Merge branch '4-provide-helm-chart' into 'master'

Resolve "provide helm-chart"

Closes #4

See merge request !5

.gitlab-ci.yml

@@ -11,6 +11,7 @@ stages:
 
 variables:
   npm_config_cache: ${CI_PROJECT_DIR}/.npm
+  image_name: ubleipzig/dacap
 
 npm_install:
   stage: prepare
@@ -66,20 +67,15 @@ npm_pack:
 
 docker_build:
   stage: build_image
-  image: docker:latest
+  image: ubleipzig/deployer:1.0.0
   services:
   - docker:dind
   script: |
-    docker build --pull \
-      --build-arg HTTP_PROXY=${HTTP_PROXY} \
-      --build-arg HTTPS_PROXY=${HTTPS_PROXY} \
-      --build-arg NO_PROXY=${NO_PROXY} \
-      --build-arg http_proxy=${HTTP_PROXY} \
-      --build-arg https_proxy=${HTTPS_PROXY} \
-      --build-arg no_proxy=${NO_PROXY} \
-      -t image \
-      .
-    docker save --output=image.tar.gz image
+    deployer build \
+      --build-arg HTTP_PROXY="${HTTP_PROXY}" \
+      --build-arg HTTPS_PROXY=${HTTPS_PROXY}" \
+      --build-arg NO_PROXY=${NO_PROXY}" \
+      --output image.tar.gz
   dependencies:
   - npm_pack
   artifacts:
@@ -106,73 +102,73 @@ npm_publish:
   only:
   - /^release\/.*/
 
-docker_publish_production:
+docker_publish_alpha:
   stage: publish
-  image: docker:latest
+  image: ubleipzig/deployer:1.0.0
   services:
   - docker:dind
   script: |
-    mkdir -p ~/.docker && echo "$DOCKER_AUTH_CONFIG" >~/.docker/config.json
-    version=`expr ${CI_COMMIT_TAG} ':' 'release/\(.\+\)'`
-    major_version=`expr ${version} ':' '\([^.]\+\)'`
-    minor_version=`expr ${version} ':' '[^.]\+\.\([^.]\+\)'`
-    patch_version=`expr ${version} ':' '[^.]\+\.[^.]\+\.\(.\+\)'`
-    docker load --input=image.tar.gz
-    docker tag image ubleipzig/dacap:${version}
-    docker push ubleipzig/dacap:${version}
-    for tag in "latest" "${major_version}" "${major_version}.${minor_version}"; do
-      docker tag ubleipzig/dacap:${version} ubleipzig/dacap:${tag}
-      docker push ubleipzig/dacap:${tag}
-    done
+    deployer publish \
+      --input image.tar.gz \
+      --docker-config "${DOCKER_AUTH_CONFIG}" \
+      --name ${image_name} \
+      --tag ${CI_COMMIT_REF_NAME}
   dependencies:
   - docker_build
   tags:
-    - docker
-  except:
-  - branches
+  - docker
   only:
-  - /^release\/.*/
+  - branches
+  except:
+  - master
 
-docker_publish_alpha:
+docker_publish_staging:
   stage: publish
-  image: docker:latest
+  image: ubleipzig/deployer:1.0.0
   services:
   - docker:dind
   script: |
-    test "${DOCKER_AUTH_CONFIG}" == "" && echo "docker-config does not exists, aborting!" && false
-    mkdir -p ~/.docker && echo "$DOCKER_AUTH_CONFIG" >~/.docker/config.json
-    docker load --input=image.tar.gz
-    docker tag image ubleipzig/dacap:alpha-${CI_COMMIT_REF_NAME}
-    docker push ubleipzig/dacap:alpha-${CI_COMMIT_REF_NAME}
+    deployer publish \
+      --input image.tar.gz \
+      --docker-config "$DOCKER_AUTH_CONFIG" \
+      --name ${image_name} \
+      --tag staging
   dependencies:
   - docker_build
   tags:
     - docker
   only:
-  - /^[0-9]+-/
+  - master
 
-docker_publish_staging:
+docker_publish_production:
   stage: publish
-  image: docker:latest
+  image: ubleipzig/deployer:1.0.0
   services:
   - docker:dind
   script: |
-    mkdir -p ~/.docker && echo "$DOCKER_AUTH_CONFIG" >~/.docker/config.json
-    docker load --input=image.tar.gz
-    docker tag image ubleipzig/dacap:staging
-    docker push ubleipzig/dacap:staging
+    version=`expr ${CI_COMMIT_TAG} ':' 'release/\(.\+\)'`
+    deployer publish \
+      --input image.tar.gz
+      --docker-config "$DOCKER_AUTH_CONFIG" \
+      --name ${image_name} \
+      --tag latest \
+      --tag ${version} \
+      --tag $(expr ${version} ':' '\([^.]\+\)') \
+      --tag $(expr ${version} ':' '[^.]\+\.\([^.]\+\)') \
+      --tag $(expr ${version} ':' '[^.]\+\.[^.]\+\.\(.\+\))`
   dependencies:
   - docker_build
   tags:
     - docker
+  except:
+  - branches
   only:
-  - master
+  - /^release\/.*/
 
 deploy_alpha:
   stage: deploy
-  image: dtzar/helm-kubectl:2.9.1
+  image: ubleipzig/deployer:1.0.0
   variables:
-    k8s_namespace: dacap_alpha
     url_schema: https://
     ingress_host: alpha.ub.uni-leipzig.de
     ingress_path: /dacap
@@ -180,97 +176,55 @@ deploy_alpha:
     name: alpha/${CI_COMMIT_REF_NAME}
     url: https://alpha.ub.uni-leipzig.de/dacap/${CI_COMMIT_REF_NAME}/admin
   script: |
-    test "${KUBE_CONFIG}" == "" && echo "kubeconfig does not exists, aborting!" && false
-    mkdir ~/.kube && echo "${KUBE_CONFIG}" > ~/.kube/config
-
-    test "$(helm ls --deleted --failed --short | grep issue-${CI_COMMIT_REF_NAME})" != "" && helm delete --purge issue-${CI_COMMIT_REF_NAME}
-
-    git clone https://git.sc.uni-leipzig.de/ubl/bdd_dev/webmasterei/helm-charts.git/
-    cd helm-charts
-
-    if [ "$(helm ls | grep issue-${CI_COMMIT_REF_NAME} | grep DEPLOYED)" == "" ];then
-      echo "Release not installed. Installing..."
-      helm install -n issue-${CI_COMMIT_REF_NAME} \
-        --namespace dacap-alpha \
-        --set environment.proxy_url=${url_schema}${ingress_host}${ingress_path}/${CI_COMMIT_REF_NAME}/ \
-        --set environment.http_proxy=http://proxy.uni-leipzig.de:3128 \
-        --set ingress.path=${ingress_path}/${CI_COMMIT_REF_NAME} \
-        --set ingress.hosts[0]=${ingress_host} \
-        --set image.tag=alpha-${CI_COMMIT_REF_NAME} \
-        --set pullPolicy=Always \
-        ./webmasterei/dacap/
-    else
-      echo "Release already installed. Upgrading..."
-      helm upgrade issue-${CI_COMMIT_REF_NAME} \
-        --recreate-pods \
-        --reuse-values \
-        --set foo=bar \
-        ./webmasterei/dacap/
-    fi
-
-    echo "Waiting for successful deploy..."
-    counter=0
-    while [ "$(helm ls | grep issue-${CI_COMMIT_REF_NAME} | awk -F"\t" '{ print $4; }')" != "DEPLOYED" ]; do
-      sleep 1
-      if [ $counter -eq 60 ];then break && false; fi
-      counter=$[$counter+1];
-    done
+    deployer deploy \
+      --cluster-url "${K8S_ALPHA_CLUSTER_URL}" \
+      --certificate-authority "${K8S_ALPHA_CLUSTER_CA}" \
+      --token "${K8S_ALPHA_DEPLOY_TOKEN}" \
+      --namespace "${K8S_ALPHA_CLUSTER_NAMESPACE}" \
+      --service-account "${K8S_ALPHA_DEPLOY_USER}" \
+      --name issue-${CI_COMMIT_REF_NAME} \
+      --set-string environment.proxy_url=${url_schema}${ingress_host}${ingress_path}/${CI_COMMIT_REF_NAME}/ \
+      --set-string environment.http_proxy=http://proxy.uni-leipzig.de:3128 \
+      --set-string ingress.path=${ingress_path}/${CI_COMMIT_REF_NAME} \
+      --set-string ingress.hosts[0]=${ingress_host} \
+      --set-string image.tag=alpha-${CI_COMMIT_REF_NAME} \
+      --set-string pullPolicy=Always \
+      --charts ./helmcharts
   dependencies:
   - docker_publish_alpha
   tags:
   - docker
   only:
-  - /^[0-9]+-/
+  - branches
   except:
-  - tags
+  - master
 
 deploy_staging:
   stage: deploy
-  image: dtzar/helm-kubectl:2.9.1
+  image: ubleipzig/deployer:1.0.0
   variables:
-    k8s_namespace: dacap_staging
     url_schema: https://
     ingress_host: staging.ub.uni-leipzig.de
     ingress_path: /dacap
   environment:
     name: staging
-    url: https://alpha.ub.uni-leipzig.de/dacap/admin
+    url: https://staging.ub.uni-leipzig.de/dacap/admin
   script: |
-    test "${KUBE_CONFIG}" == "" && echo "kubeconfig does not exists, aborting!" && false
-    mkdir ~/.kube && echo "${KUBE_CONFIG}" > ~/.kube/config
-
-    test "$(helm ls --deleted --failed --short | grep staging)" != "" && helm delete --purge staging
+    deployer deploy \
+      --cluster-url "${K8S_STAGING_CLUSTER_URL}" \
+      --certificate-authority "${K8S_STAGING_CLUSTER_CA}" \
+      --token "${K8S_STAGING_DEPLOY_TOKEN}" \
+      --namespace "${K8S_STAGING_CLUSTER_NAMESPACE}" \
+      --service-account "${K8S_STAGING_DEPLOY_USER}" \
+      --name staging \
+      --set-string environment.proxy_url=${url_schema}${ingress_host}${ingress_path}/ \
+      --set-string environment.http_proxy=http://proxy.uni-leipzig.de:3128 \
+      --set-string ingress.path=${ingress_path} \
+      --set-string ingress.hosts[0]=${ingress_host} \
+      --set-string image.tag=staging \
+      --set-string pullPolicy=Always \
+      --charts ./helmcharts
 
-    git clone https://git.sc.uni-leipzig.de/ubl/bdd_dev/webmasterei/helm-charts.git/
-    cd helm-charts
-
-    if [ "$(helm ls | grep staging | grep DEPLOYED)" == "" ];then
-      echo "Release not installed. Installing..."
-      helm install -n staging \
-        --namespace dacap-staging \
-        --set environment.proxy_url=${url_schema}${ingress_host}${ingress_path} \
-        --set environment.http_proxy=http://proxy.uni-leipzig.de:3128 \
-        --set ingress.path=${ingress_path} \
-        --set ingress.hosts[0]=${ingress_host} \
-        --set image.tag=staging \
-        --set pullPolicy=Always \
-        ./webmasterei/dacap/
-    else
-      echo "Release already installed. Upgrading..."
-      helm upgrade staging \
-        --recreate-pods \
-        --reuse-values \
-        --set foo=bar \
-        ./webmasterei/dacap/
-    fi
-
-    echo "Waiting for successful deploy..."
-    counter=0
-    while [ "$(helm ls | grep staging | awk -F"\t" '{ print $4; }')" != "DEPLOYED" ]; do
-      sleep 1
-      if [ $counter -eq 60 ];then break && false; fi
-      counter=$[$counter+1];
-    done
   dependencies:
   - docker_publish_staging
   tags:
@@ -280,9 +234,8 @@ deploy_staging:
 
 deploy_production:
   stage: deploy
-  image: dtzar/helm-kubectl:2.9.1
+  image: ubleipzig/deployer:1.0.0
   variables:
-    k8s_namespace: dacap_production
     url_schema: https://
     ingress_host: api.ub.uni-leipzig.de
     ingress_path: /dacap
@@ -291,41 +244,22 @@ deploy_production:
     url: https://api.ub.uni-leipzig.de/dacap/admin
   script: |
     version=`expr ${CI_COMMIT_TAG} ':' 'release/\(.\+\)'`
-    test "${KUBE_CONFIG}" == "" && echo "kubeconfig does not exists, aborting!" && false
-    mkdir ~/.kube && echo "${KUBE_CONFIG}" > ~/.kube/config
-
-    git clone https://git.sc.uni-leipzig.de/ubl/bdd_dev/webmasterei/helm-charts.git/
-    cd helm-charts
-
-    if [ "$(helm ls | grep production | grep DEPLOYED)" == "" ];then
-      echo "Release not installed. Installing..."
-      helm install -n production \
-        --namespace dacap-production \
-        --set environment.proxy_url=${url_schema}${ingress_host}${ingress_path}/ \
-        --set environment.http_proxy=http://proxy.uni-leipzig.de:3128 \
-        --set ingress.path=${ingress_path} \
-        --set ingress.hosts[0]=${ingress_host} \
-        --set image.tag=${version} \
-        --set pullPolicy=Always \
-        ./webmasterei/dacap/
-    else
-      echo "Release already installed. Upgrading..."
-      helm upgrade production \
-        --recreate-pods \
-        --reuse-values \
-        --set foo=bar \
-        ./webmasterei/dacap/
-    fi
-
-    echo "Waiting for successful deploy..."
-    counter=0
-    while [ "$(helm ls | grep production | awk -F"\t" '{ print $4; }')" != "DEPLOYED" ]; do
-      sleep 1
-      if [ $counter -eq 60 ];then break && false; fi
-      counter=$[$counter+1];
-    done
+    deployer deploy \
+      --cluster-url "${K8S_PRODUCTION_CLUSTER_URL}" \
+      --certificate-authority "${K8S_PRODUCTION_CLUSTER_CA}" \
+      --token "${K8S_PRODUCTION_DEPLOY_TOKEN}" \
+      --namespace "${K8S_PRODUCTION_CLUSTER_NAMESPACE}" \
+      --service-account "${K8S_PRODUCTION_DEPLOY_USER}" \
+      --name live \
+      --set-string environment.proxy_url=${url_schema}${ingress_host}${ingress_path}/ \
+      --set-string environment.http_proxy=http://proxy.uni-leipzig.de:3128 \
+      --set-string ingress.path=${ingress_path} \
+      --set-string ingress.hosts[0]=${ingress_host} \
+      --set-string image.tag=${version} \
+      --set-string pullPolicy=Always \
+      --charts ./helmcharts
   dependencies:
-  - docker_publish_staging
+  - docker_publish_production
   tags:
   - docker
   only:
@@ -362,3 +296,6 @@ github_mirror:
     git push --mirror github
   tags:
   - docker
+  only:
+  - master
+  - /^release\/.*/

.npmignore

@@ -18,4 +18,5 @@
 /Dockerfile
 /*.tgz
 /.gitlab-ci.yml
-/.npm
+/.npm
\ No newline at end of file
+/helmcharts
\ No newline at end of file

Changelog.md

 # Changelog
 
+## [1.1.0] - 2018-08-06
+### Changed
+* simplified gitlab-ci
+* auto-deploy to alpha, staging and production
+
+### Added
+* Helm charts
+
 ## [1.0.5] - 2018-06-11
 ### Fixed
 * upgraded dependencies to fix vulnerabilities

helmcharts/.helmignore

+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj

helmcharts/Chart.yaml

+apiVersion: v1
+appVersion: "1.0"
+description: A Helm chart for Kubernetes
+name: dacap
+version: 0.1.0

helmcharts/templates/NOTES.txt

+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ . }}{{ $.Values.ingress.path }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "dacap.fullname" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get svc -w {{ template "dacap.fullname" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "dacap.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+  echo http://$SERVICE_IP:{{ .Values.service.port }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "dacap.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl port-forward $POD_NAME 8080:80
+{{- end }}

helmcharts/templates/_helpers.tpl

+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "dacap.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "dacap.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "dacap.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}

helmcharts/templates/configmap.yaml

+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ .Release.Name }}-environment
+data:
+{{ toYaml .Values.environment | indent 2 }}
\ No newline at end of file

