From dc411c04f024bf7e2f0029c6b2f58a77f205c42a Mon Sep 17 00:00:00 2001 From: Filip Nikolov Date: Thu, 6 Dec 2018 12:07:45 +0200 Subject: [PATCH 01/11] Initial Jenkins pipeline commit --- Dockerfile | 5 ++ Jenkinsfile | 163 ++++++++++++++++++++++++++++++++++++++++++++++ docker/nginx.conf | 82 +++++++++++++++++++++++ 3 files changed, 250 insertions(+) create mode 100644 Dockerfile create mode 100644 Jenkinsfile create mode 100644 docker/nginx.conf diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..93f9f7f --- /dev/null +++ b/Dockerfile @@ -0,0 +1,5 @@ +FROM nginx:stable-alpine + +COPY build /usr/share/nginx/html/ +COPY docker/nginx.conf /etc/nginx/conf.d/default.conf + diff --git a/Jenkinsfile b/Jenkinsfile new file mode 100644 index 0000000..83a90b4 --- /dev/null +++ b/Jenkinsfile @@ -0,0 +1,163 @@ +#!/usr/bin/env groovy + +@Library('nynja-common') _ + +pipeline { + environment { + SLACK_CHANNEL = "#nynja-devops-feed" + NAMESPACE = "admin-console" + APP_NAME = "admin-console-web" + IMAGE_NAME = "eu.gcr.io/nynja-ci-201610/${NAMESPACE}/${APP_NAME}" + IMAGE_BUILD_TAG = "$BRANCH_NAME-$BUILD_NUMBER" + HELM_CHART_NAME = "admin-console-web" + DEV_BRANCH = "CI" + } + agent { + kubernetes(builders.multi([ + "nodejs":"node:10.14.1", + "helm":"lachlanevenson/k8s-helm:v2.9.1" + ])) + } + options { + skipDefaultCheckout() + buildDiscarder(logRotator(numToKeepStr: '15')) + } + stages { + stage('Checkout') { + steps { + container('nodejs') { + script { + def vars = checkout scm + vars.each { k,v -> env.setProperty(k, v) } + } + slackSend channel: SLACK_CHANNEL, message: slackStartMsg() + slackSend channel: SLACK_CHANNEL, message: "", attachments: slackBuildInfo() + } + } + } + /* + stage('Build PR') { + when { + branch 'PR-*' + } + stages { + stage('Build') { + steps { + echo 'build & test' + dockerBuildAndPushToRegistry "${NAMESPACE}/${APP_NAME}", [IMAGE_BUILD_TAG] + } + } + stage('Deploy preview') { + steps { + echo 'build & test' + } + } + } + } + */ + stage('Build Dev') { + when { + branch env.DEV_BRANCH + } + stages { + stage('Build') { + steps { + container('nodejs') { + sh 'npm install' + sh 'npm run build' + dockerBuildAndPushToRegistry "${NAMESPACE}/${APP_NAME}", [IMAGE_BUILD_TAG] + } + } + } + stage("Helm chart") { + steps { + container('helm') { + helmBuildAndPushToRegistry HELM_CHART_NAME + } + } + } + stage('Deploy preview') { + steps { + deployHelmTo "dev", NAMESPACE + } + } + } + post { + success { + container('nodejs') { slackSend channel: SLACK_CHANNEL, message: slackEndMsg(), color: 'good' } + } + failure { + container('nodejs') { slackSend channel: SLACK_CHANNEL, message: slackEndMsg(), color: 'danger' } + } + } + } + stage('Build Release') { + when { + branch 'master' + } + stages { + stage("Build") { + steps { + container('nodejs') { + sh 'npm install' + sh 'npm run build' + dockerBuildAndPushToRegistry "${NAMESPACE}/${APP_NAME}", [IMAGE_BUILD_TAG] + } + } + } + stage("Helm chart") { + steps { + container('helm') { + helmBuildAndPushToRegistry HELM_CHART_NAME + } + } + } + stage("Approval: Deploy to staging ?") { + steps { + slackSend channel: SLACK_CHANNEL, message: "$APP_NAME: build #$BUILD_NUMBER ready to deploy to `STAGING`, approval required: $BUILD_URL (24h)" + + timeout(time: 24, unit: 'HOURS') { input 'Deploy to staging ?' } + } + post { failure { echo 'Deploy aborted for build #...' }} + } + stage("Deploy to staging") { + steps { + slackSend channel: SLACK_CHANNEL, message: "$APP_NAME: deploying build #$BUILD_NUMBER to `STAGING`" + deployHelmTo "staging", NAMESPACE + } + } + stage("Approval: Deploy to production ?") { + steps { + slackSend channel: SLACK_CHANNEL, message: "$APP_NAME: build #$BUILD_NUMBER ready to deploy to `PRODUCTION`, approval required: $BUILD_URL (24h)" + + timeout(time: 7, unit: 'DAYS') { input 