-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathTaskfile.yml
More file actions
950 lines (838 loc) Β· 33.5 KB
/
Taskfile.yml
File metadata and controls
950 lines (838 loc) Β· 33.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
version: '3'
# View organization profile at: https://github.com/joeblew999?preview=true
vars:
GITHUB_ORG: joeblew999
# Platform detection
OS: "{{OS}}"
ARCH: "{{ARCH}}"
# Platform-specific extensions
EXE_EXT: '{{if eq OS "windows"}}.exe{{end}}'
# Platform-specific binaries
GH_BINARY: 'gh{{.EXE_EXT}}'
TERRAFORM_BINARY: 'terraform{{.EXE_EXT}}'
NATS_BINARY: 'nats{{.EXE_EXT}}'
# Platform-specific paths
HOME_DIR: '{{if eq OS "windows"}}{{.USERPROFILE}}{{else}}{{.HOME}}{{end}}'
# Go CLI tools for cross-platform compatibility
BIN_DIR: "{{.ROOT_DIR}}/.bin"
GOJQ: "{{.BIN_DIR}}/gojq"
tasks:
default:
desc: List available tasks
cmds:
- |
echo "π οΈ GitHub Organization Setup Tool"
echo "Platform: {{.OS}}/{{.ARCH}}"
echo "Organization: {{.GITHUB_ORG}}"
echo ""
- task --list
setup:
desc: Create .github structure from templates
cmds:
- task: clean
- mkdir -p .github profile
- go run cmd/github-setup/main.go -org={{.GITHUB_ORG}}
clean:
desc: Remove generated .github files
cmds:
- rm -rf .github/ISSUE_TEMPLATE .github/issue-templates .github/workflows .github/CODEOWNERS .github/dependabot.yml .github/pull_request_template.md .github/PULL_REQUEST_TEMPLATE
check:
desc: Check if generated files are up to date with templates
cmds:
- |
echo "Checking if generated files are up to date..."
TEMP_DIR=$(mktemp -d)
go run cmd/github-setup/main.go -org={{.GITHUB_ORG}} -output="$TEMP_DIR"
if ! diff -r .github "$TEMP_DIR" > /dev/null 2>&1; then
echo "β Generated files are out of date. Run 'task setup' to update."
rm -rf "$TEMP_DIR"
exit 1
else
echo "β
Generated files are up to date."
rm -rf "$TEMP_DIR"
fi
install-gh:
desc: Ensure GitHub CLI is installed (idempotent, cross-platform)
cmds:
- |
echo "π¦ Installing GitHub CLI for {{.OS}}/{{.ARCH}}..."
if command -v {{.GH_BINARY}} >/dev/null 2>&1; then
echo "β
GitHub CLI already installed: $({{.GH_BINARY}} --version | {{.GOJQ}} -Rs 'split("\n")[0]')"
else
echo "π¦ Installing GitHub CLI..."
{{if eq .OS "darwin"}}
# macOS via Homebrew
if command -v brew >/dev/null 2>&1; then
brew install gh
else
echo "β Homebrew not found. Install from: https://brew.sh/"
exit 1
fi
{{else if eq .OS "linux"}}
# Linux via package manager
if command -v apt >/dev/null 2>&1; then
# Debian/Ubuntu
curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | sudo dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | sudo tee /etc/apt/sources.list.d/github-cli.list > /dev/null
sudo apt update && sudo apt install gh
elif command -v yum >/dev/null 2>&1; then
# RHEL/CentOS/Fedora
sudo yum install -y yum-utils
sudo yum-config-manager --add-repo https://cli.github.com/packages/rpm/gh-cli.repo
sudo yum install gh
elif command -v pacman >/dev/null 2>&1; then
# Arch Linux
sudo pacman -S github-cli
else
echo "β Unsupported Linux distribution. Install manually: https://cli.github.com/"
exit 1
fi
{{else if eq .OS "windows"}}
# Windows via package manager
if command -v choco >/dev/null 2>&1; then
choco install gh
elif command -v scoop >/dev/null 2>&1; then
scoop install gh
elif command -v winget >/dev/null 2>&1; then
winget install --id GitHub.cli
else
echo "β No package manager found (choco/scoop/winget). Install from: https://cli.github.com/"
exit 1
fi
{{else}}
echo "β Unsupported OS: {{.OS}}. Please install GitHub CLI manually: https://cli.github.com/"
exit 1
{{end}}
echo "β
GitHub CLI installed: $({{.GH_BINARY}} --version | {{.GOJQ}} -Rs 'split("\n")[0]')"
fi
verify-github:
desc: Verify repository state on GitHub matches local templates
deps: [install-gh]
cmds:
- |
echo "π Verifying GitHub repository state..."
