Skip to content

Commit

Permalink
Merge pull request #2172 from ever-co/develop
Browse files Browse the repository at this point in the history
latest
  • Loading branch information
evereq authored Feb 6, 2024
2 parents 29d837f + 91de3dd commit 1ee648f
Show file tree
Hide file tree
Showing 32 changed files with 875 additions and 385 deletions.
509 changes: 250 additions & 259 deletions .cspell.json

Large diffs are not rendered by default.

82 changes: 82 additions & 0 deletions .deploy/k8s/k8s-manifest-api.dev.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,82 @@
---
kind: Service
apiVersion: v1
metadata:
name: ever-teams-dev-api-lb
annotations:
service.beta.kubernetes.io/do-loadbalancer-name: 'apidev.ever.team'
service.beta.kubernetes.io/do-loadbalancer-protocol: 'http2'
service.beta.kubernetes.io/do-loadbalancer-http2-ports: '443'
# Replace with your Certificate Id. You can get a list of Ids with 'doctl compute certificate list'
service.beta.kubernetes.io/do-loadbalancer-certificate-id: '0c4085c5-9692-4320-86f3-34f52b775a88'
service.beta.kubernetes.io/do-loadbalancer-size-slug: 'lb-small'
service.beta.kubernetes.io/do-loadbalancer-hostname: 'apidev.ever.team'
spec:
type: LoadBalancer
selector:
app: ever-teams-dev-api
ports:
- name: http
protocol: TCP
port: 443
targetPort: 3000
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: ever-teams-dev-api
spec:
replicas: 1
selector:
matchLabels:
app: ever-teams-dev-api
template:
metadata:
labels:
app: ever-teams-dev-api
spec:
containers:
- name: ever-teams-dev-api
image: registry.digitalocean.com/ever/gauzy-api-demo:latest
env:
- name: API_HOST
value: 0.0.0.0
- name: DEMO
value: 'true'
- name: CLOUD_PROVIDER
value: '$CLOUD_PROVIDER'
- name: NODE_ENV
value: 'development'
- name: ADMIN_PASSWORD_RESET
value: 'true'
- name: LOG_LEVEL
value: 'info'
- name: SENTRY_DSN
value: '$SENTRY_DSN'
- name: SENTRY_HTTP_TRACING_ENABLED
value: '$SENTRY_HTTP_TRACING_ENABLED'
- name: SENTRY_PROFILING_ENABLED
value: '$SENTRY_PROFILING_ENABLED'
- name: SENTRY_POSTGRES_TRACKING_ENABLED
value: '$SENTRY_POSTGRES_TRACKING_ENABLED'
- name: API_BASE_URL
value: 'https://apidev.ever.team'
- name: CLIENT_BASE_URL
value: 'https://demo.ever.team'
- name: EXPRESS_SESSION_SECRET
value: 'gauzy'
- name: JWT_SECRET
value: 'secretKey'
- name: JWT_REFRESH_TOKEN_SECRET
value: 'refreshSecretKey'
- name: JWT_REFRESH_TOKEN_EXPIRATION_TIME
value: '86400'
- name: OTEL_ENABLED
value: '$OTEL_ENABLED'
- name: OTEL_EXPORTER_OTLP_TRACES_ENDPOINT
value: '$OTEL_EXPORTER_OTLP_TRACES_ENDPOINT'
- name: OTEL_EXPORTER_OTLP_HEADERS
value: '$OTEL_EXPORTER_OTLP_HEADERS'
ports:
- containerPort: 3000
protocol: TCP
234 changes: 234 additions & 0 deletions .deploy/k8s/k8s-manifest-api.prod.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,234 @@
---
kind: Service
apiVersion: v1
metadata:
name: ever-teams-prod-api-lb
annotations:
service.beta.kubernetes.io/do-loadbalancer-name: 'api.ever.team'
service.beta.kubernetes.io/do-loadbalancer-protocol: 'http2'
service.beta.kubernetes.io/do-loadbalancer-http2-ports: '443'
