From c11faee82465a787e236bb3629101d8a491d1606 Mon Sep 17 00:00:00 2001 From: Remy Moll Date: Mon, 13 Oct 2025 17:17:02 +0200 Subject: [PATCH 01/11] towards a better gitops deploy strategy --- .envrc | 1 + .../workflows/backend_build-deploy-prod.yaml | 12 ++----- .../workflows/backend_build-deploy-stg.yaml | 12 ++----- .../workflows/workflow_deploy-container.yaml | 35 ------------------- .gitignore | 1 + .vscode/launch.json | 8 ++--- .vscode/settings.json | 3 ++ backend/.gitignore | 5 ++- default.nix | 17 +++++++++ 9 files changed, 32 insertions(+), 62 deletions(-) create mode 100644 .envrc delete mode 100644 .gitea/workflows/workflow_deploy-container.yaml create mode 100644 .vscode/settings.json create mode 100644 default.nix diff --git a/.envrc b/.envrc new file mode 100644 index 0000000..1d953f4 --- /dev/null +++ b/.envrc @@ -0,0 +1 @@ +use nix diff --git a/.gitea/workflows/backend_build-deploy-prod.yaml b/.gitea/workflows/backend_build-deploy-prod.yaml index 3dfb55a..f9df90e 100644 --- a/.gitea/workflows/backend_build-deploy-prod.yaml +++ b/.gitea/workflows/backend_build-deploy-prod.yaml @@ -10,15 +10,7 @@ jobs: name: Build and push image uses: ./.gitea/workflows/workflow_build-image.yaml with: - tag: stable + # sets the tag to the git tag that triggered the workflow - the deployment (configured in a separate repository) will use this tag and be deployed to production by argocd + tag: ${{ github.ref_name }} secrets: PACKAGE_REGISTRY_ACCESS: ${{ secrets.PACKAGE_REGISTRY_ACCESS }} - - deploy-prod: - name: Deploy to production - uses: ./.gitea/workflows/workflow_deploy-container.yaml - with: - overlay: prod - secrets: - KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }} - needs: build-and-push diff --git a/.gitea/workflows/backend_build-deploy-stg.yaml b/.gitea/workflows/backend_build-deploy-stg.yaml index 3d67c44..b99d605 100644 --- a/.gitea/workflows/backend_build-deploy-stg.yaml +++ b/.gitea/workflows/backend_build-deploy-stg.yaml @@ -12,15 +12,7 @@ jobs: name: Build and push image uses: ./.gitea/workflows/workflow_build-image.yaml with: - tag: unstable + # sets a unique tag for each commit in the PR - this gets deployed to a separate application instance using argocd + tag: ${{ github.head_ref }}-{{ github.sha }} secrets: PACKAGE_REGISTRY_ACCESS: ${{ secrets.PACKAGE_REGISTRY_ACCESS }} - - deploy-prod: - name: Deploy to staging - uses: ./.gitea/workflows/workflow_deploy-container.yaml - with: - overlay: stg - secrets: - KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }} - needs: build-and-push diff --git a/.gitea/workflows/workflow_deploy-container.yaml b/.gitea/workflows/workflow_deploy-container.yaml deleted file mode 100644 index b4f9527..0000000 --- a/.gitea/workflows/workflow_deploy-container.yaml +++ /dev/null @@ -1,35 +0,0 @@ -on: - workflow_call: - inputs: - overlay: - required: true - type: string - secrets: - KUBE_CONFIG: - required: true - - -name: Deploy the newly built container - - -jobs: - deploy: - name: Deploy - runs-on: ubuntu-latest - steps: - - - uses: https://gitea.com/actions/checkout@v4 - with: - submodules: true - - - name: setup kubectl - uses: https://github.com/azure/setup-kubectl@v4 - - - name: Set kubeconfig - run: | - echo "${{ secrets.KUBE_CONFIG }}" > kubeconfig - - - name: Deploy to k8s - run: | - kubectl apply -k backend/deployment/overlays/${{ inputs.overlay }} --kubeconfig=kubeconfig - kubectl -n anyway-backend rollout restart deployment/anyway-backend-${{ inputs.overlay }} --kubeconfig=kubeconfig diff --git a/.gitignore b/.gitignore index e934adf..8f140c8 