chore: setup ci cd (#154)

<!--
  For Work In Progress Pull Requests, please use the Draft PR feature,
see https://github.blog/2019-02-14-introducing-draft-pull-requests/ for
further details.
  
  For a timely review/response, please avoid force-pushing additional
  commits if your PR already received reviews or comments.
  
Before submitting a Pull Request, please ensure you've done the
following:
- 📖 Read the [Contributing
Guide](https://github.com/uncefact/project-vckit/blob/main/CONTRIBUTING.md).
- 📖 Read the [Code of
Conduct](https://github.com/uncefact/project-vckit/blob/main/CODE_OF_CONDUCT.md).
  - 👷‍♀️ Create small PRs. In most cases, this will be possible.
  - ✅ Provide tests for your changes.
- 📝 Use descriptive commit messages following [conventional
commits](https://www.conventionalcommits.org/en/v1.0.0/).
- 📗 Update any related documentation and include any relevant
screenshots.
-->

## What type of PR is this? (check all applicable)

- [ ] 🍕 Feature
- [ ] 🐛 Bug Fix
- [ ] 📝 Documentation Update
- [ ] 🎨 Style
- [ ] 🧑‍💻 Code Refactor
- [ ] 🔥 Performance Improvements
- [ ] ✅ Test
- [ ] 🤖 Build
- [x] 🔁 CI
- [ ] 📦 Chore (Release)
- [ ] ⏩ Revert

## Description

<!-- 
Please do not leave this blank 
This PR [adds/removes/fixes/replaces] the [feature/bug/etc]. 
-->
This PR adds the CICD scripts
## Related Tickets & Documents
<!-- 
Please use this format link issue numbers: Fixes #123

https://docs.github.com/en/free-pro-team@latest/github/managing-your-work-on-github/linking-a-pull-request-to-an-issue#linking-a-pull-request-to-an-issue-using-a-keyword
-->

## Mobile & Desktop Screenshots/Recordings

<!-- Visual changes require screenshots -->


## Added tests?

- [ ] 👍 yes
- [ ] 🙅 no, because they aren't needed
- [ ] 🙋 no, because I need help

## Added to documentation?

- [ ] 📜 README.md
- [ ] 📓 [vc-kit doc site](https://uncefact.github.io/vckit/)
- [ ] 📕 storybook
- [ ] 🙅 no documentation needed

## [optional] Are there any post-deployment tasks we need to perform?


<!-- note: PRs with deleted sections will be marked invalid -->

---------

Signed-off-by: Nam Hoang <[email protected]>

.github/workflows/build-and-deploy-agent.yml

@@ -0,0 +1,93 @@
+name: Build and Deploy Agent
+
+on:
+  push:
+    branches:
+      - dev
+    tags:        
+      - '*' 
+
+env: 
+  environment: ${{ (github.ref == 'refs/heads/dev' && 'dev') || (startsWith(github.ref, 'refs/tags/v') && 'UN') }}
+
+jobs:
+  install_and_build:
+    runs-on: ubuntu-latest
+
+    permissions:
+      id-token: write
+
+    env:
+      CI: false
+
+    environment: ${{ (github.ref == 'refs/heads/dev' && 'dev') || (startsWith(github.ref, 'refs/tags/v') && 'UN') }}
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Install AWS CLI
+        run: |
+          sudo apt-get -q install -y python3-pip
+          pip3 install awscli --upgrade --user
+
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v3
+        with:
+          role-to-assume: ${{ secrets.AWS_ROLE_GITHUB_ACTION_ARN }}
+          aws-region: ${{ secrets.AWS_REGION }}
+
+      - name: Remove Explorer
+        run: rm -rf packages/demo-explorer packages/react-components packages/vckit-oa-renderers
+
+      - name: Overwrite configuration
+        if: ${{ env.environment == 'dev' }}
+        run: cp -f packages/cli/default/default-dev.yml packages/cli/default/default.yml
+
+      - name: Create env file
+        if: ${{ env.environment == 'dev' }}
+        run: |
+          touch packages/encrypted-storage/.env
+          echo DATABASE_URL=${{ secrets.DATABASE_URL}} >> packages/encrypted-storage/.env
+          echo DATABASE_TYPE=postgres >> packages/encrypted-storage/.env
+          echo DATABASE_DATABASE=${{ secrets.DATABASE_DATABASE}} >> packages/encrypted-storage/.env
+          cat packages/encrypted-storage/.env
+          cp packages/encrypted-storage/.env packages/revocation-list-2020/.env
+      
+      - name: Compress Agent Server
+        run: tar -czf agent-server.tar.gz *
+
+      - name: Upload Artifact to S3
+        run: aws s3 cp agent-server.tar.gz s3://${{ vars.AGENT_SERVER_AWS_S3_BUCKET_NAME }}/agent-server.tar.gz
+
+
+  deploy:
+    needs: install_and_build
+    runs-on: ubuntu-latest
+
+    permissions:
+      id-token: write
+
+    environment: ${{ (github.ref == 'refs/heads/dev' && 'dev') || (startsWith(github.ref, 'refs/tags/v') && 'UN') }}
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Install AWS CLI
+        run: |
+          sudo apt-get -q install -y python3-pip
+          pip3 install awscli --upgrade --user
+
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v3
+        with:
+          role-to-assume: ${{ secrets.AWS_ROLE_GITHUB_ACTION_ARN }}
+          aws-region: ${{ vars.AWS_REGION }}
+
+      - name: Deploy to EC2
+        run: aws deploy create-deployment --application-name ${{ vars.AWS_DEPLOY_APP_NAME }} --deployment-group-name ${{ vars.AWS_DEPLOY_GROUP_NAME }} --s3-location bucket=${{ vars.AGENT_SERVER_AWS_S3_BUCKET_NAME }},key=agent-server.tar.gz,bundleType=tgz --ignore-application-stop-failures
+
+
+
+

