From 3a9d9af8981e770c01d4bccea3c1453d418396a0 Mon Sep 17 00:00:00 2001 From: Francesco Medas <104889824+frankmeds@users.noreply.github.com> Date: Thu, 14 Sep 2023 12:58:31 +0400 Subject: [PATCH] feat: DEVOPS-958 migrate Developer Portal prod to GCP (#196) --- .../workflows/ci-on-merge-main-or-release.yml | 11 --- .github/workflows/cicd-prd.yml | 6 +- .github/workflows/cicd-stg.yml | 2 +- cd/applications.bzl | 1 - products/developer-portal/BUILD | 42 ++------- products/developer-portal/README.md | 90 ++++++++++++++++++- .../developer-portal/cd/base/deployment.yaml | 14 +-- .../developer-portal/cd/base/ingress.yaml | 10 +-- .../developer-portal/cd/base/namespace.yaml | 2 +- products/developer-portal/cd/base/svc.yaml | 8 +- .../cd/overlays/production/certificate.yaml | 7 ++ .../overlays/production/frontend-config.yaml | 8 ++ .../production/kustomization.tpl.yaml | 27 ------ .../cd/overlays/production/kustomization.yaml | 27 ++++++ .../cd/overlays/staging/certificate.yaml | 4 +- .../cd/overlays/staging/kustomization.yaml | 10 +-- 16 files changed, 167 insertions(+), 102 deletions(-) create mode 100644 products/developer-portal/cd/overlays/production/certificate.yaml create mode 100644 products/developer-portal/cd/overlays/production/frontend-config.yaml delete mode 100644 products/developer-portal/cd/overlays/production/kustomization.tpl.yaml create mode 100644 products/developer-portal/cd/overlays/production/kustomization.yaml diff --git a/.github/workflows/ci-on-merge-main-or-release.yml b/.github/workflows/ci-on-merge-main-or-release.yml index 259259568..729267509 100644 --- a/.github/workflows/ci-on-merge-main-or-release.yml +++ b/.github/workflows/ci-on-merge-main-or-release.yml @@ -60,9 +60,6 @@ jobs: - name: "Analyse project changes" id: project-changed run: | - if [ "${{ contains(steps.changed-files.outputs.all_changed_and_modified_files, 'products/developer-portal') }}" = "true" || "${{ contains(steps.changed-files.outputs.all_changed_and_modified_files, 'docs') }}" = "true" ]; then - echo "developer-portal=true" >> $GITHUB_OUTPUT - fi if [ "${{ contains(steps.changed-files.outputs.all_changed_and_modified_files, 'products/devex-apollo') }}" = "true" ]; then echo "devex-apollo=true" >> $GITHUB_OUTPUT fi @@ -134,18 +131,10 @@ jobs: docker tag devex-apollo:local 298213327629.dkr.ecr.us-west-2.amazonaws.com/devex-apollo:$VERSION docker push 298213327629.dkr.ecr.us-west-2.amazonaws.com/devex-apollo:$VERSION - - name: "Build and push Docker - developer-portal - production" - if: github.event_name == 'release' && github.event.action == 'created' && steps.project-changed.outputs.developer-portal == 'true' - run: | - bazelisk run --test_output=all --keep_going //products/developer-portal:push_image_production - ### BEGIN DEPLOYMENT STAGES - name: "Create application.bzl" run: | echo 'APPLICATIONS_PROD = [' > cd/applications.bzl - if [ "${{ contains(steps.changed-files.outputs.all_changed_and_modified_files, 'products/developer-portal') }}" = "true" || "${{ contains(steps.changed-files.outputs.all_changed_and_modified_files, 'docs') }}" = "true" ]; then - echo ' "//products/developer-portal",' >> cd/applications.bzl - fi if [ "${{ contains(steps.changed-files.outputs.all_changed_and_modified_files, 'products/devex-apollo') }}" = "true" ]; then echo ' "//products/devex-apollo",' >> cd/applications.bzl fi diff --git a/.github/workflows/cicd-prd.yml b/.github/workflows/cicd-prd.yml index 98b87c7f9..97a28e1e6 100644 --- a/.github/workflows/cicd-prd.yml +++ b/.github/workflows/cicd-prd.yml @@ -20,7 +20,8 @@ jobs: strategy: fail-fast: false matrix: - application: [bluebell-playground, devex, eth-spout, neo-savant] + application: + [bluebell-playground, developer-portal, devex, eth-spout, neo-savant] include: - application: bluebell-playground image_name: bluebell-playground @@ -28,6 +29,9 @@ jobs: - application: devex image_name: devex path: products/devex + - application: developer-portal + image_name: developer-portal + path: products/developer-portal - application: eth-spout image_name: eth-spout path: products/eth-spout diff --git