kjuulh/cuddle-rust-service-plan
1
0
Fork 0
Code Issues 1 Pull Requests 2 Packages Projects Releases Wiki Activity

Compare commits

merge into: kjuulh:main
Branches Tags
kjuulh:main
kjuulh:renovate/all
kjuulh:feat/with-resources
kjuulh:backup-old
...
pull from: kjuulh:backup-old
Branches Tags
kjuulh:renovate/all
kjuulh:main
kjuulh:feat/with-resources
kjuulh:backup-old

No commits in common. "main" and "backup-old" have entirely different histories.
main ... backup-old

32 changed files with 98 additions and 5623 deletions
Show Stats Expand all files Collapse all files

192
.drone.yml Normal file → Executable file
View File

@ -1,191 +1,9 @@
kind: pipeline kind: pipeline
name: default
type: docker type: docker
name: "test"
steps: steps:
- name: build ci - name: test
image: rustlang/rust:nightly image: harbor.front.kjuulh.io/docker-proxy/library/bash:latest
volumes:
- name: ci
path: /mnt/ci
environment:
PKG_CONFIG_SYSROOT_DIR: "/"
CI_PREFIX: "/mnt/ci"
commands: commands:
- set -e - echo 'Run tests'
- apt update
- apt install musl-tools pkg-config libssl-dev openssl build-essential musl-dev -y
- rustup target add x86_64-unknown-linux-musl
- cargo build --target=x86_64-unknown-linux-musl -p ci --bin ci
- mv target/x86_64-unknown-linux-musl/debug/ci "$CI_PREFIX/ci"
- name: load_secret
image: debian:buster-slim
volumes:
- name: ssh
path: /root/.ssh/
environment:
SSH_KEY:
from_secret: gitea_id_ed25519
commands:
- mkdir -p $HOME/.ssh/
- echo "$SSH_KEY" | base64 -d > $HOME/.ssh/id_ed25519
- chmod -R 600 ~/.ssh
- |
cat >$HOME/.ssh/config <<EOL
Host git.front.kjuulh.io
IdentityFile $HOME/.ssh/id_ed25519
IdentitiesOnly yes
UserKnownHostsFile=/dev/null
StrictHostKeyChecking no
EOL
- chmod 700 ~/.ssh/config
- name: build pr
image: kasperhermansen/cuddle:latest
pull: always
volumes:
- name: ssh
path: /root/.ssh/
- name: ci
path: /mnt/ci
commands:
- eval `ssh-agent`
- ssh-add
- echo "$DOCKER_PASSWORD" | docker login --password-stdin --username="$DOCKER_USERNAME" docker.io
- apk add git
- cuddle --version
- $CI_PREFIX pr
environment:
DAGGER_CLOUD_TOKEN:
from_secret: dagger_cloud_token
DRONE_HOST: "https://ci.i.kjuulh.io"
DRONE_USER: "kjuulh"
DRONE_TOKEN:
from_secret: drone_token
DOCKER_BUILDKIT: 1
DOCKER_PASSWORD:
from_secret: docker_password
DOCKER_USERNAME:
from_secret: docker_username
DOCKER_HOST: "tcp://192.168.1.155:2376"
CUDDLE_SECRETS_PROVIDER: 1password
CUDDLE_ONE_PASSWORD_DOT_ENV: ".env.ci"
CUDDLE_SSH_AGENT: "true"
CI_PREFIX: "/mnt/ci/ci"
CUDDLE_PLEASE_TOKEN:
from_secret: cuddle_please_token
OP_SERVICE_ACCOUNT_TOKEN:
from_secret: op_service_account_token
when:
event:
- pull_request
exclude:
- main
- master
depends_on:
- "load_secret"
- "build ci"
- name: build main
image: kasperhermansen/cuddle:latest
pull: always
volumes:
- name: ssh
path: /root/.ssh/
- name: ci
path: /mnt/ci
commands:
- eval `ssh-agent`
- ssh-add
- echo "$DOCKER_PASSWORD" | docker login --password-stdin --username="$DOCKER_USERNAME" docker.io
- apk add git
- cuddle --version
- $CI_PREFIX main
environment:
DAGGER_CLOUD_TOKEN:
from_secret: dagger_cloud_token
DRONE_HOST: "https://ci.i.kjuulh.io"
DRONE_USER: "kjuulh"
DRONE_TOKEN:
from_secret: drone_token
REGISTRY_CACHE_USERNAME:
from_secret: registry_cache_username
REGISTRY_CACHE_PASSWORD:
from_secret: registry_cache_password
REGISTRY_CACHE_TOKEN:
from_secret: registry_cache_token
REGISTRY_CACHE_url:
from_secret: registry_cache_url
DOCKER_BUILDKIT: 1
DOCKER_PASSWORD:
from_secret: docker_password
DOCKER_USERNAME:
from_secret: docker_username
CUDDLE_SECRETS_PROVIDER: 1password
CUDDLE_ONE_PASSWORD_DOT_ENV: ".env.ci"
CUDDLE_SSH_AGENT: "true"
GIT_PASSWORD:
from_secret: git_password
CI_PREFIX: "/mnt/ci/ci"
DOCKER_HOST: "tcp://192.168.1.155:2376"
CUDDLE_PLEASE_TOKEN:
from_secret: cuddle_please_token
OP_SERVICE_ACCOUNT_TOKEN:
from_secret: op_service_account_token
when:
event:
- push
branch:
- main
- master
exclude:
- pull_request
depends_on:
- "load_secret"
- "build ci"
- name: deploy release
image: kasperhermansen/cuddle:latest
pull: always
volumes:
- name: ssh
path: /root/.ssh/
- name: ci
path: /mnt/ci
commands:
- eval `ssh-agent`
- ssh-add
- echo "$DOCKER_PASSWORD" | docker login --password-stdin --username="$DOCKER_USERNAME" docker.io
- apk add git
- $CI_PREFIX release
environment:
DOCKER_BUILDKIT: 1
DOCKER_PASSWORD:
from_secret: docker_password
DOCKER_USERNAME:
from_secret: docker_username
CUDDLE_SECRETS_PROVIDER: 1password
CUDDLE_ONE_PASSWORD_DOT_ENV: ".env.ci"
CUDDLE_SSH_AGENT: "true"
CI_PREFIX: "/mnt/ci/ci"
CUDDLE_PLEASE_TOKEN:
from_secret: cuddle_please_token
OP_SERVICE_ACCOUNT_TOKEN:
from_secret: op_service_account_token
when:
event:
- tag
ref:
include:
- refs/tags/v*
depends_on:
- "load_secret"
- "build ci"
volumes:
- name: ssh
temp: {}
- name: ci
temp: {}

