From a2c0462f316823e7587c882c14a5a16fbd04b6ef Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment?= Date: Fri, 5 Jan 2024 12:04:25 +0100 Subject: [PATCH 01/15] feat: add .github & .kontinuous folders --- .github/CODEOWNERS | 5 +++ .github/workflows/deactivate.yaml | 23 ++++++++++ .github/workflows/preproduction.yaml | 17 ++++++++ .github/workflows/production.yaml | 16 +++++++ .github/workflows/release.yaml | 15 +++++++ .github/workflows/review-auto.yaml | 16 +++++++ .github/workflows/review.yaml | 19 ++++++++ .kontinuous/config.yaml | 20 +++++++++ .../env/dev/templates/cja-app.configmap.yaml | 7 +++ .../dev/templates/cja-app.sealed-secret.yaml | 15 +++++++ .kontinuous/env/dev/values.yaml | 14 ++++++ .../templates/azure-volume.sealed-secret.yaml | 18 ++++++++ .../preprod/templates/cje-app.configmap.yaml | 7 +++ .../templates/cje-app.sealed-secret.yaml | 15 +++++++ .../env/preprod/templates/uploads.pvc.yaml | 11 +++++ .kontinuous/env/preprod/values.yaml | 2 + .../templates/azure-volume.sealed-secret.yaml | 16 +++++++ .../env/prod/templates/cje-app.configmap.yaml | 6 +++ .../prod/templates/cje-app.sealed-secret.yaml | 16 +++++++ .kontinuous/env/prod/values.yaml | 19 ++++++++ .kontinuous/values.yaml | 43 +++++++++++++++++++ 21 files changed, 320 insertions(+) create mode 100644 .github/CODEOWNERS create mode 100644 .github/workflows/deactivate.yaml create mode 100644 .github/workflows/preproduction.yaml create mode 100644 .github/workflows/production.yaml create mode 100644 .github/workflows/release.yaml create mode 100644 .github/workflows/review-auto.yaml create mode 100644 .github/workflows/review.yaml create mode 100644 .kontinuous/config.yaml create mode 100644 .kontinuous/env/dev/templates/cja-app.configmap.yaml create mode 100644 .kontinuous/env/dev/templates/cja-app.sealed-secret.yaml create mode 100644 .kontinuous/env/dev/values.yaml create mode 100644 .kontinuous/env/preprod/templates/azure-volume.sealed-secret.yaml create mode 100644 .kontinuous/env/preprod/templates/cje-app.configmap.yaml create mode 100644 .kontinuous/env/preprod/templates/cje-app.sealed-secret.yaml create mode 100644 .kontinuous/env/preprod/templates/uploads.pvc.yaml create mode 100644 .kontinuous/env/preprod/values.yaml create mode 100644 .kontinuous/env/prod/templates/azure-volume.sealed-secret.yaml create mode 100644 .kontinuous/env/prod/templates/cje-app.configmap.yaml create mode 100644 .kontinuous/env/prod/templates/cje-app.sealed-secret.yaml create mode 100644 .kontinuous/env/prod/values.yaml create mode 100644 .kontinuous/values.yaml diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 00000000..d3949959 --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1,5 @@ +# Protect workflow files +.github/workflows/*.yml @socialgouv/sre +.github/CODEOWNERS @socialgouv/sre +.k8s/ @socialgouv/sre +.socialgouv/ @socialgouv/sre diff --git a/.github/workflows/deactivate.yaml b/.github/workflows/deactivate.yaml new file mode 100644 index 00000000..9f6e3e23 --- /dev/null +++ b/.github/workflows/deactivate.yaml @@ -0,0 +1,23 @@ +name: ♻️ Deactivate +on: + pull_request: + types: [closed] + delete: + branches: + - "**" + - "!v*" + - "!master" + - "!main" + - "!dev" + - "!develop" + - "!**/persist" + - "!persist/**" + - "!**/persist/**" + - "!persist-**" + - "!**-persist" + - "!**-persist-**" + +jobs: + socialgouv: + uses: socialgouv/workflows/.github/workflows/use-ks-gh-deactivate.yaml@v1 + secrets: inherit diff --git a/.github/workflows/preproduction.yaml b/.github/workflows/preproduction.yaml new file mode 100644 index 00000000..66234814 --- /dev/null +++ b/.github/workflows/preproduction.yaml @@ -0,0 +1,17 @@ +name: 😎 PreProd +on: + workflow_dispatch: + push: + branches: + - "master" + - "main" + +concurrency: + cancel-in-progress: true + group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.event.ref }} + +jobs: + socialgouv: + name: "🇫🇷 SocialGouv" + uses: socialgouv/workflows/.github/workflows/use-ks-gh-preproduction.yaml@v1 + secrets: inherit diff --git a/.github/workflows/production.yaml b/.github/workflows/production.yaml new file mode 100644 index 00000000..3cae2d52 --- /dev/null +++ b/.github/workflows/production.yaml @@ -0,0 +1,16 @@ +name: 🚀 Production +on: + workflow_dispatch: + push: + tags: + - v* + +concurrency: + cancel-in-progress: true + group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.event.ref }} + +jobs: + socialgouv: + name: "🇫🇷 SocialGouv" + uses: socialgouv/workflows/.github/workflows/use-ks-gh-production.yaml@v1 + secrets: inherit diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml new file mode 100644 index 00000000..f36cb0a0 --- /dev/null +++ b/.github/workflows/release.yaml @@ -0,0 +1,15 @@ +name: Release +on: + workflow_dispatch: + push: + branches: [master, main, alpha, beta, next] +jobs: + release: + name: Release + runs-on: ubuntu-latest + steps: + - uses: socialgouv/workflows/actions/semantic-release@v1 + with: + github-token: ${{ secrets.SOCIALGROOVYBOT_BOTO_PAT }} + author-name: ${{ secrets.SOCIALGROOVYBOT_NAME }} + author-email: ${{ secrets.SOCIALGROOVYBOT_EMAIL }} diff --git a/.github/workflows/review-auto.yaml b/.github/workflows/review-auto.yaml new file mode 100644 index 00000000..548cf4e0 --- /dev/null +++ b/.github/workflows/review-auto.yaml @@ -0,0 +1,16 @@ +name: 👓 Review Auto +on: + push: + branches: + - "feat/**" + - "fix/**" + +concurrency: + cancel-in-progress: true + group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.event.ref }} + +jobs: + socialgouv: + name: "🇫🇷 SocialGouv" + uses: socialgouv/workflows/.github/workflows/use-ks-gh-review-auto.yaml@v1 + secrets: inherit diff --git a/.github/workflows/review.yaml b/.github/workflows/review.yaml new file mode 100644 index 00000000..258abaf3 --- /dev/null +++ b/.github/workflows/review.yaml @@ -0,0 +1,19 @@ +name: 👀 Review +on: + push: + branches: + - "**" + - "!master" + - "!main" + - "!feat/**" + - "!fix/**" + +concurrency: + cancel-in-progress: true + group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.event.ref }} + +jobs: + socialgouv: + name: "🇫🇷 SocialGouv" + uses: socialgouv/workflows/.github/workflows/use-ks-gh-review.yaml@v1 + secrets: inherit diff --git a/.kontinuous/config.yaml b/.kontinuous/config.yaml new file mode 100644 index 00000000..9e203fde --- /dev/null +++ b/.kontinuous/config.yaml @@ -0,0 +1,20 @@ +projectName: cje +ciNamespace: ci-cje + +dependencies: + fabrique: + extends: + - name: ovh + ifEnv: [dev, preprod] + - name: buildkit-service + dependencies: + contrib: + preDeploy: + importSecrets: + options: + secrets: + kubeconfig: + harbor: + buildkit-client-certs: + cje-dev-backups-access-key: + cje-prod-backups-access-key: diff --git a/.kontinuous/env/dev/templates/cja-app.configmap.yaml b/.kontinuous/env/dev/templates/cja-app.configmap.yaml new file mode 100644 index 00000000..bc0796f4 --- /dev/null +++ b/.kontinuous/env/dev/templates/cja-app.configmap.yaml @@ -0,0 +1,7 @@ +kind: ConfigMap +apiVersion: v1 +metadata: + name: backend-configmap +data: + RANCHER_PROJECT_ID: xxxx + PAYLOAD_CONFIG_PATH: payload/payload.config.ts diff --git a/.kontinuous/env/dev/templates/cja-app.sealed-secret.yaml b/.kontinuous/env/dev/templates/cja-app.sealed-secret.yaml new file mode 100644 index 00000000..4c4af324 --- /dev/null +++ b/.kontinuous/env/dev/templates/cja-app.sealed-secret.yaml @@ -0,0 +1,15 @@ +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + annotations: + sealedsecrets.bitnami.com/cluster-wide: 'true' + name: cje +spec: + encryptedData: + PAYLOAD_SECRET: AgAZhxFoakTd9mFDN/HrK2nWDqcGgFb21KtdB8wfjKjDLNlK+VwnjCbHbmVxVp6Y62dvHaPE1YwyRVpBNqGUE3g9mxqAg7br4uXEKmXnfOp4e0MfYs+ei79ZTeugFR5OQL82rlkUbqzH9UtllaTB3UhVycSudl8xn9sxBc4sJk3rdZBmdx/PYOnADfYYH0gQUay23X0vU2crDFFIt8JOkri0LTYuy54IqF2MnlFUOWTdLESY7DhHHvO/w9SVGIxxMCJNHXh83OJGgikvrp9J8d9JL5wCR9vJ+Pd2yY8ABZxPFnYFQgadylYF5Y0wbgTXizYthmH1wCjDXnl0EHrpmLvRP8yOmmrT2+lP4OW4kFfYapjlIWEav1AoSRofVlpoMqxRtKmjpVA6WOuJguSE1Q2cBUIEgOr66cmMoYZXI2RXZlYwTOBQHaGeZNz1bjPpLj78W8QwkWNg+pi5gKv7fBqC1t1Xbw9vYUF0CGt/xMWIFVTdREy5QAWf9iGf/mJMsNNqumBijscL1oDGve+xChNLyPAKX+sgUi93jBkCF1hg7DG0Rf5GJ421eVYREVVXl5/tAKKFiqCMWsCmqUVi7o3sgWRJ7fJPuc7exsWC7UOwzRAzZ3bzQMfozCpMQe8GdG31BjlIw4zYQ4+ddlWHl4/2zg2p9enz/CQsF/ozISc/pH5BH8qSV8TmYKXcdla2a9zuhhv/BdYYUkuFRCh96x+u + template: + metadata: + annotations: + sealedsecrets.bitnami.com/cluster-wide: 'true' + name: cje + type: Opaque \ No newline at end of file diff --git a/.kontinuous/env/dev/values.yaml b/.kontinuous/env/dev/values.yaml new file mode 100644 index 00000000..cfbfaaeb --- /dev/null +++ b/.kontinuous/env/dev/values.yaml @@ -0,0 +1,14 @@ +cje-app: + volumes: + - name: uploads + emptyDir: {} + volumeMounts: + - mountPath: /app/public/uploads + name: uploads + envFrom: + - secretRef: + name: pg-app + - secretRef: + name: cje-app-sealed-secret + - configMapRef: + name: cje-app-configmap \ No newline at end of file diff --git a/.kontinuous/env/preprod/templates/azure-volume.sealed-secret.yaml b/.kontinuous/env/preprod/templates/azure-volume.sealed-secret.yaml new file mode 100644 index 00000000..6201dc13 --- /dev/null +++ b/.kontinuous/env/preprod/templates/azure-volume.sealed-secret.yaml @@ -0,0 +1,18 @@ +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + name: azure-tumeplay-volume + namespace: tumeplay-preprod + annotations: + sealedsecrets.bitnami.com/cluster-wide: "true" +spec: + encryptedData: + azurestorageaccountkey: AgBYqr7RQT4skI889tjK4pDC88Fg+kmWM3h7Ixdkp/h4Rv2V5AiUu1QR/heh9pQwgxej3sqN5KdPfQoaB5fBOPmTXwqWstWPEFtrJgZ5T972mFoRvhlUF38HixCZDAYRKCeOE6R+rfdSPymrubNorEPvn960iFluyLfGrayIMQpgIEYWbnv52NFNevMo8+txnjvYh6uEvV/7tXi4/ii8KFTgP87qSW2fIrm7G25zldfBZPhZvuhWiC8zgX+ZJYv96Ww2FGj2kpLOCgO/vwExMzrq8gTkj6alh2nk/nyqGtoSumJydwNXffTnJjV3+BxaLlVKJTxY9pJwxJKwOeGfQkw0jVp1J96KUh4xLLTkrU3cCQAkhEnEb5zsz9bAkqFdahDIby+3A2u//XmzZTufeATWrKDXAAdoKmPUpIogw6llSyE4+7VzCWkr2RaTAcX4Uz4MfyAslM6UaiboVO9zECAiEuxLMYQlr2q1cVdH9hcVfhX9ls+B9wAEOSCOqSJ9O3GIGBRUjxphJKYqR3xbvujapMpiEsjqgvMtN2rEQjPbRG7BmcuNXt43L0MSeG73o2BtjxczOKCR9ouB5RXvYeKmWmtcU6ifB8BGQ84bnhA+jJrMAfrpK82TMNIgiIiQ1Djon8FczRV32kXTIGtAiCgJ+CPikqggIw2S6SodGYeD7CAUaV8dgFHKcTVF8SsiSUPEubVImoxcJLYKFj8lNY2+Ipyo+ar/51dnNLDC1e8yduZOktRqcqMsD22UhSXD7xmPbqK/AAO/4kdsEVUyTTXnxsQh4aScw/C1lP0rNUCfbsizHhavfnOR + azurestorageaccountname: AgCo0eST34J1wpgOsWQfCL9LoWAsQxScI3A38zfj/FxVIAIkXz8Ldm+TiU4Q9T2QbPjma8hruyCVBgksz88G6+OPdFFDFiNmeURblxq2VdG1JRWo7Q90jl5hKMVel+cMw1pm6sKfYtU2kD12ZWZd/fghDQDF4kAa9RhgBSWckwBQS0g0bvoRnzWBFQuM3NBRI3bGngQJyEMYc1ZD9cL9CPvh6MerHzsw7C0j9TD5qVh4RCOZ54uGrtyJzTnikaCCDJuP7VfUZcEhCin5wMK0uk1PtWQxHBzyiS2uBGCoI4iiumEj7z8EeZz7R5G8F2/Z0Fa3CYYZoHAX6x/eme6mFPN3hOnLVpWf6KzM8TSJLCFuBe6bPZsy2FSwVpuaHZgPHy/HKioQOmUUC/7ySn6Buecy1OSXwxlslRmhyfmEOAbNJ6jhGO31akX7HbBJ6p5y1CLwKFYMLLywDZDYIxxMpEEYru3ljeo4/NfA0J9NLQ9knrmabBJDVIX3mlkPfG5mPMiTj/DPhPymChTFWTJyzzh06CE6PiCuj0/VaN/GlDmU4vPy9YO0CZDXU1neOZ/9Cus+oznIKxOf2xsSilaHtHiqR5jYHyizoACiwpdIfNjdxG78CH0xrc0NoelUp0VEFkvV8GLh0jvvoD7h2J1ROHsNf5eFPqYhpIBBe2uVskGzDIrUaGU2tYm9lcfSNAihjva3LE+sEyEGbx6xdg== + template: + metadata: + annotations: + sealedsecrets.bitnami.com/cluster-wide: "true" + name: azure-tumeplay-volume + namespace: tumeplay-preprod + type: Opaque diff --git a/.kontinuous/env/preprod/templates/cje-app.configmap.yaml b/.kontinuous/env/preprod/templates/cje-app.configmap.yaml new file mode 100644 index 00000000..bc0796f4 --- /dev/null +++ b/.kontinuous/env/preprod/templates/cje-app.configmap.yaml @@ -0,0 +1,7 @@ +kind: ConfigMap +apiVersion: v1 +metadata: + name: backend-configmap +data: + RANCHER_PROJECT_ID: xxxx + PAYLOAD_CONFIG_PATH: payload/payload.config.ts diff --git a/.kontinuous/env/preprod/templates/cje-app.sealed-secret.yaml b/.kontinuous/env/preprod/templates/cje-app.sealed-secret.yaml new file mode 100644 index 00000000..4e0a5cd3 --- /dev/null +++ b/.kontinuous/env/preprod/templates/cje-app.sealed-secret.yaml @@ -0,0 +1,15 @@ +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + annotations: + sealedsecrets.bitnami.com/cluster-wide: 'true' + name: cje-app-sealed-secret +spec: + encryptedData: + PAYLOAD_SECRET: AgCQia35m739XEnXdFJ0/nqUxp81To0Ad5CWsRPQ3endkD+hJYK+Q7NR+B6JgyoHIoG9OGWeFmM06MOJTLh6lbLz2GiZKUThU9MGi9WNzlTYxGjDTwHf14exRCGlLR+cNUgBChiTaQgwcXOJd8c606gmQhvZ20y7ph2+tGWjhcFfPsmclZIzT5VkFylG0BLoBAFjeWIqvxKPxn+75SOkhzzZ5xfueHWINPk7el4u74ymKs+gNnnKOoa4Qx8zG96FgMBMWUYzAvB10FNtVpt9OWNVWfGp53P3eCUhqO++fEz9RPlofYL0gcYYAezQFyna3O+I03oJWN6mdZcmzom9stbRG6+xN8JVR2r0X5S86cSlSfFlrFwlsuhef4XD7Dk4yi9Ur0Dew+5MCdsUjy/r9rP20zUHhOt628XONLKkzUNN5/QtCSOVlwR9/X+4D26u8cR1O2ZzrmKmbMU44KMz+AynR4jSawGF3+flpc971yP69r3QR2plHaPLGqvPjIWipp5D7wueqzlZ0UC4GXSwhHhdDAnlWPhmt6CyLFHPinG5LS1NoTNALUkZTEtG16ZJ1POyhXkh0MIkoJ6tHoj4QcLjrZTKrRn+LxigXahU+HR065MmJbhuBZcmLTlN/BDLRnaJMy5Q+aUySye59JTqYpnUK+d9MW4adurJNEU4CrbNK0GvH5NcfjJLpARzFRL9x6FBW+FVENntO8YGs3oW0rdk + template: + metadata: + annotations: + sealedsecrets.bitnami.com/cluster-wide: 'true' + name: cje-app-sealed-secret + type: Opaque \ No newline at end of file diff --git a/.kontinuous/env/preprod/templates/uploads.pvc.yaml b/.kontinuous/env/preprod/templates/uploads.pvc.yaml new file mode 100644 index 00000000..b6ab6ef8 --- /dev/null +++ b/.kontinuous/env/preprod/templates/uploads.pvc.