Add updated github actions scripts

Author: Keith Halsall

.github/workflows/check-and-publish.yml

@@ -0,0 +1,21 @@
+name: Run Subgraph Check and Publish
+
+on:
+  push:
+    paths:
+      - '**.graphql'
+  workflow_dispatch:
+  workflow_call:
+
+env:
+  GEN: "nov15"
+  APOLLO_KEY: ${{ vars.TOKEN }}
+  
+jobs:
+  checks:
+    uses: ./.github/workflows/subgraph-check.yml
+    secrets: inherit
+  publish:
+    needs: checks
+    uses: ./.github/workflows/publish-subgraph.yml
+    secrets: inherit

.github/workflows/create_studio_project.yml

@@ -1,37 +1,89 @@
-name: Create Studio Account
+name: Setup Studio Account
 
 on:
-  create:
-  push:
+  workflow_run:
+    workflows: ["Initial Setup"]
+    types:
+      - completed
+
+env:
+  GEN: "nov15"
+  APOLLO_KEY: ${{ secrets.APOLLO_USER_KEY }}
 
 jobs:
-  create:
+  publish:
+    uses: ./.github/workflows/publish-subgraph.yml
+    secrets: inherit
+
+  pqs:
     runs-on: ubuntu-latest
     steps:
-    - name: Create Graph in Apollo Studio
-      run: |
-        echo "GITHUB_ACTOR: ${GITHUB_ACTOR}"
-        curl --request POST 'https://graphql.api.apollographql.com' \
-        --header 'content-type: application/json' \
-        --header 'X-API-Key: user:fp.d88ba77d-487c-4b97-9780-f1e4c5352a22:_60kU_wi1yLH1zt60UhxGg' \
-        --data '{"query":"mutation CreateGraph($graphType: GraphType!, $hiddenFromUninvitedNonAdmin: Boolean!, $createGraphId: ID!, $title: String!, $accountId: ID!) {\n  account(id: $accountId) {\n    createGraph(graphType: $graphType, hiddenFromUninvitedNonAdmin: $hiddenFromUninvitedNonAdmin, id: $createGraphId, title: $title) {\n      ... on Service {\n        accountId\n      }\n    }\n      }\n    }\n   \n \n","variables":{"graphType":"SELF_HOSTED_SUPERGRAPH","hiddenFromUninvitedNonAdmin":false,"createGraphId":"${GITUB_ACTOR}","title":"${GITHUB_ACTOR}","accountId":"summit-2023-enterprise-workshop"},"operationName":"CreateGraph"}'
-jobs:
-  publish:
-    name: Rover Subgraph Publish
-    run-on: ubuntu-latest
+      - name: Create PQ List
+        run: |
+          curl --request POST \
+            --header 'content-type: application/json' \
+            --header 'X-API-Key: ${{ secrets.APOLLO_USER_KEY }}' \
+            --url 'https://graphql.api.apollographql.com/api/graphql' \
+            --data '{"query":"mutation Mutation($graphId: ID!, $name: String!, $description: String, $linkedVariants: [String!]) {\n  graph(id: $graphId) {\n    createPersistedQueryList(name: $name, description: $description, linkedVariants: $linkedVariants) {\n      ... on CreatePersistedQueryListResult {\n        persistedQueryList {\n          id\n    createdAt\n        }\n      }\n    }\n  }\n}","variables":{"graphId":"${{vars.ACTOR}}${{ env.GEN }}","name":"pq_list","description":"Our PQ List","linkedVariants":["current"]}}' -o pq.json
+          cat pq.json
+
+      - name: Set Env
+        run: echo "PQ_ID=$(cat pq.json | jq .data.graph.createPersistedQueryList.persistedQueryList.id)" >> $GITHUB_ENV
+
+      - name: Install Rover
+        run: | 
+          curl -sSL https://rover.apollo.dev/nix/v0.19.0 | sh
+          echo "$HOME/.rover/bin" >> $GITHUB_PATH
 
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Publish PQ List          
+        run: | 
+          rover persisted-queries publish --graph-id ${{vars.ACTOR}}${{env.GEN}} --list-id ${{env.PQ_ID}} \
+            --manifest ./final/workshop-pq-manifest.json
+
+  deploy:
+    needs: publish
+    uses: ./.github/workflows/deploy-router.yml
+    secrets: inherit
+
+  install-url:
+    needs: deploy
+    runs-on: ubuntu-latest
+    steps: 
+      - id: "auth"
+        uses: "google-github-actions/auth@v0"
+        with:
+          credentials_json: ${{ secrets.GCP_CREDENTIALS }}
+      - name: Get URL
+        run: | 
+          gcloud run services describe ${{vars.ACTOR}}-router --region us-central1 --format 'value(status.url)' > url.json
+          echo "URL=$(cat url.json)" >> $GITHUB_ENV
+      - name: Set URL
+        run: |
+          curl --request POST \
+            --header 'content-type: application/json' \
+            --header 'X-API-Key: ${{ secrets.APOLLO_USER_KEY }}' \
+            --url 'https://graphql.api.apollographql.com/api/graphql' \
+            --data '{"query":"mutation UpdateURL($name: String!, $graphId: ID!, $url: String) {\n  graph(id: $graphId) {\n    variant(name: $name) {\n      updateURL(url: $url) {\n        createdAt\n      }\n    }\n  }\n}","variables":{"name":"current","graphId":"${{vars.ACTOR}}${{ env.GEN }}","url":"${{ env.URL }}"}}'
+
+      - name: Set Subscription URL
+        run: |
+          curl --request POST \
+            --header 'content-type: application/json' \
+            --header 'X-API-Key: ${{ secrets.APOLLO_USER_KEY }}' \
+            --url 'https://graphql.api.apollographql.com/api/graphql' \
+            --data '{"query":"mutation Mutation($graphId: ID!, $name: String!, $subscriptionUrl: String) {\n  graph(id: $graphId) {\n    variant(name: $name) {\n      updateSubscriptionURL(subscriptionUrl: $subscriptionUrl) {\n        createdAt\n      }\n    }\n  }\n}","variables":{"graphId":"${{vars.ACTOR}}${{ env.GEN }}","name":"current","subscriptionUrl":"${{ env.URL }}"}}'
+  
+  preflightScript:
+    needs: publish
+    runs-on: ubuntu-latest
     steps:
-    - name: Checkout
-      uses: actions/checkout@v3
-
-    - name: Install Rover
-      run: | 
-        curl -sSL https://rover.apollo.dev/nix/v0.8.1 | sh
-        echo "$HOME/.rover/bin" >> $GITHUB_PATH
-
-    - name: Rover Subgraph Publish
-      run: | 
-        rover subgraph publish ${{secrets.APOLLO_GRAPH_REF }} \
-          --name products \
-          --routing-url https://https://subgraph-products-j3nprurqka-ue.a.run.app \
-          --schema ./final/nosql-products/schema.graphql
+      - name: Create PreFlight Script
+        run: |
+          curl --request POST \
+            --header 'content-type: application/json' \
+            --header 'X-API-Key: ${{ secrets.APOLLO_USER_KEY }}' \
+            --url 'https://graphql.api.apollographql.com/api/graphql' \
+            --data '{"query":"mutation Mutation($graphId: ID!, $name: String!, $preflightScript: String) {\n  graph(id: $graphId) {\n    variant(name: $name) {\n      updatePreflightScript(preflightScript: $preflightScript) {\n        createdAt\n      }\n    }\n  }\n}","variables":{"graphId":"${{vars.ACTOR}}${{ env.GEN }}","name":"current","preflightScript":"const API_KEY=\"AIzaSyBGEWuarfRs4vVIzbdPj7EU_h3tMAVO_e4\";console.log(\"fetching new token.....\");const getToken=async e=>{let o=await explorer.fetch(\"https:\/\/identitytoolkit.googleapis.com\/v1\/accounts:signInWithPassword?key=AIzaSyBGEWuarfRs4vVIzbdPj7EU_h3tMAVO_e4\",{method:\"POST\",header:{\"Content-Type\":\"application\/json\"},body:JSON.stringify({email:e,password:\"apolloworkshop\",returnSecureToken:!0})});return o.json()},authorizedCredentials=await getToken(\"[email protected]\"),{idToken:authorizedToken}=authorizedCredentials;explorer.environment.set(\"authorizedToken\",authorizedToken),console.log(\"successfully set authorized token\");const unauthorizedCredentials=await getToken(\"[email protected]\"),{idToken:unauthorizedToken}=unauthorizedCredentials;explorer.environment.set(\"unauthorizedToken\",unauthorizedToken),console.log(\"successfully set token unauthorized token\");"}}'

.github/workflows/deploy-router.yml

@@ -1,9 +1,11 @@
 name: Deploy Router to Cloud Run
 
 on:
-  push:
-    branches:
-      - summit-workshop
+  workflow_dispatch:
+  workflow_call:
+
+env:
+  GEN: "nov15"
 
 jobs:
   deploy:
@@ -12,34 +14,26 @@ jobs:
     steps:
     - name: Checkout code
       uses: actions/checkout@v2
+      
     - id: "auth"
       uses: "google-github-actions/auth@v0"
       with:
         credentials_json: ${{ secrets.GCP_CREDENTIALS }}
 
-    - name: Set up Google Cloud SDK
-      uses: google-github-actions/setup-gcloud@v0
-
-    - name: Configure Docker to use gcloud as a credential helper
-      run: |
-        gcloud auth configure-docker
+    #- name: Set up Google Cloud SDK
+    #  uses: google-github-actions/setup-gcloud@v0
 
-    - name: Build Apollo Router Docker image
-      run: |
-        docker build -t gcr.io/summit-enterprise-workshop/apollo-router:latest .
-        docker images
-      working-directory: ./router
+    - name: Create Secret for Cloud Run
+      run: gcloud secrets create ${{vars.ACTOR}}
+      continue-on-error: true
 
-    - name: Push Docker image to Google Container Registry
-      run: |
-        docker push gcr.io/summit-enterprise-workshop/apollo-router:latest
-      working-directory: ./router
+    - name: Add Secret data
+      run: gcloud secrets versions add --data-file=./router/router.yaml ${{vars.ACTOR}}
 
-    - name: Deploy Apollo Router to Cloud Run
+    - name: Depoy Apollo Router to Cloud Run
       run: |
-        gcloud run deploy apollo-router \
-          --image gcr.io/summit-enterprise-workshop/apollo-router:latest \
-          --platform managed \
-          --region us-central1 \
-          --update-env-vars APOLLO_KEY=${{ secrets.APOLLO_KEY }},APOLLO_GRAPH_REF=${{ secrets.APOLLO_GRAPH_REF }} \
+        gcloud run deploy ${{vars.ACTOR}}-router --image gcr.io/summit-enterprise-workshop/jesse-apollo-router:latest \
+          --set-secrets=/dist/config/router.yaml=${{vars.ACTOR}}:latest \
+          --set-env-vars "APOLLO_ROUTER_HOT_RELOAD=true,APOLLO_KEY=${{ vars.TOKEN }},APOLLO_GRAPH_REF=${{vars.ACTOR}}${{env.GEN}}@current" --platform managed --region us-central1 \
           --allow-unauthenticated
+

.github/workflows/publish-subgraph.yml

@@ -0,0 +1,44 @@
+name: Publish subgraphs to Apollo Studio
+
+on:
+  workflow_dispatch:
+  workflow_call:
+
+env:
+  GEN: "nov15"
+  APOLLO_KEY: ${{ vars.TOKEN }}
+  
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v3
+
+    - name: Install Rover
+      run: | 
+        curl -sSL https://rover.apollo.dev/nix/v0.19.0 | sh
+        echo "$HOME/.rover/bin" >> $GITHUB_PATH
+
+    - name: Rover Subgraph Publish Products
+      run: | 
+        rover subgraph publish ${{vars.ACTOR}}${{ env.GEN }}@current \
+          --name products \
+          --convert \
+          --routing-url https://subgraph-products-j3nprurqka-ue.a.run.app \
+          --schema ./products-schema.graphql
+
+    - name: Rover Subgraph Publish Orders
+      run: | 
+        rover subgraph publish ${{vars.ACTOR}}${{ env.GEN }}@current \
+          --name orders \
+          --routing-url https://subgraph-orders-j3nprurqka-ue.a.run.app \
+          --schema ./orders-schema.graphql
+
+    - name: Rover Subgraph Publish Customers
+      run: |
+        rover subgraph publish ${{vars.ACTOR}}${{ env.GEN }}@current \
+          --name customers \
+          --routing-url https://subgraph-customers-j3nprurqka-ue.a.run.app \
+          --schema ./final/customers-schema.graphql

.github/workflows/setup.yml

@@ -0,0 +1,74 @@
+
+name: Initial Setup
+
+on:
+  push:
+    paths:
+      - '**.yml'
+
+env:
+  GEN: "nov15"
+
+jobs:
+  create:
+    runs-on: ubuntu-latest
+    steps:
+    - id: string
+      uses: ASzc/change-string-case-action@v5
+      with:
+        string: ${{github.actor}}
+    - id: step2
+      run: echo "ACTOR=${{ steps.string.outputs.lowercase }}" >> $GITHUB_ENV
+    - name : lowercase github actor
+      run: | 
+        curl -L \
+          -X POST \
+          -H "Accept: application/vnd.github+json" \
+          -H "Authorization: Bearer ${{ secrets.GH_KEY }}" \
+          -H "X-GitHub-Api-Version: 2022-11-28" \
+          https://api.github.com/repos/${{github.repository}}/actions/variables \
+          -d '{"name":"actor","value":"${{ steps.string.outputs.lowercase }}" }'
+
+    - name: Create Graph in Apollo Studio
+      run: |
+        echo "GITHUB_ACTOR: $GITHUB_ACTOR"
+        curl --request POST 'https://graphql.api.apollographql.com' \
+        --header 'content-type: application/json' \
+        --header 'X-API-Key: ${{ secrets.APOLLO_USER_KEY }}' \
+        --data '{"query":"mutation Mutation($accountId: ID!, $graphType: GraphType!, $hiddenFromUninvitedNonAdmin: Boolean!, $createGraphId: ID!, $title: String!, $variantCreationConfig: VariantCreationConfig) {\n  account(id: $accountId) {\n    createGraph(graphType: $graphType, hiddenFromUninvitedNonAdmin: $hiddenFromUninvitedNonAdmin, id: $createGraphId, title: $title, variantCreationConfig: $variantCreationConfig) {\n      __typename\n      ... on Service {\n        __typename\n        id\n      }\n      ... on GraphCreationError {\n        __typename\n        message\n      }\n    }\n  }\n}","variables":{"accountId":"${{ secrets.APOLLO_ACCOUNT }}","graphType":"SELF_HOSTED_SUPERGRAPH","hiddenFromUninvitedNonAdmin":false,"createGraphId":"${{env.ACTOR}}${{ env.GEN }}","title":"${{env.ACTOR}} - ${{ env.GEN }}","variantCreationConfig":{"variantName":"current","buildConfigInput":{"apiDirectivePassThrough":[],"buildPipelineTrack":null,"composition":{"subgraphs":[]}}}}}'
+  
+  keys:
+    needs: create
+    runs-on: ubuntu-latest
+    steps:
+    - name: Sleep
+      run: sleep 10s
+      shell: bash
+    - id: string
+      uses: ASzc/change-string-case-action@v5
+      with:
+        string: ${{github.actor}}
+    - id: step2
+      run: echo "ACTOR=${{ steps.string.outputs.lowercase }}" >> $GITHUB_ENV
+
+    - name: Create Apollo Key
+      run: |
+        curl --request POST 'https://graphql.api.apollographql.com' \
+        --header 'content-type: application/json' \
+        --header 'X-API-Key: ${{ secrets.APOLLO_USER_KEY }}' \
+        --data '{"query":"mutation Mutation($graphId: ID!, $keyName: String, $role: UserPermission!) {\n  graph(id: $graphId) {\n    newKey(keyName: $keyName, role: $role) {\n      token\n    }\n  }\n}","variables":{"graphId":"${{env.ACTOR}}${{ env.GEN }}","keyName":"my-first-key","role":"CONTRIBUTOR"}}' -o token.json
+        cat token.json
+
+    - name: Set Env
+      run: echo "TOKEN=$(cat token.json | jq .data.graph.newKey.token)" >> $GITHUB_ENV
+
+    - name: Retrieve Apollo Key
+      run: | 
+        echo "Add code to extract token and save as a github secret"
+        curl -L \
+          -X POST \
+          -H "Accept: application/vnd.github+json" \
+          -H "Authorization: Bearer ${{ secrets.GH_KEY }}" \
+          -H "X-GitHub-Api-Version: 2022-11-28" \
+          https://api.github.com/repos/${{github.repository}}/actions/variables \
+          -d '{"name":"token","value":${{ env.TOKEN }} }'

.github/workflows/subgraph-check.yml

@@ -0,0 +1,39 @@
+name: Perform subgraph check via Apollo Studio
+
+on:
+  workflow_dispatch:
+  workflow_call:
+
+env:
+  GEN: "nov15"
+  APOLLO_KEY: ${{ vars.TOKEN }}
+  
+jobs:
+  checks:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+  
+      - name: Install Rover
+        run: | 
+          curl -sSL https://rover.apollo.dev/nix/v0.19.0 | sh
+          echo "$HOME/.rover/bin" >> $GITHUB_PATH
+  
+      - name: Rover Subgraph Check Products
+        run: | 
+          rover subgraph check ${{vars.ACTOR}}${{ env.GEN }}@current \
+            --name products \
+            --schema ./products-schema.graphql
+  
+      - name: Rover Subgraph Check Orders
+        run: | 
+          rover subgraph check ${{vars.ACTOR}}${{ env.GEN }}@current \
+            --name orders \
+            --schema ./orders-schema.graphql
+  
+      - name: Rover Subgraph Check Customers
+        run: |
+          rover subgraph check ${{vars.ACTOR}}${{ env.GEN }}@current \
+            --name customers \
+            --schema ./final/customers-schema.graphql

.github/workflows/update-router.yml

@@ -0,0 +1,27 @@
+name: Update Router on Cloud Run
+
+on:
+  push:
+    paths:
+      - '**.yaml'
+  workflow_dispatch:
+  workflow_call:
+
+env:
+  GEN: "nov15"
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v2
+
+    - id: "auth"
+      uses: "google-github-actions/auth@v0"
+      with:
+        credentials_json: ${{ secrets.GCP_CREDENTIALS }}
+
+    - name: Add Secret data
+      run: gcloud secrets versions add --data-file=./router/router.yaml ${{vars.ACTOR}}