CD

.github/workflows/CD.yml

@@ -0,0 +1,53 @@
+name: CD process to deploy to AzureFuncions
+
+on:
+  # Trigger the workflow on pull request but only for the master branch
+  push:
+    branches:
+      - master
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        node-version: [10.x]
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@master
+
+      - uses: azure/login@v1
+        with:
+          creds: ${{ secrets.AZURE_CREDENTIALS }}
+
+      - name: Azure CLI script
+        uses: azure/CLI@v1
+        with:
+          azcliversion: 2.0.72
+          inlineScript: |
+            az account show
+            az storage -h
+
+      - name: Use Node.js ${{ matrix.node-version }}
+        uses: actions/setup-node@v1
+        with:
+          node-version: ${{ matrix.node-version }}
+
+      - name: Install SOPS
+        run: |
+          sudo apt-get install wget
+          wget https://github.com/mozilla/sops/releases/download/v3.7.0/sops_3.7.0_amd64.deb
+          sudo dpkg -i sops_3.7.0_amd64.deb
+
+      - name: Decrypt Secrets
+        run: make sops-decrypt-nodejs
+
+      - name: Install NodeJs dependencies
+        run: make install-dependencies-nodejs
+
+      - name: Install Serverless Framework
+        run: sudo npm install -g serverless
+
+      - name: Install Serverless Plugins
+        run: make deploy-nodejs
+

.gitignore

@@ -24,8 +24,7 @@ appsettings.json
 local.settings.json
 
 node_modules
-
-AutomaticClockOuts/node_modules
 .idea/
 .vscode/
-serverless.yml
+.serverless
+keys.yml.bk

Makefile

@@ -0,0 +1,15 @@
+help: Makefile
+	@sed -n 's/^## //p' $<
+
+## npm-install-functions	-> Added dependencies in case that the functions need, add manually the command and Makefile 
+install-dependencies-nodejs:
+	cd nodejs-functions ; pwd ; $(MAKE) install-dependencies-nodejs
+
+install-serverless-plugins:
+	cd nodejs-functions ; pwd ; make install-serverless-plugins
+
+deploy-nodejs:
+	cd nodejs-functions ; pwd ; make deploy
+
+sops-decrypt-nodejs:
+	cd nodejs-functions ; pwd ; make sops-decrypt

nodejs-functions/.sops.yaml

@@ -0,0 +1,3 @@
+creation_rules:
+  - path_regex: keys.yml.*
+    azure_keyvault: https://time-tracker-secrets.vault.azure.net/keys/tt-functions-sops/021de58b06a1497881bbacf4c82b83d7

nodejs-functions/Makefile

@@ -1,6 +1,19 @@
+SECRETS=keys.yml
 help: Makefile
 	@sed -n 's/^## //p' $<
 
-## run	->	run serverless function	
-run:
-	sls offline
+## npm-install-functions	-> Added dependencies in case that the functions need, add manually the command and Makefile 
+install-dependencies-nodejs:
+	cd src/handlers/automatic-clock-outs ; pwd ; $(MAKE) install
+
+deploy:
+	sls deploy
+
+sops-encrypt:
+	sops -e -i ${SECRETS}
+
+sops-decrypt:
+	sops -d -i ${SECRETS}
+
+install-serverless-plugins:
+	serverless plugin install --name serverless-azure-functions

nodejs-functions/keys.yml

@@ -0,0 +1,23 @@
+ENDPOINT: ENC[AES256_GCM,data:Hkm+9x/NJyWVRiaZhAnkwZRI8qMq/fNxikATLX0ncb+CuQNDRm+lgErGzrjAKLKo,iv:Jfzi5siEMjDBC5M4WJNqWB0RESWTc9xlII55YdACa84=,tag:qTuYwzTNMxojvyIYyqJFsg==,type:str]
+KEY: ENC[AES256_GCM,data:KEQ9/toDaCxeBa8ZWCiaqUEBv4z4kIIXvvupXbnGvwqQ7nzSQo00kzEuBloJNHudc7TuYiSqyYESUBNQQ/fRTIb/sZCwxGXnH386tIMZSzpFBUQYB0QbQQ==,iv:sDOFPxzstnhbIFilvxINYMjZxS+UZmShl/RNoyCSaP8=,tag:bGk2MCZ+pM8nOaW4tUXJHg==,type:str]
+CLIENT_ID: ENC[AES256_GCM,data:Uq5JLAEziobuUiTpUAecHexraLABQXKAa0s4tU8dA+J26XD2,iv:JojFPnaUkTWp9JwfgJRGE+tHOEgtBvHPFqT/yJ9BIuc=,tag:TyK0UQ4pue+U2aFnyDmIFA==,type:str]
+AUTHORITY: ENC[AES256_GCM,data:7gpZv5zFzB+08eoI6I9abJcU6J2SHcFv9YnGSfDEBf88z3rl+9iHGYRStzsauyxZKqekidexsAm1VaYMCrZ9Tu+dHK9Gug==,iv:o+B6KenwnytllxfET0JhBRnoAkpDTgvi4i4AYCfY3Wg=,tag:8pwqBx9ptOUxi4T3L1OW2A==,type:str]
+CLIENT_SECRET: ENC[AES256_GCM,data:wkxsgXMpjQeN0cx8X7PgZNPl9DJ9fOw+pKMllD2Kidk=,iv:xAzVNQfFwVmbwNWr8pFfESu/DV/WaQmOazmCLr0QbK8=,tag:cq+vjN5cf/0cZlAbYlZ3VQ==,type:str]
+SLACK_TOKEN_NOTIFY: ENC[AES256_GCM,data:AXa10lmQjrTJtvUQcxMQfEJHCrH2LK5Pk1z3yZotJob4/L3eJRrPkSizPLr2O4q7iauuycpm,iv:hSTEwOGEKoiVCXCs9zCSWcoMEKDNNzt3c7+Q/gaSrdU=,tag:0jOv6Dx4UAKh99TejpkBFg==,type:str]
+TEST: ENC[AES256_GCM,data:skwJkLTLeS9fqOs10RQ=,iv:S4dbSww3+R9xOR7kcQKAcUDU9ZS1+JEpiCB6zjYCqJI=,tag:Gw520XvjZwcJ/1BOU5B2cQ==,type:str]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv:
+        - vault_url: https://time-tracker-secrets.vault.azure.net
+          name: tt-functions-sops
+          version: 021de58b06a1497881bbacf4c82b83d7
+          created_at: "2021-03-26T04:44:58Z"
+          enc: BavLdI0vYqkLklbXpGRQ1gUFlaTt4dS0EjgCv0KbrkyLHhgdjYk79S0o4wDlDN_GIVc4zNelMPWXs22c9F99IxIpS1L84VUp50LmEvbXx8cOmYKpWfIK6JzgXE9VbtReOFwWP1OaqnS37Z714xR2Uv1z5AvMZZpC6s4303Zo6IDXz1bJeigK544YVceI-79YV7z0QDyXux-CoecwQpxpKVIA5jpBXKqLQU8r-WVwSyszCliedaTMJNBoRJSn3AEr2i3qW6DRkSltgIv9mSSnx8IvLjCAgnuG0cPwne7YITFoB2i_nLVMSeXuYkUVVQvvuYUycs1_NWobs828aD-gvQ
+    hc_vault: []
+    age: []
+    lastmodified: "2021-03-26T04:45:00Z"
+    mac: ENC[AES256_GCM,data:ng3bl2jD7EznuDKCfOIs06g0tYlFn69rCPJvjP7ndfiVD9H4prg63z/7fUPLD3eILD+tNh44aAspKkDQAb3NuIlLJ69+9L+4jE08Iq8ZaAlMjqkshtUlFyQ+gS8vZtrdkjQw9538YGQ0Xnf0yDfkVw63KATshrfOidWBuw1vT7U=,iv:XDlTF0E1zaQ6qxLw4LFP4aTfNmFYMFAoM1Xt7G8OMR8=,tag:0Nk524idBlSb2J7bovBIaQ==,type:str]
+    pgp: []
+    unencrypted_suffix: _unencrypted
+    version: 3.7.0

nodejs-functions/package.json

@@ -11,12 +11,6 @@
     "serverless"
   ],
   "dependencies": {
-    "@azure/cosmos": "3.5.2",
-    "@azure/msal-node": "^1.0.0-alpha.5",
-    "axios": "^0.20.0",
-    "dotenv": "^8.2.0",
-    "moment": "^2.27.0",
-    "msal": "^1.4.0"
   },
   "devDependencies": {
     "serverless-azure-functions": "^2.1.0"

nodejs-functions/serverless.yml

@@ -0,0 +1,34 @@
+service: nodejs-functions
+frameworkVersion: "2"
+
+provider:
+    name: azure
+    region: West US 2
+    runtime: nodejs12
+    # linux is the only operating system available for python
+    os: linux
+    # prefix of generated resource name
+    prefix: time-tracker
+    environment:
+        ENDPOINT: ${file(keys.yml):ENDPOINT}
+        KEY: ${file(keys.yml):KEY}
+        CLIENT_ID: ${file(keys.yml):CLIENT_ID}
+        AUTHORITY: ${file(keys.yml):AUTHORITY}
+        CLIENT_SECRET: ${file(keys.yml):CLIENT_SECRET}
+        SLACK_TOKEN_NOTIFY: ${file(keys.yml):SLACK_TOKEN_NOTIFY}
+        TEST: ${file(keys.yml):TEST}
+
+custom:
+    globalSchedule: cron(0 0 * * *)
+plugins:
+    - serverless-azure-functions
+package:
+    exclude:
+        - local.settings.json
+        - .vscode/**
+functions:
+    automatic-clock-outs:
+        prefix: automatic-clock-outs
+        handler: src/handlers/automatic-clock-outs/index.js
+        events:
+            - timer: ${self:custom.globalSchedule}