root
/
NAM-APJATEL
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fixing:deployment

This commit is contained in:
rheiga19 2025-03-26 22:17:18 +07:00
parent e100f4ab0d
commit d3ba8a85c3
2 changed files with 210 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Jenkinsfile vendored
View File

@ -49,7 +49,7 @@ spec:
stage('Checkout Code') { stage('Checkout Code') {
steps { steps {
cleanWs() cleanWs()
git branch: 'master', url: 'https://git.winteraccess.id/winter-access/frontend-nam.git', credentialsId: "${CREDENTIALS_ID}" git branch: 'dev', url: 'https://git.winteraccess.id/winter-access/frontend-nam.git', credentialsId: "${CREDENTIALS_ID}"
} }
} }
@ -81,12 +81,12 @@ spec:
def imageTag = "dev-${env.SHORT_SHA}" def imageTag = "dev-${env.SHORT_SHA}"
sh """ sh """
docker build -t ${REGISTRY_URL}/${IMAGE_NAME}:${imageTag} \ docker build -t ${REGISTRY_URL}/${IMAGE_NAME}:${imageTag} \
-t ${REGISTRY_URL}/${IMAGE_NAME}:master \ -t ${REGISTRY_URL}/${IMAGE_NAME}:dev \
-t ${REGISTRY_URL}/${IMAGE_NAME}:latest \ -t ${REGISTRY_URL}/${IMAGE_NAME}:latest \
-f deploy/docker/Dockerfile . -f deploy/docker/Dockerfile .
docker push ${REGISTRY_URL}/${IMAGE_NAME}:${imageTag} docker push ${REGISTRY_URL}/${IMAGE_NAME}:${imageTag}
docker push ${REGISTRY_URL}/${IMAGE_NAME}:master docker push ${REGISTRY_URL}/${IMAGE_NAME}:dev
docker push ${REGISTRY_URL}/${IMAGE_NAME}:latest docker push ${REGISTRY_URL}/${IMAGE_NAME}:latest
""" """
} }

263
kubernetes/dev.yaml
View File

@ -1,32 +1,122 @@
apiVersion: v1
kind: Secret
metadata:
name: nam-frontend-dev-secret
namespace: nam-frontend-dev
labels:
app.kubernetes.io/name: nam-frontend-dev
app.kubernetes.io/instance: nam-frontend-dev
io.portainer.kubernetes.application.name: nam-frontend-dev
io.portainer.kubernetes.application.owner: admin
type: Opaque
data:
VITE_API_URL: YW1lc2NhZmUuY29t
---
apiVersion: v1 apiVersion: v1
kind: ConfigMap kind: ConfigMap
metadata: metadata:
name: frontend-nam-dev-config name: nam-frontend-dev-config
namespace: nam-frontend-dev namespace: nam-frontend-dev
labels: labels:
app.kubernetes.io/name: frontend-nam-dev app.kubernetes.io/name: nam-frontend-dev
app.kubernetes.io/instance: frontend-nam-dev app.kubernetes.io/instance: nam-frontend-dev
io.portainer.kubernetes.application.name: nam-frontend-dev
io.portainer.kubernetes.application.owner: admin
data: data:
".env": | ".env": |
VITE_API_URL=https://api.example.com VITE_API_URL=https://api-nam.winteraccess.id
VITE_APP_ENV=development ---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
annotations:
volume.alpha.kubernetes.io/storage-class: generic
volume.beta.kubernetes.io/storage-provisioner: cluster.local/nfs-nfs-subdir-external-provisioner
volume.kubernetes.io/storage-provisioner: cluster.local/nfs-nfs-subdir-external-provisioner
labels:
app.kubernetes.io/name: nam-frontend-dev
app.kubernetes.io/instance: nam-frontend-dev
io.portainer.kubernetes.application.name: nam-frontend-dev
io.portainer.kubernetes.application.owner: admin
name: nam-frontend-dev-storage
namespace: nam-frontend-dev
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
storageClassName: nfs
volumeMode: Filesystem
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
annotations:
volume.alpha.kubernetes.io/storage-class: generic
volume.beta.kubernetes.io/storage-provisioner: cluster.local/nfs-nfs-subdir-external-provisioner
volume.kubernetes.io/storage-provisioner: cluster.local/nfs-nfs-subdir-external-provisioner
labels:
app.kubernetes.io/name: nam-frontend-dev
app.kubernetes.io/instance: nam-frontend-dev
io.portainer.kubernetes.application.name: nam-frontend-dev
io.portainer.kubernetes.application.owner: admin
name: nam-frontend-dev-public
namespace: nam-frontend-dev
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
storageClassName: nfs
volumeMode: Filesystem
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
annotations:
volume.alpha.kubernetes.io/storage-class: generic
volume.beta.kubernetes.io/storage-provisioner: cluster.local/nfs-nfs-subdir-external-provisioner
