From cc77de922a509807dbe86e28a1d10b1298907973 Mon Sep 17 00:00:00 2001 From: Jun-te Kim Date: Sun, 28 Dec 2025 13:33:04 +0000 Subject: [PATCH] migration set up --- .github/workflows/deploy-postgres-dev.yml | 61 +++++++++++++++++++++++ db/k8s/secrets/postgres-secret-dev.yaml | 10 ++++ db/k8s/secrets/postgres-secret-prod.yaml | 10 ++++ 3 files changed, 81 insertions(+) create mode 100644 .github/workflows/deploy-postgres-dev.yml create mode 100644 db/k8s/secrets/postgres-secret-dev.yaml create mode 100644 db/k8s/secrets/postgres-secret-prod.yaml diff --git a/.github/workflows/deploy-postgres-dev.yml b/.github/workflows/deploy-postgres-dev.yml new file mode 100644 index 0000000..bb0bab0 --- /dev/null +++ b/.github/workflows/deploy-postgres-dev.yml @@ -0,0 +1,61 @@ +name: Deploy DEV DB Infrastructure + +on: + push: + branches: + - "feature/*" +jobs: + deploy: + runs-on: mealcraft-runners + + steps: + - uses: actions/checkout@v4 + + - name: Install kubectl + run: | + sudo apt-get update + sudo apt-get install -y curl ca-certificates + curl -LO "https://dl.k8s.io/release/$(curl -sL https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" + sudo install -m 0755 kubectl /usr/local/bin/kubectl + + - name: Configure kubeconfig (in-cluster) + run: | + KUBE_HOST="https://$KUBERNETES_SERVICE_HOST:$KUBERNETES_SERVICE_PORT" + SA_TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token) + CA_CERT=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt + NAMESPACE=$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace) + + kubectl config set-cluster microk8s --server="$KUBE_HOST" --certificate-authority="$CA_CERT" + kubectl config set-credentials runner --token="$SA_TOKEN" + kubectl config set-context runner-context --cluster=microk8s --user=runner --namespace="$NAMESPACE" + kubectl config use-context runner-context + + - name: Apply DEV secrets + run: kubectl apply -f db/k8s/secrets/ + + - name: Deploy DEV Postgres + run: kubectl apply -f db/k8s/postgres/postgres-dev-stripe-to-invoice.yaml + + migrate: + runs-on: mealcraft-runners + needs: deploy + + steps: + - uses: actions/checkout@v4 + + - name: Install Atlas + run: curl -sSf https://atlasgo.sh | sh + + - name: Load DEV DB creds + run: | + export POSTGRES_USER=$(kubectl get secret postgres-secret -o jsonpath='{.data.POSTGRES_USER}' | base64 -d) + export POSTGRES_PASSWORD=$(kubectl get secret postgres-secret -o jsonpath='{.data.POSTGRES_PASSWORD}' | base64 -d) + + echo "POSTGRES_USER=$POSTGRES_USER" >> $GITHUB_ENV + echo "POSTGRES_PASSWORD=$POSTGRES_PASSWORD" >> $GITHUB_ENV + + - name: Run Atlas migrations (DEV) + run: | + atlas migrate apply \ + --config file://./db/atlas/atlas.hcl \ + --env stripe_invoice_dev diff --git a/db/k8s/secrets/postgres-secret-dev.yaml b/db/k8s/secrets/postgres-secret-dev.yaml new file mode 100644 index 0000000..d8f852f --- /dev/null +++ b/db/k8s/secrets/postgres-secret-dev.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Secret +metadata: + name: postgres-secret + namespace: arc-systems +type: Opaque +stringData: + POSTGRES_USER: postgres + POSTGRES_PASSWORD: averysecretpasswordPersonAppleWinter938 + POSTGRES_DB: stripe_invoice diff --git a/db/k8s/secrets/postgres-secret-prod.yaml b/db/k8s/secrets/postgres-secret-prod.yaml new file mode 100644 index 0000000..16da2cb --- /dev/null +++ b/db/k8s/secrets/postgres-secret-prod.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Secret +metadata: + name: postgres-prod-secret + namespace: arc-systems +type: Opaque +stringData: + POSTGRES_USER: postgres + POSTGRES_PASSWORD: productionPassword1142M@ke!tH@rd2Br3akWith$ymb0ls + POSTGRES_DB: stripe_invoice