From 3c888482bbc9367ed1d8ec2a43b97421ffd6b0df Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Wed, 19 May 2021 17:10:05 +0200 Subject: [PATCH 01/35] ci: comment on PR only when on master --- Resources/scripts/updater.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Resources/scripts/updater.sh b/Resources/scripts/updater.sh index 1c4a7568..f8e039bd 100644 --- a/Resources/scripts/updater.sh +++ b/Resources/scripts/updater.sh @@ -154,7 +154,8 @@ EOF # If the job was started by a Pull Request and not by a cron job, add a comment to notify the users notify_engine_pr() { - if [[ $1 == "start" || $1 == "end_failed" || $1 == "end_success" || $1 == "end_no_deploy" || $1 == "end_no_new_data" ]]; then + local -r allowed_events='start end_failed end_success end_no_deploy end_no_new_data' + if [[ "$allowed_events" == *"$1"* ]] && [[ "$CIRCLE_BRANCH" == 'master' ]]; then engine_repo_pr_number=$(get_invokator_pr_number) if [ "$engine_repo_pr_number" != "null" ] && [ -n "$CIRCLE_USERNAME" ]; then curl -f -H "$auth_header" -X POST --data "$(pr_input_updater_$1)" "https://api.github.com/repos/$org/$engine_repo/issues/$engine_repo_pr_number/comments" From 82b196e52074e5720afec9be102223a5aa62af18 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Thu, 20 May 2021 15:58:34 +0200 Subject: [PATCH 02/35] docs: list more supported tags --- Resources/docker/app/README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Resources/docker/app/README.md b/Resources/docker/app/README.md index 41d5d7f5..c5d5c55d 100644 --- a/Resources/docker/app/README.md +++ b/Resources/docker/app/README.md @@ -15,6 +15,8 @@ ## Supported tags and respective `Dockerfile` links - [`latest`](https://github.com/PokeAPI/pokeapi/blob/master/Resources/docker/app/Dockerfile) +- [`master`](https://github.com/PokeAPI/pokeapi/blob/master/Resources/docker/app/Dockerfile) +- [`staging`](https://github.com/PokeAPI/pokeapi/blob/staging/Resources/docker/app/Dockerfile) > `pokeapi` uses `python:3.7-alpine` as base image. From 5b71e1cf6b62b552f15ddf3afbddfca2536d9631 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Sat, 22 May 2021 19:16:56 +0200 Subject: [PATCH 03/35] sec remove fixed seed --- Resources/docker/app/Dockerfile | 1 - 1 file changed, 1 deletion(-) diff --git a/Resources/docker/app/Dockerfile b/Resources/docker/app/Dockerfile index f43c4e1b..96dd580b 100644 --- a/Resources/docker/app/Dockerfile +++ b/Resources/docker/app/Dockerfile @@ -2,7 +2,6 @@ FROM python:3.7-alpine ENV PYTHONUNBUFFERED 1 ENV DJANGO_SETTINGS_MODULE 'config.docker-compose' -ENV PYTHONHASHSEED 'random' RUN mkdir /code WORKDIR /code From d2acfaffe50f2a9fec57cdbf1c5e05680ce35eae Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Sat, 22 May 2021 19:20:05 +0200 Subject: [PATCH 04/35] feat: allow config via env --- config/settings.py | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/config/settings.py b/config/settings.py index 04bb81ab..314673d8 100755 --- a/config/settings.py +++ b/config/settings.py @@ -8,21 +8,21 @@ DEBUG = False TEMPLATE_DEBUG = DEBUG -ADMINS = (("Paul Hallett", "paulandrewhallett@gmail.com"),) +ADMINS = (os.environ.get('ADMINS', "Paul Hallett,paulandrewhallett@gmail.com").split(","),) EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend" MANAGERS = ADMINS -BASE_URL = "http://pokeapi.co" +BASE_URL = os.environ.get("BASE_URL", "http://pokeapi.co") # Hosts/domain names that are valid for this site; required if DEBUG is False # See https://docs.djangoproject.com/en/1.5/ref/settings/#allowed-hosts -ALLOWED_HOSTS = [".pokeapi.co", "localhost", "127.0.0.1"] +ALLOWED_HOSTS = [os.environ.get("ALLOWED_HOSTS", ".pokeapi.co"), "localhost", "127.0.0.1"] -TIME_ZONE = "Europe/London" +TIME_ZONE = os.environ.get("TIME_ZONE", "Europe/London") -LANGUAGE_CODE = "en-gb" +LANGUAGE_CODE = os.environ.get("LANGUAGE_CODE", "en-gb") SITE_ID = 1 @@ -40,8 +40,6 @@ USE_TZ = True # Explicitly define test runner to avoid warning messages on test execution TEST_RUNNER = "django.test.runner.DiscoverRunner" -SECRET_KEY = "4nksdock439320df*(^x2_scm-o$*py3e@-awu-n^hipkm%2l$sw$&2l#" - MIDDLEWARE = [ "corsheaders.middleware.CorsMiddleware", "django.middleware.common.CommonMiddleware", From 646077a8e3bce27c2db884bfd8e422d10318c7ca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Sun, 23 May 2021 18:03:12 +0200 Subject: [PATCH 05/35] chore: include graphql file in image --- .dockerignore | 1 - 1 file changed, 1 deletion(-) diff --git a/.dockerignore b/.dockerignore index dd4e3be5..e75c7741 100644 --- a/.dockerignore +++ b/.dockerignore @@ -14,7 +14,6 @@ db.* venv* node_modules Resources -graphql .vscode .github .circleci From f92a0301dcbb483bc4c5a6063ddf0026a3f88808 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Mon, 24 May 2021 19:34:58 +0200 Subject: [PATCH 06/35] fix: use forward slash --- graphql/metadata/databases/databases.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/graphql/metadata/databases/databases.yaml b/graphql/metadata/databases/databases.yaml index c9409ae7..89e25ec9 100644 --- a/graphql/metadata/databases/databases.yaml +++ b/graphql/metadata/databases/databases.yaml @@ -8,5 +8,5 @@ idle_timeout: 180 max_connections: 50 retries: 1 - tables: "!include default\\tables\\tables.yaml" - functions: "!include default\\functions\\functions.yaml" + tables: "!include default/tables/tables.yaml" + functions: "!include default/functions/functions.yaml" From fb804babeb775ea1ee16700ea25c411cd7158460 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Thu, 27 May 2021 19:25:40 +0200 Subject: [PATCH 07/35] feat: add kustomize --- .github/workflows/docker-image.yml | 2 +- .github/workflows/kustomize.yml | 24 ++++ Makefile | 12 ++ .../config/haproxy-ingress-configmap.yaml | 9 ++ Resources/k8s/kustomize/config/pokeapi.env | 2 + .../deployments/default-deployment.yaml | 25 ++++ .../deployments/graphql-deployment.yaml | 43 ++++++ .../haproxy-ingress-controller.yaml | 47 +++++++ .../deployments/pokeapi-deployment.yaml | 58 +++++++++ .../deployments/postgres-deployment.yaml | 41 ++++++ .../deployments/redis-deployment.yaml | 29 +++++ Resources/k8s/kustomize/jobs/load-graphql.yml | 18 +++ Resources/k8s/kustomize/kustomization.yaml | 34 +++++ .../other/ingress-controller-rbac.yaml | 123 ++++++++++++++++++ Resources/k8s/kustomize/other/ingress.yaml | 66 ++++++++++ Resources/k8s/kustomize/other/namespace.yaml | 6 + Resources/k8s/kustomize/secrets/postgres.env | 1 + .../k8s/kustomize/secrets/postgres.env.sample | 1 + Resources/k8s/kustomize/services/cloud.yaml | 23 ++++ .../kustomize/services/default-service.yaml | 12 ++ .../kustomize/services/graphql-service.yaml | 12 ++ .../kustomize/services/pokeapi-service.yaml | 14 ++ .../kustomize/services/postgres-service.yaml | 12 ++ .../k8s/kustomize/services/redis-service.yaml | 12 ++ .../postgres-persistentvolumeclaim.yaml | 27 ++++ .../volumes/redis-persistentvolumeclaim.yaml | 27 ++++ 26 files changed, 679 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/kustomize.yml create mode 100644 Resources/k8s/kustomize/config/haproxy-ingress-configmap.yaml create mode 100644 Resources/k8s/kustomize/config/pokeapi.env create mode 100644 Resources/k8s/kustomize/deployments/default-deployment.yaml create mode 100644 Resources/k8s/kustomize/deployments/graphql-deployment.yaml create mode 100644 Resources/k8s/kustomize/deployments/haproxy-ingress-controller.yaml create mode 100644 Resources/k8s/kustomize/deployments/pokeapi-deployment.yaml create mode 100644 Resources/k8s/kustomize/deployments/postgres-deployment.yaml create mode 100644 Resources/k8s/kustomize/deployments/redis-deployment.yaml create mode 100644 Resources/k8s/kustomize/jobs/load-graphql.yml create mode 100644 Resources/k8s/kustomize/kustomization.yaml create mode 100644 Resources/k8s/kustomize/other/ingress-controller-rbac.yaml create mode 100644 Resources/k8s/kustomize/other/ingress.yaml create mode 100644 Resources/k8s/kustomize/other/namespace.yaml create mode 100644 Resources/k8s/kustomize/secrets/postgres.env create mode 100644 Resources/k8s/kustomize/secrets/postgres.env.sample create mode 100644 Resources/k8s/kustomize/services/cloud.yaml create mode 100644 Resources/k8s/kustomize/services/default-service.yaml create mode 100644 Resources/k8s/kustomize/services/graphql-service.yaml create mode 100644 Resources/k8s/kustomize/services/pokeapi-service.yaml create mode 100644 Resources/k8s/kustomize/services/postgres-service.yaml create mode 100644 Resources/k8s/kustomize/services/redis-service.yaml create mode 100644 Resources/k8s/kustomize/volumes/postgres-persistentvolumeclaim.yaml create mode 100644 Resources/k8s/kustomize/volumes/redis-persistentvolumeclaim.yaml diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index a9d9c004..5461d275 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -1,4 +1,4 @@ -name: ci +name: docker-image on: push: diff --git a/.github/workflows/kustomize.yml b/.github/workflows/kustomize.yml new file mode 100644 index 00000000..74de914f --- /dev/null +++ b/.github/workflows/kustomize.yml @@ -0,0 +1,24 @@ +name: Create Cluster + +on: + push: + branches: + - 'master' + - 'staging' + +jobs: + create-cluster: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + with: + submodules: recursive + - name: Create k8s Kind Cluster + uses: helm/kind-action@v1.1.0 + - name: Test + run: | + kubectl cluster-info + kubectl get storageclass standard + cp Resources/k8s/kustomize/secrets/postgres.env.sample Resources/k8s/kustomize/secrets/postgres.env + kubectl apply -k Resources/k8s/kustomize/ \ No newline at end of file diff --git a/Makefile b/Makefile index 12465581..56fb5fcd 100755 --- a/Makefile +++ b/Makefile @@ -100,3 +100,15 @@ hasura-apply: # Apply local Hasura configuration hasura-get-anon-schema: # Dumps GraphQL schema gq http://localhost:8080/v1/graphql --introspect > graphql/schema.graphql + +kustomize-apply: # (Kustomize) Run kubectl apply -k on the connected k8s cluster + kubectl apply -k Resources/k8s/kustomize/ + +k8s-migrate: # (k8s) Run any pending migrations + kubectl exec deployment/pokeapi -- python manage.py migrate --settings=config.docker-compose + +k8s-build-db: # (k8s) Build the database + kubectl exec deployment/pokeapi -- sh -c 'echo "from data.v2.build import build_all; build_all()" | python manage.py shell --settings=config.docker-compose' + +k8s-delete: # (k8s) Delete pokeapi namespace + kubectl delete namespace pokeapi \ No newline at end of file diff --git a/Resources/k8s/kustomize/config/haproxy-ingress-configmap.yaml b/Resources/k8s/kustomize/config/haproxy-ingress-configmap.yaml new file mode 100644 index 00000000..6635fc6b --- /dev/null +++ b/Resources/k8s/kustomize/config/haproxy-ingress-configmap.