diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 879f9e54..87045b5f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -9,6 +9,7 @@ env: # Variables d'environnement declarées dans la vm de l'action DOCKER_HUB_ACCESS_TOKEN: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} DB_USER_PASS: ${{ secrets.DB_USER_PASS }} REACT_APP_URL_API: ${{ vars.REACT_APP_LOCAL_URL_API }} # les vars sont des variables d'environnement stockées dans le répertoire vars du repo sur github + TARGET_PLATFORM: linux/amd64, linux/arm64 jobs: # Jobs de l'action Jest-tests: # Job de l'action pour les tests Jest @@ -47,12 +48,7 @@ jobs: # Jobs de l'action npm test mv ./test-report.html ./back-jest-report.html - # - name: run back server # execution du serveur backend afin de pouvoir executer l'ensemble des tests du front - # run: | - # cd server - # npm run watch & - - - name: Run front Jest tests # execution des tests Jest du frontend + - name: Run front Jest tests # execution des tests Jest du frontendD run: | cd client npm test @@ -66,73 +62,8 @@ jobs: # Jobs de l'action ./client/front-jest-report.html ./server/back-jest-report.html - Eslint-test: - runs-on: ubuntu-latest - - steps: - - name: Checkout code - uses: actions/checkout@v2 - - - name: Use Node.js - uses: actions/setup-node@v2 - with: - node-version: 20 - - - name: Install front dependencies - run: | - npm ci - working-directory: client - - - name: Install back dependencies - run: | - npm ci - working-directory: server - - - name: Where am i - run: | - pwd - ls - - - name: Where am i server - run: | - pwd - ls -la - working-directory: server - - - name: Where am i client - run: | - pwd - ls -la - working-directory: client - - - name: Create eslint directory if not exists - run: mkdir -p eslint - working-directory: server - - - name: Create eslint directory if not exists - run: mkdir -p eslint - working-directory: client - - - name: Run front Eslint test - run: | - npm run lint || true - working-directory: client - - - name: Run back Eslint test - run: | - npm run lint || true - working-directory: server - - - name: Eslint reports - uses: actions/upload-artifact@v3 - with: - name: eslint reports - path: | - client/eslint-report.html - server/eslint-report.html - build-and-push: - needs: [Jest-tests, Eslint-test] + needs: [Jest-tests] runs-on: ubuntu-latest steps: @@ -165,13 +96,13 @@ jobs: # Jobs de l'action run: | echo "DB_USER_PASS=${{ secrets.DB_USER_PASS }}" > ./server/config/.env cat ./server/config/.env - echo "REACT_APP_URL_API=${{ secrets.REACT_APP_URL_API }}" > ./client/.env + echo "REACT_APP_URL_API=${{ secrets.REACT_APP_URL_API_RASPBERRY }}" > ./client/.env cat ./client/.env - name: Build front if: ${{ success() }} env: - REACT_APP_URL_API: ${{ secrets.REACT_APP_URL_API }} + REACT_APP_URL_API: ${{ secrets.REACT_APP_URL_API_RASPBERRY }} run: | cd client npm run build @@ -179,10 +110,11 @@ jobs: # Jobs de l'action - name: Build and push front uses: docker/build-push-action@v2 env: - REACT_APP_URL_API: ${{ secrets.REACT_APP_URL_API }} + REACT_APP_URL_API: ${{ secrets.REACT_APP_URL_API_RASPBERRY }} with: context: ./client/ file: ./client/Dockerfile + platforms: ${{ env.TARGET_PLATFORM }} push: true tags: ${{ secrets.DOCKER_HUB_USERNAME }}/${{ vars.DOCKER_FRONT }}:${{ vars.DOCKER_FRONT_VERSION }} @@ -193,5 +125,6 @@ jobs: # Jobs de l'action with: context: ./server/ file: ./server/Dockerfile + platforms: ${{ env.TARGET_PLATFORM }} push: true tags: ${{ secrets.DOCKER_HUB_USERNAME }}/${{ vars.DOCKER_BACK }}:${{ vars.DOCKER_BACK_VERSION }} diff --git a/.github/workflows/logging.yml b/.github/workflows/logging.yml deleted file mode 100644 index 613905e5..00000000 --- a/.github/workflows/logging.yml +++ /dev/null @@ -1,59 +0,0 @@ -name: Pipeline Logging - -on: - push: - branches: - - logging - pull_request: - branches: - - logging - -jobs: - deploy: - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v2 - - - name: "Google auth" - id: "auth" - uses: "google-github-actions/auth@v1" - with: - credentials_json: "${{ secrets.GOOGLE_CREDENTIALS }}" - - - name: Set up Cloud SDK - uses: google-github-actions/setup-gcloud@v1 - with: - project_id: ${{ secrets.GCP_PROJECT }} - install_components: "gke-gcloud-auth-plugin" - - - name: Configure gcloud - run: gcloud config set compute/region europe-west2 - - - name: Get cluster credential - uses: google-github-actions/get-gke-credentials@v1 - with: - cluster_name: khagu-dev-cluster - location: europe-west2 - - - name: Set up ECK - run: | - # Liste des CRDs ECK - crds=("agents.agent.k8s.elastic.co" "apmservers.apm.k8s.elastic.co" "beats.beat.k8s.elastic.co" "elasticmapsservers.maps.k8s.elastic.co" "elasticsearchautoscalers.autoscaling.k8s.elastic.co" "elasticsearches.elasticsearch.k8s.elastic.co" "enterprisesearches.enterprisesearch.k8s.elastic.co" "kibanas.kibana.k8s.elastic.co" "logstashes.logstash.k8s.elastic.co" "stackconfigpolicies.stackconfigpolicy.k8s.elastic.co") - - # Vérifiez chaque CRD - for crd in "${crds[@]}" - do - if ! kubectl get crd $crd > /dev/null 2>&1; then - # Si le CRD n'existe pas, créez les CRDs - kubectl create -f https://download.elastic.co/downloads/eck/2.11.1/crds.yaml - break - fi - done - - # Appliquez l'opérateur ECK - kubectl apply -f https://download.elastic.co/downloads/eck/2.11.1/operator.yaml - - - name: Deploy to GKE - run: | - kubectl apply -f ./logging/fleet.yml diff --git a/.github/workflows/prod.yml b/.github/workflows/prod.yml index d19bbefc..ca858831 100644 --- a/.github/workflows/prod.yml +++ b/.github/workflows/prod.yml @@ -1,253 +1,255 @@ name: Pipeline Prod on: # Triggers the workflow - pull_request: # This workflow will run only for pull requests - branches: # This workflow will run only for the main branch - - main - -permissions: - pull-requests: write - -env: - # Use docker.io for Docker Hub if empty - SHA: ${{ github.event.pull_request.head.sha || github.event.after }} - REACT_APP_URL_API: ${{ secrets.REACT_APP_URL_API }} - -jobs: - ##### Check de l'image Front ###### - ################################### - check-front-image: - runs-on: ubuntu-latest # OS - steps: - - name: Checkout # Checkout the repository - uses: actions/checkout@v3 # Checkout the repository - - - name: Login to Docker Hub # Login to Docker Hub - uses: docker/login-action@v2 # Docker login action - with: - username: ${{ secrets.DOCKER_HUB_USERNAME }} # Docker Hub username - password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} # Docker Hub access token - - - name: Extract Docker Front metadata # Extract Docker Front metadata - id: meta # Step ID - uses: docker/metadata-action@v4.4.0 # Docker metadata action - with: - images: ${{ secrets.DOCKER_HUB_USERNAME }}/${{ vars.DOCKER_FRONT }} # Docker Front image - labels: | - org.opencontainers.image.revision=${{ env.SHA }} - tags: | - type=edge,branch=$repo.default_branch - type=semver,pattern=v{{version}} - type=sha,prefix=,suffix=,format=short - - - name: Check Front image # Check Front image - uses: docker/scout-action@v0.18.1 # Docker scout action - with: - command: cves # Command to run on the image - image: ${{ secrets.DOCKER_HUB_USERNAME }}/${{ vars.DOCKER_FRONT }}:${{ vars.DOCKER_FRONT_VERSION }} # Docker Front image version to check - exit-code: true # Exit code - - ##### Check de l'image Back ###### - ################################### - check-back-image: - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Login to Docker Hub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKER_HUB_USERNAME }} - password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} - - - name: Extract Docker Back metadata - id: meta - uses: docker/metadata-action@v4.4.0 - with: - images: ${{ secrets.DOCKER_HUB_USERNAME }}/${{ vars.DOCKER_BACK }} - labels: | - org.opencontainers.image.revision=${{ env.SHA }} - tags: | - type=edge,branch=$repo.default_branch - type=semver,pattern=v{{version}} - type=sha,prefix=,suffix=,format=short - - - name: Check Back image - uses: docker/scout-action@v0.18.1 - with: - command: cves - image: ${{ secrets.DOCKER_HUB_USERNAME }}/${{ vars.DOCKER_BACK }}:${{ vars.DOCKER_BACK_VERSION }} - exit-code: true - - ##### Push front image to GAR ###### - #################################### - push-front-image-to-GAR: - needs: [check-front-image] - runs-on: ubuntu-latest - permissions: - contents: "read" - id-token: "write" - - steps: - - uses: actions/checkout@v3 - - - name: "Google auth" - id: "auth" - uses: "google-github-actions/auth@v1" - with: - credentials_json: "${{ secrets.GOOGLE_CREDENTIALS }}" - - - name: "Pull image from Docker Hub" - run: docker pull ${{ secrets.DOCKER_HUB_USERNAME }}/${{ vars.DOCKER_FRONT }}:${{ vars.DOCKER_FRONT_VERSION }} - - - name: "Tag image" - run: docker tag ${{ secrets.DOCKER_HUB_USERNAME }}/${{ vars.DOCKER_FRONT }}:${{ vars.DOCKER_FRONT_VERSION }} europe-west1-docker.pkg.dev/${{ secrets.GCP_PROJECT }}/${{ secrets.GAR }}/${{ vars.DOCKER_FRONT }}:${{ vars.DOCKER_FRONT_VERSION }} - - - name: "config docker" - run: gcloud auth configure-docker "europe-west1-docker.pkg.dev" - - - name: "Push image to GAR" - run: docker push europe-west1-docker.pkg.dev/${{ secrets.GCP_PROJECT }}/${{ secrets.GAR }}/${{ vars.DOCKER_FRONT }}:${{ vars.DOCKER_FRONT_VERSION }} - - ##### Push back image to GAR ###### - ################################### - push-back-image-to-GAR: - needs: [check-back-image] - runs-on: ubuntu-latest - permissions: - contents: "read" - id-token: "write" - - steps: - - uses: actions/checkout@v3 - - - name: "Google auth" - id: "auth" - uses: "google-github-actions/auth@v1" - with: - credentials_json: "${{ secrets.GOOGLE_CREDENTIALS }}" - - - name: "Pull image from Docker Hub" - run: docker pull ${{ secrets.DOCKER_HUB_USERNAME }}/${{ vars.DOCKER_BACK }}:${{ vars.DOCKER_BACK_VERSION }} - - - name: "Tag image" - run: docker tag ${{ secrets.DOCKER_HUB_USERNAME }}/${{ vars.DOCKER_BACK }}:${{ vars.DOCKER_BACK_VERSION }} europe-west1-docker.pkg.dev/${{ secrets.GCP_PROJECT }}/${{ secrets.GAR }}/${{ vars.DOCKER_BACK }}:${{ vars.DOCKER_BACK_VERSION }} - - - name: "config docker" - run: gcloud auth configure-docker "europe-west1-docker.pkg.dev" - - - name: "Push image to GAR" - run: docker push europe-west1-docker.pkg.dev/${{ secrets.GCP_PROJECT }}/${{ secrets.GAR }}/${{ vars.DOCKER_BACK }}:${{ vars.DOCKER_BACK_VERSION }} - # - name: "Build and push" - # uses: RafikFarhad/push-to-gcr-github-action@v5-beta - # with: - # registry: europe-west1-docker.pkg.dev - # project_id: ${{ secrets.GCP_PROJECT }} - # image_name: ${{ vars.DOCKER_BACK }} - # image_tag: ${{ vars.DOCKER_BACK_VERSION }} - # dockerfile: ./server/Dockerfile - # context: ./server - - ##### Deploiement Terraform ###### - ################################## - deploy-terraform: - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Setup Terraform - uses: hashicorp/setup-terraform@v2 - - - name: Terraform Init - run: | - cd terraform - terraform init - env: - GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }} - - - name: Terraform Plan - run: | - cd terraform - terraform plan - env: - GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }} - - - name: Terraform Apply - run: | - cd terraform - terraform apply -auto-approve - env: - GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }} - - ##### Deploy front to GKE ###### - ################################ - deploy-front-to-gke: - needs: [push-front-image-to-GAR, deploy-terraform] - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: "Google auth" - id: "auth" - uses: "google-github-actions/auth@v1" - with: - credentials_json: "${{ secrets.GOOGLE_CREDENTIALS }}" - - - name: Set up Cloud SDK - uses: google-github-actions/setup-gcloud@v1 - with: - project_id: ${{ secrets.GCP_PROJECT }} - install_components: "gke-gcloud-auth-plugin" - - - name: Configure gcloud - run: gcloud config set compute/region europe-west2 - - - name: Get cluster credential - uses: google-github-actions/get-gke-credentials@v1 - with: - cluster_name: khagu-dev-cluster - location: europe-west2 - - - name: Deploy to GKE - run: | - gcloud auth configure-docker europe-west1-docker.pkg.dev - kubectl apply -f ./client/prod-front.yml - - - ##### Deploy back to GKE ###### - ############################### - deploy-back-to-gke: - needs: [push-back-image-to-GAR, deploy-terraform] - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: "Google auth" - id: "auth" - uses: "google-github-actions/auth@v1" - with: - credentials_json: "${{ secrets.GOOGLE_CREDENTIALS }}" - - - name: Set up Cloud SDK - uses: google-github-actions/setup-gcloud@v1 - with: - project_id: ${{ secrets.GCP_PROJECT }} - install_components: "gke-gcloud-auth-plugin" - - - name: Configure gcloud - run: gcloud config set compute/region europe-west2 - - - name: Get cluster credential - uses: google-github-actions/get-gke-credentials@v1 - with: - cluster_name: khagu-dev-cluster - location: europe-west2 - - - name: Deploy to GKE - run: | - gcloud auth configure-docker europe-west1-docker.pkg.dev - kubectl apply -f ./server/prod-back.yml + # pull_request: # This workflow will run only for pull requests + # branches: # This workflow will run only for the main branch + # - blabla + push: + branches: [logging] + +# permissions: +# pull-requests: write + +# env: +# # Use docker.io for Docker Hub if empty +# SHA: ${{ github.event.pull_request.head.sha || github.event.after }} +# REACT_APP_URL_API: ${{ secrets.REACT_APP_URL_API }} + +# jobs: +# ##### Check de l'image Front ###### +# ################################### +# check-front-image: +# runs-on: ubuntu-latest # OS +# steps: +# - name: Checkout # Checkout the repository +# uses: actions/checkout@v3 # Checkout the repository + +# - name: Login to Docker Hub # Login to Docker Hub +# uses: docker/login-action@v2 # Docker login action +# with: +# username: ${{ secrets.DOCKER_HUB_USERNAME }} # Docker Hub username +# password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} # Docker Hub access token + +# - name: Extract Docker Front metadata # Extract Docker Front metadata +# id: meta # Step ID +# uses: docker/metadata-action@v4.4.0 # Docker metadata action +# with: +# images: ${{ secrets.DOCKER_HUB_USERNAME }}/${{ vars.DOCKER_FRONT }} # Docker Front image +# labels: | +# org.opencontainers.image.revision=${{ env.SHA }} +# tags: | +# type=edge,branch=$repo.default_branch +# type=semver,pattern=v{{version}} +# type=sha,prefix=,suffix=,format=short + +# - name: Check Front image # Check Front image +# uses: docker/scout-action@v0.18.1 # Docker scout action +# with: +# command: cves # Command to run on the image +# image: ${{ secrets.DOCKER_HUB_USERNAME }}/${{ vars.DOCKER_FRONT }}:${{ vars.DOCKER_FRONT_VERSION }} # Docker Front image version to check +# exit-code: true # Exit code + +# ##### Check de l'image Back ###### +# ################################### +# check-back-image: +# runs-on: ubuntu-latest +# steps: +# - name: Checkout +# uses: actions/checkout@v3 + +# - name: Login to Docker Hub +# uses: docker/login-action@v2 +# with: +# username: ${{ secrets.DOCKER_HUB_USERNAME }} +# password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} + +# - name: Extract Docker Back metadata +# id: meta +# uses: docker/metadata-action@v4.4.0 +# with: +# images: ${{ secrets.DOCKER_HUB_USERNAME }}/${{ vars.DOCKER_BACK }} +# labels: | +# org.opencontainers.image.revision=${{ env.SHA }} +# tags: | +# type=edge,branch=$repo.default_branch +# type=semver,pattern=v{{version}} +# type=sha,prefix=,suffix=,format=short + +# - name: Check Back image +# uses: docker/scout-action@v0.18.1 +# with: +# command: cves +# image: ${{ secrets.DOCKER_HUB_USERNAME }}/${{ vars.DOCKER_BACK }}:${{ vars.DOCKER_BACK_VERSION }} +# exit-code: true + +# ##### Push front image to GAR ###### +# #################################### +# push-front-image-to-GAR: +# needs: [check-front-image] +# runs-on: ubuntu-latest +# permissions: +# contents: "read" +# id-token: "write" + +# steps: +# - uses: actions/checkout@v3 + +# - name: "Google auth" +# id: "auth" +# uses: "google-github-actions/auth@v1" +# with: +# credentials_json: "${{ secrets.GOOGLE_CREDENTIALS }}" + +# - name: "Pull image from Docker Hub" +# run: docker pull ${{ secrets.DOCKER_HUB_USERNAME }}/${{ vars.DOCKER_FRONT }}:${{ vars.DOCKER_FRONT_VERSION }} + +# - name: "Tag image" +# run: docker tag ${{ secrets.DOCKER_HUB_USERNAME }}/${{ vars.DOCKER_FRONT }}:${{ vars.DOCKER_FRONT_VERSION }} europe-west1-docker.pkg.dev/${{ secrets.GCP_PROJECT }}/${{ secrets.GAR }}/${{ vars.DOCKER_FRONT }}:${{ vars.DOCKER_FRONT_VERSION }} + +# - name: "config docker" +# run: gcloud auth configure-docker "europe-west1-docker.pkg.dev" + +# - name: "Push image to GAR" +# run: docker push europe-west1-docker.pkg.dev/${{ secrets.GCP_PROJECT }}/${{ secrets.GAR }}/${{ vars.DOCKER_FRONT }}:${{ vars.DOCKER_FRONT_VERSION }} + +# ##### Push back image to GAR ###### +# ################################### +# push-back-image-to-GAR: +# needs: [check-back-image] +# runs-on: ubuntu-latest +# permissions: +# contents: "read" +# id-token: "write" + +# steps: +# - uses: actions/checkout@v3 + +# - name: "Google auth" +# id: "auth" +# uses: "google-github-actions/auth@v1" +# with: +# credentials_json: "${{ secrets.GOOGLE_CREDENTIALS }}" + +# - name: "Pull image from Docker Hub" +# run: docker pull ${{ secrets.DOCKER_HUB_USERNAME }}/${{ vars.DOCKER_BACK }}:${{ vars.DOCKER_BACK_VERSION }} + +# - name: "Tag image" +# run: docker tag ${{ secrets.DOCKER_HUB_USERNAME }}/${{ vars.DOCKER_BACK }}:${{ vars.DOCKER_BACK_VERSION }} europe-west1-docker.pkg.dev/${{ secrets.GCP_PROJECT }}/${{ secrets.GAR }}/${{ vars.DOCKER_BACK }}:${{ vars.DOCKER_BACK_VERSION }} + +# - name: "config docker" +# run: gcloud auth configure-docker "europe-west1-docker.pkg.dev" + +# - name: "Push image to GAR" +# run: docker push europe-west1-docker.pkg.dev/${{ secrets.GCP_PROJECT }}/${{ secrets.GAR }}/${{ vars.DOCKER_BACK }}:${{ vars.DOCKER_BACK_VERSION }} +# # - name: "Build and push" +# # uses: RafikFarhad/push-to-gcr-github-action@v5-beta +# # with: +# # registry: europe-west1-docker.pkg.dev +# # project_id: ${{ secrets.GCP_PROJECT }} +# # image_name: ${{ vars.DOCKER_BACK }} +# # image_tag: ${{ vars.DOCKER_BACK_VERSION }} +# # dockerfile: ./server/Dockerfile +# # context: ./server + +# ##### Deploiement Terraform ###### +# ################################## +# deploy-terraform: +# runs-on: ubuntu-latest +# steps: +# - name: Checkout +# uses: actions/checkout@v3 + +# - name: Setup Terraform +# uses: hashicorp/setup-terraform@v2 + +# - name: Terraform Init +# run: | +# cd terraform +# terraform init +# env: +# GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }} + +# - name: Terraform Plan +# run: | +# cd terraform +# terraform plan +# env: +# GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }} + +# - name: Terraform Apply +# run: | +# cd terraform +# terraform apply -auto-approve +# env: +# GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }} + +# ##### Deploy front to GKE ###### +# ################################ +# deploy-front-to-gke: +# needs: [push-front-image-to-GAR, deploy-terraform] +# runs-on: ubuntu-latest +# steps: +# - name: Checkout +# uses: actions/checkout@v3 + +# - name: "Google auth" +# id: "auth" +# uses: "google-github-actions/auth@v1" +# with: +# credentials_json: "${{ secrets.GOOGLE_CREDENTIALS }}" + +# - name: Set up Cloud SDK +# uses: google-github-actions/setup-gcloud@v1 +# with: +# project_id: ${{ secrets.GCP_PROJECT }} +# install_components: "gke-gcloud-auth-plugin" + +# - name: Configure gcloud +# run: gcloud config set compute/region europe-west2 + +# - name: Get cluster credential +# uses: google-github-actions/get-gke-credentials@v1 +# with: +# cluster_name: khagu-dev-cluster +# location: europe-west2 + +# - name: Deploy to GKE +# run: | +# gcloud auth configure-docker europe-west1-docker.pkg.dev +# kubectl apply -f ./client/prod-front.yml + + +# ##### Deploy back to GKE ###### +# ############################### +# deploy-back-to-gke: +# needs: [push-back-image-to-GAR, deploy-terraform] +# runs-on: ubuntu-latest +# steps: +# - name: Checkout +# uses: actions/checkout@v3 + +# - name: "Google auth" +# id: "auth" +# uses: "google-github-actions/auth@v1" +# with: +# credentials_json: "${{ secrets.GOOGLE_CREDENTIALS }}" + +# - name: Set up Cloud SDK +# uses: google-github-actions/setup-gcloud@v1 +# with: +# project_id: ${{ secrets.GCP_PROJECT }} +# install_components: "gke-gcloud-auth-plugin" + +# - name: Configure gcloud +# run: gcloud config set compute/region europe-west2 + +# - name: Get cluster credential +# uses: google-github-actions/get-gke-credentials@v1 +# with: +# cluster_name: khagu-dev-cluster +# location: europe-west2 + +# - name: Deploy to GKE +# run: | +# gcloud auth configure-docker europe-west1-docker.pkg.dev +# kubectl apply -f ./server/prod-back.yml diff --git a/.github/workflows/raspberry.yml b/.github/workflows/raspberry.yml new file mode 100644 index 00000000..91c2a644 --- /dev/null +++ b/.github/workflows/raspberry.yml @@ -0,0 +1,115 @@ +name: Pipeline Raspberry + +on: # Triggers the workflow + pull_request: # This workflow will run only for pull requests + branches: # This workflow will run only for the main branch + - main + +permissions: + pull-requests: write + +env: + # Use docker.io for Docker Hub if empty + SHA: ${{ github.event.pull_request.head.sha || github.event.after }} + REACT_APP_URL_API: ${{ secrets.REACT_APP_URL_API }} + +jobs: + ##### Check de l'image Front ###### + ################################### + check-front-image: + runs-on: ubuntu-latest # OS + steps: + - name: Checkout # Checkout the repository + uses: actions/checkout@v3 # Checkout the repository + + - name: Login to Docker Hub # Login to Docker Hub + uses: docker/login-action@v2 # Docker login action + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} # Docker Hub username + password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} # Docker Hub access token + + - name: Extract Docker Front metadata # Extract Docker Front metadata + id: meta # Step ID + uses: docker/metadata-action@v4.4.0 # Docker metadata action + with: + images: ${{ secrets.DOCKER_HUB_USERNAME }}/${{ vars.DOCKER_FRONT }} # Docker Front image + labels: | + org.opencontainers.image.revision=${{ env.SHA }} + tags: | + type=edge,branch=$repo.default_branch + type=semver,pattern=v{{version}} + type=sha,prefix=,suffix=,format=short + + - name: Check Front image # Check Front image + uses: docker/scout-action@v0.18.1 # Docker scout action + with: + command: cves # Command to run on the image + image: ${{ secrets.DOCKER_HUB_USERNAME }}/${{ vars.DOCKER_FRONT }}:${{ vars.DOCKER_FRONT_VERSION }} # Docker Front image version to check + exit-code: true # Exit code + + ##### Check de l'image Back ###### + ################################### + check-back-image: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Login to Docker Hub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }} + + - name: Extract Docker Back metadata + id: meta + uses: docker/metadata-action@v4.4.0 + with: + images: ${{ secrets.DOCKER_HUB_USERNAME }}/${{ vars.DOCKER_BACK }} + labels: | + org.opencontainers.image.revision=${{ env.SHA }} + tags: | + type=edge,branch=$repo.default_branch + type=semver,pattern=v{{version}} + type=sha,prefix=,suffix=,format=short + + - name: Check Back image + uses: docker/scout-action@v0.18.1 + with: + command: cves + image: ${{ secrets.DOCKER_HUB_USERNAME }}/${{ vars.DOCKER_BACK }}:${{ vars.DOCKER_BACK_VERSION }} + exit-code: true + + + + ##### Deploiement docker compose ###### + ################################ + deploy: + needs: [check-front-image, check-back-image] + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Copy docker-compose.yml to Raspberry Pi + uses: appleboy/scp-action@master + with: + host: ${{ secrets.RASPBERRY_PI_HOST }} + username: ${{ secrets.RASPBERRY_PI_USERNAME }} + key: ${{ secrets.RASPBERRY_PI_SSH_KEY }} + passphrase: ${{ secrets.RASPBERRY_PI_SSH_PASSPHRASE }} + source: "./docker-compose.yml" + target: "./Documents/" + + - name: Deploy to Raspberry Pi + uses: appleboy/ssh-action@master + with: + host: ${{ secrets.RASPBERRY_PI_HOST }} + username: ${{ secrets.RASPBERRY_PI_USERNAME }} + key: ${{ secrets.RASPBERRY_PI_SSH_KEY }} + passphrase: ${{ secrets.RASPBERRY_PI_SSH_PASSPHRASE }} + script: | + cd Documents + sudo docker compose up -d + + diff --git a/client/Dockerfile b/client/Dockerfile index 3e0f282a..8f0dcda5 100644 --- a/client/Dockerfile +++ b/client/Dockerfile @@ -1,9 +1,19 @@ FROM nginx:latest -RUN apt-get update -y +RUN apt-get update \ + && apt-get install -y certbot python3-certbot-nginx + +RUN echo "server {" > /etc/nginx/conf.d/default.conf \ + && echo " listen 80;" >> /etc/nginx/conf.d/default.conf \ + && echo " location / {" >> /etc/nginx/conf.d/default.conf \ + && echo " root /usr/share/nginx/html;" >> /etc/nginx/conf.d/default.conf \ + && echo " }" >> /etc/nginx/conf.d/default.conf \ + && echo " location ~ /.well-known/acme-challenge/ { allow all; root /usr/share/nginx/html; }" >> /etc/nginx/conf.d/default.conf \ + && echo "}" >> /etc/nginx/conf.d/default.conf COPY ./build/ /usr/share/nginx/html EXPOSE 80 +EXPOSE 443 CMD ["nginx", "-g", "daemon off;"] \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 00000000..c50d64a1 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,10 @@ +services: + frontend: + image: khagu/khagu-dev-front:1.8.2 + ports: + - 80:80 + - 443:443 + backend: + image: khagu/khagu-dev-back:1.2 + ports: + - 7000:7000 \ No newline at end of file diff --git a/server/Dockerfile b/server/Dockerfile index c434e554..77102394 100644 --- a/server/Dockerfile +++ b/server/Dockerfile @@ -1,6 +1,6 @@ -FROM node:latest +FROM node:latest -RUN apt-get update && apt-get install -y +RUN apt-get update -y COPY . . diff --git a/server/config/db.js b/server/config/db.js index ed98b2ed..a34bb99c 100644 --- a/server/config/db.js +++ b/server/config/db.js @@ -1,15 +1,15 @@ -const { config } = require("dotenv"); -const mongoose = require("mongoose"); +require("dotenv").config(); // this reads the .env file and sets the environment variables. +const mongoose = require("mongoose"); // this is the ODM for MongoDB -mongoose - .connect( +mongoose // this connects to the MongoDB database + .connect( // the connection string is stored in the .env file "mongodb+srv://" + process.env.DB_USER_PASS + - "@cluster0.v8rv1aj.mongodb.net/khagu-dev?retryWrites=true&w=majority", + "@cluster0.v8rv1aj.mongodb.net/khagu-dev?retryWrites=true&w=majority", // this is the connection string { - useNewUrlParser: true, - useUnifiedTopology: true, + useNewUrlParser: true, // these are some options to avoid deprecation warnings + useUnifiedTopology: true, // these are some options to avoid deprecation warnings } ) - .then(() => console.log("connected to MongoDB")) - .catch((err) => console.log("Failed to connect to MongoDB :", err)); + .then(() => console.log("connected to MongoDB")) // if the connection is successful, this message is printed + .catch((err) => console.log("Failed to connect to MongoDB :", err)); // if the connection fails, this message is printed