'Deploy to production ?' } + } + post { failure { echo 'Deploy aborted for build #...' }} + } + stage('Tagging release') { + steps { + container('nodejs') { + // Updating the "latest tag" + dockerTagLatestAndPushToRegistry "${NAMESPACE}/${APP_NAME}", IMAGE_BUILD_TAG + } + } + } + /* + stage('Deploy release to canary') { + steps { + slackSend channel: SLACK_CHANNEL, message: "$APP_NAME: deploying build #$BUILD_NUMBER to `PRODUCTION` (canary)" + echo "deploy to canary" + } + } + */ + stage("Deploy to production") { + steps { + slackSend channel: SLACK_CHANNEL, message: "$APP_NAME: deploying build #$BUILD_NUMBER to `PRODUCTION`" + + deployHelmTo "prod", NAMESPACE + } + } + } + } + } +} diff --git a/docker/nginx.conf b/docker/nginx.conf new file mode 100644 index 0000000..b2c96d7 --- /dev/null +++ b/docker/nginx.conf @@ -0,0 +1,82 @@ +server { + listen 80; + server_name _; + + charset utf-8; + #access_log /var/log/nginx/host.access.log main; + + # GZIP settings + gzip on; + gzip_comp_level 5; + gzip_disable "msie6"; + gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript; + + location / { + root /usr/share/nginx/html; + index index.html; + try_files $uri /index.html; + + set $auth_type "Restricted"; + # Handle join links (ex. join.nynja.net/123) + set $join_link 0; + + if ( $host ~ ^join\.(?.+)$ ) { + set $join_link 1; + set $auth_type "off"; + } + if ($request_uri ~ ^/.well-known/.*$ ) { + set $join_link 0; + set $auth_type "off"; + } + if ($join_link = 1) { + return 302 https://web.$domain/join$request_uri; + } + + auth_basic $auth_type; + auth_basic_user_file /usr/share/nginx/html/.htpasswd; + } + + location /status { + auth_basic off; + return 200; + } + + # Webpack debug proxy (temporary) + #location /debug { + # proxy_set_header X-Forwarded-For $remote_addr; + # proxy_set_header Host $http_host; + # proxy_pass "http://127.0.0.1:8080"; + #} + + #error_page 404 /404.html; + + # redirect server error pages to the static page /50x.html + # + #error_page 500 502 503 504 /50x.html; + #location = /50x.html { + # root /usr/share/nginx/html; + #} + + # proxy the PHP scripts to Apache listening on 127.0.0.1:80 + # + #location ~ \.php$ { + # proxy_pass http://127.0.0.1; + #} + + # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 + # + #location ~ \.php$ { + # root html; + # fastcgi_pass 127.0.0.1:9000; + # fastcgi_index index.php; + # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; + # include fastcgi_params; + #} + + # deny access to .htaccess files, if Apache's document root + # concurs with nginx's one + # + location ~ /\.ht { + deny all; + } +} -- GitLab From 5091dadd111be49dee0fe85b0c1d38f30a529add Mon Sep 17 00:00:00 2001 From: Filip Nikolov Date: Mon, 10 Dec 2018 15:54:50 +0200 Subject: [PATCH 02/11] NY-6067 Docker file configuration. --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 93f9f7f..c571ace 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ FROM nginx:stable-alpine COPY build /usr/share/nginx/html/ -COPY docker/nginx.conf /etc/nginx/conf.d/default.conf +#COPY docker/nginx.conf /etc/nginx/conf.d/default.conf -- GitLab From 2c1bdae5114a999b6dc640321f4930e16eb0de84 Mon Sep 17 00:00:00 2001 From: Filip Nikolov Date: Mon, 10 Dec 2018 15:55:34 +0200 Subject: [PATCH 03/11] NY-5975 Configure Helm template. --- charts/admin-console-web/.helmignore | 21 +++++ charts/admin-console-web/Chart.yaml | 5 ++ .../admin-console-web/templates/00-label.yaml | 32 ++++++++ .../admin-console-web/templates/_helpers.tpl | 32 ++++++++ .../templates/deployment.yaml | 81 +++++++++++++++++++ .../admin-console-web/templates/service.yaml | 18 +++++ .../templates/virtualservice.yaml | 24 ++++++ charts/admin-console-web/values.yaml | 44 ++++++++++ releases/dev/admin-console.yaml | 31 +++++++ 9 files changed, 288 insertions(+) create mode 100644 charts/admin-console-web/.helmignore create mode 100644 charts/admin-console-web/Chart.yaml create mode 100644 charts/admin-console-web/templates/00-label.yaml create mode 100644 charts/admin-console-web/templates/_helpers.tpl create mode 100644 charts/admin-console-web/templates/deployment.yaml create mode 100644 charts/admin-console-web/templates/service.yaml create mode 100644 charts/admin-console-web/templates/virtualservice.yaml create mode 100644 charts/admin-console-web/values.yaml create mode 100644 releases/dev/admin-console.yaml diff --git a/charts/admin-console-web/.helmignore b/charts/admin-console-web/.helmignore new file mode 100644 index 0000000..f0c1319 --- /dev/null +++ b/charts/admin-console-web/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/charts/admin-console-web/Chart.yaml b/charts/admin-console-web/Chart.yaml new file mode 100644 index 0000000..d39ad85 --- /dev/null +++ b/charts/admin-console-web/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +appVersion: "1.0" +description: Deployment of the nynja adming console. +name: admin-console-web +version: 0.1.0 diff --git a/charts/admin-console-web/templates/00-label.yaml b/charts/admin-console-web/templates/00-label.yaml new file mode 100644 index 0000000..dd5d17a --- /dev/null +++ b/charts/admin-console-web/templates/00-label.yaml @@ -0,0 +1,32 @@ +# This hook depends on helm creating the target namespace if it doesn't exist +# before the hook is called. This is the case on Helm v2.9.1 +apiVersion: batch/v1 +kind: Job +metadata: + name: enable-istio-injection-{{ .Release.Namespace }} + namespace: kube-system + labels: + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + app.kubernetes.io/managed-by: {{.Release.Service | quote }} + app.kubernetes.io/instance: {{.Release.Name | quote }} + helm.sh/chart: "{{.Chart.Name}}-{{.Chart.Version}}" + annotations: + helm.sh/hook: pre-install + helm.sh/hook-delete-policy: hook-before-creation,hook-succeeded +spec: + template: + spec: + containers: + - name: labeler + image: gcr.io/google_containers/hyperkube:v1.9.7 + command: + - kubectl + - label + - --overwrite + - ns + - {{ .Release.Namespace }} + - istio-injection=enabled + restartPolicy: Never + # use tiller service account since it should have permissions to do namespace labeling + serviceAccountName: tiller diff --git a/charts/admin-console-web/templates/_helpers.tpl b/charts/admin-console-web/templates/_helpers.tpl new file mode 100644 index 0000000..a7d3139 --- /dev/null +++ b/charts/admin-console-web/templates/_helpers.tpl @@ -0,0 +1,32 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "admin-console-web.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "admin-console-web.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "admin-console-web.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} diff --git a/charts/admin-console-web/templates/deployment.yaml b/charts/admin-console-web/templates/deployment.yaml new file mode 100644 index 0000000..0895de5 --- /dev/null +++ b/charts/admin-console-web/templates/deployment.yaml @@ -0,0 +1,81 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ template "admin-console-web.fullname" . }} + labels: + app: {{ template "admin-console-web.name" . }} + chart: {{ template "admin-console-web.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ template "admin-console-web.name" . }} + release: {{ .Release.Name }} + template: + metadata: + annotations: + sidecar.istio.io/inject: "true" + labels: + app: {{ template "admin-console-web.