Merge pull request #161 from CodeForPhilly/157-offline-dev

Author: prestoncabe

.devboxrc.example

@@ -0,0 +1,31 @@
+# Commands you put here will run every time you enter the `devbox shell` or
+# run other devbox commands (like `devbox run` or `devbox services`).
+
+# IMPORTANT:
+# - don't use this file for environment variables; use .env instead.
+# - `devbox services` runs in a basic sh shell, so only put POSIX-compliant
+#   shell commands here (e.g. no bash-specific syntax) (unless you check for bash).
+
+
+# Tab completion for tools managed by devbox
+# if [ -n "$BASH_VERSION" ]; then
+#   eval "$(quarkus completion)"
+
+  # Some tools install their bash completions to this directory
+  # if [ -d .devbox/nix/profile/default/share/bash-completion/completions ]; then
+  #   for completion in .devbox/nix/profile/default/share/bash-completion/completions/*; do
+  #     [ -f "$completion" ] && source "$completion"
+  #   done
+  # fi
+
+  # NOTE: for tab completion of devbox itself, put the following in your ~/.bashrc, etc:
+  # source <(devbox completion bash)
+# fi
+
+
+# Disable or workaround tools that might interfere with devbox
+# command -v mise >/dev/null && mise deactivate # interferes with PATH
+
+
+# Project-specific aliases
+# alias dup="devbox services up"

.devcontainer/Dockerfile

@@ -0,0 +1,15 @@
+FROM jetpackio/devbox:latest
+
+# Installing your devbox project
+WORKDIR /code
+USER root:root
+RUN mkdir -p /code && chown ${DEVBOX_USER}:${DEVBOX_USER} /code
+USER ${DEVBOX_USER}:${DEVBOX_USER}
+COPY --chown=${DEVBOX_USER}:${DEVBOX_USER} devbox.json devbox.json
+COPY --chown=${DEVBOX_USER}:${DEVBOX_USER} devbox.lock devbox.lock
+COPY --chown=${DEVBOX_USER}:${DEVBOX_USER} .env.example .env
+
+
+RUN devbox run -- echo "Installed Packages." && nix-store --gc && nix-store --optimise
+
+RUN devbox shellenv --init-hook >> ~/.profile

.devcontainer/devcontainer.json

@@ -0,0 +1,17 @@
+{
+  "name": "Devbox Remote Container",
+  "build": {
+    "dockerfile": "./Dockerfile",
+    "context": ".."
+  },
+  "postCreateCommand": "bin/ensure-root-env-file && devbox run setup",
+  "customizations": {
+    "vscode": {
+      "settings": {},
+      "extensions": [
+        "jetpack-io.devbox"
+      ]
+    }
+  },
+  "remoteUser": "devbox"
+}

.env.example

@@ -0,0 +1,6 @@
+QUARKUS_GOOGLE_CLOUD_PROJECT_ID="demo-bdt-dev"
+QUARKUS_GOOGLE_CLOUD_FIREBASE_AUTH_EMULATOR_HOST="localhost:9099"
+QUARKUS_GOOGLE_CLOUD_STORAGE_HOST_OVERRIDE="http://127.0.0.1:9199"
+GCS_BUCKET_NAME="demo-bdt-dev.appspot.com"
+FIRESTORE_EMULATOR_HOST="127.0.0.1:8080"
+

