Compare commits
No commits in common. "main" and "backup-old" have entirely different histories.
main
...
backup-old
192
.drone.yml
Normal file → Executable file
192
.drone.yml
Normal file → Executable file
@ -1,191 +1,9 @@
|
||||
|
||||
kind: pipeline
|
||||
name: default
|
||||
type: docker
|
||||
|
||||
name: "test"
|
||||
steps:
|
||||
- name: build ci
|
||||
image: rustlang/rust:nightly
|
||||
volumes:
|
||||
- name: ci
|
||||
path: /mnt/ci
|
||||
environment:
|
||||
PKG_CONFIG_SYSROOT_DIR: "/"
|
||||
CI_PREFIX: "/mnt/ci"
|
||||
- name: test
|
||||
image: harbor.front.kjuulh.io/docker-proxy/library/bash:latest
|
||||
commands:
|
||||
- set -e
|
||||
- apt update
|
||||
- apt install musl-tools pkg-config libssl-dev openssl build-essential musl-dev -y
|
||||
- rustup target add x86_64-unknown-linux-musl
|
||||
- cargo build --target=x86_64-unknown-linux-musl -p ci --bin ci
|
||||
- mv target/x86_64-unknown-linux-musl/debug/ci "$CI_PREFIX/ci"
|
||||
|
||||
- name: load_secret
|
||||
image: debian:buster-slim
|
||||
volumes:
|
||||
- name: ssh
|
||||
path: /root/.ssh/
|
||||
environment:
|
||||
SSH_KEY:
|
||||
from_secret: gitea_id_ed25519
|
||||
commands:
|
||||
- mkdir -p $HOME/.ssh/
|
||||
- echo "$SSH_KEY" | base64 -d > $HOME/.ssh/id_ed25519
|
||||
- chmod -R 600 ~/.ssh
|
||||
- |
|
||||
cat >$HOME/.ssh/config <<EOL
|
||||
Host git.front.kjuulh.io
|
||||
IdentityFile $HOME/.ssh/id_ed25519
|
||||
IdentitiesOnly yes
|
||||
UserKnownHostsFile=/dev/null
|
||||
StrictHostKeyChecking no
|
||||
EOL
|
||||
- chmod 700 ~/.ssh/config
|
||||
|
||||
- name: build pr
|
||||
image: kasperhermansen/cuddle:latest
|
||||
pull: always
|
||||
volumes:
|
||||
- name: ssh
|
||||
path: /root/.ssh/
|
||||
- name: ci
|
||||
path: /mnt/ci
|
||||
commands:
|
||||
- eval `ssh-agent`
|
||||
- ssh-add
|
||||
- echo "$DOCKER_PASSWORD" | docker login --password-stdin --username="$DOCKER_USERNAME" docker.io
|
||||
- apk add git
|
||||
- cuddle --version
|
||||
- $CI_PREFIX pr
|
||||
environment:
|
||||
DAGGER_CLOUD_TOKEN:
|
||||
from_secret: dagger_cloud_token
|
||||
DRONE_HOST: "https://ci.i.kjuulh.io"
|
||||
DRONE_USER: "kjuulh"
|
||||
DRONE_TOKEN:
|
||||
from_secret: drone_token
|
||||
DOCKER_BUILDKIT: 1
|
||||
DOCKER_PASSWORD:
|
||||
from_secret: docker_password
|
||||
DOCKER_USERNAME:
|
||||
from_secret: docker_username
|
||||
DOCKER_HOST: "tcp://192.168.1.155:2376"
|
||||
CUDDLE_SECRETS_PROVIDER: 1password
|
||||
CUDDLE_ONE_PASSWORD_DOT_ENV: ".env.ci"
|
||||
CUDDLE_SSH_AGENT: "true"
|
||||
CI_PREFIX: "/mnt/ci/ci"
|
||||
CUDDLE_PLEASE_TOKEN:
|
||||
from_secret: cuddle_please_token
|
||||
OP_SERVICE_ACCOUNT_TOKEN:
|
||||
from_secret: op_service_account_token
|
||||
when:
|
||||
event:
|
||||
- pull_request
|
||||
exclude:
|
||||
- main
|
||||
- master
|
||||
depends_on:
|
||||
- "load_secret"
|
||||
- "build ci"
|
||||
|
||||
- name: build main
|
||||
image: kasperhermansen/cuddle:latest
|
||||
pull: always
|
||||
volumes:
|
||||
- name: ssh
|
||||
path: /root/.ssh/
|
||||
- name: ci
|
||||
path: /mnt/ci
|
||||
commands:
|
||||
- eval `ssh-agent`
|
||||
- ssh-add
|
||||
- echo "$DOCKER_PASSWORD" | docker login --password-stdin --username="$DOCKER_USERNAME" docker.io
|
||||
- apk add git
|
||||
- cuddle --version
|
||||
- $CI_PREFIX main
|
||||
environment:
|
||||
DAGGER_CLOUD_TOKEN:
|
||||
from_secret: dagger_cloud_token
|
||||
DRONE_HOST: "https://ci.i.kjuulh.io"
|
||||
DRONE_USER: "kjuulh"
|
||||
DRONE_TOKEN:
|
||||
from_secret: drone_token
|
||||
REGISTRY_CACHE_USERNAME:
|
||||
from_secret: registry_cache_username
|
||||
REGISTRY_CACHE_PASSWORD:
|
