hasura / hasura-cloud-preview-apps Goto Github PK

License: MIT License

TypeScript 99.36% JavaScript 0.64%

hasura-cloud-preview-apps's Introduction

Hasura Cloud Preview Apps

This action helps you manage Hasura Cloud preview apps on pull requests through the Hasura Cloud APIs. If you have a Hasura project with metadata and migrations in a Git repo, this enables you to get preview Hasura Cloud instances with the metadata and migrations automatically applied.

Hasura Cloud Preview apps are currently in beta

Sample usage

Create preview apps on pull requests

You can use the following action to set up preview apps on your pull requests.

name: 'hasura-cloud-preview'
on:
  pull_request:
    types: [open, reopen, synchronize]
    paths:
    	- hasura # path to the Hasura project directory in the repo
    branches:
      - main

jobs:
  preview:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - uses: hasura/[email protected]
        with:
          name: "project-name-pr-${{github.event.number}}" # name of the preview app to created
          hasuraProjectDirectoryPath: hasura # path to the Hasura project directory in the repo
          hasuraEnv: | # env vars exposed to the Hasura instance
           	HASURA_GRAPHQL_CORS_DOMAINS=http://my-site.com
           	PG_DATABASE_URL=${{secrets.PG_STRING}}
          postgresDBConfig: |
            POSTGRES_SERVER_CONNECTION_URI=${{secrets.PG_STRING}}
            PG_ENV_VARS_FOR_HASURA=PG_DB_URL_1,PG_DB_URL_2
        env:
          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} # ${{ secrets.GITHUB_TOKEN }} is provided by default by GitHub actions
          HASURA_CLOUD_ACCESS_TOKEN: ${{secrets.HASURA_CLOUD_ACCESS_TOKEN}} # Hasura Cloud access token to contact Hasura Cloud APIs

Deleting preview apps on pull request closure/merger

The following workflow can be used for deleting Hasura Cloud preview apps on closing/merging pull requests.

name: 'delete-hasura-cloud-preview'
on:
  pull_request:
    types: [closed]

jobs:
  delete:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - uses: hasura/[email protected]
        with:
          name: "project-name-pr-${{github.event.number}}" # name of the preview app to deleted
          delete: true
        env:
          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} # ${{ secrets.GITHUB_TOKEN }} is provided by default by GitHub actions
          HASURA_CLOUD_ACCESS_TOKEN: ${{secrets.HASURA_CLOUD_ACCESS_TOKEN}} # Hasura Cloud access token to contact Hasura Cloud APIs

Input

name: Name of the preview app to be created. This name must be unique for every pull request. You can construct it using the PR number that GitHub exposes ${{github.event.number}} or use any unique parameter of the pull request.
hasuraCloudProjectDirPath: (optional, default: "") Path to the Hasura project in the Git Repo.
region: (optional, default: "us-east-2") AWS region to deploy the Hasura Cloud preview app on. You can check the supported regions in the new project form at https://cloud.hasura.io/projects.
tier: (optional, default: "cloud_free") The tier of the the preview app. Use cloud_free for free tier and cloud_payg for Standard tier. A valid payment method is required at https://cloud.hasura.io/billing for creating Standard tier projects.
hasuraEnv: (optional, default: "") The environment variables that you want to set for the Hasura Cloud preview app. These must be KEY=value pairs with each env var on a new line. For example:
```
 hasuraEnv: | # env vars exposed to the Hasura instance
  HASURA_GRAPHQL_CORS_DOMAINS=http://my-site.com
  ENV_VAR_1=value1
  ENV_VAR_2=value2
```
delete: (optional, default: false) This must only be used in jobs where you want to delete the preview apps with the name given in the name field. Refer to the above sample usage for deleting preview apps on preview app closure/merger.
postgresDBConfig: This input accepts the connection URI of a postgres server and a comma-separated list of environment variables for the preview app that expect Postgres connection URIs. Given a Postgres server and a set of env vars, this action can create temporary databases in the postgres server and pass their connection strings to the given environment variables so that migrations can be applied on these freshly created databases. The format is as follows:
```
postgresDBConfig: | # postgres DB config for creating temporary databases
  POSTGRES_SERVER_CONNECTION_URI=${{secrets.PG_STRING}}
  PG_ENV_VARS_FOR_HASURA=PG_DB_URL_1,PG_DB_URL_2
```
This action constructs the database name from the provided preview app, followed by making DROP DATABASE IF EXISTS and CREATE DATABASE queries with the given credentials in the POSTGRES_SERVER_CONNECTION_URI.

