-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
helm chart for cht sync #90
Changes from 11 commits
e9c077c
abe9981
ed79362
7c3c398
6e432da
07063c4
a44b933
bb43d08
3118482
34ff7c8
c1bf1ff
328375a
9b24f2a
afdca7b
b86a1ad
35462d4
0e23dce
6fbb592
5e4f34f
4325b6a
cd03d4b
458e9c9
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,25 +1,50 @@ | ||
name: Build cht-sync containers | ||
|
||
on: [push, pull_request] | ||
on: [push] | ||
|
||
jobs: | ||
|
||
build: | ||
name: Compile the app | ||
runs-on: ubuntu-22.04 | ||
|
||
runs-on: ubuntu-latest | ||
outputs: | ||
BRANCH: ${{ steps.output_branch.outputs.BRANCH }} | ||
steps: | ||
- name: Get Docker Hub username | ||
id: get-docker-hub-username | ||
run: echo '::set-output name=dockerhub_username::${{ secrets.DOCKERHUB_USERNAME }}' | ||
- name: Login to Docker Hub | ||
uses: docker/login-action@v1 | ||
with: | ||
username: ${{ secrets.DOCKERHUB_USERNAME }} | ||
password: ${{ secrets.DOCKERHUB_TOKEN }} | ||
if: steps.get-docker-hub-username.outputs.dockerhub_username | ||
- uses: actions/checkout@v2 | ||
- name: Docker Build | ||
run: docker-compose build | ||
- name: Docker Push | ||
run: docker-compose push | ||
- name: Checkout | ||
uses: actions/checkout@v3 | ||
|
||
- name: Extract branch name | ||
shell: bash | ||
run: echo "BRANCH=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" >> $GITHUB_ENV | ||
id: extract_branch | ||
|
||
- id: output_branch | ||
run: echo "::set-output name=BRANCH::${{ env.BRANCH }}" | ||
|
||
- name: Login to Docker Hub | ||
uses: docker/login-action@v2 | ||
with: | ||
username: ${{ secrets.DOCKERHUB_USERNAME }} | ||
password: ${{ secrets.DOCKERHUB_TOKEN }} | ||
|
||
- name: Build and push logstash | ||
uses: docker/build-push-action@v4 | ||
with: | ||
context: ./logstash | ||
file: ./logstash/Dockerfile | ||
push: true | ||
tags: medicmobile/cht-logstash-couchdb:${{ env.BRANCH }} | ||
|
||
- name: Build and push dataemon | ||
uses: docker/build-push-action@v4 | ||
with: | ||
context: ./dbt | ||
file: ./dbt/Dockerfile | ||
push: true | ||
tags: medicmobile/dataemon:${{ env.BRANCH }} | ||
|
||
- name: Build and push redis-worker | ||
uses: docker/build-push-action@v4 | ||
with: | ||
context: ./redis-worker | ||
file: ./redis-worker/Dockerfile | ||
push: true | ||
tags: dockermedic/cht-sync-redis-worker:${{ env.BRANCH }} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
apiVersion: v2 | ||
name: cht_sync | ||
description: A Helm chart for Kubernetes | ||
|
||
# A chart can be either an 'application' or a 'library' chart. | ||
# | ||
# Application charts are a collection of templates that can be packaged into versioned archives | ||
# to be deployed. | ||
# | ||
# Library charts provide useful utilities or functions for the chart developer. They're included as | ||
# a dependency of application charts to inject those utilities and functions into the rendering | ||
# pipeline. Library charts do not define any templates and therefore cannot be deployed. | ||
type: application | ||
|
||
# This is the chart version. This version number should be incremented each time you make changes | ||
# to the chart and its templates, including the app version. | ||
# Versions are expected to follow Semantic Versioning (https://semver.org/) | ||
version: 0.1.0 | ||
|
||
# This is the version number of the application being deployed. This version number should be | ||
# incremented each time you make changes to the application. Versions are not expected to | ||
# follow Semantic Versioning. They should reflect the version the application is using. | ||
# It is recommended to use it with quotes. | ||
appVersion: "0.1.0" |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
apiVersion: apps/v1 | ||
kind: Deployment | ||
metadata: | ||
name: cht-sync-dbt | ||
spec: | ||
replicas: 1 | ||
selector: | ||
matchLabels: | ||
app: cht-sync | ||
template: | ||
metadata: | ||
labels: | ||
app: cht-sync | ||
spec: | ||
Check warning Code scanning / SonarCloud Service account tokens should not be mounted in pods Medium
Set automountServiceAccountToken to false for this specification of kind Deployment. See more on SonarCloud
|
||
automountServiceAccountToken: false | ||
containers: | ||
- name: dbt | ||
Check warning Code scanning / SonarCloud CPU limits should be enforced Medium
Specify a CPU limit for this container. See more on SonarCloud
Check warning Code scanning / SonarCloud Memory limits should be enforced Medium
Specify a memory limit for this container. See more on SonarCloud
|
||
image: medicmobile/dataemon:{{ .Values.image_tag | default "latest" }} | ||
resources: | ||
limits: | ||
cpu: {{ (.Values.dbt).cpu_limit | default "500m" }} | ||
memory: {{ (.Values.dbt).memory_limit | default "1Gi" }} | ||
env: | ||
- name: POSTGRES_HOST | ||
value: {{ .Values.postgres.host | default "postgres" }} | ||
- name: POSTGRES_USER | ||
value: {{ .Values.postgres.user }} | ||
- name: POSTGRES_PORT | ||
value: {{ .Values.postgres.port | default "5432" | quote }} | ||
- name: POSTGRES_PASSWORD | ||
value: {{ .Values.postgres.password }} | ||
- name: POSTGRES_DB | ||
value: {{ .Values.postgres.db }} | ||
- name: POSTGRES_TABLE | ||
value: {{ .Values.postgres.table }} | ||
- name: POSTGRES_SCHEMA | ||
value: {{ .Values.postgres.schema }} | ||
- name: ROOT_POSTGRES_SCHEMA | ||
value: {{ .Values.postgres.schema }} | ||
- name: CHT_PIPELINE_BRANCH_URL | ||
value: {{ .Values.cht_pipeline_branch_url }} | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,45 @@ | ||
# templates/logstash.yaml | ||
|
||
apiVersion: apps/v1 | ||
kind: Deployment | ||
metadata: | ||
name: cht-sync-logstash | ||
spec: | ||
replicas: 1 | ||
selector: | ||
matchLabels: | ||
app: cht-sync | ||
template: | ||
metadata: | ||
labels: | ||
app: cht-sync | ||
spec: | ||
Check warning Code scanning / SonarCloud Service account tokens should not be mounted in pods Medium
Set automountServiceAccountToken to false for this specification of kind Deployment. See more on SonarCloud
|
||
automountServiceAccountToken: false | ||
containers: | ||
- name: logstash | ||
Check warning Code scanning / SonarCloud CPU limits should be enforced Medium
Specify a CPU limit for this container. See more on SonarCloud
Check warning Code scanning / SonarCloud Memory limits should be enforced Medium
Specify a memory limit for this container. See more on SonarCloud
|
||
image: medicmobile/cht-logstash-couchdb:{{ .Values.image_tag | default "latest" }} | ||
resources: | ||
limits: | ||
cpu: {{ (.Values.logstash).cpu_limit | default "2" }} | ||
memory: {{ (.Values.logstash).memory_limit | default "2Gi" }} | ||
env: | ||
- name: COUCHDB_USER | ||
value: {{ .Values.couchdb.user }} | ||
- name: COUCHDB_PASSWORD | ||
value: {{ .Values.couchdb.password }} | ||
- name: COUCHDB_HOST | ||
value: {{ .Values.couchdb.host }} | ||
- name: COUCHDB_DBS | ||
value: {{ .Values.couchdb.dbs }} | ||
- name: COUCHDB_PORT | ||
value: {{ .Values.couchdb.port | quote }} | ||
- name: COUCHDB_SECURE | ||
value: {{ .Values.couchdb.secure | default "false" | quote }} | ||
- name: COUCHDB_SEQ # don't allow this to be changed | ||
value: "/tmp/couchdb/sequence_path.txt" | ||
- name: REDIS_HOST | ||
value: "redis" | ||
- name: REDIS_PORT | ||
value: "6379" | ||
- name: REDIS_KEY | ||
value: {{ (.Values.redis).key | default "couchdb" }} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
{{- if .Values.postgres.enabled }} | ||
apiVersion: v1 | ||
kind: Service | ||
metadata: | ||
name: postgres | ||
spec: | ||
selector: | ||
inner.service: postgres | ||
ports: | ||
- protocol: TCP | ||
port: {{ .Values.postgres.port | default "5432" }} | ||
targetPort: 5432 | ||
{{- end }} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
# templates/postgres.yaml | ||
|
||
{{- if .Values.postgres.enabled }} | ||
apiVersion: apps/v1 | ||
kind: StatefulSet | ||
metadata: | ||
name: cht-sync-postgres | ||
spec: | ||
serviceName: postgres | ||
replicas: 1 | ||
selector: | ||
matchLabels: | ||
app: cht-sync | ||
inner.service: postgres | ||
template: | ||
metadata: | ||
labels: | ||
app: cht-sync | ||
inner.service: postgres | ||
spec: | ||
automountServiceAccountToken: false | ||
containers: | ||
- name: postgres-c | ||
image: postgres:13 | ||
resources: | ||
limits: | ||
cpu: {{ (.Values.postgres).cpu_limit | default "1000m" }} | ||
memory: {{ (.Values.postgres).memory_limit | default "2Gi" }} | ||
env: | ||
- name: POSTGRES_USER | ||
value: {{ .Values.postgres.user }} | ||
- name: POSTGRES_PASSWORD | ||
value: {{ .Values.postgres.password }} | ||
- name: POSTGRES_DB | ||
value: {{ .Values.postgres.db }} | ||
ports: | ||
- containerPort: {{ .Values.postgres.port | default "5432" }} | ||
|
||
volumeClaimTemplates: | ||
- metadata: | ||
name: postgres-data | ||
spec: | ||
accessModes: [ "ReadWriteOnce" ] | ||
resources: | ||
requests: | ||
storage: {{ .Values.postgres.storageSize | default "1Gi" }} | ||
{{- end }} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
apiVersion: v1 | ||
kind: Service | ||
metadata: | ||
name: postgrest | ||
spec: | ||
selector: | ||
inner.service: postgrest | ||
ports: | ||
- protocol: TCP | ||
port: 3000 |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,39 @@ | ||
# templates/postgrest.yaml | ||
|
||
apiVersion: apps/v1 | ||
kind: Deployment | ||
metadata: | ||
name: cht-sync-postgrest | ||
spec: | ||
replicas: 1 | ||
selector: | ||
matchLabels: | ||
app: cht-sync | ||
inner.service: postgrest | ||
template: | ||
metadata: | ||
labels: | ||
app: cht-sync | ||
inner.service: postgrest | ||
spec: | ||
Check warning Code scanning / SonarCloud Service account tokens should not be mounted in pods Medium
Set automountServiceAccountToken to false for this specification of kind Deployment. See more on SonarCloud
|
||
automountServiceAccountToken: false | ||
containers: | ||
- name: postgrest | ||
Check warning Code scanning / SonarCloud CPU limits should be enforced Medium
Specify a CPU limit for this container. See more on SonarCloud
Check warning Code scanning / SonarCloud Memory limits should be enforced Medium
Specify a memory limit for this container. See more on SonarCloud
|
||
image: postgrest/postgrest | ||
resources: | ||
limits: | ||
cpu: {{ (.Values.postgrest).cpu_limit | default "1000m" }} | ||
memory: {{ (.Values.postgrest).memory_limit | default "500Mi" }} | ||
env: | ||
- name: PGRST_DB_URI | ||
value: | | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This causes the error below. Setting the value to
|
||
{{ printf "postgres://%s:%s@%s:%d/%s" | ||
.Values.postgres.user | ||
.Values.postgres.password | ||
( .Values.postgres.host | default "postgres" ) | ||
(int .Values.postgres.port | default 5432) | ||
.Values.postgres.db }} | ||
- name: PGRST_DB_SCHEMA | ||
value: {{ .Values.postgres.schema }} | ||
- name: PGRST_DB_ANON_ROLE | ||
value: {{ .Values.postgres.user }} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
apiVersion: v1 | ||
kind: Service | ||
metadata: | ||
name: redis | ||
spec: | ||
selector: | ||
inner.service: redis | ||
ports: | ||
- protocol: TCP | ||
port: 6379 | ||
targetPort: 6379 |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
# templates/postgrest.yaml | ||
|
||
apiVersion: apps/v1 | ||
kind: Deployment | ||
metadata: | ||
name: cht-sync-redis-worker | ||
spec: | ||
replicas: 1 | ||
selector: | ||
matchLabels: | ||
app: cht-sync | ||
template: | ||
metadata: | ||
labels: | ||
app: cht-sync | ||
spec: | ||
automountServiceAccountToken: false | ||
containers: | ||
- name: redis-worker | ||
image: dockermedic/cht-sync-redis-worker:{{ .Values.image_tag | default "latest" }} | ||
resources: | ||
limits: | ||
cpu: {{ (.Values.redis_worker).cpu_limit | default "500m" }} | ||
memory: {{ (.Values.redis_worker).memory_limit | default "500Mi" }} | ||
env: | ||
- name: REDIS_HOST | ||
value: "redis" | ||
- name: REDIS_PORT | ||
value: "6739" | ||
- name: REDIS_KEY | ||
value: {{ (.Values.redis).key | default "couchdb" }} | ||
- name: POSTGREST_ENDPOINT | ||
value: "postgrest:3000" | ||
- name: REDIS_BATCH_SIZE | ||
value: {{ (.Values.redis).batch_size | default "100" | quote }} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
# templates/postgrest.yaml | ||
|
||
apiVersion: apps/v1 | ||
kind: StatefulSet | ||
metadata: | ||
name: cht-sync-redis | ||
spec: | ||
serviceName: redis | ||
replicas: 1 | ||
selector: | ||
matchLabels: | ||
app: cht-sync | ||
inner.service: redis | ||
template: | ||
metadata: | ||
labels: | ||
app: cht-sync | ||
inner.service: redis | ||
spec: | ||
automountServiceAccountToken: false | ||
containers: | ||
- name: redis | ||
image: redis:latest | ||
resources: | ||
limits: | ||
cpu: {{ (.Values.redis).cpu_limit | default "500m" }} | ||
memory: {{ (.Values.redis).memory_limit | default "2Gi" }} | ||
volumeClaimTemplates: | ||
- metadata: | ||
name: redis-data | ||
spec: | ||
accessModes: [ "ReadWriteOnce" ] | ||
resources: | ||
requests: | ||
storage: {{ (.Values.redis).storageSize | default "1Gi" }} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we should totally aim not not create tables and such in code. I believe the whole allure of dbt is that you can have these versioned clean schema files, but here we're just inlining the table create in python?
Is there a way we can use dbt to create these and keep the schema in its own file?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also, how is this connected to the helm chart?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
its not related to the the helm chart and was already merged to main separately.
dbt mainly creates tables by wrapping select from existing tables in create table statements, the assumption is that there's some source db that dbt is not managing.
but it is possible to just run raw sql, including ddl and yea i agree in this case probably makes more sense to do that instead of creating the table here. Also then could just have one "root" table instead of two.
related to medic/cht-pipeline#84