Helm added

.github/workflows/pipeline-dev.yaml

@@ -0,0 +1,136 @@
+name: CI-CD-Dev
+
+on:
+  workflow_dispatch:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches:
+      - main
+
+env:
+  OCI_CLI_USER: ${{ secrets.OCI_CLI_USER }}
+  OCI_CLI_TENANCY: ${{ secrets.OCI_CLI_TENANCY }}
+  OCI_CLI_FINGERPRINT: ${{ secrets.OCI_CLI_FINGERPRINT }}
+  OCI_CLI_KEY_CONTENT: ${{ secrets.OCI_CLI_KEY_CONTENT }}
+  OCI_CLI_REGION: ${{ secrets.OCI_CLI_REGION }}
+
+jobs:
+  unit-testing:
+    name: Unit Testing
+    runs-on: ubuntu-latest
+    steps:
+      - name: Run unit testing
+        run: echo " Run Unit testing"
+
+  build:
+    name: Build and analyze
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
+      - name: Set up JDK 17
+        uses: actions/setup-java@v1
+        with:
+          java-version: 17
+      - name: Cache SonarQube packages
+        uses: actions/cache@v1
+        with:
+          path: ~/.sonar/cache
+          key: ${{ runner.os }}-sonar
+          restore-keys: ${{ runner.os }}-sonar
+      - name: Cache Maven packages
+        uses: actions/cache@v1
+        with:
+          path: ~/.m2
+          key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
+          restore-keys: ${{ runner.os }}-m2
+      - name: Build and analyze
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
+        run: mvn -f ./api/pom.xml -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=demo-project -Dsonar.projectName='demo-project'
+      - name: Check SonarQube Quality Gate
+        run: |
+          STATUS=$(curl -s "http://129.150.35.183:9000/api/project_badges/measure?project=demo-project&metric=alert_status&token=sqb_ce32b49127641027d6b263bf6d5c1e155bad8d60" | grep -oP '(?<=<text x="103" y="14" textLength="39">)[^<]+')
+          if [ "$STATUS" != "passed" ]; then
+            echo "Quality gate failed!"
+            exit 1
+          else
+            echo "Quality gate passed!"
+          fi
+
+  push_to_registry:
+    if: ${{ github.event_name != 'pull_request' }}
+    name: Push Docker image to Docker Hub
+    runs-on: ubuntu-latest
+    needs: build
+    permissions:
+      packages: write
+      contents: read
+      attestations: write
+      id-token: write
+    steps:
+      - name: Check out the repo
+        uses: actions/checkout@v4
+
+      - name: Log in to Docker Hub
+        uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      - name: Extract metadata (tags, labels) for API Docker
+        id: meta
+        uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
+        with:
+          images: shivin8080/demo-api
+
+      - name: Build and push Docker image API
+        id: push
+        uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671
+        with:
+          context: ./api
+          file: ./api/Dockerfile
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+
+      - name: Extract metadata (tags, labels) for Web Docker
+        id: web
+        uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
+        with:
+          images: shivin8080/demo-web
+
+      - name: Build and push Docker image Web
+        id: push-web
+        uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671
+        with:
+          context: ./web
+          file: ./web/Dockerfile
+          push: true
+          tags: ${{ steps.web.outputs.tags }}
+          labels: ${{ steps.web.outputs.labels }}
+
+  install-kubectl:
+    if: ${{ github.event_name != 'pull_request' }}
+    name: Install Kubectl for OKE
+    runs-on: ubuntu-latest
+    needs: push_to_registry
+    steps:
+      - name: Configure Kubectl
+        uses: oracle-actions/[email protected]
+        id: test-configure-kubectl-oke-action
+        with:
+          cluster: ${{ secrets.OKE_CLUSTER_OCID }}
+
+      - name: Run Kubectl
+        run: kubectl get nodes -A
+
+      - name: Check out the repo
+        uses: actions/checkout@v4
+
+      - name: Helm deploy
+        run: helm upgrade wordsmith-dev ./Helm/wordsmith --namespace ws-dev --install --create-namespace

