actions

kubesimplify · Aug 7, 2024 · 2579ec6 · 2579ec6
1 parent abb3301
commit 2579ec6
Show file tree

Hide file tree

Showing 4 changed files with 144 additions and 10 deletions.
diff --git a/.github/workflows/build_push.yml b/.github/workflows/build_push.yml
@@ -16,7 +16,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v4
         with:
-          go-version: '1.20.x'
+          go-version: '1.22.5'
 
       - name: Set up ko
         uses: ko-build/[email protected]

diff --git a/bsf.hcl b/bsf.hcl
@@ -5,7 +5,7 @@ packages {
 }
 
 oci "pkgs" {
-  name          = "ttl.sh/devops-baseimage"
+  name          = "docker.io/saiyam911/devops-baseimage"
   cmd           = []
   entrypoint    = []
   envVars       = []

diff --git a/bsf/flake.nix b/bsf/flake.nix
@@ -3,9 +3,9 @@
 	description = "";
 
 	inputs = {
-		 nixpkgs-7445ccd775d8b892fc56448d17345443a05f7fb4.url = "github:nixos/nixpkgs/7445ccd775d8b892fc56448d17345443a05f7fb4";
 		 nixpkgs-1ebb7d7bba2953a4223956cfb5f068b0095f84a7.url = "github:nixos/nixpkgs/1ebb7d7bba2953a4223956cfb5f068b0095f84a7";
 		 nixpkgs-ac5c1886fd9fe49748d7ab80accc4c847481df14.url = "github:nixos/nixpkgs/ac5c1886fd9fe49748d7ab80accc4c847481df14";
+		 nixpkgs-7445ccd775d8b892fc56448d17345443a05f7fb4.url = "github:nixos/nixpkgs/7445ccd775d8b892fc56448d17345443a05f7fb4";
 
 		nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
 
@@ -26,19 +26,19 @@
 
 
 	 nix2container , 
-	 nixpkgs-7445ccd775d8b892fc56448d17345443a05f7fb4, 
 	 nixpkgs-1ebb7d7bba2953a4223956cfb5f068b0095f84a7, 
 	 nixpkgs-ac5c1886fd9fe49748d7ab80accc4c847481df14, 
+	 nixpkgs-7445ccd775d8b892fc56448d17345443a05f7fb4, 
 	 }: let
 	  supportedSystems = [ "x86_64-linux" "aarch64-darwin" "x86_64-darwin" "aarch64-linux" ];
 
 
 	  forEachSupportedSystem = f: nixpkgs.lib.genAttrs supportedSystems (system: f {
 		inherit system;
 		 nix2containerPkgs = nix2container.packages.${system}; 
-		 nixpkgs-7445ccd775d8b892fc56448d17345443a05f7fb4-pkgs = import nixpkgs-7445ccd775d8b892fc56448d17345443a05f7fb4 { inherit system; };
 		 nixpkgs-1ebb7d7bba2953a4223956cfb5f068b0095f84a7-pkgs = import nixpkgs-1ebb7d7bba2953a4223956cfb5f068b0095f84a7 { inherit system; };
 		 nixpkgs-ac5c1886fd9fe49748d7ab80accc4c847481df14-pkgs = import nixpkgs-ac5c1886fd9fe49748d7ab80accc4c847481df14 { inherit system; };
+		 nixpkgs-7445ccd775d8b892fc56448d17345443a05f7fb4-pkgs = import nixpkgs-7445ccd775d8b892fc56448d17345443a05f7fb4 { inherit system; };
 
 
 		pkgs = import nixpkgs { inherit system;  };
@@ -51,9 +51,9 @@
 
 
 
-		 nixpkgs-7445ccd775d8b892fc56448d17345443a05f7fb4-pkgs, 
 		 nixpkgs-1ebb7d7bba2953a4223956cfb5f068b0095f84a7-pkgs, 
 		 nixpkgs-ac5c1886fd9fe49748d7ab80accc4c847481df14-pkgs, 
+		 nixpkgs-7445ccd775d8b892fc56448d17345443a05f7fb4-pkgs, 
 		 ... }: {
 		devShell = pkgs.mkShell {
 		  # The Nix packages provided in the environment
@@ -69,7 +69,7 @@
 
 
 
