From 1826e9afc07803f7bb71a00edb196a1a8bed175a Mon Sep 17 00:00:00 2001 From: msantos Date: Sat, 24 Aug 2024 20:07:16 +0200 Subject: [PATCH 1/2] Migrate the config.yaml generation to PKL --- .github/workflows/aws.yml | 29 +++++----------- deployment/config/config-file/development.pkl | 16 +++++++++ .../config/config-file/modules/agencia.pkl | 1 + .../config/config-file/modules/aws/s3.pkl | 3 ++ .../config-file/modules/database/mongodb.pkl | 8 +++++ .../config-file/modules/feature_flag.pkl | 3 ++ .../config/config-file/modules/main.pkl | 34 +++++++++++++++++++ .../config/config-file/modules/novu.pkl | 2 ++ .../config/config-file/modules/openai.pkl | 2 ++ deployment/config/config-file/modules/ory.pkl | 5 +++ .../config-file/modules/service/confBase.pkl | 31 +++++++++++++++++ .../config/config-file/modules/zenvia.pkl | 2 ++ deployment/config/config-file/production.pkl | 16 +++++++++ 13 files changed, 131 insertions(+), 21 deletions(-) create mode 100644 deployment/config/config-file/development.pkl create mode 100644 deployment/config/config-file/modules/agencia.pkl create mode 100644 deployment/config/config-file/modules/aws/s3.pkl create mode 100644 deployment/config/config-file/modules/database/mongodb.pkl create mode 100644 deployment/config/config-file/modules/feature_flag.pkl create mode 100644 deployment/config/config-file/modules/main.pkl create mode 100644 deployment/config/config-file/modules/novu.pkl create mode 100644 deployment/config/config-file/modules/openai.pkl create mode 100644 deployment/config/config-file/modules/ory.pkl create mode 100644 deployment/config/config-file/modules/service/confBase.pkl create mode 100644 deployment/config/config-file/modules/zenvia.pkl create mode 100644 deployment/config/config-file/production.pkl diff --git a/.github/workflows/aws.yml b/.github/workflows/aws.yml index 968d5f87f..1d7e50cbc 100644 --- a/.github/workflows/aws.yml +++ b/.github/workflows/aws.yml @@ -21,6 +21,7 @@ env: NEW_RELIC_LICENSE_KEY: ${{ secrets.NEW_RELIC_LICENSE_KEY }} IMAGE: aletheiafact-production ENVIRONMENT: development + ENV: development UMAMI_SITE_ID: ${{ secrets.DEVELOPMENT_UMAMI_SITE_ID }} MONGODB_URI: ${{ secrets.DEVELOPMENT_MONGODB_URI }} MONGODB_NAME: ${{ secrets.DEVELOPMENT_MONGODB_NAME }} @@ -41,7 +42,7 @@ env: ZENVIA_API_URL: ${{ secrets.DEVELOPMENT_ZENVIA_API_URL }} ZENVIA_API_TOKEN: ${{ secrets.DEVELOPMENT_ZENVIA_API_URL }} AGENCIA_ACCESS_TOKEN: ${{ secrets.DEVELOPMENT_AGENCIA_ACCESS_TOKEN }} - + RECAPTCHA_SECRET: ${{ secrets.RECAPTCHA_SECRETKEY }} jobs: setup-build-publish: name: Build & Publish @@ -57,6 +58,7 @@ jobs: sed -i '21{s/test.//}' deployment/app.yml sed -i '11{s/testws./ws./}' deployment/websocket.yml sed -i '11{s/test.//}' config.seed.example.yaml + echo "ENV=production" >> $GITHUB_ENV echo "ENVIRONMENT=production" >> $GITHUB_ENV echo "UMAMI_SITE_ID=${{ secrets.PRODUCTION_UMAMI_SITE_ID }}" >> $GITHUB_ENV echo "NEXT_PUBLIC_UMAMI_SITE_ID=${{ secrets.PRODUCTION_UMAMI_SITE_ID }}" >> $GITHUB_ENV @@ -90,29 +92,14 @@ jobs: id: login-ecr uses: aws-actions/amazon-ecr-login@v1 + - name: Install pkl + uses: pkl-community/setup-pkl@v0 + with: + pkl-version: 0.25.2 # Setting up config.yaml based on environment - name: Set config.yaml - env: - RECAPTCHA_SECRET: ${{ secrets.RECAPTCHA_SECRETKEY }} run: | - sed -i "s%ZENVIA_API_URL%$ZENVIA_API_URL%g" config.$ENVIRONMENT.yaml - sed -i "s%ZENVIA_API_TOKEN%$ZENVIA_API_TOKEN%g" config.$ENVIRONMENT.yaml - sed -i "s/ENV/$ENVIRONMENT/g" config.$ENVIRONMENT.yaml - sed -i "s%RECAPTCHA_SECRET%$RECAPTCHA_SECRET%g" config.$ENVIRONMENT.yaml - sed -i "s%MONGODB_URI%$MONGODB_URI%g" config.$ENVIRONMENT.yaml - sed -i "s%ORY_SDK_URL%$ORY_SDK_URL%g" config.$ENVIRONMENT.yaml - sed -i "s%GITLAB_FEATURE_FLAG_URL%$GITLAB_FEATURE_FLAG_URL%g" config.$ENVIRONMENT.yaml - sed -i "s%GITLAB_FEATURE_FLAG_INSTANCE_ID%$GITLAB_FEATURE_FLAG_INSTANCE_ID%g" config.$ENVIRONMENT.yaml - sed -i "s/ORY_ACCESS_TOKEN/$ORY_ACCESS_TOKEN/g" config.$ENVIRONMENT.yaml - sed -i "s/ALETHEIA_SCHEMA_ID/$ALETHEIA_SCHEMA_ID/g" config.$ENVIRONMENT.yaml - sed -i "s%AWS_SDK_BUCKET%$AWS_SDK_BUCKET%g" config.$ENVIRONMENT.yaml - sed -i "s%AWS_ACCESS_KEY_ID%$AWS_ACCESS_KEY_ID%g" config.$ENVIRONMENT.yaml - sed -i "s%AWS_SECRET_ACCESS_KEY%$AWS_SECRET_ACCESS_KEY%g" config.$ENVIRONMENT.yaml - sed -i "s%NOVU_API_KEY%$NOVU_API_KEY%g" config.$ENVIRONMENT.yaml - sed -i "s%NOVU_APPLICATION_IDENTIFIER%$NOVU_APPLICATION_IDENTIFIER%g" config.$ENVIRONMENT.yaml - sed -i "s%AGENTS_API_URL%$AGENTS_API_URL%g" config.$ENVIRONMENT.yaml - sed -i "s%OPENAI_API_KEY%$OPENAI_API_KEY%g" config.$ENVIRONMENT.yaml - sed -i "s%AGENCIA_ACCESS_TOKEN%$AGENCIA_ACCESS_TOKEN%g" config.$ENVIRONMENT.yaml + pkl eval -f yaml ./deployment/config/config-file/$ENVIRONMENT.pkl > config.$ENVIRONMENT.yaml - name: Set migrate-mongo-config.ts run: | diff --git a/deployment/config/config-file/development.pkl b/deployment/config/config-file/development.pkl new file mode 100644 index 000000000..45fe80914 --- /dev/null +++ b/deployment/config/config-file/development.pkl @@ -0,0 +1,16 @@ +amends "./modules/main.pkl" +import "./modules/database/mongodb.pkl" +appBaseUrl = "aletheiafact.org" + +var = new { + name = "aletheia-development" + conf { + cors = "*" + recaptcha_sitekey = "6Lc2BtYUAAAAAOUBI-9r1sDJUIfG2nt6C43noOXh" + websocketUrl = "wss://testws.\(appBaseUrl) " + baseUrl = "https://test.\(appBaseUrl)" + db = (mongodb) { + atlas = true + } + } +} diff --git a/deployment/config/config-file/modules/agencia.pkl b/deployment/config/config-file/modules/agencia.pkl new file mode 100644 index 000000000..510c4fa1a --- /dev/null +++ b/deployment/config/config-file/modules/agencia.pkl @@ -0,0 +1 @@ +access_token = read("env:AGENCIA_ACCESS_TOKEN") diff --git a/deployment/config/config-file/modules/aws/s3.pkl b/deployment/config/config-file/modules/aws/s3.pkl new file mode 100644 index 000000000..b19e7599f --- /dev/null +++ b/deployment/config/config-file/modules/aws/s3.pkl @@ -0,0 +1,3 @@ +bucket = read("env:AWS_SDK_BUCKET") +accessKeyId = read("env:AWS_ACCESS_KEY_ID") +secretAccessKey = read("env:AWS_SECRET_ACCESS_KEY") diff --git a/deployment/config/config-file/modules/database/mongodb.pkl b/deployment/config/config-file/modules/database/mongodb.pkl new file mode 100644 index 000000000..121337739 --- /dev/null +++ b/deployment/config/config-file/modules/database/mongodb.pkl @@ -0,0 +1,8 @@ +atlas = false +connection_uri = read("env:MONGODB_URI") +options = new { + useUnifiedTopology = true + useNewUrlParser = true + retryWrites = true + w = "majority" +} diff --git a/deployment/config/config-file/modules/feature_flag.pkl b/deployment/config/config-file/modules/feature_flag.pkl new file mode 100644 index 000000000..710329557 --- /dev/null +++ b/deployment/config/config-file/modules/feature_flag.pkl @@ -0,0 +1,3 @@ +url = read("env:GITLAB_FEATURE_FLAG_URL") +appName = read("env:ENV") +instanceId = read("env:GITLAB_FEATURE_FLAG_INSTANCE_ID") diff --git a/deployment/config/config-file/modules/main.pkl b/deployment/config/config-file/modules/main.pkl new file mode 100644 index 000000000..f2e0961d1 --- /dev/null +++ b/deployment/config/config-file/modules/main.pkl @@ -0,0 +1,34 @@ +import "./database/mongodb.pkl" +import "./service/confBase.pkl" +import "./ory.pkl" as oryConfig + + +hidden appBaseUrl: String + +hidden var = new { + name = "service-aletheia" + conf = new { + port = 3000 + recaptcha_sitekey = read("env:RECAPTCHA_SITEKEY") + websocketUrl = read("env:WEBSOCKET_URL") + baseUrl = read("env:BASE_URL") + automatedFactCheckingAPIUrl = read("env:AGENTS_API_URL") + recaptcha_secret = read("env:RECAPTCHA_SECRET") + throttle = new confBase.Throttle { + ttl = 60 + limit = 100 + } + ory = (oryConfig) { + admin_endpoint = "admin" + } + } +} + +services = new Listing { + new { + name = var.name + conf = (confBase) { + ...var.conf + } + } +} diff --git a/deployment/config/config-file/modules/novu.pkl b/deployment/config/config-file/modules/novu.pkl new file mode 100644 index 000000000..171da3fac --- /dev/null +++ b/deployment/config/config-file/modules/novu.pkl @@ -0,0 +1,2 @@ +api_key = read("env:NOVU_API_KEY") +application_identifier = read("env:NOVU_APPLICATION_IDENTIFIER") diff --git a/deployment/config/config-file/modules/openai.pkl b/deployment/config/config-file/modules/openai.pkl new file mode 100644 index 000000000..3e4c05d6c --- /dev/null +++ b/deployment/config/config-file/modules/openai.pkl @@ -0,0 +1,2 @@ +api_key = read("env:OPENAI_API_KEY") + diff --git a/deployment/config/config-file/modules/ory.pkl b/deployment/config/config-file/modules/ory.pkl new file mode 100644 index 000000000..b804b978f --- /dev/null +++ b/deployment/config/config-file/modules/ory.pkl @@ -0,0 +1,5 @@ +url = read("env:ORY_SDK_URL") +admin_url = read("env:ORY_SDK_URL") +admin_endpoint: String +access_token = read("env:ORY_ACCESS_TOKEN") +schema_id = read("env:ALETHEIA_SCHEMA_ID") diff --git a/deployment/config/config-file/modules/service/confBase.pkl b/deployment/config/config-file/modules/service/confBase.pkl new file mode 100644 index 000000000..7cd1811a4 --- /dev/null +++ b/deployment/config/config-file/modules/service/confBase.pkl @@ -0,0 +1,31 @@ +import "../database/mongodb.pkl" as mongoDbConfig +import "../ory.pkl" as oryConfig +import "../feature_flag.pkl" as featureFlagConfig +import "../aws/s3.pkl" as s3Config +import "../novu.pkl" as novuConfig +import "../openai.pkl" as openaiConfig +import "../zenvia.pkl" as zenviaConfig +import "../agencia.pkl" as agenciaConfig + +class Throttle { + ttl: Number + limit: Number +} + +port: Number +cors: String +websocketUrl: String +baseUrl: String +automatedFactCheckingAPIUrl: String +recaptcha_secret: String +recaptcha_sitekey: String +throttle: Throttle +authentication_type = "ory" +db = (mongoDbConfig) {} +ory = (oryConfig) {} +feature_flag = (featureFlagConfig) {} +aws = (s3Config) {} +novu = (novuConfig) {} +openai = (openaiConfig) {} +zenvia = (zenviaConfig) {} +agencia = (agenciaConfig) {} diff --git a/deployment/config/config-file/modules/zenvia.pkl b/deployment/config/config-file/modules/zenvia.pkl new file mode 100644 index 000000000..79c13ef73 --- /dev/null +++ b/deployment/config/config-file/modules/zenvia.pkl @@ -0,0 +1,2 @@ +api_url = read("env:ZENVIA_API_URL") +api_token = read("env:ZENVIA_API_TOKEN") diff --git a/deployment/config/config-file/production.pkl b/deployment/config/config-file/production.pkl new file mode 100644 index 000000000..33c525d20 --- /dev/null +++ b/deployment/config/config-file/production.pkl @@ -0,0 +1,16 @@ +amends "./modules/main.pkl" +import "./modules/database/mongodb.pkl" +appBaseUrl = "aletheiafact.org" + +var = new { + name = "aletheia-production" + conf { + cors = "*" + recaptcha_sitekey = "6Lc2BtYUAAAAAOUBI-9r1sDJUIfG2nt6C43noOXh" + websocketUrl = "wss://ws.\(appBaseUrl) " + baseUrl = "https://\(appBaseUrl)" + db = (mongodb) { + atlas = true + } + } +} From 20bbdcafaffa2195c64a2e5ffaa227609436979b Mon Sep 17 00:00:00 2001 From: msantos Date: Sun, 25 Aug 2024 19:32:12 +0200 Subject: [PATCH 2/2] Migrate the k8s deployment file generation to PKL --- .github/workflows/aws.yml | 414 +++++++++++++-------------- deployment/k8s/app.pkl | 92 ++++++ deployment/k8s/development.pkl | 28 ++ deployment/k8s/modules/aletheia.pkl | 11 + deployment/k8s/modules/container.pkl | 79 +++++ deployment/k8s/modules/ingress.pkl | 25 ++ deployment/k8s/production.pkl | 32 +++ 7 files changed, 462 insertions(+), 219 deletions(-) create mode 100644 deployment/k8s/app.pkl create mode 100644 deployment/k8s/development.pkl create mode 100644 deployment/k8s/modules/aletheia.pkl create mode 100644 deployment/k8s/modules/container.pkl create mode 100644 deployment/k8s/modules/ingress.pkl create mode 100644 deployment/k8s/production.pkl diff --git a/.github/workflows/aws.yml b/.github/workflows/aws.yml index 1d7e50cbc..cc7cf3f8d 100644 --- a/.github/workflows/aws.yml +++ b/.github/workflows/aws.yml @@ -1,225 +1,201 @@ name: Deploy to AWS EKS on: - push: - branches: - - master - - stage - # For future - # release: - # types: [created] + push: + branches: + - master + - stage + # For future + # release: + # types: [created] env: - API_URL: ${{ secrets.API_URL }} - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY }} - AWS_DEFAULT_REGION: us-east-1 - AWS_SDK_BUCKET: ${{ secrets.DEVELOPMENT_AWS_SDK_BUCKET }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - ECR_REGISTRY: ${{ secrets.ECR_REGISTRY }} - GITHUB_SHA: ${{ github.sha }} - KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }} - NEW_RELIC_LICENSE_KEY: ${{ secrets.NEW_RELIC_LICENSE_KEY }} - IMAGE: aletheiafact-production - ENVIRONMENT: development - ENV: development - UMAMI_SITE_ID: ${{ secrets.DEVELOPMENT_UMAMI_SITE_ID }} - MONGODB_URI: ${{ secrets.DEVELOPMENT_MONGODB_URI }} - MONGODB_NAME: ${{ secrets.DEVELOPMENT_MONGODB_NAME }} - ORY_SDK_URL: ${{ secrets.DEVELOPMENT_ORY_SDK_URL }} - ORY_ACCESS_TOKEN: ${{ secrets.DEVELOPMENT_ORY_ACCESS_TOKEN }} - ALETHEIA_SCHEMA_ID: ${{ secrets.DEVELOPMENT_ALETHEIA_SCHEMA_ID }} - RECAPTCHA_SITEKEY: ${{ secrets.RECAPTCHA_SITEKEY }} - NOVU_API_KEY: ${{ secrets.DEVELOPMENT_NOVU_API_KEY }} - NOVU_APPLICATION_IDENTIFIER: ${{ secrets.DEVELOPMENT_NOVU_APPLICATION_IDENTIFIER }} - NEW_RELIC_APP_NAME: ${{ secrets.DEVELOPMENT_NEW_RELIC_APP_NAME }} - GITLAB_FEATURE_FLAG_URL: ${{ secrets.GITLAB_FEATURE_FLAG_URL }} - GITLAB_FEATURE_FLAG_INSTANCE_ID: ${{ secrets.GITLAB_FEATURE_FLAG_INSTANCE_ID }} - # Needed env variables for first build on next - NEXT_PUBLIC_UMAMI_SITE_ID: ${{ secrets.DEVELOPMENT_UMAMI_SITE_ID }} - NEXT_PUBLIC_RECAPTCHA_SITEKEY: ${{ secrets.RECAPTCHA_SITEKEY }} - AGENTS_API_URL: ${{ secrets.DEVELOPMENT_AGENTS_API_URL }} - OPENAI_API_KEY: ${{ secrets.DEVELOPMENT_OPENAI_API_KEY }} - ZENVIA_API_URL: ${{ secrets.DEVELOPMENT_ZENVIA_API_URL }} - ZENVIA_API_TOKEN: ${{ secrets.DEVELOPMENT_ZENVIA_API_URL }} - AGENCIA_ACCESS_TOKEN: ${{ secrets.DEVELOPMENT_AGENCIA_ACCESS_TOKEN }} - RECAPTCHA_SECRET: ${{ secrets.RECAPTCHA_SECRETKEY }} + API_URL: ${{ secrets.API_URL }} + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY }} + AWS_DEFAULT_REGION: us-east-1 + AWS_SDK_BUCKET: ${{ secrets.DEVELOPMENT_AWS_SDK_BUCKET }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + ECR_REGISTRY: ${{ secrets.ECR_REGISTRY }} + GITHUB_SHA: ${{ github.sha }} + KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }} + NEW_RELIC_LICENSE_KEY: ${{ secrets.NEW_RELIC_LICENSE_KEY }} + IMAGE: aletheiafact-production + ENVIRONMENT: development + ENV: development + UMAMI_SITE_ID: ${{ secrets.DEVELOPMENT_UMAMI_SITE_ID }} + MONGODB_URI: ${{ secrets.DEVELOPMENT_MONGODB_URI }} + MONGODB_NAME: ${{ secrets.DEVELOPMENT_MONGODB_NAME }} + ORY_SDK_URL: ${{ secrets.DEVELOPMENT_ORY_SDK_URL }} + ORY_ACCESS_TOKEN: ${{ secrets.DEVELOPMENT_ORY_ACCESS_TOKEN }} + ALETHEIA_SCHEMA_ID: ${{ secrets.DEVELOPMENT_ALETHEIA_SCHEMA_ID }} + RECAPTCHA_SITEKEY: ${{ secrets.RECAPTCHA_SITEKEY }} + NOVU_API_KEY: ${{ secrets.DEVELOPMENT_NOVU_API_KEY }} + NOVU_APPLICATION_IDENTIFIER: ${{ secrets.DEVELOPMENT_NOVU_APPLICATION_IDENTIFIER }} + NEW_RELIC_APP_NAME: ${{ secrets.DEVELOPMENT_NEW_RELIC_APP_NAME }} + GITLAB_FEATURE_FLAG_URL: ${{ secrets.GITLAB_FEATURE_FLAG_URL }} + GITLAB_FEATURE_FLAG_INSTANCE_ID: ${{ secrets.GITLAB_FEATURE_FLAG_INSTANCE_ID }} + # Needed env variables for first build on next + NEXT_PUBLIC_UMAMI_SITE_ID: ${{ secrets.DEVELOPMENT_UMAMI_SITE_ID }} + NEXT_PUBLIC_RECAPTCHA_SITEKEY: ${{ secrets.RECAPTCHA_SITEKEY }} + AGENTS_API_URL: ${{ secrets.DEVELOPMENT_AGENTS_API_URL }} + OPENAI_API_KEY: ${{ secrets.DEVELOPMENT_OPENAI_API_KEY }} + ZENVIA_API_URL: ${{ secrets.DEVELOPMENT_ZENVIA_API_URL }} + ZENVIA_API_TOKEN: ${{ secrets.DEVELOPMENT_ZENVIA_API_URL }} + AGENCIA_ACCESS_TOKEN: ${{ secrets.DEVELOPMENT_AGENCIA_ACCESS_TOKEN }} + RECAPTCHA_SECRET: ${{ secrets.RECAPTCHA_SECRETKEY }} + TAG: ${{ github.sha}} jobs: - setup-build-publish: - name: Build & Publish - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v2 - - - name: Check Environment - if: endsWith(github.ref, '/master') - run: | - sed -i '11{s/test.//}' deployment/app.yml - sed -i '21{s/test.//}' deployment/app.yml - sed -i '11{s/testws./ws./}' deployment/websocket.yml - sed -i '11{s/test.//}' config.seed.example.yaml - echo "ENV=production" >> $GITHUB_ENV - echo "ENVIRONMENT=production" >> $GITHUB_ENV - echo "UMAMI_SITE_ID=${{ secrets.PRODUCTION_UMAMI_SITE_ID }}" >> $GITHUB_ENV - echo "NEXT_PUBLIC_UMAMI_SITE_ID=${{ secrets.PRODUCTION_UMAMI_SITE_ID }}" >> $GITHUB_ENV - echo "MONGODB_URI=${{ secrets.PRODUCTION_MONGODB_URI }}" >> $GITHUB_ENV - echo "ORY_SDK_URL=${{ secrets.PRODUCTION_ORY_SDK_URL }}" >> $GITHUB_ENV - echo "ORY_ACCESS_TOKEN=${{ secrets.PRODUCTION_ORY_ACCESS_TOKEN }}" >> $GITHUB_ENV - echo "ALETHEIA_SCHEMA_ID=${{ secrets.PRODUCTION_ALETHEIA_SCHEMA_ID }}" >> $GITHUB_ENV - echo "API_URL=${{ secrets.API_URL_PRODUCTION }}" >> $GITHUB_ENV - echo "MONGODB_NAME=${{ secrets.PRODUCTION_MONGODB_NAME }}" >> $GITHUB_ENV - echo "AWS_SDK_BUCKET=${{ secrets.PRODUCTION_AWS_SDK_BUCKET }}" >> $GITHUB_ENV - echo "AWS_ACCESS_KEY_ID=${{ secrets.PRODUCTION_AWS_ACCESS_KEY_ID }}" >> $GITHUB_ENV - echo "AWS_SECRET_ACCESS_KEY=${{ secrets.PRODUCTION_AWS_SECRET_ACCESS_KEY }}" >> $GITHUB_ENV - echo "NOVU_API_KEY=${{ secrets.PRODUCTION_NOVU_API_KEY }}" >> $GITHUB_ENV - echo "NOVU_APPLICATION_IDENTIFIER=${{ secrets.PRODUCTION_NOVU_APPLICATION_IDENTIFIER }}" >> $GITHUB_ENV - echo "NEW_RELIC_APP_NAME=${{ secrets.PRODUCTION_NEW_RELIC_APP_NAME }}" >> $GITHUB_ENV - echo "NEXT_PUBLIC_ORY_SDK_URL=${{ secrets.ORY_SDK_URL }}" >> $GITHUB_ENV - echo "AGENTS_API_URL=${{ secrets.PRODUCTION_AGENTS_API_URL }}" >> $GITHUB_ENV - echo "OPENAI_API_KEY=${{ secrets.PRODUCTION_OPENAI_API_KEY }}" >> $GITHUB_ENV - echo "ZENVIA_API_URL=${{ secrets.PRODUCTION_ZENVIA_API_URL }}" >> $GITHUB_ENV - echo "ZENVIA_API_TOKEN=${{ secrets.PRODUCTION_ZENVIA_API_TOKEN }}" >> $GITHUB_ENV - echo "AGENCIA_ACCESS_TOKEN=${{ secrets.PRODUCTION_AGENCIA_ACCESS_TOKEN }}" >> $GITHUB_ENV - - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: us-east-1 - - - name: Login to Amazon ECR - id: login-ecr - uses: aws-actions/amazon-ecr-login@v1 - - - name: Install pkl - uses: pkl-community/setup-pkl@v0 - with: - pkl-version: 0.25.2 - # Setting up config.yaml based on environment - - name: Set config.yaml - run: | - pkl eval -f yaml ./deployment/config/config-file/$ENVIRONMENT.pkl > config.$ENVIRONMENT.yaml - - - name: Set migrate-mongo-config.ts - run: | - sed -i "s%MONGODB_URI%$MONGODB_URI%g" migrate-mongo-config-example.ts - sed -i "s%MONGODB_NAME%$MONGODB_NAME%g" migrate-mongo-config-example.ts - - # Setting user seed config - - name: Set config.seed.example.yaml - env: - SMTP_HOST: ${{ secrets.SMTP_HOST }} - SMTP_PORT: ${{ secrets.SMTP_PORT }} - SMTP_EMAIL_USER: ${{ secrets.SMTP_EMAIL_USER }} - SMTP_EMAIL_PASS: ${{ secrets.SMTP_EMAIL_PASS }} - TEST_USER_PASS: ${{ secrets.TEST_USER_PASS }} - - run: | - sed -i "s%SMTP_HOST%$SMTP_HOST%g" config.seed.example.yaml - sed -i "s%SMTP_PORT%$SMTP_PORT%g" config.seed.example.yaml - sed -i "s%SMTP_EMAIL_USER%$SMTP_EMAIL_USER%g" config.seed.example.yaml - sed -i "s%SMTP_EMAIL_PASS%$SMTP_EMAIL_PASS%g" config.seed.example.yaml - sed -i "s/TEST_USER_PASS/$TEST_USER_PASS/g" config.seed.example.yaml - sed -i "s%MONGODB_URI%$MONGODB_URI%g" config.seed.example.yaml - sed -i "s%ORY_SDK_URL%$ORY_SDK_URL%g" config.seed.example.yaml - sed -i "s/ORY_ACCESS_TOKEN/$ORY_ACCESS_TOKEN/g" config.seed.example.yaml - sed -i "s/ALETHEIA_SCHEMA_ID/$ALETHEIA_SCHEMA_ID/g" config.seed.example.yaml - - # Build the Docker image - - name: Build - run: | - docker build --build-arg ENVIRONMENT=$ENVIRONMENT \ - --build-arg NEXT_PUBLIC_UMAMI_SITE_ID=$NEXT_PUBLIC_UMAMI_SITE_ID \ - --build-arg NEXT_PUBLIC_ENVIRONMENT=$ENVIRONMENT \ - --build-arg NEXT_PUBLIC_ORY_SDK_URL=$ORY_SDK_URL \ - --build-arg NEXT_PUBLIC_RECAPTCHA_SITEKEY=${{ secrets.NEXT_PUBLIC_RECAPTCHA_SITEKEY }} \ - -t "$ECR_REGISTRY"/"$IMAGE":"$GITHUB_SHA" . - docker tag "$ECR_REGISTRY"/"$IMAGE":"$GITHUB_SHA" "$ECR_REGISTRY"/"$IMAGE":latest - - # Push the Docker image to Google Container Registry - - name: Publish - run: | - docker push $ECR_REGISTRY/$IMAGE:$GITHUB_SHA - if [[ "$ENVIRONMENT" == "production" ]]; then docker push "$ECR_REGISTRY"/"$IMAGE":latest; fi - - deploy: - name: Deploy - needs: setup-build-publish - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v2 - - - name: Check Environment - if: endsWith(github.ref, '/master') - run: | - sed -i '11{s/test.//}' deployment/app.yml - sed -i '21{s/test.//}' deployment/app.yml - sed -i '11{s/testws./ws./}' deployment/websocket.yml - echo "ENVIRONMENT=production" >> $GITHUB_ENV - echo "UMAMI_SITE_ID=${{ secrets.PRODUCTION_UMAMI_SITE_ID }}" >> $GITHUB_ENV - echo "NEXT_PUBLIC_UMAMI_SITE_ID=${{ secrets.PRODUCTION_UMAMI_SITE_ID }}" >> $GITHUB_ENV - echo "MONGODB_URI=${{ secrets.PRODUCTION_MONGODB_URI }}" >> $GITHUB_ENV - echo "ORY_SDK_URL=${{ secrets.PRODUCTION_ORY_SDK_URL }}" >> $GITHUB_ENV - echo "ORY_ACCESS_TOKEN=${{ secrets.PRODUCTION_ORY_ACCESS_TOKEN }}" >> $GITHUB_ENV - echo "ALETHEIA_SCHEMA_ID=${{ secrets.PRODUCTION_ALETHEIA_SCHEMA_ID }}" >> $GITHUB_ENV - echo "API_URL=${{ secrets.API_URL_PRODUCTION }}" >> $GITHUB_ENV - echo "MONGODB_NAME=${{ secrets.PRODUCTION_MONGODB_NAME }}" >> $GITHUB_ENV - echo "AWS_SDK_BUCKET=${{ secrets.PRODUCTION_AWS_SDK_BUCKET }}" >> $GITHUB_ENV - echo "AWS_ACCESS_KEY_ID=${{ secrets.PRODUCTION_AWS_ACCESS_KEY_ID }}" >> $GITHUB_ENV - echo "AWS_SECRET_ACCESS_KEY=${{ secrets.PRODUCTION_AWS_SECRET_ACCESS_KEY }}" >> $GITHUB_ENV - echo "NOVU_API_KEY=${{ secrets.PRODUCTION_NOVU_API_KEY }}" >> $GITHUB_ENV - echo "NOVU_APPLICATION_IDENTIFIER=${{ secrets.PRODUCTION_NOVU_APPLICATION_IDENTIFIER }}" >> $GITHUB_ENV - echo "OPENAI_API_KEY=${{ secrets.PRODUCTION_OPENAI_API_KEY }}" >> $GITHUB_ENV - echo "ZENVIA_API_URL=${{ secrets.PRODUCTION_ZENVIA_API_URL }}" >> $GITHUB_ENV - echo "ZENVIA_API_TOKEN=${{ secrets.PRODUCTION_ZENVIA_API_TOKEN }}" >> $GITHUB_ENV - echo "AGENCIA_ACCESS_TOKEN=${{ secrets.PRODUCTION_AGENCIA_ACCESS_TOKEN }}" >> $GITHUB_ENV - - - name: Set environment - run: | - sed -i 's%ENVIRONMENT%${{ env.ENVIRONMENT }}%g' deployment/app.yml - sed -i 's%ENV_NAME_STUB%NEXT_PUBLIC_ENVIRONMENT%g' deployment/app.yml - sed -i 's%ENVIRONMENT%${{ env.ENVIRONMENT }}%g' deployment/websocket.yml - sed -i "s%UMAMI_SITE_ID_STUB%${{ env.UMAMI_SITE_ID }}%g" deployment/app.yml - sed -i "s%RECAPTCHA_SITEKEY_STUB%${{ env.RECAPTCHA_SITEKEY }}%g" deployment/app.yml - sed -i "s%ORY_SDK_URL_STUB%${{ env.ORY_SDK_URL }}%g" deployment/app.yml - sed -i "s%ORY_ACCESS_TOKEN_STUB%${{ env.ORY_ACCESS_TOKEN }}%g" deployment/app.yml - sed -i "s%NEW_RELIC_LICENSE_KEY_STUB%${{ env.NEW_RELIC_LICENSE_KEY }}%g" deployment/app.yml - sed -i "s%NEW_RELIC_APP_NAME_STUB%${{ env.NEW_RELIC_APP_NAME }}%g" deployment/app.yml - sed -i "s%NEXT_PUBLIC_ORYSDKURL_STUB%${{ env.ORY_SDK_URL }}%g" deployment/app.yml - sed -i "s%OPENAI_API_KEY_STUB%${{ env.OPENAI_API_KEY }}%g" deployment/app.yml - - - name: Set deployment - run: | - sed -i "s/TAG/$GITHUB_SHA/" deployment/app.yml - sed -i "s/TAG/$GITHUB_SHA/" deployment/websocket.yml - - - name: Applying Kubernetes Deployment - uses: giovannirossini/aws-eks@v1.0.1 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: "us-east-1" - cluster-name: "production" - command: kubectl apply -f ./deployment/ - - - name: Validation - uses: giovannirossini/aws-eks@v1.0.1 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: "us-east-1" - cluster-name: "production" - command: kubectl rollout status deployments/aletheia -n ${{ env.ENVIRONMENT }} --timeout=360s - if: success() - - - name: Rollback - uses: giovannirossini/aws-eks@v1.0.1 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: "us-east-1" - cluster-name: "production" - command: kubectl rollout undo deployments/aletheia -n ${{ env.ENVIRONMENT }} - if: failure() + setup-build-publish: + name: Build & Publish + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + + - name: Check Environment + if: endsWith(github.ref, '/master') + run: | + sed -i '11{s/test.//}' deployment/app.yml + sed -i '21{s/test.//}' deployment/app.yml + sed -i '11{s/testws./ws./}' deployment/websocket.yml + echo "ENV=production" >> $GITHUB_ENV + echo "ENVIRONMENT=production" >> $GITHUB_ENV + echo "UMAMI_SITE_ID=${{ secrets.PRODUCTION_UMAMI_SITE_ID }}" >> $GITHUB_ENV + echo "NEXT_PUBLIC_UMAMI_SITE_ID=${{ secrets.PRODUCTION_UMAMI_SITE_ID }}" >> $GITHUB_ENV + echo "MONGODB_URI=${{ secrets.PRODUCTION_MONGODB_URI }}" >> $GITHUB_ENV + echo "ORY_SDK_URL=${{ secrets.PRODUCTION_ORY_SDK_URL }}" >> $GITHUB_ENV + echo "ORY_ACCESS_TOKEN=${{ secrets.PRODUCTION_ORY_ACCESS_TOKEN }}" >> $GITHUB_ENV + echo "ALETHEIA_SCHEMA_ID=${{ secrets.PRODUCTION_ALETHEIA_SCHEMA_ID }}" >> $GITHUB_ENV + echo "API_URL=${{ secrets.API_URL_PRODUCTION }}" >> $GITHUB_ENV + echo "MONGODB_NAME=${{ secrets.PRODUCTION_MONGODB_NAME }}" >> $GITHUB_ENV + echo "AWS_SDK_BUCKET=${{ secrets.PRODUCTION_AWS_SDK_BUCKET }}" >> $GITHUB_ENV + echo "AWS_ACCESS_KEY_ID=${{ secrets.PRODUCTION_AWS_ACCESS_KEY_ID }}" >> $GITHUB_ENV + echo "AWS_SECRET_ACCESS_KEY=${{ secrets.PRODUCTION_AWS_SECRET_ACCESS_KEY }}" >> $GITHUB_ENV + echo "NOVU_API_KEY=${{ secrets.PRODUCTION_NOVU_API_KEY }}" >> $GITHUB_ENV + echo "NOVU_APPLICATION_IDENTIFIER=${{ secrets.PRODUCTION_NOVU_APPLICATION_IDENTIFIER }}" >> $GITHUB_ENV + echo "NEW_RELIC_APP_NAME=${{ secrets.PRODUCTION_NEW_RELIC_APP_NAME }}" >> $GITHUB_ENV + echo "NEXT_PUBLIC_ORY_SDK_URL=${{ secrets.ORY_SDK_URL }}" >> $GITHUB_ENV + echo "AGENTS_API_URL=${{ secrets.PRODUCTION_AGENTS_API_URL }}" >> $GITHUB_ENV + echo "OPENAI_API_KEY=${{ secrets.PRODUCTION_OPENAI_API_KEY }}" >> $GITHUB_ENV + echo "ZENVIA_API_URL=${{ secrets.PRODUCTION_ZENVIA_API_URL }}" >> $GITHUB_ENV + echo "ZENVIA_API_TOKEN=${{ secrets.PRODUCTION_ZENVIA_API_TOKEN }}" >> $GITHUB_ENV + echo "AGENCIA_ACCESS_TOKEN=${{ secrets.PRODUCTION_AGENCIA_ACCESS_TOKEN }}" >> $GITHUB_ENV + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: us-east-1 + + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v1 + + - name: Install pkl + uses: pkl-community/setup-pkl@v0 + with: + pkl-version: 0.25.2 + # Setting up config.yaml based on environment + - name: Set config.yaml + run: | + pkl eval -f yaml ./deployment/config/config-file/$ENVIRONMENT.pkl > config.$ENVIRONMENT.yaml + + - name: Set migrate-mongo-config.ts + run: | + sed -i "s%MONGODB_URI%$MONGODB_URI%g" migrate-mongo-config-example.ts + sed -i "s%MONGODB_NAME%$MONGODB_NAME%g" migrate-mongo-config-example.ts + + # Build the Docker image + - name: Build + run: | + docker build --build-arg ENVIRONMENT=$ENVIRONMENT \ + --build-arg NEXT_PUBLIC_UMAMI_SITE_ID=$NEXT_PUBLIC_UMAMI_SITE_ID \ + --build-arg NEXT_PUBLIC_ENVIRONMENT=$ENVIRONMENT \ + --build-arg NEXT_PUBLIC_ORY_SDK_URL=$ORY_SDK_URL \ + --build-arg NEXT_PUBLIC_RECAPTCHA_SITEKEY=${{ secrets.NEXT_PUBLIC_RECAPTCHA_SITEKEY }} \ + -t "$ECR_REGISTRY"/"$IMAGE":"$GITHUB_SHA" . + docker tag "$ECR_REGISTRY"/"$IMAGE":"$GITHUB_SHA" "$ECR_REGISTRY"/"$IMAGE":latest + + # Push the Docker image to Google Container Registry + - name: Publish + run: | + docker push $ECR_REGISTRY/$IMAGE:$GITHUB_SHA + if [[ "$ENVIRONMENT" == "production" ]]; then docker push "$ECR_REGISTRY"/"$IMAGE":latest; fi + + deploy: + name: Deploy + needs: setup-build-publish + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + + - name: Check Environment + if: endsWith(github.ref, '/master') + run: | + sed -i '11{s/testws./ws./}' deployment/websocket.yml + echo "ENVIRONMENT=production" >> $GITHUB_ENV + echo "UMAMI_SITE_ID=${{ secrets.PRODUCTION_UMAMI_SITE_ID }}" >> $GITHUB_ENV + echo "NEXT_PUBLIC_UMAMI_SITE_ID=${{ secrets.PRODUCTION_UMAMI_SITE_ID }}" >> $GITHUB_ENV + echo "MONGODB_URI=${{ secrets.PRODUCTION_MONGODB_URI }}" >> $GITHUB_ENV + echo "ORY_SDK_URL=${{ secrets.PRODUCTION_ORY_SDK_URL }}" >> $GITHUB_ENV + echo "ORY_ACCESS_TOKEN=${{ secrets.PRODUCTION_ORY_ACCESS_TOKEN }}" >> $GITHUB_ENV + echo "ALETHEIA_SCHEMA_ID=${{ secrets.PRODUCTION_ALETHEIA_SCHEMA_ID }}" >> $GITHUB_ENV + echo "API_URL=${{ secrets.API_URL_PRODUCTION }}" >> $GITHUB_ENV + echo "MONGODB_NAME=${{ secrets.PRODUCTION_MONGODB_NAME }}" >> $GITHUB_ENV + echo "AWS_SDK_BUCKET=${{ secrets.PRODUCTION_AWS_SDK_BUCKET }}" >> $GITHUB_ENV + echo "AWS_ACCESS_KEY_ID=${{ secrets.PRODUCTION_AWS_ACCESS_KEY_ID }}" >> $GITHUB_ENV + echo "AWS_SECRET_ACCESS_KEY=${{ secrets.PRODUCTION_AWS_SECRET_ACCESS_KEY }}" >> $GITHUB_ENV + echo "NOVU_API_KEY=${{ secrets.PRODUCTION_NOVU_API_KEY }}" >> $GITHUB_ENV + echo "NOVU_APPLICATION_IDENTIFIER=${{ secrets.PRODUCTION_NOVU_APPLICATION_IDENTIFIER }}" >> $GITHUB_ENV + echo "OPENAI_API_KEY=${{ secrets.PRODUCTION_OPENAI_API_KEY }}" >> $GITHUB_ENV + echo "ZENVIA_API_URL=${{ secrets.PRODUCTION_ZENVIA_API_URL }}" >> $GITHUB_ENV + echo "ZENVIA_API_TOKEN=${{ secrets.PRODUCTION_ZENVIA_API_TOKEN }}" >> $GITHUB_ENV + echo "AGENCIA_ACCESS_TOKEN=${{ secrets.PRODUCTION_AGENCIA_ACCESS_TOKEN }}" >> $GITHUB_ENV + + - name: Install pkl + uses: pkl-community/setup-pkl@v0 + with: + pkl-version: 0.25.2 + + - name: Set deployment/app.yml + run: | + pkl eval -f yaml ./deployment/k8s/$ENVIRONMENT.pkl > deployment/app.yml + + - name: Set environment + run: | + sed -i 's%ENVIRONMENT%${{ env.ENVIRONMENT }}%g' deployment/websocket.yml + + - name: Set deployment + run: | + sed -i "s/TAG/$GITHUB_SHA/" deployment/websocket.yml + + - name: Applying Kubernetes Deployment + uses: giovannirossini/aws-eks@v1.0.1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: "us-east-1" + cluster-name: "production" + command: kubectl apply -f ./deployment/ + + - name: Validation + uses: giovannirossini/aws-eks@v1.0.1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: "us-east-1" + cluster-name: "production" + command: kubectl rollout status deployments/aletheia -n ${{ env.ENVIRONMENT }} --timeout=360s + if: success() + + - name: Rollback + uses: giovannirossini/aws-eks@v1.0.1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: "us-east-1" + cluster-name: "production" + command: kubectl rollout undo deployments/aletheia -n ${{ env.ENVIRONMENT }} + if: failure() diff --git a/deployment/k8s/app.pkl b/deployment/k8s/app.pkl new file mode 100644 index 000000000..a36b85376 --- /dev/null +++ b/deployment/k8s/app.pkl @@ -0,0 +1,92 @@ +import "package://pkg.pkl-lang.org/pkl-k8s/k8s@1.0.1#/K8sResource.pkl" +import "package://pkg.pkl-lang.org/pkl-k8s/k8s@1.0.1#/api/apps/v1/Deployment.pkl" +import "package://pkg.pkl-lang.org/pkl-k8s/k8s@1.0.1#/api/core/v1/Service.pkl" +import "package://pkg.pkl-lang.org/pkl-k8s/k8s@1.0.1#/api/networking/v1/Ingress.pkl" +import "package://pkg.pkl-lang.org/pkl-k8s/k8s@1.0.1#/api/core/v1/PodSpec.pkl" +import "./modules/ingress.pkl" as ingress + +hidden appNamespace = "development" +hidden podPort = 3000 + +hidden IngressOptions = new { + rules = new {} +} +hidden ServiceOptions = new { + spec = new Service.ServiceSpec { + type = "NodePort" + selector { + ["app"] = "aletheia" + } + ports { + new { + name = "aletheia" + targetPort = trace(podPort) + port = 80 + } + } + } +} +hidden DeploymentOptions = new { + replicas = 1 + containers = new Listing {} +} + + +resources: Listing = new { + new Ingress { + metadata { + name = "ingress-aletheia" + namespace = appNamespace + annotations { + ["kubernetes.io/ingress.class"] = "traefik" + } + } + spec { + rules = new { + for (_rule in IngressOptions.rules) { + _rule + } + } + } + } + + new Service { + metadata { + name = "aletheia" + namespace = appNamespace + } + spec = ServiceOptions.spec + } + + new Deployment { + metadata { + name = "aletheia" + namespace = appNamespace + } + spec { + replicas = DeploymentOptions.replicas + selector { + matchLabels { + ["app"] = "aletheia" + } + } + template { + metadata { + labels { + ["app"] = "aletheia" + } + } + spec { + containers = DeploymentOptions.containers + } + } + } + } +} + +output { + value = resources + renderer = (K8sResource.output.renderer as YamlRenderer) { + isStream = true + } +} diff --git a/deployment/k8s/development.pkl b/deployment/k8s/development.pkl new file mode 100644 index 000000000..c7094a85c --- /dev/null +++ b/deployment/k8s/development.pkl @@ -0,0 +1,28 @@ +amends "./app.pkl" +import "package://pkg.pkl-lang.org/pkl-k8s/k8s@1.0.1#/K8sResource.pkl" +import "./modules/ingress.pkl" as ingress +import "./modules/aletheia.pkl" + +appNamespace = "development" +podPort = 3000 + +local newAletheia = new (aletheia) { + ns = appNamespace + p = podPort +} + +IngressOptions { + rules { + (ingress.rule) { + host = "test.aletheiafact.org" + } + } +} + +DeploymentOptions { + containers { + (newAletheia.pod.container) { + name = "aletheia" + } + } +} diff --git a/deployment/k8s/modules/aletheia.pkl b/deployment/k8s/modules/aletheia.pkl new file mode 100644 index 000000000..ee6d017b5 --- /dev/null +++ b/deployment/k8s/modules/aletheia.pkl @@ -0,0 +1,11 @@ +import "./container.pkl" as containerConfig +import "package://pkg.pkl-lang.org/pkl-k8s/k8s@1.0.1#/api/core/v1/PodSpec.pkl" + +hidden ns = "" +hidden p = 3000 + +pod = (containerConfig) { + namespace = ns + imagePath = "134187360702.dkr.ecr.us-east-1.amazonaws.com/aletheiafact-production" + ":" + read("env:TAG") + podPort = p +} diff --git a/deployment/k8s/modules/container.pkl b/deployment/k8s/modules/container.pkl new file mode 100644 index 000000000..60df73537 --- /dev/null +++ b/deployment/k8s/modules/container.pkl @@ -0,0 +1,79 @@ +import "package://pkg.pkl-lang.org/pkl-k8s/k8s@1.0.1#/api/core/v1/EnvVar.pkl" +import "package://pkg.pkl-lang.org/pkl-k8s/k8s@1.0.1#/api/core/v1/ResourceRequirements.pkl" +import "package://pkg.pkl-lang.org/pkl-k8s/k8s@1.0.1#/api/core/v1/PodSpec.pkl" + +hidden namespace = "" +hidden imagePath = "" +hidden podPort = "" + +container: PodSpec.Container = new { + name = "" + image = imagePath + imagePullPolicy = "Always" + env = new { + new { + name = "NEXT_PUBLIC_UMAMI_SITE_ID" + value = read("env:UMAMI_SITE_ID") + } + new { + name = "NEXT_PUBLIC_RECAPTCHA_SITEKEY" + value = read("env:RECAPTCHA_SITEKEY") + } + new { + name = "ORY_SDK_URL" + value = read("env:ORY_SDK_URL") + } + new { + name = "ORY_ACCESS_TOKEN" + value = read("env:ORY_ACCESS_TOKEN") + } + new { + name = "NEW_RELIC_LICENSE_KEY" + value = read("env:NEW_RELIC_LICENSE_KEY") + } + new { + name = "NEW_RELIC_APP_NAME" + value = "aletheia-" + namespace + } + new { + name = "NEXT_PUBLIC_ORY_SDK_URL" + value = read("env:ORY_SDK_URL") + } + new { + name = "OPENAI_API_KEY" + value = read("env:OPENAI_API_KEY") + } + new { + name = "ENV_NAME" + value = namespace + } + } + + readinessProbe { + httpGet { + path = "/api/health" + port = podPort + } + initialDelaySeconds = 50 + timeoutSeconds = 5 + } + livenessProbe { + httpGet { + path = "/api/health" + port = podPort + } + initialDelaySeconds = 50 + timeoutSeconds = 10 + failureThreshold = 10 + } + resources { + requests { + ["cpu"] = "300m" + ["memory"] = 512.mib + } + limits { + ["cpu"] = "400m" + ["memory"] = 1024.mib + } + } +} diff --git a/deployment/k8s/modules/ingress.pkl b/deployment/k8s/modules/ingress.pkl new file mode 100644 index 000000000..f71c1e874 --- /dev/null +++ b/deployment/k8s/modules/ingress.pkl @@ -0,0 +1,25 @@ +import "package://pkg.pkl-lang.org/pkl-k8s/k8s@1.0.1#/api/networking/v1/Ingress.pkl" as Ingress +import "package://pkg.pkl-lang.org/pkl-k8s/k8s@1.0.1#/api/apps/v1/Deployment.pkl" +import "package://pkg.pkl-lang.org/pkl-k8s/k8s@1.0.1#/api/core/v1/Service.pkl" +import "package://pkg.pkl-lang.org/pkl-k8s/k8s@1.0.1#/K8sResource.pkl" + +rule: Ingress.IngressRule = new { + host = "www.test.aletheiafact.org" + http { + paths { + new { + path = "/" + pathType = "Prefix" + backend { + service { + name = "aletheia" + port { + name = "aletheia" + } + } + } + } + } + } +} + diff --git a/deployment/k8s/production.pkl b/deployment/k8s/production.pkl new file mode 100644 index 000000000..68151dd6c --- /dev/null +++ b/deployment/k8s/production.pkl @@ -0,0 +1,32 @@ +amends "./app.pkl" +import "package://pkg.pkl-lang.org/pkl-k8s/k8s@1.0.1#/K8sResource.pkl" +import "./modules/ingress.pkl" as ingress +import "./modules/aletheia.pkl" + +appNamespace = "production" +podPort = 3000 + +local newAletheia = new (aletheia) { + ns = appNamespace + p = podPort +} + +IngressOptions { + rules { + (ingress.rule) { + host = "aletheiafact.org" + } + + (ingress.rule) { + host = "www.aletheiafact.org" + } + } +} + +DeploymentOptions { + containers { + (newAletheia.pod.container) { + name = "aletheia" + } + } +}