Support native build server for deployments with the cli

Author: myftija

apps/webapp/app/env.server.ts

@@ -345,6 +345,12 @@ const EnvironmentSchema = z
     OBJECT_STORE_SECRET_ACCESS_KEY: z.string().optional(),
     OBJECT_STORE_REGION: z.string().optional(),
     OBJECT_STORE_SERVICE: z.string().default("s3"),
+
+    ARTIFACTS_OBJECT_STORE_BUCKET: z.string(),
+    ARTIFACTS_OBJECT_STORE_BASE_URL: z.string().optional(),
+    ARTIFACTS_OBJECT_STORE_ACCESS_KEY_ID: z.string().optional(),
+    ARTIFACTS_OBJECT_STORE_SECRET_ACCESS_KEY: z.string().optional(),
+    ARTIFACTS_OBJECT_STORE_REGION: z.string().optional(),
     EVENTS_BATCH_SIZE: z.coerce.number().int().default(100),
     EVENTS_BATCH_INTERVAL: z.coerce.number().int().default(1000),
     EVENTS_DEFAULT_LOG_RETENTION: z.coerce.number().int().default(7),

apps/webapp/app/routes/api.v1.artifacts.ts

@@ -0,0 +1,73 @@
+import { type ActionFunctionArgs, json } from "@remix-run/server-runtime";
+import {
+  type CreateArtifactResponseBody,
+  CreateArtifactRequestBody,
+  tryCatch,
+} from "@trigger.dev/core/v3";
+import { authenticateRequest } from "~/services/apiAuth.server";
+import { logger } from "~/services/logger.server";
+import { ArtifactsService } from "~/v3/services/artifacts.server";
+
+export async function action({ request }: ActionFunctionArgs) {
+  if (request.method.toUpperCase() !== "POST") {
+    return json({ error: "Method Not Allowed" }, { status: 405 });
+  }
+
+  const authenticationResult = await authenticateRequest(request, {
+    apiKey: true,
+    organizationAccessToken: false,
+    personalAccessToken: false,
+  });
+
+  if (!authenticationResult || !authenticationResult.result.ok) {
+    logger.info("Invalid or missing api key", { url: request.url });
+    return json({ error: "Invalid or Missing API key" }, { status: 401 });
+  }
+
+  const [, rawBody] = await tryCatch(request.json());
+  const body = CreateArtifactRequestBody.safeParse(rawBody ?? {});
+
+  if (!body.success) {
+    return json({ error: "Invalid request body", issues: body.error.issues }, { status: 400 });
+  }
+
+  const { environment: authenticatedEnv } = authenticationResult.result;
+
+  const service = new ArtifactsService();
+  return await service
+    .createArtifact(body.data.type, authenticatedEnv, body.data.contentLength)
+    .match(
+      (result) => {
+        return json(
+          {
+            artifactKey: result.artifactKey,
+            uploadUrl: result.uploadUrl,
+            uploadFields: result.uploadFields,
+            expiresAt: result.expiresAt.toISOString(),
+          } satisfies CreateArtifactResponseBody,
+          { status: 201 }
+        );
+      },
+      (error) => {
+        switch (error.type) {
+          case "artifact_size_exceeds_limit": {
+            logger.warn("Artifact size exceeds limit", { error });
+            return json(
+              {
+                error: `Artifact size (${error.contentLength} bytes) exceeds the allowed limit of ${error.sizeLimit} bytes`,
+              },
+              { status: 400 }
+            );
+          }
+          case "failed_to_create_presigned_post": {
+            logger.error("Failed to create presigned POST", { error });
+            return json({ error: "Failed to generate artifact upload URL" }, { status: 500 });
+          }
+          default:
+            error satisfies never;
+            logger.error("Failed creating artifact", { error });
+            return json({ error: "Internal server error" }, { status: 500 });
+        }
+      }
+    );
+}

apps/webapp/app/routes/api.v1.deployments.ts

@@ -37,7 +37,7 @@ export async function action({ request, params }: ActionFunctionArgs) {
   const service = new InitializeDeploymentService();
 
   try {
-    const { deployment, imageRef } = await service.call(authenticatedEnv, body.data);
+    const { deployment, imageRef, eventStream } = await service.call(authenticatedEnv, body.data);
 
     const responseBody: InitializeDeploymentResponseBody = {
       id: deployment.friendlyId,
@@ -48,6 +48,7 @@ export async function action({ request, params }: ActionFunctionArgs) {
         deployment.externalBuildData as InitializeDeploymentResponseBody["externalBuildData"],
       imageTag: imageRef,
       imagePlatform: deployment.imagePlatform,
+      eventStream,
     };
 
     return json(responseBody, { status: 200 });

apps/webapp/app/services/platform.v3.server.ts

@@ -529,6 +529,31 @@ export async function generateRegistryCredentials(
   return result;
 }
 
+export async function enqueueBuild(
+  projectId: string,
+  deploymentId: string,
+  artifactKey: string,
+  options: {
+    skipPromotion?: boolean;
+    configFilePath?: string;
+  }
+) {
+  if (!client) return undefined;
+  const result = await client.enqueueBuild(projectId, { deploymentId, artifactKey, options });
+  if (!result.success) {
+    logger.error("Error enqueuing build", {
+      error: result.error,
+      projectId,
+      deploymentId,
+      artifactKey,
+      options,
+    });
+    throw new Error("Failed to enqueue build");
+  }
+
+  return result;
+}
+
 function isCloud(): boolean {
   const acceptableHosts = [
     "https://cloud.trigger.dev",

apps/webapp/app/v3/services/artifacts.server.ts

@@ -0,0 +1,86 @@
+import type { AuthenticatedEnvironment } from "~/services/apiAuth.server";
+import { BaseService } from "./baseService.server";
+import { env } from "~/env.server";
+import { createPresignedPost } from "@aws-sdk/s3-presigned-post";
+import { S3Client } from "@aws-sdk/client-s3";
+import { customAlphabet } from "nanoid";
+import { errAsync, fromPromise } from "neverthrow";
+
+const nanoid = customAlphabet("1234567890abcdefghijklmnopqrstuvwxyz", 24);
+const objectStoreClient =
+  env.ARTIFACTS_OBJECT_STORE_ACCESS_KEY_ID &&
+  env.ARTIFACTS_OBJECT_STORE_SECRET_ACCESS_KEY &&
+  env.ARTIFACTS_OBJECT_STORE_BASE_URL
+    ? new S3Client({
+        credentials: {
+          accessKeyId: env.ARTIFACTS_OBJECT_STORE_ACCESS_KEY_ID,
+          secretAccessKey: env.ARTIFACTS_OBJECT_STORE_SECRET_ACCESS_KEY,
+        },
+        region: env.ARTIFACTS_OBJECT_STORE_REGION,
+        endpoint: env.ARTIFACTS_OBJECT_STORE_BASE_URL,
+        forcePathStyle: true,
+      })
+    : new S3Client();
+
+const artifactKeyPrefixByType = {
+  deployment_context: "deployments",
+} as const;
+const artifactBytesSizeLimitByType = {
+  deployment_context: 100 * 1024 * 1024, // 100MB
+} as const;
+
+export class ArtifactsService extends BaseService {
+  private readonly bucket = env.ARTIFACTS_OBJECT_STORE_BUCKET;
+
+  public createArtifact(
+    type: "deployment_context",
+    authenticatedEnv: AuthenticatedEnvironment,
+    contentLength?: number
+  ) {
+    const limit = artifactBytesSizeLimitByType[type];
+
+    // this is just a validation using client-side data
+    // the actual limit will be enforced by S3
+    if (contentLength && contentLength > limit) {
+      return errAsync({
+        type: "artifact_size_exceeds_limit" as const,
+        contentLength,
+        sizeLimit: limit,
+      });
+    }
+
+    const uniqueId = nanoid();
+    const key = `${artifactKeyPrefixByType[type]}/${authenticatedEnv.project.externalRef}/${authenticatedEnv.slug}/${uniqueId}.tar.gz`;
+
+    return this.createPresignedPost(key, limit, contentLength).map((result) => ({
+      artifactKey: key,
+      uploadUrl: result.url,
+      uploadFields: result.fields,
+      expiresAt: result.expiresAt,
+    }));
+  }
+
+  private createPresignedPost(key: string, sizeLimit: number, contentLength?: number) {
+    const ttlSeconds = 300; // 5 minutes
+    const expiresAt = new Date(Date.now() + ttlSeconds * 1000);
+
+    return fromPromise(
+      createPresignedPost(objectStoreClient, {
+        Bucket: this.bucket,
+        Key: key,
+        Conditions: [["content-length-range", 0, sizeLimit]],
+        Fields: {
+          "Content-Type": "application/gzip",
+        },
+        Expires: ttlSeconds,
+      }),
+      (error) => ({
+        type: "failed_to_create_presigned_post" as const,
+        cause: error,
+      })
+    ).map((result) => ({
+      ...result,
+      expiresAt,
+    }));
+  }
+}