tomekwojcik/hotpocket
1
0
Fork 0
Code Actions Releases 11 Activity

BTHLABS-0000: development workflow

Browse Source 
Co-authored-by: Tomek Wójcik <labs@tomekwojcik.pl>
Co-committed-by: Tomek Wójcik <labs@tomekwojcik.pl>
This commit is contained in:
Tomek Wójcik
2025-10-17 06:49:10 +00:00
committed by Tomek Wójcik
parent 0cf7b27f89
commit 10fccc17f7
22 changed files with 910 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
deployment/hotpocket.bthlab/configs/backend/admin Normal file
View File

@@ -0,0 +1,5 @@
DJANGO_SETTINGS_MODULE=hotpocket_backend.settings.deployment.admin
HOTPOCKET_BACKEND_GUNICORN_WORKERS=2
HOTPOCKET_BACKEND_APP=admin
HOTPOCKET_BACKEND_SECRET_KEY=thisissecret
HOTPOCKET_BACKEND_ALLOWED_HOSTS=thisissecret

8
deployment/hotpocket.bthlab/configs/backend/base Normal file
View File

@@ -0,0 +1,8 @@
HOTPOCKET_BACKEND_ENV=deployment
HOTPOCKET_BACKEND_DATABASE_NAME=hotpocket_development_backend
HOTPOCKET_BACKEND_DATABASE_USER=thisissecret
HOTPOCKET_BACKEND_DATABASE_PASSWORD=thisissecret
HOTPOCKET_BACKEND_DATABASE_HOST=databases.bthlab
HOTPOCKET_BACKEND_CELERY_BROKER_URL=thisissecret
HOTPOCKET_BACKEND_CELERY_RESULT_BACKEND=thisissecret
HOTPOCKET_BACKEND_MODEL_AUTH_IS_DISABLED=false

7
deployment/hotpocket.bthlab/configs/backend/webapp Normal file
View File

@@ -0,0 +1,7 @@
DJANGO_SETTINGS_MODULE=hotpocket_backend.settings.deployment.webapp
HOTPOCKET_BACKEND_GUNICORN_WORKERS=2
HOTPOCKET_BACKEND_APP=webapp
HOTPOCKET_BACKEND_SECRET_KEY=thisissecret
HOTPOCKET_BACKEND_ALLOWED_HOSTS=thisissecret
HOTPOCKET_BACKEND_SAVES_SAVE_ADAPTER=hotpocket_backend.apps.saves.adapters.postgres:PostgresSaveAdapter
HOTPOCKET_BACKEND_SAVES_ASSOCIATION_ADAPTER=hotpocket_backend.apps.saves.adapters.postgres:PostgresAssociationAdapter

39
deployment/hotpocket.bthlab/kustomization.yaml Normal file
View File

@@ -0,0 +1,39 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- resources/namespace.yaml
- resources/volumes.yaml
- resources/backend/job-migrations.yaml
- resources/backend/webapp.yaml
- resources/backend/webapp-service.yaml
- resources/backend/webapp-ingress.yaml
- resources/backend/admin.yaml
- resources/backend/admin-service.yaml
- resources/backend/admin-ingress.yaml
- resources/backend/celery-worker.yaml
- resources/backend/celery-beat.yaml
configMapGenerator:
- behavior: create
namespace: hotpocket-development
envs:
- configs/backend/base
name: backend-base-config
- behavior: create
namespace: hotpocket-development
envs:
- configs/backend/webapp
name: backend-webapp-config
- behavior: create
namespace: hotpocket-development
envs:
- configs/backend/admin
name: backend-admin-config
patches: []
images:
- name: hotpocket-backend
newName: docker-hosted.nexus.bthlabs.pl/hotpocket/backend
newTag: deployment-v25.10.4-01

19
deployment/hotpocket.bthlab/resources/backend/admin-ingress.yaml Normal file
View File

@@ -0,0 +1,19 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: backend-admin-ingress
namespace: hotpocket-development
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "web"
spec:
rules:
- host: admin.hotpocket.bthlab.bthlabs.net
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: backend-admin-service
port:
name: http

14
deployment/hotpocket.bthlab/resources/backend/admin-service.yaml Normal file
View File

@@ -0,0 +1,14 @@
apiVersion: v1
kind: Service
metadata:
name: backend-admin-service
namespace: hotpocket-development
spec:
type: ClusterIP
selector:
app.kubernetes.io/app: backend-admin
ports:
- name: http
protocol: TCP
port: 8000
targetPort: http

101
deployment/hotpocket.bthlab/resources/backend/admin.yaml Normal file
View File

@@ -0,0 +1,101 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: backend-admin
namespace: hotpocket-development
labels:
app.kubernetes.io/app: backend-admin
spec:
minReadySeconds: 30
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 1
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
type: RollingUpdate
selector:
matchLabels:
app.kubernetes.io/app: backend-admin
template:
metadata:
labels:
app.kubernetes.io/app: backend-admin
spec:
containers:
- name: app
image: hotpocket-backend:latest
command:
- "/srv/venv/bin/gunicorn"
- "-c"
- "/srv/lib/gunicorn.conf.py"
- "hotpocket_backend.wsgi:application"
envFrom:
- configMapRef:
name: backend-base-config
- configMapRef:
name: backend-admin-config
env:
- name: HOTPOCKET_BACKEND_SECRET_KEY
valueFrom:
secretKeyRef:
name: backend-admin
key: secret_key
- name: HOTPOCKET_BACKEND_ALLOWED_HOSTS
valueFrom:
secretKeyRef:
name: backend-admin
key: allowed_hosts
- name: HOTPOCKET_BACKEND_DATABASE_USER
valueFrom:
secretKeyRef:
name: backend-postgres
key: username
- name: HOTPOCKET_BACKEND_DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: backend-postgres
key: password
- name: HOTPOCKET_BACKEND_CELERY_BROKER_URL
valueFrom:
secretKeyRef:
name: backend-celery
key: broker_url
- name: HOTPOCKET_BACKEND_CELERY_RESULT_BACKEND
valueFrom:
secretKeyRef:
name: backend-celery
key: result_backend
ports:
- containerPort: 8000
name: http
protocol: TCP
- containerPort: 8001
name: healthcheck
protocol: TCP
livenessProbe:
httpGet:
path: "/"
port: 8001
initialDelaySeconds: 5
periodSeconds: 10
readinessProbe:
httpGet:
path: "/"
port: 8001
initialDelaySeconds: 2
periodSeconds: 5
volumeMounts:
- mountPath: /dev/shm
name: shm
- mountPath: /srv/run
name: backend-admin-srv-run
dnsPolicy: ClusterFirst
restartPolicy: Always
volumes:
- name: shm
emptyDir:
medium: Memory
- name: backend-admin-srv-run
emptyDir: {}

85
deployment/hotpocket.bthlab/resources/backend/celery-beat.yaml Normal file
View File

@@ -0,0 +1,85 @@
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: backend-celery-beat
namespace: hotpocket-development
labels:
app.kubernetes.io/app: backend-celery-beat
spec:
minReadySeconds: 30
replicas: 1
revisionHistoryLimit: 1
selector:
matchLabels:
app.kubernetes.io/app: backend-celery-beat
template:
metadata:
labels:
app.kubernetes.io/app: backend-celery-beat
spec:
containers:
- name: app
image: hotpocket-backend:latest
command:
- "/srv/venv/bin/celery"
- "-A"
- "hotpocket_backend.celery:app"
- "beat"
- "-l"
- "INFO"
- "-s"
- "/srv/run/celery-beat-schedule"
envFrom:
- configMapRef:
name: backend-base-config
- configMapRef:
name: backend-webapp-config
env:
- name: HOTPOCKET_BACKEND_SECRET_KEY
valueFrom:
secretKeyRef:
name: backend-webapp
key: secret_key
- name: HOTPOCKET_BACKEND_ALLOWED_HOSTS
valueFrom:
secretKeyRef:
name: backend-webapp
key: allowed_hosts
- name: HOTPOCKET_BACKEND_DATABASE_USER
valueFrom:
secretKeyRef:
name: backend-postgres
key: username
- name: HOTPOCKET_BACKEND_DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: backend-postgres
key: password
- name: HOTPOCKET_BACKEND_CELERY_BROKER_URL
valueFrom:
secretKeyRef:
name: backend-celery
key: broker_url
- name: HOTPOCKET_BACKEND_CELERY_RESULT_BACKEND
valueFrom:
secretKeyRef:
name: backend-celery
key: result_backend
volumeMounts:
- mountPath: /dev/shm
name: shm
- mountPath: /srv/run
name: backend-celery-beat-srv-run
- mountPath: /srv/uploads
name: backend-celery-beat-srv-uploads
dnsPolicy: ClusterFirst
restartPolicy: Always
volumes:
- name: shm
emptyDir:
medium: Memory
- name: backend-celery-beat-srv-run
persistentVolumeClaim:
claimName: backend-celery-beat-run
- name: backend-celery-beat-srv-uploads
emptyDir: {}

