diff --git a/deployment/cicd/Jenkinsfile b/deployment/cicd/Jenkinsfile new file mode 100644 index 0000000..8ba01b8 --- /dev/null +++ b/deployment/cicd/Jenkinsfile @@ -0,0 +1,225 @@ +def PIPELINE_ID = "${env.BUILD_NUMBER}" + +def getImageTag() { + def dateFormat = new java.text.SimpleDateFormat('yyyyMMddHHmmss') + def currentDate = new Date() + return dateFormat.format(currentDate) +} + +podTemplate( + label: "${PIPELINE_ID}", + serviceAccount: 'jenkins', + slaveConnectTimeout: 300, + idleMinutes: 1, + activeDeadlineSeconds: 3600, + podRetention: never(), // 파드 자동 정리 옵션: never(), onFailure(), always(), default() + yaml: ''' + spec: + terminationGracePeriodSeconds: 3 + restartPolicy: Never + tolerations: + - effect: NoSchedule + key: dedicated + operator: Equal + value: cicd + ''', + containers: [ + containerTemplate( + name: 'podman', + image: "mgoltzsche/podman", + ttyEnabled: true, + command: 'cat', + privileged: true, + resourceRequestCpu: '500m', + resourceRequestMemory: '2Gi', + resourceLimitCpu: '2000m', + resourceLimitMemory: '4Gi' + ), + containerTemplate( + name: 'gradle', + image: 'gradle:jdk21', + ttyEnabled: true, + command: 'cat', + resourceRequestCpu: '500m', + resourceRequestMemory: '1Gi', + resourceLimitCpu: '1000m', + resourceLimitMemory: '2Gi', + envVars: [ + envVar(key: 'DOCKER_HOST', value: 'unix:///run/podman/podman.sock'), + envVar(key: 'TESTCONTAINERS_DOCKER_SOCKET_OVERRIDE', value: '/run/podman/podman.sock'), + envVar(key: 'TESTCONTAINERS_RYUK_DISABLED', value: 'true') + ] + ), + containerTemplate( + name: 'azure-cli', + image: 'hiondal/azure-kubectl:latest', + command: 'cat', + ttyEnabled: true, + resourceRequestCpu: '200m', + resourceRequestMemory: '512Mi', + resourceLimitCpu: '500m', + resourceLimitMemory: '1Gi' + ) + ], + volumes: [ + emptyDirVolume(mountPath: '/home/gradle/.gradle', memory: false), + emptyDirVolume(mountPath: '/root/.azure', memory: false), + emptyDirVolume(mountPath: '/run/podman', memory: false) + ] +) { + node(PIPELINE_ID) { + def props + //def imageTag = getImageTag() + def imageTag = "dg0500" + def environment = params.ENVIRONMENT ?: 'dev' + def skipSonarQube = (params.SKIP_SONARQUBE?.toLowerCase() == 'true') + def services = ['api-gateway', 'user-service', 'bill-service', 'product-service', 'kos-mock'] + + try { + stage("Get Source") { + checkout scm + props = readProperties file: "deployment/cicd/config/deploy_env_vars_${environment}" + } + + stage("Setup AKS") { + container('azure-cli') { + withCredentials([azureServicePrincipal('azure-credentials')]) { + sh """ + az login --service-principal -u \$AZURE_CLIENT_ID -p \$AZURE_CLIENT_SECRET -t \$AZURE_TENANT_ID + az aks get-credentials --resource-group ${props.resource_group} --name ${props.cluster_name} --overwrite-existing + kubectl create namespace phonebill-dg0500 --dry-run=client -o yaml | kubectl apply -f - + """ + } + } + } + + stage('Build') { + container('gradle') { + sh """ + chmod +x gradlew + ./gradlew build -x test + """ + } + } + + stage('SonarQube Analysis & Quality Gate') { + if (skipSonarQube) { + echo "⏭️ Skipping SonarQube Analysis (SKIP_SONARQUBE=${params.SKIP_SONARQUBE})" + } else { + container('gradle') { + withSonarQubeEnv('SonarQube') { + // 각 서비스별 테스트 및 SonarQube 분석 + services.each { service -> + sh """ + ./gradlew :${service}:test :${service}:jacocoTestReport :${service}:sonar \\ + -Dsonar.projectKey=phonebill-${service}-dg0500 \\ + -Dsonar.projectName=phonebill-${service}-dg0500 \\ + -Dsonar.java.binaries=build/classes/java/main \\ + -Dsonar.coverage.jacoco.xmlReportPaths=build/reports/jacoco/test/jacocoTestReport.xml \\ + -Dsonar.exclusions=**/config/**,**/entity/**,**/dto/**,**/*Application.class,**/exception/** + """ + } + + // Quality Gate 확인 + timeout(time: 10, unit: 'MINUTES') { + def qg = waitForQualityGate() + if (qg.status != 'OK') { + error "Pipeline aborted due to quality gate failure: ${qg.status}" + } + } + } + } + } + } + + stage('Build & Push Images') { + timeout(time: 30, unit: 'MINUTES') { + container('podman') { + withCredentials([ + usernamePassword( + credentialsId: 'acr-credentials', + usernameVariable: 'ACR_USERNAME', + passwordVariable: 'ACR_PASSWORD' + ), + usernamePassword( + credentialsId: 'dockerhub-credentials', + usernameVariable: 'DOCKERHUB_USERNAME', + passwordVariable: 'DOCKERHUB_PASSWORD' + ) + ]) { + // Docker Hub 로그인 (rate limit 해결) + sh "podman login docker.io --username \$DOCKERHUB_USERNAME --password \$DOCKERHUB_PASSWORD" + + // ACR 로그인 + sh "podman login acrdigitalgarage01.azurecr.io --username \$ACR_USERNAME --password \$ACR_PASSWORD" + + services.each { service -> + sh """ + podman build \\ + --build-arg BUILD_LIB_DIR="${service}/build/libs" \\ + --build-arg ARTIFACTORY_FILE="${service}.jar" \\ + -f deployment/container/Dockerfile-backend \\ + -t acrdigitalgarage01.azurecr.io/phonebill/${service}:${environment}-${imageTag} . + + podman push acrdigitalgarage01.azurecr.io/phonebill/${service}:${environment}-${imageTag} + """ + } + } + } + } + } + + stage('Update Kustomize & Deploy') { + container('azure-cli') { + sh """ + # Kustomize 설치 (sudo 없이 사용자 디렉토리에 설치) + curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | bash + mkdir -p \$HOME/bin + mv kustomize \$HOME/bin/ + export PATH=\$PATH:\$HOME/bin + + # 환경별 디렉토리로 이동 + cd deployment/cicd/kustomize/overlays/${environment} + + # 서비스 목록 정의 (실제 서비스명으로 교체, 공백으로 구분) + services="api-gateway user-service bill-service product-service kos-mock" + + # 이미지 태그 업데이트 + for service in \$services; do + \$HOME/bin/kustomize edit set image acrdigitalgarage01.azurecr.io/phonebill/\$service:${environment}-${imageTag} + done + + # 매니페스트 적용 + kubectl apply -k . + + # 배포 상태 확인 + echo "Waiting for deployments to be ready..." + for service in \$services; do + kubectl -n phonebill-dg0500 wait --for=condition=available deployment/\$service --timeout=300s + done + """ + } + } + + // 파이프라인 완료 로그 (Scripted Pipeline 방식) + stage('Pipeline Complete') { + echo "🧹 Pipeline completed. Pod cleanup handled by Jenkins Kubernetes Plugin." + + // 성공/실패 여부 로깅 + if (currentBuild.result == null || currentBuild.result == 'SUCCESS') { + echo "✅ Pipeline completed successfully!" + } else { + echo "❌ Pipeline failed with result: ${currentBuild.result}" + } + } + + } catch (Exception e) { + currentBuild.result = 'FAILURE' + echo "❌ Pipeline failed with exception: ${e.getMessage()}" + throw e + } finally { + echo "🧹 Cleaning up resources and preparing for pod termination..." + echo "Pod will be terminated in 3 seconds due to terminationGracePeriodSeconds: 3" + } + } +} \ No newline at end of file diff --git a/deployment/cicd/config/deploy_env_vars_dev b/deployment/cicd/config/deploy_env_vars_dev new file mode 100644 index 0000000..5a49197 --- /dev/null +++ b/deployment/cicd/config/deploy_env_vars_dev @@ -0,0 +1,3 @@ +# dev Environment Configuration +resource_group=rg-digitalgarage-01 +cluster_name=aks-digitalgarage-01 \ No newline at end of file diff --git a/deployment/cicd/config/deploy_env_vars_prod b/deployment/cicd/config/deploy_env_vars_prod new file mode 100644 index 0000000..53ee4a0 --- /dev/null +++ b/deployment/cicd/config/deploy_env_vars_prod @@ -0,0 +1,3 @@ +# prod Environment Configuration +resource_group=rg-digitalgarage-01 +cluster_name=aks-digitalgarage-01 \ No newline at end of file diff --git a/deployment/cicd/config/deploy_env_vars_staging b/deployment/cicd/config/deploy_env_vars_staging new file mode 100644 index 0000000..5873b90 --- /dev/null +++ b/deployment/cicd/config/deploy_env_vars_staging @@ -0,0 +1,3 @@ +# staging Environment Configuration +resource_group=rg-digitalgarage-01 +cluster_name=aks-digitalgarage-01 \ No newline at end of file diff --git a/deployment/cicd/jenkins-pipeline-guide.md b/deployment/cicd/jenkins-pipeline-guide.md new file mode 100644 index 0000000..128112b --- /dev/null +++ b/deployment/cicd/jenkins-pipeline-guide.md @@ -0,0 +1,377 @@ +# phonebill Jenkins CI/CD 파이프라인 구축 가이드 + +## 📋 개요 + +본 가이드는 phonebill 프로젝트를 위한 Jenkins + Kustomize 기반 CI/CD 파이프라인 구축 방법을 제공합니다. + +### 프로젝트 정보 +- **시스템명**: phonebill +- **서비스 목록**: api-gateway, user-service, bill-service, product-service, kos-mock +- **JDK 버전**: 21 +- **Azure 환경**: + - ACR: acrdigitalgarage01 + - 리소스 그룹: rg-digitalgarage-01 + - AKS 클러스터: aks-digitalgarage-01 + - 네임스페이스: phonebill-dg0500 + +## 🏗️ 파이프라인 아키텍처 + +### 주요 구성 요소 +- **빌드**: Gradle 기반 멀티모듈 빌드 +- **품질 검증**: SonarQube 분석 & Quality Gate +- **컨테이너화**: Podman 기반 이미지 빌드 +- **배포**: Kustomize를 통한 환경별 배포 +- **인프라**: AKS (Azure Kubernetes Service) + +### 환경별 설정 +| 환경 | Replicas | CPU Request | Memory Request | CPU Limit | Memory Limit | +|------|----------|-------------|----------------|-----------|--------------| +| dev | 1 | 256m | 256Mi | 1024m | 1024Mi | +| staging | 2 | 512m | 512Mi | 2048m | 2048Mi | +| prod | 3 | 1024m | 1024Mi | 4096m | 4096Mi | + +## 🚀 Jenkins 서버 환경 구성 + +### 1. Jenkins 필수 플러그인 설치 + +Jenkins 관리 > Plugin Manager에서 다음 플러그인들을 설치해주세요: + +```bash +# Jenkins 필수 플러그인 목록 +- Kubernetes +- Pipeline Utility Steps +- Docker Pipeline +- GitHub +- SonarQube Scanner +- Azure Credentials +``` + +### 2. Jenkins Credentials 등록 + +**Manage Jenkins > Credentials > Add Credentials**에서 다음 인증 정보들을 등록해주세요: + +#### Azure Service Principal +``` +Kind: Microsoft Azure Service Principal +ID: azure-credentials +Subscription ID: {구독ID} +Client ID: {클라이언트ID} +Client Secret: {클라이언트시크릿} +Tenant ID: {테넌트ID} +Azure Environment: Azure +``` + +#### ACR Credentials +``` +Kind: Username with password +ID: acr-credentials +Username: acrdigitalgarage01 +Password: {ACR_PASSWORD} +``` + +#### Docker Hub Credentials (Rate Limit 해결용) +``` +Kind: Username with password +ID: dockerhub-credentials +Username: {DOCKERHUB_USERNAME} +Password: {DOCKERHUB_PASSWORD} +참고: Docker Hub 무료 계정 생성 (https://hub.docker.com) +``` + +#### SonarQube Token +``` +Kind: Secret text +ID: sonarqube-token +Secret: {SonarQube토큰} +``` + +## 📂 Kustomize 구조 + +``` +deployment/cicd/kustomize/ +├── base/ +│ ├── kustomization.yaml # Base 설정 +│ ├── common/ # 공통 리소스 +│ │ ├── cm-common.yaml +│ │ ├── secret-common.yaml +│ │ ├── secret-imagepull.yaml +│ │ └── ingress.yaml +│ ├── api-gateway/ # API Gateway 리소스 +│ │ ├── deployment.yaml +│ │ ├── service.yaml +│ │ └── cm-api-gateway.yaml +│ ├── user-service/ # User Service 리소스 +│ │ ├── deployment.yaml +│ │ ├── service.yaml +│ │ ├── cm-user-service.yaml +│ │ └── secret-user-service.yaml +│ ├── bill-service/ # Bill Service 리소스 +│ │ ├── deployment.yaml +│ │ ├── service.yaml +│ │ ├── cm-bill-service.yaml +│ │ └── secret-bill-service.yaml +│ ├── product-service/ # Product Service 리소스 +│ │ ├── deployment.yaml +│ │ ├── service.yaml +│ │ ├── cm-product-service.yaml +│ │ └── secret-product-service.yaml +│ └── kos-mock/ # KOS Mock 리소스 +│ ├── deployment.yaml +│ ├── service.yaml +│ └── cm-kos-mock.yaml +└── overlays/ + ├── dev/ # 개발 환경 + │ ├── kustomization.yaml + │ ├── cm-common-patch.yaml + │ ├── secret-common-patch.yaml + │ ├── ingress-patch.yaml + │ ├── deployment-*-patch.yaml (각 서비스별) + │ └── secret-*-patch.yaml (Secret 보유 서비스) + ├── staging/ # 스테이징 환경 + │ └── (dev와 동일한 구조) + └── prod/ # 운영 환경 + └── (dev와 동일한 구조) +``` + +## 🔧 Jenkins Pipeline Job 생성 + +### 1. 새 Pipeline Job 생성 +1. Jenkins 대시보드에서 **New Item** 클릭 +2. **Pipeline** 선택하고 프로젝트명 입력 +3. **OK** 클릭 + +### 2. Pipeline 설정 +#### General 탭 +- **Build Parameters** 추가: + ``` + ENVIRONMENT: Choice Parameter + Choices: dev, staging, prod + Default: dev + + IMAGE_TAG: String Parameter + Default: latest + Description: 이미지 태그 (기본값: latest) + + SKIP_SONARQUBE: String Parameter + Default: true + Description: SonarQube 분석 건너뛰기 (true/false) + ``` + +#### Pipeline 탭 +``` +Definition: Pipeline script from SCM +SCM: Git +Repository URL: {Git저장소URL} +Branch: main (또는 develop) +Script Path: deployment/cicd/Jenkinsfile +``` + +## 📊 SonarQube 프로젝트 설정 + +### 1. 각 서비스별 SonarQube 프로젝트 생성 +- phonebill-api-gateway-{환경} +- phonebill-user-service-{환경} +- phonebill-bill-service-{환경} +- phonebill-product-service-{환경} +- phonebill-kos-mock-{환경} + +### 2. Quality Gate 설정 +``` +Coverage: >= 80% +Duplicated Lines: <= 3% +Maintainability Rating: <= A +Reliability Rating: <= A +Security Rating: <= A +``` + +## 🚀 배포 실행 방법 + +### 1. Jenkins Pipeline 실행 +1. Jenkins > {프로젝트명} > **Build with Parameters** 클릭 +2. 파라미터 설정: + - **ENVIRONMENT**: dev/staging/prod 선택 + - **IMAGE_TAG**: 이미지 태그 입력 (선택사항) + - **SKIP_SONARQUBE**: SonarQube 분석 건너뛰려면 "true", 실행하려면 "false" +3. **Build** 클릭 + +### 2. 수동 배포 (스크립트 사용) +```bash +# 개발 환경 배포 +./deployment/cicd/scripts/deploy.sh dev 20241230120000 + +# 스테이징 환경 배포 +./deployment/cicd/scripts/deploy.sh staging 20241230120000 + +# 운영 환경 배포 +./deployment/cicd/scripts/deploy.sh prod 20241230120000 +``` + +### 3. 배포 상태 확인 +```bash +# Pod 상태 확인 +kubectl get pods -n phonebill-dg0500 + +# 서비스 상태 확인 +kubectl get services -n phonebill-dg0500 + +# Ingress 상태 확인 +kubectl get ingress -n phonebill-dg0500 + +# 특정 서비스 로그 확인 +kubectl logs -f deployment/user-service -n phonebill-dg0500 +``` + +## 🔍 리소스 검증 + +### 리소스 검증 스크립트 실행 +```bash +# 모든 Kustomize 리소스 검증 +./deployment/cicd/scripts/validate-resources.sh +``` + +### 수동 검증 명령어 +```bash +# Base 검증 +kubectl kustomize deployment/cicd/kustomize/base/ + +# 환경별 검증 +kubectl kustomize deployment/cicd/kustomize/overlays/dev/ +kubectl kustomize deployment/cicd/kustomize/overlays/staging/ +kubectl kustomize deployment/cicd/kustomize/overlays/prod/ +``` + +## 🔄 롤백 방법 + +### 1. Kubernetes 롤백 +```bash +# 특정 버전으로 롤백 +kubectl rollout undo deployment/{서비스명} -n phonebill-dg0500 --to-revision=2 + +# 롤백 상태 확인 +kubectl rollout status deployment/{서비스명} -n phonebill-dg0500 +``` + +### 2. 이미지 태그 기반 롤백 +```bash +# 이전 안정 버전 이미지 태그로 업데이트 +cd deployment/cicd/kustomize/overlays/{환경} +kustomize edit set image acrdigitalgarage01.azurecr.io/phonebill/{서비스명}:{환경}-{이전태그} +kubectl apply -k . +``` + +## 🎯 파이프라인 단계별 설명 + +### 1. Get Source +- Git 저장소에서 소스코드 체크아웃 +- 환경별 설정 파일 로드 + +### 2. Setup AKS +- Azure CLI를 통한 AKS 클러스터 연결 +- 네임스페이스 생성 (phonebill-dg0500) + +### 3. Build +- Gradle을 통한 멀티모듈 빌드 +- 테스트는 SonarQube 단계에서 실행 + +### 4. SonarQube Analysis & Quality Gate +- 각 서비스별 개별 테스트 실행 +- JaCoCo 코드 커버리지 리포트 생성 +- SonarQube 정적 분석 +- Quality Gate 통과 검증 + +### 5. Build & Push Images +- Podman을 통한 컨테이너 이미지 빌드 +- 환경별 태그로 ACR에 푸시 +- 30분 타임아웃 설정 + +### 6. Update Kustomize & Deploy +- Kustomize를 통한 이미지 태그 업데이트 +- 환경별 매니페스트 적용 +- 배포 완료까지 대기 (5분 타임아웃) + +### 7. Pipeline Complete +- 파이프라인 완료 상태 로깅 +- Pod 자동 정리 (3초 후 종료) + +## ⚠️ 주의사항 + +### 1. 파드 자동 정리 +- 파이프라인 완료 시 에이전트 파드 자동 삭제 +- `podRetention: never()` 설정으로 즉시 정리 +- 리소스 절약을 위한 필수 설정 + +### 2. 변수 참조 문법 +- Jenkins Groovy에서는 `${variable}` 사용 +- `\${variable}` 사용 시 "syntax error: bad substitution" 오류 발생 + +### 3. 쉘 호환성 +- Jenkins 컨테이너 기본 쉘이 `/bin/sh`인 경우 +- Bash 배열 문법 `()` 미지원으로 공백 구분 문자열 사용 + +### 4. 환경별 설정 차이점 +- **DEV**: SSL 리다이렉트 비활성화, 기본 도메인 사용 +- **STAGING/PROD**: SSL 리다이렉트 활성화, 사용자 정의 도메인, 인증서 설정 + +## 🛠️ 트러블슈팅 + +### 1. 빌드 실패 +```bash +# Gradle 캐시 클리어 +./gradlew clean build + +# JDK 버전 확인 +java -version +``` + +### 2. 이미지 푸시 실패 +```bash +# ACR 로그인 확인 +az acr login --name acrdigitalgarage01 + +# Docker Hub rate limit 확인 +docker info | grep -i rate +``` + +### 3. 배포 실패 +```bash +# 네임스페이스 확인 +kubectl get namespaces + +# 리소스 상태 확인 +kubectl describe deployment/{서비스명} -n phonebill-dg0500 +``` + +### 4. SonarQube 분석 실패 +- SonarQube 서버 연결 상태 확인 +- 토큰 유효성 검증 +- Quality Gate 설정 확인 + +## 📈 모니터링 및 로그 + +### 1. Jenkins 빌드 히스토리 +- 각 단계별 실행 시간 추적 +- 실패 단계 및 원인 분석 + +### 2. 애플리케이션 로그 +```bash +# 실시간 로그 모니터링 +kubectl logs -f deployment/{서비스명} -n phonebill-dg0500 + +# 특정 기간 로그 확인 +kubectl logs deployment/{서비스명} -n phonebill-dg0500 --since=1h +``` + +### 3. 성능 메트릭 +- Kubernetes 메트릭 서버 활용 +- 각 서비스별 리소스 사용량 모니터링 + +--- + +## 📞 지원 + +문의사항이나 문제 발생 시: +1. Jenkins 빌드 로그 확인 +2. Kubernetes 이벤트 확인: `kubectl get events -n phonebill-dg0500` +3. 리소스 검증 스크립트 실행: `./deployment/cicd/scripts/validate-resources.sh` + +**최운영/데옵스**: phonebill Jenkins CI/CD 파이프라인이 성공적으로 구축되었습니다! 🎉 \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/api-gateway/cm-api-gateway.yaml b/deployment/cicd/kustomize/base/api-gateway/cm-api-gateway.yaml new file mode 100644 index 0000000..aa83a94 --- /dev/null +++ b/deployment/cicd/kustomize/base/api-gateway/cm-api-gateway.