From 5a8519eade88d3dbb17a5327df6336f8e4f50ed4 Mon Sep 17 00:00:00 2001 From: Egbewatt Kokou Mwangah Smith Date: Tue, 5 Mar 2024 07:33:18 -0700 Subject: [PATCH] all pipelines and manifests --- ...ild2release.yaml => buildandpush-app.yaml} | 11 +-- .github/workflows/infra-release.yaml | 52 +++++++++++++ .github/workflows/k8s-apps-release.yaml | 38 ++++++++++ manifests/cohere-app.yaml | 51 +++++++++++++ manifests/postgress.yaml | 75 +++++++++++++++++++ 5 files changed, 218 insertions(+), 9 deletions(-) rename .github/workflows/{code-build2release.yaml => buildandpush-app.yaml} (82%) create mode 100644 .github/workflows/infra-release.yaml create mode 100644 .github/workflows/k8s-apps-release.yaml create mode 100644 manifests/cohere-app.yaml create mode 100644 manifests/postgress.yaml diff --git a/.github/workflows/code-build2release.yaml b/.github/workflows/buildandpush-app.yaml similarity index 82% rename from .github/workflows/code-build2release.yaml rename to .github/workflows/buildandpush-app.yaml index 023a7c3..a46dd92 100644 --- a/.github/workflows/code-build2release.yaml +++ b/.github/workflows/buildandpush-app.yaml @@ -1,4 +1,4 @@ -name: Build_Push_App +name: BuildPush_App on: workflow_dispatch: pull_request: @@ -51,14 +51,7 @@ jobs: with: project_id: ${{ secrets.PROJECT_ID }} workload_identity_provider: ${{ secrets.WORKLOAD_IDENTITYPROVIDER }} - service_account: ${{ secrets.GKE_SA_KEY }} - - - name: Configure kubectl - uses: google-github-actions/setup-gcloud@v0 - with: - project_id: ${{ secrets.PROJECT_ID }} - service_account_key: ${{ secrets.GKE_SA_KEY }} - export_default_credentials: true + # service_account: ${{ secrets.GKE_SA_KEY }} - name: Build and Push Image run: | diff --git a/.github/workflows/infra-release.yaml b/.github/workflows/infra-release.yaml new file mode 100644 index 0000000..b931f61 --- /dev/null +++ b/.github/workflows/infra-release.yaml @@ -0,0 +1,52 @@ +name: Infra Release +on: + push: + branches: + - main + pull_request: + +env: + AWS_REGION: us-east-2 + +jobs: + terraform-release: + name: "Terraform Release" + strategy: + matrix: + environment: [DEV] + runs-on: ubuntu-latest + env: + work-environment: $(echo "${{ matrix.environment }}" | tr '[:upper:]' '[:lower:]') + steps: + - uses: actions/checkout@v4 + + - name: Install Terraform + env: + TERRAFORM_VERSION: "1.7.4" + run: | + tf_version=$TERRAFORM_VERSION + wget https://releases.hashicorp.com/terraform/"$tf_version"/terraform_"$tf_version"_linux_amd64.zip + sudo unzip -o terraform_"$tf_version"_linux_amd64.zip + sudo mv terraform /usr/local/bin/ + - name: Verify Terraform version + run: terraform --version + + # https://github.com/google-github-actions/auth + - name: Authenticate with Google Cloud + uses: 'google-github-actions/auth@v2' + with: + project_id: ${{ secrets.PROJECT_ID }} + workload_identity_provider: ${{ secrets.WORKLOAD_IDENTITYPROVIDER }} + # service_account: ${{ secrets.GKE_SA_KEY }} + + - name: Terraform Plan + if: ${{ github.event_name == 'pull_request' }} + run: | + chmod +x ci/scripts/*.sh + python ci/scripts/execute-terraform.py --config ci/configs/pipeline-config.json --command plan --env ${{ env.work-environment }} + + - name: Terraform Apply + if: ${{ github.event_name != 'pull_request' }} + run: | + chmod +x ci/scripts/*.sh + python ci/scripts/execute-terraform.py --config ci/configs/pipeline-config.json --command apply --env ${{ env.work-environment }} diff --git a/.github/workflows/k8s-apps-release.yaml b/.github/workflows/k8s-apps-release.yaml new file mode 100644 index 0000000..ba7426b --- /dev/null +++ b/.github/workflows/k8s-apps-release.yaml @@ -0,0 +1,38 @@ +name: K8s_Apps +on: + workflow_dispatch: + pull_request: + branches: + - main + +env: + IMAGE_TAG: $(echo ${{ github.sha }} | cut -c1-4) + NODE_VERSION: 20.11.1 + +jobs: + deploy: + name: DeployApps + runs-on: ubuntu-latest + environment: Dev + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + # https://github.com/google-github-actions/auth + - name: Authenticate with Google Cloud + uses: 'google-github-actions/auth@v2' + with: + project_id: ${{ secrets.PROJECT_ID }} + workload_identity_provider: ${{ secrets.WORKLOAD_IDENTITYPROVIDER }} + # service_account: ${{ secrets.GKE_SA_KEY }} + + - name: Configure kubectl + uses: google-github-actions/setup-gcloud@v0 + with: + project_id: ${{ secrets.PROJECT_ID }} + service_account_key: ${{ secrets.GKE_SA_KEY }} + + - name: Deploy App w Database + run: | + kubectl apply -f manifests/cohere-app.yaml + kubectl apply -f manifests/postgress.yaml \ No newline at end of file diff --git a/manifests/cohere-app.yaml b/manifests/cohere-app.yaml new file mode 100644 index 0000000..cb1e02e --- /dev/null +++ b/manifests/cohere-app.yaml @@ -0,0 +1,51 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cohere-app +spec: + replicas: 3 + selector: + matchLabels: + app: cohere-app + template: + metadata: + labels: + app: cohere-app + spec: + imagePullSecrets: + - name: gcr-json-key # + containers: + - name: cohere-app-container + image: gcr.io/circular-genius-416217/cohere-app:v1 + ports: + - containerPort: 3000 +--- +apiVersion: v1 +kind: Service +metadata: + name: cohere-app-service +spec: + selector: + app: cohere-app + ports: + - protocol: TCP + port: 80 + targetPort: 3000 + type: LoadBalancer +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: cohere-app-ingress +spec: + ingressClassName: "nginx" + rules: + - http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: cohere-app-service + port: + number: 3000 \ No newline at end of file diff --git a/manifests/postgress.yaml b/manifests/postgress.yaml new file mode 100644 index 0000000..2755278 --- /dev/null +++ b/manifests/postgress.yaml @@ -0,0 +1,75 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: postgres-pv +spec: + capacity: + storage: 1Gi + accessModes: + - ReadWriteOnce + hostPath: + path: "/mnt/data" +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: postgres-pvc +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: postgres-statefulset +spec: + replicas: 1 + serviceName: "postgres" + selector: + matchLabels: + app: postgres + template: + metadata: + labels: + app: postgres + spec: + containers: + - name: postgres + image: postgres:latest + env: + - name: POSTGRES_USER + value: your_username + - name: POSTGRES_PASSWORD + value: your_password + - name: POSTGRES_DB + value: your_database + ports: + - containerPort: 5432 + name: postgres + volumeMounts: + - mountPath: "/var/lib/postgresql/data" + name: postgres-storage + volumeClaimTemplates: + - metadata: + name: postgres-storage + spec: + accessModes: [ "ReadWriteOnce" ] + resources: + requests: + storage: 1Gi +--- +apiVersion: v1 +kind: Service +metadata: + name: postgres-service +spec: + selector: + app: postgres + ports: + - protocol: TCP + port: 5432 + targetPort: 5432 + type: ClusterIP