diff --git a/.github/workflows/api-cleanup-pr-images.yaml b/.github/workflows/app-cleanup-pr-images.yaml similarity index 95% rename from .github/workflows/api-cleanup-pr-images.yaml rename to .github/workflows/app-cleanup-pr-images.yaml index 81b1daaa..35ae955e 100644 --- a/.github/workflows/api-cleanup-pr-images.yaml +++ b/.github/workflows/app-cleanup-pr-images.yaml @@ -17,7 +17,7 @@ jobs: uses: bots-house/ghcr-delete-image-action@v1.1.0 with: owner: noaa-gsl - name: unified-graphics/api + name: unified-graphics/app token: ${{ secrets.GHCR_CLEANUP_PAT }} tag: ${{ github.head_ref }} - name: Cleanup images @@ -43,7 +43,7 @@ jobs: - name: Cleanup image run: | aws ecr batch-delete-image \ - --repository-name rtma-vis/api \ + --repository-name rtma-vis/app \ --image-ids imageTag=${{ github.head_ref }} - name: Cleanup image run: | diff --git a/.github/workflows/api.yaml b/.github/workflows/app.yaml similarity index 94% rename from .github/workflows/api.yaml rename to .github/workflows/app.yaml index bef86206..abd7b6c8 100644 --- a/.github/workflows/api.yaml +++ b/.github/workflows/app.yaml @@ -101,7 +101,7 @@ jobs: - name: Code Coverage Report uses: irongut/CodeCoverageSummary@v1.3.0 with: - header: API Coverage + header: App Coverage filename: coverage.xml badge: true fail_below_min: true @@ -128,7 +128,7 @@ jobs: run: python3 ./.github/scripts/extract_git_ref.py # Provides env.BRANCH - name: Build & tag image run: | - docker build -t ${{ env.REGISTRY }}/api:${{ env.BRANCH }} -f docker/app/Dockerfile . + docker build -t ${{ env.REGISTRY }}/app:${{ env.BRANCH }} -f docker/app/Dockerfile . - name: Login to GHCR uses: docker/login-action@v3 with: @@ -137,7 +137,7 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Push image run: | - docker push ${{ env.REGISTRY }}/api:${{ env.BRANCH }} + docker push ${{ env.REGISTRY }}/app:${{ env.BRANCH }} build_diag_etl: runs-on: ubuntu-latest needs: [lint, type-check, test] @@ -169,7 +169,7 @@ jobs: - name: Scan image with Trivy uses: aquasecurity/trivy-action@master with: - image-ref: "${{ env.REGISTRY }}/api:${{ env.BRANCH }}" + image-ref: "${{ env.REGISTRY }}/app:${{ env.BRANCH }}" format: "sarif" output: "trivy-results.sarif" ignore-unfixed: true @@ -233,9 +233,9 @@ jobs: uses: aws-actions/amazon-ecr-login@v2 - name: retag image and push run: | - docker pull ${{ env.REGISTRY }}/api:${{ env.BRANCH }} - docker tag ${{ env.REGISTRY }}/api:${{ env.BRANCH }} ${{ secrets.AWS_REGISTRY }}/api:${{ env.BRANCH }} - docker push ${{ secrets.AWS_REGISTRY }}/api:${{ env.BRANCH }} + docker pull ${{ env.REGISTRY }}/app:${{ env.BRANCH }} + docker tag ${{ env.REGISTRY }}/app:${{ env.BRANCH }} ${{ secrets.AWS_REGISTRY }}/app:${{ env.BRANCH }} + docker push ${{ secrets.AWS_REGISTRY }}/app:${{ env.BRANCH }} docker pull ${{ env.REGISTRY }}/data:${{ env.BRANCH }} docker tag ${{ env.REGISTRY }}/data:${{ env.BRANCH }} ${{ secrets.AWS_REGISTRY }}/data:${{ env.BRANCH }} docker push ${{ secrets.AWS_REGISTRY }}/data:${{ env.BRANCH }} diff --git a/.github/workflows/ui-cleanup-pr-images.yaml b/.github/workflows/webserver-cleanup-pr-images.yaml similarity index 92% rename from .github/workflows/ui-cleanup-pr-images.yaml rename to .github/workflows/webserver-cleanup-pr-images.yaml index d2aff759..3cb6cc6a 100644 --- a/.github/workflows/ui-cleanup-pr-images.yaml +++ b/.github/workflows/webserver-cleanup-pr-images.yaml @@ -19,7 +19,7 @@ jobs: uses: bots-house/ghcr-delete-image-action@v1.1.0 