From 51e93d1cefd0994877745050c96ba04186d6c591 Mon Sep 17 00:00:00 2001 From: Jun-te Kim Date: Tue, 6 Jan 2026 21:53:44 +0000 Subject: [PATCH] added stripe to invoice --- .github/workflows/stripe-to-invoice.yml | 81 +++++++ stripe_to_invoice/deployment/Dockerfile | 39 +++ stripe_to_invoice/deployment/TODO.md | 170 +++++++++++++ stripe_to_invoice/deployment/deployment.yaml | 238 ++++++------------- 4 files changed, 363 insertions(+), 165 deletions(-) create mode 100644 .github/workflows/stripe-to-invoice.yml create mode 100644 stripe_to_invoice/deployment/TODO.md diff --git a/.github/workflows/stripe-to-invoice.yml b/.github/workflows/stripe-to-invoice.yml new file mode 100644 index 0000000..f1bda12 --- /dev/null +++ b/.github/workflows/stripe-to-invoice.yml @@ -0,0 +1,81 @@ +name: Build & Deploy stripe-to-invoice + +on: + push: + branches: + - main + - feature/** + - release/** + tags: + - "v*" + +jobs: + build: + runs-on: ubuntu-22.04 + steps: + - uses: actions/checkout@v4 + + - name: Inject slug variables + uses: rlespinasse/github-slug-action@v4 + + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_TOKEN }} + + - name: Build image + run: | + docker build \ + -f stripe_to_invoice/deployment/Dockerfile \ + -t docker.io/kimjunte/stripe_to_invoice:$GITHUB_REF_SLUG \ + . + + - name: Push image + run: | + docker push docker.io/kimjunte/stripe_to_invoice:$GITHUB_REF_SLUG + + deploy: + runs-on: mealcraft-runners + needs: build + + steps: + - uses: actions/checkout@v4 + + - name: Install kubectl + run: | + sudo apt-get update + sudo apt-get install -y curl ca-certificates gettext + curl -LO "https://dl.k8s.io/release/$(curl -sL https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" + sudo install -m 0755 kubectl /usr/local/bin/kubectl + + - name: Configure kubeconfig + run: | + KUBE_HOST="https://$KUBERNETES_SERVICE_HOST:$KUBERNETES_SERVICE_PORT" + SA_TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token) + CA_CERT=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt + NAMESPACE=$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace) + + kubectl config set-cluster microk8s --server="$KUBE_HOST" --certificate-authority="$CA_CERT" + kubectl config set-credentials runner --token="$SA_TOKEN" + kubectl config set-context runner-context --cluster=microk8s --user=runner --namespace="$NAMESPACE" + kubectl config use-context runner-context + + - name: Inject slug variables + uses: rlespinasse/github-slug-action@v4 + + - name: Set environment + run: | + if [[ "$GITHUB_REF" == refs/heads/release/* || "$GITHUB_REF" == refs/tags/* ]]; then + echo "NAMESPACE=default" >> $GITHUB_ENV + echo "DB_ENV=prod" >> $GITHUB_ENV + else + echo "NAMESPACE=dev" >> $GITHUB_ENV + echo "DB_ENV=dev" >> $GITHUB_ENV + fi + + - name: Deploy + run: | + export IMAGE="docker.io/kimjunte/stripe_to_invoice:$GITHUB_REF_SLUG" + export NAMESPACE DB_ENV + envsubst < stripe_to_invoice/deployment/deployment.yaml | kubectl apply -f - diff --git a/stripe_to_invoice/deployment/Dockerfile b/stripe_to_invoice/deployment/Dockerfile index e69de29..e3e94b0 100644 --- a/stripe_to_invoice/deployment/Dockerfile +++ b/stripe_to_invoice/deployment/Dockerfile @@ -0,0 +1,39 @@ +# ---------- Base ---------- +FROM node:20-alpine AS base +WORKDIR /app +ENV NODE_ENV=production + +# ---------- Dependencies ---------- +FROM base AS deps +RUN apk add --no-cache libc6-compat +COPY stripe_to_invoice/package.json stripe_to_invoice/package-lock.json ./ +RUN npm ci + +# ---------- Builder ---------- +FROM base AS builder +WORKDIR /app +COPY --from=deps /app/node_modules ./node_modules +COPY stripe_to_invoice . +ENV NEXT_TELEMETRY_DISABLED=1 +RUN npm run build + +# ---------- Runner ---------- +FROM node:20-alpine AS runner +WORKDIR /app + +# Security +RUN addgroup -g 1001 nodejs \ + && adduser -u 1001 -G nodejs -s /bin/sh -D nextjs + +ENV NODE_ENV=production +ENV NEXT_TELEMETRY_DISABLED=1 + +# Standalone output +COPY --from=builder /app/public ./public +COPY --from=builder /app/.next/standalone ./ +COPY --from=builder /app/.next/static ./.next/static + +USER nextjs +EXPOSE 3000 + +CMD ["node", "server.js"] diff --git a/stripe_to_invoice/deployment/TODO.md b/stripe_to_invoice/deployment/TODO.md new file mode 100644 index 0000000..78c9611 --- /dev/null +++ b/stripe_to_invoice/deployment/TODO.md @@ -0,0 +1,170 @@ +# kind: Deployment +# apiVersion: apps/v1 +# metadata: +# namespace: ${NAMESPACE} +# name: portfolio-page +# labels: +# app: portfolio-page +# spec: +# replicas: 1 +# selector: +# matchLabels: +# app: portfolio-page +# template: +# metadata: +# labels: +# app: portfolio-page +# spec: +# containers: +# - name: portfolio-page +# image: kimjunte/portfolio_page:$GITHUB_REF_SLUG +# imagePullPolicy: Always +# ports: +# - name: portfolioport +# containerPort: 3000 +# imagePullSecrets: +# - name: registrypullsecret +# # This is a file I used to push juntekim.com as deployment while keeping a different namespace for prod and staging + +# --- +# apiVersion: v1 +# kind: Service +# metadata: +# name: portfolio-page +# namespace: ${NAMESPACE} +# spec: +# ports: +# - protocol: TCP +# name: portfolioport +# port: 80 +# targetPort: 3000 +# selector: +# app: portfolio-page +# --- +# apiVersion: traefik.io/v1alpha1 +# kind: IngressRoute +# metadata: +# name: juntekim-portfolio-page +# namespace: ${NAMESPACE} +# spec: +# entryPoints: +# - websecure +# routes: +# - match: "Host(`${HOSTNAME}`) || Host(`www.${HOSTNAME}`)" +# kind: Rule +# services: +# - name: portfolio-page +# port: 80 +# passHostHeader: false +# tls: +# certResolver: myresolver +# domains: +# - main: ${HOSTNAME} +# for the beta version lets use stripe-to-invoice-dev.juntekim.com for now and deploy things on feature and main branch +# only once it goes to production from a release branch we'll make this go to the same name space as production database which default as well - however the postgres data +# will be postgres-prod, with different password and user name + +# the workflow for the deployment the portfolio page looks as follows including pushing to the docker registry +# +# name: Build juntekim.com + +# on: +# push: +# tags: +# - "*" +# branches: +# - "**" + +# jobs: +# Push-to-docker-hub: +# runs-on: ubuntu-22.04 + +# steps: +# - uses: actions/checkout@v3 + +# - name: Inject slug/short variables +# uses: rlespinasse/github-slug-action@v4 + +# - name: Login to Docker Hub +# uses: docker/login-action@v3 +# with: +# username: ${{ secrets.DOCKER_HUB_USERNAME }} +# password: ${{ secrets.DOCKER_HUB_TOKEN }} + +# - name: Build Docker Image +# run: | +# docker build \ +# -f juntekim_frontend/deployment/Dockerfile \ +# -t docker.io/kimjunte/portfolio_page:$GITHUB_REF_SLUG \ +# juntekim_frontend + +# - name: Push to Docker Hub +# run: | +# docker push docker.io/kimjunte/portfolio_page:$GITHUB_REF_SLUG + + +# run-on-k8s: +# runs-on: mealcraft-runners # <-- your ARC scale set label +# needs: Push-to-docker-hub +# steps: +# - uses: actions/checkout@v4 + +# # Install kubectl inside containerMode's default Ubuntu +# - name: Install kubectl +# run: | +# sudo apt-get update +# sudo apt-get install -y curl ca-certificates +# curl -LO "https://dl.k8s.io/release/$(curl -sL https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" +# sudo install -m 0755 kubectl /usr/local/bin/kubectl + +# - name: Install envsubst +# run: | +# sudo apt-get update +# sudo apt-get install -y gettext # <---- envsubst lives here + +# # Configure kubeconfig from ARC's service account +# - name: Configure kubeconfig +# run: | +# KUBE_HOST="https://$KUBERNETES_SERVICE_HOST:$KUBERNETES_SERVICE_PORT" +# SA_TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token) +# CA_CERT=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt +# NAMESPACE=$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace) + +# kubectl config set-cluster microk8s --server="$KUBE_HOST" --certificate-authority="$CA_CERT" +# kubectl