# Replace with your Certificate Id. You can get a list of Ids with 'doctl compute certificate list'
service.beta.kubernetes.io/do-loadbalancer-certificate-id: '0c4085c5-9692-4320-86f3-34f52b775a88'
service.beta.kubernetes.io/do-loadbalancer-size-slug: 'lb-small'
service.beta.kubernetes.io/do-loadbalancer-hostname: 'api.ever.team'
spec:
type: LoadBalancer
selector:
app: ever-teams-prod-api
ports:
- name: http
protocol: TCP
port: 443
targetPort: 3000
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: ever-teams-prod-api
spec:
replicas: 3
selector:
matchLabels:
app: ever-teams-prod-api
template:
metadata:
labels:
app: ever-teams-prod-api
spec:
containers:
- name: ever-teams-prod-api
image: registry.digitalocean.com/ever/gauzy-api:latest
resources:
requests:
memory: '1536Mi'
cpu: '1000m'
limits:
memory: '2048Mi'
env:
- name: API_HOST
value: 0.0.0.0
- name: DEMO
value: 'false'
- name: NODE_ENV
value: 'production'
- name: ADMIN_PASSWORD_RESET
value: 'true'
- name: LOG_LEVEL
value: 'info'
- name: CLOUD_PROVIDER
value: '$CLOUD_PROVIDER'
- name: SENTRY_DSN
value: '$SENTRY_DSN'
- name: SENTRY_HTTP_TRACING_ENABLED
value: '$SENTRY_HTTP_TRACING_ENABLED'
- name: SENTRY_PROFILING_ENABLED
value: '$SENTRY_PROFILING_ENABLED'
- name: SENTRY_POSTGRES_TRACKING_ENABLED
value: '$SENTRY_POSTGRES_TRACKING_ENABLED'
- name: API_BASE_URL
value: 'https://api.ever.team'
- name: CLIENT_BASE_URL
value: 'https://app.ever.team'
- name: DB_URI
value: '$DB_URI'
- name: DB_HOST
value: '$DB_HOST'
- name: DB_SSL_MODE
value: '$DB_SSL_MODE'
- name: DB_CA_CERT
value: '$DB_CA_CERT'
- name: DB_USER
value: '$DB_USER'
- name: DB_PASS
value: '$DB_PASS'
- name: DB_TYPE
value: '$DB_TYPE'
- name: DB_NAME
value: '$DB_NAME'
- name: DB_PORT
value: '$DB_PORT'
- name: REDIS_ENABLED
value: '$REDIS_ENABLED'
- name: REDIS_URL
value: '$REDIS_URL'
- name: AWS_ACCESS_KEY_ID
value: '$AWS_ACCESS_KEY_ID'
- name: AWS_SECRET_ACCESS_KEY
value: '$AWS_SECRET_ACCESS_KEY'
- name: AWS_REGION
value: '$AWS_REGION'
- name: AWS_S3_BUCKET
value: '$AWS_S3_BUCKET'
- name: WASABI_ACCESS_KEY_ID
value: '$WASABI_ACCESS_KEY_ID'
- name: WASABI_SECRET_ACCESS_KEY
value: '$WASABI_SECRET_ACCESS_KEY'
- name: WASABI_REGION
value: '$WASABI_REGION'
- name: WASABI_SERVICE_URL
value: '$WASABI_SERVICE_URL'
- name: WASABI_S3_BUCKET
value: '$WASABI_S3_BUCKET'
- name: EXPRESS_SESSION_SECRET
value: '$EXPRESS_SESSION_SECRET'
- name: JWT_SECRET
value: '$JWT_SECRET'
- name: JWT_REFRESH_TOKEN_SECRET
value: '$JWT_REFRESH_TOKEN_SECRET'
- name: JWT_REFRESH_TOKEN_EXPIRATION_TIME
value: '$JWT_REFRESH_TOKEN_EXPIRATION_TIME'
- name: CLOUDINARY_API_KEY
value: '$CLOUDINARY_API_KEY'
- name: CLOUDINARY_API_SECRET
value: '$CLOUDINARY_API_SECRET'
- name: CLOUDINARY_CLOUD_NAME
value: '$CLOUDINARY_CLOUD_NAME'
- name: DEFAULT_CURRENCY
value: 'USD'
- name: MAIL_FROM_ADDRESS
value: '$MAIL_FROM_ADDRESS'
- name: MAIL_HOST
value: '$MAIL_HOST'
- name: MAIL_PORT
value: '$MAIL_PORT'
- name: MAIL_USERNAME
value: '$MAIL_USERNAME'
- name: MAIL_PASSWORD
value: '$MAIL_PASSWORD'
- name: ALLOW_SUPER_ADMIN_ROLE
value: '$ALLOW_SUPER_ADMIN_ROLE'
- name: GOOGLE_CLIENT_ID
value: '$GOOGLE_CLIENT_ID'
- name: GOOGLE_CLIENT_SECRET
value: '$GOOGLE_CLIENT_SECRET'
- name: GOOGLE_CALLBACK_URL
value: '$GOOGLE_CALLBACK_URL'
- name: FACEBOOK_CLIENT_ID
value: '$FACEBOOK_CLIENT_ID'
- name: FACEBOOK_CLIENT_SECRET
value: '$FACEBOOK_CLIENT_SECRET'
- name: FACEBOOK_GRAPH_VERSION
value: '$FACEBOOK_GRAPH_VERSION'
- name: FACEBOOK_CALLBACK_URL
value: '$FACEBOOK_CALLBACK_URL'
- name: INTEGRATED_USER_DEFAULT_PASS
value: '$INTEGRATED_USER_DEFAULT_PASS'
- name: UPWORK_REDIRECT_URL
value: '$UPWORK_REDIRECT_URL'
- name: FILE_PROVIDER
value: '$FILE_PROVIDER'
- name: GAUZY_AI_GRAPHQL_ENDPOINT
value: '$GAUZY_AI_GRAPHQL_ENDPOINT'
- name: GAUZY_AI_REST_ENDPOINT
value: '$GAUZY_AI_REST_ENDPOINT'
- name: UNLEASH_APP_NAME
value: '$UNLEASH_APP_NAME'
- name: UNLEASH_API_URL
value: '$UNLEASH_API_URL'
- name: UNLEASH_INSTANCE_ID
value: '$UNLEASH_INSTANCE_ID'
- name: UNLEASH_REFRESH_INTERVAL
value: '$UNLEASH_REFRESH_INTERVAL'
- name: UNLEASH_METRICS_INTERVAL
value: '$UNLEASH_METRICS_INTERVAL'
- name: UNLEASH_API_KEY
value: '$UNLEASH_API_KEY'
- name: PM2_PUBLIC_KEY
value: '$PM2_PUBLIC_KEY'
- name: PM2_SECRET_KEY
value: '$PM2_SECRET_KEY'
- name: PM2_MACHINE_NAME
value: '$PM2_MACHINE_NAME'
- name: JITSU_SERVER_URL
value: '$JITSU_SERVER_URL'
- name: JITSU_SERVER_WRITE_KEY
value: '$JITSU_SERVER_WRITE_KEY'
- name: OTEL_ENABLED
value: '$OTEL_ENABLED'
- name: OTEL_EXPORTER_OTLP_TRACES_ENDPOINT
value: '$OTEL_EXPORTER_OTLP_TRACES_ENDPOINT'
- name: OTEL_EXPORTER_OTLP_HEADERS
value: '$OTEL_EXPORTER_OTLP_HEADERS'
- name: GAUZY_GITHUB_CLIENT_ID
value: '$GAUZY_GITHUB_CLIENT_ID'
- name: GAUZY_GITHUB_CLIENT_SECRET
value: '$GAUZY_GITHUB_CLIENT_SECRET'
- name: GAUZY_GITHUB_WEBHOOK_URL
value: '$GAUZY_GITHUB_WEBHOOK_URL'
- name: GAUZY_GITHUB_WEBHOOK_SECRET
value: '$GAUZY_GITHUB_WEBHOOK_SECRET'
- name: GAUZY_GITHUB_APP_PRIVATE_KEY
value: '$GAUZY_GITHUB_APP_PRIVATE_KEY'
- name: GAUZY_GITHUB_APP_ID
value: '$GAUZY_GITHUB_APP_ID'
- name: GAUZY_GITHUB_APP_NAME
value: '$GAUZY_GITHUB_APP_NAME'
- name: GAUZY_GITHUB_POST_INSTALL_URL
value: '$GAUZY_GITHUB_POST_INSTALL_URL'
- name: GAUZY_GITHUB_OAUTH_CLIENT_ID
value: '$GAUZY_GITHUB_OAUTH_CLIENT_ID'
- name: GAUZY_GITHUB_OAUTH_CLIENT_SECRET
value: '$GAUZY_GITHUB_OAUTH_CLIENT_SECRET'
- name: GAUZY_GITHUB_OAUTH_CALLBACK_URL
value: '$GAUZY_GITHUB_OAUTH_CALLBACK_URL'
- name: MAGIC_CODE_EXPIRATION_TIME
value: '$MAGIC_CODE_EXPIRATION_TIME'
- name: APP_NAME
value: '$APP_NAME'
- name: APP_LOGO
value: '$APP_LOGO'
- name: APP_SIGNATURE
value: '$APP_SIGNATURE'
- name: APP_LINK
value: '$APP_LINK'
- name: APP_EMAIL_CONFIRMATION_URL
value: '$APP_EMAIL_CONFIRMATION_URL'
- name: APP_MAGIC_SIGN_URL
value: '$APP_MAGIC_SIGN_URL'
- name: COMPANY_LINK
value: '$COMPANY_LINK'
- name: COMPANY_NAME
value: '$COMPANY_NAME'
ports:
- containerPort: 3000
protocol: TCP
2 changes: 1 addition & 1 deletion .deploy/k8s/k8s-manifest.dev.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,8 @@ spec:
targetPort: 3000