# Check if repo exists and is accessible
if ! gh repo view {{.GITHUB_ORG}}/.github >/dev/null 2>&1; then
echo "β Cannot access repository {{.GITHUB_ORG}}/.github"
exit 1
fi
echo "β
Repository {{.GITHUB_ORG}}/.github is accessible"
# Check if workflows are enabled
echo "π Checking workflows..."
gh workflow list --repo {{.GITHUB_ORG}}/.github
# Check if issues/PRs use our templates
echo "π Checking if templates are active..."
echo " Issue templates:"
gh api repos/{{.GITHUB_ORG}}/.github/contents/.github/ISSUE_TEMPLATE --jq '.[].name' 2>/dev/null || \
gh api repos/{{.GITHUB_ORG}}/.github/contents/.github/issue-templates --jq '.[].name' 2>/dev/null || \
echo " No issue templates found"
# Check organization profile
echo "π’ Organization profile:"
gh api orgs/{{.GITHUB_ORG}} --jq '.name // .login' 2>/dev/null || \
echo " Organization API requires admin:org scope"
# Check if dependabot is configured
echo "π€ Checking Dependabot configuration..."
if gh api repos/{{.GITHUB_ORG}}/.github/contents/.github/dependabot.yml >/dev/null 2>&1; then
echo "β
Dependabot configuration found"
else
echo "β Dependabot configuration not found"
fi
echo "β
GitHub verification complete"
validate-all:
desc: Run all validation checks (local + GitHub)
cmds:
- task: check
- task: verify-github
status:
desc: Show current system status and health
cmds:
- |
echo "π’ GitHub Organization: {{.GITHUB_ORG}}"
echo "π Repository: https://github.com/{{.GITHUB_ORG}}/.github"
echo "π Platform: {{.OS}}/{{.ARCH}}"
echo ""
echo "π System Status:"
# Check if files are generated
if [ -d ".github" ]; then
echo "β
Generated files exist"
else
echo "β Generated files missing - run 'task setup'"
fi
# Check if files are up to date (quick check)
if task check >/dev/null 2>&1; then
echo "β
Generated files are up to date"
else
echo "β οΈ Generated files may be out of date - run 'task check' for details"
fi
# Check Go module
if go mod verify >/dev/null 2>&1; then
echo "β
Go module verified"
else
echo "β Go module issues - run 'go mod tidy'"
fi
# Platform-aware GitHub CLI check
if command -v {{.GH_BINARY}} >/dev/null 2>&1; then
echo "β
GitHub CLI available: $({{.GH_BINARY}} --version | {{.GOJQ}} -Rs 'split("\n")[0] | split(" ")[2]')"
else
echo "β GitHub CLI not installed - run 'task install-gh'"
fi
# Platform-specific checks
{{if eq .OS "darwin"}}
# macOS specific checks
if command -v brew >/dev/null 2>&1; then
echo "β
Homebrew available"
else
echo "β οΈ Homebrew not installed (recommended for macOS)"
fi
{{else if eq .OS "linux"}}
# Linux specific checks
if systemctl --version >/dev/null 2>&1; then
echo "β
Systemd available"
else
echo "βΉοΈ Systemd not available (using alternative service management)"
fi
{{else if eq .OS "windows"}}
# Windows specific checks
if command -v choco >/dev/null 2>&1; then
echo "β
Chocolatey available"
elif command -v scoop >/dev/null 2>&1; then
echo "β
Scoop available"
elif command -v winget >/dev/null 2>&1; then
echo "β
Winget available"
else
echo "β οΈ No package manager found (consider installing Chocolatey/Scoop/Winget)"
fi
{{end}}
dev:
desc: Development workflow - clean, setup, and check
cmds:
- echo "π Running development workflow..."
