diff --git a/.drone.yml b/.drone.yml deleted file mode 100644 index 530656d..0000000 --- a/.drone.yml +++ /dev/null @@ -1,104 +0,0 @@ -workspace: - base: /go - path: src/github.com/src-d/code-annotation - -branches: [master, staging] - -# ANCHORS - -build: &build - image: golang:1.9-alpine3.7 - commands: - - apk --update upgrade - - apk add --no-cache - bash make curl git - ca-certificates build-base - libxml2-dev protobuf - yarn - - make build-app - debug: true - -docker_image: &docker_image - group: docker - image: plugins/docker - registry: docker.io - repo: srcd/code-annotation - secrets: [ docker_username, docker_password ] - dockerfile: Dockerfile - debug: true - -helm_deploy: &helm_deploy - image: quay.io/ipedrazas/drone-helm@sha256:43a6e6f907e68925fdb46601981242d68c41eb3e67154d8675627e19fd78f216 - skip_tls_verify: true - chart: ./helm-charts/code-annotation - release: code-annotation - tiller_ns: kube-system - wait: true - -# PIPELINE STEPS - -pipeline: - - clone: - image: plugins/git - debug: true - - - # deployment to staging environment when staging is pushed - - build_stg: - <<: *build - when: - branch: [staging] - event: [push] - - docker_image_stg: - <<: *docker_image - # workaround for bug https://github.com/kubernetes/helm/issues/1707 - tag: 'commit-${DRONE_COMMIT_SHA:0:7}' - when: - branch: [staging] - event: [push] - - helm_deploy_stg: - <<: *helm_deploy - prefix: STG - secrets: [ STG_API_SERVER, STG_KUBERNETES_TOKEN ] - values_files: [ .helm-staging.yml ] - values: image.tag=commit-${DRONE_COMMIT_SHA:0:7} - when: - branch: [staging] - event: [push] - - # deployment to Production environment when a new tag is created; it will also: - # - push to GitHub release, the compiled binaries, - # - push to DockerHub, the docker image - - build_release: - <<: *build - when: - event: [tag] - - docker_image_release: - <<: *docker_image - tags: - - '${DRONE_TAG}' - - 'latest' - when: - event: [tag] - - github_binary_release: - image: plugins/github-release - secrets: [ github_token ] - files: build/*.tar.gz - when: - event: [tag] - - helm_deploy_release_prod: - <<: *helm_deploy - prefix: PROD - secrets: [ PROD_API_SERVER, PROD_KUBERNETES_TOKEN ] - values_files: [ .helm-production.yml ] - values: image.tag=${DRONE_TAG} - when: - event: [tag] diff --git a/.travis.yml b/.travis.yml index 2871719..17f088f 100644 --- a/.travis.yml +++ b/.travis.yml @@ -9,14 +9,49 @@ before_install: - nvm use 8 - npm install -g yarn +stages: + - name: test-linters-build + - name: staging + if: branch = staging AND type = push + - name: release + if: tag IS present + - name: release-helm + if: tag IS present + jobs: include: - - stage: Tests, linters and build + - name: 'Tests and linters' + stage: test-linters-build script: - make lint-frontend - make test-frontend - make lint-backend - make test - make validate-commit - - script: + - name: 'Build' + stage: test-linters-build + script: + - make build-app + - name: 'Deploy to staging' + stage: staging + script: + # Do not allow for subsequents script steps to run in case previous one fails + - make build-app && VERSION=commit-${TRAVIS_COMMIT:0:7} make docker-push && HELM_RELEASE=code-annotation HELM_CHART=code-annotation K8S_NAMESPACE=default HELM_ARGS="--repo https://src-d.github.io/charts/infra/ --version 0.1.0 --set image.tag=commit-${TRAVIS_COMMIT:0:7} -f .helm-staging.yml" make deploy + - name: 'Release' + stage: release + script: - make build-app + - DOCKER_PUSH_LATEST=true make docker-push + deploy: + provider: releases + api_key: $GITHUB_TOKEN + file_glob: true + file: build/*.tar.gz + skip_cleanup: true + on: + tags: true + go: 1.9.x + - name: 'Deploy to production' + stage: release-helm + script: + - B64_CA_CRT=$PRODUCTION_B64_CA_CRT SERVICE_ACCOUNT_TOKEN=$PRODUCTION_SERVICE_ACCOUNT_TOKEN CLUSTER_ENDPOINT=$PRODUCTION_CLUSTER_ENDPOINT HELM_RELEASE=code-annotation HELM_CHART=code-annotation K8S_NAMESPACE=default HELM_ARGS="--repo https://src-d.github.io/charts/infra/ --version 0.1.0 --set image.tag=$TRAVIS_TAG -f .helm-production.yml" make deploy diff --git a/Dockerfile b/Dockerfile index dab13ab..99407bd 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,8 +1,10 @@ -FROM alpine:3.7 +FROM debian:buster-slim ADD ./build/bin /bin -RUN apk --update upgrade && \ - apk add --no-cache ca-certificates +RUN apt-get update && \ + apt-get install -y --no-install-recommends --no-install-suggests \ + ca-certificates \ + && apt-get clean RUN mkdir /var/code-annotation ENTRYPOINT ["/bin/server"] diff --git a/helm-charts/code-annotation/.helmignore b/helm-charts/code-annotation/.helmignore deleted file mode 100644 index f0c1319..0000000 --- a/helm-charts/code-annotation/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/helm-charts/code-annotation/Chart.yaml b/helm-charts/code-annotation/Chart.yaml deleted file mode 100644 index 13af429..0000000 --- a/helm-charts/code-annotation/Chart.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -description: A Helm chart for Kubernetes -name: code-annotation -version: 0.1.0 diff --git a/helm-charts/code-annotation/README.md b/helm-charts/code-annotation/README.md deleted file mode 100644 index f41a1f5..0000000 --- a/helm-charts/code-annotation/README.md +++ /dev/null @@ -1,53 +0,0 @@ -# Code Annotation Tool - -This chart deploys source{d} [code annotation tool](https://github.com/src-d/code-annotation) - -## Pre-requisites - -* Kubernetes 1.4+ with Beta APIs enabled - -## Installing the chart - -All parameters under `settings` in [values.yaml](values.yaml) must be provided. - -``` -helm install -n --set \ -secrets.jwt_signing_key=,\ -secrets.github_client=,\ -secrets.github_secret=,\ -ingress.hostname=,\ -ingress.globalStaticIpName=,\ -image.tag= -``` - -These are the mandatory parameters that need to be provided or installation will fail. -Other parameters can be provided too but, if not, a default value will be used. - -It's also possible to set name of separately deployed secrets using parameter `secretName`. - -Full command for deployment: - -``` -helm install -n --set \ -secretName=,\ -ingress.hostname=,\ -ingress.globalStaticIpName=,\ -image.tag= -``` - -# Configuration - -Please refer to [values.yaml](values.yaml) for the full run-down on defaults. - -To override any of those default values, -specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. - -Alternatively, a YAML file that specifies the values for the parameters can be provided -while installing the chart. -For example, - -```bash -$ helm install --name -f values.yaml -``` - -> **Tip**: You can use the default [values.yaml](values.yaml) diff --git a/helm-charts/code-annotation/templates/_helpers.tpl b/helm-charts/code-annotation/templates/_helpers.tpl deleted file mode 100644 index f0d83d2..0000000 --- a/helm-charts/code-annotation/templates/_helpers.tpl +++ /dev/null @@ -1,16 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "fullname" -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} diff --git a/helm-charts/code-annotation/templates/deployment.yaml b/helm-charts/code-annotation/templates/deployment.yaml deleted file mode 100644 index 9056e05..0000000 --- a/helm-charts/code-annotation/templates/deployment.yaml +++ /dev/null @@ -1,72 +0,0 @@ -{{- $secretName := default (include "fullname" .) .Values.secretName -}} - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ template "fullname" . }} - labels: - app: {{ template "name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ template "name" . }} - release: {{ .Release.Name }} - spec: - volumes: - - name: "internal-database" - persistentVolumeClaim: - claimName: {{ template "fullname" . }} - containers: - - name: {{ .Chart.Name }} - image: "{{ .Values.image.repository }}:{{ required "Image tag is required" .Values.image.tag }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - env: - - name: CAT_OAUTH_RESTRICT_ACCESS - value: "{{ .Values.authorization.restrictAccessGroup }}" - - name: CAT_OAUTH_RESTRICT_REQUESTER_ACCESS - value: "{{ .Values.authorization.restrictRequesterGroup }}" - - name: CAT_SERVER_URL - value: "//{{ .Values.ingress.hostname }}" - - name: CAT_DB_CONNECTION - value: "sqlite://{{ .Values.deployment.internalDatabasePath }}/internal.db" - - name: CAT_OAUTH_CLIENT_ID - valueFrom: - secretKeyRef: - name: {{ $secretName }} - key: github_client - - name: CAT_OAUTH_CLIENT_SECRET - valueFrom: - secretKeyRef: - name: {{ $secretName }} - key: github_secret - - name: CAT_JWT_SIGNING_KEY - valueFrom: - secretKeyRef: - name: {{ $secretName }} - key: jwt_signing_key - - name: CAT_GA_TRACKING_ID - value: "{{ required "gaTrackingID is required" .Values.deployment.gaTrackingID }}" - ports: - - containerPort: {{ .Values.service.codeAnnotation.internalPort }} - volumeMounts: - - name: internal-database - mountPath: {{ .Values.deployment.internalDatabasePath }} - livenessProbe: - httpGet: - path: / - port: {{ .Values.service.codeAnnotation.internalPort }} - readinessProbe: - httpGet: - path: / - port: {{ .Values.service.codeAnnotation.internalPort }} - resources: -{{ toYaml .Values.resources | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 8 }} - {{- end }} diff --git a/helm-charts/code-annotation/templates/ingress.yaml b/helm-charts/code-annotation/templates/ingress.yaml deleted file mode 100644 index 7c84580..0000000 --- a/helm-charts/code-annotation/templates/ingress.yaml +++ /dev/null @@ -1,32 +0,0 @@ -{{- $serviceName := include "fullname" . -}} -{{- $servicePort := .Values.service.codeAnnotation.externalPort -}} -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - name: {{ template "fullname" . }} - labels: - app: {{ template "name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} - annotations: - {{- range $key, $value := .Values.ingress.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} - kubernetes.io/ingress.global-static-ip-name: {{ required "Missing .Values.ingress.globalStaticIpName" .Values.ingress.globalStaticIpName }} -spec: - rules: - - host: {{ required "Hostname is missing" .Values.ingress.hostname }} - http: - paths: - - path: /* - backend: - serviceName: {{ $serviceName }} - servicePort: {{ $servicePort }} - - {{- if .Values.ingress.tls }} - tls: - - secretName: "{{ template "fullname" . }}-tls" - hosts: - - {{ .Values.ingress.hostname }} - {{- end }} diff --git a/helm-charts/code-annotation/templates/persistent-volume-claim.yaml b/helm-charts/code-annotation/templates/persistent-volume-claim.yaml deleted file mode 100644 index 56fb8c0..0000000 --- a/helm-charts/code-annotation/templates/persistent-volume-claim.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - labels: - app: {{ template "fullname" . }} - name: {{ template "fullname" . }} -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 10Gi diff --git a/helm-charts/code-annotation/templates/secrets.yaml b/helm-charts/code-annotation/templates/secrets.yaml deleted file mode 100644 index bed9988..0000000 --- a/helm-charts/code-annotation/templates/secrets.yaml +++ /dev/null @@ -1,18 +0,0 @@ -# create secrets only if there is no name for existing secrets -{{- required "Secrets or secretName are missing" (or .Values.secretName .Values.secrets) }} -{{- if not .Values.secretName }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ template "fullname" . }} - labels: - app: {{ template "fullname" . }} - chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" - release: "{{ .Release.Name }}" - heritage: "{{ .Release.Service }}" -type: Opaque -data: - github_client: "{{ required "Github client ID is missing" .Values.secrets.github_client | b64enc }}" - github_secret: "{{ required "Github secret is missing" .Values.secrets.github_secret | b64enc }}" - jwt_signing_key: "{{ required "JWT signing key secret is missing" .Values.secrets.jwt_signing_key | b64enc }}" -{{- end }} diff --git a/helm-charts/code-annotation/templates/service.yaml b/helm-charts/code-annotation/templates/service.yaml deleted file mode 100644 index 87ddafe..0000000 --- a/helm-charts/code-annotation/templates/service.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ template "fullname" . }} - labels: - app: {{ template "name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.codeAnnotation.externalPort }} - targetPort: {{ .Values.service.codeAnnotation.internalPort }} - protocol: TCP - name: {{ .Values.service.codeAnnotation.name }} - selector: - app: {{ template "name" . }} - release: {{ .Release.Name }} diff --git a/helm-charts/code-annotation/values.yaml b/helm-charts/code-annotation/values.yaml deleted file mode 100644 index 322f54f..0000000 --- a/helm-charts/code-annotation/values.yaml +++ /dev/null @@ -1,52 +0,0 @@ -# Default values for landing. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -replicaCount: 1 - -# If provided, these will be used by the deployment -# nodeSelector: XXXXXXX - -image: - repository: docker.io/srcd/code-annotation - # tag must be received as a parameter - pullPolicy: IfNotPresent -deployment: - internalDatabasePath: "/var/code-annotation" - # gaTrackingID must be received as a parameter -authorization: - restrictAccessGroup: "org:src-d" - restrictRequesterGroup: "" -service: - type: NodePort - codeAnnotation: - externalPort: 8080 - internalPort: 8080 - name: code-annotation -ingress: - annotations: - kubernetes.io/ingress.class: gce - kubernetes.io/tls-acme: "true" - tls: true - # below values are required - # hostname: "code-annotation.srcd.run" - # globalStaticIpName: "code-annotation-ip" - -# Provide with 'helm install', and do NOT change it when doing 'helm upgrade' -# github_client: -# github_secret: -# jwt_signing_key: -# It's also possible to use deployed secrets by using argument: -# secretName: "existing name" - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - #requests: - # cpu: 100m - # memory: 128Mi - #