diff --git a/.github/workflows/deploy-prod.yml b/.github/workflows/deploy-prod.yml index fc71348..848c6e3 100644 --- a/.github/workflows/deploy-prod.yml +++ b/.github/workflows/deploy-prod.yml @@ -40,6 +40,11 @@ jobs: envkey_REDIS_PASSWORD: ${{ secrets.REDIS_PASSWORD}} envkey_REFRESH_TOKEN_DURATION: ${{ secrets.REFRESH_TOKEN_DURATION}} envkey_TOKEN_SECRET: ${{ secrets.TOKEN_SECRET}} + envkey_STORAGE_TYPE: ${{ secrets.STORAGE_TYPE }} + envkey_AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + envkey_AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + envkey_AWS_REGION_NAME: ${{ secrets.AWS_REGION_NAME }} + envkey_AWS_BUCKET_NAME: ${{ secrets.AWS_BUCKET_NAME }} - name: Inserts Prod Enviromental Variables run: | diff --git a/.github/workflows/deploy-staging.yml b/.github/workflows/deploy-staging.yml index 970347b..c0d2b3c 100644 --- a/.github/workflows/deploy-staging.yml +++ b/.github/workflows/deploy-staging.yml @@ -40,6 +40,12 @@ jobs: envkey_REDIS_PASSWORD: ${{ secrets.REDIS_PASSWORD}} envkey_REFRESH_TOKEN_DURATION: ${{ secrets.REFRESH_TOKEN_DURATION}} envkey_TOKEN_SECRET: ${{ secrets.TOKEN_SECRET}} + envkey_STORAGE_URL: ${{ secrets.STORAGE_URL }} + envkey_STORAGE_TYPE: ${{ secrets.STORAGE_TYPE }} + envkey_AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + envkey_AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + envkey_AWS_REGION_NAME: ${{ secrets.AWS_REGION_NAME }} + envkey_AWS_BUCKET_NAME: ${{ secrets.AWS_BUCKET_NAME }} - name: Inserts Prod Enviromental Variables run: | diff --git a/.gitignore b/.gitignore index 8e8cad2..0b4e79b 100644 --- a/.gitignore +++ b/.gitignore @@ -6,6 +6,8 @@ .vscode/ +**/storage-secret.yaml + **/backend-secret.yaml **/frontend-secret.yaml diff --git a/deploy.sh b/deploy.sh index 30be59f..786940a 100755 --- a/deploy.sh +++ b/deploy.sh @@ -23,6 +23,13 @@ function application_deploy() { kubectl apply -f ./deployment/portfolio-namespace.yaml; + + kubectl apply -f ./deployment/postgres/postgres-secret.yaml; + kubectl apply -f ./deployment/redis/redis-secret.yaml; + kubectl apply -f ./deployment/storage/storage-secret.yaml; + kubectl apply -f ./deployment/backend/backend-secret.yaml; + kubectl apply -f ./deployment/frontend/frontend-secret.yaml; + kubectl apply -f \ ./deployment/cert-manager/cert-manager-certificate.yaml; @@ -44,6 +51,12 @@ function application_deploy() { deployment.apps/frontend-deployment \ -n portfolio; + kubectl apply -f ./deployment/storage; + kubectl wait --for=condition=available \ + --timeout=600s \ + deployment.apps/storage-deployment \ + -n portfolio; + kubectl apply -f ./deployment/backend; kubectl wait --for=condition=available \ --timeout=600s \ diff --git a/deployment/backend/backend.yaml b/deployment/backend/backend.yaml index edfedf9..7f4662a 100644 --- a/deployment/backend/backend.yaml +++ b/deployment/backend/backend.yaml @@ -16,7 +16,7 @@ spec: containers: - name: backend image: yoshiunfriendly/backend-hideyoshi.com - imagePullPolicy: "Always" + imagePullPolicy: Always ports: - containerPort: 8070 env: @@ -155,6 +155,21 @@ spec: name: redis-secret key: redis-password + - name: STORAGE_SERVICE_URL + valueFrom: + configMapKeyRef: + name: storage-config + key: storage_url + + - name: STORAGE_SERVICE_PORT + valueFrom: + configMapKeyRef: + name: storage-config + key: storage_port + + - name: STORAGE_SERVICE_PATH + value: "http://$(STORAGE_SERVICE_URL):$(STORAGE_SERVICE_PORT)" + --- apiVersion: v1 kind: Service diff --git a/deployment/storage/storage-config.yaml b/deployment/storage/storage-config.yaml new file mode 100644 index 0000000..229d64e --- /dev/null +++ b/deployment/storage/storage-config.