- task: clean
- task: setup
- task: check
- echo "β
Development workflow complete"
help:
desc: Show detailed help and usage examples
cmds:
- |
echo "π οΈ GitHub Organization Setup Tool"
echo "=================================="
echo ""
echo "π Quick Start:"
echo " task setup # Generate all files"
echo " task status # Check system health"
echo " task dev # Development workflow"
echo ""
echo "π Validation:"
echo " task check # Check local files vs templates"
echo " task verify-github # Check GitHub state"
echo " task validate-all # Run all checks"
echo ""
echo "π§Ή Maintenance:"
echo " task clean # Remove generated files"
echo " task install-gh # Install GitHub CLI"
echo ""
echo "π NATS Integration:"
echo " task nats-monitor # Monitor NATS-powered workflows"
echo " task nats-deploy # Deploy NATS infrastructure"
echo " task nats-scale # Scale NATS infrastructure"
echo " task nats-controller # Run NATS controller locally"
echo ""
echo "π Bee Integration:"
echo " task bee-install # Install bee event system"
echo " task bee-generate # Generate handlers from protobuf"
echo " task bee-run # Run bee orchestrator"
echo " task bee-validate # Validate schemas and config"
echo " task bee-demo # Show bee capabilities"
echo ""
echo "π Cross-Platform:"
echo " task test-platform # Test cross-platform compatibility"
echo " Platform: {{.OS}}/{{.ARCH}} # Current platform"
echo ""
echo "π Documentation:"
echo " README.md # Architecture and patterns"
echo " CONTRIBUTING.md # Contribution guidelines"
echo ""
echo "π Links:"
echo " Repository: https://github.com/{{.GITHUB_ORG}}/.github"
echo " Profile: https://github.com/{{.GITHUB_ORG}}?preview=true"
echo " Workflows: https://github.com/{{.GITHUB_ORG}}/.github/actions"
# Bootstrap tasks
bootstrap:
desc: "Bootstrap GitHub organization for self-management (handles sequencing and race conditions)"
cmds:
- ./bootstrap.sh
deps: [check-prerequisites]
bootstrap-dev:
desc: "Bootstrap in development mode with embedded NATS"
env:
BOOTSTRAP_MODE: dev
NATS_DEPLOYMENT_TYPE: self_hosted
cmds:
- ./bootstrap.sh --mode dev
bootstrap-synadia:
desc: "Bootstrap with Synadia Cloud NATS"
env:
BOOTSTRAP_MODE: auto
NATS_DEPLOYMENT_TYPE: synadia_cloud
cmds:
- ./bootstrap.sh --nats-type synadia_cloud
preconditions:
- sh: '[ -n "${SYNADIA_CREDS_FILE:-}" ] || [ -n "${SYNADIA_JWT:-}" ]'
msg: "Synadia Cloud credentials required (SYNADIA_CREDS_FILE or SYNADIA_JWT)"
check-prerequisites:
desc: "Check system prerequisites for bootstrap"
cmds:
- |
echo "π Checking prerequisites..."
missing_tools=()
command -v git >/dev/null 2>&1 || missing_tools+=("git")
command -v go >/dev/null 2>&1 || missing_tools+=("go")
command -v docker >/dev/null 2>&1 || missing_tools+=("docker")
if [ ${#missing_tools[@]} -ne 0 ]; then
echo "β Missing required tools: ${missing_tools[*]}"
exit 1
fi
echo "β
All prerequisites satisfied"
silent: true
nats-bootstrap:
desc: "Start embedded NATS server for development/bootstrap"
cmds:
- go run cmd/nats-bootstrap/main.go
nats-test-connection:
desc: "Test NATS connectivity"
cmds:
- |
if command -v nats >/dev/null 2>&1; then
echo "Testing NATS connectivity..."
