Conservancy/symposion_app
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Rework review app deployment to use ingress per deployment

Browse source
This commit is contained in:
James Polley 2018-07-28 09:49:30 +10:00
parent 84b8a99a7f
commit f0d14754a7
2 changed files with 54 additions and 52 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
.gitlab-ci.yml
View file

@ -50,8 +50,7 @@ build_review_deployment:
artifacts: artifacts:
paths: paths:
- k8s/deployment.json - k8s/deployment.json
- k8s/ingress-patch.json - k8s/ingress.json
- k8s/certificate-patch.json
build_2019_image: build_2019_image:
image: docker:git image: docker:git
@ -112,8 +111,8 @@ build_2019_image:
- kubectl config set-context cluster --cluster=cluster --namespace=rego-review --user=rego-dev/gitlab-sa - kubectl config set-context cluster --cluster=cluster --namespace=rego-review --user=rego-dev/gitlab-sa
- kubectl config use-context cluster - kubectl config use-context cluster
- kubectl --token "${GL_KUBE_TOKEN}" apply -f k8s/deployment.json - kubectl --token "${GL_KUBE_TOKEN}" apply -f k8s/deployment.json
- kubectl --token "${GL_KUBE_TOKEN}" describe ingress | grep "${CI_COMMIT_REF_SLUG}" || kubectl --token "${GL_KUBE_TOKEN}" patch ingress symposion-app-ingress -p "$(cat k8s/ingress-patch.json)" --type json - kubectl --token "${GL_KUBE_TOKEN}" apply -f k8s/ingress.json
- kubectl --token "${GL_KUBE_TOKEN}" describe certificate | grep "${CI_COMMIT_REF_SLUG}" || kubectl --token "${GL_KUBE_TOKEN}" patch certificate dev-lca2019-org -p "$(cat k8s/certificate-patch.json)" --type json
only: only:
- /^dev\/.*$/ - /^dev\/.*$/
environment: environment:
@ -130,6 +129,7 @@ build_2019_image:
- kubectl config set-context cluster --cluster=cluster --namespace=rego-review --user=rego-dev/gitlab-sa - kubectl config set-context cluster --cluster=cluster --namespace=rego-review --user=rego-dev/gitlab-sa
- kubectl config use-context cluster - kubectl config use-context cluster
- kubectl --token "${GL_KUBE_TOKEN}" delete -f k8s/deployment.json - kubectl --token "${GL_KUBE_TOKEN}" delete -f k8s/deployment.json
- kubectl --token "${GL_KUBE_TOKEN}" delete -f k8s/ingress.json
only: only:
- /^dev\/.*$/ - /^dev\/.*$/
when: manual when: manual

98
k8s/deployment_template.jsonnet
View file

@ -1,9 +1,10 @@
function (slug, sha) { function (slug, sha) {
local app = "symposion-app-" + slug, local app = "symposion-app-" + slug,
local namespace = "rego-review", local namespace = "rego-review",
local domain = slug + ".dev.lca2019.org", local domain = slug + ".dev.lca2019.org",
local tls_secret = domain + "-tls",
"deployment.json": "deployment.json":
{ {
"apiVersion": "v1", "apiVersion": "v1",
@ -13,7 +14,7 @@ function (slug, sha) {
"kind": "Service", "kind": "Service",
"metadata": { "metadata": {
"labels": { "labels": {
"app": "symposion-app", "app": app,
"slug": slug "slug": slug
}, },
"name": app, "name": app,
@ -28,7 +29,7 @@ function (slug, sha) {
} }
], ],
"selector": { "selector": {
"app": "symposion-app", "app": app,
"slug": slug "slug": slug
}, },
"sessionAffinity": "None", "sessionAffinity": "None",
@ -40,7 +41,7 @@ function (slug, sha) {
"kind": "Deployment", "kind": "Deployment",
"metadata": { "metadata": {
"labels": { "labels": {
"app": "symposion-app", "app": app,
"slug": slug, "slug": slug,
}, },
"name": app, "name": app,
@ -51,7 +52,7 @@ function (slug, sha) {
"revisionHistoryLimit": 1, "revisionHistoryLimit": 1,
"selector": { "selector": {
"matchLabels": { "matchLabels": {
"app": "symposion-app", "app": app,
"slug": slug "slug": slug
} }
}, },
@ -65,7 +66,7 @@ function (slug, sha) {
"template": { "template": {
"metadata": { "metadata": {
"labels": { "labels": {
"app": "symposion-app", "app": app,
"slug": slug "slug": slug
} }
}, },
@ -148,47 +149,48 @@ function (slug, sha) {
], ],
"kind": "List" "kind": "List"
}, },
"ingress-patch.json": [ "ingress.json":
{ {
"op": "add", "kind": "Ingress",
"path": "/spec/rules/-", "apiVersion": "extensions/v1beta1",
"value": { "metadata": {
"host": domain, "name": app,
"http": { "namespace": namespace,
"paths": [ "annotations": {
{ "certmanager.k8s.io/acme-http01-edit-in-place": "true",
"backend": { "kubernetes.io/ingress.class": "nginx-review",
"serviceName": app, "kubernetes.io/tls-acme": "true"
"servicePort": 8000 }
}, },
"path": "/" "spec": {
} "backend": {
"serviceName": app,
"servicePort": 80
},
"tls": [
{
"hosts": [
domain
],
"secretName": tls_secret,
}
],
"rules": [
{
"host": domain,
"http": {
"paths": [
{
"path": "/",
"backend": {
"serviceName": app,
"servicePort": 8000
}
}
]
}
}
] ]
}
} }
}, }
{
"op": "add",
"path": "/spec/tls/0/hosts/-",
"value": domain
}
],
"certificate-patch.json": [
{
"op": "add",
"path": "/spec/acme/config/-",
"value": {
"domains": [ domain ],
"http01": {
"ingress": "",
"ingressClass": "nginx-review"
}
}
},
{
"op": "add",
"path": "/spec/dnsNames/-",
"value": domain
}
]
} }