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: haproxy-ingress-configmap +data: + dynamic-scaling: "true" + ssl-redirect: "false" + app-root: "/" + stats-auth: pokeapi:pokeapi diff --git a/Resources/k8s/kustomize/config/pokeapi.env b/Resources/k8s/kustomize/config/pokeapi.env new file mode 100644 index 00000000..e964f3cf --- /dev/null +++ b/Resources/k8s/kustomize/config/pokeapi.env @@ -0,0 +1,2 @@ +ADMINS=PokeAPI,change.me@pokeapi.co +BASE_URL=http://localhost/ diff --git a/Resources/k8s/kustomize/deployments/default-deployment.yaml b/Resources/k8s/kustomize/deployments/default-deployment.yaml new file mode 100644 index 00000000..b0ad39d1 --- /dev/null +++ b/Resources/k8s/kustomize/deployments/default-deployment.yaml @@ -0,0 +1,25 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: default-backend + labels: + component: default-backend +spec: + replicas: 2 + selector: + matchLabels: + component: default-backend + template: + metadata: + labels: + component: default-backend + spec: + containers: + - name: default-backend + image: gcr.io/google_containers/defaultbackend:1.4 + ports: + - containerPort: 8080 + resources: + limits: + memory: "64Mi" + cpu: "50m" \ No newline at end of file diff --git a/Resources/k8s/kustomize/deployments/graphql-deployment.yaml b/Resources/k8s/kustomize/deployments/graphql-deployment.yaml new file mode 100644 index 00000000..fb86b7cb --- /dev/null +++ b/Resources/k8s/kustomize/deployments/graphql-deployment.yaml @@ -0,0 +1,43 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: graphql + labels: + component: graphql +spec: + replicas: 1 + selector: + matchLabels: + component: graphql + template: + metadata: + labels: + component: graphql + spec: + containers: + - name: graphql-engine + image: hasura/graphql-engine:v2.0.0-alpha.5 + ports: + - containerPort: 8080 + env: + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: postgres-env-secret + key: POSTGRES_PASSWORD + - name: HASURA_GRAPHQL_DATABASE_URL + value: postgres://ash:$(POSTGRES_PASSWORD)@postgresql:5432/pokeapi + - name: HASURA_GRAPHQL_ENABLE_CONSOLE + value: "true" + - name: HASURA_GRAPHQL_DEV_MODE + value: "false" + - name: HASURA_GRAPHQL_ENABLED_LOG_TYPES + value: startup, http-log, webhook-log, websocket-log, query-log + - name: HASURA_GRAPHQL_ADMIN_SECRET + value: pokemon + - name: HASURA_GRAPHQL_UNAUTHORIZED_ROLE + value: anon + - name: HASURA_GRAPHQL_ENABLE_TELEMETRY + value: "false" + resources: {} + diff --git a/Resources/k8s/kustomize/deployments/haproxy-ingress-controller.yaml b/Resources/k8s/kustomize/deployments/haproxy-ingress-controller.yaml new file mode 100644 index 00000000..d9b3e9bd --- /dev/null +++ b/Resources/k8s/kustomize/deployments/haproxy-ingress-controller.yaml @@ -0,0 +1,47 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: haproxy-ingress-controller + labels: + component: haproxy-ingress +spec: + selector: + matchLabels: + component: haproxy-ingress + template: + metadata: + labels: + component: haproxy-ingress + spec: + serviceAccountName: ingress-controller + containers: + - name: haproxy-ingress-controller + image: quay.io/jcmoraisjr/haproxy-ingress:v0.12.3 + resources: + limits: + memory: "256Mi" + cpu: "500m" + args: + - --default-ssl-certificate=$(POD_NAMESPACE)/tls-secret + - --configmap=$(POD_NAMESPACE)/haproxy-ingress-configmap + - --reload-strategy=native + ports: + - name: http + containerPort: 80 + - name: https + containerPort: 443 + - name: stat + containerPort: 1936 + livenessProbe: + httpGet: + path: /healthz + port: 10253 + env: + - name: POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace diff --git a/Resources/k8s/kustomize/deployments/pokeapi-deployment.yaml b/Resources/k8s/kustomize/deployments/pokeapi-deployment.yaml new file mode 100644 index 00000000..1bbabc02 --- /dev/null +++ b/Resources/k8s/kustomize/deployments/pokeapi-deployment.yaml @@ -0,0 +1,58 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: pokeapi + labels: + component: pokeapi +spec: + replicas: 2 + selector: + matchLabels: + component: pokeapi + template: + metadata: + labels: + component: pokeapi + spec: + initContainers: + - name: postgres-connection-checker + image: postgres:13.3-alpine + command: ['sh', '-c', + 'until pg_isready -h postgresql -p 5432; + do echo waiting for database; sleep 2; done;'] + containers: + - name: pokeapi + image: pokeapi/pokeapi:staging + # imagePullPolicy: Always + ports: + - containerPort: 80 + env: + - name: POSTGRES_HOST + value: postgresql + - name: POSTGRES_USER + value: ash + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: postgres-env-secret + key: POSTGRES_PASSWORD + - name: POSTGRES_DB + value: pokeapi + - name: REDIS_CONNECTION_STRING + value: redis://redis:6379/1 + envFrom: + - configMapRef: + name: pokeapi-configmap + resources: {} + readinessProbe: + periodSeconds: 5 + initialDelaySeconds: 5 + httpGet: + path: /api/v2/ + port: 80 + livenessProbe: + periodSeconds: 5 + initialDelaySeconds: 5 + httpGet: + path: /api/v2/ + port: 80 diff --git a/Resources/k8s/kustomize/deployments/postgres-deployment.yaml b/Resources/k8s/kustomize/deployments/postgres-deployment.yaml new file mode 100644 index 00000000..5ae39a79 --- /dev/null +++ b/Resources/k8s/kustomize/deployments/postgres-deployment.yaml @@ -0,0 +1,41 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: postgresql + labels: + component: postgresql +spec: + replicas: 1 + selector: + matchLabels: + component: postgresql + template: + metadata: + labels: + component: postgresql + spec: + containers: + - name: postgresql + image: postgres:13.3-alpine + ports: + - containerPort: 5432 + env: + - name: POSTGRES_USER + value: ash + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: postgres-env-secret + key: POSTGRES_PASSWORD + - name: PGDATA + value: /var/lib/postgresql/data/pgdata + - name: POSTGRES_DB + value: pokeapi + resources: {} + volumeMounts: + - mountPath: /var/lib/postgresql/data + name: postgres-claim0 + volumes: + - name: postgres-claim0 + persistentVolumeClaim: + claimName: postgres-claim0 diff --git a/Resources/k8s/kustomize/deployments/redis-deployment.yaml b/Resources/k8s/kustomize/deployments/redis-deployment.yaml new file mode 100644 index 00000000..efb54eae --- /dev/null +++ b/Resources/k8s/kustomize/deployments/redis-deployment.yaml @@ -0,0 +1,29 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: redis + labels: + component: redis +spec: + replicas: 1 + selector: + matchLabels: + component: redis + template: + metadata: + labels: + component: redis + spec: + containers: + - name: redis + image: redis:6.2.3-alpine + ports: + - containerPort: 6379 + resources: {} + volumeMounts: + - mountPath: /data + name: redis-claim0 + volumes: + - name: redis-claim0 + persistentVolumeClaim: + claimName: redis-claim0 diff --git a/Resources/k8s/kustomize/jobs/load-graphql.yml b/Resources/k8s/kustomize/jobs/load-graphql.yml new file mode 100644 index 00000000..3cb82cd5 --- /dev/null +++ b/Resources/k8s/kustomize/jobs/load-graphql.yml @@ -0,0 +1,18 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: load-graphql + namespace: pokeapi +spec: + ttlSecondsAfterFinished: 200 + template: + spec: + containers: + - name: load-graphql + image: debian:buster + env: + - name: HASURA_GRAPHQL_ADMIN_SECRET + value: pokemon + command: ["sh", "-c"] + args: ["apt-get update && apt-get install -y git curl && curl -L https://github.com/hasura/graphql-engine/raw/stable/cli/get.sh | bash && hasura update-cli --version v2.0.0-alpha.5 && git clone https://github.com/PokeAPI/pokeapi.git && cd pokeapi && git checkout staging && hasura md apply --endpoint http://graphql:8080 --project graphql --admin-secret $(HASURA_GRAPHQL_ADMIN_SECRET)"] + restartPolicy: Never diff --git a/Resources/k8s/kustomize/kustomization.yaml b/Resources/k8s/kustomize/kustomization.yaml new file mode 100644 index 00000000..8fed03ee --- /dev/null +++ b/Resources/k8s/kustomize/kustomization.yaml @@ -0,0 +1,34 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: pokeapi + +configMapGenerator: + - name: pokeapi-configmap + files: + - config/pokeapi.env + +secretGenerator: + - name: postgres-env-secret + env: secrets/postgres.env # TODO: change in envs as kustomize release 2.0.4 + type: Opaque + +resources: + - other/namespace.yaml + - other/ingress-controller-rbac.yaml + - config/haproxy-ingress-configmap.yaml + - services/default-service.yaml + - services/pokeapi-service.yaml + - services/postgres-service.yaml + - services/redis-service.yaml + - services/graphql-service.yaml + - services/cloud.yaml + - volumes/postgres-persistentvolumeclaim.yaml + - volumes/redis-persistentvolumeclaim.yaml + - deployments/default-deployment.yaml + - deployments/postgres-deployment.yaml + - deployments/redis-deployment.yaml + - deployments/pokeapi-deployment.yaml + - deployments/graphql-deployment.yaml + - deployments/haproxy-ingress-controller.yaml + - other/ingress.yaml diff --git a/Resources/k8s/kustomize/other/ingress-controller-rbac.yaml b/Resources/k8s/kustomize/other/ingress-controller-rbac.yaml new file mode 100644 index 00000000..d3e21be1 --- /dev/null +++ b/Resources/k8s/kustomize/other/ingress-controller-rbac.yaml @@ -0,0 +1,123 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: ingress-controller +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: ingress-controller +rules: + - apiGroups: + - "" + resources: + - configmaps + - endpoints + - nodes + - pods + - secrets + verbs: + - list + - watch + - apiGroups: + - "" + resources: + - nodes + verbs: + - get + - apiGroups: + - "" + resources: + - services + verbs: + - get + - list + - watch + - apiGroups: + - "extensions" + resources: + - ingresses + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - apiGroups: + - "extensions" + resources: + - ingresses/status + verbs: + - update +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: ingress-controller +rules: + - apiGroups: + - "" + resources: + - configmaps + - pods + - secrets + - namespaces + verbs: + - get + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - update + - apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - apiGroups: + - "" + resources: + - endpoints + verbs: + - get + - create + - update +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: ingress-controller +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: ingress-controller +subjects: + - kind: ServiceAccount + name: ingress-controller + - apiGroup: rbac.authorization.k8s.io + kind: User + name: ingress-controller +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: ingress-controller +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: ingress-controller +subjects: + - kind: ServiceAccount + name: ingress-controller + - apiGroup: rbac.authorization.k8s.io + kind: User + name: ingress-controller diff --git a/Resources/k8s/kustomize/other/ingress.yaml b/Resources/k8s/kustomize/other/ingress.yaml new file mode 100644 index 00000000..733a911c --- /dev/null +++ b/Resources/k8s/kustomize/other/ingress.yaml @@ -0,0 +1,66 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: pokeapi-ingress + annotations: + kubernetes.io/ingress.class: "haproxy" + ingress.kubernetes.io/config-backend: | + compression algo gzip + compression type application/json +spec: + defaultBackend: + service: + name: default-backend + port: + number: 8080 + rules: + - http: + paths: + - path: /api/v2 + pathType: Prefix + backend: + service: + name: pokeapi + port: + number: 80 +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: graphql-ingress + annotations: + kubernetes.io/ingress.class: "haproxy" + ingress.kubernetes.io/config-backend: | + http-request replace-path /graphql(.*) \1 +spec: + defaultBackend: + service: + name: default-backend + port: + number: 8080 + rules: + - http: + paths: + - path: /graphql + pathType: Prefix + backend: + service: + name: graphql + port: + number: 8080 +# apiVersion: extensions/v1beta1 +# kind: Ingress +# metadata: +# name: auth-ingress +# annotations: +# ingress.kubernetes.io/auth-type: basic +# ingress.kubernetes.io/auth-realm: Default realm +# ingress.kubernetes.io/auth-secret: bugs-frontend-secret +# spec: +# rules: +# - http: +# paths: +# - path: /bugs +# backend: +# serviceName: frontend-bugs +# servicePort: 8080 diff --git a/Resources/k8s/kustomize/other/namespace.yaml b/Resources/k8s/kustomize/other/namespace.yaml new file mode 100644 index 00000000..c8a37685 --- /dev/null +++ b/Resources/k8s/kustomize/other/namespace.yaml @@ -0,0 +1,6 @@ +kind: Namespace +apiVersion: v1 +metadata: + name: pokeapi + labels: + name: pokeapi diff --git a/Resources/k8s/kustomize/secrets/postgres.env b/Resources/k8s/kustomize/secrets/postgres.env new file mode 100644 index 00000000..e89c6d6a --- /dev/null +++ b/Resources/k8s/kustomize/secrets/postgres.env @@ -0,0 +1 @@ +POSTGRES_PASSWORD=pokeapi-change-me \ No newline at end of file diff --git a/Resources/k8s/kustomize/secrets/postgres.env.sample b/Resources/k8s/kustomize/secrets/postgres.env.sample new file mode 100644 index 00000000..e89c6d6a --- /dev/null +++ b/Resources/k8s/kustomize/secrets/postgres.env.sample @@ -0,0 +1 @@ +POSTGRES_PASSWORD=pokeapi-change-me \ No newline at end of file diff --git a/Resources/k8s/kustomize/services/cloud.yaml b/Resources/k8s/kustomize/services/cloud.yaml new file mode 100644 index 00000000..08bc3d98 --- /dev/null +++ b/Resources/k8s/kustomize/services/cloud.yaml @@ -0,0 +1,23 @@ +kind: Service +apiVersion: v1 +metadata: + name: haproxy-ingress + labels: + component: haproxy-ingress +spec: + type: LoadBalancer # TODO: Change to `LoadBalancer` + externalTrafficPolicy: Local + ports: + - name: public-http + port: 80 + targetPort: http + - name: public-https + port: 443 + targetPort: http + - name: public-stat + port: 1936 + targetPort: stat + selector: + component: haproxy-ingress +--- + diff --git a/Resources/k8s/kustomize/services/default-service.yaml b/Resources/k8s/kustomize/services/default-service.yaml new file mode 100644 index 00000000..dc308ba4 --- /dev/null +++ b/Resources/k8s/kustomize/services/default-service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: default-backend + labels: + component: default-backend +spec: + selector: + component: default-backend + ports: + - port: 8080 + targetPort: 8080 \ No newline at end of file diff --git a/Resources/k8s/kustomize/services/graphql-service.yaml b/Resources/k8s/kustomize/services/graphql-service.yaml new file mode 100644 index 00000000..e6804782 --- /dev/null +++ b/Resources/k8s/kustomize/services/graphql-service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: graphql + labels: + component: graphql +spec: + selector: + component: graphql + ports: + - port: 8080 + targetPort: 8080 diff --git a/Resources/k8s/kustomize/services/pokeapi-service.yaml b/Resources/k8s/kustomize/services/pokeapi-service.yaml new file mode 100644 index 00000000..aca4718a --- /dev/null +++ b/Resources/k8s/kustomize/services/pokeapi-service.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Service +metadata: + name: pokeapi + labels: + component: pokeapi + annotations: + ingress.kubernetes.io/balance-algorithm: leastconn +spec: + selector: + component: pokeapi + ports: + - port: 80 + targetPort: 80 diff --git a/Resources/k8s/kustomize/services/postgres-service.yaml b/Resources/k8s/kustomize/services/postgres-service.yaml new file mode 100644 index 00000000..bb404d29 --- /dev/null +++ b/Resources/k8s/kustomize/services/postgres-service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: postgresql + labels: + component: postgresql +spec: + selector: + component: postgresql + ports: + - port: 5432 + targetPort: 5432 diff --git a/Resources/k8s/kustomize/services/redis-service.yaml b/Resources/k8s/kustomize/services/redis-service.yaml new file mode 100644 index 00000000..00933212 --- /dev/null +++ b/Resources/k8s/kustomize/services/redis-service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: redis + labels: + component: redis +spec: + selector: + component: redis + ports: + - port: 6379 + targetPort: 6379 diff --git a/Resources/k8s/kustomize/volumes/postgres-persistentvolumeclaim.yaml b/Resources/k8s/kustomize/volumes/postgres-persistentvolumeclaim.yaml new file mode 100644 index 00000000..4866b63c --- /dev/null +++ b/Resources/k8s/kustomize/volumes/postgres-persistentvolumeclaim.yaml @@ -0,0 +1,27 @@ +kind: PersistentVolume +apiVersion: v1 +metadata: + name: postgres-volume0 + labels: + type: local + component: postgres +spec: + capacity: + storage: 10Gi + accessModes: + - ReadWriteOnce + hostPath: # TODO: change to a cloud-solution + path: "/mnt/data" +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: postgres-claim0 + labels: + component: postgres +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi diff --git a/Resources/k8s/kustomize/volumes/redis-persistentvolumeclaim.yaml b/Resources/k8s/kustomize/volumes/redis-persistentvolumeclaim.yaml new file mode 100644 index 00000000..d5f395c2 --- /dev/null +++ b/Resources/k8s/kustomize/volumes/redis-persistentvolumeclaim.yaml @@ -0,0 +1,27 @@ +kind: PersistentVolume +apiVersion: v1 +metadata: + name: redis-volume0 + labels: + type: local + component: redis +spec: + capacity: + storage: 2Gi + accessModes: + - ReadWriteOnce + hostPath: # TODO: change to a cloud-solution + path: "/mnt/data" +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: redis-claim0 + labels: + component: redis +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 2Gi From 734aa0a9ad67e1fe224b1a05acd8cedddf57d4ca Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Thu, 27 May 2021 20:38:25 +0200 Subject: [PATCH 08/35] test: add wait script/build data --- .github/workflows/kustomize.yml | 8 ++++++-- Resources/scripts/wait.sh | 23 +++++++++++++++++++++++ 2 files changed, 29 insertions(+), 2 deletions(-) create mode 100644 Resources/scripts/wait.sh diff --git a/.github/workflows/kustomize.yml b/.github/workflows/kustomize.yml index 74de914f..b2c0905e 100644 --- a/.github/workflows/kustomize.yml +++ b/.github/workflows/kustomize.yml @@ -1,4 +1,4 @@ -name: Create Cluster +name: kustomize on: push: @@ -21,4 +21,8 @@ jobs: kubectl cluster-info kubectl get storageclass standard cp Resources/k8s/kustomize/secrets/postgres.env.sample Resources/k8s/kustomize/secrets/postgres.env - kubectl apply -k Resources/k8s/kustomize/ \ No newline at end of file + make kustomize-apply + bash Resources/scripts/wait.sh http://localhost/api/v2/ + make k8s-migrate + make k8s-build-db + bash Resources/scripts/wait.sh http://localhost/api/v2/pal-park-area/5/ diff --git a/Resources/scripts/wait.sh b/Resources/scripts/wait.sh new file mode 100644 index 00000000..e1e92e99 --- /dev/null +++ b/Resources/scripts/wait.sh @@ -0,0 +1,23 @@ +#!/bin/bash + +wait_for_http() { + local url="$1" + local max_seconds=1000 + local end_time=$(( $(date +%s) + max_seconds )) + local success='false' + echo "Waiting for $url" + while [ "$(date +%s)" -lt "$end_time" ]; do # Loop until interval has elapsed. + sleep 2 + if [ "$(curl -s -o /dev/null -L -w '%{http_code}' "$url")" == "200" ]; then + success='true' + break + fi + done + if [ "$success" = 'true' ]; then + exit 0 + else + exit 1 + fi +} + +wait_for_http "${1:-http://localhost/api/v2/}" \ No newline at end of file From 037d1afcbb936e095ba8b5689d309365e083afee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Fri, 28 May 2021 09:16:11 +0200 Subject: [PATCH 09/35] debug: add SSH debug --- .github/workflows/kustomize.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/kustomize.yml b/.github/workflows/kustomize.yml index b2c0905e..e3a41203 100644 --- a/.github/workflows/kustomize.yml +++ b/.github/workflows/kustomize.yml @@ -16,6 +16,10 @@ jobs: submodules: recursive - name: Create k8s Kind Cluster uses: helm/kind-action@v1.1.0 + - name: Setup tmate session + uses: mxschmitt/action-tmate@v3 + with: + limit-access-to-actor: true - name: Test run: | kubectl cluster-info From c3926c998330aedb013e8e8a84fc9b6a3a7fc7f9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Fri, 28 May 2021 09:51:30 +0200 Subject: [PATCH 10/35] refactor: format --- config/settings.py | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/config/settings.py b/config/settings.py index 314673d8..64cd60be 100755 --- a/config/settings.py +++ b/config/settings.py @@ -8,7 +8,9 @@ DEBUG = False TEMPLATE_DEBUG = DEBUG -ADMINS = (os.environ.get('ADMINS', "Paul Hallett,paulandrewhallett@gmail.com").split(","),) +ADMINS = ( + os.environ.get("ADMINS", "Paul Hallett,paulandrewhallett@gmail.com").split(","), +) EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend" @@ -18,7 +20,11 @@ BASE_URL = os.environ.get("BASE_URL", "http://pokeapi.co") # Hosts/domain names that are valid for this site; required if DEBUG is False # See https://docs.djangoproject.com/en/1.5/ref/settings/#allowed-hosts -ALLOWED_HOSTS = [os.environ.get("ALLOWED_HOSTS", ".pokeapi.co"), "localhost", "127.0.0.1"] +ALLOWED_HOSTS = [ + os.environ.get("ALLOWED_HOSTS", ".pokeapi.co"), + "localhost", + "127.0.0.1", +] TIME_ZONE = os.environ.get("TIME_ZONE", "Europe/London") From 810510a556257a0d8ca2e41125acd08e71a1e933 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Fri, 28 May 2021 11:52:40 +0200 Subject: [PATCH 11/35] feat: allow port customization --- Resources/docker/app/Dockerfile | 2 +- gunicorn.py.ini => gunicorn.conf.py | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) rename gunicorn.py.ini => gunicorn.conf.py (55%) diff --git a/Resources/docker/app/Dockerfile b/Resources/docker/app/Dockerfile index 96dd580b..2c890f22 100644 --- a/Resources/docker/app/Dockerfile +++ b/Resources/docker/app/Dockerfile @@ -18,5 +18,5 @@ RUN addgroup -g 1000 -S pokeapi && \ adduser -u 1000 -S pokeapi -G pokeapi USER pokeapi -CMD gunicorn config.wsgi:application -c gunicorn.py.ini +CMD gunicorn config.wsgi:application -c gunicorn.conf.py EXPOSE 80 diff --git a/gunicorn.py.ini b/gunicorn.conf.py similarity index 55% rename from gunicorn.py.ini rename to gunicorn.conf.py index 9db1e924..bc8ebaf6 100644 --- a/gunicorn.py.ini +++ b/gunicorn.conf.py @@ -1,5 +1,6 @@ +import os from multiprocessing import cpu_count -bind = '0.0.0.0:80' +bind = "0.0.0.0:{}".format(os.environ.get("SERVER_PORT", "80")) workers = cpu_count() * 2 threads = cpu_count() * 2 From c6844f82500695f937e2ca09d9822cbbbead8c53 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Fri, 28 May 2021 11:53:23 +0200 Subject: [PATCH 12/35] ci: use port 8080 --- .github/workflows/kustomize.yml | 2 ++ Resources/k8s/kustomize/deployments/pokeapi-deployment.yaml | 6 ++++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/.github/workflows/kustomize.yml b/.github/workflows/kustomize.yml index e3a41203..406b14ad 100644 --- a/.github/workflows/kustomize.yml +++ b/.github/workflows/kustomize.yml @@ -16,6 +16,8 @@ jobs: submodules: recursive - name: Create k8s Kind Cluster uses: helm/kind-action@v1.1.0 + with: + version: v0.11.1 - name: Setup tmate