rothbard/terraform/deploy.sh

#!/bin/bash

# Rothbard Law Group Deployment Script
# This script automates the deployment process for Cloud Run

set -e

# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color

# Configuration
PROJECT_ID=""
DOMAIN_NAME=""
HOSTING_OPTION="cloud_run"

# Helper functions
log_info() {
    echo -e "${GREEN}[INFO]${NC} $1"
}

log_warn() {
    echo -e "${YELLOW}[WARN]${NC} $1"
}

log_error() {
    echo -e "${RED}[ERROR]${NC} $1"
}

# Check prerequisites
check_prerequisites() {
    log_info "Checking prerequisites..."

    # Check gcloud
    if ! command -v gcloud &> /dev/null; then
        log_error "gcloud is not installed. Please install Google Cloud SDK."
        exit 1
    fi

    # Check terraform
    if ! command -v terraform &> /dev/null; then
        log_error "terraform is not installed. Please install Terraform."
        exit 1
    fi

    # Check docker (for Cloud Run)
    if [ "$HOSTING_OPTION" = "cloud_run" ] && ! command -v docker &> /dev/null; then
        log_error "docker is not installed. Please install Docker for Cloud Run deployment."
        exit 1
    fi

    log_info "Prerequisites check passed!"
}

# Setup project
setup_project() {
    log_info "Setting up Google Cloud project..."

    if [ -z "$PROJECT_ID" ]; then
        read -p "Enter your GCP Project ID: " PROJECT_ID
    fi

    # Set the project
    gcloud config set project "$PROJECT_ID"

    # Enable required APIs
    log_info "Enabling required APIs..."
    gcloud services enable run.googleapis.com
    gcloud services enable cloudbuild.googleapis.com
    gcloud services enable firestore.googleapis.com
    gcloud services enable firebase.googleapis.com
    gcloud services enable secretmanager.googleapis.com

    log_info "Project setup completed!"
}

# Build and push Docker image (Cloud Run)
build_and_push_image() {
    if [ "$HOSTING_OPTION" != "cloud_run" ]; then
        return
    fi

    log_info "Building Docker image..."

    # Build the image
    docker build -t gcr.io/$PROJECT_ID/rothbard-portal:latest .

    log_info "Pushing Docker image to Google Container Registry..."

    # Configure Docker to use gcloud as a credential helper
    gcloud auth configure-docker

    # Push the image
    docker push gcr.io/$PROJECT_ID/rothbard-portal:latest

    log_info "Docker image pushed successfully!"
}

# Deploy infrastructure with Terraform
deploy_infrastructure() {
    log_info "Deploying infrastructure with Terraform..."

    cd terraform

    # Create terraform.tfvars if it doesn't exist
    if [ ! -f "terraform.tfvars" ]; then
        log_warn "terraform.tfvars not found. Creating from example..."
        cp terraform.tfvars.example terraform.tfvars

        # Update with project ID
        sed -i "s/your-gcp-project-id/$PROJECT_ID/g" terraform.tfvars

        if [ -n "$DOMAIN_NAME" ]; then
            sed -i "s/rothbard-portal.example.com/$DOMAIN_NAME/g" terraform.tfvars
        fi

        log_warn "Please edit terraform/terraform.tfvars with your specific configuration before continuing."
        read -p "Press Enter to continue after editing..."
    fi

    # Initialize Terraform
    terraform init

    # Plan deployment
    log_info "Planning Terraform deployment..."
    terraform plan

    # Apply deployment
    log_info "Applying Terraform configuration..."
    terraform apply -auto-approve

    # Get the output URL
    APP_URL=$(terraform output -raw application_url)

    cd ..

    log_info "Infrastructure deployed successfully!"
    log_info "Application URL: $APP_URL"
}

# Create service account key for local development
create_service_account_key() {
    log_info "Creating service account key for development..."

    SA_NAME="rothbard-flask-app"
    SA_EMAIL="$SA_NAME@$PROJECT_ID.iam.gserviceaccount.com"

    # Create service account if it doesn't exist
    if ! gcloud iam service-accounts describe "$SA_EMAIL" &> /dev/null; then
        gcloud iam service-accounts create "$SA_NAME" \
            --display-name="Rothbard Flask App Service Account"
    fi

    # Grant necessary roles
    gcloud projects add-iam-policy-binding "$PROJECT_ID" \
        --member="serviceAccount:$SA_EMAIL" \
        --role="roles/datastore.user"

    gcloud projects add-iam-policy-binding "$PROJECT_ID" \
        --member="serviceAccount:$SA_EMAIL" \
        --role="roles/firebase.admin"

    # Create key
    gcloud iam service-accounts keys create ~/rothbard-service-account.json \
        --iam-account="$SA_EMAIL"

    log_info "Service account key created at ~/rothbard-service-account.json"
    log_warn "Add this to your environment: export GOOGLE_APPLICATION_CREDENTIALS=~/rothbard-service-account.json"
}

# Main deployment function
main() {
    log_info "Starting Rothbard Law Group deployment..."

    # Parse command line arguments
    while [[ $# -gt 0 ]]; do
        case $1 in
            -p|--project)
                PROJECT_ID="$2"
                shift 2
                ;;
            -d|--domain)
                DOMAIN_NAME="$2"
                shift 2
                ;;
            -o|--option)
                HOSTING_OPTION="$2"
                shift 2
                ;;
            -h|--help)
                echo "Usage: $0 [OPTIONS]"
                echo "Options:"
                echo "  -p, --project PROJECT_ID    GCP Project ID"
                echo "  -d, --domain DOMAIN_NAME     Domain name (optional)"
                echo "  -o, --option HOSTING_OPTION  Hosting option (cloud_run or app_engine)"
                echo "  -h, --help                   Show this help message"
                exit 0
                ;;
            *)
                log_error "Unknown option: $1"
                exit 1
                ;;
        esac
    done

    # Validate hosting option
    if [[ ! "$HOSTING_OPTION" =~ ^(cloud_run|app_engine)$ ]]; then
        log_error "Invalid hosting option. Use 'cloud_run' or 'app_engine'."
        exit 1
    fi

    check_prerequisites
    setup_project
    build_and_push_image
    deploy_infrastructure
    create_service_account_key

    log_info "Deployment completed successfully!"
    log_info "Next steps:"
    log_info "1. Configure Firebase Authentication in the Firebase Console"
    log_info "2. Set up Firestore security rules"
    log_info "3. Enable user accounts in Firestore"
    log_info "4. Configure your custom domain (if applicable)"
}

# Run main function
main "$@"