with: owner: noaa-gsl - name: unified-graphics/ui + name: unified-graphics/webserver token: ${{ secrets.GHCR_CLEANUP_PAT }} tag: ${{ github.head_ref }} purge-ecr-images: @@ -38,5 +38,5 @@ jobs: - name: Cleanup image run: | aws ecr batch-delete-image \ - --repository-name rtma-vis/ui \ + --repository-name rtma-vis/webserver \ --image-ids imageTag=${{ github.head_ref }} diff --git a/.github/workflows/ui.yaml b/.github/workflows/webserver.yaml similarity index 71% rename from .github/workflows/ui.yaml rename to .github/workflows/webserver.yaml index f9e52c12..fcb5394e 100644 --- a/.github/workflows/ui.yaml +++ b/.github/workflows/webserver.yaml @@ -1,4 +1,4 @@ -name: "UI Service Build" +name: "Webserver Service Build" on: push: tags: @@ -25,7 +25,7 @@ on: - "docker/webserver/**" workflow_dispatch: # Manually env: - REGISTRY: ghcr.io/noaa-gsl/unified-graphics/ui + REGISTRY: ghcr.io/noaa-gsl/unified-graphics/webserver jobs: lint: @@ -41,45 +41,6 @@ jobs: run: npm ci - name: Lint run: npm run lint:code - # test: - # runs-on: ubuntu-latest - # permissions: - # pull-requests: write - # steps: - # - uses: actions/checkout@v4 - # - uses: actions/setup-node@v4 - # with: - # node-version-file: ".nvmrc" - # cache: "npm" - # cache-dependency-path: "services/api/package-lock.json" - # - name: Install dependencies - # working-directory: services/api - # run: npm ci - # - name: Test - # working-directory: services/api - # run: | - # npx playwright install-deps - # npx playwright install - # npm test - # - name: Code Coverage Report - # uses: irongut/CodeCoverageSummary@v1.3.0 - # with: - # filename: services/api/src/coverage/cobertura-coverage.xml - # badge: true - # fail_below_min: true - # format: markdown - # hide_branch_rate: false - # hide_complexity: true - # indicators: true - # output: both - # thresholds: "0 80" - # - name: Add Coverage PR Comment - # uses: marocchino/sticky-pull-request-comment@v2 - # if: github.event_name == 'pull_request' - # with: - # header: UI Coverage - # recreate: true - # path: code-coverage-results.md build: runs-on: ubuntu-latest needs: [lint] @@ -152,5 +113,5 @@ jobs: - name: retag image and push run: | docker pull ${{ env.REGISTRY }}:${{ env.BRANCH }} - docker tag ${{ env.REGISTRY }}:${{ env.BRANCH }} ${{ secrets.AWS_REGISTRY }}/ui:${{ env.BRANCH }} - docker push ${{ secrets.AWS_REGISTRY }}/ui:${{ env.BRANCH }} + docker tag ${{ env.REGISTRY }}:${{ env.BRANCH }} ${{ secrets.AWS_REGISTRY }}/webserver:${{ env.BRANCH }} + docker push ${{ secrets.AWS_REGISTRY }}/webserver:${{ env.BRANCH }} diff --git a/kubernetes/README.md b/kubernetes/README.md index a048ffa7..fae1fa48 100644 --- a/kubernetes/README.md +++ b/kubernetes/README.md @@ -8,7 +8,7 @@ We're using a Kustomize-style layout. `base` contains the default k8s manifests, ### Start app via CLI -Currently, you will need to create a `kuberenetes/overlays/dev/api/.env` file with the required AWS keys to pass in to the container. That file should look like so: +Currently, you will need to create a `kuberenetes/overlays/dev/app/.env` file with the required AWS keys to pass in to the container. That file should look like so: ```shell AWS_ACCESS_KEY_ID= diff --git a/kubernetes/base/api/deployment.yaml b/kubernetes/base/app/deployment.yaml similarity index 68% rename from kubernetes/base/api/deployment.yaml rename to kubernetes/base/app/deployment.yaml index 13458f72..b2f3af18 100644 --- a/kubernetes/base/api/deployment.yaml +++ b/kubernetes/base/app/deployment.yaml @@ -2,27 +2,27 @@ apiVersion: apps/v1 kind: Deployment metadata: labels: - app.kubernetes.io/name: api + app.kubernetes.io/name: app # app.kubernetes.io/instance: app.kubernetes.io/part-of: unified-graphics app.kubernetes.io/component: backend - app: unified-graphics-api + app: unified-graphics-app tier: backend - name: unified-graphics-api + name: unified-graphics-app spec: replicas: 1 selector: matchLabels: - app: unified-graphics-api + app: unified-graphics-app template: metadata: labels: - app: unified-graphics-api + app: unified-graphics-app spec: containers: - - image: unified-graphics/api + - image: unified-graphics/app imagePullPolicy: Always # Since we're tracking a long-lived tag, we'll want to always check for updated images - name: unified-graphics-api + name: unified-graphics-app ports: - containerPort: 80 protocol: TCP diff --git a/kubernetes/base/api/job.yaml b/kubernetes/base/app/job.yaml similarity index 90% rename from kubernetes/base/api/job.yaml rename to kubernetes/base/app/job.yaml index 401ab5c0..4a484ce0 100644 --- a/kubernetes/base/api/job.yaml +++ b/kubernetes/base/app/job.yaml @@ -11,7 +11,7 @@ spec: app: migrations spec: containers: - - image: unified-graphics/api + - image: unified-graphics/app name: migrations imagePullPolicy: Always command: ["alembic", "upgrade", "head"] diff --git a/kubernetes/base/api/kustomization.yaml b/kubernetes/base/app/kustomization.yaml similarity index 100% rename from kubernetes/base/api/kustomization.yaml rename to kubernetes/base/app/kustomization.yaml diff --git a/kubernetes/base/api/service.yaml b/kubernetes/base/app/service.yaml similarity index 69% rename from kubernetes/base/api/service.yaml rename to kubernetes/base/app/service.yaml index dad892b3..129d8285 100644 --- a/kubernetes/base/api/service.yaml +++ b/kubernetes/base/app/service.yaml @@ -2,8 +2,8 @@ apiVersion: v1 kind: Service metadata: labels: - app: unified-graphics-api - name: unified-graphics-api + app: unified-graphics-app + name: unified-graphics-app spec: ports: - port: 80 @@ -11,5 +11,5 @@ spec: protocol: TCP name: http selector: - app: unified-graphics-api + app: unified-graphics-app type: ClusterIP diff --git a/kubernetes/base/ui/deployment.yaml b/kubernetes/base/webserver/deployment.yaml similarity index 65% rename from kubernetes/base/ui/deployment.yaml rename to kubernetes/base/webserver/deployment.yaml index 334ca4b6..6d6179c3 100644 --- a/kubernetes/base/ui/deployment.yaml +++ b/kubernetes/base/webserver/deployment.yaml @@ -2,27 +2,27 @@ apiVersion: apps/v1 kind: Deployment metadata: labels: - app.kubernetes.io/name: ui + app.kubernetes.io/name: webserver # app.kubernetes.io/instance: app.kubernetes.io/part-of: unified-graphics app.kubernetes.io/component: frontend - app: unified-graphics-ui + app: unified-graphics-webserver tier: frontend - name: unified-graphics-ui + name: unified-graphics-webserver spec: replicas: 1 selector: matchLabels: - app: unified-graphics-ui + app: unified-graphics-webserver template: metadata: labels: - app: unified-graphics-ui + app: unified-graphics-webserver spec: containers: - - image: unified-graphics/ui + - image: unified-graphics/webserver imagePullPolicy: Always # Since we're tracking a long-lived tag, we'll want to always check for updated images - name: unified-graphics-ui + name: unified-graphics-webserver ports: - containerPort: 80 