||||
from_secret: registry_cache_password
|
||||
REGISTRY_CACHE_TOKEN:
|
||||
from_secret: registry_cache_token
|
||||
REGISTRY_CACHE_url:
|
||||
from_secret: registry_cache_url
|
||||
DOCKER_BUILDKIT: 1
|
||||
DOCKER_PASSWORD:
|
||||
from_secret: docker_password
|
||||
DOCKER_USERNAME:
|
||||
from_secret: docker_username
|
||||
CUDDLE_SECRETS_PROVIDER: 1password
|
||||
CUDDLE_ONE_PASSWORD_DOT_ENV: ".env.ci"
|
||||
CUDDLE_SSH_AGENT: "true"
|
||||
GIT_PASSWORD:
|
||||
from_secret: git_password
|
||||
CI_PREFIX: "/mnt/ci/ci"
|
||||
DOCKER_HOST: "tcp://192.168.1.155:2376"
|
||||
CUDDLE_PLEASE_TOKEN:
|
||||
from_secret: cuddle_please_token
|
||||
OP_SERVICE_ACCOUNT_TOKEN:
|
||||
from_secret: op_service_account_token
|
||||
when:
|
||||
event:
|
||||
- push
|
||||
branch:
|
||||
- main
|
||||
- master
|
||||
exclude:
|
||||
- pull_request
|
||||
depends_on:
|
||||
- "load_secret"
|
||||
- "build ci"
|
||||
|
||||
- name: deploy release
|
||||
image: kasperhermansen/cuddle:latest
|
||||
pull: always
|
||||
volumes:
|
||||
- name: ssh
|
||||
path: /root/.ssh/
|
||||
- name: ci
|
||||
path: /mnt/ci
|
||||
commands:
|
||||
- eval `ssh-agent`
|
||||
- ssh-add
|
||||
- echo "$DOCKER_PASSWORD" | docker login --password-stdin --username="$DOCKER_USERNAME" docker.io
|
||||
- apk add git
|
||||
|
||||
- $CI_PREFIX release
|
||||
environment:
|
||||
DOCKER_BUILDKIT: 1
|
||||
DOCKER_PASSWORD:
|
||||
from_secret: docker_password
|
||||
DOCKER_USERNAME:
|
||||
from_secret: docker_username
|
||||
CUDDLE_SECRETS_PROVIDER: 1password
|
||||
CUDDLE_ONE_PASSWORD_DOT_ENV: ".env.ci"
|
||||
CUDDLE_SSH_AGENT: "true"
|
||||
CI_PREFIX: "/mnt/ci/ci"
|
||||
CUDDLE_PLEASE_TOKEN:
|
||||
from_secret: cuddle_please_token
|
||||
OP_SERVICE_ACCOUNT_TOKEN:
|
||||
from_secret: op_service_account_token
|
||||
when:
|
||||
event:
|
||||
- tag
|
||||
ref:
|
||||
include:
|
||||
- refs/tags/v*
|
||||
depends_on:
|
||||
- "load_secret"
|
||||
- "build ci"
|
||||
|
||||
volumes:
|
||||
- name: ssh
|
||||
temp: {}
|
||||
- name: ci
|
||||
temp: {}
|
||||
- echo 'Run tests'
|
||||
|
1
.gitignore
vendored
1
.gitignore
vendored
@ -1,2 +1 @@
|
||||
target/
|
||||
.cuddle/
|
||||
|
4779
Cargo.lock
generated
4779
Cargo.lock
generated
File diff suppressed because it is too large
Load Diff
14
Cargo.toml
14
Cargo.toml
@ -1,14 +0,0 @@
|
||||
[workspace]
|
||||
members = ["crates/*", "ci"]
|
||||
resolver = "2"
|
||||
|
||||
[workspace.dependencies]
|
||||
|
||||
anyhow = { version = "1.0.86" }
|
||||
tokio = { version = "1", features = ["full"] }
|
||||
tracing = { version = "0.1", features = ["log"] }
|
||||
tracing-subscriber = { version = "0.3.18" }
|
||||
clap = { version = "4.5.4", features = ["derive", "env"] }
|
||||
dotenv = { version = "0.15.0" }
|
||||
|
||||
cuddle-clusters = { git = "https://git.front.kjuulh.io/kjuulh/cuddle-clusters", branch = "main" } #tag = "v0.1.1" }
|
@ -1,16 +0,0 @@
|
||||
[package]
|
||||
name = "ci"
|
||||
version = "0.1.0"
|
||||
edition = "2021"
|
||||
|
||||
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
|
||||
|
||||
[dependencies]
|
||||
tokio.workspace = true
|
||||
|
||||
dagger-sdk = "0.11.10"
|
||||
eyre = { version = "0.6.12" }
|
||||
|
||||
dagger-components = { git = "https://git.front.kjuulh.io/kjuulh/dagger-components", branch = "main" }
|
||||
dagger-rust = { git = "https://git.front.kjuulh.io/kjuulh/dagger-components", branch = "main" }
|
||||
cuddle-ci = { git = "https://git.front.kjuulh.io/kjuulh/dagger-components", branch = "main" }
|
@ -1,53 +0,0 @@
|
||||
use std::sync::Arc;
|
||||
|
||||
use cuddle_ci::drone_templater::DroneTemplater;
