-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
033f689
commit 8218139
Showing
27 changed files
with
503 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
apiVersion: v1 | ||
kind: Service | ||
metadata: | ||
labels: | ||
app: fulcimen | ||
name: web | ||
spec: | ||
selector: | ||
app: fulcimen | ||
ports: | ||
- port: 80 | ||
targetPort: 3000 | ||
type: LoadBalancer |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
apiVersion: apps/v1 | ||
kind: Deployment | ||
metadata: | ||
labels: | ||
app: fulcimen | ||
name: rails | ||
spec: | ||
replicas: 1 | ||
selector: | ||
matchLabels: | ||
app: fulcimen | ||
template: | ||
metadata: | ||
labels: | ||
app: fulcimen | ||
spec: | ||
containers: | ||
- image: docker.pkg.github.com/mlibrary/heliotropium/fulcimen:d56befee705bacbb6306f8bd8bea597f31608636 | ||
name: heliotropium | ||
ports: | ||
- containerPort: 3000 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
name: delete-workflow-runs | ||
on: | ||
workflow_dispatch: | ||
inputs: | ||
days: | ||
description: 'Number of days.' | ||
required: true | ||
default: 90 | ||
|
||
jobs: | ||
del_runs: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Delete workflow runs | ||
uses: Mattraks/delete-workflow-runs@main | ||
with: | ||
# token: ${{ secrets.AUTH_PAT }} | ||
# repository: ${{ github.repository }} | ||
retain_days: ${{ github.event.inputs.days }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
name: deploy-web-nginx-to-testing | ||
|
||
on: workflow_dispatch | ||
|
||
jobs: | ||
deploy: | ||
runs-on: ubuntu-latest | ||
environment: fulcrum-testing | ||
steps: | ||
- name: GITHUB_SHA | ||
run: echo "$GITHUB_SHA" | ||
- name: GITHUB_REF | ||
run: echo "$GITHUB_REF" | ||
- name: SECRETS | ||
env: | ||
SECRETS: ${{ toJson(secrets) }} | ||
run: echo "$SECRETS" | ||
- name: Setup Kubectl | ||
uses: azure/setup-kubectl@v1 | ||
- name: Authenticate with kubernetes | ||
run: | | ||
mkdir -p ${HOME}/.kube/certs/cluster | ||
echo ${{ secrets.CA_CRT_BASE64 }} | base64 -d > ${HOME}/.kube/certs/cluster/k8s-ca.crt | ||
kubectl config set-cluster cluster --certificate-authority=${HOME}/.kube/certs/cluster/k8s-ca.crt --server=`echo ${{ secrets.SERVER_URL_BASE64 }} | base64 -d` | ||
kubectl config set-credentials default --token=`echo ${{ secrets.TOKEN_BASE64 }} | base64 -d` | ||
kubectl config set-context default --cluster=cluster --user=default --namespace=`echo ${{ secrets.NAMESPACE_BASE64 }} | base64 -d` | ||
kubectl config use-context default | ||
kubectl config view | ||
kubectl config current-context | ||
- name: Deploy | ||
run: | | ||
kubectl delete deployments --all | ||
kubectl delete services --all | ||
kubectl delete pods --all | ||
kubectl create deployment web --image=nginx --port=80 | ||
kubectl expose deployment web | ||
kubectl set image deployment web nginx=docker.pkg.github.com/mlibrary/heliotropium/nginx:latest |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
name: package-nginx-image | ||
|
||
on: workflow_dispatch | ||
|
||
jobs: | ||
build: | ||
runs-on: ubuntu-latest | ||
environment: fulcrum-testing | ||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v2 | ||
- name: Present Working Directory | ||
run: pwd | ||
- name: Secrets | ||
run: echo ${{ secrets.GITHUB_TOKEN }} | ||
- name: Build and Publish | ||
uses: craftech-io/package-action@v3.1.0 | ||
id: url-GPR | ||
with: | ||
access_token: ${{ secrets.GITHUB_TOKEN }} | ||
context: ./nginx | ||
