feat: CI/CD to GKE with multi-arch image builder, bash script (#33)

ghkdqhrbals · web-flow · commit fe6fe623ec5d · 2024-03-17T16:30:42.000+09:00
* dev: k8s agent deployment, service * dev: pv and pvc setup with gcp-pd * dev: controller deployment, service * dev: database deployment, service * dev: add Dockerfile for each module * dev: image builder and pusher script * dev: ingress pod and their routes * dev: ignore secrets * dev: gke continuous deploy workflow * fix: path rewrite #32 * fix: remove / in COPY prefix path #32 * fix: change use of build-push-action #32 * fix: test buildx path #32 * fix: rewrite Dockerfile path with -f option #32 * fix: add . end of push #32 * fix: change context path with : #32 * fix: use support option of file, version : #32 * fix: valid option reset : #32 * fix: add Dockerfile to file option : #32 * fix: remove context : #32 * fix: add . prefix : #32 * fix: add context and set default workdir : #32 * fix: add ARG for dockerfile : #32 * fix: add ARG for dockerfile : #32 * fix: arg option to build-arg : #32 * fix: remove default JAR_PATH : #32 * fix: set default JAR_PATH : #32 * fix: test echoing path : #32 * fix: remove docker build push marketplace : #32 * fix: add custom script for build multi-arch and push : #32 * fix: add sh args for getting token & etc : #32 * fix: remove QEMU and buildx plugin : #32 * fix: sh to bash : #32 * fix: image list extract with ghkdqhrbals prefix : #32 * fix: builx -f option path redefine #32 * fix: secret key #32 * fix: jar_path call with {} #32 * dev: change push to workflow_run develop branch
diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml
@@ -0,0 +1,73 @@
+name: Continuous Deploy with GKE
+
+on:
+  workflow_run:
+    workflows: [ "CI with test coverage" ]
+    types:
+      - completed
+    branches:
+      - develop
+
+defaults:
+  run:
+    working-directory: ./
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up Corretto openJDK 17
+        uses: actions/setup-java@v3 # check specific version in https://github.com/actions/setup-java
+        with:
+          distribution: 'corretto'
+          java-version: '17'
+
+      - name: Gradle caching
+        uses: actions/cache@v3
+        with:
+          path: |
+            ~/.gradle/caches
+            ~/.gradle/wrapper
+          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
+          restore-keys: |
+            ${{ runner.os }}-gradle-
+
+      - name: Grant execute permission for gradlew
+        run: chmod +x ./gradlew
+
+      - name: Build and test project
+        run: ./gradlew build
+
+#      - name: Set up QEMU
+#        uses: docker/setup-qemu-action@v3
+#
+#      - name: Set up Docker Buildx
+#        uses: docker/setup-buildx-action@v3
+
+      - name: Build docker image and push
+        run: bash ./script/img_push_multi_arch.sh -u ${{ secrets.DOCKERHUB_USERNAME }} -t ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Configure google cloud credentials
+        id: auth
+        uses: google-github-actions/auth@v2
+        with:
+          credentials_json: ${{ secrets.GKE_SA_KEY }}
+
+      - name: Set up gcloud cli
+        uses: google-github-actions/setup-gcloud@v2
+
+      - name: Set GKE cluster context
+        uses: google-github-actions/get-gke-credentials@v2
+        with:
+          cluster_name: ${{ secrets.GKE_CLUSTER }}
+          location: ${{ secrets.GKE_ZONE }}
+
+      - name: Deploy to GKE
+        run: |
+          kubectl apply -f ./kubernetes/volume
+          kubectl apply -f ./kubernetes/ingress
+          kubectl apply -f ./kubernetes/service
+          kubectl apply -f ./kubernetes/deploy
diff --git a/.gitignore b/.gitignore
@@ -1,6 +1,9 @@
 # Compiled class file
 *.class
 .idea
+/data
+/backups
+*-secret.yaml
 
 # Log file
 *.log
diff --git a/bm-agent/Dockerfile b/bm-agent/Dockerfile
@@ -0,0 +1,8 @@
+FROM amazoncorretto:17-alpine3.16-jdk
+ARG JAR_PATH=/build/libs
+
+WORKDIR /app
+
+COPY ${JAR_PATH}/bm-agent-1.0.0.jar /app/app.jar
+
+ENTRYPOINT java -jar app.jar
diff --git a/bm-controller/Dockerfile b/bm-controller/Dockerfile
@@ -0,0 +1,8 @@
+FROM amazoncorretto:17-alpine3.16-jdk
+ARG JAR_PATH=/build/libs
+
+WORKDIR /app
+
+COPY ${JAR_PATH}/bm-controller-1.0.0.jar /app/app.jar
+
+ENTRYPOINT java -jar app.jar
diff --git a/kubernetes/deploy/agent-deploy.yaml b/kubernetes/deploy/agent-deploy.yaml
@@ -0,0 +1,21 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: agent-deployment
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: agent-service
+  template:
+    metadata:
+      labels:
+        app: agent-service
+    spec:
+      containers:
+        - env:
+            - name: SERVER_PORT
+              value: "8081"
+          image: ghkdqhrbals/bm-agent:latest
+          name: bm-agent
+      restartPolicy: Always
diff --git a/kubernetes/deploy/controller-deploy.yaml b/kubernetes/deploy/controller-deploy.yaml
@@ -0,0 +1,43 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: controller-deployment
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: controller-service
+  template:
+    metadata:
+      labels:
+        app: controller-service
+    spec:
+      containers:
+        - env:
+            - name: SERVER_PORT
+              value: "8080"
+            - name: spring_datasource_url
+              value: "jdbc:postgresql://benchmark-db:5433/test"
+            - name: spring_datasource_hikari_password
+              valueFrom:
+                secretKeyRef:
+                  name: db-secret
+                  key: password
+            - name: spring_datasource_hikari_username
+              valueFrom:
+                secretKeyRef:
+                  name: db-secret
+                  key: username
+            - name: token_secret
+              valueFrom:
+                secretKeyRef:
+                  name: token-secret
+                  key: secret
+            - name: token_expiration_time
+              valueFrom:
+                secretKeyRef:
+                  name: token-secret
+                  key: exp
+          image: ghkdqhrbals/bm-controller:latest
+          name: bm-controller
+      restartPolicy: Always
diff --git a/kubernetes/deploy/db-deployment.yaml b/kubernetes/deploy/db-deployment.yaml
@@ -0,0 +1,57 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: db-deployment
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: benchmark-db
+  template:
+    metadata:
+      labels:
+        app: benchmark-db
+    spec:
+      # directory creation setup
+      initContainers:
+        - name: init-data-dir
+          image: busybox
+          command: ["sh", "-c", "mkdir -p /var/lib/postgresql/production/data"]
+          volumeMounts:
+            - name: benchmark-vol
+              mountPath: /var/lib/postgresql/production/data
+      containers:
+        - args:
+            - -c
+            - wal_level=logical
+            - -c
+            - max_connections=500
+            - -p
+            - "5433"
+          env:
+            - name: POSTGRES_DB
+              value: test
+            - name: POSTGRES_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: db-secret
+                  key: password
+            - name: POSTGRES_USER
+              valueFrom:
+                secretKeyRef:
+                  name: db-secret
+                  key: username
+          image: postgres:12-alpine
+          name: chat-db
+          ports:
+            - containerPort: 5433
+              hostPort: 5433
+              protocol: TCP
+          volumeMounts:
+            - name: benchmark-vol
+              mountPath: /var/lib/postgresql/production/data
+      restartPolicy: Always
+      volumes:
+        - name: benchmark-vol
+          persistentVolumeClaim:
+            claimName: benchmark-pvc
diff --git a/kubernetes/image_push.sh b/kubernetes/image_push.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+# Build the docker image
+echo "Build the docker image"
+PREFIX="ghkdqhrbals"
+docker compose -f ../docker-compose.yaml build
+
+images=$(docker images --format "{{.Repository}}" | grep "^${PREFIX}")
+
+# Push the docker image to docker hub
+echo "Image deploy to docker hub"
+for image in $images; do
+  echo "${image}"
+  docker tag "${image}" "${image}:amd64"
+  docker push "${image}:amd64"
+done
diff --git a/kubernetes/ingress/ingress.yaml b/kubernetes/ingress/ingress.yaml
@@ -0,0 +1,24 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  labels:
+    run: mynginx
+  name: mynginx
+spec:
+  containers:
+    - image: nginx:1.16
+      name: mynginx
+      resources: {}
+  restartPolicy: Always
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: nginxsvc
+spec:
+  ports:
+    - port: 80
+      protocol: TCP
+      targetPort: 80
+  selector:
+    run: mynginx
diff --git a/kubernetes/ingress/routes.yaml b/kubernetes/ingress/routes.yaml
@@ -0,0 +1,17 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: example
+spec:
+  ingressClassName: nginx
+  rules:
+    - host: www.high-load.org
+      http:
+        paths:
+          - pathType: Prefix
+            backend:
+              service:
+                name: controller-service
+                port:
+                  number: 80
+            path: /
diff --git a/kubernetes/service/agent-service.yaml b/kubernetes/service/agent-service.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app: agent-service
+  name: agent-service
+spec:
+  ports:
+    - name: http
+      protocol: TCP
+      port: 8081 # This is the port that the service listens on
+      targetPort: 8081 # This is the port that the container listens on
+  type: ClusterIP
+  selector:
+    app: agent-service
diff --git a/kubernetes/service/controller-service.yaml b/kubernetes/service/controller-service.yaml
@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app: controller-service
+  name: controller-service
+spec:
+  ports:
+    - name: http
+      protocol: TCP
+      port: 8080
+      targetPort: 8080
+      nodePort: 30000 # Specify the NodePort value
+  type: NodePort # Expose the service with a NodePort
+  selector:
+    app: controller-service
diff --git a/kubernetes/service/db-service.yaml b/kubernetes/service/db-service.yaml
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    app: benchmark-db
+  name: benchmark-db
+spec:
+  ports:
+    - name: benchmark-db
+      protocol: TCP
+      port: 5433
+      targetPort: 5433
+  selector:
+    app: benchmark-db
diff --git a/kubernetes/volume/benchmark-pv.yaml b/kubernetes/volume/benchmark-pv.yaml
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: benchmark-pv
+spec:
+  capacity:
+    storage: 10Gi
+  accessModes:
+    - ReadWriteMany
+  storageClassName: "benchmark-gce-pd-1"
+  persistentVolumeReclaimPolicy: Retain
+  gcePersistentDisk:
+    pdName: pd-1 # GCE PD의 이름
+    fsType: ext4
diff --git a/kubernetes/volume/benchmark-pvc.yaml b/kubernetes/volume/benchmark-pvc.yaml
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: benchmark-pvc
+spec:
+  accessModes:
+    - ReadWriteMany
+  volumeName: benchmark-pv
+  resources:
+    requests:
+      storage: 10Gi
+  storageClassName: "benchmark-gce-pd-1"
diff --git a/script/img_push_multi_arch.sh b/script/img_push_multi_arch.sh
