kubernetes_helper 1.14.0 → 1.16.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 33da4492b4f95cbd8a47c55b8b2449f99b0c2224e7b52017e12d95c50efa2414
-  data.tar.gz: d7a12f66bfbd86a252acd1d6e57978a1f73497f7578cc0f9c484b1c4f93983a4
+  metadata.gz: bd1b1fbd529561166b5e90b3ece98cd5f9abb81d1d652dcd52d62179daddbd14
+  data.tar.gz: a6bb05e8553de13d43d7b9bc9c46ea5aa1dc03e1adca3fc286cb7b7ed73609ff
 SHA512:
-  metadata.gz: 10cabcc986c70e54adf560d32c834c6421958fdbf0dcaf1d991e9a1bd994cb34c4f9dd126261abc638c2bff1dd899e776840c83da8887c10e0975607cd3641b9
-  data.tar.gz: 306780df8402e223537b35fc02edaf7f8157b91aa7c8ce0512d38e49e46bcb529a3da06eb495fd0ea167e076423f6cd952ed5a5b9d2dbcf5bf14b34a627d561c
+  metadata.gz: 5fde4038a234dafaa435aa6aca47348a090bb79d53a3ba3357a3d632b1f85a849322b70851da89674412abe5d679a72feeb30ac0b86b2de83f4dd9bc3224fb8d
+  data.tar.gz: 89ca63330472ad00a1b06004be34c43b7de2582a509247c75d605c5aa6743b64fd653d51fe3459eb1a9d24071faf18a1632663946d274c2ff7dd425a5dc7f220

data/README.md

@@ -43,12 +43,17 @@ Configuration and customization can be done for multiple environments and at any
 - `deployment.log_container` (Boolean, default true): Permits to auto include logs container to print all logs from logs/*.log to stdout (required for papertrail using fluentd)
 - `deployment.log_folder` (String, default `/app/log`): Logs to be printed from
 - `deployment.app_port` (Integer, default 3000): Application port number
+- `deployment.resources` (Hash, optional): Configure depending on the web app requirements. Sample: `{ cpu: { max: '1', min: '500m' }, mem: { max: '1Gi', min: '500Mi' } }`
+
+- `deployment.cloudsql_resources` (Hash, optional): Configure depending on the app requirements. Default: `{ cpu: { max: '300m', min: '100m' }, mem: { max: '500Mi', min: '200Mi' } }`
+- `deployment.logs_resources` (Hash, optional): Configure depending on the app requirements. Default: `{ cpu: { max: '200m', min: '50m' }, mem: { max: '200Mi', min: '50Mi' } }`
 
 ### Application deployment.yml for jobs or services without internet interaction (Optional)
 - `deployment.job_name` (String, optional): Job deployment name (Note: Underscores are not accepted). Sample: `my-app-job`. Note: This deployment is created only if this value is present
 - `deployment.job_command` (String, optional): Bash command to be used for job container. Sample: `bundle exec sidekiq`
 - `deployment.job_sidekiq_alive_gem` (Boolean, default false): If true will add liveness checker settings using `sidekiq_alive_gem` (`sidekiq_alive` gem needs to be present in your Gemfile)
 - `deployment.job_services` (Array, Optional, only `job_sidekiq_alive_gem` or `job_services` is allowed): List of linux service names that are required for a healthy job container. Sample: `['sidekiq', 'cron']` 
+- `deployment.job_resources` (Hash, optional): Configure depending on the job app requirements. Sample: `{ cpu: { max: '1', min: '500m' }, mem: { max: '1Gi', min: '500Mi' } }`
 
 ### Applications secrets.yml (Optional)
 - `secrets.name` (String): K8s secrets name where env vars will be saved and fetched from. Sample: `my-app-secrets`
@@ -57,6 +62,9 @@ Configuration and customization can be done for multiple environments and at any
 - `service.name`: K8s service name. Sample: `my-app-service`
 - `service.port_name` (String, default `http-port`): Http port name to connect between k8s ingress and service. Sample: `http-port`. Note: max 15 characters
 - `service.backend_port_name` (String, default `b-port`): Web backend port name to be connected between k8s service and web deployments. Sample: `b-port`. Note: max 15 characters
+- `service.type`: K8s service type. By default `NodePort`
+- `service.do_certificate_id`: Digital Ocean certificate ID to be used for the loadbalancer to auto redirect http to https.       
+   Note: This value can be fetched via `doctl compute certificate list`. If there are no certificates available, you can generate a new one using digital ocean dashboard -> networking -> certificates.
 
 ### Application ingress.yml (Optional)
 - `ingress.name`: Name of k8s ingress for the app: Sample: `my-app-ingress`
@@ -65,7 +73,7 @@ Configuration and customization can be done for multiple environments and at any
 - `ingress.certificate_domain` (Optional): Domain name for the certificate. Sample: `myapp.com`. Note: does not support for willcard domains     
    To register multiple domains (Certificate names will be auto-generated like `mysite-com-lets-encrypt`): `certificate_domain: ['mysite.com', 'mysite.de', 'mysite.uk']`
 
-- `cloud.name` (String, optional): Cloud service name. Default `gcloud`.  
+- `cloud.name` (String, optional): Cloud service name: `gcloud | digital_ocean`. Default `gcloud`.  
 
 ### Application CD (continuous deployment)
 - `continuous_deployment.image_name` (String): Partial docker image url. Sample: `gcr.io/my-account/my_app_name`

data/lib/kubernetes_helper/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module KubernetesHelper
-  VERSION = '1.14.0'
+  VERSION = '1.16.0'
 end

data/lib/templates/_cd_digital.sh

@@ -0,0 +1,24 @@
+# Download and install doctl
+if [ -z "$(which doctl)" ]; then
+  wget https://github.com/digitalocean/doctl/releases/download/v1.72.0/doctl-1.72.0-linux-amd64.tar.gz
+  tar xf ~/doctl-1.72.0-linux-amd64.tar.gz
+  sudo mv ~/doctl /usr/local/bin
+fi
+
+if [ ! -z "$KB_AUTH_TOKEN" ]
+then
+  doctl auth init --access-token $KB_AUTH_TOKEN
+fi
+
+## Build and push containers
+echo "****** building image..."
+<% if continuous_deployment.docker_cmd %>
+  <%= continuous_deployment.docker_cmd %>
+<% else %>
+  docker <%=continuous_deployment.docker_build_cmd || 'build -f Dockerfile'%> -t $DEPLOY_NAME .
+<% end %>
+docker push $DEPLOY_NAME
+
+echo "****** tagging image $DEPLOY_NAME as $LATEST_NAME"
+docker tag $DEPLOY_NAME $LATEST_NAME
+docker push $LATEST_NAME

data/lib/templates/_cd_google.sh

@@ -0,0 +1,37 @@
+if [ ! -z "$KB_AUTH_TOKEN" ]
+then
+  AUTH_PATH="$SCRIPT_DIR/k8s-auth-token.json"
+  rm -f -- $AUTH_PATH
+  echo $KB_AUTH_TOKEN >> $AUTH_PATH
+
+  ## ***** GOOGLE CONNECTOR
+  # Download and install Google Cloud SDK
+  if [ -z "$(which gcloud)" ]; then
+    export CLOUDSDK_CORE_DISABLE_PROMPTS=1; curl https://sdk.cloud.google.com | bash && source /home/runner/google-cloud-sdk/path.bash.inc &&  gcloud --quiet components update kubectl
+  fi
+
+  # Connect to cluster
+  gcloud auth activate-service-account --key-file $AUTH_PATH --project $PROJECT_NAME
+  gcloud docker --authorize-only --project $PROJECT_NAME
+  gcloud container clusters get-credentials $CLUSTER_NAME --region $CLUSTER_REGION
+  ## ***** END GOOGLE CONNECTOR
+fi
+
+
+ALREADY_DEPLOYED="$(gcloud container images list-tags --format='get(tags)' $IMAGE_NAME | grep $CI_COMMIT_SHA || :;)"
+if [ -z $ALREADY_DEPLOYED ]
+then
+  ## Build and push containers
+  echo "****** image not created yet, building image..."
+  <% if continuous_deployment.docker_cmd %>
+    <%= continuous_deployment.docker_cmd %>
+  <% else %>
+    docker <%=continuous_deployment.docker_build_cmd || 'build -f Dockerfile'%> -t $DEPLOY_NAME .
+  <% end %>
+  docker push $DEPLOY_NAME
+else
+  echo "****** image was already created: $ALREADY_DEPLOYED"
+fi
+
+echo "****** tagging image $DEPLOY_NAME as $LATEST_NAME"
+gcloud container images add-tag --quiet $DEPLOY_NAME $LATEST_NAME

