From fb01cad8fcc4bc6cb2411bb0a33ba6f6af739825 Mon Sep 17 00:00:00 2001 From: Minh Tran Date: Sat, 9 Dec 2023 15:46:46 +0700 Subject: [PATCH 1/2] chore: remove old graph-gateway --- k8s/cert-manager.yaml | 1 - k8s/charts/graph-gateway/.helmignore | 27 ----- k8s/charts/graph-gateway/Chart.yaml | 5 - k8s/charts/graph-gateway/templates/NOTES.txt | 21 ---- .../graph-gateway/templates/_helpers.tpl | 45 -------- .../graph-gateway/templates/deployment.yaml | 83 ------------- .../graph-gateway/templates/ingress.yaml | 48 -------- .../graph-gateway/templates/service.yaml | 23 ---- .../templates/tests/test-connection.yaml | 15 --- k8s/charts/graph-gateway/values.local.yaml | 96 --------------- k8s/charts/graph-gateway/values.yaml | 109 ------------------ 11 files changed, 473 deletions(-) delete mode 100644 k8s/charts/graph-gateway/.helmignore delete mode 100644 k8s/charts/graph-gateway/Chart.yaml delete mode 100644 k8s/charts/graph-gateway/templates/NOTES.txt delete mode 100644 k8s/charts/graph-gateway/templates/_helpers.tpl delete mode 100644 k8s/charts/graph-gateway/templates/deployment.yaml delete mode 100644 k8s/charts/graph-gateway/templates/ingress.yaml delete mode 100644 k8s/charts/graph-gateway/templates/service.yaml delete mode 100644 k8s/charts/graph-gateway/templates/tests/test-connection.yaml delete mode 100644 k8s/charts/graph-gateway/values.local.yaml delete mode 100644 k8s/charts/graph-gateway/values.yaml diff --git a/k8s/cert-manager.yaml b/k8s/cert-manager.yaml index 4ac8c96..f990560 100644 --- a/k8s/cert-manager.yaml +++ b/k8s/cert-manager.yaml @@ -5,5 +5,4 @@ metadata: spec: domains: - id.promag.minhtrandev.com - - graph.promag.minhtrandev.com - gw.promag.minhtrandev.com diff --git a/k8s/charts/graph-gateway/.helmignore b/k8s/charts/graph-gateway/.helmignore deleted file mode 100644 index 1cdd7c6..0000000 --- a/k8s/charts/graph-gateway/.helmignore +++ /dev/null @@ -1,27 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store - -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ - -# Common backup files -*.swp -*.bak -*.tmp -*~ - -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ -.husky/ -.github/ diff --git a/k8s/charts/graph-gateway/Chart.yaml b/k8s/charts/graph-gateway/Chart.yaml deleted file mode 100644 index 8622c57..0000000 --- a/k8s/charts/graph-gateway/Chart.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: v1 -appVersion: "1.0" -description: A Helm chart for Kubernetes -name: graph-gateway -version: 0.1.0 diff --git a/k8s/charts/graph-gateway/templates/NOTES.txt b/k8s/charts/graph-gateway/templates/NOTES.txt deleted file mode 100644 index f174511..0000000 --- a/k8s/charts/graph-gateway/templates/NOTES.txt +++ /dev/null @@ -1,21 +0,0 @@ -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range $host := .Values.ingress.hosts }} - {{- range .paths }} - http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ . }} - {{- end }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "graph-gateway.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "graph-gateway.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "graph-gateway.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.port }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "graph-gateway.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:80 -{{- end }} diff --git a/k8s/charts/graph-gateway/templates/_helpers.tpl b/k8s/charts/graph-gateway/templates/_helpers.tpl deleted file mode 100644 index 03420c8..0000000 --- a/k8s/charts/graph-gateway/templates/_helpers.tpl +++ /dev/null @@ -1,45 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "graph-gateway.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "graph-gateway.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "graph-gateway.