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: cm-api-gateway +data: + SERVER_PORT: "8080" + BILL_SERVICE_URL: "http://bill-service" + PRODUCT_SERVICE_URL: "http://product-service" + USER_SERVICE_URL: "http://user-service" + KOS_MOCK_URL: "http://kos-mock" \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/api-gateway/deployment.yaml b/deployment/cicd/kustomize/base/api-gateway/deployment.yaml new file mode 100644 index 0000000..ceb7e8c --- /dev/null +++ b/deployment/cicd/kustomize/base/api-gateway/deployment.yaml @@ -0,0 +1,57 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: api-gateway +spec: + replicas: 1 + selector: + matchLabels: + app: api-gateway + template: + metadata: + labels: + app: api-gateway + spec: + imagePullSecrets: + - name: phonebill + containers: + - name: api-gateway + image: acrdigitalgarage01.azurecr.io/phonebill/api-gateway:latest + imagePullPolicy: Always + ports: + - containerPort: 8080 + envFrom: + - configMapRef: + name: cm-common + - configMapRef: + name: cm-api-gateway + - secretRef: + name: secret-common + resources: + requests: + cpu: 256m + memory: 256Mi + limits: + cpu: 1024m + memory: 1024Mi + startupProbe: + httpGet: + path: /health + port: 8080 + initialDelaySeconds: 30 + periodSeconds: 10 + failureThreshold: 6 + readinessProbe: + httpGet: + path: /health + port: 8080 + initialDelaySeconds: 10 + periodSeconds: 5 + failureThreshold: 3 + livenessProbe: + httpGet: + path: /health + port: 8080 + initialDelaySeconds: 30 + periodSeconds: 10 + failureThreshold: 3 \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/api-gateway/service.yaml b/deployment/cicd/kustomize/base/api-gateway/service.yaml new file mode 100644 index 0000000..e1f6460 --- /dev/null +++ b/deployment/cicd/kustomize/base/api-gateway/service.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Service +metadata: + name: api-gateway +spec: + selector: + app: api-gateway + ports: + - port: 80 + targetPort: 8080 + type: ClusterIP diff --git a/deployment/cicd/kustomize/base/bill-service/cm-bill-service.yaml b/deployment/cicd/kustomize/base/bill-service/cm-bill-service.yaml new file mode 100644 index 0000000..9281f36 --- /dev/null +++ b/deployment/cicd/kustomize/base/bill-service/cm-bill-service.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: cm-bill-service +data: + SERVER_PORT: "8082" + DB_KIND: "postgresql" + DB_PORT: "5432" + DB_CONNECTION_TIMEOUT: "30000" + DB_IDLE_TIMEOUT: "600000" + DB_LEAK_DETECTION: "60000" + DB_MAX_LIFETIME: "1800000" + DB_MAX_POOL: "20" + DB_MIN_IDLE: "5" + KOS_BASE_URL: "http://kos-mock" + REDIS_DATABASE: "1" + REDIS_MAX_ACTIVE: "8" + REDIS_MAX_IDLE: "8" + REDIS_MAX_WAIT: "-1" + REDIS_MIN_IDLE: "0" + REDIS_TIMEOUT: "2000" \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/bill-service/deployment.yaml b/deployment/cicd/kustomize/base/bill-service/deployment.yaml new file mode 100644 index 0000000..78a42dd --- /dev/null +++ b/deployment/cicd/kustomize/base/bill-service/deployment.yaml @@ -0,0 +1,59 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: bill-service +spec: + replicas: 1 + selector: + matchLabels: + app: bill-service + template: + metadata: + labels: + app: bill-service + spec: + imagePullSecrets: + - name: phonebill + containers: + - name: bill-service + image: acrdigitalgarage01.azurecr.io/phonebill/bill-service:latest + imagePullPolicy: Always + ports: + - containerPort: 8082 + envFrom: + - configMapRef: + name: cm-common + - configMapRef: + name: cm-bill-service + - secretRef: + name: secret-common + - secretRef: + name: secret-bill-service + resources: + requests: + cpu: 256m + memory: 256Mi + limits: + cpu: 1024m + memory: 1024Mi + startupProbe: + httpGet: + path: /actuator/health + port: 8082 + initialDelaySeconds: 30 + periodSeconds: 10 + failureThreshold: 6 + readinessProbe: + httpGet: + path: /actuator/health/readiness + port: 8082 + initialDelaySeconds: 10 + periodSeconds: 5 + failureThreshold: 3 + livenessProbe: + httpGet: + path: /actuator/health/liveness + port: 8082 + initialDelaySeconds: 30 + periodSeconds: 10 + failureThreshold: 3 \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/bill-service/secret-bill-service.yaml b/deployment/cicd/kustomize/base/bill-service/secret-bill-service.yaml new file mode 100644 index 0000000..caaa7cf --- /dev/null +++ b/deployment/cicd/kustomize/base/bill-service/secret-bill-service.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-bill-service +type: Opaque +stringData: + DB_HOST: "bill-inquiry-postgres-dev-postgresql" + DB_NAME: "bill_inquiry_db" + DB_USERNAME: "bill_inquiry_user" + DB_PASSWORD: "BillUser2025@" diff --git a/deployment/cicd/kustomize/base/bill-service/service.yaml b/deployment/cicd/kustomize/base/bill-service/service.yaml new file mode 100644 index 0000000..1e6373b --- /dev/null +++ b/deployment/cicd/kustomize/base/bill-service/service.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Service +metadata: + name: bill-service +spec: + selector: + app: bill-service + ports: + - port: 80 + targetPort: 8082 + type: ClusterIP \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/common/cm-common.yaml b/deployment/cicd/kustomize/base/common/cm-common.yaml new file mode 100644 index 0000000..3c16172 --- /dev/null +++ b/deployment/cicd/kustomize/base/common/cm-common.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: cm-common +data: + CORS_ALLOWED_ORIGINS: "http://localhost:8081,http://localhost:8082,http://localhost:8083,http://localhost:8084,http://phonebill-dg0500.20.214.196.128.nip.io" + JWT_ACCESS_TOKEN_VALIDITY: "18000000" + JWT_REFRESH_TOKEN_VALIDITY: "86400000" + REDIS_PORT: "6379" + SPRING_PROFILES_ACTIVE: "dev" + DDL_AUTO: "update" \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/common/ingress.yaml b/deployment/cicd/kustomize/base/common/ingress.yaml new file mode 100644 index 0000000..da97115 --- /dev/null +++ b/deployment/cicd/kustomize/base/common/ingress.yaml @@ -0,0 +1,49 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: phonebill + annotations: + kubernetes.io/ingress.class: nginx + nginx.ingress.kubernetes.io/ssl-redirect: "false" +spec: + ingressClassName: nginx + rules: + - host: phonebill-dg0500-api.20.214.196.128.nip.io + http: + paths: + - path: /api/v1/auth + pathType: Prefix + backend: + service: + name: user-service + port: + number: 80 + - path: /api/v1/users + pathType: Prefix + backend: + service: + name: user-service + port: + number: 80 + - path: /api/v1/bills + pathType: Prefix + backend: + service: + name: bill-service + port: + number: 80 + - path: /api/v1/products + pathType: Prefix + backend: + service: + name: product-service + port: + number: 80 + - path: /api/v1/kos + pathType: Prefix + backend: + service: + name: kos-mock + port: + number: 80 + diff --git a/deployment/cicd/kustomize/base/common/secret-common.yaml b/deployment/cicd/kustomize/base/common/secret-common.yaml new file mode 100644 index 0000000..53795ab --- /dev/null +++ b/deployment/cicd/kustomize/base/common/secret-common.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-common +type: Opaque +stringData: + JWT_SECRET: "nwe5Yo9qaJ6FBD/Thl2/j6/SFAfNwUorAY1ZcWO2KI7uA4bmVLOCPxE9hYuUpRCOkgV2UF2DdHXtqHi3+BU/ecbz2zpHyf/720h48UbA3XOMYOX1sdM+dQ==" + REDIS_HOST: "redis-cache-dev-master" + REDIS_PASSWORD: "Redis2025Dev@" \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/common/secret-imagepull.yaml b/deployment/cicd/kustomize/base/common/secret-imagepull.yaml new file mode 100644 index 0000000..6bd576e --- /dev/null +++ b/deployment/cicd/kustomize/base/common/secret-imagepull.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Secret +metadata: + name: phonebill +type: kubernetes.io/dockerconfigjson +stringData: + .dockerconfigjson: | + { + "auths": { + "acrdigitalgarage01.azurecr.io": { + "username": "acrdigitalgarage01", + "password": "+OY+rmOagorjWvQe/tTk6oqvnZI8SmNbY/Y2o5EDcY+ACRDCDbYk", + "auth": "YWNyZGlnaXRhbGdhcmFnZTAxOitPWStybU9hZ29yald2UWUvdFRrNm9xdm5aSThTbU5iWS9ZMm81RURjWStBQ1JEQ0RiWWs=" + } + } + } \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/kos-mock/cm-kos-mock.yaml b/deployment/cicd/kustomize/base/kos-mock/cm-kos-mock.yaml new file mode 100644 index 0000000..3e55476 --- /dev/null +++ b/deployment/cicd/kustomize/base/kos-mock/cm-kos-mock.