-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
59de2a3
commit 9efd229
Showing
14 changed files
with
791 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
# Docs for the Azure Web Apps Deploy action: https://github.com/Azure/webapps-deploy | ||
# More GitHub Actions for Azure: https://github.com/Azure/actions | ||
|
||
name: Build and Push to ACR | ||
on: | ||
push: | ||
branches: | ||
- main | ||
- feat/ci-cd | ||
|
||
workflow_dispatch: | ||
jobs: | ||
build-and-push: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v4 | ||
# Add support for more platforms with QEMU (optional) | ||
# https://github.com/docker/setup-qemu-action | ||
- name: Set up QEMU | ||
uses: docker/setup-qemu-action@v3 | ||
- name: Set up Docker Buildx | ||
uses: docker/setup-buildx-action@v3 | ||
- name: Login to Azure Container Registry | ||
uses: azure/docker-login@v1 | ||
with: | ||
login-server: ${{ secrets.NEW_REGISTRY_NAME }}.azurecr.io | ||
username: ${{ secrets.NEW_REGISTRY_USERNAME }} | ||
password: ${{ secrets.NEW_REGISTRY_PASSWORD }} | ||
- name: Build and push | ||
uses: docker/build-push-action@v2 | ||
with: | ||
push: true | ||
tags: ${{ secrets.NEW_REGISTRY_NAME }}.azurecr.io/infini-connect:dev |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,160 @@ | ||
# This workflow will build and push an application to a Azure Kubernetes Service (AKS) cluster when you push your code | ||
# | ||
# This workflow assumes you have already created the target AKS cluster and have created an Azure Container Registry (ACR) | ||
# The ACR should be attached to the AKS cluster | ||
# For instructions see: | ||
# - https://docs.microsoft.com/en-us/azure/aks/kubernetes-walkthrough-portal | ||
# - https://docs.microsoft.com/en-us/azure/container-registry/container-registry-get-started-portal | ||
# - https://learn.microsoft.com/en-us/azure/aks/cluster-container-registry-integration?tabs=azure-cli#configure-acr-integration-for-existing-aks-clusters | ||
# - https://github.com/Azure/aks-create-action | ||
# | ||
# To configure this workflow: | ||
# | ||
# 1. Set the following secrets in your repository (instructions for getting these | ||
# https://docs.microsoft.com/en-us/azure/developer/github/connect-from-azure?tabs=azure-cli%2Clinux)): | ||
# - AZURE_CLIENT_ID | ||
# - AZURE_TENANT_ID | ||
# - AZURE_SUBSCRIPTION_ID | ||
# | ||
# 2. Set the following environment variables (or replace the values below): | ||
# - AZURE_CONTAINER_REGISTRY (name of your container registry / ACR) | ||
# - CONTAINER_NAME (name of the container image you would like to push up to your ACR) | ||
# - RESOURCE_GROUP (where your cluster is deployed) | ||
# - CLUSTER_NAME (name of your AKS cluster) | ||
# - IMAGE_PULL_SECRET_NAME (name of the ImagePullSecret that will be created to pull your ACR image) | ||
# | ||
# 3. Choose the appropriate render engine for the bake step https://github.com/Azure/k8s-bake. The config below assumes Helm. | ||
# Set your helmChart, overrideFiles, overrides, and helm-version to suit your configuration. | ||
# - CHART_PATH (path to your helm chart) | ||
# - CHART_OVERRIDE_PATH (path to your helm chart with override values) | ||
# | ||
# For more information on GitHub Actions for Azure, refer to https://github.com/Azure/Actions | ||
# For more samples to get started with GitHub Action workflows to deploy to Azure, refer to https://github.com/Azure/actions-workflow-samples | ||
# For more options with the actions used below please refer to https://github.com/Azure/login | ||
|
||
name: Build and deploy to AKS with Helm | ||
|
||
on: | ||
push: | ||
branches: | ||
- main | ||
#- feat/ci-cd | ||
workflow_dispatch: | ||
|
||
env: | ||
RESOURCE_GROUP: "inficonnectrg" | ||
CLUSTER_NAME: "inficonnectaks" | ||
CHART_PATH: "./helm-charts/infini-connect" | ||
#CHART_OVERRIDE_PATH: "your-chart-override-path" | ||
|
||
jobs: | ||
deployToDev: | ||
name: Deploy to Developemnt | ||
permissions: | ||
actions: read | ||
contents: read | ||
id-token: write | ||
runs-on: ubuntu-latest | ||
environment: Development | ||
steps: | ||
# Checks out the repository this file is in | ||
- uses: actions/checkout@v3 | ||
|
||
# Logs in with your Azure credentials | ||
- name: Azure login | ||
uses: azure/[email protected] | ||
