diff --git a/Jenkinsfile b/Jenkinsfile new file mode 100644 index 0000000..6f3d998 --- /dev/null +++ b/Jenkinsfile @@ -0,0 +1,67 @@ +pipeline { + agent any + stages { + stage('build') { + steps { + git credentialsId: 'fetch-dht-pull', url: 'git@git.keganmyers.com:terribleplan/fetch-dht.git' + script { + def kubeCa = "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN5RENDQWJDZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRJd01ETXlNVEU0TkRrd05Wb1hEVE13TURNeE9URTRORGt3TlZvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTklWClJoaDMzVVd2Yk4vS0VzZTFSY2tkM0R0VitmR251RC9yOVhmdU1BRThzaW9vT1gwQjVzcjdOVi9TWFA2dDB0ak8KQkRTRnJpODczejd0SWtMcktvNmFWNGpOcDdNUXNDbllydk9ob0EwWnJIdmpmbUljbFlXRnhwclNWWkFRZ1JpbgpiU2VRMkY2d3MwdnlTSjluMy8zTmV2RlRHT0V5WVBjWko0cGZCNjJnWkk5OFR6ZU9NWTV0QWJRQmJsRW0wdGx6ClVJSWJYTmhCVXNnWnZxU3dwTG5LMHorUVBsdkRRd0FLRCt6dmNmdlZaQk1tNGZ1bFprYkxHdGNUbUtBcVhQMWQKbGtkMUxYN205cEVoUDhKVGUvVW9WWWh5ZTRRNG0xbWQvTHgrNXJUTEg0TXBjYkV0dTR0MklPZjZTZ0l2WkJ0dwpIbnRuVG1HMTdQdjJUUzJ4WWEwQ0F3RUFBYU1qTUNFd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFBYkRpOXZNT085akN0WGU5WCtHNDZGdkpnVEgKMkVQb2NOUDdIcHZGNFYzQVd4eWRSaGZSK2o1eHRldG1sem5uNktjVE41WUVoenE2VXVGMlpPS1NjVUp0Yi8ydgpnQVhCTjF3SVdSZ0p2bWdVTTRLVVVwc1FpWjRsY0o1TS9IT1ByZmJrL21pdERzd01XZDlIVTZ3ZVN4NVJ6eVFGCmEvNVhtSGlSUTZRc1Q2SnovMGNIQmNCbjMwRkZCTzVudVdRMjRnVjNBTlE2NXUvUFhkalBwRExBT3d6bmV4QmYKRUZLMk1aNC9Nd0xNUjlDcGk3TWovWHUwVkxLTWhUWVVCSWQwQ0EwMllKems1RzVSbmpZVlRxWnp3L2QvaUVXQQpta1k3d1Y2d0tUV25jRDM1MVlmWjJtWGtGa293WGVDL1lHVVpEQmUza0hlQTJRVFFkMmEzMEt6dnpvOD0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=" + def kubeUrl = "https://45.79.61.115:443" + def appName = "fetch-dht" + def kubectl = docker.image("bitnami/kubectl:1.18") + def registryHost = "registry.terrible.network" + def imageName = "${registryHost}/terribleplan/${appName}" + def betaImageName = "${imageName}:beta" + def betaAppName = "${appName}-beta" + def betaHost = "${betaAppName}.terrible.network" + + def beta + docker.withRegistry("https://${registryHost}", "registry-terrible-network") { + beta = docker.build(betaImageName) + beta.inside { + sh "cp package.json /app/package.json" + sh "cp yarn.lock /app/yarn.lock" + sh "cd /app && yarn" + sh "cd /app && ls" + sh "cd /app/lib && ls" + sh "cd /app/lib/binaryQuerystring && ls" + sh "cd /app && node lib/binaryQuerystring/index.test.js" + } + beta.push() + } + kubectl.inside("--entrypoint=''") { + env.NAMESPACE = betaAppName + env.HOST = betaHost + env.APP_NAME = betaAppName + env.IMAGE = + env.IMAGE_PULL_SECRET = "registry-terrible-network-pull-secret" + sh "install_packages gettext" + sh "set -euo pipefail" + sh "mkdir -p ~/.kube" + withCredentials([string(credentialsId: 'fetch-dht-beta-token', variable: 'token')]) { + sh "cat deploy/kubeconfig.envsubst.yml | CA='${kubeCa}' URL='${kubeUrl}' TOKEN='${token}' envsubst '\$CA,\$URL,\$TOKEN,\$NAMESPACE' > ~/.kube/config" + } + sh "cat deploy/manifest.envsubst.yml | IMAGE='${beta.imageName()}' APP_NAME='${betaAppName}' REVISION='${env.GIT_COMMIT}' envsubst '\${NAMESPACE}' | kubectl apply -f -" + sh "kubectl rollout status 'deployments/${betaAppName}'" + } + + // def prodImageName = "${imageName}:latest" + // beta.push(prodImageName) + // beta.run("-e ENDPOINT=https://${betaHost}", "yarn && yarn integration") + // latest = beta.tag("latest") + // latest.push() + // kubectl.inside { + // env.NAMESPACE = appName + // env.HOST = "dht.terrible.network" + // env.APP_NAME = appName + // env.IMAGE = latest.imageName() + // env.IMAGE_PULL_SECRET = "registry-terrible-network-pull-secret" + // sh "kubectl rollout restart 'deployments/${env.APP_NAME}'" + // sh "kubectl -n '${env.NAMESPACE}' rollout status 'deployments/${env.APP_NAME}'" + // } + } + } + } + } +} + diff --git a/deploy/kubeconfig.envsubst.yml b/deploy/kubeconfig.envsubst.yml new file mode 100644 index 0000000..92f23ba --- /dev/null +++ b/deploy/kubeconfig.envsubst.yml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Config +preferences: {} +clusters: + - name: default + cluster: + certificate-authority-data: '${CA}' + server: '${URL}' +users: + - name: default + user: + as-user-extra: {} + token: '${TOKEN}' +contexts: + - name: default + context: + cluster: default + user: default + namespace: '${NAMESPACE}' +current-context: default + diff --git a/deploy/manifest.envsubst.yml b/deploy/manifest.envsubst.yml new file mode 100644 index 0000000..6f2f666 --- /dev/null +++ b/deploy/manifest.envsubst.yml @@ -0,0 +1,80 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: '${NAMESPACE}' +spec: {} +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + namespace: '${NAMESPACE}' + name: '${APP_NAME}' + labels: + app: '${APP_NAME}' +spec: + replicas: 1 + selector: + matchLabels: + app: '${APP_NAME}' + template: + metadata: + annotations: + revision: '${REVISION}' + labels: + app: '${APP_NAME}' + spec: + containers: + - name: '${APP_NAME}' + image: '${IMAGE}' + imagePullPolicy: Always + env: + - name: PORT + value: '3000' + - name: DHT_PORT + value: '20000' + ports: + - name: http + containerPort: 3000 + imagePullSecrets: + - name: '${IMAGE_PULL_SECRET}' +--- +apiVersion: v1 +kind: Service +metadata: + namespace: '${NAMESPACE}' + name: ${APP_NAME} +spec: + type: ClusterIP + selector: + app: ${APP_NAME} + ports: + - name: http + protocol: TCP + port: 80 + targetPort: http +--- +apiVersion: networking.k8s.io/v1beta1 +kind: Ingress +metadata: + namespace: '${NAMESPACE}' + name: '${APP_NAME}' + annotations: + kubernetes.io/ingress.class: nginx + nginx.ingress.kubernetes.io/ssl-redirect: 'true' + nginx.ingress.kubernetes.io/enable-access-log: 'false' + cert-manager.io/cluster-issuer: letsencrypt +spec: + tls: + - hosts: + - '${HOST}' + secretName: '${APP_NAME}-tls' + rules: + - host: '${HOST}' + http: + paths: + - path: / + backend: + serviceName: '${APP_NAME}' + servicePort: http +