old-portfolio/infra-hideyoshi.com
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #29 from HideyoshiNakazone/staging

Browse Source 
Staging - Final Implementation of Storage Service
This commit is contained in:
Vitor Hideyoshi
2023-08-23 19:01:46 -03:00
committed by GitHub
parent 76cf969d90 fa8db5cd93
commit 3183e6491e
9 changed files with 180 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
.github/workflows/deploy-prod.yml vendored
View File

@@ -40,6 +40,11 @@ jobs:
envkey_REDIS_PASSWORD: ${{ secrets.REDIS_PASSWORD}} envkey_REDIS_PASSWORD: ${{ secrets.REDIS_PASSWORD}}
envkey_REFRESH_TOKEN_DURATION: ${{ secrets.REFRESH_TOKEN_DURATION}} envkey_REFRESH_TOKEN_DURATION: ${{ secrets.REFRESH_TOKEN_DURATION}}
envkey_TOKEN_SECRET: ${{ secrets.TOKEN_SECRET}} envkey_TOKEN_SECRET: ${{ secrets.TOKEN_SECRET}}
envkey_STORAGE_TYPE: ${{ secrets.STORAGE_TYPE }}
envkey_AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
envkey_AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
envkey_AWS_REGION_NAME: ${{ secrets.AWS_REGION_NAME }}
envkey_AWS_BUCKET_NAME: ${{ secrets.AWS_BUCKET_NAME }}
- name: Inserts Prod Enviromental Variables - name: Inserts Prod Enviromental Variables
run: | run: |

6
.github/workflows/deploy-staging.yml vendored
View File

@@ -40,6 +40,12 @@ jobs:
envkey_REDIS_PASSWORD: ${{ secrets.REDIS_PASSWORD}} envkey_REDIS_PASSWORD: ${{ secrets.REDIS_PASSWORD}}
envkey_REFRESH_TOKEN_DURATION: ${{ secrets.REFRESH_TOKEN_DURATION}} envkey_REFRESH_TOKEN_DURATION: ${{ secrets.REFRESH_TOKEN_DURATION}}
envkey_TOKEN_SECRET: ${{ secrets.TOKEN_SECRET}} envkey_TOKEN_SECRET: ${{ secrets.TOKEN_SECRET}}
envkey_STORAGE_URL: ${{ secrets.STORAGE_URL }}
envkey_STORAGE_TYPE: ${{ secrets.STORAGE_TYPE }}
envkey_AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
envkey_AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
envkey_AWS_REGION_NAME: ${{ secrets.AWS_REGION_NAME }}
envkey_AWS_BUCKET_NAME: ${{ secrets.AWS_BUCKET_NAME }}
- name: Inserts Prod Enviromental Variables - name: Inserts Prod Enviromental Variables
run: | run: |

2
.gitignore vendored
View File

@@ -6,6 +6,8 @@
.vscode/ .vscode/
**/storage-secret.yaml
**/backend-secret.yaml **/backend-secret.yaml
**/frontend-secret.yaml **/frontend-secret.yaml

13
deploy.sh
View File

@@ -23,6 +23,13 @@ function application_deploy() {
kubectl apply -f ./deployment/portfolio-namespace.yaml; kubectl apply -f ./deployment/portfolio-namespace.yaml;
kubectl apply -f ./deployment/postgres/postgres-secret.yaml;
kubectl apply -f ./deployment/redis/redis-secret.yaml;
kubectl apply -f ./deployment/storage/storage-secret.yaml;
kubectl apply -f ./deployment/backend/backend-secret.yaml;
kubectl apply -f ./deployment/frontend/frontend-secret.yaml;
kubectl apply -f \ kubectl apply -f \
./deployment/cert-manager/cert-manager-certificate.yaml; ./deployment/cert-manager/cert-manager-certificate.yaml;
@@ -44,6 +51,12 @@ function application_deploy() {
deployment.apps/frontend-deployment \ deployment.apps/frontend-deployment \
-n portfolio; -n portfolio;
kubectl apply -f ./deployment/storage;
kubectl wait --for=condition=available \
--timeout=600s \
deployment.apps/storage-deployment \
-n portfolio;
kubectl apply -f ./deployment/backend; kubectl apply -f ./deployment/backend;
kubectl wait --for=condition=available \ kubectl wait --for=condition=available \
--timeout=600s \ --timeout=600s \

