CD: deploy to kubernetes (#79)

* Adds kubernetes manfiests, and deploy push

* Add production overlay

* Add a volume for crates.io-index
This commit is contained in:
Arnaud Rebts 2020-11-15 16:36:21 +01:00 committed by GitHub
parent 84a7d5154b
commit fc89990771
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
9 changed files with 159 additions and 0 deletions

View file

@ -21,6 +21,7 @@ jobs:
username: ${{ github.repository_owner }} username: ${{ github.repository_owner }}
password: ${{ secrets.CR_PAT }} password: ${{ secrets.CR_PAT }}
- name: Build and push - name: Build and push
id: docker_push
uses: docker/build-push-action@v2 uses: docker/build-push-action@v2
with: with:
context: . context: .
@ -28,3 +29,21 @@ jobs:
push: true push: true
tags: | tags: |
ghcr.io/${{ github.repository }}:latest ghcr.io/${{ github.repository }}:latest
outputs:
digest: ${{ steps.docker_push.outputs.digest }}
deploy:
needs: build-docker-image
runs-on: ubuntu-latest
steps:
- name: Patch and Sync
env:
DIGEST: ${{ needs.build-docker-image.outputs.digest }}
ARGOCD_SERVER: ${{ secrets.ARGOCD_SERVER }}
ARGOCD_AUTH_TOKEN: ${{ secrets.ARGOCD_AUTH_TOKEN }}
run: |
curl -sSL -o argocd https://${ARGOCD_SERVER}/download/argocd-linux-amd64
chmod +x argocd
./argocd app patch deps-rs-staging --patch "{ \"spec\": { \"source\": { \"kustomize\": { \"images\": [\"ghcr.io/deps-rs/deps.rs@${DIGEST}\"] } } } }" --type merge --grpc-web
./argocd app sync deps-rs-staging --grpc-web
./argocd app wait deps-rs-staging --grpc-web

View file

@ -0,0 +1,32 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: deps-rs
spec:
selector:
matchLabels:
app: deps-rs
template:
metadata:
labels:
app: deps-rs
spec:
volumes:
- name: cargo
emptyDir: {}
containers:
- name: deps-rs
image: ghcr.io/deps-rs/deps.rs:latest
imagePullPolicy: Always
ports:
- containerPort: 8080
env:
- name: BASE_URL
value: https://$(DOMAIN)
volumeMounts:
- mountPath: /home/deps/.cargo
name: cargo
readinessProbe:
httpGet:
path: /
port: 8080

20
deploy/base/ingress.yaml Normal file
View file

@ -0,0 +1,20 @@
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: deps-rs
annotations:
cert-manager.io/cluster-issuer: letsencrypt
spec:
rules:
- host: staging.deps.rs
http:
paths:
- backend:
serviceName: deps-rs
servicePort: http
path: /
tls:
- secretName: deps-rs-tls
hosts:
- $(DOMAIN)

View file

@ -0,0 +1,16 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- deployment.yaml
- service.yaml
- ingress.yaml
vars:
- name: DOMAIN
objref:
apiVersion: extensions/v1beta1
kind: Ingress
name: deps-rs
fieldref:
fieldpath: spec.rules[0].host

12
deploy/base/service.yaml Normal file
View file

@ -0,0 +1,12 @@
apiVersion: v1
kind: Service
metadata:
name: deps-rs
spec:
ports:
- port: 80
targetPort: 8080
protocol: TCP
name: http
selector:
app: deps-rs

View file

@ -0,0 +1,18 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
nameSuffix: -prd
commonLabels:
env: prd
resources:
- ../../base
patches:
- path: patch-ingress.json
target:
group: extensions
version: v1beta1
kind: Ingress
name: deps-rs

View file

@ -0,0 +1,12 @@
[
{
"op": "replace",
"path": "/spec/rules/0/host",
"value": "deps.rs"
},
{
"op": "replace",
"path": "/spec/tls/0/secretName",
"value": "deps-rs-tls"
}
]

View file

@ -0,0 +1,18 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
nameSuffix: -stg
commonLabels:
env: stg
resources:
- ../../base
patches:
- path: patch-ingress.json
target:
group: extensions
version: v1beta1
kind: Ingress
name: deps-rs

View file

@ -0,0 +1,12 @@
[
{
"op": "replace",
"path": "/spec/rules/0/host",
"value": "staging.deps.rs"
},
{
"op": "replace",
"path": "/spec/tls/0/secretName",
"value": "staging-deps-rs-tls"
}
]