Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Release #2167

Merged
merged 2 commits into from
Feb 6, 2024
Merged

Release #2167

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
786bd1b
chore: deploy Gauzy APIs for Ever Teams
evereq Feb 6, 2024
8e59f7e
chore: API deploy fixes
evereq Feb 6, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
82 changes: 82 additions & 0 deletions .deploy/k8s/k8s-manifest-api.dev.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,82 @@
---
kind: Service
apiVersion: v1
metadata:
name: ever-teams-dev-api-lb
annotations:
service.beta.kubernetes.io/do-loadbalancer-name: 'apidev.ever.team'
service.beta.kubernetes.io/do-loadbalancer-protocol: 'http2'
service.beta.kubernetes.io/do-loadbalancer-http2-ports: '443'
# Replace with your Certificate Id. You can get a list of Ids with 'doctl compute certificate list'
service.beta.kubernetes.io/do-loadbalancer-certificate-id: '0c4085c5-9692-4320-86f3-34f52b775a88'
service.beta.kubernetes.io/do-loadbalancer-size-slug: 'lb-small'
service.beta.kubernetes.io/do-loadbalancer-hostname: 'apidev.ever.team'
spec:
type: LoadBalancer
selector:
app: ever-teams-dev-api
ports:
- name: http
protocol: TCP
port: 443
targetPort: 3000
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: ever-teams-dev-api
spec:
replicas: 1
selector:
matchLabels:
app: ever-teams-dev-api
template:
metadata:
labels:
app: ever-teams-dev-api
spec:
containers:
- name: ever-teams-dev-api
image: registry.digitalocean.com/ever/gauzy-api-demo:latest
env:
- name: API_HOST
value: 0.0.0.0
- name: DEMO
value: 'true'
- name: CLOUD_PROVIDER
value: '$CLOUD_PROVIDER'
- name: NODE_ENV
value: 'development'
- name: ADMIN_PASSWORD_RESET
value: 'true'
- name: LOG_LEVEL
value: 'info'
- name: SENTRY_DSN
value: '$SENTRY_DSN'
- name: SENTRY_HTTP_TRACING_ENABLED
value: '$SENTRY_HTTP_TRACING_ENABLED'
- name: SENTRY_PROFILING_ENABLED
value: '$SENTRY_PROFILING_ENABLED'
- name: SENTRY_POSTGRES_TRACKING_ENABLED
value: '$SENTRY_POSTGRES_TRACKING_ENABLED'
- name: API_BASE_URL
value: 'https://apidev.ever.team'
- name: CLIENT_BASE_URL
value: 'https://demo.ever.team'
- name: EXPRESS_SESSION_SECRET
value: 'gauzy'
- name: JWT_SECRET
value: 'secretKey'
- name: JWT_REFRESH_TOKEN_SECRET
value: 'refreshSecretKey'
- name: JWT_REFRESH_TOKEN_EXPIRATION_TIME
value: '86400'
- name: OTEL_ENABLED
value: '$OTEL_ENABLED'
- name: OTEL_EXPORTER_OTLP_TRACES_ENDPOINT
value: '$OTEL_EXPORTER_OTLP_TRACES_ENDPOINT'
- name: OTEL_EXPORTER_OTLP_HEADERS
value: '$OTEL_EXPORTER_OTLP_HEADERS'
ports:
- containerPort: 3000
protocol: TCP
234 changes: 234 additions & 0 deletions .deploy/k8s/k8s-manifest-api.prod.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,234 @@
---
kind: Service
apiVersion: v1
metadata:
name: ever-teams-prod-api-lb
annotations:
service.beta.kubernetes.io/do-loadbalancer-name: 'api.ever.team'
service.beta.kubernetes.io/do-loadbalancer-protocol: 'http2'
service.beta.kubernetes.io/do-loadbalancer-http2-ports: '443'