---
apiVersion: apps/v1
kind: Deployment
apiVersion: apps/v1
metadata:
name: ever-teams-dev-webapp
spec:
Expand Down
2 changes: 1 addition & 1 deletion .deploy/k8s/k8s-manifest.prod.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,8 @@ spec:
targetPort: 3000

---
apiVersion: apps/v1
kind: Deployment
apiVersion: apps/v1
metadata:
name: ever-teams-prod-webapp
spec:
Expand Down
53 changes: 53 additions & 0 deletions .github/workflows/deploy-api-do-dev.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
name: Deploy API to DigitalOcean Dev

on:
push:
branches: [develop]

concurrency:
group: ${{ github.ref }}-${{ github.workflow }}
cancel-in-progress: true

jobs:
deploy-api-dev:
runs-on: buildjet-4vcpu-ubuntu-2204

environment: dev

steps:
- name: Checkout
uses: actions/checkout@v4

- name: Install doctl

Check warning on line 21 in .github/workflows/deploy-api-do-dev.yml

View workflow job for this annotation

GitHub Actions / Cspell

Unknown word (doctl)
uses: digitalocean/action-doctl@v2

Check warning on line 22 in .github/workflows/deploy-api-do-dev.yml

View workflow job for this annotation

GitHub Actions / Cspell

Unknown word (doctl)
with:
token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }}

- name: Log in to DigitalOcean Container Registry with short-lived credentials
run: doctl registry login --expiry-seconds 600

Check warning on line 27 in .github/workflows/deploy-api-do-dev.yml

View workflow job for this annotation

GitHub Actions / Cspell

Unknown word (doctl)

- name: Save DigitalOcean kubeconfig with short-lived credentials

Check warning on line 29 in .github/workflows/deploy-api-do-dev.yml

View workflow job for this annotation

GitHub Actions / Cspell

Unknown word (kubeconfig)
run: doctl kubernetes cluster kubeconfig save --expiry-seconds 600 k8s-gauzy

Check warning on line 30 in .github/workflows/deploy-api-do-dev.yml

View workflow job for this annotation

GitHub Actions / Cspell

Unknown word (doctl)

Check warning on line 30 in .github/workflows/deploy-api-do-dev.yml

View workflow job for this annotation

GitHub Actions / Cspell

Unknown word (kubeconfig)

- name: Apply k8s manifests changes in DigitalOcean k8s cluster (if any)
run: |
envsubst < $GITHUB_WORKSPACE/.deploy/k8s/k8s-manifest-api.dev.yaml | kubectl --context do-sfo2-k8s-gauzy apply -f -

Check warning on line 34 in .github/workflows/deploy-api-do-dev.yml

View workflow job for this annotation

GitHub Actions / Cspell

Unknown word (envsubst)
env:
# below we are using GitHub secrets for both frontend and backend
CLOUD_PROVIDER: 'DO'
DB_NAME: '${{ secrets.DB_NAME }}'
SENTRY_DSN: '${{ secrets.SENTRY_DSN }}'
SENTRY_TRACES_SAMPLE_RATE: '${{ secrets.SENTRY_TRACES_SAMPLE_RATE }}'
SENTRY_PROFILE_SAMPLE_RATE: '${{ secrets.SENTRY_PROFILE_SAMPLE_RATE }}'
SENTRY_HTTP_TRACING_ENABLED: '${{ secrets.SENTRY_HTTP_TRACING_ENABLED }}'
SENTRY_POSTGRES_TRACKING_ENABLED: '${{ secrets.SENTRY_POSTGRES_TRACKING_ENABLED }}'
SENTRY_PROFILING_ENABLED: '${{ secrets.SENTRY_PROFILING_ENABLED }}'
OTEL_ENABLED: '${{ secrets.OTEL_ENABLED }}'

Check warning on line 45 in .github/workflows/deploy-api-do-dev.yml

View workflow job for this annotation

GitHub Actions / Cspell

Unknown word (OTEL)

Check warning on line 45 in .github/workflows/deploy-api-do-dev.yml

View workflow job for this annotation

GitHub Actions / Cspell

Unknown word (OTEL)
OTEL_EXPORTER_OTLP_TRACES_ENDPOINT: '${{ secrets.OTEL_EXPORTER_OTLP_TRACES_ENDPOINT }}'

Check warning on line 46 in .github/workflows/deploy-api-do-dev.yml

View workflow job for this annotation

GitHub Actions / Cspell

Unknown word (OTEL)
OTEL_EXPORTER_OTLP_HEADERS: '${{ secrets.OTEL_EXPORTER_OTLP_HEADERS }}'

# we need this step because for now we just use :latest tag
# note: for production we will use different strategy later
- name: Restart Pods to pick up :latest tag version
run: |
kubectl --context do-sfo2-k8s-gauzy rollout restart deployment/ever-teams-dev-api
Loading

0 comments on commit 1ee648f

Please sign in to comment.