Skip to content

Commit

Permalink
Merge pull request #188 from DFE-Digital/760-technical-guidance-migra…
Browse files Browse the repository at this point in the history
…tion

760 technical guidance migration
  • Loading branch information
saliceti authored Dec 6, 2023
2 parents ab91a9a + 93b11e1 commit d8e6029
Show file tree
Hide file tree
Showing 21 changed files with 449 additions and 43 deletions.
41 changes: 41 additions & 0 deletions .github/workflows/delete_review_app_aks.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
name: Delete review app on AKS

on:
pull_request:
branches:
- master
types:
- closed

concurrency: deploy-${{ github.ref }}

jobs:
build-and-push:
runs-on: ubuntu-latest
environment: review

steps:
- name: Destroy review app
uses: actions/checkout@v4

- uses: hashicorp/setup-terraform@v3
with:
terraform_version: 1.6.4
terraform_wrapper: false

- uses: DFE-Digital/github-actions/set-arm-environment-variables@master
with:
azure-credentials: ${{ secrets.AZURE_CREDENTIALS }}

- name: Terraform Destroy
run: |
make ci review terraform-destroy
env:
PR_NUMBER: ${{ github.event.pull_request.number }}

- name: Post Pull Request Comment
if: ${{ github.event_name == 'pull_request' }}
uses: marocchino/sticky-pull-request-comment@v2
with:
header: aks
message: Review app <https://technical-guidance-${{ github.event.pull_request.number }}.test.teacherservices.cloud> was deleted
94 changes: 94 additions & 0 deletions .github/workflows/deploy_aks.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,94 @@
name: Build and deploy to AKS cluster

on:
push:
branches:
- master
pull_request:
branches:
- master

concurrency: deploy-${{ github.ref }}

jobs:
build:
runs-on: ubuntu-latest
outputs:
docker-image-tag: ${{ steps.build-image.outputs.tag }}
matrix-environments: ${{ toJSON(steps.*.outputs.matrix-environment) }}

steps:
- name: Checkout
uses: actions/checkout@v4

- name: Setup ruby
uses: ruby/setup-ruby@v1
with:
ruby-version: 2.7
bundler-cache: true

- name: Build docs with middleman
run: make build

- name: Build and push docker image
id: build-image
uses: DFE-Digital/github-actions/build-docker-image@master
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
context: .

- name: Prepare matrix environments review
id: matrix-env-review
if: github.event_name == 'pull_request'
run: echo "matrix-environment=review" >> $GITHUB_OUTPUT

- name: Prepare matrix environments for production
id: matrix-env-main
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
run: |
echo "matrix-environment=production" >> $GITHUB_OUTPUT
deploy:
name: Deploy ${{ matrix.environment }}
runs-on: ubuntu-latest
needs: [build]
environment:
name: ${{ matrix.environment }}
url: ${{ steps.get-app-url.outputs.url }}
strategy:
max-parallel: 1
matrix:
environment: ${{ fromJSON(needs.build.outputs.matrix-environments) }}

steps:
- name: Checkout code
uses: actions/checkout@v3

- uses: hashicorp/setup-terraform@v3
with:
terraform_version: 1.6.4
terraform_wrapper: false

- uses: DFE-Digital/github-actions/set-arm-environment-variables@master
with:
azure-credentials: ${{ secrets.AZURE_CREDENTIALS }}

- name: Terraform Apply
run: |
make ci ${{ matrix.environment }} terraform-apply
env:
DOCKER_IMAGE_TAG: ${{ needs.build.outputs.docker-image-tag }}
PR_NUMBER: ${{ github.event.pull_request.number }}

- name: Get application URL
id: get-app-url
run: |
url=$(terraform -chdir=terraform/application output -raw url)
echo "url=${url}" >> $GITHUB_OUTPUT
- name: Post comment to Pull Request ${{ github.event.number }}
if: ${{ github.event_name == 'pull_request' }}
uses: marocchino/sticky-pull-request-comment@v2
with:
header: aks
message: Review app deployed to <${{ steps.get-app-url.outputs.url }}>
8 changes: 8 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -20,3 +20,11 @@

# Ignore vscode files
.vscode/

# Ignore terraform files
bin/terrafile
.terraform
terraform/application/vendor
terraform/domains/environment_domains/vendor
terraform/domains/infrastructure/vendor
terraform.tfstate*
1 change: 1 addition & 0 deletions .tool-versions
Original file line number Diff line number Diff line change
@@ -1 +1,2 @@
ruby 2.7.6
terraform 1.6.4
31 changes: 2 additions & 29 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,30 +1,3 @@
# Use the official Ruby 2.7.6 image as the base image
FROM ruby:2.7.6
FROM nginx:1.25.3-alpine3.18-slim