Please make sure that this db config is also present in the deletion workflow so that this action also deletes the temporarily created databases when the PR is closed.

Using Postgres in SSL mode: To connect to Postgres in SSL mode, add the query parameter sslmode=require to your connection URI. Eg: postgres://postgres:postgres@pgserver:25060/defaultdb?sslmode=require

Env Vars

GITHUB_TOKEN: This env var is mandatory for Hasura Cloud to access the metadata and migrations from the branch of your Git repo. It is available in GitHub action by default in the ${{secrets.GITHUB_TOKEN}} secret.
HASURA_CLOUD_ACCESS_TOKEN: Hasura Cloud access token is mandatory for this GitHub action to contact the Hasura Cloud APIs.

Output Variables

This action outputs the following output variables that you can use in the subsequent steps of your workflow or for commenting on the pull request:

graphQLEndpoint: The GraphQL endpoint of the created Hasura preview app.
consoleURL: The URL to the console UI of the created Hasura preview app.
projectName: The name of the created Hasura preview app
projectId: The hasura cloud project ID of the created Hasura preview app

You can access these output variables and use this GitHub Action for commenting on the pull requests.

Reference:

Refer to Hasura Cloud docs to see how this works.

hasura-cloud-preview-apps's People

Contributors

Stargazers

Watchers

Forkers

purposity philigan ojaswadhwani meetzaveri ivorpad ngfgrant elba-security lumanu osdiab

hasura-cloud-preview-apps's Issues

Pushing to the same branch/PR again fails

Pushing to the same branch/PR again after being done with review fixes fails with the message
Error: Could not create ephemeral database(s). database <database_name> is being accessed by other users

I have a separate delete action but that only runs on PR close as suggested by docs.

Workflow File

on:
  pull_request:

jobs:
  preview:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - uses: hasura/[email protected]
        with:
          name: "preview-${{github.env.GITHUB_HEAD_REF}}${{github.event.number}}"
          postgresDBConfig: |
            POSTGRES_SERVER_CONNECTION_URI=${{secrets.POSTGRES_SERVER_CONNECTION_URI}}
            PG_ENV_VARS_FOR_HASURA=HASURA_GRAPHQL_DATABASE_URL
          hasuraProjectDirectoryPath: /hasura # path to the Hasura project directory in the repo
          region: us-west-1
          tier: cloud_free
          hasuraEnv: | # env vars exposed to the Hasura instance
            HASURA_GRAPHQL_UNAUTHORIZED_ROLE=anonymous
        env:
          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} # ${{ secrets.GITHUB_TOKEN }} is provided by default by GitHub actions
          HASURA_CLOUD_ACCESS_TOKEN: ${{secrets.HASURA_CLOUD_ACCESS_TOKEN}} # Hasura Cloud access

Please help fix this as soon as possible.

have an opinionated SSL policy

Heroku databases don't work due to SSL problems. We should figure out the right SSL policy for the pg server provided for ephemeral databases and document it accordingly.

Fetching metadata takes a really long time

Tried out this action, powering it with Neon branches instead of having the action make fresh databases; and it seems to take 4+ minutes to refetch the metadata (and also creates weird logs like in #57 ), which makes it a very slow and not-confidence-inducing preview app experience. Hope that this project gets built out better as per #132

Reusing a non-empty DB results in the migration failing

When reusing a DB for the same preview app, the action fails with the error "relation \"<table_name>\" already exists"

Sample run illustrating the issue - https://github.com/meetzaveri/hasura-cloud-preview-app-example/runs/6904208345?check_suite_focus=true

null errors / project not reachable

This is failing in our github workflow, and it seems sporadic. The "null: running" stuff looks wrong, and then it says the project isn't reachable.

