From 3ea8da2f257c26bfcb03e0a0d4004b091854ad2b Mon Sep 17 00:00:00 2001
From: Vitor Hideyoshi Nakazone Batista <vitor.h.n.batista@gmail.com>
Date: Mon, 12 Feb 2024 18:58:41 -0300
Subject: [PATCH 1/4] Adds Dependency Checking and Initial Implementation of
 Instalation via Helm

---
 deploy.sh | 47 +++++++++++++++++++++++++++++++++++++++--------
 1 file changed, 39 insertions(+), 8 deletions(-)

diff --git a/deploy.sh b/deploy.sh
index c3adefe..ef2911a 100755
--- a/deploy.sh
+++ b/deploy.sh
@@ -1,7 +1,26 @@
 #!/bin/bash
 
+
+function check_for_dependencies() {
+    if ! command -v kubectl &> /dev/null; then
+        echo "kubectl could not be found"
+        exit 1
+    fi
+    if ! command -v jq &> /dev/null; then
+        echo "jq could not be found"
+        exit 1
+    fi
+    if ! command -v helm &> /dev/null; then
+        echo "helm could not be found"
+        exit 1
+    fi
+}
+
 function configure_nginx_ingress() {
-    kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/controller-v1.9.0/deploy/static/provider/cloud/deploy.yaml
+    helm upgrade --install ingress-nginx ingress-nginx \
+        --repo https://kubernetes.github.io/ingress-nginx \
+        --namespace ingress-nginx --create-namespace
+
     kubectl wait --namespace ingress-nginx \
         --for=condition=ready pod \
         --selector=app.kubernetes.io/component=controller \
@@ -22,11 +41,20 @@ function application_deploy() {
 
     kubectl apply -f ./deployment/portfolio-namespace.yaml
 
-    kubectl create secret generic backend-secret -n portfolio --from-env-file <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" ./deployment/secrets/backendSecret.json)
-    kubectl create secret generic frontend-secret -n portfolio --from-env-file <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" ./deployment/secrets/frontendSecret.json)
-    kubectl create secret generic postgres-secret -n portfolio --from-env-file <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" ./deployment/secrets/postgresSecret.json)
-    kubectl create secret generic redis-secret -n portfolio --from-env-file <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" ./deployment/secrets/redisSecret.json)
-    kubectl create secret generic storage-secret -n portfolio --from-env-file <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" ./deployment/secrets/storageSecret.json)
+    kubectl create secret generic backend-secret -n portfolio \
+        --from-env-file <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" ./deployment/secrets/backendSecret.json);
+        
+    kubectl create secret generic frontend-secret -n portfolio \
+        --from-env-file <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" ./deployment/secrets/frontendSecret.json);
+        
+    kubectl create secret generic postgres-secret -n portfolio \
+        --from-env-file <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" ./deployment/secrets/postgresSecret.json);
+
+    kubectl create secret generic redis-secret -n portfolio \
+        --from-env-file <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" ./deployment/secrets/redisSecret.json);
+
+    kubectl create secret generic storage-secret -n portfolio \
+        --from-env-file <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" ./deployment/secrets/storageSecret.json);
 
     kubectl apply -f ./deployment/postgres
     kubectl wait --for=condition=available \
@@ -67,13 +95,15 @@ function application_deploy() {
 
 function main() {
 
+    check_for_dependencies
+
     if [[ $1 == "--local" || $1 == "-l" ]]; then
 
         function kubectl {
             minikube kubectl -- $@
         }
 
-        minikube start --driver kvm2 --cpus 3 --memory 3Gib
+        minikube start --driver kvm2 --cpus 4 --memory 3Gib
         minikube addons enable ingress-dns
         minikube addons enable ingress
 
@@ -81,7 +111,8 @@ function main() {
 
         configure_cert_manager
 
-        kubectl apply -f ./deployment/cert-manager/cert-manager-issuer-dev.yaml
+        kubectl apply -f \
+            ./deployment/cert-manager/cert-manager-issuer-dev.yaml
 
         kubectl apply -f \
             ./deployment/cert-manager/cert-manager-certificate.yaml

From 50086235b3d38d007b4fe414b68ae5558e48e5ba Mon Sep 17 00:00:00 2001
From: Vitor Hideyoshi Nakazone Batista <vitor.h.n.batista@gmail.com>
Date: Mon, 12 Feb 2024 20:53:22 -0300
Subject: [PATCH 2/4] Implements Cluster PostgreSQL

