From 7bad3c8d4584566feed3231f78f74f0f8a89bd24 Mon Sep 17 00:00:00 2001 From: cmyui Date: Sun, 22 Oct 2023 13:08:21 -0400 Subject: [PATCH 1/4] Deploy to production from CI --- .github/workflows/production-deploy.yml | 71 ++++++++----------------- .github/workflows/staging-deploy.yml | 58 -------------------- Dockerfile | 2 + Makefile | 18 ++----- scripts/start.sh | 11 ++-- 5 files changed, 33 insertions(+), 127 deletions(-) delete mode 100644 .github/workflows/staging-deploy.yml diff --git a/.github/workflows/production-deploy.yml b/.github/workflows/production-deploy.yml index 5334456..53b8813 100644 --- a/.github/workflows/production-deploy.yml +++ b/.github/workflows/production-deploy.yml @@ -1,55 +1,26 @@ name: production-deploy - -on: workflow_dispatch - -concurrency: - group: ${{ github.workflow }}-${{ github.ref }} - cancel-in-progress: true +on: + push: + branches: + - master jobs: - production-deploy: + build: + name: Build runs-on: ubuntu-latest - steps: - - name: Check out latest commit - uses: actions/checkout@v3 - - - name: Install digitalocean command line interface - uses: digitalocean/action-doctl@v2 - with: - token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }} - - - name: Log-in to digitalocean container registry - run: doctl registry login --expiry-seconds 600 - - - name: Build container image - run: docker build -t registry.digitalocean.com/akatsuki/akatsuki-api:latest . - - - name: Push image to digitalocean container registry - run: docker push registry.digitalocean.com/akatsuki/akatsuki-api:latest - - - name: Save kubeconfig from digitalocean - run: doctl k8s cluster kubeconfig save --expiry-seconds 600 akatsuki-staging - - - name: Install helm - uses: azure/setup-helm@v3 - with: - version: 'latest' - token: ${{ secrets.GITHUB_TOKEN }} - id: install - - - name: Install helm-diff - run: helm plugin install https://github.com/databus23/helm-diff - - - name: Checkout common-helm-charts repo - uses: actions/checkout@v3 - with: - repository: osuAkatsuki/common-helm-charts - token: ${{ secrets.COMMON_HELM_CHARTS_PAT }} - path: common-helm-charts - - - name: Show manifest diff since previous release - run: helm diff upgrade --allow-unreleased --values chart/values.yaml akatsuki-api-staging common-helm-charts/microservice-base/ - - - name: Deploy service to staging cluster - run: helm upgrade --install --atomic --values chart/values.yaml akatsuki-api-staging common-helm-charts/microservice-base/ + - name: Run deploy on production + uses: appleboy/ssh-action@v1.0.0 + with: + host: ${{ secrets.SSH_HOST }} + username: ${{ secrets.SSH_USERNAME }} + key: ${{ secrets.SSH_KEY }} + port: ${{ secrets.SSH_PORT }} + script_stop: true + script: | + cd /home/akatsuki/akatsuki-api + git pull origin master + docker build -t akatsuki-api:latest . + cd /home/akatsuki/workbench + docker-compose restart \ + akatsuki-api diff --git a/.github/workflows/staging-deploy.yml b/.github/workflows/staging-deploy.yml deleted file mode 100644 index 2a7f429..0000000 --- a/.github/workflows/staging-deploy.yml +++ /dev/null @@ -1,58 +0,0 @@ -name: build - -on: - push: - branches: - - master - -concurrency: - group: ${{ github.workflow }}-${{ github.ref }} - cancel-in-progress: true - -jobs: - staging-deployment: - runs-on: ubuntu-latest - - steps: - - name: Check out latest commit - uses: actions/checkout@v3 - - - name: Install digitalocean command line interface - uses: digitalocean/action-doctl@v2 - with: - token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }} - - - name: Log-in to digitalocean container registry - run: doctl registry login --expiry-seconds 600 - - - name: Build container image - run: docker build -t registry.digitalocean.com/akatsuki/akatsuki-api:latest . - - - name: Push image to digitalocean container registry - run: docker push registry.digitalocean.com/akatsuki/akatsuki-api:latest - - - name: Save kubeconfig from digitalocean - run: doctl k8s cluster kubeconfig save --expiry-seconds 600 akatsuki-staging - - - name: Install helm - uses: azure/setup-helm@v3 - with: - version: 