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: cm-kos-mock +data: + SERVER_PORT: "8084" \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/kos-mock/deployment.yaml b/deployment/cicd/kustomize/base/kos-mock/deployment.yaml new file mode 100644 index 0000000..bd588f4 --- /dev/null +++ b/deployment/cicd/kustomize/base/kos-mock/deployment.yaml @@ -0,0 +1,57 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: kos-mock +spec: + replicas: 1 + selector: + matchLabels: + app: kos-mock + template: + metadata: + labels: + app: kos-mock + spec: + imagePullSecrets: + - name: phonebill + containers: + - name: kos-mock + image: acrdigitalgarage01.azurecr.io/phonebill/kos-mock:latest + imagePullPolicy: Always + ports: + - containerPort: 8084 + envFrom: + - configMapRef: + name: cm-common + - configMapRef: + name: cm-kos-mock + - secretRef: + name: secret-common + resources: + requests: + cpu: 256m + memory: 256Mi + limits: + cpu: 1024m + memory: 1024Mi + startupProbe: + httpGet: + path: /actuator/health + port: 8084 + initialDelaySeconds: 30 + periodSeconds: 10 + failureThreshold: 6 + readinessProbe: + httpGet: + path: /actuator/health/readiness + port: 8084 + initialDelaySeconds: 10 + periodSeconds: 5 + failureThreshold: 3 + livenessProbe: + httpGet: + path: /actuator/health/liveness + port: 8084 + initialDelaySeconds: 30 + periodSeconds: 10 + failureThreshold: 3 \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/kos-mock/service.yaml b/deployment/cicd/kustomize/base/kos-mock/service.yaml new file mode 100644 index 0000000..fdb5336 --- /dev/null +++ b/deployment/cicd/kustomize/base/kos-mock/service.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Service +metadata: + name: kos-mock +spec: + selector: + app: kos-mock + ports: + - port: 80 + targetPort: 8084 + type: ClusterIP \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/kustomization.yaml b/deployment/cicd/kustomize/base/kustomization.yaml new file mode 100644 index 0000000..0da6c87 --- /dev/null +++ b/deployment/cicd/kustomize/base/kustomization.yaml @@ -0,0 +1,56 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +metadata: + name: phonebill-base + +resources: + # Common resources + - common/cm-common.yaml + - common/secret-common.yaml + - common/secret-imagepull.yaml + - common/ingress.yaml + + # api-gateway + - api-gateway/deployment.yaml + - api-gateway/service.yaml + - api-gateway/cm-api-gateway.yaml + + # user-service + - user-service/deployment.yaml + - user-service/service.yaml + - user-service/cm-user-service.yaml + - user-service/secret-user-service.yaml + + # bill-service + - bill-service/deployment.yaml + - bill-service/service.yaml + - bill-service/cm-bill-service.yaml + - bill-service/secret-bill-service.yaml + + # product-service + - product-service/deployment.yaml + - product-service/service.yaml + - product-service/cm-product-service.yaml + - product-service/secret-product-service.yaml + + # kos-mock + - kos-mock/deployment.yaml + - kos-mock/service.yaml + - kos-mock/cm-kos-mock.yaml + +commonLabels: + app: phonebill + version: v1 + +images: + - name: acrdigitalgarage01.azurecr.io/phonebill/api-gateway + newTag: latest + - name: acrdigitalgarage01.azurecr.io/phonebill/user-service + newTag: latest + - name: acrdigitalgarage01.azurecr.io/phonebill/bill-service + newTag: latest + - name: acrdigitalgarage01.azurecr.io/phonebill/product-service + newTag: latest + - name: acrdigitalgarage01.azurecr.io/phonebill/kos-mock + newTag: latest \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/product-service/cm-product-service.yaml b/deployment/cicd/kustomize/base/product-service/cm-product-service.yaml new file mode 100644 index 0000000..5a3893d --- /dev/null +++ b/deployment/cicd/kustomize/base/product-service/cm-product-service.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: cm-product-service +data: + SERVER_PORT: "8083" + DB_KIND: "postgresql" + DB_PORT: "5432" + KOS_BASE_URL: "http://kos-mock" + REDIS_DATABASE: "2" \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/product-service/deployment.yaml b/deployment/cicd/kustomize/base/product-service/deployment.yaml new file mode 100644 index 0000000..0b463a3 --- /dev/null +++ b/deployment/cicd/kustomize/base/product-service/deployment.yaml @@ -0,0 +1,59 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: product-service +spec: + replicas: 1 + selector: + matchLabels: + app: product-service + template: + metadata: + labels: + app: product-service + spec: + imagePullSecrets: + - name: phonebill + containers: + - name: product-service + image: acrdigitalgarage01.azurecr.io/phonebill/product-service:latest + imagePullPolicy: Always + ports: + - containerPort: 8083 + envFrom: + - configMapRef: + name: cm-common + - configMapRef: + name: cm-product-service + - secretRef: + name: secret-common + - secretRef: + name: secret-product-service + resources: + requests: + cpu: 256m + memory: 256Mi + limits: + cpu: 1024m + memory: 1024Mi + startupProbe: + httpGet: + path: /actuator/health + port: 8083 + initialDelaySeconds: 30 + periodSeconds: 10 + failureThreshold: 6 + readinessProbe: + httpGet: + path: /actuator/health/readiness + port: 8083 + initialDelaySeconds: 10 + periodSeconds: 5 + failureThreshold: 3 + livenessProbe: + httpGet: + path: /actuator/health/liveness + port: 8083 + initialDelaySeconds: 30 + periodSeconds: 10 + failureThreshold: 3 \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/product-service/secret-product-service.yaml b/deployment/cicd/kustomize/base/product-service/secret-product-service.yaml new file mode 100644 index 0000000..e773ec9 --- /dev/null +++ b/deployment/cicd/kustomize/base/product-service/secret-product-service.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-product-service +type: Opaque +stringData: + DB_HOST: "product-change-postgres-dev-postgresql" + DB_NAME: "product_change_db" + DB_USERNAME: "product_change_user" + DB_PASSWORD: "ProductUser2025@" \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/product-service/service.yaml b/deployment/cicd/kustomize/base/product-service/service.yaml new file mode 100644 index 0000000..b784a5d --- /dev/null +++ b/deployment/cicd/kustomize/base/product-service/service.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Service +metadata: + name: product-service +spec: + selector: + app: product-service + ports: + - port: 80 + targetPort: 8083 + type: ClusterIP \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/user-service/cm-user-service.yaml b/deployment/cicd/kustomize/base/user-service/cm-user-service.yaml new file mode 100644 index 0000000..4031913 --- /dev/null +++ b/deployment/cicd/kustomize/base/user-service/cm-user-service.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: cm-user-service +data: + SERVER_PORT: "8081" + DB_KIND: "postgresql" + DB_PORT: "5432" + DDL_AUTO: "update" + REDIS_DATABASE: "0" + SHOW_SQL: "true" \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/user-service/deployment.yaml b/deployment/cicd/kustomize/base/user-service/deployment.yaml new file mode 100644 index 0000000..2dbd2d4 --- /dev/null +++ b/deployment/cicd/kustomize/base/user-service/deployment.yaml @@ -0,0 +1,59 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: user-service +spec: + replicas: 1 + selector: + matchLabels: + app: user-service + template: + metadata: + labels: + app: user-service + spec: + imagePullSecrets: + - name: phonebill + containers: + - name: user-service + image: acrdigitalgarage01.azurecr.io/phonebill/user-service:latest + imagePullPolicy: Always + ports: + - containerPort: 8081 + envFrom: + - configMapRef: + name: cm-common + - configMapRef: + name: cm-user-service + - secretRef: + name: secret-common + - secretRef: + name: secret-user-service + resources: + requests: + cpu: 256m + memory: 256Mi + limits: + cpu: 1024m + memory: 1024Mi + startupProbe: + httpGet: + path: /actuator/health + port: 8081 + initialDelaySeconds: 30 + periodSeconds: 10 + failureThreshold: 6 + readinessProbe: + httpGet: + path: /actuator/health/readiness + port: 8081 + initialDelaySeconds: 10 + periodSeconds: 5 + failureThreshold: 3 + livenessProbe: + httpGet: + path: /actuator/health/liveness + port: 8081 + initialDelaySeconds: 30 + periodSeconds: 10 + failureThreshold: 3 \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/user-service/secret-user-service.yaml b/deployment/cicd/kustomize/base/user-service/secret-user-service.yaml new file mode 100644 index 0000000..8424423 --- /dev/null +++ b/deployment/cicd/kustomize/base/user-service/secret-user-service.