automate release tag in helm charts, remove superfluous build scripts

2021-08-24 16:58:10 +01:00 · 2021-08-24 16:58:10 +01:00 · 4cb057d6ab
parent 336c3ac1f2
commit 4cb057d6ab
9 changed files with 64 additions and 96 deletions
--- a/.github/workflows/ecs_deploy.yml
+++ b/.github/workflows/ecs_deploy.yml
@ -1,85 +0,0 @@
-# This workflow will build and push a new container image to Amazon ECR,
-# and then will deploy a new task definition to Amazon ECS, when a release is created
-#
-# To use this workflow, you will need to complete the following set-up steps:
-#
-# 1. Create an ECR repository to store your images.
-#    For example: `aws ecr create-repository --repository-name my-ecr-repo --region us-east-2`.
-#    Replace the value of `ECR_REPOSITORY` in the workflow below with your repository's name.
-#    Replace the value of `aws-region` in the workflow below with your repository's region.
-#
-# 2. Create an ECS task definition, an ECS cluster, and an ECS service.
-#    For example, follow the Getting Started guide on the ECS console:
-#      https://us-east-2.console.aws.amazon.com/ecs/home?region=us-east-2#/firstRun
-#    Replace the values for `service` and `cluster` in the workflow below with your service and cluster names.
-#
-# 3. Store your ECS task definition as a JSON file in your repository.
-#    The format should follow the output of `aws ecs register-task-definition --generate-cli-skeleton`.
-#    Replace the value of `task-definition` in the workflow below with your JSON file's name.
-#    Replace the value of `container-name` in the workflow below with the name of the container
-#    in the `containerDefinitions` section of the task definition.
-#
-# 4. Store an IAM user access key in GitHub Actions secrets named `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY`.
-#    See the documentation for each action used below for the recommended IAM policies for this IAM user,
-#    and best practices on handling the access key credentials.
-
-on:
-  push:
-    tags:
-      - 'v*'
-
-name: Deploy to Amazon ECS
-
-jobs:
-  deploy:
-    name: deploy
-    runs-on: ubuntu-16.04
-
-    steps:
-    - name: Checkout
-      uses: actions/checkout@v2
-
-    - name: Configure AWS credentials
-      uses: aws-actions/configure-aws-credentials@v1
-      with:
-        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-        aws-region: eu-west-1
-
-    - name: Download task definition
-      run: |
-        aws ecs describe-task-definition --task-definition ProdAppServerStackprodbudiapplbfargateserviceprodbudiappserverfargatetaskdefinition2EF7F1E7 --query taskDefinition > task-definition.json
-      
-    - name: Login to Amazon ECR
-      id: login-ecr
-      uses: aws-actions/amazon-ecr-login@v1
-
-    - name: Build, tag, and push image to Amazon ECR
-      id: build-image
-      env:
-        ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
-        ECR_REPOSITORY: prod-budi-app-server
-        IMAGE_TAG: ${{ github.sha }}
-      run: |
-        # Build a docker container and
-        # push it to ECR so that it can
-        # be deployed to ECS
-        cd packages/server
-        docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
-        docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
-        echo "::set-output name=image::$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG"
-    - name: Fill in the new image ID in the Amazon ECS task definition
-      id: task-def
-      uses: aws-actions/amazon-ecs-render-task-definition@v1
-      with:
-        task-definition: task-definition.json
-        container-name: prod-budi-app-server 
-        image: ${{ steps.build-image.outputs.image }}
-
-    - name: Deploy Amazon ECS task definition
-      uses: aws-actions/amazon-ecs-deploy-task-definition@v1
-      with:
-        task-definition: ${{ steps.task-def.outputs.task-definition }}
-        service: prod-budi-app-server-service
-        cluster: prod-budi-app-server
-        wait-for-service-stability: true
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -42,6 +42,10 @@ jobs:
          echo //registry.npmjs.org/:_authToken=${NPM_TOKEN} >> .npmrc 
          yarn release

+      - name: Get Previous tag
+          id: previoustag
+          uses: "WyriHaximus/github-action-get-previous-tag@v1"
+
      - name: Build/release Docker images
        run: | 
          docker login -u $DOCKER_USER -p $DOCKER_PASSWORD
@ -50,15 +54,18 @@ jobs:
        env:
          DOCKER_USER: ${{ secrets.DOCKER_USERNAME }}
          DOCKER_PASSWORD: ${{ secrets.DOCKER_API_KEY }}
+          BUDIBASE_RELEASE_VERSION: ${{ steps.previoustag.outputs.tag }}

-    - uses: azure/setup-helm@v1
-      id: install
+      - uses: azure/setup-helm@v1
+        id: install

-    - run: yarn release:helm
+      # So, we need to inject the values into this
+      - run: yarn release:helm
+
+      - name: Run chart-releaser
+        uses: helm/chart-releaser-action@v1.1.0
+        with:
+          charts_dir: docs
+        env:
+          CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
    