.envrc

@@ -15,4 +15,4 @@
     }
   },
   "etags": {}
-}
+}

.firebaserc

@@ -1,40 +1,16 @@
-# This workflow build and push a Docker container to Google Artifact Registry
-# and deploy it on Cloud Run when a commit is pushed to the "main"
-# branch.
-#
-# To configure this workflow:
-#
-# 1. Enable the following Google Cloud APIs:
-#
-#    - Artifact Registry (artifactregistry.googleapis.com)
-#    - Cloud Run (run.googleapis.com)
-#    - IAM Credentials API (iamcredentials.googleapis.com)
-#
-#    You can learn more about enabling APIs at
-#    https://support.google.com/googleapi/answer/6158841.
-#
-# 2. Create and configure a Workload Identity Provider for GitHub:
-#    https://github.com/google-github-actions/auth#preferred-direct-workload-identity-federation.
-#
-#    Depending on how you authenticate, you will need to grant an IAM principal
-#    permissions on Google Cloud:
-#
-#    - Artifact Registry Administrator (roles/artifactregistry.admin)
-#    - Cloud Run Developer (roles/run.developer)
-#
-#    You can learn more about setting IAM permissions at
-#    https://cloud.google.com/iam/docs/manage-access-other-resources
-#
-# 3. Change the values in the "env" block to match your values.
+# This workflow uses devbox for dependency management and builds/deploys the builder API
+# to Cloud Run when a commit is pushed to the "main" branch.
 
-name: 'Build and Deploy to Cloud Run'
+name: 'Build and Deploy Builder API to Cloud Run'
 
 on:
   push:
     branches:
       - main
     paths:
       - 'builder-api/**'
+      - 'devbox.json'
+      - 'devbox.lock'
 
 env:
   PROJECT_ID: 'benefit-decision-toolkit-play'
@@ -53,43 +29,39 @@ jobs:
 
     steps:
       - name: 'Checkout'
-        uses: 'actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332' # actions/checkout@v4
-    
-        
-      # Configure Workload Identity Federation and generate an access token.
-      #
-      # See https://github.com/google-github-actions/auth for more options,
-      # including authenticating via a JSON credentials file.
+        uses: 'actions/checkout@v4'
+
+      # Devbox needs a .env file to exist, even if it's empty
+      # TODO: Make this useful in this and other workflows by just consolidating env vars
+      #       here (so that we don't need to manage multiple places)
+      - name: 'Create .env file'
+        run: touch .env
+
+      # Setup devbox which includes all our dependencies: Maven, JDK 21, Quarkus, etc.
+      - name: 'Install devbox'
+        uses: 'jetify-com/[email protected]'
+        with:
+          enable-cache: true
+
+      # Configure Workload Identity Federation and generate an access token
       - id: 'auth'
         name: 'Authenticate to Google Cloud'
         uses: 'google-github-actions/auth@v2'
         with:
           workload_identity_provider: '${{ env.WORKLOAD_IDENTITY_PROVIDER }}'
           service_account: cicd-build-deploy-api@benefit-decision-toolkit-play.iam.gserviceaccount.com
           project_id: ${{ env.PROJECT_ID }}
-          
-      - name: 'Set up Cloud SDK'
-        uses: 'google-github-actions/setup-gcloud@v2'
-      
-      # BEGIN - Docker auth and build
 
-      # Configure Docker to use gcloud as a credential helper
+      # Configure Docker to use gcloud as a credential helper (using devbox gcloud)
       - name: 'Configure Docker'
         run: |
-          gcloud auth configure-docker ${{ env.REGION }}-docker.pkg.dev
-          
-      # Download Java version
-      - name: Set up Java 21
-        uses: actions/setup-java@v3
-        with:
-          distribution: temurin
-          java-version: 21
+          devbox run -- gcloud auth configure-docker ${{ env.REGION }}-docker.pkg.dev
 
-      # Build the Quarkus app with Maven
+      # Build the Quarkus app with Maven using devbox environment
       - name: 'Build Quarkus App'
         working-directory: builder-api
         run: |
-          ./mvnw package -DskipTests
+          devbox run build-builder-api-ci
 
       - name: 'Build and Push Container'
         working-directory: builder-api
@@ -99,21 +71,18 @@ jobs:
           docker push "${DOCKER_TAG}"
 