|
||||
use cuddle_ci::rust_service::architecture::{Architecture, Os};
|
||||
use cuddle_ci::rust_service::{extensions::*, RustService};
|
||||
use cuddle_ci::CuddleCI;
|
||||
use tokio::sync::Mutex;
|
||||
|
||||
const BIN_NAME: &str = "cuddle-rust-service-plan";
|
||||
|
||||
#[tokio::main]
|
||||
async fn main() -> eyre::Result<()> {
|
||||
dagger_sdk::connect(|client| async move {
|
||||
let service = &RustService::from(client.clone())
|
||||
.with_arch(Architecture::Amd64)
|
||||
.with_os(Os::Linux)
|
||||
.with_apt(&[
|
||||
"clang",
|
||||
"libssl-dev",
|
||||
"libz-dev",
|
||||
"libgit2-dev",
|
||||
"git",
|
||||
"openssh-client",
|
||||
"protobuf-compiler",
|
||||
])
|
||||
.with_apt_release(&["git", "openssh-client", "protobuf-compiler"])
|
||||
.with_docker_cli()
|
||||
.with_cuddle_cli()
|
||||
.with_kubectl()
|
||||
.with_apt_ca_certificates()
|
||||
.with_crates(["ci", "crates/*"])
|
||||
.with_mold("2.3.3")
|
||||
.with_bin_name(BIN_NAME)
|
||||
.with_deployment(false)
|
||||
.to_owned();
|
||||
|
||||
let drone_templater =
|
||||
&DroneTemplater::new(client, "templates/cuddle-rust-service-plan.yaml")
|
||||
.with_variable("bin_name", BIN_NAME)
|
||||
.to_owned();
|
||||
|
||||
CuddleCI::default()
|
||||
.with_pull_request(service)
|
||||
.with_main(service)
|
||||
.with_main(drone_templater)
|
||||
.execute(std::env::args())
|
||||
.await?;
|
||||
Ok(())
|
||||
})
|
||||
.await?;
|
||||
|
||||
Ok(())
|
||||
}
|
1
crates/cuddle-rust-service-plan/.gitignore
vendored
1
crates/cuddle-rust-service-plan/.gitignore
vendored
@ -1 +0,0 @@
|
||||
/target
|
@ -1,19 +0,0 @@
|
||||
[package]
|
||||
name = "cuddle-rust-service-plan"
|
||||
version = "0.1.0"
|
||||
edition = "2021"
|
||||
|
||||
[dependencies]
|
||||
tokio.workspace = true
|
||||
|
||||
dagger-sdk = "0.11.10"
|
||||
eyre = { version = "0.6.12" }
|
||||
|
||||
tracing.workspace = true
|
||||
tracing-subscriber.workspace = true
|
||||
|
||||
dagger-components = { git = "https://git.front.kjuulh.io/kjuulh/dagger-components", branch = "main" }
|
||||
dagger-rust = { git = "https://git.front.kjuulh.io/kjuulh/dagger-components", branch = "main" }
|
||||
cuddle-ci = { git = "https://git.front.kjuulh.io/kjuulh/dagger-components", branch = "main" }
|
||||
cuddle-clusters.workspace = true
|
||||
async-trait = "0.1.80"
|
@ -1,152 +0,0 @@
|
||||
use std::collections::HashMap;
|
||||
use std::path::PathBuf;
|
||||
|
||||
use async_trait::async_trait;
|
||||
use cuddle_ci::cuddle_file::CuddleFile;
|
||||
use cuddle_ci::cuddle_please::CuddlePlease;
|
||||
use cuddle_ci::cuddle_releaser::CuddleReleaser;
|
||||
use cuddle_ci::rust_service::architecture::{Architecture, Os};
|
||||
use cuddle_ci::rust_service::RustService;
|
||||
use cuddle_ci::rust_service::{extensions::*, RustServiceContext};
|
||||
use cuddle_ci::{Context, CuddleCI, MainAction, PullRequestAction};
|
||||
use cuddle_clusters::catalog::cluster_vars::ClusterVars;
|
||||
use cuddle_clusters::catalog::crdb_database::CockroachDB;
|
||||
use cuddle_clusters::catalog::cuddle_vars::CuddleVars;
|
||||
use cuddle_clusters::catalog::ingress::Ingress;
|
||||
use cuddle_clusters::catalog::vault_secret::VaultSecret;
|
||||
use cuddle_clusters::releaser::Releaser;
|
||||
use cuddle_clusters::IntoComponent;
|
||||
|
||||
#[tokio::main]
|
||||
async fn main() -> eyre::Result<()> {
|
||||
tracing_subscriber::fmt::init();
|
||||
|
||||
dagger_sdk::connect(|client| async move {
|
||||
let cuddle_file = CuddleFile::from_cuddle_file().await?;
|
||||
|
||||
let service = &RustService::from(client.clone())
|
||||
.with_cuddle_file(&cuddle_file)
|
||||
.with_arch(Architecture::Amd64)
|
||||
.with_os(Os::Linux)
|
||||
.with_apt(&["libssl-dev", "libz-dev", "libpq-dev", "protobuf-compiler"])
|
||||
.with_apt_release(&["libssl-dev", "libz-dev", "libpq-dev"])
|
||||
.with_apt_ca_certificates()
|
||||
.with_workspace_crates()
|
||||
.await
|
||||
.with_mold("2.3.3")
|
||||
.to_owned();
|
||||
|
||||
let render = &RustServiceRender {
|
||||
service: cuddle_file.vars.service,
|
||||
//registry: "http://127.0.0.1:7900".into(),
|
||||
//registry: "http://10.0.11.19:7900".into(),
|
||||
registry: "https://releaser.i.kjuulh.io:443".into(),
|
||||
};
|
||||
let deployment = &CuddleReleaser::new(client.clone()).await?;
|
||||
|
||||
let mut ci = CuddleCI::default();
|
||||
|
||||
ci.with_pull_request(service)
|
||||
.with_pull_request(render)
|
||||
//.with_pull_request(deployment.clone())
|
||||
.with_main(service)
|
||||
.with_main(render)
|
||||
.with_main(deployment);
|
||||
|
||||
if cuddle_file.please.is_some() {
|
||||
ci.with_main(&CuddlePlease::new(client.clone()));
|
||||
}
|
||||
|
||||
ci.execute(std::env::args()).await?;
|
||||
|
||||
Ok(())
|
||||
})
|
||||
.await?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
#[derive(Default, Clone)]
|
||||
struct RustServiceRender {
|
||||
service: String,
|
||||
registry: String,
|
||||
}
|
||||
|
||||
impl RustServiceRender {
|
||||
async fn render_templates(&self, image_tag: &str) -> eyre::Result<()> {
|
||||
let mut releaser = Releaser::default();
|
||||
|
||||
releaser
|
||||
.with_service(&self.service)
|
||||
.with_registry(&self.registry);
|
||||
|
||||
match cuddle_clusters::process_opts(
|
||||
vec![
|
||||
CuddleVars::new(&std::env::current_dir()?)
|
||||
.await
|
||||
.map_err(|e| eyre::anyhow!("failed to get cuddle vars: {}", e.to_string()))?
|
||||
.into_component(),
|
||||
ClusterVars::default().into_component(),
|
||||
VaultSecret::default().into_component(),
|
||||
CockroachDB::new(&std::env::current_dir()?)
|
||||
.await
|
||||
.map_err(|e| eyre::anyhow!("failed to get cuddle vars: {}", e.to_string()))?
|
||||
.into_component(),
|
||||
Ingress::new(&std::env::current_dir()?)
|
||||
.await
|
||||
.map_err(|e| eyre::anyhow!("failed to get cuddle vars: {}", e.to_string()))?
|
||||
.into_component(),
|
||||
],
|
||||
cuddle_clusters::process::ProcessOpts {
|
||||
path: std::env::current_dir()?,
|
||||
output: PathBuf::from(".cuddle/tmp/cuddle-clusters"),
|
||||
variables: HashMap::from([("image_tag".into(), image_tag.into())]),
|
||||
},
|
||||
Some(releaser),
|
||||
)
|
||||
.await
|
||||
.map_err(|e| eyre::anyhow!("failed to process templates: {}", e.to_string()))
|
||||
{
|
||||
Ok(_) => {}
|
||||
Err(e) => {
|
||||
tracing::error!("failed to process templates: {}", e);
|
||||
}
|
||||
}
|
||||
|
||||
Ok(())
|
||||
}
|
||||
}
|
||||
|
||||
#[async_trait]
|
||||
impl MainAction for RustServiceRender {
|
||||
async fn execute_main(&self, ctx: &mut Context) -> eyre::Result<()> {
|
||||
let image_tag = ctx
|
||||
.get_image_tag()?
|
||||
.ok_or(eyre::anyhow!("failed to find image_tag"))?;
|
||||
|
||||
self.render_templates(&image_tag).await?;
|
||||
|
||||
// cuddle_ci::cuddle_x::well_known::render(vec![
|
||||
// "--cluster",
|
||||
// "clank-prod",
|
||||
// "--image_tag",
|
||||
// &image_tag,
|
||||
// ])
|
||||
// .await?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
}
|
||||
|
||||
#[async_trait]
|
||||
impl PullRequestAction for RustServiceRender {
|
||||
async fn execute_pull_request(&self, ctx: &mut Context) -> eyre::Result<()> {
|
||||
let image_tag = ctx
|
||||
.get_image_tag()?
|
||||
.ok_or(eyre::anyhow!("failed to find image_tag"))?;
|
||||
|
||||
self.render_templates(&image_tag).await?;
|
||||
|
||||
Ok(())
|
||||
}
|
||||
}
|
40
cuddle.yaml
40
cuddle.yaml
@ -1,31 +1,25 @@
|
||||
# yaml-language-server: $schema=https://git.front.kjuulh.io/kjuulh/cuddle/raw/branch/main/schemas/base.json
|
||||
|
||||
base: "git@git.front.kjuulh.io:kjuulh/cuddle-base.git"
|
||||
|
||||
vars:
|
||||
service: "cuddle-rust-service-plan"
|
||||
registry: kasperhermansen
|
||||
|
||||
clusters:
|
||||
clank-prod:
|
||||
replicas: "3"
|
||||
namespace: prod
|
||||
config:
|
||||
something: something
|
||||
secrets:
|
||||
something.else: something
|
||||
|
||||
cuddle/clusters:
|
||||
dev:
|
||||
registry: "kasperhermansen"
|
||||
port: "3000:3000"
|
||||
|
||||
scripts:
|
||||
render:
|
||||
local_down:
|
||||
type: shell
|
||||
local_up:
|
||||
type: shell
|
||||
run:
|
||||
type: shell
|
||||
migrate:
|
||||
type: shell
|
||||
new_migration:
|
||||
type: shell
|
||||
args:
|
||||
cluster:
|
||||
name: cluster
|
||||
type: flag
|
||||
image_tag:
|
||||
name: image_tag
|
||||
type: flag
|
||||
|
||||
name:
|
||||
type: "env"
|
||||
key: "name"
|
||||
"sqlx:prepare":
|
||||
type: shell
|
||||
|
||||
|
7
scripts/local_down.sh
Executable file
7
scripts/local_down.sh
Executable file
@ -0,0 +1,7 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -e
|
||||
|
||||
cuddle render_template --template-file $TMP/docker-compose.local_up.yml.tmpl --dest $TMP/docker-compose.local_up.yml
|
||||
|
||||
docker compose -f $TMP/docker-compose.local_up.yml down -v
|
7
scripts/local_up.sh
Executable file
7
scripts/local_up.sh
Executable file
@ -0,0 +1,7 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -e
|
||||
|
||||
cuddle render_template --template-file $TMP/docker-compose.local_up.yml.tmpl --dest $TMP/docker-compose.local_up.yml
|
||||
|
||||
docker compose -f $TMP/docker-compose.local_up.yml up -d --remove-orphans --build
|
6
scripts/migrate.sh
Executable file
6
scripts/migrate.sh
Executable file
@ -0,0 +1,6 @@
|
||||
#!/bin/bash
|
||||
|
||||
export $(cat .env | xargs)
|
||||
|
||||
cargo sqlx migrate run --source "crates/$service/migrations" --database-url=$DATABASE_URL
|
||||
|
5
scripts/new_migration.sh
Executable file
5
scripts/new_migration.sh
Executable file
@ -0,0 +1,5 @@
|
||||
#!/bin/bash
|
||||
|
||||
export $(cat .env | xargs)
|
||||
|
||||
cargo sqlx migrate add "--source crates/$service/migrations" $name
|
@ -1,19 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -eou pipefail
|
||||
|
||||
echo "rendering folder"
|
||||
|
||||
cuddle render folder \
|
||||
--source $TMP/kustomize \
|
||||
--destination $TMP/rendered/kustomize \
|
||||
--extra-var cluster=$CLUSTER \
|
||||
--extra-var image_tag=$IMAGE_TAG
|
||||
|
||||
echo "rendering kustomize"
|
||||
|
||||
cuddle render kustomize \
|
||||
--kustomize-folder $TMP/rendered/kustomize/base \
|
||||
--destination $TMP/k8s
|
||||
|
||||
echo "done"
|
5
scripts/run.sh
Executable file
5
scripts/run.sh
Executable file
@ -0,0 +1,5 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -e
|
||||
|
||||
(cd crates/$service; cargo watch -x run)
|
7
scripts/sqlx:prepare.sh
Executable file
7
scripts/sqlx:prepare.sh
Executable file
@ -0,0 +1,7 @@
|
||||
#!/bin/bash
|
||||
|
||||
export $(cat .env | xargs)
|
||||
|
||||
cd crates/$service || return
|
||||
|
||||
cargo sqlx prepare -- --all-targets --all-features
|
4
templates/.env.example.tmpl
Normal file
4
templates/.env.example.tmpl
Normal file
@ -0,0 +1,4 @@
|
||||
POSTGRES_DB=como
|
||||
POSTGRES_USER=como
|
||||
POSTGRES_PASSWORD=somenotverysecurepassword
|
||||
DATABASE_URL="postgres://como:somenotverysecurepassword@localhost:5432/como"
|
@ -1,13 +0,0 @@
|
||||
