Copy of infrastructure yaml for targeting thesis-services

infrastructure/kube/thesis-services/create.sh

@@ -0,0 +1,8 @@
+#!/bin/sh
+set -e
+
+kubectl apply --record -f "${BASH_SOURCE%/*}/valkyrie-redis-stateful-set.yaml"
+kubectl apply --record -f "${BASH_SOURCE%/*}/valkyrie-redis-service.yaml"
+kubectl apply --record -f "${BASH_SOURCE%/*}/valkyrie-hubot-deployment.yaml"
+kubectl apply --record -f "${BASH_SOURCE%/*}/valkyrie-http-service.yaml"
+kubectl apply --record -f "${BASH_SOURCE%/*}/valkyrie-web-ingress.yaml"

infrastructure/kube/thesis-services/update-image.sh

@@ -0,0 +1,33 @@
+#!/bin/sh
+set -e
+
+if [[ -z $GOOGLE_PROJECT_NAME || -z $GOOGLE_PROJECT_ID || -z $BUILD_TAG || -z $GOOGLE_REGION || -z $GOOGLE_COMPUTE_ZONE_A  || -z $GCR_REGISTRY_URL ]]; then
+  echo "one or more required variables are undefined"
+  exit 1
+fi
+
+UTILITYBOX_IP=$(gcloud compute instances --project $GOOGLE_PROJECT_ID describe $GOOGLE_PROJECT_NAME-utility-box --zone $GOOGLE_COMPUTE_ZONE_A --format json | jq .networkInterfaces[0].networkIP -r)
+
+# Setup ssh environment
+gcloud compute config-ssh --project $GOOGLE_PROJECT_ID -q
+cat >> ~/.ssh/config << EOF
+Host *
+  StrictHostKeyChecking no
+Host utilitybox
+  HostName $UTILITYBOX_IP
+  IdentityFile ~/.ssh/google_compute_engine
+  ProxyCommand ssh -W %h:%p $GOOGLE_PROJECT_NAME-jumphost.$GOOGLE_COMPUTE_ZONE_A.$GOOGLE_PROJECT_ID
+EOF
+
+# Run migration
+ssh utilitybox << EOF
+  set -e
+  echo "<<<<<<START Download Kube Creds START<<<<<<"
+  echo "gcloud container clusters get-credentials $GOOGLE_PROJECT_NAME --region $GOOGLE_REGION --internal-ip --project=$GOOGLE_PROJECT_ID"
+  gcloud container clusters get-credentials $GOOGLE_PROJECT_NAME --region $GOOGLE_REGION --internal-ip --project=$GOOGLE_PROJECT_ID
+  echo ">>>>>>FINISH Download Kube Creds FINISH>>>>>>"
+  echo "<<<<<<START Run Valkyrie Deployment START<<<<<<"
+  kubectl set image deployment/valkyrie-hubot-deployment hubot=$GCR_REGISTRY_URL/$GOOGLE_PROJECT_ID/valkyrie:$BUILD_TAG
+  echo ">>>>>>FINISH Run Valkyrie Deployment FINISH>>>>>>"
+
+EOF

infrastructure/kube/thesis-services/valkyrie-http-service.yaml

@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: valkyrie-http-service
+  labels:
+    app: hubot
+spec:
+  type: NodePort
+  selector:
+    app: hubot
+  ports:
+    - port: 8080
+      nodePort: 30080