# Replace with your Certificate Id. You can get a list of Ids with 'doctl compute certificate list'
service.beta.kubernetes.io/do-loadbalancer-certificate-id: '0c4085c5-9692-4320-86f3-34f52b775a88'
service.beta.kubernetes.io/do-loadbalancer-size-slug: 'lb-small'
service.beta.kubernetes.io/do-loadbalancer-hostname: 'api.ever.team'
spec:
type: LoadBalancer
selector:
app: ever-teams-prod-api
ports:
- name: http
protocol: TCP
port: 443
targetPort: 3000
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: ever-teams-prod-api
spec:
replicas: 3
selector:
matchLabels:
app: ever-teams-prod-api
template:
metadata:
labels:
app: ever-teams-prod-api
spec:
containers:
- name: ever-teams-prod-api
image: registry.digitalocean.com/ever/gauzy-api:latest
resources:
requests:
memory: '1536Mi'
cpu: '1000m'
limits:
memory: '2048Mi'
env:
- name: API_HOST
value: 0.0.0.0
- name: DEMO
value: 'false'
- name: NODE_ENV
value: 'production'
- name: ADMIN_PASSWORD_RESET
value: 'true'
- name: LOG_LEVEL
value: 'info'
- name: CLOUD_PROVIDER
value: '$CLOUD_PROVIDER'
- name: SENTRY_DSN
value: '$SENTRY_DSN'
- name: SENTRY_HTTP_TRACING_ENABLED
value: '$SENTRY_HTTP_TRACING_ENABLED'
- name: SENTRY_PROFILING_ENABLED
value: '$SENTRY_PROFILING_ENABLED'
- name: SENTRY_POSTGRES_TRACKING_ENABLED
value: '$SENTRY_POSTGRES_TRACKING_ENABLED'
- name: API_BASE_URL
value: 'https://api.ever.team'
- name: CLIENT_BASE_URL
value: 'https://app.ever.team'
- name: DB_URI
value: '$DB_URI'
- name: DB_HOST
value: '$DB_HOST'
- name: DB_SSL_MODE
value: '$DB_SSL_MODE'
- name: DB_CA_CERT
value: '$DB_CA_CERT'
- name: DB_USER
value: '$DB_USER'
- name: DB_PASS
value: '$DB_PASS'
- name: DB_TYPE
value: '$DB_TYPE'
- name: DB_NAME
value: '$DB_NAME'
- name: DB_PORT
value: '$DB_PORT'
- name: REDIS_ENABLED
value: '$REDIS_ENABLED'
- name: REDIS_URL
value: '$REDIS_URL'
- name: AWS_ACCESS_KEY_ID
value: '$AWS_ACCESS_KEY_ID'
- name: AWS_SECRET_ACCESS_KEY
value: '$AWS_SECRET_ACCESS_KEY'
- name: AWS_REGION
value: '$AWS_REGION'
- name: AWS_S3_BUCKET
value: '$AWS_S3_BUCKET'
- name: WASABI_ACCESS_KEY_ID
value: '$WASABI_ACCESS_KEY_ID'
- name: WASABI_SECRET_ACCESS_KEY
value: '$WASABI_SECRET_ACCESS_KEY'
- name: WASABI_REGION
value: '$WASABI_REGION'
- name: WASABI_SERVICE_URL
value: '$WASABI_SERVICE_URL'
- name: WASABI_S3_BUCKET
value: '$WASABI_S3_BUCKET'
- name: EXPRESS_SESSION_SECRET
value: '$EXPRESS_SESSION_SECRET'
- name: JWT_SECRET
value: '$JWT_SECRET'
- name: JWT_REFRESH_TOKEN_SECRET
value: '$JWT_REFRESH_TOKEN_SECRET'
- name: JWT_REFRESH_TOKEN_EXPIRATION_TIME
value: '$JWT_REFRESH_TOKEN_EXPIRATION_TIME'
- name: CLOUDINARY_API_KEY
value: '$CLOUDINARY_API_KEY'
- name: CLOUDINARY_API_SECRET
value: '$CLOUDINARY_API_SECRET'
- name: CLOUDINARY_CLOUD_NAME
value: '$CLOUDINARY_CLOUD_NAME'
- name: DEFAULT_CURRENCY
value: 'USD'
- name: MAIL_FROM_ADDRESS
value: '$MAIL_FROM_ADDRESS'
- name: MAIL_HOST
value: '$MAIL_HOST'
- name: MAIL_PORT
value: '$MAIL_PORT'
- name: MAIL_USERNAME
value: '$MAIL_USERNAME'
- name: MAIL_PASSWORD
value: '$MAIL_PASSWORD'
- name: ALLOW_SUPER_ADMIN_ROLE
