Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ci(helm chart): multi-region deployment test step added #3662

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from
+161 −2
Draft

ci(helm chart): multi-region deployment test step added #3662

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 18 additions & 1 deletion .circleci/config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -966,6 +966,16 @@ jobs:
echo "🔐 We need 'sudo' to set permissions on postgres-data directory to 775"
sudo chmod 775 "./postgres-data"
fi
mkdir -p "./minio-region1-data"
if [ "$(stat -f "%A" "./minio-region1-data")" != "775" ]; then
echo "🔐 We need 'sudo' to set permissions on minio-region1-data directory to 775"
sudo chmod 775 "./minio-region1-data"
fi
mkdir -p "./postgres-region1-data"
if [ "$(stat -f "%A" "./postgres-region1-data")" != "775" ]; then
echo "🔐 We need 'sudo' to set permissions on postgres-data directory to 775"
sudo chmod 775 "./postgres-region1-data"
fi

- run:
name: Deploy Kubernetes (kind) cluster
Expand All @@ -975,12 +985,19 @@ jobs:
./.circleci/deployment/helm-chart-shell.nix

- run:
name: Deploy Kubernetes resources to cluster
name: Deploy Kubernetes resources to cluster (single-region)
command: |
nix-shell \
--run "LOAD_DOCKER='true' tilt ci --file ./.circleci/deployment/Tiltfile.helm --context kind-speckle-server --timeout 10m" \
./.circleci/deployment/helm-chart-shell.nix

- run:
name: Deploy Kubernetes resources to cluster (single-region)
command: |
nix-shell \
--run "ENABLE_MULTI_REGION='true' LOAD_DOCKER='true' tilt ci --file ./.circleci/deployment/Tiltfile.helm --context kind-speckle-server --timeout 10m" \
./.circleci/deployment/helm-chart-shell.nix

docker-build: &build-job
docker: *docker-base-image
resource_class: medium
Expand Down
2 changes: 1 addition & 1 deletion .circleci/deployment/Tiltfile.build
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,5 +12,5 @@ def speckle_image(package,original_package_name=None):
context='../..',
dockerfile='../../{}/Dockerfile'.format(package_dir),
platform='linux/amd64',
ignore = ['**/node_modules', '**/dist', '**/build', '**/coverage', 'minio-data', 'postgres-data']
ignore = ['**/node_modules', '**/dist', '**/build', '**/coverage', 'minio-data', 'postgres-data', 'minio-region1-data', 'postgres-region1-data']
)
28 changes: 28 additions & 0 deletions .circleci/deployment/Tiltfile.helm
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,11 +31,18 @@ speckle_image('webhook-service')
# Create namespaces
k8s_yaml_glob('./manifests/*.namespace.yaml')

IS_MULTI_REGION = os.getenv('ENABLE_MULTI_REGION', "false") == "true"

# Install volumes
k8s_yaml('./manifests/postgres.pv.yaml')
k8s_yaml('./manifests/postgres.pvc.yaml')
k8s_yaml('./manifests/minio.pv.yaml')
k8s_yaml('./manifests/minio.pvc.yaml')
if IS_MULTI_REGION:
k8s_yaml('./manifests/postgres-region1.pv.yaml')
k8s_yaml('./manifests/postgres-region1.pvc.yaml')
k8s_yaml('./manifests/minio-region1.pv.yaml')
k8s_yaml('./manifests/minio-region1.pvc.yaml')

# Update CoreDNS to allow for local resolution of services internally (i.e. speckle.internal will be routed to nginx)
local(command='./coredns-up.sh')
Expand Down Expand Up @@ -66,6 +73,27 @@ helm_resource('minio',
deps=['./values/minio.values.yaml'],
labels=['speckle-dependencies'])

if IS_MULTI_REGION:
helm_resource('postgresql-region1',
release_name='postgresql',
namespace='postgres-region1',
chart='oci://registry-1.docker.io/bitnamicharts/postgresql',
flags=['--version=^15.5.38',
'--values=./values/postgres-region1.values.yaml',
'--kube-context=kind-speckle-server'],
deps=['./values/postgres-region1.values.yaml'],
labels=['speckle-dependencies'])

helm_resource('minio-region1',
release_name='minio',
namespace='minio-region1',
chart='oci://registry-1.docker.io/bitnamicharts/minio',
flags=['--version=^12.0.0',
'--values=./values/minio-region1.values.yaml',
'--kube-context=kind-speckle-server'],
deps=['./values/minio-region1.values.yaml'],
labels=['speckle-dependencies'])

