Research and Implement Improved PE Networking Configurations

[pjhill]

Description

Givens

• content-build takes a very long time to build
• we use a cached pre-built content-build to save time
• in current testing, the pre-built content-build detects that it is running in a localhost configuration and tries to reach vets-api at localhost:3000
• in EKS, vets-api is not reachable at localhost:3000 from the content-build container
• the brainstorming in our session from 5/25

Based on these givens, we believe we should research and attempt to implement the following idea from our brainstorming session -- Change the environment config to detect a preview environment specific URL and append -api to the end of the URL where the instance attempts to communicate with vets-api

Tasks

• [x] Research the feasibility of adding logic to the environments configuration for content-build and vets-website to detect a preview environment URL
• [x] Implement the change in content-build
• [x] Implement the change in vets-website
• [x] Test locally using a service like ngrok to create a custom URL against local environment
• [ ] Test in EKS / ArgoCD

Acceptance Criteria

• [ ] The preview environment frontend is communicating with the preview environment backend over a dynamically assigned URL

[CBonade]

Idea 2 was an almost instant success! I'm fighting CodeQL on ensuring that our code isn't vulnerable to attacks but once that error is solved these PRs will be open for review.

[CBonade]

CodeQL issues are resolved and this solution is merged into both vets-website and content-build.

[pjhill]

This works in local testing, but is not working EKS via ArgoCD deployment. We need an additional change.

[JoeTice]

Sprint 28 Update - IN PROGRESS - This task is in progress and is working locally but not in ArgoCD. Work will be completed in Sprint 29

[pjhill]

Something changed out from under us in EKS while we were implementing this. For some reason, our latest test in EKS is not being detected as a typical localhost environment. Based on initial troubleshooting, it seems that the logic for the environment configuration is now following a different path. We will need to make another change in the environment configuration or somewhere else to detect an instance that is running like a localhost environment but using port 80 for hosting.

[holdenhinkle]

Curt's PR: https://github.com/department-of-veterans-affairs/vets-website/pull/24432

---

Tim Cosgrove's ideas from comments from https://dsva.slack.com/archives/C04CYC4LMU6/p1686336776006339?thread_ts=1686336141.840359&cid=C04CYC4LMU6

IDEA 1

API_URL is set here - https://github.com/department-of-veterans-affairs/content-build/blob/main/src/site/constants/environments-configs.js#L48

would it be enough to set the env variable when you call content-build? so like,

API_URL=<my_dynamic_API_url> yarn build

and then modify the environment "constants" such that they look for an API_URL already being there and use it if it exists

IDEA 2 https://github.com/department-of-veterans-affairs/vets-website/blob/main/src/platform/utilities/preview-environment/start.sh#LL56C18-L56C48

in the last line, couldn't you just do API_URL=<your url> yarn serve?

if vets-website is looking for an env variable API_URL you could just feed it to the process. yarn serve is just running http-server. I would check but I would assume that would be enough to pass an env variable to it.

---

HOLDEN'S IDEAS: Set API_URL env var here - https://github.com/department-of-veterans-affairs/vsp-infra-application-manifests/blob/main/apps/preview-environment/dev/pe-envs/templates/deployment.yaml#L77

---

List of all env vars that have something to do with setting the environment:

In vets-website: buildtype = localhost => "build:webpack:local": "yarn build:webpack --env buildtype=localhost",

NODE_ENV See https://github.com/department-of-veterans-affairs/vets-website NODE_ENV=production yarn build:webpack --env buildtype=vagovprod --env analyzer

NODE_ENV=development: The application is running in a development environment, usually on the developer's machine. In this mode, more debugging information is typically exposed, and development-only features (like hot reloading or detailed error messages) may be enabled.

NODE_ENV=production: The application is running in a production environment. This usually means it's running on a server providing a service to end users. In this mode, the application typically logs less debugging information, and may have optimizations enabled for performance and efficiency.

NODE_ENV=test: The application is running in a testing environment. This is typically used when running automated tests, where you might want different behavior, like using a test database instead of the real one.

---

In vsp-infra-application-manifests/apps/preview-environment/dev/pe-envs/templates/deployment.yaml: API_URL = {{ dynamic_url }}

---

Side notes: Why is this still here? https://github.com/department-of-veterans-affairs/vsp-infra-application-manifests/blob/main/apps/preview-environment/dev/argocd-apps/Chart.yaml

Do we need this? https://github.com/department-of-veterans-affairs/vsp-infra-application-manifests/[…]pps/preview-environment/dev/pe-envs/charts/vets-api-0.11.46.tgz

SAVING BEFORE MY COMPUTER DIES

[holdenhinkle]

Some quick notes:

Regarding the rework-pe-frontend branch - https://github.com/department-of-veterans-affairs/vets-website/pull/24432 - I noticed that vets-website is never being served:

# Build and watch vets-website
echo "Install, build, and watch vets-website"
cd vets-website
yarn install --production=false
yarn build:webpack:local

wait
cd ..

# Serve the content-build

mkdir -p content-build/.cache/localhost/drupal
echo "untar the build into content-build/.cache/localhost/drupal"
tar -xf ${AWS_FILENAME} -C content-build/.cache/localhost/drupal

echo "Install and serve content-build"
cd content-build
yarn install
yarn build --use-cached-assets
yarn serve

The content-build is being served but vets-website definitely isn't.

I added the following line - yarn watch --env.buildtype=localhost --env.api="http://vets-api-web:3004" & See https://github.com/department-of-veterans-affairs/vets-website/blob/32c3027110571793b9816ac2d66d9c69231f5739/src/platform/utilities/preview-environment/start.sh#L56

** I'm not sure what the value for env.api should be.

I spent a fair amount of time trying to figure out why we're using yarn watch to serve vets-website. This command serves the app but watches for changes made to it and then rebuilds it accordingly. Why would we want this in production? Why not use yarn serve?

Regarding the team's mob session last Thursday when we weren't see changes made to the image: If vets-website wasn't being served, then it wouldn't be serving up the changes made to the image. We would be able to see the code changes, but it wouldn't be running. Actually, I'm not sure why we would have been able to see the app. Were we seeing static pages? content-build was being served.

I'm looking forward to testing this tomorrow morning.

[holdenhinkle]

Changes:

We're running yarn watch now:

# Install, build and watch vets-website
echo "Install, build, and watch vets-website"
cd vets-website
yarn install --production=false
yarn build:webpack:local
yarn watch --env.buildtype=localhost &

We're also retrieving the content-build from s3 instead of using the drupal cache.

Working:

• The request URL is being set correctly

Problems:

• All the links are taking us to production
• Fonts are trying to be retrieved from a prod s3 bucket
• vets-api is not running where request URL is routed (bad gateway)

[holdenhinkle]

Next Steps:

• Get vets-api working
• Fix links that are currently pointing to prod
• Fix font issue

[holdenhinkle]

Get vets-api working

Now...

Later, after everything is working:

• Move Redis out of vets-website pod into vets-api pod
• Move Postgres out of vets-website pod into vets-api pod

[holdenhinkle]

We have a new problem. It seems that Pods (at least the vets-website Pod) are updated for no reason at all after several hours?? And result in the preview instance return Bad Gateway.

[holdenhinkle]

We paired with Kyle today and discovered there's an error when trying to serve up vets-website. The logs:

info If you think this is a bug, please open a bug report with the information provided in "/app/website/vets-website/yarn-error.log".
99
info Visit https://yarnpkg.com/en/docs/cli/install for documentation about this command.
98
yarn run v1.19.1
97
$ yarn build:webpack --env buildtype=localhost
96
$ NODE_OPTIONS=--max-old-space-size=8192 webpack --config config/webpack.config.js --env buildtype=localhost
95
/bin/sh: 1: webpack: not found
94
error Command failed with exit code 127.
93
info Visit https://yarnpkg.com/en/docs/cli/run for documentation about this command.
92
error Command failed with exit code 127.
91
info Visit https://yarnpkg.com/en/docs/cli/run for documentation about this command.
90
Install and serve content-build
89
yarn install v1.22.10
88
[1/4] Resolving packages...
87
yarn run v1.19.1
86
$ node ./script/watch.js
85
internal/modules/cjs/loader.js:883
84
  throw err;
83
  ^
82
81
Error: Cannot find module 'command-line-usage'
80
Require stack:
79
- /app/website/vets-website/script/build-help.js
78
- /app/website/vets-website/script/watch.js
77
    at Function.Module._resolveFilename (internal/modules/cjs/loader.js:880:15)
76
    at Function.Module._load (internal/modules/cjs/loader.js:725:27)
75
    at Module.require (internal/modules/cjs/loader.js:952:19)
74
    at require (internal/modules/cjs/helpers.js:88:18)
73
    at Object.<anonymous> (/app/website/vets-website/script/build-help.js:2:26)
72
    at Module._compile (internal/modules/cjs/loader.js:1063:30)
71
    at Object.Module._extensions..js (internal/modules/cjs/loader.js:1092:10)
70
    at Module.load (internal/modules/cjs/loader.js:928:32)
69
    at Function.Module._load (internal/modules/cjs/loader.js:769:14)
68
    at Module.require (internal/modules/cjs/loader.js:952:19) {
67
  code: 'MODULE_NOT_FOUND',
66
  requireStack: [
65
    '/app/website/vets-website/script/build-help.js',
64
    '/app/website/vets-website/script/watch.js'
63
  ]
62
}
61
error Command failed with exit code 1.
60
info Visit https://yarnpkg.com/en/docs/cli/run for documentation about this command.
59
warning Resolution field "lodash@4.17.21" is incompatible with requested version "lodash@^2.4.1"
58
[2/4] Fetching packages...
57
info fsevents@2.3.2: The platform "linux" is incompatible with this module.
56
info "fsevents@2.3.2" is an optional dependency and failed compatibility check. Excluding it from installation.
55
[3/4] Linking dependencies...
54
warning " > @department-of-veterans-affairs/eslint-plugin@1.1.0" has incorrect peer dependency "eslint-plugin-jsx-a11y@^6.5.1".
53
warning " > @department-of-veterans-affairs/eslint-plugin@1.1.0" has incorrect peer dependency "eslint-plugin-sonarjs@^0.12.0".
52
warning " > @department-of-veterans-affairs/eslint-plugin@1.1.0" has incorrect peer dependency "eslint-plugin-unicorn@^35.0.0".
51
warning " > @department-of-veterans-affairs/web-components@4.9.6" has unmet peer dependency "@department-of-veterans-affairs/formation@^7.0.1".
50
warning " > @department-of-veterans-affairs/web-components@4.9.6" has unmet peer dependency "i18next@*".
49
warning " > @department-of-veterans-affairs/web-components@4.9.6" has unmet peer dependency "i18next-browser-languagedetector@*".
48
warning " > eslint-plugin-prettier@4.0.0" has incorrect peer dependency "prettier@>=2.0.0".
47
warning " > mocha-snapshots@4.2.0" has incorrect peer dependency "mocha@^4.0.1".
46
[4/4] Building fresh packages...
45
error /app/website/content-build/node_modules/cypress: Command failed.
44
Exit code: 1
43
Command: node index.js --exec install
42
Arguments:
41
Directory: /app/website/content-build/node_modules/cypress
40
info Visit https://yarnpkg.com/en/docs/cli/install for documentation about this command.
39
Output:
38
Installing Cypress (version: 10.8.0)
37
36
[STARTED] Task without title.
35
[FAILED] The Cypress App could not be downloaded.
34
[FAILED]
33
[FAILED] Does your workplace require a proxy to be used to access the Internet? If so, you must configure the HTTP_PROXY environment variable before downloading Cypress. Read more: https://on.cypress.io/proxy-configuration
32
[FAILED]
31
[FAILED] Otherwise, please check network connectivity and try again:
30
[FAILED]
29
[FAILED] ----------
28
[FAILED]
27
[FAILED] URL: https://download.cypress.io/desktop/10.8.0?platform=linux&arch=x64
26
[FAILED] Error: self signed certificate in certificate chain
25
[FAILED]
24
[FAILED] ----------
23
[FAILED]
22
[FAILED] Platform: linux-x64 (Debian - 10.8)
21
[FAILED] Cypress Version: 10.8.0
20
The Cypress App could not be downloaded.
19
18
Does your workplace require a proxy to be used to access the Internet? If so, you must configure the HTTP_PROXY environment variable before downloading Cypress. Read more: https://on.cypress.io/proxy-configuration
17
16
Otherwise, please check network connectivity and try again:
15
14
----------
13
12
URL: https://download.cypress.io/desktop/10.8.0?platform=linux&arch=x64
11
Error: self signed certificate in certificate chain
10
9
----------
8
7
Platform: linux-x64 (Debian - 10.8)
6
Cypress Version: 10.8.0
5
yarn run v1.22.10
4
$ node script/serve.js
3
$ /app/website/content-build/node_modules/.bin/http-server build/localhost -s -c-1 -p 3002
2
(node:294) [DEP0066] DeprecationWarning: OutgoingMessage.prototype._headers is deprecated
1
(Use `node --trace-deprecation ...` to show where the warning was created)

1. The first command (log 97-94) attempted to run a webpack build (yarn build:webpack --env buildtype=localhost) which failed because the system could not find the webpack command. This may be due to webpack not being installed or not being in the system's PATH.
2. The second command (log 86-61) attempted to run a Node.js script (node ./script/watch.js). However, this also failed due to the system not being able to find the 'command-line-usage' module, which is required in 'build-help.js'. This module may not have been installed, or the relative path may be incorrect.
3. While attempting to install dependencies using yarn (log 88-46), several warnings and errors occurred: a. There are multiple warnings related to incorrect or unmet peer dependencies. Peer dependencies are a specific kind of dependency that are expected to be installed by the parent project, not the library itself. These should be resolved for the project to work correctly. b. Installation of the Cypress module failed due to a self-signed certificate in the certificate chain when trying to download the Cypress App. This could indicate a problem with the network configuration, especially if the network requires a proxy server. The URL for downloading Cypress is being blocked due to this issue.

[pjhill]

The networking scope of this ticket has been resolved. Some issues remain with our container configuration, but those will be worked under different tickets.