session uses: mxschmitt/action-tmate@v3 with: diff --git a/Resources/k8s/kustomize/deployments/pokeapi-deployment.yaml b/Resources/k8s/kustomize/deployments/pokeapi-deployment.yaml index 1bbabc02..67823b39 100644 --- a/Resources/k8s/kustomize/deployments/pokeapi-deployment.yaml +++ b/Resources/k8s/kustomize/deployments/pokeapi-deployment.yaml @@ -23,10 +23,12 @@ spec: containers: - name: pokeapi image: pokeapi/pokeapi:staging - # imagePullPolicy: Always + imagePullPolicy: Always ports: - - containerPort: 80 + - containerPort: 8080 env: + - name: SERVER_PORT + value: 8080 - name: POSTGRES_HOST value: postgresql - name: POSTGRES_USER From d5629937a257672901a9f827d09ee33db40685c8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Fri, 28 May 2021 15:50:42 +0200 Subject: [PATCH 13/35] ci: use port 8080/use root --- .../k8s/kustomize/deployments/pokeapi-deployment.yaml | 9 ++++++--- .../k8s/kustomize/other/ingress-controller-rbac.yaml | 4 +++- Resources/k8s/kustomize/services/pokeapi-service.yaml | 2 +- 3 files changed, 10 insertions(+), 5 deletions(-) diff --git a/Resources/k8s/kustomize/deployments/pokeapi-deployment.yaml b/Resources/k8s/kustomize/deployments/pokeapi-deployment.yaml index 67823b39..4a7a32ae 100644 --- a/Resources/k8s/kustomize/deployments/pokeapi-deployment.yaml +++ b/Resources/k8s/kustomize/deployments/pokeapi-deployment.yaml @@ -26,9 +26,12 @@ spec: imagePullPolicy: Always ports: - containerPort: 8080 + securityContext: + allowPrivilegeEscalation: false + runAsUser: 0 env: - name: SERVER_PORT - value: 8080 + value: "8080" - name: POSTGRES_HOST value: postgresql - name: POSTGRES_USER @@ -51,10 +54,10 @@ spec: initialDelaySeconds: 5 httpGet: path: /api/v2/ - port: 80 + port: 8080 livenessProbe: periodSeconds: 5 initialDelaySeconds: 5 httpGet: path: /api/v2/ - port: 80 + port: 8080 diff --git a/Resources/k8s/kustomize/other/ingress-controller-rbac.yaml b/Resources/k8s/kustomize/other/ingress-controller-rbac.yaml index d3e21be1..e9fde7a1 100644 --- a/Resources/k8s/kustomize/other/ingress-controller-rbac.yaml +++ b/Resources/k8s/kustomize/other/ingress-controller-rbac.yaml @@ -35,9 +35,11 @@ rules: - list - watch - apiGroups: - - "extensions" + - extensions + - networking.k8s.io resources: - ingresses + - ingressclasses verbs: - get - list diff --git a/Resources/k8s/kustomize/services/pokeapi-service.yaml b/Resources/k8s/kustomize/services/pokeapi-service.yaml index aca4718a..ee2b3020 100644 --- a/Resources/k8s/kustomize/services/pokeapi-service.yaml +++ b/Resources/k8s/kustomize/services/pokeapi-service.yaml @@ -11,4 +11,4 @@ spec: component: pokeapi ports: - port: 80 - targetPort: 80 + targetPort: 8080 From faa5c75ac005671c32f738fa433447d9223be58b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Fri, 28 May 2021 17:06:06 +0200 Subject: [PATCH 14/35] ci: use proxy/load graphql --- .github/workflows/docker-image.yml | 23 ++++++++--------------- .github/workflows/kustomize.yml | 29 ++++++++++++++++++----------- 2 files changed, 26 insertions(+), 26 deletions(-) diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index 5461d275..de2eecbd 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -1,4 +1,4 @@ -name: docker-image +name: Build and Push Docker image on: push: @@ -12,34 +12,28 @@ jobs: docker: runs-on: ubuntu-latest steps: - - - name: Checkout + - name: Checkout uses: actions/checkout@v2 with: submodules: recursive - - - name: Docker meta + - name: Docker meta id: meta uses: docker/metadata-action@v3 with: # list of Docker images to use as base name for tags images: | pokeapi/pokeapi - - - name: Set up QEMU + - name: Set up QEMU uses: docker/setup-qemu-action@v1 - - - name: Set up Docker Buildx + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 - - - name: Login to DockerHub + - name: Login to DockerHub if: github.event_name != 'pull_request' uses: docker/login-action@v1 with: username: ${{ secrets.DOCKERHUB_USERNAME_NARAMSIM }} password: ${{ secrets.DOCKERHUB_TOKEN_NARAMSIM }} - - - name: Build and push + - name: Build and push id: docker_build uses: docker/build-push-action@v2 with: @@ -48,6 +42,5 @@ jobs: push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} - - - name: Image digest + - name: Image digest run: echo ${{ steps.docker_build.outputs.digest }} diff --git a/.github/workflows/kustomize.yml b/.github/workflows/kustomize.yml index 406b14ad..b905a9ba 100644 --- a/.github/workflows/kustomize.yml +++ b/.github/workflows/kustomize.yml @@ -1,4 +1,4 @@ -name: kustomize +name: Deploy Kustomize k8s cluster on: push: @@ -7,7 +7,7 @@ on: - 'staging' jobs: - create-cluster: + create-kustomize-cluster: runs-on: ubuntu-latest steps: - name: Checkout @@ -18,17 +18,24 @@ jobs: uses: helm/kind-action@v1.1.0 with: version: v0.11.1 - - name: Setup tmate session - uses: mxschmitt/action-tmate@v3 - with: - limit-access-to-actor: true - - name: Test + # - name: Setup tmate session + # uses: mxschmitt/action-tmate@v3 + # with: + # limit-access-to-actor: true + - name: K8s Apply run: | - kubectl cluster-info - kubectl get storageclass standard cp Resources/k8s/kustomize/secrets/postgres.env.sample Resources/k8s/kustomize/secrets/postgres.env make kustomize-apply - bash Resources/scripts/wait.sh http://localhost/api/v2/ + kubectl proxy & + bash Resources/scripts/wait.sh http://localhost:8001/api/v1/namespaces/pokeapi/services/pokeapi/proxy/api/v2/ + - name: Migrate and build data + run: | make k8s-migrate make k8s-build-db - bash Resources/scripts/wait.sh http://localhost/api/v2/pal-park-area/5/ + bash Resources/scripts/wait.sh http://localhost:8001/api/v1/namespaces/pokeapi/services/pokeapi/proxy/api/v2/pal-park-area/5/ + - name: K8s Apply + run: | + kubectl apply -f Resources/k8s/kustomize/jobs/load-graphql.yml + kubectl wait --timeout=120s --for=condition=complete job/load-graphql + last_command=$(kubectl get job -o jsonpath='{.status.succeeded}' load-graphql) + test "$last_command" -eq 1 \ No newline at end of file From f676fec5fca6bdf5c210f6cf57b8cd51e3043589 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Fri, 28 May 2021 17:11:59 +0200 Subject: [PATCH 15/35] ci: use pokeapi ns --- .github/workflows/kustomize.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/kustomize.yml b/.github/workflows/kustomize.yml index b905a9ba..1c4b0f20 100644 --- a/.github/workflows/kustomize.yml +++ b/.github/workflows/kustomize.yml @@ -28,6 +28,9 @@ jobs: make kustomize-apply kubectl proxy & bash Resources/scripts/wait.sh http://localhost:8001/api/v1/namespaces/pokeapi/services/pokeapi/proxy/api/v2/ + - name: Set default namespace + run: | + kubectl config set-context --current --namespace pokeapi - name: Migrate and build data run: | make k8s-migrate From cfe92e9260bcb9caaf006359d34d23c942f8c4ff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Sat, 29 May 2021 19:53:49 +0200 Subject: [PATCH 16/35] chore: remove env file --- Resources/k8s/kustomize/secrets/postgres.env | 1 - 1 file changed, 1 deletion(-) delete mode 100644 Resources/k8s/kustomize/secrets/postgres.env diff --git a/Resources/k8s/kustomize/secrets/postgres.env b/Resources/k8s/kustomize/secrets/postgres.env deleted file mode 100644 index e89c6d6a..00000000 --- a/Resources/k8s/kustomize/secrets/postgres.env +++ /dev/null @@ -1 +0,0 @@ -POSTGRES_PASSWORD=pokeapi-change-me \ No newline at end of file From 80d13fb045bd5aca342316a2a6fb0a7a7e697ef1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Sun, 30 May 2021 22:03:11 +0200 Subject: [PATCH 17/35] feat: add graphql secret/incorporate job in kustomize --- .github/workflows/kustomize.yml | 6 +--- .gitignore | 2 +- .../deployments/graphql-deployment.yaml | 13 +++++-- .../k8s/kustomize/jobs/load-graphql.yaml | 34 +++++++++++++++++++ Resources/k8s/kustomize/jobs/load-graphql.yml | 18 ---------- Resources/k8s/kustomize/kustomization.yaml | 6 +++- .../k8s/kustomize/secrets/graphql.env.sample | 1 + 7 files changed, 53 insertions(+), 27 deletions(-) create mode 100644 Resources/k8s/kustomize/jobs/load-graphql.yaml delete mode 100644 Resources/k8s/kustomize/jobs/load-graphql.yml create mode 100644 Resources/k8s/kustomize/secrets/graphql.env.sample diff --git a/.github/workflows/kustomize.yml b/.github/workflows/kustomize.yml index 1c4b0f20..75fc2503 100644 --- a/.github/workflows/kustomize.yml +++ b/.github/workflows/kustomize.yml @@ -18,13 +18,10 @@ jobs: uses: helm/kind-action@v1.1.0 with: version: v0.11.1 - # - name: Setup tmate session - # uses: mxschmitt/action-tmate@v3 - # with: - # limit-access-to-actor: true - name: K8s Apply run: | cp Resources/k8s/kustomize/secrets/postgres.env.sample Resources/k8s/kustomize/secrets/postgres.env + cp Resources/k8s/kustomize/secrets/graphql.env.sample Resources/k8s/kustomize/secrets/graphql.env make kustomize-apply kubectl proxy & bash Resources/scripts/wait.sh http://localhost:8001/api/v1/namespaces/pokeapi/services/pokeapi/proxy/api/v2/ @@ -38,7 +35,6 @@ jobs: bash Resources/scripts/wait.sh http://localhost:8001/api/v1/namespaces/pokeapi/services/pokeapi/proxy/api/v2/pal-park-area/5/ - name: K8s Apply run: | - kubectl apply -f Resources/k8s/kustomize/jobs/load-graphql.yml kubectl wait --timeout=120s --for=condition=complete job/load-graphql last_command=$(kubectl get job -o jsonpath='{.status.succeeded}' load-graphql) test "$last_command" -eq 1 \ No newline at end of file diff --git a/.gitignore b/.gitignore index 005a535f..c8e6e201 100755 --- a/.gitignore +++ b/.gitignore @@ -7,6 +7,6 @@ db.* venv* node_modules .vscode -.env +*.env Resources/nginx/ssl/* !Resources/nginx/ssl/*.sample.