a/.github/workflows/cicd-stg.yml b/.github/workflows/cicd-stg.yml index edfcdc825..1144f3d31 100644 --- a/.github/workflows/cicd-stg.yml +++ b/.github/workflows/cicd-stg.yml @@ -27,7 +27,7 @@ jobs: application: [developer-portal, devex, devex-apollo, neo-savant] include: - application: developer-portal - image_name: zilliqa-devportal + image_name: developer-portal path: products/developer-portal - application: devex image_name: devex diff --git a/cd/applications.bzl b/cd/applications.bzl index ae7b35fe0..fc0a4245d 100644 --- a/cd/applications.bzl +++ b/cd/applications.bzl @@ -5,6 +5,5 @@ This module contains the applications which are deployed upon merge into main an APPLICATIONS_STAGING = [] APPLICATIONS_PROD = [ - "//products/developer-portal", "//products/devex-apollo", ] diff --git a/products/developer-portal/BUILD b/products/developer-portal/BUILD index 6c0740015..77e2044f0 100644 --- a/products/developer-portal/BUILD +++ b/products/developer-portal/BUILD @@ -1,6 +1,5 @@ load("@io_bazel_rules_docker//container:container.bzl", "container_image", "container_push") load("@rules_pkg//:pkg.bzl", "pkg_tar") -load("//config:expand-workspace-status.bzl", "expand_workspace_status") load(":defs.bzl", "mkdocs_html") # TODO: @@ -126,7 +125,7 @@ container_push( format = "Docker", image = ":image", registry = "localhost:5001", - repository = "zilliqa-devportal", + repository = "developer-portal", tag = "latest", ) @@ -135,44 +134,15 @@ container_push( format = "Docker", image = ":image", registry = "asia-docker.pkg.dev/prj-d-devops-services-4dgwlsse/zilliqa-public", - repository = "zilliqa-devportal", + repository = "developer-portal", tag = "$${IMAGE_TAG#*:}", ) container_push( - name = "push_image_production", + name = "push_image_prd", format = "Docker", image = ":image", - registry = "298213327629.dkr.ecr.us-west-2.amazonaws.com", - repository = "zilliqa-devportal", - - # Tagging from workspace status - requires --stamp as build args - tag = "{FULL_VERSION_TAG}", -) - -### -# CD update - -pkg_tar( - name = "cd_base", - srcs = glob(["products/devportal/cd/base/*.yaml"]), - mode = "0755", - package_dir = "", - strip_prefix = ".", - visibility = ["//visibility:public"], -) - -expand_workspace_status( - name = "production-kustomization", - output = "products/devportal/cd/overlays/production/kustomization.yaml", - template = "products/devportal/cd/overlays/production/kustomization.tpl.yaml", -) - -pkg_tar( - name = "cd_production_patch", - srcs = ["products/devportal/cd/overlays/production/kustomization.yaml"], - mode = "0755", - package_dir = "", - strip_prefix = ".", - visibility = ["//visibility:public"], + registry = "asia-docker.pkg.dev/prj-p-devops-services-tvwmrf63/zilliqa-public", + repository = "developer-portal", + tag = "$${IMAGE_TAG#*:}", ) diff --git a/products/developer-portal/README.md b/products/developer-portal/README.md index 41fa2f8c5..80c7363e5 100644 --- a/products/developer-portal/README.md +++ b/products/developer-portal/README.md @@ -112,7 +112,7 @@ z login dns: vars: subdomains: - zilliqa-devportal: {} + developer-portal: {} ``` 3. Push the changes @@ -139,3 +139,91 @@ z app sync --cache-dir=.cache developer-portal ``` Verify your application is running correct from the staging URL and with `kubectl` commands (if required). + +## Deploying applications to production + +To deploy the production environment we need to clone the devops repository and execute `z` from there: + +```sh +git clone https://github.com/Zilliqa/devops.git +cd devops +source setenv +``` + +### Set the following environment variables + +- `Z_ENV` to the path in which your `z.yaml` resides. +- `ZQ_USER` to your username (the bit before `@` in your email address) +- `GITHUB_PAT` (if you are deploying staging or production apps) to a classic PAT with all the repo permissions ticked. + +for example: + +```sh +export Z_ENV=`pwd`/infra/live/gcp/production/prj-p-prod-apps/z_ase1.yaml +export ZQ_USER=@zilliqa.com +export GITHUB_PAT= +``` + +### Login to Google Cloud + +```sh +z login +``` + +### Add the application to the production `z.yaml` file. Skip this step if it is an existing application + +1. Create a branch: + + ```sh + git checkout -b users//add_developer_portal_to_production_cluster + ``` + +2. In the file `infra/live/gcp/production/prj-p-prod-apps/z_ase1.yaml` add the following: + + - in `apps` stanza add: + + ```yaml + clusters: + production: + apps: + developer-portal: + repo: https://github.com/Zilliqa/zilliqa-developer + path: products/developer-portal/cd/overlays/production + track: production + type: kustomize + ``` + + - in `subdomains` stanza add: + + ```yaml + infrastructure: + dns: + vars: + subdomains: + dev: {} + ``` + +3. Push the changes + + ```sh + git add . + git commit -m "Add Developer Portal to production cluster" + git push origin users//add_developer_portal_to_production_cluster + ``` + +4. Open a Pull Request to the main branch + +5. Apply the changes + + ```sh + z plan + z apply + ``` + +### Deploy the application + +```sh +z app sync --cache-dir=.cache developer-portal +``` + +Verify your application is running correct from the production URL and with `kubectl` commands (if required). diff --git a/products/developer-portal/cd/base/deployment.yaml b/products/developer-portal/cd/base/deployment.yaml index 2056e59ec..980ef7510 100644 --- a/products/developer-portal/cd/base/deployment.yaml +++ b/products/developer-portal/cd/base/deployment.yaml @@ -1,24 +1,24 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: zilliqa-devportal - namespace: devportal + name: developer-portal + namespace: developer-portal labels: - "app.kubernetes.io/name": "zilliqa-devportal" + app.kubernetes.io/name: "developer-portal" spec: replicas: 1 selector: matchLabels: - "app.kubernetes.io/name": "zilliqa-devportal" + app.kubernetes.io/name: "developer-portal" strategy: type: RollingUpdate template: metadata: labels: - "app.kubernetes.io/name": "zilliqa-devportal" + app.kubernetes.io/name: "developer-portal" spec: containers: - - image: zilliqa-devportal - name: zilliqa-devportal + - image: developer-portal + name: developer-portal ports: - containerPort: 80 diff --git a/products/developer-portal/cd/base/ingress.yaml b/products/developer-portal/cd/base/ingress.yaml index e8d0466b2..724e7945c 100644 --- a/products/developer-portal/cd/base/ingress.yaml +++ b/products/developer-portal/cd/base/ingress.yaml @@ -1,10 +1,10 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - name: zilliqa-devportal - namespace: devportal + name: developer-portal + namespace: developer-portal labels: - "app.kubernetes.io/name": "zilliqa-devportal" + app.kubernetes.io/name: "developer-portal" annotations: nginx.ingress.kubernetes.io/rewrite-target: /$2 spec: @@ -16,7 +16,7 @@ spec: pathType: Prefix backend: service: - name: zilliqa-devportal + name: developer-portal port: number: 80 - host: dev.zilliqa.com @@ -26,6 +26,6 @@ spec: pathType: Prefix backend: service: - name: zilliqa-devportal + name: developer-portal port: number: 80 diff --git a/products/developer-portal/cd/base/namespace.yaml b/products/developer-portal/cd/base/namespace.yaml index 48dc8e6f5..3c128e889 100644 --- a/products/developer-portal/cd/base/namespace.yaml +++ b/products/developer-portal/cd/base/namespace.yaml @@ -1,4 +1,4 @@ apiVersion: v1 kind: Namespace metadata: - name: devportal + name: developer-portal diff --git a/products/developer-portal/cd/base/svc.yaml b/products/developer-portal/cd/base/svc.yaml index c7f9949b9..1be54ad76 100644 --- a/products/developer-portal/cd/base/svc.yaml +++ b/products/developer-portal/cd/base/svc.yaml @@ -1,10 +1,10 @@ apiVersion: v1 kind: Service metadata: - name: zilliqa-devportal - namespace: devportal + name: developer-portal + namespace: developer-portal labels: - "app.kubernetes.io/name": "zilliqa-devportal" + app.kubernetes.io/name: "developer-portal" spec: type: ClusterIP ports: @@ -13,4 +13,4 @@ spec: protocol: TCP name: http selector: - "app.kubernetes.io/name": "zilliqa-devportal" + app.kubernetes.io/name: "developer-portal" diff --git a/products/developer-portal/cd/overlays/production/certificate.yaml b/products/developer-portal/cd/overlays/production/certificate.yaml new file mode 100644 index 000000000..09c998824 --- /dev/null +++ b/products/developer-portal/cd/overlays/production/certificate.yaml @@ -0,0 +1,7 @@ +apiVersion: networking.gke.io/v1 +kind: ManagedCertificate +metadata: + name: developer-portal +spec: + domains: + - dev.zilliqa.com diff --git a/products/developer-portal/cd/overlays/production/frontend-config.yaml b/products/developer-portal/cd/overlays/production/frontend-config.yaml new file mode 100644 index 000000000..6c78fff79 --- /dev/null +++ b/products/developer-portal/cd/overlays/production/frontend-config.yaml @@ -0,0 +1,8 @@ +apiVersion: networking.gke.io/v1beta1 +kind: FrontendConfig +metadata: + name: developer-portal +spec: + redirectToHttps: + enabled: true + responseCodeName: RESPONSE_CODE diff --git a/products/developer-portal/cd/overlays/production/kustomization.tpl.yaml b/products/developer-portal/cd/overlays/production/kustomization.tpl.yaml deleted file mode 100644 index b6db9def0..000000000 --- a/products/developer-portal/cd/overlays/production/kustomization.tpl.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -resources: - - ../../base -images: - - name: zilliqa-devportal - newName: 298213327629.dkr.ecr.us-west-2.amazonaws.com/zilliqa-devportal - newTag: ${FULL_VERSION_TAG} - -patches: - - patch: |- - - op: replace - path: "/spec/rules/0/host" - value: zilliqa-devportal.platform.prd.z7a.xyz - - op: replace - path: "/spec/rules/1/host" - value: dev.zilliqa.com - - op: replace - path: /metadata/annotations - value: - kubernetes.io/ingress.class: nginx - target: - kind: Ingress - name: neo-savant-ide - -namespace: devportal-prd diff --git a/products/developer-portal/cd/overlays/production/kustomization.yaml b/products/developer-portal/cd/overlays/production/kustomization.yaml new file mode 100644 index 000000000..2f09422fd --- /dev/null +++ b/products/developer-portal/cd/overlays/production/kustomization.yaml @@ -0,0 +1,27 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - ../../base + - certificate.yaml + - frontend-config.yaml + +patches: + - target: + kind: Ingress + name: developer-portal + patch: |- + - op: replace + path: "/spec/rules/0/host" + value: dev.zilliqa.com + - op: remove + path: "/spec/rules/1" + - op: replace + path: /metadata/annotations + value: + kubernetes.io/ingress.class: gce + kubernetes.io/ingress.global-static-ip-name: dev-zilliqa-com + networking.gke.io/managed-certificates: developer-portal + networking.gke.io/v1beta1.FrontendConfig: developer-portal + +namespace: developer-portal-prd diff --git a/products/developer-portal/cd/overlays/staging/certificate.yaml b/products/developer-portal/cd/overlays/staging/certificate.yaml index aebad961c..ead3610f2 100644 --- a/products/developer-portal/cd/overlays/staging/certificate.yaml +++ b/products/developer-portal/cd/overlays/staging/certificate.yaml @@ -1,7 +1,7 @@ apiVersion: networking.gke.io/v1 kind: ManagedCertificate metadata: - name: zilliqa-devportal + name: developer-portal spec: domains: - - zilliqa-devportal.zilstg.dev + - developer-portal.zilstg.dev diff --git a/products/developer-portal/cd/overlays/staging/kustomization.yaml b/products/developer-portal/cd/overlays/staging/kustomization.yaml index 6d5662676..4859c244c 100644 --- a/products/developer-portal/cd/overlays/staging/kustomization.yaml +++ b/products/developer-portal/cd/overlays/staging/kustomization.yaml @@ -8,11 +8,11 @@ resources: patches: - target: kind: Ingress - name: zilliqa-devportal + name: developer-portal patch: |- - op: replace path: "/spec/rules/0/host" - value: zilliqa-devportal.zilstg.dev + value: developer-portal.zilstg.dev - op: replace path: "/spec/rules/1/host" value: stg-dev.zilliqa.com @@ -20,7 +20,7 @@ patches: path: /metadata/annotations value: kubernetes.io/ingress.class: gce - kubernetes.io/ingress.global-static-ip-name: zilliqa-devportal-zilstg-dev - networking.gke.io/managed-certificates: zilliqa-devportal + kubernetes.io/ingress.global-static-ip-name: developer-portal-zilstg-dev + networking.gke.io/managed-certificates: developer-portal -namespace: devportal-staging +namespace: developer-portal-stg