Finalize kubernetes deployments (#38)

* Add build to deploy deps * Remove unused permissions keys * Fix secret name * Fix image name step * Fix build-web to use correct yarn.lock files * Temporarily disable deployment step, add validation step * Remove full image name, just output the tag hash Since the registry is a secret, if you try to output anything with it it will fail * Recompose full image name using just tag from output * Fix deployment configmap ref * Fix the incorrect image being used * Reduce rollout timeout to 2 minutes * Add database url to deployment * Add ingress configuration * Add initial queue k8s configs * Fix deployment * Add QUEUE_IMAGE to cicd * Update name * Add initial ui k8s configuration * Add a health check endpoint to the ui * Add other secret refs * Fix capitalization * Update the database url secret * Fix ui deloyment errors * Fix queue and ui image * fix the secret ref * Remove database secret from ui * Remove the envFrom for farmhand-db * Fix twitch redirect uri * Update rust log for api * Fix twitch secret ref * Fix the UI api url * Fix twitch redirect uri to point at api * Increase the interval to 250 * Add headers debug statement * Add cors setting to nginx ingress * Update nginx ingress again * Include credentials, expose Authorization * try adding configuration snippet * Remove validation step * Update the proxy pass headers * Try auth snippet annotation * Try another annotation.... * Try using configmap and mode: cors * Try this gnarly version * Add more debugging for auth issue * Update debugging again * Update configma to https * Update https configuration * Change back to http * Disable upload route
witchscrow · Dec 24, 2024 · 0eadd51 · 0eadd51
1 parent e8c3db2
commit 0eadd51
Show file tree

Hide file tree

Showing 25 changed files with 294 additions and 65 deletions.
diff --git a/.github/workflows/build-images.yml b/.github/workflows/build-images.yml
@@ -8,15 +8,9 @@ on:
   workflow_dispatch:
   workflow_call:
     outputs:
-      api_image:
-        description: "The full API image tag"
-        value: ${{ jobs.build-api.outputs.image_tag }}
-      queue_image:
-        description: "The full Queue image tag"
-        value: ${{ jobs.build-queue.outputs.image_tag }}
-      ui_image:
-        description: "The full UI image tag"
-        value: ${{ jobs.build-ui.outputs.image_tag }}
+      image_tag:
+        description: "The tag for all images in this run"
+        value: ${{ jobs.setup.outputs.version }}
 
 jobs:
   setup:
@@ -34,11 +28,6 @@ jobs:
   build-api:
     needs: setup
     runs-on: ubuntu-latest
-    outputs:
-      image_tag: ${{ steps.image_tag.outputs.value }}
-    permissions:
-      contents: read
-      packages: write
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
@@ -76,11 +65,6 @@ jobs:
   build-queue:
     needs: setup
     runs-on: ubuntu-latest
-    outputs:
-      image_tag: ${{ steps.image_tag.outputs.value }}
-    permissions:
-      contents: read
-      packages: write
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
@@ -118,11 +102,6 @@ jobs:
   build-ui:
     needs: setup
     runs-on: ubuntu-latest
-    outputs:
-      image_tag: ${{ steps.image_tag.outputs.value }}
-    permissions:
-      contents: read
-      packages: write
     steps:
       - name: Checkout code
         uses: actions/checkout@v4

diff --git a/.github/workflows/build-web.yml → .github/workflows/build-ui.yml b/.github/workflows/build-web.yml → .github/workflows/build-ui.yml
@@ -1,4 +1,4 @@
-name: build web
+name: build ui
 
 on:
   push:
@@ -9,11 +9,6 @@ on:
 jobs:
   build:
     runs-on: ubuntu-latest
-
-    defaults:
-      run:
-        working-directory: packages/web
-
     steps:
       - uses: actions/checkout@v4
 
@@ -24,14 +19,14 @@ jobs:
           cache: "yarn"
           cache-dependency-path: |
             yarn.lock
-            packages/web/yarn.lock
+            services/barn-ui/yarn.lock
 
