feat: add infra

Signed-off-by: kjuulh <contact@kjuulh.io>

cuddle-infrastructure/.drone.yml

@@ -0,0 +1,155 @@
+kind: pipeline
+name: default
+type: docker
+
+steps:
+  - name: load_secret
+    image: debian:buster-slim
+    volumes:
+      - name: ssh
+        path: /root/.ssh/
+    environment:
+      SSH_KEY:
+        from_secret: gitea_id_ed25519
+    commands:
+      - mkdir -p $HOME/.ssh/
+      - echo "$SSH_KEY" | base64 -d > $HOME/.ssh/id_ed25519
+      - chmod -R 600 ~/.ssh
+      - |
+        cat >$HOME/.ssh/config <<EOL
+        Host git.front.kjuulh.io
+          IdentityFile $HOME/.ssh/id_ed25519
+          IdentitiesOnly yes
+          UserKnownHostsFile=/dev/null
+          StrictHostKeyChecking no
+        EOL
+      - chmod 700 ~/.ssh/config
+
+  - name: build pr
+    image: kasperhermansen/cuddle:latest
+    pull: always
+    volumes:
+      - name: ssh
+        path: /root/.ssh/
+      - name: ci
+        path: /mnt/ci
+    commands:
+      - eval `ssh-agent`
+      - ssh-add
+      - echo "$DOCKER_PASSWORD" | docker login  --password-stdin --username="$DOCKER_USERNAME" docker.io
+      - apk add git
+      - $CI_PREFIX pr
+    environment:
+      DOCKER_BUILDKIT: 1
+      DOCKER_PASSWORD:
+        from_secret: docker_password
+      DOCKER_USERNAME:
+        from_secret: docker_username
+      CUDDLE_SECRETS_PROVIDER: 1password
+      CUDDLE_ONE_PASSWORD_DOT_ENV: ".env.ci"
+      CUDDLE_SSH_AGENT: "true"
+      CI_PREFIX: "/mnt/ci/ci"
+      CUDDLE_PLEASE_TOKEN:
+        from_secret: cuddle_please_token
+      OP_SERVICE_ACCOUNT_TOKEN:
+        from_secret: op_service_account_token
+    when:
+      event:
+        - pull_request
+      exclude:
+        - main
+        - master
+    depends_on:
+      - "load_secret"
+
+  - name: build main
+    image: kasperhermansen/cuddle-infrastructure-plan:main-1706481826
+    pull: always
+    volumes:
+      - name: ssh
+        path: /root/.ssh/
+    commands:
+      - eval `ssh-agent`
+      - ssh-add
+      - echo "$DOCKER_PASSWORD" | docker login  --password-stdin --username="$DOCKER_USERNAME" docker.io
+      - export CLUSTER=clank-prod
+      - export IMAGE_TAG=something
+      - cuddle-infrastructure-plan main
+    environment:
+      REGISTRY_CACHE_USERNAME:
+        from_secret: registry_cache_username
+      REGISTRY_CACHE_PASSWORD:
+        from_secret: registry_cache_password
+      REGISTRY_CACHE_TOKEN:
+        from_secret: registry_cache_token
+      REGISTRY_CACHE_url:
+        from_secret: registry_cache_url
+      DOCKER_BUILDKIT: 1
+      DOCKER_PASSWORD:
+        from_secret: docker_password
+      DOCKER_USERNAME:
+        from_secret: docker_username
+      CUDDLE_SECRETS_PROVIDER: 1password
+      CUDDLE_ONE_PASSWORD_DOT_ENV: ".env.ci"
+      CUDDLE_SSH_AGENT: "true"
+      GIT_PASSWORD:
+        from_secret: git_password
+      CI_PREFIX: "/mnt/ci/ci"
+      DOCKER_HOST: "tcp://192.168.1.233:2376"
+      CUDDLE_PLEASE_TOKEN:
+        from_secret: cuddle_please_token
+      OP_SERVICE_ACCOUNT_TOKEN:
+        from_secret: op_service_account_token
+    when:
+      event:
+        - push
+      branch:
+        - main
+        - master
+      exclude:
+        - pull_request
+    depends_on:
+      - "load_secret"
+
+  - name: deploy release
+    image: kasperhermansen/cuddle:latest
+    pull: always
+    volumes:
+      - name: ssh
+        path: /root/.ssh/
+      - name: dockersock
+        path: /var/run
+      - name: ci
+        path: /mnt/ci
+    commands:
+      - eval `ssh-agent`
+      - ssh-add
+      - echo "$DOCKER_PASSWORD" | docker login  --password-stdin --username="$DOCKER_USERNAME" docker.io
+      - apk add git
+      - cuddle x ci:release
+    environment:
+      DOCKER_BUILDKIT: 1
+      DOCKER_PASSWORD:
+        from_secret: docker_password
+      DOCKER_USERNAME:
+        from_secret: docker_username
+      CUDDLE_SECRETS_PROVIDER: 1password
+      CUDDLE_ONE_PASSWORD_DOT_ENV: ".env.ci"
+      CUDDLE_SSH_AGENT: "true"
+      CI_PREFIX: "/mnt/ci/ci"
+      CUDDLE_PLEASE_TOKEN:
+        from_secret: cuddle_please_token
+      OP_SERVICE_ACCOUNT_TOKEN:
+        from_secret: op_service_account_token
+    when:
+      event:
+        - tag
+      ref:
+        include:
+        - refs/tags/v*
+    depends_on:
+      - "load_secret"
+
+volumes:
+  - name: ssh
+    temp: {}

cuddle-infrastructure/.gitignore

@@ -0,0 +1,2 @@
+target/
+.cuddle/

cuddle-infrastructure/cuddle-template.json

@@ -0,0 +1,10 @@
+{
+  "name": "cuddle-infrastructure",
+  "templating": "tera",
+  "delimiter": "[[]]",
+  "prompt": {
+    "name": {
+      "description": "Project name"
+    }
+  }
+}

cuddle-infrastructure/cuddle.yaml

@@ -0,0 +1,20 @@
+# yaml-language-server: $schema=https://git.front.kjuulh.io/kjuulh/cuddle/raw/branch/main/schemas/base.json
+
+base: "git@git.front.kjuulh.io:kjuulh/cuddle-infrastructure-plan.git"
+
+vars:
+  service: "%%name%%"
+  registry: kasperhermansen
+
+  clusters:
+    clank-prod:
+      replicas: "3"
+      namespace: prod
+
+
+deployment:
+  registry: git@git.front.kjuulh.io:kjuulh/clank-clusters
+  env:
+    prod:
+      clusters:
+        - clank-prod

cuddle-infrastructure/renovate.json

@@ -0,0 +1,3 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json"
+}

cuddle-infrastructure/templates/kustomize/base/deployment.yaml

@@ -0,0 +1,20 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: "{{ service }}"
+spec:
+  selector:
+    matchLabels:
+      app: "{{ service }}"
+  template:
+    spec:
+      containers:
+      - name: "{{ service }}"
+        image: "deployment:latest"
+        ports:
+        - containerPort: 3000
+          name: external_http
+        - containerPort: 3001
+          name: internal_http
+        - containerPort: 3002
+          name: internal_grpc

cuddle-infrastructure/templates/kustomize/base/kustomization.yaml

@@ -0,0 +1,24 @@
+
+{% set_global cluster_vars = filter_by_prefix(prefix=["clusters", cluster]) %}
+
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+- deployment.yaml
+- service.yaml
+
+commonLabels:
+  app: "{{ service }}"
+  cluster: "{{ cluster }}"
+
+namespace: "{{ cluster_vars.namespace }}"
+
+replicas:
+  - name: "{{ service }}"
+    count: {{ cluster_vars.replicas }}
+
+images:
+  - name: "deployment"
+    newName: "{{ service }}"
+    newTag: "{{ image_tag }}"

cuddle-infrastructure/templates/kustomize/base/service.yaml

@@ -0,0 +1,17 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: "{{ service }}"
+spec:
+  type: LoadBalancer
+  ports:
+    - name: external_http
+      port: 3000
+      targetPort: 3000 
+    - name: internal_http
+      port: 3001
+      targetPort: 3001 
+    - name: internal_grpc
+      port: 3002
+      targetPort: 3002 
+

cuddle-templates.json

@@ -4,6 +4,7 @@
     "rust-cli",
     "rust-lib",
     "empty",
-    "deployment"
+    "deployment",
+    "cuddle-infrastructure"
   ]
 }