Merge pull request #16 from Mohmn/feat/DEVOOPS

feat: add deployment and ci cd files

.dockerignore

@@ -0,0 +1,5 @@
+node_modules
+dist
+.git
+.cache
+.env

.github/workflows/build-docker-img-and-release-dev-env.yml

@@ -0,0 +1,81 @@
+name: Service CI/CD Pipeline to Release and Deploy to Dev Env
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  release:
+    name: build docker image
+    runs-on: ubuntu-latest
+    if: |
+      !contains(github.event.head_commit.message, 'skip-ci')
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Use Node.js 20.x 
+        uses: actions/setup-node@v3
+        with:
+          node-version: '20.x'
+
+      - name: npm clean install
+        run: npm ci
+
+      - run: npm i -g semantic-release @semantic-release/{git,exec,changelog}
+
+      - run: semantic-release
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: make build
+        run: npx nx build like
+
+      - name: get-npm-version
+        id: package-version
+        uses: martinbeentjes/npm-get-version-action@master
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to DockerHub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Build snapshot and push on merge
+        id: docker_build_release
+        uses: docker/build-push-action@v5
+        with:
+          context: ./
+          file: ./Dockerfile
+          push: true
+          tags: greenstand/treetracker-like:${{ steps.package-version.outputs.current-version }}
+
+    outputs:
+      bumped_version: ${{ steps.package-version.outputs.current-version }}
+
+  deploy:
+    name: Deploy to dev env
+    runs-on: ubuntu-latest
+    needs: release
+    if: |
+      !contains(github.event.head_commit.message, 'skip-ci')
+    steps:
+      - uses: actions/checkout@v2
+      - name: Install kustomize
+        run: curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | bash
+      - name: Run kustomize
+        run: (cd deployment/base && ../../kustomize edit set image greenstand/treetracker-like:${{ needs.release.outputs.bumped_version }} )
+      - name: Install doctl for kubernetes
+        uses: digitalocean/action-doctl@v2
+        with:
+          token: ${{ secrets.DEV_DIGITALOCEAN_TOKEN }}
+      - name: Save DigitalOcean kubeconfig
+        run: doctl kubernetes cluster kubeconfig save ${{ secrets.DEV_CLUSTER_NAME }}
+      - name: Update kubernetes resources
+        run: kustomize build deployment/overlays/development | kubectl apply -n ${{ secrets.K8S_NAMESPACE }} --wait -f -

.github/workflows/deploy-dev.yml

@@ -0,0 +1,38 @@
+name: Deploy to dev Env
+
+on:
+  workflow_dispatch:
+    inputs:
+      git-tag:
+        description: "tag"
+        required: true
+
+jobs:
+  deploy:
+    name: Deploy treetracker-like to dev
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.inputs.git-tag }}
+
+      - name: get-npm-version
+        id: package-version
+        uses: martinbeentjes/npm-get-version-action@master
+
+      - name: Install kustomize
+        run: curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh"  | bash
+
+      - name: Run kustomize
+        run: (cd ./deployment/base && ../../kustomize edit set image greenstand/treetracker-like:${{ steps.package-version.outputs.current-version }} )
+
+      - name: Install doctl for kubernetes
+        uses: digitalocean/action-doctl@v2
+        with:
+          token: ${{ secrets.DEV_DIGITALOCEAN_TOKEN }}
+
+      - name: Save DigitalOcean kubeconfig
+        run: doctl kubernetes cluster kubeconfig save ${{ secrets.DEV_CLUSTER_NAME }}
+
+      - name: Update kubernetes resources
+        run: kustomize build deployment/overlays/development | kubectl apply -n webmap --wait -f -

.github/workflows/deploy-prod.yml

@@ -0,0 +1,38 @@
+name: Deploy to Prod Env
+
+on:
+  workflow_dispatch:
+    inputs:
+      git-tag:
+        description: "tag"
+        required: true
+
+jobs:
+  deploy:
+    name: Deploy treetracker-like to production
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.inputs.git-tag }}
+
+      - name: get-npm-version
+        id: package-version
+        uses: martinbeentjes/npm-get-version-action@master
+
+      - name: Install kustomize
+        run: curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh"  | bash
+
+      - name: Run kustomize
+        run: (cd ./deployment/base && ../../kustomize edit set image greenstand/treetracker-like:${{ steps.package-version.outputs.current-version }} )
+
+      - name: Install doctl for kubernetes
+        uses: digitalocean/action-doctl@v2
+        with:
+          token: ${{ secrets.DIGITALOCEAN_PRODUCTION_TOKEN }}
+
+      - name: Save DigitalOcean kubeconfig
+        run: doctl kubernetes cluster kubeconfig save ${{ secrets.PRODUCTION_CLUSTER_NAME }}
+
+      - name: Update kubernetes resources
+        run: kustomize build deployment/overlays/prodiction | kubectl apply -n webmap --wait -f -

.github/workflows/pull-request-ci.yml

@@ -0,0 +1,54 @@
+
+name: CI for New Pull Requests
+
+on:
+  push:
+    branches:
+      - '*'
+
+
+
+jobs:
+
+  test:
+    name: Run all tests
+    runs-on: ubuntu-latest
+
+    services:
+      postgres:
+        image: postgres:14
+        env:
+          POSTGRES_PASSWORD: postgres
+        ports:
+          - 5432:5432
+        # Set health checks to wait until postgres has started
+        options: >-
+          --health-cmd pg_isready
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+    steps:
+      - uses: actions/checkout@v4
+      - name: Use Node.js 18.x
+        uses: actions/setup-node@v3
+        with:
+          node-version: '18.x'
+
+      - name: npm clean install
+        run: npm ci
+
+      - name: Typescript compiles
+        run: npx nx build like
+
+      - name: Eslint
+        run: npx nx lint like
+        continue-on-error: true
+
+      - name: database migration
+        run: npm run migration
+        env:
+          DATABASE_URL: postgresql://postgres:postgres@localhost:5432/postgres
+
+      - name: run tests
+        run: npx nx test like
+

Dockerfile

@@ -0,0 +1,19 @@
+FROM node:18-alpine as builder
+WORKDIR /app
+ENV PATH /app/node_modules/.bin:$PATH
+COPY package.json ./
+COPY package-lock.json ./
+RUN npm ci --silent
+COPY . .
+RUN npx prisma generate --schema=apps/like/prisma/schema.prisma
+RUN npx nx build like --configuration=production
+RUN npm prune --production
+
+FROM node:18-alpine as prod
+WORKDIR /app
+COPY --from=builder app/dist/apps/like ./dist
+COPY --from=builder app/node_modules ./node_modules
+COPY --from=builder /app/node_modules/.prisma/  ./node_modules/.prisma/
+COPY --from=builder /app/apps/like/prisma/schema.prisma ./prisma/schema.prisma
+EXPOSE 3000
+CMD ["node", "dist/main.js"]

apps/like/prisma/schema.prisma

@@ -6,9 +6,9 @@ generator client {
 }
 
 datasource db {
-  provider = "sqlite"
-  url      = "file:../postDB"
-  // url      = env("DATABASE_URL")
+  provider = "postgresql"
+  url      = env("DATABASE_URL")
+  //url      = "file:../postDB"
 }
 
 model User {

apps/like/src/main.ts

@@ -4,7 +4,7 @@ import { AppModule } from './app.module';
 
 async function bootstrap() {
   const app = await NestFactory.create(AppModule);
-  const port = process.env.PORT || 3010;
+  const port = process.env.PORT || 3006;
   await app.listen(port);
   Logger.log(
     `🚀 Application is running on: http://localhost:${port}`

deployment/base/cluster-role-binding.yaml

@@ -0,0 +1,13 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: k8s-wait-for
+  # annotations:
+subjects:
+  - kind: ServiceAccount
+    name: default
+    namespace: treetracker-like-api
+roleRef:
+  kind: ClusterRole
+  name: k8s-wait-for
+  apiGroup: rbac.authorization.k8s.io

deployment/base/cluster-role.yaml

@@ -0,0 +1,12 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: k8s-wait-for
+  # annotations:
+rules:
+  - apiGroups: ['']
+    resources: ['services', 'pods', 'jobs']
+    verbs: ['get', 'watch', 'list']
+  - apiGroups: ['batch']
+    resources: ['services', 'pods', 'jobs']
+    verbs: ['get', 'watch', 'list']

deployment/base/database-migration-job.yaml

@@ -0,0 +1,40 @@
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: database-migration-job
+  namespace: treetracker-like-api
+spec:
+  backoffLimit: 1 # allow for one re-try of the migration
+  template:
+    spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+              - matchExpressions:
+                  - key: doks.digitalocean.com/node-pool
+                    operator: In
+                    values:
+                      - microservices-node-pool
+      containers:
+        - name: migration
+          image: greenstand/treetracker-like:TAG
+          env:
+            - name: DATABASE_URL
+              valueFrom:
+                secretKeyRef:
+                  name: database-connection
+                  key: db
+          command: ['node']
+          args:
+            [
+              'node_modules/prisma',
+              'migrate',
+              'deploy',
+              '--schema=./prisma/schema.prisma'
+            ]
+      restartPolicy: Never
+      # initContainers:
+      #   - name: wait-for-postgres
+      #     image: busybox
+      #     command: ['sh', '-c', 'until nslookup postgres-srv.treetracker-like-api.svc.cluster.local; do echo waiting for postgres; sleep 2; done']

deployment/base/db-connection-sealed-secret.yaml

@@ -0,0 +1,12 @@
+apiVersion: bitnami.com/v1alpha1
+kind: SealedSecret
+metadata:
+  name: database-connection
+  namespace: treetracker-like-api
+spec:
+  encryption:
+    db: PLACEHOLDER
+  template:
+    metadata:
+      name: database-connection
+      namespace: treetracker-like-api

deployment/base/deployment.yaml

@@ -0,0 +1,37 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: treetracker-like-api
+  labels:
+    app: treetracker-like-api
+  namespace: treetracker-like-api
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: treetracker-like-api
+  template:
+    metadata:
+      labels:
+        app: treetracker-like-api
+    spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+              - matchExpressions:
+                  - key: doks.digitalocean.com/node-pool
+                    operator: In
+                    values:
+                      - microservices-node-pool
+      containers:
+        - name: treetracker-like-api
+          image: greenstand/treetracker-like:TAG
+          ports:
+            - containerPort: 3006
+          env:
+            - name: DATABASE_URL
+              valueFrom:
+                secretKeyRef:
+                  name: database-connection
+                  key: db

deployment/base/kustomization.yaml

@@ -0,0 +1,9 @@
+resources:
+  - deployment.yaml
+  - mapping.yaml
+  - service.yaml
+  - db-connection-sealed-secret.yaml
+  - namespace.yaml
+  - cluster-role.yaml
+  - cluster-role-binding.yaml
+  - database-migration-job.yaml