       # Cache the build output directory
       - name: Cache build output
         uses: actions/cache@v4
         with:
           path: |
-            packages/web/.svelte-kit
+            services/barn-ui/.svelte-kit
           key: ${{ runner.os }}-web-build-${{ github.sha }}
           restore-keys: |
             ${{ runner.os }}-web-build-
@@ -42,7 +37,7 @@ jobs:
         with:
           path: |
             node_modules
-            packages/web/node_modules
+            services/barn-ui/node_modules
           key: ${{ runner.os }}-node-modules-${{ hashFiles('**/yarn.lock') }}
           restore-keys: |
             ${{ runner.os }}-node-modules-

diff --git a/.github/workflows/deploy-staging.yml b/.github/workflows/deploy-staging.yml
@@ -1,4 +1,4 @@
-name: Deploy to Staging
+name: deploy - staging
 
 on:
   workflow_dispatch:
@@ -14,25 +14,27 @@ jobs:
   deploy:
     runs-on: ubuntu-latest
     environment: staging
-
+    needs: build
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
 
       - name: Install doctl
         uses: digitalocean/action-doctl@v2
         with:
-          token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }}
+          token: ${{ secrets.DO_REGISTRY_KEY }}
 
       - name: Save DigitalOcean kubeconfig
         run: doctl kubernetes cluster kubeconfig save ${{ vars.CLUSTER_NAME }}
 
       - name: Update kustomization
         run: |
           cd k8s/overlays/staging
-          kustomize edit set image api=${{ needs.build.outputs.api_image }}
+          kustomize edit set image api=${{ secrets.DO_REGISTRY }}/${{ vars.API_IMAGE }}:${{ needs.build.outputs.image_tag }}
+          kustomize edit set image queue=${{ secrets.DO_REGISTRY }}/${{ vars.QUEUE_IMAGE }}:${{ needs.build.outputs.image_tag }}
+          kustomize edit set image ui=${{ secrets.DO_REGISTRY }}/${{ vars.UI_IMAGE }}:${{ needs.build.outputs.image_tag }}
 
       - name: Deploy to staging
         run: |
           kubectl apply -k k8s/overlays/staging
-          kubectl rollout status deployment/api -n staging
+          kubectl rollout status deployment/farmhand-api-staging -n staging --timeout=2m
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/README.md b/README.md
@@ -1,7 +1,7 @@
 # farmhand
 
 [![build api](https://github.com/sneakycrow/farmhand/actions/workflows/build-api.yml/badge.svg)](https://github.com/sneakycrow/farmhand/actions/workflows/build-api.yml)
-[![build web](https://github.com/sneakycrow/farmhand/actions/workflows/build-web.yml/badge.svg)](https://github.com/sneakycrow/farmhand/actions/workflows/build-web.yml)
+[![build ui](https://github.com/sneakycrow/farmhand/actions/workflows/build-ui.yml/badge.svg)](https://github.com/sneakycrow/farmhand/actions/workflows/build-ui.yml)
 [![build queue](https://github.com/sneakycrow/farmhand/actions/workflows/build-queue.yml/badge.svg)](https://github.com/sneakycrow/farmhand/actions/workflows/build-queue.yml)
 
 Farmhand is a powerful, open-source clip and VOD management system built for creators and artists who want more control over their content.

diff --git a/config/queue.Dockerfile b/config/queue.Dockerfile
@@ -40,5 +40,8 @@ RUN apt-get update && apt-get install -y \
 # Copy the binary from builder
 COPY --from=builder /usr/local/bin/forge /usr/local/bin/forge
 
