deploy into k8s

.editorconfig

@@ -4,7 +4,7 @@ root = true
 charset = utf-8
 end_of_line = lf
 indent_style = space
-indent_size = 4
+indent_size = 2
 trim_trailing_whitespace = true
 insert_final_newline = true
 max_line_length = 100

.gitlab-ci.yml

@@ -1,12 +1,12 @@
 ---
 variables:
-    DOCKER_BUILD_TEST_BUILD_FILE: devops/docker/php/Dockerfile
-    DOCKER_BUILD_TEST_TARGET: test
-    DOCKER_RELEASE_BUILD_FILE: devops/docker/php/Dockerfile
-    DOCKER_RELEASE_BUILD_TARGET: test
+  DOCKER_BUILD_TEST_BUILD_FILE: devops/docker/Dockerfile
+  DOCKER_BUILD_TEST_TARGET: test
+  DOCKER_RELEASE_BUILD_FILE: devops/docker/Dockerfile
+  DOCKER_RELEASE_BUILD_TARGET: test
 
 include:
-    - project: infra/kernel/ci-templates
-      ref: master
-      file: /${CI_PROJECT_PATH}.yml
+  - project: infra/kernel/ci-templates
+    ref: master
+    file: /${CI_PROJECT_PATH}.yml
 ...

Makefile

@@ -1,18 +1,12 @@
 MAKEFLAGS += --silent
 .PHONY: *
 
-restart-local:
-	docker-compose -f docker-compose-local.yml pull
-	docker-compose -f docker-compose-local.yml down
-	docker-compose -f docker-compose-local.yml up -d --build
+apply:
+	kubectl apply --recursive=true --filename=devops/k8s
 
 restart:
 	docker-compose -f docker-compose.yml pull
 	docker-compose -f docker-compose.yml down
-	docker-compose -f docker-compose.yml up -d
+	docker-compose -f docker-compose.yml up -d --build
 
-cleanup:
-	docker system prune --all --force
-	docker system prune --volumes --force
-
-.DEFAULT_GOAL := restart
+.DEFAULT_GOAL := apply

app/config/packages/cache.yaml

@@ -1,4 +1,4 @@
 ---
 framework:
-    cache:
+  cache:
 ...

app/config/packages/dev/web_profiler.yaml

@@ -1,8 +1,8 @@
 ---
 web_profiler:
-    toolbar: true
-    intercept_redirects: false
+  toolbar: true
+  intercept_redirects: false
 
 framework:
-    profiler: { only_exceptions: false }
+  profiler: { only_exceptions: false }
 ...

app/config/packages/framework.yaml

@@ -1,20 +1,20 @@
 ---
 framework:
-    secret: '%env(APP_SECRET)%'
-    http_method_override: false
+  secret: '%env(APP_SECRET)%'
+  http_method_override: false
 
-    session:
-        handler_id: null
-        cookie_secure: auto
-        cookie_samesite: lax
-        storage_factory_id: session.storage.factory.native
+  session:
+    handler_id: null
+    cookie_secure: auto
+    cookie_samesite: lax
+    storage_factory_id: session.storage.factory.native
 
-    php_errors:
-        log: true
+  php_errors:
+    log: true
 
 when@test:
-    framework:
-        test: true
-        session:
-            storage_factory_id: session.storage.factory.mock_file
+  framework:
+    test: true
+    session:
+      storage_factory_id: session.storage.factory.mock_file
 ...

app/config/packages/nelmio_api_doc.yaml

@@ -1,17 +1,17 @@
 ---
 nelmio_api_doc:
-    documentation:
-        servers:
-            - url: https://notification-provider.fedy95.com
-              description: server API over HTTPS
-            - url: http://127.0.0.1:8054
-              description: localhost API over HTTP
-        info:
-            title: notification-provider
-            description: notification-provider api doc
-            version: 0.0.1
-    areas:
-        default:
-            path_patterns:
-                - ^/api/v1
+  documentation:
+    servers:
+      - url: https://notification-provider.fedy95.com
+        description: server API over HTTPS
+      - url: http://127.0.0.1:8054
+        description: localhost API over HTTP
+    info:
+      title: notification-provider
+      description: notification-provider api doc
+      version: 0.0.1
+  areas:
+    default:
+      path_patterns:
+        - ^/api/v1
 ...

app/config/packages/routing.yaml

@@ -1,10 +1,10 @@
 ---
 framework:
-    router:
-        utf8: true
+  router:
+    utf8: true
 
 when@prod:
-    framework:
-        router:
-            strict_requirements: null
+  framework:
+    router:
+      strict_requirements: null
 ...

app/config/packages/test/web_profiler.yaml

@@ -1,8 +1,8 @@
 ---
 web_profiler:
-    toolbar: false
-    intercept_redirects: false
+  toolbar: false
+  intercept_redirects: false
 
 framework:
-    profiler: { collect: false }
+  profiler: { collect: false }
 ...

app/config/packages/twig.yaml

@@ -1,8 +1,8 @@
 ---
 twig:
-    default_path: '%kernel.project_dir%/templates'
+  default_path: '%kernel.project_dir%/templates'
 
 when@test:
-    twig:
-        strict_variables: true
+  twig:
+    strict_variables: true
 ...

app/config/routes.yaml

@@ -1,6 +1,6 @@
 ---
 app.swagger_ui:
-    path: /api/doc/{area}
-    methods: GET
-    defaults: { _controller: nelmio_api_doc.controller.swagger_ui, area: default }
+  path: /api/doc/{area}
+  methods: GET
+  defaults: { _controller: nelmio_api_doc.controller.swagger_ui, area: default }
 ...

app/config/routes/annotations.yaml

@@ -1,9 +1,9 @@
 ---
 controllers:
-    resource: ../../src/Controller/
-    type: annotation
+  resource: ../../src/Controller/
+  type: annotation
 
 kernel:
-    resource: ../../src/Kernel.php
-    type: annotation
+  resource: ../../src/Kernel.php
+  type: annotation
 ...

app/config/routes/dev/web_profiler.yaml

@@ -1,9 +1,9 @@
 ---
 web_profiler_wdt:
-    resource: '@WebProfilerBundle/Resources/config/routing/wdt.xml'
-    prefix: /_wdt
+  resource: '@WebProfilerBundle/Resources/config/routing/wdt.xml'
+  prefix: /_wdt
 
 web_profiler_profiler:
-    resource: '@WebProfilerBundle/Resources/config/routing/profiler.xml'
-    prefix: /_profiler
+  resource: '@WebProfilerBundle/Resources/config/routing/profiler.xml'
+  prefix: /_profiler
 ...

app/config/routes/framework.yaml

@@ -1,6 +1,6 @@
 ---
 when@dev:
-    _errors:
-        resource: '@FrameworkBundle/Resources/config/routing/errors.xml'
-        prefix: /_error
+  _errors:
+    resource: '@FrameworkBundle/Resources/config/routing/errors.xml'
+    prefix: /_error
 ...

app/config/routes/nelmio_api_doc.yaml

@@ -1,11 +1,11 @@
 ---
 app.swagger:
-    path: /api/doc.json
-    methods: GET
-    defaults: { _controller: nelmio_api_doc.controller.swagger }
+  path: /api/doc.json
+  methods: GET
+  defaults: { _controller: nelmio_api_doc.controller.swagger }
 
 app.swagger_ui:
-    path: /api/doc
-    methods: GET
-    defaults: { _controller: nelmio_api_doc.controller.swagger_ui }
+  path: /api/doc
+  methods: GET
+  defaults: { _controller: nelmio_api_doc.controller.swagger_ui }
 ...

app/config/services.yaml

@@ -1,29 +1,29 @@
 ---
 parameters:
-    app.mattermost.url: '%env(resolve:MATTERMOST_URL)%'
-    app.mattermost.uri: '%env(resolve:MATTERMOST_URI)%'
-    app.mattermost.channel_name: '%env(resolve:MATTERMOST_CHANNEL_NAME)%'
-    app.mattermost.bot.name: '%env(resolve:MATTERMOST_BOT_NAME)%'
-    app.mattermost.bot.icon: '%env(resolve:MATTERMOST_BOT_ICON)%'
+  app.mattermost.url: '%env(resolve:MATTERMOST_URL)%'
+  app.mattermost.uri: '%env(resolve:MATTERMOST_URI)%'
+  app.mattermost.channel_name: '%env(resolve:MATTERMOST_CHANNEL_NAME)%'
+  app.mattermost.bot.name: '%env(resolve:MATTERMOST_BOT_NAME)%'
+  app.mattermost.bot.icon: '%env(resolve:MATTERMOST_BOT_ICON)%'
 
 services:
-    _defaults:
-        autowire: true
-        autoconfigure: true
+  _defaults:
+    autowire: true
+    autoconfigure: true
 
-    App\:
-        resource: '../src/'
-        exclude:
-            - '../src/DependencyInjection/'
-            - '../src/Entity/'
-            - '../src/Kernel.php'
-            - '../src/Tests/'
+  App\:
+    resource: '../src/'
+    exclude:
+      - '../src/DependencyInjection/'
+      - '../src/Entity/'
+      - '../src/Kernel.php'
+      - '../src/Tests/'
 
