Skip to content
Snippets Groups Projects
Commit dea6297b authored by Ulf Seltmann's avatar Ulf Seltmann
Browse files

Merge branch '4-provide-helm-chart' into 'master'

Resolve "provide helm-chart"

Closes #4

See merge request !5
parents c85b0bfd ae44c4df
1 merge request!5Resolve "provide helm-chart"
Pipeline #757 failed with stages
in 2 minutes and 38 seconds
...@@ -11,6 +11,7 @@ stages: ...@@ -11,6 +11,7 @@ stages:
variables: variables:
npm_config_cache: ${CI_PROJECT_DIR}/.npm npm_config_cache: ${CI_PROJECT_DIR}/.npm
image_name: ubleipzig/dacap
npm_install: npm_install:
stage: prepare stage: prepare
...@@ -66,20 +67,15 @@ npm_pack: ...@@ -66,20 +67,15 @@ npm_pack:
docker_build: docker_build:
stage: build_image stage: build_image
image: docker:latest image: ubleipzig/deployer:1.0.0
services: services:
- docker:dind - docker:dind
script: | script: |
docker build --pull \ deployer build \
--build-arg HTTP_PROXY=${HTTP_PROXY} \ --build-arg HTTP_PROXY="${HTTP_PROXY}" \
--build-arg HTTPS_PROXY=${HTTPS_PROXY} \ --build-arg HTTPS_PROXY=${HTTPS_PROXY}" \
--build-arg NO_PROXY=${NO_PROXY} \ --build-arg NO_PROXY=${NO_PROXY}" \
--build-arg http_proxy=${HTTP_PROXY} \ --output image.tar.gz
--build-arg https_proxy=${HTTPS_PROXY} \
--build-arg no_proxy=${NO_PROXY} \
-t image \
.
docker save --output=image.tar.gz image
dependencies: dependencies:
- npm_pack - npm_pack
artifacts: artifacts:
...@@ -106,73 +102,73 @@ npm_publish: ...@@ -106,73 +102,73 @@ npm_publish:
only: only:
- /^release\/.*/ - /^release\/.*/
docker_publish_production: docker_publish_alpha:
stage: publish stage: publish
image: docker:latest image: ubleipzig/deployer:1.0.0
services: services:
- docker:dind - docker:dind
script: | script: |
mkdir -p ~/.docker && echo "$DOCKER_AUTH_CONFIG" >~/.docker/config.json deployer publish \
version=`expr ${CI_COMMIT_TAG} ':' 'release/\(.\+\)'` --input image.tar.gz \
major_version=`expr ${version} ':' '\([^.]\+\)'` --docker-config "${DOCKER_AUTH_CONFIG}" \
minor_version=`expr ${version} ':' '[^.]\+\.\([^.]\+\)'` --name ${image_name} \
patch_version=`expr ${version} ':' '[^.]\+\.[^.]\+\.\(.\+\)'` --tag ${CI_COMMIT_REF_NAME}
docker load --input=image.tar.gz
docker tag image ubleipzig/dacap:${version}
docker push ubleipzig/dacap:${version}
for tag in "latest" "${major_version}" "${major_version}.${minor_version}"; do
docker tag ubleipzig/dacap:${version} ubleipzig/dacap:${tag}
docker push ubleipzig/dacap:${tag}
done
dependencies: dependencies:
- docker_build - docker_build
tags: tags:
- docker - docker
except:
- branches
only: only:
- /^release\/.*/ - branches
except:
- master
docker_publish_alpha: docker_publish_staging:
stage: publish stage: publish
image: docker:latest image: ubleipzig/deployer:1.0.0
services: services:
- docker:dind - docker:dind
script: | script: |
test "${DOCKER_AUTH_CONFIG}" == "" && echo "docker-config does not exists, aborting!" && false deployer publish \
mkdir -p ~/.docker && echo "$DOCKER_AUTH_CONFIG" >~/.docker/config.json --input image.tar.gz \
docker load --input=image.tar.gz --docker-config "$DOCKER_AUTH_CONFIG" \
docker tag image ubleipzig/dacap:alpha-${CI_COMMIT_REF_NAME} --name ${image_name} \
docker push ubleipzig/dacap:alpha-${CI_COMMIT_REF_NAME} --tag staging
dependencies: dependencies:
- docker_build - docker_build
tags: tags:
- docker - docker
only: only:
- /^[0-9]+-/ - master
docker_publish_staging: docker_publish_production:
stage: publish stage: publish
image: docker:latest image: ubleipzig/deployer:1.0.0
services: services:
- docker:dind - docker:dind
script: | script: |
mkdir -p ~/.docker && echo "$DOCKER_AUTH_CONFIG" >~/.docker/config.json version=`expr ${CI_COMMIT_TAG} ':' 'release/\(.\+\)'`
docker load --input=image.tar.gz deployer publish \
docker tag image ubleipzig/dacap:staging --input image.tar.gz
docker push ubleipzig/dacap:staging --docker-config "$DOCKER_AUTH_CONFIG" \
--name ${image_name} \
--tag latest \
--tag ${version} \
--tag $(expr ${version} ':' '\([^.]\+\)') \
--tag $(expr ${version} ':' '[^.]\+\.\([^.]\+\)') \
--tag $(expr ${version} ':' '[^.]\+\.[^.]\+\.\(.\+\))`
dependencies: dependencies:
- docker_build - docker_build
tags: tags:
- docker - docker
except:
- branches
only: only:
- master - /^release\/.*/
deploy_alpha: deploy_alpha:
stage: deploy stage: deploy
image: dtzar/helm-kubectl:2.9.1 image: ubleipzig/deployer:1.0.0
variables: variables:
k8s_namespace: dacap_alpha
url_schema: https:// url_schema: https://
ingress_host: alpha.ub.uni-leipzig.de ingress_host: alpha.ub.uni-leipzig.de
ingress_path: /dacap ingress_path: /dacap
...@@ -180,97 +176,55 @@ deploy_alpha: ...@@ -180,97 +176,55 @@ deploy_alpha:
name: alpha/${CI_COMMIT_REF_NAME} name: alpha/${CI_COMMIT_REF_NAME}
url: https://alpha.ub.uni-leipzig.de/dacap/${CI_COMMIT_REF_NAME}/admin url: https://alpha.ub.uni-leipzig.de/dacap/${CI_COMMIT_REF_NAME}/admin
script: | script: |
test "${KUBE_CONFIG}" == "" && echo "kubeconfig does not exists, aborting!" && false deployer deploy \
mkdir ~/.kube && echo "${KUBE_CONFIG}" > ~/.kube/config --cluster-url "${K8S_ALPHA_CLUSTER_URL}" \
--certificate-authority "${K8S_ALPHA_CLUSTER_CA}" \
test "$(helm ls --deleted --failed --short | grep issue-${CI_COMMIT_REF_NAME})" != "" && helm delete --purge issue-${CI_COMMIT_REF_NAME} --token "${K8S_ALPHA_DEPLOY_TOKEN}" \
--namespace "${K8S_ALPHA_CLUSTER_NAMESPACE}" \
git clone https://git.sc.uni-leipzig.de/ubl/bdd_dev/webmasterei/helm-charts.git/ --service-account "${K8S_ALPHA_DEPLOY_USER}" \
cd helm-charts --name issue-${CI_COMMIT_REF_NAME} \
--set-string environment.proxy_url=${url_schema}${ingress_host}${ingress_path}/${CI_COMMIT_REF_NAME}/ \
if [ "$(helm ls | grep issue-${CI_COMMIT_REF_NAME} | grep DEPLOYED)" == "" ];then --set-string environment.http_proxy=http://proxy.uni-leipzig.de:3128 \
echo "Release not installed. Installing..." --set-string ingress.path=${ingress_path}/${CI_COMMIT_REF_NAME} \
helm install -n issue-${CI_COMMIT_REF_NAME} \ --set-string ingress.hosts[0]=${ingress_host} \
--namespace dacap-alpha \ --set-string image.tag=alpha-${CI_COMMIT_REF_NAME} \
--set environment.proxy_url=${url_schema}${ingress_host}${ingress_path}/${CI_COMMIT_REF_NAME}/ \ --set-string pullPolicy=Always \
--set environment.http_proxy=http://proxy.uni-leipzig.de:3128 \ --charts ./helmcharts
--set ingress.path=${ingress_path}/${CI_COMMIT_REF_NAME} \
--set ingress.hosts[0]=${ingress_host} \
--set image.tag=alpha-${CI_COMMIT_REF_NAME} \
--set pullPolicy=Always \
./webmasterei/dacap/
else
echo "Release already installed. Upgrading..."