{%- set cluster_namespace = vars.cluster_vars.namespace -%}
|
||||
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: {{ vars.cuddle_vars.service }}-config
|
||||
namespace: {{ cluster_namespace }}
|
||||
data:
|
||||
{%- if (vars.cluster_vars.env | items | length) > 0 %}
|
||||
{%- for (name, value) in vars.cluster_vars.env | dictsort %}
|
||||
{{name | upper | replace(".", "_") | replace("-", "_") }}: {{value}}
|
||||
{%- endfor %}
|
||||
{%- endif %}
|
@ -1,68 +0,0 @@
|
||||
{%- set service_name = vars.cuddle_vars.service -%}
|
||||
{%- set cluster_name = vars.cluster_vars.name -%}
|
||||
{%- set cluster_namespace = vars.cluster_vars.namespace -%}
|
||||
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ service_name }}
|
||||
cluster: {{ cluster_name }}
|
||||
name: {{ service_name }}
|
||||
namespace: {{ cluster_namespace }}
|
||||
spec:
|
||||
replicas: 3
|
||||
selector:
|
||||
matchLabels:
|
||||
app: {{ service_name }}
|
||||
cluster: {{ cluster_name }}
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: {{ service_name }}
|
||||
cluster: {{ cluster_name }}
|
||||
spec:
|
||||
containers:
|
||||
- args:
|
||||
- serve
|
||||
command:
|
||||
- {{ service_name }}
|
||||
image: kasperhermansen/{{ service_name }}:{{ vars.user_vars.image_tag }}
|
||||
name: {{ service_name }}
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: {{service_name}}-config
|
||||
{%- if vars.cuddle_crdb.has_values %}
|
||||
- configMapRef:
|
||||
name: {{ vars.cuddle_crdb.file_name(service_name) }}
|
||||
{%- endif %}
|
||||
{%- if vars.vault_secret.has_values or vars.cuddle_crdb.has_values %}
|
||||
env:
|
||||
{%- if vars.vault_secret.has_values %}
|
||||
{%- for secret in vars.vault_secret.secrets %}
|
||||
- name: {{secret | upper | replace(".", "_") | replace("-", "_") }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ vars.vault_secret.file_name(service_name) }}
|
||||
key: {{ secret }}
|
||||
{%- endfor %}
|
||||
{%- endif %}
|
||||
{#
|
||||
{%- if vars.cuddle_crdb.has_values %}
|
||||
- name: {{vars.cuddle_crdb.env }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ vars.cuddle_crdb.file_name(service_name) }}
|
||||
key: {{ vars.cuddle_crdb.env }}
|
||||
{%- endif %}
|
||||
#}
|
||||
{%- endif %}
|
||||
ports:
|
||||
- containerPort: 3000
|
||||
name: external-http
|
||||
- containerPort: 3001
|
||||
name: internal-http
|
||||
- containerPort: 4000
|
||||
name: external-grpc
|
||||
- containerPort: 4001
|
||||
name: internal-grpc
|
@ -1,42 +0,0 @@
|
||||
{%- set service_name = vars.cuddle_vars.service -%}
|
||||
{%- set cluster_name = vars.cluster_vars.name -%}
|
||||
{%- set cluster_namespace = vars.cluster_vars.namespace -%}
|
||||
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: "{{ service_name }}"
|
||||
namespace: {{ cluster_namespace }}
|
||||
spec:
|
||||
selector:
|
||||
app: {{ service_name }}
|
||||
cluster: {{ cluster_name }}
|
||||
type: LoadBalancer
|
||||
ports:
|
||||
- name: external-http
|
||||
port: 3000
|
||||
targetPort: 3000
|
||||
- name: internal-http
|
||||
port: 3001
|
||||
targetPort: 3001
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: "{{ service_name }}-grpc"
|
||||
namespace: {{ cluster_namespace }}
|
||||
annotations:
|
||||
traefik.ingress.kubernetes.io/service.serversscheme: h2c
|
||||
spec:
|
||||
selector:
|
||||
app: {{ service_name }}
|
||||
cluster: {{ cluster_name }}
|
||||
type: LoadBalancer
|
||||
ports:
|
||||
- name: external-grpc
|
||||
port: 4000
|
||||
targetPort: 4000
|
||||
- name: internal-grpc
|
||||
port: 4001
|
||||
targetPort: 4001
|
||||
|
@ -1,134 +0,0 @@
|
||||
kind: pipeline
|
||||
name: cuddle-rust-service-plan
|
||||
type: docker
|
||||
|
||||
steps:
|
||||
- name: load_secret
|
||||
image: debian:buster-slim
|
||||
volumes:
|
