Merge pull request #6 from nyu-devops/su24-updates

Updates for Summer 2024 Semester

.devcontainer/devcontainer.json

@@ -45,7 +45,6 @@
 				"njpwerner.autodocstring",
 				"wholroyd.jinja",
 				"ms-vscode.makefile-tools",
-				"tamasfe.even-better-toml",
 				"yzhang.markdown-all-in-one",
 				"DavidAnson.vscode-markdownlint",
 				"bierner.github-markdown-preview",
@@ -57,12 +56,14 @@
 				"hbenl.vscode-test-explorer",
 				"LittleFoxTeam.vscode-python-test-adapter",
 				"redhat.vscode-yaml",
+				"rangav.vscode-thunder-client",
 				"ms-azuretools.vscode-docker",
-				"ms-kubernetes-tools.vscode-kubernetes-tools",
+				"redhat.fabric8-analytics",
 				"inercia.vscode-k3d",
-				"rangav.vscode-thunder-client",
-				"bbenoist.vagrant",
-				"streetsidesoftware.code-spell-checker"
+				"ms-kubernetes-tools.vscode-kubernetes-tools",
+                "redhat.vscode-openshift-connector",
+				"streetsidesoftware.code-spell-checker",
+				"bbenoist.vagrant"
 			]
 		}
 	},

.devcontainer/docker-compose.yml

@@ -13,7 +13,7 @@ services:
       - ..:/app
     command: sleep infinity
     environment:
-      FLASK_APP: service:app
+      FLASK_APP: wsgi:app
       FLASK_DEBUG: "True"
       GUNICORN_BIND: "0.0.0.0:8000"
       DATABASE_URI: postgresql+psycopg://postgres:pgs3cr3t@postgres:5432/petstore

.devcontainer/scripts/install-tools.sh

@@ -2,7 +2,7 @@
 ######################################################################
 # These scripts are meant to be run in user mode as they modify
 # usr settings line .bashrc and .bash_aliases
-# Copyright 2022, 2023 John J. Rofrano All Rights Reserved.
+# Copyright 2022, 2024 John J. Rofrano All Rights Reserved.
 ######################################################################
 
 echo "**********************************************************************"
@@ -24,7 +24,7 @@ sudo sh -c 'echo "127.0.0.1 cluster-registry" >> /etc/hosts'
 echo "**********************************************************************"
 echo "Installing K9s..."
 echo "**********************************************************************"
-curl -L -o k9s.tar.gz "https://github.com/derailed/k9s/releases/download/v0.27.3/k9s_Linux_$ARCH.tar.gz"
+curl -L -o k9s.tar.gz "https://github.com/derailed/k9s/releases/download/v0.32.4/k9s_Linux_$ARCH.tar.gz"
 tar xvzf k9s.tar.gz
 sudo install -c -m 0755 k9s /usr/local/bin
 rm k9s.tar.gz
@@ -44,40 +44,41 @@ sudo install -c -m 0755 devspace /usr/local/bin
 echo "**********************************************************************"
 echo "Installing Stern..."
 echo "**********************************************************************"
-curl -L -o stern.tar.gz "https://github.com/stern/stern/releases/download/v1.26.0/stern_1.26.0_linux_$ARCH.tar.gz"
+curl -L -o stern.tar.gz "https://github.com/stern/stern/releases/download/v1.28.0/stern_1.28.0_linux_$ARCH.tar.gz"
 tar xvzf stern.tar.gz
 sudo install -c -m 0755 stern /usr/local/bin
 rm stern.tar.gz LICENSE
 
 echo "**********************************************************************"
 echo "Installing Knative CLI..."
 echo "**********************************************************************"
-curl -L -o kn "https://github.com/knative/client/releases/download/knative-v1.11.2/kn-darwin-$ARCH"
+curl -L -o kn "https://github.com/knative/client/releases/download/knative-v1.14.0/kn-linux-$ARCH"
 sudo install -c -m 0755 kn /usr/local/bin
 rm kn
 
 echo "**********************************************************************"
 echo "Installing Tekton CLI..."
 echo "**********************************************************************"
 if [ $ARCH == amd64 ]; then
-    curl -LO https://github.com/tektoncd/cli/releases/download/v0.32.2/tkn_0.32.2_Linux_x86_64.tar.gz
-	sudo tar xvzf tkn_0.32.2_Linux_x86_64.tar.gz -C /usr/local/bin/ tkn
+    curl -L https://github.com/tektoncd/cli/releases/download/v0.36.0/tkn_0.36.0_Linux_x86_64.tar.gz --output tekton.tar.gz
 else
-    curl -LO https://github.com/tektoncd/cli/releases/download/v0.32.2/tkn_0.32.2_Linux_aarch64.tar.gz
-	sudo tar xvzf tkn_0.32.2_Linux_aarch64.tar.gz -C /usr/local/bin/ tkn
-	rm tkn_0.32.2_Linux_aarch64.tar.gz
+    curl -L https://github.com/tektoncd/cli/releases/download/v0.36.0/tkn_0.36.0_Linux_aarch64.tar.gz --output tekton.tar.gz
 fi;
+tar xvzf tekton.tar.gz tkn
+sudo install -c -m 0755 tkn /usr/local/bin
+rm tekton.tar.gz tkn
+
 
 echo "**********************************************************************"
 echo "Install OpenShift 4 CLI..."
 echo "**********************************************************************"
 # OpenShift CLI has platform specific installs
 if [ $ARCH == amd64 ]; then
     echo "Installing OpenShift for Intel..."
-    curl https://mirror.openshift.com/pub/openshift-v4/clients/ocp/stable/openshift-client-linux.tar.gz --output oc.tar.gz
+    curl -L https://mirror.openshift.com/pub/openshift-v4/clients/ocp/stable/openshift-client-linux.tar.gz --output oc.tar.gz
 else
     echo "Installing OpenShift for $ARCH ..."
-    curl https://mirror.openshift.com/pub/openshift-v4/clients/ocp/stable/openshift-client-linux-$ARCH.tar.gz --output oc.tar.gz
+    curl -L https://mirror.openshift.com/pub/openshift-v4/clients/ocp/stable/openshift-client-linux-$ARCH.tar.gz --output oc.tar.gz
 fi;
 sudo tar xvzf oc.tar.gz -C /usr/local/bin/ oc
 sudo ln -s /usr/local/bin/oc /usr/bin/oc

.tekton/pipeline.yaml

@@ -73,7 +73,7 @@ spec:
           value: service
         - name: args
           value: []
-        - name: requirements_file
+        - name: requirements-file
           value: requirements.txt
       runAfter:
         - git-clone
@@ -85,14 +85,14 @@ spec:
           workspace: pipeline-workspace
     - name: testing
       params:
-        - name: PYTEST_ARGS
+        - name: pytest-args
           value:
             - '--pspec'
             - '--cov=service'
             - '--cov-fail-under=95'
-        - name: SECRET_NAME
+        - name: secret-name
           value: postgres-creds
-        - name: SECRET_KEY
+        - name: secret-key
           value: database_uri
       runAfter:
         - git-clone
@@ -135,9 +135,9 @@ spec:
           workspace: pipeline-workspace
     - name: deploy-image
       params:
-        - name: image_name
+        - name: IMAGE_NAME
           value: $(params.IMAGE_NAME)
-        - name: manifest_dir
+        - name: manifest-dir
           value: k8s
       runAfter:
         - buildah

.tekton/tasks.yaml

@@ -31,7 +31,7 @@ spec:
       description: The arguments to pass to the pylint CLI.
       type: array
       default: []
-    - name: requirements_file
+    - name: requirements-file
       description: The name of the requirements file inside the source location
       default: "requirements.txt"
   steps:
@@ -49,8 +49,8 @@ spec:
           python -m pip install poetry poetry-plugin-export
           poetry export --with=dev -f requirements.txt --output requirements.txt
           python -m pip install --user -r requirements.txt
-        elif [ -n "$(params.requirements_file)" ] && [ -e "$(params.requirements_file)" ]; then
-          python -m pip install --user -r "$(params.requirements_file)"
+        elif [ -n "$(params.requirements-file)" ] && [ -e "$(params.requirements-file)" ]; then
+          python -m pip install --user -r "$(params.requirements-file)"
         fi
 
         # Make sure pylint is installed
@@ -85,15 +85,15 @@ spec:
     that is sourced from a Secret. This allows you to define
     credentials that can be used to connect to a test database.
   params:
-    - name: PYTEST_ARGS
+    - name: pytest-args
       description: The arguments to pass to the pytest CLI.
       type: array
       default: []
-    - name: SECRET_NAME
+    - name: secret-name
       description: The name of the secret containing a database_uri key
       type: string
       default: "postgres-creds"
-    - name: SECRET_KEY
+    - name: secret-key
       description: The name of the key that contains the database uri
       type: string
       default: "database_uri"
@@ -105,8 +105,8 @@ spec:
        - name: DATABASE_URI
          valueFrom:
            secretKeyRef:
-             name: $(params.SECRET_NAME)
-             key: $(params.SECRET_KEY)
+             name: $(params.secret-name)
+             key: $(params.secret-key)
       script: |
         #!/bin/bash
         set -e
@@ -129,7 +129,7 @@ spec:
         pytest --version
         pytest
       args:
-        - "$(params.PYTEST_ARGS)"
+        - "$(params.pytest-args)"
 
 ---
 apiVersion: tekton.dev/v1beta1
@@ -151,10 +151,10 @@ spec:
     This task will update the deployment.yaml with the latest image name
     and then apply that yaml file and it's service file.
   params:
-  - name: image_name
+  - name: image-name
     description: The fully qualified name of the new image to deploy
     type: string
-  - name: manifest_dir
+  - name: manifest-dir
     description: The directory in source that contains yaml manifests
     type: string
     default: "k8s"
@@ -168,7 +168,7 @@ spec:
           #!/bin/bash
           set -e
 
-          echo Applying manifests in $(inputs.params.manifest_dir) directory
+          echo Applying manifests in $(inputs.params.manifest-dir) directory
 
           echo "**********************************************************************"
           echo "Installing YQ..."
@@ -177,16 +177,15 @@ spec:
           chmod a+x /usr/bin/yq
 
           echo "*********************  DEPLOYMENT  ***********************"
-          echo "Deploying $(inputs.params.image_name) ..."
+          echo "Deploying $(inputs.params.image-name) ..."
 
-          yq -e -i '.spec.template.spec.containers[0].image="$(inputs.params.image_name)"' $(inputs.params.manifest_dir)/deployment.yaml
-          # sed -i 's|'"$(inputs.params.old_image_name)"'|'"$(inputs.params.image_name)"'|g' $(inputs.params.manifest_dir)/deployment.yaml
-          cat $(inputs.params.manifest_dir)/deployment.yaml
+          yq -e -i '.spec.template.spec.containers[0].image="$(inputs.params.image-name)"' $(inputs.params.manifest-dir)/deployment.yaml
+          cat $(inputs.params.manifest-dir)/deployment.yaml
 
           echo "************************************************************"
           echo "OC APPLY..."
-          oc apply -f $(inputs.params.manifest_dir)/deployment.yaml
-          oc apply -f $(inputs.params.manifest_dir)/service.yaml
+          oc apply -f $(inputs.params.manifest-dir)/deployment.yaml
+          oc apply -f $(inputs.params.manifest-dir)/service.yaml
 
           echo "************************************************************"
           sleep 3
@@ -213,7 +212,7 @@ spec:
   description: >-
     This task will deploy all of the yaml files in the manifest folder.
   params:
-  - name: manifest_dir
+  - name: manifest-dir
     description: The directory in source that contains yaml manifests
     type: string
     default: "k8s"
@@ -224,8 +223,8 @@ spec:
       command: ["/bin/bash", "-c"]
       args:
         - |-
-          echo Applying manifests in $(inputs.params.manifest_dir) directory
-          oc apply -f $(inputs.params.manifest_dir)
+          echo Applying manifests in $(inputs.params.manifest-dir) directory
+          oc apply -f $(inputs.params.manifest-dir)
           echo -----------------------------------
 
 ---
@@ -247,14 +246,14 @@ spec:
   description: >-
     This task can be used to perform bdd tests with behave.
   params:
-    - name: BASE_URL
+    - name: base-url
       description: The url of the application to test
       type: string
-    - name: WAIT_SECONDS
+    - name: wait-seconds
       description: The number of seconds to wait for a reply
       type: string
       default: "60"
-    - name: DRIVER
+    - name: driver
       description: The web driver to use (chrome or firefox)
       type: string
       default: "chrome"
@@ -264,11 +263,11 @@ spec:
       workingDir: $(workspaces.source.path)
       env:
        - name: BASE_URL
-         value: $(params.BASE_URL)
+         value: $(params.base-url)
        - name: WAIT_SECONDS
-         value: $(params.WAIT_SECONDS)
+         value: $(params.wait-seconds)
        - name: DRIVER
-         value: $(params.DRIVER)
+         value: $(params.driver)
       script: |
         #!/bin/bash
         set -e

Dockerfile

@@ -3,26 +3,27 @@
 ##################################################
 FROM quay.io/rofrano/python:3.11-slim
 
-# Create working folder and install dependencies
+# Create working folder and install dependencies without dev
 WORKDIR /app
 COPY pyproject.toml poetry.lock ./
 RUN python -m pip install --upgrade pip poetry && \
     poetry config virtualenvs.create false && \
-    poetry install --without dev
+    poetry install --no-root --without dev
 
 # Copy the application contents
-COPY service/ ./service/
+COPY wsgi.py .
+COPY service ./service
 
 # Switch to a non-root user and set file ownership
 RUN useradd --uid 1001 flask && \
     chown -R flask /app
 USER flask
 
 # Expose any ports the app is expecting in the environment
-ENV FLASK_APP=service:app
+ENV FLASK_APP=wsgi:app
 ENV PORT 8080
 EXPOSE $PORT
 
 ENV GUNICORN_BIND 0.0.0.0:$PORT
 ENTRYPOINT ["gunicorn"]
-CMD ["--log-level=info", "service:app"]
+CMD ["--log-level=info", "wsgi:app"]

Makefile

@@ -27,13 +27,13 @@ clean:	## Removes all dangling build cache
 .PHONY: venv
 venv: ## Create a Python virtual environment
 	$(info Creating Python 3 virtual environment...)
-	python3 -m venv .venv
+	poetry shell
 
 .PHONY: install
-install: ## Install dependencies
+install: ## Install Python dependencies
 	$(info Installing dependencies...)
-	sudo python3 -m pip install --upgrade pip wheel
-	sudo pip install -r requirements.txt
+	poetry config virtualenvs.create false
+	poetry install
 
 .PHONY: lint
 lint: ## Run the linter
@@ -42,8 +42,8 @@ lint: ## Run the linter
 	flake8 service tests --count --max-complexity=10 --max-line-length=127 --statistics
 	pylint service tests --max-line-length=127
 
-.PHONY: tests
-tests: ## Run the unit tests
+.PHONY: test
+test: ## Run the unit tests
 	$(info Running tests...)
 	export RETRY_COUNT=1; pytest --pspec --cov=service --cov-fail-under=95 --disable-warnings
 
@@ -62,7 +62,7 @@ secret: ## Generate a secret hex key
 .PHONY: cluster
 cluster: ## Create a K3D Kubernetes cluster with load balancer and registry
 	$(info Creating Kubernetes cluster with a registry and 2 worker nodes...)
-	k3d cluster create nyu-devops --agents 2 --registry-create cluster-registry:0.0.0.0:32000 --port '8080:80@loadbalancer'
+	k3d cluster create nyu-devops --agents 2 --registry-create cluster-registry:0.0.0.0:5000 --port '8080:80@loadbalancer'
 
 .PHONY: cluster-rm
 cluster-rm: ## Remove a K3D Kubernetes cluster

Procfile

@@ -1 +1 @@
-web: gunicorn --bind 0.0.0.0:$PORT --log-level=info service:app
+web: gunicorn --bind 0.0.0.0:$PORT --log-level=info wsgi:app

k8s/deployment.yaml

@@ -19,12 +19,10 @@ spec:
       labels:
         app: petshop
     spec:
-      # imagePullSecrets:
-      # - name: all-icr-io
       restartPolicy: Always
       containers:
       - name: petshop
-        image: cluster-registry:32000/petshop:1.0
+        image: cluster-registry:5000/petshop:1.0
         imagePullPolicy: IfNotPresent
         ports:
         - containerPort: 8080

k8s/postgresql/configmap.yaml

@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: postgres-config
+data:
+  postgres_user: postgres
+  postgres_db: petstore