dockerfile: ./nginx/Dockerfile.nginx | ||
image_name: nginx | ||
tags: latest | ||
- name: imageURL | ||
run: echo ${{ steps.url-GPR.outputs.imageURL }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,62 @@ | ||
#Start with Ruby 2.7.2 Image | ||
FROM ruby:2.7.2 | ||
|
||
#Set up variables for creating a user to run the app in the container | ||
ARG UNAME=app | ||
ARG UID=1000 | ||
ARG GID=1000 | ||
|
||
#This is so rails can install properly | ||
RUN apt-get update -yqq && apt-get install -yqq --no-install-recommends \ | ||
apt-transport-https | ||
|
||
#Download node at the preferred version; Download Yarn | ||
RUN curl -sL https://deb.nodesource.com/setup_12.x | bash - | ||
RUN curl https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - | ||
RUN echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list | ||
|
||
# Install Node and Vim. Vim is optional, but can be nice to be able to look | ||
# to be able to actually look at files in the container. | ||
RUN apt-get update -yqq && apt-get install -yqq --no-install-recommends \ | ||
nodejs \ | ||
yarn \ | ||
vim | ||
|
||
#So we can bundle install | ||
RUN gem install bundler:2.1.4 | ||
|
||
#Create the group for the user | ||
RUN groupadd -g ${GID} -o ${UNAME} | ||
|
||
#Create the User and assign /app as its home directory | ||
RUN useradd -m -d /app -u ${UID} -g ${GID} -o -s /bin/bash ${UNAME} | ||
|
||
|
||
#Create a /gems directory; Putting it here makes it easer to create a gems volume. | ||
RUN mkdir -p /gems && chown ${UID}:${GID} /gems | ||
|
||
#Change to that User; Waited until this step because the app user doesn't | ||
#have the authority to great the /gems directory that was done above. | ||
USER $UNAME | ||
|
||
#Tell bundler to use the /gems directory | ||
ENV BUNDLE_PATH /gems | ||
|
||
#Copy the Gemfile and Gemfile.lock from the Host machine into the /app directory; | ||
COPY --chown=${UID}:${GID} Gemfile* /app/ | ||
|
||
#cd to app | ||
WORKDIR /app | ||
|
||
#Install the Gems. Notice that this is done when only Gemfile and | ||
#Gemfile.lock are in the /app directory | ||
RUN bundle install | ||
|
||
#Copy all of the files in the current Host directory into /app | ||
COPY --chown=${UID}:${GID} . /app | ||
|
||
#Set up Placeholder Environment Variables; These will be overwritten | ||
#by Docker Compose and in production | ||
|
||
#Run the application | ||
CMD ["bin/rails", "s", "-b", "0.0.0.0"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,58 @@ | ||
FROM ruby:2.6 | ||
ARG UNAME=app | ||
ARG UID=1000 | ||
ARG GID=1000 | ||
ARG APP_HOME=/app | ||
ARG GEM_HOME=/gems | ||
|
||
# Adapted from https://medium.com/hackernoon/preventing-race-conditions-in-docker-781854121ed3 | ||
ENV DOCKERIZE_VERSION=v0.5.0 | ||
RUN wget -O - \ | ||
https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \ | ||
| tar -C /usr/local/bin -xzvf - | ||
|
||
RUN wget -q -O- https://dl.yarnpkg.com/debian/pubkey.gpg | \ | ||
apt-key add - && \ | ||
echo "deb https://dl.yarnpkg.com/debian/ stable main" > \ | ||
/etc/apt/sources.list.d/yarn.list && \ | ||
apt-get update && \ | ||
apt-get install -yqq --no-install-recommends \ | ||
apt-transport-https \ | ||
nodejs \ | ||
yarn && \ | ||
rm -rf /var/lib/apt/lists/* /usr/share/doc /usr/share/locale /usr/share/man | ||
RUN gem install bundler | ||
|
||
RUN groupadd -g $GID -o $UNAME | ||
RUN useradd -m -d /home/app -u $UID -g $GID -o -s /bin/bash $UNAME | ||
RUN mkdir -p $APP_HOME && chown $UID:$GID $APP_HOME | ||
RUN mkdir -p $GEM_HOME && chown $UID:$GID $GEM_HOME | ||
|
||
ENV BUNDLE_GEMFILE=${APP_HOME}/Gemfile | ||
ENV BUNDLE_JOBS=2 | ||
ENV BUNDLE_PATH=${GEM_HOME} | ||
ENV DB_VENDOR=mysql | ||
ENV DB_ADAPTER=mysql2 | ||
ENV MYSQL_PORT=3306 | ||
ENV MYSQL_HOST=db | ||
ENV MYSQL_USER=helio | ||
ENV MYSQL_PASSWORD=helio | ||
ENV MYSQL_DATABASE=helio | ||
ENV RAILS_ENV=development | ||
|
||
RUN mkdir -p ${APP_HOME} ${BUNDLE_PATH} | ||
WORKDIR ${APP_HOME} | ||
|
||
USER $UNAME | ||
COPY --chown=$UID:$GID Gemfile* ${APP_HOME}/ | ||
RUN bundle install | ||
|
||
# Note that docker-compose.yml mounts /app/node_modules like the gem cache | ||
COPY --chown=$UID:$GID package.json yarn.lock ${APP_HOME}/ | ||
RUN yarn install --check-files | ||
|
||
COPY --chown=$UID:$GID . ${APP_HOME} | ||
|
||
CMD dockerize -wait tcp://${MYSQL_HOST}:${MYSQL_PORT} -timeout 5m && \ | ||
bundle exec rake db:migrate && \ | ||
bundle exec rails server --binding 0.0.0.0 --port 3000 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
#!/bin/bash | ||
kubectl apply -f fulcimen-demo-namespace.yaml | ||
#kubectl apply -f fulcimen-demo-resource-quota.yaml | ||
kubectl apply -f mysql-external-name-service.yaml | ||
kubectl apply -f mysql-client-alpine-pod.yaml | ||
kubectl apply -f fulcimen-deployment.yaml | ||
kubectl apply -f fulcimen-node-port-service.yaml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
#!/bin/bash | ||
kubectl delete -f fulcimen-node-port-service.yaml | ||
kubectl delete -f fulcimen-deployment.yaml | ||
kubectl delete -f mysql-client-alpine-pod.yaml | ||
kubectl delete -f mysql-external-name-service.yaml | ||
#kubectl delete -f fulcimen-demo-resource-quota.yaml | ||
kubectl delete -f fulcimen-demo-namespace.yaml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
apiVersion: v1 | ||
kind: Namespace | ||
metadata: | ||
name: fulcimen-demo |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
apiVersion: v1 | ||
kind: ResourceQuota | ||
metadata: | ||
name: fulcimen-demo | ||
namespace: fulcimen-demo | ||
spec: | ||
hard: | ||
requests.cpu: "4" | ||
requests.memory: 8Gi | ||
limits.cpu: "8" | ||
limits.memory: 16Gi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
apiVersion: apps/v1 | ||
kind: Deployment | ||
metadata: | ||
labels: | ||
app: fulcimen | ||
name: fulcimen-deployment | ||
namespace: fulcimen-demo | ||
spec: | ||
replicas: 1 | ||
selector: | ||
matchLabels: | ||
app: fulcimen | ||
template: | ||
metadata: | ||
annotations: | ||
imageregistry: "https://hub.docker.com/" | ||
labels: | ||
app: fulcimen | ||
spec: | ||
containers: | ||
- name: heliotropium | ||
image: gkostin1966/heliotropium:0.0.1 | ||
env: | ||
- name: DATABASE_URL | ||
value: "mysql2://mysql/heliotropium_development" | ||
ports: | ||
- containerPort: 3000 | ||
# resources: | ||
# limits: | ||
# memory: "2Gi" | ||
# cpu: "1000m" | ||
# requests: | ||
# memory: "1Gi" | ||
# cpu: "500m" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
apiVersion: v1 | ||
kind: Service | ||
metadata: | ||
labels: | ||
app: fulcimen | ||
name: fulcimen-node-port | ||
namespace: fulcimen-demo | ||
spec: | ||
ports: | ||
- nodePort: 30000 # externally exposed port e.g. localhost:30080 | ||
port: 3000 # static node port (virtual or physical machine) e.g. docker-desktop | ||
protocol: TCP | ||
targetPort: 3000 # container port e.g. deployment/fulcimen | ||
selector: | ||
app: fulcimen | ||
type: NodePort |
Oops, something went wrong.