stack_car 0.8.0 → 0.14.0

data/templates/chart/templates/web-ing-wildcard.yaml

@@ -0,0 +1,20 @@
+---
+apiVersion: apps/v1
+kind: Ingress
+metadata:
+  name: {{ template "app.web.name" . }}-in-wildcard
+  annotations:
+    # kubernetes.io/ingress.allow-http: "false"
+    # for GKE
+    # kubernetes.io/ingress.global-static-ip-name: rails-k8s-app
+spec:
+  # tls:
+  # - hosts:
+  #   - {{ .Values.ingress.host }}
+  rules:
+  - host: "*.{{ .Values.ingress.host }}"
+    http:
+      paths:
+      - backend:
+          serviceName: {{ template "app.web.name" . }}
+          servicePort: 80

data/templates/chart/templates/web-ing.yaml

@@ -0,0 +1,20 @@
+---
+apiVersion: apps/v1 
+kind: Ingress
+metadata:
+  name: {{ template "app.web.name" . }}-in
+  annotations:
+  {{- range $key, $value := .Values.ingress.annotations }}
+    {{ $key }}: {{ $value | quote }}
+  {{- end }}
+spec:
+  # tls:
+  # - hosts:
+  #   - {{ .Values.ingress.host }}
+  rules:
+  - host: "{{ .Values.ingress.host }}"
+    http:
+      paths:
+      - backend:
+          serviceName: {{ template "app.web.name" . }}
+          servicePort: 80

data/templates/chart/templates/web-svc.yaml

@@ -0,0 +1,20 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "app.web.name" . }}
+  labels:
+    app: {{ template "app.name" . }}
+    chart: {{ template "app.chart" . }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+    component: web
+spec:
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 80
+  selector:
+    app: {{ template "app.name" . }}
+    release: {{ .Release.Name }}
+    component: web

data/templates/chart-fcrepo/fcrepo-deploy.yaml

@@ -0,0 +1,63 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "app.fcrepo.name" . }}
+  labels:
+    app: {{ template "app.name" . }}
+    chart: {{ template "app.chart" . }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+    component: fcrepo
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: {{ template "app.name" . }}
+      release: {{ .Release.Name }}
+      component: fcrepo
+  strategy:
+    type: Recreate
+  template:
+    metadata:
+      labels:
+        app: {{ template "app.name" . }}
+        release: {{ .Release.Name }}
+        component: fcrepo
+    spec:
+      restartPolicy: Always
+      {{- if .Values.fcrepo.imagePullSecrets }}
+      imagePullSecrets:
+        {{ toYaml .Values.fcrepo.imagePullSecrets }}
+      {{- end }}
+      volumes:
+        - name: data
+          persistentVolumeClaim:
+            claimName: {{ template "app.fcrepo.name" . }}
+      initContainers:
+        - name: "remove-lost-found"
+          image: "busybox:1.25.0"
+          command: 
+            - rm
+            - -fr
+            - /data/lost+found
+          volumeMounts:
+            - name: data
+              mountPath: /data
+      containers:
+        - name: fcrepo
+          image: {{ .Values.fcrepo.image.repository }}:{{ .Values.fcrepo.image.tag }}
+          livenessProbe:
+            tcpSocket:
+              port: 8080
+          readinessProbe:
+            tcpSocket:
+              port: 8080
+          volumeMounts:
+            - name: data
+              mountPath: /data
+          envFrom:
+            - configMapRef:
+                name: {{ template "app.fcrepo-env.name" . }}
+            - secretRef:
+                name: {{ template "app.fcrepo-env.name" . }}

data/templates/chart-fcrepo/fcrepo-env-cm.yaml

@@ -0,0 +1,8 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ template "app.fcrepo-env.name" . }}
+data:
+  DATABASE_USER: {{ .Values.env.configmap.DATABASE_USER }}
+  DATABASE_NAME: {{ .Values.env.configmap.FC_DATABASE_NAME }}

data/templates/chart-fcrepo/fcrepo-env-secret.yaml.tt

@@ -0,0 +1,10 @@
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ template "app.fcrepo-env.name" . }}
+data:
+  DATABASE_PASSWORD: {{ .Values.env.secret.DATABASE_PASSWORD | b64enc }}
+  <% if options[:postgres] %>
+  JAVA_OPTS: {{ printf "-Dfcrepo.modeshape.configuration=\"classpath:/config/jdbc-postgresql/repository.json\" -Dfcrepo.postgresql.host=\"%s\" -Dfcrepo.postgresql.username=\"%s\" -Dfcrepo.postgresql.password=\"%s\" -Dfcrepo.object.directory=\"/data/objects\" -Dfcrepo.binary.directory=\"/data/binaries\"" ( include "app.postgres.name" . ) .Values.env.configmap.DATABASE_USER .Values.env.secret.DATABASE_PASSWORD | b64enc }}
+  <% end %>

