kimjunte/juntekim.com
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 13

added stripe to invoice

Browse source
This commit is contained in:
Jun-te Kim 2026-01-06 21:53:44 +00:00
parent fe50b3dac9
commit 51e93d1cef
4 changed files with 363 additions and 165 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

81
.github/workflows/stripe-to-invoice.yml vendored Normal file
View file

@ -0,0 +1,81 @@
name: Build & Deploy stripe-to-invoice
on:
push:
branches:
- main
- feature/**
- release/**
tags:
- "v*"
jobs:
build:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- name: Inject slug variables
uses: rlespinasse/github-slug-action@v4
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_TOKEN }}
- name: Build image
run: |
docker build \
-f stripe_to_invoice/deployment/Dockerfile \
-t docker.io/kimjunte/stripe_to_invoice:$GITHUB_REF_SLUG \
.
- name: Push image
run: |
docker push docker.io/kimjunte/stripe_to_invoice:$GITHUB_REF_SLUG
deploy:
runs-on: mealcraft-runners
needs: build
steps:
- uses: actions/checkout@v4
- name: Install kubectl
run: |
sudo apt-get update
sudo apt-get install -y curl ca-certificates gettext
curl -LO "https://dl.k8s.io/release/$(curl -sL https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
sudo install -m 0755 kubectl /usr/local/bin/kubectl
- name: Configure kubeconfig
run: |
KUBE_HOST="https://$KUBERNETES_SERVICE_HOST:$KUBERNETES_SERVICE_PORT"
SA_TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)
CA_CERT=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt
NAMESPACE=$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace)
kubectl config set-cluster microk8s --server="$KUBE_HOST" --certificate-authority="$CA_CERT"
kubectl config set-credentials runner --token="$SA_TOKEN"
kubectl config set-context runner-context --cluster=microk8s --user=runner --namespace="$NAMESPACE"
kubectl config use-context runner-context
- name: Inject slug variables
uses: rlespinasse/github-slug-action@v4
- name: Set environment
run: |
if [[ "$GITHUB_REF" == refs/heads/release/* || "$GITHUB_REF" == refs/tags/* ]]; then
echo "NAMESPACE=default" >> $GITHUB_ENV
echo "DB_ENV=prod" >> $GITHUB_ENV
else
echo "NAMESPACE=dev" >> $GITHUB_ENV
echo "DB_ENV=dev" >> $GITHUB_ENV
fi
- name: Deploy
run: |
export IMAGE="docker.io/kimjunte/stripe_to_invoice:$GITHUB_REF_SLUG"
export NAMESPACE DB_ENV
envsubst < stripe_to_invoice/deployment/deployment.yaml | kubectl apply -f -

39
stripe_to_invoice/deployment/Dockerfile
View file

@ -0,0 +1,39 @@
# ---------- Base ----------
FROM node:20-alpine AS base
WORKDIR /app
ENV NODE_ENV=production
# ---------- Dependencies ----------
FROM base AS deps
RUN apk add --no-cache libc6-compat
COPY stripe_to_invoice/package.json stripe_to_invoice/package-lock.json ./
RUN npm ci
# ---------- Builder ----------
FROM base AS builder
WORKDIR /app
COPY --from=deps /app/node_modules ./node_modules
COPY stripe_to_invoice .
ENV NEXT_TELEMETRY_DISABLED=1
RUN npm run build
# ---------- Runner ----------
FROM node:20-alpine AS runner
WORKDIR /app
# Security
RUN addgroup -g 1001 nodejs \
&& adduser -u 1001 -G nodejs -s /bin/sh -D nextjs
ENV NODE_ENV=production
ENV NEXT_TELEMETRY_DISABLED=1
# Standalone output
COPY --from=builder /app/public ./public
COPY --from=builder /app/.next/standalone ./
COPY --from=builder /app/.next/static ./.next/static
USER nextjs
EXPOSE 3000
CMD ["node", "server.js"]