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-user-service +type: Opaque +stringData: + DB_HOST: "auth-postgres-dev-postgresql" + DB_NAME: "phonebill_auth" + DB_USERNAME: "auth_user" + DB_PASSWORD: "AuthUser2025@" \ No newline at end of file diff --git a/deployment/cicd/kustomize/base/user-service/service.yaml b/deployment/cicd/kustomize/base/user-service/service.yaml new file mode 100644 index 0000000..c9fb9cf --- /dev/null +++ b/deployment/cicd/kustomize/base/user-service/service.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Service +metadata: + name: user-service +spec: + selector: + app: user-service + ports: + - port: 80 + targetPort: 8081 + type: ClusterIP \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/dev/cm-common-patch.yaml b/deployment/cicd/kustomize/overlays/dev/cm-common-patch.yaml new file mode 100644 index 0000000..3c16172 --- /dev/null +++ b/deployment/cicd/kustomize/overlays/dev/cm-common-patch.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: cm-common +data: + CORS_ALLOWED_ORIGINS: "http://localhost:8081,http://localhost:8082,http://localhost:8083,http://localhost:8084,http://phonebill-dg0500.20.214.196.128.nip.io" + JWT_ACCESS_TOKEN_VALIDITY: "18000000" + JWT_REFRESH_TOKEN_VALIDITY: "86400000" + REDIS_PORT: "6379" + SPRING_PROFILES_ACTIVE: "dev" + DDL_AUTO: "update" \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/dev/deployment-api-gateway-patch.yaml b/deployment/cicd/kustomize/overlays/dev/deployment-api-gateway-patch.yaml new file mode 100644 index 0000000..c5278b1 --- /dev/null +++ b/deployment/cicd/kustomize/overlays/dev/deployment-api-gateway-patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: api-gateway +spec: + replicas: 1 + template: + spec: + containers: + - name: api-gateway + resources: + requests: + cpu: "256m" + memory: "256Mi" + limits: + cpu: "1024m" + memory: "1024Mi" \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/dev/deployment-bill-service-patch.yaml b/deployment/cicd/kustomize/overlays/dev/deployment-bill-service-patch.yaml new file mode 100644 index 0000000..c67ce77 --- /dev/null +++ b/deployment/cicd/kustomize/overlays/dev/deployment-bill-service-patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: bill-service +spec: + replicas: 1 + template: + spec: + containers: + - name: bill-service + resources: + requests: + cpu: "256m" + memory: "256Mi" + limits: + cpu: "1024m" + memory: "1024Mi" \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/dev/deployment-kos-mock-patch.yaml b/deployment/cicd/kustomize/overlays/dev/deployment-kos-mock-patch.yaml new file mode 100644 index 0000000..21a137c --- /dev/null +++ b/deployment/cicd/kustomize/overlays/dev/deployment-kos-mock-patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: kos-mock +spec: + replicas: 1 + template: + spec: + containers: + - name: kos-mock + resources: + requests: + cpu: "256m" + memory: "256Mi" + limits: + cpu: "1024m" + memory: "1024Mi" \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/dev/deployment-product-service-patch.yaml b/deployment/cicd/kustomize/overlays/dev/deployment-product-service-patch.yaml new file mode 100644 index 0000000..7290636 --- /dev/null +++ b/deployment/cicd/kustomize/overlays/dev/deployment-product-service-patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: product-service +spec: + replicas: 1 + template: + spec: + containers: + - name: product-service + resources: + requests: + cpu: "256m" + memory: "256Mi" + limits: + cpu: "1024m" + memory: "1024Mi" \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/dev/deployment-user-service-patch.yaml b/deployment/cicd/kustomize/overlays/dev/deployment-user-service-patch.yaml new file mode 100644 index 0000000..c2fa8d4 --- /dev/null +++ b/deployment/cicd/kustomize/overlays/dev/deployment-user-service-patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: user-service +spec: + replicas: 1 + template: + spec: + containers: + - name: user-service + resources: + requests: + cpu: "256m" + memory: "256Mi" + limits: + cpu: "1024m" + memory: "1024Mi" \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/dev/ingress-patch.yaml b/deployment/cicd/kustomize/overlays/dev/ingress-patch.yaml new file mode 100644 index 0000000..8fb360e --- /dev/null +++ b/deployment/cicd/kustomize/overlays/dev/ingress-patch.yaml @@ -0,0 +1,48 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: phonebill + annotations: + kubernetes.io/ingress.class: nginx + nginx.ingress.kubernetes.io/ssl-redirect: "false" +spec: + ingressClassName: nginx + rules: + - host: phonebill-dg0500-api.20.214.196.128.nip.io + http: + paths: + - path: /api/v1/auth + pathType: Prefix + backend: + service: + name: user-service + port: + number: 80 + - path: /api/v1/users + pathType: Prefix + backend: + service: + name: user-service + port: + number: 80 + - path: /api/v1/bills + pathType: Prefix + backend: + service: + name: bill-service + port: + number: 80 + - path: /api/v1/products + pathType: Prefix + backend: + service: + name: product-service + port: + number: 80 + - path: /api/v1/kos + pathType: Prefix + backend: + service: + name: kos-mock + port: + number: 80 \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/dev/kustomization.yaml b/deployment/cicd/kustomize/overlays/dev/kustomization.yaml new file mode 100644 index 0000000..974e023 --- /dev/null +++ b/deployment/cicd/kustomize/overlays/dev/kustomization.yaml @@ -0,0 +1,65 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: phonebill-dg0500 + +resources: + - ../../base + +patches: + - path: cm-common-patch.yaml + target: + kind: ConfigMap + name: cm-common + - path: deployment-api-gateway-patch.yaml + target: + kind: Deployment + name: api-gateway + - path: deployment-user-service-patch.yaml + target: + kind: Deployment + name: user-service + - path: deployment-bill-service-patch.yaml + target: + kind: Deployment + name: bill-service + - path: deployment-product-service-patch.yaml + target: + kind: Deployment + name: product-service + - path: deployment-kos-mock-patch.yaml + target: + kind: Deployment + name: kos-mock + - path: ingress-patch.yaml + target: + kind: Ingress + name: phonebill + - path: secret-common-patch.yaml + target: + kind: Secret + name: secret-common + - path: secret-user-service-patch.yaml + target: + kind: Secret + name: secret-user-service + - path: secret-bill-service-patch.yaml + target: + kind: Secret + name: secret-bill-service + - path: secret-product-service-patch.yaml + target: + kind: Secret + name: secret-product-service + +images: + - name: acrdigitalgarage01.azurecr.io/phonebill/api-gateway + newTag: latest + - name: acrdigitalgarage01.azurecr.io/phonebill/user-service + newTag: latest + - name: acrdigitalgarage01.azurecr.io/phonebill/bill-service + newTag: latest + - name: acrdigitalgarage01.azurecr.io/phonebill/product-service + newTag: latest + - name: acrdigitalgarage01.azurecr.io/phonebill/kos-mock + newTag: latest \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/dev/secret-bill-service-patch.yaml b/deployment/cicd/kustomize/overlays/dev/secret-bill-service-patch.yaml new file mode 100644 index 0000000..caaa7cf --- /dev/null +++ b/deployment/cicd/kustomize/overlays/dev/secret-bill-service-patch.