---
 deploy.sh                                 | 80 +++++++++++------------
 deployment/postgres/postgres-config.yaml  |  7 --
 deployment/postgres/postgres-storage.yaml | 31 ---------
 deployment/postgres/postgres.yaml         | 67 -------------------
 deployment/postgres/sgcluster.yaml        | 27 ++++++++
 5 files changed, 66 insertions(+), 146 deletions(-)
 delete mode 100644 deployment/postgres/postgres-config.yaml
 delete mode 100644 deployment/postgres/postgres-storage.yaml
 delete mode 100644 deployment/postgres/postgres.yaml
 create mode 100644 deployment/postgres/sgcluster.yaml

diff --git a/deploy.sh b/deploy.sh
index ef2911a..a223751 100755
--- a/deploy.sh
+++ b/deploy.sh
@@ -1,16 +1,15 @@
 #!/bin/bash
 
-
 function check_for_dependencies() {
-    if ! command -v kubectl &> /dev/null; then
+    if ! command -v kubectl &>/dev/null; then
         echo "kubectl could not be found"
         exit 1
     fi
-    if ! command -v jq &> /dev/null; then
+    if ! command -v jq &>/dev/null; then
         echo "jq could not be found"
         exit 1
     fi
-    if ! command -v helm &> /dev/null; then
+    if ! command -v helm &>/dev/null; then
         echo "helm could not be found"
         exit 1
     fi
@@ -28,39 +27,37 @@ function configure_nginx_ingress() {
 }
 
 function configure_cert_manager() {
-    kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.12.5/cert-manager.yaml
-    kubectl wait --for=condition=available \
-        --timeout=600s \
-        deployment.apps/cert-manager \
-        deployment.apps/cert-manager-cainjector \
-        deployment.apps/cert-manager-webhook \
-        -n cert-manager
+    helm repo add jetstack https://charts.jetstack.io --force-update
+    helm repo update
+    helm install cert-manager jetstack/cert-manager \
+        --namespace cert-manager \
+        --create-namespace \
+        --version v1.14.2
+}
+
+function configure_postgres() {
+    helm install --create-namespace \
+        --namespace portfolio stackgres-operator \
+        --set-string adminui.service.type=ClusterIP \
+        https://stackgres.io/downloads/stackgres-k8s/stackgres/latest/helm/stackgres-operator.tgz
+
+    kubectl wait deployment -l group=stackgres.io --for=condition=Available -n portfolio
+    kubectl apply -f ./deployment/postgres/sgcluster.yaml
 }
 
 function application_deploy() {
 
-    kubectl apply -f ./deployment/portfolio-namespace.yaml
-
     kubectl create secret generic backend-secret -n portfolio \
-        --from-env-file <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" ./deployment/secrets/backendSecret.json);
-        
+        --from-env-file <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" ./deployment/secrets/backendSecret.json)
+
     kubectl create secret generic frontend-secret -n portfolio \
-        --from-env-file <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" ./deployment/secrets/frontendSecret.json);
-        
-    kubectl create secret generic postgres-secret -n portfolio \
-        --from-env-file <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" ./deployment/secrets/postgresSecret.json);
+        --from-env-file <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" ./deployment/secrets/frontendSecret.json)
 
     kubectl create secret generic redis-secret -n portfolio \
-        --from-env-file <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" ./deployment/secrets/redisSecret.json);
+        --from-env-file <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" ./deployment/secrets/redisSecret.json)
 
     kubectl create secret generic storage-secret -n portfolio \
-        --from-env-file <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" ./deployment/secrets/storageSecret.json);
-
-    kubectl apply -f ./deployment/postgres
-    kubectl wait --for=condition=available \
-        --timeout=600s \
-        deployment.apps/postgres-deployment \
-        -n portfolio
+        --from-env-file <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" ./deployment/secrets/storageSecret.json)
 
     kubectl apply -f ./deployment/redis
     kubectl wait --for=condition=available \
@@ -107,9 +104,21 @@ function main() {
         minikube addons enable ingress-dns
         minikube addons enable ingress
 
-        application_deploy
+    else
 
-        configure_cert_manager
+        configure_nginx_ingress
+
+    fi
+
+    kubectl apply -f ./deployment/portfolio-namespace.yaml
+
+    configure_postgres
+
+    application_deploy
+
+    configure_cert_manager
+
+    if [[ $1 == "--local" || $1 == "-l" ]]; then
 
         kubectl apply -f \
             ./deployment/cert-manager/cert-manager-issuer-dev.yaml
@@ -118,22 +127,11 @@ function main() {
             ./deployment/cert-manager/cert-manager-certificate.yaml
 
         echo "http://$(/usr/bin/minikube ip)"
-
+        
     else
 
         configure_nginx_ingress
 
-        application_deploy
-
-        external_ip=""
-        while [ -z $external_ip ]; do
-            echo "Waiting for end point..."
-            external_ip=$(kubectl get svc --namespace=ingress-nginx ingress-nginx-controller --template="{{range .status.loadBalancer.ingress}}{{.ip}}{{end}}")
-            [ -z "$external_ip" ] && sleep 10
-        done
-
-        configure_cert_manager
-
         kubectl apply -f \
             ./deployment/cert-manager/cert-manager-issuer.yaml
 
diff --git a/deployment/postgres/postgres-config.yaml b/deployment/postgres/postgres-config.yaml
deleted file mode 100644
index 6f222a7..0000000
--- a/deployment/postgres/postgres-config.yaml
+++ /dev/null
@@ -1,7 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-    namespace: portfolio
-    name: postgres-config
-data:
-    postgres_url: postgres-service
\ No newline at end of file
diff --git a/deployment/postgres/postgres-storage.yaml b/deployment/postgres/postgres-storage.yaml
deleted file mode 100644
index 638ac3a..0000000
--- a/deployment/postgres/postgres-storage.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-kind: PersistentVolume
-apiVersion: v1
-metadata:
-    namespace: portfolio 
-    name: postgres-pv-volume
-    labels:
-        type: local
-        app: postgres
-spec:
-    storageClassName: manual
-    capacity:
-        storage: 5Gi
-    accessModes:
-        - ReadWriteMany
-    hostPath:
-        path: "/mnt/data"
----
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
-    namespace: portfolio 
-    name: postgres-pv-claim
-    labels:
-        app: postgres
-spec:
-    storageClassName: manual
-    accessModes:
-        - ReadWriteMany
-    resources:
-        requests:
-            storage: 5Gi
\ No newline at end of file
diff --git a/deployment/postgres/postgres.yaml b/deployment/postgres/postgres.yaml
deleted file mode 100644
index 29b5e3e..0000000
--- a/deployment/postgres/postgres.yaml
+++ /dev/null
@@ -1,67 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-    namespace: portfolio 
-    name: postgres-deployment
-spec:
-    replicas: 1
-    selector:
-        matchLabels:
-            app: postgres
-    template:
-        metadata:
-            labels:
-                app: postgres
-        spec:
-            containers:
-                - name: postgres
-                  image: postgres:14-bullseye
-                  imagePullPolicy: "IfNotPresent"
-                  resources:
-                    requests:
-                      memory: "256Mi"
-                      cpu: "250m"
-                    limits:
-                      memory: "512Mi"
-                      cpu: "250m"
-                  ports:
-                      - containerPort: 5432
-                  env:
-                      - name: POSTGRES_PASSWORD
-                        valueFrom:
-                            secretKeyRef:
-                                name: postgres-secret
-                                key: postgresPassword
-
-                      - name: POSTGRES_USER
-                        valueFrom:
-                            secretKeyRef:
-                                name: postgres-secret
-                                key: postgresUser
-
-                      - name: POSTGRES_DB
-                        valueFrom:
-                            secretKeyRef:
-                                name: postgres-secret
-                                key: postgresDatabase
-                  volumeMounts:
-                      - mountPath: /var/lib/postgresql/data
-                        name: postgredb
-            volumes:
-                - name: postgredb
-                  persistentVolumeClaim:
-                      claimName: postgres-pv-claim
----
-apiVersion: v1
-kind: Service
-metadata:
-    namespace: portfolio 
-    name: postgres-service
-spec:
-    selector:
-        app: postgres
-    ports:
-        - port: 5432
-          protocol: TCP
-          targetPort: 5432
-    type: ClusterIP
\ No newline at end of file
diff --git a/deployment/postgres/sgcluster.yaml b/deployment/postgres/sgcluster.yaml
new file mode 100644
index 0000000..576c420
--- /dev/null
+++ b/deployment/postgres/sgcluster.yaml
@@ -0,0 +1,27 @@
+apiVersion: stackgres.io/v1
+kind: SGInstanceProfile
+metadata:
+    namespace: portfolio
+    name: postgres-portfolio-profile
+spec:
+    cpu: "250m"
+    memory: "512Mi"
+    containers:
+        pg-main-container:
+            cpu: "250m"
+            memory: "512Mi" 
+
+---
+apiVersion: stackgres.io/v1
+kind: SGCluster
+metadata:
+    namespace: portfolio
+    name: postgres-cluster
+spec:
+    instances: 1
+    postgres:
+        version: "latest"
+    pods:
+        persistentVolume:
+            size: "5Gi"
+    sgInstanceProfile: postgres-portfolio-profile

From 887537ef7f82d2656200fd9f0c71b4ac3e25d8ee Mon Sep 17 00:00:00 2001
From: Vitor Hideyoshi Nakazone Batista <vitor.h.n.batista@gmail.com>
Date: Tue, 13 Feb 2024 16:39:33 -0300
Subject: [PATCH 3/4] Implements CloudNativePG

---
 deploy.sh                              | 29 +++++++++++++++----------
 deployment/backend/backend-config.yaml |  3 ++-
 deployment/backend/backend.yaml        | 30 +++++++++++++-------------
 deployment/postgres/cn-cluster.yaml    | 23 ++++++++++++++++++++
 deployment/postgres/sgcluster.yaml     | 27 -----------------------
 5 files changed, 58 insertions(+), 54 deletions(-)
 create mode 100644 deployment/postgres/cn-cluster.yaml
 delete mode 100644 deployment/postgres/sgcluster.yaml

diff --git a/deploy.sh b/deploy.sh
index a223751..a00f946 100755
--- a/deploy.sh
+++ b/deploy.sh
@@ -32,17 +32,26 @@ function configure_cert_manager() {
     helm install cert-manager jetstack/cert-manager \
         --namespace cert-manager \
         --create-namespace \
-        --version v1.14.2
+        --version v1.13.3
 }
 
 function configure_postgres() {
-    helm install --create-namespace \
-        --namespace portfolio stackgres-operator \
-        --set-string adminui.service.type=ClusterIP \
-        https://stackgres.io/downloads/stackgres-k8s/stackgres/latest/helm/stackgres-operator.tgz
+    helm repo add cnpg https://cloudnative-pg.github.io/charts
+    helm upgrade --install cnpg \
+        --namespace portfolio \
+        --create-namespace \
+        cnpg/cloudnative-pg
 
-    kubectl wait deployment -l group=stackgres.io --for=condition=Available -n portfolio
-    kubectl apply -f ./deployment/postgres/sgcluster.yaml
+    kubectl wait --for=condition=available \
+        --timeout=600s \
+        deployment.apps/cnpg-cloudnative-pg \
+        -n portfolio
+
+    kubectl apply -f ./deployment/postgres/cn-cluster.yaml
+    kubectl wait --for=condition=Ready \
+        --timeout=600s \
+        cluster/postgres-cn-cluster \
+        -n portfolio
 }
 
 function application_deploy() {
@@ -100,7 +109,7 @@ function main() {
             minikube kubectl -- $@
         }
 
-        minikube start --driver kvm2 --cpus 4 --memory 3Gib
+        minikube start --driver kvm2 --cpus 4 --memory 4Gib
         minikube addons enable ingress-dns
         minikube addons enable ingress
 
@@ -127,10 +136,8 @@ function main() {
             ./deployment/cert-manager/cert-manager-certificate.yaml
 
         echo "http://$(/usr/bin/minikube ip)"
-        
-    else
 
-        configure_nginx_ingress
+    else
 
         kubectl apply -f \
             ./deployment/cert-manager/cert-manager-issuer.yaml
diff --git a/deployment/backend/backend-config.yaml b/deployment/backend/backend-config.yaml
index ce0be2d..f8b54f6 100644
--- a/deployment/backend/backend-config.yaml
+++ b/deployment/backend/backend-config.yaml
@@ -5,4 +5,5 @@ metadata:
     name: backend-config
 data:
     backend_url: backend-service
-    backend_port: "8070"
\ No newline at end of file
+    backend_port: "8070"
+    backend_db_name: portfolio
\ No newline at end of file
diff --git a/deployment/backend/backend.yaml b/deployment/backend/backend.yaml
index e54b742..d1aa878 100644
--- a/deployment/backend/backend.yaml
+++ b/deployment/backend/backend.yaml
@@ -18,12 +18,12 @@ spec:
                   image: yoshiunfriendly/backend-hideyoshi.com
                   imagePullPolicy: Always
                   resources:
-                    requests:
-                      memory: "256Mi"
-                      cpu: "250m"
-                    limits:
-                      memory: "256Mi"
-                      cpu: "250m"
+                      requests:
+                          memory: "256Mi"
+                          cpu: "250m"
+                      limits:
+                          memory: "256Mi"
+                          cpu: "250m"
                   ports:
                       - containerPort: 8070
                   env:
@@ -119,15 +119,15 @@ spec:
 
                       - name: POSTGRES_URL
                         valueFrom:
-                            configMapKeyRef:
-                                name: postgres-config
-                                key: postgres_url
+                            secretKeyRef:
+                                name: postgres-cn-cluster-app
+                                key: host
 
                       - name: POSTGRES_DB
                         valueFrom:
                             secretKeyRef:
-                                name: postgres-secret
-                                key: postgresDatabase
+                                name: postgres-cn-cluster-app
+                                key: dbname
 
                       - name: DATABASE_URL
                         value: "postgresql://$(POSTGRES_URL):5432/$(POSTGRES_DB)"
@@ -135,14 +135,14 @@ spec:
                       - name: DATABASE_USERNAME
                         valueFrom:
                             secretKeyRef:
-                                name: postgres-secret
-                                key: postgresUser
+                                name: postgres-cn-cluster-app
+                                key: user
 
                       - name: DATABASE_PASSWORD
                         valueFrom:
                             secretKeyRef:
-                                name: postgres-secret
-                                key: postgresPassword
+                                name: postgres-cn-cluster-app
+                                key: password
 
                       - name: REDIS_URL
                         valueFrom:
diff --git a/deployment/postgres/cn-cluster.yaml b/deployment/postgres/cn-cluster.yaml
new file mode 100644
index 0000000..8480dab
--- /dev/null
+++ b/deployment/postgres/cn-cluster.yaml
@@ -0,0 +1,23 @@
+apiVersion: postgresql.cnpg.io/v1
+kind: Cluster
+metadata:
+    name: postgres-cn-cluster
+    namespace: portfolio
+spec:
+    instances: 3
+    primaryUpdateStrategy: unsupervised
+    imageName: ghcr.io/cloudnative-pg/postgresql:14.10-18
+
+    storage:
+        size: 5Gi
+
+    resources:
+        requests:
+            memory: "32Mi"
+            cpu: "50m"
+        limits:
+            memory: "128Mi"
+            cpu: "100m"
+
+    monitoring:
+        enablePodMonitor: true
diff --git a/deployment/postgres/sgcluster.yaml b/deployment/postgres/sgcluster.yaml
deleted file mode 100644
index 576c420..0000000
--- a/deployment/postgres/sgcluster.yaml
+++ /dev/null
@@ -1,27 +0,0 @@
-apiVersion: stackgres.io/v1
-kind: SGInstanceProfile
-metadata:
-    namespace: portfolio
-    name: postgres-portfolio-profile
-spec:
-    cpu: "250m"
-    memory: "512Mi"
-    containers:
-        pg-main-container:
-            cpu: "250m"
-            memory: "512Mi" 
-
----
-apiVersion: stackgres.io/v1
-kind: SGCluster
-metadata:
-    namespace: portfolio
-    name: postgres-cluster
-spec:
-    instances: 1
-    postgres:
-        version: "latest"
-    pods:
-        persistentVolume:
-            size: "5Gi"
-    sgInstanceProfile: postgres-portfolio-profile

From 72210c5e47257e1b4ef303e606b52144dea67188 Mon Sep 17 00:00:00 2001
From: Vitor Hideyoshi Nakazone Batista <vitor.h.n.batista@gmail.com>
Date: Tue, 13 Feb 2024 18:10:55 -0300
Subject: [PATCH 4/4] Minor Fixes

---
 deploy.sh                           | 3 ++-
 deployment/postgres/cn-cluster.yaml | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/deploy.sh b/deploy.sh
index a00f946..cd9215e 100755
--- a/deploy.sh
+++ b/deploy.sh
@@ -32,7 +32,8 @@ function configure_cert_manager() {
     helm install cert-manager jetstack/cert-manager \
         --namespace cert-manager \
         --create-namespace \
-        --version v1.13.3
+        --version v1.14.2 \
+        --set installCRDs=true
 }
 
 function configure_postgres() {
diff --git a/deployment/postgres/cn-cluster.yaml b/deployment/postgres/cn-cluster.yaml
index 8480dab..612ae76 100644
--- a/deployment/postgres/cn-cluster.yaml
+++ b/deployment/postgres/cn-cluster.yaml
@@ -17,7 +17,7 @@ spec:
             cpu: "50m"
         limits:
             memory: "128Mi"
-            cpu: "100m"
+            cpu: "75m"
 
     monitoring:
         enablePodMonitor: true