diff --git a/.github/workflows/dev.yml b/.github/workflows/dev.yml index b2fafa835..c253e01af 100644 --- a/.github/workflows/dev.yml +++ b/.github/workflows/dev.yml @@ -33,6 +33,14 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 + - name: Cache Docker layers + uses: actions/cache@v2 + with: + path: /tmp/.buildx-cache + key: ${{ runner.os }}-buildx-${{ github.sha }} + restore-keys: | + ${{ runner.os }}-buildx- + - name: BUILD uses: docker/build-push-action@v2 with: @@ -40,6 +48,8 @@ jobs: load: true tags: squidex-tmp build-args: "SQUIDEX__VERSION=4.0.0-dev-${{ env.BUILD_NUMBER }}" + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache-new - name: Export Image run: docker save squidex-tmp | gzip > squidex-tmp.tar.gz @@ -50,6 +60,11 @@ jobs: path: squidex-tmp.tar.gz key: squidex-dev-image-${{ github.sha }} + - name: Move cache + run: | + rm -rf /tmp/.buildx-cache + mv /tmp/.buildx-cache-new /tmp/.buildx-cache + test: needs: build runs-on: ubuntu-latest diff --git a/.github/workflows/marketplace-aws.yml b/.github/workflows/marketplace-aws.yml index f08962b93..338f400dd 100644 --- a/.github/workflows/marketplace-aws.yml +++ b/.github/workflows/marketplace-aws.yml @@ -17,8 +17,7 @@ jobs: with: command: validate arguments: -syntax-only - target: aws.pkr.hcl - working-directory: packer/ + target: packer/aws.pkr.hcl publish: needs: validate @@ -34,20 +33,18 @@ jobs: uses: hashicorp/packer-github-actions@master with: command: init - target: vultr.pkr.hcl + target: packer/aws.pkr.hcl env: PACKER_LOG: 1 - working-directory: packer/ - name: Build uses: hashicorp/packer-github-actions@master with: command: build arguments: "-color=false -on-error=abort" - target: aws.pkr.hcl + target: packer/aws.pkr.hcl env: PACKER_LOG: 1 PKR_VAR_squidex_version: "${{ env.GITHUB_REF_SLUG }}" AWS_ACCESS_KEY_ID: "${{ secrets.AWS_ACCESS_KEY_ID }}" AWS_SECRET_ACCESS_KEY: "${{ secrets.AWS_SECRET_ACCESS_KEY }}" - working-directory: packer/ diff --git a/.github/workflows/marketplace-azure.yml b/.github/workflows/marketplace-azure.yml index fcc7c2c73..1cefcc5c4 100644 --- a/.github/workflows/marketplace-azure.yml +++ b/.github/workflows/marketplace-azure.yml @@ -19,8 +19,7 @@ jobs: with: command: validate arguments: -syntax-only - target: azure.pkr.hcl - working-directory: packer/ + target: packer/azure.pkr.hcl publish: needs: validate @@ -36,17 +35,16 @@ jobs: uses: hashicorp/packer-github-actions@master with: command: init - target: vultr.pkr.hcl + target: packer/azure.pkr.hcl env: PACKER_LOG: 1 - working-directory: packer/ - name: Build uses: hashicorp/packer-github-actions@master with: command: build arguments: "-color=false -on-error=abort" - target: azure.pkr.hcl + target: packer/azure.pkr.hcl env: PACKER_LOG: 1 PKR_VAR_squidex_version: "${{ env.GITHUB_REF_SLUG }}" @@ -54,4 +52,3 @@ jobs: PKR_VAR_tenant_id: "${{ secrets.AZURE_TENANT_ID }}" PKR_VAR_client_id: "${{ secrets.AZURE_CLIENT_ID }}" PKR_VAR_client_secret: "${{ secrets.AZURE_CLIENT_SECRET }}" - working-directory: packer/ diff --git a/.github/workflows/marketplace-digitalocean.yml b/.github/workflows/marketplace-digitalocean.yml index 99dd55c8b..39ee072cc 100644 --- a/.github/workflows/marketplace-digitalocean.yml +++ b/.github/workflows/marketplace-digitalocean.yml @@ -17,8 +17,7 @@ jobs: with: command: validate arguments: -syntax-only - target: digitalocean.pkr.hcl - working-directory: packer/ + target: packer/digitalocean.pkr.hcl publish: needs: validate @@ -34,19 +33,17 @@ jobs: uses: hashicorp/packer-github-actions@master with: command: init - target: vultr.pkr.hcl + target: packer/digitalocean.pkr.hcl env: PACKER_LOG: 1 - working-directory: packer/ - name: Build uses: hashicorp/packer-github-actions@master with: command: build arguments: "-color=false -on-error=abort" - target: digitalocean.pkr.hcl + target: packer/digitalocean.pkr.hcl env: PACKER_LOG: 1 PKR_VAR_squidex_version: "${{ env.GITHUB_REF_SLUG }}" DIGITALOCEAN_API_TOKEN: "${{ secrets.DIGITALOCEAN_API_TOKEN }}" - working-directory: packer/ diff --git a/.github/workflows/marketplace-gcp.yml b/.github/workflows/marketplace-gcp.yml index 82684793b..43fac4078 100644 --- a/.github/workflows/marketplace-gcp.yml +++ b/.github/workflows/marketplace-gcp.yml @@ -17,8 +17,7 @@ jobs: with: command: validate arguments: -syntax-only - target: gcp.pkr.hcl - working-directory: packer/ + target: packer/gcp.pkr.hcl publish: needs: validate @@ -37,19 +36,17 @@ jobs: uses: hashicorp/packer-github-actions@master with: command: init - target: vultr.pkr.hcl + target: packer/gcp.pkr.hcl env: PACKER_LOG: 1 - working-directory: packer/ - name: Build uses: hashicorp/packer-github-actions@master with: command: build arguments: "-color=false -on-error=abort" - target: gcp.pkr.hcl + target: packer/gcp.pkr.hcl env: PACKER_LOG: 1 PKR_VAR_squidex_version: "${{ env.GITHUB_REF_SLUG }}" GOOGLE_APPLICATION_CREDENTIALS: "/tmp/squidex.json" - working-directory: packer/ diff --git a/.github/workflows/marketplace-vultr.yml b/.github/workflows/marketplace-vultr.yml index 9fc73aaef..13be51819 100644 --- a/.github/workflows/marketplace-vultr.yml +++ b/.github/workflows/marketplace-vultr.yml @@ -17,8 +17,7 @@ jobs: with: command: validate arguments: -syntax-only - target: vultr.pkr.hcl - working-directory: packer/ + target: packer/vultr.pkr.hcl publish: needs: validate @@ -34,19 +33,17 @@ jobs: uses: hashicorp/packer-github-actions@master with: command: init - target: vultr.pkr.hcl + target: packer/vultr.pkr.hcl env: PACKER_LOG: 1 - working-directory: packer/ - name: Build uses: hashicorp/packer-github-actions@master with: command: build arguments: "-color=false -on-error=abort" - target: vultr.pkr.hcl + target: packer/vultr.pkr.hcl env: PACKER_LOG: 1 PKR_VAR_squidex_version: "${{ env.GITHUB_REF_SLUG }}" VULTR_API_KEY: "${{ secrets.VULTR_API_KEY }}" - working-directory: packer/ diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index db727a9a1..533ef70f5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -22,6 +22,14 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 + - name: Cache Docker layers + uses: actions/cache@v2 + with: + path: /tmp/.buildx-cache + key: ${{ runner.os }}-buildx-${{ github.sha }} + restore-keys: | + ${{ runner.os }}-buildx- + - name: BUILD uses: docker/build-push-action@v2 with: @@ -29,6 +37,8 @@ jobs: load: true tags: squidex-tmp build-args: "SQUIDEX__VERSION=${{ env.GITHUB_REF_SLUG }}" + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache-new - name: Export Image run: docker save squidex-tmp | gzip > squidex-tmp.tar.gz @@ -39,6 +49,11 @@ jobs: path: squidex-tmp.tar.gz key: squidex-release-image-${{ github.sha }} + - name: Move cache + run: | + rm -rf /tmp/.buildx-cache + mv /tmp/.buildx-cache-new /tmp/.buildx-cache + test: needs: build runs-on: ubuntu-latest @@ -147,8 +162,9 @@ jobs: - name: Get Binaries run: | mkdir /build 2> /dev/null - docker create --name squidex-container squidex-tmp - docker cp squidex-container:/app/. /build + docker run -d --name squidex-container squidex-tmp + docker cp squidex-container:/app/. /build/ + docker rm -f squidex-container - name: ZIP Binaries run: | diff --git a/helm/.helmignore b/helm/.helmignore new file mode 100644 index 000000000..0e8a0eb36 --- /dev/null +++ b/helm/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/helm/Chart.yaml b/helm/Chart.yaml new file mode 100644 index 000000000..af3524136 --- /dev/null +++ b/helm/Chart.yaml @@ -0,0 +1,27 @@ +apiVersion: v2 +type: application + +name: squidex +description: Squidex CMS + +version: 1.0.0 +appVersion: "5.7.0" + +home: https://squidex.io/ + +keywords: + - cms + - headless-cms + - mongodb + - csharp + - asp-net-core + - asp-net + +sources: + - https://github.com/Squidex/squidex + +dependencies: + - name: mongodb-replicaset + version: 3.9.6 + repository: https://kubernetes-charts.storage.googleapis.com/ + condition: mongodb-replicaset.enabled \ No newline at end of file diff --git a/helm/charts/mongodb-replicaset-3.9.6.tgz b/helm/charts/mongodb-replicaset-3.9.6.tgz new file mode 100644 index 000000000..3079c403c Binary files /dev/null and b/helm/charts/mongodb-replicaset-3.9.6.tgz differ diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl new file mode 100644 index 000000000..bb29cde14 --- /dev/null +++ b/helm/templates/_helpers.tpl @@ -0,0 +1,73 @@ +{{/* vim: set filetype=mustache: */}} + +{{- define "squidex.selectors" }} +{{- if .Values.selectors.component }} +app.kubernetes.io/component: {{ .Values.selectors.component }} +{{- end}} +app.kubernetes.io/name: {{ include "squidex.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- if .Values.selectors.partOf }} +app.kubernetes.io/part-of: {{ .Values.selectors.partOf }} +{{- end }} +{{- if .Values.selectors.version }} +app.kubernetes.io/version: {{ .Values.selectors.version | quote }} +{{- end -}} +{{- end -}} + +{{- define "squidex.labels" }} +{{- include "squidex.selectors" . }} +helm.sh/chart: {{ include "squidex.chart" . }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- if .Values.labels }} +{{- toYaml .Values.labels | nindent 4 }} +{{- end -}} +{{- end -}} + +{{- define "squidex.mongoDefaultHostname" }} + {{- $release := .Release}} + {{- $clusterSuffix := .Values.clusterSuffix}} + {{- range $index, $i := until (int (index .Values "mongodb-replicaset").replicas) }} + {{- $replica := printf "%s-mongodb-replicaset-%d.%s-mongodb-replicaset.%s.svc.%s" $release.Name $i $release.Name $release.Namespace $clusterSuffix }} + {{- if eq $i 0}} + {{- $replica }} + {{- else -}} + ,{{ $replica }} + {{- end }} + {{- end }} +{{- end }} + +{{- define "squidex.internalDnsName" }} + {{- .Release.Name }}- + {{- include "squidex.name" . }}. + {{- .Release.Namespace }}.svc. + {{- .Values.clusterSuffix}} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "squidex.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{- define "squidex.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "squidex.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/helm/templates/deployment.yaml b/helm/templates/deployment.yaml new file mode 100644 index 000000000..0d133a084 --- /dev/null +++ b/helm/templates/deployment.yaml @@ -0,0 +1,67 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "squidex.fullname" . }} + labels: + {{- include "squidex.labels" . | indent 4 }} +spec: + replicas: {{ .Values.deployment.replicaCount }} + selector: + matchLabels: + {{- include "squidex.selectors" . | indent 6 }} + template: + metadata: + labels: + {{- include "squidex.selectors" . | indent 8 }} + spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + containers: + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ default .Chart.AppVersion .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: http + containerPort: 80 + protocol: TCP + - name: orleans + containerPort: 11111 + protocol: TCP + livenessProbe: + httpGet: + path: /healthz + port: http + readinessProbe: + httpGet: + path: /readiness + port: http + resources: + {{- toYaml .Values.resources | nindent 12 }} + env: + {{- range $key, $val := .Values.env }} + {{- if (eq $key "URLS__BASEURL") }} + - name: {{ $key | quote }} + value: {{ required (printf "The value .Values.env.%s is required" $key) $val | quote }} + {{- else }} + - name: {{ $key | quote }} + value: {{ $val | quote }} + {{- end }} + {{- end }} + + {{- $mongoDefaultConnectionString := printf "mongodb://%s" (include "squidex.mongoDefaultHostname" .) }} + {{- if (not .Values.env.EVENTSTORE__MONGODB__CONFIGURATION) }} + - name: "EVENTSTORE__MONGODB__CONFIGURATION" + value: {{ $mongoDefaultConnectionString | quote }} + {{- end }} + {{- if (not .Values.env.STORE__MONGODB__CONFIGURATION) }} + - name: "STORE__MONGODB__CONFIGURATION" + value: {{ $mongoDefaultConnectionString | quote }} + {{- end }} + nodeSelector: + {{- toYaml .Values.nodeSelector | nindent 8 }} + affinity: + {{- toYaml .Values.affinity | nindent 8 }} + tolerations: + {{- toYaml .Values.tolerations | nindent 8 }} diff --git a/helm/templates/ingress.yaml b/helm/templates/ingress.yaml new file mode 100644 index 000000000..6b6c67211 --- /dev/null +++ b/helm/templates/ingress.yaml @@ -0,0 +1,34 @@ +{{- $fullName := include "squidex.fullname" . -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: {{ $fullName }} + namespace: {{ .Release.Namespace | quote }} + labels: + {{- include "squidex.labels" . | indent 4 }} + {{- with .Values.ingress.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +spec: +{{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . | quote }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} +{{- end }} + rules: + - host: {{ .Values.ingress.hostName | quote }} + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: {{ $fullName }} + port: + number: {{ .Values.service.port }} \ No newline at end of file diff --git a/helm/templates/service.yaml b/helm/templates/service.yaml new file mode 100644 index 000000000..6bab1add0 --- /dev/null +++ b/helm/templates/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ include "squidex.fullname" . }} + labels: + {{- include "squidex.labels" . | indent 4 }} +spec: + type: {{ .Values.service.type }} + ports: + - port: {{ .Values.service.port }} + targetPort: http + protocol: TCP + name: http + selector: + {{- include "squidex.selectors" . | indent 4 }} \ No newline at end of file diff --git a/helm/values.yaml b/helm/values.yaml new file mode 100644 index 000000000..9e0fa0eb3 --- /dev/null +++ b/helm/values.yaml @@ -0,0 +1,60 @@ +labels: +service: + type: ClusterIP + port: 80 +deployment: + replicaCount: 1 +selectors: + component: squidex + partOf: "" + version: "" +image: + repository: squidex/squidex + tag: "" + pullPolicy: IfNotPresent + +resources: { } +nodeSelector: { } +tolerations: [ ] +affinity: { } + +clusterSuffix: cluster.local + +ingress: + annotations: { } + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + hostName: squidex.local + + tls: [ ] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +env: + URLS__BASEURL: null + URLS__ENFORCEHTTPS: false + EVENTSTORE__CONSUME: true + EVENTSTORE__TYPE: MongoDb + IDENTITY__ADMINEMAIL: null + IDENTITY__ADMINPASSWORD: null + IDENTITY__SHOWPII: true + LETSENCRYPT_HOST: null + LETSENCRYPT_EMAIL: null + LOGGING__HUMAN: "false" + EVENTSTORE__MONGODB__DATABASE: "Squidex" + STORE__MONGODB__DATABASE: "Squidex" + STORE__MONGODB__CONTENTDATABASE: "SquidexContent" + IDENTITY__GOOGLECLIENT: null + IDENTITY__GOOGLESECRET: null + IDENTITY__MICROSOFTCLIENT: null + IDENTITY__MICROSOFTSECRET: null + IDENTITY__GITHUBCLIENT: null + IDENTITY__GITHUBSECRET: null + IDENTITY__ALLOWPASSWORDAUTH: "true" + IDENTITY__LOCKAUTOMATICALLY: "false" + ORLEANS__CLUSTERING: MongoDB + +mongodb-replicaset: + enabled: true + replicas: 3 \ No newline at end of file diff --git a/render.yaml b/render.yaml index 5713ca61f..e989c164b 100644 --- a/render.yaml +++ b/render.yaml @@ -1,4 +1,3 @@ -autoDeploy: false services: - type: web name: squidex_squidex @@ -21,6 +20,7 @@ services: property: hostport - key: ASPNETCORE_URLS value: http://+:5000 + autoDeploy: true - type: pserv name: squidex_mongo env: docker @@ -30,4 +30,5 @@ services: disk: name: db mountPath: /data/db - sizeGB: 10 \ No newline at end of file + sizeGB: 10 + autoDeploy: true