-    App\Service\Mattermost\MattermostService:
-        arguments:
-            $mattermostUrl: '%app.mattermost.url%'
-            $mattermostUri: '%app.mattermost.uri%'
-            $channelName: '%app.mattermost.channel_name%'
-            $botName: '%app.mattermost.bot.name%'
-            $botIcon: '%app.mattermost.bot.icon%'
+  App\Service\Mattermost\MattermostService:
+    arguments:
+      $mattermostUrl: '%app.mattermost.url%'
+      $mattermostUri: '%app.mattermost.uri%'
+      $channelName: '%app.mattermost.channel_name%'
+      $botName: '%app.mattermost.bot.name%'
+      $botIcon: '%app.mattermost.bot.icon%'
 ...

devops/docker/php/Dockerfile → devops/docker/Dockerfile

@@ -2,9 +2,8 @@ FROM php:8.0-fpm-alpine3.14 AS base
 RUN apk update && apk upgrade && \
     apk add --no-cache $PHPIZE_DEPS libzip-dev composer && \
     docker-php-ext-install zip pcntl
-
-RUN mkdir -p /var/www/localhost
-WORKDIR /var/www/localhost
+RUN mkdir -p /app
+WORKDIR /app
 
 
 FROM base AS pre_test
@@ -20,7 +19,8 @@ COPY devops/docker/php/xdebug.ini /usr/local/etc/php/conf.d/xdebug.ini
 FROM pre_test AS test
 COPY ./app .
 COPY env/app/app.env-dist .env
-RUN composer install --no-progress --optimize-autoloader --no-interaction
+RUN chown -R www-data:www-data /app/* && \
+    composer install --no-progress --optimize-autoloader --no-interaction
 
 
 FROM pre_test AS local

devops/k8s/0_ConfigMap/.gitignore

@@ -0,0 +1 @@
+app-dev.yml

devops/k8s/0_ConfigMap/nginx-dev.yaml

@@ -0,0 +1,55 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: notification-provider-nginx-configmap0-dev
+  namespace: default
+  labels:
+    tier: notification-provider
+    component: nginx
+    environment: dev
+data:
+  default.conf: |
+    server {
+        root /var/www/localhost/public;
+        error_log /var/log/nginx/localhost-error.log;
+        access_log /var/log/nginx/localhost-access.log;
+
+        location / {
+          try_files $uri /index.php$is_args$args;
+        }
+
+        location ~ \.php {
+          fastcgi_split_path_info ^(.+\.php)(/.+)$;
+          fastcgi_pass 127.0.0.1:9000;
+          include fastcgi_params;
+          fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+          fastcgi_param DOCUMENT_ROOT $document_root;
+          internal;
+        }
+        location ~ \.php$ {
+          return 404;
+        }
+    }
+  nginx.conf: |
+    user  nginx;
+    worker_processes  auto;
+    error_log  /var/log/nginx/error.log warn;
+    pid        /var/run/nginx.pid;
+    events {
+        worker_connections  1024;
+    }
+    http {
+        include       /etc/nginx/mime.types;
+        default_type  application/octet-stream;
+        log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                          '$status $body_bytes_sent "$http_referer" '
+                          '"$http_user_agent" "$http_x_forwarded_for"';
+        access_log  /var/log/nginx/access.log  main;
+        sendfile        on;
+        #tcp_nopush     on;
+        keepalive_timeout  65;
+        #gzip  on;
+        include /etc/nginx/conf.d/default.conf;
+    }
+...

devops/k8s/0_Secret/.gitignore

@@ -0,0 +1 @@
+gitlab-docker.yaml

devops/k8s/1_Service/nginx.yaml

@@ -0,0 +1,22 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: notification-provider-nginx-service-dev
+  namespace: default
+  labels:
+    tier: notification-provider
+    component: nginx
+    environment: dev
+spec:
+  selector:
+    app: notification-provider
+    tier: notification-provider
+  type: NodePort
+  ports:
+    - name: http
+      protocol: TCP
+      port: 80
+      targetPort: 80
+      nodePort: 30036
+...

