This is the Heroku/Kotlin rewrite of my prior Docker/Java one-on-one app report.
The production version of this app is hosted at https://s6-1on1s.herokuapp.com/ and https://riot-1on1s.herokuapp.com/. The OAuth account is configured to only allow singularity6.com and riotgames.com email addresses as it requires access to calendar and directory information.
The app is functional and has some improvements over the original app, aside from also, actually working. The remaining work and some ideas is in the TODO file and in the project's Github issue tracker.
The versions here specifically work, though newer versions may also.
- JDK 11
- Maven 3.6
- Heroku CLI
- Probably need a heroku account, but unknown if that's needed for the CLI.
- Either get Google account secrets from @sergeknystautas or create your own Google developer account for a web client and OAuth.
- IntelliJ IDEA (recommended)
Make sure you've got the above requirements complete.
Create
relationships/googlecal-ktor/.env
and put the OAuth secrets in there. This would look like
OAUTH_CLIENT_ID=<longcharsequence>
OAUTH_CLIENT_SECRET=<medcharsequence>
OAUTH_PROJECT=<shortcharsequence>
To build and run the service:
mvn clean install && heroku local:start -p 5000
This uses maven to clean previous artifacts and rebuild, then calls the heroku CLI to run the app locally. To see if this works go to:
http://localhost:5000
The app.json adds the metadata and specifies we are using the heroku/java buildpack.
The Procfile defines what Heroku runs.
This app uses the Heroku-20 stack. By default the Java buildpack uses OpenJDK 8 and Maven 3.6.2 in this stack.
We follow a simple version of git-flow.
- The production/live website at https://s6-1on1s.herokuapp.com/ and https://riot-1on1s.herokuapp.com/ is tied to the
main
branch. - The staging website at https://s6-1on1s-staging.herokuapp.com/ and https://riot-1on1s-staging.herokuapp.com/ is tied to the
staging
branch.
We are not using github-flow or the development and release branch strategy yet given the small size of the team.
Email alerts on commits are configured in the github project's notification settings.
We use Heroku for builds. There are two apps for production and staging as described above in the branching strategy.
Heroku uses a github webhook to be alerted when there are changes. It runs the following command:
mvn -DskipTests clean dependency:list install
If this successfully completes, Heroku will shut down the existing dynos and launch one with the new version. This will create a brief downtime for the app. Prebook is not available for the hobby level and we'd have to upgrade to professional to prevent this downtime.
Heroku manages secrets as discussed in development above. These are the secrets the app uses that should be configured in a heroku app:
OAUTH_CLIENT_ID
get this from GoogleOAUTH_CLIENT_SECRET
get this from GoogleOAUTH_PROJECT
get this from GoogleENVIRONMENT
this prompts HTTPS redirects in production and is sent to Sentry on crash reports.development
is the default, also useproduction
for that environment.PAPERTRAIL_API_TOKEN
configured automatically by heroku when adding this add-on.SENTRY_DSN
configured automatically by heroku when adding this add-on.
We use the add-on from Papertrail that gives free cloud logging for Heroku deployed environments. This is accessible thru an SSO link per project from the Heroku dashboard.
We use alerting in Papertrail to provide business-logic alerts. The one alert in production is based on a saved search for SUCCESSFUL LOGIN log messages which if there are any are emailed nightly to Serge.
We use Sentry's crash reporting to track stack traces in the Kotlin app. If the environment is specified, then an alert along with the user and URI path is sent to Sentry. You can access the Sentry dashboard from an SSO link per project from the Heroku dashboard.
This application heavily on Google APIs. Because this is meant solely for singularity6.com and riotgames.com usage, the application was created in that domain. Its name is One-on-One Project
.
We created an OAuth2 web client
which needed authorized redirect URLs added for localhost
as well as the staging and production hostnames and /login
.
The OAuth consent screen does not need verification as we mark this as an internal
user type. This allows us to skip the domain verification and page usage agreements. The dashboard shows the APIs this application is approved for.
The dashboard shows the APIs were are using which includes:
- Google Calendar API
- People API. This replaces the Contact API that was used by the Java/docker version of this app, so the permissions and call patterns have changed.
Heroku is a low-cost option for hosting hobby projects that provides many critical surrounding features that is more expensive and work with Docker and AWS, including:
- Easy CI/CD
- Commits to github's main branch will redeploy the app.
- Test plans can be included to prevent errant deploys, including alerts in this situation.
- Support for branching to multiple dev stages.
- Secrets management to split config, specifically for this the OAuth project secrets, from the codebase.
- Cloud logging using Papertrail add-on including alerting.
- Cloud error reporting using Sentry add-on.
- Easy data layer options such as Redis or MySQL.
All of this for $7/mo.
If you fell in love with early Java's simplicity and ease of deployment, then watched Oracle turn it into bloated enterprise-ware, you'll love Kotlin. Other languages do run within the JVM like Groovy or Scala, but they are typically used to solve other types of problems. Kotlin gives the feel of clean, early Java but with 25 years of improved design patterns and simpler language syntax, plus easy access to all existing Java libraries. Key improvements include concurrency, collection operations, error handling, null safety, and booleans.
- Git because this is a microservice.
- KTor because it wrapped Netty, gave OAuth options out of the box, gave numerous rendering options, and made it easy to start writing a Kotlin microservice.
- Maven because I'm old and haven't learned Gradle or other patterns, plus the same heroku app used maven. Pull requests welcome.