* \ No newline at end of file diff --git a/Resources/k8s/kustomize/deployments/graphql-deployment.yaml b/Resources/k8s/kustomize/deployments/graphql-deployment.yaml index fb86b7cb..05977cbc 100644 --- a/Resources/k8s/kustomize/deployments/graphql-deployment.yaml +++ b/Resources/k8s/kustomize/deployments/graphql-deployment.yaml @@ -14,6 +14,12 @@ spec: labels: component: graphql spec: + initContainers: + - name: pokeapi-connection-checker + image: curlimages/curl:latest + command: ['sh', '-c', + 'until curl -f -s --output /dev/null http://pokeapi:80/api/v2/; + do echo waiting for pokeapi; sleep 2; done;'] containers: - name: graphql-engine image: hasura/graphql-engine:v2.0.0-alpha.5 @@ -25,6 +31,11 @@ spec: secretKeyRef: name: postgres-env-secret key: POSTGRES_PASSWORD + - name: HASURA_GRAPHQL_ADMIN_SECRET + valueFrom: + secretKeyRef: + name: graphql-env-secret + key: HASURA_GRAPHQL_ADMIN_SECRET - name: HASURA_GRAPHQL_DATABASE_URL value: postgres://ash:$(POSTGRES_PASSWORD)@postgresql:5432/pokeapi - name: HASURA_GRAPHQL_ENABLE_CONSOLE @@ -33,8 +44,6 @@ spec: value: "false" - name: HASURA_GRAPHQL_ENABLED_LOG_TYPES value: startup, http-log, webhook-log, websocket-log, query-log - - name: HASURA_GRAPHQL_ADMIN_SECRET - value: pokemon - name: HASURA_GRAPHQL_UNAUTHORIZED_ROLE value: anon - name: HASURA_GRAPHQL_ENABLE_TELEMETRY diff --git a/Resources/k8s/kustomize/jobs/load-graphql.yaml b/Resources/k8s/kustomize/jobs/load-graphql.yaml new file mode 100644 index 00000000..0e9ad56a --- /dev/null +++ b/Resources/k8s/kustomize/jobs/load-graphql.yaml @@ -0,0 +1,34 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: load-graphql +spec: + ttlSecondsAfterFinished: 200 + template: + spec: + restartPolicy: Never + initContainers: + - name: pokeapi-last-built-resource-connection-checker + image: curlimages/curl:latest + command: ['sh', '-c', + 'until curl -f -s --output /dev/null http://pokeapi:80/api/v2/pal-park-area/5/; + do echo waiting for pokeapi; sleep 2; done;'] + containers: + - name: load-graphql + image: debian:buster + env: + - name: HASURA_GRAPHQL_ADMIN_SECRET + valueFrom: + secretKeyRef: + name: graphql-env-secret + key: HASURA_GRAPHQL_ADMIN_SECRET + command: ["sh", "-c"] + args: + - apt-get update && + apt-get install -y git curl && + curl -L https://github.com/hasura/graphql-engine/raw/stable/cli/get.sh | bash && + hasura update-cli --version v2.0.0-alpha.5 && + git clone https://github.com/PokeAPI/pokeapi.git && + cd pokeapi && + git checkout staging && + hasura md apply --endpoint http://graphql:8080 --project graphql --admin-secret $(HASURA_GRAPHQL_ADMIN_SECRET) diff --git a/Resources/k8s/kustomize/jobs/load-graphql.yml b/Resources/k8s/kustomize/jobs/load-graphql.yml deleted file mode 100644 index 3cb82cd5..00000000 --- a/Resources/k8s/kustomize/jobs/load-graphql.yml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: batch/v1 -kind: Job -metadata: - name: load-graphql - namespace: pokeapi -spec: - ttlSecondsAfterFinished: 200 - template: - spec: - containers: - - name: load-graphql - image: debian:buster - env: - - name: HASURA_GRAPHQL_ADMIN_SECRET - value: pokemon - command: ["sh", "-c"] - args: ["apt-get update && apt-get install -y git curl && curl -L https://github.com/hasura/graphql-engine/raw/stable/cli/get.sh | bash && hasura update-cli --version v2.0.0-alpha.5 && git clone https://github.com/PokeAPI/pokeapi.git && cd pokeapi && git checkout staging && hasura md apply --endpoint http://graphql:8080 --project graphql --admin-secret $(HASURA_GRAPHQL_ADMIN_SECRET)"] - restartPolicy: Never diff --git a/Resources/k8s/kustomize/kustomization.yaml b/Resources/k8s/kustomize/kustomization.yaml index 8fed03ee..93828994 100644 --- a/Resources/k8s/kustomize/kustomization.yaml +++ b/Resources/k8s/kustomize/kustomization.yaml @@ -10,7 +10,10 @@ configMapGenerator: secretGenerator: - name: postgres-env-secret - env: secrets/postgres.env # TODO: change in envs as kustomize release 2.0.4 + env: secrets/postgres.env + type: Opaque + - name: graphql-env-secret + env: secrets/graphql.env type: Opaque resources: @@ -32,3 +35,4 @@ resources: - deployments/graphql-deployment.yaml - deployments/haproxy-ingress-controller.yaml - other/ingress.yaml + - jobs/load-graphql.yaml diff --git a/Resources/k8s/kustomize/secrets/graphql.env.sample b/Resources/k8s/kustomize/secrets/graphql.env.sample new file mode 100644 index 00000000..e450bdaa --- /dev/null +++ b/Resources/k8s/kustomize/secrets/graphql.env.sample @@ -0,0 +1 @@ +HASURA_GRAPHQL_ADMIN_SECRET=pokeapi-change-me \ No newline at end of file From d9b1f4741adb4cfb06265e5ac28e2c06c7b1ed8e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Sun, 30 May 2021 22:09:35 +0200 Subject: [PATCH 18/35] refactor: add comment/pull image normally --- Resources/k8s/kustomize/deployments/pokeapi-deployment.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Resources/k8s/kustomize/deployments/pokeapi-deployment.yaml b/Resources/k8s/kustomize/deployments/pokeapi-deployment.yaml index 4a7a32ae..d08b434b 100644 --- a/Resources/k8s/kustomize/deployments/pokeapi-deployment.yaml +++ b/Resources/k8s/kustomize/deployments/pokeapi-deployment.yaml @@ -23,10 +23,9 @@ spec: containers: - name: pokeapi image: pokeapi/pokeapi:staging - imagePullPolicy: Always ports: - containerPort: 8080 - securityContext: + securityContext: # CI: Github Actions kills this container if not run with root. Otherwise, it's safe to use the default pokeapi/pokeapi user and remove these lines. allowPrivilegeEscalation: false runAsUser: 0 env: From 3ea83d31b524e918b250e02da2a2e421d2f6a81e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Sun, 30 May 2021 22:53:08 +0200 Subject: [PATCH 19/35] docs: add small readme section --- README.md | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/README.md b/README.md index ba75eb39..51617a7a 100755 --- a/README.md +++ b/README.md @@ -110,6 +110,29 @@ A free public GraphiQL console is browsable at the address https://beta.pokeapi. A set of examples are provided in the directory [/graphql/examples](./graphql/examples) of this repository. +## Kubernetes + +[Kustomize](https://kubernetes.io/docs/tasks/manage-kubernetes-objects/kustomization/) files are provided in the folder https://github.com/PokeAPI/pokeapi/tree/master/Resources/k8s/kustomize/. Create and change your secrets: + +```sh +cp Resources/k8s/kustomize/secrets/postgres.env.sample Resources/k8s/kustomize/secrets/postgres.env +cp Resources/k8s/kustomize/secrets/graphql.env.sample Resources/k8s/kustomize/secrets/graphql.env +# Edit the newly created files +``` + +Configure `kubectl` to point to a cluster and then run the following commands to start a PokéAPI service. + +```sh +kubectl apply -k Resources/k8s/kustomize/ +kubectl config set-context --current --namespace pokeapi # (Optional) Set pokeapi ns as the working ns +# Wait for the cluster to spin up +kubectl exec --namespace pokeapi deployment/pokeapi -- python manage.py migrate --settings=config.docker-compose # Migrate the DB +kubectl exec --namespace pokeapi deployment/pokeapi -- sh -c 'echo "from data.v2.build import build_all; build_all()" | python manage.py shell --settings=config.docker-compose' # Build the db +kubectl wait --namespace pokeapi --timeout=120s --for=condition=complete job/load-graphql # Wait for Graphql configuration job to finish +``` + +This k8s setup creates all k8s resources inside the _Namespace_ `pokeapi`, run `kubectl delete namespace pokeapi` to delete them. It also creates a _Service_ of type `LoadBalancer` which is exposed on port `80` and `443`. Data is persisted on `12Gi` of `ReadWriteOnce` volumes. + ## Official REST Wrappers * Node server-side [PokeAPI/pokedex-promise-v2](https://github.com/PokeAPI/pokedex-promise-v2) | _Auto caching_ From caa946a9891c21a27e1805c3c54b3886ad549c51 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Sun, 30 May 2021 22:53:55 +0200 Subject: [PATCH 20/35] fx: run make command in namespace --- Makefile | 4 ++-- README.md | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Makefile b/Makefile index 56fb5fcd..9f734097 100755 --- a/Makefile +++ b/Makefile @@ -105,10 +105,10 @@ kustomize-apply: # (Kustomize) Run kubectl apply -k on the connected k8s cluste kubectl apply -k Resources/k8s/kustomize/ k8s-migrate: # (k8s) Run any pending migrations - kubectl exec deployment/pokeapi -- python manage.py migrate --settings=config.docker-compose + kubectl exec --namespace pokeapi deployment/pokeapi -- python manage.py migrate --settings=config.docker-compose k8s-build-db: # (k8s) Build the database - kubectl exec deployment/pokeapi -- sh -c 'echo "from data.v2.build import build_all; build_all()" | python manage.py shell --settings=config.docker-compose' + kubectl exec --namespace pokeapi deployment/pokeapi -- sh -c 'echo "from data.v2.build import build_all; build_all()" | python manage.py shell --settings=config.docker-compose' k8s-delete: # (k8s) Delete pokeapi namespace kubectl delete namespace pokeapi \ No newline at end of file diff --git a/README.md b/README.md index 51617a7a..ad949899 100755 --- a/README.md +++ b/README.md @@ -72,7 +72,7 @@ make wipe_db ## Docker and Compose -There is also a multi-container setup, managed by [Docker Compose](https://docs.docker.com/compose/). This setup allows you to deploy a production-like environment, with separate containers for each services and is recommended if you need to simply spin up PokeAPI. +There is also a multi-container setup, managed by [Docker Compose](https://docs.docker.com/compose/). This setup allows you to deploy a production-like environment, with separate containers for each services and is recommended if you need to simply spin up PokéAPI. Start everything by @@ -96,7 +96,7 @@ Browse [localhost/api/v2/](http://localhost/api/v2/) or [localhost/api/v2/pokemo -When you start PokeAPI with the above docker-compose setup, an [Hasura Engine](https://github.com/hasura/graphql-engine) server is started as well. It's possible to track all the PokeAPI tables and foreign keys by simply +When you start PokéAPI with the above docker-compose setup, an [Hasura Engine](https://github.com/hasura/graphql-engine) server is started as well. It's possible to track all the PokeAPI tables and foreign keys by simply ```sh # hasura cli needs to be installed and available in your $PATH: https://hasura.io/docs/latest/graphql/core/hasura-cli/install-hasura-cli.html From 1f60ef53189fe8b7d81b73da5a930566a2d2cbee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Sun, 30 May 2021 23:21:25 +0200 Subject: [PATCH 21/35] docs: add badges --- README.md | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index ad949899..da95bb56 100755 --- a/README.md +++ b/README.md @@ -20,7 +20,7 @@ A RESTful API for Pokémon - [pokeapi.co](https://pokeapi.co) > Beta GraphQL support is rolling out! Check out the [GraphQL paragraph](#graphql) for more info. -## Setup [![pyVersion37](https://img.shields.io/badge/python-3.7-blue.svg)](https://www.python.org/download/releases/3.7/) +## Setup   [![pyVersion37](https://img.shields.io/badge/python-3.7-blue.svg)](https://www.python.org/download/releases/3.7/) - Download this source code into a working directory, be sure to use the flag `--recurse-submodules` to clone also our submodules. @@ -70,7 +70,7 @@ If you ever need to wipe the database use this command: make wipe_db ``` -## Docker and Compose +## Docker and Compose   [![docker hub](https://img.shields.io/docker/v/pokeapi/pokeapi?label=tag&sort=semver)](https://hub.docker.com/r/pokeapi/pokeapi) There is also a multi-container setup, managed by [Docker Compose](https://docs.docker.com/compose/). This setup allows you to deploy a production-like environment, with separate containers for each services and is recommended if you need to simply spin up PokéAPI. @@ -90,11 +90,7 @@ docker-compose exec -T app sh -c 'echo "from data.v2.build import build_all; bui Browse [localhost/api/v2/](http://localhost/api/v2/) or [localhost/api/v2/pokemon/bulbasaur/](http://localhost/api/v2/pokemon/bulbasaur/) on port `80`. -## GraphQL - - - - +## GraphQL   When you start PokéAPI with the above docker-compose setup, an [Hasura Engine](https://github.com/hasura/graphql-engine) server is started as well. It's possible to track all the PokeAPI tables and foreign keys by simply @@ -110,7 +106,7 @@ A free public GraphiQL console is browsable at the address https://beta.pokeapi. A set of examples are provided in the directory [/graphql/examples](./graphql/examples) of this repository. -## Kubernetes +## Kubernetes [![k8s status](https://github.com/PokeAPI/pokeapi/actions/workflows/kustomize.yml/badge.svg?branch=master)](https://github.com/PokeAPI/pokeapi/actions/workflows/kustomize.yml) [Kustomize](https://kubernetes.io/docs/tasks/manage-kubernetes-objects/kustomization/) files are provided in the folder https://github.com/PokeAPI/pokeapi/tree/master/Resources/k8s/kustomize/. Create and change your secrets: From 3510f04f9f7ce73bf5eb4dd3a7b3061ee8cf01f5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Sun, 30 May 2021 23:21:40 +0200 Subject: [PATCH 22/35] ci: run on PR and schedule --- .github/workflows/kustomize.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/kustomize.yml b/.github/workflows/kustomize.yml index 75fc2503..b8177883 100644 --- a/.github/workflows/kustomize.yml +++ b/.github/workflows/kustomize.yml @@ -1,10 +1,13 @@ name: Deploy Kustomize k8s cluster on: + pull_request: push: branches: - 'master' - 'staging' + schedule: + - cron: '0 0 12 1 1/1 ? *' jobs: create-kustomize-cluster: From d753f0c6713eed94489e3a8c808cbdcf467de4ce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Sun, 30 May 2021 23:23:26 +0200 Subject: [PATCH 23/35] docs: add space --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index da95bb56..1449b315 100755 --- a/README.md +++ b/README.md @@ -106,7 +106,7 @@ A free public GraphiQL console is browsable at the address https://beta.pokeapi. A set of examples are provided in the directory [/graphql/examples](./graphql/examples) of this repository. -## Kubernetes [![k8s status](https://github.com/PokeAPI/pokeapi/actions/workflows/kustomize.yml/badge.svg?branch=master)](https://github.com/PokeAPI/pokeapi/actions/workflows/kustomize.yml) +## Kubernetes   [![k8s status](https://github.com/PokeAPI/pokeapi/actions/workflows/kustomize.yml/badge.svg?branch=master)](https://github.com/PokeAPI/pokeapi/actions/workflows/kustomize.yml) [Kustomize](https://kubernetes.io/docs/tasks/manage-kubernetes-objects/kustomization/) files are provided in the folder https://github.com/PokeAPI/pokeapi/tree/master/Resources/k8s/kustomize/. Create and change your secrets: From ec36013d2f9e64a650f18f45fe3b0d2df00776d8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Sun, 30 May 2021 23:32:08 +0200 Subject: [PATCH 24/35] ci: use simpler cron --- .github/workflows/kustomize.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/kustomize.yml b/.github/workflows/kustomize.yml index b8177883..33f202df 100644 --- a/.github/workflows/kustomize.yml +++ b/.github/workflows/kustomize.yml @@ -7,7 +7,7 @@ on: - 'master' - 'staging' schedule: - - cron: '0 0 12 1 1/1 ? *' + - cron: '0 0 1 * *' jobs: create-kustomize-cluster: From 2ecb56e250cbb70df22b984d64355a35100a90a3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Mon, 31 May 2021 22:57:19 +0200 Subject: [PATCH 25/35] refactor: remove comments --- Resources/k8s/kustomize/other/ingress.yaml | 16 ---------------- 1 file changed, 16 deletions(-) diff --git a/Resources/k8s/kustomize/other/ingress.yaml b/Resources/k8s/kustomize/other/ingress.yaml index 733a911c..13a62ed7 100644 --- a/Resources/k8s/kustomize/other/ingress.yaml +++ b/Resources/k8s/kustomize/other/ingress.yaml @@ -48,19 +48,3 @@ spec: name: graphql port: number: 8080 -# apiVersion: extensions/v1beta1 -# kind: Ingress -# metadata: -# name: auth-ingress -# annotations: -# ingress.kubernetes.io/auth-type: basic -# ingress.kubernetes.io/auth-realm: Default realm -# ingress.kubernetes.io/auth-secret: bugs-frontend-secret -# spec: -# rules: -# - http: -# paths: -# - path: /bugs -# backend: -# serviceName: frontend-bugs -# servicePort: 8080 From 7d389e502cbdd0a801aacac50db1dd25fe6ada88 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Tue, 1 Jun 2021 14:37:09 +0200 Subject: [PATCH 26/35] revert: don't ship graphql files in docker image --- .dockerignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.dockerignore b/.dockerignore index e75c7741..dd4e3be5 100644 --- a/.dockerignore +++ b/.dockerignore @@ -14,6 +14,7 @@ db.* venv* node_modules Resources +graphql .vscode .github .circleci From 64fd22b611ed1d2b0fc5934ba8f7e53c4913abc9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Tue, 1 Jun 2021 14:37:49 +0200 Subject: [PATCH 27/35] chore: add newline --- .github/workflows/kustomize.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/kustomize.yml b/.github/workflows/kustomize.yml index 33f202df..b2283d41 100644 --- a/.github/workflows/kustomize.yml +++ b/.github/workflows/kustomize.yml @@ -40,4 +40,4 @@ jobs: run: | kubectl wait --timeout=120s --for=condition=complete job/load-graphql last_command=$(kubectl get job -o jsonpath='{.status.succeeded}' load-graphql) - test "$last_command" -eq 1 \ No newline at end of file + test "$last_command" -eq 1 From d59767971556aebb77935aea20a1f028a762c007 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Tue, 1 Jun 2021 15:17:54 +0200 Subject: [PATCH 28/35] refactor: lint and enable linting --- .github/workflows/kustomize.yml | 4 +- Resources/k8s/kustomize/.yamllint.yaml | 7 +++ .../deployments/default-deployment.yaml | 4 +- .../deployments/graphql-deployment.yaml | 10 +++-- .../deployments/pokeapi-deployment.yaml | 11 +++-- .../k8s/kustomize/jobs/load-graphql.yaml | 45 ++++++++++--------- Resources/k8s/kustomize/other/ingress.yaml | 36 +++++++-------- Resources/k8s/kustomize/other/namespace.yaml | 2 +- Resources/k8s/kustomize/services/cloud.yaml | 6 +-- .../kustomize/services/default-service.yaml | 4 +- .../postgres-persistentvolumeclaim.yaml | 4 +- .../volumes/redis-persistentvolumeclaim.yaml | 4 +- 12 files changed, 76 insertions(+), 61 deletions(-) create mode 100644 Resources/k8s/kustomize/.yamllint.yaml diff --git a/.github/workflows/kustomize.yml b/.github/workflows/kustomize.yml index b2283d41..187a4638 100644 --- a/.github/workflows/kustomize.yml +++ b/.github/workflows/kustomize.yml @@ -7,7 +7,7 @@ on: - 'master' - 'staging' schedule: - - cron: '0 0 1 * *' + - cron: '0 0 1 * *' jobs: create-kustomize-cluster: @@ -17,6 +17,8 @@ jobs: uses: actions/checkout@v2 with: submodules: recursive + - name: Lint + run: (cd Resources/k8s/kustomize && yamllint .) - name: Create k8s Kind Cluster uses: helm/kind-action@v1.1.0 with: diff --git a/Resources/k8s/kustomize/.yamllint.yaml b/Resources/k8s/kustomize/.yamllint.yaml new file mode 100644 index 00000000..77cd8111 --- /dev/null +++ b/Resources/k8s/kustomize/.yamllint.yaml @@ -0,0 +1,7 @@ +--- + +extends: default + +rules: + document-start: disable + line-length: disable diff --git a/Resources/k8s/kustomize/deployments/default-deployment.yaml b/Resources/k8s/kustomize/deployments/default-deployment.yaml index b0ad39d1..da9b9e5d 100644 --- a/Resources/k8s/kustomize/deployments/default-deployment.yaml +++ b/Resources/k8s/kustomize/deployments/default-deployment.yaml @@ -18,8 +18,8 @@ spec: - name: default-backend image: gcr.io/google_containers/defaultbackend:1.4 ports: - - containerPort: 8080 + - containerPort: 8080 resources: limits: memory: "64Mi" - cpu: "50m" \ No newline at end of file + cpu: "50m" diff --git a/Resources/k8s/kustomize/deployments/graphql-deployment.yaml b/Resources/k8s/kustomize/deployments/graphql-deployment.yaml index 05977cbc..12fbde40 100644 --- a/Resources/k8s/kustomize/deployments/graphql-deployment.yaml +++ b/Resources/k8s/kustomize/deployments/graphql-deployment.yaml @@ -17,9 +17,12 @@ spec: initContainers: - name: pokeapi-connection-checker image: curlimages/curl:latest - command: ['sh', '-c', - 'until curl -f -s --output /dev/null http://pokeapi:80/api/v2/; - do echo waiting for pokeapi; sleep 2; done;'] + command: ["sh", "-c"] + args: + - until curl -f -s --output /dev/null http://pokeapi:80/api/v2/; do + echo waiting for pokeapi; + sleep 2; + done; containers: - name: graphql-engine image: hasura/graphql-engine:v2.0.0-alpha.5 @@ -49,4 +52,3 @@ spec: - name: HASURA_GRAPHQL_ENABLE_TELEMETRY value: "false" resources: {} - diff --git a/Resources/k8s/kustomize/deployments/pokeapi-deployment.yaml b/Resources/k8s/kustomize/deployments/pokeapi-deployment.yaml index d08b434b..d013f925 100644 --- a/Resources/k8s/kustomize/deployments/pokeapi-deployment.yaml +++ b/Resources/k8s/kustomize/deployments/pokeapi-deployment.yaml @@ -17,15 +17,18 @@ spec: initContainers: - name: postgres-connection-checker image: postgres:13.3-alpine - command: ['sh', '-c', - 'until pg_isready -h postgresql -p 5432; - do echo waiting for database; sleep 2; done;'] + command: ['sh', '-c'] + args: + - until pg_isready -h postgresql -p 5432; do + echo waiting for database; + sleep 2; + done; containers: - name: pokeapi image: pokeapi/pokeapi:staging ports: - containerPort: 8080 - securityContext: # CI: Github Actions kills this container if not run with root. Otherwise, it's safe to use the default pokeapi/pokeapi user and remove these lines. + securityContext: # CI: Github Actions kills this container if not run with root. Otherwise, it's safe to use the default pokeapi/pokeapi user and remove these lines. allowPrivilegeEscalation: false runAsUser: 0 env: diff --git a/Resources/k8s/kustomize/jobs/load-graphql.yaml b/Resources/k8s/kustomize/jobs/load-graphql.yaml index 0e9ad56a..2b0c396e 100644 --- a/Resources/k8s/kustomize/jobs/load-graphql.yaml +++ b/Resources/k8s/kustomize/jobs/load-graphql.yaml @@ -10,25 +10,28 @@ spec: initContainers: - name: pokeapi-last-built-resource-connection-checker image: curlimages/curl:latest - command: ['sh', '-c', - 'until curl -f -s --output /dev/null http://pokeapi:80/api/v2/pal-park-area/5/; - do echo waiting for pokeapi; sleep 2; done;'] + command: ['sh', '-c'] + args: + - until curl -f -s --output /dev/null http://pokeapi:80/api/v2/pal-park-area/5/; + do echo waiting for pokeapi; + sleep 2; + done; containers: - - name: load-graphql - image: debian:buster - env: - - name: HASURA_GRAPHQL_ADMIN_SECRET - valueFrom: - secretKeyRef: - name: graphql-env-secret - key: HASURA_GRAPHQL_ADMIN_SECRET - command: ["sh", "-c"] - args: - - apt-get update && - apt-get install -y git curl && - curl -L https://github.com/hasura/graphql-engine/raw/stable/cli/get.sh | bash && - hasura update-cli --version v2.0.0-alpha.5 && - git clone https://github.com/PokeAPI/pokeapi.git && - cd pokeapi && - git checkout staging && - hasura md apply --endpoint http://graphql:8080 --project graphql --admin-secret $(HASURA_GRAPHQL_ADMIN_SECRET) + - name: load-graphql + image: debian:buster + env: + - name: HASURA_GRAPHQL_ADMIN_SECRET + valueFrom: + secretKeyRef: + name: graphql-env-secret + key: HASURA_GRAPHQL_ADMIN_SECRET + command: ["sh", "-c"] + args: + - apt-get update && + apt-get install -y git curl && + curl -L https://github.com/hasura/graphql-engine/raw/stable/cli/get.sh | bash && + hasura update-cli --version v2.0.0-alpha.5 && + git clone https://github.com/PokeAPI/pokeapi.git && + cd pokeapi && + git checkout staging && + hasura md apply --endpoint http://graphql:8080 --project graphql --admin-secret $(HASURA_GRAPHQL_ADMIN_SECRET) diff --git a/Resources/k8s/kustomize/other/ingress.yaml b/Resources/k8s/kustomize/other/ingress.yaml index 13a62ed7..18e3f3d4 100644 --- a/Resources/k8s/kustomize/other/ingress.yaml +++ b/Resources/k8s/kustomize/other/ingress.yaml @@ -14,15 +14,15 @@ spec: port: number: 8080 rules: - - http: - paths: - - path: /api/v2 - pathType: Prefix - backend: - service: - name: pokeapi - port: - number: 80 + - http: + paths: + - path: /api/v2 + pathType: Prefix + backend: + service: + name: pokeapi + port: + number: 80 --- apiVersion: networking.k8s.io/v1 kind: Ingress @@ -39,12 +39,12 @@ spec: port: number: 8080 rules: - - http: - paths: - - path: /graphql - pathType: Prefix - backend: - service: - name: graphql - port: - number: 8080 + - http: + paths: + - path: /graphql + pathType: Prefix + backend: + service: + name: graphql + port: + number: 8080 diff --git a/Resources/k8s/kustomize/other/namespace.yaml b/Resources/k8s/kustomize/other/namespace.yaml index c8a37685..5c4c36f8 100644 --- a/Resources/k8s/kustomize/other/namespace.yaml +++ b/Resources/k8s/kustomize/other/namespace.yaml @@ -1,5 +1,5 @@ -kind: Namespace apiVersion: v1 +kind: Namespace metadata: name: pokeapi labels: diff --git a/Resources/k8s/kustomize/services/cloud.yaml b/Resources/k8s/kustomize/services/cloud.yaml index 08bc3d98..ede048a2 100644 --- a/Resources/k8s/kustomize/services/cloud.yaml +++ b/Resources/k8s/kustomize/services/cloud.yaml @@ -1,11 +1,11 @@ -kind: Service apiVersion: v1 +kind: Service metadata: name: haproxy-ingress labels: component: haproxy-ingress spec: - type: LoadBalancer # TODO: Change to `LoadBalancer` + type: LoadBalancer # TODO: Change to `LoadBalancer` externalTrafficPolicy: Local ports: - name: public-http @@ -19,5 +19,3 @@ spec: targetPort: stat selector: component: haproxy-ingress ---- - diff --git a/Resources/k8s/kustomize/services/default-service.yaml b/Resources/k8s/kustomize/services/default-service.yaml index dc308ba4..4475c2cf 100644 --- a/Resources/k8s/kustomize/services/default-service.yaml +++ b/Resources/k8s/kustomize/services/default-service.yaml @@ -8,5 +8,5 @@ spec: selector: component: default-backend ports: - - port: 8080 - targetPort: 8080 \ No newline at end of file + - port: 8080 + targetPort: 8080 diff --git a/Resources/k8s/kustomize/volumes/postgres-persistentvolumeclaim.yaml b/Resources/k8s/kustomize/volumes/postgres-persistentvolumeclaim.yaml index 4866b63c..4be7c28f 100644 --- a/Resources/k8s/kustomize/volumes/postgres-persistentvolumeclaim.yaml +++ b/Resources/k8s/kustomize/volumes/postgres-persistentvolumeclaim.yaml @@ -1,5 +1,5 @@ -kind: PersistentVolume apiVersion: v1 +kind: PersistentVolume metadata: name: postgres-volume0 labels: @@ -10,7 +10,7 @@ spec: storage: 10Gi accessModes: - ReadWriteOnce - hostPath: # TODO: change to a cloud-solution + hostPath: # TODO: change to a cloud-solution path: "/mnt/data" --- apiVersion: v1 diff --git a/Resources/k8s/kustomize/volumes/redis-persistentvolumeclaim.yaml b/Resources/k8s/kustomize/volumes/redis-persistentvolumeclaim.yaml index d5f395c2..f0a32582 100644 --- a/Resources/k8s/kustomize/volumes/redis-persistentvolumeclaim.yaml +++ b/Resources/k8s/kustomize/volumes/redis-persistentvolumeclaim.yaml @@ -1,5 +1,5 @@ -kind: PersistentVolume apiVersion: v1 +kind: PersistentVolume metadata: name: redis-volume0 labels: @@ -10,7 +10,7 @@ spec: storage: 2Gi accessModes: - ReadWriteOnce - hostPath: # TODO: change to a cloud-solution + hostPath: # TODO: change to a cloud-solution path: "/mnt/data" --- apiVersion: v1 From 333751c4f79469fb96960b547bf3a520f6721a00 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Sat, 5 Jun 2021 11:33:18 +0200 Subject: [PATCH 29/35] ci: build arm64 --- .github/workflows/docker-image.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index de2eecbd..16b9f784 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -33,6 +33,13 @@ jobs: with: username: ${{ secrets.DOCKERHUB_USERNAME_NARAMSIM }} password: ${{ secrets.DOCKERHUB_TOKEN_NARAMSIM }} + - name: Inspect builder + run: | + echo "Name: ${{ steps.buildx.outputs.name }}" + echo "Endpoint: ${{ steps.buildx.outputs.endpoint }}" + echo "Status: ${{ steps.buildx.outputs.status }}" + echo "Flags: ${{ steps.buildx.outputs.flags }}" + echo "Platforms: ${{ steps.buildx.outputs.platforms }}" - name: Build and push id: docker_build uses: docker/build-push-action@v2 @@ -40,6 +47,7 @@ jobs: context: . file: ./Resources/docker/app/Dockerfile push: true + platforms: linux/amd64,linux/arm64 tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} - name: Image digest From 1a6ac5361cdf431e5e2caf55047816214d573f65 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Sat, 5 Jun 2021 11:47:33 +0200 Subject: [PATCH 30/35] ci: add id to step --- .github/workflows/docker-image.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index 16b9f784..bd347c32 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -26,6 +26,7 @@ jobs: - name: Set up QEMU uses: docker/setup-qemu-action@v1 - name: Set up Docker Buildx + id: buildx uses: docker/setup-buildx-action@v1 - name: Login to DockerHub if: github.event_name != 'pull_request' From bdfbf8f9ef1db5e4b5ab90ff5faff764681850c1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Sat, 5 Jun 2021 11:52:53 +0200 Subject: [PATCH 31/35] ci: build all available platforms --- .github/workflows/docker-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index bd347c32..6894a8a6 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -48,7 +48,7 @@ jobs: context: . file: ./Resources/docker/app/Dockerfile push: true - platforms: linux/amd64,linux/arm64 + platforms: linux/amd64,linux/arm64,linux/riscv64,linux/ppc64le,linux/s390x,linux/386,linux/arm/v7,linux/arm/v6 tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} - name: Image digest From 19126075a01a7eead3885707f32c99e53385b599 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Sat, 5 Jun 2021 12:01:07 +0200 Subject: [PATCH 32/35] ci: remove risc build --- .github/workflows/docker-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index 6894a8a6..0f5b0a15 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -48,7 +48,7 @@ jobs: context: . file: ./Resources/docker/app/Dockerfile push: true - platforms: linux/amd64,linux/arm64,linux/riscv64,linux/ppc64le,linux/s390x,linux/386,linux/arm/v7,linux/arm/v6 + platforms: linux/amd64,linux/arm64,linux/ppc64le,linux/s390x,linux/386,linux/arm/v7,linux/arm/v6 tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} - name: Image digest From fbe39b62c247a632c1ac49e78a599949964cdfb3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Sat, 5 Jun 2021 22:26:39 +0200 Subject: [PATCH 33/35] feat: run kustomize action after image is created --- .github/workflows/kustomize.yml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/.github/workflows/kustomize.yml b/.github/workflows/kustomize.yml index 187a4638..9e0d75ca 100644 --- a/.github/workflows/kustomize.yml +++ b/.github/workflows/kustomize.yml @@ -1,17 +1,18 @@ name: Deploy Kustomize k8s cluster on: - pull_request: - push: - branches: - - 'master' - - 'staging' + workflow_run: + workflows: ["Build and Push Docker image"] + branches: [master, staging] + types: + - completed schedule: - cron: '0 0 1 * *' jobs: create-kustomize-cluster: runs-on: ubuntu-latest + if: ${{ github.event.workflow_run.conclusion == 'success' }} steps: - name: Checkout uses: actions/checkout@v2 From b2ec70d8f74ab5a5c1758a1d1b7dcf6fb85fc62b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Sat, 5 Jun 2021 22:58:10 +0200 Subject: [PATCH 34/35] feat: allow staging and master deployment --- .github/workflows/kustomize.yml | 10 +++++++--- Makefile | 5 ++++- README.md | 9 +++++---- .../{ => base}/config/haproxy-ingress-configmap.yaml | 0 .../pokeapi.env => base/config/pokeapi.env.sample} | 0 .../{ => base}/deployments/default-deployment.yaml | 0 .../{ => base}/deployments/graphql-deployment.yaml | 0 .../deployments/haproxy-ingress-controller.yaml | 0 .../{ => base}/deployments/pokeapi-deployment.yaml | 2 +- .../{ => base}/deployments/postgres-deployment.yaml | 0 .../{ => base}/deployments/redis-deployment.yaml | 0 .../k8s/kustomize/{ => base}/jobs/load-graphql.yaml | 0 Resources/k8s/kustomize/{ => base}/kustomization.yaml | 0 .../{ => base}/other/ingress-controller-rbac.yaml | 0 Resources/k8s/kustomize/{ => base}/other/ingress.yaml | 0 .../k8s/kustomize/{ => base}/other/namespace.yaml | 0 .../kustomize/{ => base}/secrets/graphql.env.sample | 0 .../kustomize/{ => base}/secrets/postgres.env.sample | 0 Resources/k8s/kustomize/{ => base}/services/cloud.yaml | 0 .../kustomize/{ => base}/services/default-service.yaml | 0 .../kustomize/{ => base}/services/graphql-service.yaml | 0 .../kustomize/{ => base}/services/pokeapi-service.yaml | 0 .../{ => base}/services/postgres-service.yaml | 0 .../kustomize/{ => base}/services/redis-service.yaml | 0 .../volumes/postgres-persistentvolumeclaim.yaml | 0 .../volumes/redis-persistentvolumeclaim.yaml | 0 Resources/k8s/kustomize/staging/kustomization.yaml | 9 +++++++++ 27 files changed, 26 insertions(+), 9 deletions(-) rename Resources/k8s/kustomize/{ => base}/config/haproxy-ingress-configmap.yaml (100%) rename Resources/k8s/kustomize/{config/pokeapi.env => base/config/pokeapi.env.sample} (100%) rename Resources/k8s/kustomize/{ => base}/deployments/default-deployment.yaml (100%) rename Resources/k8s/kustomize/{ => base}/deployments/graphql-deployment.yaml (100%) rename Resources/k8s/kustomize/{ => base}/deployments/haproxy-ingress-controller.yaml (100%) rename Resources/k8s/kustomize/{ => base}/deployments/pokeapi-deployment.yaml (97%) rename Resources/k8s/kustomize/{ => base}/deployments/postgres-deployment.yaml (100%) rename Resources/k8s/kustomize/{ => base}/deployments/redis-deployment.yaml (100%) rename Resources/k8s/kustomize/{ => base}/jobs/load-graphql.yaml (100%) rename Resources/k8s/kustomize/{ => base}/kustomization.yaml (100%) rename Resources/k8s/kustomize/{ => base}/other/ingress-controller-rbac.yaml (100%) rename Resources/k8s/kustomize/{ => base}/other/ingress.yaml (100%) rename Resources/k8s/kustomize/{ => base}/other/namespace.yaml (100%) rename Resources/k8s/kustomize/{ => base}/secrets/graphql.env.sample (100%) rename Resources/k8s/kustomize/{ => base}/secrets/postgres.env.sample (100%) rename Resources/k8s/kustomize/{ => base}/services/cloud.yaml (100%) rename Resources/k8s/kustomize/{ => base}/services/default-service.yaml (100%) rename Resources/k8s/kustomize/{ => base}/services/graphql-service.yaml (100%) rename Resources/k8s/kustomize/{ => base}/services/pokeapi-service.yaml (100%) rename Resources/k8s/kustomize/{ => base}/services/postgres-service.yaml (100%) rename Resources/k8s/kustomize/{ => base}/services/redis-service.yaml (100%) rename Resources/k8s/kustomize/{ => base}/volumes/postgres-persistentvolumeclaim.yaml (100%) rename Resources/k8s/kustomize/{ => base}/volumes/redis-persistentvolumeclaim.yaml (100%) create mode 100644 Resources/k8s/kustomize/staging/kustomization.yaml diff --git a/.github/workflows/kustomize.yml b/.github/workflows/kustomize.yml index 9e0d75ca..f26a3cb2 100644 --- a/.github/workflows/kustomize.yml +++ b/.github/workflows/kustomize.yml @@ -24,12 +24,16 @@ jobs: uses: helm/kind-action@v1.1.0 with: version: v0.11.1 + - name: Create deployment configuration + run: | + cp Resources/k8s/kustomize/base/secrets/postgres.env.sample Resources/k8s/kustomize/base/secrets/postgres.env + cp Resources/k8s/kustomize/base/secrets/graphql.env.sample Resources/k8s/kustomize/base/secrets/graphql.env + cp Resources/k8s/kustomize/base/config/pokeapi.env.sample Resources/k8s/kustomize/base/config/pokeapi.env - name: K8s Apply run: | - cp Resources/k8s/kustomize/secrets/postgres.env.sample Resources/k8s/kustomize/secrets/postgres.env - cp Resources/k8s/kustomize/secrets/graphql.env.sample