.github/workflows/deploy-to-s3.yml

@@ -0,0 +1,114 @@
+name: Deploy to S3
+
+on:
+  push:
+    branches:
+      - dev
+    tags:        
+      - '*' 
+
+env: 
+  environment: ${{ (github.ref == 'refs/heads/dev' && 'dev') || (startsWith(github.ref, 'refs/tags/v') && 'UN') }}
+
+jobs:
+  install_and_build:
+    runs-on: ubuntu-latest
+
+    env:
+      CI: false
+
+    environment: ${{ (github.ref == 'refs/heads/dev' && 'dev') || (startsWith(github.ref, 'refs/tags/v') && 'UN') }}
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Cache dependencies
+        id: cache
+        uses: actions/cache@v3
+        with:
+          path: ~/.pnpm-store
+          key: ${{ runner.os }}-pnpm-${{ hashFiles('**/pnpm-lock.yaml') }}
+
+      - name: Install Node.js
+        uses: actions/setup-node@v3
+        with:
+          node-version: '18'
+
+      - name: Install pnpm
+        run: npm install -g [email protected]
+
+      - name: pnpm version
+        run: pnpm --version
+
+      - name: Install dependencies
+        run: pnpm install
+
+      - name: 'Create env file'
+        run: |
+          touch .env
+          echo REACT_APP_ENCRYPTED_ENDPOINT=${{ vars.REACT_APP_ENCRYPTED_ENDPOINT}} >> .env
+          echo REACT_APP_QRCODE_VERIFY_ENDPOINT=${{ vars.REACT_APP_QRCODE_VERIFY_ENDPOINT }} >> .env
+          echo REACT_APP_SCHEMA_URL=${{ vars.REACT_APP_SCHEMA_URL }} >> .env
+          echo REACT_APP_REMOTE_AGENT_API_KEY=${{ vars.REACT_APP_REMOTE_AGENT_API_KEY }} >> .env
+          echo REACT_APP_DEFAULT_AGENT_ID=${{ vars.REACT_APP_DEFAULT_AGENT_ID }} >> .env
+          cat .env
+
+      - name: Build explorer
+        run: pnpm build:js
+
+      - name: Archive artifacts
+        uses: actions/upload-artifact@v3
+        with:
+          name: explorer
+          path: packages/demo-explorer/build/explorer
+
+  deploy_to_s3:
+    needs: install_and_build
+    runs-on: ubuntu-latest
+
+    permissions:
+      id-token: write
+
+    environment: ${{ (github.ref == 'refs/heads/dev' && 'dev') || (startsWith(github.ref, 'refs/tags/v') && 'UN') }}
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Download artifacts
+        uses: actions/download-artifact@v3
+        with:
+          name: explorer
+          path: packages/demo-explorer/build/explorer
+
+      - name: Install AWS CLI
+        run: |
+          sudo apt-get -q install -y python3-pip
+          pip3 install awscli --upgrade --user
+
+      - name: Configure AWS Credentials
+        if: ${{ env.environment == 'dev' }}
+        uses: aws-actions/configure-aws-credentials@v3
+        with:
+          role-to-assume: ${{ secrets.AWS_ROLE_GITHUB_ACTION_ARN }}
+          aws-region: ${{ vars.AWS_REGION }}
+
+      - name: Configure AWS Credentials
+        if: ${{ env.environment == 'UN' }}
+        uses: aws-actions/configure-aws-credentials@v3
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: ${{ vars.AWS_REGION }}
+
+      - name: Deploy to S3
+        run: aws s3 sync packages/demo-explorer/build/explorer/ s3://${{ vars.AWS_S3_BUCKET_NAME }}/vckit/explorer/ --delete
+
+      - name: Invalidate CloudFront
+        run: |
+          DISTRIBUTION_ID=${{ vars.AWS_CLOUDFRONT_DISTRIBUTION_ID }}
+          INVALIDATION_PATH="/vckit/explorer/*"
+
+          # Create a new CloudFront invalidation
+          aws cloudfront create-invalidation --distribution-id $DISTRIBUTION_ID --paths $INVALIDATION_PATH