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-bill-service +type: Opaque +stringData: + DB_HOST: "bill-inquiry-postgres-dev-postgresql" + DB_NAME: "bill_inquiry_db" + DB_USERNAME: "bill_inquiry_user" + DB_PASSWORD: "BillUser2025@" diff --git a/deployment/cicd/kustomize/overlays/dev/secret-common-patch.yaml b/deployment/cicd/kustomize/overlays/dev/secret-common-patch.yaml new file mode 100644 index 0000000..53795ab --- /dev/null +++ b/deployment/cicd/kustomize/overlays/dev/secret-common-patch.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-common +type: Opaque +stringData: + JWT_SECRET: "nwe5Yo9qaJ6FBD/Thl2/j6/SFAfNwUorAY1ZcWO2KI7uA4bmVLOCPxE9hYuUpRCOkgV2UF2DdHXtqHi3+BU/ecbz2zpHyf/720h48UbA3XOMYOX1sdM+dQ==" + REDIS_HOST: "redis-cache-dev-master" + REDIS_PASSWORD: "Redis2025Dev@" \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/dev/secret-product-service-patch.yaml b/deployment/cicd/kustomize/overlays/dev/secret-product-service-patch.yaml new file mode 100644 index 0000000..e773ec9 --- /dev/null +++ b/deployment/cicd/kustomize/overlays/dev/secret-product-service-patch.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-product-service +type: Opaque +stringData: + DB_HOST: "product-change-postgres-dev-postgresql" + DB_NAME: "product_change_db" + DB_USERNAME: "product_change_user" + DB_PASSWORD: "ProductUser2025@" \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/dev/secret-user-service-patch.yaml b/deployment/cicd/kustomize/overlays/dev/secret-user-service-patch.yaml new file mode 100644 index 0000000..8424423 --- /dev/null +++ b/deployment/cicd/kustomize/overlays/dev/secret-user-service-patch.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-user-service +type: Opaque +stringData: + DB_HOST: "auth-postgres-dev-postgresql" + DB_NAME: "phonebill_auth" + DB_USERNAME: "auth_user" + DB_PASSWORD: "AuthUser2025@" \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/prod/cm-common-patch.yaml b/deployment/cicd/kustomize/overlays/prod/cm-common-patch.yaml new file mode 100644 index 0000000..eea116d --- /dev/null +++ b/deployment/cicd/kustomize/overlays/prod/cm-common-patch.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: cm-common +data: + CORS_ALLOWED_ORIGINS: "http://localhost:8081,http://localhost:8082,http://localhost:8083,http://localhost:8084,http://phonebill-dg0500.20.214.196.128.nip.io" + JWT_ACCESS_TOKEN_VALIDITY: "3600000" + JWT_REFRESH_TOKEN_VALIDITY: "43200000" + REDIS_PORT: "6379" + SPRING_PROFILES_ACTIVE: "prod" + DDL_AUTO: "validate" \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/prod/deployment-api-gateway-patch.yaml b/deployment/cicd/kustomize/overlays/prod/deployment-api-gateway-patch.yaml new file mode 100644 index 0000000..719bb26 --- /dev/null +++ b/deployment/cicd/kustomize/overlays/prod/deployment-api-gateway-patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: api-gateway +spec: + replicas: 3 + template: + spec: + containers: + - name: api-gateway + resources: + requests: + cpu: "1024m" + memory: "1024Mi" + limits: + cpu: "4096m" + memory: "4096Mi" diff --git a/deployment/cicd/kustomize/overlays/prod/deployment-bill-service-patch.yaml b/deployment/cicd/kustomize/overlays/prod/deployment-bill-service-patch.yaml new file mode 100644 index 0000000..0f6b0fc --- /dev/null +++ b/deployment/cicd/kustomize/overlays/prod/deployment-bill-service-patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: bill-service +spec: + replicas: 3 + template: + spec: + containers: + - name: bill-service + resources: + requests: + cpu: "1024m" + memory: "1024Mi" + limits: + cpu: "4096m" + memory: "4096Mi" diff --git a/deployment/cicd/kustomize/overlays/prod/deployment-kos-mock-patch.yaml b/deployment/cicd/kustomize/overlays/prod/deployment-kos-mock-patch.yaml new file mode 100644 index 0000000..cb32076 --- /dev/null +++ b/deployment/cicd/kustomize/overlays/prod/deployment-kos-mock-patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: kos-mock +spec: + replicas: 3 + template: + spec: + containers: + - name: kos-mock + resources: + requests: + cpu: "1024m" + memory: "1024Mi" + limits: + cpu: "4096m" + memory: "4096Mi" diff --git a/deployment/cicd/kustomize/overlays/prod/deployment-product-service-patch.yaml b/deployment/cicd/kustomize/overlays/prod/deployment-product-service-patch.yaml new file mode 100644 index 0000000..388b4b1 --- /dev/null +++ b/deployment/cicd/kustomize/overlays/prod/deployment-product-service-patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: product-service +spec: + replicas: 3 + template: + spec: + containers: + - name: product-service + resources: + requests: + cpu: "1024m" + memory: "1024Mi" + limits: + cpu: "4096m" + memory: "4096Mi" diff --git a/deployment/cicd/kustomize/overlays/prod/deployment-user-service-patch.yaml b/deployment/cicd/kustomize/overlays/prod/deployment-user-service-patch.yaml new file mode 100644 index 0000000..5f3b602 --- /dev/null +++ b/deployment/cicd/kustomize/overlays/prod/deployment-user-service-patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: user-service +spec: + replicas: 3 + template: + spec: + containers: + - name: user-service + resources: + requests: + cpu: "1024m" + memory: "1024Mi" + limits: + cpu: "4096m" + memory: "4096Mi" diff --git a/deployment/cicd/kustomize/overlays/prod/ingress-patch.yaml b/deployment/cicd/kustomize/overlays/prod/ingress-patch.yaml new file mode 100644 index 0000000..95ee1a4 --- /dev/null +++ b/deployment/cicd/kustomize/overlays/prod/ingress-patch.yaml @@ -0,0 +1,53 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: phonebill + annotations: + kubernetes.io/ingress.class: nginx + nginx.ingress.kubernetes.io/ssl-redirect: "true" + cert-manager.io/cluster-issuer: "letsencrypt-prod" +spec: + ingressClassName: nginx + tls: + - hosts: + - phonebill.example.com + secretName: phonebill-prod-tls + rules: + - host: phonebill.example.com + http: + paths: + - path: /api/v1/auth + pathType: Prefix + backend: + service: + name: user-service + port: + number: 80 + - path: /api/v1/users + pathType: Prefix + backend: + service: + name: user-service + port: + number: 80 + - path: /api/v1/bills + pathType: Prefix + backend: + service: + name: bill-service + port: + number: 80 + - path: /api/v1/products + pathType: Prefix + backend: + service: + name: product-service + port: + number: 80 + - path: /api/v1/kos + pathType: Prefix + backend: + service: + name: kos-mock + port: + number: 80 \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/prod/kustomization.yaml b/deployment/cicd/kustomize/overlays/prod/kustomization.yaml new file mode 100644 index 0000000..974e023 --- /dev/null +++ b/deployment/cicd/kustomize/overlays/prod/kustomization.yaml @@ -0,0 +1,65 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: phonebill-dg0500 + +resources: + - ../../base + +patches: + - path: cm-common-patch.yaml + target: + kind: ConfigMap + name: cm-common + - path: deployment-api-gateway-patch.yaml + target: + kind: Deployment + name: api-gateway + - path: deployment-user-service-patch.yaml + target: + kind: Deployment + name: user-service + - path: deployment-bill-service-patch.yaml + target: + kind: Deployment + name: bill-service + - path: deployment-product-service-patch.yaml + target: + kind: Deployment + name: product-service + - path: deployment-kos-mock-patch.yaml + target: + kind: Deployment + name: kos-mock + - path: ingress-patch.yaml + target: + kind: Ingress + name: phonebill + - path: secret-common-patch.yaml + target: + kind: Secret + name: secret-common + - path: secret-user-service-patch.yaml + target: + kind: Secret + name: secret-user-service + - path: secret-bill-service-patch.yaml + target: + kind: Secret + name: secret-bill-service + - path: secret-product-service-patch.yaml + target: + kind: Secret + name: secret-product-service + +images: + - name: acrdigitalgarage01.azurecr.io/phonebill/api-gateway + newTag: latest + - name: acrdigitalgarage01.azurecr.io/phonebill/user-service + newTag: latest + - name: acrdigitalgarage01.azurecr.io/phonebill/bill-service + newTag: latest + - name: acrdigitalgarage01.azurecr.io/phonebill/product-service + newTag: latest + - name: acrdigitalgarage01.azurecr.io/phonebill/kos-mock + newTag: latest \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/prod/secret-bill-service-patch.yaml b/deployment/cicd/kustomize/overlays/prod/secret-bill-service-patch.yaml new file mode 100644 index 0000000..caaa7cf --- /dev/null +++ b/deployment/cicd/kustomize/overlays/prod/secret-bill-service-patch.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-bill-service +type: Opaque +stringData: + DB_HOST: "bill-inquiry-postgres-dev-postgresql" + DB_NAME: "bill_inquiry_db" + DB_USERNAME: "bill_inquiry_user" + DB_PASSWORD: "BillUser2025@" diff --git a/deployment/cicd/kustomize/overlays/prod/secret-common-patch.yaml b/deployment/cicd/kustomize/overlays/prod/secret-common-patch.yaml new file mode 100644 index 0000000..53795ab --- /dev/null +++ b/deployment/cicd/kustomize/overlays/prod/secret-common-patch.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-common +type: Opaque +stringData: + JWT_SECRET: "nwe5Yo9qaJ6FBD/Thl2/j6/SFAfNwUorAY1ZcWO2KI7uA4bmVLOCPxE9hYuUpRCOkgV2UF2DdHXtqHi3+BU/ecbz2zpHyf/720h48UbA3XOMYOX1sdM+dQ==" + REDIS_HOST: "redis-cache-dev-master" + REDIS_PASSWORD: "Redis2025Dev@" \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/prod/secret-product-service-patch.yaml b/deployment/cicd/kustomize/overlays/prod/secret-product-service-patch.yaml new file mode 100644 index 0000000..e773ec9 --- /dev/null +++ b/deployment/cicd/kustomize/overlays/prod/secret-product-service-patch.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-product-service +type: Opaque +stringData: + DB_HOST: "product-change-postgres-dev-postgresql" + DB_NAME: "product_change_db" + DB_USERNAME: "product_change_user" + DB_PASSWORD: "ProductUser2025@" \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/prod/secret-user-service-patch.yaml b/deployment/cicd/kustomize/overlays/prod/secret-user-service-patch.yaml new file mode 100644 index 0000000..8424423 --- /dev/null +++ b/deployment/cicd/kustomize/overlays/prod/secret-user-service-patch.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-user-service +type: Opaque +stringData: + DB_HOST: "auth-postgres-dev-postgresql" + DB_NAME: "phonebill_auth" + DB_USERNAME: "auth_user" + DB_PASSWORD: "AuthUser2025@" \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/staging/cm-common-patch.yaml b/deployment/cicd/kustomize/overlays/staging/cm-common-patch.yaml new file mode 100644 index 0000000..d3604e0 --- /dev/null +++ b/deployment/cicd/kustomize/overlays/staging/cm-common-patch.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: cm-common +data: + CORS_ALLOWED_ORIGINS: "http://localhost:8081,http://localhost:8082,http://localhost:8083,http://localhost:8084,http://phonebill-dg0500.20.214.196.128.nip.io" + JWT_ACCESS_TOKEN_VALIDITY: "18000000" + JWT_REFRESH_TOKEN_VALIDITY: "86400000" + REDIS_PORT: "6379" + SPRING_PROFILES_ACTIVE: "staging" + DDL_AUTO: "validate" \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/staging/deployment-api-gateway-patch.yaml b/deployment/cicd/kustomize/overlays/staging/deployment-api-gateway-patch.yaml new file mode 100644 index 0000000..b8f0f64 --- /dev/null +++ b/deployment/cicd/kustomize/overlays/staging/deployment-api-gateway-patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: api-gateway +spec: + replicas: 2 + template: + spec: + containers: + - name: api-gateway + resources: + requests: + cpu: "512m" + memory: "512Mi" + limits: + cpu: "2048m" + memory: "2048Mi" \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/staging/deployment-bill-service-patch.yaml b/deployment/cicd/kustomize/overlays/staging/deployment-bill-service-patch.yaml new file mode 100644 index 0000000..0f8a02a --- /dev/null +++ b/deployment/cicd/kustomize/overlays/staging/deployment-bill-service-patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: bill-service +spec: + replicas: 2 + template: + spec: + containers: + - name: bill-service + resources: + requests: + cpu: "512m" + memory: "512Mi" + limits: + cpu: "2048m" + memory: "2048Mi" diff --git a/deployment/cicd/kustomize/overlays/staging/deployment-kos-mock-patch.yaml b/deployment/cicd/kustomize/overlays/staging/deployment-kos-mock-patch.yaml new file mode 100644 index 0000000..ca4561d --- /dev/null +++ b/deployment/cicd/kustomize/overlays/staging/deployment-kos-mock-patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: kos-mock +spec: + replicas: 2 + template: + spec: + containers: + - name: kos-mock + resources: + requests: + cpu: "512m" + memory: "512Mi" + limits: + cpu: "2048m" + memory: "2048Mi" diff --git a/deployment/cicd/kustomize/overlays/staging/deployment-product-service-patch.yaml b/deployment/cicd/kustomize/overlays/staging/deployment-product-service-patch.yaml new file mode 100644 index 0000000..377b4e0 --- /dev/null +++ b/deployment/cicd/kustomize/overlays/staging/deployment-product-service-patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: product-service +spec: + replicas: 2 + template: + spec: + containers: + - name: product-service + resources: + requests: + cpu: "512m" + memory: "512Mi" + limits: + cpu: "2048m" + memory: "2048Mi" diff --git a/deployment/cicd/kustomize/overlays/staging/deployment-user-service-patch.yaml b/deployment/cicd/kustomize/overlays/staging/deployment-user-service-patch.yaml new file mode 100644 index 0000000..ba2d5de --- /dev/null +++ b/deployment/cicd/kustomize/overlays/staging/deployment-user-service-patch.yaml @@ -0,0 +1,17 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: user-service +spec: + replicas: 2 + template: + spec: + containers: + - name: user-service + resources: + requests: + cpu: "512m" + memory: "512Mi" + limits: + cpu: "2048m" + memory: "2048Mi" diff --git a/deployment/cicd/kustomize/overlays/staging/ingress-patch.yaml b/deployment/cicd/kustomize/overlays/staging/ingress-patch.yaml new file mode 100644 index 0000000..ba8d07b --- /dev/null +++ b/deployment/cicd/kustomize/overlays/staging/ingress-patch.yaml @@ -0,0 +1,53 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: phonebill + annotations: + kubernetes.io/ingress.class: nginx + nginx.ingress.kubernetes.io/ssl-redirect: "true" + cert-manager.io/cluster-issuer: "letsencrypt-prod" +spec: + ingressClassName: nginx + tls: + - hosts: + - phonebill-staging.example.com + secretName: phonebill-staging-tls + rules: + - host: phonebill-staging.example.com + http: + paths: + - path: /api/v1/auth + pathType: Prefix + backend: + service: + name: user-service + port: + number: 80 + - path: /api/v1/users + pathType: Prefix + backend: + service: + name: user-service + port: + number: 80 + - path: /api/v1/bills + pathType: Prefix + backend: + service: + name: bill-service + port: + number: 80 + - path: /api/v1/products + pathType: Prefix + backend: + service: + name: product-service + port: + number: 80 + - path: /api/v1/kos + pathType: Prefix + backend: + service: + name: kos-mock + port: + number: 80 \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/staging/kustomization.yaml b/deployment/cicd/kustomize/overlays/staging/kustomization.yaml new file mode 100644 index 0000000..974e023 --- /dev/null +++ b/deployment/cicd/kustomize/overlays/staging/kustomization.yaml @@ -0,0 +1,65 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: phonebill-dg0500 + +resources: + - ../../base + +patches: + - path: cm-common-patch.yaml + target: + kind: ConfigMap + name: cm-common + - path: deployment-api-gateway-patch.yaml + target: + kind: Deployment + name: api-gateway + - path: deployment-user-service-patch.yaml + target: + kind: Deployment + name: user-service + - path: deployment-bill-service-patch.yaml + target: + kind: Deployment + name: bill-service + - path: deployment-product-service-patch.yaml + target: + kind: Deployment + name: product-service + - path: deployment-kos-mock-patch.yaml + target: + kind: Deployment + name: kos-mock + - path: ingress-patch.yaml + target: + kind: Ingress + name: phonebill + - path: secret-common-patch.yaml + target: + kind: Secret + name: secret-common + - path: secret-user-service-patch.yaml + target: + kind: Secret + name: secret-user-service + - path: secret-bill-service-patch.yaml + target: + kind: Secret + name: secret-bill-service + - path: secret-product-service-patch.yaml + target: + kind: Secret + name: secret-product-service + +images: + - name: acrdigitalgarage01.azurecr.io/phonebill/api-gateway + newTag: latest + - name: acrdigitalgarage01.azurecr.io/phonebill/user-service + newTag: latest + - name: acrdigitalgarage01.azurecr.io/phonebill/bill-service + newTag: latest + - name: acrdigitalgarage01.azurecr.io/phonebill/product-service + newTag: latest + - name: acrdigitalgarage01.azurecr.io/phonebill/kos-mock + newTag: latest \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/staging/secret-bill-service-patch.yaml b/deployment/cicd/kustomize/overlays/staging/secret-bill-service-patch.yaml new file mode 100644 index 0000000..caaa7cf --- /dev/null +++ b/deployment/cicd/kustomize/overlays/staging/secret-bill-service-patch.