Add Split Pipeline

.github/workflows/continious_integration.yml

@@ -108,29 +108,21 @@ jobs:
           build-args: |
             ACTIVEPROFILE="remote"
 
-#  deploy-portal-to-dev:
-#    runs-on: 'ubuntu-latest'
-#    needs: [ build-and-push-backend,build-and-push-frontend ]
-#    steps:
-    #- name: Checkout repository
-    #  uses: actions/checkout@v3
-
-    #- name: "Update Deployment Image Tag" # [3]
-    #  working-directory: "./deployment/kustomize/overlays/"
-    #  run: |
-    #    kustomize edit set image "frontend-image=*:${{ github.sha }}" "backend-image=*:${{ github.sha }}"
-
-    #- name: 'install Portal to DEV'
-    #  uses: actions-hub/[email protected]
-    #  env:
-    #    KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }}
-    #  with:
-    #    args: "apply -k ./deployment/kustomize/overlays/"
-
-    #- name: 'Auto-deploy to dev'
-    #  if: github.ref == 'refs/heads/develop'
-    #  uses: actions-hub/[email protected]
-    #  env:
-    #    KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }}
-    #  with:
-    #    args: "set image deployment/possible-x-portal -n ${{ env.K8S_NAMESPACE }} possible-x-portal=${{ env.REGISTRY }}/${{ env.REGISTRY_NAMESPACE }}/edc-portal:${{ github.sha }}"
+  deploy-portal-to-dev:
+    runs-on: 'ubuntu-latest'
+    needs: [build-and-push-backend,build-and-push-frontend]
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: "Update Deployment Image Tag for Provider" # [3]
+        working-directory: "./deployment/kustomize/overlays/dev/"
+        run: |
+          kustomize edit set image "main-frontend-image=*:${{ github.sha }}" "main-backend-image=*:${{ github.sha }}"
+
+      - name: 'install provider Portal to DEV'
+        uses: actions-hub/[email protected]
+        env:
+          KUBE_CONFIG: ${{ secrets.KUBE_CONFIG }}
+        with:
+          args: "apply -k ./deployment/kustomize/overlays/dev/"

deployment/kustomize/base/backend-deployment.yaml

@@ -0,0 +1,60 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: portal-x-backend-svc
+spec:
+  ports:
+    - port: 8080
+      targetPort: 8080
+      protocol: TCP
+  selector:
+    app: main-portal-backend
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: backend-portal-deployment
+spec:
+  selector:
+    matchLabels:
+      app: main-portal-backend
+  template:
+    metadata:
+      labels:
+        app: main-portal-backend
+    spec:
+      imagePullSecrets:
+        - name: github-registry-auth
+      containers:
+        - name: backend-springboot
+          image: main-backend-image
+          imagePullPolicy: IfNotPresent
+          ports:
+            - containerPort: 8080
+          envFrom:
+          - configMapRef:
+              name: portal-config
+          - secretRef:
+              name: portal-fh-secret
+          env:
+            - name: SPRING_DATASOURCE_USERNAME
+              valueFrom:
+                secretKeyRef:
+                  name: replaced-kustomize
+                  key: username
+            - name: SPRING_DATASOURCE_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: replaced-kustomize
+                  key: password
+            - name: SERVER_SERVLET_CONTEXT_PATH
+              value: /api
+
+
+          #          {{- range $key, $value := .Values.application.secrets }}
+#          - secretRef:
+#              name: {{ $value }}
+#          {{- end }}
+
+          # main-portal.main-possible-portal-db.credentials.postgresql.acid.zalan.do

deployment/kustomize/base/frontend-deployment.yaml

@@ -0,0 +1,34 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: portal-x-frontend-svc
+spec:
+  ports:
+    - port: 8080
+      targetPort: 8080
+      protocol: TCP
+  selector:
+    app: main-portal-frontend
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: frontend-portal-deployment
+spec:
+  selector:
+    matchLabels:
+      app: main-portal-frontend
+  template:
+    metadata:
+      labels:
+        app: main-portal-frontend
+    spec:
+      imagePullSecrets:
+        - name: github-registry-auth
+      containers:
+        - name: backend-springboot
+          image: main-frontend-image
+          imagePullPolicy: IfNotPresent
+          ports:
+            - containerPort: 8080

deployment/kustomize/base/ingress.yaml

@@ -0,0 +1,33 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  annotations:
+    cert-manager.io/cluster-issuer: cluster-issuer-letsencrypt
+    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
+    nginx.ingress.kubernetes.io/proxy-body-size: 128m
+    nginx.ingress.kubernetes.io/ssl-redirect: "true"
+  name: portal-x-ingress
+spec:
+  ingressClassName: nginx
+  rules:
+    - host: replaced-by-kustomize
+      http:
+        paths:
+          - backend:
+              service:
+                name: portal-x-backend-svc
+                port:
+                  number: 8080
+            path: /api/
+            pathType: ImplementationSpecific
+          - backend:
+              service:
+                name: portal-x-frontend-svc
+                port:
+                  number: 8080
+            path: /
+            pathType: ImplementationSpecific
+  tls:
+    - hosts:
+        - replaced-by-kustomize
+      secretName: replaced-by-kustomize

deployment/kustomize/base/kustomization.yaml

@@ -0,0 +1,13 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - postgres.yaml
+  - sealed_secret.yaml
+  - backend-deployment.yaml
+  - frontend-deployment.yaml
+  - ingress.yaml
+
+
+configurations:
+  - name-reference-config.yaml

deployment/kustomize/base/name-reference-config.yaml

@@ -0,0 +1,5 @@
+nameReference:
+  - kind: SealedSecret
+    fieldSpecs:
+      - kind: Deployment
+        path: spec/template/spec/containers/envFrom/secretRef/name

deployment/kustomize/base/postgres.yaml

@@ -0,0 +1,17 @@
+apiVersion: "acid.zalan.do/v1"
+kind: postgresql
+metadata:
+  name: possible-portal-db
+spec:
+  teamId: "ops"
+  volume:
+    size: 1Gi
+  numberOfInstances: 1
+  users:
+    main-portal:  # database owner
+      - superuser
+      - createdb
+  databases:
+    portal: main-portal  # dbname: owner
+  postgresql:
+    version: "16"

deployment/kustomize/base/sealed_secret.yaml

@@ -0,0 +1,9 @@
+apiVersion: bitnami.com/v1alpha1
+kind: SealedSecret
+metadata:
+  name: portal-fh-secret
+  annotations:
+    sealedsecrets.bitnami.com/cluster-wide: "true"
+spec:
+  encryptedData:
+    FH_CATALOG_SECRETKEY: AgCZEHytwR+R2AS2wAw6ZrO+IZ07Jbkn8gMuTpCXQtxnU9nIjEKfwQLuXFRKoc6DJKCsP8lOGQ5F7CSIdpObjZDtt2IUpjFxzxXULbiDt3KYDEh3vNWM3sBTOw/eeZTCRByXRv1rSciNHudiPVtSG0hOnvp1sD+4F4S5JLJ79UZO3m1ErkAujqrI1ik+wxsA+9r+5vWRCQ6CBGTnXMMtQGCeV9No5JjsK6Bi6UbJRCS077Ht65FthQ34XH5uYB6OKN+I4OTLh3QFIE3eHFIP0hD2UG1mkrS/Yeq85RiLAdQwb2rx2HYbrjEXbTEhvWGguudaQ4EZ2es6OROH5UY4ZWjSJh5RwFv5Jo7mFc+YPIWmhXAuRjVQ4ErRT5d80BmVqSqT+6oJYvk78MzP9M2EZm1g2/VluIoG4cs9aAM+oLi5p+Zm3HpvyXEjW9OEulA8niMKbLliWs8qMElhrErHE9ApOloutL7EIv2i5z/1Ag6R/1shx/kHCNkTlqSoEF69ZMyQ1tM9lnlnB4TztVn+QA+DTmwDBEwbKh0QyEEtxVis21KTA5O/WaEGYL7XYtVBJjfqUYKkxx3ftRA/VRdbXONuq6MFHntqXEfKWFjziEWZimpf1wCZm8x+0KeX/KbE8CEE+TUZXQ13v0SAbn6JxK6Zi8pJULkgB2WzCd7Bkd9GMn2yGwpJ22QvFK8UZiIl552/kAMaa14y3LB317PS8OtYxAkQpkEMvaE7GVzhycfvyzRwald4DzPxKBKRToG1WoCAJTihsvj/urCGVi8fKgP3PSjLOzBajACuqN0cMk1Pk1zVXNTE88mbi9pmaUO2UUFGWhMiVpfvZ+QRB9lJvlULcWWYp7K0ok6nuCSmDRqjoWz2AbYo

deployment/kustomize/overlays/dev/kustomization.yaml

@@ -0,0 +1,63 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: edc-dev
+namePrefix: main-
+
+
+resources:
+  - ../../base
+
+
+images:
+  - name: main-backend-image
+    newName: ghcr.io/possible-x/main-portal-backend
+    newTag: 7260d5bdcf289b88a7dee8be1f36d33ce5f8c775
+  - name: main-frontend-image
+    newName: ghcr.io/possible-x/main-portal-frontend
+    newTag: 7260d5bdcf289b88a7dee8be1f36d33ce5f8c775
+
+patches:
+  - target:
+      group: apps
+      version: v1
+      kind: Deployment
+      name: backend-portal-deployment
+    patch: |
+      - op: replace #action
+        path: /spec/template/spec/containers/0/env/0/valueFrom/secretKeyRef/name #resouirce we want to change
+        value: main-portal.main-possible-portal-db.credentials.postgresql.acid.zalan.do
+      - op: replace #action
+        path: /spec/template/spec/containers/0/env/1/valueFrom/secretKeyRef/name #resouirce we want to change
+        value: main-portal.main-possible-portal-db.credentials.postgresql.acid.zalan.do
+  - target:
+      group: networking.k8s.io
+      version: v1
+      kind: Ingress
+      name: portal-x-ingress
+    patch: |
+      - op: replace #action
+        path: /spec/rules/0/host
+        value: portal.dev.possible-x.de
+      - op: replace #action
+        path: /spec/tls/0/hosts/0
+        value: portal.dev.possible-x.de
+      - op: replace #action
+        path: /spec/tls/0/secretName
+        value: portal-x-tls-secret
+
+
+configMapGenerator:
+  - name: portal-config
+    literals:
+      - SPRING_DATASOURCE_DATABASE=portal
+      - SPRING_DATASOURCE_URL=jdbc:postgresql://main-possible-portal-db/portal
+      - SPRING_DATASOURCE_USERNAME=admin
+      - DAPSSERVER_URL_EXTERNAL=https://daps.int.possible-x.de/auth
+      - DAPSSERVER_URL_INTERNAL=http://daps-daps-server:4567
+      - DIDWEBSERVICE_BASEURL=http://did-web-service:8080
+      - DIDWEBSERVICE_IGNORESSL="false"
+      - FH_CATALOG_URL=https://hub.catalog.dev.possible-x.de/
+      - SDCREATIONWIZARDAPI_BASEURL=https://sd-creation-wizard.dev.possible-x.de
+      - SPRING_PROFILES_ACTIVE=dev
+
+