volume.kubernetes.io/storage-provisioner: cluster.local/nfs-nfs-subdir-external-provisioner
labels:
app.kubernetes.io/instance: nam-frontend-dev
app.kubernetes.io/name: nam-frontend-dev
io.portainer.kubernetes.application.name: nam-frontend-dev
io.portainer.kubernetes.application.owner: admin
name: nam-frontend-dev-public
namespace: nam-frontend-dev
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
storageClassName: nfs
volumeMode: Filesystem
--- ---
apiVersion: apps/v1 apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
name: frontend-nam-dev name: nam-frontend-dev
namespace: nam-frontend-dev namespace: nam-frontend-dev
labels: labels:
app.kubernetes.io/instance: frontend-nam-dev app.kubernetes.io/instance: nam-frontend-dev
app.kubernetes.io/name: frontend-nam-dev app.kubernetes.io/name: nam-frontend-dev
io.portainer.kubernetes.application.name: nam-frontend-dev
io.portainer.kubernetes.application.owner: admin
spec: spec:
progressDeadlineSeconds: 600 progressDeadlineSeconds: 600
replicas: 2 replicas: 3
revisionHistoryLimit: 10 revisionHistoryLimit: 10
selector: selector:
matchLabels: matchLabels:
app.kubernetes.io/instance: frontend-nam-dev app.kubernetes.io/instance: nam-frontend-dev
app.kubernetes.io/name: frontend-nam-dev app.kubernetes.io/name: nam-frontend-dev
strategy: strategy:
rollingUpdate: rollingUpdate:
maxSurge: 1 maxSurge: 1
@ -35,73 +125,128 @@ spec:
template: template:
metadata: metadata:
labels: labels:
app.kubernetes.io/instance: frontend-nam-dev app.kubernetes.io/instance: nam-frontend-dev
app.kubernetes.io/name: frontend-nam-dev app.kubernetes.io/name: nam-frontend-dev
spec: spec:
affinity: affinity:
podAntiAffinity: podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution: preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100 - weight: 100
podAffinityTerm: podAffinityTerm:
labelSelector: labelSelector:
matchLabels: matchLabels:
app.kubernetes.io/instance: frontend-nam-dev app.kubernetes.io/instance: nam-frontend-dev
app.kubernetes.io/name: frontend-nam-dev app.kubernetes.io/name: nam-frontend-dev
topologyKey: "kubernetes.io/hostname" topologyKey: "kubernetes.io/hostname"
containers: containers:
- name: web - name: web
image: git.winteraccess.id/winter-access/frontend-nam:dev image: https://git.winteraccess.id/winter-access/frontend-nam:dev
imagePullPolicy: Always imagePullPolicy: Always
env:
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: nam-frontend-dev-secret
key: DB_PASSWORD
resources: resources:
limits: limits:
cpu: "250m" cpu: "250m"
memory: 512M memory: 1024M
requests: requests:
cpu: "100m" cpu: "100m"
memory: 256M memory: 512M
ports: ports:
- containerPort: 80 - containerPort: 80
name: http name: http
protocol: TCP protocol: TCP
livenessProbe:
httpGet:
path: /
port: 80
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
httpGet:
path: /
port: 80
initialDelaySeconds: 5
periodSeconds: 5
securityContext: securityContext:
allowPrivilegeEscalation: false allowPrivilegeEscalation: false
capabilities: capabilities:
drop: ["ALL"] drop: ["ALL"]
readOnlyRootFilesystem: false add: ["NET_ADMIN", "SYS_TIME"]
readOnlyRootFilesystem: true
terminationMessagePath: /dev/termination-log terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File terminationMessagePolicy: File
envFrom: volumeMounts:
- configMapRef: - mountPath: /app
name: frontend-nam-dev-config name: app
initContainers:
- name: init
image: https://git.winteraccess.id/winter-access/frontend-nam:dev
imagePullPolicy: Always
command: ["/scripts/initialize"]
env:
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: nam-frontend-dev-secret
key: DB_PASSWORD
resources:
limits:
cpu: "250m"
memory: 1024M
requests:
cpu: "100m"
memory: 512M
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop: ["ALL"]
add: ["NET_ADMIN", "SYS_TIME"]
readOnlyRootFilesystem: true
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /app
name: app
imagePullSecrets: imagePullSecrets:
- name: winter-registry - name: winter-registry
dnsPolicy: ClusterFirst dnsPolicy: ClusterFirst
restartPolicy: Always restartPolicy: Always
schedulerName: default-scheduler schedulerName: default-scheduler
securityContext: securityContext:
runAsUser: 10001
runAsGroup: 10001
fsGroup: 10001
runAsNonRoot: true runAsNonRoot: true
terminationGracePeriodSeconds: 30 terminationGracePeriodSeconds: 30
volumes:
- name: cache
emptyDir: {}
- name: run
emptyDir: {}
- name: logs
emptyDir: {}
- name: tmp
emptyDir: {}
- name: psysh
emptyDir: {}
- name: config
configMap:
name: nam-frontend-dev-config
- name: public
persistentVolumeClaim:
claimName: nam-frontend-dev-public
- name: storage
persistentVolumeClaim:
claimName: nam-frontend-dev-storage
--- ---
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: frontend-nam-dev name: nam-frontend-dev
namespace: nam-frontend-dev namespace: nam-frontend-dev
annotations:
traefik.ingress.kubernetes.io/service.sticky.cookie: "true"
traefik.ingress.kubernetes.io/service.sticky.cookie.name: "nam-frontend-dev"
traefik.ingress.kubernetes.io/service.sticky.cookie.secure: "true"
traefik.ingress.kubernetes.io/service.sticky.cookie.samesite: "none"
labels: labels:
app.kubernetes.io/name: frontend-nam-dev app.kubernetes.io/name: nam-frontend-dev
app.kubernetes.io/instance: frontend-nam-dev app.kubernetes.io/instance: nam-frontend-dev
io.portainer.kubernetes.application.name: nam-frontend-dev
io.portainer.kubernetes.application.owner: admin
spec: spec:
internalTrafficPolicy: Cluster internalTrafficPolicy: Cluster
ipFamilies: ipFamilies:
@ -111,12 +256,13 @@ spec:
- name: http - name: http
port: 80 port: 80
protocol: TCP protocol: TCP
targetPort: 80 targetPort: 5678
selector: selector:
app.kubernetes.io/instance: frontend-nam-dev app.kubernetes.io/instance: nam-frontend-dev
app.kubernetes.io/name: frontend-nam-dev app.kubernetes.io/name: nam-frontend-dev
sessionAffinity: None sessionAffinity: None
type: ClusterIP type: ClusterIP
--- ---
apiVersion: networking.k8s.io/v1 apiVersion: networking.k8s.io/v1
kind: Ingress kind: Ingress
@ -126,9 +272,11 @@ metadata:
traefik.ingress.kubernetes.io/router.entrypoints: web traefik.ingress.kubernetes.io/router.entrypoints: web
traefik.ingress.kubernetes.io/router.middlewares: default-https-redirect@kubernetescrd traefik.ingress.kubernetes.io/router.middlewares: default-https-redirect@kubernetescrd
labels: labels:
app.kubernetes.io/instance: frontend-nam-dev app.kubernetes.io/instance: nam-frontend-dev
app.kubernetes.io/name: frontend-nam-dev app.kubernetes.io/name: nam-frontend-dev
name: frontend-nam-dev-http io.portainer.kubernetes.application.name: nam-frontend-dev
io.portainer.kubernetes.application.owner: admin
name: nam-frontend-dev-http
namespace: nam-frontend-dev namespace: nam-frontend-dev
spec: spec:
ingressClassName: traefik ingressClassName: traefik
@ -138,7 +286,7 @@ spec:
paths: paths:
- backend: - backend:
service: service:
name: frontend-nam-dev name: nam-frontend-dev
port: port:
number: 80 number: 80
path: / path: /
@ -152,9 +300,11 @@ metadata:
kubernetes.io/ingress.class: traefik kubernetes.io/ingress.class: traefik
traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.entrypoints: websecure
labels: labels:
app.kubernetes.io/instance: frontend-nam-dev app.kubernetes.io/instance: nam-frontend-dev
app.kubernetes.io/name: frontend-nam-dev app.kubernetes.io/name: nam-frontend-dev
name: frontend-nam-dev-https io.portainer.kubernetes.application.name: nam-frontend-dev
io.portainer.kubernetes.application.owner: admin
name: nam-frontend-dev-https
namespace: nam-frontend-dev namespace: nam-frontend-dev
spec: spec:
ingressClassName: traefik ingressClassName: traefik
@ -164,7 +314,7 @@ spec:
paths: paths:
- backend: - backend:
service: service:
name: frontend-nam-dev name: nam-frontend-dev
port: port:
number: 80 number: 80
path: / path: /
@ -172,4 +322,5 @@ spec:
tls: tls:
- hosts: - hosts:
- dev-nam-frontend.winteraccess.id - dev-nam-frontend.winteraccess.id
secretName: frontend-nam-dev-tls secretName: nam-frontend-dev-tls