protocol: TCP diff --git a/kubernetes/base/ui/kustomization.yaml b/kubernetes/base/webserver/kustomization.yaml similarity index 100% rename from kubernetes/base/ui/kustomization.yaml rename to kubernetes/base/webserver/kustomization.yaml diff --git a/kubernetes/base/ui/service.yaml b/kubernetes/base/webserver/service.yaml similarity index 65% rename from kubernetes/base/ui/service.yaml rename to kubernetes/base/webserver/service.yaml index 85d33287..b1175360 100644 --- a/kubernetes/base/ui/service.yaml +++ b/kubernetes/base/webserver/service.yaml @@ -2,8 +2,8 @@ apiVersion: v1 kind: Service metadata: labels: - app: unified-graphics-ui - name: unified-graphics-ui + app: unified-graphics-webserver + name: unified-graphics-webserver spec: ports: - port: 80 @@ -11,5 +11,5 @@ spec: protocol: TCP name: http selector: - app: unified-graphics-ui + app: unified-graphics-webserver type: ClusterIP diff --git a/kubernetes/overlays/dev/api/deployment.yaml b/kubernetes/overlays/dev/app/deployment.yaml similarity index 80% rename from kubernetes/overlays/dev/api/deployment.yaml rename to kubernetes/overlays/dev/app/deployment.yaml index 1a999f92..46d935e4 100644 --- a/kubernetes/overlays/dev/api/deployment.yaml +++ b/kubernetes/overlays/dev/app/deployment.yaml @@ -1,17 +1,17 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: unified-graphics-api + name: unified-graphics-app spec: template: spec: containers: - - name: unified-graphics-api + - name: unified-graphics-app envFrom: - secretRef: - name: unified-graphics-api-secret + name: unified-graphics-app-secret - configMapRef: - name: unified-graphics-api-config + name: unified-graphics-app-config # FIXME - we should explore dissallowing privilege escalation securityContext: allowPrivilegeEscalation: true # Default behavior diff --git a/kubernetes/overlays/dev/api/dev.api.env b/kubernetes/overlays/dev/app/dev.app.env similarity index 100% rename from kubernetes/overlays/dev/api/dev.api.env rename to kubernetes/overlays/dev/app/dev.app.env diff --git a/kubernetes/overlays/dev/api/job.yaml b/kubernetes/overlays/dev/app/job.yaml similarity index 100% rename from kubernetes/overlays/dev/api/job.yaml rename to kubernetes/overlays/dev/app/job.yaml diff --git a/kubernetes/overlays/dev/api/kustomization.yaml b/kubernetes/overlays/dev/app/kustomization.yaml similarity index 67% rename from kubernetes/overlays/dev/api/kustomization.yaml rename to kubernetes/overlays/dev/app/kustomization.yaml index 3e53bfa6..7111c0b6 100644 --- a/kubernetes/overlays/dev/api/kustomization.yaml +++ b/kubernetes/overlays/dev/app/kustomization.yaml @@ -1,12 +1,12 @@ bases: - - ../../../base/api + - ../../../base/app resources: - "rbac.yaml" images: - - name: unified-graphics/api - newName: ghcr.io/noaa-gsl/unified-graphics/api + - name: unified-graphics/app + newName: ghcr.io/noaa-gsl/unified-graphics/app newTag: main patchesStrategicMerge: @@ -14,12 +14,12 @@ patchesStrategicMerge: - "job.yaml" configMapGenerator: - - name: unified-graphics-api-config + - name: unified-graphics-app-config envs: - - dev.api.env + - dev.app.env secretGenerator: - - name: unified-graphics-api-secret + - name: unified-graphics-app-secret envs: - .env # Should contain AWS_ACCESS_KEY, AWS_SECRET_ACCESS_KEY, AWS_SECRET_TOKEN, FLASK_SQLALCHEMY_DATABASE_URI - name: unified-graphics-migrations-secret diff --git a/kubernetes/overlays/dev/api/rbac.yaml b/kubernetes/overlays/dev/app/rbac.yaml similarity