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + namespace: portfolio + name: storage-config +data: + storage_url: storage-service + storage_port: "8000" \ No newline at end of file diff --git a/deployment/storage/storage.yaml b/deployment/storage/storage.yaml new file mode 100644 index 0000000..10ff8ed --- /dev/null +++ b/deployment/storage/storage.yaml @@ -0,0 +1,102 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + namespace: portfolio + name: storage-deployment +spec: + replicas: 1 + selector: + matchLabels: + app: storage + template: + metadata: + labels: + app: storage + spec: + containers: + - name: storage + image: yoshiunfriendly/storage-hideyoshi.com:latest + imagePullPolicy: "Always" + ports: + - containerPort: 8000 + env: + - name: ALLOWED_ORIGINS + valueFrom: + secretKeyRef: + name: frontend-secret + key: backend_url + + - name: EXPIRES_IN + valueFrom: + secretKeyRef: + name: backend-secret + key: access_token_duration + + - name: SERVER_PORT + valueFrom: + configMapKeyRef: + name: storage-config + key: storage_port + + - name: REDIS_HOST + valueFrom: + configMapKeyRef: + name: redis-config + key: redis-url + + - name: REDIS_PORT + valueFrom: + configMapKeyRef: + name: redis-config + key: redis-port + + - name: REDIS_PASSWORD + valueFrom: + secretKeyRef: + name: redis-secret + key: redis-password + + - name: STORAGE_TYPE + valueFrom: + secretKeyRef: + name: storage-secret + key: storage_type + + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + name: storage-secret + key: aws_access_key_id + + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + name: storage-secret + key: aws_access_access_key + + - name: AWS_REGION_NAME + valueFrom: + secretKeyRef: + name: storage-secret + key: aws_region_name + + - name: AWS_BUCKET_NAME + valueFrom: + secretKeyRef: + name: storage-secret + key: aws_bucket_name + +--- +apiVersion: v1 +kind: Service +metadata: + namespace: portfolio + name: storage-service +spec: + selector: + app: storage + ports: + - port: 8000 + protocol: TCP + targetPort: 8000 + type: ClusterIP diff --git a/setup.py b/setup.py index c023d54..02676e5 100644 --- a/setup.py +++ b/setup.py @@ -5,7 +5,6 @@ from pathlib import Path, PosixPath import argparse import os - ENV_VARIABLES = [ "FRONTEND_PATH", "BACKEND_URL", @@ -27,12 +26,19 @@ ENV_VARIABLES = [ "POSTGRES_PASSWORD", "POSTGRES_DB", "REDIS_PASSWORD", + "STORAGE_URL", + "STORAGE_TYPE", + "AWS_ACCESS_KEY_ID", + "AWS_SECRET_ACCESS_KEY", + "AWS_REGION_NAME", + "AWS_BUCKET_NAME", ] - FORCE_BASE64_FIELD = [ "OAUTH_GITHUB_CLIENT_ID", - "OAUTH_GITHUB_CLIENT_SECRET" + "OAUTH_GITHUB_CLIENT_SECRET", + "AWS_ACCESS_KEY_ID", + "AWS_SECRET_ACCESS_KEY", ] @@ -59,11 +65,11 @@ def setting_environment(environment: str): match environment: case "staging": - DOMAIN="staging.hideyoshi.com.br" - API_DOMAIN="api.staging.hideyoshi.com.br" + DOMAIN = "staging.hideyoshi.com.br" + API_DOMAIN = "api.staging.hideyoshi.com.br" case _: - DOMAIN="hideyoshi.com.br" - API_DOMAIN="api.hideyoshi.com.br" + DOMAIN = "hideyoshi.com.br" + API_DOMAIN = "api.hideyoshi.com.br" os.environ["DOMAIN"] = DOMAIN os.environ["API_DOMAIN"] = API_DOMAIN @@ -91,8 +97,8 @@ def envsubst_file(file: PosixPath): with open(file) as f: formated_file = envsubst(f.read()) - new_file = Path("deployment")\ - .joinpath(*[part.split('.')[0] for part in file.parts if part != "template"])\ + new_file = Path("deployment") \ + .joinpath(*[part.split('.')[0] for part in file.parts if part != "template"]) \ .with_suffix(".yaml") with open(new_file, 'w') as f: @@ -132,4 +138,4 @@ if __name__ == "__main__": args = parser.parse_args() - main(**vars(args)) \ No newline at end of file + main(**vars(args)) diff --git a/template/storage/storage-secret.template.yaml b/template/storage/storage-secret.template.yaml new file mode 100644 index 0000000..4da3faf --- /dev/null +++ b/template/storage/storage-secret.template.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Secret +metadata: + namespace: portfolio + name: storage-secret +type: Opaque +data: + storage_type: $STORAGE_TYPE + aws_access_key_id: $AWS_ACCESS_KEY_ID + aws_access_access_key: $AWS_SECRET_ACCESS_KEY + aws_region_name: $AWS_REGION_NAME + aws_bucket_name: $AWS_BUCKET_NAME \ No newline at end of file