Add changes git add . - git status - - # Check if there are changes to commit if git diff --cached --quiet; then echo "No changes to commit." else # Commit changes - git commit -m "Copy files from staging to production" + git commit -m "Copy files from dev to staging" # Push changes git push origin ${{ github.head_ref }} diff --git a/README.md b/README.md index 0a6978b..7a2c814 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,13 @@ # tyk-cicd-dev-demo Demo of CICD using Tyk Sync and GH Actions +Configuration Example +``` +STG_US_CONFIG_DATA={\"routes\": {\"default\": \"https://stg.httpbin.com\",\"stg1\": \"https://stg1.httpbin.com\",\"stg2\": \"https://stg2.httpbin.com\"}} +STG_US_PROXY_TARGET_URL=http://httpbin.org/get?env=stg +PROD_US_CONFIG_DATA={\"routes\": {\"default\": \"https://prod.httpbin.com\",\"prod1\": \"https://prod1.httpbin.com\",\"prod2\": \"https://prod2.httpbin.com\"}} +PROD_US_PROXY_TARGET_URL=http://httpbin.org/get?env=prod +``` Tyk Sync Dump Command Example ``` From 87d8dd1d0fd098a2d1d5f065057fb22deb1df266 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 16 Sep 2024 18:18:56 +0000 Subject: [PATCH 32/38] Copy files from dev to staging --- stg/apis/stg-api-2399f2e90953469d50245a7e1c77813e.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stg/apis/stg-api-2399f2e90953469d50245a7e1c77813e.json b/stg/apis/stg-api-2399f2e90953469d50245a7e1c77813e.json index 7e66f7c..37f8989 100644 --- a/stg/apis/stg-api-2399f2e90953469d50245a7e1c77813e.json +++ b/stg/apis/stg-api-2399f2e90953469d50245a7e1c77813e.json @@ -486,6 +486,6 @@ "user_group_owners": [], "user_owners": [], "proxy": { - "target_url": "us-stg-example.com" + "target_url": "http://httpbin.org/get?env=stg" } } From 3d2931b1f2fa7f84428c4b2ae6532a8240ad29c4 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 16 Sep 2024 18:20:11 +0000 Subject: [PATCH 33/38] Copy files from staging to production --- ...-api-2399f2e90953469d50245a7e1c77813e.json | 491 ++++++++++++++++++ 1 file changed, 491 insertions(+) create mode 100644 prod/apis/prod-api-2399f2e90953469d50245a7e1c77813e.json diff --git a/prod/apis/prod-api-2399f2e90953469d50245a7e1c77813e.json b/prod/apis/prod-api-2399f2e90953469d50245a7e1c77813e.json new file mode 100644 index 0000000..58a6783 --- /dev/null +++ b/prod/apis/prod-api-2399f2e90953469d50245a7e1c77813e.json @@ -0,0 +1,491 @@ +{ + "api_definition": { + "id": "66e1f6076e83c700014095a8", + "name": "httpbin-v1", + "slug": "temp", + "listen_port": 0, + "protocol": "", + "enable_proxy_protocol": false, + "api_id": "2399f2e90953469d50245a7e1c77813e", + "org_id": "5e9d9544a1dcd60001d0ed20", + "use_keyless": false, + "use_oauth2": false, + "use_openid": false, + "openid_options": { + "providers": [], + "segregate_by_client": false + }, + "oauth_meta": { + "allowed_access_types": [], + "allowed_authorize_types": [], + "auth_login_redirect": "" + }, + "auth": { + "name": "", + "use_param": false, + "param_name": "", + "use_cookie": false, + "cookie_name": "", + "disable_header": false, + "auth_header_name": "Authorization", + "use_certificate": false, + "validate_signature": false, + "signature": { + "algorithm": "", + "header": "", + "use_param": false, + "param_name": "", + "secret": "", + "allowed_clock_skew": 0, + "error_code": 0, + "error_message": "" + } + }, + "auth_configs": { + "authToken": { + "name": "", + "use_param": false, + "param_name": "", + "use_cookie": false, + "cookie_name": "", + "disable_header": false, + "auth_header_name": "Authorization", + "use_certificate": false, + "validate_signature": false, + "signature": { + "algorithm": "", + "header": "", + "use_param": false, + "param_name": "", + "secret": "", + "allowed_clock_skew": 0, + "error_code": 0, + "error_message": "" + } + }, + "basic": { + "name": "", + "use_param": false, + "param_name": "", + "use_cookie": false, + "cookie_name": "", + "disable_header": false, + "auth_header_name": "Authorization", + "use_certificate": false, + "validate_signature": false, + "signature": { + "algorithm": "", + "header": "", + "use_param": false, + "param_name": "", + "secret": "", + "allowed_clock_skew": 0, + "error_code": 0, + "error_message": "" + } + }, + "coprocess": { + "name": "", + "use_param": false, + "param_name": "", + "use_cookie": false, + "cookie_name": "", + "disable_header": false, + "auth_header_name": "Authorization", + "use_certificate": false, + "validate_signature": false, + "signature": { + "algorithm": "", + "header": "", + "use_param": false, + "param_name": "", + "secret": "", + "allowed_clock_skew": 0, + "error_code": 0, + "error_message": "" + } + }, + "hmac": { + "name": "", + "use_param": false, + "param_name": "", + "use_cookie": false, + "cookie_name": "", + "disable_header": false, + "auth_header_name": "Authorization", + "use_certificate": false, + "validate_signature": false, + "signature": { + "algorithm": "", + "header": "", + "use_param": false, + "param_name": "", + "secret": "", + "allowed_clock_skew": 0, + "error_code": 0, + "error_message": "" + } + }, + "jwt": { + "name": "", + "use_param": false, + "param_name": "", + "use_cookie": false, + "cookie_name": "", + "disable_header": false, + "auth_header_name": "Authorization", + "use_certificate": false, + "validate_signature": false, + "signature": { + "algorithm": "", + "header": "", + "use_param": false, + "param_name": "", + "secret": "", + "allowed_clock_skew": 0, + "error_code": 0, + "error_message": "" + } + }, + "oauth": { + "name": "", + "use_param": false, + "param_name": "", + "use_cookie": false, + "cookie_name": "", + "disable_header": false, + "auth_header_name": "Authorization", + "use_certificate": false, + "validate_signature": false, + "signature": { + "algorithm": "", + "header": "", + "use_param": false, + "param_name": "", + "secret": "", + "allowed_clock_skew": 0, + "error_code": 0, + "error_message": "" + } + }, + "oidc": { + "name": "", + "use_param": false, + "param_name": "", + "use_cookie": false, + "cookie_name": "", + "disable_header": false, + "auth_header_name": "Authorization", + "use_certificate": false, + "validate_signature": false, + "signature": { + "algorithm": "", + "header": "", + "use_param": false, + "param_name": "", + "secret": "", + "allowed_clock_skew": 0, + "error_code": 0, + "error_message": "" + } + } + }, + "use_basic_auth": false, + "basic_auth": { + "disable_caching": false, + "cache_ttl": 0, + "extract_from_body": false, + "body_user_regexp": "", + "body_password_regexp": "" + }, + "use_mutual_tls_auth": false, + "client_certificates": [], + "upstream_certificates": {}, + "pinned_public_keys": {}, + "enable_jwt": true, + "use_standard_auth": true, + "use_go_plugin_auth": false, + "enable_coprocess_auth": false, + "custom_plugin_auth_enabled": false, + "jwt_signing_method": "", + "jwt_source": "", + "jwt_identity_base_field": "", + "jwt_client_base_field": "", + "jwt_policy_field_name": "", + "jwt_default_policies": [], + "jwt_issued_at_validation_skew": 0, + "jwt_expires_at_validation_skew": 0, + "jwt_not_before_validation_skew": 0, + "jwt_skip_kid": false, + "idp_client_id_mapping_disabled": false, + "jwt_scope_to_policy_mapping": {}, + "jwt_scope_claim_name": "", + "notifications": { + "shared_secret": "", + "oauth_on_keychange_url": "" + }, + "enable_signature_checking": false, + "hmac_allowed_clock_skew": -1, + "hmac_allowed_algorithms": [], + "request_signing": { + "is_enabled": false, + "secret": "", + "key_id": "", + "algorithm": "", + "header_list": [], + "certificate_id": "", + "signature_header": "" + }, + "base_identity_provided_by": "", + "definition": { + "enabled": false, + "name": "", + "default": "", + "location": "header", + "key": "x-api-version", + "strip_path": false, + "strip_versioning_data": false, + "url_versioning_pattern": "", + "fallback_to_default": false, + "versions": {} + }, + "version_data": { + "not_versioned": true, + "default_version": "", + "versions": { + "Default": { + "name": "Default", + "expires": "", + "paths": { + "ignored": [], + "white_list": [], + "black_list": [] + }, + "use_extended_paths": true, + "extended_paths": { + "persist_graphql": [], + "rate_limit": [] + }, + "global_headers": {}, + "global_headers_remove": [], + "global_headers_disabled": false, + "global_response_headers": {}, + "global_response_headers_remove": [], + "global_response_headers_disabled": false, + "ignore_endpoint_case": false, + "global_size_limit": 