data/templates/chart-fcrepo/fcrepo-pvc.yaml

@@ -0,0 +1,20 @@
+---
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: {{ template "app.fcrepo.name" . }}
+  labels:
+    app: {{ template "app.name" . }}
+    chart: {{ template "app.chart" . }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+    component: fcrepo
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: {{ .Values.fcrepo.storage.size }}
+  {{- if .Values.fcrepo.storage.className }}
+  storageClassName: "{{ .Values.fcrepo.storage.ClassName }}"
+  {{- end }}

data/templates/chart-fcrepo/fcrepo-svc.yaml

@@ -0,0 +1,19 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "app.fcrepo.name" . }}
+  labels:
+    app: {{ template "app.name" . }}
+    chart: {{ template "app.chart" . }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+    component: fcrepo
+spec:
+  ports:
+    - protocol: TCP
+      port: 8080
+  selector:
+    app: {{ template "app.name" . }}
+    release: {{ .Release.Name }}
+    component: fcrepo

data/templates/chart-sidekiq/sidekiq-deploy.yaml

@@ -0,0 +1,80 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "app.sidekiq.name" . }}
+  labels:
+    app: {{ template "app.name" . }}
+    chart: {{ template "app.chart" . }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+    component: sidekiq
+spec:
+  replicas: {{ .Values.sidekiq.replicas }}
+  selector:
+    matchLabels:
+      app: {{ template "app.name" . }}
+      release: {{ .Release.Name }}
+      component: sidekiq
+  template:
+    metadata:
+      labels:
+        app: {{ template "app.name" . }}
+        release: {{ .Release.Name }}
+        component: sidekiq
+      annotations:
+        checksum/rails-env-cm: {{ include (print $.Template.BasePath "/rails-env-cm.yaml") . | sha256sum }}
+        checksum/rails-env-secret: {{ include (print $.Template.BasePath "/rails-env-secret.yaml") . | sha256sum }}
+    spec:
+      restartPolicy: Always
+      terminationGracePeriodSeconds: {{ .Values.sidekiq.timeout | add 5 }}
+      {{- if .Values.rails.imagePullSecrets }}
+      imagePullSecrets:
+        {{ toYaml .Values.rails.imagePullSecrets }}
+      {{- end }}
+      volumes:
+        - name: shared
+          persistentVolumeClaim:
+            claimName: {{ template "app.rails-env.name" . }}-shared
+      containers:
+        - name: sidekiq
+          image: {{ .Values.rails.image.repository }}:{{ .Values.rails.image.tag }}
+          imagePullPolicy: Always
+          command: ["/bin/bash"]
+          args:
+            - "-l"
+            - "-c"
+            - "bundle exec sidekiq"
+          # livenessProbe:
+          #   exec:
+          #     command:
+          #       - ./bin/rails runner ./chart/bin/check_sidekiq.rb
+          #   initialDelaySeconds: 30
+          # Use sub-path for individual folders
+          volumeMounts:
+            - mountPath: /home/app/webapp/tmp/imports
+              name: shared
+              subPath: import_path
+            - mountPath: /home/app/webapp/tmp/exports
+              name: shared
+              subPath: export_path
+            - mountPath: /home/app/webapp/tmp/derivatives_path
+              name: shared
+              subPath: derivatives_path
+            - mountPath: /home/app/webapp/tmp/uploads
+              name: shared
+              subPath: upload_path
+            - mountPath: /home/app/webapp/public/uploads
+              name: shared
+              subPath: uploads
+            - mountPath: /home/app/webapp/public/assets
+              name: shared
+              subPath: assets
+            - mountPath: /home/app/webapp/public/branding
+              name: shared
+              subPath: branding
+          envFrom:
+            - configMapRef:
+                name: {{ template "app.rails-env.name" . }}
+            - secretRef:
+                name: {{ template "app.rails-env.name" . }}