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Common labels -*/}} -{{- define "graph-gateway.labels" -}} -app.kubernetes.io/name: {{ include "graph-gateway.name" . }} -helm.sh/chart: {{ include "graph-gateway.chart" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end -}} diff --git a/k8s/charts/graph-gateway/templates/deployment.yaml b/k8s/charts/graph-gateway/templates/deployment.yaml deleted file mode 100644 index f2a2f07..0000000 --- a/k8s/charts/graph-gateway/templates/deployment.yaml +++ /dev/null @@ -1,83 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "graph-gateway.fullname" . }} - labels: -{{ include "graph-gateway.labels" . | indent 4 }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app.kubernetes.io/name: {{ include "graph-gateway.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - template: - metadata: - annotations: - rollme: {{ randAlphaNum 5 | quote }} - labels: - app.kubernetes.io/name: {{ include "graph-gateway.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} - spec: - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - containers: - - name: {{ .Chart.Name }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - env: - {{- if .Values.env.normal -}} - {{- range .Values.env.normal }} - - name: {{ .name }} - value: {{ .value | quote }} - {{- end -}} - {{- end }} - {{- if .Values.env.secret -}} - {{- range .Values.env.secret }} - - name: {{ .name }} - valueFrom: - secretKeyRef: - name: app-env-secret - key: {{ .key }} - {{- end -}} - {{- end }} - ports: - - name: http - containerPort: {{ .Values.service.port }} - protocol: TCP - {{ if .Values.probes -}} - {{- if .Values.probes.liveness -}} - livenessProbe: - httpGet: - port: {{ .Values.service.port }} - path: {{ .Values.probes.liveness.path }} - initialDelaySeconds: {{ .Values.probes.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.probes.liveness.periodSeconds }} - {{- end -}} - {{- end -}} - {{- if .Values.probes -}} - {{- if .Values.probes.readiness }} - readinessProbe: - httpGet: - port: {{ .Values.service.port }} - path: {{ .Values.probes.readiness.path }} - initialDelaySeconds: {{ .Values.probes.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.probes.readiness.periodSeconds }} - timeoutSeconds: {{ .Values.probes.readiness.timeoutSeconds }} - {{- end -}} - {{- end }} - resources: - {{- toYaml .Values.resources | nindent 12 }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} diff --git a/k8s/charts/graph-gateway/templates/ingress.yaml b/k8s/charts/graph-gateway/templates/ingress.yaml deleted file mode 100644 index f288e6a..0000000 --- a/k8s/charts/graph-gateway/templates/ingress.yaml +++ /dev/null @@ -1,48 +0,0 @@ -{{- if .Values.ingress.enabled -}} -{{- $fullName := include "graph-gateway.fullname" . -}} -apiVersion: networking.gke.io/v1beta1 -kind: FrontendConfig -metadata: - name: graph-gateway-fe-config -spec: - redirectToHttps: - enabled: true - responseCodeName: PERMANENT_REDIRECT ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: {{ $fullName }} - labels: -{{ include "graph-gateway.labels" . | indent 4 }} - {{- with .Values.ingress.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: -{{- if .Values.ingress.tls }} - tls: - {{- range .Values.ingress.tls }} - - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} -{{- end }} - rules: - {{- range .Values.ingress.hosts }} - - host: {{ .host | quote }} - http: - paths: - {{- range .paths }} - - path: {{ . }} - pathType: Prefix - backend: - service: - name: {{ $fullName }} - port: - number: 5100 - {{- end }} - {{- end }} -{{- end }} diff --git a/k8s/charts/graph-gateway/templates/service.yaml b/k8s/charts/graph-gateway/templates/service.yaml deleted file mode 100644 index 35364b4..0000000 --- a/k8s/charts/graph-gateway/templates/service.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ include "graph-gateway.fullname" . }} - labels: -{{ include "graph-gateway.labels" . | indent 4 }} - {{- with .Values.service.