with: | ||
creds: ${{ secrets.AZURE_CREDENTIALS }} | ||
|
||
# Use kubelogin to configure your kubeconfig for Azure auth | ||
- name: Set up kubelogin for non-interactive login | ||
uses: azure/use-kubelogin@v1 | ||
with: | ||
kubelogin-version: 'v0.0.25' | ||
|
||
# Retrieves your Azure Kubernetes Service cluster's kubeconfig file | ||
- name: Get K8s context | ||
uses: azure/aks-set-context@v3 | ||
with: | ||
resource-group: ${{ env.RESOURCE_GROUP }} | ||
cluster-name: ${{ env.CLUSTER_NAME }} | ||
admin: 'false' | ||
use-kubelogin: 'true' | ||
|
||
# Runs Helm to create manifest files | ||
- name: Bake deployment | ||
uses: azure/k8s-bake@v2 | ||
with: | ||
renderEngine: "helm" | ||
helmChart: ${{ env.CHART_PATH }} | ||
overrideFiles: "./helm-charts/dev/values.yaml" | ||
overrides: | | ||
replicas:1 | ||
helm-version: "latest" | ||
id: bake | ||
|
||
# Deploys application based on manifest files from previous step | ||
- name: Deploy application | ||
uses: Azure/k8s-deploy@v4 | ||
with: | ||
action: deploy | ||
manifests: ${{ steps.bake.outputs.manifestsBundle }} | ||
namespace: "ic-core-dev" | ||
images: | | ||
${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }} | ||
deployToProd: | ||
name: Deploy to Production | ||
needs: deployToDev | ||
permissions: | ||
actions: read | ||
contents: read | ||
id-token: write | ||
runs-on: ubuntu-latest | ||
environment: Production | ||
steps: | ||
# Checks out the repository this file is in | ||
- uses: actions/checkout@v3 | ||
|
||
# Logs in with your Azure credentials | ||
- name: Azure login | ||
uses: azure/[email protected] | ||
with: | ||
creds: ${{ secrets.AZURE_CREDENTIALS }} | ||
|
||
# Use kubelogin to configure your kubeconfig for Azure auth | ||
- name: Set up kubelogin for non-interactive login | ||
uses: azure/use-kubelogin@v1 | ||
with: | ||
kubelogin-version: 'v0.0.25' | ||
|
||
# Retrieves your Azure Kubernetes Service cluster's kubeconfig file | ||
- name: Get K8s context | ||
uses: azure/aks-set-context@v3 | ||
with: | ||
resource-group: ${{ env.RESOURCE_GROUP }} | ||
cluster-name: ${{ env.CLUSTER_NAME }} | ||
admin: 'false' | ||
use-kubelogin: 'true' | ||
|
||
# Runs Helm to create manifest files | ||
- name: Bake deployment | ||
uses: azure/k8s-bake@v2 | ||
with: | ||
renderEngine: "helm" | ||
helmChart: ${{ env.CHART_PATH }} | ||
overrideFiles: ./helm-charts/prod/values.yaml | ||
overrides: | | ||
replicas:1 | ||
helm-version: "latest" | ||
id: bake | ||
|
||
# Deploys application based on manifest files from previous step | ||
- name: Deploy application | ||
uses: Azure/k8s-deploy@v4 | ||
with: | ||
action: deploy | ||
manifests: ${{ steps.bake.outputs.manifestsBundle }} | ||
namespace: "ic-core-acc" | ||
images: | | ||
${{ env.AZURE_CONTAINER_REGISTRY }}.azurecr.io/${{ env.CONTAINER_NAME }}:${{ github.sha }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,95 @@ | ||
# Default values for infini-connect. | ||
# This is a YAML-formatted file. | ||
# Declare variables to be passed into your templates. | ||
|
||
replicaCount: 1 | ||
|
||
namespace: ic-core-dev | ||
|
||
environment: dev | ||
|
||
image: | ||
repository: inficonnectacr.azurecr.io/infini-connect | ||
pullPolicy: Always | ||
# Overrides the image tag whose default is the chart appVersion. | ||
tag: "dev" | ||
|
||
imagePullSecrets: [] | ||
nameOverride: "" | ||
fullnameOverride: "" | ||
|
||
serviceAccount: | ||
# Specifies whether a service account should be created | ||
create: true | ||
# Annotations to add to the service account | ||
annotations: {} | ||
# The name of the service account to use. | ||
# If not set and create is true, a name is generated using the fullname template | ||
name: "" | ||
|
||
podAnnotations: {} | ||
|
||
podSecurityContext: {} | ||
# fsGroup: 2000 | ||
|
||
securityContext: {} | ||
# capabilities: | ||
# drop: | ||
# - ALL | ||
# readOnlyRootFilesystem: true | ||
# runAsNonRoot: true | ||
# runAsUser: 1000 | ||
|
||
service: | ||
type: ClusterIP | ||
ports: | ||
http: | ||
port: 80 | ||
targetPort: http | ||
protocol: TCP | ||
https: | ||
port: 443 | ||
targetPort: https | ||
protocol: TCP | ||
|
||
|
||
ingress: | ||
enabled: true | ||
className: "" | ||
port: 80 | ||
annotations: | ||
nginx.ingress.kubernetes.io/ssl-redirect: "false" | ||
hosts: | ||
- host: "dev-api.infini-connect.devoteam.nl" | ||
paths: | ||
- path: / | ||
pathType: Prefix | ||
tls: [] | ||
# - secretName: chart-example-tls | ||
# hosts: | ||
# - chart-example.local | ||
|
||
resources: {} | ||
# We usually recommend not to specify default resources and to leave this as a conscious | ||
# choice for the user. This also increases chances charts run on environments with little | ||
# resources, such as Minikube. If you do want to specify resources, uncomment the following | ||
# lines, adjust them as necessary, and remove the curly braces after 'resources:'. | ||
# limits: | ||
# cpu: 100m | ||
# memory: 128Mi | ||
# requests: | ||
# cpu: 100m | ||
# memory: 128Mi | ||
|
||
autoscaling: | ||
enabled: false | ||
minReplicas: 1 | ||
maxReplicas: 100 | ||
targetCPUUtilizationPercentage: 80 | ||
# targetMemoryUtilizationPercentage: 80 | ||
|
||
nodeSelector: {} | ||
|
||
tolerations: [] | ||
|
||
affinity: {} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
# Patterns to ignore when building packages. | ||
# This supports shell glob matching, relative path matching, and | ||
# negation (prefixed with !). Only one pattern per line. | ||
.DS_Store | ||
# Common VCS dirs | ||
.git/ | ||
.gitignore | ||
.bzr/ | ||
.bzrignore | ||
.hg/ | ||
.hgignore | ||
.svn/ | ||
# Common backup files | ||
*.swp | ||
*.bak | ||
*.tmp | ||
*.orig | ||
*~ | ||
# Various IDEs | ||
.project | ||
.idea/ | ||
*.tmproj | ||
.vscode/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
apiVersion: v2 | ||
name: infini-connect | ||
description: A Helm chart for Kubernetes | ||
|
||
# A chart can be either an 'application' or a 'library' chart. | ||
# | ||
# Application charts are a collection of templates that can be packaged into versioned archives | ||
# to be deployed. | ||
# | ||
# Library charts provide useful utilities or functions for the chart developer. They're included as | ||
# a dependency of application charts to inject those utilities and functions into the rendering | ||
# pipeline. Library charts do not define any templates and therefore cannot be deployed. | ||
type: application | ||
|
||
# This is the chart version. This version number should be incremented each time you make changes | ||
# to the chart and its templates, including the app version. | ||
# Versions are expected to follow Semantic Versioning (https://semver.org/) | ||
version: 1.0.0 | ||
|
||
# This is the version number of the application being deployed. This version number should be | ||
# incremented each time you make changes to the application. Versions are not expected to | ||
# follow Semantic Versioning. They should reflect the version the application is using. | ||
# It is recommended to use it with quotes. | ||
appVersion: "1.0.0" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
1. Get the application URL by running these commands: | ||
{{- if .Values.ingress.enabled }} | ||
{{- range $host := .Values.ingress.hosts }} | ||
{{- range .paths }} | ||
http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} | ||
{{- end }} | ||
{{- end }} | ||
{{- else if contains "NodePort" .Values.service.type }} | ||
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "infini-connect.fullname" . }}) | ||
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") | ||
echo http://$NODE_IP:$NODE_PORT | ||
{{- else if contains "LoadBalancer" .Values.service.type }} | ||
NOTE: It may take a few minutes for the LoadBalancer IP to be available. | ||
You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "infini-connect.fullname" . }}' | ||
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "infini-connect.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") | ||
echo http://$SERVICE_IP:{{ .Values.service.port }} | ||
{{- else if contains "ClusterIP" .Values.service.type }} | ||
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "infini-connect.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") | ||
export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") | ||
echo "Visit http://127.0.0.1:8080 to use your application" | ||
kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT | ||
{{- end }} |
Oops, something went wrong.