G3 5 deploy geneweaver api to shared clusters

.github/workflows/_check-coverage-action.yml

@@ -54,11 +54,13 @@ jobs:
           --cov-report=html \
           --cov-fail-under=${{ inputs.required-coverage }} > coverage_report.txt
       - name: Upload coverage report
+        if: '!cancelled()'
         uses: actions/upload-artifact@v3
         with:
           name: coverage-report
           path: coverage_report.txt
       - name: Upload coverage report
+        if: '!cancelled()'
         uses: actions/upload-artifact@v3
         with:
           name: coverage-report-html

.github/workflows/_skaffold-deploy-k8s.yml

@@ -0,0 +1,75 @@
+name: 'Python Tests Definition'
+on:
+  workflow_call:
+    inputs:
+      environment:
+        description: 'Deployment Environment'
+        required: true
+        type: string
+      default_image_repo:
+        description: 'Default repo'
+        required: false
+        type: string
+        default: "us-docker.pkg.dev/jax-cs-registry/docker/geneweaver"
+jobs:
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Install Skaffold
+        run: |
+          curl -Lo skaffold https://storage.googleapis.com/skaffold/releases/latest/skaffold-linux-amd64 && \
+          sudo install skaffold /usr/local/bin/
+      - name: Authenticate to Google Cloud
+        uses: 'google-github-actions/auth@v2'
+        with:
+          credentials_json: '${{ secrets.GCLOUD_REGISTRY_SA_KEY }}'
+      - name: Docker Login
+        run: gcloud auth configure-docker us-docker.pkg.dev,us-east1-docker.pkg.dev
+      - name: Build
+        run: |
+          skaffold build \
+          --default-repo=${{ inputs.default_image_repo }} \
+          --file-output=build.json
+      - name: Upload build artifact JSON
+        uses: actions/upload-artifact@v3
+        with:
+          name: Build Artifacts
+          path: build.json
+  deploy:
+    name: Deploy
+    runs-on: ubuntu-latest
+    environment: ${{ inputs.environment }}
+    needs: build
+    steps:
+      - uses: actions/checkout@v3
+      - name: Authenticate to Google Cloud
+        uses: 'google-github-actions/auth@v2'
+        with:
+          credentials_json: '${{ secrets.GCLOUD_CLUSTER_SA_KEY }}'
+      - name: Setup Gcloud
+        uses: google-github-actions/setup-gcloud@v1
+        with:
+          project_id: ${{ vars.CLUSTER_PROJECT }}
+          service_account_key: ${{ secrets.GCLOUD_CLUSTER_SA_KEY }}
+          export_default_credentials: true
+      - name: Get GKE Credentials
+        uses: google-github-actions/get-gke-credentials@v1
+        with:
+          cluster_name: ${{ vars.CLUSTER_NAME }}
+          location: ${{ vars.CLUSTER_REGION }}
+          project_id: ${{ vars.CLUSTER_PROJECT }}
+      - name: Download coverage report artifact
+        uses: actions/download-artifact@v3
+        with:
+          name: Build Artifacts
+      - name: Install Skaffold
+        run: |
+          curl -Lo skaffold https://storage.googleapis.com/skaffold/releases/latest/skaffold-linux-amd64 && \
+          sudo install skaffold /usr/local/bin/
+      - name: Deploy
+        run: |
+          skaffold deploy \
+          --profile ${{ inputs.environment }} \
+          --build-artifacts=build.json

.github/workflows/pull_requests.yml

@@ -0,0 +1,25 @@
+name: Pull Request Test, Build and Deploy
+on:
+  pull_request:
+    branches:
+      - 'main'
+jobs:
+  test:
+    name: Test
+    strategy:
+      matrix:
+        os: [ubuntu-latest, macos-latest]
+        python-version: ['3.9', '3.10', '3.11']
+    uses: ./.github/workflows/_run-tests-action.yml
+    with:
+      runner-os: ${{ matrix.os }}
+      python-version: ${{ matrix.python-version }}
+      required-coverage: ${{ vars.REQUIRED_COVERAGE }}
+  build_and_deploy:
+    name: Build and Deploy
+    needs: test
+    uses: ./.github/workflows/_skaffold-deploy-k8s.yml
+    with:
+      environment: jax-cluster-dev-10--dev
+      default_image_repo: "us-east1-docker.pkg.dev/jax-cs-registry/docker-test/geneweaver"
+    secrets: inherit

.github/workflows/release.yml

@@ -33,7 +33,7 @@ jobs:
     - name: Set up Python
       uses: actions/setup-python@v4
       with:
-        python-version: '3.9'z
+        python-version: '3.9'
 
     - name: Install dependencies
       run: |

.github/workflows/tests.yml

@@ -1,8 +1,5 @@
 name: Tests
 on:
-  pull_request:
-    branches:
-      - 'main'
   push:
     branches:
       - 'main'