||||
- name: ssh
|
||||
path: /root/.ssh/
|
||||
environment:
|
||||
SSH_KEY:
|
||||
from_secret: gitea_id_ed25519
|
||||
commands:
|
||||
- mkdir -p $HOME/.ssh/
|
||||
- echo "$SSH_KEY" | base64 -d > $HOME/.ssh/id_ed25519
|
||||
- chmod -R 600 ~/.ssh
|
||||
- |
|
||||
cat >$HOME/.ssh/config <<EOL
|
||||
Host git.front.kjuulh.io
|
||||
IdentityFile $HOME/.ssh/id_ed25519
|
||||
IdentitiesOnly yes
|
||||
UserKnownHostsFile=/dev/null
|
||||
StrictHostKeyChecking no
|
||||
EOL
|
||||
- chmod 700 ~/.ssh/config
|
||||
|
||||
- name: build pr
|
||||
image: kasperhermansen/{{bin_name}}:{{image_tag}}
|
||||
volumes:
|
||||
- name: ssh
|
||||
path: /root/.ssh/
|
||||
commands:
|
||||
- eval `ssh-agent`
|
||||
- ssh-add
|
||||
- echo "$DOCKER_PASSWORD" | docker login --password-stdin --username="$DOCKER_USERNAME" docker.io
|
||||
- export CLUSTER=clank-dev
|
||||
- cuddle --version
|
||||
- {{ bin_name }} pr
|
||||
environment:
|
||||
DAGGER_CLOUD_TOKEN:
|
||||
from_secret: dagger_cloud_token
|
||||
DRONE_HOST: "https://ci.i.kjuulh.io"
|
||||
DRONE_USER: "kjuulh"
|
||||
DRONE_TOKEN:
|
||||
from_secret: drone_token
|
||||
REGISTRY_CACHE_USERNAME:
|
||||
from_secret: registry_cache_username
|
||||
REGISTRY_CACHE_PASSWORD:
|
||||
from_secret: registry_cache_password
|
||||
REGISTRY_CACHE_TOKEN:
|
||||
from_secret: registry_cache_token
|
||||
REGISTRY_CACHE_url:
|
||||
from_secret: registry_cache_url
|
||||
DOCKER_BUILDKIT: 1
|
||||
DOCKER_PASSWORD:
|
||||
from_secret: docker_password
|
||||
DOCKER_USERNAME:
|
||||
from_secret: docker_username
|
||||
CUDDLE_SECRETS_PROVIDER: 1password
|
||||
CUDDLE_ONE_PASSWORD_DOT_ENV: ".env.ci"
|
||||
CUDDLE_SSH_AGENT: "true"
|
||||
GIT_PASSWORD:
|
||||
from_secret: git_password
|
||||
CI_PREFIX: "/mnt/ci/ci"
|
||||
DOCKER_HOST: "tcp://192.168.1.155:2376"
|
||||
CUDDLE_PLEASE_TOKEN:
|
||||
from_secret: cuddle_please_token
|
||||
OP_SERVICE_ACCOUNT_TOKEN:
|
||||
from_secret: op_service_account_token
|
||||
when:
|
||||
event:
|
||||
- pull_request
|
||||
depends_on:
|
||||
- "load_secret"
|
||||
|
||||
- name: build main
|
||||
image: kasperhermansen/{{bin_name}}:{{image_tag}}
|
||||
volumes:
|
||||
- name: ssh
|
||||
path: /root/.ssh/
|
||||
commands:
|
||||
- eval `ssh-agent`
|
||||
- ssh-add
|
||||
- echo "$DOCKER_PASSWORD" | docker login --password-stdin --username="$DOCKER_USERNAME" docker.io
|
||||
- export CLUSTER=clank-prod
|
||||
- cuddle --version
|
||||
- {{ bin_name }} main
|
||||
environment:
|
||||
DAGGER_CLOUD_TOKEN:
|
||||
from_secret: dagger_cloud_token
|
||||
DRONE_HOST: "https://ci.i.kjuulh.io"
|
||||
DRONE_USER: "kjuulh"
|
||||
DRONE_TOKEN:
|
||||
from_secret: drone_token
|
||||
REGISTRY_CACHE_USERNAME:
|
||||
from_secret: registry_cache_username
|
||||
REGISTRY_CACHE_PASSWORD:
|
||||
from_secret: registry_cache_password
|
||||
REGISTRY_CACHE_TOKEN:
|
||||
from_secret: registry_cache_token
|
||||
REGISTRY_CACHE_url:
|
||||
from_secret: registry_cache_url
|
||||
DOCKER_BUILDKIT: 1
|
||||
DOCKER_PASSWORD:
|
||||
from_secret: docker_password
|
||||
DOCKER_USERNAME:
|
||||
from_secret: docker_username
|
||||
CUDDLE_SECRETS_PROVIDER: 1password
|
||||
CUDDLE_ONE_PASSWORD_DOT_ENV: ".env.ci"
|
||||
CUDDLE_SSH_AGENT: "true"
|
||||
GIT_PASSWORD:
|
||||
from_secret: git_password
|
||||
CI_PREFIX: "/mnt/ci/ci"
|
||||
DOCKER_HOST: "tcp://192.168.1.155:2376"
|
||||
CUDDLE_PLEASE_TOKEN:
|
||||
from_secret: cuddle_please_token
|
||||
OP_SERVICE_ACCOUNT_TOKEN:
|
||||
from_secret: op_service_account_token
|
||||
when:
|
||||
event:
|
||||
- push
|
||||
branch:
|
||||
- main
|
||||
- master
|
||||
exclude:
|
||||
- pull_request
|
||||
depends_on:
|
||||
- "load_secret"
|
||||
|
||||
volumes:
|
||||
- name: ssh
|
||||
temp: {}
|
||||
|