helm_resource('redis',
release_name='redis',
namespace='redis',
Expand Down
4 changes: 4 additions & 0 deletions .circleci/deployment/cluster-config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,10 @@ kindV1Alpha4Cluster:
containerPath: /postgres-volume
- hostPath: ./minio-data #FIXME the relative paths are liable to break
containerPath: /minio-volume
- hostPath: ./postgres-region1-data #FIXME the relative paths are liable to break
containerPath: /postgres-region1-volume
- hostPath: ./minio-region1-data #FIXME the relative paths are liable to break
containerPath: /minio-region1-volume
extraPortMappings:
- containerPort: 80
hostPort: 80 # Docker requires privileged ports binding permissions https://docs.docker.com/desktop/mac/permission-requirements/#binding-privileged-ports
Expand Down
4 changes: 4 additions & 0 deletions .circleci/deployment/manifests/minio-region1.namespace.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: 'minio-region1'
13 changes: 13 additions & 0 deletions .circleci/deployment/manifests/minio-region1.pv.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: minio-region1-pv
namespace: minio-region1
spec:
storageClassName: standard
accessModes:
- ReadWriteOnce
capacity:
storage: 2Gi
hostPath:
path: /minio-region1-volume
12 changes: 12 additions & 0 deletions .circleci/deployment/manifests/minio-region1.pvc.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: minio-region1-pvc
namespace: minio-region1
spec:
volumeName: minio-region1-pv
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 2Gi
4 changes: 4 additions & 0 deletions .circleci/deployment/manifests/postgres-region1.namespace.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: 'postgres-region1'
13 changes: 13 additions & 0 deletions .circleci/deployment/manifests/postgres-region1.pv.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: postgres-region1-pv
namespace: postgres-region1
spec:
storageClassName: standard
accessModes:
- ReadWriteOnce
capacity:
storage: 2Gi
hostPath:
path: /postgres-region1-volume
12 changes: 12 additions & 0 deletions .circleci/deployment/manifests/postgres-region1.pvc.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: postgres-region1-pvc
namespace: postgres-region1
spec:
volumeName: postgres-region1-pv
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 2Gi
11 changes: 11 additions & 0 deletions .circleci/deployment/values/minio-region1.values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
defaultBuckets: 'speckle-server'
auth:
rootUser: minioadmin
rootPassword: minioadmin
image:
debug: true
persistence:
enabled: true
existingClaim: minio-region1-pvc
volumePermissions:
enabled: true
37 changes: 37 additions & 0 deletions .circleci/deployment/values/postgres-region1.values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
image:
debug: true
volumePermissions:
enabled: true
primary:
auth:
username: postgres
password: postgres
database: postgres
persistence:
enabled: true
existingClaim: postgres-region1-pvc
initdb:
scripts:
00_speckleserver_database.sql: |
-- Speckle
CREATE USER speckle WITH PASSWORD 'speckle';
CREATE DATABASE speckle
WITH
OWNER = speckle;
GRANT ALL PRIVILEGES ON DATABASE speckle TO speckle;
GRANT ALL ON SCHEMA public TO speckle;
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO speckle;
GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO speckle;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON TABLES TO speckle;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO speckle;
-- End Speckle
-- Speckle Server Tests
CREATE DATABASE speckle2_test
WITH
OWNER = speckle
ENCODING = 'UTF8'
LC_COLLATE = 'en_US.UTF-8'
LC_CTYPE = 'en_US.UTF-8'
TABLESPACE = pg_default
CONNECTION LIMIT = -1;
-- End Speckle Server Tests
2 changes: 2 additions & 0 deletions .gitguardian.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,5 +29,7 @@ secret:
name: setup/keycloak/speckle-realm.json - secret for dev keycloak
- match: 2e1b3675a4049cd39fe6db081735f747730969071528270800f00fa98720d198
name: setup/keycloak/speckle-realm.json - algorithm name
- match: 6e0d657eb1f0fbc40cf0b8f3c3873ef627cc9cb7c4108d1c07d979c04bc8a4bb
name: .circleci/deployment/values/postgres-region1.values.yaml - test postgres password

version: 2
2 changes: 2 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,8 @@ introspected-schema.graphql
kubeconfig
minio-data/
postgres-data/
minio-region1-data/
postgres-region1-data/
redis-data/

.tshy-build
Expand Down