chore: add deployment

Informasjonsforvaltning · Apr 11, 2024 · d4d4209 · d4d4209
1 parent cc38d5b
commit d4d4209
Show file tree

Hide file tree

Showing 18 changed files with 476 additions and 0 deletions.
diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md
@@ -0,0 +1,16 @@
+---
+name: Bug rapport
+about: Lag en bug rapport
+title: '[Bug]: kort beskrivelse av problemet'
+labels: 'bug'
+---
+
+## 🐛 Bug rapport
+
+### Nåværende oppførsel
+
+### Forventet oppførsel
+
+### Hvordan reprodusere?
+
+### Forslag/Løsning [Valgfritt]
diff --git a/.github/ISSUE_TEMPLATE/feature_requests.md b/.github/ISSUE_TEMPLATE/feature_requests.md
@@ -0,0 +1,16 @@
+---
+name: Feature forespørsel
+about: Forespør en ny feature
+title: '[Feat]: kort beskrivelse av feature'
+labels: 'enhancement'
+---
+
+## 🚀 Feature forespørsel
+
+### Feature beskrivelse
+
+### Hvorfor trenger vi det?
+
+### Forslag/løsning [Valgfritt]
+
+### Definisjon av ferdig
diff --git a/.github/ISSUE_TEMPLATE/ux_issue.md b/.github/ISSUE_TEMPLATE/ux_issue.md
@@ -0,0 +1,16 @@
+---
+name: UX issue
+about: Lag et UX issue
+title: '[UX]: kort beskrivelse av problemet'
+labels: 'ux'
+---
+
+## 🪄 UX rapport
+
+### Nåværende oppførsel
+
+### Dette er et problem fordi:
+
+### Forventet oppførsel/ønsket oppførsel
+
+### Skjermbilder
diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml
@@ -0,0 +1,22 @@
+name: Code scanning (CodeQL)
+
+on:
+  pull_request:
+    types: [ready_for_review, opened, reopened, synchronize]
+    branches:
+      - main
+  push:
+    branches:
+      - main
+  schedule:
+    - cron: '0 2 * * *'
+
+jobs:
+  codeql:
+    name: Run codeql scan
+    if: github.event.pull_request.draft == false
+    uses: Informasjonsforvaltning/workflows/.github/workflows/codeql.yaml@main
+    with:
+      language: javascript
+    secrets:
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/deploy-prod&demo.yaml b/.github/workflows/deploy-prod&demo.yaml
@@ -0,0 +1,103 @@
+name: Deploy to production and demo
+
+on:
+  push:
+    branches:
+      - main
+  workflow_dispatch:
+
+jobs:
+  test:
+    name: Test and build
+    if: github.event.pull_request.draft == false
+    runs-on: ubuntu-latest
+    outputs:
+      matrix: ${{ steps.set-matrix.outputs.matrix }}
+      changed: ${{ steps.set-matrix.outputs.changed }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          # We need to fetch all branches and commits so that Nx affected has a base to compare against.
+          fetch-depth: 0
+
+      - uses: nrwl/nx-set-shas@v3
+      - run: yarn install --frozen-lockfile
+
+      - name: Caching Nx
+        uses: actions/cache@v3
+        with:
+          path: node_modules/.cache
+          key: cache-nx-${{ hashFiles('yarn.lock') }}
+
+      - id: set-matrix
+        run: |
+          echo "matrix={\"appname\":$(yarn --silent run matrix)}" >> $GITHUB_OUTPUT
+          echo "changed=$(yarn --silent run matrix)" >> $GITHUB_OUTPUT
+
+      - run: yarn run affected:lint  --parallel=2
+      - run: yarn run affected:test  --parallel=2 --configuration=ci
+      - run: yarn run affected:e2e   --parallel=2 --configuration=ci
+      - run: yarn run affected:build --parallel=2 --configuration=ci
+
+      - name: Caching Dist Folder
+        uses: actions/cache@v3
+        with:
+          path: ./dist
+          key: cache-dist-${{ github.sha }}
+
+  build:
+    name: Build affected apps when pull request is created
+    needs: [test]
+    if: ${{ needs.test.outputs.changed != '[]' }}
+    strategy:
+      matrix: ${{fromJSON(needs.test.outputs.matrix)}}
+    uses: Informasjonsforvaltning/workflows/.github/workflows/build-push.yaml@main
+    with:
+      app_name: ${{ matrix.appname }}-frontend
+      environment: prod
+      build_env: true
+      build_env_name: BINARY
+      build_env_value: ${{ matrix.appname }}-frontend
+      cache_path: ./dist
+      cache_key: cache-dist-${{ github.sha }}
+      dockerfile: apps/${{ matrix.appname }}/Dockerfile
+    secrets:
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      GCP_SA_DIGDIR_FDK_GCR_KEY: ${{ secrets.GCP_SA_DIGDIR_FDK_GCR_KEY }}
+
+  deploy-prod:
+    name: Deploy affected apps to production environment with reusable workflow
+    needs: [test, build]
+    strategy:
+      matrix: ${{fromJSON(needs.test.outputs.matrix)}}
+      fail-fast: false
+    if: ${{ needs.test.outputs.changed != '[]' }}
+    uses: Informasjonsforvaltning/workflows/.github/workflows/kustomize-deploy.yaml@main
+    with:
+      app_name: ${{ matrix.appname }}-frontend
+      environment: prod
+      monorepo_app: true
+      cluster: digdir-fdk-prod
+    secrets:
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      DIGDIR_FDK_AUTODEPLOY: ${{ secrets.DIGDIR_FDK_PROD_AUTODEPLOY }}
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
+
+  deploy-demo:
+    name: Deploy affected apps to demo environment with reusable workflow
+    needs: [test, deploy-prod]
+    strategy:
+      matrix: ${{fromJSON(needs.test.outputs.matrix)}}
+      fail-fast: false
+    if: ${{ needs.test.outputs.changed != '[]' }}
+    uses: Informasjonsforvaltning/workflows/.github/workflows/kustomize-deploy.yaml@main
+    with:
+      app_name: ${{ matrix.appname }}-frontend
+      environment: demo
+      monorepo_app: true
+      cluster: digdir-fdk-dev
+    secrets:
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      DIGDIR_FDK_AUTODEPLOY: ${{ secrets.DIGDIR_FDK_DEV_AUTODEPLOY }}
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
diff --git a/.github/workflows/deploy-staging.yaml b/.github/workflows/deploy-staging.yaml
@@ -0,0 +1,85 @@
+name: Deploy to staging
+
+on:
+  pull_request:
+    types: [ready_for_review, opened, reopened, synchronize]
+    branches:
+      - main
+
+jobs:
+  test:
+    name: Test and build
+    if: github.event.pull_request.draft == false
+    runs-on: ubuntu-latest
+    outputs:
+      matrix: ${{ steps.set-matrix.outputs.matrix }}
+      changed: ${{ steps.set-matrix.outputs.changed }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          # We need to fetch all branches and commits so that Nx affected has a base to compare against.
+          fetch-depth: 0
+
+      - uses: nrwl/nx-set-shas@v3
+      - run: yarn install --frozen-lockfile
+
+      - name: Caching Nx
+        uses: actions/cache@v3
+        with:
+          path: node_modules/.cache
+          key: cache-nx-${{ hashFiles('yarn.lock') }}
+
+      - id: set-matrix
+        run: |
+          echo "matrix={\"appname\":$(yarn --silent run matrix)}" >> $GITHUB_OUTPUT
+          echo "changed=$(yarn --silent run matrix)" >> $GITHUB_OUTPUT
+
+      - run: yarn run affected:lint  --parallel=2
+      - run: yarn run affected:test  --parallel=2 --configuration=ci
+      - run: yarn run affected:e2e   --parallel=2 --configuration=ci
+      - run: yarn run affected:build --parallel=2 --configuration=ci
+
+      - name: Caching Dist Folder
+        uses: actions/cache@v3
+        with:
+          path: ./dist
+          key: cache-dist-${{ github.sha }}
+
+  build:
+    name: Build affected apps when pull request is created
+    needs: [test]
+    if: ${{ needs.test.outputs.changed != '[]' }}
+    strategy:
+      matrix: ${{fromJSON(needs.test.outputs.matrix)}}
+    uses: Informasjonsforvaltning/workflows/.github/workflows/build-push.yaml@main
+    with:
+      app_name: ${{ matrix.appname }}-frontend
+      environment: staging
+      build_env: true
+      build_env_name: BINARY
+      build_env_value: ${{ matrix.appname }}-frontend
+      cache_path: ./dist
+      cache_key: cache-dist-${{ github.sha }}
+      dockerfile: apps/${{ matrix.appname }}/Dockerfile
+    secrets:
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      GCP_SA_DIGDIR_FDK_GCR_KEY: ${{ secrets.GCP_SA_DIGDIR_FDK_GCR_KEY }}
+
+  deploy:
+    name: Deploy affected apps to staging environment with reusable workflow
+    needs: [test, build]
+    if: ${{ needs.test.outputs.changed != '[]' }}
