Skip to content

Commit

Permalink
chore: deploy to k8s in DO
Browse files Browse the repository at this point in the history
  • Loading branch information
@evereq
evereq committed Dec 1, 2023
1 parent 55c0307 commit 2627ac2
Show file tree
Hide file tree
Showing 6 changed files with 406 additions and 0 deletions.
110 changes: 110 additions & 0 deletions .deploy/k8s/k8s-manifest.dev.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,110 @@
---
kind: Service
apiVersion: v1
metadata:
name: ever-teams-dev-lb
annotations:
service.beta.kubernetes.io/do-loadbalancer-name: 'demo.ever.team'
service.beta.kubernetes.io/do-loadbalancer-protocol: 'http2'
service.beta.kubernetes.io/do-loadbalancer-http2-ports: '443'
# Replace with your Certificate Id. You can get a list of Ids with 'doctl compute certificate list'
service.beta.kubernetes.io/do-loadbalancer-certificate-id: '0c4085c5-9692-4320-86f3-34f52b775a88'
service.beta.kubernetes.io/do-loadbalancer-size-slug: 'lb-small'
service.beta.kubernetes.io/do-loadbalancer-hostname: 'demo.ever.team'
spec:
type: LoadBalancer
selector:
app: ever-teams-dev-webapp
ports:
- name: http
protocol: TCP
port: 443
targetPort: 3000

---
apiVersion: apps/v1
kind: Deployment
metadata:
name: ever-teams-dev-webapp
spec:
replicas: 1
selector:
matchLabels:
app: ever-teams-dev-webapp
template:
metadata:
labels:
app: ever-teams-dev-webapp
spec:
containers:
- name: ever-teams-dev-webapp
image: registry.digitalocean.com/ever/ever-teams-webapp-dev:latest
env:
- name: DEMO
value: 'true'
- name: NEXT_PUBLIC_SENTRY_DNS
value: '$NEXT_PUBLIC_SENTRY_DNS'
- name: SENTRY_DSN
value: '$NEXT_PUBLIC_SENTRY_DNS'
- name: NEXT_PUBLIC_JITSU_BROWSER_WRITE_KEY
value: '$NEXT_PUBLIC_JITSU_BROWSER_WRITE_KEY'
- name: NEXT_PUBLIC_JITSU_BROWSER_URL
value: '$NEXT_PUBLIC_JITSU_BROWSER_URL'
- name: SENTRY_AUTH_TOKEN
value: '$SENTRY_AUTH_TOKEN'
- name: NEXT_PUBLIC_CHATWOOT_API_KEY
value: '$NEXT_PUBLIC_CHATWOOT_API_KEY'
- name: NEXT_PUBLIC_SENTRY_DEBUG
value: '$NEXT_PUBLIC_SENTRY_DEBUG'
- name: SENTRY_PROJECT
value: '$SENTRY_PROJECT'
- name: SENTRY_ORG
value: '$SENTRY_ORG'
- name: SMTP_FROM_ADDRESS
value: '$SMTP_FROM_ADDRESS'
- name: JITSU_SERVER_WRITE_KEY
value: '$JITSU_SERVER_WRITE_KEY'
- name: JITSU_SERVER_URL
value: '$JITSU_SERVER_URL'
- name: NEXT_PUBLIC_COOKIE_DOMAINS
value: '$NEXT_PUBLIC_COOKIE_DOMAINS'
- name: NEXT_PUBLIC_BOARD_FIREBASE_CONFIG
value: '$NEXT_PUBLIC_BOARD_FIREBASE_CONFIG'
- name: NEXT_PUBLIC_BOARD_BACKEND_POST_URL
value: '$NEXT_PUBLIC_BOARD_BACKEND_POST_URL'
- name: NEXT_PUBLIC_BOARD_APP_DOMAIN
value: '$NEXT_PUBLIC_BOARD_APP_DOMAIN'
- name: MEET_JWT_APP_SECRET
value: '$MEET_JWT_APP_SECRET'
- name: MEET_JWT_APP_ID
value: '$MEET_JWT_APP_ID'
- name: NEXT_PUBLIC_MEET_DOMAIN
value: '$NEXT_PUBLIC_MEET_DOMAIN'
- name: GAUZY_API_SERVER_URL
value: '$GAUZY_API_SERVER_URL'
- name: NEXT_PUBLIC_GAUZY_API_SERVER_URL
value: '$NEXT_PUBLIC_GAUZY_API_SERVER_URL'
- name: MAILCHIMP_LIST_ID
value: '$MAILCHIMP_LIST_ID'
- name: MAILCHIMP_API_KEY
value: '$MAILCHIMP_API_KEY'
- name: POSTMARK_SERVER_API_TOKEN
value: '$POSTMARK_SERVER_API_TOKEN'
- name: NEXT_PUBLIC_GA_MEASUREMENT_ID
value: '$NEXT_PUBLIC_GA_MEASUREMENT_ID'
- name: SMTP_HOST
value: '$SMTP_HOST'
- name: SMTP_SECURE
value: '$SMTP_SECURE'
- name: SMTP_USERNAME
value: '$SMTP_USERNAME'
- name: SMTP_PASSWORD
value: '$SMTP_PASSWORD'
- name: CAPTCHA_SECRET_KEY
value: '$CAPTCHA_SECRET_KEY'
- name: NEXT_PUBLIC_CAPTCHA_SITE_KEY
value: '$NEXT_PUBLIC_CAPTCHA_SITE_KEY'