1
.gitignore vendored
View File

@ -1,2 +1 @@
target/
.cuddle/ .cuddle/

4779
Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

14
Cargo.toml
View File

@ -1,14 +0,0 @@
[workspace]
members = ["crates/*", "ci"]
resolver = "2"
[workspace.dependencies]
anyhow = { version = "1.0.86" }
tokio = { version = "1", features = ["full"] }
tracing = { version = "0.1", features = ["log"] }
tracing-subscriber = { version = "0.3.18" }
clap = { version = "4.5.4", features = ["derive", "env"] }
dotenv = { version = "0.15.0" }
cuddle-clusters = { git = "https://git.front.kjuulh.io/kjuulh/cuddle-clusters", branch = "main" } #tag = "v0.1.1" }

1
README.md
View File

@ -1 +0,0 @@
# Cuddle rust plan

16
ci/Cargo.toml
View File

@ -1,16 +0,0 @@
[package]
name = "ci"
version = "0.1.0"
edition = "2021"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
[dependencies]
tokio.workspace = true
dagger-sdk = "0.11.10"
eyre = { version = "0.6.12" }
dagger-components = { git = "https://git.front.kjuulh.io/kjuulh/dagger-components", branch = "main" }
dagger-rust = { git = "https://git.front.kjuulh.io/kjuulh/dagger-components", branch = "main" }
cuddle-ci = { git = "https://git.front.kjuulh.io/kjuulh/dagger-components", branch = "main" }

