-
Notifications
You must be signed in to change notification settings - Fork 21
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: added new wallet-demo-app component (WIP)
Signed-off-by: Anton Biriukov <[email protected]>
- Loading branch information
Showing
15 changed files
with
458 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -30,4 +30,5 @@ vcs-awskms | |
vcs-localkms | ||
vcwallet | ||
wallet | ||
wallet-demo-app | ||
static-file-server |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,131 @@ | ||
# | ||
# Copyright Gen Digital Inc. All Rights Reserved. | ||
# | ||
# SPDX-License-Identifier: Apache-2.0 | ||
# | ||
|
||
SHELL := /bin/bash | ||
CONTAINER_CMD ?= docker | ||
USER_ID = $(shell id -u) | ||
DOCKER_CMD_RUN_OPTS ?= -u $(USER_ID) | ||
CONTAINER_CMD_RUN_OPTS ?= $(if $(findstring docker,$(CONTAINER_CMD)),$(DOCKER_CMD_RUN_OPTS),) | ||
|
||
export DEPLOYMENT_ENV ?= local | ||
# space delimited of Key:Value pairs | ||
COMMON_LABELS := instance:${DEPLOYMENT_ENV} | ||
export DOMAIN ?= ${DEPLOYMENT_ENV}.trustbloc.dev | ||
|
||
OS = $(shell uname -s | tr '[:upper:]' '[:lower:]') | ||
ARCH = $(shell uname -m | sed 's/x86_64/amd64/') | ||
|
||
#IMAGES | ||
WALLET_DEMO_APP_IMG ?= ghcr.io/trustbloc-cicd/wallet-demo-app:latest | ||
|
||
|
||
# do not modify | ||
KUSTOMIZE_DIR = kustomize/wallet-demo-app | ||
KEYS_OUTPUT_DIR = ${KUSTOMIZE_DIR}/overlays/${DEPLOYMENT_ENV}/keys | ||
CERTS_OUTPUT_DIR = ${KUSTOMIZE_DIR}/overlays/${DEPLOYMENT_ENV}/certs | ||
PREFIX ?= | ||
KUSTOMIZE_BUILD_OPTS ?= --load-restrictor LoadRestrictionsNone --enable-alpha-plugins | ||
export KUSTOMIZE_PLUGIN_HOME = $(abspath .)/kustomize/plugin | ||
|
||
.PHONY: all | ||
all: setup | ||
|
||
.PHONY: setup | ||
setup: generate-test-certs | ||
@echo setup | ||
|
||
.PHONY: setup-no-certs | ||
setup-no-certs: | ||
@echo setup-no-certs | ||
|
||
# TODO (#521): frapsoft/openssl only has an amd64 version. While this does work when using Docker on arm64-based macOS | ||
# currently thanks to the automatic built-in QEMU emulation, it would be better to use a | ||
# native arm64 version. | ||
.PHONY: generate-test-certs | ||
generate-test-certs: clean-certs | ||
@echo $(abspath .) | ||
@$(CONTAINER_CMD) run ${CONTAINER_CMD_RUN_OPTS} -i --platform linux/amd64 --rm \ | ||
-v $(abspath .):/opt/workspace:Z \ | ||
-e DOMAIN=${DOMAIN} \ | ||
-e CERTS_OUTPUT_DIR=${CERTS_OUTPUT_DIR} \ | ||
--entrypoint "/opt/workspace/scripts/generate_test_certs.sh" \ | ||
docker.io/frapsoft/openssl:latest | ||
@cd ${CERTS_OUTPUT_DIR} && ln -fs trustbloc-dev-ca.crt ca.crt | ||
@cd ${CERTS_OUTPUT_DIR} && ln -fs ${DOMAIN}.key tls.key | ||
@cd ${CERTS_OUTPUT_DIR} && ln -fs ${DOMAIN}.crt tls.crt | ||
|
||
.PHONY: deploy | ||
deploy: prechecks kustomize kubectl set-images set-labels deploy-wallet-demo-app | ||
|
||
.PHONY: prechecks | ||
prechecks: | ||
ifeq (, $(shell stat ${KUSTOMIZE_DIR}/overlays/${DEPLOYMENT_ENV} 2>/dev/null)) | ||
@echo "Environment not found ${KUSTOMIZE_DIR}/overlays/${DEPLOYMENT_ENV}" | ||
@exit 1 | ||
endif | ||
|
||
.PHONY: set-labels | ||
set-labels: kustomize | ||
@pushd ${KUSTOMIZE_DIR}/overlays/${DEPLOYMENT_ENV}/wallet-demo-app &&\ | ||
${KUSTOMIZE} edit set label ${COMMON_LABELS} &&\ | ||
popd | ||
|
||
.PHONY: set-images | ||
set-images: kustomize | ||
@pushd ${KUSTOMIZE_DIR}/base &&\ | ||
${KUSTOMIZE} edit set image wallet-demo-app=${WALLET_DEMO_APP_IMG} &&\ | ||
popd | ||
|
||
.PHONY: deploy-wallet-demo-app | ||
deploy-wallet-demo-app: prechecks kustomize kubectl | ||
@minikube image load $(WALLET_DEMO_APP_IMG) | ||
$(KUSTOMIZE) build ${KUSTOMIZE_BUILD_OPTS} \ | ||
${KUSTOMIZE_DIR}/overlays/${DEPLOYMENT_ENV}/wallet-demo-app | $(KUBECTL) apply -f - | ||
|
||
.PHONY: undeploy | ||
undeploy: prechecks kustomize kubectl set-images set-labels undeploy-wallet-demo-app | ||
|
||
.PHONY: undeploy-wallet-demo-app | ||
undeploy-wallet-demo-app: prechecks kustomize kubectl | ||
$(KUSTOMIZE) build ${KUSTOMIZE_BUILD_OPTS} \ | ||
${KUSTOMIZE_DIR}/overlays/${DEPLOYMENT_ENV}/wallet-demo-app | $(KUBECTL) delete -f - | ||
|
||
.PHONY: kustomize | ||
kustomize: | ||
ifeq (, $(shell which kustomize 2>/dev/null)) | ||
@{ \ | ||
set -e ;\ | ||
mkdir -p bin ;\ | ||
curl -sSLo - https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v4.3.0/kustomize_v4.3.0_$(OS)_$(ARCH).tar.gz | tar xzf - -C bin/ ;\ | ||
} | ||
KUSTOMIZE=$(realpath ./bin/kustomize) | ||
else | ||
KUSTOMIZE=$(shell which kustomize) | ||
endif | ||
|
||
.PHONY: kubectl | ||
kubectl: | ||
ifeq (, $(shell which kubectl 2>/dev/null)) | ||
@{ \ | ||
set -e ;\ | ||
mkdir -p bin ;\ | ||
curl -sSL https://storage.googleapis.com/kubernetes-release/release/v1.21.2/bin/$(OS)/$(ARCH)/kubectl -o bin/kubectl ;\ | ||
chmod u+x bin/kubectl ;\ | ||
} | ||
KUBECTL=$(realpath ./bin/kubectl) | ||
else | ||
KUBECTL=$(shell which kubectl) | ||
endif | ||
|
||
.PHONY: clean | ||
clean: clean-all | ||
|
||
.PHONY: clean-all | ||
clean-all: clean-certs | ||
|
||
.PHONY: clean-certs | ||
clean-certs: | ||
@rm -Rf ${CERTS_OUTPUT_DIR} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
# [Wallet Demo App](https://github.com/trustbloc/wallet-sdk/tree/main/demo/app) k8s deployment # | ||
|
||
|
||
## pre-requisits | ||
* [Minikube](https://minikube.sigs.k8s.io/docs/start/) with ingress addon. | ||
* GNU sed | ||
* (Optional: Gets installed by make) [kustomize](https://kubectl.docs.kubernetes.io/installation/kustomize/). | ||
|
||
## Quick Run | ||
* `make all` | ||
* `make deploy-wallet-demo-app` | ||
|
||
## Cleanup | ||
* `make undeploy-wallet-demo-app` | ||
* `make clean` | ||
|
||
## options and features | ||
* By default dns domain is `local.trustboc.dev`. To run with different domain (See next), run with: `make DOMAIN=ali.trustbloc.dev` | ||
* By default Bloc domain is `orb-1.trustboc.dev`. To run with different domain (See next), run with: `make BLOC_DOMAIN=orb-1.ali.trustbloc.dev` | ||
* Will create an Ingress for external access. When running with unregistered dns domains, create records (/etc/hosts) for: | ||
- `wallet.DOMAIN` | ||
* if running `podman` pass `CONTAINER_CMD=podman` as option to make | ||
* Running with none self-signed certificates: place certs into kustomize/wallet/overlays/sandbox/certs, then run with: `make setup-no-certs`. | ||
>files: | ||
- ca.crt | ||
- tls.crt | ||
- tls.key |
17 changes: 17 additions & 0 deletions
17
wallet-demo-app/kustomize/plugin/svceng/sedtransformer/SedTransformer
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
#!/usr/bin/env bash | ||
# | ||
# Copyright SecureKey Technologies Inc. All Rights Reserved. | ||
# | ||
# SPDX-License-Identifier: Apache-2.0 | ||
# | ||
|
||
# https://github.com/kubernetes-sigs/kustomize/blob/master/plugin/someteam.example.com/v1/sedtransformer/SedTransformer | ||
# Skip the config file name argument. | ||
shift | ||
args=() | ||
for arg in "$@"; do | ||
env_expanded=${arg@P} | ||
args+=(-e "$env_expanded") | ||
done | ||
|
||
sed "${args[@]}" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
# | ||
# Copyright Gen Digital Inc. All Rights Reserved. | ||
# | ||
# SPDX-License-Identifier: Apache-2.0 | ||
# | ||
|
||
**/keys/** | ||
**/certs/** |
35 changes: 35 additions & 0 deletions
35
wallet-demo-app/kustomize/wallet-demo-app/base/deployment.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
# | ||
# Copyright Gen Digital Inc. All Rights Reserved. | ||
# | ||
# SPDX-License-Identifier: Apache-2.0 | ||
# | ||
|
||
--- | ||
kind: Deployment | ||
apiVersion: apps/v1 | ||
metadata: | ||
name: wallet-demo-app | ||
spec: | ||
replicas: 1 | ||
selector: | ||
matchLabels: | ||
app: wallet-demo-app | ||
template: | ||
metadata: | ||
labels: | ||
app: wallet-demo-app | ||
spec: | ||
containers: | ||
- name: wallet-demo-app | ||
image: wallet-demo-app:latest | ||
ports: | ||
- containerPort: 80 | ||
protocol: TCP | ||
name: http-port | ||
livenessProbe: | ||
httpGet: | ||
path: /healthcheck | ||
port: http-port | ||
initialDelaySeconds: 30 | ||
periodSeconds: 10 | ||
failureThreshold: 5 |
18 changes: 18 additions & 0 deletions
18
wallet-demo-app/kustomize/wallet-demo-app/base/kustomization.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
# | ||
# Copyright Gen Digital Inc. All Rights Reserved. | ||
# | ||
# SPDX-License-Identifier: Apache-2.0 | ||
# | ||
|
||
generatorOptions: {} | ||
|
||
resources: | ||
- deployment.yml | ||
- service.yml | ||
|
||
apiVersion: kustomize.config.k8s.io/v1beta1 | ||
kind: Kustomization | ||
images: | ||
- name: wallet-demo-app | ||
newName: ghcr.io/trustbloc-cicd/wallet-demo-app | ||
newTag: latest |
29 changes: 29 additions & 0 deletions
29
wallet-demo-app/kustomize/wallet-demo-app/base/service.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
# | ||
# Copyright Gen Digital Inc. All Rights Reserved. | ||
# | ||
# SPDX-License-Identifier: Apache-2.0 | ||
# | ||
|
||
--- | ||
apiVersion: v1 | ||
kind: Service | ||
metadata: | ||
creationTimestamp: null | ||
name: wallet-demo-app | ||
labels: | ||
app: wallet-demo-app | ||
spec: | ||
ports: | ||
- name: http | ||
port: 80 | ||
protocol: TCP | ||
targetPort: http-port | ||
- name: prometheus | ||
port: 9100 | ||
protocol: TCP | ||
targetPort: prometheus | ||
selector: | ||
app: wallet-demo-app | ||
status: | ||
loadBalancer: {} | ||
--- |
27 changes: 27 additions & 0 deletions
27
wallet-demo-app/kustomize/wallet-demo-app/overlays/common/kustomization.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
# | ||
# Copyright Gen Digital Inc. All Rights Reserved. | ||
# | ||
# SPDX-License-Identifier: Apache-2.0 | ||
# | ||
|
||
# Adds namespace to all resources. | ||
#namespace: edge-sandbox-system | ||
|
||
# Value of this field is prepended to the | ||
# names of all resources, e.g. a deployment named | ||
# "wordpress" becomes "alices-wordpress". | ||
# Note that it should also match with the prefix (text before '-') of the namespace | ||
# field above. | ||
commonLabels: | ||
group: services | ||
project: trustbloc | ||
|
||
|
||
apiVersion: kustomize.config.k8s.io/v1beta1 | ||
kind: Kustomization | ||
|
||
resources: | ||
- ../../base | ||
|
||
transformers: | ||
- sedtransform.yml |
11 changes: 11 additions & 0 deletions
11
wallet-demo-app/kustomize/wallet-demo-app/overlays/common/sedtransform.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
# | ||
# Copyright Gen Digital Inc. All Rights Reserved. | ||
# | ||
# SPDX-License-Identifier: Apache-2.0 | ||
# | ||
|
||
apiVersion: svceng | ||
kind: SedTransformer | ||
metadata: | ||
name: sedtransformer | ||
argsOneLiner: s^||DOMAIN||^${DOMAIN}^g |
29 changes: 29 additions & 0 deletions
29
wallet-demo-app/kustomize/wallet-demo-app/overlays/local/wallet-demo-app/ingress.yml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
# | ||
# Copyright Gen Digital Inc. All Rights Reserved. | ||
# | ||
# SPDX-License-Identifier: Apache-2.0 | ||
# | ||
|
||
--- | ||
apiVersion: networking.k8s.io/v1 | ||
kind: Ingress | ||
metadata: | ||
name: wallet-demo-app | ||
labels: | ||
app: wallet-demo-app | ||
spec: | ||
tls: | ||
- hosts: | ||
- wallet-demo-app.||DOMAIN|| | ||
secretName: INGRESS_TLS_SECRET | ||
rules: | ||
- host: wallet-demo-app.||DOMAIN|| | ||
http: | ||
paths: | ||
- pathType: Prefix | ||
path: "/" | ||
backend: | ||
service: | ||
name: wallet-demo-app | ||
port: | ||
name: http |
Oops, something went wrong.