Conservancy/symposion_app
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Switch to building in the rego-dev namespace

Browse source
This commit is contained in:
James Polley 2018-06-17 01:19:52 +10:00 committed by James Polley
parent 304436881b
commit 65bed40faf
2 changed files with 148 additions and 208 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
.gitlab-ci.yml
View file

@ -44,10 +44,11 @@ build_review_deployment:
- docker:dind - docker:dind
stage: build stage: build
script: script:
- docker run -v "${PWD}"/k8s:/src sparkprime/jsonnet /src/deployment_template.jsonnet --tla-str slug="${CI_COMMIT_REF_SLUG}" > "${CI_COMMIT_REF_SLUG}".json - docker run -v "${PWD}"/k8s:/src sparkprime/jsonnet /src/deployment_template.jsonnet --tla-str slug="${CI_COMMIT_REF_SLUG}" -m /src
artifacts: artifacts:
paths: paths:
- "${CI_COMMIT_REF_SLUG}.json" - k8s/deployment.json
- k8s/ingress-patch.json
build_2019_dev_image: build_2019_dev_image:
image: docker:git image: docker:git
@ -91,7 +92,8 @@ k8s-2019_dev_review-deploy:
- kubectl config set-cluster cluster --server="${KUBE_SERVER}" --embed-certs=true --certificate-authority=cert.crt - kubectl config set-cluster cluster --server="${KUBE_SERVER}" --embed-certs=true --certificate-authority=cert.crt
- kubectl config set-context cluster --cluster=cluster --namespace=rego-dev --user=gitlab-sa - kubectl config set-context cluster --cluster=cluster --namespace=rego-dev --user=gitlab-sa
- kubectl config use-context cluster - kubectl config use-context cluster
- kubectl --token "${GL_KUBE_TOKEN}" apply -f ${CI_COMMIT_REF_SLUG}.json - kubectl --token "${GL_KUBE_TOKEN}" apply -f k8s/deployment.json
- kubectl --token "${GL_KUBE_TOKEN}" describe ingress | grep "${CI_COMMIT_REF_SLUG}" || kubectl --token "${GL_KUBE_TOKEN}" patch ingress symposion-app-ingress -p "$(cat k8s/ingress-patch.json)" --type json
only: only:
- /^dev\/.*$/ - /^dev\/.*$/
environment: environment:
@ -107,7 +109,7 @@ k8s-2019_dev_review-stop-deploy:
- kubectl config set-cluster cluster --server="${KUBE_SERVER}" --embed-certs=true --certificate-authority=cert.crt - kubectl config set-cluster cluster --server="${KUBE_SERVER}" --embed-certs=true --certificate-authority=cert.crt
- kubectl config set-context cluster --cluster=cluster --namespace=rego-dev --user=gitlab-sa - kubectl config set-context cluster --cluster=cluster --namespace=rego-dev --user=gitlab-sa
- kubectl config use-context cluster - kubectl config use-context cluster
- kubectl --token "${GL_KUBE_TOKEN}" delete -f ${CI_COMMIT_REF_SLUG}.json - kubectl --token "${GL_KUBE_TOKEN}" delete -f k8s/deployment.json
only: only:
- /^dev\/.*$/ - /^dev\/.*$/
when: manual when: manual

128
k8s/deployment_template.jsonnet
View file

@ -1,92 +1,13 @@
function (slug) { function (slug) {
local namespace = slug + "-rego-dev", local app = "symposion-app-" + slug,
local namespace = "rego-dev",
local domain = slug + ".dev.lca2019.org", local domain = slug + ".dev.lca2019.org",
local tls_certname = slug + "-dev-lca2019-org",
local tls_secret = tls_certname + "-tls",
"deployment.json":
{
"apiVersion": "v1", "apiVersion": "v1",
"items": [ "items": [
{
"apiVersion": "v1",
"kind": "Namespace",
"metadata": {
"name": namespace,
"namespace": "",
},
"spec": {
"finalizers": [
"kubernetes"
]
}
},
{
"apiVersion": "certmanager.k8s.io/v1alpha1",
"kind": "Certificate",
"metadata": {
"name": tls_certname,
"namespace": namespace
},
"spec": {
"acme": {
"config": [
{
"domains": [
domain
],
"http01": {
"ingress": "",
"ingressClass": "nginx"
}
}
]
},
"commonName": domain,
"issuerRef": {
"kind": "ClusterIssuer",
"name": "letsencrypt-prod"
},
"secretName": tls_secret
}
},
{
"apiVersion": "extensions/v1beta1",
"kind": "Ingress",
"metadata": {
"name": "symposion-app-ingress",
"namespace": namespace
},
"spec": {
"backend": {
"serviceName": "symposion-app",
"servicePort": 80
},
"rules": [
{
"host": domain,
"http": {
"paths": [
{
"backend": {
"serviceName": "symposion-app",
"servicePort": 8000
},
"path": "/"
}
]
}
}
],
"tls": [
{
"hosts": [
domain
],
"secretName": tls_secret
}
]
}
},
{ {
"apiVersion": "v1", "apiVersion": "v1",
"kind": "Service", "kind": "Service",
@ -94,7 +15,7 @@ function (slug) {
"labels": { "labels": {
"app": "symposion-app" "app": "symposion-app"
}, },
"name": "symposion-app", "name": app,
"namespace": namespace "namespace": namespace
}, },
"spec": { "spec": {
@ -119,7 +40,7 @@ function (slug) {
"labels": { "labels": {
"app": "symposion-app" "app": "symposion-app"
}, },
"name": "symposion-app", "name": app,
"namespace": namespace "namespace": namespace
}, },
"spec": { "spec": {
@ -206,20 +127,37 @@ function (slug) {
"restartPolicy": "Always", "restartPolicy": "Always",
"schedulerName": "default-scheduler", "schedulerName": "default-scheduler",
"securityContext": {}, "securityContext": {},
"terminationGracePeriodSeconds": 30, "terminationGracePeriodSeconds": 30
"volumes": [
{
"hostPath": {
"path": "/etc/ssl/certs",
"type": ""
},
"name": "ssl-certs"
}
]
} }
} }
} }
} }
], ],
"kind": "List" "kind": "List"
},
"ingress-patch.json": [
{
"op": "add",
"path": "/spec/rules/-",
"value": {
"host": domain,
"http": {
"paths": [
{
"backend": {
"serviceName": app,
"servicePort": 8000
},
"path": "/"
}
]
}
}
},
{
"op": "add",
"path": "/spec/tls/0/hosts/-",
"value": domain
}
],
} }