53
ci/src/main.rs
View File

@ -1,53 +0,0 @@
use std::sync::Arc;
use cuddle_ci::drone_templater::DroneTemplater;
use cuddle_ci::rust_service::architecture::{Architecture, Os};
use cuddle_ci::rust_service::{extensions::*, RustService};
use cuddle_ci::CuddleCI;
use tokio::sync::Mutex;
const BIN_NAME: &str = "cuddle-rust-service-plan";
#[tokio::main]
async fn main() -> eyre::Result<()> {
dagger_sdk::connect(|client| async move {
let service = &RustService::from(client.clone())
.with_arch(Architecture::Amd64)
.with_os(Os::Linux)
.with_apt(&[
"clang",
"libssl-dev",
"libz-dev",
"libgit2-dev",
"git",
"openssh-client",
"protobuf-compiler",
])
.with_apt_release(&["git", "openssh-client", "protobuf-compiler"])
.with_docker_cli()
.with_cuddle_cli()
.with_kubectl()
.with_apt_ca_certificates()
.with_crates(["ci", "crates/*"])
.with_mold("2.3.3")
.with_bin_name(BIN_NAME)
.with_deployment(false)
.to_owned();
let drone_templater =
&DroneTemplater::new(client, "templates/cuddle-rust-service-plan.yaml")
.with_variable("bin_name", BIN_NAME)
.to_owned();
CuddleCI::default()
.with_pull_request(service)
.with_main(service)
.with_main(drone_templater)
.execute(std::env::args())
.await?;
Ok(())
})
.await?;
Ok(())
}

1
crates/cuddle-rust-service-plan/.gitignore vendored
View File

@ -1 +0,0 @@
/target

19
crates/cuddle-rust-service-plan/Cargo.toml
View File

@ -1,19 +0,0 @@
[package]
name = "cuddle-rust-service-plan"
version = "0.1.0"
edition = "2021"
[dependencies]
tokio.workspace = true
dagger-sdk = "0.11.10"
eyre = { version = "0.6.12" }
tracing.workspace = true
tracing-subscriber.workspace = true
dagger-components = { git = "https://git.front.kjuulh.io/kjuulh/dagger-components", branch = "main" }
dagger-rust = { git = "https://git.front.kjuulh.io/kjuulh/dagger-components", branch = "main" }
cuddle-ci = { git = "https://git.front.kjuulh.io/kjuulh/dagger-components", branch = "main" }
cuddle-clusters.workspace = true
async-trait = "0.1.80"

152
crates/cuddle-rust-service-plan/src/main.rs
View File

@ -1,152 +0,0 @@
use std::collections::HashMap;
use std::path::PathBuf;
use async_trait::async_trait;
use cuddle_ci::cuddle_file::CuddleFile;
use cuddle_ci::cuddle_please::CuddlePlease;
use cuddle_ci::cuddle_releaser::CuddleReleaser;
use cuddle_ci::rust_service::architecture::{Architecture, Os};
use cuddle_ci::rust_service::RustService;
use cuddle_ci::rust_service::{extensions::*, RustServiceContext};
use cuddle_ci::{Context, CuddleCI, MainAction, PullRequestAction};
use cuddle_clusters::catalog::cluster_vars::ClusterVars;
use cuddle_clusters::catalog::crdb_database::CockroachDB;
use cuddle_clusters::catalog::cuddle_vars::CuddleVars;
use cuddle_clusters::catalog::ingress::Ingress;
use cuddle_clusters::catalog::vault_secret::VaultSecret;
use cuddle_clusters::releaser::Releaser;
use cuddle_clusters::IntoComponent;
#[tokio::main]
async fn main() -> eyre::Result<()> {
tracing_subscriber::fmt::init();
dagger_sdk::connect(|client| async move {
let cuddle_file = CuddleFile::from_cuddle_file().await?;
let service = &RustService::from(client.clone())
.with_cuddle_file(&cuddle_file)
.with_arch(Architecture::Amd64)
.with_os(Os::Linux)
.with_apt(&["libssl-dev", "libz-dev", "libpq-dev", "protobuf-compiler"])
.with_apt_release(&["libssl-dev", "libz-dev", "libpq-dev"])
.with_apt_ca_certificates()
.with_workspace_crates()
.await
.with_mold("2.3.3")
.to_owned();
let render = &RustServiceRender {
service: cuddle_file.vars.service,
//registry: "http://127.0.0.1:7900".into(),
//registry: "http://10.0.11.19:7900".into(),
registry: "https://releaser.i.kjuulh.io:443".into(),
};
let deployment = &CuddleReleaser::new(client.clone()).await?;
let mut ci = CuddleCI::default();
ci.with_pull_request(service)
.with_pull_request(render)
//.with_pull_request(deployment.clone())
.with_main(service)
.with_main(render)
.with_main(deployment);
if cuddle_file.please.is_some() {
ci.with_main(&CuddlePlease::new(client.clone()));
}
ci.execute(std::env::args()).await?;
Ok(())
})
.await?;
Ok(())
}
#[derive(Default, Clone)]
struct RustServiceRender {
service: String,
registry: String,
}
impl RustServiceRender {
async fn render_templates(&self, image_tag: &str) -> eyre::Result<()> {
let mut releaser = Releaser::default();
releaser
.with_service(&self.service)
.with_registry(&self.registry);
match cuddle_clusters::process_opts(
vec![
CuddleVars::new(&std::env::current_dir()?)
.await
.map_err(|e| eyre::anyhow!("failed to get cuddle vars: {}", e.to_string()))?
.into_component(),
ClusterVars::default().into_component(),
VaultSecret::default().into_component(),
CockroachDB::new(&std::env::current_dir()?)
.await
.map_err(|e| eyre::anyhow!("failed to get cuddle vars: {}", e.to_string()))?
.into_component(),
Ingress::new(&std::env::current_dir()?)
.await
.map_err(|e| eyre::anyhow!("failed to get cuddle vars: {}", e.to_string()))?
.into_component(),
],
cuddle_clusters::process::ProcessOpts {
path: std::env::current_dir()?,
output: PathBuf::from(".cuddle/tmp/cuddle-clusters"),
variables: HashMap::from([("image_tag".into(), image_tag.into())]),
},
Some(releaser),
)
.await
.map_err(|e| eyre::anyhow!("failed to process templates: {}", e.to_string()))
{
Ok(_) => {}
Err(e) => {
tracing::error!("failed to process templates: {}", e);
}
}
Ok(())
}
}
#[async_trait]
impl MainAction for RustServiceRender {
async fn execute_main(&self, ctx: &mut Context) -> eyre::Result<()> {
let image_tag = ctx
.get_image_tag()?
.ok_or(eyre::anyhow!("failed to find image_tag"))?;
self.render_templates(&image_tag).await?;
// cuddle_ci::cuddle_x::well_known::render(vec![
// "--cluster",
// "clank-prod",
// "--image_tag",
// &image_tag,
// ])
// .await?;
Ok(())
}
}
#[async_trait]
impl PullRequestAction for RustServiceRender {
async fn execute_pull_request(&self, ctx: &mut Context) -> eyre::Result<()> {
let image_tag = ctx
.get_image_tag()?
.ok_or(eyre::anyhow!("failed to find image_tag"))?;
self.render_templates(&image_tag).await?;
Ok(())
}
}