'latest' - token: ${{ secrets.GITHUB_TOKEN }} - id: install - - - name: Install helm-diff - run: helm plugin install https://github.com/databus23/helm-diff - - - name: Checkout common-helm-charts repo - uses: actions/checkout@v3 - with: - repository: osuAkatsuki/common-helm-charts - token: ${{ secrets.COMMON_HELM_CHARTS_PAT }} - path: common-helm-charts - - - name: Show manifest diff since previous release - run: helm diff upgrade --allow-unreleased --values chart/values.yaml akatsuki-api-staging common-helm-charts/microservice-base/ - - - name: Deploy service to staging cluster - run: helm upgrade --install --atomic --values chart/values.yaml akatsuki-api-staging common-helm-charts/microservice-base/ diff --git a/Dockerfile b/Dockerfile index fc87af7..da6fa37 100644 --- a/Dockerfile +++ b/Dockerfile @@ -7,6 +7,8 @@ RUN go mod download && go mod verify COPY . /srv/root +RUN apt install -y python3-pip + RUN go build EXPOSE 80 diff --git a/Makefile b/Makefile index fa2219e..d9db7e3 100644 --- a/Makefile +++ b/Makefile @@ -1,19 +1,7 @@ #!/usr/bin/make build: - docker build -t akatsuki-api:latest -t registry.digitalocean.com/akatsuki/akatsuki-api:latest . + docker build -t akatsuki-api:latest . -push: - docker push registry.digitalocean.com/akatsuki/akatsuki-api:latest - -install: - helm install --values chart/values.yaml akatsuki-api-staging ../common-helm-charts/microservice-base/ - -uninstall: - helm uninstall akatsuki-api-staging - -diff-upgrade: - helm diff upgrade --allow-unreleased --values chart/values.yaml akatsuki-api-staging ../common-helm-charts/microservice-base/ - -upgrade: - helm upgrade --atomic --values chart/values.yaml akatsuki-api-staging ../common-helm-charts/microservice-base/ +run-api: + docker run --network diff --git a/scripts/start.sh b/scripts/start.sh index b791ead..e12a3d7 100755 --- a/scripts/start.sh +++ b/scripts/start.sh @@ -1,10 +1,6 @@ #!/usr/bin/env bash set -eo pipefail -if [ -n "$KUBERNETES" ]; then - source /vault/secrets/secrets.txt -fi - if [ -z "$APP_COMPONENT" ]; then echo "Please set APP_COMPONENT" exit 1 @@ -15,6 +11,13 @@ if [ -z "$APP_ENV" ]; then exit 1 fi +if [[ $PULL_SECRETS_FROM_VAULT -eq 1 ]]; then + # TODO: is there a better way to deal with this? + pip install --break-system-packages -i $PYPI_INDEX_URL akatsuki-cli + akatsuki vault get hanayo $APP_ENV -o .env + source .env +fi + if [ "$APP_COMPONENT" = "api" ]; then exec ./akatsuki-api else From e780c2be40bc38f86e95cb7cab964c66a8c13e8d Mon Sep 17 00:00:00 2001 From: cmyui Date: Sun, 22 Oct 2023 13:14:37 -0400 Subject: [PATCH 2/4] apt update & install pip in docker --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index da6fa37..a850658 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,7 @@ FROM golang:1.20 +RUN apt update && apt install -y python3-pip + WORKDIR /srv/root COPY go.mod go.sum ./ @@ -7,8 +9,6 @@ RUN go mod download && go mod verify COPY . /srv/root -RUN apt install -y python3-pip - RUN go build EXPOSE 80 From 0f03a133e65a66f2133e76c6bda9ab1d6e57a0cd Mon Sep 17 00:00:00 2001 From: cmyui Date: Sun, 22 Oct 2023 13:19:47 -0400 Subject: [PATCH 3/4] woops --- scripts/start.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/start.sh b/scripts/start.sh index e12a3d7..d4afa2a 100755 --- a/scripts/start.sh +++ b/scripts/start.sh @@ -14,7 +14,7 @@ fi if [[ $PULL_SECRETS_FROM_VAULT -eq 1 ]]; then # TODO: is there a better way to deal with this? pip install --break-system-packages -i $PYPI_INDEX_URL akatsuki-cli - akatsuki vault get hanayo $APP_ENV -o .env + akatsuki vault get akatsuki-api $APP_ENV -o .env source .env fi From d4c3dd15177f04108209dcff08881bb803b3e9f3 Mon Sep 17 00:00:00 2001 From: cmyui Date: Sun, 22 Oct 2023 13:26:08 -0400 Subject: [PATCH 4/4] update run-api --- Makefile | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index d9db7e3..9e53b37 100644 --- a/Makefile +++ b/Makefile @@ -4,4 +4,8 @@ build: docker build -t akatsuki-api:latest . run-api: - docker run --network + docker run \ + --env APP_COMPONENT=api \ + --network=host \ + --env-file=.env \ + -it akatsuki-api:latest