Deployed Keter App Logs Users Out With a New Keter Bundle - haskell

Keter has been awesome so far. For my little toy project, I used to create the keter bundle on the production server and push it keter's incoming directory and everything worked fine.
Now I wanted to learn how to setup a staging environment and so I tried compiling my bundle on staging server (it is an image copy of the production server). When I push this bundle to my production server (via scp), it logs out signed-in users. The app itself is fine after logging back in.
What has changed:
Some templating code has changed but nothing drastic and such changes were fine when compiled on the production server before
Yesod's settings.yml changed to use the staging server's IP address for development testing
Keter.yaml was not modified.
What am I doing wrong? Why does Keter care where my .keter bundle was created? Is there a way to create these bundles without disrupting signed-in users?
Thanks!

Most likely, the issue is that a new client_session_key file is being created each time your app is being deployed. Instead, you need to generate a key file once and reuse it. This is generally handled correctly by the Yesod scaffolded site, but providing an implementation of makeSessionBackend that stores the key file in config.
What is your current implementation of makeSessionBackend? And do your keter bundles include a file config/client_session_key.aes?

Related

app_artifact_location when the app is internationalized

I'm working with the new Azure Static Web Apps Preview product, not to be confused with Azure Web Apps.
My Angular 9 app, which runs fine locally, is all set up for internationalization, and one effect of the internationalization is that it drops my index.html into app/catfood/dist/en_US rather than app/catfood/dist.
This is leaving me stuck in terms of how to set the app_artifact_location value in the workflow file. If I leave it at the default value of "dist/catfood" the build gives me this error, which honestly does seem accurate as the index.html isn't going to be there:
Failed to find a default file in the app artifacts folder (dist/congruence-web). Valid default files: index.html,Index.html.
If your application contains purely static content, please verify that the variable 'app_location' in your workflow file (located in .github/workflows) points to the root of your application.
If your application requires build steps, please validate that a default file exists in the build output directory.
But if I change it to the logical "dist/catfood/en_US" I get this error:
The app build failed to produce artifact folder: 'dist/catfood/en_US'. Please ensure this property is configured correctly in your workflow file.
Really not sure what the build system is expecting of me. What should I be using for app_artifact_location? Or am I even tweaking the wrong thing here?
Update: When I deliberately turn off i18n in angular.json, the en_US directory goes away and index.html is found in dist/catfood and everything works great. So basically the problem is "Why does Azure Static Web Apps not understand localized Angular applications?"

Passing app secrets in Yesod and Keter

I'm building a web app with Yesod and am currently passing in secrets such as API keys via environment variables (as per The Twelve-Factor App) to avoid storing these values in version-controlled configuration files. For example, I run my app in dev mode as follows:
SOME_API_KEY=value yesod devel
I have a value in my config/settings.yml file that is defined in terms of this environment variable with an empty value as follows:
meetup-api-key: "_env:SOME_API_KEY:"
To deploy using Keter, I'm building the Keter package using the yesod keter command and dropping the resulting file into Keter 'sincoming directory. Since I'm using environment variable configuration, my app's .keter file does not contain the SOME_API_KEY value (which is intentional).
How should I pass SOME_API_KEY into the instance of my app running inside Keter?
I would like to avoid baking the value into my keter-config.yaml for at least the following three reasons:
It is less secure than the environment variable approach.
Being embedded directly into the configuration file for Keter itself, as opposed to the configuration to the app, the secret cannot be changed without stopping and restarting the entire Keter process.
The environment variables are passed into every app being managed by Keter.
I am hoping that there are some "best practices" out there for this scenario.
Set your secrets as environment variables on your server and ‘forward’ them to your app using forward-env in config/keter.yml as seen in the following patch: https://github.com/snoyberg/keter/commit/9e9fca314fb78860fb5c9b08cad212d92b0b20d4

How do I update a live Node.js Heroku App remotely?