helm upgrade issue-${CI_COMMIT_REF_NAME} \
--recreate-pods \
--reuse-values \
--set foo=bar \
./webmasterei/dacap/
fi
echo "Waiting for successful deploy..."
counter=0
while [ "$(helm ls | grep issue-${CI_COMMIT_REF_NAME} | awk -F"\t" '{ print $4; }')" != "DEPLOYED" ]; do
sleep 1
if [ $counter -eq 60 ];then break && false; fi
counter=$[$counter+1];
done
dependencies: dependencies:
- docker_publish_alpha - docker_publish_alpha
tags: tags:
- docker - docker
only: only:
- /^[0-9]+-/ - branches
except: except:
- tags - master
deploy_staging: deploy_staging:
stage: deploy stage: deploy
image: dtzar/helm-kubectl:2.9.1 image: ubleipzig/deployer:1.0.0
variables: variables:
k8s_namespace: dacap_staging
url_schema: https:// url_schema: https://
ingress_host: staging.ub.uni-leipzig.de ingress_host: staging.ub.uni-leipzig.de
ingress_path: /dacap ingress_path: /dacap
environment: environment:
name: staging name: staging
url: https://alpha.ub.uni-leipzig.de/dacap/admin url: https://staging.ub.uni-leipzig.de/dacap/admin
script: | script: |
test "${KUBE_CONFIG}" == "" && echo "kubeconfig does not exists, aborting!" && false deployer deploy \
mkdir ~/.kube && echo "${KUBE_CONFIG}" > ~/.kube/config --cluster-url "${K8S_STAGING_CLUSTER_URL}" \
--certificate-authority "${K8S_STAGING_CLUSTER_CA}" \
test "$(helm ls --deleted --failed --short | grep staging)" != "" && helm delete --purge staging --token "${K8S_STAGING_DEPLOY_TOKEN}" \
--namespace "${K8S_STAGING_CLUSTER_NAMESPACE}" \
--service-account "${K8S_STAGING_DEPLOY_USER}" \
--name staging \
--set-string environment.proxy_url=${url_schema}${ingress_host}${ingress_path}/ \
--set-string environment.http_proxy=http://proxy.uni-leipzig.de:3128 \
--set-string ingress.path=${ingress_path} \
--set-string ingress.hosts[0]=${ingress_host} \
--set-string image.tag=staging \
--set-string pullPolicy=Always \
--charts ./helmcharts
git clone https://git.sc.uni-leipzig.de/ubl/bdd_dev/webmasterei/helm-charts.git/
cd helm-charts
if [ "$(helm ls | grep staging | grep DEPLOYED)" == "" ];then
echo "Release not installed. Installing..."
helm install -n staging \
--namespace dacap-staging \
--set environment.proxy_url=${url_schema}${ingress_host}${ingress_path} \
--set environment.http_proxy=http://proxy.uni-leipzig.de:3128 \
--set ingress.path=${ingress_path} \
--set ingress.hosts[0]=${ingress_host} \
--set image.tag=staging \
--set pullPolicy=Always \
./webmasterei/dacap/
else
echo "Release already installed. Upgrading..."
helm upgrade staging \
--recreate-pods \
--reuse-values \
--set foo=bar \
./webmasterei/dacap/
fi
echo "Waiting for successful deploy..."
