Merge pull request #2450 from Budibase/feature/helm-aws-support
Feature/helm aws support
This commit is contained in:
commit
f17d068626
|
@ -1,85 +0,0 @@
|
|||
# This workflow will build and push a new container image to Amazon ECR,
|
||||
# and then will deploy a new task definition to Amazon ECS, when a release is created
|
||||
#
|
||||
# To use this workflow, you will need to complete the following set-up steps:
|
||||
#
|
||||
# 1. Create an ECR repository to store your images.
|
||||
# For example: `aws ecr create-repository --repository-name my-ecr-repo --region us-east-2`.
|
||||
# Replace the value of `ECR_REPOSITORY` in the workflow below with your repository's name.
|
||||
# Replace the value of `aws-region` in the workflow below with your repository's region.
|
||||
#
|
||||
# 2. Create an ECS task definition, an ECS cluster, and an ECS service.
|
||||
# For example, follow the Getting Started guide on the ECS console:
|
||||
# https://us-east-2.console.aws.amazon.com/ecs/home?region=us-east-2#/firstRun
|
||||
# Replace the values for `service` and `cluster` in the workflow below with your service and cluster names.
|
||||
#
|
||||
# 3. Store your ECS task definition as a JSON file in your repository.
|
||||
# The format should follow the output of `aws ecs register-task-definition --generate-cli-skeleton`.
|
||||
# Replace the value of `task-definition` in the workflow below with your JSON file's name.
|
||||
# Replace the value of `container-name` in the workflow below with the name of the container
|
||||
# in the `containerDefinitions` section of the task definition.
|
||||
#
|
||||
# 4. Store an IAM user access key in GitHub Actions secrets named `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY`.
|
||||
# See the documentation for each action used below for the recommended IAM policies for this IAM user,
|
||||
# and best practices on handling the access key credentials.
|
||||
|
||||
on:
|
||||
push:
|
||||
tags:
|
||||
- 'v*'
|
||||
|
||||
name: Deploy to Amazon ECS
|
||||
|
||||
jobs:
|
||||
deploy:
|
||||
name: deploy
|
||||
runs-on: ubuntu-16.04
|
||||
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
|
||||
- name: Configure AWS credentials
|
||||
uses: aws-actions/configure-aws-credentials@v1
|
||||
with:
|
||||
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
||||
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
||||
aws-region: eu-west-1
|
||||
|
||||
- name: Download task definition
|
||||
run: |
|
||||
aws ecs describe-task-definition --task-definition ProdAppServerStackprodbudiapplbfargateserviceprodbudiappserverfargatetaskdefinition2EF7F1E7 --query taskDefinition > task-definition.json
|
||||
|
||||
- name: Login to Amazon ECR
|
||||
id: login-ecr
|
||||
uses: aws-actions/amazon-ecr-login@v1
|
||||
|
||||
- name: Build, tag, and push image to Amazon ECR
|
||||
id: build-image
|
||||
env:
|
||||
ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
|
||||
ECR_REPOSITORY: prod-budi-app-server
|
||||
IMAGE_TAG: ${{ github.sha }}
|
||||
run: |
|
||||
# Build a docker container and
|
||||
# push it to ECR so that it can
|
||||
# be deployed to ECS
|
||||
cd packages/server
|
||||
docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG .
|
||||
docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
|
||||
echo "::set-output name=image::$ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG"
|
||||
- name: Fill in the new image ID in the Amazon ECS task definition
|
||||
id: task-def
|
||||
uses: aws-actions/amazon-ecs-render-task-definition@v1
|
||||
with:
|
||||
task-definition: task-definition.json
|
||||
container-name: prod-budi-app-server
|
||||
image: ${{ steps.build-image.outputs.image }}
|
||||
|
||||
- name: Deploy Amazon ECS task definition
|
||||
uses: aws-actions/amazon-ecs-deploy-task-definition@v1
|
||||
with:
|
||||
task-definition: ${{ steps.task-def.outputs.task-definition }}
|
||||
service: prod-budi-app-server-service
|
||||
cluster: prod-budi-app-server
|
||||
wait-for-service-stability: true
|
|
@ -42,6 +42,10 @@ jobs:
|
|||
echo //registry.npmjs.org/:_authToken=${NPM_TOKEN} >> .npmrc
|
||||
yarn release
|
||||
|
||||
- name: Get Previous tag
|
||||
id: previoustag
|
||||
uses: "WyriHaximus/github-action-get-previous-tag@v1"
|
||||
|
||||
- name: Build/release Docker images
|
||||
run: |
|
||||
docker login -u $DOCKER_USER -p $DOCKER_PASSWORD
|
||||
|
@ -50,15 +54,18 @@ jobs:
|
|||
env:
|
||||
DOCKER_USER: ${{ secrets.DOCKER_USERNAME }}
|
||||
DOCKER_PASSWORD: ${{ secrets.DOCKER_API_KEY }}
|
||||
BUDIBASE_RELEASE_VERSION: ${{ steps.previoustag.outputs.tag }}
|
||||
|
||||
- uses: azure/setup-helm@v1
|
||||
id: install
|
||||
- uses: azure/setup-helm@v1
|
||||
id: install
|
||||
|
||||
- run: yarn release:helm
|
||||
# So, we need to inject the values into this
|
||||
- run: yarn release:helm
|
||||
|
||||
- name: Run chart-releaser
|
||||
uses: helm/chart-releaser-action@v1.1.0
|
||||
with:
|
||||
charts_dir: docs
|
||||
env:
|
||||
CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
|
||||
- name: Run chart-releaser
|
||||
uses: helm/chart-releaser-action@v1.1.0
|
||||
with:
|
||||
charts_dir: docs
|
||||
env:
|
||||
CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
|
||||
|
|
@ -38,3 +38,4 @@ dependencies:
|
|||
- name: ingress-nginx
|
||||
version: 3.35.0
|
||||
repository: https://github.com/kubernetes/ingress-nginx
|
||||
condition: services.ingress.nginx
|
||||
|
|
|
@ -0,0 +1,35 @@
|
|||
{{- if .Values.ingress.aws }}
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: ingress-budibase
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: alb
|
||||
alb.ingress.kubernetes.io/scheme: internet-facing
|
||||
alb.ingress.kubernetes.io/target-type: ip
|
||||
{{- if .Values.ingress.certificateArn }}
|
||||
alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_301"}}'
|
||||
alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS":443}]'
|
||||
alb.ingress.kubernetes.io/certificate-arn: {{ .Values.ingress.certificateArn }}
|
||||
{{- end }}
|
||||
spec:
|
||||
rules:
|
||||
- http:
|
||||
paths:
|
||||
{{- if .Values.ingress.certificateArn }}
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
backend:
|
||||
service:
|
||||
name: ssl-redirect
|
||||
port:
|
||||
name: use-annotation
|
||||
{{- end }}
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
backend:
|
||||
service:
|
||||
name: proxy-service
|
||||
port:
|
||||
number: {{ .Values.services.proxy.port }}
|
||||
{{- end }}
|
|
@ -58,6 +58,10 @@ spec:
|
|||
key: jwtSecret
|
||||
- name: LOG_LEVEL
|
||||
value: {{ .Values.services.apps.logLevel | default "info" | quote }}
|
||||
{{ if .Values.services.objectStore.region }}
|
||||
- name: AWS_REGION
|
||||
value: {{ .Values.services.objectStore.region }}
|
||||
{{ end }}
|
||||
- name: MINIO_ACCESS_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
|
|
|
@ -55,6 +55,10 @@ spec:
|
|||
secretKeyRef:
|
||||
name: {{ template "budibase.fullname" . }}
|
||||
key: jwtSecret
|
||||
{{ if .Values.services.objectStore.region }}
|
||||
- name: AWS_REGION
|
||||
value: {{ .Values.services.objectStore.region }}
|
||||
{{ end }}
|
||||
- name: MINIO_ACCESS_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
|
|
|
@ -41,6 +41,7 @@ service:
|
|||
|
||||
ingress:
|
||||
enabled: true
|
||||
nginx: true
|
||||
certificateArn: ""
|
||||
className: ""
|
||||
annotations:
|
||||
|
@ -135,6 +136,7 @@ services:
|
|||
replicaCount: 1
|
||||
accessKey: "" # AWS_ACCESS_KEY if using S3 or existing minio access key
|
||||
secretKey: "" # AWS_SECRET_ACCESS_KEY if using S3 or existing minio secret
|
||||
region: "" # AWS_REGION if using S3 or existing minio secret
|
||||
url: "" # only change if pointing to existing minio cluster and minio: false
|
||||
storage: 100Mi
|
||||
|
||||
|
|
|
@ -1,12 +1,23 @@
|
|||
#!/bin/bash
|
||||
|
||||
tag=$1
|
||||
tag=${tag:-latest}
|
||||
production=$2
|
||||
|
||||
echo "Tagging images with SHA: $GITHUB_SHA and tag: $tag"
|
||||
if [[ ! "$tag" ]]; then
|
||||
echo "No tag present. You must pass a tag to this script"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "Tagging images with tag: $tag"
|
||||
|
||||
docker tag app-service budibase/apps:$tag
|
||||
docker tag worker-service budibase/worker:$tag
|
||||
|
||||
docker push budibase/apps:$tag
|
||||
docker push budibase/worker:$tag
|
||||
if [[ "$production" ]]; then
|
||||
echo "Production Deployment. Tagging latest.."
|
||||
docker tag app-service budibase/apps:latest
|
||||
docker tag worker-service budibase/worker:latest
|
||||
fi
|
||||
|
||||
docker push --all-tags budibase/apps
|
||||
docker push --all-tags budibase/worker
|
||||
|
|
|
@ -43,7 +43,7 @@
|
|||
"lint:fix": "yarn run lint:fix:ts && yarn run lint:fix:prettier && yarn run lint:fix:eslint",
|
||||
"test:e2e": "lerna run cy:test",
|
||||
"test:e2e:ci": "lerna run cy:ci",
|
||||
"build:docker": "lerna run build:docker && cd hosting/scripts/linux/ && ./release-to-docker-hub.sh && cd -",
|
||||
"build:docker": "lerna run build:docker && cd hosting/scripts/linux/ && ./release-to-docker-hub.sh $BUDIBASE_RELEASE_VERSION release && cd -",
|
||||
"build:docker:develop": "node scripts/pinVersions && lerna run build:docker && cd hosting/scripts/linux/ && ./release-to-docker-hub.sh develop && cd -",
|
||||
"release:helm": "./scripts/release_helm_chart.sh",
|
||||
"multi:enable": "lerna run multi:enable",
|
||||
|
|
Loading…
Reference in New Issue