Conservancy/symposion_app
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Switch to building in the rego-dev namespace

Browse source
This commit is contained in:
James Polley 2018-06-17 01:19:52 +10:00 committed by James Polley
parent 304436881b
commit 65bed40faf
2 changed files with 148 additions and 208 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
.gitlab-ci.yml
View file

@ -44,10 +44,11 @@ build_review_deployment:
- docker:dind - docker:dind
stage: build stage: build
script: script:
- docker run -v "${PWD}"/k8s:/src sparkprime/jsonnet /src/deployment_template.jsonnet --tla-str slug="${CI_COMMIT_REF_SLUG}" > "${CI_COMMIT_REF_SLUG}".json - docker run -v "${PWD}"/k8s:/src sparkprime/jsonnet /src/deployment_template.jsonnet --tla-str slug="${CI_COMMIT_REF_SLUG}" -m /src
artifacts: artifacts:
paths: paths:
- "${CI_COMMIT_REF_SLUG}.json" - k8s/deployment.json
- k8s/ingress-patch.json
build_2019_dev_image: build_2019_dev_image:
image: docker:git image: docker:git
@ -91,7 +92,8 @@ k8s-2019_dev_review-deploy:
- kubectl config set-cluster cluster --server="${KUBE_SERVER}" --embed-certs=true --certificate-authority=cert.crt - kubectl config set-cluster cluster --server="${KUBE_SERVER}" --embed-certs=true --certificate-authority=cert.crt
- kubectl config set-context cluster --cluster=cluster --namespace=rego-dev --user=gitlab-sa - kubectl config set-context cluster --cluster=cluster --namespace=rego-dev --user=gitlab-sa
- kubectl config use-context cluster - kubectl config use-context cluster
- kubectl --token "${GL_KUBE_TOKEN}" apply -f ${CI_COMMIT_REF_SLUG}.json - kubectl --token "${GL_KUBE_TOKEN}" apply -f k8s/deployment.json
- kubectl --token "${GL_KUBE_TOKEN}" describe ingress | grep "${CI_COMMIT_REF_SLUG}" || kubectl --token "${GL_KUBE_TOKEN}" patch ingress symposion-app-ingress -p "$(cat k8s/ingress-patch.json)" --type json
only: only:
- /^dev\/.*$/ - /^dev\/.*$/
environment: environment:
@ -107,7 +109,7 @@ k8s-2019_dev_review-stop-deploy:
- kubectl config set-cluster cluster --server="${KUBE_SERVER}" --embed-certs=true --certificate-authority=cert.crt - kubectl config set-cluster cluster --server="${KUBE_SERVER}" --embed-certs=true --certificate-authority=cert.crt
- kubectl config set-context cluster --cluster=cluster --namespace=rego-dev --user=gitlab-sa - kubectl config set-context cluster --cluster=cluster --namespace=rego-dev --user=gitlab-sa
- kubectl config use-context cluster - kubectl config use-context cluster
- kubectl --token "${GL_KUBE_TOKEN}" delete -f ${CI_COMMIT_REF_SLUG}.json - kubectl --token "${GL_KUBE_TOKEN}" delete -f k8s/deployment.json
only: only:
- /^dev\/.*$/ - /^dev\/.*$/
when: manual when: manual

346
k8s/deployment_template.jsonnet
View file

@ -1,225 +1,163 @@
function (slug) { function (slug) {
local namespace = slug + "-rego-dev",
local domain = slug + ".dev.lca2019.org",
local tls_certname = slug + "-dev-lca2019-org",
local tls_secret = tls_certname + "-tls",
"apiVersion": "v1", local app = "symposion-app-" + slug,
"items": [ local namespace = "rego-dev",
local domain = slug + ".dev.lca2019.org",
"deployment.json":
{ {
"apiVersion": "v1", "apiVersion": "v1",
"kind": "Namespace", "items": [
"metadata": { {
"name": namespace, "apiVersion": "v1",
"namespace": "", "kind": "Service",
},
"spec": {
"finalizers": [
"kubernetes"
]
}
},
{
"apiVersion": "certmanager.k8s.io/v1alpha1",
"kind": "Certificate",
"metadata": {
"name": tls_certname,
"namespace": namespace
},
"spec": {
"acme": {
"config": [
{
"domains": [
domain
],
"http01": {
"ingress": "",
"ingressClass": "nginx"
}
}
]
},
"commonName": domain,
"issuerRef": {
"kind": "ClusterIssuer",
"name": "letsencrypt-prod"
},
"secretName": tls_secret
}
},
{
"apiVersion": "extensions/v1beta1",
"kind": "Ingress",
"metadata": {
"name": "symposion-app-ingress",
"namespace": namespace
},
"spec": {
"backend": {
"serviceName": "symposion-app",
"servicePort": 80
},
"rules": [
{
"host": domain,
"http": {
"paths": [
{
"backend": {
"serviceName": "symposion-app",
"servicePort": 8000
},
"path": "/"
}
]
}
}
],
"tls": [
{
"hosts": [
domain
],
"secretName": tls_secret
}
]
}
},
{
"apiVersion": "v1",
"kind": "Service",
"metadata": {
"labels": {
"app": "symposion-app"
},
"name": "symposion-app",
"namespace": namespace
},
"spec": {
"ports": [
{
"port": 8000,
"protocol": "TCP",
"targetPort": 8000
}
],
"selector": {
"app": "symposion-app"
},
"sessionAffinity": "None",
"type": "ClusterIP"
}
},
{
"apiVersion": "extensions/v1beta1",
"kind": "Deployment",
"metadata": {
"labels": {
"app": "symposion-app"
},
"name": "symposion-app",
"namespace": namespace
},
"spec": {
"replicas": 1,
"revisionHistoryLimit": 1,
"selector": {
"matchLabels": {
"app": "symposion-app"
}
},
"strategy": {
"rollingUpdate": {
"maxSurge": 1,
"maxUnavailable": 1
},
"type": "RollingUpdate"
},
"template": {
"metadata": { "metadata": {
"labels": { "labels": {
"app": "symposion-app" "app": "symposion-app"
} },
"name": app,
"namespace": namespace
}, },
"spec": { "spec": {
"containers": [ "ports": [
{ {
"env": [ "port": 8000,
{ "protocol": "TCP",
"name": "SYMPOSION_APP_DEBUG", "targetPort": 8000
"value": "1"
},
{
"name": "DJANGO_SECRET_KEY",
"value": "paGhahQuain5ohYoh0moorai"
},
{
"name": "DATABASE_URL",
"value": "sqlite:////tmp/symposion.sqlite"
},
{
"name": "GCS_BUCKET",
"value": "CEA51A5-A613-4AEF-A9FB-D0A57D77C13B"
},
{
"name": "GOOGLE_APPLICATION_CREDENTIALS",
"value": "/dev/null"
},
{
"name": "STRIPE_PUBLIC_KEY",
"value": "5CEA51A5-A613-4AEF-A9FB-D0A57D77C13B"
},
{
"name": "STRIPE_SECRET_KEY",
"value": "5CEA51A5-A613-4AEF-A9FB-D0A57D77C13B"
},
],
"image": "asia.gcr.io/linuxconfsydney/symposion_app_2019_dev:" + slug,
"imagePullPolicy": "Always",
"livenessProbe": {
"failureThreshold": 3,
"httpGet": {
"path": "/admin/login/",
"port": 8000,
"scheme": "HTTP"
},
"initialDelaySeconds": 120,
"periodSeconds": 10,
"successThreshold": 1,
"timeoutSeconds": 2
},
"name": "symposion-app",
"ports": [
{
"containerPort": 8000,
"protocol": "TCP"
}
],
"resources": {},
"terminationMessagePath": "/dev/termination-log",
"terminationMessagePolicy": "File"
} }
], ],
"dnsPolicy": "ClusterFirst", "selector": {
"restartPolicy": "Always", "app": "symposion-app"
"schedulerName": "default-scheduler", },
"securityContext": {}, "sessionAffinity": "None",
"terminationGracePeriodSeconds": 30, "type": "ClusterIP"
"volumes": [ }
},
{
"apiVersion": "extensions/v1beta1",
"kind": "Deployment",
"metadata": {
"labels": {
"app": "symposion-app"
},
"name": app,
"namespace": namespace
},
"spec": {
"replicas": 1,
"revisionHistoryLimit": 1,
"selector": {
"matchLabels": {
"app": "symposion-app"
}
},
"strategy": {
"rollingUpdate": {
"maxSurge": 1,
"maxUnavailable": 1
},
"type": "RollingUpdate"
},
"template": {
"metadata": {
"labels": {
"app": "symposion-app"
}
},
"spec": {
"containers": [
{
"env": [
{
"name": "SYMPOSION_APP_DEBUG",
"value": "1"
},
{
"name": "DJANGO_SECRET_KEY",
"value": "paGhahQuain5ohYoh0moorai"
},
{
"name": "DATABASE_URL",
"value": "sqlite:////tmp/symposion.sqlite"
},
{
"name": "GCS_BUCKET",
"value": "CEA51A5-A613-4AEF-A9FB-D0A57D77C13B"
},
{
"name": "GOOGLE_APPLICATION_CREDENTIALS",
"value": "/dev/null"
},
{
"name": "STRIPE_PUBLIC_KEY",
"value": "5CEA51A5-A613-4AEF-A9FB-D0A57D77C13B"
},
{
"name": "STRIPE_SECRET_KEY",
"value": "5CEA51A5-A613-4AEF-A9FB-D0A57D77C13B"
},
],
"image": "asia.gcr.io/linuxconfsydney/symposion_app_2019_dev:" + slug,
"imagePullPolicy": "Always",
"livenessProbe": {
"failureThreshold": 3,
"httpGet": {
"path": "/admin/login/",
"port": 8000,
"scheme": "HTTP"
},
"initialDelaySeconds": 120,
"periodSeconds": 10,
"successThreshold": 1,
"timeoutSeconds": 2
},
"name": "symposion-app",
"ports": [
{
"containerPort": 8000,
"protocol": "TCP"
}
],
"resources": {},
"terminationMessagePath": "/dev/termination-log",
"terminationMessagePolicy": "File"
}
],
"dnsPolicy": "ClusterFirst",
"restartPolicy": "Always",
"schedulerName": "default-scheduler",
"securityContext": {},
"terminationGracePeriodSeconds": 30
}
}
}
}
],
"kind": "List"
},
"ingress-patch.json": [
{
"op": "add",
"path": "/spec/rules/-",
"value": {
"host": domain,
"http": {
"paths": [
{ {
"hostPath": { "backend": {
"path": "/etc/ssl/certs", "serviceName": app,
"type": "" "servicePort": 8000
}, },
"name": "ssl-certs" "path": "/"
} }
] ]
} }
} }
},
{
"op": "add",
"path": "/spec/tls/0/hosts/-",
"value": domain
} }
}
], ],
"kind": "List"
} }