-		 nixpkgs-7445ccd775d8b892fc56448d17345443a05f7fb4-pkgs,  nixpkgs-1ebb7d7bba2953a4223956cfb5f068b0095f84a7-pkgs,  nixpkgs-ac5c1886fd9fe49748d7ab80accc4c847481df14-pkgs,  ... }: {
+		 nixpkgs-1ebb7d7bba2953a4223956cfb5f068b0095f84a7-pkgs,  nixpkgs-ac5c1886fd9fe49748d7ab80accc4c847481df14-pkgs,  nixpkgs-7445ccd775d8b892fc56448d17345443a05f7fb4-pkgs,  ... }: {
 		runtime = pkgs.buildEnv {
 		  name = "runtimeenv";
 		  paths = [ 
@@ -83,7 +83,7 @@
 
 
 
-	    nixpkgs-7445ccd775d8b892fc56448d17345443a05f7fb4-pkgs,  nixpkgs-1ebb7d7bba2953a4223956cfb5f068b0095f84a7-pkgs,  nixpkgs-ac5c1886fd9fe49748d7ab80accc4c847481df14-pkgs,  ... }: {
+	    nixpkgs-1ebb7d7bba2953a4223956cfb5f068b0095f84a7-pkgs,  nixpkgs-ac5c1886fd9fe49748d7ab80accc4c847481df14-pkgs,  nixpkgs-7445ccd775d8b892fc56448d17345443a05f7fb4-pkgs,  ... }: {
 		development = pkgs.buildEnv {
 		  name = "devenv";
 		  paths = [ 
@@ -103,7 +103,7 @@
 
 
 		ociImage_pkgs_runtime = nix2containerPkgs.nix2container.buildImage {
-			name = "ttl.sh/devops-baseimage";
+			name = "docker.io/saiyam911/devops-baseimage";
 			config = {
 				cmd = [  ];
 
@@ -127,7 +127,7 @@
 		};
 
 		ociImage_pkgs_dev = nix2containerPkgs.nix2container.buildImage {
-			name = "ttl.sh/devops-baseimage";
+			name = "docker.io/saiyam911/devops-baseimage";
 			config = {
 				cmd = [  ];
 

diff --git a/tmpl/deploy.j2 b/tmpl/deploy.j2
@@ -0,0 +1,134 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: my-app
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: my-app
+  template:
+    metadata:
+      labels:
+        app: my-app
+    spec:
+      containers:
+      - name: my-app
+        image: saiyam911/kubesimplify-demo:{{ image_deploy_tag }}
+        imagePullPolicy: Always
+        env:
+        - name: DB_USERNAME
+          valueFrom:
+            secretKeyRef:
+              name: postgresql-credentials
+              key: username
+        - name: DB_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: postgresql-credentials
+              key: password
+        - name: DB_HOST
+          value: my-postgresql-rw.default.svc.cluster.local
+        - name: DB_PORT
+          value: "5432"
+        - name: DB_NAME
+          value: goals_database
+        ports:
+        - containerPort: 8080
+        readinessProbe:
+          httpGet:
+            path: /health
+            port: 8080
+          initialDelaySeconds: 5
+          periodSeconds: 10
+        livenessProbe:
+          httpGet:
+            path: /health
+            port: 8080
+          initialDelaySeconds: 15
+          periodSeconds: 20
+        resources:
+          requests:
+            memory: "350Mi"
+            cpu: "250m"
+          limits:
+            memory: "500Mi"
+            cpu: "500m"
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: my-app-service
+spec:
+  selector:
+    app: my-app
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 8080  
+---
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: production-app
+spec:
+  acme:
+    # The ACME server URL
+    server: https://acme-v02.api.letsencrypt.org/directory
+    # Email address used for ACME registration
+    email: [email protected]
+    # Name of a secret used to store the ACME account private key
+    privateKeySecretRef:
+      name: app 
+    # Enable the HTTP-01 challenge provider
+    solvers:
+    - http01:
+        ingress:
+          class: nginx 
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: app
+spec:
+  secretName: app
+  issuerRef:
+    name: production-app
+    kind: ClusterIssuer
+  commonName: demo.kubesimplify.com
+  dnsNames:
+  - demo.kubesimplify.com 
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: my-app-ingress
+  annotations:
+    cert-manager.io/cluster-issuer: production-app
+
+spec:
+  ingressClassName: nginx
+  rules:
+  - host: demo.kubesimplify.com
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: my-app-service
+            port:
+              number: 80
+  tls:
+  - hosts:
+    - demo.kubesimplify.com
+    secretName: app
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: postgresql-credentials
+type: Opaque
+data:
+  password: bmV3X3Bhc3N3b3Jk
+  username: Z29hbHNfdXNlcg==