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-bill-service +type: Opaque +stringData: + DB_HOST: "bill-inquiry-postgres-dev-postgresql" + DB_NAME: "bill_inquiry_db" + DB_USERNAME: "bill_inquiry_user" + DB_PASSWORD: "BillUser2025@" diff --git a/deployment/cicd/kustomize/overlays/staging/secret-common-patch.yaml b/deployment/cicd/kustomize/overlays/staging/secret-common-patch.yaml new file mode 100644 index 0000000..53795ab --- /dev/null +++ b/deployment/cicd/kustomize/overlays/staging/secret-common-patch.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-common +type: Opaque +stringData: + JWT_SECRET: "nwe5Yo9qaJ6FBD/Thl2/j6/SFAfNwUorAY1ZcWO2KI7uA4bmVLOCPxE9hYuUpRCOkgV2UF2DdHXtqHi3+BU/ecbz2zpHyf/720h48UbA3XOMYOX1sdM+dQ==" + REDIS_HOST: "redis-cache-dev-master" + REDIS_PASSWORD: "Redis2025Dev@" \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/staging/secret-product-service-patch.yaml b/deployment/cicd/kustomize/overlays/staging/secret-product-service-patch.yaml new file mode 100644 index 0000000..e773ec9 --- /dev/null +++ b/deployment/cicd/kustomize/overlays/staging/secret-product-service-patch.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-product-service +type: Opaque +stringData: + DB_HOST: "product-change-postgres-dev-postgresql" + DB_NAME: "product_change_db" + DB_USERNAME: "product_change_user" + DB_PASSWORD: "ProductUser2025@" \ No newline at end of file diff --git a/deployment/cicd/kustomize/overlays/staging/secret-user-service-patch.yaml b/deployment/cicd/kustomize/overlays/staging/secret-user-service-patch.yaml new file mode 100644 index 0000000..8424423 --- /dev/null +++ b/deployment/cicd/kustomize/overlays/staging/secret-user-service-patch.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Secret +metadata: + name: secret-user-service +type: Opaque +stringData: + DB_HOST: "auth-postgres-dev-postgresql" + DB_NAME: "phonebill_auth" + DB_USERNAME: "auth_user" + DB_PASSWORD: "AuthUser2025@" \ No newline at end of file diff --git a/deployment/cicd/scripts/deploy.sh b/deployment/cicd/scripts/deploy.sh new file mode 100755 index 0000000..14817da --- /dev/null +++ b/deployment/cicd/scripts/deploy.sh @@ -0,0 +1,43 @@ +#!/bin/bash +set -e + +ENVIRONMENT=${1:-dev} +IMAGE_TAG=${2:-latest} + +echo "🚀 Starting deployment for environment: $ENVIRONMENT with image tag: $IMAGE_TAG" + +# 환경별 이미지 태그 업데이트 +cd deployment/cicd/kustomize/overlays/${ENVIRONMENT} + +# 서비스 목록 (공백으로 구분) +services="api-gateway user-service bill-service product-service kos-mock" + +echo "📦 Updating image tags for services: $services" + +# 각 서비스 이미지 태그 업데이트 +for service in $services; do + echo " - Updating $service to ${ENVIRONMENT}-${IMAGE_TAG}" + kustomize edit set image acrdigitalgarage01.azurecr.io/phonebill/$service:${ENVIRONMENT}-${IMAGE_TAG} +done + +echo "🔧 Applying Kubernetes manifests..." +# 배포 실행 +kubectl apply -k . + +echo "⏳ Waiting for deployments to be ready..." +# 배포 상태 확인 +for service in $services; do + echo " - Checking rollout status for $service" + kubectl rollout status deployment/$service -n phonebill-dg0500 --timeout=300s +done + +echo "✅ Deployment completed successfully!" +echo "" +echo "📊 Current deployment status:" +kubectl get pods -n phonebill-dg0500 -o wide +echo "" +echo "🌐 Service endpoints:" +kubectl get services -n phonebill-dg0500 +echo "" +echo "🔗 Ingress information:" +kubectl get ingress -n phonebill-dg0500 \ No newline at end of file diff --git a/deployment/cicd/scripts/validate-resources.sh b/deployment/cicd/scripts/validate-resources.sh new file mode 100755 index 0000000..76b95ae --- /dev/null +++ b/deployment/cicd/scripts/validate-resources.sh @@ -0,0 +1,128 @@ +#!/bin/bash +# Base 리소스 누락 검증 스크립트 (phonebill 전용) + +echo "🔍 phonebill Base 리소스 누락 검증 시작..." + +BASE_DIR="deployment/cicd/kustomize/base" +MISSING_RESOURCES=0 +REQUIRED_FILES=("deployment.yaml" "service.yaml") +OPTIONAL_FILES=("cm-" "secret-") + +# 1. 각 서비스 디렉토리의 파일 확인 +echo "1. 서비스 디렉토리별 파일 목록:" +for dir in $BASE_DIR/*/; do + if [ -d "$dir" ] && [[ $(basename "$dir") != "common" ]]; then + service=$(basename "$dir") + echo "=== $service ===" + + # 필수 파일 확인 + for required in "${REQUIRED_FILES[@]}"; do + if [ -f "$dir$required" ]; then + echo " ✅ $required" + else + echo " ❌ MISSING REQUIRED: $required" + ((MISSING_RESOURCES++)) + fi + done + + # 선택적 파일 확인 + for optional in "${OPTIONAL_FILES[@]}"; do + files=($(ls "$dir"$optional*".yaml" 2>/dev/null)) + if [ ${#files[@]} -gt 0 ]; then + for file in "${files[@]}"; do + echo " ✅ $(basename "$file")" + done + fi + done + echo "" + fi +done + +# 2. Common 리소스 확인 +echo "2. Common 리소스 확인:" +COMMON_DIR="$BASE_DIR/common" +if [ -d "$COMMON_DIR" ]; then + common_files=($(ls "$COMMON_DIR"/*.yaml 2>/dev/null)) + if [ ${#common_files[@]} -gt 0 ]; then + for file in "${common_files[@]}"; do + echo " ✅ common/$(basename "$file")" + done + else + echo " ❌ Common 디렉토리에 YAML 파일이 없습니다" + ((MISSING_RESOURCES++)) + fi +else + echo " ❌ Common 디렉토리가 없습니다" + ((MISSING_RESOURCES++)) +fi + +# 3. kustomization.yaml과 실제 파일 비교 +echo "" +echo "3. kustomization.yaml 리소스 검증:" +if [ -f "$BASE_DIR/kustomization.yaml" ]; then + while IFS= read -r line; do + # resources 섹션의 YAML 파일 경로 추출 + if [[ $line =~ ^[[:space:]]*-[[:space:]]*([^#]+\.yaml)[[:space:]]*$ ]]; then + resource_path=$(echo "${BASH_REMATCH[1]}" | xargs) # 공백 제거 + full_path="$BASE_DIR/$resource_path" + if [ -f "$full_path" ]; then + echo " ✅ $resource_path" + else + echo " ❌ MISSING: $resource_path" + ((MISSING_RESOURCES++)) + fi + fi + done < "$BASE_DIR/kustomization.yaml" +else + echo " ❌ kustomization.yaml 파일이 없습니다" + ((MISSING_RESOURCES++)) +fi + +# 4. kubectl kustomize 검증 +echo "" +echo "4. Kustomize 빌드 테스트:" +if kubectl kustomize "$BASE_DIR" > /dev/null 2>&1; then + echo " ✅ Base kustomization 빌드 성공" +else + echo " ❌ Base kustomization 빌드 실패:" + kubectl kustomize "$BASE_DIR" 2>&1 | head -5 | sed 's/^/ /' + ((MISSING_RESOURCES++)) +fi + +# 5. 환경별 overlay 검증 +echo "" +echo "5. 환경별 Overlay 검증:" +for env in dev staging prod; do + overlay_dir="deployment/cicd/kustomize/overlays/$env" + if [ -d "$overlay_dir" ] && [ -f "$overlay_dir/kustomization.yaml" ]; then + if kubectl kustomize "$overlay_dir" > /dev/null 2>&1; then + echo " ✅ $env 환경 빌드 성공" + else + echo " ❌ $env 환경 빌드 실패" + ((MISSING_RESOURCES++)) + fi + else + echo " ⚠️ $env 환경 설정 없음 (선택사항)" + fi +done + +# 결과 출력 +echo "" +echo "======================================" +if [ $MISSING_RESOURCES -eq 0 ]; then + echo "🎯 검증 완료! 모든 리소스가 정상입니다." + echo "======================================" + exit 0 +else + echo "❌ $MISSING_RESOURCES개의 문제가 발견되었습니다." + echo "======================================" + echo "" + echo "💡 문제 해결 가이드:" + echo "1. 누락된 파일들을 base 디렉토리에 추가하세요" + echo "2. kustomization.yaml에서 존재하지 않는 파일 참조를 제거하세요" + echo "3. 파일명이 명명 규칙을 따르는지 확인하세요:" + echo " - ConfigMap: cm-{서비스명}.yaml" + echo " - Secret: secret-{서비스명}.yaml" + echo "4. 다시 검증: ./scripts/validate-resources.sh" + exit 1 +fi \ No newline at end of file