changes

724a929f · skahate · 68e81d1e · 724a929f · 724a929f · 724a929f
Commit 724a929f authored Feb 20, 2023 by skahate
6 changed files
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
+variables:
+  SERVICE_NAME: "project1414"
+  SERVICE_PORT: 1099
+  REGISTRY_URL: 751503455312.dkr.ecr.us-east-1.amazonaws.com/pgdockrepo
+  SONAR_URL: "http://pg-sonar-altimetrik-com-82028342.us-west-2.elb.amazonaws.com"
+  SONAR_LOGIN: "cc3fc35cad01a325d1b3904bcf3aa38b153fa7f1"
+  HOSTED_ZONE_ID: "Z101819827003V6KENPSK"
+  CERTIFICATE_ARN: "arn:aws:acm:us-east-1:751503455312:certificate/f255834c-9b98-49fa-9bec-6fde19a56640"
+  SUBNETS: "subnet-0e44bfbd8f2be1f91, subnet-023bf6d67dcdec2d7"
+  HEALTHCHECKPATH: "/"
+
+stages:
+  - Build
+  - ReleaseCleanup
+  - ReleaseDeploy
+  - Validation
+  - DeleteProject
+
+Build:
+  stage: Build
+  script:
+  - mvn  clean install -Dk8s.db.env=db-config-k8s
+  - aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin 751503455312.dkr.ecr.us-east-1.amazonaws.com
+  #- $(aws ecr get-login --no-include-email --region us-east-1)
+  - docker build -t 751503455312.dkr.ecr.us-east-1.amazonaws.com/pgdockrepo:$CI_PIPELINE_ID .
+  - docker push 751503455312.dkr.ecr.us-east-1.amazonaws.com/pgdockrepo:$CI_PIPELINE_ID
+  only:
+   variables:
+     - $CI_PIPELINE_SOURCE == "web"
+
+ReleaseCleanup:
+   stage: ReleaseCleanup
+   script: 
+   - echo `pwd`
+   - DNS_VALUE=`kubectl get ingress $SERVICE_NAME -o jsonpath="{.status.loadBalancer.ingress[0].hostname}"`
+   - sed -i s/DNS_NAME/${SERVICE_NAME}.pg-sandbox.altimetrik.com/g ./DeleteRecord.json
+   - sed -i s/DNS_VALUE/${DNS_VALUE}/g ./DeleteRecord.json
+   - cd ./helm && /usr/local/bin/helm uninstall $SERVICE_NAME
+   - kubectl patch ingress ${SERVICE_NAME} -p '{"metadata":{"finalizers":[]}}' --type=merge
+   - cd ../
+   - aws route53 change-resource-record-sets --hosted-zone-id $HOSTED_ZONE_ID --change-batch file://DeleteRecord.json
+   allow_failure: true
+   only:
+    variables:
+      - $CI_PIPELINE_SOURCE == "web"
+   
+
+ReleaseDeploy:
+   stage: ReleaseDeploy
+   script:
+   - echo `pwd`
+   - sed -i s/#BUILD_ID#/$CI_PIPELINE_ID/g ./helm/service/values.yaml 
+   - sed -i s/SERVICE_PORT/$SERVICE_PORT/g ./helm/service/values.yaml
+   - sed -i s/PROJECT_NAME/$RELEASE_NAME/g ./helm/service/values.yaml
+   - sed -i s/PROJECT_NAME/$RELEASE_NAME/g ./helm/service/Chart.yaml
+   - sed -i s#CERTIFICATE_ARN#${CERTIFICATE_ARN}#g ./helm/service/values.yaml
+   - sed -i s/SUBNETS/"$SUBNETS"/g ./helm/service/values.yaml
+   - sed -i s#HEALTHCHECKPATH#$HEALTHCHECKPATH#g ./helm/service/values.yaml
+   - cd ./helm && /usr/local/bin/helm install $RELEASE_NAME service
+   - cd ../
+   - sleep 125
+   - DNS_VALUE=`kubectl get ingress ${RELEASE_NAME} -o jsonpath="{.status.loadBalancer.ingress[0].hostname}"`
+   - sed -i s/DNS_NAME/${RELEASE_NAME}.pg-sandbox.altimetrik.com/g ./CreateRecord.json
+   - sed -i s/DNS_VALUE/${DNS_VALUE}/g ./CreateRecord.json
+   - aws route53 change-resource-record-sets --hosted-zone-id $HOSTED_ZONE_ID --change-batch file://CreateRecord.json
+   - sleep 80
+   only:
+    variables:
+      - $CI_PIPELINE_SOURCE == "web"
+
+Validation:
+    stage: Validation
+    script:
+    - if [ `curl -s -o /dev/null -I -w "%{http_code}" https://${RELEASE_NAME}.pg-sandbox.altimetrik.com` = "200" ]; then exit 0; else exit 1; fi
+    allow_failure: false
+    only:
+     variables:
+      - $CI_PIPELINE_SOURCE == "web"
+   
+
+DeleteProject:
+    stage: DeleteProject
+    script:
+    - echo `pwd`
+    - DNS_VALUE=`kubectl get ingress $SERVICE_NAME -o jsonpath="{.status.loadBalancer.ingress[0].hostname}"`
+    - sed -i s/DNS_NAME/${SERVICE_NAME}.pg-sandbox.altimetrik.com/g ./DeleteRecord.json
+    - sed -i s/DNS_VALUE/${DNS_VALUE}/g ./DeleteRecord.json
+    - cd ./helm && /usr/local/bin/helm uninstall $SERVICE_NAME
+    - kubectl patch ingress ${SERVICE_NAME} -p '{"metadata":{"finalizers":[]}}' --type=merge
+    - cd ../
+    - aws route53 change-resource-record-sets --hosted-zone-id $HOSTED_ZONE_ID --change-batch file://DeleteRecord.json
+    when: manual
+    only:
+     variables:
+      - $CI_PIPELINE_SOURCE == "web"
\ No newline at end of file
--- a/CreateRecord.json
+++ b/CreateRecord.json
+{
+ "Changes": [
+  {
+   "Action": "CREATE",
+   "ResourceRecordSet": {
+    "Name": "DNS_NAME",
+    "Type": "CNAME",
+    "TTL": 60,
+    "ResourceRecords": [
+     {
+      "Value": "DNS_VALUE"
+     }
+    ]
+   }
+  }
+ ]
+}
\ No newline at end of file
--- a/DeleteRecord.json
+++ b/DeleteRecord.json
+{
+ "Changes": [
+  {
+   "Action": "DELETE",
+   "ResourceRecordSet": {
+    "Name": "DNS_NAME",
+    "Type": "CNAME",
+    "TTL": 60,
+    "ResourceRecords": [
+     {
+      "Value": "DNS_VALUE"
+     }
+    ]
+   }
+  }
+ ]
+}
\ No newline at end of file
--- a/helm/service/templates/ingress.yaml
+++ b/helm/service/templates/ingress.yaml
@@ -10,10 +10,23 @@ metadata:
    helm.sh/chart: {{ include "SERVICE_NAME.chart" . }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/managed-by: {{ .Release.Service }}
-  {{- with .Values.ingress.annotations }}
  annotations:
-    {{- toYaml . | nindent 4 }}
-  {{- end }}
+    alb.ingress.kubernetes.io/scheme: internet-facing
+    alb.ingress.kubernetes.io/subnets: {{ .Values.ingress.subnets }}
+    kubernetes.io/ingress.class: alb
+    alb.ingress.kubernetes.io/target-type: instance
+    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]'
+    alb.ingress.kubernetes.io/ssl-redirect: '443'
+    alb.ingress.kubernetes.io/certificate-arn: {{ .Values.ingress.certificatearn }}
+    alb.ingress.kubernetes.io/healthcheck-protocol: HTTP
+    alb.ingress.kubernetes.io/healthcheck-port: traffic-port
+    alb.ingress.kubernetes.io/healthcheck-path: /
+    alb.ingress.kubernetes.io/healthcheck-interval-seconds: '15'
+    alb.ingress.kubernetes.io/healthcheck-timeout-seconds: '5'
+    alb.ingress.kubernetes.io/success-codes: '200,302'
+    alb.ingress.kubernetes.io/healthy-threshold-count: '2'
+    alb.ingress.kubernetes.io/unhealthy-threshold-count: '2'
+    alb.ingress.kubernetes.io/load-balancer-name: {{ $fullName }}
 spec:
 {{- if .Values.ingress.tls }}
  tls:

--- a/helm/service/values.yaml
+++ b/helm/service/values.yaml
-# Default values for SERVICE_NAME.
+# Default values for PROJECT_NAME.
 # This is a YAML-formatted file.
 # Declare variables to be passed into your templates.

 replicaCount: 1

 image:
-  repository: 279716074232.dkr.ecr.us-east-1.amazonaws.com/pgdockrepo
+  repository: 751503455312.dkr.ecr.us-east-1.amazonaws.com/pgdockrepo
  tag: #BUILD_ID#
  pullPolicy: IfNotPresent

@@ -13,22 +13,36 @@ nameOverride: ""
 fullnameOverride: ""

 service:
-  type: LoadBalancer
-  port: 80
-  internalport: #SERVICE_PORT#
+  type: NodePort
+  port: 1099 
+  internalport: 1099
+
+

 ingress:
-  enabled: false
-  annotations: {}
-    # kubernetes.io/ingress.class: nginx
-    # kubernetes.io/tls-acme: "true"
-  paths: []
+  enabled: true
+  paths:
+    - /*
+  
+  subnets: SUBNETS
+  certificatearn: CERTIFICATE_ARN
+  healthcheckpath: /
+  healthcheckintervalseconds: 15
+  healthchecktimeoutseconds: 5
+  successcodes: 200,302
+  healthythresholdcount: 2
+  unhealthythresholdcount: 2
+  loadbalancername: "SERVICE_NAME-alb-ingress"
+
  hosts:
-    - chart-example.local
-  tls: []
-  #  - secretName: chart-example-tls
-  #    hosts:
-  #      - chart-example.local
+     - host: SERVICE_NAME.pg-sandbox.altimetrik.com
+       serviceName: SERVICE_NAME
+       servicePort: SERVICE_PORT
+
+  tls:
+     - secretName: custom-tls-cert
+       hosts:
+         - SERVICE_NAME.pg-sandbox.altimetrik.com

 resources: {}
  # We usually recommend not to specify default resources and to leave this as a conscious
@@ -42,8 +56,8 @@ resources: {}
  #  cpu: 100m
  #  memory: 128Mi

-nodeSelector: {}
+nodeSelector: {env: common}

 tolerations: []

-affinity: {}
+affinity: {}
\ No newline at end of file
--- a/values.yaml
+++ b/values.yaml
+# Default values for PROJECT_NAME.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+replicaCount: 1
+
+image:
+  repository: 751503455312.dkr.ecr.us-east-1.amazonaws.com/pgdockrepo
+  tag: #BUILD_ID#
+  pullPolicy: IfNotPresent
+
+nameOverride: ""
+fullnameOverride: ""
+
+service:
+  type: NodePort
+  port: 1099 
+  internalport: 1099
+
+
+
+ingress:
+  enabled: true
+  paths:
+    - /
+  
+  subnets: SUBNETS
+  certificatearn: CERTIFICATE_ARN
+  healthcheckpath: /
+  healthcheckintervalseconds: 15
+  healthchecktimeoutseconds: 5
+  successcodes: 200,302
+  healthythresholdcount: 2
+  unhealthythresholdcount: 2
+  loadbalancername: "PROJECT_NAME-alb-ingress"
+
+  hosts:
+     - host: PROJECT_NAME.pg-sandbox.altimetrik.com
+       serviceName: PROJECT_NAME
+       servicePort: SERVICE_PORT
+
+  tls:
+     - secretName: custom-tls-cert
+       hosts:
+         - PROJECT_NAME.pg-sandbox.altimetrik.com
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  # limits:
+  #  cpu: 100m
+  #  memory: 128Mi
+  # requests:
+  #  cpu: 100m
+  #  memory: 128Mi
+
+nodeSelector: {env: common}
+
+tolerations: []
+
+affinity: {}
\ No newline at end of file