.gitignore

@@ -88,4 +88,7 @@ data
 
 local-database*.json
 
-/scratch
+/scratch
+
+# logs
+/logs

appspec.yml

@@ -0,0 +1,26 @@
+version: 0.0
+os: linux
+files:
+  - source: /
+    destination: /home/ec2-user/agent_server
+hooks:
+  ApplicationStop:
+    - location: aws/scripts/application_stop.sh
+      timeout: 300
+      runas: root
+  BeforeInstall:
+    - location: aws/scripts/before_install.sh
+      timeout: 300
+      runas: root
+  AfterInstall:
+    - location: aws/scripts/after_install.sh
+      timeout: 1200
+      runas: root
+  ApplicationStart:
+    - location: aws/scripts/application_start.sh
+      timeout: 300
+      runas: root
+  ValidateService:
+    - location: aws/scripts/validate_service.sh
+      timeout: 300
+      runas: root

aws/scripts/after_install.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+# Install dependencies
+source /home/ec2-user/.bashrc
+cd /home/ec2-user/agent_server
+pnpm install
+pnpm build

aws/scripts/application_start.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+source /home/ec2-user/.bashrc
+cd /home/ec2-user/agent_server
+
+if [ ! -f /home/ec2-user/agent.yml ]; then
+  pnpm vckit config --filename /home/ec2-user/agent.yml
+fi
+# Start server
+pm2 start pnpm -- vckit server --config /home/ec2-user/agent.yml

aws/scripts/application_stop.sh

@@ -0,0 +1,15 @@
+#!/bin/bash
+# Restart codedeploy agent
+sudo service codedeploy-agent stop
+sudo rm -rf /opt/codedeploy-agent/deployment-root/*
+sudo service codedeploy-agent start
+
+# Stop server
+pm2 stop all
+
+# Delete old source
+if [ -d /home/ec2-user/agent_server ]; then
+  sudo rm -rf /home/ec2-user/agent_server
+fi
+
+sudo mkdir -vp /home/ec2-user/agent_server

aws/scripts/before_install.sh

@@ -0,0 +1,17 @@
+#!/bin/bash
+if git --version; then
+    echo "git already installed"
+else
+    sudo yum install git -y
+fi
+
+if node --version; then
+    echo "node already installed"
+else
+    sudo yum install gcc-c++ make -y
+    curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.0/install.sh | bash
+    . ~/.nvm/nvm.sh
+    nvm install 16
+    npm install -g [email protected]
+    npm install pm2 -g
+fi

aws/scripts/validate_service.sh

@@ -0,0 +1,18 @@
+#!/bin/bash
+set -x
+
+NUMBER_OF_ATTEMPTS=10
+SLEEP_TIME=3
+
+for i in `seq 1 $NUMBER_OF_ATTEMPTS`;
+do
+  HTTP_CODE=`curl --insecure --write-out '%{http_code}' -o /dev/null -m 10 -q -s http://localhost:3332/open-api.json`
+  if [ "$HTTP_CODE" == "200" ]; then
+    echo "app server is running."
+    exit 0
+  fi
+  echo "Attempt to curl endpoint returned HTTP Code $HTTP_CODE. Backing off and retrying."
+  sleep $SLEEP_TIME
+done
+echo "Server did not come up after expected time. Failing."
+exit 1