93
deployment/hotpocket.bthlab/resources/backend/celery-worker.yaml Normal file
View File

@@ -0,0 +1,93 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: backend-celery-worker
namespace: hotpocket-development
labels:
app.kubernetes.io/app: backend-celery-worker
spec:
minReadySeconds: 30
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 1
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
type: RollingUpdate
selector:
matchLabels:
app.kubernetes.io/app: backend-celery-worker
template:
metadata:
labels:
app.kubernetes.io/app: backend-celery-worker
spec:
containers:
- name: app
image: hotpocket-backend:latest
command:
- "/srv/venv/bin/celery"
- "-A"
- "hotpocket_backend.celery:app"
- "worker"
- "-l"
- "INFO"
- "-Q"
- "celery,webapp"
- "-c"
- "2"
envFrom:
- configMapRef:
name: backend-base-config
- configMapRef:
name: backend-webapp-config
env:
- name: HOTPOCKET_BACKEND_SECRET_KEY
valueFrom:
secretKeyRef:
name: backend-webapp
key: secret_key
- name: HOTPOCKET_BACKEND_ALLOWED_HOSTS
valueFrom:
secretKeyRef:
name: backend-webapp
key: allowed_hosts
- name: HOTPOCKET_BACKEND_DATABASE_USER
valueFrom:
secretKeyRef:
name: backend-postgres
key: username
- name: HOTPOCKET_BACKEND_DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: backend-postgres
key: password
- name: HOTPOCKET_BACKEND_CELERY_BROKER_URL
valueFrom:
secretKeyRef:
name: backend-celery
key: broker_url
- name: HOTPOCKET_BACKEND_CELERY_RESULT_BACKEND
valueFrom:
secretKeyRef:
name: backend-celery
key: result_backend
volumeMounts:
- mountPath: /dev/shm
name: shm
- mountPath: /srv/run
name: backend-celery-worker-srv-run
- mountPath: /srv/uploads
name: backend-celery-worker-srv-uploads
dnsPolicy: ClusterFirst
restartPolicy: Always
volumes:
- name: shm
emptyDir:
medium: Memory
- name: backend-celery-worker-srv-run
emptyDir: {}
- name: backend-celery-worker-srv-uploads
persistentVolumeClaim:
claimName: backend-uploads

80
deployment/hotpocket.bthlab/resources/backend/job-migrations.yaml Normal file
View File

@@ -0,0 +1,80 @@
apiVersion: batch/v1
kind: CronJob
metadata:
name: backend-job-migrations
namespace: hotpocket-development
labels:
app.kubernetes.io/app: backend-job-migrations
spec:
concurrencyPolicy: "Forbid"
successfulJobsHistoryLimit: 1
failedJobsHistoryLimit: 1
startingDeadlineSeconds: 180
schedule: "* * * * *"
suspend: true
jobTemplate:
spec:
backoffLimit: 1
completions: 1
parallelism: 1
template:
spec:
containers:
- name: migrations
image: hotpocket-backend:latest
command:
- "./manage.py"
- "migrate"
envFrom:
- configMapRef:
name: backend-base-config
- configMapRef:
name: backend-webapp-config
env:
- name: HOTPOCKET_BACKEND_SECRET_KEY
valueFrom:
secretKeyRef:
name: backend-webapp
key: secret_key
- name: HOTPOCKET_BACKEND_ALLOWED_HOSTS
valueFrom:
secretKeyRef:
name: backend-webapp
key: allowed_hosts
- name: HOTPOCKET_BACKEND_DATABASE_USER
valueFrom:
secretKeyRef:
name: backend-postgres
key: username
- name: HOTPOCKET_BACKEND_DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: backend-postgres
key: password
- name: HOTPOCKET_BACKEND_CELERY_BROKER_URL
valueFrom:
secretKeyRef:
name: backend-celery
key: broker_url
- name: HOTPOCKET_BACKEND_CELERY_RESULT_BACKEND
valueFrom:
secretKeyRef:
name: backend-celery
key: result_backend
volumeMounts:
- mountPath: /dev/shm
name: shm
- mountPath: /srv/run
name: backend-webapp-srv-run
- mountPath: /srv/uploads
name: backend-webapp-srv-uploads
dnsPolicy: ClusterFirst
restartPolicy: Never
volumes:
- name: shm
emptyDir:
medium: Memory
- name: backend-webapp-srv-run
emptyDir: {}
- name: backend-webapp-srv-uploads
emptyDir: {}

19
deployment/hotpocket.bthlab/resources/backend/webapp-ingress.yaml Normal file
View File

@@ -0,0 +1,19 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: backend-webapp-ingress
namespace: hotpocket-development
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: "web"
spec:
rules:
- host: app.hotpocket.bthlab.bthlabs.net
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: backend-webapp-service
port:
name: http

14
deployment/hotpocket.bthlab/resources/backend/webapp-service.yaml Normal file
View File

@@ -0,0 +1,14 @@
apiVersion: v1
kind: Service
metadata:
name: backend-webapp-service
namespace: hotpocket-development
spec:
type: ClusterIP
selector:
app.kubernetes.io/app: backend-webapp
ports:
- name: http
protocol: TCP
port: 8000
targetPort: http

106
deployment/hotpocket.bthlab/resources/backend/webapp.yaml Normal file
View File

@@ -0,0 +1,106 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: backend-webapp
namespace: hotpocket-development
labels:
app.kubernetes.io/app: backend-webapp
spec:
minReadySeconds: 30
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 1
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
type: RollingUpdate
selector:
matchLabels:
app.kubernetes.io/app: backend-webapp
template:
metadata:
labels:
app.kubernetes.io/app: backend-webapp
spec:
containers:
- name: app
image: hotpocket-backend:latest
command:
- "/srv/venv/bin/gunicorn"
- "-c"
- "/srv/lib/gunicorn.conf.py"
- "hotpocket_backend.wsgi:application"
envFrom:
- configMapRef:
name: backend-base-config
- configMapRef:
name: backend-webapp-config
env:
- name: HOTPOCKET_BACKEND_SECRET_KEY
valueFrom:
secretKeyRef:
name: backend-webapp
key: secret_key
- name: HOTPOCKET_BACKEND_ALLOWED_HOSTS
valueFrom:
secretKeyRef:
name: backend-webapp
key: allowed_hosts
- name: HOTPOCKET_BACKEND_DATABASE_USER
valueFrom:
secretKeyRef:
name: backend-postgres
key: username
- name: HOTPOCKET_BACKEND_DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: backend-postgres
key: password
- name: HOTPOCKET_BACKEND_CELERY_BROKER_URL
valueFrom:
secretKeyRef:
name: backend-celery
key: broker_url
- name: HOTPOCKET_BACKEND_CELERY_RESULT_BACKEND
valueFrom:
secretKeyRef:
name: backend-celery
key: result_backend
ports:
- containerPort: 8000
name: http
protocol: TCP
- containerPort: 8001
name: healthcheck
protocol: TCP
livenessProbe:
httpGet:
path: "/"
port: 8001
initialDelaySeconds: 5
periodSeconds: 10
readinessProbe:
httpGet:
path: "/"
port: 8001
initialDelaySeconds: 2
periodSeconds: 5
volumeMounts:
- mountPath: /dev/shm
name: shm
- mountPath: /srv/run
name: backend-webapp-srv-run
- mountPath: /srv/uploads
name: backend-webapp-srv-uploads
dnsPolicy: ClusterFirst
restartPolicy: Always
volumes:
- name: shm
emptyDir:
medium: Memory
- name: backend-webapp-srv-run
emptyDir: {}
- name: backend-webapp-srv-uploads
persistentVolumeClaim:
claimName: backend-uploads

4
deployment/hotpocket.bthlab/resources/namespace.yaml Normal file
View File

@@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: hotpocket-development

26
deployment/hotpocket.bthlab/resources/volumes.yaml Normal file
View File

@@ -0,0 +1,26 @@
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: backend-uploads
namespace: hotpocket-development
spec:
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: "1Gi"
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: backend-celery-beat-run
namespace: hotpocket-development
spec:
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: "1Gi"