nats --server="${NATS_URLS:-nats://localhost:4222}" pub test.connection "Test message $(date)"
echo "β
NATS connectivity test passed"
else
echo "β οΈ NATS CLI not found - install with: go install github.com/nats-io/natscli/nats@latest"
fi
monitor-workflow:
desc: Monitor GitHub Actions workflow execution
cmds:
- |
echo "π Monitoring GitHub Actions workflow for template changes..."
echo "This script monitors the full cycle: template change β GitHub Actions β file regeneration"
echo ""
./monitor-workflow.sh
monitor-nats:
desc: Monitor workflow using NATS (requires NATS server)
cmds:
- |
echo "π NATS-enhanced workflow monitoring"
echo "This demonstrates advanced patterns for workflow orchestration"
echo ""
./nats-monitor.sh check
nats-demo:
desc: Show NATS enhanced workflow capabilities
cmds:
- |
echo "π NATS Enhanced GitHub Workflow Demonstration"
echo "=============================================="
echo ""
./nats-monitor.sh demo
nats-controller:
desc: Start the NATS-based workflow controller (requires NATS server)
cmds:
- |
echo "ποΈ Starting NATS workflow controller..."
go mod download
go run cmd/nats-controller/main.go
nats-monitor:
desc: Monitor NATS-powered GitHub workflows
cmds:
- |
echo "π NATS Workflow Monitor for {{.GITHUB_ORG}}"
echo "==========================================="
if [ -f "nats-monitor.sh" ]; then
chmod +x nats-monitor.sh
./nats-monitor.sh
else
echo "β nats-monitor.sh not found"
echo " This would connect to Synadia Cloud and monitor:"
echo " β’ github.{{.GITHUB_ORG}}.template_changed"
echo " β’ github.{{.GITHUB_ORG}}.workflow_status"
echo " β’ github.{{.GITHUB_ORG}}.regeneration_requested"
echo ""
echo " To enable NATS monitoring:"
echo " 1. Sign up for Synadia Cloud"
echo " 2. Configure credentials"
echo " 3. Run: task nats-deploy"
fi
nats-deploy:
desc: Deploy NATS infrastructure using Terraform
cmds:
- |
echo "π Deploying NATS Infrastructure"
echo "================================"
if ! command -v terraform >/dev/null 2>&1; then
echo "β Terraform not installed"
echo " Install from: https://www.terraform.io/downloads"
exit 1
fi
cd terraform
echo "π Initializing Terraform..."
terraform init
echo "π Planning NATS infrastructure..."
terraform plan -var="github_org={{.GITHUB_ORG}}"
echo ""
echo "To apply:"
echo " cd terraform && terraform apply -var='github_org={{.GITHUB_ORG}}'"
nats-scale:
desc: Scale NATS infrastructure based on load
cmds:
- |
echo "π NATS Infrastructure Scaling"
echo "=============================="
echo "This would:"
echo "1. Check current GitHub event load"
echo "2. Analyze NATS queue depths"
echo "3. Trigger Terraform for additional capacity"
echo "4. Auto-configure new NATS nodes"
echo ""
echo "Example scaling triggers:"
echo "β’ Queue depth > 1000 messages"
echo "β’ Processing latency > 30 seconds"
echo "β’ GitHub API rate limit approaching"
echo ""
echo "Self-similar pattern: NATS controllers deploy more NATS!"
nats-controller:
desc: Run NATS controller locally for development
cmds:
- |
echo "π€ Starting Local NATS Controller"
echo "================================="
if [ ! -f "cmd/nats-controller/main.go" ]; then
echo "β NATS controller not found"
exit 1
fi
echo "π Environment:"
echo " GITHUB_ORG: {{.GITHUB_ORG}}"
echo " NATS_URL: ${NATS_URL:-nats://localhost:4222}"
echo ""
if ! command -v {{.NATS_BINARY}} >/dev/null 2>&1; then
echo "β οΈ NATS CLI not installed"
echo " Install from: https://github.com/nats-io/natscli"
echo " Or use Docker: docker run natsio/nats-server"
fi
echo "π Starting controller..."