I have a Node.js app that is live on Heroku
The Node.js folders/files that I uploaded on Heroku also reside on my computer
Whenever I update my Node.js folders/files on my computer, I want these updates to also be applied to the folders/files that are live on Heroku.
I want to be able to do that without having to stop, update and restart my Heroku app every time.
What I'm describing is basically a setup equivalent to that of the standard ftp connection that we all use whenever we make a local to remote update of static files of some standard website.
The git support that apparently Heroku offers doesn't do that. It requires for the app to be stopped (by running the appropriate commands on the terminal), then I need to make a git push (using the terminal) that updates all of the files (which takes forever) and not just the ones that need to be updated, and then the app needs to be restarted (again using the terminal). This is extremely frustrating for an app that is still in development, requires constant updates and cannot be tested locally (for a number of reasons).
Whenever a Node.js app is tested locally, the app can be started by calling supervisor app.js instead of node app.js.
What this does is it allows for the app to be updated and as soon as that happens (i.e. as soon as I hit "save") supervisor automatically restarts the app locally.
I'm looking for something similar to the above, i.e. linking my local app folder to my remote app folder and starting my remote app (on Heroku) using some supervisor mode so that as soon as my local folder is updated, my remote folder is also changed and the app automatically restarted.
It's extremely frustrating trying to test a Heroku app (that obviously needs constant updates) currently.
Testing it locally and then publishing it on Heroku (for good) will not do because some apps simply cannot be tested on localhost.
Any help would be much appreciated!
The git support that apparently Heroku offers doesn't do that. It
requires for the app to be stopped (by running the appropriate
commands on the terminal), then I need to make a git push (using the
terminal) that updates all of the files (which takes forever) and not
just the ones that need to be updated, and then the app needs to be
restarted (again using the terminal). This is extremely frustrating
for an app that is still in development, requires constant updates and
cannot be tested locally (for a number of reasons).
First, you don't need to stop your app before running git push heroku master. Just push, and the platform will build, and then restart your app with the new code, automatically. Second, git uses a diffing algorithm, so you aren't pushing all of the files - you're in fact just pushing the differences (assuming you're using git correctly). Third, you don't need to do that final, manual restart - the platform has already done this for you on push. Finally, I would advise that if your app is impossible to test locally, you might want to reconsider the architecture of that app. It sounds very un-portable. Perhaps refer to 12factor.net for a good architecture checklist.
Testing it locally and then publishing it on Heroku (for good) will not do because some apps simply cannot be tested on localhost.
What type of app are you building that would be impossible to test outside of a production environment?
In any case, the closest thing I'm aware of to what you're looking for is Dropbox Sync:
https://devcenter.heroku.com/articles/dropbox-sync

Setting Up Kudu On IIS

A couple of days ago, Microsoft released the engine they're using to do git deployments to Azure. I've had a task on my TODO list for a while to get that kind of functionality set up on my DEV IIS server, so I'm interested in trying out Kudu for that purpose.
The "Getting Started" document shows how to run the web front-end, but everything in there uses "http://localhost:PORTNUMBER" type URL's for git repositories, site URL's, etc.
I realize this is probably getting too far ahead of them, but I'm wondering if anyone has pointers for how to set it up using real domains on "regular" IIS instead of all of the localhost bits?
This is an old question, so I'm giving an updated answer with more current info since I just worked through setting up Kudu on an internal deployment server. The currently selected answer only deals with if you are directly running Kudu from within a development environment.
If you are deploying to a "production" type environment and don't want to install Visual Studio on the target server, there is a good guide on the project website on github.
https://github.com/projectkudu/kudu/wiki/Deploying-to-a-server
On the target server, you will need to install:
MSBuild ( http://go.microsoft.com/fwlink/?LinkId=309745 ) - comes with Visual Studio
NodeJS ( http://nodejs.org )
Git ( http://git-scm.com/downloads )
Back on your development machine, clone the git repo and build using the "build.cmd" file, following instructions in the above link.
In running build.cmd I got several test failures which blocked the build from producing artifacts. These were all related to Mercurial, which we don't use. Installing a Mercurial client didn't make them magically go away, so I disabled the tests rather than sink a bunch of time into debugging my environment.
Your build output will indicate the failures. I disabled by commenting out the [Fact] attribute.
These are the tests I disabled:
tests/Kudu.Core.Test/HgRepositoryFacts.cs (all tests)
Once you have a successful build that has created all the items in the artifacts you can move to deploying the Kudu website and web service code. The below instructions are for setting up a distinct web application instance, rather than dumping everything in c:\inetpub\wwwroot, which is how the instructions read.
Copy "artifacts\Release\KuduWeb" to the target area on the server where your website will run from. I run my kudu install with a separate host header, but you could as easily use a separate port or run as the root website. This directory will be the root for your web application.
Create an empty "App_Data" folder immediately under the KuduWeb folder.
Copy "artifacts\Release\SiteExtensions\Kudu" to the same level as the folder in step 1 and rename to "Kudu.Services.Web". This location is set as a relative path in the KuduWeb web.config file - setting serviceSitePath.
Open IIS Admin and create a website pointing to the "KuduWeb" folder from step 1.
Configure the app pool from step 4 to run as "LocalSystem". This is required to manage IIS Sites.
Create a new folder "apps" at the same level as KuduWeb. This is where deployments will be sent. Note: this location is controlled in the KuduWeb web.config file - setting "sitesPath"
Change filesystem permissions to grant "Users" full access to the "apps" folder created in the above step.
On starting my Kudu website, I got the following error.
Parser Error Message: Could not load file or assembly 'System.Web.Mvc, Version=5.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot find the file specified.
For some reason it didn't copy the appropriate MVC version into the deployment artifacts.
If you hit this error, the MVC 5 file can be obtained via NuGet. I found that my source code was built against 5.1.0, so this is the appropriate link:
https://www.nuget.org/packages/Microsoft.AspNet.Mvc/5.1.0
In order to extract the dll, I set up a new dummy project and used NuGet to pull down the dll via the package manager console.
Install-Package Microsoft.AspNet.Mvc -Version 5.1.0
Once you get the binary, copy it from package directory ( .\packages\Microsoft.AspNet.Mvc.5.1.0\lib\net45\System.Web.Mvc.dll ) to the website bin directory on the target machine.
At this point you are up and running. Use the web interface to create your application. It will create a subfolder under the "apps" directory with a tree that should be self explanatory. It will also have created two new websites for your application:
kudu_{your-app-name}
kudu_service_{your-app-name}
In a production situation, you should create an additional website running on appropriate port/host header that points to: .\apps\\site\wwwroot
Now you can add a git remote for your deployment. Go to your source location in a git console (ex: Git Bash) and add the remote as identified by Kudu. Note: you may need to change localhost in the url to be the appropriate server name.
git remote add deploy http://:52711/your-app-name.git
Push your code to the new "deploy" remote and see what happens. You should see all the normal push messages, plus the build output.
git push deploy master
My initial push failed to build and deploy due to "node" not being recognized. It was in the path, so a server reset convinced the path environment variable to be refreshed. You may find additional errors to work through. For instance, I had an issue with MSBuild being imported and causing a hiccup.
error MSB4019: The imported project "C:\Program Files (x86)\MSBuild\Microsoft\Visual Studio\v11.0\WebApplications\Microsoft.WebApplication.targets" was not found.
YMMV, but these are all solvable problems now. Good continuous deploying!
The project automatically sets up two websites on IIS for each application you add using the web front end. Kudu doesn't automatically map the bindings for them but it's relatively easy to open IIS and find the two sites named "kudu_appname" and "kudu_appname_service". The service website is the one that you point GIT too and the other one is the site itself. Just add public bindings to them by right-clicking and "edit bindings". You can then add public hostnames to them.
This is the easy part. The hard part that I'm still working on is getting authentication working so any random Joe isn't able to push to my kudu repository!

cakePHP, what to do next?

I've followed some tutorials about cakePHP and now it's done, the "mvc" is ready.
What should I do next?
Meaning: I was working locally, can I simply upload the complete app online and it is secured as 'they' meant it to be?
I've downloaded the 1.3.6 package from https://github.com/cakephp/cakephp/archives/1.3, and deployed it as is in a folder named as my domain.
Edit:
I have win-xp with wamp.
I created the app by simply unzipping the file to a folder and then renamed it to 'domain_name'.
Then I made the db connection and set the configuration files.
At that point I created the models, views and controllers.
Now the application is working, locally.
My question is: can I simply upload everything to my server, to the html root folder and say that "I am done"?
As long as your app isn't already in production, putting it online can tell you more about how it's working. For instance, you'll learn if there are missing modules or dependencies that must be installed on the live server.
If it's an already live system, you may want to use an online staging server to understand what needs to be modified on the production server in order to have a smooth deployment.
There are three ways that you can deploy your cake app (Development, Production and Advanced), and all of them are secure:
http://book.cakephp.org/view/912/Installation
I would recommended the Production install if you aren't going to run any other apps on this server.

Resources