From ea4988788cb15e9d3a907cb376ddf9183b111ad4 Mon Sep 17 00:00:00 2001
From: Egbewatt Kokou Mwangah Smith <ksupro1@gmail.com>
Date: Tue, 5 Mar 2024 07:33:18 -0700
Subject: [PATCH] all pipelines and manifests

---
 .github/workflows/code-build2release.yaml |  2 +-
 .github/workflows/infra-release.yaml      | 57 +++++++++++++++++
 .github/workflows/k8s-apps-release.yaml   | 41 +++++++++++++
 manifests/cohere-app.yaml                 | 51 +++++++++++++++
 manifests/postgress.yaml                  | 75 +++++++++++++++++++++++
 5 files changed, 225 insertions(+), 1 deletion(-)
 create mode 100644 .github/workflows/infra-release.yaml
 create mode 100644 .github/workflows/k8s-apps-release.yaml
 create mode 100644 manifests/cohere-app.yaml
 create mode 100644 manifests/postgress.yaml

diff --git a/.github/workflows/code-build2release.yaml b/.github/workflows/code-build2release.yaml
index 023a7c3..ad46f3d 100644
--- a/.github/workflows/code-build2release.yaml
+++ b/.github/workflows/code-build2release.yaml
@@ -51,7 +51,7 @@ jobs:
               with:
                 project_id: ${{ secrets.PROJECT_ID }}
                 workload_identity_provider: ${{ secrets.WORKLOAD_IDENTITYPROVIDER }}
-                service_account:  ${{ secrets.GKE_SA_KEY }}
+                # service_account:  ${{ secrets.GKE_SA_KEY }}
         
             - name: Configure kubectl
               uses: google-github-actions/setup-gcloud@v0
diff --git a/.github/workflows/infra-release.yaml b/.github/workflows/infra-release.yaml
new file mode 100644
index 0000000..5a89bbe
--- /dev/null
+++ b/.github/workflows/infra-release.yaml
@@ -0,0 +1,57 @@
+name: Terraform Release Workflow
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+
+env:
+  AWS_REGION: us-east-2
+
+jobs:
+  terraform-release:
+    name: "Terraform Release"
+    strategy:
+      matrix:
+        environment: [DEV]
+    runs-on: ubuntu-latest
+    env:
+      work-environment: $(echo "${{ matrix.environment }}" | tr '[:upper:]' '[:lower:]')
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Install Terraform
+        env:
+          TERRAFORM_VERSION: "1.1.9"
+        run: |
+          tf_version=$TERRAFORM_VERSION
+          wget https://releases.hashicorp.com/terraform/"$tf_version"/terraform_"$tf_version"_linux_amd64.zip
+          unzip terraform_"$tf_version"_linux_amd64.zip
+          sudo mv terraform /usr/local/bin/
+      - name: Verify Terraform version
+        run: terraform --version
+        
+      - name: Authenticate with Google Cloud
+        uses: google-github-actions/auth@v0
+        with:
+          service_account_key: ${{ secrets.GKE_SA_KEY }}
+          project_id: <your-project-id>
+
+      - name: Configure kubectl
+        uses: google-github-actions/setup-gcloud@v0
+        with:
+          project_id: <your-project-id>
+          service_account_key: ${{ secrets.GKE_SA_KEY }}
+        export_default_credentials: true
+
+      - name: Terraform Plan
+        if: ${{ github.event_name == 'pull_request' }}
+        run: |
+          chmod +x ci/scripts/*.sh
+          python ci/scripts/execute-terraform.py  --config ci/configs/pipeline-config.json --command plan --env ${{ env.work-environment }}
+
+      - name: Terraform Apply
+        if: ${{ github.event_name != 'pull_request' }}
+        run: |
+          chmod +x ci/scripts/*.sh
+          python ci/scripts/execute-terraform.py  --config ci/configs/pipeline-config.json --command apply --env ${{ env.work-environment }}
diff --git a/.github/workflows/k8s-apps-release.yaml b/.github/workflows/k8s-apps-release.yaml
new file mode 100644
index 0000000..9a3f5f5
--- /dev/null
+++ b/.github/workflows/k8s-apps-release.yaml
@@ -0,0 +1,41 @@
+name: Build_Push_App
+on:
+  workflow_dispatch:
+  pull_request:
+    branches:
+      - main
+
+env:
+  IMAGE_TAG: $(echo ${{ github.sha }} | cut -c1-4)
+  NODE_VERSION: 20.11.1
+
+jobs:
+    images:
+        name: ImageBuild
+        runs-on: ubuntu-latest
+        environment: Dev
+        steps:
+            - name: Checkout repository
+              uses: actions/checkout@v4
+        
+            #   https://github.com/google-github-actions/auth
+            - name: Authenticate with Google Cloud
+              uses: 'google-github-actions/auth@v2'
+              with:
+                project_id: ${{ secrets.PROJECT_ID }}
+                workload_identity_provider: ${{ secrets.WORKLOAD_IDENTITYPROVIDER }}
+                # service_account:  ${{ secrets.GKE_SA_KEY }}
+        
+            - name: Configure kubectl
+              uses: google-github-actions/setup-gcloud@v0
+              with:
+                project_id: ${{ secrets.PROJECT_ID }}
+                service_account_key: ${{ secrets.GKE_SA_KEY }}
+                export_default_credentials: true
+    
+            - name: Build and Push Image
+              run: |
+                chmod +x ci/scripts/build-and-push-app.sh
+                python3 ci/scripts/build-and-push-all.py --config "ci/configs/pipeline-config.json" --gitsha ${{ env.IMAGE_TAG }} --registry gcr.io/${{ secrets.PROJECT_ID }}
+              env:
+                PROJECT_ID:  ${{ secrets.PROJECT_ID }}
\ No newline at end of file
diff --git a/manifests/cohere-app.yaml b/manifests/cohere-app.yaml
new file mode 100644
index 0000000..cb1e02e
--- /dev/null
+++ b/manifests/cohere-app.yaml
@@ -0,0 +1,51 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: cohere-app
+spec:
+  replicas: 3
+  selector:
+    matchLabels:
+      app: cohere-app
+  template:
+    metadata:
+      labels:
+        app: cohere-app
+    spec:
+      imagePullSecrets:
+        - name: gcr-json-key #
+      containers:
+        - name: cohere-app-container
+          image: gcr.io/circular-genius-416217/cohere-app:v1
+          ports:
+            - containerPort: 3000
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: cohere-app-service
+spec:
+  selector:
+    app: cohere-app
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 3000
+  type: LoadBalancer
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: cohere-app-ingress
+spec:
+  ingressClassName: "nginx"
+  rules:
+    - http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: cohere-app-service
+                port:
+                  number: 3000
\ No newline at end of file
diff --git a/manifests/postgress.yaml b/manifests/postgress.yaml
new file mode 100644
index 0000000..2755278
--- /dev/null
+++ b/manifests/postgress.yaml
@@ -0,0 +1,75 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: postgres-pv
+spec:
+  capacity:
+    storage: 1Gi
+  accessModes:
+    - ReadWriteOnce
+  hostPath:
+    path: "/mnt/data"
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: postgres-pvc
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 1Gi
+---
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: postgres-statefulset
+spec:
+  replicas: 1
+  serviceName: "postgres"
+  selector:
+    matchLabels:
+      app: postgres
+  template:
+    metadata:
+      labels:
+        app: postgres
+    spec:
+      containers:
+        - name: postgres
+          image: postgres:latest
+          env:
+            - name: POSTGRES_USER
+              value: your_username
+            - name: POSTGRES_PASSWORD
+              value: your_password
+            - name: POSTGRES_DB
+              value: your_database
+          ports:
+            - containerPort: 5432
+              name: postgres
+          volumeMounts:
+            - mountPath: "/var/lib/postgresql/data"
+              name: postgres-storage
+  volumeClaimTemplates:
+    - metadata:
+        name: postgres-storage
+      spec:
+        accessModes: [ "ReadWriteOnce" ]
+        resources:
+          requests:
+            storage: 1Gi
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: postgres-service
+spec:
+  selector:
+    app: postgres
+  ports:
+    - protocol: TCP
+      port: 5432
+      targetPort: 5432
+  type: ClusterIP