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ cache/ +.direnv/ diff --git a/.vscode/launch.json b/.vscode/launch.json index 4454643..dc2c672 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -9,9 +9,7 @@ "name": "Backend - debug", "type": "debugpy", "request": "launch", - "env": { - "DEBUG": "true" - }, + "envFile": "${workspaceFolder}/backend/debug.env", "jinja": true, "cwd": "${workspaceFolder}/backend", "module": "fastapi", @@ -25,9 +23,7 @@ "type": "debugpy", "request": "launch", "program": "src/tester.py", - "env": { - "DEBUG": "true" - }, + "envFile": "${workspaceFolder}/backend/debug.env", "cwd": "${workspaceFolder}/backend" }, // frontend - flutter app diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 0000000..e982907 --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1,3 @@ +{ + "nixEnvSelector.nixFile": "${workspaceFolder}/default.nix" +} diff --git a/backend/.gitignore b/backend/.gitignore index ac02d06..f98f017 100644 --- a/backend/.gitignore +++ b/backend/.gitignore @@ -1,3 +1,6 @@ +# all .env files +*.env + # osm-cache cache_XML/ @@ -165,4 +168,4 @@ cython_debug/ # be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore # and can be added to the global gitignore or merged into this file. For a more nuclear # option (not recommended) you can uncomment the following to ignore the entire idea folder. -#.idea/ \ No newline at end of file +#.idea/ diff --git a/default.nix b/default.nix new file mode 100644 index 0000000..b183363 --- /dev/null +++ b/default.nix @@ -0,0 +1,17 @@ +{ pkgs ? import { config.android_sdk.accept_license = true; config.allowUnfree = true; } }: + +pkgs.mkShell { + buildInputs = [ + pkgs.flutter + #pkgs.android-tools # for adb + #pkgs.openjdk # required for Android builds + ]; + + # Set up Android SDK paths if needed + shellHook = '' + export ANDROID_SDK_ROOT=${pkgs.androidsdk}/libexec/android-sdk + export PATH=$PATH:${pkgs.androidsdk}/libexec/android-sdk/platform-tools + echo "Flutter dev environment ready. 'adb' and 'flutter' are available." + ''; +} + -- 2.49.1 From fe2a0cf1d5d16aa2abf8cb8486f9558d7eb22ab9 Mon Sep 17 00:00:00 2001 From: Remy Moll Date: Mon, 13 Oct 2025 18:03:39 +0200 Subject: [PATCH 02/11] add missing dollar sign --- .gitea/workflows/backend_build-deploy-stg.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/backend_build-deploy-stg.yaml b/.gitea/workflows/backend_build-deploy-stg.yaml index b99d605..527272a 100644 --- a/.gitea/workflows/backend_build-deploy-stg.yaml +++ b/.gitea/workflows/backend_build-deploy-stg.yaml @@ -13,6 +13,6 @@ jobs: uses: ./.gitea/workflows/workflow_build-image.yaml with: # sets a unique tag for each commit in the PR - this gets deployed to a separate application instance using argocd - tag: ${{ github.head_ref }}-{{ github.sha }} + tag: ${{ github.head_ref }}-${{ github.sha }} secrets: PACKAGE_REGISTRY_ACCESS: ${{ secrets.PACKAGE_REGISTRY_ACCESS }} -- 2.49.1 From d1cbf972fee340d31918e9840888620d58d5b025 Mon Sep 17 00:00:00 2001 From: Remy Moll Date: Mon, 13 Oct 2025 18:05:27 +0200 Subject: [PATCH 03/11] since branch names may contain slashes and other special chars they are not suitable for tag names. only use the hash --- .gitea/workflows/backend_build-deploy-stg.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/backend_build-deploy-stg.yaml b/.gitea/workflows/backend_build-deploy-stg.yaml index 527272a..a59f75c 100644 --- a/.gitea/workflows/backend_build-deploy-stg.yaml +++ b/.gitea/workflows/backend_build-deploy-stg.yaml @@ -13,6 +13,6 @@ jobs: uses: ./.gitea/workflows/workflow_build-image.yaml with: # sets a unique tag for each commit in the PR - this gets deployed to a separate application instance using argocd - tag: ${{ github.head_ref }}-${{ github.sha }} + tag: sha${{ github.sha }} secrets: PACKAGE_REGISTRY_ACCESS: ${{ secrets.PACKAGE_REGISTRY_ACCESS }} -- 2.49.1 From e14900e9f01abfbeecbb748130b67eb644c7acb8 Mon Sep 17 00:00:00 2001 From: Remy Moll Date: Tue, 14 Oct 2025 11:21:28 +0200 Subject: [PATCH 04/11] remove backend deployment submodule --- .gitmodules | 3 --- backend/deployment | 1 - 2 files changed, 4 deletions(-) delete mode 100644 .gitmodules delete mode 160000 backend/deployment diff --git a/.gitmodules b/.gitmodules deleted file mode 100644 index c08c402..0000000 --- a/.gitmodules +++ /dev/null @@ -1,3 +0,0 @@ -[submodule "backend/deployment"] - path = backend/deployment - url = https://git.kluster.moll.re/anydev/anyway-backend-deployment diff --git a/backend/deployment b/backend/deployment deleted file mode 160000 index 904f16b..0000000 --- a/backend/deployment +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 904f16bfc0624b6ab8569e0a70050aaa3bd64b3f -- 2.49.1 From 708c07cf497009cbcd9b5637f441dd7ab96b5adb Mon Sep 17 00:00:00 2001 From: Remy Moll Date: Tue, 14 Oct 2025 14:11:18 +0200 Subject: [PATCH 05/11] add a comment containing additional deployment information --- .gitea/workflows/backend_build-deploy-prod.yaml | 3 +++ .gitea/workflows/backend_build-deploy-stg.yaml | 14 ++++++++++++++ 2 files changed, 17 insertions(+) diff --git a/.gitea/workflows/backend_build-deploy-prod.yaml b/.gitea/workflows/backend_build-deploy-prod.yaml index f9df90e..daaae56 100644 --- a/.gitea/workflows/backend_build-deploy-prod.yaml +++ b/.gitea/workflows/backend_build-deploy-prod.yaml @@ -3,6 +3,9 @@ on: tags: - v* +permissions: + pull-requests: write + name: Build and deploy the backend to production jobs: diff --git a/.gitea/workflows/backend_build-deploy-stg.yaml b/.gitea/workflows/backend_build-deploy-stg.yaml index a59f75c..1a43b9f 100644 --- a/.gitea/workflows/backend_build-deploy-stg.yaml +++ b/.gitea/workflows/backend_build-deploy-stg.yaml @@ -16,3 +16,17 @@ jobs: tag: sha${{ github.sha }} secrets: PACKAGE_REGISTRY_ACCESS: ${{ secrets.PACKAGE_REGISTRY_ACCESS }} + + notify: + runs-on: ubuntu-latest + name: Add a comment to the PR to notify about the deployment + steps: + - name: Notify about deployment + uses: marocchino/sticky-pull-request-comment@v2 + with: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + header: backend deployed to production + message: | + The backend has been deployed to staging with url . Check the deployment status in ArgoCD: + + [![App Status](https://argocd.kluster.moll.re/api/badge?name=anydev-anyway-backend-stg-pr-{{ github.event.number }}&revision=true&showAppName=true)](https://argocd.kluster.moll.re/applications/anydev-anyway-backend-stg-pr-{{ github.event.number }}) -- 2.49.1 From 219cfcf1a62f037edde5836de95aae31fe58c843 Mon Sep 17 00:00:00 2001 From: Remy Moll Date: Tue, 14 Oct 2025 14:50:27 +0200 Subject: [PATCH 06/11] try with correct url? --- .gitea/workflows/backend_build-deploy-stg.