# Install Node.js and npm
RUN apt-get update && apt-get install -y nodejs npm

# RUN apt-get install -y nodejs npm

# Set the working directory to /app
WORKDIR /app

# Copy the Gemfile and Gemfile.lock into the container
COPY Gemfile Gemfile.lock ./

# Install the required gems
RUN bundle install

# Copy the package.json and package-lock.json into the container
COPY package*.json ./

# Install the required npm packages
RUN npm install

# Copy the rest of the application code into the container
COPY . .

EXPOSE 4567

# Start the application
CMD ["rails", "server", "-b", "0.0.0.0"]
COPY ./build/ /usr/share/nginx/html
99 changes: 99 additions & 0 deletions Makefile
Original file line number Diff line number Diff line change
@@ -1,3 +1,102 @@
TERRAFILE_VERSION=0.8
ARM_TEMPLATE_TAG=1.1.10
RG_TAGS={"Product" : "Teacher services cloud"}
REGION=UK South
SERVICE_NAME=technical-guidance
SERVICE_SHORT=techg
DOCKER_REPOSITORY=ghcr.io/dfe-digital/technical-guidance

help:
@grep -E '^[a-zA-Z\._\-]+:.*?## .*$$' $(MAKEFILE_LIST) | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}'

review: test-cluster
$(if ${PR_NUMBER},,$(error Missing PR_NUMBER))
$(eval ENVIRONMENT=${PR_NUMBER})
$(eval TF_VAR_ENVIRONMENT=${PR_NUMBER})
$(eval include global_config/review.sh)

production: production-cluster
$(if $(or ${SKIP_CONFIRM}, ${CONFIRM_PRODUCTION}), , $(error Missing CONFIRM_PRODUCTION=yes))
$(eval include global_config/production.sh)

domains:
$(eval include global_config/domains.sh)

composed-variables:
$(eval RESOURCE_GROUP_NAME=${AZURE_RESOURCE_PREFIX}-${SERVICE_SHORT}-${CONFIG_SHORT}-rg)
$(eval KEYVAULT_NAMES='("${AZURE_RESOURCE_PREFIX}-${SERVICE_SHORT}-${CONFIG_SHORT}-app-kv", "${AZURE_RESOURCE_PREFIX}-${SERVICE_SHORT}-${CONFIG_SHORT}-inf-kv")')
$(eval STORAGE_ACCOUNT_NAME=${AZURE_RESOURCE_PREFIX}${SERVICE_SHORT}${CONFIG_SHORT}tfsa)

ci:
$(eval AUTO_APPROVE=-auto-approve)
$(eval SKIP_AZURE_LOGIN=true)
$(eval SKIP_CONFIRM=true)

bin/terrafile: ## Install terrafile to manage terraform modules
curl -sL https://github.com/coretech/terrafile/releases/download/v${TERRAFILE_VERSION}/terrafile_${TERRAFILE_VERSION}_$$(uname)_x86_64.tar.gz \
| tar xz -C ./bin terrafile

set-azure-account:
[ "${SKIP_AZURE_LOGIN}" != "true" ] && az account set -s ${AZURE_SUBSCRIPTION} || true

terraform-init: composed-variables bin/terrafile set-azure-account
$(if ${DOCKER_IMAGE_TAG}, , $(eval DOCKER_IMAGE_TAG=main))

./bin/terrafile -p terraform/application/vendor/modules -f terraform/application/config/$(CONFIG)_Terrafile
terraform -chdir=terraform/application init -upgrade -reconfigure \
-backend-config=resource_group_name=${RESOURCE_GROUP_NAME} \
-backend-config=storage_account_name=${STORAGE_ACCOUNT_NAME} \
-backend-config=key=${ENVIRONMENT}_kubernetes.tfstate
$(eval export TF_VAR_environment=${ENVIRONMENT})
$(eval export TF_VAR_azure_resource_prefix=${AZURE_RESOURCE_PREFIX})
$(eval export TF_VAR_config_short=${CONFIG_SHORT})
$(eval export TF_VAR_service_name=${SERVICE_NAME})
$(eval export TF_VAR_service_short=${SERVICE_SHORT})
$(eval export TF_VAR_docker_image=${DOCKER_REPOSITORY}:${DOCKER_IMAGE_TAG})

terraform-plan: terraform-init
terraform -chdir=terraform/application plan -var-file "config/${CONFIG}.tfvars.json"