data/templates/database.yml.erb

@@ -2,22 +2,21 @@
 
 <% if options[:mysql] -%>
 login: &login
-  adapter: mysql2
-  adapter: <%%= ENV['DB_ADAPTER'] %>
-  host: <%%= ENV['MYSQL_HOST'] %>
-  username: <%%= ENV['MYSQL_USER'] %>
-  password: <%%= ENV['MYSQL_PASSWORD'] %>
-  database: <%%= ENV['MYSQL_DATABASE'] %>
+  adapter: <%%= ENV['DATABASE_ADAPTER'] %>
+  host: <%%= ENV['DATABASE_HOST'] %>
+  username: <%%= ENV['DATABASE_USER'] %>
+  password: <%%= ENV['DATABASE_PASSWORD'] %>
+  database: <%%= ENV['DATABASE_NAME'] %>
   pool: 5
   timeout: 5000
 <% end -%>
 <% if options[:postgres] -%>
 login: &login
-  adapter: <%%= ENV['DB_ADAPTER'] %>
-  host: <%%= ENV['POSTGRES_HOST'] %>
-  username: <%%= ENV['POSTGRES_USER'] %>
-  password: <%%= ENV['POSTGRES_PASSWORD'] %>
-  database: <%%= ENV['POSTGRES_DB'] %>
+  adapter: <%%= ENV['DATABASE_ADAPTER'] %>
+  host: <%%= ENV['DATABASE_HOST'] %>
+  username: <%%= ENV['DATABASE_USER'] %>
+  password: <%%= ENV['DATABASE_PASSWORD'] %>
+  database: <%%= ENV['DATABASE_NAME'] %>
   pool: 5
   timeout: 5000
 <% end -%>

data/templates/decrypt-secrets

@@ -0,0 +1,22 @@
+#!/usr/bin/env ruby
+
+# require 'byebug'
+
+parent_dir = File.dirname(__dir__)
+Dir.chdir(File.join(parent_dir))
+[
+  ".env.*",
+  "chart/*-values.yaml",
+  "ops/kube_config.yml",
+  "ops/.backend",
+  "ops/k8s/*-values.yaml"
+].each do |files|
+  Dir.glob(files).each do |file|
+    if file.match(/enc/)
+      next unless File.exists?(file)
+      cmd = "sops --decrypt #{file} > #{file.gsub(/.enc$/, '')}"
+      puts cmd
+      `#{cmd}`
+    end
+  end
+end

data/templates/development.rb.erb

@@ -0,0 +1,90 @@
+Rails.application.configure do
+  # Settings specified here will take precedence over those in config/application.rb.
+
+  <% if options[:sidekiq] %>
+  # In the development environment your application's code is reloaded on
+  # every request. This slows down response time but is perfect for development
+  # since you don't have to restart the web server when you make code changes.
+  config.cache_classes = !!Sidekiq.server?
+  <% end -%>
+
+  # Do not eager load code on boot.
+  config.eager_load = false
+
+  # Show full error reports.
+  config.consider_all_requests_local = true
+
+  # Enable/disable caching. By default caching is disabled.
+  if Rails.root.join('tmp/caching-dev.txt').exist?
+    config.action_controller.perform_caching = true
+
+    config.cache_store = :memory_store
+    config.public_file_server.headers = {
+      'Cache-Control' => 'public, max-age=172800'
+    }
+  else
+    config.action_controller.perform_caching = false
+
+    config.cache_store = :null_store
+  end
+
+  # SMTP Mailer configuration
+  # Add SMTP settings to your environment and uncomment the following section to enable mailer
+  # if ENV['SMTP_ENABLED'].present? && ENV['SMTP_ENABLED'].to_s == 'true'
+  #   config.action_mailer.smtp_settings = {
+  #     user_name: ENV['SMTP_USER_NAME'],
+  #     password: ENV['SMTP_PASSWORD'],
+  #     address: ENV['SMTP_ADDRESS'],
+  #     domain: ENV['SMTP_DOMAIN'],
+  #     port: ENV['SMTP_PORT'],
+  #     enable_starttls_auto: true,
+  #     authentication: ENV['SMTP_TYPE']
+  #   }
+  #    # ActionMailer Config
+  #   config.action_mailer.delivery_method = :smtp
+  #   config.action_mailer.perform_deliveries = true
+  #   config.action_mailer.raise_delivery_errors = false
+  <% if options[:hyku] %>
+  #   config.action_mailer.asset_host = ENV['SETTINGS__MULTITENANCY__ADMIN_HOST']
+  <% end %>
+  # else
+  #   config.action_mailer.delivery_method = :test
+  # end
+
+  # Don't care if the mailer can't send.
+  config.action_mailer.raise_delivery_errors = false
+
+  config.action_mailer.perform_caching = false
+
+  # Print deprecation notices to the Rails logger.
+  config.active_support.deprecation = :log
+
+  # Raise an error on page load if there are pending migrations.
+  config.active_record.migration_error = :page_load
+
+  # Debug mode disables concatenation and preprocessing of assets.
+  # This option may cause significant delays in view rendering with a large
+  # number of complex assets.
+  config.assets.debug = true
+
+  # Suppress logger output for asset requests.
+  config.assets.quiet = true
+
+  # Raises error for missing translations
+  # config.action_view.raise_on_missing_translations = true
+
+  config.action_mailer.default_url_options = { host: "localhost:3001" }
+
+  config.web_console.whitelisted_ips = ['172.18.0.0/16', '172.27.0.0/16', '0.0.0.0/0']
+
+  if ENV["RAILS_LOG_TO_STDOUT"].present?
+    logger           = ActiveSupport::Logger.new(STDOUT)
+    logger.formatter = config.log_formatter
+    config.logger = ActiveSupport::TaggedLogging.new(logger)
+  end
+
+  config.active_job.queue_adapter     = Settings.active_job.queue_adapter
+  # Use an evented file watcher to asynchronously detect changes in source code,
+  # routes, locales, etc. This feature depends on the listen gem.
+  # config.file_watcher = ActiveSupport::EventedFileUpdateChecker
+end