config set-credentials runner --token="$SA_TOKEN" +# kubectl config set-context runner-context --cluster=microk8s --user=runner --namespace="$NAMESPACE" +# kubectl config use-context runner-context + +# - name: Inject slug variables +# uses: rlespinasse/github-slug-action@v4 + +# - name: Set namespace +# id: ns +# run: | +# if [[ $GITHUB_REF == refs/tags/* ]]; then +# echo "NAMESPACE=default" >> $GITHUB_ENV +# else +# echo "NAMESPACE=staging" >> $GITHUB_ENV +# fi + +# - name: Set hostname +# run: | +# if [ "$NAMESPACE" = "staging" ]; then +# echo "HOSTNAME=staging.juntekim.com" >> $GITHUB_ENV +# else +# echo "HOSTNAME=juntekim.com" >> $GITHUB_ENV +# fi + +# - name: Deploy to Kubernetes +# run: | +# export IMAGE="docker.io/kimjunte/portfolio_page:$GITHUB_REF_SLUG" +# export NAMESPACE HOSTNAME + +# envsubst < juntekim_frontend/deployment/deployment.yml | kubectl apply -f - +# envsubst < juntekim_frontend/deployment/service.yml | kubectl apply -f - +# envsubst < juntekim_frontend/deployment/ingressroute.yml | kubectl apply -f - + +# 1) First make me a Dockerfile for the nextjs app that i have under stripe_to_invoice that is produciton ready +# 2) make me a depoloyment file which i'll have under stripe_to_invoice/deployment/deployment.yaml +# 3) Make me the github workflow to run this in feature/* or main ( in dev) and releases in prod ( which just uses a different database) + diff --git a/stripe_to_invoice/deployment/deployment.yaml b/stripe_to_invoice/deployment/deployment.yaml index 78c9611..3544346 100644 --- a/stripe_to_invoice/deployment/deployment.yaml +++ b/stripe_to_invoice/deployment/deployment.yaml @@ -1,170 +1,78 @@ -# kind: Deployment -# apiVersion: apps/v1 -# metadata: -# namespace: ${NAMESPACE} -# name: portfolio-page -# labels: -# app: portfolio-page -# spec: -# replicas: 1 -# selector: -# matchLabels: -# app: portfolio-page -# template: -# metadata: -# labels: -# app: portfolio-page -# spec: -# containers: -# - name: portfolio-page -# image: kimjunte/portfolio_page:$GITHUB_REF_SLUG -# imagePullPolicy: Always -# ports: -# - name: portfolioport -# containerPort: 3000 -# imagePullSecrets: -# - name: registrypullsecret -# # This is a file I used to push juntekim.com as deployment while keeping a different namespace for prod and staging +apiVersion: apps/v1 +kind: Deployment +metadata: + name: stripe-to-invoice + namespace: ${NAMESPACE} + labels: + app: stripe-to-invoice +spec: + replicas: 1 + selector: + matchLabels: + app: stripe-to-invoice + template: + metadata: + labels: + app: stripe-to-invoice + spec: + containers: + - name: stripe-to-invoice + image: ${IMAGE} + imagePullPolicy: Always + ports: + - name: http + containerPort: 3000 + env: + - name: NODE_ENV + value: "production" -# --- -# apiVersion: v1 -# kind: Service -# metadata: -# name: portfolio-page -# namespace: ${NAMESPACE} -# spec: -# ports: -# - protocol: TCP -# name: portfolioport -# port: 80 -# targetPort: 3000 -# selector: -# app: portfolio-page -# --- -# apiVersion: traefik.io/v1alpha1 -# kind: IngressRoute -# metadata: -# name: juntekim-portfolio-page -# namespace: ${NAMESPACE} -# spec: -# entryPoints: -# - websecure -# routes: -# - match: "Host(`${HOSTNAME}`) || Host(`www.${HOSTNAME}`)" -# kind: Rule -# services: -# - name: portfolio-page -# port: 80 -# passHostHeader: false -# tls: -# certResolver: myresolver -# domains: -# - main: ${HOSTNAME} -# for the beta version lets use stripe-to-invoice-dev.juntekim.com for now and deploy things on feature and main branch -# only once it goes to production from a release branch we'll make this go to the same name space as production database which default as well - however the postgres data -# will be postgres-prod, with different password and user name + # ---- Database ---- + - name: DATABASE_URL + valueFrom: + secretKeyRef: + name: postgres-${DB_ENV} + key: DATABASE_URL -# the workflow for the deployment the portfolio page looks as follows including pushing