value: '$ALLOW_SUPER_ADMIN_ROLE'
- name: GOOGLE_CLIENT_ID
value: '$GOOGLE_CLIENT_ID'
- name: GOOGLE_CLIENT_SECRET
value: '$GOOGLE_CLIENT_SECRET'
- name: GOOGLE_CALLBACK_URL
value: '$GOOGLE_CALLBACK_URL'
- name: FACEBOOK_CLIENT_ID
value: '$FACEBOOK_CLIENT_ID'
- name: FACEBOOK_CLIENT_SECRET
value: '$FACEBOOK_CLIENT_SECRET'
- name: FACEBOOK_GRAPH_VERSION
value: '$FACEBOOK_GRAPH_VERSION'
- name: FACEBOOK_CALLBACK_URL
value: '$FACEBOOK_CALLBACK_URL'
- name: INTEGRATED_USER_DEFAULT_PASS
value: '$INTEGRATED_USER_DEFAULT_PASS'
- name: UPWORK_REDIRECT_URL
value: '$UPWORK_REDIRECT_URL'
- name: FILE_PROVIDER
value: '$FILE_PROVIDER'
- name: GAUZY_AI_GRAPHQL_ENDPOINT
value: '$GAUZY_AI_GRAPHQL_ENDPOINT'
- name: GAUZY_AI_REST_ENDPOINT
value: '$GAUZY_AI_REST_ENDPOINT'
- name: UNLEASH_APP_NAME
value: '$UNLEASH_APP_NAME'
- name: UNLEASH_API_URL
value: '$UNLEASH_API_URL'
- name: UNLEASH_INSTANCE_ID
value: '$UNLEASH_INSTANCE_ID'
- name: UNLEASH_REFRESH_INTERVAL
value: '$UNLEASH_REFRESH_INTERVAL'
- name: UNLEASH_METRICS_INTERVAL
value: '$UNLEASH_METRICS_INTERVAL'
- name: UNLEASH_API_KEY
value: '$UNLEASH_API_KEY'
- name: PM2_PUBLIC_KEY
value: '$PM2_PUBLIC_KEY'
- name: PM2_SECRET_KEY
value: '$PM2_SECRET_KEY'
- name: PM2_MACHINE_NAME
value: '$PM2_MACHINE_NAME'
- name: JITSU_SERVER_URL
value: '$JITSU_SERVER_URL'
- name: JITSU_SERVER_WRITE_KEY
value: '$JITSU_SERVER_WRITE_KEY'
- name: OTEL_ENABLED
value: '$OTEL_ENABLED'
- name: OTEL_EXPORTER_OTLP_TRACES_ENDPOINT
value: '$OTEL_EXPORTER_OTLP_TRACES_ENDPOINT'
- name: OTEL_EXPORTER_OTLP_HEADERS
value: '$OTEL_EXPORTER_OTLP_HEADERS'
- name: GAUZY_GITHUB_CLIENT_ID
value: '$GAUZY_GITHUB_CLIENT_ID'
- name: GAUZY_GITHUB_CLIENT_SECRET
value: '$GAUZY_GITHUB_CLIENT_SECRET'
- name: GAUZY_GITHUB_WEBHOOK_URL
value: '$GAUZY_GITHUB_WEBHOOK_URL'
- name: GAUZY_GITHUB_WEBHOOK_SECRET
value: '$GAUZY_GITHUB_WEBHOOK_SECRET'
- name: GAUZY_GITHUB_APP_PRIVATE_KEY
value: '$GAUZY_GITHUB_APP_PRIVATE_KEY'
- name: GAUZY_GITHUB_APP_ID
value: '$GAUZY_GITHUB_APP_ID'
- name: GAUZY_GITHUB_APP_NAME
value: '$GAUZY_GITHUB_APP_NAME'
- name: GAUZY_GITHUB_POST_INSTALL_URL
value: '$GAUZY_GITHUB_POST_INSTALL_URL'
- name: GAUZY_GITHUB_OAUTH_CLIENT_ID
value: '$GAUZY_GITHUB_OAUTH_CLIENT_ID'
- name: GAUZY_GITHUB_OAUTH_CLIENT_SECRET
value: '$GAUZY_GITHUB_OAUTH_CLIENT_SECRET'
- name: GAUZY_GITHUB_OAUTH_CALLBACK_URL
value: '$GAUZY_GITHUB_OAUTH_CALLBACK_URL'
- name: MAGIC_CODE_EXPIRATION_TIME
value: '$MAGIC_CODE_EXPIRATION_TIME'
- name: APP_NAME
value: '$APP_NAME'
- name: APP_LOGO
value: '$APP_LOGO'
- name: APP_SIGNATURE
value: '$APP_SIGNATURE'
- name: APP_LINK
value: '$APP_LINK'
- name: APP_EMAIL_CONFIRMATION_URL
value: '$APP_EMAIL_CONFIRMATION_URL'
- name: APP_MAGIC_SIGN_URL
value: '$APP_MAGIC_SIGN_URL'
- name: COMPANY_LINK
value: '$COMPANY_LINK'
- name: COMPANY_NAME
value: '$COMPANY_NAME'
ports:
- containerPort: 3000
protocol: TCP
2 changes: 1 addition & 1 deletion .deploy/k8s/k8s-manifest.dev.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,8 @@ spec:
targetPort: 3000

