Overview
We need to deploy a Node.js REST API to the HFLA Incubator that automates 1Password vault access management. This API is used by our Google Apps Script onboarding system to automatically grant/revoke vault access when members join or leave projects.
Related Issue: hackforla/tables#137
Application Stack
| Component |
Details |
| Runtime |
Node.js 18 |
| Framework |
Express.js |
| Dependencies |
1Password CLI v2 (must be installed in container) |
| Port |
3000 |
| Health Check |
GET /health |
Resource Requirements
| Resource |
Value |
Notes |
| CPU |
256 (0.25 vCPU) |
Minimal, mostly I/O bound |
| Memory |
512 MB |
Should be sufficient |
| Instances |
1 |
No scaling needed |
| Storage |
None |
Stateless |
Secrets Required
We need to store these secrets in AWS Secrets Manager:
| Secret Name |
Description |
API_KEY |
API authentication key |
OP_BOT_PASSWORD |
1Password bot account password |
OP_BOT_SECRET_KEY |
1Password secret key (A3-XXXXX format) |
Questions
1.What's the deployment workflow? Do we need to create a separate repo?
2.Is there a standard pattern for API-only deployments in the Incubator?
Action Items
Resources/Instructions
Overview
We need to deploy a Node.js REST API to the HFLA Incubator that automates 1Password vault access management. This API is used by our Google Apps Script onboarding system to automatically grant/revoke vault access when members join or leave projects.
Related Issue: hackforla/tables#137
Application Stack
GET /healthResource Requirements
Secrets Required
We need to store these secrets in AWS Secrets Manager:
API_KEYOP_BOT_PASSWORDOP_BOT_SECRET_KEYQuestions
1.What's the deployment workflow? Do we need to create a separate repo?
2.Is there a standard pattern for API-only deployments in the Incubator?
Action Items
Resources/Instructions