Fetching Metadata: started
Fetching Metadata: started
Fetching Metadata: started
Fetching Metadata: started
Fetching Metadata: started
Fetching Metadata: started
Fetching Metadata: started
Fetching Metadata: running
Fetching Metadata: running
Fetching Metadata: running
Fetching Metadata: running
Fetching Metadata: running
null: running
null: running
null: running
null: failed
{"migrate": null, "metadata": null}

...

<div class="title">
        Unable to load this project
      </div>
      <div class="desc">
        It looks like the project you tried to access is not live yet!
        <ul>
          <li>
            If you have just created this project please wait a few moments before refreshing this page. Ping us on <a href="https://hasura.io/help" rel="noopener noreferrer" target="_blank">chat</a> for any assistance.
          </li>
          <li>
            Check out the project's env vars section to see if there are any configuration errors.
          </li>
        </ul>
      </div>

Is this still being worked on?

I could never get this to work properly on a simple project.
The actions gives a time out and fail.

Is this still being worked on?

Preview apps action fails on the first run

Bug

Preview app action fails on the first run with the error Error: could not find the GitHub job; the associated deployment was terminated

Workaround

This is fixed by re-running the job.

Expected

The action should run successfully every time (if configured correctly).

Examples

https://github.com/kikkupico/samp-home-food-dev-2/runs/7148915232?check_suite_focus=true

#91

elegant logging

Currently there's a lot of unnecessary logging that we can avoid. Also, more tasks have been added to the github deployment that this action must account for.

setup release automation through github actions

Releasing is a manual process as of now. We should have branch-based releases. Refer to https://docs.github.com/en/actions/creating-actions/releasing-and-maintaining-actions

Fix the errors related to 'require'

Every run of the workflow, even when successful, shows this error -

(node:1523) Warning: require() of ES modules is not supported.
[18](https://github.com/kikkupico/samp-home-food-dev-2/pull/6/checks#step:3:18)
require() of /home/runner/work/_actions/hasura/hasura-cloud-preview-apps/v0.1.4/dist/index.js is an ES module file as it is a .js file whose nearest parent package.json contains "type": "module" which defines all .js files in that package scope as ES modules.
[19](https://github.com/kikkupico/samp-home-food-dev-2/pull/6/checks#step:3:19)
Instead rename index.js to end in .cjs, change the requiring code to use import(), or remove "type": "module" from /home/runner/work/_actions/hasura/hasura-cloud-preview-apps/v0.1.4/dist/package.json.

This distracts and confuses users especially when the workflow fails.

It should be fixed (by fixing the build config, most likely).

Job failing when using standard tier access token

Hello

I'm trying to set up preview apps on my repo and everything works fine when I use a free tier account access token but as soon as I switch to a standard one (with a credit card associated to it), the project gets created, metadata are fetched and one or two migrations get applied (never more but never 0).
In hasura cloud I can the error source with name \"default\" is inconsistent which doesn't make sense to me as it shouldn't be able to apply any migrations if that was the case and it wouldn't with another access token either.
This error happens whether I'm using tier: cloud_payg or not with this access token.

I've been trying every options I can think of, do you have any idea on what could be wrong here ?

revoke connections before dropping ephemeral database

Currently we don't revoke connections before dropping the database which sometimes causes dropping the database to fail because Hasura has an open connection with the database.

Before dropping the database, we should ideally:

Revoke all connections
Restrict new connections

MIgrations take forever to run and often hangs

We have around 148 migration files. In local, all migrations are applied within 5 seconds but take anywhere from 20 minutes to 50 minutes using Hasura preview apps on Github actions. And most of the time the process just hangs and fails the action.

Hasura Preview Apps action fails most of times on first run

Hasura Preview Apps Action seems to be failing almost every time on the first run with the below message

If you have just created this project please wait a few moments before refreshing this page. Ping us on <a href="https://hasura.io/help" rel="noopener noreferrer" target="_blank">chat</a> for any assistance.

Rerun works, but that isn't a solution since it has to be manually triggered.

Please help fix this soon.

Ability to run regression tests on preview apps?

Is it possible to run regression tests on the preview apps to ensure nothing gets merged to prod if there's any regressions?

Ability to assign custom domain through the input variables

Please allow for assigning custom domain names for preview apps. We need to assign a custom domain to my Hasura project to use cookies for user authentication. Any help is appreciated.