170
stripe_to_invoice/deployment/TODO.md Normal file
View file

@ -0,0 +1,170 @@
# kind: Deployment
# apiVersion: apps/v1
# metadata:
# namespace: ${NAMESPACE}
# name: portfolio-page
# labels:
# app: portfolio-page
# spec:
# replicas: 1
# selector:
# matchLabels:
# app: portfolio-page
# template:
# metadata:
# labels:
# app: portfolio-page
# spec:
# containers:
# - name: portfolio-page
# image: kimjunte/portfolio_page:$GITHUB_REF_SLUG
# imagePullPolicy: Always
# ports:
# - name: portfolioport
# containerPort: 3000
# imagePullSecrets:
# - name: registrypullsecret
# # This is a file I used to push juntekim.com as deployment while keeping a different namespace for prod and staging
# ---
# apiVersion: v1
# kind: Service
# metadata:
# name: portfolio-page
# namespace: ${NAMESPACE}
# spec:
# ports:
# - protocol: TCP
# name: portfolioport
# port: 80
# targetPort: 3000
# selector:
# app: portfolio-page
# ---
# apiVersion: traefik.io/v1alpha1
# kind: IngressRoute
# metadata:
# name: juntekim-portfolio-page
# namespace: ${NAMESPACE}
# spec:
# entryPoints:
# - websecure
# routes:
# - match: "Host(`${HOSTNAME}`) || Host(`www.${HOSTNAME}`)"
# kind: Rule
# services:
# - name: portfolio-page
# port: 80
# passHostHeader: false
# tls:
# certResolver: myresolver
# domains:
# - main: ${HOSTNAME}
# for the beta version lets use stripe-to-invoice-dev.juntekim.com for now and deploy things on feature and main branch
# only once it goes to production from a release branch we'll make this go to the same name space as production database which default as well - however the postgres data
# will be postgres-prod, with different password and user name
# the workflow for the deployment the portfolio page looks as follows including pushing to the docker registry
#
# name: Build juntekim.com
# on:
# push:
# tags:
# - "*"
# branches:
# - "**"
# jobs:
# Push-to-docker-hub:
# runs-on: ubuntu-22.04
# steps:
# - uses: actions/checkout@v3
# - name: Inject slug/short variables
# uses: rlespinasse/github-slug-action@v4
# - name: Login to Docker Hub
# uses: docker/login-action@v3
# with:
# username: ${{ secrets.DOCKER_HUB_USERNAME }}
# password: ${{ secrets.DOCKER_HUB_TOKEN }}
# - name: Build Docker Image
# run: |
# docker build \
# -f juntekim_frontend/deployment/Dockerfile \
# -t docker.io/kimjunte/portfolio_page:$GITHUB_REF_SLUG \
# juntekim_frontend
# - name: Push to Docker Hub
# run: |
# docker push docker.io/kimjunte/portfolio_page:$GITHUB_REF_SLUG
# run-on-k8s:
# runs-on: mealcraft-runners # <-- your ARC scale set label
# needs: Push-to-docker-hub
# steps:
# - uses: actions/checkout@v4
# # Install kubectl inside containerMode's default Ubuntu
# - name: Install kubectl
# run: |
# sudo apt-get update
# sudo apt-get install -y curl ca-certificates
# curl -LO "https://dl.k8s.io/release/$(curl -sL https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
# sudo install -m 0755 kubectl /usr/local/bin/kubectl
# - name: Install envsubst
# run: |
# sudo apt-get update
# sudo apt-get install -y gettext # <---- envsubst lives here
# # Configure kubeconfig from ARC's service account
# - name: Configure kubeconfig
# run: |
# KUBE_HOST="https://$KUBERNETES_SERVICE_HOST:$KUBERNETES_SERVICE_PORT"
# SA_TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)
# CA_CERT=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt
# NAMESPACE=$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace)
# kubectl config set-cluster microk8s --server="$KUBE_HOST" --certificate-authority="$CA_CERT"
# kubectl config set-credentials runner --token="$SA_TOKEN"
# kubectl config set-context runner-context --cluster=microk8s --user=runner --namespace="$NAMESPACE"
# kubectl config use-context runner-context
# - name: Inject slug variables
# uses: rlespinasse/github-slug-action@v4
# - name: Set namespace
# id: ns
# run: |
# if [[ $GITHUB_REF == refs/tags/* ]]; then
# echo "NAMESPACE=default" >> $GITHUB_ENV
# else
# echo "NAMESPACE=staging" >> $GITHUB_ENV
# fi
# - name: Set hostname
# run: |
# if [ "$NAMESPACE" = "staging" ]; then
# echo "HOSTNAME=staging.juntekim.com" >> $GITHUB_ENV
# else
# echo "HOSTNAME=juntekim.com" >> $GITHUB_ENV
# fi
# - name: Deploy to Kubernetes
# run: |
# export IMAGE="docker.io/kimjunte/portfolio_page:$GITHUB_REF_SLUG"
# export NAMESPACE HOSTNAME
# envsubst < juntekim_frontend/deployment/deployment.yml | kubectl apply -f -
# envsubst < juntekim_frontend/deployment/service.yml | kubectl apply -f -
# envsubst < juntekim_frontend/deployment/ingressroute.yml | kubectl apply -f -
# 1) First make me a Dockerfile for the nextjs app that i have under stripe_to_invoice that is produciton ready
# 2) make me a depoloyment file which i'll have under stripe_to_invoice/deployment/deployment.yaml
# 3) Make me the github workflow to run this in feature/* or main ( in dev) and releases in prod ( which just uses a different database)

