pregnancy-centre

Connecting to a Database (MongoDB)

Remote Database

1. Go to the MongoDB Atlas web console and add you IP address to the Network Access List.
2. Verify that the MONGODB_URI env var in /server/.env has the format

MONGO_URI='mongodb+srv://<USERNAME>:<PRIVATE_TOKEN>@cluster0.gwbcg.mongodb.net/<DATABASE_NAME>?retryWrites=true&w=majority'

You can get the /server/.env file using the secret manager.

Local Database

A MongoDB replicaset is required to use MongoDB sessions. Install and use run-rs to run a MongoDB replicaset locally.

The MONGODB_URI env var should have the format

mongodb://<COMPUTER_NAME>:27017,<COMPUTER_NAME>:27018,<COMPUTER_NAME>:27019/<DATABASE_NAME>?replicaSet=rs

Non-Windows users can have a MONGODB_URI env var in the format

mongodb://localhost:27017,localhost:27018,localhost:27019/<DATABASE_NAME>?replicaSet=rs

Secret Manager

Run the following commands from the repo root:

To populate local environment files with secrets from secr\et manager: vault kv get -format=json kv/pregnancy-centre | python update_secret_files.py

To update the secrets inside secret manager using local environment files: vault kv put kv/pregnancy-centre CLIENT_ENV_VARS=@client/.env CLIENT_ENV_PROD_VARS=@client/.env.prod CLIENT_ENV_STAGING_VARS=@client/.env.staging SERVER_ENV_VARS=@server/.env SERVER_ENV_PROD_VARS=@server/.env.prod SERVER_ENV_STAGING_VARS=@server/.env.staging

Helpful secret manager setup guide: https://www.notion.so/uwblueprintexecs/Secret-Management-2d5b59ef0987415e93ec951ce05bf03e#3008f54889ab4b0cacfa276cbc43e613

~ For Windows users ~

• Having python 3 is a prerequisite, but you might have to use python instead of python3 (this will depend on the user/OS)
• For Windows 10 users, make sure to run cmd/powershell as admin
• Running with Git Bash also works

Automated Deployment

Staging

If you're working on feature-branch and you want to deploy your changes to staging, then do the following:

1. Checkout the staging branch.

git checkout staging

2. Set the HEAD of staging to the same commit as the HEAD of feature-branch

git checkout staging
git reset --hard feature-branch
git push -f origin staging

3. CircleCI will automatically deploy any commits in the staging branch. Go here to watch the deployment jobs. If the client and server deployment jobs complete successfully, then proceed.
4. To see the staging website, go here.

Manual Deployment

Get all the dev, staging, and prod .env files for server and client from the secret manager.

Client

Tutorial: https://firebase.google.com/docs/hosting/quickstart?authuser=1

1. Delete the old client/build folder
2. Ensure client/.env files contain the appropriate credentials. If you are deploying to prod, rename client/.env.prod to client/.env.
3. Go to /client. Then run

npm run build
./node_modules/.bin/firebase use <ENV>
./node_modules/.bin/firebase deploy --only hosting

<ENV> is either prod or staging.

Before building, ensure your .env has the correct values for production.

Server

Tutorials:

• https://firebase.google.com/docs/hosting/cloud-run?authuser=1#node.js
  • Deploy server using Google Cloud Run
  • Route requests to server from Firebase IP
• https://cloud.google.com/run/docs/configuring/static-outbound-ip
  • Setting up static outbound IP

1. Go to /server.
2. Ensure your .env has the correct values for production.

• We must have NODE_ENV=production or else all requests will be unauthenticated and graphql errors will include a stacktrace.

3. Remove .env from server/.gitignore (or else the build will fail.)
4. Configure the gcloud project

gcloud config set project <PROJECT_ID>

5. Build Docker image and push to Google container registry. The name of the image is gcr.io/<PROJECT_ID>/tpc-server.

gcloud builds submit --tag gcr.io/<PROJECT_ID>/tpc-server

• <PROJECT_ID> is bp-pregnancy-centre or bp-pregnancy-centre-staging

6. Add .env back to server/.gitignore. (Be safe, don't leak secrets!)
7. Deploy built container using Google Cloud Run (if the service tpc-server already exists, a revision will be deployed). More info here.

gcloud beta run deploy tpc-server \
   --image=gcr.io/<PROJECT_ID>/tpc-server \
   --vpc-connector=tcp-server-connector \
   --vpc-egress=all \
   --platform=managed \
   --region=us-east1 \
   --min-instances 1

Set up static outbound IP

1. Configure the gcloud project

gcloud config set project <PROJECT_ID>

2. Run the following commands:

gcloud compute networks subnets create tpc-subnet --range=10.124.0.0/28 --network=default --region=us-east1

gcloud beta compute networks vpc-access connectors create tcp-server-connector \
  --region=us-east1 \
  --subnet-project=<PROJECT_ID> \
  --subnet=tpc-subnet


gcloud compute routers create tpc-server-router \
  --network=default \
  --region=us-east1

gcloud compute addresses create tpc-server-outbound-ip --region=us-east1

gcloud compute routers nats create tpc-server-nat \
  --router=tpc-server-router \
  --region=us-east1 \
  --nat-custom-subnet-ip-ranges=tpc-subnet \
  --nat-external-ip-pool=tpc-server-outbound-ip

gcloud beta run deploy tpc-server \
   --image=gcr.io/<PROJECT_ID>/tpc-server \
   --vpc-connector=tcp-server-connector \
   --vpc-egress=all \
   --platform=managed \
   --region=us-east1 \
   --min-instances 1

3. Go to VPC Network in GCP console to find outbound static IP. Add the static IP to the MongoDB Atlas Newtork Access List.