feat(ci): deploy prod environment to k8s

savannahghi · Apr 24, 2023 · 5dfe3ad · 5dfe3ad
1 parent db286ae
commit 5dfe3ad
Show file tree

Hide file tree

Showing 2 changed files with 51 additions and 51 deletions.
diff --git a/.github/workflows/prod.yaml b/.github/workflows/prod.yaml
@@ -6,12 +6,34 @@ on:
       - main
 
 env:
-  # Schema Registry CLI command version
-  CLI_VERSION: v0.0.2
+  GKE_ZONE: europe-west1-b
+  GKE_PROJECT: sghi-307909
+  PROD_CLUSTER_NAME: sghi-prod-apps
+  DOCKER_IMAGE_TAG: eu.gcr.io/${{ secrets.GOOGLE_CLOUD_PROJECT }}/${{ secrets.GCR_NAME }}:${{  github.sha }}
+  NAMESPACE: ${{ secrets.NAMESPACE }}
+  APP_REPLICA_COUNT: ${{ secrets.APP_REPLICA_COUNT }}
+  PORT: ${{ secrets.PORT }}
+  APP_DOMAIN: ${{ secrets.APP_DOMAIN }}
+  APP_NAME: ${{ secrets.APP_NAME }}
+  GOOGLE_APPLICATION_CREDENTIALS: ${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }}
+  GOOGLE_CLOUD_PROJECT: ${{ secrets.GOOGLE_CLOUD_PROJECT }}
+  FIREBASE_WEB_API_KEY: ${{ secrets.FIREBASE_WEB_API_KEY }}
+  ENVIRONMENT: ${{ secrets.ENVIRONMENT }}
+  SERVICE_HOST: ${{ secrets.SERVICE_HOST }}
+  GOOGLE_PROJECT_NUMBER: ${{ secrets.GOOGLE_PROJECT_NUMBER }}
+  ROOT_COLLECTION_SUFFIX: ${{ secrets.ROOT_COLLECTION_SUFFIX }}
+  CLOUD_HEALTH_PUBSUB_TOPIC: ${{ secrets.CLOUD_HEALTH_PUBSUB_TOPIC }}
+  CLOUD_HEALTH_DATASET_ID: ${{ secrets.CLOUD_HEALTH_DATASET_ID }}
+  OPENCONCEPTLAB_TOKEN: ${{ secrets.OPENCONCEPTLAB_TOKEN }}
+  OPENCONCEPTLAB_API_URL: ${{ secrets.OPENCONCEPTLAB_API_URL }}
+  JWT_KEY: ${{ secrets.JWT_KEY }}
+  CLOUD_HEALTH_FHIRSTORE_ID: ${{ secrets.CLOUD_HEALTH_FHIRSTORE_ID }}
+  SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
+  SAVANNAH_ADMIN_EMAIL: ${{ secrets.SAVANNAH_ADMIN_EMAIL }}   
 
 jobs:
   deploy_to_prod:
-    name: Deploy production server to google cloud run
+    name: Deploy production server to google kubernetes engine
     runs-on: ubuntu-latest
     environment:
       name: production
@@ -35,53 +57,17 @@ jobs:
           docker build -t eu.gcr.io/${{ secrets.GOOGLE_CLOUD_PROJECT }}/${{ secrets.GCR_NAME }}:$GITHUB_SHA .
           docker push eu.gcr.io/${{ secrets.GOOGLE_CLOUD_PROJECT }}/${{ secrets.GCR_NAME }}:$GITHUB_SHA
 
-      - name: Deploy to Google Cloud Run
-        uses: 'google-github-actions/deploy-cloudrun@v0'
-        with:
-          service: ${{ secrets.SERVICE_NAME }}
-          region: 'europe-west1'
-          image: 'eu.gcr.io/${{ secrets.GOOGLE_CLOUD_PROJECT }}/${{ secrets.GCR_NAME }}:${{  github.sha }}'
-          env_vars: |
-            GOOGLE_CLOUD_PROJECT=${{ secrets.GOOGLE_CLOUD_PROJECT }}
-            FIREBASE_WEB_API_KEY=${{ secrets.FIREBASE_WEB_API_KEY }}
-            JWT_KEY=${{ secrets.JWT_KEY }}
-            GOOGLE_PROJECT_NUMBER=${{ secrets.GOOGLE_PROJECT_NUMBER }}
-            ENVIRONMENT=${{ secrets.ENVIRONMENT }}
-            SENTRY_DSN=${{ secrets.SENTRY_DSN }}
-            ROOT_COLLECTION_SUFFIX=${{ secrets.ROOT_COLLECTION_SUFFIX }}
-            CLOUD_HEALTH_PUBSUB_TOPIC=${{ secrets.CLOUD_HEALTH_PUBSUB_TOPIC }}
-            CLOUD_HEALTH_DATASET_ID=${{ secrets.CLOUD_HEALTH_DATASET_ID }}
-            CLOUD_HEALTH_FHIRSTORE_ID=${{ secrets.CLOUD_HEALTH_FHIRSTORE_ID }}
-            OPENCONCEPTLAB_TOKEN=${{ secrets.OPENCONCEPTLAB_TOKEN }}
-            SERVICE_HOST=${{ secrets.SERVICE_HOST }}
-            OPENCONCEPTLAB_API_URL=${{ secrets.OPENCONCEPTLAB_API_URL }}
-            SAVANNAH_ADMIN_EMAIL=${{ secrets.SAVANNAH_ADMIN_EMAIL }}
-            
-  push_schema_prod_registry:
-    name: Publish schema to prod schema registry
-    strategy:
-      matrix:
-        go-version: [1.18.x]
-    runs-on: ubuntu-latest
-    needs: [deploy_to_prod]
-    environment:
-      name: production
-    env:
-      REGISTRY_URL: ${{ secrets.PROD_SCHEMA_REGISTRY_URL }}
-    steps:
-      - name: Checkout working branches
-        uses: actions/checkout@v2
+      - name: Install Helm
+        run: |
+          curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash
 
-      # Install Go
-      - name: Install Go
-        uses: actions/setup-go@v2
+      - uses: google-github-actions/get-gke-credentials@fb08709ba27618c31c09e014e1d8364b02e5042e
         with:
-          go-version: ${{ matrix.go-version }}
-
-       # install CLI command and push schema to registry
-       # just to be sure, we re-validate the schema against schema registry
-      - name: Install CLI command and push schema to registry
-        run: |
-          go install github.com/savannahghi/bewellcli@$CLI_VERSION
-          bewellcli service validate-schema --name clinical --version $GITHUB_SHA --url ${{ secrets.GRAPHQL_URL }}
-          bewellcli service push-schema --name clinical --version $GITHUB_SHA --url ${{ secrets.GRAPHQL_URL }}
+          cluster_name: ${{ env.PROD_CLUSTER_NAME }}
+          location: ${{ env.GKE_ZONE }}
+          credentials: ${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }}
+
+      - name: Deploy to Google Kubernetes engine
+        shell: bash
+        run: cd deploy/ && cat deploy.sh && sh deploy.sh
+
diff --git a/deploy/charts/clinical/templates/cluster_issuer.yaml b/deploy/charts/clinical/templates/cluster_issuer.yaml
@@ -0,0 +1,14 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: letsencrypt-prod
+spec:
+  acme:
+    server: https://acme-v02.api.letsencrypt.org/directory
+    email: salaton@savannahinformatics.com
+    privateKeySecretRef:
+      name: letsencrypt-prod
+    solvers:
+      - http01:
+          ingress:
+            class: kong