---
apiVersion: apps/v1
kind: Deployment
apiVersion: apps/v1
metadata:
name: ever-teams-dev-webapp
spec:
Expand Down
2 changes: 1 addition & 1 deletion .deploy/k8s/k8s-manifest.prod.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,8 @@ spec:
targetPort: 3000

---
apiVersion: apps/v1
kind: Deployment
apiVersion: apps/v1
metadata:
name: ever-teams-prod-webapp
spec:
Expand Down
53 changes: 53 additions & 0 deletions .github/workflows/deploy-api-do-dev.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
name: Deploy API to DigitalOcean Dev

on:
push:
branches: [develop]

concurrency:
group: ${{ github.ref }}-${{ github.workflow }}
cancel-in-progress: true

jobs:
deploy-api-dev:
runs-on: buildjet-4vcpu-ubuntu-2204

environment: dev

steps:
- name: Checkout
uses: actions/checkout@v4

- name: Install doctl

Check warning on line 21 in .github/workflows/deploy-api-do-dev.yml

View workflow job for this annotation

GitHub Actions / Cspell 

Unknown word (doctl)
uses: digitalocean/action-doctl@v2

Check warning on line 22 in .github/workflows/deploy-api-do-dev.yml

View workflow job for this annotation

GitHub Actions / Cspell 

Unknown word (doctl)
with:
token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }}

- name: Log in to DigitalOcean Container Registry with short-lived credentials
run: doctl registry login --expiry-seconds 600

Check warning on line 27 in .github/workflows/deploy-api-do-dev.yml

View workflow job for this annotation

GitHub Actions / Cspell 

Unknown word (doctl)

- name: Save DigitalOcean kubeconfig with short-lived credentials

Check warning on line 29 in .github/workflows/deploy-api-do-dev.yml

View workflow job for this annotation

GitHub Actions / Cspell 

Unknown word (kubeconfig)
run: doctl kubernetes cluster kubeconfig save --expiry-seconds 600 k8s-gauzy

Check warning on line 30 in .github/workflows/deploy-api-do-dev.yml

View workflow job for this annotation

GitHub Actions / Cspell 

Unknown word (doctl)

Check warning on line 30 in .github/workflows/deploy-api-do-dev.yml

View workflow job for this annotation

GitHub Actions / Cspell 

Unknown word (kubeconfig)

- name: Apply k8s manifests changes in DigitalOcean k8s cluster (if any)
run: |
envsubst < $GITHUB_WORKSPACE/.deploy/k8s/k8s-manifest-api.dev.yaml | kubectl --context do-sfo2-k8s-gauzy apply -f -

Check warning on line 34 in .github/workflows/deploy-api-do-dev.yml

View workflow job for this annotation

GitHub Actions / Cspell 

Unknown word (envsubst)
env:
# below we are using GitHub secrets for both frontend and backend
CLOUD_PROVIDER: 'DO'
DB_NAME: '${{ secrets.DB_NAME }}'
SENTRY_DSN: '${{ secrets.SENTRY_DSN }}'
SENTRY_TRACES_SAMPLE_RATE: '${{ secrets.SENTRY_TRACES_SAMPLE_RATE }}'
SENTRY_PROFILE_SAMPLE_RATE: '${{ secrets.SENTRY_PROFILE_SAMPLE_RATE }}'
SENTRY_HTTP_TRACING_ENABLED: '${{ secrets.SENTRY_HTTP_TRACING_ENABLED }}'
SENTRY_POSTGRES_TRACKING_ENABLED: '${{ secrets.SENTRY_POSTGRES_TRACKING_ENABLED }}'
SENTRY_PROFILING_ENABLED: '${{ secrets.SENTRY_PROFILING_ENABLED }}'
OTEL_ENABLED: '${{ secrets.OTEL_ENABLED }}'

Check warning on line 45 in .github/workflows/deploy-api-do-dev.yml

View workflow job for this annotation

GitHub Actions / Cspell 

Unknown word (OTEL)

Check warning on line 45 in .github/workflows/deploy-api-do-dev.yml

View workflow job for this annotation

GitHub Actions / Cspell 

Unknown word (OTEL)
OTEL_EXPORTER_OTLP_TRACES_ENDPOINT: '${{ secrets.OTEL_EXPORTER_OTLP_TRACES_ENDPOINT }}'

Check warning on line 46 in .github/workflows/deploy-api-do-dev.yml

View workflow job for this annotation

GitHub Actions / Cspell 

Unknown word (OTEL)
OTEL_EXPORTER_OTLP_HEADERS: '${{ secrets.OTEL_EXPORTER_OTLP_HEADERS }}'

# we need this step because for now we just use :latest tag
# note: for production we will use different strategy later
- name: Restart Pods to pick up :latest tag version
run: |
kubectl --context do-sfo2-k8s-gauzy rollout restart deployment/ever-teams-dev-api
Loading
Loading