infrastructure/kube/thesis-services/valkyrie-hubot-deployment.yaml

@@ -0,0 +1,110 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: valkyrie-hubot-deployment
+  labels:
+    app: hubot
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: hubot
+  template:
+    metadata:
+      labels:
+        app: hubot
+    spec:
+      containers:
+        - name: hubot
+          # image: gcr.io/thesis-ops-2748/valkyrie:USE_CIRCLE_CI_BUILDS
+          env:
+            - name: HUBOT_DISCORD_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: valkyrie-hubot
+                  key: discord_api_token
+            - name: HUBOT_MATRIX_USER
+              value: "@valkyrie:thesis.co"
+            - name: HUBOT_MATRIX_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: valkyrie-hubot
+                  key: matrix_valkyrie_password
+            - name: HUBOT_MATRIX_HOST_SERVER
+              value: "https://thesisco.ems.host"
+            - name: HUBOT_HOST
+              valueFrom:
+                secretKeyRef:
+                  name: valkyrie-hubot
+                  key: host
+            - name: HUBOT_SCHEDULE_DEBUG
+              value: "1"
+            - name: HUBOT_WEBHOOK_URL
+              valueFrom:
+                secretKeyRef:
+                  name: valkyrie-hubot
+                  key: hubot_webhook_url
+            - name: HUBOT_WEBHOOK_AUTH
+              valueFrom:
+                secretKeyRef:
+                  name: valkyrie-hubot
+                  key: hubot_webhook_auth
+            - name: HUBOT_N8N_WEBHOOK
+              valueFrom:
+                secretKeyRef:
+                  name: valkyrie-hubot
+                  key: hubot_n8n_webhook
+            - name: RELEASE_NOTIFICATION_ROOM
+              valueFrom:
+                secretKeyRef:
+                  name: valkyrie-hubot
+                  key: valkyrie_alert_flow
+            - name: SUGGESTION_ALERT_ROOM # Name of room for suggestion posts
+              valueFrom:
+                secretKeyRef:
+                  name: valkyrie-hubot
+                  key: valkyrie_alert_flow
+            - name: REDIS_URL
+              value: $(VALKYRIE_REDIS_SERVICE_PORT)
+            - name: GITHUB_CLIENT_ID
+              valueFrom:
+                secretKeyRef:
+                  name: valkyrie-hubot
+                  key: github_client_id
+            - name: GITHUB_CLIENT_SECRET
+              valueFrom:
+                secretKeyRef:
+                  name: valkyrie-hubot
+                  key: github_client_secret
+            - name: FIGMA_API_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: valkyrie-hubot
+                  key: figma_api_token
+            - name: IMGFLIP_API_USERNAME
+              valueFrom:
+                secretKeyRef:
+                  name: valkyrie-hubot
+                  key: imgflip_api_username
+            - name: IMGFLIP_API_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: valkyrie-hubot
+                  key: imgflip_api_password
+            - name: ZOOM_API_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: valkyrie-hubot
+                  key: zoom_api_key
+            - name: ZOOM_API_SECRET
+              valueFrom:
+                secretKeyRef:
+                  name: valkyrie-hubot
+                  key: zoom_api_secret
+            - name: ZOOM_EXPECTED_MEETING_DURATION
+              value: "60"
+          ports:
+            - containerPort: 8080
+          resources:
+            limits:
+              cpu: "0.1"

infrastructure/kube/thesis-services/valkyrie-redis-service.yaml

@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: valkyrie-redis-service
+spec:
+  selector:
+    app: redis
+  ports:
+    - protocol: TCP
+      port: 6379
+      targetPort: 6379

infrastructure/kube/thesis-services/valkyrie-redis-stateful-set.yaml

@@ -0,0 +1,43 @@
+# Stoleded from https://github.com/kubernetes/examples/blob/master/staging/storage/redis/ .
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: valkyrie-redis-set
+  labels:
+    app: redis
+spec:
+  replicas: 1
+  serviceName: valkyrie-redis-service
+  selector:
+    matchLabels:
+      app: redis
+  template:
+    metadata:
+      labels:
+        app: redis
+    spec:
+      containers:
+        - name: master
+          image: redis:3.2-alpine
+          env:
+            - name: MASTER
+              value: "true"
+          ports:
+            - containerPort: 6379
+          resources:
+            limits:
+              cpu: "0.1"
+          command: ["sh", "-c"]
+          args:
+            - echo "dir /redis-master-data" | redis-server -
+          volumeMounts:
+            - mountPath: /redis-master-data
+              name: valkyrie-data
+  volumeClaimTemplates:
+    - metadata:
+        name: valkyrie-data
+      spec:
+        accessModes: ["ReadWriteOnce"]
+        resources:
+          requests:
+            storage: 1Gi

infrastructure/kube/thesis-services/valkyrie-web-ingress.yaml

@@ -0,0 +1,15 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  annotations:
+    kubernetes.io/ingress.allow-http: "false"
+    kubernetes.io/ingress.global-static-ip-name: valkyrie-web-ip
+  name: valkyrie-web-ingress
+spec:
+  tls:
+  - secretName: thesis-co-cloudflare-origin-cert
+  defaultBackend:
+    service:
+      name: valkyrie-http-service
+      port:
+        number: 8080