0
cuddle-clusters/k8s/dev/configmap.yaml
View File

38
cuddle.yaml
View File

@ -1,31 +1,25 @@
# yaml-language-server: $schema=https://git.front.kjuulh.io/kjuulh/cuddle/raw/branch/main/schemas/base.json # yaml-language-server: $schema=https://git.front.kjuulh.io/kjuulh/cuddle/raw/branch/main/schemas/base.json
base: "git@git.front.kjuulh.io:kjuulh/cuddle-base.git" base: "git@git.front.kjuulh.io:kjuulh/cuddle-base.git"
vars: vars:
service: "cuddle-rust-service-plan" registry: "kasperhermansen"
registry: kasperhermansen port: "3000:3000"
clusters:
clank-prod:
replicas: "3"
namespace: prod
config:
something: something
secrets:
something.else: something
cuddle/clusters:
dev:
scripts: scripts:
render: local_down:
type: shell
local_up:
type: shell
run:
type: shell
migrate:
type: shell
new_migration:
type: shell type: shell
args: args:
cluster: name:
name: cluster type: "env"
type: flag key: "name"
image_tag: "sqlx:prepare":
name: image_tag type: shell
type: flag

7
scripts/local_down.sh Executable file
View File

@ -0,0 +1,7 @@
#!/bin/bash
set -e
cuddle render_template --template-file $TMP/docker-compose.local_up.yml.tmpl --dest $TMP/docker-compose.local_up.yml
docker compose -f $TMP/docker-compose.local_up.yml down -v

7
scripts/local_up.sh Executable file
View File

@ -0,0 +1,7 @@
#!/bin/bash
set -e
cuddle render_template --template-file $TMP/docker-compose.local_up.yml.tmpl --dest $TMP/docker-compose.local_up.yml
docker compose -f $TMP/docker-compose.local_up.yml up -d --remove-orphans --build

6
scripts/migrate.sh Executable file
View File

@ -0,0 +1,6 @@
#!/bin/bash
export $(cat .env | xargs)
cargo sqlx migrate run --source "crates/$service/migrations" --database-url=$DATABASE_URL