go run cmd/nats-controller/main.go
bee-install:
desc: Install bee for event-driven GitHub workflows
cmds:
- |
echo "π Installing bee for event-driven workflows"
echo "============================================"
if command -v bee >/dev/null 2>&1; then
echo "β
bee already installed: $(bee version)"
else
echo "π¦ Installing bee..."
go install github.com/blinkinglight/bee/cmd/bee@latest
if command -v bee >/dev/null 2>&1; then
echo "β
bee installed: $(bee version)"
else
echo "β bee installation failed"
echo " Try manual installation: https://github.com/blinkinglight/bee"
exit 1
fi
fi
bee-generate:
desc: Generate bee handlers from protobuf schemas
deps: [bee-install]
cmds:
- |
echo "π§ Generating bee handlers from protobuf schemas"
echo "==============================================="
if [ ! -f "schemas/github_events.proto" ]; then
echo "β Protobuf schema not found: schemas/github_events.proto"
exit 1
fi
echo "π Generating Go code from protobuf..."
# Create output directory
mkdir -p pkg/events/v1
# Generate protobuf Go code
if command -v protoc >/dev/null 2>&1; then
protoc --go_out=pkg/events/v1 --go_opt=paths=source_relative schemas/github_events.proto
echo "β
Protobuf Go code generated"
else
echo "β οΈ protoc not installed, skipping protobuf generation"
echo " Install from: https://protobuf.dev/downloads/"
fi
echo "π Generating bee handlers..."
bee generate --config bee.yaml
echo "β
bee handler generation complete"
bee-run:
desc: Run bee-powered GitHub workflow orchestrator
deps: [bee-generate]
cmds:
- |
echo "π Starting bee GitHub Workflow Orchestrator"
echo "==========================================="
if [ ! -f "bee.yaml" ]; then
echo "β bee configuration not found: bee.yaml"
exit 1
fi
echo "π Configuration:"
echo " GITHUB_ORG: {{.GITHUB_ORG}}"
echo " NATS_URL: ${NATS_URL:-nats://localhost:4222}"
echo " Config: bee.yaml"
echo ""
echo "π Starting bee orchestrator..."
bee run --config bee.yaml
bee-validate:
desc: Validate bee configuration and schemas
deps: [bee-install]
cmds:
- |
echo "π Validating bee configuration and schemas"
echo "=========================================="
if [ ! -f "bee.yaml" ]; then
echo "β bee configuration not found: bee.yaml"
exit 1
fi
echo "π Validating bee.yaml configuration..."
bee validate --config bee.yaml
if [ -f "schemas/github_events.proto" ]; then
echo "π Validating protobuf schema..."
if command -v protoc >/dev/null 2>&1; then
protoc --descriptor_set_out=/dev/null schemas/github_events.proto
echo "β
Protobuf schema is valid"
else
echo "β οΈ protoc not installed, skipping schema validation"
fi
fi
echo "β
All validations passed"
bee-demo:
desc: Demonstrate bee integration capabilities
cmds:
- |
echo "π Bee + NATS + GitHub Integration Demo"
echo "======================================"
echo ""
echo "π Bee brings to our GitHub workflow orchestration:"
echo ""
echo "π Type-Safe Event Handling:"
echo " β’ Protobuf schemas define all GitHub events"
echo " β’ Generated Go handlers with compile-time safety"
echo " β’ Schema evolution without breaking changes"
echo ""
echo "π Event-Driven Architecture:"
echo " β’ GitHub webhooks β Protobuf events β NATS β bee handlers"
echo " β’ Terraform operations triggered by events"
echo " β’ Self-healing infrastructure through event sourcing"
echo ""
echo "π Advanced Features:"
echo " β’ Built-in metrics and tracing"
echo " β’ Event replay for debugging"
echo " β’ Rate limiting and backpressure"
echo " β’ Multi-language support (Go, Rust, Python)"
echo ""
echo "π§ Self-Terraforming Pattern:"
echo " β’ bee handlers detect infrastructure needs"
echo " β’ Automatically trigger Terraform operations"
echo " β’ NATS controllers deploy more NATS infrastructure"
echo " β’ Self-similar scaling across regions"
echo ""
echo "π Observability:"
echo " β’ Prometheus metrics for all events"
echo " β’ Jaeger tracing for distributed debugging"
echo " β’ Structured logging with correlation IDs"
echo ""
echo "π Getting Started:"
echo " task bee-install # Install bee"
echo " task bee-generate # Generate handlers"
echo " task bee-run # Start orchestrator"
echo ""
echo "This represents the next evolution of GitHub workflow"
echo "orchestration - event-driven, type-safe, and infinitely scalable! ππ"
# =============================================================================
# Cloudflare Integration Tasks
# =============================================================================
cloudflare:setup:
desc: "Setup Cloudflare integration (R2 + Containers)"
cmds:
- task: cloudflare:setup:r2
- task: cloudflare:setup:containers
- echo "β
Cloudflare integration setup complete"
cloudflare:setup:r2:
desc: "Setup Cloudflare R2 backend for Terraform state"
cmds:
- |
echo "ποΈ Setting up Cloudflare R2 backend..."
if [ -z "$CLOUDFLARE_ACCOUNT_ID" ]; then
echo "β οΈ CLOUDFLARE_ACCOUNT_ID not set - skipping R2 setup"
echo "π‘ Set environment variables to enable R2 backend:"
echo " export CLOUDFLARE_ACCOUNT_ID=your-account-id"
echo " export CLOUDFLARE_R2_ACCESS_KEY=your-access-key"
echo " export CLOUDFLARE_R2_SECRET_KEY=your-secret-key"
else
echo "β
Cloudflare R2 configuration detected"
echo "π R2 Endpoint: https://$CLOUDFLARE_ACCOUNT_ID.r2.cloudflarestorage.com"
echo "π° Expected savings: ~95% vs AWS S3 (zero egress fees)"
fi
cloudflare:setup:containers:
desc: "Setup Cloudflare Containers for NATS deployment"
cmds:
- |
echo "π³ Setting up Cloudflare Containers..."
if command -v wrangler >/dev/null 2>&1; then
echo "β
Wrangler CLI found"
wrangler --version
else
echo "π¦ Installing Wrangler CLI..."
npm install -g wrangler
fi
if [ -z "$CLOUDFLARE_API_TOKEN" ]; then
echo "β οΈ CLOUDFLARE_API_TOKEN not set"
echo "π‘ Login to Cloudflare and set API token:"
echo " wrangler login"
echo " export CLOUDFLARE_API_TOKEN=your-api-token"
else
echo "β
Cloudflare API token configured"
fi
cloudflare:deploy:
desc: "Deploy NATS containers to Cloudflare"
deps: [cloudflare:setup:containers]
cmds:
- |
echo "π Deploying NATS orchestrator to Cloudflare..."
if [ ! -f "wrangler.toml" ]; then
echo "π Creating wrangler.toml from template..."
cp terraform/templates/wrangler.toml.tpl wrangler.toml
echo "βοΈ Please edit wrangler.toml with your account details"
fi
if [ -n "$CLOUDFLARE_API_TOKEN" ]; then
echo "π Deploying worker..."
wrangler deploy
echo "β
Deployment complete"
echo "π Access your NATS orchestrator at:"
echo " https://nats-orchestrator.<your-subdomain>.workers.dev"
else
echo "β οΈ CLOUDFLARE_API_TOKEN required for deployment"
fi
cloudflare:test:
desc: "Test Cloudflare NATS deployment"
cmds:
- |
echo "π§ͺ Testing Cloudflare NATS deployment..."
if [ -n "$CLOUDFLARE_WORKER_URL" ]; then
echo "π‘ Testing health endpoint..."
curl -f "$CLOUDFLARE_WORKER_URL/health" || echo "β Health check failed"
echo "π Testing API endpoints..."
curl -f "$CLOUDFLARE_WORKER_URL/api/containers" || echo "β API test failed"
echo "β
Cloudflare integration tests complete"
else
echo "β οΈ CLOUDFLARE_WORKER_URL not set"
echo "π‘ Set your worker URL: export CLOUDFLARE_WORKER_URL=https://your-worker.workers.dev"
fi
cloudflare:migrate:state:
desc: "Migrate Terraform state to Cloudflare R2"
cmds:
- |
echo "π¦ Migrating Terraform state to Cloudflare R2..."
echo "β οΈ This will modify your Terraform backend configuration"
read -p "Continue? (y/N) " -n 1 -r
echo
if [[ $REPLY =~ ^[Yy]$ ]]; then
echo "π Updating backend configuration..."
cd terraform
# Backup current state
cp terraform.tfstate terraform.tfstate.backup.$(date +%s) 2>/dev/null || true
# Initialize with R2 backend
terraform init -migrate-state
echo "β
State migration complete"
echo "πΎ Backup created: terraform.tfstate.backup.*"
else
echo "β Migration cancelled"
fi
cloudflare:cost:analysis:
desc: "Show Cloudflare cost analysis vs alternatives"
cmds:
- |
echo "π° Cloudflare Integration Cost Analysis"
echo "========================================"
echo
echo "π R2 vs AWS S3 (monthly, 10GB storage + 1M reads + 100GB egress):"
echo " Cloudflare R2: \$0.51 total"
echo " AWS S3: \$9.63 total"
echo " π‘ Savings: \$9.12 (95% reduction)"
echo
echo "π³ Containers vs Traditional VPS (basic instance, 50% utilization):"
echo " Cloudflare: \$5-10/month (global, auto-scale, zero-ops)"
echo " AWS Fargate: \$15-25/month (regional, manual scaling)"
echo " DigitalOcean: \$12/month (single region, manual management)"
echo
echo "π Additional Benefits:"
echo " β
Zero egress fees"
echo " β
Global edge deployment"
echo " β
Auto-scaling"
echo " β
Built-in observability"
echo " β
Zero cold start"
echo " β
Integrated platform (Workers, KV, R2)"
cloudflare:docs:
desc: "Open Cloudflare integration documentation"
cmds:
- |
echo "π Opening Cloudflare integration documentation..."
if command -v open >/dev/null 2>&1; then
open CLOUDFLARE-INTEGRATION.md
elif command -v xdg-open >/dev/null 2>&1; then
xdg-open CLOUDFLARE-INTEGRATION.md
else
echo "π View documentation: CLOUDFLARE-INTEGRATION.md"
fi
# =============================================================================
# Secret Management
# =============================================================================
secrets:init:
desc: "Initialize secret management (.env.example)"
cmds:
- |
echo "π Initializing secret management..."
chmod +x secret-sync.sh
./secret-sync.sh init
echo ""
echo "π‘ Next steps:"
echo " 1. cp .env.example .env"
echo " 2. Edit .env with your actual secrets"
echo " 3. task secrets:sync"
secrets:sync:
desc: "Sync .env secrets to GitHub (requires .env file)"
cmds:
- |
echo "π Syncing secrets to GitHub..."
chmod +x secret-sync.sh
./secret-sync.sh sync
secrets:test:
desc: "Test secret access across all platforms"
cmds:
- |
echo "π§ͺ Testing secret access..."
chmod +x secret-sync.sh
./secret-sync.sh test
secrets:list:
desc: "List current GitHub secrets"
cmds:
- |
echo "π Listing GitHub secrets..."
chmod +x secret-sync.sh
./secret-sync.sh list
secrets:generate:
desc: "Generate secure random secrets (webhooks, etc.)"
cmds:
- |
echo "π² Generating secure secrets..."