counter=0
while [ "$(helm ls | grep staging | awk -F"\t" '{ print $4; }')" != "DEPLOYED" ]; do
sleep 1
if [ $counter -eq 60 ];then break && false; fi
counter=$[$counter+1];
done
dependencies: dependencies:
- docker_publish_staging - docker_publish_staging
tags: tags:
...@@ -280,9 +234,8 @@ deploy_staging: ...@@ -280,9 +234,8 @@ deploy_staging:
deploy_production: deploy_production:
stage: deploy stage: deploy
image: dtzar/helm-kubectl:2.9.1 image: ubleipzig/deployer:1.0.0
variables: variables:
k8s_namespace: dacap_production
url_schema: https:// url_schema: https://
ingress_host: api.ub.uni-leipzig.de ingress_host: api.ub.uni-leipzig.de
ingress_path: /dacap ingress_path: /dacap
...@@ -291,41 +244,22 @@ deploy_production: ...@@ -291,41 +244,22 @@ deploy_production:
url: https://api.ub.uni-leipzig.de/dacap/admin url: https://api.ub.uni-leipzig.de/dacap/admin
script: | script: |
version=`expr ${CI_COMMIT_TAG} ':' 'release/\(.\+\)'` version=`expr ${CI_COMMIT_TAG} ':' 'release/\(.\+\)'`
test "${KUBE_CONFIG}" == "" && echo "kubeconfig does not exists, aborting!" && false deployer deploy \
mkdir ~/.kube && echo "${KUBE_CONFIG}" > ~/.kube/config --cluster-url "${K8S_PRODUCTION_CLUSTER_URL}" \
--certificate-authority "${K8S_PRODUCTION_CLUSTER_CA}" \
git clone https://git.sc.uni-leipzig.de/ubl/bdd_dev/webmasterei/helm-charts.git/ --token "${K8S_PRODUCTION_DEPLOY_TOKEN}" \
cd helm-charts --namespace "${K8S_PRODUCTION_CLUSTER_NAMESPACE}" \
--service-account "${K8S_PRODUCTION_DEPLOY_USER}" \
if [ "$(helm ls | grep production | grep DEPLOYED)" == "" ];then --name live \
echo "Release not installed. Installing..." --set-string environment.proxy_url=${url_schema}${ingress_host}${ingress_path}/ \
helm install -n production \ --set-string environment.http_proxy=http://proxy.uni-leipzig.de:3128 \
--namespace dacap-production \ --set-string ingress.path=${ingress_path} \
--set environment.proxy_url=${url_schema}${ingress_host}${ingress_path}/ \ --set-string ingress.hosts[0]=${ingress_host} \
--set environment.http_proxy=http://proxy.uni-leipzig.de:3128 \ --set-string image.tag=${version} \
--set ingress.path=${ingress_path} \ --set-string pullPolicy=Always \
--set ingress.hosts[0]=${ingress_host} \ --charts ./helmcharts
--set image.tag=${version} \
--set pullPolicy=Always \
./webmasterei/dacap/
else
echo "Release already installed. Upgrading..."
helm upgrade production \
--recreate-pods \
--reuse-values \
--set foo=bar \
./webmasterei/dacap/
fi
echo "Waiting for successful deploy..."
counter=0
while [ "$(helm ls | grep production | awk -F"\t" '{ print $4; }')" != "DEPLOYED" ]; do
sleep 1
if [ $counter -eq 60 ];then break && false; fi
counter=$[$counter+1];
done
dependencies: dependencies:
- docker_publish_staging - docker_publish_production
tags: tags:
- docker - docker
only: only:
...@@ -362,3 +296,6 @@ github_mirror: ...@@ -362,3 +296,6 @@ github_mirror:
git push --mirror github git push --mirror github
tags: tags:
- docker - docker
only:
- master
- /^release\/.*/
...@@ -18,4 +18,5 @@ ...@@ -18,4 +18,5 @@
/Dockerfile /Dockerfile
/*.tgz /*.tgz
/.gitlab-ci.yml /.gitlab-ci.yml
/.npm /.npm
\ No newline at end of file /helmcharts
\ No newline at end of file
# Changelog # Changelog
## [1.1.0] - 2018-08-06
### Changed
* simplified gitlab-ci
* auto-deploy to alpha, staging and production
### Added
* Helm charts
## [1.0.5] - 2018-06-11 ## [1.0.5] - 2018-06-11
### Fixed ### Fixed
* upgraded dependencies to fix vulnerabilities * upgraded dependencies to fix vulnerabilities
......
