Initial commit

Author: Munkkeli

.diploi/helm/app-ingress.yaml

@@ -0,0 +1,22 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: ingress
+  annotations:
+    kubernetes.io/ingress.class: traefik
+spec:
+  tls:
+    - hosts:
+        - {{ .Values.hosts.app }}
+      secretName: tls-secret
+  rules:
+    - host: {{ .Values.hosts.app }}
+      http:
+        paths:
+          - path: '/'
+            pathType: Prefix
+            backend:
+              service:
+                name: app
+                port:
+                  number: 8000

.diploi/helm/app-service.yaml

@@ -0,0 +1,10 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: app
+spec:
+  ports:
+    - port: 8000
+      name: app
+  selector:
+    app: app

.diploi/helm/app.yaml

@@ -0,0 +1,74 @@
+apiVersion: apps/v1
+{{- if eq .Values.stage "development"}}
+kind: StatefulSet
+{{- else }}
+kind: Deployment
+{{- end }}
+metadata:
+  name: app
+  labels:
+    app: app
+spec:
+  selector:
+    matchLabels:
+      app: app
+  {{- if eq .Values.stage "development"}}
+  serviceName: app
+  {{- else }}
+  strategy:
+    type: RollingUpdate
+    rollingUpdate:
+      maxUnavailable: 25%
+      maxSurge: 25%
+  {{- end }}
+  replicas: {{ ternary 1 0 .Values.enabled }}
+  template:
+    metadata:
+      labels:
+        app: app
+    spec:
+      terminationGracePeriodSeconds: 10
+      imagePullSecrets:
+        - name: diploi-pull-secret
+      {{- if eq .Values.stage "development"}}
+      securityContext:
+        runAsUser: 1000
+        runAsGroup: 1000
+      initContainers:
+        - name: install-dependencies
+          image: {{ .Values.images.app }}
+          imagePullPolicy: Always
+          command: |
+            python -m venv .venv
+            direnv allow
+            pip install -r requirements.txt
+          workingDir: /app/{{ .Values.identifier }}
+          volumeMounts:
+            - name: app-mount
+              mountPath: /app
+      {{- end }}
+      containers:
+        - name: app
+          image: {{ .Values.images.app }}
+          imagePullPolicy: Always
+          ports:
+            - containerPort: 8000
+          {{- if eq .Values.stage "development" }}
+          workingDir: /app/{{ .Values.identifier }}
+          {{- end }}
+          env:
+            {{- range .Values.env }}
+            - name: {{ .identifier }}
+              value: {{ .value | quote }}
+            {{- end }}
+          volumeMounts:
+            {{- if hasKey .Values.storage "code" }}
+            - name: app-mount
+              mountPath: /app
+            {{- end }}
+      volumes:
+        {{- if hasKey .Values.storage "code" }}
+        - name: app-mount
+          hostPath:
+            path: {{ .Values.storage.code.hostPath }}
+        {{- end }}

.diploi/icon.svg

@@ -0,0 +1 @@
+layout python-venv .venv

.envrc

@@ -0,0 +1,95 @@
+name: Pre-Build
+
+on:
+  push:
+
+env:
+  REGISTRY: ghcr.io
+
+jobs:
+  production:
+    name: 'Production'
+    runs-on: ubuntu-latest
+    permissions:
+      packages: write
+    steps:
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: ${{ env.REGISTRY }}/${{ github.repository }}
+
+      - name: 'Login to GitHub Container Registry'
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Set tags
+        id: set-tags
+        run: |
+          TAGS="${{ steps.meta.outputs.tags }}"
+          if [[ "${GITHUB_REF}" == "refs/heads/main" ]]; then
+            TAGS="${TAGS},${{ env.REGISTRY }}/${{ github.repository }}:latest"
+          fi
+          echo "tags=$TAGS" >> $GITHUB_ENV
+
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          push: ${{ github.event_name != 'pull_request' }}
+          platforms: linux/arm64
+          tags: ${{ env.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+
+  development:
+    name: 'Development'
+    runs-on: ubuntu-latest
+    permissions:
+      packages: write
+    steps:
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: ${{ env.REGISTRY }}/${{ github.repository }}
+          flavor: |
+            suffix=-dev.
+
+      - name: 'Login to GitHub Container Registry'
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Set tags
+        id: set-tags
+        run: |
+          TAGS="${{ steps.meta.outputs.tags }}"
+          if [[ "${GITHUB_REF}" == "refs/heads/main" ]]; then
+            TAGS="${TAGS},${{ env.REGISTRY }}/${{ github.repository }}:latest"
+          fi
+          echo "tags=$TAGS" >> $GITHUB_ENV
+
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          file: Dockerfile.dev
+          push: ${{ github.event_name != 'pull_request' }}
+          platforms: linux/arm64
+          tags: ${{ env.tags }}
+          labels: ${{ steps.meta.outputs.labels }}