-    - name: Run chart-releaser
-      uses: helm/chart-releaser-action@v1.1.0
-      with:
-        charts_dir: docs
-      env:
-        CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
--- a/hosting/kubernetes/budibase/Chart.yaml
+++ b/hosting/kubernetes/budibase/Chart.yaml
@ -38,3 +38,4 @@ dependencies:
  - name: ingress-nginx
    version: 3.35.0 
    repository: https://github.com/kubernetes/ingress-nginx
+    condition: services.ingress.nginx
--- a/hosting/kubernetes/budibase/templates/alb-ingress.yaml
+++ b/hosting/kubernetes/budibase/templates/alb-ingress.yaml
@ -0,0 +1,35 @@
+{{- if .Values.ingress.aws }}
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: ingress-budibase
+  annotations:
+    kubernetes.io/ingress.class: alb
+    alb.ingress.kubernetes.io/scheme: internet-facing
+    alb.ingress.kubernetes.io/target-type: ip
+    {{- if .Values.ingress.certificateArn }}
+    alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}'
+    alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]'
+    alb.ingress.kubernetes.io/certificate-arn: {{ .Values.ingress.certificateArn }} 
+    {{- end }}
+spec:
+  rules:
+    - http:
+        paths:
+        {{- if .Values.ingress.certificateArn }}
+        - path: /
+          pathType: Prefix
+          backend:
+            service:
+              name: ssl-redirect
+              port:
+                name: use-annotation
+        {{- end }}
+        - path: /
+          pathType: Prefix
+          backend:
+            service:
+              name: proxy-service
+              port:
+                number: {{ .Values.services.proxy.port }}
+{{- end }}
--- a/hosting/kubernetes/budibase/templates/app-service-deployment.yaml
+++ b/hosting/kubernetes/budibase/templates/app-service-deployment.yaml
@ -58,6 +58,10 @@ spec:
              key: jwtSecret
        - name: LOG_LEVEL
          value: {{ .Values.services.apps.logLevel | default "info" | quote }}
+        {{ if .Values.services.objectStore.region }}
+        - name: AWS_REGION
+          value: {{ .Values.services.objectStore.region }}
+        {{ end }}
        - name: MINIO_ACCESS_KEY
          valueFrom:
            secretKeyRef:
--- a/hosting/kubernetes/budibase/templates/worker-service-deployment.yaml
+++ b/hosting/kubernetes/budibase/templates/worker-service-deployment.yaml
@ -55,6 +55,10 @@ spec:
            secretKeyRef:
              name: {{ template "budibase.fullname" . }}
              key: jwtSecret
+        {{ if .Values.services.objectStore.region }}
+        - name: AWS_REGION
+          value: {{ .Values.services.objectStore.region }}
+        {{ end }}
        - name: MINIO_ACCESS_KEY
          valueFrom:
            secretKeyRef:
--- a/hosting/kubernetes/budibase/values.yaml
+++ b/hosting/kubernetes/budibase/values.yaml
@ -41,6 +41,7 @@ service:

 ingress:
  enabled: true
+  nginx: true
  certificateArn: ""
  className: ""
  annotations: 
@ -135,6 +136,7 @@ services:
    replicaCount: 1
    accessKey: "" # AWS_ACCESS_KEY if using S3 or existing minio access key
    secretKey: "" # AWS_SECRET_ACCESS_KEY if using S3 or existing minio secret 
+    region: "" # AWS_REGION if using S3 or existing minio secret 
    url: "" # only change if pointing to existing minio cluster and minio: false 
    storage: 100Mi

--- a/hosting/scripts/linux/release-to-docker-hub.sh
+++ b/hosting/scripts/linux/release-to-docker-hub.sh
@ -3,7 +3,7 @@
 tag=$1
 tag=${tag:-latest}

-echo "Tagging images with SHA: $GITHUB_SHA and tag: $tag"
+echo "Tagging images with tag: $tag"

 docker tag app-service budibase/apps:$tag
 docker tag worker-service budibase/worker:$tag
--- a/package.json
+++ b/package.json
@ -43,7 +43,7 @@
    "lint:fix": "yarn run lint:fix:ts && yarn run lint:fix:prettier && yarn run lint:fix:eslint",
    "test:e2e": "lerna run cy:test",
    "test:e2e:ci": "lerna run cy:ci",
-    "build:docker": "lerna run build:docker && cd hosting/scripts/linux/ && ./release-to-docker-hub.sh && cd -",
+    "build:docker": "lerna run build:docker && cd hosting/scripts/linux/ && ./release-to-docker-hub.sh $BUDIBASE_RELEASE_VERSION && cd -",
    "build:docker:develop": "node scripts/pinVersions && lerna run build:docker && cd hosting/scripts/linux/ && ./release-to-docker-hub.sh develop && cd -",
    "release:helm": "./scripts/release_helm_chart.sh",
    "multi:enable": "lerna run multi:enable",