to the docker registry -# -# name: Build juntekim.com + # ---- Stripe ---- + - name: STRIPE_SECRET_KEY + valueFrom: + secretKeyRef: + name: stripe-secrets + key: STRIPE_SECRET_KEY -# on: -# push: -# tags: -# - "*" -# branches: -# - "**" + imagePullSecrets: + - name: registrypullsecret -# jobs: -# Push-to-docker-hub: -# runs-on: ubuntu-22.04 - -# steps: -# - uses: actions/checkout@v3 - -# - name: Inject slug/short variables -# uses: rlespinasse/github-slug-action@v4 - -# - name: Login to Docker Hub -# uses: docker/login-action@v3 -# with: -# username: ${{ secrets.DOCKER_HUB_USERNAME }} -# password: ${{ secrets.DOCKER_HUB_TOKEN }} - -# - name: Build Docker Image -# run: | -# docker build \ -# -f juntekim_frontend/deployment/Dockerfile \ -# -t docker.io/kimjunte/portfolio_page:$GITHUB_REF_SLUG \ -# juntekim_frontend - -# - name: Push to Docker Hub -# run: | -# docker push docker.io/kimjunte/portfolio_page:$GITHUB_REF_SLUG - - -# run-on-k8s: -# runs-on: mealcraft-runners # <-- your ARC scale set label -# needs: Push-to-docker-hub -# steps: -# - uses: actions/checkout@v4 - -# # Install kubectl inside containerMode's default Ubuntu -# - name: Install kubectl -# run: | -# sudo apt-get update -# sudo apt-get install -y curl ca-certificates -# curl -LO "https://dl.k8s.io/release/$(curl -sL https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" -# sudo install -m 0755 kubectl /usr/local/bin/kubectl - -# - name: Install envsubst -# run: | -# sudo apt-get update -# sudo apt-get install -y gettext # <---- envsubst lives here - -# # Configure kubeconfig from ARC's service account -# - name: Configure kubeconfig -# run: | -# KUBE_HOST="https://$KUBERNETES_SERVICE_HOST:$KUBERNETES_SERVICE_PORT" -# SA_TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token) -# CA_CERT=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt -# NAMESPACE=$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace) - -# kubectl config set-cluster microk8s --server="$KUBE_HOST" --certificate-authority="$CA_CERT" -# kubectl config set-credentials runner --token="$SA_TOKEN" -# kubectl config set-context runner-context --cluster=microk8s --user=runner --namespace="$NAMESPACE" -# kubectl config use-context runner-context - -# - name: Inject slug variables -# uses: rlespinasse/github-slug-action@v4 - -# - name: Set namespace -# id: ns -# run: | -# if [[ $GITHUB_REF == refs/tags/* ]]; then -# echo "NAMESPACE=default" >> $GITHUB_ENV -# else -# echo "NAMESPACE=staging" >> $GITHUB_ENV -# fi - -# - name: Set hostname -# run: | -# if [ "$NAMESPACE" = "staging" ]; then -# echo "HOSTNAME=staging.juntekim.com" >> $GITHUB_ENV -# else -# echo "HOSTNAME=juntekim.com" >> $GITHUB_ENV -# fi - -# - name: Deploy to Kubernetes -# run: | -# export IMAGE="docker.io/kimjunte/portfolio_page:$GITHUB_REF_SLUG" -# export NAMESPACE HOSTNAME - -# envsubst < juntekim_frontend/deployment/deployment.yml | kubectl apply -f - -# envsubst < juntekim_frontend/deployment/service.yml | kubectl apply -f - -# envsubst < juntekim_frontend/deployment/ingressroute.yml | kubectl apply -f - - -# 1) First make me a Dockerfile for the nextjs app that i have under stripe_to_invoice that is produciton ready -# 2) make me a depoloyment file which i'll have under stripe_to_invoice/deployment/deployment.yaml -# 3) Make me the github workflow to run this in feature/* or main ( in dev) and releases in prod ( which just uses a different database) +--- +apiVersion: v1 +kind: Service +metadata: + name: stripe-to-invoice + namespace: ${NAMESPACE} +spec: + selector: + app: stripe-to-invoice + ports: + - name: http + protocol: TCP + port: 80 + targetPort: 3000 +--- +apiVersion: traefik.io/v1alpha1 +kind: IngressRoute +metadata: + name: stripe-to-invoice + namespace: ${NAMESPACE} +spec: + entryPoints: + - websecure + routes: + - match: Host(`${HOSTNAME}`) + kind: Rule + services: + - name: stripe-to-invoice + port: 80 + passHostHeader: true + tls: + certResolver: myresolver