@ -1,22 +0,0 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: "{{ service }}"
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app: "{{ service }}"
|
||||
template:
|
||||
spec:
|
||||
containers:
|
||||
- name: "{{ service }}"
|
||||
image: "deployment:latest"
|
||||
ports:
|
||||
- containerPort: 3000
|
||||
name: external_http
|
||||
- containerPort: 3001
|
||||
name: internal_http
|
||||
- containerPort: 4000
|
||||
name: external_grpc
|
||||
- containerPort: 4001
|
||||
name: internal_grpc
|
7
templates/docker-compose.local_up.dockerignore
Normal file
7
templates/docker-compose.local_up.dockerignore
Normal file
@ -0,0 +1,7 @@
|
||||
target/
|
||||
.git/
|
||||
.cuddle/
|
||||
scripts/
|
||||
cuddle.yaml
|
||||
local.sh
|
||||
README.md
|
17
templates/docker-compose.local_up.yml.tmpl
Normal file
17
templates/docker-compose.local_up.yml.tmpl
Normal file
@ -0,0 +1,17 @@
|
||||
version: '3.7'
|
||||
|
||||
services:
|
||||
db:
|
||||
build:
|
||||
context: .
|
||||
dockerfile: local_up.Dockerfile
|
||||
restart: always
|
||||
environment:
|
||||
- POSTGRES_PASSWORD=somenotverysecurepassword
|
||||
ports:
|
||||
- 5432:5432
|
||||
volumes:
|
||||
- pgdata:/var/lib/postgresql/data
|
||||
|
||||
volumes:
|
||||
pgdata:
|
8
templates/init-user-db.sh
Normal file
8
templates/init-user-db.sh
Normal file
@ -0,0 +1,8 @@
|
||||
#!bin/bash
|
||||
set -e
|
||||
|
||||
psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL
|
||||
CREATE USER como WITH PASSWORD 'somenotverysecurepassword';
|
||||
CREATE DATABASE cuddle;
|
||||
GRANT ALL PRIVILEGES ON DATABASE cuddle TO cuddle;
|
||||
EOSQL
|
@ -1,39 +0,0 @@
|
||||
{% set_global cluster_vars = filter_by_prefix(prefix=["clusters", cluster]) %}
|
||||
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: "{{ service }}"
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app: "{{ service }}"
|
||||
template:
|
||||
spec:
|
||||
containers:
|
||||
- name: "{{ service }}"
|
||||
command: [{{ service }}]
|
||||
args: ["serve"]
|
||||
image: "deployment:latest"
|
||||
ports:
|
||||
- containerPort: 3000
|
||||
name: external-http
|
||||
- containerPort: 3001
|
||||
name: internal-http
|
||||
- containerPort: 3002
|
||||
name: internal-grpc
|
||||
{% if cluster_vars.config or cluster_vars.secrets %}
|
||||
env:
|
||||
{% for secret in cluster_vars.secrets %}
|
||||
- name: SECRET_USERNAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: my-secret
|
||||
key: username
|
||||
- name: SECRET_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: my-secret
|
||||
key: password
|
||||
{% endfor %}
|
||||
{% endif %}
|
@ -1,23 +0,0 @@
|
||||
{% set_global cluster_vars = filter_by_prefix(prefix=["clusters", cluster]) %}
|
||||
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
resources:
|
||||
- deployment.yaml
|
||||
- service.yaml
|
||||
|
||||
commonLabels:
|
||||
app: "{{ service }}"
|
||||
cluster: "{{ cluster }}"
|
||||
|
||||
namespace: "{{ cluster_vars.namespace }}"
|
||||
|
||||
replicas:
|
||||
- name: "{{ service }}"
|
||||
count: {{ cluster_vars.replicas }}
|
||||
|
||||
images:
|
||||
- name: "deployment"
|
||||
newName: "{{ registry }}/{{ service }}"
|
||||
newTag: "{{ image_tag }}"
|
@ -1,17 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: "{{ service }}"
|
||||
spec:
|
||||
type: LoadBalancer
|
||||
ports:
|
||||
- name: external-http
|
||||
port: 3000
|
||||
targetPort: 3000
|
||||
- name: internal-http
|
||||
port: 3001
|
||||
targetPort: 3001
|
||||
- name: internal-grpc
|
||||
port: 3002
|
||||
targetPort: 3002
|
||||
|
3
templates/local_up.Dockerfile
Normal file
3
templates/local_up.Dockerfile
Normal file
@ -0,0 +1,3 @@
|
||||
FROM postgres:14-alpine
|
||||
|
||||
COPY *.sh /docker-entrypoint-initdb.d/
|
Loading…
Reference in New Issue
Block a user