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: uploads +spec: + accessModes: + - ReadWriteMany + resources: + requests: + storage: 10Gi + storageClassName: "" diff --git a/.kontinuous/env/preprod/values.yaml b/.kontinuous/env/preprod/values.yaml new file mode 100644 index 00000000..de759a53 --- /dev/null +++ b/.kontinuous/env/preprod/values.yaml @@ -0,0 +1,2 @@ +cje-app: + host: "cje-preprod.ovh.fabrique.social.gouv.fr" \ No newline at end of file diff --git a/.kontinuous/env/prod/templates/azure-volume.sealed-secret.yaml b/.kontinuous/env/prod/templates/azure-volume.sealed-secret.yaml new file mode 100644 index 00000000..2ec294d7 --- /dev/null +++ b/.kontinuous/env/prod/templates/azure-volume.sealed-secret.yaml @@ -0,0 +1,16 @@ +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + annotations: &a1 {} + name: azure-cje-volume + namespace: cje +spec: + encryptedData: + azurestorageaccountkey: AgBCZ94S0NBkf4kpOzdv/okfFIislG2ZWF9L00kRySBfk8x69PkfIBSvfmVjQlCNCVdQTkd457GBIBONkT58vXPL/QHqhwF+lQJZiu0K9i4KCciVasiWg/WHAa98kZmAU3HXVaN0Lasat2Po+WYvh0IXBWMzEcBOWAZ//HgFPNmqtelfHH0WK8pliypT6BDbewmmP+9+5ZINO1i21H0MBd0tFPc/gJJ3QlbjcWcQOvmhnwgjA44huJnJhXXrphEDf5Qt9Vf0ZuqtpsFZy2AwSJiFAt/49BBHgXymdeWpOKF14lBAWsemIVFm+OEJhk3hR1r+fV/u+KHTD5E7bzXQyKYBWv4LGYkghvXYQsvfszBLCr+fzln8dci5PorymPOPY20mttia72rpTdPLpAlRaybIGExuJ5fIRuEqUjC5qEkmsuMjaH6NRxaG2zxVxrVjn1o1E18k6KCqVdlR8qSvzwwcgeLX1IDDKAjGxhALQY+G/9X5kdurVV7cgq5gk6yZOf/fKohBBFJEWzqEtEQhr5XvueQVN+8dRZgJVWSkny6V1d6Q1Yn7N+zOg1eRfsQFaWEzJj2WDd9iciOTfqtDLMwBM0PV3OzUcbmYQdJ24sr5lHsJivNc7ASL/3rSMNySUrh3RERsE6/BZG//XEYt6HD4AIH5XJjqL2fo5/XdcYXFjBBz21JnGMJDYNsy/OEArqoaJowPPuZgJpQisBR2xvcGOhY04wQJS7XBLOZr97PjygTHAtv8ZCQVZap/tOeFFVQ56tBu2utpS8aiipiyzlpdCZ3SMRsAwqJ+19/MdtItfeVMs7Jz0dg2 + azurestorageaccountname: AgBFQmJrPMSqXhokDwG7DUYxCAwxSQqdDkpJUBqoHynE4Bm7J22lmFjPLG5dnenavw/GUwhobCU2Gi6bjfohRDJZzLC4Gmhv5qWCVEfm1evUHm36Li47vbAFYmsua6v/50eqbuzzquowiyLCsh84XtUQHRu5LsYkFvRZb28XTACU/oRgelIatrmh3DwqWXV+LPbakQRPAoBEKU2uUbenyjiSTivokF5sBrHpNPgW12y2pgKfhp+gwpL/pI4YTt4ql0VK9OiLo16IhV04/pAjovNLAWoQeLOa4TM1rTa7SYlKkBNgtn1szoQJNu8hoeXqLmpoEeOyFzWhKjAm/e6ZNW9z0dD2j0oZb9k6QtVMStcLBDmPEbG66GghLlaaLWInk80onvJzmPYS0tqkmu2M/j/8XXSDGu5wFr+EjoWqoQZ34EwSytmWvk8UbebJYYaW1jJ3ASOj2lXur9tLk39f8kvoDjQa6rGsPfMZLS9u2EHWPx65D8p/vUPHwCrgrtyOFm99R7GnhHQNm/9nkodJEKVoc+0g0W/86/RpNFH+h31/Va0XASAz0USBXCO7njhLfngdxWRP7ag3voNNdQ/gvy2Ij+zvn8MkZPb0XT1XTKiJSZGb0gGWUrz8MQE3KWl4ow4E2mJRyWefGevMrEQjo1sCdBJzn3uEn8G5bBxIn18HWhit7PEAYptNqYu64S6YOUwu5T9N9iMtuuRE5cQ= + template: + metadata: + annotations: *a1 + name: azure-cje-volume + namespace: cje + type: Opaque diff --git a/.kontinuous/env/prod/templates/cje-app.configmap.yaml b/.kontinuous/env/prod/templates/cje-app.configmap.yaml new file mode 100644 index 00000000..8eb4aa0f --- /dev/null +++ b/.kontinuous/env/prod/templates/cje-app.configmap.yaml @@ -0,0 +1,6 @@ +kind: ConfigMap +apiVersion: v1 +metadata: + name: backend-configmap +data: + PAYLOAD_CONFIG_PATH: payload/payload.config.ts diff --git a/.kontinuous/env/prod/templates/cje-app.sealed-secret.yaml b/.kontinuous/env/prod/templates/cje-app.sealed-secret.yaml new file mode 100644 index 00000000..56391932 --- /dev/null +++ b/.kontinuous/env/prod/templates/cje-app.sealed-secret.yaml @@ -0,0 +1,16 @@ +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + annotations: + sealedsecrets.bitnami.com/namespace-wide: 'true' + name: cje-app-sealed-secret + namespace: cje +spec: + encryptedData: + PAYLOAD_SECRET: AgCHMXWR5pWe2vE+vU9DCLhcwCck8vQ7T1Mr4KIhY8ucafM8TBc1YQQ8v4/RLZgTxJ+h54BIO2oUjMI850tzurHps8y5cBuyLGBc1ovK0bTH/TtOMnFpHe08h4I6RRKQ8+NeHMzuLvKfNGlApRWiYE2EItgJqZo75ETbU/fnD4tiuzJEX77cby6lLkx92a2NnVza5/uXhr1kIvTeuB2jf7yUqav4/AtIz9pnNlPUuR7fnZjA1ehoc0kEbN+5CtJYtpmhtSz4LKclXHuGGu6DipzngzgHoOeA+vlQCb83oTTDC3W8x1aTeZ5J9HRTqbFJMJ0dbjm4fxYe8VnSu+/FDdZYVhfSxg5yDAjNfaWOHnrVpwVzfJD3t0V3la3mbe7W5malK0zMxMnx1htg3H+6XjKW7tEv52c0WLDojKYbzf2Og5ACEEGCIuLk7Gp1FsQBpFPE2x/LPFsUSVD0qB0ccBPkauxLNBLo/YxTWYBgXVjzbsm3hM7y1KEvOZ9ftlLx26+a6G1Ibf3j3gW7AYPkGQJEOY5h0g2R562oXTWpQLafQK80H9y5vEW8hG1lko0XnOGZDIlldzuXwsuOKZS64KpBdZkwiMR0lXFcCOwwCp8T6mw3tK7vTYccdyp/bc47g4TfFX5DqcNQ3QWqTXlR3xWlBZmSFEK0pgfQE1iHXHVl+LPYo5szs7r3vlzdvlkZSXlJXiq0IMV/yXSjwM5YVrQ7 + template: + metadata: + annotations: + sealedsecrets.bitnami.com/namespace-wide: 'true' + name: cje-app-sealed-secret + type: Opaque \ No newline at end of file diff --git a/.kontinuous/env/prod/values.yaml b/.kontinuous/env/prod/values.yaml new file mode 100644 index 00000000..3322c205 --- /dev/null +++ b/.kontinuous/env/prod/values.yaml @@ -0,0 +1,19 @@ +cje-app: + host: cje.fabrique.social.gouv.fr + envFrom: + - secretRef: + name: pg-app + - secretRef: + name: cje-app-sealed-secret + - configMapRef: + name: cje-app-configmap + - secretRef: + name: azure-tumeplay-volume + +pg: + cnpg-cluster: + resources: + requests: + memory: 128Mi + limits: + memory: 1Gi diff --git a/.kontinuous/values.yaml b/.kontinuous/values.yaml new file mode 100644 index 00000000..0086f819 --- /dev/null +++ b/.kontinuous/values.yaml @@ -0,0 +1,43 @@ +cje-app: + ~chart: cje-app + ~needs: [build-cje-app, pg] + host: "cje-app-{{ $.Values.global.host }}" + imagePackage: cje-app + containerPort: 8080 + probesPath: /_health + resources: + requests: + cpu: 0.3 + memory: 256Mi + limits: + cpu: 1 + memory: 1Gi + env: + - name: DATABASE_URL + value: "$(DATABASE_URL)" + envFrom: + - secretRef: + name: pg-app + - secretRef: + name: cje-app-sealed-secret + - secretRef: + name: azure-cje-volume + - configMapRef: + name: cje-app-configmap + volumeMounts: + - name: uploads + mountPath: /app/public/uploads + volumes: + - name: uploads + persistentVolumeClaim: + claimName: uploads + +pg: + ~chart: pg + +jobs: + runs: + build-cje-app: + use: build + with: + imagePackage: cje-app From 3f18224a41021039a4cd25d8ecebacd4cf72013e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment?= Date: Fri, 5 Jan 2024 12:10:09 +0100 Subject: [PATCH 02/15] fix: tumeplay keyword to cje --- .../env/preprod/templates/azure-volume.sealed-secret.yaml | 8 ++++---- .kontinuous/env/prod/values.yaml | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.kontinuous/env/preprod/templates/azure-volume.sealed-secret.yaml b/.kontinuous/env/preprod/templates/azure-volume.sealed-secret.yaml index 6201dc13..8b21894a 100644 --- a/.kontinuous/env/preprod/templates/azure-volume.sealed-secret.yaml +++ b/.kontinuous/env/preprod/templates/azure-volume.sealed-secret.yaml @@ -1,8 +1,8 @@ apiVersion: bitnami.com/v1alpha1 kind: SealedSecret metadata: - name: azure-tumeplay-volume - namespace: tumeplay-preprod + name: azure-cje-volume + namespace: cje-preprod annotations: sealedsecrets.bitnami.com/cluster-wide: "true" spec: @@ -13,6 +13,6 @@ spec: metadata: annotations: sealedsecrets.bitnami.com/cluster-wide: "true" - name: azure-tumeplay-volume - namespace: tumeplay-preprod + name: azure-cje-volume + namespace: cje-preprod type: Opaque diff --git a/.kontinuous/env/prod/values.yaml b/.kontinuous/env/prod/values.yaml index 3322c205..d5ab58a1 100644 --- a/.kontinuous/env/prod/values.yaml +++ b/.kontinuous/env/prod/values.yaml @@ -8,7 +8,7 @@ cje-app: - configMapRef: name: cje-app-configmap - secretRef: - name: azure-tumeplay-volume + name: azure-cje-volume pg: cnpg-cluster: From 0c585cf35450e6f96c3ab4d31de18645e9b575fb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment?= Date: Fri, 5 Jan 2024 12:14:57 +0100 Subject: [PATCH 03/15] feat: add Dockerfile to webapp-next --- webapp/Dockerfile | 59 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 59 insertions(+) create mode 100644 webapp/Dockerfile diff --git a/webapp/Dockerfile b/webapp/Dockerfile new file mode 100644 index 00000000..372855fe --- /dev/null +++ b/webapp/Dockerfile @@ -0,0 +1,59 @@ +ARG NODE_VERSION=lts-alpine3.18@sha256:ef5e088232f803cadb83326edb4731015f42961d23a11510b109c2c98cfbb945 + +FROM node:$NODE_VERSION as dependencies +WORKDIR /app +ARG PRODUCTION +COPY package.json yarn.lock ./ +RUN yarn install --frozen-lockfile + +FROM node:$NODE_VERSION as builder +WORKDIR /app +ARG PRODUCTION + +ARG DATABASE_URL +ENV DATABASE_URL=$DATABASE_URL +ARG PAYLOAD_SECRET +ENV PAYLOAD_SECRET=$PAYLOAD_SECRET +ARG PAYLOAD_CONFIG_PATH +ENV PAYLOAD_CONFIG_PATH=$PAYLOAD_CONFIG_PATH + +COPY . . +COPY --from=dependencies /app/node_modules ./node_modules +RUN yarn build + +FROM node:$NODE_VERSION as runner +WORKDIR /app +ARG PRODUCTION +ENV NODE_ENV production + +ARG DATABASE_URL +ENV DATABASE_URL=$DATABASE_URL +ARG PAYLOAD_SECRET +ENV PAYLOAD_SECRET=$PAYLOAD_SECRET +ARG PAYLOAD_CONFIG_PATH +ENV PAYLOAD_CONFIG_PATH=$PAYLOAD_CONFIG_PATH + +COPY package.json yarn.lock ./ +# Remove dev dependencies +RUN yarn install --production --frozen-lockfile && \ + yarn cache clean + +RUN addgroup --system --gid 1001 nodejs && \ + adduser --system --uid 1001 nextjs + +COPY --from=builder /app/public ./public +COPY --from=builder /app/.next ./.next +COPY --from=builder /app/node_modules ./node_modules + +# Block crawlers for staging deployments +RUN if [ -z "$PRODUCTION" ]; then mv -f public/robots.staging.txt public/robots.txt; \ + else rm -f public/robots.staging.txt; fi + +RUN chmod 1777 /tmp +RUN chmod 1777 /app + +USER 1001 + +EXPOSE 3000 +ENV PORT 3000 +CMD ["yarn", "start"] From eee2c07def01be9f3cc85cf2624ae925d82fd465 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment?= Date: Fri, 5 Jan 2024 12:16:04 +0100 Subject: [PATCH 04/15] fix: backend to cje-app --- .kontinuous/env/dev/templates/cja-app.configmap.yaml | 2 +- .kontinuous/env/preprod/templates/cje-app.configmap.yaml | 2 +- .kontinuous/env/prod/templates/cje-app.configmap.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.kontinuous/env/dev/templates/cja-app.configmap.yaml b/.kontinuous/env/dev/templates/cja-app.configmap.yaml index bc0796f4..321c1745 100644 --- a/.kontinuous/env/dev/templates/cja-app.configmap.yaml +++ b/.kontinuous/env/dev/templates/cja-app.configmap.yaml @@ -1,7 +1,7 @@ kind: ConfigMap apiVersion: v1 metadata: - name: backend-configmap + name: cje-map-configmap data: RANCHER_PROJECT_ID: xxxx PAYLOAD_CONFIG_PATH: payload/payload.config.ts diff --git a/.kontinuous/env/preprod/templates/cje-app.configmap.yaml b/.kontinuous/env/preprod/templates/cje-app.configmap.yaml index bc0796f4..8f9c4837 100644 --- a/.kontinuous/env/preprod/templates/cje-app.configmap.yaml +++ b/.kontinuous/env/preprod/templates/cje-app.configmap.yaml @@ -1,7 +1,7 @@ kind: ConfigMap apiVersion: v1 metadata: - name: backend-configmap + name: cje-app-configmap data: RANCHER_PROJECT_ID: xxxx PAYLOAD_CONFIG_PATH: payload/payload.config.ts diff --git a/.kontinuous/env/prod/templates/cje-app.configmap.yaml b/.kontinuous/env/prod/templates/cje-app.configmap.yaml index 8eb4aa0f..63505a55 100644 --- a/.kontinuous/env/prod/templates/cje-app.configmap.yaml +++ b/.kontinuous/env/prod/templates/cje-app.configmap.yaml @@ -1,6 +1,6 @@ kind: ConfigMap apiVersion: v1 metadata: - name: backend-configmap + name: cje-app-configmap data: PAYLOAD_CONFIG_PATH: payload/payload.config.ts From a189a0c8c953453a29d40a79557777e4b5daf783 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment?= Date: Fri, 5 Jan 2024 15:26:32 +0100 Subject: [PATCH 05/15] fix: namespace prod --- .kontinuous/env/prod/templates/cje-app.sealed-secret.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.kontinuous/env/prod/templates/cje-app.sealed-secret.yaml b/.kontinuous/env/prod/templates/cje-app.sealed-secret.yaml index 56391932..e3c267b9 100644 --- a/.kontinuous/env/prod/templates/cje-app.sealed-secret.yaml +++ b/.kontinuous/env/prod/templates/cje-app.sealed-secret.yaml @@ -4,10 +4,10 @@ metadata: annotations: sealedsecrets.bitnami.com/namespace-wide: 'true' name: cje-app-sealed-secret - namespace: cje + namespace: carte-jeune-engage spec: encryptedData: - PAYLOAD_SECRET: AgCHMXWR5pWe2vE+vU9DCLhcwCck8vQ7T1Mr4KIhY8ucafM8TBc1YQQ8v4/RLZgTxJ+h54BIO2oUjMI850tzurHps8y5cBuyLGBc1ovK0bTH/TtOMnFpHe08h4I6RRKQ8+NeHMzuLvKfNGlApRWiYE2EItgJqZo75ETbU/fnD4tiuzJEX77cby6lLkx92a2NnVza5/uXhr1kIvTeuB2jf7yUqav4/AtIz9pnNlPUuR7fnZjA1ehoc0kEbN+5CtJYtpmhtSz4LKclXHuGGu6DipzngzgHoOeA+vlQCb83oTTDC3W8x1aTeZ5J9HRTqbFJMJ0dbjm4fxYe8VnSu+/FDdZYVhfSxg5yDAjNfaWOHnrVpwVzfJD3t0V3la3mbe7W5malK0zMxMnx1htg3H+6XjKW7tEv52c0WLDojKYbzf2Og5ACEEGCIuLk7Gp1FsQBpFPE2x/LPFsUSVD0qB0ccBPkauxLNBLo/YxTWYBgXVjzbsm3hM7y1KEvOZ9ftlLx26+a6G1Ibf3j3gW7AYPkGQJEOY5h0g2R562oXTWpQLafQK80H9y5vEW8hG1lko0XnOGZDIlldzuXwsuOKZS64KpBdZkwiMR0lXFcCOwwCp8T6mw3tK7vTYccdyp/bc47g4TfFX5DqcNQ3QWqTXlR3xWlBZmSFEK0pgfQE1iHXHVl+LPYo5szs7r3vlzdvlkZSXlJXiq0IMV/yXSjwM5YVrQ7 + PAYLOAD_SECRET: AgCXJjeQ77HOJNobfye+1HmjzIuUqehcAVWFrMZWJE5Ilfc5Lqq68AK8mcz/NY8ib3xpr5APAxZAf4MTU0v5ckPCFE9XGmi+NPKKasezDr3OVoeuU0kfme5RpM/+ByI/1B6amLYjjXWNbwjrpUIvo89XYVx8PsdLBPWYB0SR4HuPqjv9pjWv8h55wmgJh45UzhXgWNPESl9eFIhd7qrX6nwbuAaVofk3aVKbb73GsBIpquisg2vGM1ng04LB4mycBtCOgGOEulxCdDShl40dzHBFXhIidwmPJKifMwWS/tY9JnYx1sQqkbDbN7eBuWUwcSmjMc5FJBuVS7NIe3rzEVCdsU4T8usDrjVZ2APyr788vpEoxwd2Q38W9G5nA2zwLkHJg2XSW1nAU6qigJGbwgXlGsAj/v4kosMfLe3HQtdM8xdLZBggaUqKTzhhfIW8kG2heuUwfls3qRTOfaYw0amg7OuMYs11vtx0kAe8KnsrqQPAeqhpvjCWBff11+k7tAGI5P57N03kagZXquEbyAgnOePL1sl0LQrOnF+51DavuXghBY36JiFwyb/0gMEqBwx4SlpR5DR+0xoh5d9X98vOCxFY6Sn8Nyjh/6WAEEd13QOWIBxdWOc4EMtbAwZjsJRmTuYYQwJh3gDGvixVWxrrwtehhPHB0q4IvO4Yf0yUqHPeumHaQVI8PfmIRwNiRPfDYi7OdsPv+dEr7w1kbcyZ template: metadata: annotations: From 80fa2b1222c0aa7182d6bfe7a230ea1787371667 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment?= Date: Fri, 5 Jan 2024 15:32:21 +0100 Subject: [PATCH 06/15] fix: remove unnecessary configs --- .../env/dev/templates/cja-app.configmap.yaml | 1 - .kontinuous/env/dev/values.yaml | 6 ------ .../templates/azure-volume.sealed-secret.yaml | 18 ------------------ .../preprod/templates/cje-app.configmap.yaml | 1 - .../env/preprod/templates/uploads.pvc.yaml | 11 ----------- .../templates/azure-volume.sealed-secret.yaml | 16 ---------------- 6 files changed, 53 deletions(-) delete mode 100644 .kontinuous/env/preprod/templates/azure-volume.sealed-secret.yaml delete mode 100644 .kontinuous/env/preprod/templates/uploads.pvc.yaml delete mode 100644 .kontinuous/env/prod/templates/azure-volume.sealed-secret.yaml diff --git a/.kontinuous/env/dev/templates/cja-app.configmap.yaml b/.kontinuous/env/dev/templates/cja-app.configmap.yaml index 321c1745..9eb08b87 100644 --- a/.kontinuous/env/dev/templates/cja-app.configmap.yaml +++ b/.kontinuous/env/dev/templates/cja-app.configmap.yaml @@ -3,5 +3,4 @@ apiVersion: v1 metadata: name: cje-map-configmap data: - RANCHER_PROJECT_ID: xxxx PAYLOAD_CONFIG_PATH: payload/payload.config.ts diff --git a/.kontinuous/env/dev/values.yaml b/.kontinuous/env/dev/values.yaml index cfbfaaeb..75fc5f45 100644 --- a/.kontinuous/env/dev/values.yaml +++ b/.kontinuous/env/dev/values.yaml @@ -1,10 +1,4 @@ cje-app: - volumes: - - name: uploads - emptyDir: {} - volumeMounts: - - mountPath: /app/public/uploads - name: uploads envFrom: - secretRef: name: pg-app diff --git a/.kontinuous/env/preprod/templates/azure-volume.sealed-secret.yaml b/.kontinuous/env/preprod/templates/azure-volume.sealed-secret.yaml deleted file mode 100644 index 8b21894a..00000000 --- a/.kontinuous/env/preprod/templates/azure-volume.sealed-secret.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - name: azure-cje-volume - namespace: cje-preprod - annotations: - sealedsecrets.bitnami.com/cluster-wide: "true" -spec: - encryptedData: - azurestorageaccountkey: AgBYqr7RQT4skI889tjK4pDC88Fg+kmWM3h7Ixdkp/h4Rv2V5AiUu1QR/heh9pQwgxej3sqN5KdPfQoaB5fBOPmTXwqWstWPEFtrJgZ5T972mFoRvhlUF38HixCZDAYRKCeOE6R+rfdSPymrubNorEPvn960iFluyLfGrayIMQpgIEYWbnv52NFNevMo8+txnjvYh6uEvV/7tXi4/ii8KFTgP87qSW2fIrm7G25zldfBZPhZvuhWiC8zgX+ZJYv96Ww2FGj2kpLOCgO/vwExMzrq8gTkj6alh2nk/nyqGtoSumJydwNXffTnJjV3+BxaLlVKJTxY9pJwxJKwOeGfQkw0jVp1J96KUh4xLLTkrU3cCQAkhEnEb5zsz9bAkqFdahDIby+3A2u//XmzZTufeATWrKDXAAdoKmPUpIogw6llSyE4+7VzCWkr2RaTAcX4Uz4MfyAslM6UaiboVO9zECAiEuxLMYQlr2q1cVdH9hcVfhX9ls+B9wAEOSCOqSJ9O3GIGBRUjxphJKYqR3xbvujapMpiEsjqgvMtN2rEQjPbRG7BmcuNXt43L0MSeG73o2BtjxczOKCR9ouB5RXvYeKmWmtcU6ifB8BGQ84bnhA+jJrMAfrpK82TMNIgiIiQ1Djon8FczRV32kXTIGtAiCgJ+CPikqggIw2S6SodGYeD7CAUaV8dgFHKcTVF8SsiSUPEubVImoxcJLYKFj8lNY2+Ipyo+ar/51dnNLDC1e8yduZOktRqcqMsD22UhSXD7xmPbqK/AAO/4kdsEVUyTTXnxsQh4aScw/C1lP0rNUCfbsizHhavfnOR - azurestorageaccountname: AgCo0eST34J1wpgOsWQfCL9LoWAsQxScI3A38zfj/FxVIAIkXz8Ldm+TiU4Q9T2QbPjma8hruyCVBgksz88G6+OPdFFDFiNmeURblxq2VdG1JRWo7Q90jl5hKMVel+cMw1pm6sKfYtU2kD12ZWZd/fghDQDF4kAa9RhgBSWckwBQS0g0bvoRnzWBFQuM3NBRI3bGngQJyEMYc1ZD9cL9CPvh6MerHzsw7C0j9TD5qVh4RCOZ54uGrtyJzTnikaCCDJuP7VfUZcEhCin5wMK0uk1PtWQxHBzyiS2uBGCoI4iiumEj7z8EeZz7R5G8F2/Z0Fa3CYYZoHAX6x/eme6mFPN3hOnLVpWf6KzM8TSJLCFuBe6bPZsy2FSwVpuaHZgPHy/HKioQOmUUC/7ySn6Buecy1OSXwxlslRmhyfmEOAbNJ6jhGO31akX7HbBJ6p5y1CLwKFYMLLywDZDYIxxMpEEYru3ljeo4/NfA0J9NLQ9knrmabBJDVIX3mlkPfG5mPMiTj/DPhPymChTFWTJyzzh06CE6PiCuj0/VaN/GlDmU4vPy9YO0CZDXU1neOZ/9Cus+oznIKxOf2xsSilaHtHiqR5jYHyizoACiwpdIfNjdxG78CH0xrc0NoelUp0VEFkvV8GLh0jvvoD7h2J1ROHsNf5eFPqYhpIBBe2uVskGzDIrUaGU2tYm9lcfSNAihjva3LE+sEyEGbx6xdg== - template: - metadata: - annotations: - sealedsecrets.bitnami.com/cluster-wide: "true" - name: azure-cje-volume - namespace: cje-preprod - type: Opaque diff --git a/.kontinuous/env/preprod/templates/cje-app.configmap.yaml b/.kontinuous/env/preprod/templates/cje-app.configmap.yaml index 8f9c4837..63505a55 100644 --- a/.kontinuous/env/preprod/templates/cje-app.configmap.yaml +++ b/.kontinuous/env/preprod/templates/cje-app.configmap.yaml @@ -3,5 +3,4 @@ apiVersion: v1 metadata: name: cje-app-configmap data: - RANCHER_PROJECT_ID: xxxx PAYLOAD_CONFIG_PATH: payload/payload.config.ts diff --git a/.kontinuous/env/preprod/templates/uploads.pvc.yaml b/.kontinuous/env/preprod/templates/uploads.pvc.yaml deleted file mode 100644 index b6ab6ef8..00000000 --- a/.kontinuous/env/preprod/templates/uploads.pvc.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: uploads -spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: 10Gi - storageClassName: "" diff --git a/.kontinuous/env/prod/templates/azure-volume.sealed-secret.yaml b/.kontinuous/env/prod/templates/azure-volume.sealed-secret.yaml deleted file mode 100644 index 2ec294d7..00000000 --- a/.kontinuous/env/prod/templates/azure-volume.sealed-secret.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - annotations: &a1 {} - name: azure-cje-volume - namespace: cje -spec: - encryptedData: - azurestorageaccountkey: AgBCZ94S0NBkf4kpOzdv/okfFIislG2ZWF9L00kRySBfk8x69PkfIBSvfmVjQlCNCVdQTkd457GBIBONkT58vXPL/QHqhwF+lQJZiu0K9i4KCciVasiWg/WHAa98kZmAU3HXVaN0Lasat2Po+WYvh0IXBWMzEcBOWAZ//HgFPNmqtelfHH0WK8pliypT6BDbewmmP+9+5ZINO1i21H0MBd0tFPc/gJJ3QlbjcWcQOvmhnwgjA44huJnJhXXrphEDf5Qt9Vf0ZuqtpsFZy2AwSJiFAt/49BBHgXymdeWpOKF14lBAWsemIVFm+OEJhk3hR1r+fV/u+KHTD5E7bzXQyKYBWv4LGYkghvXYQsvfszBLCr+fzln8dci5PorymPOPY20mttia72rpTdPLpAlRaybIGExuJ5fIRuEqUjC5qEkmsuMjaH6NRxaG2zxVxrVjn1o1E18k6KCqVdlR8qSvzwwcgeLX1IDDKAjGxhALQY+G/9X5kdurVV7cgq5gk6yZOf/fKohBBFJEWzqEtEQhr5XvueQVN+8dRZgJVWSkny6V1d6Q1Yn7N+zOg1eRfsQFaWEzJj2WDd9iciOTfqtDLMwBM0PV3OzUcbmYQdJ24sr5lHsJivNc7ASL/3rSMNySUrh3RERsE6/BZG//XEYt6HD4AIH5XJjqL2fo5/XdcYXFjBBz21JnGMJDYNsy/OEArqoaJowPPuZgJpQisBR2xvcGOhY04wQJS7XBLOZr97PjygTHAtv8ZCQVZap/tOeFFVQ56tBu2utpS8aiipiyzlpdCZ3SMRsAwqJ+19/MdtItfeVMs7Jz0dg2 - azurestorageaccountname: AgBFQmJrPMSqXhokDwG7DUYxCAwxSQqdDkpJUBqoHynE4Bm7J22lmFjPLG5dnenavw/GUwhobCU2Gi6bjfohRDJZzLC4Gmhv5qWCVEfm1evUHm36Li47vbAFYmsua6v/50eqbuzzquowiyLCsh84XtUQHRu5LsYkFvRZb28XTACU/oRgelIatrmh3DwqWXV+LPbakQRPAoBEKU2uUbenyjiSTivokF5sBrHpNPgW12y2pgKfhp+gwpL/pI4YTt4ql0VK9OiLo16IhV04/pAjovNLAWoQeLOa4TM1rTa7SYlKkBNgtn1szoQJNu8hoeXqLmpoEeOyFzWhKjAm/e6ZNW9z0dD2j0oZb9k6QtVMStcLBDmPEbG66GghLlaaLWInk80onvJzmPYS0tqkmu2M/j/8XXSDGu5wFr+EjoWqoQZ34EwSytmWvk8UbebJYYaW1jJ3ASOj2lXur9tLk39f8kvoDjQa6rGsPfMZLS9u2EHWPx65D8p/vUPHwCrgrtyOFm99R7GnhHQNm/9nkodJEKVoc+0g0W/86/RpNFH+h31/Va0XASAz0USBXCO7njhLfngdxWRP7ag3voNNdQ/gvy2Ij+zvn8MkZPb0XT1XTKiJSZGb0gGWUrz8MQE3KWl4ow4E2mJRyWefGevMrEQjo1sCdBJzn3uEn8G5bBxIn18HWhit7PEAYptNqYu64S6YOUwu5T9N9iMtuuRE5cQ= - template: - metadata: - annotations: *a1 - name: azure-cje-volume - namespace: cje - type: Opaque From 6c03b819023019d7122e59e3d5e8db295f498b9b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment?= Date: Fri, 5 Jan 2024 15:52:32 +0100 Subject: [PATCH 07/15] fix: cje-app to app --- ...-app.configmap.yaml => app.configmap.yaml} | 0 ...led-secret.yaml => app.sealed-secret.yaml} | 0 .kontinuous/env/dev/values.yaml | 6 ++-- ...-app.configmap.yaml => app.configmap.yaml} | 2 +- ...led-secret.yaml => app.sealed-secret.yaml} | 4 +-- .kontinuous/env/preprod/values.yaml | 2 +- ...-app.configmap.yaml => app.configmap.yaml} | 2 +- ...led-secret.yaml => app.sealed-secret.yaml} | 4 +-- .kontinuous/env/prod/values.yaml | 6 ++-- .kontinuous/values.yaml | 29 +++++++------------ 10 files changed, 23 insertions(+), 32 deletions(-) rename .kontinuous/env/dev/templates/{cja-app.configmap.yaml => app.configmap.yaml} (100%) rename .kontinuous/env/dev/templates/{cja-app.sealed-secret.yaml => app.sealed-secret.yaml} (100%) rename .kontinuous/env/preprod/templates/{cje-app.configmap.yaml => app.configmap.yaml} (78%) rename .kontinuous/env/preprod/templates/{cje-app.sealed-secret.yaml => app.sealed-secret.yaml} (94%) rename .kontinuous/env/prod/templates/{cje-app.configmap.yaml => app.configmap.yaml} (78%) rename .kontinuous/env/prod/templates/{cje-app.sealed-secret.yaml => app.sealed-secret.yaml} (94%) diff --git a/.kontinuous/env/dev/templates/cja-app.configmap.yaml b/.kontinuous/env/dev/templates/app.configmap.yaml similarity index 100% rename from .kontinuous/env/dev/templates/cja-app.configmap.yaml rename to .kontinuous/env/dev/templates/app.configmap.yaml diff --git a/.kontinuous/env/dev/templates/cja-app.sealed-secret.yaml b/.kontinuous/env/dev/templates/app.sealed-secret.yaml similarity index 100% rename from .kontinuous/env/dev/templates/cja-app.sealed-secret.yaml rename to .kontinuous/env/dev/templates/app.sealed-secret.yaml diff --git a/.kontinuous/env/dev/values.yaml b/.kontinuous/env/dev/values.yaml index 75fc5f45..f59a6e96 100644 --- a/.kontinuous/env/dev/values.yaml +++ b/.kontinuous/env/dev/values.yaml @@ -1,8 +1,8 @@ -cje-app: +app: envFrom: - secretRef: name: pg-app - secretRef: - name: cje-app-sealed-secret + name: app-sealed-secret - configMapRef: - name: cje-app-configmap \ No newline at end of file + name: app-configmap \ No newline at end of file diff --git a/.kontinuous/env/preprod/templates/cje-app.configmap.yaml b/.kontinuous/env/preprod/templates/app.configmap.yaml similarity index 78% rename from .kontinuous/env/preprod/templates/cje-app.configmap.yaml rename to .kontinuous/env/preprod/templates/app.configmap.yaml index 63505a55..b6d5fa8b 100644 --- a/.kontinuous/env/preprod/templates/cje-app.configmap.yaml +++ b/.kontinuous/env/preprod/templates/app.configmap.yaml @@ -1,6 +1,6 @@ kind: ConfigMap apiVersion: v1 metadata: - name: cje-app-configmap + name: app-configmap data: PAYLOAD_CONFIG_PATH: payload/payload.config.ts diff --git a/.kontinuous/env/preprod/templates/cje-app.sealed-secret.yaml b/.kontinuous/env/preprod/templates/app.sealed-secret.yaml similarity index 94% rename from .kontinuous/env/preprod/templates/cje-app.sealed-secret.yaml rename to .kontinuous/env/preprod/templates/app.sealed-secret.yaml index 4e0a5cd3..e46b64de 100644 --- a/.kontinuous/env/preprod/templates/cje-app.sealed-secret.yaml +++ b/.kontinuous/env/preprod/templates/app.sealed-secret.yaml @@ -3,7 +3,7 @@ kind: SealedSecret metadata: annotations: sealedsecrets.bitnami.com/cluster-wide: 'true' - name: cje-app-sealed-secret + name: app-sealed-secret spec: encryptedData: PAYLOAD_SECRET: AgCQia35m739XEnXdFJ0/nqUxp81To0Ad5CWsRPQ3endkD+hJYK+Q7NR+B6JgyoHIoG9OGWeFmM06MOJTLh6lbLz2GiZKUThU9MGi9WNzlTYxGjDTwHf14exRCGlLR+cNUgBChiTaQgwcXOJd8c606gmQhvZ20y7ph2+tGWjhcFfPsmclZIzT5VkFylG0BLoBAFjeWIqvxKPxn+75SOkhzzZ5xfueHWINPk7el4u74ymKs+gNnnKOoa4Qx8zG96FgMBMWUYzAvB10FNtVpt9OWNVWfGp53P3eCUhqO++fEz9RPlofYL0gcYYAezQFyna3O+I03oJWN6mdZcmzom9stbRG6+xN8JVR2r0X5S86cSlSfFlrFwlsuhef4XD7Dk4yi9Ur0Dew+5MCdsUjy/r9rP20zUHhOt628XONLKkzUNN5/QtCSOVlwR9/X+4D26u8cR1O2ZzrmKmbMU44KMz+AynR4jSawGF3+flpc971yP69r3QR2plHaPLGqvPjIWipp5D7wueqzlZ0UC4GXSwhHhdDAnlWPhmt6CyLFHPinG5LS1NoTNALUkZTEtG16ZJ1POyhXkh0MIkoJ6tHoj4QcLjrZTKrRn+LxigXahU+HR065MmJbhuBZcmLTlN/BDLRnaJMy5Q+aUySye59JTqYpnUK+d9MW4adurJNEU4CrbNK0GvH5NcfjJLpARzFRL9x6FBW+FVENntO8YGs3oW0rdk @@ -11,5 +11,5 @@ spec: metadata: annotations: sealedsecrets.bitnami.com/cluster-wide: 'true' - name: cje-app-sealed-secret + name: app-sealed-secret type: Opaque \ No newline at end of file diff --git a/.kontinuous/env/preprod/values.yaml b/.kontinuous/env/preprod/values.yaml index de759a53..c68b5243 100644 --- a/.kontinuous/env/preprod/values.yaml +++ b/.kontinuous/env/preprod/values.yaml @@ -1,2 +1,2 @@ -cje-app: +app: host: "cje-preprod.ovh.fabrique.social.gouv.fr" \ No newline at end of file diff --git a/.kontinuous/env/prod/templates/cje-app.configmap.yaml b/.kontinuous/env/prod/templates/app.configmap.yaml similarity index 78% rename from .kontinuous/env/prod/templates/cje-app.configmap.yaml rename to .kontinuous/env/prod/templates/app.configmap.yaml index 63505a55..b6d5fa8b 100644 --- a/.kontinuous/env/prod/templates/cje-app.configmap.yaml +++ b/.kontinuous/env/prod/templates/app.configmap.yaml @@ -1,6 +1,6 @@ kind: ConfigMap apiVersion: v1 metadata: - name: cje-app-configmap + name: app-configmap data: PAYLOAD_CONFIG_PATH: payload/payload.config.ts diff --git a/.kontinuous/env/prod/templates/cje-app.sealed-secret.yaml b/.kontinuous/env/prod/templates/app.sealed-secret.yaml similarity index 94% rename from .kontinuous/env/prod/templates/cje-app.sealed-secret.yaml rename to .kontinuous/env/prod/templates/app.sealed-secret.yaml index e3c267b9..290c18b4 100644 --- a/.kontinuous/env/prod/templates/cje-app.sealed-secret.yaml +++ b/.kontinuous/env/prod/templates/app.sealed-secret.yaml @@ -3,7 +3,7 @@ kind: SealedSecret metadata: annotations: sealedsecrets.bitnami.com/namespace-wide: 'true' - name: cje-app-sealed-secret + name: app-sealed-secret namespace: carte-jeune-engage spec: encryptedData: @@ -12,5 +12,5 @@ spec: metadata: annotations: sealedsecrets.bitnami.com/namespace-wide: 'true' - name: cje-app-sealed-secret + name: app-sealed-secret type: Opaque \ No newline at end of file diff --git a/.kontinuous/env/prod/values.yaml b/.kontinuous/env/prod/values.yaml index d5ab58a1..daf57c6b 100644 --- a/.kontinuous/env/prod/values.yaml +++ b/.kontinuous/env/prod/values.yaml @@ -1,12 +1,12 @@ -cje-app: +app: host: cje.fabrique.social.gouv.fr envFrom: - secretRef: name: pg-app - secretRef: - name: cje-app-sealed-secret + name: app-sealed-secret - configMapRef: - name: cje-app-configmap + name: app-configmap - secretRef: name: azure-cje-volume diff --git a/.kontinuous/values.yaml b/.kontinuous/values.yaml index 0086f819..edbd3aee 100644 --- a/.kontinuous/values.yaml +++ b/.kontinuous/values.yaml @@ -1,10 +1,10 @@ -cje-app: - ~chart: cje-app - ~needs: [build-cje-app, pg] - host: "cje-app-{{ $.Values.global.host }}" - imagePackage: cje-app +app: + ~chart: app + ~needs: [build-app, pg] + host: "app-{{ $.Values.global.host }}" + imagePackage: app containerPort: 8080 - probesPath: /_health + probesPath: /api/health resources: requests: cpu: 0.3 @@ -19,25 +19,16 @@ cje-app: - secretRef: name: pg-app - secretRef: - name: cje-app-sealed-secret - - secretRef: - name: azure-cje-volume + name: app-sealed-secret - configMapRef: - name: cje-app-configmap - volumeMounts: - - name: uploads - mountPath: /app/public/uploads - volumes: - - name: uploads - persistentVolumeClaim: - claimName: uploads + name: app-configmap pg: ~chart: pg jobs: runs: - build-cje-app: + build-app: use: build with: - imagePackage: cje-app + imagePackage: app From b729eab489f14d985121a6a2db9521d1b6a0aec0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment?= Date: Fri, 5 Jan 2024 15:54:23 +0100 Subject: [PATCH 08/15] fix: typo health healthz --- .kontinuous/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.kontinuous/values.yaml b/.kontinuous/values.yaml index edbd3aee..838cd17d 100644 --- a/.kontinuous/values.yaml +++ b/.kontinuous/values.yaml @@ -4,7 +4,7 @@ app: host: "app-{{ $.Values.global.host }}" imagePackage: app containerPort: 8080 - probesPath: /api/health + probesPath: /api/healthz resources: requests: cpu: 0.3 From 4dd0e1aa208141f3cf875b632223c00e087748b6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment?= Date: Fri, 5 Jan 2024 15:57:08 +0100 Subject: [PATCH 09/15] feat: add api healthz --- webapp/src/pages/api/healthz.ts | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 webapp/src/pages/api/healthz.ts diff --git a/webapp/src/pages/api/healthz.ts b/webapp/src/pages/api/healthz.ts new file mode 100644 index 00000000..b9dbd789 --- /dev/null +++ b/webapp/src/pages/api/healthz.ts @@ -0,0 +1,6 @@ + +import { NextApiRequest, NextApiResponse } from 'next'; + +export default (req: NextApiRequest, res: NextApiResponse) => { + res.status(200).json({ status: 'ok' }); +}; \ No newline at end of file From 7f6578555d8e6536245d0b26c8991e56d9faa618 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment?= Date: Fri, 5 Jan 2024 16:02:50 +0100 Subject: [PATCH 10/15] fix: app sealed secret --- .kontinuous/env/dev/templates/app.configmap.yaml | 2 +- .../env/dev/templates/app.sealed-secret.yaml | 16 +--------------- .kontinuous/env/dev/values.yaml | 2 -- .../env/preprod/templates/app.sealed-secret.yaml | 2 +- 4 files changed, 3 insertions(+), 19 deletions(-) mode change 100644 => 120000 .kontinuous/env/dev/templates/app.sealed-secret.yaml diff --git a/.kontinuous/env/dev/templates/app.configmap.yaml b/.kontinuous/env/dev/templates/app.configmap.yaml index 9eb08b87..b6d5fa8b 100644 --- a/.kontinuous/env/dev/templates/app.configmap.yaml +++ b/.kontinuous/env/dev/templates/app.configmap.yaml @@ -1,6 +1,6 @@ kind: ConfigMap apiVersion: v1 metadata: - name: cje-map-configmap + name: app-configmap data: PAYLOAD_CONFIG_PATH: payload/payload.config.ts diff --git a/.kontinuous/env/dev/templates/app.sealed-secret.yaml b/.kontinuous/env/dev/templates/app.sealed-secret.yaml deleted file mode 100644 index 4c4af324..00000000 --- a/.kontinuous/env/dev/templates/app.sealed-secret.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: bitnami.com/v1alpha1 -kind: SealedSecret -metadata: - annotations: - sealedsecrets.bitnami.com/cluster-wide: 'true' - name: cje -spec: - encryptedData: - PAYLOAD_SECRET: AgAZhxFoakTd9mFDN/HrK2nWDqcGgFb21KtdB8wfjKjDLNlK+VwnjCbHbmVxVp6Y62dvHaPE1YwyRVpBNqGUE3g9mxqAg7br4uXEKmXnfOp4e0MfYs+ei79ZTeugFR5OQL82rlkUbqzH9UtllaTB3UhVycSudl8xn9sxBc4sJk3rdZBmdx/PYOnADfYYH0gQUay23X0vU2crDFFIt8JOkri0LTYuy54IqF2MnlFUOWTdLESY7DhHHvO/w9SVGIxxMCJNHXh83OJGgikvrp9J8d9JL5wCR9vJ+Pd2yY8ABZxPFnYFQgadylYF5Y0wbgTXizYthmH1wCjDXnl0EHrpmLvRP8yOmmrT2+lP4OW4kFfYapjlIWEav1AoSRofVlpoMqxRtKmjpVA6WOuJguSE1Q2cBUIEgOr66cmMoYZXI2RXZlYwTOBQHaGeZNz1bjPpLj78W8QwkWNg+pi5gKv7fBqC1t1Xbw9vYUF0CGt/xMWIFVTdREy5QAWf9iGf/mJMsNNqumBijscL1oDGve+xChNLyPAKX+sgUi93jBkCF1hg7DG0Rf5GJ421eVYREVVXl5/tAKKFiqCMWsCmqUVi7o3sgWRJ7fJPuc7exsWC7UOwzRAzZ3bzQMfozCpMQe8GdG31BjlIw4zYQ4+ddlWHl4/2zg2p9enz/CQsF/ozISc/pH5BH8qSV8TmYKXcdla2a9zuhhv/BdYYUkuFRCh96x+u - template: - metadata: - annotations: - sealedsecrets.bitnami.com/cluster-wide: 'true' - name: cje - type: Opaque \ No newline at end of file diff --git a/.kontinuous/env/dev/templates/app.sealed-secret.yaml b/.kontinuous/env/dev/templates/app.sealed-secret.yaml new file mode 120000 index 00000000..1326deec --- /dev/null +++ b/.kontinuous/env/dev/templates/app.sealed-secret.yaml @@ -0,0 +1 @@ +../../preprod/templates/app.sealed-secret.yaml \ No newline at end of file diff --git a/.kontinuous/env/dev/values.yaml b/.kontinuous/env/dev/values.yaml index f59a6e96..ca5f98b0 100644 --- a/.kontinuous/env/dev/values.yaml +++ b/.kontinuous/env/dev/values.yaml @@ -1,7 +1,5 @@ app: envFrom: - - secretRef: - name: pg-app - secretRef: name: app-sealed-secret - configMapRef: diff --git a/.kontinuous/env/preprod/templates/app.sealed-secret.yaml b/.kontinuous/env/preprod/templates/app.sealed-secret.yaml index e46b64de..0edfdc0b 100644 --- a/.kontinuous/env/preprod/templates/app.sealed-secret.yaml +++ b/.kontinuous/env/preprod/templates/app.sealed-secret.yaml @@ -6,7 +6,7 @@ metadata: name: app-sealed-secret spec: encryptedData: - PAYLOAD_SECRET: AgCQia35m739XEnXdFJ0/nqUxp81To0Ad5CWsRPQ3endkD+hJYK+Q7NR+B6JgyoHIoG9OGWeFmM06MOJTLh6lbLz2GiZKUThU9MGi9WNzlTYxGjDTwHf14exRCGlLR+cNUgBChiTaQgwcXOJd8c606gmQhvZ20y7ph2+tGWjhcFfPsmclZIzT5VkFylG0BLoBAFjeWIqvxKPxn+75SOkhzzZ5xfueHWINPk7el4u74ymKs+gNnnKOoa4Qx8zG96FgMBMWUYzAvB10FNtVpt9OWNVWfGp53P3eCUhqO++fEz9RPlofYL0gcYYAezQFyna3O+I03oJWN6mdZcmzom9stbRG6+xN8JVR2r0X5S86cSlSfFlrFwlsuhef4XD7Dk4yi9Ur0Dew+5MCdsUjy/r9rP20zUHhOt628XONLKkzUNN5/QtCSOVlwR9/X+4D26u8cR1O2ZzrmKmbMU44KMz+AynR4jSawGF3+flpc971yP69r3QR2plHaPLGqvPjIWipp5D7wueqzlZ0UC4GXSwhHhdDAnlWPhmt6CyLFHPinG5LS1NoTNALUkZTEtG16ZJ1POyhXkh0MIkoJ6tHoj4QcLjrZTKrRn+LxigXahU+HR065MmJbhuBZcmLTlN/BDLRnaJMy5Q+aUySye59JTqYpnUK+d9MW4adurJNEU4CrbNK0GvH5NcfjJLpARzFRL9x6FBW+FVENntO8YGs3oW0rdk + PAYLOAD_SECRET: AgCUOf5GYU76Wpev453PuZGT5xSns0/50rXIB61hG8oFtwD//5b064nNycou3zkC+VzdrwyrBcda42n9JST4THKySHu+d5LhX9q5IiLkKNWJnQ8I0022sZIZbNPvPFm0II5LPW7GG5jpqdc9TO5k1uDBATRpXf4UNeQop7Kj+gamt3wHFoI72Yt2FZBGriPZf3Ka5bC4Z4l5hBt97LnH49S5ZY2t/vvFYStZDHn6UbEHH/+jWtsIfkZ00gi9U7wUgprYPXjvvAIfjjlCeMvRa4I1zpXftolrcM0tqwKT7j3dafQWD1JkmgVXkQUosGLqxWsIgTy2bwF8LiYCD0s2uBVdrqFV9wkNpHZBsCVCh2Bs+EDA4MPSCLcWsDB7YNsetDUhME56oEpaOMOE3npzt1safB7LpqHodWu5S5ySVTQM7rTuPjbJZPn/Bn6pM+W/2lmGztgpgHImfbox+D5JlSn1aRuG8kyQAmGxv45LjQnOP3AnP5D4l+DIn+om+QMcHjsq8/+5IYfpupok9DkdDv0Zasee/wv+H8YnH1SY7mX8eIkMea86f2qIdOVnKQoz7lZYHg4ZkzEstCQp4x+etO26t9GVJ+o8o1E/6sCfb/MkoEaw+0AxHlhAcr7GOlJokdFf7vPrQ56I5pqO7Gev9p981v9NpEnzs7XZePjIEOxng7NWYxV95bbu7SWiZzZtnZ8tE2OxSPO8CnswENXi0Oms template: metadata: annotations: From 962ba392f70737e41aa409672f83665f06eadc45 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment?= Date: Fri, 5 Jan 2024 16:57:50 +0100 Subject: [PATCH 11/15] fix: remove args from Dockerfile --- webapp/Dockerfile | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/webapp/Dockerfile b/webapp/Dockerfile index 372855fe..827a1785 100644 --- a/webapp/Dockerfile +++ b/webapp/Dockerfile @@ -10,13 +10,6 @@ FROM node:$NODE_VERSION as builder WORKDIR /app ARG PRODUCTION -ARG DATABASE_URL -ENV DATABASE_URL=$DATABASE_URL -ARG PAYLOAD_SECRET -ENV PAYLOAD_SECRET=$PAYLOAD_SECRET -ARG PAYLOAD_CONFIG_PATH -ENV PAYLOAD_CONFIG_PATH=$PAYLOAD_CONFIG_PATH - COPY . . COPY --from=dependencies /app/node_modules ./node_modules RUN yarn build @@ -26,13 +19,6 @@ WORKDIR /app ARG PRODUCTION ENV NODE_ENV production -ARG DATABASE_URL -ENV DATABASE_URL=$DATABASE_URL -ARG PAYLOAD_SECRET -ENV PAYLOAD_SECRET=$PAYLOAD_SECRET -ARG PAYLOAD_CONFIG_PATH -ENV PAYLOAD_CONFIG_PATH=$PAYLOAD_CONFIG_PATH - COPY package.json yarn.lock ./ # Remove dev dependencies RUN yarn install --production --frozen-lockfile && \ From 457aa50c6429bad2c0973e0e4125e19a784a6862 Mon Sep 17 00:00:00 2001 From: Gary van Woerkens Date: Fri, 5 Jan 2024 17:40:50 +0100 Subject: [PATCH 12/15] fix app config --- .kontinuous/env/dev/values.yaml | 12 ++++++------ .kontinuous/values.yaml | 23 ++++++++++++----------- 2 files changed, 18 insertions(+), 17 deletions(-) diff --git a/.kontinuous/env/dev/values.yaml b/.kontinuous/env/dev/values.yaml index ca5f98b0..25420567 100644 --- a/.kontinuous/env/dev/values.yaml +++ b/.kontinuous/env/dev/values.yaml @@ -1,6 +1,6 @@ -app: - envFrom: - - secretRef: - name: app-sealed-secret - - configMapRef: - name: app-configmap \ No newline at end of file +# app: +# envFrom: +# - secretRef: +# name: app-sealed-secret +# - configMapRef: +# name: app-configmap diff --git a/.kontinuous/values.yaml b/.kontinuous/values.yaml index 838cd17d..8faaac53 100644 --- a/.kontinuous/values.yaml +++ b/.kontinuous/values.yaml @@ -1,23 +1,23 @@ app: ~chart: app - ~needs: [build-app, pg] + ~needs: [build-app] host: "app-{{ $.Values.global.host }}" imagePackage: app - containerPort: 8080 + # containerPort: 8080 probesPath: /api/healthz - resources: - requests: - cpu: 0.3 - memory: 256Mi - limits: - cpu: 1 - memory: 1Gi + # resources: + # requests: + # cpu: 0.3 + # memory: 256Mi + # limits: + # cpu: 1 + # memory: 1Gi env: - name: DATABASE_URL value: "$(DATABASE_URL)" envFrom: - - secretRef: - name: pg-app + # - secretRef: + # name: pg-app - secretRef: name: app-sealed-secret - configMapRef: @@ -32,3 +32,4 @@ jobs: use: build with: imagePackage: app + context: ./webapp From 5577b040eba231e3de1033d5cd8407a92e05e96e Mon Sep 17 00:00:00 2001 From: Gary van Woerkens Date: Fri, 5 Jan 2024 18:01:29 +0100 Subject: [PATCH 13/15] fix app config, again --- .kontinuous/config.yaml | 12 +++++------- .kontinuous/values.yaml | 2 +- 2 files changed, 6 insertions(+), 8 deletions(-) diff --git a/.kontinuous/config.yaml b/.kontinuous/config.yaml index 9e203fde..405249f9 100644 --- a/.kontinuous/config.yaml +++ b/.kontinuous/config.yaml @@ -1,5 +1,5 @@ -projectName: cje -ciNamespace: ci-cje +projectName: carte-jeune-engage +ciNamespace: ci-carte-jeune-engage dependencies: fabrique: @@ -7,14 +7,12 @@ dependencies: - name: ovh ifEnv: [dev, preprod] - name: buildkit-service + ifEnv: [dev, preprod] dependencies: contrib: preDeploy: importSecrets: options: secrets: - kubeconfig: - harbor: - buildkit-client-certs: - cje-dev-backups-access-key: - cje-prod-backups-access-key: + carte-jeune-engage-dev-backups-access-key: + carte-jeune-engage-prod-backups-access-key: diff --git a/.kontinuous/values.yaml b/.kontinuous/values.yaml index 8faaac53..3f012140 100644 --- a/.kontinuous/values.yaml +++ b/.kontinuous/values.yaml @@ -23,7 +23,7 @@ app: - configMapRef: name: app-configmap -pg: +cnpg-cluster: ~chart: pg jobs: From f145f1c893d223698634620ff50281c15e00bc28 Mon Sep 17 00:00:00 2001 From: Gary van Woerkens Date: Fri, 5 Jan 2024 19:34:28 +0100 Subject: [PATCH 14/15] add missing file --- webapp/public/robots.staging.txt | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 webapp/public/robots.staging.txt diff --git a/webapp/public/robots.staging.txt b/webapp/public/robots.staging.txt new file mode 100644 index 00000000..e69de29b From 6d7664c126d168cc58651a8dc405702c2b90bd83 Mon Sep 17 00:00:00 2001 From: Gary van Woerkens Date: Fri, 5 Jan 2024 19:57:32 +0100 Subject: [PATCH 15/15] cleaning --- .kontinuous/env/dev/values.yaml | 6 ------ .kontinuous/env/preprod/values.yaml | 2 +- .kontinuous/values.yaml | 11 +---------- 3 files changed, 2 insertions(+), 17 deletions(-) delete mode 100644 .kontinuous/env/dev/values.yaml diff --git a/.kontinuous/env/dev/values.yaml b/.kontinuous/env/dev/values.yaml deleted file mode 100644 index 25420567..00000000 --- a/.kontinuous/env/dev/values.yaml +++ /dev/null @@ -1,6 +0,0 @@ -# app: -# envFrom: -# - secretRef: -# name: app-sealed-secret -# - configMapRef: -# name: app-configmap diff --git a/.kontinuous/env/preprod/values.yaml b/.kontinuous/env/preprod/values.yaml index c68b5243..d870c09e 100644 --- a/.kontinuous/env/preprod/values.yaml +++ b/.kontinuous/env/preprod/values.yaml @@ -1,2 +1,2 @@ app: - host: "cje-preprod.ovh.fabrique.social.gouv.fr" \ No newline at end of file + host: "cje-preprod.ovh.fabrique.social.gouv.fr" diff --git a/.kontinuous/values.yaml b/.kontinuous/values.yaml index 3f012140..9c19378e 100644 --- a/.kontinuous/values.yaml +++ b/.kontinuous/values.yaml @@ -3,21 +3,12 @@ app: ~needs: [build-app] host: "app-{{ $.Values.global.host }}" imagePackage: app - # containerPort: 8080 probesPath: /api/healthz - # resources: - # requests: - # cpu: 0.3 - # memory: 256Mi - # limits: - # cpu: 1 - # memory: 1Gi + env: - name: DATABASE_URL value: "$(DATABASE_URL)" envFrom: - # - secretRef: - # name: pg-app - secretRef: name: app-sealed-secret - configMapRef: