From b09e78a85c27528c77aa50b8060401a7f44a3c92 Mon Sep 17 00:00:00 2001
From: Pavel Kirilin <win10@list.ru>
Date: Sat, 25 Dec 2021 14:35:43 +0400
Subject: [PATCH] Added CICD.
Signed-off-by: Pavel Kirilin <win10@list.ru>
---
.dockerignore | 4 +-
.gitignore | 4 +-
.gitlab-ci.yml | 54 +++++++++++++++++++++++++++
README.md | 1 +
README.rst | 0
deploy/Dockerfile | 31 +++++++++++++++
deploy/helm/.helmignore | 23 ++++++++++++
deploy/helm/Chart.yaml | 24 ++++++++++++
deploy/helm/files/dockerauth.json | 8 ++++
deploy/helm/templates/deployment.yml | 41 ++++++++++++++++++++
deploy/helm/templates/ingress.yml | 7 ++++
deploy/helm/templates/pull_secret.yml | 9 +++++
deploy/helm/templates/service.yml | 12 ++++++
deploy/helm/values.yaml | 46 +++++++++++++++++++++++
14 files changed, 262 insertions(+), 2 deletions(-)
create mode 100644 .gitlab-ci.yml
create mode 100644 README.md
delete mode 100644 README.rst
create mode 100644 deploy/Dockerfile
create mode 100644 deploy/helm/.helmignore
create mode 100644 deploy/helm/Chart.yaml
create mode 100644 deploy/helm/files/dockerauth.json
create mode 100644 deploy/helm/templates/deployment.yml
create mode 100644 deploy/helm/templates/ingress.yml
create mode 100644 deploy/helm/templates/pull_secret.yml
create mode 100644 deploy/helm/templates/service.yml
create mode 100644 deploy/helm/values.yaml
diff --git a/.dockerignore b/.dockerignore
index 7b2845f..90e88b2 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -145,4 +145,6 @@ dmypy.json
cython_debug/
.idea/
-.vscode/
\ No newline at end of file
+.vscode/
+
+*.local.yml
\ No newline at end of file
diff --git a/.gitignore b/.gitignore
index 7b2845f..90e88b2 100644
--- a/.gitignore
+++ b/.gitignore
@@ -145,4 +145,6 @@ dmypy.json
cython_debug/
.idea/
-.vscode/
\ No newline at end of file
+.vscode/
+
+*.local.yml
\ No newline at end of file
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
new file mode 100644
index 0000000..ff0d68d
--- /dev/null
+++ b/.gitlab-ci.yml
@@ -0,0 +1,54 @@
+stages:
+ - build
+ - deploy
+
+variables:
+ APP_VERSION: $CI_COMMIT_REF_SLUG
+ DOCKER_AUTH_CONFIG: "{\"auths\":{\"$DOCKER_REGISTRY\":{\"username\":\"$DOCKER_USER\",\"password\":\"$DOCKER_PASSWORD\"}}}"
+
+build:
+ stage: build
+ image:
+ name: gcr.io/kaniko-project/executor:v1.6.0-debug
+ entrypoint: [ "" ]
+ tags:
+ - kube
+ only:
+ - master
+ script:
+ - mkdir -p /kaniko/.docker
+ - echo "$DOCKER_AUTH_CONFIG" > /kaniko/.docker/config.json
+ - /kaniko/executor
+ --context .
+ --dockerfile deploy/Dockerfile
+ --destination "docker.le-memese.com/bots/clockblocker-bot:latest"
+ --force
+
+deploy:
+ stage: deploy
+ image:
+ name: alpine/helm:3.7.1
+ entrypoint: ["/bin/sh", "-c"]
+ tags:
+ - kube
+ only:
+ - master
+ when: manual
+ environment:
+ name: cloblo-production
+ kubernetes:
+ namespace: "$NAMESPACE"
+ action: start
+ url: "https://{BOT_UI_HOST}"
+ script:
+ - helm
+ upgrade
+ "$HELM_APP_NAME"
+ ./deploy/helm
+ --install
+ --wait
+ --create-namespace
+ --atomic
+ --timeout 2m
+ --namespace "$NAMESPACE"
+ -f "$HELM_CONFIG"
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..81e201b
--- /dev/null
+++ b/README.md
@@ -0,0 +1 @@
+# Eггoг's bot
\ No newline at end of file
diff --git a/README.rst b/README.rst
deleted file mode 100644
index e69de29..0000000
diff --git a/deploy/Dockerfile b/deploy/Dockerfile
new file mode 100644
index 0000000..701aa31
--- /dev/null
+++ b/deploy/Dockerfile
@@ -0,0 +1,31 @@
+FROM python:3.9.6-slim-buster
+
+RUN useradd -m bot
+
+USER bot
+RUN pip install poetry==1.1.6
+
+ENV PATH="${PATH}:/home/bot/.poetry/bin:/home/bot/.local/bin"
+
+# Installing requirements
+RUN poetry config virtualenvs.create false
+
+COPY pyproject.toml poetry.lock /home/bot/app/
+WORKDIR /home/bot/app/
+
+RUN poetry install --no-dev
+
+# Copying actuall application
+COPY . /home/bot/app/src/
+WORKDIR /home/bot/app/src/
+RUN pip install --use-feature=in-tree-build .
+
+WORKDIR /home/bot/app
+
+USER root
+RUN rm -rf /home/bot/app/src
+RUN chown -R bot /home/bot
+RUN chmod -R 700 /home/bot
+USER bot
+
+CMD "start_bot"
diff --git a/deploy/helm/.helmignore b/deploy/helm/.helmignore
new file mode 100644
index 0000000..0e8a0eb
--- /dev/null
+++ b/deploy/helm/.helmignore
@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/deploy/helm/Chart.yaml b/deploy/helm/Chart.yaml
new file mode 100644
index 0000000..4cabc7d
--- /dev/null
+++ b/deploy/helm/Chart.yaml
@@ -0,0 +1,24 @@
+apiVersion: v2
+name: clockblocker_bot
+description: A Helm chart for Kubernetes
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "1.16.0"
diff --git a/deploy/helm/files/dockerauth.json b/deploy/helm/files/dockerauth.json
new file mode 100644
index 0000000..ece9146
--- /dev/null
+++ b/deploy/helm/files/dockerauth.json
@@ -0,0 +1,8 @@
+{
+ "auths": {
+ {{ .Values.image.pullSecret.registry | quote}}: {
+ "username": {{.Values.image.pullSecret.username | quote }},
+ "password": {{.Values.image.pullSecret.password | quote }}
+ }
+ }
+}
diff --git a/deploy/helm/templates/deployment.yml b/deploy/helm/templates/deployment.yml
new file mode 100644
index 0000000..adf34c6
--- /dev/null
+++ b/deploy/helm/templates/deployment.yml
@@ -0,0 +1,41 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ .Values.bot.name }}
+ annotations:
+ {{- .Values.annotations | toYaml | nindent 4 }}
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: {{ .Values.bot.name }}
+ template:
+ metadata:
+ labels:
+ app: {{ .Values.bot.name }}
+ annotations:
+ deployed_at: {{ now | quote }}
+ spec:
+ {{- with .Values.image.pullSecret }}
+ imagePullSecrets:
+ - name: {{ .name | quote }}
+ {{- end }}
+ containers:
+ - name: bot
+ image: {{ .Values.image.name }}
+ imagePullPolicy: Always
+ {{- with .Values.resources }}
+ resources:
+ {{- . | toYaml | nindent 12 }}
+ {{- end }}
+ {{- with .Values.env }}
+ env:
+ {{- range $key, $val := . }}
+ - name: {{$key | quote }}
+ value: {{$val | quote }}
+ {{- end }}
+ {{- end }}
+ ports:
+ - containerPort: {{ .Values.env.FLASK_PORT | default 8080 }}
+ name: "botport"
\ No newline at end of file
diff --git a/deploy/helm/templates/ingress.yml b/deploy/helm/templates/ingress.yml
new file mode 100644
index 0000000..9138267
--- /dev/null
+++ b/deploy/helm/templates/ingress.yml
@@ -0,0 +1,7 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ name: {{ .Values.bot.name }}
+spec:
+ {{- .Values.ingress | toYaml | nindent 2 }}
\ No newline at end of file
diff --git a/deploy/helm/templates/pull_secret.yml b/deploy/helm/templates/pull_secret.yml
new file mode 100644
index 0000000..16a7e44
--- /dev/null
+++ b/deploy/helm/templates/pull_secret.yml
@@ -0,0 +1,9 @@
+{{- if .Values.image.pullSecret }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ .Values.image.pullSecret.name }}
+data:
+ .dockerconfigjson: {{tpl (.Files.Get "files/dockerauth.json") . | b64enc | quote}}
+type: kubernetes.io/dockerconfigjson
+{{- end }}
diff --git a/deploy/helm/templates/service.yml b/deploy/helm/templates/service.yml
new file mode 100644
index 0000000..6d80120
--- /dev/null
+++ b/deploy/helm/templates/service.yml
@@ -0,0 +1,12 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ .Values.bot.name }}
+spec:
+ selector:
+ app: {{ .Values.bot.name }}
+ ports:
+ - port: 80
+ name: bot
+ targetPort: "botport"
diff --git a/deploy/helm/values.yaml b/deploy/helm/values.yaml
new file mode 100644
index 0000000..6cbceff
--- /dev/null
+++ b/deploy/helm/values.yaml
@@ -0,0 +1,46 @@
+# Default values for clockblocker_bot.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+bot:
+ name: clockblocker
+
+image:
+ name: some-image
+ pullSecret: {}
+ # name
+ # secretName:
+ # registry
+ # username
+ # password
+
+env: {}
+# TELEGRAM_ACCOUNT_PHONE:
+# TELEGRAM_API_HASH:
+# TELEGRAM_APP_ID:
+
+annotations:
+ app.gitlab.com/env: $CI_ENVIRONMENT_SLUG
+ app.gitlab.com/app: $CI_PROJECT_PATH_SLUG
+
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+ingress: {}
+ # - secretName: chart-example-tls
+ # hosts:
+ # - chart-example.local
+
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ # limits:
+ # cpu: 100m
+ # memory: 128Mi
+ # requests:
+ # cpu: 100m
+ # memory: 128Mi
--
GitLab