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.port }} - targetPort: http - {{- if eq .Values.service.type "NodePort" }} - nodePort: {{ .Values.service.httpNodePort }} - {{- end }} - protocol: TCP - name: http - selector: - app.kubernetes.io/name: {{ include "graph-gateway.name" . }} - app.kubernetes.io/instance: {{ .Release.Name }} diff --git a/k8s/charts/graph-gateway/templates/tests/test-connection.yaml b/k8s/charts/graph-gateway/templates/tests/test-connection.yaml deleted file mode 100644 index eba688c..0000000 --- a/k8s/charts/graph-gateway/templates/tests/test-connection.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: "{{ include "graph-gateway.fullname" . }}-test-connection" - labels: -{{ include "graph-gateway.labels" . | indent 4 }} - annotations: - "helm.sh/hook": test-success -spec: - containers: - - name: wget - image: busybox - command: ['wget'] - args: ['{{ include "graph-gateway.fullname" . }}:{{ .Values.service.port }}'] - restartPolicy: Never diff --git a/k8s/charts/graph-gateway/values.local.yaml b/k8s/charts/graph-gateway/values.local.yaml deleted file mode 100644 index af60478..0000000 --- a/k8s/charts/graph-gateway/values.local.yaml +++ /dev/null @@ -1,96 +0,0 @@ -# Default values for graph-gateway. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -replicaCount: 1 - -image: - repository: localhost:32000/graph-gateway - tag: local - pullPolicy: Always - -imagePullSecrets: [] -nameOverride: "" -fullnameOverride: "graph-gateway" - -service: - type: NodePort - port: 5100 - httpNodePort: 31100 - -ingress: - enabled: false - annotations: - kubernetes.io/ingress.class: nginx - hosts: - - host: promag.local - paths: [/gateway] - - tls: [] - -resources: - limits: - cpu: 500m - memory: 256Mi - requests: - cpu: 250m - memory: 128Mi - -nodeSelector: {} - -tolerations: [] - -affinity: {} - -probes: [] - -env: - normal: - - name: App__HealthCheckEnabled - value: true - - - name: ASPNETCORE_ENVIRONMENT - value: Development - - name: PathBase - value: /gateway - - - name: Logging__Seq__Enabled - value: false - - name: Logging__Seq__Url - value: http://seq:5341/ - - name: Logging__MinimumLevel__Default - value: Error - - - name: OpenTelemetry__Enabled - value: false - - name: OpenTelemetry__zipkinEndpoint - value: http://zipkin:9411/api/v2/spans - - - name: Services__CommunicationService__Url - value: http://communication-api:5002 - - name: Services__CommunicationService__GrpcUrl - value: http://communication-api:15002 - - - name: Services__PersonalService__Url - value: http://personal-data-api:5003 - - name: Services__PersonalService__GrpcUrl - value: http://personal-data-api:15003 - - - name: Services__MasterDataService__Url - value: http://master-data-api:5004 - - name: Services__MasterDataService__GrpcUrl - value: http://master-data-api:15004 - - - name: Services__PortalService__Url - value: http://portal-api:5001 - - name: Services__PortalService__GrpcUrl - value: http://portal-api:15001 - - - name: Services__IdentityService__Url - value: http://identity-api:5101 - - name: Services__IdentityService__GrpcUrl - value: http://identity-api:15101 - - secret: - - name: Logging__Seq__ApiKey - key: Seq.Apikey diff --git a/k8s/charts/graph-gateway/values.yaml b/k8s/charts/graph-gateway/values.yaml deleted file mode 100644 index baf6ee0..0000000 --- a/k8s/charts/graph-gateway/values.yaml +++ /dev/null @@ -1,109 +0,0 @@ -# Default values for graph-gateway. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -replicaCount: 1 - -image: - repository: REPOSITORY_PATH - tag: latest - pullPolicy: Always - -imagePullSecrets: [ ] -nameOverride: "" -fullnameOverride: "graph-gateway" - -service: - type: ClusterIP - port: 5100 - annotations: - cloud.google.com/neg: '{"ingress": true}' - -ingress: - enabled: true - annotations: - kubernetes.io/ingress.class: gce - networking.gke.io/managed-certificates: cert-manager - networking.gke.io/v1beta1.FrontendConfig: graph-gateway-fe-config - # nginx.ingress.kubernetes.io/configuration-snippet: | - # proxy_set_header l5d-dst-override $service_name.$namespace.svc.cluster.local:$service_port; - # grpc_set_header l5d-dst-override $service_name.$namespace.svc.cluster.local:$service_port; - hosts: - - host: graph.promag.minhtrandev.com - paths: [ / ] - -resources: - limits: - cpu: 500m - memory: 256Mi - requests: - cpu: 250m - memory: 128Mi - -nodeSelector: { } - -tolerations: [ ] - -affinity: { } - -probes: - liveness: - path: /liveness - initialDelaySeconds: 10 - periodSeconds: 15 - readiness: - path: /health - timeoutSeconds: 5 - initialDelaySeconds: 10 - periodSeconds: 30 - -env: - normal: - - name: App__HealthCheckEnabled - value: 'true' - - - name: ASPNETCORE_ENVIRONMENT - value: Development - - name: PathBase - value: /gateway - - - name: Logging__Seq__Enabled - value: 'true' - - name: Logging__Seq__Url - value: http://seq:5341/ - - name: Logging__MinimumLevel__Default - value: Warning - - - name: OpenTelemetry__Enabled - value: 'true' - - name: OpenTelemetry__zipkinEndpoint - value: http://zipkin:9411/api/v2/spans - - - name: Services__CommunicationService__Url - value: http://communication-api:5002 - - name: Services__CommunicationService__GrpcUrl - value: http://communication-api:15002 - - - name: Services__PersonalService__Url - value: http://personal-data-api:5003 - - name: Services__PersonalService__GrpcUrl - value: http://personal-data-api:15003 - - - name: Services__MasterDataService__Url - value: http://master-data-api:5004 - - name: Services__MasterDataService__GrpcUrl - value: http://master-data-api:15004 - - - name: Services__PortalService__Url - value: http://portal-api:5001 - - name: Services__PortalService__GrpcUrl - value: http://portal-api:15001 - - - name: Services__IdentityService__Url - value: http://identity-api:5101 - - name: Services__IdentityService__GrpcUrl - value: http://identity-api:15101 - - secret: - - name: Logging__Seq__ApiKey - key: Seq.Apikey From d11c33ce51b99bf7f542f4cbd960659d1a22c6bc Mon Sep 17 00:00:00 2001 From: Minh Tran Date: Sat, 9 Dec 2023 16:03:29 +0700 Subject: [PATCH 2/2] feat: setup pipeline for Certificates Manager changes --- .github/workflows/cert-manager.yml | 46 ++++++++++++++++++++++++++++++ k8s/charts/gateways/values.yaml | 2 +- 2 files changed, 47 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/cert-manager.yml diff --git a/.github/workflows/cert-manager.yml b/.github/workflows/cert-manager.yml new file mode 100644 index 0000000..1e8098a --- /dev/null +++ b/.github/workflows/cert-manager.yml @@ -0,0 +1,46 @@ +name: Certificates Manager Pipeline + +on: + workflow_dispatch: + + push: + branches: + - main + paths: + - k8s/cert-manager.yaml + - .github/workflows/cert-manager.yml + +jobs: + deploy: + name: Deploy Certificates Manager + runs-on: ubuntu-latest + env: + # Google Cloud variables + GOOGLE_APPLICATION_CREDENTIALS: ${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }} + GOOGLE_PROJECT: ${{ secrets.GOOGLE_PROJECT }} + PROJECT_NAME: promag + REGION: us-central1 + LOCATION: us-central1-a + + # Kubernetes variables + CLUSTER_NAME: sit-cluster + NAMESPACE: prod + VALUES_FILE: cert-manager.yaml + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Install the GCloud CLI + uses: google-github-actions/setup-gcloud@v0 + with: + project_id: ${{ secrets.GOOGLE_PROJECT }} + service_account_key: ${{ secrets.GOOGLE_APPLICATION_CREDENTIALS }} + install_components: 'gke-gcloud-auth-plugin' + export_default_credentials: true + + - name: Apply changes + run: | + gcloud container clusters get-credentials $CLUSTER_NAME --location $LOCATION + + kubectl apply -f k8s/$VALUES_FILE --namespace $NAMESPACE \ No newline at end of file diff --git a/k8s/charts/gateways/values.yaml b/k8s/charts/gateways/values.yaml index d1ee96c..37cc315 100644 --- a/k8s/charts/gateways/values.yaml +++ b/k8s/charts/gateways/values.yaml @@ -62,7 +62,7 @@ env: - name: ASPNETCORE_ENVIRONMENT value: Development - name: PathBase - value: / + value: /gateway - name: Logging__Seq__Enabled value: 'true'