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - name: nginx-admin + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: 80 +# volumeMounts: +# - mountPath: /usr/share/nginx/html/.well-known +# name: well-known-files +# readOnly: true +#{{- if .Values.auth.basic.enabled }} +# - mountPath: /usr/share/nginx/html/.htpasswd +# name: htpasswd +# readOnly: true +# subPath: .htpasswd +#{{- end }} +# readinessProbe: +# httpGet: +# path: /status +# port: http +# successThreshold: 1 +# failureThreshold: 10 +# initialDelaySeconds: 10 +# periodSeconds: 3 +# timeoutSeconds: 5 +# livenessProbe: +# httpGet: +# path: /status +# port: http +# successThreshold: 1 +# failureThreshold: 10 +# initialDelaySeconds: 30 +# periodSeconds: 3 +# timeoutSeconds: 5 + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- with .Values.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} + {{- end }} +# volumes: +# - name: well-known-files +# configMap: +# name: {{ template "admin-console-web.fullname" . }}-well-known-files +#{{- if .Values.auth.basic.enabled }} +# - name: htpasswd +# secret: +# secretName: {{ template "admin-console-web.fullname" . }}-htpasswd +#{{- end }} diff --git a/charts/admin-console-web/templates/service.yaml b/charts/admin-console-web/templates/service.yaml new file mode 100644 index 0000000..02912e2 --- /dev/null +++ b/charts/admin-console-web/templates/service.yaml @@ -0,0 +1,18 @@ +kind: Service +apiVersion: v1 +metadata: + name: {{ template "admin-console-web.fullname" . }} + labels: + app: {{ template "admin-console-web.name" . }} + chart: {{ template "admin-console-web.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + selector: + app: {{ template "admin-console-web.name" . }} + release: {{ .Release.Name }} + ports: + - protocol: TCP + port: 80 + targetPort: 80 + name: http diff --git a/charts/admin-console-web/templates/virtualservice.yaml b/charts/admin-console-web/templates/virtualservice.yaml new file mode 100644 index 0000000..58b00db --- /dev/null +++ b/charts/admin-console-web/templates/virtualservice.yaml @@ -0,0 +1,24 @@ +apiVersion: networking.istio.io/v1alpha3 +kind: VirtualService +metadata: + name: {{ template "admin-console-web.fullname" . }} + labels: + app: {{ template "admin-console-web.name" . }} + chart: {{ template "admin-console-web.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + gateways: + {{- range .Values.gateway.selector }} + - {{ . }} + {{- end }} + hosts: + {{- range .Values.gateway.hosts }} + - {{ . }} + {{- end }} + http: + - route: + - destination: + host: {{ template "admin-console-web.fullname" . }} + port: + number: 80 diff --git a/charts/admin-console-web/values.yaml b/charts/admin-console-web/values.yaml new file mode 100644 index 0000000..fec2c9b --- /dev/null +++ b/charts/admin-console-web/values.yaml @@ -0,0 +1,44 @@ + +replicaCount: 1 + +auth: + # Whether of not basic auth should be enabled to access the website + basic: + enabled: true + # the .htpasswd file content, sealed for the target environment (cluster + namespace) + sealedSecret: + +image: + repository: eu.gcr.io/nynja-ci-201610/admin-console/admin-console-web + tag: stable + pullPolicy: IfNotPresent + +gateway: + selector: + - api-gateway.default.svc.cluster.local + hosts: + - web.nynja.net + +wellKnown: + appleAppSiteAssociation: + appId: + +mqtt: + host: messaging-service.messaging.svc.cluster.local + +confcall: + service: calling-service.callconf.svc.cluster.local + +resources: + limits: + cpu: 100m + memory: 200Mi + requests: + cpu: 50m + memory: 100Mi + +nodeSelector: {} + +tolerations: [] + +affinity: {} diff --git a/releases/dev/admin-console.yaml b/releases/dev/admin-console.yaml new file mode 100644 index 0000000..100e6a8 --- /dev/null +++ b/releases/dev/admin-console.yaml @@ -0,0 +1,31 @@ +kind: HelmRelease +metadata: + name: admin-console + namespace: content +spec: + chart: + name: admin-console + values: + replicaCount: 1 + + image: + repository: ${IMAGE_NAME} + tag: ${IMAGE_BUILD_TAG} + + gateway: + selector: + - api-gateway.default.svc.cluster.local + hosts: + - content.dev-eu.nynja.net + + resources: + limits: + cpu: 1 + memory: 1500Mi + requests: + cpu: 500m + memory: 1000Mi + + # ports: + # containerPort: + # http: 8001 -- GitLab From c0449fdcd70e7fd73ed63fc4744d5d5924192f86 Mon Sep 17 00:00:00 2001 From: Filip Nikolov Date: Tue, 11 Dec 2018 09:41:52 +0200 Subject: [PATCH 04/11] NY-5975 Change naming convention. --- .../.helmignore | 0 .../Chart.yaml | 2 +- .../templates/00-label.yaml | 0 .../templates/_helpers.tpl | 6 +++--- .../templates/deployment.yaml | 14 +++++++------- .../templates/service.yaml | 8 ++++---- .../templates/virtualservice.yaml | 8 ++++---- .../values.yaml | 0 8 files changed, 19 insertions(+), 19 deletions(-) rename charts/{admin-console-web => admin-console}/.helmignore (100%) rename charts/{admin-console-web => admin-console}/Chart.yaml (80%) rename charts/{admin-console-web => admin-console}/templates/00-label.yaml (100%) rename charts/{admin-console-web => admin-console}/templates/_helpers.tpl (88%) rename charts/{admin-console-web => admin-console}/templates/deployment.yaml (82%) rename charts/{admin-console-web => admin-console}/templates/service.yaml (54%) rename charts/{admin-console-web => admin-console}/templates/virtualservice.yaml (63%) rename charts/{admin-console-web => admin-console}/values.yaml (100%) diff --git a/charts/admin-console-web/.helmignore b/charts/admin-console/.helmignore similarity index 100% rename from charts/admin-console-web/.helmignore rename to charts/admin-console/.helmignore diff --git a/charts/admin-console-web/Chart.yaml b/charts/admin-console/Chart.yaml similarity index 80% rename from charts/admin-console-web/Chart.yaml rename to charts/admin-console/Chart.yaml index d39ad85..2ba852c 100644 --- a/charts/admin-console-web/Chart.yaml +++ b/charts/admin-console/Chart.yaml @@ -1,5 +1,5 @@ apiVersion: v1 appVersion: "1.0" description: Deployment of the nynja adming console. -name: admin-console-web +name: admin-console version: 0.1.0 diff --git a/charts/admin-console-web/templates/00-label.yaml b/charts/admin-console/templates/00-label.yaml similarity index 100% rename from charts/admin-console-web/templates/00-label.yaml rename to charts/admin-console/templates/00-label.yaml diff --git a/charts/admin-console-web/templates/_helpers.tpl b/charts/admin-console/templates/_helpers.tpl similarity index 88% rename from charts/admin-console-web/templates/_helpers.tpl rename to charts/admin-console/templates/_helpers.tpl index a7d3139..6501da3 100644 --- a/charts/admin-console-web/templates/_helpers.tpl +++ b/charts/admin-console/templates/_helpers.tpl @@ -2,7 +2,7 @@ {{/* Expand the name of the chart. */}} -{{- define "admin-console-web.name" -}} +{{- define "admin-console.name" -}} {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} {{- end -}} @@ -11,7 +11,7 @@ Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). If release name contains chart name it will be used as a full name. */}} -{{- define "admin-console-web.fullname" -}} +{{- define "admin-console.fullname" -}} {{- if .Values.fullnameOverride -}} {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} {{- else -}} @@ -27,6 +27,6 @@ If release name contains chart name it will be used as a full name. {{/* Create chart name and version as used by the chart label. */}} -{{- define "admin-console-web.chart" -}} +{{- define "admin-console.chart" -}} {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} {{- end -}} diff --git a/charts/admin-console-web/templates/deployment.yaml b/charts/admin-console/templates/deployment.yaml similarity index 82% rename from charts/admin-console-web/templates/deployment.yaml rename to charts/admin-console/templates/deployment.yaml index 0895de5..b3f944d 100644 --- a/charts/admin-console-web/templates/deployment.yaml +++ b/charts/admin-console/templates/deployment.yaml @@ -1,24 +1,24 @@ apiVersion: extensions/v1beta1 kind: Deployment metadata: - name: {{ template "admin-console-web.fullname" . }} + name: {{ template "admin-console.fullname" . }} labels: - app: {{ template "admin-console-web.name" . }} - chart: {{ template "admin-console-web.chart" . }} + app: {{ template "admin-console.name" . }} + chart: {{ template "admin-console.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} spec: replicas: {{ .Values.replicaCount }} selector: matchLabels: - app: {{ template "admin-console-web.name" . }} + app: {{ template "admin-console.name" . }} release: {{ .Release.Name }} template: metadata: annotations: sidecar.istio.io/inject: "true" labels: - app: {{ template "admin-console-web.name" . }} + app: {{ template "admin-console.name" . }} release: {{ .Release.Name }} spec: containers: @@ -73,9 +73,9 @@ spec: # volumes: # - name: well-known-files # configMap: -# name: {{ template "admin-console-web.fullname" . }}-well-known-files +# name: {{ template "admin-console.fullname" . }}-well-known-files #{{- if .Values.auth.basic.enabled }} # - name: htpasswd # secret: -# secretName: {{ template "admin-console-web.fullname" . }}-htpasswd +# secretName: {{ template "admin-console.fullname" . }}-htpasswd #{{- end }} diff --git a/charts/admin-console-web/templates/service.yaml b/charts/admin-console/templates/service.yaml similarity index 54% rename from charts/admin-console-web/templates/service.yaml rename to charts/admin-console/templates/service.yaml index 02912e2..dca83f1 100644 --- a/charts/admin-console-web/templates/service.yaml +++ b/charts/admin-console/templates/service.yaml @@ -1,15 +1,15 @@ kind: Service apiVersion: v1 metadata: - name: {{ template "admin-console-web.fullname" . }} + name: {{ template "admin-console.fullname" . }} labels: - app: {{ template "admin-console-web.name" . }} - chart: {{ template "admin-console-web.chart" . }} + app: {{ template "admin-console.name" . }} + chart: {{ template "admin-console.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} spec: selector: - app: {{ template "admin-console-web.name" . }} + app: {{ template "admin-console.name" . }} release: {{ .Release.Name }} ports: - protocol: TCP diff --git a/charts/admin-console-web/templates/virtualservice.yaml b/charts/admin-console/templates/virtualservice.yaml similarity index 63% rename from charts/admin-console-web/templates/virtualservice.yaml rename to charts/admin-console/templates/virtualservice.yaml index 58b00db..87b20fc 100644 --- a/charts/admin-console-web/templates/virtualservice.yaml +++ b/charts/admin-console/templates/virtualservice.yaml @@ -1,10 +1,10 @@ apiVersion: networking.istio.io/v1alpha3 kind: VirtualService metadata: - name: {{ template "admin-console-web.fullname" . }} + name: {{ template "admin-console.fullname" . }} labels: - app: {{ template "admin-console-web.name" . }} - chart: {{ template "admin-console-web.chart" . }} + app: {{ template "admin-console.name" . }} + chart: {{ template "admin-console.chart" . }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} spec: @@ -19,6 +19,6 @@ spec: http: - route: - destination: - host: {{ template "admin-console-web.fullname" . }} + host: {{ template "admin-console.fullname" . }} port: number: 80 diff --git a/charts/admin-console-web/values.yaml b/charts/admin-console/values.yaml similarity index 100% rename from charts/admin-console-web/values.yaml rename to charts/admin-console/values.yaml -- GitLab From 6e3e49716526e90bb370e369fd8a3234a82c7af5 Mon Sep 17 00:00:00 2001 From: Filip Nikolov Date: Tue, 11 Dec 2018 10:20:28 +0200 Subject: [PATCH 05/11] Fix naming convention. --- Jenkinsfile | 4 ++-- charts/admin-console/values.yaml | 14 ++------------ 2 files changed, 4 insertions(+), 14 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 83a90b4..7f5a83f 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -6,10 +6,10 @@ pipeline { environment { SLACK_CHANNEL = "#nynja-devops-feed" NAMESPACE = "admin-console" - APP_NAME = "admin-console-web" + APP_NAME = "admin-console-service" IMAGE_NAME = "eu.gcr.io/nynja-ci-201610/${NAMESPACE}/${APP_NAME}" IMAGE_BUILD_TAG = "$BRANCH_NAME-$BUILD_NUMBER" - HELM_CHART_NAME = "admin-console-web" + HELM_CHART_NAME = "admin-console-service" DEV_BRANCH = "CI" } agent { diff --git a/charts/admin-console/values.yaml b/charts/admin-console/values.yaml index fec2c9b..094c1a1 100644 --- a/charts/admin-console/values.yaml +++ b/charts/admin-console/values.yaml @@ -9,7 +9,7 @@ auth: sealedSecret: image: - repository: eu.gcr.io/nynja-ci-201610/admin-console/admin-console-web + repository: eu.gcr.io/nynja-ci-201610/admin-console/admin-console tag: stable pullPolicy: IfNotPresent @@ -17,17 +17,7 @@ gateway: selector: - api-gateway.default.svc.cluster.local hosts: - - web.nynja.net - -wellKnown: - appleAppSiteAssociation: - appId: - -mqtt: - host: messaging-service.messaging.svc.cluster.local - -confcall: - service: calling-service.callconf.svc.cluster.local + - admin-console.dev-eu.nynja.net resources: limits: -- GitLab From aace083b9e82937ee4d1c6719929b35dae280462 Mon Sep 17 00:00:00 2001 From: Filip Nikolov Date: Thu, 13 Dec 2018 10:18:12 +0200 Subject: [PATCH 06/11] NY-5974 Change service name. --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 7f5a83f..a56c744 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -9,7 +9,7 @@ pipeline { APP_NAME = "admin-console-service" IMAGE_NAME = "eu.gcr.io/nynja-ci-201610/${NAMESPACE}/${APP_NAME}" IMAGE_BUILD_TAG = "$BRANCH_NAME-$BUILD_NUMBER" - HELM_CHART_NAME = "admin-console-service" + HELM_CHART_NAME = "admin-console" DEV_BRANCH = "CI" } agent { -- GitLab From ea696bef1ff636413542e6f3f5f861ad511a2725 Mon Sep 17 00:00:00 2001 From: Filip Nikolov Date: Thu, 13 Dec 2018 10:21:23 +0200 Subject: [PATCH 07/11] NY-5975 Add CORS policy. --- .../templates/virtualservice.yaml | 16 ++++++++++++ releases/dev/admin-console.yaml | 26 ++++++++++++++++++- 2 files changed, 41 insertions(+), 1 deletion(-) diff --git a/charts/admin-console/templates/virtualservice.yaml b/charts/admin-console/templates/virtualservice.yaml index 87b20fc..cafac23 100644 --- a/charts/admin-console/templates/virtualservice.yaml +++ b/charts/admin-console/templates/virtualservice.yaml @@ -22,3 +22,19 @@ spec: host: {{ template "admin-console.fullname" . }} port: number: 80 + corsPolicy: + allowOrigin: + {{- range .Values.corsPolicy.allowOrigin }} + - {{ . }} + {{- end }} + allowMethods: + {{- range .Values.corsPolicy.allowMethods}} + - {{ . }} + {{- end }} + allowCredentials: {{ .Values.corsPolicy.allowCredentials }} + allowHeaders: + {{- range .Values.corsPolicy.allowHeaders }} + - {{ . }} + {{- end }} + maxAge: {{ .Values.corsPolicy.maxAge }} + diff --git a/releases/dev/admin-console.yaml b/releases/dev/admin-console.yaml index 100e6a8..fa80e3b 100644 --- a/releases/dev/admin-console.yaml +++ b/releases/dev/admin-console.yaml @@ -16,7 +16,7 @@ spec: selector: - api-gateway.default.svc.cluster.local hosts: - - content.dev-eu.nynja.net + - admin-console.dev-eu.nynja.net resources: limits: @@ -29,3 +29,27 @@ spec: # ports: # containerPort: # http: 8001 + + # CORS policy + corsPolicy: + allowOrigin: + - http://localhost:3000 + - https://localhost + - https://localhost/grpc/ + - http://10.191.224.180:3000 + - https://localhost:8080 + - https://127.0.0.1:8080 + - https://web.dev-eu.nynja.net + - https://web.staging.nynja.net + - https://web.nynja.net + allowMethods: + - POST + - GET + - OPTIONS + allowCredentials: false + allowHeaders: + - content-type + - x-grpc-web + - authorization + maxAge: "600s" + -- GitLab From 4d7e7734ef69d6c81114825fcf92eaa12972d4e3 Mon Sep 17 00:00:00 2001 From: Filip Nikolov Date: Thu, 13 Dec 2018 13:28:18 +0200 Subject: [PATCH 08/11] NY-5974 Use prod profile --- Jenkinsfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index a56c744..8f828a3 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -64,7 +64,7 @@ pipeline { steps { container('nodejs') { sh 'npm install' - sh 'npm run build' + sh 'npm run build:prod' dockerBuildAndPushToRegistry "${NAMESPACE}/${APP_NAME}", [IMAGE_BUILD_TAG] } } @@ -100,7 +100,7 @@ pipeline { steps { container('nodejs') { sh 'npm install' - sh 'npm run build' + sh 'npm run build:prod' dockerBuildAndPushToRegistry "${NAMESPACE}/${APP_NAME}", [IMAGE_BUILD_TAG] } } -- GitLab From ad97847a928015c340d203bf5420b9c030eece0b Mon Sep 17 00:00:00 2001 From: Filip Nikolov Date: Thu, 13 Dec 2018 13:30:23 +0200 Subject: [PATCH 09/11] NY-5975 Add K8s probes and remove commented code. --- .../admin-console/templates/deployment.yaml | 55 ++++++------------- 1 file changed, 18 insertions(+), 37 deletions(-) diff --git a/charts/admin-console/templates/deployment.yaml b/charts/admin-console/templates/deployment.yaml index b3f944d..ce48e4b 100644 --- a/charts/admin-console/templates/deployment.yaml +++ b/charts/admin-console/templates/deployment.yaml @@ -28,34 +28,24 @@ spec: ports: - name: http containerPort: 80 -# volumeMounts: -# - mountPath: /usr/share/nginx/html/.well-known -# name: well-known-files -# readOnly: true -#{{- if .Values.auth.basic.enabled }} -# - mountPath: /usr/share/nginx/html/.htpasswd -# name: htpasswd -# readOnly: true -# subPath: .htpasswd -#{{- end }} -# readinessProbe: -# httpGet: -# path: /status -# port: http -# successThreshold: 1 -# failureThreshold: 10 -# initialDelaySeconds: 10 -# periodSeconds: 3 -# timeoutSeconds: 5 -# livenessProbe: -# httpGet: -# path: /status -# port: http -# successThreshold: 1 -# failureThreshold: 10 -# initialDelaySeconds: 30 -# periodSeconds: 3 -# timeoutSeconds: 5 + readinessProbe: + httpGet: + path: / + port: http + successThreshold: 1 + failureThreshold: 10 + initialDelaySeconds: 20 + periodSeconds: 3 + timeoutSeconds: 5 + livenessProbe: + httpGet: + path: / + port: http + successThreshold: 1 + failureThreshold: 10 + initialDelaySeconds: 10 + periodSeconds: 3 + timeoutSeconds: 5 resources: {{ toYaml .Values.resources | indent 12 }} {{- with .Values.nodeSelector }} @@ -70,12 +60,3 @@ spec: tolerations: {{ toYaml . | indent 8 }} {{- end }} -# volumes: -# - name: well-known-files -# configMap: -# name: {{ template "admin-console.fullname" . }}-well-known-files -#{{- if .Values.auth.basic.enabled }} -# - name: htpasswd -# secret: -# secretName: {{ template "admin-console.fullname" . }}-htpasswd -#{{- end }} -- GitLab From a467af6846269be029bc71125697029a7e774d9b Mon Sep 17 00:00:00 2001 From: Filip Nikolov Date: Thu, 13 Dec 2018 13:31:25 +0200 Subject: [PATCH 10/11] NY-5975 Ignore helm values.yaml file that is used for manual deployments. --- .gitignore | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.gitignore b/.gitignore index 25d7f82..f9ff439 100644 --- a/.gitignore +++ b/.gitignore @@ -6,6 +6,9 @@ # dependencies /node_modules +# Helm release files for testing. +/values.yaml + # testing /coverage -- GitLab From c2bc6099e4fad266166cfad3499a2d3ff3fb1620 Mon Sep 17 00:00:00 2001 From: Filip Nikolov Date: Thu, 13 Dec 2018 14:24:17 +0200 Subject: [PATCH 11/11] NY-5974 Build dev branch. --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index 8f828a3..bae5c12 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -10,7 +10,7 @@ pipeline { IMAGE_NAME = "eu.gcr.io/nynja-ci-201610/${NAMESPACE}/${APP_NAME}" IMAGE_BUILD_TAG = "$BRANCH_NAME-$BUILD_NUMBER" HELM_CHART_NAME = "admin-console" - DEV_BRANCH = "CI" + DEV_BRANCH = "dev" } agent { kubernetes(builders.multi([ -- GitLab