+# Expose the health check server
+EXPOSE 8080
+
 # Set the entrypoint
 ENTRYPOINT ["/usr/local/bin/forge"]
diff --git a/k8s/base/api/configmap.yaml b/k8s/base/api/configmap.yaml
@@ -3,4 +3,8 @@ kind: ConfigMap
 metadata:
   name: farmhand-api-config
 data:
+  FRONTEND_URL: "https://staging.farmhand.witchscrow.com"
+  RUST_LOG: "api=debug,db=debug,queue=debug,tower_http=debug,axum::rejection=trace"
+  FFMPEG_LOCATION: "/opt/homebrew/bin/ffmpeg" # TODO: Make this is the right path for docker context
+  TWITCH_REDIRECT_URI: "https://staging.api.farmhand.witchscrow.com/auth/twitch/callback"
   LOG_LEVEL: "api=debug"
diff --git a/k8s/base/api/deployment.yaml b/k8s/base/api/deployment.yaml
@@ -18,7 +18,28 @@ spec:
             - containerPort: 3000
           envFrom:
             - configMapRef:
-                name: api-config
+                name: farmhand-api-config
+          env:
+            - name: DATABASE_URL
+              valueFrom:
+                secretKeyRef:
+                  name: farmhand-db
+                  key: uri
+            - name: TWITCH_CLIENT_ID
+              valueFrom:
+                secretKeyRef:
+                  name: twitch-credentials
+                  key: client-id
+            - name: TWITCH_CLIENT_SECRET
+              valueFrom:
+                secretKeyRef:
+                  name: twitch-credentials
+                  key: client-secret
+            - name: JWT_SECRET
+              valueFrom:
+                secretKeyRef:
+                  name: jwt
+                  key: secret
           resources:
             requests:
               cpu: "100m"

diff --git a/k8s/base/api/kustomization.yaml b/k8s/base/api/kustomization.yaml
@@ -5,8 +5,3 @@ resources:
   - deployment.yaml
   - service.yaml
   - configmap.yaml
-
-images:
-  - name: api
-    newName: placeholder
-    newTag: placeholder
diff --git a/k8s/base/queue/configmap.yaml b/k8s/base/queue/configmap.yaml
@@ -0,0 +1,6 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: farmhand-queue-config
+data:
+  LOG_LEVEL: "queue=debug"
diff --git a/k8s/base/queue/deployment.yaml b/k8s/base/queue/deployment.yaml
@@ -0,0 +1,40 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: farmhand-queue
+spec:
+  selector:
+    matchLabels:
+      app: farmhand-queue
+  template:
+    metadata:
+      labels:
+        app: farmhand-queue
+    spec:
+      containers:
+        - name: farmhand-queue
+          image: queue
+          ports:
+            - containerPort: 8080
+          envFrom:
+            - configMapRef:
+                name: farmhand-queue-config
+          env:
+            - name: DATABASE_URL
+              valueFrom:
+                secretKeyRef:
+                  name: farmhand-db
+                  key: uri
+          resources:
+            requests:
+              cpu: "100m"
+              memory: "256Mi"
+            limits:
+              cpu: "500m"
+              memory: "512Mi"
+          readinessProbe:
+            httpGet:
+              path: /health
+              port: 8080
+            initialDelaySeconds: 5
+            periodSeconds: 10
diff --git a/k8s/base/queue/kustomization.yaml b/k8s/base/queue/kustomization.yaml
@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - deployment.yaml
+  - configmap.yaml
diff --git a/k8s/base/ui/configmap.yaml b/k8s/base/ui/configmap.yaml
@@ -0,0 +1,6 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: farmhand-ui-config
+data:
+  API_URL: "https://staging.api.farmhand.witchscrow.com"
diff --git a/k8s/base/ui/deployment.yaml b/k8s/base/ui/deployment.yaml
@@ -0,0 +1,34 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: farmhand-ui
+spec:
+  selector:
+    matchLabels:
+      app: farmhand-ui
+  template:
+    metadata:
+      labels:
+        app: farmhand-ui
+    spec:
+      containers:
+        - name: farmhand-ui
+          image: ui
+          ports:
+            - containerPort: 3000
+          envFrom:
+            - configMapRef:
+                name: farmhand-ui-config
+          resources:
+            requests:
+              cpu: "100m"
+              memory: "256Mi"
+            limits:
+              cpu: "500m"
+              memory: "512Mi"
+          readinessProbe:
+            httpGet:
+              path: /health
+              port: 3000
+            initialDelaySeconds: 5
+            periodSeconds: 10
diff --git a/k8s/base/ui/kustomization.yaml b/k8s/base/ui/kustomization.yaml
@@ -0,0 +1,7 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - deployment.yaml
+  - service.yaml
+  - configmap.yaml
diff --git a/k8s/base/ui/service.yaml b/k8s/base/ui/service.yaml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: farmhand-ui
+spec:
+  selector:
+    app: farmhand-ui
+  ports:
+    - port: 80
+      targetPort: 3000
+  type: ClusterIP