Merge pull request #5 from crane-cloud/deploy/app

feat: add deploy app workflow

Author: Mubangizi

.github/workflows/staging.yml

@@ -0,0 +1,108 @@
+---
+name: staging
+
+on:
+  push:
+    branches:
+      - master
+
+  workflow_dispatch:
+
+jobs:
+  build:
+    outputs:
+      image: ${{ steps.export.outputs.image }}
+      tag: ${{ steps.export.outputs.tag }}
+
+    runs-on: ubuntu-latest
+    env:
+      image: cranecloud/monitoring-api
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Install (Buildx)
+        uses: docker/setup-buildx-action@v1
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - id: meta
+        name: Tag
+        uses: docker/metadata-action@v3
+        with:
+          flavor: |
+            latest=true
+          images: ${{ env.image }}
+          tags: |
+            type=ref,event=branch
+            type=ref,event=pr
+            type=sha
+
+      - name: Build
+        uses: docker/build-push-action@v2
+        with:
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          context: .
+          labels: ${{ steps.meta.outputs.labels }}
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+
+      - id: export
+        name: Export
+        uses: actions/github-script@v5
+        with:
+          script: |
+            const metadata = JSON.parse(`${{ steps.meta.outputs.json }}`)
+            const fullUrl = metadata.tags.find((t) => t.includes(':sha-'))
+            if (fullUrl == null) {
+              core.error('Unable to find sha tag of image')
+            } else {
+              const tag = fullUrl.split(':')[1]
+              core.setOutput('image', fullUrl)
+              core.setOutput('tag', tag)
+            }
+
+  Microservice:
+    name: Deploy (Staging)
+
+    needs:
+      - Build
+
+    runs-on: ubuntu-latest
+    env:
+      namespace: cranecloud-microservice
+      image: cranecloud/monitoring-api
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - uses: azure/k8s-set-context@v1
+        with:
+          kubeconfig: ${{ secrets.RENU_KUBECONFIG}}
+
+      - name: Helm Release
+        run: |
+          helm upgrade --install --create-namespace \
+          monitoring-api ./helm/chart \
+          --values helm/values.staging.yaml \
+          --namespace $namespace \
+          --set image.tag="${{ needs.build.outputs.tag }}" \
+          --set environment.DATABASE_URI="${{ secrets.STAGING_DATABASE_URI }}" \
+          --set environment.DATABASE_USER="${{ secrets.STAGING_DATABASE_USER }}" \
+          --set environment.TEST_DATABASE_URL="${{ secrets.STAGING_TEST_DATABASE_URL }}" \
+          --set environment.FLASK_APP_SALT="${{ secrets.STAGING_FLASK_APP_SALT }}" \
+          --set environment.FLASK_APP_SECRET="${{ secrets.STAGING_FLASK_APP_SECRET }}" \
+          --set environment.PRODUCT_BASE_URL="${{ secrets.STAGING_PRODUCT_BASE_URL }}" \
+          --set environment.LOGGER_APP_URL="${{ secrets.STAGING_LOGGER_APP_URL }}" \
+          --timeout=300s
+
+      - name: Monitor Rollout
+        run: |
+          kubectl rollout status deployment/monitoring-api --timeout=300s --namespace $namespace

Dockerfile

@@ -20,7 +20,7 @@ COPY . /app
 
 
 # make port available to the world outside this container
-EXPOSE 4000
+EXPOSE 5000
 
 # connect to start script when db is being used
-CMD ["flask", "run", "--host=0.0.0.0", "--port=4000"]
+ENTRYPOINT ["sh", "/app/scripts/start.sh"]

docker-compose.yml

@@ -3,7 +3,7 @@ services:
   database:
     restart: always
     image: postgres:10.8-alpine
-    container_name: postgres-db
+    container_name: monitoring-postgres-db
     environment:
       POSTGRES_USER: postgres
       POSTGRES_DB: cc-monitoring
@@ -17,7 +17,7 @@ services:
     build:
       context: .
       dockerfile: Dockerfile
-    container_name: flask-api
+    container_name: monitoring-api
     environment:
       FLASK_APP_SECRET:
       JWT_SALT:

helm/chart/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

helm/chart/Chart.yaml

@@ -0,0 +1,23 @@
+apiVersion: v2
+name: cranecloud
+description: A Helm chart for cranecloud applications
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.4
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+appVersion: 1.16.0

helm/chart/templates/_helpers.tpl

@@ -0,0 +1,47 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "cranecloud.name" -}}
+{{- default .Release.Name .Values.nameOverride .Chart.Name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "cranecloud.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "cranecloud.labels" -}}
+helm.sh/chart: {{ include "cranecloud.chart" . }}
+{{ include "cranecloud.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "cranecloud.selectorLabels" -}}
+app: {{ include "cranecloud.name" . }}
+app.kubernetes.io/name: {{ include "cranecloud.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "cranecloud.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "cranecloud.name" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}

helm/chart/templates/celery-deployment.yaml

@@ -0,0 +1,54 @@
+{{- if .Values.celery.create -}}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "cranecloud.name" . }}-celery
+  labels:
+    {{- include "cranecloud.labels" . | nindent 4 }}
+spec:
+  replicas: {{ .Values.celery.replicaCount }}
+  selector:
+    matchLabels:
+      {{- include "cranecloud.selectorLabels" . | nindent 6 }}
+  strategy:
+    rollingUpdate:
+      maxSurge: 1
+      maxUnavailable: 25%
+    type: RollingUpdate
+  template:
+    metadata:
+    {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+      labels:
+        {{- include "cranecloud.selectorLabels" . | nindent 8 }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "cranecloud.serviceAccountName" . }}
+      securityContext:
+        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      containers:
+        - name: {{ include "cranecloud.name" . }}-celery
+          securityContext:
+            {{- toYaml .Values.securityContext | nindent 12 }}
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          command: {{ .Values.celery.command | toYaml | nindent 12}}
+          env:
+          - name: test
+            value: test
+          {{- range $key, $value := .Values.environment }}
+          - name: {{ $key }}
+            value: {{ $value | quote }}
+          {{- end }}
+          ports:
+            - name: celery-worker
+              containerPort: {{ .Values.celery.port }}
+              protocol: TCP
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+{{- end }}

helm/chart/templates/deployment.yaml

@@ -0,0 +1,76 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ include "cranecloud.name" . }}
+  labels:
+    {{- include "cranecloud.labels" . | nindent 4 }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  selector:
+    matchLabels:
+      {{- include "cranecloud.selectorLabels" . | nindent 6 }}
+  strategy:
+    rollingUpdate:
+      maxSurge: 1
+      maxUnavailable: 25%
+    type: RollingUpdate
+  template:
+    metadata:
+    {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+    {{- end }}
+      labels:
+        {{- include "cranecloud.selectorLabels" . | nindent 8 }}
+    spec:
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "cranecloud.serviceAccountName" . }}
+      securityContext:
+        {{- toYaml .Values.podSecurityContext | nindent 8 }}
+      containers:
+        - name: {{ include "cranecloud.name" . }}
+          securityContext:
+            {{- toYaml .Values.securityContext | nindent 12 }}
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          env:        
+          {{- range $key, $value := .Values.environment }}
+          - name: {{ $key }}
+            value: {{ $value | quote }}
+          {{- end }}
+          
+          ports:
+            - name: backend-api
+              containerPort: 8000
+              protocol: TCP
+          resources:
+            {{- toYaml .Values.resources | nindent 12 }}
+        - name: nginx
+          image: nginx:1.21.6
+          imagePullPolicy: IfNotPresent
+          ports:
+          - name: http
+            containerPort: 80
+          volumeMounts:
+          - name: nginx-proxy-config
+            mountPath: /etc/nginx/conf.d/default.conf
+            subPath: nginx.conf
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      volumes:
+      - name: nginx-proxy-config
+        configMap:
+          name: {{ .Release.Name }}-nginx-configmap

helm/chart/templates/nginx-configmap.yaml

@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ .Release.Name }}-nginx-configmap
+data:
+  nginx.conf: |-
+{{ tpl .Values.nginxConf . | indent 4 }}