17
deployment/backend/backend.yaml
View File

@@ -16,7 +16,7 @@ spec:
containers: containers:
- name: backend - name: backend
image: yoshiunfriendly/backend-hideyoshi.com image: yoshiunfriendly/backend-hideyoshi.com
imagePullPolicy: "Always" imagePullPolicy: Always
ports: ports:
- containerPort: 8070 - containerPort: 8070
env: env:
@@ -155,6 +155,21 @@ spec:
name: redis-secret name: redis-secret
key: redis-password key: redis-password
- name: STORAGE_SERVICE_URL
valueFrom:
configMapKeyRef:
name: storage-config
key: storage_url
- name: STORAGE_SERVICE_PORT
valueFrom:
configMapKeyRef:
name: storage-config
key: storage_port
- name: STORAGE_SERVICE_PATH
value: "http://$(STORAGE_SERVICE_URL):$(STORAGE_SERVICE_PORT)"
--- ---
apiVersion: v1 apiVersion: v1
kind: Service kind: Service

8
deployment/storage/storage-config.yaml Normal file
View File

@@ -0,0 +1,8 @@
apiVersion: v1
kind: ConfigMap
metadata:
namespace: portfolio
name: storage-config
data:
storage_url: storage-service
storage_port: "8000"

102
deployment/storage/storage.yaml Normal file
View File

@@ -0,0 +1,102 @@
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: portfolio
name: storage-deployment
spec:
replicas: 1
selector:
matchLabels:
app: storage
template:
metadata:
labels:
app: storage
spec:
containers:
- name: storage
image: yoshiunfriendly/storage-hideyoshi.com:latest
imagePullPolicy: "Always"
ports:
- containerPort: 8000
env:
- name: ALLOWED_ORIGINS
valueFrom:
secretKeyRef:
name: frontend-secret
key: backend_url
- name: EXPIRES_IN
valueFrom:
secretKeyRef:
name: backend-secret
key: access_token_duration
- name: SERVER_PORT
valueFrom:
configMapKeyRef:
name: storage-config
key: storage_port
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: redis-config
key: redis-url
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: redis-config
key: redis-port
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secret
key: redis-password
- name: STORAGE_TYPE
valueFrom:
secretKeyRef:
name: storage-secret
key: storage_type
- name: AWS_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: storage-secret
key: aws_access_key_id
- name: AWS_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: storage-secret
key: aws_access_access_key
- name: AWS_REGION_NAME
valueFrom:
secretKeyRef:
name: storage-secret
key: aws_region_name
- name: AWS_BUCKET_NAME
valueFrom:
secretKeyRef:
name: storage-secret
key: aws_bucket_name
---
apiVersion: v1
kind: Service
metadata:
namespace: portfolio
name: storage-service
spec:
selector:
app: storage
ports:
- port: 8000
protocol: TCP
targetPort: 8000
type: ClusterIP

12
setup.py
View File

@@ -5,7 +5,6 @@ from pathlib import Path, PosixPath
import argparse import argparse
import os import os
ENV_VARIABLES = [ ENV_VARIABLES = [
"FRONTEND_PATH", "FRONTEND_PATH",
"BACKEND_URL", "BACKEND_URL",
@@ -27,12 +26,19 @@ ENV_VARIABLES = [
"POSTGRES_PASSWORD", "POSTGRES_PASSWORD",
"POSTGRES_DB", "POSTGRES_DB",
"REDIS_PASSWORD", "REDIS_PASSWORD",
"STORAGE_URL",
"STORAGE_TYPE",
"AWS_ACCESS_KEY_ID",
"AWS_SECRET_ACCESS_KEY",
"AWS_REGION_NAME",
"AWS_BUCKET_NAME",
] ]
FORCE_BASE64_FIELD = [ FORCE_BASE64_FIELD = [
"OAUTH_GITHUB_CLIENT_ID", "OAUTH_GITHUB_CLIENT_ID",
"OAUTH_GITHUB_CLIENT_SECRET" "OAUTH_GITHUB_CLIENT_SECRET",
"AWS_ACCESS_KEY_ID",
"AWS_SECRET_ACCESS_KEY",
] ]

12
template/storage/storage-secret.template.yaml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: v1
kind: Secret
metadata:
namespace: portfolio
name: storage-secret
type: Opaque
data:
storage_type: $STORAGE_TYPE
aws_access_key_id: $AWS_ACCESS_KEY_ID
aws_access_access_key: $AWS_SECRET_ACCESS_KEY
aws_region_name: $AWS_REGION_NAME
aws_bucket_name: $AWS_BUCKET_NAME