data/templates/docker-compose.yml.erb

@@ -2,10 +2,11 @@ version: '2.1'
 services:
 <% if options[:postgres] -%>
   postgres:
-    image: postgres
-    env_file:
-      - .env
-      - .env.development
+    image: postgres:11.1
+    environment:
+      - POSTGRES_USER=postgres
+      - POSTGRES_PASSWORD=DatabaseFTW
+      - POSTGRES_DB=<%= @project_name %>
     ports:
       - "5432"
     volumes:
@@ -13,10 +14,12 @@ services:
 <% end -%>
 <% if options[:mysql] -%>
   mysql:
-    image: mysql
-    env_file:
-      - .env
-      - .env.development
+    image: mysql:5.7
+    environment:
+      - MYSQL_DATABASE=<%= @project_name %>
+      - MYSQL_USER=<%= @project_name %>
+      - MYSQL_PASSWORD=DatabaseFTW
+      - MYSQL_ROOT_PASSWORD=DatabaseFTW
     ports:
       - '3306'
     volumes:
@@ -94,29 +97,58 @@ services:
       - "8080"
 <% end -%>
 
-  base:
-    image: "${REGISTRY_HOST}${REGISTRY_URI}/base:latest"
+  app:
     build:
-      context: .
-      dockerfile: Dockerfile.base
-
-  web:
-    build: .
-    image: "${REGISTRY_HOST}${REGISTRY_URI}:${TAG:-master}"
+    <% if @sc_dir -%>
+  context: ..
+      dockerfile: stack_car/Dockerfile
+    <% else -%>
+  context: .
+      dockerfile: Dockerfile
+    <% end -%>
+  args:
+        DEPLOY_KEY: "${DEPLOY_KEY}"
+        REPO_URL: "${REPO_URL}"
+        BRANCH: "${BRANCH}"
+    image: "${REGISTRY_HOST}${REGISTRY_URI}:${TAG:-main}"
     env_file:
       - .env
       - .env.development
     volumes:
-      - .:/home/app/webapp
+      - .:/home/app/webapp:cached
+      - node_modules:/home/app/webapp/node_modules
+      - tmp_cache:/home/app/webapp/tmp/cache
     # Keep the stdin open, so we can attach to our app container's process
     # and do things such as byebug, etc:
     stdin_open: true
     # Enable sending signals (CTRL+C, CTRL+P + CTRL+Q) into the container:
     tty: true
+
+  web:
+    extends: app
     ports:
-      - "${DOCKER_PORT}"
+      - "${WEB_PORT}"
+    environment:
+      - VIRTUAL_HOST=<%= @project_name %>.docker
+      - VIRTUAL_PORT=80
+    depends_on:
+<%= compose_depends %>
+
+<% if options[:delayed_job] %>
+  worker:
+    extends: app
+    command: ./bin/delayed_job run
+    depends_on:
+<%= compose_depends %>
+<% end %>
+
+<% if options[:sidekiq] %>
+  worker:
+    extends: app
+    command: bundle exec sidekiq
     depends_on:
 <%= compose_depends %>
+<% end %>
 
 volumes:
 <% if options[:postgres] -%>
@@ -140,3 +172,5 @@ volumes:
 <% if options[:fcrepo] -%>
   fcrepo:
 <% end -%>
+  tmp_cache:
+  node_modules: