near · kmaus-near · Aug 7, 2024 · Aug 8, 2024 · Aug 8, 2024
diff --git a/.dockerignore b/.dockerignore
@@ -0,0 +1,4 @@
+node_modules
+dist
+npm-debug.log
+.env
diff --git a/.gitignore b/.gitignore
@@ -1,4 +1,5 @@
 node_modules/
 dist/
 
-.env
+.env
+.terraform*
diff --git a/Dockerfile.test b/Dockerfile.test
@@ -0,0 +1,23 @@
+# Use the official Node.js image as the base image
+FROM node:16-alpine
+
+# Set the working directory in the container
+WORKDIR /app
+
+# Copy package.json and package-lock.json
+COPY package*.json ./
+
+# Install dependencies
+RUN npm install
+
+# Copy the rest of the application code
+COPY . .
+
+# Build the TypeScript code
+RUN npm run build
+
+# Specify the command to run the application
+CMD ["node", "dist/server.js"]
+
+# Expose the port the app runs on
+EXPOSE 3000
diff --git a/infra/dev/main.tf b/infra/dev/main.tf
@@ -0,0 +1,118 @@
+locals {
+  static_envs = {
+  }
+}
+
+resource "google_service_account" "service_account" {
+  account_id   = "contract-ping-dev"
+  display_name = "contract-pinger-dev"
+}
+
+resource "google_project_iam_member" "sa-roles" {
+  for_each = toset([
+    "roles/run.invoker",
+    "roles/secretmanager.admin",
+    "roles/storage.objectAdmin",
+    "roles/logging.logWriter",
+  ])
+
+  role     = each.key
+  member   = "serviceAccount:${google_service_account.service_account.email}"
+   project = var.project_id
+}
+
+resource "google_cloud_run_service" "contract_ping" {
+  provider                   = google-beta
+  name                       = "contract-pinger-dev"
+  location                   = "us-central1"
+  project                    = var.project_id
+  autogenerate_revision_name = true
+
+  template {
+    spec {
+      service_account_name = "contract-ping-dev@pagoda-discovery-platform-dev.iam.gserviceaccount.com"
+      containers {
+        args  = ["node", "dist/server.js"]
+        image = "us-east1-docker.pkg.dev/pagoda-discovery-platform-dev/multichain/tools/contract-ping:latest"
+        ports {
+          name           = "http1"
+          container_port = 3000
+        }
+        dynamic "env" {
+          for_each = local.static_envs
+          content {
+            name  = env.key
+            value = env.value
+          }
+        }
+        env {
+          name = "NEXT_PUBLIC_NEAR_ACCOUNT_ID"
+          value_from {
+            secret_key_ref {
+              name = "contract_ping_near_account_id"
+              key  = "latest"
+            }
+          }
+        }
+        env {
+          name = "NEXT_PUBLIC_NEAR_PRIVATE_KEY"
+          value_from {
+            secret_key_ref {
+              name = "contract_ping_near_private_key"
+              key  = "latest"
+            }
+          }
+        }
+        env {
+          name = "NEXT_PUBLIC_CHAIN_SIGNATURE_CONTRACT"
+          value_from {
+            secret_key_ref {
+              name = "contract_ping_chain_sig_dev_contract_testnet"
+              key  = "latest"
+            }
+          }
+        }
+      }
+    }
+    metadata {
+      annotations = {
+        "autoscaling.knative.dev/minScale"        = "1"
+        "run.googleapis.com/cpu-throttling"       = false
+        # "run.googleapis.com/vpc-access-connector" = "projects/pagoda-shared-infrastructure/locations/us-central1/connectors/dev-connector"
+        # "run.googleapis.com/vpc-access-egress"    = "all-traffic"
+      }
+    }
+  }
+  traffic {
+    percent         = 100
+    latest_revision = true
+  }
+
+  lifecycle {
+    # List of fields we don't want to see a diff for in terraform. Most of these fields are set
+    # by GCP and is metadata we don't want to account when considering changes in the service.
+    ignore_changes = [
+      template[0].metadata[0].labels["client.knative.dev/nonce"],
+      template[0].metadata[0].labels["run.googleapis.com/startupProbeType"],
+      template[0].metadata[0].annotations["run.googleapis.com/client-name"],
+    ]
+  }
+  depends_on = [ google_service_account.service_account ]
+}
+
+data "google_iam_policy" "noauth" {
+  binding {
+    role = "roles/run.invoker"
+    members = [
+      "allUsers",
+    ]
+  }
+}
+
+resource "google_cloud_run_service_iam_policy" "noauth" {
+  location    = google_cloud_run_service.contract_ping.location
+  project     = google_cloud_run_service.contract_ping.project
+  service     = google_cloud_run_service.contract_ping.name
+
+  policy_data = data.google_iam_policy.noauth.policy_data
+}
diff --git a/infra/dev/resources.tf b/infra/dev/resources.tf
@@ -0,0 +1,15 @@
+terraform {
+  backend "gcs" {
+    bucket = "multichain-terraform-dev"
+    prefix = "state/tools/contract-ping"
+  }
+}
+
+provider "google" {
+  project = "pagoda-discovery-platform-dev"
+}
+
+provider "google" {
+  project = "pagoda-shared-infrastructure"
+  alias   = "something"
+}
diff --git a/infra/dev/variables.tf b/infra/dev/variables.tf
@@ -0,0 +1,4 @@
+variable "project_id" {
+  default     = "pagoda-discovery-platform-dev"
+  description = "The default project id to use for resources in this directory."
+}
diff --git a/infra/prod/mainnet.tf b/infra/prod/mainnet.tf
@@ -0,0 +1,120 @@
+locals {
+  static_envs_mainnet = {
+    "NEXT_PUBLIC_NETWORK_ID": "mainnet"
+  }
+
+}
+
+resource "google_service_account" "service_account_mainnet" {
+  account_id   = "contract-ping-mainnet"
+  display_name = "contract-pinger-mainnet"
+}
+
+resource "google_project_iam_member" "sa-roles_mainnet" {
+  for_each = toset([
+    "roles/run.invoker",
+    "roles/secretmanager.admin",
+    "roles/storage.objectAdmin",
+    "roles/logging.logWriter",
+  ])
+
+  role     = each.key
+  member   = "serviceAccount:${google_service_account.service_account_mainnet.email}"
+   project = var.project_id
+}
+
+resource "google_cloud_run_service" "contract_ping_mainnet" {
+  provider                   = google-beta
+  name                       = "contract-pinger-mainnet"
+  location                   = "us-central1"
+  project                    = var.project_id
+  autogenerate_revision_name = true
+
+  template {
+    spec {
+      service_account_name = "contract-ping-mainnet@pagoda-discovery-platform-prod.iam.gserviceaccount.com"
+      containers {
+        args  = ["node", "dist/server.js"]
+        image = "us-east1-docker.pkg.dev/pagoda-discovery-platform-prod/multichain/tools/contract-ping:latest"
+        ports {
+          name           = "http1"
+          container_port = 3000
+        }
+        dynamic "env" {
+          for_each = local.static_envs_mainnet
+          content {
+            name  = env.key
+            value = env.value
+          }
+        }
+        env {
+          name = "NEXT_PUBLIC_NEAR_ACCOUNT_ID"
+          value_from {
+            secret_key_ref {
+              name = "contract_ping_near_account_id_mainnet"
+              key  = "latest"
+            }
+          }
+        }
+        env {
+          name = "NEXT_PUBLIC_NEAR_PRIVATE_KEY"
+          value_from {
+            secret_key_ref {
+              name = "contract_ping_near_private_key_mainnet"
+              key  = "latest"
+            }
+          }
+        }
+        env {
+          name = "NEXT_PUBLIC_CHAIN_SIGNATURE_CONTRACT"
+          value_from {
+            secret_key_ref {
+              name = "contract_ping_chain_sig_contract_mainnet"
+              key  = "latest"
+            }
+          }
+        }
+      }
+    }
+    metadata {
+      annotations = {
+        "autoscaling.knative.dev/minScale"        = "1"
+        "run.googleapis.com/cpu-throttling"       = false
+        # "run.googleapis.com/vpc-access-connector" = "projects/pagoda-shared-infrastructure/locations/us-central1/connectors/dev-connector"
+        # "run.googleapis.com/vpc-access-egress"    = "all-traffic"
+      }
+    }
+  }
+  traffic {
+    percent         = 100
+    latest_revision = true
+  }
+
+  lifecycle {
+    # List of fields we don't want to see a diff for in terraform. Most of these fields are set
+    # by GCP and is metadata we don't want to account when considering changes in the service.
+    ignore_changes = [
+      template[0].metadata[0].labels["client.knative.dev/nonce"],
+      template[0].metadata[0].labels["run.googleapis.com/startupProbeType"],
+      template[0].metadata[0].annotations["run.googleapis.com/client-name"],
+    ]
+  }
+  depends_on = [ google_service_account.service_account_mainnet ]
+}
+
+data "google_iam_policy" "noauth_mainnet" {
+  binding {
+    role = "roles/run.invoker"
+    members = [
+      "allUsers",
+    ]
+  }
+}
+
+resource "google_cloud_run_service_iam_policy" "noauth_mainnet" {
+  location    = google_cloud_run_service.contract_ping_mainnet.location
+  project     = google_cloud_run_service.contract_ping_mainnet.project
+  service     = google_cloud_run_service.contract_ping_mainnet.name
+
+  policy_data = data.google_iam_policy.noauth_mainnet.policy_data
+}
diff --git a/infra/prod/resources.tf b/infra/prod/resources.tf
@@ -0,0 +1,15 @@
+terraform {
+  backend "gcs" {
+    bucket = "terraform-prod-multichain"
+    prefix = "state/tools/contract-ping"
+  }
+}
+
+provider "google" {
+  project = "pagoda-discovery-platform-prod"
+}
+
+provider "google" {
+  project = "pagoda-shared-infrastructure"
+  alias   = "something"
+}