238
stripe_to_invoice/deployment/deployment.yaml
View file

@ -1,170 +1,78 @@
# kind: Deployment
# apiVersion: apps/v1
# metadata:
# namespace: ${NAMESPACE}
# name: portfolio-page
# labels:
# app: portfolio-page
# spec:
# replicas: 1
# selector:
# matchLabels:
# app: portfolio-page
# template:
# metadata:
# labels:
# app: portfolio-page
# spec:
# containers:
# - name: portfolio-page
# image: kimjunte/portfolio_page:$GITHUB_REF_SLUG
# imagePullPolicy: Always
# ports:
# - name: portfolioport
# containerPort: 3000
# imagePullSecrets:
# - name: registrypullsecret
# # This is a file I used to push juntekim.com as deployment while keeping a different namespace for prod and staging
apiVersion: apps/v1
kind: Deployment
metadata:
name: stripe-to-invoice
namespace: ${NAMESPACE}
labels:
app: stripe-to-invoice
spec:
replicas: 1
selector:
matchLabels:
app: stripe-to-invoice
template:
metadata:
labels:
app: stripe-to-invoice
spec:
containers:
- name: stripe-to-invoice
image: ${IMAGE}
imagePullPolicy: Always
ports:
- name: http
containerPort: 3000
env:
- name: NODE_ENV
value: "production"
# ---
# apiVersion: v1
# kind: Service
# metadata:
# name: portfolio-page
# namespace: ${NAMESPACE}
# spec:
# ports:
# - protocol: TCP
# name: portfolioport
# port: 80
# targetPort: 3000
# selector:
# app: portfolio-page
# ---
# apiVersion: traefik.io/v1alpha1
# kind: IngressRoute
# metadata:
# name: juntekim-portfolio-page
# namespace: ${NAMESPACE}
# spec:
# entryPoints:
# - websecure
# routes:
# - match: "Host(`${HOSTNAME}`) || Host(`www.${HOSTNAME}`)"
# kind: Rule
# services:
# - name: portfolio-page
# port: 80
# passHostHeader: false
# tls:
# certResolver: myresolver
# domains:
# - main: ${HOSTNAME}
# for the beta version lets use stripe-to-invoice-dev.juntekim.com for now and deploy things on feature and main branch
# only once it goes to production from a release branch we'll make this go to the same name space as production database which default as well - however the postgres data
# will be postgres-prod, with different password and user name
# ---- Database ----
- name: DATABASE_URL
valueFrom:
secretKeyRef:
name: postgres-${DB_ENV}
key: DATABASE_URL
# the workflow for the deployment the portfolio page looks as follows including pushing to the docker registry
#
# name: Build juntekim.com
# ---- Stripe ----
- name: STRIPE_SECRET_KEY
valueFrom:
secretKeyRef:
name: stripe-secrets
key: STRIPE_SECRET_KEY
# on:
# push:
# tags:
# - "*"
# branches:
# - "**"
imagePullSecrets:
- name: registrypullsecret
# jobs:
# Push-to-docker-hub:
# runs-on: ubuntu-22.04
# steps:
# - uses: actions/checkout@v3
# - name: Inject slug/short variables
# uses: rlespinasse/github-slug-action@v4
# - name: Login to Docker Hub
# uses: docker/login-action@v3
# with:
# username: ${{ secrets.DOCKER_HUB_USERNAME }}
# password: ${{ secrets.DOCKER_HUB_TOKEN }}
# - name: Build Docker Image
# run: |
# docker build \
# -f juntekim_frontend/deployment/Dockerfile \
# -t docker.io/kimjunte/portfolio_page:$GITHUB_REF_SLUG \
# juntekim_frontend
# - name: Push to Docker Hub
# run: |
# docker push docker.io/kimjunte/portfolio_page:$GITHUB_REF_SLUG
# run-on-k8s:
# runs-on: mealcraft-runners # <-- your ARC scale set label
# needs: Push-to-docker-hub
# steps:
# - uses: actions/checkout@v4
# # Install kubectl inside containerMode's default Ubuntu
# - name: Install kubectl
# run: |
# sudo apt-get update
# sudo apt-get install -y curl ca-certificates
# curl -LO "https://dl.k8s.io/release/$(curl -sL https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
# sudo install -m 0755 kubectl /usr/local/bin/kubectl
# - name: Install envsubst
# run: |
# sudo apt-get update
# sudo apt-get install -y gettext # <---- envsubst lives here
# # Configure kubeconfig from ARC's service account
# - name: Configure kubeconfig
# run: |
# KUBE_HOST="https://$KUBERNETES_SERVICE_HOST:$KUBERNETES_SERVICE_PORT"
# SA_TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)
# CA_CERT=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt
# NAMESPACE=$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace)
# kubectl config set-cluster microk8s --server="$KUBE_HOST" --certificate-authority="$CA_CERT"
# kubectl config set-credentials runner --token="$SA_TOKEN"
# kubectl config set-context runner-context --cluster=microk8s --user=runner --namespace="$NAMESPACE"
# kubectl config use-context runner-context
# - name: Inject slug variables
# uses: rlespinasse/github-slug-action@v4
# - name: Set namespace
# id: ns
# run: |
# if [[ $GITHUB_REF == refs/tags/* ]]; then
# echo "NAMESPACE=default" >> $GITHUB_ENV
# else
# echo "NAMESPACE=staging" >> $GITHUB_ENV
# fi
# - name: Set hostname
# run: |
# if [ "$NAMESPACE" = "staging" ]; then
# echo "HOSTNAME=staging.juntekim.com" >> $GITHUB_ENV
# else
# echo "HOSTNAME=juntekim.com" >> $GITHUB_ENV
# fi
# - name: Deploy to Kubernetes
# run: |
# export IMAGE="docker.io/kimjunte/portfolio_page:$GITHUB_REF_SLUG"
# export NAMESPACE HOSTNAME
# envsubst < juntekim_frontend/deployment/deployment.yml | kubectl apply -f -
# envsubst < juntekim_frontend/deployment/service.yml | kubectl apply -f -
# envsubst < juntekim_frontend/deployment/ingressroute.yml | kubectl apply -f -
# 1) First make me a Dockerfile for the nextjs app that i have under stripe_to_invoice that is produciton ready
# 2) make me a depoloyment file which i'll have under stripe_to_invoice/deployment/deployment.yaml
# 3) Make me the github workflow to run this in feature/* or main ( in dev) and releases in prod ( which just uses a different database)
---
apiVersion: v1
kind: Service
metadata:
name: stripe-to-invoice
namespace: ${NAMESPACE}
spec:
selector:
app: stripe-to-invoice
ports:
- name: http
protocol: TCP
port: 80
targetPort: 3000
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: stripe-to-invoice
namespace: ${NAMESPACE}
spec:
entryPoints:
- websecure
routes:
- match: Host(`${HOSTNAME}`)
kind: Rule
services:
- name: stripe-to-invoice
port: 80
passHostHeader: true
tls:
certResolver: myresolver