ports:
- containerPort: 3000
protocol: TCP
110 changes: 110 additions & 0 deletions .deploy/k8s/k8s-manifest.prod.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,110 @@
---
kind: Service
apiVersion: v1
metadata:
name: ever-teams-prod-lb
annotations:
service.beta.kubernetes.io/do-loadbalancer-name: 'app.ever.team'
service.beta.kubernetes.io/do-loadbalancer-protocol: 'http2'
service.beta.kubernetes.io/do-loadbalancer-http2-ports: '443'
# Replace with your Certificate Id. You can get a list of Ids with 'doctl compute certificate list'
service.beta.kubernetes.io/do-loadbalancer-certificate-id: '0c4085c5-9692-4320-86f3-34f52b775a88'
service.beta.kubernetes.io/do-loadbalancer-size-slug: 'lb-small'
service.beta.kubernetes.io/do-loadbalancer-hostname: 'app.ever.team'
spec:
type: LoadBalancer
selector:
app: ever-teams-prod-webapp
ports:
- name: http
protocol: TCP
port: 443
targetPort: 3000

---
apiVersion: apps/v1
kind: Deployment
metadata:
name: ever-teams-prod-webapp
spec:
replicas: 1
selector:
matchLabels:
app: ever-teams-prod-webapp
template:
metadata:
labels:
app: ever-teams-prod-webapp
spec:
containers:
- name: ever-teams-prod-webapp
image: registry.digitalocean.com/ever/ever-teams-webapp-prod:latest
env:
- name: DEMO
value: 'true'
- name: NEXT_PUBLIC_SENTRY_DNS
value: '$NEXT_PUBLIC_SENTRY_DNS'
- name: SENTRY_DSN
value: '$NEXT_PUBLIC_SENTRY_DNS'
- name: NEXT_PUBLIC_JITSU_BROWSER_WRITE_KEY
value: '$NEXT_PUBLIC_JITSU_BROWSER_WRITE_KEY'
- name: NEXT_PUBLIC_JITSU_BROWSER_URL
value: '$NEXT_PUBLIC_JITSU_BROWSER_URL'
- name: SENTRY_AUTH_TOKEN
value: '$SENTRY_AUTH_TOKEN'
- name: NEXT_PUBLIC_CHATWOOT_API_KEY
value: '$NEXT_PUBLIC_CHATWOOT_API_KEY'
- name: NEXT_PUBLIC_SENTRY_DEBUG
value: '$NEXT_PUBLIC_SENTRY_DEBUG'
- name: SENTRY_PROJECT
value: '$SENTRY_PROJECT'
- name: SENTRY_ORG
value: '$SENTRY_ORG'
- name: SMTP_FROM_ADDRESS
value: '$SMTP_FROM_ADDRESS'
- name: JITSU_SERVER_WRITE_KEY
value: '$JITSU_SERVER_WRITE_KEY'
- name: JITSU_SERVER_URL
value: '$JITSU_SERVER_URL'
- name: NEXT_PUBLIC_COOKIE_DOMAINS
value: '$NEXT_PUBLIC_COOKIE_DOMAINS'
- name: NEXT_PUBLIC_BOARD_FIREBASE_CONFIG
value: '$NEXT_PUBLIC_BOARD_FIREBASE_CONFIG'
- name: NEXT_PUBLIC_BOARD_BACKEND_POST_URL
value: '$NEXT_PUBLIC_BOARD_BACKEND_POST_URL'
- name: NEXT_PUBLIC_BOARD_APP_DOMAIN
value: '$NEXT_PUBLIC_BOARD_APP_DOMAIN'
- name: MEET_JWT_APP_SECRET
value: '$MEET_JWT_APP_SECRET'
- name: MEET_JWT_APP_ID
value: '$MEET_JWT_APP_ID'
- name: NEXT_PUBLIC_MEET_DOMAIN
value: '$NEXT_PUBLIC_MEET_DOMAIN'
- name: GAUZY_API_SERVER_URL
value: '$GAUZY_API_SERVER_URL'
- name: NEXT_PUBLIC_GAUZY_API_SERVER_URL
value: '$NEXT_PUBLIC_GAUZY_API_SERVER_URL'
- name: MAILCHIMP_LIST_ID
value: '$MAILCHIMP_LIST_ID'
- name: MAILCHIMP_API_KEY
value: '$MAILCHIMP_API_KEY'
- name: POSTMARK_SERVER_API_TOKEN
value: '$POSTMARK_SERVER_API_TOKEN'
- name: NEXT_PUBLIC_GA_MEASUREMENT_ID
value: '$NEXT_PUBLIC_GA_MEASUREMENT_ID'
- name: SMTP_HOST
value: '$SMTP_HOST'
- name: SMTP_SECURE
value: '$SMTP_SECURE'
- name: SMTP_USERNAME
value: '$SMTP_USERNAME'
- name: SMTP_PASSWORD
value: '$SMTP_PASSWORD'
- name: CAPTCHA_SECRET_KEY
value: '$CAPTCHA_SECRET_KEY'
- name: NEXT_PUBLIC_CAPTCHA_SITE_KEY
value: '$NEXT_PUBLIC_CAPTCHA_SITE_KEY'

ports:
- containerPort: 3000
protocol: TCP
51 changes: 51 additions & 0 deletions .github/workflows/deploy-do-dev.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
name: Deploy to DigitalOcean Dev

on:
workflow_run:
workflows: ['Build and Publish Docker Images Dev']
branches: [develop]
types:
- completed

jobs:
deploy-demo:
runs-on: ubuntu-latest

environment: dev

steps:
- name: Checkout
uses: actions/checkout@v3

- name: Install doctl

Check warning on line 20 in .github/workflows/deploy-do-dev.yml

View workflow job for this annotation

GitHub Actions / Cspell 

Unknown word (doctl)
uses: digitalocean/action-doctl@v2

Check warning on line 21 in .github/workflows/deploy-do-dev.yml

View workflow job for this annotation

GitHub Actions / Cspell 

Unknown word (doctl)
with:
token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }}

- name: Log in to DigitalOcean Container Registry with short-lived credentials
run: doctl registry login --expiry-seconds 600

Check warning on line 26 in .github/workflows/deploy-do-dev.yml

View workflow job for this annotation

GitHub Actions / Cspell 

Unknown word (doctl)

- name: Save DigitalOcean kubeconfig with short-lived credentials

Check warning on line 28 in .github/workflows/deploy-do-dev.yml

View workflow job for this annotation

GitHub Actions / Cspell 

Unknown word (kubeconfig)
run: doctl kubernetes cluster kubeconfig save --expiry-seconds 600 k8s-gauzy

Check warning on line 29 in .github/workflows/deploy-do-dev.yml

View workflow job for this annotation

GitHub Actions / Cspell 

Unknown word (doctl)

Check warning on line 29 in .github/workflows/deploy-do-dev.yml

View workflow job for this annotation

GitHub Actions / Cspell 

Unknown word (kubeconfig)

- name: Apply k8s manifests changes in DigitalOcean k8s cluster (if any)
run: |
envsubst < $GITHUB_WORKSPACE/.deploy/k8s/k8s-manifest.dev.yaml | kubectl --context do-sfo2-k8s-gauzy apply -f -