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj
apiVersion: v1
appVersion: "1.0"
description: A Helm chart for Kubernetes
name: dacap
version: 0.1.0
1. Get the application URL by running these commands:
{{- if .Values.ingress.enabled }}
{{- range .Values.ingress.hosts }}
http{{ if $.Values.ingress.tls }}s{{ end }}://{{ . }}{{ $.Values.ingress.path }}
{{- end }}
{{- else if contains "NodePort" .Values.service.type }}
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "dacap.fullname" . }})
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
{{- else if contains "LoadBalancer" .Values.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status of by running 'kubectl get svc -w {{ template "dacap.fullname" . }}'
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "dacap.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
echo http://$SERVICE_IP:{{ .Values.service.port }}
{{- else if contains "ClusterIP" .Values.service.type }}
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "dacap.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
echo "Visit http://127.0.0.1:8080 to use your application"
kubectl port-forward $POD_NAME 8080:80
{{- end }}
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "dacap.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "dacap.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "dacap.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Release.Name }}-environment
data:
{{ toYaml .Values.environment | indent 2 }}
\ No newline at end of file
apiVersion: apps/v1beta2
kind: Deployment
metadata:
name: {{ template "dacap.fullname" . }}
labels:
app: {{ template "dacap.name" . }}
chart: {{ template "dacap.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
app: {{ template "dacap.name" . }}
release: {{ .Release.Name }}
template:
metadata:
labels:
app: {{ template "dacap.name" . }}
release: {{ .Release.Name }}
spec:
containers:
- name: {{ .Chart.Name }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
ports:
- name: http
containerPort: 3000
protocol: TCP
livenessProbe:
tcpSocket:
port: http
readinessProbe:
tcpSocket:
port: http
volumeMounts:
- mountPath: /data
name: data
envFrom:
- configMapRef:
name: {{ .Release.Name }}-environment
key: environment
resources:
{{ toYaml .Values.resources | indent 12 }}
volumes:
- name: data
persistentVolumeClaim:
claimName: {{ .Release.Name }}-data
{{- with .Values.nodeSelector }}
nodeSelector:
{{ toYaml . | indent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
{{- if .Values.ingress.enabled -}}
{{- $fullName := include "dacap.fullname" . -}}
{{- $ingressPath := .Values.ingress.path -}}
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: {{ $fullName }}
labels:
app: {{ template "dacap.name" . }}
chart: {{ template "dacap.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
{{- with .Values.ingress.annotations }}
annotations:
{{ toYaml . | indent 4 }}
{{- end }}
spec:
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.ingress.hosts }}
- host: {{ . }}
http:
paths:
- path: {{ $ingressPath }}
backend:
serviceName: {{ $fullName }}
servicePort: http
{{- end }}
{{- end }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ .Release.Name }}-data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: {{ .Values.storage.size }}
\ No newline at end of file
apiVersion: v1
kind: Service
metadata:
name: {{ template "dacap.fullname" . }}
labels:
app: {{ template "dacap.name" . }}
chart: {{ template "dacap.chart" . }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
type: {{ .Values.service.type }}
ports:
- port: {{ .Values.service.port }}
targetPort: 3000
protocol: TCP
name: http
selector:
app: {{ template "dacap.name" . }}
release: {{ .Release.Name }}
# Default values for dacap.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
replicaCount: 1
image:
repository: ubleipzig/dacap
tag: 1.0.5
pullPolicy: IfNotPresent
environment:
autosave_interval: "60"
cache_ttl: "600"
user: "admin"
password: "adminpw"
proxy_path: "ep/"
proxy_url: "http://dacap.example.com/"
strip_path: "false"
service:
type: ClusterIP
port: 80
ingress:
enabled: true
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
path: /
hosts:
- dacap.example.com
tls: []
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
storage:
size: 1Gi
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
nodeSelector: {}
tolerations: []
affinity: {}
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment