Setup khz-k3s deployment

.github/workflows/master.yml

@@ -0,0 +1,85 @@
+# This workflow will do a clean installation of node dependencies, cache/restore them, build the source code and run tests across different versions of node
+# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-nodejs
+
+name: Node.js CI
+
+on:
+  push:
+    branches: ['master']
+  pull_request:
+    branches: ['master']
+
+jobs:
+  test:
+    if: ${{ ! endsWith(github.event.head_commit.message, '[skip ci]') }}
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        target: ['lint-all', 'test-all']
+        node-version: [20.x, 22.x]
+
+    steps:
+      - uses: actions/checkout@v3
+      - name: Use Node.js ${{ matrix.node-version }}
+        uses: actions/setup-node@v3
+        with:
+          node-version: ${{ matrix.node-version }}
+          cache: 'npm'
+      - run: npm install
+      - run: npm run ${{ matrix.target }}
+
+  build:
+    if: ${{ ! endsWith(github.event.head_commit.message, '[skip ci]') }}
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        package: ['base-node', 'archive']
+        node-version: [20.x]
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v2
+
+      - name: Setup node 20
+        uses: actions/setup-node@v3
+        with:
+          node-version: ${{ matrix.node-version }}
+          cache: 'npm'
+
+      - name: Run npm install
+        run: npm install
+
+      - name: Run node build
+        run: npx nx run ${{ matrix.package }}:node:build --output-style=stream
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v3
+        with:
+          context: ./packages/${{ matrix.package }}
+          push: true
+          tags: ghcr.io/${{ github.repository }}/${{ matrix.package}}:latest, ghcr.io/${{ github.repository }}/${{ matrix.package}}:${{ github.sha }}
+
+      - uses: mikefarah/yq@master
+        with:
+          cmd: yq --version
+
+      - name: Update image version tag
+        run: |
+          git config --global user.email "juhani.pelli@gmail.com"
+          git config --global user.name "Juhani Pelli"
+          yq e '.images[0].newTag = "${{ github.sha }}"' -i packages/${{ matrix.package }}/.khz-k3s/kustomization.yaml
+          git add packages/${{ matrix.package }}/.khz-k3s/kustomization.yaml
+          git commit -m "Deploy ${{ github.sha }} [skip ci]"
+          git push origin ${{ github.event.repository.default_branch }}

nx.json

@@ -26,15 +26,6 @@
     },
     "start": {
       "dependsOn": ["node:build"]
-    },
-    "docker:build": {
-      "dependsOn": ["^docker:build"]
-    },
-    "docker:run": {
-      "dependsOn": ["docker:build"]
-    },
-    "gcloud:build": {
-      "dependsOn": ["^gcloud:build"]
     }
   }
 }

packages/archive/.khz-k3s/deployment.yaml

@@ -0,0 +1,98 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: ruuvipuserrin-archive
+
+  labels:
+    app: ruuvipuserrin-archive
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: ruuvipuserrin-archive
+  template:
+    metadata:
+      labels:
+        app: ruuvipuserrin-archive
+    spec:
+      imagePullSecrets:
+        - name: github-registry-secret
+      containers:
+        - name: ruuvipuserrin-archive
+          image: ghcr.io/unkhz/ruuvipuserrin/archive:latest
+          ports:
+            - containerPort: 80
+          environment:
+            - name: PG_HOST
+              value: 'nope'
+            - name: PG_HOSTPORT
+              value: 'nope'
+            - name: PG_HOSTUSER
+              value: 'nope'
+            - name: PG_HOSTPASSWORD
+              value: 'nope'
+            - name: PG_HOSTDB
+              value: 'nope'
+            - name: PG_HOSTCERT
+              value: 'nope'
+          resources:
+            requests:
+              memory: '32Mi'
+              cpu: '50m'
+            limits:
+              memory: '256Mi'
+              cpu: '200m'
+          readinessProbe:
+            httpGet:
+              path: /health
+              port: 80
+          livenessProbe:
+            httpGet:
+              path: /health
+              port: 80
+            initialDelaySeconds: 30
+            periodSeconds: 300
+            timeoutSeconds: 15
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: ruuvipuserrin-archive-service
+
+  annotations:
+    external-dns.alpha.kubernetes.io/hostname: archive.ruuvipuserrin.khz.fi
+    external-dns.alpha.kubernetes.io/cloudflare-proxied: 'false'
+
+spec:
+  selector:
+    app: ruuvipuserrin-archive
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 80
+  type: ClusterIP
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: ruuvipuserrin-archive-ingress
+
+  annotations:
+    kubernetes.io/ingress.class: 'traefik'
+    cert-manager.io/cluster-issuer: 'letsencrypt-prod'
+spec:
+  rules:
+    - host: archive.ruuvipuserrin.khz.fi
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: ruuvipuserrin-archive-service
+                port:
+                  number: 80
+  tls:
+    - hosts:
+        - archive.ruuvipuserrin.khz.fi
+      secretName: ruuvipuserrin-archive-tls

packages/archive/.khz-k3s/kustomization.yaml

@@ -0,0 +1,8 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: apps
+resources:
+  - deployment.yaml
+images:
+  - name: ghcr.io/unkhz/ruuvipuserrin/archive
+    newTag: latest

packages/archive/package.json

@@ -13,12 +13,8 @@
     "node:build": "tsc --project tsconfig.build.json",
     "dev": "nodemon --watch './**/*.ts' --exec 'ts-node' index.ts",
     "start": "node dist/index.js",
-    "docker:build": "docker build . --tag=ruuvipuserrin/archive",
     "docker:run": "docker run --name=ruuvipuserrin-archive --env-file=../../.env.local --rm -p 4000:4000 ruuvipuserrin/archive",
-    "docker:stop": "docker stop ruuvipuserrin-archive",
-    "gcloud:build": "gcloud builds submit --tag gcr.io/ruuvipuserrin/archive",
-    "gcloud:deploy": "gcloud run deploy archive --image gcr.io/ruuvipuserrin/archive --update-secrets=PG_HOST=PG_HOST:latest,PG_PORT=PG_PORT:latest,PG_DB=PG_DB:latest,PG_USER=PG_USER:latest,PG_PASSWORD=PG_PASSWORD:latest,PG_CERT=PG_CERT:latest --service-account=archive-identity --no-allow-unauthenticated",
-    "gcloud:update-secrets": "./update-secrets.sh"
+    "docker:stop": "docker stop ruuvipuserrin-archive"
   },
   "devDependencies": {
     "@types/express": "^4.17.17"

packages/base-node/.khz-k3s/kustomization.yaml

@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: apps
+images:
+  - name: ghcr.io/unkhz/ruuvipuserrin/base-node
+    newTag: latest

packages/base-node/package.json

@@ -1,10 +1,6 @@
 {
   "name": "@ruuvipuserrin/base-node",
   "version": "0.0.0",
-  "scripts": {
-    "docker:build": "docker build ../.. --tag gcr.io/ruuvipuserrin/base-node",
-    "gcloud:build": "cd ../..; gcloud builds submit --tag gcr.io/ruuvipuserrin/base-node"
-  },
   "devDependencies": {
     "@types/jest": "^29.4.0",
     "@types/node": "^18.11.18",