0, + "override_target": "" + } + } + }, + "uptime_tests": { + "check_list": [], + "config": { + "expire_utime_after": 0, + "service_discovery": { + "use_discovery_service": false, + "query_endpoint": "", + "use_nested_query": false, + "parent_data_path": "", + "data_path": "", + "port_data_path": "", + "target_path": "", + "use_target_list": false, + "cache_disabled": false, + "cache_timeout": 60, + "endpoint_returns_list": false + }, + "recheck_wait": 0 + } + }, + "proxy": { + "preserve_host_header": false, + "listen_path": "/httpbin/", + "target_url": "http://httpbin.org/", + "disable_strip_slash": true, + "strip_listen_path": true, + "enable_load_balancing": false, + "target_list": [], + "check_host_against_uptime_tests": false, + "service_discovery": { + "use_discovery_service": false, + "query_endpoint": "", + "use_nested_query": false, + "parent_data_path": "", + "data_path": "", + "port_data_path": "", + "target_path": "", + "use_target_list": false, + "cache_disabled": false, + "cache_timeout": 0, + "endpoint_returns_list": false + }, + "transport": { + "ssl_insecure_skip_verify": false, + "ssl_ciphers": [], + "ssl_min_version": 0, + "ssl_max_version": 0, + "ssl_force_common_name_check": false, + "proxy_url": "" + } + }, + "disable_rate_limit": false, + "disable_quota": false, + "custom_middleware": { + "pre": [], + "post": [], + "post_key_auth": [], + "auth_check": { + "disabled": false, + "name": "", + "path": "", + "require_session": false, + "raw_body_only": false + }, + "response": [], + "driver": "", + "id_extractor": { + "disabled": false, + "extract_from": "", + "extract_with": "", + "extractor_config": {} + } + }, + "custom_middleware_bundle": "", + "custom_middleware_bundle_disabled": false, + "cache_options": { + "cache_timeout": 60, + "enable_cache": true, + "cache_all_safe_requests": false, + "cache_response_codes": [], + "enable_upstream_cache_control": false, + "cache_control_ttl_header": "", + "cache_by_headers": [] + }, + "session_lifetime": 0, + "active": true, + "internal": false, + "auth_provider": { + "name": "", + "storage_engine": "", + "meta": {} + }, + "session_provider": { + "name": "", + "storage_engine": "", + "meta": {} + }, + "event_handlers": { + "events": {} + }, + "enable_batch_request_support": false, + "enable_ip_whitelisting": false, + "allowed_ips": [], + "enable_ip_blacklisting": false, + "blacklisted_ips": [], + "dont_set_quota_on_create": false, + "expire_analytics_after": 0, + "response_processors": [], + "CORS": { + "enable": false, + "allowed_origins": [ + "*" + ], + "allowed_methods": [ + "GET", + "POST", + "HEAD" + ], + "allowed_headers": [ + "Origin", + "Accept", + "Content-Type", + "X-Requested-With", + "Authorization" + ], + "exposed_headers": [], + "allow_credentials": false, + "max_age": 24, + "options_passthrough": false, + "debug": false + }, + "domain": "", + "certificates": [], + "do_not_track": false, + "enable_context_vars": false, + "config_data": { + "routes": { + "default": "https://prod.httpbin.com", + "prod1": "https://prod1.httpbin.com", + "prod2": "https://prod2.httpbin.com" + } + }, + "config_data_disabled": false, + "tag_headers": [], + "global_rate_limit": { + "disabled": false, + "rate": 0, + "per": 0 + }, + "strip_auth_data": false, + "enable_detailed_recording": true, + "graphql": { + "enabled": false, + "execution_mode": "proxyOnly", + "version": "2", + "schema": "", + "type_field_configurations": [], + "playground": { + "enabled": false, + "path": "" + }, + "engine": { + "field_configs": [], + "data_sources": [], + "global_headers": [] + }, + "proxy": { + "features": { + "use_immutable_headers": true + }, + "auth_headers": {}, + "request_headers": {}, + "use_response_extensions": { + "on_error_forwarding": false + }, + "request_headers_rewrite": {} + }, + "subgraph": { + "sdl": "" + }, + "supergraph": { + "subgraphs": [], + "merged_sdl": "", + "global_headers": {}, + "disable_query_batching": false + }, + "introspection": { + "disabled": false + } + }, + "tags": [], + "detailed_tracing": false, + "scopes": { + "jwt": {}, + "oidc": {} + }, + "analytics_plugin": {}, + "external_oauth": { + "enabled": false, + "providers": [] + } + }, + "hook_references": [], + "is_site": false, + "sort_by": 0, + "user_group_owners": [], + "user_owners": [], + "proxy": { + "target_url": "http://httpbin.org/get?env=prod" + } +} From 04a11fadca44e9b3da38c036eacbdb1277055a01 Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 14:27:25 -0400 Subject: [PATCH 34/38] split dev into it's on workflow --- .github/workflows/tyk-assets-cicd.yml | 31 +++++++++++++++++ .github/workflows/tyk-dev.yml | 50 +++++++++++++-------------- .github/workflows/tyk-production.yml | 6 ++-- .github/workflows/tyk-staging.yml | 7 ++-- 4 files changed, 61 insertions(+), 33 deletions(-) create mode 100644 .github/workflows/tyk-assets-cicd.yml diff --git a/.github/workflows/tyk-assets-cicd.yml b/.github/workflows/tyk-assets-cicd.yml new file mode 100644 index 0000000..6209ed0 --- /dev/null +++ b/.github/workflows/tyk-assets-cicd.yml @@ -0,0 +1,31 @@ +# Tyk developer pipeline -- perform validation and linting of API definitions and policies if needed for dev env APIs. +# This dev workflow will triggered if any PRs have been made specifically to the dev directory. +name: Tyk Development Workflow + +# Execute workflow on dev pull requests +on: + pull_request: + paths: + - 'dev/**' + push: + paths: + - 'dev/**' + +jobs: + # Run linter and validation workflow + tyk-dev-env: + uses: ./.github/workflows/tyk-lint.yml + with: + environment: 'dev' + + # Set up staging APIs and Policies if the Dev assets pass the linter / validation + tyk-staging-env: + needs: tyk-dev-env + uses: ./.github/workflows/tyk-staging.yml + secrets: inherit + + # Set up prod APIs and Policies if the Dev assets pass the linter / validation + tyk-prod-env: + needs: tyk-staging-env + uses: ./.github/workflows/tyk-production.yml + secrets: inherit \ No newline at end of file diff --git a/.github/workflows/tyk-dev.yml b/.github/workflows/tyk-dev.yml index 67587d6..fff52ab 100644 --- a/.github/workflows/tyk-dev.yml +++ b/.github/workflows/tyk-dev.yml @@ -1,31 +1,31 @@ -# Tyk developer pipeline -- perform validation and linting of API definitions and policies if needed for dev env APIs. -# This dev workflow will triggered if any PRs have been made specifically to the dev directory. -name: Tyk Development Workflow +# Basic env promotion with GH secret store substituion triggered on successful PR reviews and approval with a push to main branch. +# This workflow will substitution env specific values for both dev and prod and deploy them as required. +name: Generate Development Tyk Assets -# Execute workflow on dev pull requests +# Perform the env promotion only on push to main branch on: - pull_request: - paths: - - 'dev/**' - push: - paths: - - 'dev/**' + workflow_dispatch: + workflow_call: jobs: - # Run linter and validation workflow - tyk-set-up-dev: - uses: ./.github/workflows/tyk-lint.yml - with: - environment: 'dev' + # Set up development assets + set-up-dev-tyk-assets: + runs-on: ubuntu-latest - # Set up staging APIs and Policies if the Dev assets pass the linter / validation - tyk-set-up-staging: - needs: tyk-set-up-dev - uses: ./.github/workflows/tyk-staging.yml - secrets: inherit + steps: + # Check out the current repo and fetch only the current commits (JTBD) + - name: 'Checkout Repository' + uses: actions/checkout@v4 + + # List the content that exists within the repo to validate the files + - name: 'List Repository Contents' + run: | + cd dev + ls -Rla - # Set up prod APIs and Policies if the Dev assets pass the linter / validation - tyk-set-up-prod: - needs: tyk-set-up-staging - uses: ./.github/workflows/tyk-production.yml - secrets: inherit \ No newline at end of file + # Run linter and validation workflow + tyk-lint: + needs: set-up-dev-tyk-assets + uses: ./.github/workflows/tyk-lint.yml + with: + environment: 'dev' \ No newline at end of file diff --git a/.github/workflows/tyk-production.yml b/.github/workflows/tyk-production.yml index ab8afbe..df80999 100644 --- a/.github/workflows/tyk-production.yml +++ b/.github/workflows/tyk-production.yml @@ -20,10 +20,8 @@ jobs: # List the content that exists within the repo to validate the files - name: 'List Repository Contents' run: | - ls -la - pwd - cd dev - ls -la + cd prod + ls -Rla # Install JQ library used to introspect the API and Policy definitions - name: 'Install JQ Library' diff --git a/.github/workflows/tyk-staging.yml b/.github/workflows/tyk-staging.yml index b0576f5..2d09f5e 100644 --- a/.github/workflows/tyk-staging.yml +++ b/.github/workflows/tyk-staging.yml @@ -20,10 +20,9 @@ jobs: # List the content that exists within the repo to validate the files - name: 'List Repository Contents' run: | - ls -la - pwd - cd dev - ls -la + cd stg + ls -Rla + # Install JQ library used to introspect the API and Policy definitions - name: 'Install JQ Library' From e9b82ebf0f47e5de8c1f8756a81895e0f63ed09e Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 14:30:12 -0400 Subject: [PATCH 35/38] update API Definition --- dev/apis/api-2399f2e90953469d50245a7e1c77813e.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dev/apis/api-2399f2e90953469d50245a7e1c77813e.json b/dev/apis/api-2399f2e90953469d50245a7e1c77813e.json index 200d2aa..e5275ba 100644 --- a/dev/apis/api-2399f2e90953469d50245a7e1c77813e.json +++ b/dev/apis/api-2399f2e90953469d50245a7e1c77813e.json @@ -1,7 +1,7 @@ { "api_definition": { "id": "66e1f6076e83c700014095a8", - "name": "httpbin-v1", + "name": "httpbin-v2", "slug": "temp", "listen_port": 0, "protocol": "", From 78caccee68d9be40e75c3534e1c7568fb1e81c92 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 16 Sep 2024 18:31:03 +0000 Subject: [PATCH 36/38] Copy files from dev to staging --- stg/apis/stg-api-2399f2e90953469d50245a7e1c77813e.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stg/apis/stg-api-2399f2e90953469d50245a7e1c77813e.json b/stg/apis/stg-api-2399f2e90953469d50245a7e1c77813e.json index 37f8989..a76e3cc 100644 --- a/stg/apis/stg-api-2399f2e90953469d50245a7e1c77813e.json +++ b/stg/apis/stg-api-2399f2e90953469d50245a7e1c77813e.json @@ -1,7 +1,7 @@ { "api_definition": { "id": "66e1f6076e83c700014095a8", - "name": "httpbin-v1", + "name": "httpbin-v2", "slug": "temp", "listen_port": 0, "protocol": "", From 1e085d80d1da14295a61de8e3380e35bdf7e9a7d Mon Sep 17 00:00:00 2001 From: Long Le Date: Mon, 16 Sep 2024 14:34:02 -0400 Subject: [PATCH 37/38] added pull command --- .github/workflows/tyk-production.yml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/.github/workflows/tyk-production.yml b/.github/workflows/tyk-production.yml index df80999..80a2220 100644 --- a/.github/workflows/tyk-production.yml +++ b/.github/workflows/tyk-production.yml @@ -139,17 +139,21 @@ jobs: # Configure Git git config --global user.name "github-actions[bot]" git config --global user.email "github-actions[bot]@users.noreply.github.com" - - git branch - git status # Fetch the branch for the pull request git fetch origin ${{ github.head_ref }} # Check out the branch git checkout ${{ github.head_ref }} + # Check current branch + git branch + + # Pull latest changes + git pull + # Add changes git add . + git status # Check if there are changes to commit if git diff --cached --quiet; then From 06ad374e90ad7d9af1295bcb49e0af028b8c3e76 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Mon, 16 Sep 2024 18:36:17 +0000 Subject: [PATCH 38/38] Copy files from staging to production --- prod/apis/prod-api-2399f2e90953469d50245a7e1c77813e.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/prod/apis/prod-api-2399f2e90953469d50245a7e1c77813e.json b/prod/apis/prod-api-2399f2e90953469d50245a7e1c77813e.json index 58a6783..f7d9414 100644 --- a/prod/apis/prod-api-2399f2e90953469d50245a7e1c77813e.json +++ b/prod/apis/prod-api-2399f2e90953469d50245a7e1c77813e.json @@ -1,7 +1,7 @@ { "api_definition": { "id": "66e1f6076e83c700014095a8", - "name": "httpbin-v1", + "name": "httpbin-v2", "slug": "temp", "listen_port": 0, "protocol": "",