devops/k8s/2_Deployment/notification-provider.yaml

@@ -0,0 +1,87 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: notification-provider
+  namespace: default
+  labels:
+    tier: notification-provider
+    environment: dev
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: notification-provider
+      tier: notification-provider
+  strategy:
+    rollingUpdate:
+      maxSurge: 1
+      maxUnavailable: 0
+    type: RollingUpdate
+  template:
+    metadata:
+      labels:
+        app: notification-provider
+        tier: notification-provider
+    spec:
+      volumes:
+        - name: shared-files
+          emptyDir: { }
+        - name: notification-provider-app-configmap0-dev
+          configMap:
+            defaultMode: 0664
+            name: notification-provider-app-configmap0-dev
+        - name: notification-provider-nginx-configmap0-dev
+          configMap:
+            defaultMode: 0664
+            name: notification-provider-nginx-configmap0-dev
+      containers:
+        - name: php
+          image: gitlab-registry.fedy95.com:5002/dev/notification-provider:latest
+          resources:
+            requests:
+              cpu: "125m"
+              memory: "64Mi"
+            limits:
+              cpu: "250m"
+              memory: "128Mi"
+          volumeMounts:
+            - name: shared-files
+              mountPath: /var/www/localhost
+            - name: notification-provider-app-configmap0-dev
+              mountPath: /var/www/localhost/.env
+              subPath: .env
+          lifecycle:
+            postStart:
+              exec:
+                command:
+                  - "/bin/sh"
+                  - "-c"
+                  - >
+                    cp -rp /app/* /var/www/localhost
+
+        - name: nginx
+          image: nginx:1.21-alpine
+          resources:
+            requests:
+              cpu: "125m"
+              memory: "64Mi"
+            limits:
+              cpu: "250m"
+              memory: "128Mi"
+          volumeMounts:
+            - name: shared-files
+              mountPath: /var/www/localhost
+            - name: notification-provider-app-configmap0-dev
+              mountPath: /var/www/localhost/.env
+              subPath: .env
+            - name: notification-provider-nginx-configmap0-dev
+              mountPath: /etc/nginx/nginx.conf
+              subPath: nginx.conf
+            - name: notification-provider-nginx-configmap0-dev
+              mountPath: /etc/nginx/conf.d/default.conf
+              subPath: default.conf
+      restartPolicy: Always
+      imagePullSecrets:
+        - name: gitlab-docker
+...

docker-compose-local.yml

@@ -1,40 +0,0 @@
----
-version: "3.4"
-
-networks:
-    monitoring_monitor-net:
-        external: true
-
-services:
-    app:
-        build:
-            context: .
-            dockerfile: devops/docker/php/Dockerfile
-            target: local
-        restart: always
-
-        environment:
-            COMPOSER_MEMORY_LIMIT: "-1"
-            PHP_IDE_CONFIG: "serverName=notification-provider_app"
-        volumes:
-            - ${HOME}/.composer:${HOME}/.composer
-            - ./app:/var/www/localhost
-        expose:
-            - "9000"
-        networks:
-            - monitoring_monitor-net
-
-    nginx:
-        image: nginx:1.21-alpine
-        restart: always
-
-        depends_on:
-            - app
-        volumes:
-            - ./app:/var/www/localhost
-            - ./devops/docker/nginx/etc/nginx/conf.d/default.conf:/etc/nginx/conf.d/default.conf
-        ports:
-            - "8054:80"
-        networks:
-            - monitoring_monitor-net
-...

docker-compose.yml

@@ -1,25 +1,40 @@
 ---
 version: "3.4"
 
+networks:
+  monitoring_monitor-net:
+    external: true
+
 services:
-    app:
-        image: gitlab-registry.fedy95.com:5002/dev/notification-provider:latest
-        restart: always
+  app:
+    build:
+      context: .
+      dockerfile: devops/docker/Dockerfile
+      target: local
+    restart: always
 
-        volumes:
-            - ./env/app/app.env:/var/www/localhost/.env
-        expose:
-            - "9000"
+    environment:
+      COMPOSER_MEMORY_LIMIT: "-1"
+      PHP_IDE_CONFIG: "serverName=notification-provider_app"
+    volumes:
+      - ${HOME}/.composer:${HOME}/.composer
+      - ./app:/var/www/localhost
+    expose:
+      - "9000"
+    networks:
+      - monitoring_monitor-net
 
-    nginx:
-        image: nginx:1.21-alpine
-        restart: always
+  nginx:
+    image: nginx:1.21-alpine
+    restart: always
 
-        depends_on:
-            - app
-        volumes:
-            - ./app:/var/www/localhost
-            - ./devops/docker/nginx/etc/nginx/conf.d/default.conf:/etc/nginx/conf.d/default.conf
-        ports:
-            - "8054:80"
+    depends_on:
+      - app
+    volumes:
+      - ./app:/var/www/localhost
+      - ./devops/docker/nginx/etc/nginx/conf.d/default.conf:/etc/nginx/conf.d/default.conf
+    ports:
+      - "8054:80"
+    networks:
+      - monitoring_monitor-net
 ...