Add Kubernetes service and deployment configurations for voucher service and worker; include Helm chart templates and update README for makefile usage

Author: giovanninocco

Makefile

@@ -1,7 +1,7 @@
 build:
 	dotnet build
 start:
-	dotnet run --project ./src/Genocs.TelegramIntegration.WebApi
+	dotnet run --project ./src/apps/Genocs.TelegramIntegration.WebApi
 nuget:
 	nuget pack -NoDefaultExcludes -OutputDirectory nupkgs
 publish:
@@ -23,4 +23,12 @@ fds: # force rededeploy aws ecs service
 gw: # git docker workflow to push docker image to the repository based on the main branch
 	@echo triggering github workflow to push docker image to container
 	@echo ensure that you have the gh-cli installed and authenticated.
-	gh workflow run dockerhub-publish -f push_to_docker=true
+	gh workflow run dockerhub-publish -f push_to_docker=true
+
+d-build: # docker build images
+	@echo building docker images
+	@echo you should have docker installed and running
+	bash ./src/apps/scripts/build-images.sh
+d-push: # docker tag and push images
+	@echo tag images as latest and publish
+	bash ./src/apps/scripts/push-images.sh

README.md

@@ -537,6 +537,37 @@ You can deploy the application on Kubernetes cluster.
 ./src/apps/scripts/deploy-k8s.sh
 ```
 
+### How to use makefile
+
+Prerequisites:
+- make
+
+To install make on MacOS you can use brew
+
+``` bash
+brew install make
+```
+
+To install make on Ubuntu you can use apt
+
+``` bash
+sudo apt install make
+```
+
+To install make on Windows you can use [choco](https://chocolatey.org/)
+
+``` bash
+choco install make
+```
+
+Upon installation you can use the makefile to build, run, deploy the application.
+
+``` bash
+# Build the solution
+make build
+```
+
+
 
 ### Deploy in a cloud instance
 

src/apps/k8s/helm/README.md

@@ -0,0 +1,21 @@
+# Voucher - Kubernetes Cluster Setup
+
+This folder contains the necessary files to setup a Kubernetes cluster for the Generic service.
+
+The application is composed by a WebApi and a Worker handled by as couple of Docker images.
+
+The voucher-secret.yaml file contains the secrets for the application. The secrets are stored in a Kubernetes Secret object.
+
+The Production secrets are stored in a Azure Key Vault and are retrieved by the application using the Azure Key Vault Provider for Secrets Store CSI Driver.
+
+``` sh
+# Create a namespace for the application i
+kubectl create namespace utu-taxfree
+
+# Deploy the all the all the components components along with it's secrets
+kubectl apply R -f ./voucher-webapi.yaml
+kubectl apply R -f ./voucher-secret.yaml
+# patch the deployment to use the load balancer
+# kubectl patch svc -n utu-taxfree jaeger-simple-query -p '{"spec": {"type": "LoadBalancer"}}'
+# az login --tenant 3e106da8-8aaa-441e-8e17-9752767e6585
+```

src/apps/k8s/helm/azure-pipelines/manifests/deployment-webapi.yml

@@ -0,0 +1,153 @@
+apiVersion: apps/v1
+kind: Deployment
+
+metadata:
+  name: voucher-webapi
+  namespace: utu-taxfree
+  labels:
+    app: voucher-webapi
+    run: voucher-webapi
+
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      run: voucher-webapi
+
+  template:
+    metadata:
+      labels:
+        app: voucher-webapi
+        run: voucher-webapi
+
+    spec:
+      containers:
+        - name: voucher-webapi
+          image: uturegistry.azurecr.io/voucher.webapi
+          livenessProbe:
+            httpGet:
+              path: /hc
+              port: 80
+            initialDelaySeconds: 30
+            periodSeconds: 30
+            timeoutSeconds: 15
+            failureThreshold: 10
+          env:
+            - name: ASPNETCORE_ENVIRONMENT
+              value: "Development"
+            - name: KeyVaultName
+              value: "UTU-KV-AppSettings-Dev"
+            - name: KeyVaultUserIdentityId
+              value: "b1470371-ef6e-42e7-8288-1bb5f61f3728"
+            - name: Blob__VoucherContainer
+              value: "dev-vouchers"
+            - name: Blob__TaxfreeFolder
+              value: "taxfree"
+            - name: Blob__ReceiptFolder
+              value: "receipt"
+            - name: Blob__MemberPicturesContainer
+              value: "dev-memberpictures"
+            - name: ApplicationsInsights__ConnectionString
+              value: "InstrumentationKey=d7ec8ebc-ba2a-4f7f-90bb-a6ac05e1fe88"
+            - name: DBSettings__HealthConnectionString
+              valueFrom:
+                secretKeyRef:
+                  name: taxfree-app-secret
+                  key: HEALTH_CONNECTION_STRING
+            - name: DBSettings__ConnectionString
+              valueFrom:
+                secretKeyRef:
+                  name: taxfree-app-secret
+                  key: MONGODB_CONNECTION_STRING
+            - name: DBSettings__Database
+              value: "UTU-PromotionEngine-Dev"
+            - name: DBSettings__GenericDB
+              value: "UTU-Generic-Dev"
+            - name: JWT__ValidIssuer
+              value: "https://utuapi-auth-dev.azurewebsites.net"
+            - name: JWT__ValidAudience
+              value: "https://utuapi-auth-dev.azurewebsites.net"
+            - name: JWT__Secret
+              valueFrom:
+                secretKeyRef:
+                  name: taxfree-app-secret
+                  key: JWT_SECRET
+            - name: MassTransitSettings__HostName
+              valueFrom:
+                secretKeyRef:
+                  name: taxfree-app-secret
+                  key: RABBITMQ_HOST_NAME
+            - name: MassTransitSettings__VirtualHost
+              valueFrom:
+                secretKeyRef:
+                  name: taxfree-app-secret
+                  key: RABBITMQ_VIRTUAL_HOST
+            - name: MassTransitSettings__UserName
+              valueFrom:
+                secretKeyRef:
+                  name: taxfree-app-secret
+                  key: RABBITMQ_USER_NAME
+            - name: MassTransitSettings__Password
+              valueFrom:
+                secretKeyRef:
+                  name: taxfree-app-secret
+                  key: RABBITMQ_PASSWORD
+            - name: AzureServiceBusSettings__ConnectionString
+              valueFrom:
+                secretKeyRef:
+                  name: taxfree-app-secret
+                  key: AZURE_SERVICE_BUS_CONNECTION_STRING
+            - name: SendGridSettings__ApiKey
+              valueFrom:
+                secretKeyRef:
+                  name: taxfree-app-secret
+                  key: SENDGRID_API_KEY
+            - name: SendGridSettings__FromEmail
+              value: "[email protected]"
+            - name: AzureCognitiveServices__Endpoint
+              value: "https://utu-cognitive-services-dev.cognitiveservices.azure.com"
+            - name: AzureCognitiveServices__SubscriptionKey
+              value: "da95a31f4d98448b9d0a605f04b6152b"
+            - name: AzureCognitiveServices__TaxfreeClassifyUrl
+              value: "/customvision/v3.0/Prediction/df759587-1b45-4e13-90b6-dc0db8625b7b/classify/iterations/Iteration8/url"
+            - name: BlobStorageSettings__ConnectionString
+              valueFrom:
+                secretKeyRef:
+                  name: taxfree-app-secret
+                  key: BLOB_STORAGE_CONNECTION_STRING
+            - name: BlobStorageSettings__BaseURI
+              value: "https://utustorage.blob.core.windows.net"
+            - name: APIClientSettings__AuthApiUrl
+              value: "https://utuapi-auth-dev.azurewebsites.net"
+            - name: APIClientSettings__CMSApiUrl
+              value: "https://utuapi-cms-dev.azurewebsites.net"
+            - name: APIClientSettings__ExchangeApiUrl
+              value: "https://utuapi-exchange-dev.azurewebsites.net"
+            - name: APIClientSettings__APIKey
+              valueFrom:
+                secretKeyRef:
+                  name: taxfree-app-secret
+                  key: UTU_API_KEY
+            - name: EPPlus__ExcelPackage__LicenseContext
+              value: "NonCommercial"
+            - name: utuLogoUrl
+              value: "https://utuwsimages.blob.core.windows.net/websiteimages/211004%20-%20utu%20logo%20-%20512x512%20JPG.jpg"
+            - name: VoucherDailyTransactionReportTemplateId
+              value: "d-de2bde74209241c8b5e9d66b50dc395e"
+            - name: AllowedHosts
+              value: "*"
+            - name: DomainPath
+              value: "http://utuaksapi-dev.westeurope.cloudapp.azure.com/"
+
+          resources:
+            requests:
+              cpu: "200m" #20% of a core
+              memory: "200Mi"
+            limits:
+              cpu: "200m" #20% of a core
+              memory: "200Mi"
+          imagePullPolicy: Always
+
+      restartPolicy: Always
+      terminationGracePeriodSeconds: 30
+      dnsPolicy: ClusterFirst

src/apps/k8s/helm/azure-pipelines/manifests/deployment-worker.yml

@@ -0,0 +1,41 @@
+apiVersion: apps/v1
+kind: Deployment
+
+metadata:
+  name: voucher-worker
+  namespace: utu-taxfree
+  labels:
+    app: voucher-worker
+    run: voucher-worker
+
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      run: voucher-worker
+
+  template:
+    metadata:
+      labels:
+        app: voucher-worker
+        run: voucher-worker
+
+    spec:
+      containers:
+        - name: voucher-worker
+          image: uturegistry.azurecr.io/voucher.worker
+          env:
+            - name: DOTNET_ENVIRONMENT
+              value: "Development"
+          resources:
+            requests:
+              cpu: "100m" #10% of a core
+              memory: "100Mi"
+            limits:
+              cpu: "100m" #10% of a core
+              memory: "100Mi"
+          imagePullPolicy: Always
+
+      restartPolicy: Always
+      terminationGracePeriodSeconds: 30
+      dnsPolicy: ClusterFirst

src/apps/k8s/helm/azure-pipelines/manifests/service.yml

@@ -0,0 +1,20 @@
+apiVersion: v1
+kind: Service
+
+metadata:
+  name: voucher-service
+  namespace: utu-taxfree
+  labels:
+    run: voucher-webapi
+
+spec:
+  type: ClusterIP
+
+  ports:
+    - protocol: TCP
+      name: http-port
+      port: 80
+      targetPort: 8080
+
+  selector:
+    run: voucher-webapi

src/apps/k8s/helm/gnxchart/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

src/apps/k8s/helm/gnxchart/Chart.yaml

@@ -0,0 +1,24 @@
+apiVersion: v2
+name: gnxchart
+description: A Genocs application Helm chart for Kubernetes
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 1.0.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "1.0.0"

src/apps/k8s/helm/gnxchart/templates/NOTES.txt

@@ -0,0 +1,22 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range $host := .Values.ingress.hosts }}
+  {{- range .paths }}
+  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
+  {{- end }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "gnxchart.fullname" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "gnxchart.fullname" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "gnxchart.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
+  echo http://$SERVICE_IP:{{ .Values.service.port }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "gnxchart.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT
+{{- end }}