diff --git a/Readme.md b/Readme.md index 992c85217..03d7a8f4e 100644 --- a/Readme.md +++ b/Readme.md @@ -4,6 +4,8 @@ Previously, the site was run in IIS, but is now migrated to Apache. The Docker image is configured to host the site that can be accessed at http://localhost:8055. +If you have [website-local-proxy](https://github.com/keymanapp/website-local-proxy) running, the help site is available at +http://help.keyman.com.localhost. ### Pre-requisites @@ -24,10 +26,6 @@ On Windows, Docker will also need either: #### Start the Docker container 1. Run `./build.sh start`. -#### Configure -Move PHP dependencies in Docker image from /var/www/vendor/ to /var/www/html/vendor -1. Run `./build.sh configure`. - After this, you can access the help.keyman site at http://localhost:8055 #### Remove the Docker container and image @@ -36,49 +34,3 @@ After this, you can access the help.keyman site at http://localhost:8055 #### Running tests Checks for broken links 1. Run `./build.sh test` - - -## How to run help.keyman.com locally with Docker Desktop's Kubernetes singlenode cluster - -For testing Kubernetes deployment there are yaml files under `resources/kubectl`, that cover local developer testing. - -### Pre-requisites -On the host machine, install [Docker](https://docs.docker.com/get-docker/), then enable Kubernetes in the settings. Ensure you have built a help-keyman-app Docker image, and either tag it `docker.dallas.languagetechnology.org/keyman/help-keyman-app` or modify the `app-php` containers `image:` value to match you local copy's name. - -### Deploying to a desktop cluster -To deploy the dev version to the cluster do the following: -1. Ensure your `kubectl` context is set to `docker-desktop`, though the Docker Desktop systray icon or by running: -```bash -$> kubectl config use-context docker-desktop -``` -2. Create a keyman namespace if it does not already exist: -```bash -$> kubectl create ns keyman -``` -3. Apply the configs for the resources and start the pod: -```bash -$> kubectl --namespace keyman apply \ - -f resources/kubectl/help-kubectl-dev.yaml \ - -f resources/kubectl/help-kubectl.yaml -``` -### Testing the site and `/api/deploy` webhook endpoint -The site can be reached on http://localhost:30080/ via web browser, and the deploy api is on http://localhost:30900/api/deploy, and can be activated like so: -```bash -$> curl -v --request POST \ - -H "Content-Type: application/json" \ - -H "X-Hub-Signature-256: sha256=49af8531106a369bfee369f91dadec597e8ea3992ec2802bbe655be0ece17f15" \ - --data '{"action":"push","ref":"refs/heads/staging"}' \ - http://localhost:30900/api/deploy -``` -This simulates enough of a GitHub webhook push event to pass validation on the responder. - -### Clean up after testing - -To remove the k8s deployment and resources, and delete everything do: -```bash -$> kubectl --namespace=keyman delete {svc,deploy,cm,secret,pvc}/help-keyman-com -``` -Or just restart the deployment for further testing -```bash -$> kubectl --namespace=keyman rollout restart deploy/help-keyman-com -``` diff --git a/resources/kubectl/help-kubectl-deploy.yaml b/resources/kubectl/help-kubectl-deploy.yaml deleted file mode 100644 index feb364be7..000000000 --- a/resources/kubectl/help-kubectl-deploy.yaml +++ /dev/null @@ -1,79 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: help-keyman-com - namespace: keyman - finalizers: - - kubernetes.io/pvc-protection -spec: - storageClassName: longhorn - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1Gi ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: help-keyman-com - name: help-keyman-com - namespace: keyman -spec: - type: NodePort - ports: - - name: http - port: 80 - protocol: TCP - - name: api - port: 9000 - protocol: TCP - selector: - app: help-keyman-com ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: help-keyman-com - namespace: keyman -spec: - rules: - - host: help.keyman-staging.com - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: help-keyman-com - port: - name: http - - path: /api/deploy - pathType: Exact - backend: - service: - name: help-keyman-com - port: - name: api - - host: com-keyman-help.languagetechnology.org - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: help-keyman-com - port: - name: http - - path: /api/deploy - pathType: Exact - backend: - service: - name: help-keyman-com - port: - name: api - tls: - - hosts: - - help.keyman-staging.com - secretName: keyman-staging-com diff --git a/resources/kubectl/help-kubectl-dev.yaml b/resources/kubectl/help-kubectl-dev.yaml deleted file mode 100644 index 59a0020cf..000000000 --- a/resources/kubectl/help-kubectl-dev.yaml +++ /dev/null @@ -1,48 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: help-keyman-com - namespace: keyman - finalizers: - - kubernetes.io/pvc-protection -spec: - storageClassName: hostpath - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1Gi ---- -apiVersion: v1 -kind: Secret -metadata: - name: help-keyman-com - namespace: keyman -data: - # This key is for local testing, or development of k8s yaml files - # on a test cluster (e.g. minikude etc). Do *not* deploy to production - # decoded it is: 7f913e60-f9ba-430b-9231-91908fa6c06b - deploy_key: N2Y5MTNlNjAtZjliYS00MzBiLTkyMzEtOTE5MDhmYTZjMDZi -type: Opaque ---- -apiVersion: v1 -kind: Service -metadata: - labels: - run: help-keyman-com - name: help-keyman-com - namespace: keyman -spec: - type: NodePort - ports: - - name: http - port: 80 - protocol: TCP - nodePort: 30080 - - name: api - port: 9000 - protocol: TCP - nodePort: 30900 - selector: - app: help-keyman-com - diff --git a/resources/kubectl/help-kubectl.yaml b/resources/kubectl/help-kubectl.yaml deleted file mode 100644 index 30ed8b690..000000000 --- a/resources/kubectl/help-kubectl.yaml +++ /dev/null @@ -1,195 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: help-keyman-com - namespace: keyman - labels: - app: help-keyman-com -spec: - replicas: 1 - selector: - matchLabels: - app: help-keyman-com - strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 1 - type: RollingUpdate - template: - metadata: - labels: - app: help-keyman-com - name: help-keyman-com - namespace: keyman - spec: - affinity: - podAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - help-keyman-com - topologyKey: kubernetes.io/hostname - terminationGracePeriodSeconds: 60 - containers: - - name: app-php - image: ghcr.io/keymanapp/help-keyman-com - imagePullPolicy: IfNotPresent - ports: - - containerPort: 80 - volumeMounts: - - name: help-site-app - mountPath: /var/www/html - subPath: html - readOnly: true - readinessProbe: - httpGet: - path: /robots.txt - port: 80 - initialDelaySeconds: 5 - periodSeconds: 15 - livenessProbe: - tcpSocket: - port: 80 - - - name: api - image: alpine - imagePullPolicy: IfNotPresent - securityContext: - runAsGroup: 33 - env: - - name: DEPLOY_KEY - valueFrom: - secretKeyRef: - name: help-keyman-com - key: deploy_key - - name: SITE_GIT_BRANCH - valueFrom: - configMapKeyRef: - name: help-keyman-com - key: site-branch - command: ["sh", "-c"] - args: - - | - set -e - apk add git webhook - exec webhook -verbose \ - -urlprefix=api \ - -template \ - -hooks=/webhooks/hooks.yaml - ports: - - containerPort: 9000 - volumeMounts: - - name: webhooks - mountPath: /webhooks - readOnly: true - - name: help-site-app - mountPath: /mnt - - initContainers: - - name: init-site-repo - image: k8s.gcr.io/git-sync/git-sync:v3.6.2 - imagePullPolicy: IfNotPresent - securityContext: - runAsUser: 0 - runAsGroup: 33 - env: - - name: GIT_SYNC_BRANCH - valueFrom: - configMapKeyRef: {name: help-keyman-com, key: site-branch} - args: [ - --repo=https://github.com/keymanapp/help.keyman.com.git, - --sparse-checkout-file=/tmp/git/sparse-checkout.config, - --one-time, --depth=1, --root=/mnt, --dest=html] - volumeMounts: - - name: help-site-app - mountPath: /mnt - - name: git-config - mountPath: /tmp/git - - - name: init-site-vendoring - image: ghcr.io/keymanapp/help-keyman-com - securityContext: - runAsUser: 0 - runAsGroup: 33 - command: ["sh", "-c"] - args: - - | - #!/bin/bash - ln -sf /var/www/vendor /mnt/html/vendor - cd /mnt/html - ./build.sh configure - if [ -f /mnt/html/resources/init-container.sh ]; then - cd /mnt/html - /mnt/html/resources/init-container.sh - fi - volumeMounts: - - name: help-site-app - mountPath: /mnt - - volumes: - - name: help-site-app - persistentVolumeClaim: - claimName: help-keyman-com - - name: git-config - configMap: - name: help-keyman-com - items: - - key: git-sparse-checkout - path: sparse-checkout.config - - name: webhooks - configMap: - name: help-keyman-com - items: - - key: deployer - path: deploy.sh - mode: 365 - - key: webhooks - path: hooks.yaml ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: help-keyman-com - namespace: keyman -data: - site-branch: staging - git-sparse-checkout: | - /* - !.editorconfig - !.github - !composer.* - !Dockerfile - !Readme.md - !web.config - deployer: | - #!/bin/sh - git fetch --depth 1 && git reset --hard origin/${SITE_GIT_BRANCH} - webhooks: | - - id: deploy - execute-command: /webhooks/deploy.sh - command-working-directory: /mnt/html - http-methods: [POST] - trigger-rule: - and: - - or: - - match: - type: payload-hmac-sha256 - secret: '{{ getenv "DEPLOY_KEY" }}' - parameter: - source: header - name: X-Hub-Signature-256 - - match: - type: payload-hmac-sha1 - secret: '{{ getenv "DEPLOY_KEY" }}' - parameter: - source: header - name: X-Hub-Signature - - match: - type: value - value: 'refs/heads/{{getenv "SITE_GIT_BRANCH"}}' - parameter: - source: payload - name: ref \ No newline at end of file