Unverified Commit 7180b332 authored by Julien Bouquillon's avatar Julien Bouquillon 🐫 Committed by GitHub
Browse files

feat: k8s deploy (#8)

* feat: k8s deploy API

* doc

* cleanup

* fix: use kosko-charts/netpol
parent 0349dd75
......@@ -3,3 +3,4 @@ data/
python-env/
node_modules
siret-idcc.csv
api/dist
include:
- project: SocialGouv/gitlab-ci-yml
file: /base_register_stage.yml
ref: v17.19.0
#
stages:
- register
- assemble
- index
Register image:
stage: register
extends: .base_register_stage
file: /autodevops.yml
ref: v21.0.0
variables:
AUTO_DEVOPS_TEST_DISABLED: "🛑"
AUTO_DEVOPS_QUALITY_DISABLED: "🛑"
AUTO_DEVOPS_KANIKO: "🛑"
AUTO_DEVOPS_ENABLE_KAPP: "🛑"
AUTO_DEVOPS_RELEASE_AUTO: "🚀"
AUTO_DEVOPS_PRODUCTION_AUTO: "🚀"
Install:
rules:
- when: never
Build:
rules:
- when: never
Register Kaniko image:
extends: .autodevops_register_kaniko_image
needs: []
variables:
CONTEXT: . # The folder where the Dockerfile is
IMAGE_NAME: $CI_REGISTRY_IMAGE # The image name
Download and assemble CSV data:
stage: assemble
image: $CI_REGISTRY_IMAGE-assembly:$CI_COMMIT_SHA
script:
- bash ./scripts/download_data.sh
artifacts:
paths:
- data/
expire_in: 4 hour
Run Elastic indexation:
stage: index
artifacts:
paths:
- data/
expire_in: 4 hour
script:
- yarn install
- yarn build
- node dist/index.js
CONTEXT: ./index
IMAGE_NAME: recherche-entreprises-index
Register API image:
extends: .autodevops_register_kaniko_image
needs: []
variables:
CONTEXT: ./api
IMAGE_NAME: recherche-entreprises-api
# Download and assemble CSV data:
# stage: assemble
# image: ubuntu:20.04
# rules:
# if: $TRIGGER == "ASSEMBLE" # todo
# script: |
# apt-get update -y && apt-get install -y wget python3-pip
# export DATA_DIR="./data"
# export OUTPUT_DIR="./output"
# mkdir $DATA_DIR
# mkdir $OUTPUT_DIR
# ./assembly/scripts/get-data.sh
# pip3 install -r ./assembly/requirements.txt
# python3 ./assembly/src/assemble_data.py ${DATA_DIR}/StockUniteLegale_utf8.zip ${DATA_DIR}/geo/ ${DATA_DIR}/WEEZ.csv ${OUTPUT_DIR}/assembly.csv
# ls -la $OUTPUT_DIR
# tar -czvf $OUTPUT_DIR/assembly.tgz $OUTPUT_DIR/assembly.csv
# ls -la $OUTPUT_DIR
# artifacts:
# paths:
# - data/
# expire_in: 4 hour
# Run Elastic indexation:
# stage: index
# artifacts:
# paths:
# - data/
# expire_in: 4 hour
# script:
# - yarn install
# - yarn build
# - node dist/index.js
File added
// Jest Snapshot v1, https://goo.gl/fbAQLP
exports[`kosko generate --dev 1`] = `
"---
apiVersion: v1
kind: Namespace
metadata:
annotations:
field.cattle.io/creatorId: gitlab
field.cattle.io/projectId: c-bd7z2:p-7ms8p
git/branch: e2e-branch
git/remote: git@github.com:SocialGouv/recherche-entreprises.git
app.gitlab.com/app: socialgouv-recherche-entreprises
app.gitlab.com/env: e2e-branch-42
app.gitlab.com/env.name: e2e-branch-dev2
labels:
azure-pg-admin-user: recherche-entreprises
application: e2e-branch-42-recherche-entreprises
owner: recherche-entreprises
team: recherche-entreprises
cert: wildcard
name: recherche-entreprises-24-e2e-branch-42
---
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
kapp.k14s.io/disable-default-ownership-label-rules: ''
kapp.k14s.io/disable-default-label-scoping-rules: ''
app.gitlab.com/app: socialgouv-recherche-entreprises
app.gitlab.com/env: e2e-branch-42
app.gitlab.com/env.name: e2e-branch-dev2
labels:
app: recherche-entreprises-api
application: e2e-branch-42-recherche-entreprises
owner: recherche-entreprises
team: recherche-entreprises
cert: wildcard
name: recherche-entreprises-api
namespace: recherche-entreprises-24-e2e-branch-42
spec:
replicas: 1
selector:
matchLabels:
app: recherche-entreprises-api
template:
metadata:
annotations:
kapp.k14s.io/disable-default-ownership-label-rules: ''
kapp.k14s.io/disable-default-label-scoping-rules: ''
app.gitlab.com/app: socialgouv-recherche-entreprises
app.gitlab.com/env: e2e-branch-42
app.gitlab.com/env.name: e2e-branch-dev2
labels:
app: recherche-entreprises-api
application: e2e-branch-42-recherche-entreprises
owner: recherche-entreprises
team: recherche-entreprises
cert: wildcard
spec:
containers:
- image: >-
harbor.fabrique.social.gouv.fr/undefined/recherche-entreprises-api:8843083edb7f873cad1d1420731a60773594ffae
livenessProbe:
failureThreshold: 6
httpGet:
path: /healthz
port: http
initialDelaySeconds: 30
periodSeconds: 5
timeoutSeconds: 5
name: recherche-entreprises-api
ports:
- containerPort: 3000
name: http
readinessProbe:
failureThreshold: 15
httpGet:
path: /healthz
port: http
initialDelaySeconds: 0
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 1
resources:
limits:
cpu: 500m
memory: 128Mi
requests:
cpu: 5m
memory: 16Mi
startupProbe:
failureThreshold: 12
httpGet:
path: /healthz
port: http
periodSeconds: 5
---
apiVersion: v1
kind: Service
metadata:
labels:
app: recherche-entreprises-api
application: e2e-branch-42-recherche-entreprises
owner: recherche-entreprises
team: recherche-entreprises
cert: wildcard
name: recherche-entreprises-api
annotations:
kapp.k14s.io/disable-default-ownership-label-rules: ''
kapp.k14s.io/disable-default-label-scoping-rules: ''
app.gitlab.com/app: socialgouv-recherche-entreprises
app.gitlab.com/env: e2e-branch-42
app.gitlab.com/env.name: e2e-branch-dev2
namespace: recherche-entreprises-24-e2e-branch-42
spec:
ports:
- name: http
port: 80
targetPort: 3000
selector:
app: recherche-entreprises-api
type: ClusterIP
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: nginx
kapp.k14s.io/disable-default-ownership-label-rules: ''
kapp.k14s.io/disable-default-label-scoping-rules: ''
app.gitlab.com/app: socialgouv-recherche-entreprises
app.gitlab.com/env: e2e-branch-42
app.gitlab.com/env.name: e2e-branch-dev2
labels:
app: recherche-entreprises-api
application: e2e-branch-42-recherche-entreprises
owner: recherche-entreprises
team: recherche-entreprises
cert: wildcard
name: recherche-entreprises-api
namespace: recherche-entreprises-24-e2e-branch-42
spec:
rules:
- host: e2e-branch-42-recherche-entreprises.dev2.fabrique.social.gouv.fr
http:
paths:
- backend:
serviceName: recherche-entreprises-api
servicePort: 80
path: /
tls:
- hosts:
- e2e-branch-42-recherche-entreprises.dev2.fabrique.social.gouv.fr
secretName: wildcard-crt
"
`;
// Jest Snapshot v1, https://goo.gl/fbAQLP
exports[`kosko generate --preprod 1`] = `
"---
apiVersion: v1
kind: Namespace
metadata:
annotations:
field.cattle.io/creatorId: gitlab
field.cattle.io/projectId: c-bd7z2:p-7ms8p
git/branch: e2e-branch
git/remote: git@github.com:SocialGouv/recherche-entreprises.git
app.gitlab.com/app: socialgouv-recherche-entreprises
app.gitlab.com/env: e2e-branch-42
app.gitlab.com/env.name: e2e-branch-dev2
labels:
azure-pg-admin-user: recherche-entreprises
application: v1-2-3-recherche-entreprises
owner: recherche-entreprises
team: recherche-entreprises
cert: wildcard
name: recherche-entreprises-24-e2e-branch-42
---
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
kapp.k14s.io/disable-default-ownership-label-rules: ''
kapp.k14s.io/disable-default-label-scoping-rules: ''
app.gitlab.com/app: socialgouv-recherche-entreprises
app.gitlab.com/env: e2e-branch-42
app.gitlab.com/env.name: e2e-branch-dev2
labels:
app: recherche-entreprises-api
application: v1-2-3-recherche-entreprises
owner: recherche-entreprises
team: recherche-entreprises
cert: wildcard
name: recherche-entreprises-api
namespace: recherche-entreprises-24-e2e-branch-42
spec:
replicas: 1
selector:
matchLabels:
app: recherche-entreprises-api
template:
metadata:
annotations:
kapp.k14s.io/disable-default-ownership-label-rules: ''
kapp.k14s.io/disable-default-label-scoping-rules: ''
app.gitlab.com/app: socialgouv-recherche-entreprises
app.gitlab.com/env: e2e-branch-42
app.gitlab.com/env.name: e2e-branch-dev2
labels:
app: recherche-entreprises-api
application: v1-2-3-recherche-entreprises
owner: recherche-entreprises
team: recherche-entreprises
cert: wildcard
spec:
containers:
- image: >-
harbor.fabrique.social.gouv.fr/undefined/recherche-entreprises-api:1.2.3
livenessProbe:
failureThreshold: 6
httpGet:
path: /healthz
port: http
initialDelaySeconds: 30
periodSeconds: 5
timeoutSeconds: 5
name: recherche-entreprises-api
ports:
- containerPort: 3000
name: http
readinessProbe:
failureThreshold: 15
httpGet:
path: /healthz
port: http
initialDelaySeconds: 0
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 1
resources:
limits:
cpu: 500m
memory: 128Mi
requests:
cpu: 5m
memory: 16Mi
startupProbe:
failureThreshold: 12
httpGet:
path: /healthz
port: http
periodSeconds: 5
---
apiVersion: v1
kind: Service
metadata:
labels:
app: recherche-entreprises-api
application: v1-2-3-recherche-entreprises
owner: recherche-entreprises
team: recherche-entreprises
cert: wildcard
name: recherche-entreprises-api
annotations:
kapp.k14s.io/disable-default-ownership-label-rules: ''
kapp.k14s.io/disable-default-label-scoping-rules: ''
app.gitlab.com/app: socialgouv-recherche-entreprises
app.gitlab.com/env: e2e-branch-42
app.gitlab.com/env.name: e2e-branch-dev2
namespace: recherche-entreprises-24-e2e-branch-42
spec:
ports:
- name: http
port: 80
targetPort: 3000
selector:
app: recherche-entreprises-api
type: ClusterIP
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: nginx
kapp.k14s.io/disable-default-ownership-label-rules: ''
kapp.k14s.io/disable-default-label-scoping-rules: ''
app.gitlab.com/app: socialgouv-recherche-entreprises
app.gitlab.com/env: e2e-branch-42
app.gitlab.com/env.name: e2e-branch-dev2
labels:
app: recherche-entreprises-api
application: v1-2-3-recherche-entreprises
owner: recherche-entreprises
team: recherche-entreprises
cert: wildcard
name: recherche-entreprises-api
namespace: recherche-entreprises-24-e2e-branch-42
spec:
rules:
- host: v1-2-3-recherche-entreprises.dev2.fabrique.social.gouv.fr
http:
paths:
- backend:
serviceName: recherche-entreprises-api
servicePort: 80
path: /
tls:
- hosts:
- v1-2-3-recherche-entreprises.dev2.fabrique.social.gouv.fr
secretName: wildcard-crt
"
`;
// Jest Snapshot v1, https://goo.gl/fbAQLP
exports[`kosko generate --prod 1`] = `
"---
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
kapp.k14s.io/disable-default-ownership-label-rules: ''
kapp.k14s.io/disable-default-label-scoping-rules: ''
app.gitlab.com/app: socialgouv-recherche-entreprises
app.gitlab.com/env: e2e-branch-42
app.gitlab.com/env.name: e2e-branch-dev2
labels:
app: recherche-entreprises-api
application: recherche-entreprises
owner: recherche-entreprises
team: recherche-entreprises
cert: wildcard
name: recherche-entreprises-api
namespace: recherche-entreprises
spec:
replicas: 1
selector:
matchLabels:
app: recherche-entreprises-api
template:
metadata:
annotations:
kapp.k14s.io/disable-default-ownership-label-rules: ''
kapp.k14s.io/disable-default-label-scoping-rules: ''
app.gitlab.com/app: socialgouv-recherche-entreprises
app.gitlab.com/env: e2e-branch-42
app.gitlab.com/env.name: e2e-branch-dev2
labels:
app: recherche-entreprises-api
application: recherche-entreprises
owner: recherche-entreprises
team: recherche-entreprises
cert: wildcard
spec:
containers:
- image: >-
harbor.fabrique.social.gouv.fr/undefined/recherche-entreprises-api:1.2.3
livenessProbe:
failureThreshold: 6
httpGet:
path: /healthz
port: http
initialDelaySeconds: 30
periodSeconds: 5
timeoutSeconds: 5
name: recherche-entreprises-api
ports:
- containerPort: 3000
name: http
readinessProbe:
failureThreshold: 15
httpGet:
path: /healthz
port: http
initialDelaySeconds: 0
periodSeconds: 5
successThreshold: 1
timeoutSeconds: 1
resources:
limits:
cpu: 500m
memory: 128Mi
requests:
cpu: 5m
memory: 16Mi
startupProbe:
failureThreshold: 12
httpGet:
path: /healthz
port: http
periodSeconds: 5
---
apiVersion: v1
kind: Service
metadata:
labels:
app: recherche-entreprises-api
application: recherche-entreprises
owner: recherche-entreprises
team: recherche-entreprises
cert: wildcard
name: recherche-entreprises-api
annotations:
kapp.k14s.io/disable-default-ownership-label-rules: ''
kapp.k14s.io/disable-default-label-scoping-rules: ''
app.gitlab.com/app: socialgouv-recherche-entreprises
app.gitlab.com/env: e2e-branch-42
app.gitlab.com/env.name: e2e-branch-dev2
namespace: recherche-entreprises
spec:
ports:
- name: http
port: 80
targetPort: 3000
selector:
app: recherche-entreprises-api
type: ClusterIP
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
kubernetes.io/ingress.class: nginx
certmanager.k8s.io/cluster-issuer: letsencrypt-prod
kubernetes.io/tls-acme: 'true'
kapp.k14s.io/disable-default-ownership-label-rules: ''
kapp.k14s.io/disable-default-label-scoping-rules: ''
app.gitlab.com/app: socialgouv-recherche-entreprises
app.gitlab.com/env: e2e-branch-42
app.gitlab.com/env.name: e2e-branch-dev2
labels:
app: recherche-entreprises-api
application: recherche-entreprises
owner: recherche-entreprises
team: recherche-entreprises
cert: wildcard
name: recherche-entreprises-api
namespace: recherche-entreprises
spec:
rules:
- host: recherche-entreprises.dev2.fabrique.social.gouv.fr
http:
paths:
- backend:
serviceName: recherche-entreprises-api
servicePort: 80
path: /
tls:
- hosts:
- recherche-entreprises.dev2.fabrique.social.gouv.fr
secretName: recherche-entreprises-api-crt
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
name: default
namespace: recherche-entreprises
spec:
podSelector: {}
policyTypes:
- Ingress
ingress:
- from:
- namespaceSelector:
matchLabels:
network-policy/namespace: recherche-entreprises
- from:
- namespaceSelector:
matchLabels:
network-policy/source: ingress-controller
- from:
- namespaceSelector:
matchLabels:
network-policy/source: monitoring
"
`;
//
import { getEnvManifests } from "@socialgouv/kosko-charts/testing";
import { project } from "@socialgouv/kosko-charts/testing/fake/gitlab-ci.env";
jest.setTimeout(1000 * 60);
test("kosko generate --dev", async () => {
expect(
await getEnvManifests("dev", "", {
...project("recherche-entreprises").dev,
RANCHER_PROJECT_ID: "c-bd7z2:p-wbfnt",
})
).toMatchSnapshot();
});
//
import { getEnvManifests } from "@socialgouv/kosko-charts/testing";
import { project } from "@socialgouv/kosko-charts/testing/fake/gitlab-ci.env";
jest.setTimeout(1000 * 60);
test("kosko generate --preprod", async () => {
expect(
await getEnvManifests("preprod", "", {
...project("recherche-entreprises").preprod,
RANCHER_PROJECT_ID: "c-bd7z2:p-wbfnt",
})
).toMatchSnapshot();
});
//
import { getEnvManifests } from "@socialgouv/kosko-charts/testing";
import { project } from "@socialgouv/kosko-charts/testing/fake/gitla