index 100% rename from kubernetes/overlays/dev/api/rbac.yaml rename to kubernetes/overlays/dev/app/rbac.yaml diff --git a/kubernetes/overlays/dev/ingress.yaml b/kubernetes/overlays/dev/ingress.yaml index 89f7a476..1170bf96 100644 --- a/kubernetes/overlays/dev/ingress.yaml +++ b/kubernetes/overlays/dev/ingress.yaml @@ -1,7 +1,7 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - name: unified-graphics-ui + name: unified-graphics-webserver annotations: traefik.ingress.kubernetes.io/router.entrypoints: web spec: @@ -13,6 +13,6 @@ spec: pathType: Prefix backend: service: - name: unified-graphics-ui + name: unified-graphics-webserver port: number: 80 diff --git a/kubernetes/overlays/dev/kustomization.yaml b/kubernetes/overlays/dev/kustomization.yaml index 21cc4a0c..264d9f7e 100644 --- a/kubernetes/overlays/dev/kustomization.yaml +++ b/kubernetes/overlays/dev/kustomization.yaml @@ -1,6 +1,6 @@ resources: - - api - - ui + - app + - webserver - db - ingress.yaml commonLabels: diff --git a/kubernetes/overlays/dev/ui/dev.ui.env b/kubernetes/overlays/dev/ui/dev.ui.env deleted file mode 100644 index a47b5e41..00000000 --- a/kubernetes/overlays/dev/ui/dev.ui.env +++ /dev/null @@ -1 +0,0 @@ -UG_DIAG_API_HOST=http://unified-graphics-api/ diff --git a/kubernetes/overlays/dev/ui/kustomization.yaml b/kubernetes/overlays/dev/ui/kustomization.yaml deleted file mode 100644 index a9d1df54..00000000 --- a/kubernetes/overlays/dev/ui/kustomization.yaml +++ /dev/null @@ -1,14 +0,0 @@ -bases: - - ../../../base/ui -images: - - name: unified-graphics/ui - newName: ghcr.io/noaa-gsl/unified-graphics/ui - newTag: main - -patchesStrategicMerge: - - "deployment.yaml" - -configMapGenerator: - - name: unified-graphics-ui-config - envs: - - dev.ui.env diff --git a/kubernetes/overlays/dev/ui/deployment.yaml b/kubernetes/overlays/dev/webserver/deployment.yaml similarity index 74% rename from kubernetes/overlays/dev/ui/deployment.yaml rename to kubernetes/overlays/dev/webserver/deployment.yaml index 3fe5bab1..600a984c 100644 --- a/kubernetes/overlays/dev/ui/deployment.yaml +++ b/kubernetes/overlays/dev/webserver/deployment.yaml @@ -1,15 +1,15 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: unified-graphics-ui + name: unified-graphics-webserver spec: template: spec: containers: - - name: unified-graphics-ui + - name: unified-graphics-webserver envFrom: - configMapRef: - name: unified-graphics-ui-config + name: unified-graphics-webserver-config # FIXME - we should explore dissallowing privilege escalation securityContext: allowPrivilegeEscalation: true # Default behavior diff --git a/kubernetes/overlays/dev/webserver/dev.webserver.env b/kubernetes/overlays/dev/webserver/dev.webserver.env new file mode 100644 index 00000000..0bf790b3 --- /dev/null +++ b/kubernetes/overlays/dev/webserver/dev.webserver.env @@ -0,0 +1 @@ +UG_DIAG_API_HOST=http://unified-graphics-app/ diff --git a/kubernetes/overlays/dev/webserver/kustomization.yaml b/kubernetes/overlays/dev/webserver/kustomization.yaml new file mode 100644 index 00000000..a6f03a7d --- /dev/null +++ b/kubernetes/overlays/dev/webserver/kustomization.yaml @@ -0,0 +1,14 @@ +bases: + - ../../../base/webserver +images: + - name: unified-graphics/webserver + newName: ghcr.io/noaa-gsl/unified-graphics/webserver + newTag: main + +patchesStrategicMerge: + - "deployment.yaml" + +configMapGenerator: + - name: unified-graphics-webserver-config + envs: + - dev.webserver.env