From a948a6445b7e1778c36df7b3bf366761f1e0a022 Mon Sep 17 00:00:00 2001 From: Ralf Berger Date: Tue, 25 Apr 2023 09:39:34 +0200 Subject: [PATCH] Migrate K8s manifests to separate repo Due to the limitations of private repos it seems impossible to reference Kustomization base from an Argo Application located in a different repo. Possibly related to: https://github.com/argoproj/argo-cd/issues/9443 --- .github/workflows/ci.yml | 5 +-- .github/workflows/kustomize.yml | 38 -------------------- .github/workflows/release.yml | 1 - .k8s/Makefile | 9 ----- .k8s/README.md | 33 ------------------ .k8s/ingress.yaml | 31 ----------------- .k8s/kustomization.yaml | 55 ----------------------------- .k8s/mongodb/deployment.yaml | 62 --------------------------------- .k8s/mongodb/pvc.yaml | 10 ------ .k8s/mongodb/service.yaml | 9 ----- .k8s/webapp/deployment.yaml | 40 --------------------- .k8s/webapp/service.yaml | 10 ------ .k8s/webserver/deployment.yaml | 56 ----------------------------- .k8s/webserver/pvc.yaml | 10 ------ .k8s/webserver/service.yaml | 10 ------ README.md | 1 - 16 files changed, 1 insertion(+), 379 deletions(-) delete mode 100644 .github/workflows/kustomize.yml delete mode 100644 .k8s/Makefile delete mode 100644 .k8s/README.md delete mode 100644 .k8s/ingress.yaml delete mode 100644 .k8s/kustomization.yaml delete mode 100644 .k8s/mongodb/deployment.yaml delete mode 100644 .k8s/mongodb/pvc.yaml delete mode 100644 .k8s/mongodb/service.yaml delete mode 100644 .k8s/webapp/deployment.yaml delete mode 100644 .k8s/webapp/service.yaml delete mode 100644 .k8s/webserver/deployment.yaml delete mode 100644 .k8s/webserver/pvc.yaml delete mode 100644 .k8s/webserver/service.yaml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 35e91d3c5..e44659eba 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -8,9 +8,6 @@ on: branches: [ main, development ] jobs: - manifests: - uses: ./.github/workflows/kustomize.yml - images: uses: ./.github/workflows/build.yml with: @@ -22,6 +19,6 @@ jobs: registry_token: ${{ secrets.DOCKERHUB_TOKEN }} release: - needs: [ manifests, images ] + needs: [ images ] if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v') uses: ./.github/workflows/release.yml diff --git a/.github/workflows/kustomize.yml b/.github/workflows/kustomize.yml deleted file mode 100644 index e13d54137..000000000 --- a/.github/workflows/kustomize.yml +++ /dev/null @@ -1,38 +0,0 @@ -name: Kustomize -on: [ workflow_call ] -jobs: - check: - name: Validate manifests - runs-on: ubuntu-latest - container: deck15/kubeval-tools - steps: - - name: Checkout repository - uses: actions/checkout@v3 - - - name: kubeval - run: kubectl kustomize .k8s | kubeval --schema-location https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master - - - name: kube-score - run: kubectl kustomize .k8s | kube-score score - - continue-on-error: true - - create: - name: Create manifests - needs: [ check ] - runs-on: ubuntu-latest - steps: - - name: Checkout repository - uses: actions/checkout@v3 - - - name: Setup Kustomize - uses: multani/action-setup-kustomize@v1 - - - name: Render manifests - run: kustomize build --output coursemapper-webserver-base.yaml .k8s - - - name: Upload manifests - uses: actions/upload-artifact@v3 - with: - name: Kubernetes Manifests - path: coursemapper-webserver-base.yaml - if-no-files-found: error diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index de88b32b0..02e1bcea2 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -35,4 +35,3 @@ jobs: updateOnlyUnreleased: true skipIfReleaseExists: true generateReleaseNotes: true - artifacts: coursemapper-webserver-base.yaml diff --git a/.k8s/Makefile b/.k8s/Makefile deleted file mode 100644 index 6894fe408..000000000 --- a/.k8s/Makefile +++ /dev/null @@ -1,9 +0,0 @@ -help: - @cat $(MAKEFILE_LIST) | docker run --rm -i --platform linux/amd64 xanders/make-help - -# Check manifests for validity and known issues -lint: - @kubectl kustomize . | kubeval --schema-location https://raw.githubusercontent.com/yannh/kubernetes-json-schema/master - @kubectl kustomize . | kubectl score score --kubernetes-version v1.26 - - -.PHONY: help lint diff --git a/.k8s/README.md b/.k8s/README.md deleted file mode 100644 index dfc3ded68..000000000 --- a/.k8s/README.md +++ /dev/null @@ -1,33 +0,0 @@ -# Kubernetes manifests - -This is a Kustomize base layer. You will probably want to overwrite at least some settings with environment-specific changes, e.g.: - -```yaml -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -namespace: coursemapper-webserver - -configMapGenerator: -- name: ingress - behavior: merge - literals: - - host=coursemapper.com - -secretGenerator: -- name: webserver - behavior: merge - literals: - - COOKIE_SECRET=$SOMETHING_SAFE - - JWT_SECRET=$SOMETHING_SAFE - - PASS=$SOMETHING_SAFE - -images: -- name: socialcomputing/coursemapper-webserver-webapp - newTag: v1.2.3 -- name: socialcomputing/coursemapper-webserver-webserver - newTag: v1.2.3 - -resources: -- ./$PATH_TO_THIS_BASE_LAYER -``` diff --git a/.k8s/ingress.yaml b/.k8s/ingress.yaml deleted file mode 100644 index 8c1c71fdf..000000000 --- a/.k8s/ingress.yaml +++ /dev/null @@ -1,31 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: proxy - annotations: - description: CourseMapper-webserver - kubernetes.io/tls-acme: "true" - cert-manager.io/cluster-issuer: letsencrypt-prod -spec: - rules: - - host: $(FQDN) - http: - paths: - - pathType: Prefix - path: / - backend: - service: - name: webapp - port: - number: 80 - - pathType: Prefix - path: /api/ - backend: - service: - name: webserver - port: - number: 81 - tls: - - secretName: tls-certificate - hosts: - - $(FQDN) diff --git a/.k8s/kustomization.yaml b/.k8s/kustomization.yaml deleted file mode 100644 index 68beecebd..000000000 --- a/.k8s/kustomization.yaml +++ /dev/null @@ -1,55 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -namePrefix: coursemapper-webserver- - -labels: -- includeSelectors: true - pairs: - app: coursemapper-webserver - -configMapGenerator: -- name: ingress - literals: - - host=example.org - -secretGenerator: -- name: webserver - literals: - - COOKIE_SECRET=secret - - JWT_SECRET=secret - - PASS=adminpassword - -images: -- name: mongo - newTag: "6.0" -- name: socialcomputing/coursemapper-webserver-webapp - newTag: latest -- name: socialcomputing/coursemapper-webserver-webserver - newTag: latest - -vars: -- name: MONGODB_SERVICE - objref: - apiVersion: v1 - kind: Service - name: mongodb - fieldref: {} -- name: FQDN - objref: - apiVersion: v1 - kind: ConfigMap - name: ingress - fieldref: - fieldpath: data.host - -resources: -- ingress.yaml -- webapp/deployment.yaml -- webapp/service.yaml -- webserver/deployment.yaml -- webserver/service.yaml -- webserver/pvc.yaml -- mongodb/deployment.yaml -- mongodb/service.yaml -- mongodb/pvc.yaml diff --git a/.k8s/mongodb/deployment.yaml b/.k8s/mongodb/deployment.yaml deleted file mode 100644 index 2b639ad2c..000000000 --- a/.k8s/mongodb/deployment.yaml +++ /dev/null @@ -1,62 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mongodb - annotations: - keel.sh/policy: patch - keel.sh/trigger: poll - keel.sh/pollSchedule: "@every 1h" -spec: - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: - component: mongodb - template: - metadata: - labels: - component: mongodb - spec: - initContainers: - - name: repair - image: mongo - command: - - mongod - - --repair - volumeMounts: - - mountPath: /data/db - name: mongodb - resources: - requests: - memory: 160Mi - cpu: 10m - limits: - memory: 1Gi - cpu: 2 - ephemeral-storage: 1Gi - containers: - - name: mongodb - image: mongo - args: - - mongod - - --bind_ip_all - - --quiet - - --wiredTigerCacheSizeGB=0.25 - ports: - - containerPort: 27017 - volumeMounts: - - mountPath: /data/db - name: mongodb - resources: - requests: - memory: 300Mi - cpu: 100m - limits: - memory: 1Gi - cpu: 1 - ephemeral-storage: 1Gi - volumes: - - name: mongodb - persistentVolumeClaim: - claimName: mongodb diff --git a/.k8s/mongodb/pvc.yaml b/.k8s/mongodb/pvc.yaml deleted file mode 100644 index 53b3d55cc..000000000 --- a/.k8s/mongodb/pvc.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: mongodb -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 5Gi diff --git a/.k8s/mongodb/service.yaml b/.k8s/mongodb/service.yaml deleted file mode 100644 index 983604033..000000000 --- a/.k8s/mongodb/service.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: mongodb -spec: - ports: - - port: 27017 - selector: - component: mongodb diff --git a/.k8s/webapp/deployment.yaml b/.k8s/webapp/deployment.yaml deleted file mode 100644 index ff2f4ade5..000000000 --- a/.k8s/webapp/deployment.yaml +++ /dev/null @@ -1,40 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: webapp - annotations: - keel.sh/policy: minor - keel.sh/trigger: poll - keel.sh/pollSchedule: "@every 5m" -spec: - replicas: 3 - strategy: - type: RollingUpdate - selector: - matchLabels: - component: webapp - template: - metadata: - labels: - component: webapp - spec: - containers: - - name: webapp - image: socialcomputing/coursemapper-webserver-webapp - ports: - - containerPort: 4200 - env: - - name: BASE_URL - value: "/api" - livenessProbe: - httpGet: - path: / - port: 4200 - resources: - requests: - memory: 8Mi - cpu: 10m - limits: - memory: 256Mi - cpu: 1 - ephemeral-storage: 16Mi diff --git a/.k8s/webapp/service.yaml b/.k8s/webapp/service.yaml deleted file mode 100644 index e42fe68bb..000000000 --- a/.k8s/webapp/service.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: webapp -spec: - selector: - component: webapp - ports: - - port: 80 - targetPort: 4200 diff --git a/.k8s/webserver/deployment.yaml b/.k8s/webserver/deployment.yaml deleted file mode 100644 index c56d64589..000000000 --- a/.k8s/webserver/deployment.yaml +++ /dev/null @@ -1,56 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: webserver - annotations: - keel.sh/policy: minor - keel.sh/trigger: poll - keel.sh/pollSchedule: "@every 5m" -spec: - replicas: 1 - strategy: - type: Recreate - selector: - matchLabels: - component: webserver - template: - metadata: - labels: - component: webserver - spec: - containers: - - name: webserver - image: socialcomputing/coursemapper-webserver-webserver - ports: - - containerPort: 8080 - startupProbe: - httpGet: - path: /api/healthz - port: 8080 - livenessProbe: - httpGet: - path: /api/healthz - port: 8080 - env: - - name: PORT - value: "8080" - - name: MONGO_DB - value: "mongodb://$(MONGODB_SERVICE):27017/coursemapper" - envFrom: - - secretRef: - name: webserver - volumeMounts: - - mountPath: /app/public/uploads - name: webserver-uploads - resources: - requests: - memory: 8Mi - cpu: 10m - limits: - memory: 256Mi - cpu: 1 - ephemeral-storage: 1Gi - volumes: - - name: webserver-uploads - persistentVolumeClaim: - claimName: webserver-uploads diff --git a/.k8s/webserver/pvc.yaml b/.k8s/webserver/pvc.yaml deleted file mode 100644 index c962511eb..000000000 --- a/.k8s/webserver/pvc.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: webserver-uploads -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 5Gi diff --git a/.k8s/webserver/service.yaml b/.k8s/webserver/service.yaml deleted file mode 100644 index 0c5fc290e..000000000 --- a/.k8s/webserver/service.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: webserver -spec: - selector: - component: webserver - ports: - - port: 81 - targetPort: 8080 diff --git a/README.md b/README.md index e32efc30f..48dfa02f4 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,6 @@ CourseMapper is a collaborative course annotation and analytics platform that fo * `make up` to run the application using *Docker Compose* * `make tilt` to automatically rebuild during development using *Tilt* * `make mounted` to run processes using *Docker Compose*, but mount source code from host machine -* see `./.k8s` for base configuration to run the application on *Kubernetes* * see the manual below to install dependencies and run processes *locally, without containers* Visit the [proxy service on port 8000](http://localhost:8000/) to use the application.