       - name: 'Deploy to Cloud Run'
-
-        # END - Docker auth and build
-
-        uses: 'google-github-actions/deploy-cloudrun@33553064113a37d688aa6937bacbdc481580be17' # google-github-actions/deploy-cloudrun@v2
+        uses: 'google-github-actions/deploy-cloudrun@v2'
         with:
           service: '${{ env.API_NAME }}'
           region: '${{ env.REGION }}'
-          # NOTE: If using a pre-built image, update the image name below:
-
           image: '${{ env.REGION }}-docker.pkg.dev/${{ env.PROJECT_ID }}/${{ env.SERVICE }}/${{ env.API_NAME }}:latest'
           service_account: 'builder-api-service-account@${{ env.PROJECT_ID }}.iam.gserviceaccount.com'
           flags: '--allow-unauthenticated --max-instances=2'
+          env_vars: |
+            QUARKUS_GOOGLE_CLOUD_PROJECT_ID=${{ env.PROJECT_ID }}
+            GCS_BUCKET_NAME=${{ env.PROJECT_ID }}.firebasestorage.app
 
       # If required, use the Cloud Run URL output in later steps
       - name: 'Show output'
-        run: |2-
-
-          echo ${{ steps.deploy.outputs.url }}
+        run: |
+          echo ${{ steps.deploy.outputs.url }}

.github/workflows/deploy-builder-api.yml

@@ -1,11 +1,16 @@
-name: Build and Deploy to Firebase Hosting
+# This workflow uses devbox for dependency management and builds/deploys the builder frontend
+# to Firebase Hosting when a commit is pushed to the "main" branch.
+
+name: 'Build and Deploy Builder Frontend to Firebase Hosting'
 
 on:
   push:
     branches:
       - main
     paths:
       - 'builder-frontend/**'
+      - 'devbox.json'
+      - 'devbox.lock'
 
 env:
   PROJECT_ID: 'benefit-decision-toolkit-play'
@@ -24,10 +29,17 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@v4
 
-      # Configure Workload Identity Federation and generate an access token.
-      #
-      # See https://github.com/google-github-actions/auth for more options,
-      # including authenticating via a JSON credentials file.
+        # Devbox needs a .env file to exist, even if it's empty
+      - name: 'Create .env file'
+        run: touch .env
+
+      # Setup devbox which includes Node.js, Firebase CLI, and Google Cloud SDK
+      - name: 'Install devbox'
+        uses: 'jetify-com/[email protected]'
+        with:
+          enable-cache: true
+
+      # Configure Workload Identity Federation and generate an access token
       - id: 'auth'
         name: 'Authenticate to Google Cloud'
         uses: 'google-github-actions/auth@v2'
@@ -36,28 +48,21 @@ jobs:
           service_account: cicd-build-deploy-api@benefit-decision-toolkit-play.iam.gserviceaccount.com
           project_id: ${{ env.PROJECT_ID }}
 
-      - name: Setup Node.js
-        uses: actions/setup-node@v4
-        with:
-          node-version: '18'
-
       - name: Cache node modules
-        uses: actions/cache@v3
+        uses: actions/cache@v4
         with:
           path: builder-frontend/node_modules
           key: ${{ runner.os }}-node-${{ hashFiles('builder-frontend/package-lock.json') }}
           restore-keys: |
             ${{ runner.os }}-node-
-          cache: 'npm'
-          cache-dependency-path: 'builder-frontend/package-lock.json'
 
       - name: Install dependencies
         working-directory: builder-frontend
-        run: npm ci
+        run: devbox run install-builder-frontend-ci
 
       - name: Build application
         working-directory: builder-frontend
-        run: npm run build
+        run: devbox run build-builder-frontend-ci
         env:
           VITE_API_URL: ${{ secrets.VITE_API_URL}}
           VITE_SCREENER_BASE_URL: ${{ secrets.VITE_SCREENER_BASE_URL}}
@@ -69,8 +74,5 @@ jobs:
           VITE_APP_ID: ${{ secrets.VITE_APP_ID}}
           VITE_MEASUREMENT_ID: ${{ secrets.VITE_MEASUREMENT_ID}}
 
-      - name: Install Firebase CLI
-        run: npm install -g firebase-tools
-
       - name: Deploy to Firebase Hosting
-        run: firebase deploy --only hosting:builder-frontend
+        run: devbox run -- firebase deploy --only hosting:builder-frontend