Check warning on line 33 in .github/workflows/deploy-do-dev.yml

View workflow job for this annotation

GitHub Actions / Cspell 

Unknown word (envsubst)
env:
# below we are using GitHub secrets for both frontend and backend
CLOUD_PROVIDER: 'DO'
SENTRY_DSN: '${{ secrets.SENTRY_DSN }}'
SENTRY_TRACES_SAMPLE_RATE: '${{ secrets.SENTRY_TRACES_SAMPLE_RATE }}'
SENTRY_HTTP_TRACING_ENABLED: '${{ secrets.SENTRY_HTTP_TRACING_ENABLED }}'
SENTRY_POSTGRES_TRACKING_ENABLED: '${{ secrets.SENTRY_POSTGRES_TRACKING_ENABLED }}'
JITSU_BROWSER_URL: '${{ secrets.JITSU_BROWSER_URL }}'
JITSU_BROWSER_WRITE_KEY: '${{ secrets.JITSU_BROWSER_WRITE_KEY }}'
OTEL_ENABLED: '${{ secrets.OTEL_ENABLED }}'

Check warning on line 43 in .github/workflows/deploy-do-dev.yml

View workflow job for this annotation

GitHub Actions / Cspell 

Unknown word (OTEL)

Check warning on line 43 in .github/workflows/deploy-do-dev.yml

View workflow job for this annotation

GitHub Actions / Cspell 

Unknown word (OTEL)
OTEL_EXPORTER_OTLP_TRACES_ENDPOINT: '${{ secrets.OTEL_EXPORTER_OTLP_TRACES_ENDPOINT }}'

Check warning on line 44 in .github/workflows/deploy-do-dev.yml

View workflow job for this annotation

GitHub Actions / Cspell 

Unknown word (OTEL)
OTEL_EXPORTER_OTLP_HEADERS: '${{ secrets.OTEL_EXPORTER_OTLP_HEADERS }}'

# we need this step because for now we just use :latest tag
# note: for production we will use different strategy later
- name: Restart Pods to pick up :latest tag version
run: |
kubectl --context do-sfo2-k8s-gauzy rollout restart deployment/ever-teams-dev-webapp
51 changes: 51 additions & 0 deletions .github/workflows/deploy-do-prod.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
name: Deploy to DigitalOcean Prod

on:
workflow_run:
workflows: ['Build and Publish Docker Images Prod']
branches: [main]
types:
- completed

jobs:
deploy-demo:
runs-on: ubuntu-latest

environment: prod

steps:
- name: Checkout
uses: actions/checkout@v3

- name: Install doctl
uses: digitalocean/action-doctl@v2
with:
token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }}

- name: Log in to DigitalOcean Container Registry with short-lived credentials
run: doctl registry login --expiry-seconds 600

- name: Save DigitalOcean kubeconfig with short-lived credentials
run: doctl kubernetes cluster kubeconfig save --expiry-seconds 600 k8s-gauzy

- name: Apply k8s manifests changes in DigitalOcean k8s cluster (if any)
run: |
envsubst < $GITHUB_WORKSPACE/.deploy/k8s/k8s-manifest.prod.yaml | kubectl --context do-sfo2-k8s-gauzy apply -f -
env:
# below we are using GitHub secrets for both frontend and backend
CLOUD_PROVIDER: 'DO'
SENTRY_DSN: '${{ secrets.SENTRY_DSN }}'
SENTRY_TRACES_SAMPLE_RATE: '${{ secrets.SENTRY_TRACES_SAMPLE_RATE }}'
SENTRY_HTTP_TRACING_ENABLED: '${{ secrets.SENTRY_HTTP_TRACING_ENABLED }}'
SENTRY_POSTGRES_TRACKING_ENABLED: '${{ secrets.SENTRY_POSTGRES_TRACKING_ENABLED }}'
JITSU_BROWSER_URL: '${{ secrets.JITSU_BROWSER_URL }}'
JITSU_BROWSER_WRITE_KEY: '${{ secrets.JITSU_BROWSER_WRITE_KEY }}'
OTEL_ENABLED: '${{ secrets.OTEL_ENABLED }}'
OTEL_EXPORTER_OTLP_TRACES_ENDPOINT: '${{ secrets.OTEL_EXPORTER_OTLP_TRACES_ENDPOINT }}'
OTEL_EXPORTER_OTLP_HEADERS: '${{ secrets.OTEL_EXPORTER_OTLP_HEADERS }}'

# we need this step because for now we just use :latest tag
# note: for production we will use different strategy later
- name: Restart Pods to pick up :latest tag version
run: |
kubectl --context do-sfo2-k8s-gauzy rollout restart deployment/ever-teams-prod-webapp
Loading

0 comments on commit 2627ac2

Please sign in to comment.