data/lib/templates/_resources.yml

@@ -0,0 +1,15 @@
+              resources:
+                limits:
+                  <% if locals[:cpu] && locals[:cpu][:max] %>
+                  cpu: <%= locals[:cpu][:max] %>
+                  <% end %>
+                  <% if locals[:mem] && locals[:mem][:max] %>
+                  memory: <%= locals[:mem][:max] %>
+                  <% end %>
+                requests:
+                  <% if locals[:cpu] && locals[:cpu][:min] %>
+                  cpu: <%= locals[:cpu][:min] %>
+                  <% end %>
+                  <% if locals[:mem] && locals[:mem][:min] %>
+                  memory: <%= locals[:mem][:min] %>
+                  <% end %>

data/lib/templates/cd.sh

@@ -16,43 +16,8 @@ CI_COMMIT_SHA=${CI_COMMIT_SHA:-$(date +%s) }
 DEPLOY_NAME="${IMAGE_NAME}:${CI_COMMIT_SHA}"
 LATEST_NAME="${IMAGE_NAME}:<%= continuous_deployment.image_tag || 'latest' %>"
 
-if [ ! -z "$KB_AUTH_TOKEN" ]
-then
-  AUTH_PATH="$SCRIPT_DIR/k8s-auth-token.json"
-  rm -f -- $AUTH_PATH
-  echo $KB_AUTH_TOKEN >> $AUTH_PATH
-
-  ## ***** GOOGLE CONNECTOR
-  # Download and install Google Cloud SDK
-  if [ -z "$(which gcloud)" ]; then
-    export CLOUDSDK_CORE_DISABLE_PROMPTS=1; curl https://sdk.cloud.google.com | bash && source /home/runner/google-cloud-sdk/path.bash.inc &&  gcloud --quiet components update kubectl
-  fi
-
-  # Connect to cluster
-  gcloud auth activate-service-account --key-file $AUTH_PATH --project $PROJECT_NAME
-  gcloud docker --authorize-only --project $PROJECT_NAME
-  gcloud container clusters get-credentials $CLUSTER_NAME --region $CLUSTER_REGION
-  ## ***** END GOOGLE CONNECTOR
-fi
-
-
-ALREADY_DEPLOYED="$(gcloud container images list-tags --format='get(tags)' $IMAGE_NAME | grep $CI_COMMIT_SHA || :;)"
-if [ -z $ALREADY_DEPLOYED ]
-then
-  ## Build and push containers
-  echo "****** image not created yet, building image..."
-  <% if continuous_deployment.docker_cmd %>
-    <%= continuous_deployment.docker_cmd %>
-  <% else %>
-    docker <%=continuous_deployment.docker_build_cmd || 'build -f Dockerfile'%> -t $DEPLOY_NAME .
-  <% end %>
-  docker push $DEPLOY_NAME
-else
-  echo "****** image was already created: $ALREADY_DEPLOYED"
-fi
-
-echo "****** tagging image $DEPLOY_NAME as $LATEST_NAME"
-gcloud container images add-tag --quiet $DEPLOY_NAME $LATEST_NAME
+<%= include_template "_cd_google.sh" if continuous_deployment.image_name.include?('gcr.io/') %>
+<%= include_template "_cd_digital.sh" if continuous_deployment.image_name.include?('digitalocean.com/') %>
 
 ## Update new secrets defined in secrets.yml as ENV vars for deployments
 <% if continuous_deployment.update_deployment %>

data/lib/templates/deployment.yml

@@ -42,6 +42,9 @@ documents:
                 periodSeconds: 15
               readinessProbe: *liveness_probe
               <% end %>
+              <% if deployment.resources %>
+              <%= include_template "_resources.yml", deployment.resources %>
+              <% end %>
               <%= include_template "_container_extra_settings.yml", { pod: 'web' } %>
 
               volumeMounts:
@@ -73,6 +76,7 @@ documents:
               env: []
               volumeMounts:
                 - *cloud_credentials_volume
+              <%= include_template "_resources.yml", deployment.cloudsql_resources || { cpu: { min: '1' }, mem: { min: '1Gi' } } %>
               <%= include_template "_container_extra_settings.yml", { pod: 'cloudsql' } %>
             <% end %>
 
@@ -80,10 +84,11 @@ documents:
             - &logs_container # print to stdout all log files
               name: print-logs
               image: busybox
-              command: [/bin/sh, -c, 'until find <%= deployment.log_folder %>/*.log; do sleep 1; done; tail -n+1 -f <%= deployment.log_folder %>/*.log']
+              command: [/bin/sh, -c, 'until find <%= deployment.log_folder %>/*.log; do sleep 5; done; tail -n+1 -f <%= deployment.log_folder %>/*.log']
               env: []
               volumeMounts:
                 - *log_volume
+              <%= include_template "_resources.yml", deployment.logs_resources || { cpu: { max: '300m', min: '100m' }, mem: { max: '500Mi', min: '200Mi' } } %>
               <%= include_template "_container_extra_settings.yml", { pod: 'logs' } %>
             <% end %>
 
@@ -117,6 +122,9 @@ documents:
               <% if deployment.job_command %>
               command: [ "/bin/bash", "-c", "<%= deployment.job_command %>" ]
               <% end %>
+              <% if deployment.job_resources %>
+              <%= include_template "_resources.yml", deployment.job_resources %>
+              <% end %>
               <%= include_template "_container_extra_settings.yml", { pod: 'job' } %>
 
             <% if deployment.job_sidekiq_alive_gem %>

data/lib/templates/service.yml

@@ -15,15 +15,27 @@ apiVersion: v1
 metadata:
   name: '<%=service.name%>'
   annotations:
+    <% if cloud.name == 'digital_ocean' && service.do_certificate_id %>
+    service.beta.kubernetes.io/do-loadbalancer-protocol: "https"
+    service.beta.kubernetes.io/do-loadbalancer-certificate-id: <%= service.do_certificate_id %>
+    service.beta.kubernetes.io/do-loadbalancer-redirect-http-to-https: "true"
+    <% end %>
     <% if cloud.name == 'gcloud' %>
     beta.cloud.google.com/backend-config: '{"ports": {"80":"<%=service.name%>-bconfig"}}'
     <% end %>
 spec:
   selector:
     name: '<%=deployment.name%>'
-  type: NodePort
+  type: '<%=service.type || 'NodePort' %>'
   ports:
     - port: 80
       protocol: TCP
       name: '<%=service.port_name%>'
       targetPort: '<%=service.backend_port_name%>'
+
+    <% if cloud.name == 'digital_ocean' && service.do_certificate_id %>
+    - name: https
+      protocol: TCP
+      port: 443
+      targetPort: '<%=service.backend_port_name%>'
+    <% end %>

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: kubernetes_helper
 version: !ruby/object:Gem::Version
-  version: 1.14.0
+  version: 1.16.0
 platform: ruby
 authors:
 - owen2345
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2022-03-21 00:00:00.000000000 Z
+date: 2022-04-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: erb
@@ -41,11 +41,14 @@ files:
 - lib/kubernetes_helper/version.rb
 - lib/templates/README.md
 - lib/templates/_cd_apply_images.sh
+- lib/templates/_cd_digital.sh
+- lib/templates/_cd_google.sh
 - lib/templates/_container_extra_settings.yml
 - lib/templates/_custom_containers.yml
 - lib/templates/_custom_volumes.yml
 - lib/templates/_job_liveness.yml
 - lib/templates/_replicas.yml
+- lib/templates/_resources.yml
 - lib/templates/_sidekiq_alive_gem.yml
 - lib/templates/_volumes.yml
 - lib/templates/cd.sh