old-portfolio/infra-hideyoshi.com
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #29 from HideyoshiNakazone/staging

Browse Source 
Staging - Final Implementation of Storage Service
This commit is contained in:
Vitor Hideyoshi
2023-08-23 19:01:46 -03:00
committed by GitHub
parent 76cf969d90 fa8db5cd93
commit 3183e6491e
9 changed files with 180 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
.github/workflows/deploy-prod.yml vendored
View File

@@ -40,6 +40,11 @@ jobs:
envkey_REDIS_PASSWORD: ${{ secrets.REDIS_PASSWORD}}
envkey_REFRESH_TOKEN_DURATION: ${{ secrets.REFRESH_TOKEN_DURATION}}
envkey_TOKEN_SECRET: ${{ secrets.TOKEN_SECRET}}
envkey_STORAGE_TYPE: ${{ secrets.STORAGE_TYPE }}
envkey_AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
envkey_AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
envkey_AWS_REGION_NAME: ${{ secrets.AWS_REGION_NAME }}
envkey_AWS_BUCKET_NAME: ${{ secrets.AWS_BUCKET_NAME }}
- name: Inserts Prod Enviromental Variables
run: |

6
.github/workflows/deploy-staging.yml vendored
View File

@@ -40,6 +40,12 @@ jobs:
envkey_REDIS_PASSWORD: ${{ secrets.REDIS_PASSWORD}}
envkey_REFRESH_TOKEN_DURATION: ${{ secrets.REFRESH_TOKEN_DURATION}}
envkey_TOKEN_SECRET: ${{ secrets.TOKEN_SECRET}}
envkey_STORAGE_URL: ${{ secrets.STORAGE_URL }}
envkey_STORAGE_TYPE: ${{ secrets.STORAGE_TYPE }}
envkey_AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
envkey_AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
envkey_AWS_REGION_NAME: ${{ secrets.AWS_REGION_NAME }}
envkey_AWS_BUCKET_NAME: ${{ secrets.AWS_BUCKET_NAME }}
- name: Inserts Prod Enviromental Variables
run: |

2
.gitignore vendored
View File

@@ -6,6 +6,8 @@
.vscode/
**/storage-secret.yaml
**/backend-secret.yaml
**/frontend-secret.yaml

13
deploy.sh
View File

@@ -23,6 +23,13 @@ function application_deploy() {
kubectl apply -f ./deployment/portfolio-namespace.yaml;
kubectl apply -f ./deployment/postgres/postgres-secret.yaml;
kubectl apply -f ./deployment/redis/redis-secret.yaml;
kubectl apply -f ./deployment/storage/storage-secret.yaml;
kubectl apply -f ./deployment/backend/backend-secret.yaml;
kubectl apply -f ./deployment/frontend/frontend-secret.yaml;
kubectl apply -f \
./deployment/cert-manager/cert-manager-certificate.yaml;
@@ -44,6 +51,12 @@ function application_deploy() {
deployment.apps/frontend-deployment \
-n portfolio;
kubectl apply -f ./deployment/storage;
kubectl wait --for=condition=available \
--timeout=600s \
deployment.apps/storage-deployment \
-n portfolio;
kubectl apply -f ./deployment/backend;
kubectl wait --for=condition=available \
--timeout=600s \

17
deployment/backend/backend.yaml
View File

@@ -16,7 +16,7 @@ spec:
containers:
- name: backend
image: yoshiunfriendly/backend-hideyoshi.com
imagePullPolicy: "Always"
imagePullPolicy: Always
ports:
- containerPort: 8070
env:
@@ -155,6 +155,21 @@ spec:
name: redis-secret
key: redis-password
- name: STORAGE_SERVICE_URL
valueFrom:
configMapKeyRef:
name: storage-config
key: storage_url
- name: STORAGE_SERVICE_PORT
valueFrom:
configMapKeyRef:
name: storage-config
key: storage_port
- name: STORAGE_SERVICE_PATH
value: "http://$(STORAGE_SERVICE_URL):$(STORAGE_SERVICE_PORT)"
---
apiVersion: v1
kind: Service

8
deployment/storage/storage-config.yaml Normal file
View File

@@ -0,0 +1,8 @@
apiVersion: v1
kind: ConfigMap
metadata:
namespace: portfolio
name: storage-config
data:
storage_url: storage-service
storage_port: "8000"

