crane-cloud · Mubangizi · Oct 4, 2024 · Oct 4, 2024 · Jan 20, 2025 · Jan 20, 2025
diff --git a/.github/workflows/prod.yml b/.github/workflows/prod.yml
@@ -0,0 +1,142 @@
+---
+name: Prod
+
+on:
+  release:
+    types:
+      - released
+      - prereleased
+      - deploy/gcp
+
+jobs:
+  build:
+    outputs:
+      image: ${{ steps.export.outputs.image }}
+      tag: ${{ steps.export.outputs.tag }}
+
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          ref: staging
+
+      - name: Install (Buildx)
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login (GCP)
+        uses: google-github-actions/auth@v2
+        with:
+          credentials_json: ${{ secrets.CREDENTIALS_JSON }}
+
+      - name: Install (Gcloud)
+        uses: google-github-actions/setup-gcloud@v1
+        with:
+          project_id: crane-cloud-274413
+          install_components: "gke-gcloud-auth-plugin"
+
+      - name: Login (GCR)
+        run: gcloud auth configure-docker
+
+      - id: meta
+        name: Tag
+        uses: docker/metadata-action@v3
+        with:
+          flavor: |
+            latest=true
+          images: gcr.io/crane-cloud-274413/database-api
+          tags: |
+            type=ref,event=branch
+            type=ref,event=pr
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=sha
+
+      - name: Build
+        uses: docker/build-push-action@v2
+        with:
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          context: .
+          file: docker/prod/Dockerfile
+          labels: ${{ steps.meta.outputs.labels }}
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+
+      - id: export
+        name: Export
+        uses: actions/github-script@v5
+        with:
+          script: |
+            const metadata = JSON.parse(`${{ steps.meta.outputs.json }}`)
+            const fullUrl = metadata.tags.find((t) => t.includes(':sha-'))
+            if (fullUrl == null) {
+              core.error('Unable to find sha tag of image')
+            } else {
+              const tag = fullUrl.split(':')[1]
+              core.setOutput('image', fullUrl)
+              core.setOutput('tag', tag)
+            }
+
+  Production:
+    name: Deploy (Production)
+
+    needs:
+      - build
+
+    runs-on: ubuntu-latest
+
+    env:
+      namespace: cranecloud-prod
+
+    steps:
+      - name: Clone
+        uses: actions/checkout@v2
+
+      - name: Login (GCP)
+        uses: google-github-actions/auth@v2
+        with:
+          credentials_json: ${{ secrets.CREDENTIALS_JSON }}
+
+      - name: Install (Gcloud)
+        uses: google-github-actions/setup-gcloud@v1
+        with:
+          project_id: crane-cloud-274413
+          install_components: "gke-gcloud-auth-plugin"
+
+      - name: Login (Kubernetes Cluster)
+        uses: google-github-actions/get-gke-credentials@v1
+        with:
+          cluster_name: staging-cluster
+          location: us-central1-a
+          project_id: crane-cloud-274413
+
+      - name: Add Repo (cranecloud)
+        run: |
+          helm repo add cranecloud https://crane-cloud.github.io/helm-charts/
+
+      - name: Helm Release
+        run: |
+          helm upgrade --install \
+          database-api cranecloud/cranecloud \
+          --values helm/values.prod.yaml \
+          --namespace $namespace \
+          --set image.tag="${{ needs.build.outputs.tag }}" \
+          --set environment.DATABASE_URI="${{ secrets.PRODUCTION_DATABASE_URI }}" \
+          --set environment.JWT_SALT="${{ secrets.PRODUCTION_JWT_SALT }}" \
+          --set environment.ACTIVITY_LOGGER_URL="${{ secrets.PRODUCTION_ACTIVITY_LOGGER_URL }}" \
+          --set environment.ADMIN_MYSQL_USER="${{ secrets.PRODUCTION_ADMIN_MYSQL_USER }}" \
+          --set environment.ADMIN_MYSQL_PASSWORD="${{ secrets.PRODUCTION_ADMIN_MYSQL_PASSWORD }}" \
+          --set environment.ADMIN_MYSQL_HOST="${{ secrets.PRODUCTION_ADMIN_MYSQL_HOST }}" \
+          --set environment.ADMIN_MYSQL_PORT="${{ secrets.PRODUCTION_ADMIN_MYSQL_PORT }}" \
+          --set environment.ADMIN_PSQL_USER="${{ secrets.PRODUCTION_ADMIN_PSQL_USER }}" \
+          --set environment.ADMIN_PSQL_PASSWORD="${{ secrets.PRODUCTION_ADMIN_PSQL_PASSWORD }}" \
+          --set environment.ADMIN_PSQL_HOST="${{ secrets.PRODUCTION_ADMIN_PSQL_HOST }}" \
+          --set environment.ADMIN_PSQL_PORT="${{ secrets.PRODUCTION_ADMIN_PSQL_PORT }}" \
+          --set environment.MAIL_PASSWORD="${{ secrets.PRODUCTION_MAIL_PASSWORD }}" \
+          --timeout=300s
+
+      - name: Monitor Rollout
+        run: |
+          kubectl rollout status deployment/database-api --timeout=300s --namespace $namespace
diff --git a/.github/workflows/staging.yaml b/.github/workflows/staging.yaml
@@ -5,6 +5,7 @@ on:
   push:
     branches:
       - develop
+      - deploy/gcp
 
   workflow_dispatch:
 
@@ -20,10 +21,10 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
 
       - name: Install (Buildx)
-        uses: docker/setup-buildx-action@v1
+        uses: docker/setup-buildx-action@v3
 
       - name: Login to Docker Hub
         uses: docker/login-action@v2
@@ -44,7 +45,7 @@ jobs:
             type=sha
 
       - name: Build
-        uses: docker/build-push-action@v2
+        uses: docker/build-push-action@v5
         with:
           cache-from: type=gha
           cache-to: type=gha,mode=max
@@ -56,7 +57,7 @@ jobs:
 
       - id: export
         name: Export
-        uses: actions/github-script@v5
+        uses: actions/github-script@v7
         with:
           script: |
             const metadata = JSON.parse(`${{ steps.meta.outputs.json }}`)
@@ -73,25 +74,47 @@ jobs:
     name: Deploy (Staging)
 
     needs:
-      - Build
+      - build
 
     runs-on: ubuntu-latest
     env:
-      namespace: cranecloud-microservice
+      namespace: cranecloud
       image: cranecloud/database-api
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
 
-      - uses: azure/k8s-set-context@v1
+      # - uses: azure/k8s-set-context@v1
+      #   with:
+      #     kubeconfig: ${{ secrets.RENU_KUBECONFIG}}
+
+      - name: Login (GCP)
+        uses: google-github-actions/auth@v2
+        with:
+          credentials_json: ${{ secrets.CREDENTIALS_JSON }}
+
+      - name: Install (Gcloud)
+        uses: google-github-actions/setup-gcloud@v2
         with:
-          kubeconfig: ${{ secrets.RENU_KUBECONFIG}}
+          project_id: crane-cloud-274413
+          install_components: "gke-gcloud-auth-plugin"
+
+      - name: Login (Kubernetes Cluster)
+        uses: google-github-actions/get-gke-credentials@v2
+        with:
+          cluster_name: staging-cluster
+          location: us-central1-a
+          project_id: crane-cloud-274413
+
+      - name: Add Repo (cranecloud)
+        run: |
+          helm repo add cranecloud https://crane-cloud.github.io/helm-charts/
 
       - name: Helm Release
         run: |
           helm upgrade --install \
-          database-api ./helm/chart \
+          database-api cranecloud/cranecloud \
           --values helm/values.staging.yaml \
           --namespace $namespace \
           --set image.tag="${{ needs.build.outputs.tag }}" \
@@ -106,6 +129,7 @@ jobs:
           --set environment.ADMIN_PSQL_PASSWORD="${{ secrets.STAGING_ADMIN_PSQL_PASSWORD }}" \
           --set environment.ADMIN_PSQL_HOST="${{ secrets.STAGING_ADMIN_PSQL_HOST }}" \
           --set environment.ADMIN_PSQL_PORT="${{ secrets.STAGING_ADMIN_PSQL_PORT }}" \
+          --set environment.MAIL_PASSWORD="${{ secrets.MAIL_PASSWORD }}" \
           --timeout=300s
 
       - name: Monitor Rollout

diff --git a/helm/chart/.helmignore b/helm/chart/.helmignore
diff --git a/helm/chart/Chart.yaml b/helm/chart/Chart.yaml
diff --git a/helm/chart/templates/_helpers.tpl b/helm/chart/templates/_helpers.tpl
diff --git a/helm/chart/templates/celery-deployment.yaml b/helm/chart/templates/celery-deployment.yaml