chmod +x secret-sync.sh
./secret-sync.sh generate
secrets:security:
desc: "Run security checks on secret management"
cmds:
- |
echo "π‘οΈ Running security checks..."
chmod +x secret-sync.sh
./secret-sync.sh security
secrets:setup:
desc: "Complete secret setup flow (init + guide)"
cmds:
- task: secrets:init
- |
echo ""
echo "π Secret Setup Guide"
echo "====================="
echo ""
echo "1οΈβ£ GitHub Token:"
echo " π Go to: https://github.com/settings/tokens"
echo " βοΈ Create token with: repo, workflow, admin:org, admin:repo_hook"
echo " π Copy token to .env as GITHUB_TOKEN"
echo ""
echo "2οΈβ£ Synadia Cloud (Optional):"
echo " π Go to: https://cloud.synadia.com/"
echo " π Get token & account name"
echo " πΎ Download .nats/creds file"
echo ""
echo "3οΈβ£ Cloudflare (Optional):"
echo " π Go to: https://dash.cloudflare.com/profile/api-tokens"
echo " π Create token with Zone:Read, Account:Read permissions"
echo " π Get Account ID from dashboard"
echo ""
echo "4οΈβ£ Complete setup:"
echo " π Edit .env with your values"
echo " π task secrets:sync"
echo " π§ͺ task secrets:test"
secrets:rotate:
desc: "Rotate secrets (interactive)"
cmds:
- |
echo "π Secret Rotation Workflow"
echo "==========================="
echo ""
echo "β οΈ This will help you rotate secrets safely."
echo "π Make sure you have backup access to all platforms!"
echo ""
read -p "Continue with secret rotation? (y/N) " -n 1 -r
echo
if [[ $REPLY =~ ^[Yy]$ ]]; then
echo ""
echo "1οΈβ£ Generate new GitHub token:"
echo " π https://github.com/settings/tokens"
echo " π Update GITHUB_TOKEN in .env"
echo ""
echo "2οΈβ£ Generate new Cloudflare token (if used):"
echo " π https://dash.cloudflare.com/profile/api-tokens"
echo " π Update CLOUDFLARE_API_TOKEN in .env"
echo ""
echo "3οΈβ£ Update platform secrets:"
echo " π task secrets:sync"
echo ""
echo "4οΈβ£ Test access:"
echo " π§ͺ task secrets:test"
echo ""
echo "5οΈβ£ Revoke old tokens from platform UIs"
else
echo "β Secret rotation cancelled"
fi
secrets:backup:
desc: "Create encrypted backup of secret configuration"
cmds:
- |
echo "πΎ Creating encrypted secret backup..."
if [ ! -f .env ]; then
echo "β .env file not found"
exit 1
fi
BACKUP_FILE="secrets-backup-$(date +%Y%m%d-%H%M%S).tar.gz.gpg"
echo "ποΈ Creating archive..."
tar -czf - .env .env.example secret-sync.sh | gpg --symmetric --cipher-algo AES256 --compress-algo 1 --output "$BACKUP_FILE"
if [ $? -eq 0 ]; then
echo "β
Encrypted backup created: $BACKUP_FILE"
echo "π Use GPG passphrase to decrypt later"
echo ""
echo "π‘ To restore:"
echo " gpg --decrypt $BACKUP_FILE | tar -xzf -"
else
echo "β Backup failed"
fi
secrets:restore:
desc: "Restore from encrypted backup"
cmds:
- |
echo "π Available backup files:"
ls -la secrets-backup-*.tar.gz.gpg 2>/dev/null || echo "β No backup files found"
echo ""
read -p "Enter backup filename: " BACKUP_FILE
if [ -f "$BACKUP_FILE" ]; then
echo "π Decrypting and restoring..."
gpg --decrypt "$BACKUP_FILE" | tar -xzf -
if [ $? -eq 0 ]; then
echo "β
Secrets restored from backup"
echo "π§ͺ Run 'task secrets:test' to verify"
else
echo "β Restore failed"
fi
else
echo "β Backup file not found: $BACKUP_FILE"
fi
# =============================================================================