terraform-apply: terraform-init
terraform -chdir=terraform/application apply -var-file "config/${CONFIG}.tfvars.json" ${AUTO_APPROVE}

terraform-destroy: terraform-init
terraform -chdir=terraform/application destroy -var-file "config/${CONFIG}.tfvars.json" ${AUTO_APPROVE}

set-what-if:
$(eval WHAT_IF=--what-if)

arm-deployment: composed-variables set-azure-account
$(if ${DISABLE_KEYVAULTS},, $(eval KV_ARG=keyVaultNames=${KEYVAULT_NAMES}))
$(if ${ENABLE_KV_DIAGNOSTICS}, $(eval KV_DIAG_ARG=enableDiagnostics=${ENABLE_KV_DIAGNOSTICS} logAnalyticsWorkspaceName=${LOG_ANALYTICS_WORKSPACE_NAME}),)

az deployment sub create --name "resourcedeploy-tsc-$(shell date +%Y%m%d%H%M%S)" \
-l "${REGION}" --template-uri "https://raw.githubusercontent.com/DFE-Digital/tra-shared-services/${ARM_TEMPLATE_TAG}/azure/resourcedeploy.json" \
--parameters "resourceGroupName=${RESOURCE_GROUP_NAME}" 'tags=${RG_TAGS}' \
"tfStorageAccountName=${STORAGE_ACCOUNT_NAME}" "tfStorageContainerName=terraform-state" \
${KV_ARG} \
${KV_DIAG_ARG} \
"enableKVPurgeProtection=${KV_PURGE_PROTECTION}" \
${WHAT_IF}

deploy-arm-resources: arm-deployment ## Validate ARM resource deployment. Usage: make domains validate-arm-resources

validate-arm-resources: set-what-if arm-deployment ## Validate ARM resource deployment. Usage: make domains validate-arm-resources

test-cluster:
$(eval CLUSTER_RESOURCE_GROUP_NAME=s189t01-tsc-ts-rg)
$(eval CLUSTER_NAME=s189t01-tsc-test-aks)

production-cluster:
$(eval CLUSTER_RESOURCE_GROUP_NAME=s189p01-tsc-pd-rg)
$(eval CLUSTER_NAME=s189p01-tsc-production-aks)

get-cluster-credentials: set-azure-account
az aks get-credentials --overwrite-existing -g ${CLUSTER_RESOURCE_GROUP_NAME} -n ${CLUSTER_NAME}

bin/konduit.sh:
curl -s https://raw.githubusercontent.com/DFE-Digital/teacher-services-cloud/main/scripts/konduit.sh -o bin/konduit.sh \
&& chmod +x bin/konduit.sh
server:
bundle exec middleman server --verbose

Expand Down
Empty file added bin/.gitkeep
Empty file.
14 changes: 0 additions & 14 deletions docker-compose.yml

This file was deleted.

6 changes: 6 additions & 0 deletions global_config/production.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
CONFIG=production
ENVIRONMENT=production
CONFIG_SHORT=pd
AZURE_SUBSCRIPTION=s189-teacher-services-cloud-production
AZURE_RESOURCE_PREFIX=s189p01
ENABLE_KV_DIAGNOSTICS=true
5 changes: 5 additions & 0 deletions global_config/review.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
CONFIG=review
CONFIG_SHORT=rv
AZURE_SUBSCRIPTION=s189-teacher-services-cloud-test
AZURE_RESOURCE_PREFIX=s189t01
KV_PURGE_PROTECTION=false
44 changes: 44 additions & 0 deletions terraform/application/.terraform.lock.hcl

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

36 changes: 36 additions & 0 deletions terraform/application/application.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
module "application_configuration" {
source = "./vendor/modules/aks//aks/application_configuration"

namespace = var.namespace
environment = var.environment
azure_resource_prefix = var.azure_resource_prefix
service_short = var.service_short
config_short = var.config_short
secret_key_vault_short = "app"

# Delete for non rails apps
is_rails_application = true

config_variables = {
ENVIRONMENT_NAME = var.environment
}

}

module "web_application" {
source = "./vendor/modules/aks//aks/application"

is_web = true

namespace = var.namespace
environment = var.environment
service_name = var.service_name

cluster_configuration_map = module.cluster_data.configuration_map
kubernetes_config_map_name = module.application_configuration.kubernetes_config_map_name
kubernetes_secret_name = module.application_configuration.kubernetes_secret_name
web_port = 80
probe_path = "/"

docker_image = var.docker_image
}
Loading

0 comments on commit d8e6029

Please sign in to comment.