Implements Better Deployment System (#4) (#5)

* Initial Work of Better Deployment Script * Checks if .secret is Present on Test Setup * Implements Custom Routing per Profile * Rewriting Setup Tools - Adds Postgres and Redis * Rewriting Setup Tools - Adds Frontend * Rewriting Setup Tools - Adds Backend * Rewriting Setup Tools - Adds CertManager * Rewriting Setup Tools - Adds Frontend * Adds Nginx-Ingress and Fixes Staging Environment * Updates CertManager and Nginx-Ingress * Implements New Setup Process Initial Adjustments to CI/CD Adjusts CI/CD test * Adds CI/CD for Prod Environment
2023-07-10 06:14:42 -03:00
parent 7c928b3ace
commit 2b92706be0
31 changed files with 1407 additions and 1037 deletions
--- a/template/backend/backend-secret.template.yaml
+++ b/template/backend/backend-secret.template.yaml
@@ -0,0 +1,20 @@
+apiVersion: v1
+kind: Secret
+metadata:
+    namespace: portfolio
+    name: backend-secret
+type: Opaque
+data:
+    token_secret: $TOKEN_SECRET
+    access_token_duration: $ACCESS_TOKEN_DURATION
+    refresh_token_duration: $REFRESH_TOKEN_DURATION
+    default_user_fullname: $DEFAULT_USER_FULLNAME
+    default_user_email: $DEFAULT_USER_EMAIL
+    default_user_username: $DEFAULT_USER_USERNAME
+    default_user_password: $DEFAULT_USER_PASSWORD
+    google_client_id: $GOOGLE_CLIENT_ID
+    google_client_secret: $GOOGLE_CLIENT_SECRET
+    google_redirect_url: $GOOGLE_REDIRECT_URL
+    github_client_id: $OAUTH_GITHUB_CLIENT_ID
+    github_client_secret: $OAUTH_GITHUB_CLIENT_SECRET
+    github_redirect_url: $OAUTH_GITHUB_REDIRECT_URL
--- a/template/cert-manager/cert-manager-certificate.template.yaml
+++ b/template/cert-manager/cert-manager-certificate.template.yaml
@@ -0,0 +1,16 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+    name: letsencrypt-cluster-certificate
+    namespace: portfolio
+spec:
+    dnsNames:
+        - ${DOMAIN}
+        - ${API_DOMAIN}
+    secretName: letsencrypt-cluster-certificate-tls
+    issuerRef:
+        name: cluster-certificate-issuer
+        kind: ClusterIssuer
+    subject:
+        organizations:
+            - Hideyoshi
--- a/template/frontend/frontend-secret.template.yaml
+++ b/template/frontend/frontend-secret.template.yaml
@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: Secret
+metadata:
+    namespace: portfolio
+    name: frontend-secret
+type: Opaque
+data:
+    frontend_path: $FRONTEND_PATH
+    backend_url: $BACKEND_URL
+    backend_oauth_url: $BACKEND_OAUTH_URL
--- a/template/nginx-ingress/nginx-ingress-api.yaml
+++ b/template/nginx-ingress/nginx-ingress-api.yaml
@@ -0,0 +1,34 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  namespace: portfolio
+  name: nginx-ingress-api
+  annotations:
+    kubernetes.io/ingress.class: nginx
+    nginx.ingress.kubernetes.io/use-regex: "true"
+    nginx.ingress.kubernetes.io/rewrite-target: /$2
+spec:
+  tls:
+    - hosts:
+        - ${API_DOMAIN}
+      secretName: letsencrypt-cluster-certificate-tls
+  rules:
+    - host: ${DOMAIN}
+      http:
+        paths:
+          - path: /api(/|$)(.*)
+            pathType: Prefix
+            backend:
+              service:
+                name: backend-service
+                port:
+                  number: 8070
+    - http:
+        paths:
+          - path: /api(/|$)(.*)
+            pathType: Prefix
+            backend:
+              service:
+                name: backend-service
+                port:
+                  number: 8070
--- a/template/nginx-ingress/nginx-ingress-root.yaml
+++ b/template/nginx-ingress/nginx-ingress-root.yaml
@@ -0,0 +1,45 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  namespace: portfolio
+  name: nginx-ingress
+  annotations:
+    kubernetes.io/ingress.class: nginx
+    nginx.ingress.kubernetes.io/use-regex: "true"
+    nginx.ingress.kubernetes.io/rewrite-target: /
+spec:
+  tls:
+    - hosts:
+        - ${DOMAIN}
+        - ${API_DOMAIN}
+      secretName: letsencrypt-cluster-certificate-tls
+  rules:
+    - host: ${DOMAIN}
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: frontend-service
+                port:
+                  number: 5000
+    - host: ${API_DOMAIN}
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: backend-service
+                port:
+                  number: 8070
+    - http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: frontend-service
+                port:
+                  number: 5000
--- a/template/postgres/postgres-secret.template.yaml
+++ b/template/postgres/postgres-secret.template.yaml
@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: Secret
+metadata:
+    namespace: portfolio
+    name: postgres-secret
+type: Opaque
+data:
+    POSTGRES_USER: $POSTGRES_USER
+    POSTGRES_PASSWORD: $POSTGRES_PASSWORD
+    POSTGRES_DB: $POSTGRES_DB
--- a/template/redis/redis-secret.template.yaml
+++ b/template/redis/redis-secret.template.yaml
@@ -0,0 +1,8 @@
+apiVersion: v1
+kind: Secret
+metadata:
+    namespace: portfolio
+    name: redis-secret
+type: Opaque
+data:
+    redis-password: $REDIS_PASSWORD