5
scripts/new_migration.sh Executable file
View File

@ -0,0 +1,5 @@
#!/bin/bash
export $(cat .env | xargs)
cargo sqlx migrate add "--source crates/$service/migrations" $name

19
scripts/render.sh
View File

@ -1,19 +0,0 @@
#!/bin/bash
set -eou pipefail
echo "rendering folder"
cuddle render folder \
--source $TMP/kustomize \
--destination $TMP/rendered/kustomize \
--extra-var cluster=$CLUSTER \
--extra-var image_tag=$IMAGE_TAG
echo "rendering kustomize"
cuddle render kustomize \
--kustomize-folder $TMP/rendered/kustomize/base \
--destination $TMP/k8s
echo "done"

5
scripts/run.sh Executable file
View File

@ -0,0 +1,5 @@
#!/bin/bash
set -e
(cd crates/$service; cargo watch -x run)

7
scripts/sqlx:prepare.sh Executable file
View File

@ -0,0 +1,7 @@
#!/bin/bash
export $(cat .env | xargs)
cd crates/$service || return
cargo sqlx prepare -- --all-targets --all-features

4
templates/.env.example.tmpl Normal file
View File

@ -0,0 +1,4 @@
POSTGRES_DB=como
POSTGRES_USER=como
POSTGRES_PASSWORD=somenotverysecurepassword
DATABASE_URL="postgres://como:somenotverysecurepassword@localhost:5432/como"

13
templates/clusters/configmap.yaml.jinja2
View File

@ -1,13 +0,0 @@
{%- set cluster_namespace = vars.cluster_vars.namespace -%}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ vars.cuddle_vars.service }}-config
namespace: {{ cluster_namespace }}
data:
{%- if (vars.cluster_vars.env | items | length) > 0 %}
{%- for (name, value) in vars.cluster_vars.env | dictsort %}
{{name | upper | replace(".", "_") | replace("-", "_") }}: {{value}}
{%- endfor %}
{%- endif %}

68
templates/clusters/deployment.yaml.jinja2
View File

@ -1,68 +0,0 @@
{%- set service_name = vars.cuddle_vars.service -%}
{%- set cluster_name = vars.cluster_vars.name -%}
{%- set cluster_namespace = vars.cluster_vars.namespace -%}
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: {{ service_name }}
cluster: {{ cluster_name }}
name: {{ service_name }}
namespace: {{ cluster_namespace }}
spec:
replicas: 3
selector:
matchLabels:
app: {{ service_name }}
cluster: {{ cluster_name }}
template:
metadata:
labels:
app: {{ service_name }}
cluster: {{ cluster_name }}
spec:
containers:
- args:
- serve
command:
- {{ service_name }}
image: kasperhermansen/{{ service_name }}:{{ vars.user_vars.image_tag }}
name: {{ service_name }}
envFrom:
- configMapRef:
name: {{service_name}}-config
{%- if vars.cuddle_crdb.has_values %}
- configMapRef:
name: {{ vars.cuddle_crdb.file_name(service_name) }}
{%- endif %}
{%- if vars.vault_secret.has_values or vars.cuddle_crdb.has_values %}
env:
{%- if vars.vault_secret.has_values %}
{%- for secret in vars.vault_secret.secrets %}
- name: {{secret | upper | replace(".", "_") | replace("-", "_") }}
valueFrom:
secretKeyRef:
name: {{ vars.vault_secret.file_name(service_name) }}
key: {{ secret }}
{%- endfor %}
{%- endif %}
{#
{%- if vars.cuddle_crdb.has_values %}
- name: {{vars.cuddle_crdb.env }}
valueFrom:
secretKeyRef:
name: {{ vars.cuddle_crdb.file_name(service_name) }}
key: {{ vars.cuddle_crdb.env }}
{%- endif %}
#}
{%- endif %}
ports:
- containerPort: 3000
name: external-http
- containerPort: 3001
name: internal-http
- containerPort: 4000
name: external-grpc
- containerPort: 4001
name: internal-grpc

42
templates/clusters/service.yaml.jinja2
View File

@ -1,42 +0,0 @@
{%- set service_name = vars.cuddle_vars.service -%}
{%- set cluster_name = vars.cluster_vars.name -%}
{%- set cluster_namespace = vars.cluster_vars.namespace -%}
apiVersion: v1
kind: Service
metadata:
name: "{{ service_name }}"
namespace: {{ cluster_namespace }}
spec:
selector:
app: {{ service_name }}
cluster: {{ cluster_name }}
type: LoadBalancer
ports:
- name: external-http
port: 3000
targetPort: 3000
- name: internal-http
port: 3001
targetPort: 3001
---
apiVersion: v1
kind: Service
metadata:
name: "{{ service_name }}-grpc"
namespace: {{ cluster_namespace }}
annotations:
traefik.ingress.kubernetes.io/service.serversscheme: h2c
spec:
selector:
app: {{ service_name }}
cluster: {{ cluster_name }}
type: LoadBalancer
ports:
- name: external-grpc
port: 4000
targetPort: 4000
- name: internal-grpc
port: 4001
targetPort: 4001

134
templates/cuddle-rust-service-plan.yaml
View File

@ -1,134 +0,0 @@
kind: pipeline
name: cuddle-rust-service-plan
type: docker
steps:
- name: load_secret
image: debian:buster-slim
volumes:
- name: ssh
path: /root/.ssh/
environment:
SSH_KEY:
from_secret: gitea_id_ed25519
commands:
- mkdir -p $HOME/.ssh/
- echo "$SSH_KEY" | base64 -d > $HOME/.ssh/id_ed25519
- chmod -R 600 ~/.ssh
- |
cat >$HOME/.ssh/config <<EOL
Host git.front.kjuulh.io
IdentityFile $HOME/.ssh/id_ed25519
IdentitiesOnly yes
UserKnownHostsFile=/dev/null
StrictHostKeyChecking no
EOL
- chmod 700 ~/.ssh/config
- name: build pr
image: kasperhermansen/{{bin_name}}:{{image_tag}}
volumes:
- name: ssh
path: /root/.ssh/
commands:
- eval `ssh-agent`
- ssh-add
- echo "$DOCKER_PASSWORD" | docker login --password-stdin --username="$DOCKER_USERNAME" docker.io
- export CLUSTER=clank-dev
- cuddle --version
- {{ bin_name }} pr
environment:
DAGGER_CLOUD_TOKEN:
from_secret: dagger_cloud_token
DRONE_HOST: "https://ci.i.kjuulh.io"
DRONE_USER: "kjuulh"
DRONE_TOKEN:
from_secret: drone_token
REGISTRY_CACHE_USERNAME:
from_secret: registry_cache_username
REGISTRY_CACHE_PASSWORD:
from_secret: registry_cache_password
REGISTRY_CACHE_TOKEN:
from_secret: registry_cache_token
REGISTRY_CACHE_url:
from_secret: registry_cache_url
DOCKER_BUILDKIT: 1
DOCKER_PASSWORD:
from_secret: docker_password
DOCKER_USERNAME:
from_secret: docker_username
CUDDLE_SECRETS_PROVIDER: 1password
CUDDLE_ONE_PASSWORD_DOT_ENV: ".env.ci"
CUDDLE_SSH_AGENT: "true"
GIT_PASSWORD:
from_secret: git_password
CI_PREFIX: "/mnt/ci/ci"
DOCKER_HOST: "tcp://192.168.1.155:2376"
CUDDLE_PLEASE_TOKEN:
from_secret: cuddle_please_token
OP_SERVICE_ACCOUNT_TOKEN:
from_secret: op_service_account_token
when:
event:
- pull_request
depends_on:
- "load_secret"
- name: build main
image: kasperhermansen/{{bin_name}}:{{image_tag}}
volumes:
- name: ssh
path: /root/.ssh/
commands:
- eval `ssh-agent`
- ssh-add
- echo "$DOCKER_PASSWORD" | docker login --password-stdin --username="$DOCKER_USERNAME" docker.io
- export CLUSTER=clank-prod
- cuddle --version
- {{ bin_name }} main
environment:
DAGGER_CLOUD_TOKEN:
from_secret: dagger_cloud_token
DRONE_HOST: "https://ci.i.kjuulh.io"
DRONE_USER: "kjuulh"
DRONE_TOKEN:
from_secret: drone_token
REGISTRY_CACHE_USERNAME:
from_secret: registry_cache_username
REGISTRY_CACHE_PASSWORD:
from_secret: registry_cache_password
REGISTRY_CACHE_TOKEN:
from_secret: registry_cache_token
REGISTRY_CACHE_url:
from_secret: registry_cache_url
DOCKER_BUILDKIT: 1
DOCKER_PASSWORD:
from_secret: docker_password
DOCKER_USERNAME:
from_secret: docker_username
CUDDLE_SECRETS_PROVIDER: 1password
CUDDLE_ONE_PASSWORD_DOT_ENV: ".env.ci"
CUDDLE_SSH_AGENT: "true"
GIT_PASSWORD:
from_secret: git_password
CI_PREFIX: "/mnt/ci/ci"
DOCKER_HOST: "tcp://192.168.1.155:2376"
CUDDLE_PLEASE_TOKEN:
from_secret: cuddle_please_token
OP_SERVICE_ACCOUNT_TOKEN:
from_secret: op_service_account_token
when:
event:
- push
branch:
- main
- master
exclude:
- pull_request
depends_on:
- "load_secret"
volumes:
- name: ssh
temp: {}

22
templates/deployment.yaml
View File

@ -1,22 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: "{{ service }}"
spec:
selector:
matchLabels:
app: "{{ service }}"
template:
spec:
containers:
- name: "{{ service }}"
image: "deployment:latest"
ports:
- containerPort: 3000
name: external_http
- containerPort: 3001
name: internal_http
- containerPort: 4000
name: external_grpc
- containerPort: 4001
name: internal_grpc

7
templates/docker-compose.local_up.dockerignore Normal file
View File

@ -0,0 +1,7 @@
target/
.git/
.cuddle/
scripts/
cuddle.yaml
local.sh
README.md

17
templates/docker-compose.local_up.yml.tmpl Normal file
View File

@ -0,0 +1,17 @@
version: '3.7'
services:
db:
build:
context: .
dockerfile: local_up.Dockerfile
restart: always
environment:
- POSTGRES_PASSWORD=somenotverysecurepassword
ports:
- 5432:5432
volumes:
- pgdata:/var/lib/postgresql/data
volumes:
pgdata:

8
templates/init-user-db.sh Normal file
View File

@ -0,0 +1,8 @@
#!bin/bash
set -e
psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL
CREATE USER como WITH PASSWORD 'somenotverysecurepassword';
CREATE DATABASE cuddle;
GRANT ALL PRIVILEGES ON DATABASE cuddle TO cuddle;
EOSQL

39
templates/kustomize/base/deployment.yaml
View File

@ -1,39 +0,0 @@
{% set_global cluster_vars = filter_by_prefix(prefix=["clusters", cluster]) %}
apiVersion: apps/v1
kind: Deployment
metadata:
name: "{{ service }}"
spec:
selector:
matchLabels:
app: "{{ service }}"
template:
spec:
containers:
- name: "{{ service }}"
command: [{{ service }}]
args: ["serve"]
image: "deployment:latest"
ports:
- containerPort: 3000
name: external-http
- containerPort: 3001
name: internal-http
- containerPort: 3002
name: internal-grpc
{% if cluster_vars.config or cluster_vars.secrets %}
env:
{% for secret in cluster_vars.secrets %}
- name: SECRET_USERNAME
valueFrom:
secretKeyRef:
name: my-secret
key: username
- name: SECRET_PASSWORD
valueFrom:
secretKeyRef:
name: my-secret
key: password
{% endfor %}
{% endif %}

23
templates/kustomize/base/kustomization.yaml
View File

@ -1,23 +0,0 @@
{% set_global cluster_vars = filter_by_prefix(prefix=["clusters", cluster]) %}
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- deployment.yaml
- service.yaml
commonLabels:
app: "{{ service }}"
cluster: "{{ cluster }}"
namespace: "{{ cluster_vars.namespace }}"
replicas:
- name: "{{ service }}"
count: {{ cluster_vars.replicas }}
images:
- name: "deployment"
newName: "{{ registry }}/{{ service }}"
newTag: "{{ image_tag }}"

17
templates/kustomize/base/service.yaml
View File

@ -1,17 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: "{{ service }}"
spec:
type: LoadBalancer
ports:
- name: external-http
port: 3000
targetPort: 3000
- name: internal-http
port: 3001
targetPort: 3001
- name: internal-grpc
port: 3002
targetPort: 3002

3
templates/local_up.Dockerfile Normal file
View File

@ -0,0 +1,3 @@
FROM postgres:14-alpine
COPY *.sh /docker-entrypoint-initdb.d/