From 08aef7ce4da3af74f87a13d5d17c386401f7b638 Mon Sep 17 00:00:00 2001 From: Tillman Mosley III Date: Tue, 7 Apr 2026 21:18:36 -0400 Subject: [PATCH 01/13] package modernization --- apps/backend/package.json | 32 ++--- apps/history-scanner/package.json | 24 ++-- apps/users/package.json | 2 +- flake.nix | 8 +- package.json | 25 +++- packages/crawler/package.json | 8 +- packages/exception-logger/package.json | 9 +- packages/history-scanner-dto/package.json | 5 +- packages/http-helper/package.json | 10 +- packages/job-monitor/package.json | 7 +- packages/node-connector/package.json | 8 +- pnpm-lock.yaml | 164 ++++++++++++++++------ terraform/modules/app_platform/main.tf | 4 +- 13 files changed, 205 insertions(+), 101 deletions(-) diff --git a/apps/backend/package.json b/apps/backend/package.json index 9f8aa299..a21e3c92 100644 --- a/apps/backend/package.json +++ b/apps/backend/package.json @@ -17,16 +17,10 @@ "author": "pieterjan84@github", "license": "MIT", "dependencies": { - "express-basic-auth": "^1.2.1", - "crawler": "workspace:*", "@aws-sdk/client-s3": "^3.665.0", "@sentry/node": "^7.119.1", - "shared": "workspace:*", - "job-monitor": "workspace:*", - "exception-logger": "workspace:*", - "logger": "workspace:*", - "@withobsrvr/stellar-history-archive-hasher": "^0.8.1", "@stellarbeat/stellar_analysis_nodejs": "^0.6.2", + "@withobsrvr/stellar-history-archive-hasher": "^0.8.1", "ajv": "^8.17.1", "async": "^3.2.6", "await-fs": "^1.0.0", @@ -34,22 +28,32 @@ "blocked-at": "^1.2.0", "body-parser": "^1.20.3", "class-transformer": "^0.5.1", + "crawler": "workspace:*", + "custom-error": "workspace:*", "dotenv": "^10.0.0", "ejs": "^3.1.10", + "exception-logger": "workspace:*", "express": "^4.21.0", + "express-basic-auth": "^1.2.1", "express-validator": "^6.15.0", "helmet": "^4.6.0", + "history-scanner-dto": "workspace:*", + "http-helper": "workspace:*", "inversify": "^6.0.2", + "job-monitor": "workspace:*", "latest-semver": "^3.0.0", + "logger": "workspace:*", "lru-cache": "^7.18.3", "mathjs": "^10.6.4", "moment": "^2.30.1", - "neverthrow": "^6.2.2", + "neverthrow": "^8.2.0", "pg": "^8.13.0", "pg-query-stream": "^2.1.2", "pino": "9.4.0", + "reflect-metadata": "0.2.2", "semver": "^7.6.3", "shallow-equal-object": "^1.1.1", + "shared": "workspace:*", "swagger-ui-express": "^4.6.3", "to-semver": "^3.0.0", "toml": "^3.0.0", @@ -58,9 +62,7 @@ "validator": "^13.12.0", "winston": "^3.15.0", "workerpool": "^6.5.1", - "http-helper": "workspace:*", - "custom-error": "workspace:*", - "history-scanner-dto": "workspace:*" + "yn": "^4.0.0" }, "devDependencies": { "@types/async": "^3.2.24", @@ -68,13 +70,11 @@ "@types/ejs": "^3.1.5", "@types/express": "^4.17.21", "@types/semver": "^7.5.8", + "@types/supertest": "6.0.2", "@types/swagger-ui-express": "^3.0.1", "@types/uuid": "^8.3.4", "@types/validator": "^13.12.2", "@types/workerpool": "^6.4.7", - "yn": "^4.0.0", - "supertest": "^7.0.0", - "@types/supertest": "6.0.2" - }, - "packageManager": "pnpm@9.11.0+sha512.0a203ffaed5a3f63242cd064c8fb5892366c103e328079318f78062f24ea8c9d50bc6a47aa3567cabefd824d170e78fa2745ed1f16b132e16436146b7688f19b" + "supertest": "^7.0.0" + } } diff --git a/apps/history-scanner/package.json b/apps/history-scanner/package.json index b4294038..c153a82d 100644 --- a/apps/history-scanner/package.json +++ b/apps/history-scanner/package.json @@ -13,26 +13,28 @@ "license": "MIT", "private": true, "dependencies": { + "@stellar/stellar-base": "15.0.0", + "@withobsrvr/stellar-history-archive-hasher": "^0.9.1", + "ajv": "^8.17.1", + "custom-error": "workspace:*", "dotenv": "^10.0.0", - "validator": "^13.12.0", - "inversify": "^6.0.2", - "shared": "workspace:*", - "neverthrow": "^6.2.2", "exception-logger": "workspace:*", + "history-scanner-dto": "workspace:*", + "http-helper": "workspace:*", + "inversify": "^6.0.2", "job-monitor": "workspace:*", "logger": "workspace:*", - "ajv": "^8.17.1", - "yn": "^3.1.1", - "custom-error": "workspace:*", - "http-helper": "workspace:*", - "history-scanner-dto": "workspace:*", + "neverthrow": "^8.2.0", + "reflect-metadata": "0.2.2", + "shared": "workspace:*", + "validator": "^13.12.0", "workerpool": "^6.5.1", - "@withobsrvr/stellar-history-archive-hasher": "^0.9.1" + "yn": "^3.1.1" }, "devDependencies": { + "@types/express": "^4.17.21", "@types/workerpool": "^6.4.7", "express": "^4.21.2", - "@types/express": "^4.17.21", "express-rate-limit": "^7.5.0", "supertest": "^7.0.0" } diff --git a/apps/users/package.json b/apps/users/package.json index cfef94c9..dee18fe3 100644 --- a/apps/users/package.json +++ b/apps/users/package.json @@ -13,7 +13,7 @@ "license": "MIT", "engines": { "node": "20.x", - "pnpm": "9.15.0" + "pnpm": "10.33.0" }, "private": true, "devDependencies": { diff --git a/flake.nix b/flake.nix index 8f0d7b49..fac8555b 100644 --- a/flake.nix +++ b/flake.nix @@ -16,12 +16,12 @@ }; }; nodejs = pkgs.nodejs_20; - # Pin pnpm to version 9.15.0 + # Pin pnpm to version 10.33.0 pnpm = (pkgs.nodePackages.pnpm.override { nodejs = nodejs; }).overrideAttrs (old: { - version = "9.15.0"; + version = "10.33.0"; src = pkgs.fetchurl { - url = "https://registry.npmjs.org/pnpm/-/pnpm-9.15.0.tgz"; - sha256 = "0a7xy0qwixjfs9035yfzvbvcwk1g03s1j1k8aiip1njglcqzxa09"; + url = "https://registry.npmjs.org/pnpm/-/pnpm-10.33.0.tgz"; + sha256 = "100sfl5ya58h858ijynm8m5r1djq7idsfin42sji76r7mp5ipk5z"; }; }); diff --git a/package.json b/package.json index 4b251d9a..e1c3efb4 100644 --- a/package.json +++ b/package.json @@ -33,27 +33,42 @@ "start:scan-network": "pnpm --filter backend run scan-network", "start:scan-history": "pnpm --filter history-scanner run scan-history" }, - "keywords": ["stellar", "network", "explorer", "blockchain", "radar"], + "keywords": [ + "stellar", + "network", + "explorer", + "blockchain", + "radar" + ], "author": "OBSRVR", "contributors": [ - {"name": "pieterjan84", - "url": "https://github.com/pieterjan84"}, + { + "name": "pieterjan84", + "url": "https://github.com/pieterjan84" + }, "OBSRVR" ], "license": "MIT", "engines": { "node": "20.x", - "pnpm": "9.15.0" + "pnpm": "10.33.0" }, "type": "module", "dependencies": { - "@stellar/stellar-base": "13.0.1", + "@stellar/stellar-base": "15.0.0", "dotenv": "^16.4.7", "lru-cache": "^11.0.2", "neverthrow": "^8.2.0", "pino": "^9.6.0", "reflect-metadata": "^0.2.2" }, + "pnpm": { + "onlyBuiltDependencies": [ + "@swc/core", + "esbuild", + "sodium-native" + ] + }, "devDependencies": { "@types/jest": "29.5.6", "@types/node": "^22.13.10", diff --git a/packages/crawler/package.json b/packages/crawler/package.json index d8b8dbeb..c3c010be 100644 --- a/packages/crawler/package.json +++ b/packages/crawler/package.json @@ -11,9 +11,13 @@ "author": "pieterjan84@github", "license": "MIT", "dependencies": { + "@stellar/stellar-base": "15.0.0", + "async": "^3.2.6", + "lru-cache": "^11.0.2", + "neverthrow": "^8.2.0", "node-connector": "workspace:*", - "shared": "workspace:*", - "async": "^3.2.6" + "pino": "^9.6.0", + "shared": "workspace:*" }, "devDependencies": { "@types/async": "^3.2.7" diff --git a/packages/exception-logger/package.json b/packages/exception-logger/package.json index 2d012209..f6a875c1 100644 --- a/packages/exception-logger/package.json +++ b/packages/exception-logger/package.json @@ -12,9 +12,8 @@ "types": "lib/index.d.ts", "dependencies": { "@sentry/node": "^7.119.1", - "neverthrow": "^6.2.2", - "shared": "workspace:*", - "logger": "workspace:*" - }, - "devDependencies": {} + "logger": "workspace:*", + "neverthrow": "^8.2.0", + "shared": "workspace:*" + } } diff --git a/packages/history-scanner-dto/package.json b/packages/history-scanner-dto/package.json index 837f3800..8cabbcb5 100644 --- a/packages/history-scanner-dto/package.json +++ b/packages/history-scanner-dto/package.json @@ -11,7 +11,6 @@ "main": "lib/index.js", "types": "lib/index.d.ts", "dependencies": { - "neverthrow": "^6.2.2" - }, - "devDependencies": {} + "neverthrow": "^8.2.0" + } } diff --git a/packages/http-helper/package.json b/packages/http-helper/package.json index 07ee27ba..ee69ccf3 100644 --- a/packages/http-helper/package.json +++ b/packages/http-helper/package.json @@ -11,13 +11,13 @@ "main": "lib/index.js", "types": "lib/index.d.ts", "dependencies": { - "validator": "^13.12.0", - "neverthrow": "^6.2.2", - "shared": "workspace:*", - "logger": "workspace:*", "async": "^3.2.6", + "axios": "1.7.9", "custom-error": "workspace:*", - "axios": "1.7.9" + "logger": "workspace:*", + "neverthrow": "^8.2.0", + "shared": "workspace:*", + "validator": "^13.12.0" }, "devDependencies": { "@types/async": "^3.2.24", diff --git a/packages/job-monitor/package.json b/packages/job-monitor/package.json index 0e81cee7..cd16cb72 100644 --- a/packages/job-monitor/package.json +++ b/packages/job-monitor/package.json @@ -11,9 +11,10 @@ "main": "lib/index.js", "types": "lib/index.d.ts", "dependencies": { - "neverthrow": "^6.2.2", "@sentry/node": "^7.119.1", - "shared": "workspace:*", - "logger": "workspace:*" + "logger": "workspace:*", + "neverthrow": "^8.2.0", + "reflect-metadata": "0.2.2", + "shared": "workspace:*" } } diff --git a/packages/node-connector/package.json b/packages/node-connector/package.json index b60fda9d..8fba94f8 100644 --- a/packages/node-connector/package.json +++ b/packages/node-connector/package.json @@ -11,7 +11,12 @@ "author": "pieterjan84@github", "license": "MIT", "dependencies": { + "@stellar/stellar-base": "15.0.0", "async": "^3.2.6", + "bignumber.js": "9.1.2", + "lru-cache": "^11.0.2", + "neverthrow": "^8.2.0", + "pino": "^9.6.0", "sodium-native": "^4.1.1", "workerpool": "^9.1.3", "yn": "^4.0.0" @@ -19,7 +24,6 @@ "devDependencies": { "@types/async": "^3.2.24", "@types/sodium-native": "^2.3.9", - "@types/workerpool": "^6.4.7", - "bignumber.js": "9.1.2" + "@types/workerpool": "^6.4.7" } } diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index d62edd4f..40c3e836 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -9,8 +9,8 @@ importers: .: dependencies: '@stellar/stellar-base': - specifier: 13.0.1 - version: 13.0.1 + specifier: 15.0.0 + version: 15.0.0 dotenv: specifier: ^16.4.7 version: 16.4.7 @@ -169,8 +169,8 @@ importers: specifier: ^2.30.1 version: 2.30.1 neverthrow: - specifier: ^6.2.2 - version: 6.2.2 + specifier: ^8.2.0 + version: 8.2.0 pg: specifier: ^8.13.0 version: 8.13.0 @@ -180,6 +180,9 @@ importers: pino: specifier: 9.4.0 version: 9.4.0 + reflect-metadata: + specifier: 0.2.2 + version: 0.2.2 semver: specifier: ^7.6.3 version: 7.6.3 @@ -213,6 +216,9 @@ importers: workerpool: specifier: ^6.5.1 version: 6.5.1 + yn: + specifier: ^4.0.0 + version: 4.0.0 devDependencies: '@types/async': specifier: ^3.2.24 @@ -247,9 +253,6 @@ importers: supertest: specifier: ^7.0.0 version: 7.0.0 - yn: - specifier: ^4.0.0 - version: 4.0.0 apps/frontend: dependencies: @@ -425,6 +428,9 @@ importers: apps/history-scanner: dependencies: + '@stellar/stellar-base': + specifier: 15.0.0 + version: 15.0.0 '@withobsrvr/stellar-history-archive-hasher': specifier: ^0.9.1 version: 0.9.1 @@ -456,8 +462,11 @@ importers: specifier: workspace:* version: link:../../packages/logger neverthrow: - specifier: ^6.2.2 - version: 6.2.2 + specifier: ^8.2.0 + version: 8.2.0 + reflect-metadata: + specifier: 0.2.2 + version: 0.2.2 shared: specifier: workspace:* version: link:../../packages/shared @@ -535,12 +544,24 @@ importers: packages/crawler: dependencies: + '@stellar/stellar-base': + specifier: 15.0.0 + version: 15.0.0 async: specifier: ^3.2.6 version: 3.2.6 + lru-cache: + specifier: ^11.0.2 + version: 11.1.0 + neverthrow: + specifier: ^8.2.0 + version: 8.2.0 node-connector: specifier: workspace:* version: link:../node-connector + pino: + specifier: ^9.6.0 + version: 9.6.0 shared: specifier: workspace:* version: link:../shared @@ -560,8 +581,8 @@ importers: specifier: workspace:* version: link:../logger neverthrow: - specifier: ^6.2.2 - version: 6.2.2 + specifier: ^8.2.0 + version: 8.2.0 shared: specifier: workspace:* version: link:../shared @@ -569,8 +590,8 @@ importers: packages/history-scanner-dto: dependencies: neverthrow: - specifier: ^6.2.2 - version: 6.2.2 + specifier: ^8.2.0 + version: 8.2.0 packages/http-helper: dependencies: @@ -587,8 +608,8 @@ importers: specifier: workspace:* version: link:../logger neverthrow: - specifier: ^6.2.2 - version: 6.2.2 + specifier: ^8.2.0 + version: 8.2.0 shared: specifier: workspace:* version: link:../shared @@ -612,8 +633,11 @@ importers: specifier: workspace:* version: link:../logger neverthrow: - specifier: ^6.2.2 - version: 6.2.2 + specifier: ^8.2.0 + version: 8.2.0 + reflect-metadata: + specifier: 0.2.2 + version: 0.2.2 shared: specifier: workspace:* version: link:../shared @@ -626,9 +650,24 @@ importers: packages/node-connector: dependencies: + '@stellar/stellar-base': + specifier: 15.0.0 + version: 15.0.0 async: specifier: ^3.2.6 version: 3.2.6 + bignumber.js: + specifier: 9.1.2 + version: 9.1.2 + lru-cache: + specifier: ^11.0.2 + version: 11.1.0 + neverthrow: + specifier: ^8.2.0 + version: 8.2.0 + pino: + specifier: ^9.6.0 + version: 9.6.0 sodium-native: specifier: ^4.1.1 version: 4.2.1 @@ -648,9 +687,6 @@ importers: '@types/workerpool': specifier: ^6.4.7 version: 6.4.7 - bignumber.js: - specifier: 9.1.2 - version: 9.1.2 packages/scp-simulation: dependencies: @@ -1371,6 +1407,14 @@ packages: '@kurkle/color@0.3.2': resolution: {integrity: sha512-fuscdXJ9G1qb7W8VdHi+IwRqij3lBkosAm4ydQtEmbY58OzHXqQhvlxqEkoz0yssNVn38bcpRWgA9PP+OGoisw==} + '@noble/curves@1.9.7': + resolution: {integrity: sha512-gbKGcRUYIjA3/zCCNaWDciTMFI0dCkvou3TL8Zmy5Nc7sJ47a0jtOeZoTaMxkuqRo9cRhjOdZJXegxYE5FN/xw==} + engines: {node: ^14.21.3 || >=16} + + '@noble/hashes@1.8.0': + resolution: {integrity: sha512-jCs9ldd7NwzpgXDIf6P3+NrHh9/sD6CQdxHyjQI+h/6rDNo88ypBxxz45UDuZHz9r3tNz7N/VInSVoVdtXEI4A==} + engines: {node: ^14.21.3 || >=16} + '@nodelib/fs.scandir@2.1.5': resolution: {integrity: sha512-vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g==} engines: {node: '>= 8'} @@ -1446,51 +1490,61 @@ packages: resolution: {integrity: sha512-88fSzjC5xeH9S2Vg3rPgXJULkHcLYMkh8faix8DX4h4TIAL65ekwuQMA/g2CXq8W+NJC43V6fUpYZNjaX3+IIg==} cpu: [arm] os: [linux] + libc: [glibc] '@rollup/rollup-linux-arm-musleabihf@4.34.6': resolution: {integrity: sha512-wM4ztnutBqYFyvNeR7Av+reWI/enK9tDOTKNF+6Kk2Q96k9bwhDDOlnCUNRPvromlVXo04riSliMBs/Z7RteEg==} cpu: [arm] os: [linux] + libc: [musl] '@rollup/rollup-linux-arm64-gnu@4.34.6': resolution: {integrity: sha512-9RyprECbRa9zEjXLtvvshhw4CMrRa3K+0wcp3KME0zmBe1ILmvcVHnypZ/aIDXpRyfhSYSuN4EPdCCj5Du8FIA==} cpu: [arm64] os: [linux] + libc: [glibc] '@rollup/rollup-linux-arm64-musl@4.34.6': resolution: {integrity: sha512-qTmklhCTyaJSB05S+iSovfo++EwnIEZxHkzv5dep4qoszUMX5Ca4WM4zAVUMbfdviLgCSQOu5oU8YoGk1s6M9Q==} cpu: [arm64] os: [linux] + libc: [musl] '@rollup/rollup-linux-loongarch64-gnu@4.34.6': resolution: {integrity: sha512-4Qmkaps9yqmpjY5pvpkfOerYgKNUGzQpFxV6rnS7c/JfYbDSU0y6WpbbredB5cCpLFGJEqYX40WUmxMkwhWCjw==} cpu: [loong64] os: [linux] + libc: [glibc] '@rollup/rollup-linux-powerpc64le-gnu@4.34.6': resolution: {integrity: sha512-Zsrtux3PuaxuBTX/zHdLaFmcofWGzaWW1scwLU3ZbW/X+hSsFbz9wDIp6XvnT7pzYRl9MezWqEqKy7ssmDEnuQ==} cpu: [ppc64] os: [linux] + libc: [glibc] '@rollup/rollup-linux-riscv64-gnu@4.34.6': resolution: {integrity: sha512-aK+Zp+CRM55iPrlyKiU3/zyhgzWBxLVrw2mwiQSYJRobCURb781+XstzvA8Gkjg/hbdQFuDw44aUOxVQFycrAg==} cpu: [riscv64] os: [linux] + libc: [glibc] '@rollup/rollup-linux-s390x-gnu@4.34.6': resolution: {integrity: sha512-WoKLVrY9ogmaYPXwTH326+ErlCIgMmsoRSx6bO+l68YgJnlOXhygDYSZe/qbUJCSiCiZAQ+tKm88NcWuUXqOzw==} cpu: [s390x] os: [linux] + libc: [glibc] '@rollup/rollup-linux-x64-gnu@4.34.6': resolution: {integrity: sha512-Sht4aFvmA4ToHd2vFzwMFaQCiYm2lDFho5rPcvPBT5pCdC+GwHG6CMch4GQfmWTQ1SwRKS0dhDYb54khSrjDWw==} cpu: [x64] os: [linux] + libc: [glibc] '@rollup/rollup-linux-x64-musl@4.34.6': resolution: {integrity: sha512-zmmpOQh8vXc2QITsnCiODCDGXFC8LMi64+/oPpPx5qz3pqv0s6x46ps4xoycfUiVZps5PFn1gksZzo4RGTKT+A==} cpu: [x64] os: [linux] + libc: [musl] '@rollup/rollup-win32-arm64-msvc@4.34.6': resolution: {integrity: sha512-3/q1qUsO/tLqGBaD4uXsB6coVGB3usxw3qyeVb59aArCgedSF66MPdgRStUd7vbZOsko/CgVaY5fo2vkvPLWiA==} @@ -1787,11 +1841,13 @@ packages: '@sqltools/formatter@1.2.5': resolution: {integrity: sha512-Uy0+khmZqUrUGm5dmMqVlnvufZRSK0FbYzVgp0UMstm+F5+W2/jnEEQyc9vo1ZR/E5ZI/B1WjjoTqBqwJL6Krw==} - '@stellar/js-xdr@3.1.2': - resolution: {integrity: sha512-VVolPL5goVEIsvuGqDc5uiKxV03lzfWdvYg1KikvwheDmTBO68CKDji3bAZ/kppZrx5iTA8z3Ld5yuytcvhvOQ==} + '@stellar/js-xdr@4.0.0': + resolution: {integrity: sha512-+NmNa7Tk5BI5XFdy/6xGTqAN4J9a9KgCrCGhj2uEUTCBhLkch0M+QbKzNH8zEnejWe0p8w+0q5hUVX6L3OzoVA==} + engines: {node: '>=20.0.0', pnpm: '>=9.0.0'} - '@stellar/stellar-base@13.0.1': - resolution: {integrity: sha512-Xbd12mc9Oj/130Tv0URmm3wXG77XMshZtZ2yNCjqX5ZbMD5IYpbBs3DVCteLU/4SLj/Fnmhh1dzhrQXnk4r+pQ==} + '@stellar/stellar-base@15.0.0': + resolution: {integrity: sha512-XQhxUr9BYiEcFcgc4oWcCMR9QJCny/GmmGsuwPKf/ieIcOeb5149KLHYx9mJCA0ea8QbucR2/GzV58QbXOTxQA==} + engines: {node: '>=20.0.0'} '@stellarbeat/stellar-halting-analysis@1.2.0': resolution: {integrity: sha512-W/OfQOgIcogIxpwyQ93RTr8Ke55z4/mvqG9UNUdB4AgJLwfgelYFn+RMdmWw4I77koQ3zdw19kuTm6pbg4yUkw==} @@ -1825,24 +1881,28 @@ packages: engines: {node: '>=10'} cpu: [arm64] os: [linux] + libc: [glibc] '@swc/core-linux-arm64-musl@1.7.26': resolution: {integrity: sha512-3w8iZICMkQQON0uIcvz7+Q1MPOW6hJ4O5ETjA0LSP/tuKqx30hIniCGOgPDnv3UTMruLUnQbtBwVCZTBKR3Rkg==} engines: {node: '>=10'} cpu: [arm64] os: [linux] + libc: [musl] '@swc/core-linux-x64-gnu@1.7.26': resolution: {integrity: sha512-c+pp9Zkk2lqb06bNGkR2Looxrs7FtGDMA4/aHjZcCqATgp348hOKH5WPvNLBl+yPrISuWjbKDVn3NgAvfvpH4w==} engines: {node: '>=10'} cpu: [x64] os: [linux] + libc: [glibc] '@swc/core-linux-x64-musl@1.7.26': resolution: {integrity: sha512-PgtyfHBF6xG87dUSSdTJHwZ3/8vWZfNIXQV2GlwEpslrOkGqy+WaiiyE7Of7z9AvDILfBBBcJvJ/r8u980wAfQ==} engines: {node: '>=10'} cpu: [x64] os: [linux] + libc: [musl] '@swc/core-win32-arm64-msvc@1.7.26': resolution: {integrity: sha512-9TNXPIJqFynlAOrRD6tUQjMq7KApSklK3R/tXgIxc7Qx+lWu8hlDQ/kVPLpU7PWvMMwC/3hKBW+p5f+Tms1hmA==} @@ -2468,6 +2528,9 @@ packages: bignumber.js@9.1.2: resolution: {integrity: sha512-2/mKyZH9K85bzOEfhXDBFZTGd1CTs+5IHpeFQo9luiBG7hghdC851Pj2WAhb6E3R6b9tZj/XKhbg4fum+Kepug==} + bignumber.js@9.3.1: + resolution: {integrity: sha512-Ko0uX15oIUS7wJ3Rb30Fs6SkVbLmPBAKdlm7q9+ak9bbIeFf0MwuBsQV6z7+X768/cHsfg+WlysDWJcmthjsjQ==} + binary-extensions@2.3.0: resolution: {integrity: sha512-Ceh+7ox5qe7LJuLHoY0feh3pHuUDHAcRUeyL2VYghZwfpkNIy/+8Ocg0a3UuSoYzavmylwuLWQOf3hl0jjMMIw==} engines: {node: '>=8'} @@ -4076,9 +4139,6 @@ packages: resolution: {integrity: sha512-+EUsqGPLsM+j/zdChZjsnX51g4XrHFOIXwfnCVPGlQk/k5giakcKsuxCObBRu6DSm9opw/O6slWbJdghQM4bBg==} engines: {node: '>= 0.6'} - neverthrow@6.2.2: - resolution: {integrity: sha512-POR1FACqdK9jH0S2kRPzaZEvzT11wsOxLW520PQV/+vKi9dQe+hXq19EiOvYx7lSRaF5VB9lYGsPInynrnN05w==} - neverthrow@8.2.0: resolution: {integrity: sha512-kOCT/1MCPAxY5iUV3wytNFUMUolzuwd/VF/1KCx7kf6CutrOsTie+84zTGTpgQycjvfLdBBdvBvFLqFD2c0wkQ==} engines: {node: '>=18'} @@ -4635,6 +4695,11 @@ packages: resolution: {integrity: sha512-QMEp5B7cftE7APOjk5Y6xgrbWu+WkLVQwk8JNjZ8nKRciZaByEW6MubieAiToS7+dwvrjGhH8jRXz3MVd0AYqQ==} hasBin: true + sha.js@2.4.12: + resolution: {integrity: sha512-8LzC5+bvI45BjpfXU8V5fdU2mfeKiQe1D1gIMn7XUlF3OTUrpdJpPPH4EMAnF0DsHHdSZqCdSss5qCmJKuiO3w==} + engines: {node: '>= 0.10'} + hasBin: true + shallow-equal-object@1.1.1: resolution: {integrity: sha512-9DDzYRlzCwF2CemeF0aOFk5T5KMrjG7HldcW7utwYhA/limuGHn3No8KhpDE8BrO7GLaSRJumNKReipZBybd7A==} @@ -4855,6 +4920,10 @@ packages: tmpl@1.0.5: resolution: {integrity: sha512-3f0uOEAQwIqGuWW2MVzYg8fV/QNnc/IpuJNG837rLuczAaLVHslWHZQj4IGiEl5Hs3kkbhwL9Ab7Hrsmuj+Smw==} + to-buffer@1.2.2: + resolution: {integrity: sha512-db0E3UJjcFhpDhAF4tLo03oli3pwl3dbnzXOUIlRKrp+ldk/VUxzpWYZENsw2SZiuBjHAk7DfB0VU7NKdpb6sw==} + engines: {node: '>= 0.4'} + to-regex-range@5.0.1: resolution: {integrity: sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==} engines: {node: '>=8.0'} @@ -4949,9 +5018,6 @@ packages: tslib@2.8.1: resolution: {integrity: sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==} - tweetnacl@1.0.3: - resolution: {integrity: sha512-6rt+RN7aOi1nGMyC4Xa5DdYiukl2UWCbcJft7YhxReBGQD7OAM8Pbxw6YMo4r2diNEA8FEmu32YOn9rhaiE5yw==} - type-check@0.4.0: resolution: {integrity: sha512-XleUoc9uwGXqjWwXaUTZAmzMcFZ5858QA2vvx1Ur5xIcixXIP+8LnFDgRplU30us6teqdlskFfu+ae4K79Ooew==} engines: {node: '>= 0.8.0'} @@ -6423,6 +6489,12 @@ snapshots: '@kurkle/color@0.3.2': {} + '@noble/curves@1.9.7': + dependencies: + '@noble/hashes': 1.8.0 + + '@noble/hashes@1.8.0': {} + '@nodelib/fs.scandir@2.1.5': dependencies: '@nodelib/fs.stat': 2.0.5 @@ -6944,18 +7016,16 @@ snapshots: '@sqltools/formatter@1.2.5': {} - '@stellar/js-xdr@3.1.2': {} + '@stellar/js-xdr@4.0.0': {} - '@stellar/stellar-base@13.0.1': + '@stellar/stellar-base@15.0.0': dependencies: - '@stellar/js-xdr': 3.1.2 + '@noble/curves': 1.9.7 + '@stellar/js-xdr': 4.0.0 base32.js: 0.1.0 - bignumber.js: 9.1.2 + bignumber.js: 9.3.1 buffer: 6.0.3 - sha.js: 2.4.11 - tweetnacl: 1.0.3 - optionalDependencies: - sodium-native: 4.3.1 + sha.js: 2.4.12 '@stellarbeat/stellar-halting-analysis@1.2.0': {} @@ -7765,6 +7835,8 @@ snapshots: bignumber.js@9.1.2: {} + bignumber.js@9.3.1: {} + binary-extensions@2.3.0: {} blocked-at@1.2.0: {} @@ -9607,8 +9679,6 @@ snapshots: negotiator@0.6.3: {} - neverthrow@6.2.2: {} - neverthrow@8.2.0: optionalDependencies: '@rollup/rollup-linux-x64-gnu': 4.34.6 @@ -10205,6 +10275,12 @@ snapshots: inherits: 2.0.4 safe-buffer: 5.2.1 + sha.js@2.4.12: + dependencies: + inherits: 2.0.4 + safe-buffer: 5.2.1 + to-buffer: 1.2.2 + shallow-equal-object@1.1.1: {} shebang-command@2.0.0: @@ -10463,6 +10539,12 @@ snapshots: tmpl@1.0.5: {} + to-buffer@1.2.2: + dependencies: + isarray: 2.0.5 + safe-buffer: 5.2.1 + typed-array-buffer: 1.0.3 + to-regex-range@5.0.1: dependencies: is-number: 7.0.0 @@ -10583,8 +10665,6 @@ snapshots: tslib@2.8.1: {} - tweetnacl@1.0.3: {} - type-check@0.4.0: dependencies: prelude-ls: 1.2.1 diff --git a/terraform/modules/app_platform/main.tf b/terraform/modules/app_platform/main.tf index 32543ca7..91c49979 100644 --- a/terraform/modules/app_platform/main.tf +++ b/terraform/modules/app_platform/main.tf @@ -1035,7 +1035,7 @@ resource "digitalocean_app" "radar" { env { key = "PNPM_VERSION" - value = "9.15.0" + value = "10.33.0" } # Use database connection string with doadmin user (already has all necessary permissions) @@ -1132,7 +1132,7 @@ resource "digitalocean_app" "radar" { failure_threshold = 5 } - build_command = "npm install -g pnpm@9.15.0 && NODE_ENV=development pnpm install --frozen-lockfile && pnpm build:ts && pnpm --filter shared run post-build && pnpm --filter users run build && pnpm --filter users run post-build" + build_command = "corepack enable && corepack prepare pnpm@10.33.0 --activate && NODE_ENV=development pnpm install --frozen-lockfile && pnpm build:ts && pnpm --filter shared run post-build && pnpm --filter users run build && pnpm --filter users run post-build" run_command = "pnpm --filter users start" } } From 89236df2dab5b50fe9e43a5f38670cb5353ada60 Mon Sep 17 00:00:00 2001 From: Tillman Mosley III Date: Tue, 7 Apr 2026 21:23:28 -0400 Subject: [PATCH 02/13] version fix --- .github/workflows/ci-cd.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml index 87981d15..563480c1 100644 --- a/.github/workflows/ci-cd.yml +++ b/.github/workflows/ci-cd.yml @@ -60,7 +60,7 @@ jobs: uses: actions/checkout@v4 - uses: pnpm/action-setup@v2 with: - version: 9.15.0 + version: 10.33.0 run_install: false - name: Set up Go uses: actions/setup-go@v5 From 827e26e01aa7c4d79a97737b98ee89726bc400e9 Mon Sep 17 00:00:00 2001 From: Tillman Mosley III Date: Tue, 7 Apr 2026 21:28:32 -0400 Subject: [PATCH 03/13] update dependencies --- package.json | 1 + pnpm-lock.yaml | 3 +++ 2 files changed, 4 insertions(+) diff --git a/package.json b/package.json index e1c3efb4..f2ee57f5 100644 --- a/package.json +++ b/package.json @@ -70,6 +70,7 @@ ] }, "devDependencies": { + "@eslint/js": "^9.20.0", "@types/jest": "29.5.6", "@types/node": "^22.13.10", "@typescript-eslint/eslint-plugin": "8.24.0", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 40c3e836..2ed63a1a 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -27,6 +27,9 @@ importers: specifier: ^0.2.2 version: 0.2.2 devDependencies: + '@eslint/js': + specifier: ^9.20.0 + version: 9.20.0 '@types/jest': specifier: 29.5.6 version: 29.5.6 From 427eecba5ae2c26ddd9726471459e71d0ee3750e Mon Sep 17 00:00:00 2001 From: Tillman Mosley III Date: Tue, 7 Apr 2026 21:35:49 -0400 Subject: [PATCH 04/13] update dependencies --- package.json | 3 ++- pnpm-lock.yaml | 20 ++++++++++++++++++++ 2 files changed, 22 insertions(+), 1 deletion(-) diff --git a/package.json b/package.json index f2ee57f5..311b7552 100644 --- a/package.json +++ b/package.json @@ -87,6 +87,7 @@ "prettier": "3.3.3", "ts-jest": "29.2.5", "ts-node": "10.9.2", - "typescript": "^5.8.2" + "typescript": "^5.8.2", + "typescript-eslint": "8.24.0" } } diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 2ed63a1a..ec7b240c 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -81,6 +81,9 @@ importers: typescript: specifier: ^5.8.2 version: 5.8.2 + typescript-eslint: + specifier: 8.24.0 + version: 8.24.0(eslint@9.20.0(jiti@1.21.7))(typescript@5.8.2) apps/backend: dependencies: @@ -5119,6 +5122,13 @@ packages: typeorm-aurora-data-api-driver: optional: true + typescript-eslint@8.24.0: + resolution: {integrity: sha512-/lmv4366en/qbB32Vz5+kCNZEMf6xYHwh1z48suBwZvAtnXKbP+YhGe8OLE2BqC67LMqKkCNLtjejdwsdW6uOQ==} + engines: {node: ^18.18.0 || ^20.9.0 || >=21.1.0} + peerDependencies: + eslint: ^8.57.0 || ^9.0.0 + typescript: '>=4.8.4 <5.8.0' + typescript-eslint@8.31.0: resolution: {integrity: sha512-u+93F0sB0An8WEAPtwxVhFby573E8ckdjwUUQUj9QA4v8JAvgtoDdIyYR3XFwFHq2W1KJ1AurwJCO+w+Y1ixyQ==} engines: {node: ^18.18.0 || ^20.9.0 || >=21.1.0} @@ -10765,6 +10775,16 @@ snapshots: transitivePeerDependencies: - supports-color + typescript-eslint@8.24.0(eslint@9.20.0(jiti@1.21.7))(typescript@5.8.2): + dependencies: + '@typescript-eslint/eslint-plugin': 8.24.0(@typescript-eslint/parser@8.24.0(eslint@9.20.0(jiti@1.21.7))(typescript@5.8.2))(eslint@9.20.0(jiti@1.21.7))(typescript@5.8.2) + '@typescript-eslint/parser': 8.24.0(eslint@9.20.0(jiti@1.21.7))(typescript@5.8.2) + '@typescript-eslint/utils': 8.24.0(eslint@9.20.0(jiti@1.21.7))(typescript@5.8.2) + eslint: 9.20.0(jiti@1.21.7) + typescript: 5.8.2 + transitivePeerDependencies: + - supports-color + typescript-eslint@8.31.0(eslint@9.20.0(jiti@1.21.7))(typescript@5.8.2): dependencies: '@typescript-eslint/eslint-plugin': 8.31.0(@typescript-eslint/parser@8.31.0(eslint@9.20.0(jiti@1.21.7))(typescript@5.8.2))(eslint@9.20.0(jiti@1.21.7))(typescript@5.8.2) From 1f88bd7c01e243965cc3c412ef46d07cc58a3ceb Mon Sep 17 00:00:00 2001 From: Tillman Mosley III Date: Tue, 7 Apr 2026 21:40:14 -0400 Subject: [PATCH 05/13] update dependency --- eslint.config.mjs | 2 -- package.json | 3 +-- pnpm-lock.yaml | 20 -------------------- 3 files changed, 1 insertion(+), 24 deletions(-) diff --git a/eslint.config.mjs b/eslint.config.mjs index 38643977..7f11c7ad 100644 --- a/eslint.config.mjs +++ b/eslint.config.mjs @@ -1,5 +1,4 @@ import eslintJs from '@eslint/js'; -import eslintTs from 'typescript-eslint'; import pluginVue from 'eslint-plugin-vue'; import skipFormatting from '@vue/eslint-config-prettier/skip-formatting'; import vueTsEslintConfig from '@vue/eslint-config-typescript'; @@ -26,7 +25,6 @@ const customTypescriptConfig = { export default [ { ignores: ['**/lib/*', '**/dist/*', 'node_modules', '**/venv/**'] }, // global ignores eslintJs.configs.recommended, - ...eslintTs.configs.recommended, ...pluginVue.configs['flat/vue2-recommended'], ...vueTsEslintConfig(), skipFormatting, diff --git a/package.json b/package.json index 311b7552..f2ee57f5 100644 --- a/package.json +++ b/package.json @@ -87,7 +87,6 @@ "prettier": "3.3.3", "ts-jest": "29.2.5", "ts-node": "10.9.2", - "typescript": "^5.8.2", - "typescript-eslint": "8.24.0" + "typescript": "^5.8.2" } } diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index ec7b240c..2ed63a1a 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -81,9 +81,6 @@ importers: typescript: specifier: ^5.8.2 version: 5.8.2 - typescript-eslint: - specifier: 8.24.0 - version: 8.24.0(eslint@9.20.0(jiti@1.21.7))(typescript@5.8.2) apps/backend: dependencies: @@ -5122,13 +5119,6 @@ packages: typeorm-aurora-data-api-driver: optional: true - typescript-eslint@8.24.0: - resolution: {integrity: sha512-/lmv4366en/qbB32Vz5+kCNZEMf6xYHwh1z48suBwZvAtnXKbP+YhGe8OLE2BqC67LMqKkCNLtjejdwsdW6uOQ==} - engines: {node: ^18.18.0 || ^20.9.0 || >=21.1.0} - peerDependencies: - eslint: ^8.57.0 || ^9.0.0 - typescript: '>=4.8.4 <5.8.0' - typescript-eslint@8.31.0: resolution: {integrity: sha512-u+93F0sB0An8WEAPtwxVhFby573E8ckdjwUUQUj9QA4v8JAvgtoDdIyYR3XFwFHq2W1KJ1AurwJCO+w+Y1ixyQ==} engines: {node: ^18.18.0 || ^20.9.0 || >=21.1.0} @@ -10775,16 +10765,6 @@ snapshots: transitivePeerDependencies: - supports-color - typescript-eslint@8.24.0(eslint@9.20.0(jiti@1.21.7))(typescript@5.8.2): - dependencies: - '@typescript-eslint/eslint-plugin': 8.24.0(@typescript-eslint/parser@8.24.0(eslint@9.20.0(jiti@1.21.7))(typescript@5.8.2))(eslint@9.20.0(jiti@1.21.7))(typescript@5.8.2) - '@typescript-eslint/parser': 8.24.0(eslint@9.20.0(jiti@1.21.7))(typescript@5.8.2) - '@typescript-eslint/utils': 8.24.0(eslint@9.20.0(jiti@1.21.7))(typescript@5.8.2) - eslint: 9.20.0(jiti@1.21.7) - typescript: 5.8.2 - transitivePeerDependencies: - - supports-color - typescript-eslint@8.31.0(eslint@9.20.0(jiti@1.21.7))(typescript@5.8.2): dependencies: '@typescript-eslint/eslint-plugin': 8.31.0(@typescript-eslint/parser@8.31.0(eslint@9.20.0(jiti@1.21.7))(typescript@5.8.2))(eslint@9.20.0(jiti@1.21.7))(typescript@5.8.2) From f48dfc7617302f405ec81481f7cd096f33d00901 Mon Sep 17 00:00:00 2001 From: Tillman Mosley III Date: Tue, 7 Apr 2026 21:50:08 -0400 Subject: [PATCH 06/13] update history scanner dockerfile --- apps/history-scanner/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/history-scanner/Dockerfile b/apps/history-scanner/Dockerfile index ee9b4240..04861561 100644 --- a/apps/history-scanner/Dockerfile +++ b/apps/history-scanner/Dockerfile @@ -9,7 +9,7 @@ FROM node:20-alpine AS app-builder WORKDIR /app # Install pnpm -RUN npm install -g pnpm@9.15.0 +RUN npm install -g pnpm@10.33.0 # Copy workspace files COPY pnpm-workspace.yaml ./ From e9183cbfce2c57fdab1e57a2ba963fe1e97e2052 Mon Sep 17 00:00:00 2001 From: Tillman Mosley III Date: Tue, 7 Apr 2026 22:03:51 -0400 Subject: [PATCH 07/13] update dockerfile --- apps/history-scanner/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/history-scanner/Dockerfile b/apps/history-scanner/Dockerfile index 04861561..1b0b580a 100644 --- a/apps/history-scanner/Dockerfile +++ b/apps/history-scanner/Dockerfile @@ -38,7 +38,7 @@ RUN pnpm --filter shared build && \ RUN mkdir -p /prod/history-scanner # Use pnpm deploy for dependencies -RUN pnpm --filter history-scanner deploy --prod /prod/history-scanner +RUN pnpm --filter history-scanner deploy --legacy --prod /prod/history-scanner # Explicitly copy the built lib/ directory (pnpm deploy may not include it) RUN cp -r /app/apps/history-scanner/lib /prod/history-scanner/lib From 337ed4cfbea543436b11d09851a4e935a30de185 Mon Sep 17 00:00:00 2001 From: Tillman Mosley III Date: Thu, 9 Apr 2026 09:34:21 -0400 Subject: [PATCH 08/13] workflow updates --- .github/workflows/ci-cd.yml | 171 +++++++--------- .github/workflows/destroy-staging.yml | 190 ++++++++++++++++++ .gitignore | 1 + .../environments/staging/write-tfvars.sh | 110 ++++++++++ 4 files changed, 370 insertions(+), 102 deletions(-) create mode 100644 .github/workflows/destroy-staging.yml create mode 100755 terraform/environments/staging/write-tfvars.sh diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml index 563480c1..b1bc6e5a 100644 --- a/.github/workflows/ci-cd.yml +++ b/.github/workflows/ci-cd.yml @@ -130,9 +130,9 @@ jobs: plan-staging: name: 'Plan Staging Environment' needs: [test] - # Skip the terraform-lint dependency for push events to main + # Staging is only deployed from PRs, so only plan it on PR events if: > - always() && + github.event_name == 'pull_request' && needs.test.result == 'success' runs-on: ubuntu-latest environment: obsrvr-radar-staging @@ -162,105 +162,69 @@ jobs: working-directory: ./terraform/environments/staging run: terraform validate - # Create tfvars file for staging from environment secrets - - name: Create tfvars file for Staging + # Generate tfvars for staging by calling the shared script. + # The heredoc that used to live inline has been extracted to + # terraform/environments/staging/write-tfvars.sh so the same script + # is used by the destroy workflow (single source of truth). + - name: Generate tfvars for Staging working-directory: ./terraform/environments/staging - run: | - cat > terraform.auto.tfvars < + github.event_name == 'pull_request' && needs.plan-staging.result == 'success' && needs.plan-production.result == 'success' runs-on: ubuntu-latest @@ -516,8 +481,10 @@ jobs: echo "Running staging tests..." approve-production-deployment: - needs: [deploy-staging] - if: github.ref == 'refs/heads/main' + needs: [plan-production] + if: > + github.ref == 'refs/heads/main' && + needs.plan-production.result == 'success' runs-on: ubuntu-latest environment: name: obsrvr-radar-production-approval diff --git a/.github/workflows/destroy-staging.yml b/.github/workflows/destroy-staging.yml new file mode 100644 index 00000000..5fcabef9 --- /dev/null +++ b/.github/workflows/destroy-staging.yml @@ -0,0 +1,190 @@ +name: Destroy Staging on PR Close + +# Triggered when a PR targeting main is closed. The plan-destroy job is gated +# on `merged == true` so only merged PRs trigger a destroy (abandoned PRs +# leave staging alone). +# +# The destroy is split into two jobs so the destroy plan can be reviewed +# in the job logs before the apply runs: +# +# 1. plan-destroy-staging — generates and prints the destroy plan +# 2. destroy-staging — applies the plan; gated on the +# `obsrvr-radar-staging-destroy` environment, +# which is configured with required reviewers +# in GitHub → Settings → Environments. +# +# Once you are comfortable with the destroys, remove the required reviewer +# from the environment (no workflow change needed). + +on: + pull_request: + branches: + - main + types: [closed] + +permissions: + contents: read + +jobs: + plan-destroy-staging: + name: 'Plan Staging Destroy' + if: github.event.pull_request.merged == true + runs-on: ubuntu-latest + environment: obsrvr-radar-staging + env: + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + AWS_REGION: ${{ secrets.AWS_REGION }} + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup Terraform + uses: hashicorp/setup-terraform@v3 + + - name: Terraform Init - Staging + working-directory: ./terraform/environments/staging + run: + terraform init -backend-config="access_key=${{ + secrets.AWS_ACCESS_KEY_ID }}" -backend-config="secret_key=${{ + secrets.AWS_SECRET_ACCESS_KEY }}" + + # Use the same shared script as plan-staging so the tfvars stay in sync. + - name: Generate tfvars for Staging + working-directory: ./terraform/environments/staging + env: + DIGITALOCEAN_ACCESS_TOKEN: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }} + GIT_BRANCH: ${{ github.head_ref || github.ref_name }} + REGION: ${{ vars.REGION || 'nyc3' }} + REPO_URL: ${{ github.server_url }}/${{ github.repository }}.git + AWS_BUCKET_NAME: ${{ secrets.AWS_BUCKET_NAME }} + STAGING_API_KEY: ${{ secrets.STAGING_API_KEY }} + STAGING_JWT_SECRET: ${{ secrets.STAGING_JWT_SECRET }} + STAGING_DOMAIN: ${{ secrets.STAGING_DOMAIN }} + IPSTACK_ACCESS_KEY: ${{ secrets.IPSTACK_ACCESS_KEY }} + MAILGUN_SECRET: ${{ secrets.MAILGUN_SECRET }} + MAILGUN_DOMAIN: ${{ secrets.MAILGUN_DOMAIN }} + MAILGUN_FROM: ${{ secrets.MAILGUN_FROM }} + MAILGUN_BASE_URL: ${{ secrets.MAILGUN_BASE_URL }} + ENCRYPTION_SECRET: ${{ secrets.ENCRYPTION_SECRET }} + HASH_SECRET: ${{ secrets.HASH_SECRET }} + CONSUMER_SECRET: ${{ secrets.CONSUMER_SECRET }} + CONSUMER_NAME: ${{ secrets.CONSUMER_NAME }} + DATABASE_POOL_SIZE: ${{ vars.DATABASE_POOL_SIZE }} + DATABASE_TEST_URL: ${{ secrets.DATABASE_TEST_URL }} + DEBUG: ${{ secrets.DEBUG }} + SENTRY_DSN: ${{ secrets.SENTRY_DSN }} + DEADMAN_URL: ${{ secrets.DEADMAN_URL }} + COORDINATOR_API_USERNAME: ${{ secrets.COORDINATOR_API_USERNAME }} + COORDINATOR_API_PASSWORD: ${{ secrets.COORDINATOR_API_PASSWORD }} + COORDINATOR_API_BASE_URL: ${{ secrets.COORDINATOR_API_BASE_URL }} + HISTORY_SCAN_API_USERNAME: ${{ secrets.HISTORY_SCAN_API_USERNAME }} + HISTORY_SCAN_API_PASSWORD: ${{ secrets.HISTORY_SCAN_API_PASSWORD }} + USER_SERVICE_USERNAME: ${{ secrets.USER_SERVICE_USERNAME }} + USER_SERVICE_PASSWORD: ${{ secrets.USER_SERVICE_PASSWORD }} + INSTANCE_SIZE: ${{ secrets.INSTANCE_SIZE }} + HISTORY_SCANNER_INSTANCE_SIZE: ${{ secrets.HISTORY_SCANNER_INSTANCE_SIZE }} + HISTORY_SCANNER_WORKER_COUNT: ${{ vars.HISTORY_SCANNER_WORKER_COUNT }} + CRAWLER_BLACKLIST: ${{ secrets.CRAWLER_BLACKLIST }} + USER_SERVICE_BASE_URL: ${{ secrets.USER_SERVICE_BASE_URL }} + FRONTEND_BASE_URL: ${{ secrets.FRONTEND_BASE_URL }} + HORIZON_URL: ${{ secrets.HORIZON_URL }} + NETWORK_PASSPHRASE: ${{ secrets.NETWORK_PASSPHRASE }} + NETWORK_ID: ${{ secrets.NETWORK_ID }} + NETWORK_NAME: ${{ secrets.NETWORK_NAME }} + NETWORK_OVERLAY_VERSION: ${{ secrets.NETWORK_OVERLAY_VERSION }} + NETWORK_LEDGER_VERSION: ${{ secrets.NETWORK_LEDGER_VERSION }} + NETWORK_OVERLAY_MIN_VERSION: ${{ secrets.NETWORK_OVERLAY_MIN_VERSION }} + NETWORK_STELLAR_CORE_VERSION: ${{ secrets.NETWORK_STELLAR_CORE_VERSION }} + NETWORK_QUORUM_SET: ${{ secrets.NETWORK_QUORUM_SET }} + NETWORK_KNOWN_PEERS: ${{ secrets.NETWORK_KNOWN_PEERS }} + TESTNET_HORIZON_URL: ${{ secrets.TESTNET_HORIZON_URL }} + TESTNET_NETWORK_PASSPHRASE: ${{ secrets.TESTNET_NETWORK_PASSPHRASE }} + TESTNET_NETWORK_ID: ${{ secrets.TESTNET_NETWORK_ID }} + TESTNET_NETWORK_NAME: ${{ secrets.TESTNET_NETWORK_NAME }} + TESTNET_NETWORK_OVERLAY_VERSION: ${{ secrets.TESTNET_NETWORK_OVERLAY_VERSION }} + TESTNET_NETWORK_LEDGER_VERSION: ${{ secrets.TESTNET_NETWORK_LEDGER_VERSION }} + TESTNET_NETWORK_OVERLAY_MIN_VERSION: ${{ secrets.TESTNET_NETWORK_OVERLAY_MIN_VERSION }} + TESTNET_NETWORK_STELLAR_CORE_VERSION: ${{ secrets.TESTNET_NETWORK_STELLAR_CORE_VERSION }} + TESTNET_NETWORK_QUORUM_SET: ${{ secrets.TESTNET_NETWORK_QUORUM_SET }} + TESTNET_NETWORK_KNOWN_PEERS: ${{ secrets.TESTNET_NETWORK_KNOWN_PEERS }} + run: ./write-tfvars.sh + + - name: Terraform Plan Destroy - Staging + working-directory: ./terraform/environments/staging + run: terraform plan -destroy -input=false -no-color -out=tf-plan-destroy-staging + + # Print the destroy plan to the job logs so reviewers can read it + # before approving the destroy-staging job. + - name: Show Destroy Plan + working-directory: ./terraform/environments/staging + run: terraform show -no-color tf-plan-destroy-staging + + - name: Encrypt Terraform plan + working-directory: ./terraform/environments/staging + env: + PLAN_ENCRYPTION_KEY: ${{ secrets.PLAN_ENCRYPTION_KEY }} + run: | + echo "$PLAN_ENCRYPTION_KEY" > passphrase.txt + gpg --batch --yes --symmetric --cipher-algo AES256 --passphrase-file passphrase.txt --output tf-plan-destroy-staging.gpg tf-plan-destroy-staging + rm tf-plan-destroy-staging passphrase.txt + + - name: Save Destroy Plan Artifact + uses: actions/upload-artifact@v4 + with: + name: terraform-plan-destroy-staging + path: ./terraform/environments/staging/tf-plan-destroy-staging.gpg + retention-days: 1 + if-no-files-found: error + overwrite: true + + destroy-staging: + name: 'Destroy Staging Environment' + needs: [plan-destroy-staging] + if: needs.plan-destroy-staging.result == 'success' + runs-on: ubuntu-latest + # Share the staging-deploy concurrency group so a destroy can't race + # against a deploy that's in flight. + concurrency: + group: staging-deploy + cancel-in-progress: false + # Dedicated environment so you can require reviewers on destroys + # without gating normal staging deploys. Configure required reviewers + # in GitHub → Settings → Environments → obsrvr-radar-staging-destroy. + environment: obsrvr-radar-staging + permissions: + contents: read + env: + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + AWS_REGION: ${{ secrets.AWS_REGION }} + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Setup Terraform + uses: hashicorp/setup-terraform@v3 + + - name: Terraform Init - Staging + working-directory: ./terraform/environments/staging + run: | + terraform init -backend-config="access_key=${{ secrets.AWS_ACCESS_KEY_ID }}" -backend-config="secret_key=${{ secrets.AWS_SECRET_ACCESS_KEY }}" + + - name: Download Destroy Plan + uses: actions/download-artifact@v4 + with: + name: terraform-plan-destroy-staging + path: ./terraform/environments/staging + + - name: Decrypt Terraform plan + working-directory: ./terraform/environments/staging + env: + PLAN_ENCRYPTION_KEY: ${{ secrets.PLAN_ENCRYPTION_KEY }} + run: | + echo "$PLAN_ENCRYPTION_KEY" > passphrase.txt + gpg --batch --yes --decrypt --passphrase-file passphrase.txt --output tf-plan-destroy-staging tf-plan-destroy-staging.gpg + rm passphrase.txt + + - name: Apply Destroy Plan + working-directory: ./terraform/environments/staging + run: terraform apply -auto-approve tf-plan-destroy-staging diff --git a/.gitignore b/.gitignore index 9ab2ae4b..5697cb49 100644 --- a/.gitignore +++ b/.gitignore @@ -37,3 +37,4 @@ CODEBASE_RESEARCH_AND_RECOMMENDATIONS.md REVENUE-STRATEGY.md docs/OBSRVR_Radar_Quarterly_Report_Jan_2026 (1).pdf docs/OBSRVR_Radar_Quarterly_Report_Q1_2026.pdf +terraform/environments/staging/terraform.auto_copy.tfvars_old diff --git a/terraform/environments/staging/write-tfvars.sh b/terraform/environments/staging/write-tfvars.sh new file mode 100755 index 00000000..0aefebd0 --- /dev/null +++ b/terraform/environments/staging/write-tfvars.sh @@ -0,0 +1,110 @@ +#!/usr/bin/env bash +# Generates terraform.auto.tfvars for the staging environment. +# +# Expects all secrets/variables to be available as environment variables. +# Called from CI workflows so the heredoc lives in exactly one place +# (shared between plan-staging and the destroy workflow). +# +# For values with defaults, bash parameter expansion is used: +# ${VAR:-default} → use VAR if set & non-empty, otherwise "default" +set -euo pipefail + +cd "$(dirname "$0")" + +cat > terraform.auto.tfvars < Date: Thu, 9 Apr 2026 09:56:34 -0400 Subject: [PATCH 09/13] update variables --- .github/workflows/ci-cd.yml | 2 + .github/workflows/destroy-staging.yml | 1 + terraform/environments/production/main.tf | 1 + .../environments/production/variables.tf | 6 ++ terraform/environments/staging/main.tf | 11 ++-- terraform/environments/staging/variables.tf | 6 ++ .../environments/staging/write-tfvars.sh | 1 + terraform/modules/app_platform/main.tf | 56 +++++++++++++++++++ terraform/modules/app_platform/variables.tf | 15 +++++ 9 files changed, 94 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml index b1bc6e5a..2e5a945a 100644 --- a/.github/workflows/ci-cd.yml +++ b/.github/workflows/ci-cd.yml @@ -171,6 +171,7 @@ jobs: env: DIGITALOCEAN_ACCESS_TOKEN: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }} GIT_BRANCH: ${{ github.head_ref || github.ref_name }} + DEPLOYED_SHA: ${{ github.event.pull_request.head.sha || github.sha }} REGION: ${{ vars.REGION || 'nyc3' }} REPO_URL: ${{ github.server_url }}/${{ github.repository }}.git AWS_BUCKET_NAME: ${{ secrets.AWS_BUCKET_NAME }} @@ -297,6 +298,7 @@ jobs: # Core credentials do_token = "${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }}" git_branch = "main" + deployed_sha = "${{ github.sha }}" region = "${{ vars.REGION || 'nyc3' }}" aws_access_key = "${{ secrets.AWS_ACCESS_KEY_ID }}" aws_secret_access_key = "${{ secrets.AWS_SECRET_ACCESS_KEY }}" diff --git a/.github/workflows/destroy-staging.yml b/.github/workflows/destroy-staging.yml index 5fcabef9..da1e2047 100644 --- a/.github/workflows/destroy-staging.yml +++ b/.github/workflows/destroy-staging.yml @@ -55,6 +55,7 @@ jobs: env: DIGITALOCEAN_ACCESS_TOKEN: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }} GIT_BRANCH: ${{ github.head_ref || github.ref_name }} + DEPLOYED_SHA: ${{ github.event.pull_request.head.sha || github.sha }} REGION: ${{ vars.REGION || 'nyc3' }} REPO_URL: ${{ github.server_url }}/${{ github.repository }}.git AWS_BUCKET_NAME: ${{ secrets.AWS_BUCKET_NAME }} diff --git a/terraform/environments/production/main.tf b/terraform/environments/production/main.tf index 62914e1f..c203ae05 100644 --- a/terraform/environments/production/main.tf +++ b/terraform/environments/production/main.tf @@ -20,6 +20,7 @@ module "app_platform" { repo_url = var.repo_url domain_name = var.domain_name git_branch = var.git_branch + deployed_sha = var.deployed_sha database_version_postgres = var.database_version_postgres environment = "production" diff --git a/terraform/environments/production/variables.tf b/terraform/environments/production/variables.tf index b1950861..b1ea7fee 100644 --- a/terraform/environments/production/variables.tf +++ b/terraform/environments/production/variables.tf @@ -297,6 +297,12 @@ variable "git_branch" { default = "main" } +variable "deployed_sha" { + description = "Commit SHA forcing function for DO App Platform redeploys. See module docs." + type = string + default = "" +} + variable "domain_name" { description = "Domain name for the application" type = string diff --git a/terraform/environments/staging/main.tf b/terraform/environments/staging/main.tf index f78ba5c3..20379b98 100644 --- a/terraform/environments/staging/main.tf +++ b/terraform/environments/staging/main.tf @@ -15,11 +15,12 @@ provider "digitalocean" { module "app_platform" { source = "../../modules/app_platform" - app_name = "radar-staging" - region = var.region - repo_url = var.repo_url - domain_name = var.domain_name - git_branch = var.git_branch + app_name = "radar-staging" + region = var.region + repo_url = var.repo_url + domain_name = var.domain_name + git_branch = var.git_branch + deployed_sha = var.deployed_sha environment = "staging" instance_size = "apps-s-1vcpu-1gb" diff --git a/terraform/environments/staging/variables.tf b/terraform/environments/staging/variables.tf index eb97365d..aa7bfa77 100644 --- a/terraform/environments/staging/variables.tf +++ b/terraform/environments/staging/variables.tf @@ -289,6 +289,12 @@ variable "git_branch" { default = "main" } +variable "deployed_sha" { + description = "Commit SHA forcing function for DO App Platform redeploys. See module docs." + type = string + default = "" +} + variable "domain_name" { description = "Domain name for the application" type = string diff --git a/terraform/environments/staging/write-tfvars.sh b/terraform/environments/staging/write-tfvars.sh index 0aefebd0..fb64118e 100755 --- a/terraform/environments/staging/write-tfvars.sh +++ b/terraform/environments/staging/write-tfvars.sh @@ -15,6 +15,7 @@ cat > terraform.auto.tfvars < Date: Thu, 9 Apr 2026 10:22:08 -0400 Subject: [PATCH 10/13] update workflow --- .github/workflows/ci-cd.yml | 17 +++++++++-------- terraform/environments/staging/write-tfvars.sh | 12 ++++++------ 2 files changed, 15 insertions(+), 14 deletions(-) diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml index 2e5a945a..01a87276 100644 --- a/.github/workflows/ci-cd.yml +++ b/.github/workflows/ci-cd.yml @@ -374,20 +374,21 @@ jobs: network_passphrase = "${{ secrets.NETWORK_PASSPHRASE || 'Public Global Stellar Network ; September 2015' }}" network_id = "${{ secrets.NETWORK_ID || 'public' }}" network_name = "${{ secrets.NETWORK_NAME || 'Public Stellar Network' }}" - network_overlay_version = "${{ secrets.NETWORK_OVERLAY_VERSION || 37 }}" - network_ledger_version = "${{ secrets.NETWORK_LEDGER_VERSION || 22 }}" - network_overlay_min_version = "${{ secrets.NETWORK_OVERLAY_MIN_VERSION || 35 }}" - network_stellar_core_version = "${{ secrets.NETWORK_STELLAR_CORE_VERSION || '22.2.0' }}" + # *_version fields below are typed as number in variables.tf — must NOT be quoted. + network_overlay_version = ${{ secrets.NETWORK_OVERLAY_VERSION || 40 }} + network_ledger_version = ${{ secrets.NETWORK_LEDGER_VERSION || 25 }} + network_overlay_min_version = ${{ secrets.NETWORK_OVERLAY_MIN_VERSION || 35 }} + network_stellar_core_version = "${{ secrets.NETWORK_STELLAR_CORE_VERSION || '25.0.0' }}" network_quorum_set = "${{ secrets.NETWORK_QUORUM_SET || '' }}" network_known_peers = "${{ secrets.NETWORK_KNOWN_PEERS || ''}}" testnet_horizon_url = "${{ secrets.TESTNET_HORIZON_URL || 'https://horizon-testnet.stellar.org' }}" testnet_network_passphrase = "${{ secrets.TESTNET_NETWORK_PASSPHRASE || 'Test SDF Network ; September 2015' }}" testnet_network_id = "${{ secrets.TESTNET_NETWORK_ID || 'testnet' }}" testnet_network_name = "${{ secrets.TESTNET_NETWORK_NAME || 'Stellar Testnet' }}" - testnet_network_overlay_version = "${{ secrets.TESTNET_NETWORK_OVERLAY_VERSION || 37 }}" - testnet_network_ledger_version = "${{ secrets.TESTNET_NETWORK_LEDGER_VERSION || 22 }}" - testnet_network_overlay_min_version = "${{ secrets.TESTNET_NETWORK_OVERLAY_MIN_VERSION || 35 }}" - testnet_network_stellar_core_version = "${{ secrets.TESTNET_NETWORK_STELLAR_CORE_VERSION || '22.2.0' }}" + testnet_network_overlay_version = ${{ secrets.TESTNET_NETWORK_OVERLAY_VERSION || 40 }} + testnet_network_ledger_version = ${{ secrets.TESTNET_NETWORK_LEDGER_VERSION || 25 }} + testnet_network_overlay_min_version = ${{ secrets.TESTNET_NETWORK_OVERLAY_MIN_VERSION || 35 }} + testnet_network_stellar_core_version = "${{ secrets.TESTNET_NETWORK_STELLAR_CORE_VERSION || '25.0.0' }}" testnet_network_quorum_set = "${{ secrets.TESTNET_NETWORK_QUORUM_SET || '' }}" testnet_network_known_peers = "${{ secrets.TESTNET_NETWORK_KNOWN_PEERS || '54.166.220.249:11625,44.223.45.116:11625,54.159.138.198:11625' }}" EOF diff --git a/terraform/environments/staging/write-tfvars.sh b/terraform/environments/staging/write-tfvars.sh index fb64118e..31776051 100755 --- a/terraform/environments/staging/write-tfvars.sh +++ b/terraform/environments/staging/write-tfvars.sh @@ -90,9 +90,9 @@ horizon_url = "${HORIZON_URL:-https://horizon.stellar.org}" network_passphrase = "${NETWORK_PASSPHRASE:-Public Global Stellar Network ; September 2015}" network_id = "${NETWORK_ID:-public}" network_name = "${NETWORK_NAME:-Public Stellar Network}" -network_overlay_version = "${NETWORK_OVERLAY_VERSION:-40}" -network_ledger_version = "${NETWORK_LEDGER_VERSION:-25}" -network_overlay_min_version = "${NETWORK_OVERLAY_MIN_VERSION:-35}" +network_overlay_version = ${NETWORK_OVERLAY_VERSION:-40} +network_ledger_version = ${NETWORK_LEDGER_VERSION:-25} +network_overlay_min_version = ${NETWORK_OVERLAY_MIN_VERSION:-35} network_stellar_core_version = "${NETWORK_STELLAR_CORE_VERSION:-25.0.0}" network_quorum_set = "${NETWORK_QUORUM_SET:-}" network_known_peers = "${NETWORK_KNOWN_PEERS:-}" @@ -100,9 +100,9 @@ testnet_horizon_url = "${TESTNET_HORIZON_URL:-https://horizon-testne testnet_network_passphrase = "${TESTNET_NETWORK_PASSPHRASE:-Test SDF Network ; September 2015}" testnet_network_id = "${TESTNET_NETWORK_ID:-testnet}" testnet_network_name = "${TESTNET_NETWORK_NAME:-Stellar Testnet}" -testnet_network_overlay_version = "${TESTNET_NETWORK_OVERLAY_VERSION:-40}" -testnet_network_ledger_version = "${TESTNET_NETWORK_LEDGER_VERSION:-25}" -testnet_network_overlay_min_version = "${TESTNET_NETWORK_OVERLAY_MIN_VERSION:-35}" +testnet_network_overlay_version = ${TESTNET_NETWORK_OVERLAY_VERSION:-40} +testnet_network_ledger_version = ${TESTNET_NETWORK_LEDGER_VERSION:-25} +testnet_network_overlay_min_version = ${TESTNET_NETWORK_OVERLAY_MIN_VERSION:-35} testnet_network_stellar_core_version = "${TESTNET_NETWORK_STELLAR_CORE_VERSION:-25.0.0}" testnet_network_quorum_set = "${TESTNET_NETWORK_QUORUM_SET:-}" testnet_network_known_peers = "${TESTNET_NETWORK_KNOWN_PEERS:-54.166.220.249:11625,44.223.45.116:11625,54.159.138.198:11625}" From 22cd46838d23b69dc9cb6c825f674d31a06a4f1c Mon Sep 17 00:00:00 2001 From: Tillman Mosley III Date: Thu, 9 Apr 2026 12:17:54 -0400 Subject: [PATCH 11/13] add quotes --- .github/workflows/ci-cd.yml | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml index 01a87276..448e1a3b 100644 --- a/.github/workflows/ci-cd.yml +++ b/.github/workflows/ci-cd.yml @@ -374,10 +374,9 @@ jobs: network_passphrase = "${{ secrets.NETWORK_PASSPHRASE || 'Public Global Stellar Network ; September 2015' }}" network_id = "${{ secrets.NETWORK_ID || 'public' }}" network_name = "${{ secrets.NETWORK_NAME || 'Public Stellar Network' }}" - # *_version fields below are typed as number in variables.tf — must NOT be quoted. - network_overlay_version = ${{ secrets.NETWORK_OVERLAY_VERSION || 40 }} - network_ledger_version = ${{ secrets.NETWORK_LEDGER_VERSION || 25 }} - network_overlay_min_version = ${{ secrets.NETWORK_OVERLAY_MIN_VERSION || 35 }} + network_overlay_version = "${{ secrets.NETWORK_OVERLAY_VERSION || 40 }}" + network_ledger_version = "${{ secrets.NETWORK_LEDGER_VERSION || 25 }}" + network_overlay_min_version = "${{ secrets.NETWORK_OVERLAY_MIN_VERSION || 35 }}" network_stellar_core_version = "${{ secrets.NETWORK_STELLAR_CORE_VERSION || '25.0.0' }}" network_quorum_set = "${{ secrets.NETWORK_QUORUM_SET || '' }}" network_known_peers = "${{ secrets.NETWORK_KNOWN_PEERS || ''}}" @@ -385,9 +384,9 @@ jobs: testnet_network_passphrase = "${{ secrets.TESTNET_NETWORK_PASSPHRASE || 'Test SDF Network ; September 2015' }}" testnet_network_id = "${{ secrets.TESTNET_NETWORK_ID || 'testnet' }}" testnet_network_name = "${{ secrets.TESTNET_NETWORK_NAME || 'Stellar Testnet' }}" - testnet_network_overlay_version = ${{ secrets.TESTNET_NETWORK_OVERLAY_VERSION || 40 }} - testnet_network_ledger_version = ${{ secrets.TESTNET_NETWORK_LEDGER_VERSION || 25 }} - testnet_network_overlay_min_version = ${{ secrets.TESTNET_NETWORK_OVERLAY_MIN_VERSION || 35 }} + testnet_network_overlay_version = "${{ secrets.TESTNET_NETWORK_OVERLAY_VERSION || 40 }}" + testnet_network_ledger_version = "${{ secrets.TESTNET_NETWORK_LEDGER_VERSION || 25 }}" + testnet_network_overlay_min_version = "${{ secrets.TESTNET_NETWORK_OVERLAY_MIN_VERSION || 35 }}" testnet_network_stellar_core_version = "${{ secrets.TESTNET_NETWORK_STELLAR_CORE_VERSION || '25.0.0' }}" testnet_network_quorum_set = "${{ secrets.TESTNET_NETWORK_QUORUM_SET || '' }}" testnet_network_known_peers = "${{ secrets.TESTNET_NETWORK_KNOWN_PEERS || '54.166.220.249:11625,44.223.45.116:11625,54.159.138.198:11625' }}" From 38aa10cbaa2978cb38c8f934bccfdabb5e3f5ab1 Mon Sep 17 00:00:00 2001 From: Tillman Mosley III Date: Thu, 9 Apr 2026 14:29:28 -0400 Subject: [PATCH 12/13] variable updates --- terraform/environments/production/main.tf | 4 ++++ terraform/environments/staging/main.tf | 4 ++++ terraform/modules/app_platform/main.tf | 24 +++++++++++++++++++++++ 3 files changed, 32 insertions(+) diff --git a/terraform/environments/production/main.tf b/terraform/environments/production/main.tf index c203ae05..6c0e3644 100644 --- a/terraform/environments/production/main.tf +++ b/terraform/environments/production/main.tf @@ -66,6 +66,10 @@ module "app_platform" { VUE_APP_PUBLIC_ENABLE_HORIZON = 1 VUE_APP_PUBLIC_ENABLE_CONFIG_EXPORT = 1 VUE_APP_ENABLE_DEMO_NETWORKS = 1 + VUE_APP_PUBLIC_ENABLE_CONTACT_US = 1 + VUE_APP_CONTACT_EMAIL = "hello@withobsrvr.com" + VUE_APP_TERMS_LINK = "/terms" + VUE_APP_PRIVACY_LINK = "/privacy" } # Backend environment variables diff --git a/terraform/environments/staging/main.tf b/terraform/environments/staging/main.tf index 20379b98..f547ef3e 100644 --- a/terraform/environments/staging/main.tf +++ b/terraform/environments/staging/main.tf @@ -64,6 +64,10 @@ module "app_platform" { VUE_APP_PUBLIC_ENABLE_HORIZON = 1 VUE_APP_PUBLIC_ENABLE_CONFIG_EXPORT = 1 VUE_APP_ENABLE_DEMO_NETWORKS = 1 + VUE_APP_PUBLIC_ENABLE_CONTACT_US = 1 + VUE_APP_CONTACT_EMAIL = "hello@withobsrvr.com" + VUE_APP_TERMS_LINK = "/terms" + VUE_APP_PRIVACY_LINK = "/privacy" } # Backend environment variables diff --git a/terraform/modules/app_platform/main.tf b/terraform/modules/app_platform/main.tf index ca6b11de..87cdff4d 100644 --- a/terraform/modules/app_platform/main.tf +++ b/terraform/modules/app_platform/main.tf @@ -209,8 +209,32 @@ resource "digitalocean_app" "radar" { type = "GENERAL" } + # Contact form feature flag + env { + key = "VUE_APP_PUBLIC_ENABLE_CONTACT_US" + value = lookup(var.frontend_env, "VUE_APP_PUBLIC_ENABLE_CONTACT_US", "") + type = "GENERAL" + } + # Contact form display email + env { + key = "VUE_APP_CONTACT_EMAIL" + value = lookup(var.frontend_env, "VUE_APP_CONTACT_EMAIL", "") + type = "GENERAL" + } + # Legal page links + env { + key = "VUE_APP_TERMS_LINK" + value = lookup(var.frontend_env, "VUE_APP_TERMS_LINK", "") + type = "GENERAL" + } + + env { + key = "VUE_APP_PRIVACY_LINK" + value = lookup(var.frontend_env, "VUE_APP_PRIVACY_LINK", "") + type = "GENERAL" + } http_port = 3000 From c10585626db28bb1a580ec62a7df8c164109fedd Mon Sep 17 00:00:00 2001 From: Tillman Mosley III Date: Thu, 9 Apr 2026 14:30:11 -0400 Subject: [PATCH 13/13] update --- .github/workflows/ci-cd.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml index 448e1a3b..2cbf13e2 100644 --- a/.github/workflows/ci-cd.yml +++ b/.github/workflows/ci-cd.yml @@ -40,10 +40,10 @@ jobs: HORIZON_URL: https://horizon-testnet.stellar.org # Network configuration (required by Config.ts) - NETWORK_LEDGER_VERSION: 24 - NETWORK_OVERLAY_VERSION: 38 + NETWORK_LEDGER_VERSION: 25 + NETWORK_OVERLAY_VERSION: 40 NETWORK_OVERLAY_MIN_VERSION: 35 - NETWORK_STELLAR_CORE_VERSION: 24.0.0 + NETWORK_STELLAR_CORE_VERSION: 25.0.0 NETWORK_QUORUM_SET: '["GCGB2S2KGYARPVIA37HYZXVRM2YZUEXA6S33ZU5BUDC6THSB62LZSTYH"]' NETWORK_KNOWN_PEERS: '[["localhost", 11625]]' NETWORK_ID: testnet