+    strategy:
+      matrix: ${{fromJSON(needs.test.outputs.matrix)}}
+      fail-fast: false
+    uses: Informasjonsforvaltning/workflows/.github/workflows/kustomize-deploy.yaml@main
+    with:
+      app_name: ${{ matrix.appname }}-frontend
+      environment: staging
+      monorepo_app: true
+      cluster: digdir-fdk-dev
+    secrets:
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      DIGDIR_FDK_AUTODEPLOY: ${{ secrets.DIGDIR_FDK_DEV_AUTODEPLOY }}
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
diff --git a/deploy/base/contact-form/contact-form-deployment.yaml b/deploy/base/contact-form/contact-form-deployment.yaml
@@ -0,0 +1,53 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: contact-form
+  labels:
+    app: contact-form
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: contact-form
+  strategy:
+    type: RollingUpdate
+  template:
+    metadata:
+      labels:
+        app: contact-form
+      annotations:
+        prometheus.io/scrape: 'false'
+    spec:
+      containers:
+        - name: contact-form
+          image: contact-form
+          imagePullPolicy: Always
+          ports:
+            - containerPort: 8080
+          livenessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /api/ping
+              port: 8080
+              scheme: HTTP
+            periodSeconds: 30
+            successThreshold: 1
+            timeoutSeconds: 1
+            initialDelaySeconds: 20
+          readinessProbe:
+            failureThreshold: 3
+            httpGet:
+              path: /api/ping
+              port: 8080
+              scheme: HTTP
+            periodSeconds: 30
+            successThreshold: 1
+            timeoutSeconds: 1
+            initialDelaySeconds: 20
+          resources:
+            requests:
+              cpu: 50m
+              memory: 50Mi
+            limits:
+              memory: 50Mi
diff --git a/deploy/base/contact-form/contact-form-service.yaml b/deploy/base/contact-form/contact-form-service.yaml
@@ -0,0 +1,14 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: contact-form
+spec:
+  selector:
+    app: contact-form
+  ports:
+    - name: http
+      protocol: TCP
+      port: 8080
+      targetPort: 8080
+  type: NodePort
diff --git a/deploy/base/contact-form/kustomization.yaml b/deploy/base/contact-form/kustomization.yaml
@@ -0,0 +1,10 @@
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - contact-form-deployment.yaml
+  - contact-form-service.yaml
+images:
+  - name: contact-form
+    newName: eu.gcr.io/digdir-fdk-infra/contact-form
+    newTag: $(GIT_COMMIT_SHA)
diff --git a/deploy/demo/contact-form/contact-form-env.yaml b/deploy/demo/contact-form/contact-form-env.yaml
@@ -0,0 +1,15 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: contact-form
+  labels:
+    app: contact-form
+spec:
+  selector:
+    matchLabels:
+      app: contact-form
+  template:
+    spec:
+      containers:
+        - name: contact-form
diff --git a/deploy/demo/contact-form/contact-form-ingress.yaml b/deploy/demo/contact-form/contact-form-ingress.yaml
@@ -0,0 +1,22 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: contact-form
+  annotations:
+    nginx.ingress.kubernetes.io/proxy-buffering: 'on'
+    nginx.ingress.kubernetes.io/proxy-buffers-number: '8'
+    nginx.ingress.kubernetes.io/proxy-buffer-size: '32k'
+spec:
+  ingressClassName: nginx
+  rules:
+    - host: new.demo.fellesdatakatalog.digdir.no
+      http:
+        paths:
+          - backend:
+              service:
+                name: contact-form
+                port:
+                  number: 8080
+            path: /
+            pathType: Prefix
diff --git a/deploy/demo/contact-form/kustomization.yaml b/deploy/demo/contact-form/kustomization.yaml
@@ -0,0 +1,10 @@
+---
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: demo
+resources:
+  - ../../base/contact-form
+  - contact-form-ingress.yaml
+
+patchesStrategicMerge:
+  - contact-form-env.yaml