feat: Add kubernetes deployment (#19)

Co-authored-by: Zoey Kaiser <[email protected]>
sidebase · Jan 23, 2023 · e683ac0 · e683ac0
1 parent 2091148
commit e683ac0
Show file tree

Hide file tree

Showing 5 changed files with 189 additions and 2 deletions.
diff --git a/.drone.yml b/.drone.yml
@@ -0,0 +1,73 @@
+---
+kind: pipeline
+type: docker
+name: publish-sidebase-nuxt-auth-on-merge-main
+
+trigger:
+  event:
+    - push
+  branch:
+    - main
+
+steps:
+- name: publish-sidebase-nuxt-auth-on-merge-main
+  image: plugins/docker
+  settings:
+    repo: ghcr.io/sidebase/nuxt-auth-example/nuxt-auth-example
+    tags:
+        - "main"
+        - "${DRONE_COMMIT_SHA}"
+    custom_labels:
+        - key: org.opencontainers.image.source
+          value: https://github.com/sidebase/nuxt-auth-example
+    dockerfile: ./Dockerfile
+    context:  ./
+    cache_from:
+      - ghcr.io/sidebase/nuxt-auth-example/nuxt-auth-example:main
+    registry:  https://ghcr.io
+    username:
+      from_secret: SIDECHART_USERNAME
+    password:
+      from_secret: GITHUB_PACKAGES_TOKEN
+
+---
+
+kind: pipeline
+types: kubernetes
+name: deploy-sidebase-nuxt-auth-example
+
+environment:
+  GIT_LFS_SKIP_SMUDGE: 1
+
+clone:
+  depth: 1
+
+trigger:
+  event:
+    - push
+  branch:
+     - main
+
+steps:
+- name: deploy
+  image: deusavalon/aws-chamber-helmsman:0.1.0
+  environment:
+    AWS_ACCESS_KEY_ID:
+      from_secret: "AWS_ACCESS_KEY_ID_FOR_KUBECONFIG"
+    AWS_SECRET_ACCESS_KEY:
+      from_secret: "AWS_SECRET_ACCESS_KEY_FOR_KUBECONFIG"
+    AWS_DEFAULT_REGION: "eu-central-1"
+    SIDECHART_TOKEN:
+      from_secret: "SIDECHART_TOKEN"
+    SIDECHART_USERNAME:
+      from_secret: "SIDECHART_USERNAME"
+    GITHUB_PACKAGES_TOKEN:
+      from_secret: "GITHUB_PACKAGES_TOKEN"
+  commands:
+    - cd kubernetes/helm
+    - chamber export sidebase/nuxt-auth-example/dev --format dotenv > .env
+    - aws eks update-kubeconfig --name eks-cluster-sidestream
+    - helmsman --apply --debug -f helmsman.yml
+
+depends_on:
+  - publish-sidebase-nuxt-auth-on-merge-main
diff --git a/Dockerfile b/Dockerfile
@@ -23,9 +23,10 @@ FROM $NODE_VERSION-slim AS production
 
 COPY --from=production-base /app/.output /app/.output
 
-# Service hostname
+# Service hostname and port
 ENV NUXT_HOST=0.0.0.0
-
+ENV NUXT_PORT=80
+ENV PORT=80
 # Service version
 ARG NUXT_APP_VERSION
 ENV NUXT_APP_VERSION=${NUXT_APP_VERSION}

diff --git a/kubernetes/helm/helmsman.yml b/kubernetes/helm/helmsman.yml
@@ -0,0 +1,41 @@
+context: default
+
+metadata:
+  org: "github.com/sidebase/"
+  maintainer: "DevOps"
+  description: "Desired State File of the sidebase nuxt-auth-example deployment"
+
+settings:
+  kubeContext: "arn:aws:eks:eu-central-1:802385070966:cluster/eks-cluster-sidestream"
+  globalMaxHistory: 5
+
+namespaces:
+  sidebase-nuxt-auth:
+    protected: false
+
+helmRepos:
+  sidechart: "https://$SIDECHART_USERNAME:[email protected]/sidestream-tech/helm-charts/gh-pages/"
+
+apps:
+  sidebase-nuxt-auth:
+    namespace: "sidebase-nuxt-auth"
+    enabled: true
+    chart: "sidechart/sidechart"
+    version: "0.2.1"
+    valuesFile: values-sidebase-nuxt-auth.yml
+    test: false
+    protected: false
+    priority: -1
+    wait: true
+    timeout: 500
+    helmFlags: [
+      "--atomic",
+    ]
+    set:
+      "commitShortSHA": "$DRONE_COMMIT_SHA"
+      "image.tag": "$DRONE_COMMIT_SHA"
+      "imageCredentials.password": "$GITHUB_PACKAGES_TOKEN"
+      "secrets.data.github_client_id": "$GITHUB_CLIENT_ID"
+      "secrets.data.github_client_secret": "$GITHUB_CLIENT_SECRET"
+      "secrets.data.nuxt_secret": "$NUXT_SECRET"
+      "secrets.data.auth_origin": "$ORIGIN"
diff --git a/kubernetes/helm/values-sidebase-nuxt-auth.yml b/kubernetes/helm/values-sidebase-nuxt-auth.yml
@@ -0,0 +1,67 @@
+replicaCount: 1
+
+image:
+  repository: ghcr.io/sidebase/nuxt-auth-example/nuxt-auth-example
+  tag: main
+  pullPolicy: IfNotPresent
+
+imageCredentials:
+  password:
+
+volumes: []
+
+volumeMounts: []
+
+commitShortSHA: 123456
+
+service:
+  type: LoadBalancer
+  annotations:
+    external-dns.alpha.kubernetes.io/hostname: nuxt-auth-example.sidebase.io
+  ports:
+    http:
+      port: 80
+  health: /api/healthz
+  env:
+    - name: "GREET"
+      value: "scaffoldWashere"
+
+podAutoscaler:
+  minReplicas: 1
+  maxReplicas: 1
+  metrics:
+    - type: Resource
+      resource:
+        name: cpu
+        target:
+          type: Utilization
+          averageUtilization: 75
+
+oauth2:
+  enabled: false
+
+ingress:
+  enabled: false
+  class: nginx
+  certManager:
+    enabled: true
+    issuer: cloudflare-issuer
+  url: main.the-scaffold.k8s.sidestream.tech
+  timeoutEnabled: false
+  annotations: {}
+
+resources:
+  limits:
+    cpu: 250m
+    memory: 3Gi
+  requests:
+    cpu: 150m
+    memory: 2Gi
+
+secrets:
+  name: sidebase-nuxt-auth-secrets
+  data:
+    github_client_id: ""
+    github_client_secret: ""
+    nuxt_secret: ""
+    auth_origin: ""
diff --git a/server/api/healthz.ts b/server/api/healthz.ts
@@ -0,0 +1,5 @@
+export default defineEventHandler((event) => {
+    return {
+        service: 'online'
+    }
+})