helmcharts/templates/deployment.yaml

+apiVersion: apps/v1beta2
+kind: Deployment
+metadata:
+  name: {{ template "dacap.fullname" . }}
+  labels:
+    app: {{ template "dacap.name" . }}
+    chart: {{ template "dacap.chart" . }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  selector:
+    matchLabels:
+      app: {{ template "dacap.name" . }}
+      release: {{ .Release.Name }}
+  template:
+    metadata:
+      labels:
+        app: {{ template "dacap.name" . }}
+        release: {{ .Release.Name }}
+    spec:
+      containers:
+        - name: {{ .Chart.Name }}
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+          imagePullPolicy: {{ .Values.image.pullPolicy }}
+          ports:
+            - name: http
+              containerPort: 3000
+              protocol: TCP
+          livenessProbe:
+            tcpSocket:
+              port: http
+          readinessProbe:
+            tcpSocket:
+              port: http
+          volumeMounts:
+          - mountPath: /data
+            name: data
+          envFrom:
+          - configMapRef:
+              name: {{ .Release.Name }}-environment
+              key: environment
+          resources:
+{{ toYaml .Values.resources | indent 12 }}
+
+      volumes:
+      - name: data
+        persistentVolumeClaim:
+          claimName: {{ .Release.Name }}-data
+{{- with .Values.nodeSelector }}
+      nodeSelector:
+{{ toYaml . | indent 8 }}
+    {{- end }}
+    {{- with .Values.affinity }}
+      affinity:
+{{ toYaml . | indent 8 }}
+    {{- end }}
+    {{- with .Values.tolerations }}
+      tolerations:
+{{ toYaml . | indent 8 }}
+    {{- end }}

helmcharts/templates/ingress.yaml

+{{- if .Values.ingress.enabled -}}
+{{- $fullName := include "dacap.fullname" . -}}
+{{- $ingressPath := .Values.ingress.path -}}
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+  name: {{ $fullName }}
+  labels:
+    app: {{ template "dacap.name" . }}
+    chart: {{ template "dacap.chart" . }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+{{- with .Values.ingress.annotations }}
+  annotations:
+{{ toYaml . | indent 4 }}
+{{- end }}
+spec:
+{{- if .Values.ingress.tls }}
+  tls:
+  {{- range .Values.ingress.tls }}
+    - hosts:
+      {{- range .hosts }}
+        - {{ . }}
+      {{- end }}
+      secretName: {{ .secretName }}
+  {{- end }}
+{{- end }}
+  rules:
+  {{- range .Values.ingress.hosts }}
+    - host: {{ . }}
+      http:
+        paths:
+          - path: {{ $ingressPath }}
+            backend:
+              serviceName: {{ $fullName }}
+              servicePort: http
+  {{- end }}
+{{- end }}

helmcharts/templates/pvc.yml

+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: {{ .Release.Name }}-data
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: {{ .Values.storage.size }}
\ No newline at end of file

helmcharts/templates/service.yaml

+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "dacap.fullname" . }}
+  labels:
+    app: {{ template "dacap.name" . }}
+    chart: {{ template "dacap.chart" . }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    - port: {{ .Values.service.port }}
+      targetPort: 3000
+      protocol: TCP
+      name: http
+  selector:
+    app: {{ template "dacap.name" . }}
+    release: {{ .Release.Name }}

helmcharts/values.yaml

+# Default values for dacap.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+  repository: ubleipzig/dacap
+  tag: 1.0.5
+  pullPolicy: IfNotPresent
+
+environment:
+  autosave_interval: "60"
+  cache_ttl: "600"
+  user: "admin"
+  password: "adminpw"
+  proxy_path: "ep/"
+  proxy_url: "http://dacap.example.com/"
+  strip_path: "false"
+
+service:
+  type: ClusterIP
+  port: 80
+
+ingress:
+  enabled: true
+  annotations: {}
+    # kubernetes.io/ingress.class: nginx
+    # kubernetes.io/tls-acme: "true"
+  path: /
+  hosts:
+    - dacap.example.com
+  tls: []
+  #  - secretName: chart-example-tls
+  #    hosts:
+  #      - chart-example.local
+
+storage:
+  size: 1Gi
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #  cpu: 100m
+  #  memory: 128Mi
+  # requests:
+  #  cpu: 100m
+  #  memory: 128Mi
+
+nodeSelector: {}
+
+tolerations: []
+
+affinity: {}