102
deployment/storage/storage.yaml Normal file
View File

@@ -0,0 +1,102 @@
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: portfolio
name: storage-deployment
spec:
replicas: 1
selector:
matchLabels:
app: storage
template:
metadata:
labels:
app: storage
spec:
containers:
- name: storage
image: yoshiunfriendly/storage-hideyoshi.com:latest
imagePullPolicy: "Always"
ports:
- containerPort: 8000
env:
- name: ALLOWED_ORIGINS
valueFrom:
secretKeyRef:
name: frontend-secret
key: backend_url
- name: EXPIRES_IN
valueFrom:
secretKeyRef:
name: backend-secret
key: access_token_duration
- name: SERVER_PORT
valueFrom:
configMapKeyRef:
name: storage-config
key: storage_port
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: redis-config
key: redis-url
- name: REDIS_PORT
valueFrom:
configMapKeyRef:
name: redis-config
key: redis-port
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: redis-secret
key: redis-password
- name: STORAGE_TYPE
valueFrom:
secretKeyRef:
name: storage-secret
key: storage_type
- name: AWS_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: storage-secret
key: aws_access_key_id
- name: AWS_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: storage-secret
key: aws_access_access_key
- name: AWS_REGION_NAME
valueFrom:
secretKeyRef:
name: storage-secret
key: aws_region_name
- name: AWS_BUCKET_NAME
valueFrom:
secretKeyRef:
name: storage-secret
key: aws_bucket_name
---
apiVersion: v1
kind: Service
metadata:
namespace: portfolio
name: storage-service
spec:
selector:
app: storage
ports:
- port: 8000
protocol: TCP
targetPort: 8000
type: ClusterIP

24
setup.py
View File

@@ -5,7 +5,6 @@ from pathlib import Path, PosixPath
import argparse
import os
ENV_VARIABLES = [
"FRONTEND_PATH",
"BACKEND_URL",
@@ -27,12 +26,19 @@ ENV_VARIABLES = [
"POSTGRES_PASSWORD",
"POSTGRES_DB",
"REDIS_PASSWORD",
"STORAGE_URL",
"STORAGE_TYPE",
"AWS_ACCESS_KEY_ID",
"AWS_SECRET_ACCESS_KEY",
"AWS_REGION_NAME",
"AWS_BUCKET_NAME",
]
FORCE_BASE64_FIELD = [
"OAUTH_GITHUB_CLIENT_ID",
"OAUTH_GITHUB_CLIENT_SECRET"
"OAUTH_GITHUB_CLIENT_SECRET",
"AWS_ACCESS_KEY_ID",
"AWS_SECRET_ACCESS_KEY",
]
@@ -59,11 +65,11 @@ def setting_environment(environment: str):
match environment:
case "staging":
DOMAIN="staging.hideyoshi.com.br"
API_DOMAIN="api.staging.hideyoshi.com.br"
DOMAIN = "staging.hideyoshi.com.br"
API_DOMAIN = "api.staging.hideyoshi.com.br"
case _:
DOMAIN="hideyoshi.com.br"
API_DOMAIN="api.hideyoshi.com.br"
DOMAIN = "hideyoshi.com.br"
API_DOMAIN = "api.hideyoshi.com.br"
os.environ["DOMAIN"] = DOMAIN
os.environ["API_DOMAIN"] = API_DOMAIN
@@ -91,8 +97,8 @@ def envsubst_file(file: PosixPath):
with open(file) as f:
formated_file = envsubst(f.read())
new_file = Path("deployment")\
.joinpath(*[part.split('.')[0] for part in file.parts if part != "template"])\
new_file = Path("deployment") \
.joinpath(*[part.split('.')[0] for part in file.parts if part != "template"]) \
.with_suffix(".yaml")
with open(new_file, 'w') as f:

12
template/storage/storage-secret.template.yaml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: v1
kind: Secret
metadata:
namespace: portfolio
name: storage-secret
type: Opaque
data:
storage_type: $STORAGE_TYPE
aws_access_key_id: $AWS_ACCESS_KEY_ID
aws_access_access_key: $AWS_SECRET_ACCESS_KEY
aws_region_name: $AWS_REGION_NAME
aws_bucket_name: $AWS_BUCKET_NAME