.github/workflows/pipeline-prod.yaml

@@ -0,0 +1,95 @@
+name: CI-CD-Production
+
+on:
+  workflow_dispatch:
+  push:
+    tags: # e.g., v1.2.3
+    - 'prod[0-9]+.[0-9]+.[0-9]+'
+
+env:
+  OCI_CLI_USER: ${{ secrets.OCI_CLI_USER }}
+  OCI_CLI_TENANCY: ${{ secrets.OCI_CLI_TENANCY }}
+  OCI_CLI_FINGERPRINT: ${{ secrets.OCI_CLI_FINGERPRINT }}
+  OCI_CLI_KEY_CONTENT: ${{ secrets.OCI_CLI_KEY_CONTENT }}
+  OCI_CLI_REGION: ${{ secrets.OCI_CLI_REGION }}
+
+jobs:
+
+  push_to_registry:
+    if: ${{ github.event_name != 'pull_request' }}
+    name: Push Docker image to Docker Hub
+    runs-on: ubuntu-latest
+    outputs:
+      api_tag: ${{ steps.meta.outputs.version }}
+      web_tag: ${{ steps.web.outputs.version }}
+    permissions:
+      packages: write
+      contents: read
+      attestations: write
+      id-token: write
+    steps:
+      - name: Check out the repo
+        uses: actions/checkout@v4
+
+      - name: Log in to Docker Hub
+        uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      - name: Extract metadata (tags, labels) for API Docker
+        id: meta
+        uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
+        with:
+          images: shivin8080/demo-api
+          tags: |
+            type=match,pattern=prod(.*),group=1
+
+      - name: Build and push Docker image API
+        id: push
+        uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671
+        with:
+          context: ./api
+          file: ./api/Dockerfile
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+
+      - name: Extract metadata (tags, labels) for Web Docker
+        id: web
+        uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
+        with:
+          images: shivin8080/demo-web
+          tags: |
+            type=match,pattern=prod(.*),group=1
+
+      - name: Build and push Docker image Web
+        id: push-web
+        uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671
+        with:
+          context: ./web
+          file: ./web/Dockerfile
+          push: true
+          tags: ${{ steps.web.outputs.tags }}
+          labels: ${{ steps.web.outputs.labels }}
+
+  install-kubectl:
+    if: ${{ github.event_name != 'pull_request' }}
+    name: Install Kubectl for OKE
+    runs-on: ubuntu-latest
+    needs: push_to_registry
+    steps:
+      - name: Configure Kubectl
+        uses: oracle-actions/[email protected]
+        id: test-configure-kubectl-oke-action
+        with:
+          cluster: ${{ secrets.OKE_CLUSTER_OCID }}
+
+      - name: Run Kubectl
+        run: kubectl get nodes -A
+
+      - name: Check out the repo
+        uses: actions/checkout@v4
+
+      - name: Helm deploy
+        run: helm upgrade wordsmith-prod ./Helm/wordsmith --set-string web.tag=${{ needs.push_to_registry.outputs.web_tag }} --set-string api.tag=${{ needs.push_to_registry.outputs.api_tag }} --namespace ws-prod --install --create-namespace

.github/workflows/pipeline-stage.yaml

@@ -0,0 +1,95 @@
+name: CI-CD-Stage
+
+on:
+  workflow_dispatch:
+  push:
+    tags: # e.g., v1.2.3
+    - 'stage[0-9]+.[0-9]+.[0-9]+'
+
+env:
+  OCI_CLI_USER: ${{ secrets.OCI_CLI_USER }}
+  OCI_CLI_TENANCY: ${{ secrets.OCI_CLI_TENANCY }}
+  OCI_CLI_FINGERPRINT: ${{ secrets.OCI_CLI_FINGERPRINT }}
+  OCI_CLI_KEY_CONTENT: ${{ secrets.OCI_CLI_KEY_CONTENT }}
+  OCI_CLI_REGION: ${{ secrets.OCI_CLI_REGION }}
+
+jobs:
+
+  push_to_registry:
+    if: ${{ github.event_name != 'pull_request' }}
+    name: Push Docker image to Docker Hub
+    runs-on: ubuntu-latest
+    outputs:
+      api_tag: ${{ steps.meta.outputs.version }}
+      web_tag: ${{ steps.web.outputs.version }}
+    permissions:
+      packages: write
+      contents: read
+      attestations: write
+      id-token: write
+    steps:
+      - name: Check out the repo
+        uses: actions/checkout@v4
+
+      - name: Log in to Docker Hub
+        uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
+      - name: Extract metadata (tags, labels) for API Docker
+        id: meta
+        uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
+        with:
+          images: shivin8080/demo-api
+          tags: |
+            type=match,pattern=stage(.*),group=1
+
+      - name: Build and push Docker image API
+        id: push
+        uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671
+        with:
+          context: ./api
+          file: ./api/Dockerfile
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+
+      - name: Extract metadata (tags, labels) for Web Docker
+        id: web
+        uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
+        with:
+          images: shivin8080/demo-web
+          tags: |
+            type=match,pattern=stage(.*),group=1
+
+      - name: Build and push Docker image Web
+        id: push-web
+        uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671
+        with:
+          context: ./web
+          file: ./web/Dockerfile
+          push: true
+          tags: ${{ steps.web.outputs.tags }}
+          labels: ${{ steps.web.outputs.labels }}
+
+  install-kubectl:
+    if: ${{ github.event_name != 'pull_request' }}
+    name: Install Kubectl for OKE
+    runs-on: ubuntu-latest
+    needs: push_to_registry
+    steps:
+      - name: Configure Kubectl
+        uses: oracle-actions/[email protected]
+        id: test-configure-kubectl-oke-action
+        with:
+          cluster: ${{ secrets.OKE_CLUSTER_OCID }}
+
+      - name: Run Kubectl
+        run: kubectl get nodes -A
+
+      - name: Check out the repo
+        uses: actions/checkout@v4
+
+      - name: Helm deploy
+        run: helm upgrade wordsmith-stage ./Helm/wordsmith --set-string web.tag=${{ needs.push_to_registry.outputs.web_tag }} --set-string api.tag=${{ needs.push_to_registry.outputs.api_tag }} --namespace ws-stage --install --create-namespace

Helm/wordsmith/Chart.yaml

@@ -0,0 +1,4 @@
+name: wordsmith
+version: 1.0.0
+description: A Helm chart for the Wordsmith demo application
+AppVersion: 1.0.0

Helm/wordsmith/templates/_helpers.tpl

@@ -0,0 +1,32 @@
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "wordsmith.fullname" -}}
+{{- $name := .Chart.Name }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- define "wordsmith.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{/*
+Common labels
+*/}}
+{{- define "wordsmith.labels" -}}
+helm.sh/chart: {{ include "wordsmith.chart" . }}
+{{ include "wordsmith.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/AppVersion: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
+{{- end }}
+
+{{- define "wordsmith.selectorLabels" -}}
+app.kubernetes.io/name: "wordsmith"
+app.kubernetes.io/instance: {{ .Release.Name | quote }}
+{{- end }}