{"id":23653359,"url":"https://github.com/johnbedeir/clerk-integration","last_synced_at":"2026-01-27T02:33:24.906Z","repository":{"id":268459846,"uuid":"904428505","full_name":"johnbedeir/clerk-integration","owner":"johnbedeir","description":null,"archived":false,"fork":false,"pushed_at":"2025-01-13T14:15:05.000Z","size":659,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-05-27T20:04:45.284Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/johnbedeir.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2024-12-16T21:46:14.000Z","updated_at":"2025-01-13T14:15:08.000Z","dependencies_parsed_at":"2024-12-16T22:49:16.918Z","dependency_job_id":"b9ea466b-08d7-418b-9325-d9970307f598","html_url":"https://github.com/johnbedeir/clerk-integration","commit_stats":null,"previous_names":["johnbedeir/clerk-integration"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/johnbedeir/clerk-integration","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/johnbedeir%2Fclerk-integration","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/johnbedeir%2Fclerk-integration/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/johnbedeir%2Fclerk-integration/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/johnbedeir%2Fclerk-integration/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/johnbedeir","download_url":"https://codeload.github.com/johnbedeir/clerk-integration/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/johnbedeir%2Fclerk-integration/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28796977,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-27T01:07:07.743Z","status":"online","status_checked_at":"2026-01-27T02:00:07.755Z","response_time":168,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-28T17:53:17.268Z","updated_at":"2026-01-27T02:33:24.881Z","avatar_url":"https://github.com/johnbedeir.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Clerk-API-Wrapper: Deployment Guide\n\n\u003cimg src=imgs/cover.png\u003e\n\n## Overview\n\nThe **Clerk-API-Wrapper** is a comprehensive application that integrates with Clerk.io to manage product data efficiently. The application is designed to leverage modern DevOps practices, ensuring a secure and scalable infrastructure. Using Terraform, Terragrunt, and Kubernetes, the deployment automates secrets management, infrastructure creation, and application provisioning.\n\n### Key Features:\n\n- **Secrets Management**: Terraform creates secrets in AWS Secrets Manager based on the `terraform.tfvars` file. These secrets are automatically fetched by Kubernetes using ClusterSecretStore and ExternalSecrets to create Kubernetes secrets for application deployment.\n- **Infrastructure as Code**: The infrastructure is defined using Terraform and managed with Terragrunt for efficient multi-environment deployments.\n- **Modern Deployment Practices**: Supports both Kubernetes manifests and Helm charts for deployment, providing flexibility and scalability.\n\n### Tools Required:\n\nTo run this project, ensure the following tools are installed:\n\n- **Terragrunt**: For managing Terraform configurations `dev` and `prod` environment.\n- **Terraform**: For defining infrastructure as code.\n- **AWS CLI**: For managing AWS resources and EKS clusters.\n- **Kubernetes CLI (kubectl)**: For interacting with Kubernetes clusters.\n- **Docker**: For building container images.\n\n---\n\n## Deployment Steps\n\n### 1. Pre-Build Setup\n\n1. **Create `terraform.tfvars`**:\n   Navigate to `infrastructure/modules` directory and create a `terraform.tfvars` file with the following format:\n\n   ```terraform\n   clerk_public_key  = \"n4UsgwDE3uhUr9FRd3B7H4ygzDv5d0rX\"\n   clerk_private_key = \"es78AlQ9YAYOPjV24lnC1Xh9UmJYaGc8\"\n   clerk_api_url = \"https://api.clerk.io/v2/product/list?key=\"\n   ```\n\n   \u003e Obtain the `Public API Key` and `Private API Key` from the Clerk dashboard under `Settings \u003e API Keys`.\n\n2. **Secrets Management**:\n   Terraform will create secrets in AWS Secrets Manager using the values from `terraform.tfvars`. These secrets will be fetched into Kubernetes as environment variables via ClusterSecretStore and ExternalSecrets.\n\n---\n\n### 2. Build Infrastructure\n\n1. Navigate to the `infrastructure` directory.