Resources/k8s/kustomize/secrets/graphql.env - make kustomize-apply + if [ ${GITHUB_REF#refs/heads/} = 'master' ]; then make kustomize-apply; else make kustomize-staging-apply; fi kubectl proxy & + kubectl describe deployment bash Resources/scripts/wait.sh http://localhost:8001/api/v1/namespaces/pokeapi/services/pokeapi/proxy/api/v2/ - name: Set default namespace run: | diff --git a/Makefile b/Makefile index 9f734097..97afba38 100755 --- a/Makefile +++ b/Makefile @@ -102,7 +102,10 @@ hasura-get-anon-schema: # Dumps GraphQL schema gq http://localhost:8080/v1/graphql --introspect > graphql/schema.graphql kustomize-apply: # (Kustomize) Run kubectl apply -k on the connected k8s cluster - kubectl apply -k Resources/k8s/kustomize/ + kubectl apply -k Resources/k8s/kustomize/base/ + +kustomize-staging-apply: # (Kustomize) Run kubectl apply -k on the connected k8s cluster + kubectl apply -k Resources/k8s/kustomize/staging/ k8s-migrate: # (k8s) Run any pending migrations kubectl exec --namespace pokeapi deployment/pokeapi -- python manage.py migrate --settings=config.docker-compose diff --git a/README.md b/README.md index 1449b315..bf2318c9 100755 --- a/README.md +++ b/README.md @@ -108,18 +108,19 @@ A set of examples are provided in the directory [/graphql/examples](./graphql/ex ## Kubernetes   [![k8s status](https://github.com/PokeAPI/pokeapi/actions/workflows/kustomize.yml/badge.svg?branch=master)](https://github.com/PokeAPI/pokeapi/actions/workflows/kustomize.yml) -[Kustomize](https://kubernetes.io/docs/tasks/manage-kubernetes-objects/kustomization/) files are provided in the folder https://github.com/PokeAPI/pokeapi/tree/master/Resources/k8s/kustomize/. Create and change your secrets: +[Kustomize](https://kubernetes.io/docs/tasks/manage-kubernetes-objects/kustomization/) files are provided in the folder https://github.com/PokeAPI/pokeapi/tree/master/Resources/k8s/kustomize/base/. Create and change your secrets: ```sh -cp Resources/k8s/kustomize/secrets/postgres.env.sample Resources/k8s/kustomize/secrets/postgres.env -cp Resources/k8s/kustomize/secrets/graphql.env.sample Resources/k8s/kustomize/secrets/graphql.env +cp Resources/k8s/kustomize/base/secrets/postgres.env.sample Resources/k8s/kustomize/base/secrets/postgres.env +cp Resources/k8s/kustomize/base/secrets/graphql.env.sample Resources/k8s/kustomize/base/secrets/graphql.env +cp Resources/k8s/kustomize/base/config/pokeapi.env.sample Resources/k8s/kustomize/base/config/pokeapi.env # Edit the newly created files ``` Configure `kubectl` to point to a cluster and then run the following commands to start a PokéAPI service. ```sh -kubectl apply -k Resources/k8s/kustomize/ +kubectl apply -k Resources/k8s/kustomize/base/ kubectl config set-context --current --namespace pokeapi # (Optional) Set pokeapi ns as the working ns # Wait for the cluster to spin up kubectl exec --namespace pokeapi deployment/pokeapi -- python manage.py migrate --settings=config.docker-compose # Migrate the DB diff --git a/Resources/k8s/kustomize/config/haproxy-ingress-configmap.yaml b/Resources/k8s/kustomize/base/config/haproxy-ingress-configmap.yaml similarity index 100% rename from Resources/k8s/kustomize/config/haproxy-ingress-configmap.yaml rename to Resources/k8s/kustomize/base/config/haproxy-ingress-configmap.yaml diff --git a/Resources/k8s/kustomize/config/pokeapi.env b/Resources/k8s/kustomize/base/config/pokeapi.env.sample similarity index 100% rename from Resources/k8s/kustomize/config/pokeapi.env rename to Resources/k8s/kustomize/base/config/pokeapi.env.sample diff --git a/Resources/k8s/kustomize/deployments/default-deployment.yaml b/Resources/k8s/kustomize/base/deployments/default-deployment.yaml similarity index 100% rename from Resources/k8s/kustomize/deployments/default-deployment.yaml rename to Resources/k8s/kustomize/base/deployments/default-deployment.yaml diff --git a/Resources/k8s/kustomize/deployments/graphql-deployment.yaml b/Resources/k8s/kustomize/base/deployments/graphql-deployment.yaml similarity index 100% rename from Resources/k8s/kustomize/deployments/graphql-deployment.yaml rename to Resources/k8s/kustomize/base/deployments/graphql-deployment.yaml diff --git a/Resources/k8s/kustomize/deployments/haproxy-ingress-controller.yaml b/Resources/k8s/kustomize/base/deployments/haproxy-ingress-controller.yaml similarity index 100% rename from Resources/k8s/kustomize/deployments/haproxy-ingress-controller.yaml rename to Resources/k8s/kustomize/base/deployments/haproxy-ingress-controller.yaml diff --git a/Resources/k8s/kustomize/deployments/pokeapi-deployment.yaml b/Resources/k8s/kustomize/base/deployments/pokeapi-deployment.yaml similarity index 97% rename from Resources/k8s/kustomize/deployments/pokeapi-deployment.yaml rename to Resources/k8s/kustomize/base/deployments/pokeapi-deployment.yaml index d013f925..d057b235 100644 --- a/Resources/k8s/kustomize/deployments/pokeapi-deployment.yaml +++ b/Resources/k8s/kustomize/base/deployments/pokeapi-deployment.yaml @@ -25,7 +25,7 @@ spec: done; containers: - name: pokeapi - image: pokeapi/pokeapi:staging + image: pokeapi/pokeapi:master ports: - containerPort: 8080 securityContext: # CI: Github Actions kills this container if not run with root. Otherwise, it's safe to use the default pokeapi/pokeapi user and remove these lines. diff --git a/Resources/k8s/kustomize/deployments/postgres-deployment.yaml b/Resources/k8s/kustomize/base/deployments/postgres-deployment.yaml similarity index 100% rename from Resources/k8s/kustomize/deployments/postgres-deployment.yaml rename to Resources/k8s/kustomize/base/deployments/postgres-deployment.yaml diff --git a/Resources/k8s/kustomize/deployments/redis-deployment.yaml b/Resources/k8s/kustomize/base/deployments/redis-deployment.yaml similarity index 100% rename from Resources/k8s/kustomize/deployments/redis-deployment.yaml rename to Resources/k8s/kustomize/base/deployments/redis-deployment.yaml diff --git a/Resources/k8s/kustomize/jobs/load-graphql.yaml b/Resources/k8s/kustomize/base/jobs/load-graphql.yaml similarity index 100% rename from Resources/k8s/kustomize/jobs/load-graphql.yaml rename to Resources/k8s/kustomize/base/jobs/load-graphql.yaml diff --git a/Resources/k8s/kustomize/kustomization.yaml b/Resources/k8s/kustomize/base/kustomization.yaml similarity index 100% rename from Resources/k8s/kustomize/kustomization.yaml rename to Resources/k8s/kustomize/base/kustomization.yaml diff --git a/Resources/k8s/kustomize/other/ingress-controller-rbac.yaml b/Resources/k8s/kustomize/base/other/ingress-controller-rbac.yaml similarity index 100% rename from Resources/k8s/kustomize/other/ingress-controller-rbac.yaml rename to Resources/k8s/kustomize/base/other/ingress-controller-rbac.yaml diff --git a/Resources/k8s/kustomize/other/ingress.yaml b/Resources/k8s/kustomize/base/other/ingress.yaml similarity index 100% rename from Resources/k8s/kustomize/other/ingress.yaml rename to Resources/k8s/kustomize/base/other/ingress.yaml diff --git a/Resources/k8s/kustomize/other/namespace.yaml b/Resources/k8s/kustomize/base/other/namespace.yaml similarity index 100% rename from Resources/k8s/kustomize/other/namespace.yaml rename to Resources/k8s/kustomize/base/other/namespace.yaml diff --git a/Resources/k8s/kustomize/secrets/graphql.env.sample b/Resources/k8s/kustomize/base/secrets/graphql.env.sample similarity index 100% rename from Resources/k8s/kustomize/secrets/graphql.env.sample rename to Resources/k8s/kustomize/base/secrets/graphql.env.sample diff --git a/Resources/k8s/kustomize/secrets/postgres.env.sample b/Resources/k8s/kustomize/base/secrets/postgres.env.sample similarity index 100% rename from Resources/k8s/kustomize/secrets/postgres.env.sample rename to Resources/k8s/kustomize/base/secrets/postgres.env.sample diff --git a/Resources/k8s/kustomize/services/cloud.yaml b/Resources/k8s/kustomize/base/services/cloud.yaml similarity index 100% rename from Resources/k8s/kustomize/services/cloud.yaml rename to Resources/k8s/kustomize/base/services/cloud.yaml diff --git a/Resources/k8s/kustomize/services/default-service.yaml b/Resources/k8s/kustomize/base/services/default-service.yaml similarity index 100% rename from Resources/k8s/kustomize/services/default-service.yaml rename to Resources/k8s/kustomize/base/services/default-service.yaml diff --git a/Resources/k8s/kustomize/services/graphql-service.yaml b/Resources/k8s/kustomize/base/services/graphql-service.yaml similarity index 100% rename from Resources/k8s/kustomize/services/graphql-service.yaml rename to Resources/k8s/kustomize/base/services/graphql-service.yaml diff --git a/Resources/k8s/kustomize/services/pokeapi-service.yaml b/Resources/k8s/kustomize/base/services/pokeapi-service.yaml similarity index 100% rename from Resources/k8s/kustomize/services/pokeapi-service.yaml rename to Resources/k8s/kustomize/base/services/pokeapi-service.yaml diff --git a/Resources/k8s/kustomize/services/postgres-service.yaml b/Resources/k8s/kustomize/base/services/postgres-service.yaml similarity index 100% rename from Resources/k8s/kustomize/services/postgres-service.yaml rename to Resources/k8s/kustomize/base/services/postgres-service.yaml diff --git a/Resources/k8s/kustomize/services/redis-service.yaml b/Resources/k8s/kustomize/base/services/redis-service.yaml similarity index 100% rename from Resources/k8s/kustomize/services/redis-service.yaml rename to Resources/k8s/kustomize/base/services/redis-service.yaml diff --git a/Resources/k8s/kustomize/volumes/postgres-persistentvolumeclaim.yaml b/Resources/k8s/kustomize/base/volumes/postgres-persistentvolumeclaim.yaml similarity index 100% rename from Resources/k8s/kustomize/volumes/postgres-persistentvolumeclaim.yaml rename to Resources/k8s/kustomize/base/volumes/postgres-persistentvolumeclaim.yaml diff --git a/Resources/k8s/kustomize/volumes/redis-persistentvolumeclaim.yaml b/Resources/k8s/kustomize/base/volumes/redis-persistentvolumeclaim.yaml similarity index 100% rename from Resources/k8s/kustomize/volumes/redis-persistentvolumeclaim.yaml rename to Resources/k8s/kustomize/base/volumes/redis-persistentvolumeclaim.yaml diff --git a/Resources/k8s/kustomize/staging/kustomization.yaml b/Resources/k8s/kustomize/staging/kustomization.yaml new file mode 100644 index 00000000..ed12b218 --- /dev/null +++ b/Resources/k8s/kustomize/staging/kustomization.yaml @@ -0,0 +1,9 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +bases: + - ../base + +images: + - name: pokeapi/pokeapi + newTag: staging From 11163c4eae540fa4fb3afafee3136de3bbf2ef61 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alessandro=20Pezz=C3=A8?= Date: Sat, 5 Jun 2021 23:19:03 +0200 Subject: [PATCH 35/35] ci: remove platforns --- .github/workflows/docker-image.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index 0f5b0a15..66d81883 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -48,7 +48,7 @@ jobs: context: . file: ./Resources/docker/app/Dockerfile push: true - platforms: linux/amd64,linux/arm64,linux/ppc64le,linux/s390x,linux/386,linux/arm/v7,linux/arm/v6 + platforms: linux/amd64,linux/arm64,linux/ppc64le,linux/arm/v7,linux/arm/v6 tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} - name: Image digest