Dockerfile

@@ -0,0 +1,22 @@
+FROM python:3.9
+
+ENV PYTHONUNBUFFERED 1
+ENV POETRY_HOME=/opt/poetry, POETRY_VIRTUALENVS_CREATE=false, POETRY_VERSION=1.3.0
+
+# Install poetry
+RUN python3 -m pip install --upgrade pip && \
+    curl -sSL https://install.python-poetry.org | python3 -
+
+ENV PATH="${POETRY_HOME}/bin:${PATH}"
+
+WORKDIR /app
+
+COPY pyproject.toml poetry.lock /app/
+
+RUN poetry install --without dev --sync --no-root
+
+COPY /src /app/src
+
+RUN poetry install --only-root
+
+CMD ["poetry", "run", "uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "8000", "--proxy-headers"]

deploy/k8s/base/configmap.yaml

@@ -0,0 +1,6 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: geneweaver-config
+data:
+  AUTH_CLIENT_ID: "T7bj6wlmtVcAN2O6kzDRwPVFyIj4UQNs"

deploy/k8s/base/deployment.yaml

@@ -0,0 +1,28 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: geneweaver-api
+  labels:
+    app: geneweaver-api
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: geneweaver-api
+  template:
+    metadata:
+      labels:
+        app: geneweaver-api
+    spec:
+      serviceAccountName: workload-identity-geneweaver
+      containers:
+        - name: geneweaver-api
+          image: geneweaver-api
+          imagePullPolicy: Always
+          envFrom:
+            - configMapRef:
+                name: geneweaver-config
+            - secretRef:
+                name: geneweaver-db
+          ports:
+            - containerPort: 8000

deploy/k8s/base/ingress.yaml

@@ -0,0 +1,13 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name:  divdb-api-ingress
+  annotations:
+    # NOTE: When deploying a new instance, make sure to use the staging issuer first
+    # so that you don't hit the rate limit for the production issuer.
+    cert-manager.io/cluster-issuer: "letsencrypt-staging"
+    # cert-manager.io/cluster-issuer: "letsencrypt-prod"
+    nginx.ingress.kubernetes.io/auth-url: "https://auth.jax-cluster-dev-10.jax.org/oauth2/auth"
+    nginx.ingress.kubernetes.io/auth-signin: "https://auth.jax-cluster-dev-10.jax.org/oauth2/start?rd=https://$http_host$escaped_request_uri"
+spec:
+  ingressClassName: nginx

deploy/k8s/base/kustomization.yaml

@@ -0,0 +1,9 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - configmap.yaml
+  - deployment.yaml
+  - service.yaml
+  # TODO: Uncomment the following line to enable ingress
+  # - ingress.yaml

deploy/k8s/base/service.yaml

@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: geneweaver-api
+  labels:
+    app: geneweaver-api
+spec:
+  type: ClusterIP
+  selector:
+    app: geneweaver-api
+  ports:
+    - protocol: TCP
+      name: direct
+      port: 80
+      targetPort: 8000

deploy/k8s/overlays/jax-cluster-dev-10--dev/kustomization.yaml

@@ -0,0 +1,11 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+namespace: dev
+
+bases:
+- ../../base
+
+#patchesStrategicMerge:
+#  - configmap.yaml
+#  - ingress.yaml

deploy/k8s/overlays/jax-cluster-dev-10--sqa/kustomization.yaml

@@ -0,0 +1,11 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+namespace: sqa
+
+bases:
+- ../../base
+
+#patchesStrategicMerge:
+#  - configmap.yaml
+#  - ingress.yaml

deploy/k8s/overlays/jax-cluster-prod-10--prod/configmap.yaml

@@ -0,0 +1,6 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: geneweaver-config
+data:
+  AUTH_CLIENT_ID: "oVm9omUtLBpVyL7YfJA8gp3hHaHwyVt8"

deploy/k8s/overlays/jax-cluster-prod-10--prod/kustomization.yaml

@@ -0,0 +1,11 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+namespace: prod
+
+bases:
+- ../../base
+
+#patchesStrategicMerge:
+#  - configmap.yaml
+#  - ingress.yaml

deploy/k8s/overlays/jax-cluster-prod-10--stage/configmap.yaml

@@ -0,0 +1,6 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: geneweaver-config
+data:
+  AUTH_CLIENT_ID: "oVm9omUtLBpVyL7YfJA8gp3hHaHwyVt8"

deploy/k8s/overlays/jax-cluster-prod-10--stage/kustomization.yaml

@@ -0,0 +1,11 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+namespace: stage
+
+bases:
+- ../../base
+
+#patchesStrategicMerge:
+#  - configmap.yaml
+#  - ingress.yaml

skaffold.yaml

@@ -0,0 +1,40 @@
+apiVersion: skaffold/v2beta29
+kind: Config
+metadata:
+  name: geneweaver-api
+build:
+  tagPolicy:
+    gitCommit:
+      variant: AbbrevCommitSha
+  artifacts:
+    - image: geneweaver-api
+      context: .
+      docker:
+          dockerfile: Dockerfile
+  local:
+    useBuildkit: true
+test:
+  - image: geneweaver-api
+    structureTests:
+      - deploy/tests/*
+profiles:
+  - name: jax-cluster-dev-10--dev
+    deploy:
+      kustomize:
+        paths:
+          - deploy/k8s/overlays/jax-cluster-dev-10--dev
+  - name: jax-cluster-dev-10--sqa
+    deploy:
+      kustomize:
+        paths:
+          - deploy/k8s/overlays/jax-cluster-dev-10--sqa
+  - name: jax-cluster-prod-10--stage
+    deploy:
+      kustomize:
+        paths:
+          - deploy/k8s/overlays/jax-cluster-prod-10--stage
+  - name: jax-cluster-prod-10--prod
+    deploy:
+      kustomize:
+        paths:
+          - deploy/k8s/overlays/jax-cluster-prod-10--prod

src/geneweaver/api/core/config.py

@@ -1,7 +1,4 @@
 """A namespace for the initialized Geneweaver API configuration."""
 from geneweaver.api.core.config_class import GeneweaverAPIConfig
-from geneweaver.db.core.settings_class import Settings as DBSettings
 
 settings = GeneweaverAPIConfig()
-
-db_settings = DBSettings()