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/backend_build-deploy-stg.yaml b/.gitea/workflows/backend_build-deploy-stg.yaml index 1a43b9f..c967b73 100644 --- a/.gitea/workflows/backend_build-deploy-stg.yaml +++ b/.gitea/workflows/backend_build-deploy-stg.yaml @@ -22,7 +22,7 @@ jobs: name: Add a comment to the PR to notify about the deployment steps: - name: Notify about deployment - uses: marocchino/sticky-pull-request-comment@v2 + uses: https://github.com/marocchino/sticky-pull-request-comment@v2 with: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} header: backend deployed to production -- 2.49.1 From ec3ed054fdc706016015a418422bdceb2872b928 Mon Sep 17 00:00:00 2001 From: Remy Moll Date: Tue, 14 Oct 2025 16:02:27 +0200 Subject: [PATCH 07/11] try using the gitea cli instead --- .../workflows/backend_build-deploy-stg.yaml | 20 +++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/.gitea/workflows/backend_build-deploy-stg.yaml b/.gitea/workflows/backend_build-deploy-stg.yaml index c967b73..b6a51c2 100644 --- a/.gitea/workflows/backend_build-deploy-stg.yaml +++ b/.gitea/workflows/backend_build-deploy-stg.yaml @@ -21,12 +21,16 @@ jobs: runs-on: ubuntu-latest name: Add a comment to the PR to notify about the deployment steps: - - name: Notify about deployment - uses: https://github.com/marocchino/sticky-pull-request-comment@v2 - with: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - header: backend deployed to production - message: | - The backend has been deployed to staging with url . Check the deployment status in ArgoCD: + - name: Download gitea client + run: | + curl -sSL -o tea https://dl.gitea.com/tea/0.11.0/tea-0.11.0-linux-amd64 + chmod +x tea + - name: Post comment + run: | + ./tea pr comment ${{ github.event.number }} --body "The backend has been deployed to staging with url https://pr-${{ github.event.number }}.anyway-stg.anydev.info. Check the deployment status in ArgoCD: - [![App Status](https://argocd.kluster.moll.re/api/badge?name=anydev-anyway-backend-stg-pr-{{ github.event.number }}&revision=true&showAppName=true)](https://argocd.kluster.moll.re/applications/anydev-anyway-backend-stg-pr-{{ github.event.number }}) + [![App Status](https://argocd.kluster.moll.re/api/badge?name=anydev-anyway-backend-stg-pr-${{ github.event.number }}&revision=true&showAppName=true)](https://argocd.kluster.moll.re/applications/anydev-anyway-backend-stg-pr-${{ github.event.number }})" + env: + GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }} + GITEA_BASE_URL: ${{ secrets.GITEA_BASE_URL }} + GITEA_REPO: ${{ secrets.GITEA_REPO }} -- 2.49.1 From d8c6bfcda02b3e1a708363144014ca964d2baaef Mon Sep 17 00:00:00 2001 From: Remy Moll Date: Tue, 14 Oct 2025 16:18:32 +0200 Subject: [PATCH 08/11] try whithout body flag --- .gitea/workflows/backend_build-deploy-stg.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/backend_build-deploy-stg.yaml b/.gitea/workflows/backend_build-deploy-stg.yaml index b6a51c2..164437c 100644 --- a/.gitea/workflows/backend_build-deploy-stg.yaml +++ b/.gitea/workflows/backend_build-deploy-stg.yaml @@ -27,7 +27,7 @@ jobs: chmod +x tea - name: Post comment run: | - ./tea pr comment ${{ github.event.number }} --body "The backend has been deployed to staging with url https://pr-${{ github.event.number }}.anyway-stg.anydev.info. Check the deployment status in ArgoCD: + ./tea pr comment ${{ github.event.number }} "The backend has been deployed to staging with url https://pr-${{ github.event.number }}.anyway-stg.anydev.info. Check the deployment status in ArgoCD: [![App Status](https://argocd.kluster.moll.re/api/badge?name=anydev-anyway-backend-stg-pr-${{ github.event.number }}&revision=true&showAppName=true)](https://argocd.kluster.moll.re/applications/anydev-anyway-backend-stg-pr-${{ github.event.number }})" env: -- 2.49.1 From 89c5fc9370d6cfb60ab7890716eb694bcd6ed21a Mon Sep 17 00:00:00 2001 From: Remy Moll Date: Tue, 14 Oct 2025 17:00:07 +0200 Subject: [PATCH 09/11] more tea attempts --- .gitea/workflows/backend_build-deploy-stg.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.gitea/workflows/backend_build-deploy-stg.yaml b/.gitea/workflows/backend_build-deploy-stg.yaml index 164437c..058fc35 100644 --- a/.gitea/workflows/backend_build-deploy-stg.yaml +++ b/.gitea/workflows/backend_build-deploy-stg.yaml @@ -25,6 +25,10 @@ jobs: run: | curl -sSL -o tea https://dl.gitea.com/tea/0.11.0/tea-0.11.0-linux-amd64 chmod +x tea + + - name: Login + run: | + ./tea login add --url git.kluster.moll.re --name bot --token ${{ secrets.GITEA_TOKEN }} - name: Post comment run: | ./tea pr comment ${{ github.event.number }} "The backend has been deployed to staging with url https://pr-${{ github.event.number }}.anyway-stg.anydev.info. Check the deployment status in ArgoCD: -- 2.49.1 From aeed9c7dc9317b900c1ccd016e216cd71f5b65da Mon Sep 17 00:00:00 2001 From: Remy Moll Date: Tue, 14 Oct 2025 17:15:07 +0200 Subject: [PATCH 10/11] maybe like this? --- .gitea/workflows/backend_build-deploy-stg.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.gitea/workflows/backend_build-deploy-stg.yaml b/.gitea/workflows/backend_build-deploy-stg.yaml index 058fc35..854e041 100644 --- a/.gitea/workflows/backend_build-deploy-stg.yaml +++ b/.gitea/workflows/backend_build-deploy-stg.yaml @@ -29,11 +29,14 @@ jobs: - name: Login run: | ./tea login add --url git.kluster.moll.re --name bot --token ${{ secrets.GITEA_TOKEN }} + ./tea login default - name: Post comment run: | - ./tea pr comment ${{ github.event.number }} "The backend has been deployed to staging with url https://pr-${{ github.event.number }}.anyway-stg.anydev.info. Check the deployment status in ArgoCD: + ./tea comment --repo anydev/anyway ${{ github.event.number }} """ + The backend has been deployed to staging with url https://pr-${{ github.event.number }}.anyway-stg.anydev.info. Check the deployment status in ArgoCD: - [![App Status](https://argocd.kluster.moll.re/api/badge?name=anydev-anyway-backend-stg-pr-${{ github.event.number }}&revision=true&showAppName=true)](https://argocd.kluster.moll.re/applications/anydev-anyway-backend-stg-pr-${{ github.event.number }})" + [![App Status](https://argocd.kluster.moll.re/api/badge?name=anydev-anyway-backend-stg-pr-${{ github.event.number }}&revision=true&showAppName=true)](https://argocd.kluster.moll.re/applications/anydev-anyway-backend-stg-pr-${{ github.event.number }}) + """ env: GITEA_TOKEN: ${{ secrets.GITEA_TOKEN }} GITEA_BASE_URL: ${{ secrets.GITEA_BASE_URL }} -- 2.49.1 From 71c73253704fd24f0807940aae527d2a11506371 Mon Sep 17 00:00:00 2001 From: Remy Moll Date: Tue, 14 Oct 2025 17:19:24 +0200 Subject: [PATCH 11/11] man what? --- .gitea/workflows/backend_build-deploy-stg.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/backend_build-deploy-stg.yaml b/.gitea/workflows/backend_build-deploy-stg.yaml index 854e041..6bfaa7d 100644 --- a/.gitea/workflows/backend_build-deploy-stg.yaml +++ b/.gitea/workflows/backend_build-deploy-stg.yaml @@ -32,7 +32,7 @@ jobs: ./tea login default - name: Post comment run: | - ./tea comment --repo anydev/anyway ${{ github.event.number }} """ + ./tea comment --repo anydev/anyway --login bot ${{ github.event.number }} """ The backend has been deployed to staging with url https://pr-${{ github.event.number }}.anyway-stg.anydev.info. Check the deployment status in ArgoCD: [![App Status](https://argocd.kluster.moll.re/api/badge?name=anydev-anyway-backend-stg-pr-${{ github.event.number }}&revision=true&showAppName=true)](https://argocd.kluster.moll.re/applications/anydev-anyway-backend-stg-pr-${{ github.event.number }}) -- 2.49.1