\n2. Run the following command:\n\n   ```sh\n   terragrunt run-all apply\n   ```\n\n   \u003e This will provision the necessary AWS resources, including the EKS cluster, VPC, and Secrets Manager entries.\n\n---\n\n### 4. Post-Build Steps\n\n1. **Update kubeconfig**:\n\n   Run the following command to configure `kubectl` for the EKS cluster:\n\n   ```sh\n   aws eks update-kubeconfig --name cluster-1-dev --region eu-central-1\n   ```\n\n   \u003cimg src=imgs/eks.png\u003e\n\n   Encode the kubeconfig:\n\n   ```\n   cat .kube/config | base64\n   ```\n\n   Copy the output to github secrets.\n\n### 4. Continuous Integration and Continuous Deployment\n\nMake sure you run the following script to add `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` to store aws credentials in github secrets.\n\nNavigate to the [Application GitHub Repository](https://github.com/johnbedeir/clerk-integration), go to the `Actions` tab, and run the latest workflow to ensure the Docker image is built and pushed to AWS ECR.\n\n\u003e Commit any recent updates before triggering the workflow.\n\n    \u003cimg src=imgs/ecr.png\u003e\n\nOnce the workflow is successfully done the `Continuous Deployment` will run automatically.\n\n---\n\n### 5. Application Deployment\n\n#### Option 1: Deploy via Kubernetes Manifests\n\n1. Create the namespace:\n\n   ```sh\n   kubectl create ns dev-clerk-app\n   ```\n\n2. Deploy the application:\n\n   ```sh\n   kubectl apply -n dev-clerk-app -f k8s/eks/\n   ```\n\n   \u003e This deploys the application, including Deployment, Service, and ExternalSecrets.\n\n#### Option 2: Deploy via Helm Chart\n\n1. Navigate to the [Chart Repository](https://github.com/johnbedeir/clerk-app-chart).\n2. Follow the steps in the `README` to deploy the application using Helm.\n\n---\n\n### 6. Configuring DNS Records\n\n1. **Fetch Load Balancer URLs**:\n   Use the following commands to retrieve the LoadBalancer URLs for various services:\n\n   - **Application Service**:\n\n     ```sh\n     kubectl get svc clerk-app-service -n dev-clerk-app -o jsonpath='{.status.loadBalancer.ingress[0].hostname}'\n     ```\n\n   - **Ingress Controller**:\n\n     ```sh\n     kubectl get svc nginx-ingress-ingress-nginx-controller -n ingress-nginx -o jsonpath='{.status.loadBalancer.ingress[0].hostname}'\n     ```\n\n   - **ArgoCD**:\n     ```sh\n     kubectl get svc argocd-server -n argocd -o jsonpath='{.status.loadBalancer.ingress[0].hostname}'\n     ```\n\n2. **Update DNS Records**:\n   Add the following CNAME records in your domain’s DNS zone editor:\n\n   | Service      | CNAME                       |\n   | ------------ | --------------------------- |\n   | Application  | `clerk.johnydev.com`        |\n   | Prometheus   | `prometheus.johnydev.com`   |\n   | AlertManager | `alertmanager.johnydev.com` |\n   | Grafana      | `grafana.johnydev.com`      |\n   | ArgoCD       | `argocd.johnydev.com`       |\n\n    \u003cimg src=imgs/cpanel.png\u003e\n\n### 7. Accessing Applications\n\n- **Prometheus**:\n  Navigate to `prometheus.johnydev.com`.\n\n  \u003cimg src=imgs/prometheus.png\u003e\n\n- **AlertManager**:\n  Navigate to `alertmanager.johnydev.com`.\n\n  \u003cimg src=imgs/alertmanager.png\u003e\n\n- **Clerk Application**:\n  Navigate to `clerk.johnydev.com`.\n\n  \u003cimg src=imgs/clerk.png\u003e\n\n  Verify the data feed at `clerk.johnydev.com/feeds/clerk.json`. Copy this URL into the Clerk.io Data Sync settings.\n\n  \u003cimg src=imgs/data-sync.png\u003e\n\n- **ArgoCD**:\n  Navigate to `argocd.johnydev.com`.\n\n  Login Credentials:\n\n  - Username: `admin`\n  - Password: Retrieve using:\n    ```sh\n    kubectl get secret -n argocd argocd-initial-admin-secret -o jsonpath=\"{.data.password}\" | base64 --decode; echo\n    ```\n\n  Add a new application via GitHub or Helm Chart as required.\n\n  \u003cimg src=imgs/argocd.png\u003e\n\n- **Grafana**:\n  Navigate to `grafana.johnydev.com`.\n\n  Login Credentials:\n\n  - Username: `admin`\n  - Password: `admin`\n\n  Navigate to Dashboards and select the preferred dashboard.\n\n  \u003cimg src=imgs/grafana.png\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjohnbedeir%2Fclerk-integration","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjohnbedeir%2Fclerk-integration","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjohnbedeir%2Fclerk-integration/lists"}