From 4b8425a4cd61608d8499e54575236dde55204d18 Mon Sep 17 00:00:00 2001 From: Ivan Zubenko Date: Mon, 8 Nov 2021 19:51:20 +0200 Subject: [PATCH] deploy helm chart to github --- .github/workflows/ci.yaml | 47 +------- .github/workflows/release-image.yml | 49 --------- .github/workflows/release.yml | 84 ++++++++++++++ Makefile | 103 ++++++++---------- charts/platform-storage/.helmignore | 1 + charts/platform-storage/Chart.yaml | 5 + .../platform-storage/templates/_helpers.tpl | 27 +++++ .../templates/deployment.yaml | 12 +- .../platform-storage}/templates/ingress.yaml | 6 +- .../platform-storage}/templates/secrets.yaml | 2 + .../platform-storage}/templates/service.yaml | 8 +- .../platform-storage}/values-dev.yaml | 0 .../platform-storage/values.yaml | 0 deploy/README | 24 ---- deploy/platformstorageapi/Chart.yaml | 5 - tests/docker/e2e.compose.yml | 2 +- 16 files changed, 189 insertions(+), 186 deletions(-) delete mode 100644 .github/workflows/release-image.yml create mode 100644 .github/workflows/release.yml create mode 100644 charts/platform-storage/.helmignore create mode 100644 charts/platform-storage/Chart.yaml create mode 100644 charts/platform-storage/templates/_helpers.tpl rename {deploy/platformstorageapi => charts/platform-storage}/templates/deployment.yaml (91%) rename {deploy/platformstorageapi => charts/platform-storage}/templates/ingress.yaml (70%) rename {deploy/platformstorageapi => charts/platform-storage}/templates/secrets.yaml (70%) rename {deploy/platformstorageapi => charts/platform-storage}/templates/service.yaml (53%) rename {deploy/platformstorageapi => charts/platform-storage}/values-dev.yaml (100%) rename deploy/platformstorageapi/values-template.yaml => charts/platform-storage/values.yaml (100%) delete mode 100644 deploy/README delete mode 100644 deploy/platformstorageapi/Chart.yaml diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 87ebb66a..7b3e0eff 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -70,18 +70,18 @@ jobs: - name: Run integration tests run: make test_integration - name: Build Docker image - run: make build + run: make docker_build - name: Upload image artifact uses: neuro-inc/upload-image-action@v21.9.2 with: image: platformstorageapi token: ${{ secrets.GITHUB_TOKEN }} - deploy_dev: name: Deploy on dev environment: dev runs-on: ubuntu-latest needs: test + concurrency: deploy_dev if: github.event_name == 'push' && github.ref == 'refs/heads/master' env: AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }} @@ -91,7 +91,6 @@ jobs: AZURE_RG_NAME: ${{ secrets.AZURE_DEV_RG_NAME }} CLUSTER_NAME: ${{ secrets.DEV_CLUSTER_NAME }} HELM_ENV: dev - HELM_VERSION: ${{ secrets.HELM3_VERSION }} CLOUD_PROVIDER: ${{ secrets.CLOUD_PROVIDER_DEV }} steps: - name: Checkout commit @@ -102,6 +101,10 @@ jobs: uses: actions/setup-python@v2 with: python-version: 3.8.10 + - name: Install Helm + uses: azure/setup-helm@v1 + with: + version: v3.7.0 - name: Configure AWS credentials if: env.CLOUD_PROVIDER == 'aws' uses: aws-actions/configure-aws-credentials@v1 @@ -130,43 +133,5 @@ jobs: run: make docker_push - name: Update kube config run: make ${{ env.CLOUD_PROVIDER }}_k8s_login - - name: Install helm - run: make helm_install - name: Deploy to kubernetes run: make helm_deploy - - concurrency: deploy_dev - release: - name: Release package - runs-on: ubuntu-latest - needs: test - if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v') - env: - ARTIFACTORY_DOCKER_REPO: ${{ secrets.ARTIFACTORY_DOCKER_REPO }} - ARTIFACTORY_HELM_REPO: ${{ secrets.ARTIFACTORY_HELM_REPO }} - ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} - ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} - HELM_VERSION: ${{ secrets.HELM3_VERSION }} - steps: - - name: Checkout commit - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - name: Install python - uses: actions/setup-python@v2 - with: - python-version: 3.8.10 - - name: Login to Artifactory docker registry - uses: docker/login-action@v1 - with: - registry: ${{ secrets.ARTIFACTORY_DOCKER_REPO }} - username: ${{ secrets.ARTIFACTORY_USERNAME }} - password: ${{ secrets.ARTIFACTORY_PASSWORD }} - - name: Set tag - run: echo "TAG=${GITHUB_REF#refs/tags/v}" >> $GITHUB_ENV - - name: Push image to Artifactory - run: make artifactory_docker_push - - name: Install helm - run: make helm_install - - name: Push chart to Artifactory - run: make artifactory_helm_push diff --git a/.github/workflows/release-image.yml b/.github/workflows/release-image.yml deleted file mode 100644 index 155735fd..00000000 --- a/.github/workflows/release-image.yml +++ /dev/null @@ -1,49 +0,0 @@ -name: Release Image - -on: - workflow_run: - workflows: - - CI - types: - - completed - -permissions: - contents: read - packages: write - -jobs: - publish: - name: Publish - runs-on: ubuntu-latest - concurrency: release_image - steps: - - name: Purge old artifacts - uses: kolpav/purge-artifacts-action@v1 - with: - token: ${{ secrets.GH_TOKEN }} - expire-in: 30mins - - name: Release image - id: release - uses: neuro-inc/release-image-action@v21.9.36 - with: - image: platformstorageapi - token: ${{ secrets.GH_TOKEN }} - - name: Checkout commit - uses: actions/checkout@v2 - with: - ref: ${{ github.sha }} - fetch-depth: 0 - - name: Github Release - if: ${{ ! steps.release.outputs.skip }} - run: | - if [[ -n $PRERELEASE ]]; then - gh release create "$TAG" --prerelease --notes "docker pull ghcr.io/neuro-inc/platformstorageapi:$VERSION" - else - gh release create "$TAG" --notes "docker pull ghcr.io/neuro-inc/platformstorageapi:$VERSION" - fi - shell: bash - env: - TAG: ${{ steps.release.outputs.tag }} - VERSION: ${{ steps.release.outputs.version }} - GH_TOKEN: ${{ secrets.GH_TOKEN }} - PRERELEASE: ${{ steps.release.outputs.prerelease }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 00000000..f12b3786 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,84 @@ +name: Release Image + +on: + workflow_run: + workflows: + - CI + types: + - completed + +permissions: + contents: write + packages: write + +jobs: + publish_image: + name: Publish Image + runs-on: ubuntu-latest + concurrency: release_image + outputs: + tag: ${{ steps.release.outputs.tag }} + version: ${{ steps.release.outputs.version }} + skip: ${{ steps.release.outputs.skip }} + steps: + - name: Purge old artifacts + uses: kolpav/purge-artifacts-action@v1 + with: + token: ${{ secrets.GH_TOKEN }} + expire-in: 30mins + - name: Release image + id: release + uses: neuro-inc/release-image-action@v21.9.36 + with: + image: platformstorageapi + token: ${{ secrets.GH_TOKEN }} + - name: Checkout commit + uses: actions/checkout@v2 + with: + ref: ${{ github.event.workflow_run.head_sha }} + fetch-depth: 0 + - name: Github Release + if: ${{ ! steps.release.outputs.skip }} + run: | + if [[ -n $PRERELEASE ]]; then + gh release create "$TAG" --prerelease --notes "docker pull ghcr.io/neuro-inc/platformstorageapi:$VERSION" + else + gh release create "$TAG" --notes "docker pull ghcr.io/neuro-inc/platformstorageapi:$VERSION" + fi + shell: bash + env: + TAG: ${{ steps.release.outputs.tag }} + VERSION: ${{ steps.release.outputs.version }} + GH_TOKEN: ${{ secrets.GH_TOKEN }} + PRERELEASE: ${{ steps.release.outputs.prerelease }} + publish_chart: + name: Publish Helm chart + runs-on: ubuntu-latest + needs: publish_image + if: ${{ ! needs.publish_image.outputs.skip }} + concurrency: release_helm_chart + steps: + - name: Checkout + uses: actions/checkout@v2 + - name: Checkout commit + run: git checkout ${{ github.event.workflow_run.head_sha }} + - name: Configure Git + run: | + git config user.name "$GITHUB_ACTOR" + git config user.email "$GITHUB_ACTOR@users.noreply.github.com" + - name: Install Helm + uses: azure/setup-helm@v1 + with: + version: v3.7.0 + - name: Create chart + run: make helm_create_chart + env: + IMAGE_REGISTRY: github + TAG: ${{ needs.publish_image.outputs.tag }} + GITHUB_OWNER: ${{ github.repository_owner }} + HELM_CHART_VERSION: ${{ needs.publish_image.outputs.version }} + HELM_APP_VERSION: ${{ needs.publish_image.outputs.version }} + - name: Release chart + uses: helm/chart-releaser-action@v1.2.1 + env: + CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/Makefile b/Makefile index 17cb437e..b4528c17 100644 --- a/Makefile +++ b/Makefile @@ -4,44 +4,33 @@ AWS_REGION ?= us-east-1 AZURE_RG_NAME ?= dev AZURE_ACR_NAME ?= crc570d91c95c6aac0ea80afb1019a0c6f -ARTIFACTORY_DOCKER_REPO ?= neuro-docker-local-public.jfrog.io -ARTIFACTORY_HELM_REPO ?= https://neuro.jfrog.io/artifactory/helm-local-public - -HELM_ENV ?= dev +GITHUB_OWNER ?= neuro-inc TAG ?= latest -IMAGE_NAME ?= platformstorageapi -IMAGE ?= $(IMAGE_NAME):$(TAG) +IMAGE_REPO_gke = $(GKE_DOCKER_REGISTRY)/$(GKE_PROJECT_ID) +IMAGE_REPO_aws = $(AWS_ACCOUNT_ID).dkr.ecr.$(AWS_REGION).amazonaws.com +IMAGE_REPO_azure = $(AZURE_ACR_NAME).azurecr.io +IMAGE_REPO_github = ghcr.io/$(GITHUB_OWNER) -CLOUD_IMAGE_REPO_gke ?= $(GKE_DOCKER_REGISTRY)/$(GKE_PROJECT_ID) -CLOUD_IMAGE_REPO_aws ?= $(AWS_ACCOUNT_ID).dkr.ecr.$(AWS_REGION).amazonaws.com -CLOUD_IMAGE_REPO_azure ?= $(AZURE_ACR_NAME).azurecr.io -CLOUD_IMAGE_REPO_BASE ?= ${CLOUD_IMAGE_REPO_${CLOUD_PROVIDER}} -CLOUD_IMAGE_REPO ?= $(CLOUD_IMAGE_REPO_BASE)/$(IMAGE_NAME) -CLOUD_IMAGE ?= $(CLOUD_IMAGE_REPO):$(TAG) +IMAGE_REGISTRY ?= aws -ARTIFACTORY_IMAGE_REPO = $(ARTIFACTORY_DOCKER_REPO)/$(IMAGE_NAME) -ARTIFACTORY_IMAGE = $(ARTIFACTORY_IMAGE_REPO):$(TAG) +IMAGE_NAME = platformstorageapi +IMAGE_REPO_BASE = $(IMAGE_REPO_$(IMAGE_REGISTRY)) +IMAGE_REPO = $(IMAGE_REPO_BASE)/$(IMAGE_NAME) -HELM_CHART = platformstorageapi +HELM_ENV ?= dev +HELM_CHART = platform-storage +HELM_CHART_VERSION ?= 1.0.0 +HELM_APP_VERSION ?= 1.0.0 -export CLOUD_IMAGE_REPO_BASE +export IMAGE_REPO_BASE setup: pip install -U pip pip install -e .[dev] pre-commit install -build: - rm -rf build dist - pip install -U build - python -m build - docker build \ - --build-arg PYTHON_BASE=slim-buster \ - -t $(IMAGE) . - docker tag $(IMAGE) $(IMAGE_NAME):latest - format: ifdef CI_LINT_RUN pre-commit run --all-files --show-diff-on-failure @@ -68,7 +57,23 @@ run: -p 8080:8080 \ -v /tmp/np_storage:/tmp/np_storage \ -e NP_STORAGE_LOCAL_BASE_PATH=/tmp/np_storage \ - $(IMAGE) + $(IMAGE_NAME):latest + +docker_build: + rm -rf build dist + pip install -U build + python -m build + docker build \ + --build-arg PYTHON_BASE=slim-buster \ + -t $(IMAGE) . + docker tag $(IMAGE) $(IMAGE_NAME):latest + +docker_push: docker_build + docker tag $(IMAGE_NAME):latest $(IMAGE_REPO):$(TAG) + docker push $(IMAGE_REPO):$(TAG) + + docker tag $(IMAGE_NAME):latest $(IMAGE_REPO):latest + docker push $(IMAGE_REPO):latest gke_login: sudo /opt/google-cloud-sdk/bin/gcloud --quiet components update --version 204.0.0 @@ -88,37 +93,17 @@ aws_k8s_login: azure_k8s_login: az aks get-credentials --resource-group $(AZURE_RG_NAME) --name $(CLUSTER_NAME) -helm_install: - curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash -s -- -v $(HELM_VERSION) - helm plugin install https://github.com/belitre/helm-push-artifactory-plugin --version 1.0.2 - -docker_push: build - docker tag $(IMAGE) $(CLOUD_IMAGE) - docker push $(CLOUD_IMAGE) - -_helm_fetch: - rm -rf temp_deploy/$(HELM_CHART) - mkdir -p temp_deploy/$(HELM_CHART) - cp -Rf deploy/$(HELM_CHART) temp_deploy/ - find temp_deploy/$(HELM_CHART) -type f -name 'values*' -delete - -_helm_expand_vars: - export IMAGE_REPO=$(ARTIFACTORY_IMAGE_REPO); \ +helm_create_chart: + export IMAGE_REPO=$(IMAGE_REPO); \ export IMAGE_TAG=$(TAG); \ - cat deploy/$(HELM_CHART)/values-template.yaml | envsubst > temp_deploy/$(HELM_CHART)/values.yaml - -helm_deploy: _helm_fetch _helm_expand_vars - helm upgrade $(HELM_CHART) temp_deploy/$(HELM_CHART) \ - -f deploy/$(HELM_CHART)/values-$(HELM_ENV).yaml \ - --set "image.repository=$(CLOUD_IMAGE_REPO)" \ - --namespace platform --install --wait --timeout 600s - -artifactory_docker_push: build - docker tag $(IMAGE) $(ARTIFACTORY_IMAGE) - docker push $(ARTIFACTORY_IMAGE) - -artifactory_helm_push: _helm_fetch _helm_expand_vars - helm package --app-version=$(TAG) --version=$(TAG) temp_deploy/$(HELM_CHART) - helm push-artifactory $(HELM_CHART)-$(TAG).tgz $(ARTIFACTORY_HELM_REPO) \ - --username $(ARTIFACTORY_USERNAME) \ - --password $(ARTIFACTORY_PASSWORD) + export CHART_VERSION=$(HELM_CHART_VERSION); \ + export APP_VERSION=$(HELM_APP_VERSION); \ + VALUES=$$(cat charts/$(HELM_CHART)/values.yaml | envsubst); \ + echo "$$VALUES" > charts/$(HELM_CHART)/values.yaml; \ + CHART=$$(cat charts/$(HELM_CHART)/Chart.yaml | envsubst); \ + echo "$$CHART" > charts/$(HELM_CHART)/Chart.yaml + +helm_deploy: helm_create_chart + helm upgrade $(HELM_CHART) charts/$(HELM_CHART) \ + -f charts/$(HELM_CHART)/values-$(HELM_ENV).yaml \ + --namespace platform --install --wait --timeout 600 diff --git a/charts/platform-storage/.helmignore b/charts/platform-storage/.helmignore new file mode 100644 index 00000000..8339b96b --- /dev/null +++ b/charts/platform-storage/.helmignore @@ -0,0 +1 @@ +values-*.yaml diff --git a/charts/platform-storage/Chart.yaml b/charts/platform-storage/Chart.yaml new file mode 100644 index 00000000..8fef6e68 --- /dev/null +++ b/charts/platform-storage/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v2 +name: platform-storage +description: A Helm chart for platform-storage service +version: $CHART_VERSION +appVersion: $APP_VERSION diff --git a/charts/platform-storage/templates/_helpers.tpl b/charts/platform-storage/templates/_helpers.tpl new file mode 100644 index 00000000..7695a893 --- /dev/null +++ b/charts/platform-storage/templates/_helpers.tpl @@ -0,0 +1,27 @@ +{{- define "platformStorage.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{- define "platformStorage.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{- define "platformStorage.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" -}} +{{- end -}} + +{{- define "platformStorage.labels.standard" -}} +app: {{ include "platformStorage.name" . }} +chart: {{ include "platformStorage.chart" . }} +heritage: {{ .Release.Service | quote }} +release: {{ .Release.Name | quote }} +{{- end -}} diff --git a/deploy/platformstorageapi/templates/deployment.yaml b/charts/platform-storage/templates/deployment.yaml similarity index 91% rename from deploy/platformstorageapi/templates/deployment.yaml rename to charts/platform-storage/templates/deployment.yaml index bcb3d5f1..1218324c 100644 --- a/deploy/platformstorageapi/templates/deployment.yaml +++ b/charts/platform-storage/templates/deployment.yaml @@ -1,12 +1,16 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: platformstorageapi + name: {{ include "platformStorage.fullname" . }} + labels: {{ include "platformStorage.labels.standard" . | nindent 4 }} + service: storage spec: replicas: {{ .Values.replicas }} selector: matchLabels: - service: platformstorageapi + app: {{ include "platformStorage.name" . }} + release: {{ .Release.Name }} + service: storage strategy: rollingUpdate: maxSurge: 1 @@ -15,7 +19,9 @@ spec: template: metadata: labels: - service: platformstorageapi + app: {{ include "platformStorage.name" . }} + release: {{ .Release.Name }} + service: storage {{- if .Values.secrets }} annotations: checksum/secret: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }} diff --git a/deploy/platformstorageapi/templates/ingress.yaml b/charts/platform-storage/templates/ingress.yaml similarity index 70% rename from deploy/platformstorageapi/templates/ingress.yaml rename to charts/platform-storage/templates/ingress.yaml index c6cda849..a596565f 100644 --- a/deploy/platformstorageapi/templates/ingress.yaml +++ b/charts/platform-storage/templates/ingress.yaml @@ -2,7 +2,9 @@ apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: - name: platformstorageapi + name: {{ include "platformStorage.fullname" . }} + labels: {{ include "platformStorage.labels.standard" . | nindent 4 }} + service: storage annotations: kubernetes.io/ingress.class: traefik traefik.frontend.rule.type: PathPrefix @@ -17,7 +19,7 @@ spec: paths: - path: /api/v1/storage backend: - serviceName: platformstorageapi + serviceName: {{ include "platformStorage.fullname" $ }} servicePort: http {{- end }} {{- end }} diff --git a/deploy/platformstorageapi/templates/secrets.yaml b/charts/platform-storage/templates/secrets.yaml similarity index 70% rename from deploy/platformstorageapi/templates/secrets.yaml rename to charts/platform-storage/templates/secrets.yaml index e7850fea..2b8c1f08 100644 --- a/deploy/platformstorageapi/templates/secrets.yaml +++ b/charts/platform-storage/templates/secrets.yaml @@ -4,6 +4,8 @@ apiVersion: v1 kind: Secret metadata: name: {{ .name | quote }} + labels: {{ include "platformStorage.labels.standard" $ | nindent 4 }} + service: storage type: Opaque data: {{- range $key, $value := .data }} diff --git a/deploy/platformstorageapi/templates/service.yaml b/charts/platform-storage/templates/service.yaml similarity index 53% rename from deploy/platformstorageapi/templates/service.yaml rename to charts/platform-storage/templates/service.yaml index 9eb88a7c..7bba02e5 100644 --- a/deploy/platformstorageapi/templates/service.yaml +++ b/charts/platform-storage/templates/service.yaml @@ -1,10 +1,12 @@ apiVersion: v1 kind: Service metadata: + name: {{ include "platformStorage.fullname" . }} + labels: {{ include "platformStorage.labels.standard" . | nindent 4 }} + service: storage annotations: traefik.ingress.kubernetes.io/affinity: "true" traefik.ingress.kubernetes.io/session-cookie-name: NEURO_STORAGEAPI_SESSION - name: platformstorageapi spec: type: ClusterIP ports: @@ -12,4 +14,6 @@ spec: port: 8080 targetPort: tcp-web selector: - service: platformstorageapi + app: {{ include "platformStorage.name" . }} + release: {{ .Release.Name }} + service: storage diff --git a/deploy/platformstorageapi/values-dev.yaml b/charts/platform-storage/values-dev.yaml similarity index 100% rename from deploy/platformstorageapi/values-dev.yaml rename to charts/platform-storage/values-dev.yaml diff --git a/deploy/platformstorageapi/values-template.yaml b/charts/platform-storage/values.yaml similarity index 100% rename from deploy/platformstorageapi/values-template.yaml rename to charts/platform-storage/values.yaml diff --git a/deploy/README b/deploy/README deleted file mode 100644 index 0b691647..00000000 --- a/deploy/README +++ /dev/null @@ -1,24 +0,0 @@ - - -### _cd_ to _deploy_ folder -``` cd deploy ``` - -### Connect to cluster -```gcloud container clusters get-credentials prod-cluster-01 --zone us-west1-b --project production-228907``` - - - -# Deploy in Production cluster - -### Deploy platform-registry-api -```helm --set "global.env=prod" upgrade --install platformstorageapi platformstorageapi``` - - - -#Deploy in staging and dev clusters - -Dev : - - helm --set "global.env=dev" upgrade --install platformstorageapi --name=platformstorageapi - -Staging : - - helm --set "global.env=stage" upgrade --install platformstorageapi --name=platformstorageapi diff --git a/deploy/platformstorageapi/Chart.yaml b/deploy/platformstorageapi/Chart.yaml deleted file mode 100644 index bc08f06b..00000000 --- a/deploy/platformstorageapi/Chart.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: v2 -name: platformstorageapi -description: Deploy platformstorageapi -version: 0.0.1 -appVersion: 0.0.1 diff --git a/tests/docker/e2e.compose.yml b/tests/docker/e2e.compose.yml index 331a30d9..6b3352fa 100644 --- a/tests/docker/e2e.compose.yml +++ b/tests/docker/e2e.compose.yml @@ -1,7 +1,7 @@ version: "3" services: auth_server: - image: ${CLOUD_IMAGE_REPO_BASE}/platformauthapi:latest + image: ${IMAGE_REPO_BASE}/platformauthapi:latest ports: - "5003:5003" environment: